shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-17 02:50:50 +09:00
Code Issues Packages Projects Releases Wiki Activity
265,144 Commits 55 Branches 2,486 Tags
aa2d99e76ecc618bb0c05d64bda77790703fa0c4
Commit Graph

20224 Commits

Author SHA1 Message Date
黄涛
af3be323f4 Merge remote-tracking branch 'aosp/android-3.0' into develop-3.0 
Conflicts:
	drivers/net/wireless/bcm4329/dhd_common.c
 2012-01-10 16:22:59 +08:00
Dmitry Shmidt
35047200c4 wireless: Protect regdomain change by mutex 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
 2011-12-19 12:32:21 -08:00
黄涛
7c35ccce3a Merge remote-tracking branch 'aosp/android-3.0' into develop-3.0 2011-11-30 10:36:13 +08:00
hyungseoung.yoo
dbb18fb2c1 Bluetooth: Keep master role when SCO or eSCO is active 
This improves compatbility with a lot of headset / chipset
combinations. Ideally this should not be needed.

Change-Id: I8b676701e12e416aa7d60801b9d353b15d102709
Signed-off-by: hyungseoung.yoo <hyungseoung.yoo@samsung.com>
Signed-off-by: Jaikumar Ganesh <jaikumarg@android.com>
 2011-11-28 15:34:39 -08:00
黄涛
8aac13f440 Merge remote-tracking branch 'remotes/aosp/android-3.0' into develop-3.0 
Conflicts:
	drivers/mmc/card/block.c
	drivers/net/usb/asix.c
	drivers/net/wireless/airo.c
	drivers/net/wireless/ath/ath5k/base.c
	drivers/net/wireless/ath/ath9k/ar9002_calib.c
	drivers/net/wireless/ath/ath9k/ar9002_hw.c
	drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
	drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
	drivers/net/wireless/ath/ath9k/ar9003_hw.c
	drivers/net/wireless/ath/ath9k/ar9003_phy.h
	drivers/net/wireless/ath/ath9k/hw.c
	drivers/net/wireless/ath/ath9k/hw.h
	drivers/net/wireless/ath/ath9k/init.c
	drivers/net/wireless/ath/ath9k/main.c
	drivers/net/wireless/ath/ath9k/pci.c
	drivers/net/wireless/b43/main.c
	drivers/net/wireless/hostap/hostap_main.c
	drivers/net/wireless/iwlwifi/iwl-5000.c
	drivers/net/wireless/iwlwifi/iwl-agn.c
	drivers/net/wireless/iwlwifi/iwl-core.h
	drivers/net/wireless/iwlwifi/iwl-power.c
	drivers/net/wireless/iwlwifi/iwl-scan.c
	drivers/net/wireless/iwlwifi/iwl-tx.c
	drivers/net/wireless/rt2x00/rt2800lib.c
	drivers/net/wireless/rt2x00/rt2800usb.c
	drivers/net/wireless/rt2x00/rt2x00mac.c
	drivers/net/wireless/rt2x00/rt2x00queue.c
	drivers/net/wireless/rt2x00/rt2x00queue.h
	drivers/net/wireless/rt2x00/rt2x00usb.c
	drivers/usb/serial/option.c
 2011-11-09 13:06:28 +08:00
Lorenzo Colitti
adfa7bc8b4 tcp: Don't nuke connections for the wrong protocol 
Currently, calling tcp_nuke_addr to reset IPv6 connections
resets IPv4 connections as well, because all Android
framework sockets are dual-stack (i.e., IPv6) sockets, and
we don't check the source address to see if the connection
was in fact an IPv4 connection.

Fix this by checking the source address and not resetting
the connection if it's a mapped address.

Also slightly tweak the IPv4 code path, which doesn't check
for mapped addresses either. This was not causing any
problems because tcp_is_local normally always returns true
for LOOPBACK4_IPV6 (127.0.0.6), because the loopback
interface is configured as as 127.0.0.0/8. However,
checking explicitly for LOOPBACK4_IPV6 makes the code a bit
more robust.

