From 5e2c433d9f84dd9b0e01ef8607380d53a7f64d69 Mon Sep 17 00:00:00 2001 From: YOSHIFUJI Hideaki Date: Sat, 26 Apr 2008 22:24:10 -0700 Subject: [XFRM] AUDIT: Fix flowlabel text format ambibuity. Flowlabel text format was not correct and thus ambiguous. For example, 0x00123 or 0x01203 are formatted as 0x123. This is not what audit tools want. Signed-off-by: YOSHIFUJI Hideaki Signed-off-by: David S. Miller --- net/xfrm/xfrm_state.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 5dcc10b..fac27ce 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -2112,7 +2112,7 @@ static void xfrm_audit_helper_pktinfo(struct sk_buff *skb, u16 family, iph6 = ipv6_hdr(skb); audit_log_format(audit_buf, " src=" NIP6_FMT " dst=" NIP6_FMT - " flowlbl=0x%x%x%x", + " flowlbl=0x%x%02x%02x", NIP6(iph6->saddr), NIP6(iph6->daddr), iph6->flow_lbl[0] & 0x0f, -- cgit v1.1 From ec6b486fa9f6d20bfbaebba1db88bfe9d390ab1a Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 26 Apr 2008 22:28:58 -0700 Subject: ipv6: result of csum_fold() is already 16bit, no need to cast Signed-off-by: Al Viro Signed-off-by: David S. Miller --- net/ipv6/ip6mr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c index c8c6e33..2de3c46 100644 --- a/net/ipv6/ip6mr.c +++ b/net/ipv6/ip6mr.c @@ -358,7 +358,7 @@ static int pim6_rcv(struct sk_buff *skb) if (pim->type != ((PIM_VERSION << 4) | PIM_REGISTER) || (pim->flags & PIM_NULL_REGISTER) || (ip_compute_csum((void *)pim, sizeof(*pim)) != 0 && - (u16)csum_fold(skb_checksum(skb, 0, skb->len, 0)))) + csum_fold(skb_checksum(skb, 0, skb->len, 0)))) goto drop; /* check if the inner packet is destined to mcast group */ -- cgit v1.1 From becf3da20eca82e06607b9813cc3b592b359bae5 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 26 Apr 2008 22:42:14 -0700 Subject: tipc: endianness annotations Signed-off-by: Al Viro Signed-off-by: David S. Miller --- net/tipc/msg.h | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'net') diff --git a/net/tipc/msg.h b/net/tipc/msg.h index 6ad070d..ad487e8 100644 --- a/net/tipc/msg.h +++ b/net/tipc/msg.h @@ -70,10 +70,9 @@ static inline void msg_set_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask, u32 val) { val = (val & mask) << pos; - val = htonl(val); - mask = htonl(mask << pos); - m->hdr[w] &= ~mask; - m->hdr[w] |= val; + mask = mask << pos; + m->hdr[w] &= ~htonl(mask); + m->hdr[w] |= htonl(val); } /* -- cgit v1.1 From 5c5d6dabb7aac9d0ea7aa76b909bbd28efa99065 Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Sat, 26 Apr 2008 22:50:57 -0700 Subject: Revert "ipv6: Fix typo in net/ipv6/Kconfig" This reverts commit 5b3f129c5592ca35b3fe8916767c58b98710478c. As requested by Maciej W. Rozycki. Signed-off-by: David S. Miller --- net/ipv6/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig index b2c9bec..42814a2 100644 --- a/net/ipv6/Kconfig +++ b/net/ipv6/Kconfig @@ -167,7 +167,7 @@ config IPV6_SIT Tunneling means encapsulating data of one protocol type within another protocol and sending it over a channel that understands the encapsulating protocol. This driver implements encapsulation of IPv6 - into IPv4 packets. This is useful if you want to connect to IPv6 + into IPv4 packets. This is useful if you want to connect two IPv6 networks over an IPv4-only path. Saying M here will produce a module called sit.ko. If unsure, say Y. -- cgit v1.1 From 3f91bd420a955803421f2db17b2e04aacfbb2bb8 Mon Sep 17 00:00:00 2001 From: Sam Ravnborg Date: Sat, 26 Apr 2008 22:57:25 -0700 Subject: can: Fix copy_from_user() results interpretation Both copy_to_ and _from_user return the number of bytes, that failed to reach their destination, not the 0/-EXXX values. Based on patch from Pavel Emelyanov Signed-off-by: Sam Ravnborg Acked-by: Oliver Hartkopp Signed-off-by: David S. Miller --- net/can/raw.