Bug: 5535055
Change-Id: I4d6ed3497c5b8643c864783cf681f088cf6b8d2a
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
 2011-11-03 17:08:47 -07:00
Dmitry Shmidt
9f135b3d8d net: wireless: Skip connect warning for CONFIG_CFG80211_ALLOW_RECONNECT 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
 2011-10-28 10:35:37 -07:00
黄涛
677ea8d595 Merge remote-tracking branch 'remotes/aosp/android-3.0' into develop-3.0 
Conflicts:
	drivers/net/wireless/adm8211.c
	drivers/net/wireless/airo.c
	drivers/net/wireless/airo_cs.c
	drivers/net/wireless/at76c50x-usb.c
	drivers/net/wireless/at76c50x-usb.h
	drivers/net/wireless/ath/Kconfig
	drivers/net/wireless/ath/Makefile
	drivers/net/wireless/ath/ath.h
	drivers/net/wireless/ath/ath5k/Kconfig
	drivers/net/wireless/ath/ath5k/Makefile
	drivers/net/wireless/ath/ath5k/ani.c
	drivers/net/wireless/ath/ath5k/ani.h
	drivers/net/wireless/ath/ath5k/ath5k.h
	drivers/net/wireless/ath/ath5k/attach.c
	drivers/net/wireless/ath/ath5k/base.c
	drivers/net/wireless/ath/ath5k/base.h
	drivers/net/wireless/ath/ath5k/caps.c
	drivers/net/wireless/ath/ath5k/debug.c
	drivers/net/wireless/ath/ath5k/debug.h
	drivers/net/wireless/ath/ath5k/desc.c
	drivers/net/wireless/ath/ath5k/desc.h
	drivers/net/wireless/ath/ath5k/dma.c
	drivers/net/wireless/ath/ath5k/eeprom.c
	drivers/net/wireless/ath/ath5k/eeprom.h
	drivers/net/wireless/ath/ath5k/initvals.c
	drivers/net/wireless/ath/ath5k/led.c
	drivers/net/wireless/ath/ath5k/pcu.c
	drivers/net/wireless/ath/ath5k/phy.c
	drivers/net/wireless/ath/ath5k/qcu.c
	drivers/net/wireless/ath/ath5k/reg.h
	drivers/net/wireless/ath/ath5k/reset.c
	drivers/net/wireless/ath/ath5k/rfbuffer.h
	drivers/net/wireless/ath/ath5k/sysfs.c
	drivers/net/wireless/ath/ath9k/Kconfig
	drivers/net/wireless/ath/ath9k/Makefile
	drivers/net/wireless/ath/ath9k/ahb.c
	drivers/net/wireless/ath/ath9k/ani.c
	drivers/net/wireless/ath/ath9k/ani.h
	drivers/net/wireless/ath/ath9k/ar5008_initvals.h
	drivers/net/wireless/ath/ath9k/ar5008_phy.c
	drivers/net/wireless/ath/ath9k/ar9001_initvals.h
	drivers/net/wireless/ath/ath9k/ar9002_calib.c
	drivers/net/wireless/ath/ath9k/ar9002_hw.c
	drivers/net/wireless/ath/ath9k/ar9002_initvals.h
	drivers/net/wireless/ath/ath9k/ar9002_mac.c
	drivers/net/wireless/ath/ath9k/ar9002_phy.c
	drivers/net/wireless/ath/ath9k/ar9002_phy.h
	drivers/net/wireless/ath/ath9k/ar9003_2p2_initvals.h
	drivers/net/wireless/ath/ath9k/ar9003_calib.c
	drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
	drivers/net/wireless/ath/ath9k/ar9003_eeprom.h
	drivers/net/wireless/ath/ath9k/ar9003_hw.c
	drivers/net/wireless/ath/ath9k/ar9003_mac.c
	drivers/net/wireless/ath/ath9k/ar9003_mac.h
	drivers/net/wireless/ath/ath9k/ar9003_paprd.c
	drivers/net/wireless/ath/ath9k/ar9003_phy.c
	drivers/net/wireless/ath/ath9k/ar9003_phy.h
	drivers/net/wireless/ath/ath9k/ath9k.h
	drivers/net/wireless/ath/ath9k/beacon.c
	drivers/net/wireless/ath/ath9k/btcoex.c
	drivers/net/wireless/ath/ath9k/btcoex.h
	drivers/net/wireless/ath/ath9k/calib.c
	drivers/net/wireless/ath/ath9k/calib.h
	drivers/net/wireless/ath/ath9k/common.c
	drivers/net/wireless/ath/ath9k/common.h
	drivers/net/wireless/ath/ath9k/debug.c
	drivers/net/wireless/ath/ath9k/debug.h
	drivers/net/wireless/ath/ath9k/eeprom.c
	drivers/net/wireless/ath/ath9k/eeprom.h
	drivers/net/wireless/ath/ath9k/eeprom_4k.c
	drivers/net/wireless/ath/ath9k/eeprom_9287.c
	drivers/net/wireless/ath/ath9k/eeprom_def.c
	drivers/net/wireless/ath/ath9k/gpio.c
	drivers/net/wireless/ath/ath9k/hif_usb.c
	drivers/net/wireless/ath/ath9k/hif_usb.h
	drivers/net/wireless/ath/ath9k/htc.h
	drivers/net/wireless/ath/ath9k/htc_drv_beacon.c
	drivers/net/wireless/ath/ath9k/htc_drv_init.c
	drivers/net/wireless/ath/ath9k/htc_drv_main.c
	drivers/net/wireless/ath/ath9k/htc_drv_txrx.c
	drivers/net/wireless/ath/ath9k/htc_hst.c
	drivers/net/wireless/ath/ath9k/htc_hst.h
	drivers/net/wireless/ath/ath9k/hw-ops.h
	drivers/net/wireless/ath/ath9k/hw.c
	drivers/net/wireless/ath/ath9k/hw.h
	drivers/net/wireless/ath/ath9k/init.c
	drivers/net/wireless/ath/ath9k/mac.c
	drivers/net/wireless/ath/ath9k/mac.h
	drivers/net/wireless/ath/ath9k/main.c
	drivers/net/wireless/ath/ath9k/pci.c
	drivers/net/wireless/ath/ath9k/phy.h
	drivers/net/wireless/ath/ath9k/rc.c
	drivers/net/wireless/ath/ath9k/rc.h
	drivers/net/wireless/ath/ath9k/recv.c
	drivers/net/wireless/ath/ath9k/reg.h
	drivers/net/wireless/ath/ath9k/wmi.c
	drivers/net/wireless/ath/ath9k/wmi.h
	drivers/net/wireless/ath/ath9k/xmit.c
	drivers/net/wireless/ath/debug.c
	drivers/net/wireless/ath/hw.c
	drivers/net/wireless/ath/main.c
	drivers/net/wireless/ath/reg.h
	drivers/net/wireless/ath/regd.c
	drivers/net/wireless/ath/regd.h
	drivers/net/wireless/ath/regd_common.h
	drivers/net/wireless/atmel.c
	drivers/net/wireless/atmel_cs.c
	drivers/net/wireless/b43/Kconfig
	drivers/net/wireless/b43/Makefile
	drivers/net/wireless/b43/b43.h
	drivers/net/wireless/b43/debugfs.c
	drivers/net/wireless/b43/dma.c
	drivers/net/wireless/b43/dma.h
	drivers/net/wireless/b43/leds.c
	drivers/net/wireless/b43/lo.c
	drivers/net/wireless/b43/main.c
	drivers/net/wireless/b43/main.h
	drivers/net/wireless/b43/pcmcia.c
	drivers/net/wireless/b43/phy_a.c
	drivers/net/wireless/b43/phy_common.c
	drivers/net/wireless/b43/phy_common.h
	drivers/net/wireless/b43/phy_g.c
	drivers/net/wireless/b43/phy_g.h
	drivers/net/wireless/b43/phy_lp.c
	drivers/net/wireless/b43/phy_n.c
	drivers/net/wireless/b43/phy_n.h
	drivers/net/wireless/b43/pio.c
	drivers/net/wireless/b43/rfkill.c
	drivers/net/wireless/b43/sdio.c
	drivers/net/wireless/b43/sysfs.c
	drivers/net/wireless/b43/tables_lpphy.c
	drivers/net/wireless/b43/tables_nphy.c
	drivers/net/wireless/b43/tables_nphy.h
	drivers/net/wireless/b43/wa.c
	drivers/net/wireless/b43/xmit.c
	drivers/net/wireless/b43/xmit.h
	drivers/net/wireless/b43legacy/b43legacy.h
	drivers/net/wireless/b43legacy/debugfs.c
	drivers/net/wireless/b43legacy/main.c
	drivers/net/wireless/b43legacy/phy.c
	drivers/net/wireless/b43legacy/rfkill.c
	drivers/net/wireless/b43legacy/xmit.c
	drivers/net/wireless/hostap/hostap_ap.c
	drivers/net/wireless/hostap/hostap_ap.h
	drivers/net/wireless/hostap/hostap_config.h
	drivers/net/wireless/hostap/hostap_cs.c
	drivers/net/wireless/hostap/hostap_hw.c
	drivers/net/wireless/hostap/hostap_ioctl.c
	drivers/net/wireless/hostap/hostap_main.c
	drivers/net/wireless/hostap/hostap_wlan.h
	drivers/net/wireless/ipw2x00/ipw2100.c
	drivers/net/wireless/ipw2x00/ipw2100.h
	drivers/net/wireless/ipw2x00/ipw2200.c
	drivers/net/wireless/ipw2x00/ipw2200.h
	drivers/net/wireless/ipw2x00/libipw_module.c
	drivers/net/wireless/ipw2x00/libipw_rx.c
	drivers/net/wireless/iwlwifi/Kconfig
	drivers/net/wireless/iwlwifi/Makefile
	drivers/net/wireless/iwlwifi/iwl-1000.c
	drivers/net/wireless/iwlwifi/iwl-5000-hw.h
	drivers/net/wireless/iwlwifi/iwl-5000.c
	drivers/net/wireless/iwlwifi/iwl-6000-hw.h
	drivers/net/wireless/iwlwifi/iwl-6000.c
	drivers/net/wireless/iwlwifi/iwl-agn-calib.c