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'net') diff --git a/net/can/raw.c b/net/can/raw.c index 201cbfc6..69877b8 100644 --- a/net/can/raw.c +++ b/net/can/raw.c @@ -435,15 +435,13 @@ static int raw_setsockopt(struct socket *sock, int level, int optname, if (!filter) return -ENOMEM; - err = copy_from_user(filter, optval, optlen); - if (err) { + if (copy_from_user(filter, optval, optlen)) { kfree(filter); - return err; + return -EFAULT; } } else if (count == 1) { - err = copy_from_user(&sfilter, optval, optlen); - if (err) - return err; + if (copy_from_user(&sfilter, optval, optlen)) + return -EFAULT; } lock_sock(sk); @@ -493,9 +491,8 @@ static int raw_setsockopt(struct socket *sock, int level, int optname, if (optlen != sizeof(err_mask)) return -EINVAL; - err = copy_from_user(&err_mask, optval, optlen); - if (err) - return err; + if (copy_from_user(&err_mask, optval, optlen)) + return -EFAULT; err_mask &= CAN_ERR_MASK; @@ -531,7 +528,8 @@ static int raw_setsockopt(struct socket *sock, int level, int optname, if (optlen != sizeof(ro->loopback)) return -EINVAL; - err = copy_from_user(&ro->loopback, optval, optlen); + if (copy_from_user(&ro->loopback, optval, optlen)) + return -EFAULT; break; @@ -539,7 +537,8 @@ static int raw_setsockopt(struct socket *sock, int level, int optname, if (optlen != sizeof(ro->recv_own_msgs)) return -EINVAL; - err = copy_from_user(&ro->recv_own_msgs, optval, optlen); + if (copy_from_user(&ro->recv_own_msgs, optval, optlen)) + return -EFAULT; break; -- cgit v1.1 From 0b80ae4201e5128e16e5161825f5cd377a5d1fee Mon Sep 17 00:00:00 2001 From: Randy Dunlap Date: Sat, 26 Apr 2008 22:59:02 -0700 Subject: sunrpc: fix missing kernel-doc Fix missing sunrpc kernel-doc: Warning(linux-2.6.25-git7//net/sunrpc/xprt.c:451): No description found for parameter 'action' Signed-off-by: Randy Dunlap Signed-off-by: David S. Miller --- net/sunrpc/xprt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c index d5553b8..61880cc 100644 --- a/net/sunrpc/xprt.c +++ b/net/sunrpc/xprt.c @@ -445,7 +445,7 @@ EXPORT_SYMBOL_GPL(xprt_wake_pending_tasks); /** * xprt_wait_for_buffer_space - wait for transport output buffer to clear * @task: task to be put to sleep - * + * @action: function pointer to be executed after wait */ void xprt_wait_for_buffer_space(struct rpc_task *task) { -- cgit v1.1 From 01a2202c95989a4df48e9a5b5e013cb80c6b2d66 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 27 Apr 2008 00:59:59 -0700 Subject: [IPSEC]: Use digest_null directly for auth Previously digest_null had no setkey function which meant that we used hmac(digest_null) for IPsec since IPsec always calls setkey. Now that digest_null has a setkey we no longer need to do that. In fact when only confidentiality is specified for ESP we already use digest_null directly. However, when the null algorithm is explicitly specified by the user we still opt for hmac(digest_null). This patch removes this discrepancy. I have not added a new compat name for it because by chance it wasn't actualy possible for the user to specify the name hmac(digest_null) due to a key length check in xfrm_user (which I found out when testing that compat name :) Signed-off-by: Herbert Xu Signed-off-by: David S. Miller --- net/xfrm/xfrm_algo.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'net') diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c index 8aa6440..ac765dd 100644 --- a/net/xfrm/xfrm_algo.c +++ b/net/xfrm/xfrm_algo.c @@ -129,8 +129,7 @@ static struct xfrm_algo_desc aead_list[] = { static struct xfrm_algo_desc aalg_list[] = { { - .name = "hmac(digest_null)", - .compat = "digest_null", + .name = "digest_null", .uinfo = { .auth = { -- cgit v1.1 From dae50295488f35d2d617b08a5fae43154c947eec Mon Sep 17 00:00:00 2001 From: David L Stevens Date: Sun, 27 Apr 2008 01:06:07 -0700 Subject: ipv4/ipv6 compat: Fix SSM applications on 64bit kernels. Add support on 64-bit kernels for seting 32-bit compatible MCAST* socket