	drivers/net/wireless/iwlwifi/iwl-agn-hcmd.c
	drivers/net/wireless/iwlwifi/iwl-agn-hw.h
	drivers/net/wireless/iwlwifi/iwl-agn-ict.c
	drivers/net/wireless/iwlwifi/iwl-agn-lib.c
	drivers/net/wireless/iwlwifi/iwl-agn-rs.c
	drivers/net/wireless/iwlwifi/iwl-agn-rs.h
	drivers/net/wireless/iwlwifi/iwl-agn-tx.c
	drivers/net/wireless/iwlwifi/iwl-agn-ucode.c
	drivers/net/wireless/iwlwifi/iwl-agn.c
	drivers/net/wireless/iwlwifi/iwl-agn.h
	drivers/net/wireless/iwlwifi/iwl-commands.h
	drivers/net/wireless/iwlwifi/iwl-core.c
	drivers/net/wireless/iwlwifi/iwl-core.h
	drivers/net/wireless/iwlwifi/iwl-csr.h
	drivers/net/wireless/iwlwifi/iwl-debug.h
	drivers/net/wireless/iwlwifi/iwl-debugfs.c
	drivers/net/wireless/iwlwifi/iwl-dev.h
	drivers/net/wireless/iwlwifi/iwl-devtrace.c
	drivers/net/wireless/iwlwifi/iwl-devtrace.h
	drivers/net/wireless/iwlwifi/iwl-eeprom.c
	drivers/net/wireless/iwlwifi/iwl-eeprom.h
	drivers/net/wireless/iwlwifi/iwl-fh.h
	drivers/net/wireless/iwlwifi/iwl-hcmd.c
	drivers/net/wireless/iwlwifi/iwl-helpers.h
	drivers/net/wireless/iwlwifi/iwl-io.h
	drivers/net/wireless/iwlwifi/iwl-led.c
	drivers/net/wireless/iwlwifi/iwl-led.h
	drivers/net/wireless/iwlwifi/iwl-power.c
	drivers/net/wireless/iwlwifi/iwl-power.h
	drivers/net/wireless/iwlwifi/iwl-prph.h
	drivers/net/wireless/iwlwifi/iwl-rx.c
	drivers/net/wireless/iwlwifi/iwl-scan.c
	drivers/net/wireless/iwlwifi/iwl-sta.c
	drivers/net/wireless/iwlwifi/iwl-sta.h
	drivers/net/wireless/iwlwifi/iwl-tx.c
	drivers/net/wireless/iwmc3200wifi/cfg80211.c
	drivers/net/wireless/iwmc3200wifi/commands.c
	drivers/net/wireless/iwmc3200wifi/debugfs.c
	drivers/net/wireless/iwmc3200wifi/hal.c
	drivers/net/wireless/iwmc3200wifi/netdev.c
	drivers/net/wireless/iwmc3200wifi/rx.c
	drivers/net/wireless/iwmc3200wifi/sdio.c
	drivers/net/wireless/iwmc3200wifi/tx.c
	drivers/net/wireless/libertas/README
	drivers/net/wireless/libertas/cfg.c
	drivers/net/wireless/libertas/cmd.c
	drivers/net/wireless/libertas/cmdresp.c
	drivers/net/wireless/libertas/debugfs.c
	drivers/net/wireless/libertas/decl.h
	drivers/net/wireless/libertas/defs.h
	drivers/net/wireless/libertas/dev.h
	drivers/net/wireless/libertas/ethtool.c
	drivers/net/wireless/libertas/host.h
	drivers/net/wireless/libertas/if_cs.c
	drivers/net/wireless/libertas/if_sdio.c
	drivers/net/wireless/libertas/if_sdio.h
	drivers/net/wireless/libertas/if_spi.c
	drivers/net/wireless/libertas/if_spi.h
	drivers/net/wireless/libertas/if_usb.c
	drivers/net/wireless/libertas/if_usb.h
	drivers/net/wireless/libertas/main.c
	drivers/net/wireless/libertas/mesh.c
	drivers/net/wireless/libertas/mesh.h
	drivers/net/wireless/libertas/rx.c
	drivers/net/wireless/libertas/tx.c
	drivers/net/wireless/libertas/types.h
	drivers/net/wireless/libertas_tf/if_usb.c
	drivers/net/wireless/libertas_tf/main.c
	drivers/net/wireless/mac80211_hwsim.c
	drivers/net/wireless/mwl8k.c
	drivers/net/wireless/orinoco/cfg.c
	drivers/net/wireless/orinoco/hw.c
	drivers/net/wireless/orinoco/main.c
	drivers/net/wireless/orinoco/orinoco_cs.c
	drivers/net/wireless/orinoco/orinoco_usb.c
	drivers/net/wireless/orinoco/scan.c
	drivers/net/wireless/orinoco/scan.h
	drivers/net/wireless/orinoco/spectrum_cs.c
	drivers/net/wireless/orinoco/wext.c
	drivers/net/wireless/p54/Kconfig
	drivers/net/wireless/p54/eeprom.c
	drivers/net/wireless/p54/eeprom.h
	drivers/net/wireless/p54/fwio.c
	drivers/net/wireless/p54/lmac.h
	drivers/net/wireless/p54/main.c
	drivers/net/wireless/p54/p54.h