options. Signed-off-by: David L Stevens Signed-off-by: David S. Miller --- net/compat.c | 117 +++++++++++++++++++++++++++++++++++++++++++++++ net/ipv4/ip_sockglue.c | 5 ++ net/ipv6/ipv6_sockglue.c | 5 ++ 3 files changed, 127 insertions(+) (limited to 'net') diff --git a/net/compat.c b/net/compat.c index 80013fb..01bf95d 100644 --- a/net/compat.c +++ b/net/compat.c @@ -24,6 +24,8 @@ #include #include +#include +#include #include #include @@ -521,6 +523,121 @@ asmlinkage long compat_sys_getsockopt(int fd, int level, int optname, } return err; } + +struct compat_group_req { + __u32 gr_interface; + struct __kernel_sockaddr_storage gr_group + __attribute__ ((aligned(4))); +} __attribute__ ((packed)); + +struct compat_group_source_req { + __u32 gsr_interface; + struct __kernel_sockaddr_storage gsr_group + __attribute__ ((aligned(4))); + struct __kernel_sockaddr_storage gsr_source + __attribute__ ((aligned(4))); +} __attribute__ ((packed)); + +struct compat_group_filter { + __u32 gf_interface; + struct __kernel_sockaddr_storage gf_group + __attribute__ ((aligned(4))); + __u32 gf_fmode; + __u32 gf_numsrc; + struct __kernel_sockaddr_storage gf_slist[1] + __attribute__ ((aligned(4))); +} __attribute__ ((packed)); + + +int compat_mc_setsockopt(struct sock *sock, int level, int optname, + char __user *optval, int optlen, + int (*setsockopt)(struct sock *,int,int,char __user *,int)) +{ + char __user *koptval = optval; + int koptlen = optlen; + + switch (optname) { + case MCAST_JOIN_GROUP: + case MCAST_LEAVE_GROUP: + { + struct compat_group_req __user *gr32 = (void *)optval; + struct group_req __user *kgr = + compat_alloc_user_space(sizeof(struct group_req)); + u32 interface; + + if (!access_ok(VERIFY_READ, gr32, sizeof(*gr32)) || + !access_ok(VERIFY_WRITE, kgr, sizeof(struct group_req)) || + __get_user(interface, &gr32->gr_interface) || + __put_user(interface, &kgr->gr_interface) || + copy_in_user(&kgr->gr_group, &gr32->gr_group, + sizeof(kgr->gr_group))) + return -EFAULT; + koptval = (char __user *)kgr; + koptlen = sizeof(struct group_req); + break; + } + case MCAST_JOIN_SOURCE_GROUP: + case MCAST_LEAVE_SOURCE_GROUP: + case MCAST_BLOCK_SOURCE: + case MCAST_UNBLOCK_SOURCE: + { + struct compat_group_source_req __user *gsr32 = (void *)optval; + struct group_source_req *kgsr = compat_alloc_user_space( + sizeof(struct group_source_req)); + u32 interface; + + if (!access_ok(VERIFY_READ, gsr32, sizeof(*gsr32)) || + !access_ok(VERIFY_WRITE, kgsr, + sizeof(struct group_source_req)) || + __get_user(interface, &gsr32->gsr_interface) || + __put_user(interface, &kgsr->gsr_interface) || + copy_in_user(&kgsr->gsr_group, &gsr32->gsr_group, + sizeof(kgsr->gsr_group)) || + copy_in_user(&kgsr->gsr_source, &gsr32->gsr_source, + sizeof(kgsr->gsr_source))) + return -EFAULT; + koptval = (char __user *)kgsr; + koptlen = sizeof(struct group_source_req); + break; + } + case MCAST_MSFILTER: + { + struct compat_group_filter __user *gf32 = (void *)optval; + struct group_filter *kgf; + u32 interface, fmode, numsrc; + + if (!access_ok(VERIFY_READ, gf32, sizeof(*gf32)) || + __get_user(interface, &gf32->gf_interface) || + __get_user(fmode, &gf32->gf_fmode) || + __get_user(numsrc, &gf32->gf_numsrc)) + return -EFAULT; + koptlen = optlen + sizeof(struct group_filter) - + sizeof(struct compat_group_filter); + if (koptlen < GROUP_FILTER_SIZE(numsrc)) + return -EINVAL; + kgf = compat_alloc_user_space(koptlen); + if (!access_ok(VERIFY_WRITE, kgf, koptlen) || + __put_user(interface, &kgf->gf_interface) || + __put_user(fmode, &kgf->gf_fmode) || + __put_user(numsrc, &kgf->gf_numsrc) || + copy_in_user(&kgf->gf_group, &gf32->gf_group, + sizeof(kgf->gf_group)) || + (numsrc && copy_in_user(&kgf->gf_slist, &gf32->gf_slist, + numsrc * sizeof(kgf->gf_slist[0])))) + return -EFAULT; + koptval = (char __user *)kgf; + break; + } + + default: + break; + } + return