	drivers/net/wireless/p54/p54pci.c
	drivers/net/wireless/p54/p54spi.c
	drivers/net/wireless/p54/p54spi_eeprom.h
	drivers/net/wireless/p54/p54usb.c
	drivers/net/wireless/p54/txrx.c
	drivers/net/wireless/prism54/isl_ioctl.c
	drivers/net/wireless/prism54/islpci_dev.c
	drivers/net/wireless/prism54/islpci_eth.c
	drivers/net/wireless/prism54/islpci_hotplug.c
	drivers/net/wireless/ray_cs.c
	drivers/net/wireless/ray_cs.h
	drivers/net/wireless/rayctl.h
	drivers/net/wireless/rndis_wlan.c
	drivers/net/wireless/rt2x00/Kconfig
	drivers/net/wireless/rt2x00/Makefile
	drivers/net/wireless/rt2x00/rt2400pci.c
	drivers/net/wireless/rt2x00/rt2400pci.h
	drivers/net/wireless/rt2x00/rt2500pci.c
	drivers/net/wireless/rt2x00/rt2500pci.h
	drivers/net/wireless/rt2x00/rt2500usb.c
	drivers/net/wireless/rt2x00/rt2800.h
	drivers/net/wireless/rt2x00/rt2800lib.c
	drivers/net/wireless/rt2x00/rt2800lib.h
	drivers/net/wireless/rt2x00/rt2800pci.c
	drivers/net/wireless/rt2x00/rt2800pci.h
	drivers/net/wireless/rt2x00/rt2800usb.c
	drivers/net/wireless/rt2x00/rt2800usb.h
	drivers/net/wireless/rt2x00/rt2x00.h
	drivers/net/wireless/rt2x00/rt2x00config.c
	drivers/net/wireless/rt2x00/rt2x00crypto.c
	drivers/net/wireless/rt2x00/rt2x00debug.c
	drivers/net/wireless/rt2x00/rt2x00dev.c
	drivers/net/wireless/rt2x00/rt2x00dump.h
	drivers/net/wireless/rt2x00/rt2x00firmware.c
	drivers/net/wireless/rt2x00/rt2x00lib.h
	drivers/net/wireless/rt2x00/rt2x00link.c
	drivers/net/wireless/rt2x00/rt2x00mac.c
	drivers/net/wireless/rt2x00/rt2x00pci.c
	drivers/net/wireless/rt2x00/rt2x00pci.h
	drivers/net/wireless/rt2x00/rt2x00queue.c
	drivers/net/wireless/rt2x00/rt2x00queue.h
	drivers/net/wireless/rt2x00/rt2x00reg.h
	drivers/net/wireless/rt2x00/rt2x00soc.c
	drivers/net/wireless/rt2x00/rt2x00usb.c
	drivers/net/wireless/rt2x00/rt2x00usb.h
	drivers/net/wireless/rt2x00/rt61pci.c
	drivers/net/wireless/rt2x00/rt61pci.h
	drivers/net/wireless/rt2x00/rt73usb.c
	drivers/net/wireless/rt2x00/rt73usb.h
	drivers/net/wireless/rtl818x/Makefile
	drivers/net/wireless/rtl818x/rtl8180/grf5101.h
	drivers/net/wireless/rtl818x/rtl8180/max2820.h
	drivers/net/wireless/rtl818x/rtl8180/rtl8180.h
	drivers/net/wireless/rtl818x/rtl8180/rtl8225.h
	drivers/net/wireless/rtl818x/rtl8180/sa2400.h
	drivers/net/wireless/rtl818x/rtl8187/leds.h
	drivers/net/wireless/rtl818x/rtl8187/rfkill.h
	drivers/net/wireless/rtl818x/rtl8187/rtl8225.h
	drivers/net/wireless/wl1251/io.h
	drivers/net/wireless/wl12xx/Kconfig
	drivers/net/wireless/wl12xx/Makefile
	drivers/net/wireless/wl12xx/wl12xx_80211.h
	drivers/net/wireless/wl3501_cs.c
	drivers/net/wireless/zd1201.c
	drivers/net/wireless/zd1211rw/Makefile
	drivers/net/wireless/zd1211rw/zd_chip.c
	drivers/net/wireless/zd1211rw/zd_chip.h
	drivers/net/wireless/zd1211rw/zd_def.h
	drivers/net/wireless/zd1211rw/zd_mac.c
	drivers/net/wireless/zd1211rw/zd_mac.h
	drivers/net/wireless/zd1211rw/zd_rf.h
	drivers/net/wireless/zd1211rw/zd_rf_al2230.c
	drivers/net/wireless/zd1211rw/zd_rf_al7230b.c
	drivers/net/wireless/zd1211rw/zd_rf_rf2959.c
	drivers/net/wireless/zd1211rw/zd_rf_uw2453.c
	drivers/net/wireless/zd1211rw/zd_usb.c
	drivers/net/wireless/zd1211rw/zd_usb.h
 2011-10-28 16:07:07 +08:00
黄涛
3b75e5c0b9 revert android-tegra-2.6.36-honeycomb-mr1-9001adc to v2.6.36 2011-10-28 16:02:47 +08:00
Colin Cross
2bb3e31015 Merge commit 'v3.0.8' into android-3.0 2011-10-27 15:01:19 -07:00
Matthew Daley
4ea7f3aa5d x25: Prevent skb overreads when checking call user data 
commit 7f81e25bef upstream.

x25_find_listener does not check that the amount of call user data given
in the skb is big enough in per-socket comparisons, hence buffer
overreads may occur.  Fix this by adding a check.

Signed-off-by: Matthew Daley <mattjd@gmail.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Andrew Hendry <andrew.hendry@gmail.com>
Acked-by: Andrew Hendry <andrew.hendry@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-25 07:10:17 +02:00
Dmitry Shmidt
fdfcbc682a net: wireless: Fix CFG80211_ALLOW_RECONNECT option for disconnect 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
 2011-10-18 12:30:02 -07:00
Jason Wang
a1b7ab0836 ipv6: fix NULL dereference in udp6_ufo_fragment() 
This patch fixes the issue caused by ef81bb40bf
which is a backport of upstream 87c48fa3b4. The
problem does not exist in upstream.

We do not check whether route is attached before trying to assign ip
identification through route dest which lead NULL pointer dereference. This
happens when host bridge transmit a packet from guest.

This patch changes ipv6_select_ident() to accept in6_addr as its paramter and
fix the issue by using the destination address in ipv6 header when no route is
attached.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-16 14:14:54 -07:00
JP Abgrall
8493beb104 netfilter: xt_qtaguid: fix crash on ctrl delete command 
Because for now the xt_qtaguid module allows procs to use tags without
having /dev/xt_qtaguid open, there was a case where it would try
to delete a resources from a list that was proc specific.
But that resource was never added to that list which is only
used when /dev/xt_qtaguid has been opened by the proc.

Once our userspace is fully updated, we won't need those exceptions.

Change-Id: Idd4bfea926627190c74645142916e10832eb2504
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-10-07 22:16:01 -07:00
Ashish Sharma
3bc18c7282 bridge: Have tx_bytes count headers like rx_bytes. 
Since rx_bytes accounting does not include Ethernet Headers in
br_input.c, excluding ETH_HLEN on the transmit path for consistent
measurement of packet length on both the Tx and Rx chains.