setsockopt(sock, level, optname, koptval, koptlen); +} + +EXPORT_SYMBOL(compat_mc_setsockopt); + + /* Argument list sizes for compat_sys_socketcall */ #define AL(x) ((x) * sizeof(u32)) static unsigned char nas[18]={AL(0),AL(3),AL(3),AL(3),AL(2),AL(3), diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index d8adfd4..4d8d954 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -36,6 +36,7 @@ #include #include #include +#include #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) #include #endif @@ -923,6 +924,10 @@ int compat_ip_setsockopt(struct sock *sk, int level, int optname, if (level != SOL_IP) return -ENOPROTOOPT; + if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) + return compat_mc_setsockopt(sk, level, optname, optval, optlen, + ip_setsockopt); + err = do_ip_setsockopt(sk, level, optname, optval, optlen); #ifdef CONFIG_NETFILTER /* we need to exclude all possible ENOPROTOOPTs except default case */ diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c index 06de9d0..db6fdc1 100644 --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -52,6 +52,7 @@ #include #include #include +#include #include @@ -779,6 +780,10 @@ int compat_ipv6_setsockopt(struct sock *sk, int level, int optname, if (level != SOL_IPV6) return -ENOPROTOOPT; + if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER) + return compat_mc_setsockopt(sk, level, optname, optval, optlen, + ipv6_setsockopt); + err = do_ipv6_setsockopt(sk, level, optname, optval, optlen); #ifdef CONFIG_NETFILTER /* we need to exclude all possible ENOPROTOOPTs except default case */ -- cgit v1.1 From 9ae27e0adbf471c7a6b80102e38e1d5a346b3b38 Mon Sep 17 00:00:00 2001 From: Evgeniy Polyakov Date: Sun, 27 Apr 2008 15:27:30 -0700 Subject: tcp: Fix slab corruption with ipv6 and tcp6fuzz From: Evgeniy Polyakov This fixes a regression added by ec3c0982a2dd1e671bad8e9d26c28dcba0039d87 ("[TCP]: TCP_DEFER_ACCEPT updates - process as established") tcp_v6_do_rcv()->tcp_rcv_established(), the latter goes to step5, where eventually skb can be freed via tcp_data_queue() (drop: label), then if check for tcp_defer_accept_check() returns true and thus tcp_rcv_established() returns -1, which forces tcp_v6_do_rcv() to jump to reset: label, which in turn will pass through discard: label and free the same skb again. Tested by Eric Sesterhenn. Signed-off-by: David S. Miller Acked-By: Patrick McManus --- net/ipv4/tcp_input.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'net') diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index ac9b848..0298f80 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -4925,8 +4925,7 @@ step5: tcp_data_snd_check(sk); tcp_ack_snd_check(sk); - if (tcp_defer_accept_check(sk)) - return -1; + tcp_defer_accept_check(sk); return 0; csum_error: -- cgit v1.1 From bd8fd21dfddf51299d782f598cb776b15b7d64cc Mon Sep 17 00:00:00 2001 From: Luca Tettamanti Date: Sun, 27 Apr 2008 15:34:55 -0700 Subject: wireless: Fix compile error with wifi & leds Fix build error caused by commit e82404ad612ebabc65d15c3d59b971cb35c3ff36 ("iwlwifi: Select LEDS_CLASS.") from David Miller: Since MAC80211_LEDS is selected by wireless drivers it must select its own dependencies otherwise a build error may occur (kbuild will select the symbol regardless of "depends" constraints). Signed-off-By: Luca Tettamanti Signed-off-by: David S. Miller --- net/mac80211/Kconfig | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'net') diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig index 520a518..a24b459 100644 --- a/net/mac80211/Kconfig +++ b/net/mac80211/Kconfig @@ -73,7 +73,9 @@ config MAC80211_MESH config MAC80211_LEDS bool "Enable LED triggers" - depends on MAC80211 && LEDS_TRIGGERS + depends on MAC80211 + select NEW_LEDS + select LEDS_TRIGGERS ---help--- This option enables a few LED triggers for different packet receive/transmit events. -- cgit v1.1