The clean way would be for Rx to include the eth header, but the
skb len has already been adjusted by the time the br code sees the skb.
This is only a temporary workaround until we can completely ignore or
cleanly fix the skb->len handling.

Change-Id: I910de95a4686b2119da7f1f326e2154ef31f9972
Signed-off-by: Ashish Sharma <ashishsharma@google.com>
 2011-10-07 17:54:30 -07:00
Ashish Sharma
ca37d833b0 netfilter: xt_qtaguid: Fix the stats info display order 
Change-Id: I3bf165c31f35a6c7dc212f23df5eefaeb8129d0d
Signed-off-by: Ashish Sharma <ashishsharma@google.com>
 2011-10-06 17:02:06 -07:00
Jouni Malinen
508ed74454 cfg80211: Fix validation of AKM suites 
commit 1b9ca0272f upstream.

Incorrect variable was used in validating the akm_suites array from
NL80211_ATTR_AKM_SUITES. In addition, there was no explicit
validation of the array length (we only have room for
NL80211_MAX_NR_AKM_SUITES).

This can result in a buffer write overflow for stack variables with
arbitrary data from user space. The nl80211 commands using the affected
functionality require GENL_ADMIN_PERM, so this is only exposed to admin
users.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:41:10 -07:00
Oliver Neukum
8341e503c2 Bluetooth: Fix timeout on scanning for the second time 
commit 2d20a26a92 upstream.

The checks for HCI_INQUIRY and HCI_MGMT were in the wrong order,
so that second scans always failed.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:41:01 -07:00
Eric Dumazet
af67433576 bridge: fix a possible use after free 
[ Upstream commit 22df13319d ]

br_multicast_ipv6_rcv() can call pskb_trim_rcsum() and therefore skb
head can be reallocated.

Cache icmp6_type field instead of dereferencing twice the struct
icmp6hdr pointer.

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:56 -07:00
Yan, Zheng
42270cd40b bridge: Pseudo-header required for the checksum of ICMPv6 
[ Upstream commit 4b275d7efa ]

Checksum of ICMPv6 is not properly computed because the pseudo header is not used.
Thus, the MLD packet gets dropped by the bridge.

Signed-off-by: Zheng Yan <zheng.z.yan@intel.com>
Reported-by: Ang Way Chuang <wcang@sfc.wide.ad.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:56 -07:00
Steffen Klassert
23b576bfe4 xfrm: Perform a replay check after return from async codepaths 
[ Upstream commit bcf66bf54a ]

When asyncronous crypto algorithms are used, there might be many
packets that passed the xfrm replay check, but the replay advance
function is not called yet for these packets. So the replay check
function would accept a replay of all of these packets. Also the
system might crash if there are more packets in async processing
than the size of the anti replay window, because the replay advance
function would try to update the replay window beyond the bounds.

This pach adds a second replay check after resuming from the async
processing to fix these issues.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:55 -07:00
Jiri Pirko
b082a5631a vlan: reset headers on accel emulation path 
[ Upstream commit c5114cd59d ]

It's after all necessary to do reset headers here. The reason is we
cannot depend that it gets reseted in __netif_receive_skb once skb is
reinjected. For incoming vlanids without vlan_dev, vlan_do_receive()
returns false with skb != NULL and __netif_reveive_skb continues, skb is
not reinjected.

This might be good material for 3.0-stable as well

Reported-by: Mike Auty <mike.auty@gmail.com>
Signed-off-by: Jiri Pirko <jpirko@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:55 -07:00
Mike Waychison
bc4c1bd0d9 tcp: initialize variable ecn_ok in syncookies path 
[ Upstream commit f0e3d0689d ]

Using a gcc 4.4.3, warnings are emitted for a possibly uninitialized use
of ecn_ok.

This can happen if cookie_check_timestamp() returns due to not having
seen a timestamp.  Defaulting to ecn off seems like a reasonable thing
to do in this case, so initialized ecn_ok to false.

Signed-off-by: Mike Waychison <mikew@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:54 -07:00
Zheng Yan
616ea55abc tcp: fix validation of D-SACK 
[ Upstream commit f779b2d60a ]

D-SACK is allowed to reside below snd_una. But the corresponding check
in tcp_is_sackblock_valid() is the exact opposite. It looks like a typo.

Signed-off-by: Zheng Yan <zheng.z.yan@intel.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:54 -07:00
Tim Chen
265d5c2eb2 scm: Capture the full credentials of the scm sender 
[ Upstream commit e33f7a9f37 ]

This patch corrects an erroneous update of credential's gid with uid
introduced in commit 257b5358b3 since 2.6.36.

Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Reviewed-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:54 -07:00
Florian Westphal
621ad27ca6 net_sched: prio: use qdisc_dequeue_peeked 
[ Upstream commit 3557619f0f ]

commit 07bd8df5df
(sch_sfq: fix peek() implementation) changed sfq to use generic
peek helper.

This makes HFSC complain about a non-work-conserving child qdisc, if
prio with sfq child is used within hfsc:

hfsc peeks into prio qdisc, which will then peek into sfq.
returned skb is stashed in sch->gso_skb.

Next, hfsc tries to dequeue from prio, but prio will call sfq dequeue
directly, which may return NULL instead of previously peeked-at skb.

Have prio call qdisc_dequeue_peeked, so sfq->dequeue() is
not called in this case.

Cc: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:53 -07:00
Julian Anastasov
018660661b netfilter: TCP and raw fix for ip_route_me_harder 
[ Upstream commit 797fd3913a ]

TCP in some cases uses different global (raw) socket
to send RST and ACK. The transparent flag is not set there.
Currently, it is a problem for rerouting after the previous
change.

	Fix it by simplifying the checks in ip_route_me_harder
and use FLOWI_FLAG_ANYSRC even for sockets. It looks safe
because the initial routing allowed this source address to
be used and now we just have to make sure the packet is rerouted.

	As a side effect this also allows rerouting for normal
raw sockets that use spoofed source addresses which was not possible
even before we eliminated the ip_route_input call.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:53 -07:00
Yan, Zheng
2ce655e2c1 mcast: Fix source address selection for multicast listener report 
[ Upstream commit e05c4ad3ed ]

Should check use count of include mode filter instead of total number
of include mode filters.

Signed-off-by: Zheng Yan <zheng.z.yan@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:53 -07:00
Daniel Baluta
ea918c9633 ipv6: Fix ipv6_getsockopt for IPV6_2292PKTOPTIONS 
[ Upstream commit 98e77438ae ]

IPV6_2292PKTOPTIONS is broken for 32-bit applications running
in COMPAT mode on 64-bit kernels.

The same problem was fixed for IPv4 with the patch:
ipv4: Fix ip_getsockopt for IP_PKTOPTIONS,
commit dd23198e58

Signed-off-by: Sorin Dumitru <sdumitru@ixiacom.com>
Signed-off-by: Daniel Baluta <dbaluta@ixiacom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:52 -07:00
Julian Anastasov
025fd91732 ipv4: some rt_iif -> rt_route_iif conversions 
[ Upstream commit 97a8041020 ]

As rt_iif represents input device even for packets
coming from loopback with output route, it is not an unique
key specific to input routes. Now rt_route_iif has such role,
it was fl.iif in 2.6.38, so better to change the checks at
some places to save CPU cycles and to restore 2.6.38 semantics.

compare_keys:
	- input routes: only rt_route_iif matters, rt_iif is same
	- output routes: only rt_oif matters, rt_iif is not
		used for matching in __ip_route_output_key
	- now we are back to 2.6.38 state

ip_route_input_common:
	- matching rt_route_iif implies input route
	- compared to 2.6.38 we eliminated one rth->fl.oif check
	because it was not needed even for 2.6.38

compare_hash_inputs:
	Only the change here is not an optimization, it has
	effect only for output routes. I assume I'm restoring
	the original intention to ignore oif, it was using fl.iif
	- now we are back to 2.6.38 state

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:51 -07:00
Gao feng
cbab190c50 fib:fix BUG_ON in fib_nl_newrule when add new fib rule 
[ Upstream commit 561dac2d41 ]

add new fib rule can cause BUG_ON happen
the reproduce shell is
ip rule add pref 38
ip rule add pref 38
ip rule add to 192.168.3.0/24 goto 38
ip rule del pref 38
ip rule add to 192.168.3.0/24 goto 38
ip rule add pref 38

then the BUG_ON will happen
del BUG_ON and use (ctarget == NULL) identify whether this rule is unresolved

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:51 -07:00
Eric Dumazet
5ee858c9ab bridge: fix a possible net_device leak 
[ Upstream commit 11f3a6bdc2 ]

Jan Beulich reported a possible net_device leak in bridge code after
commit bb900b27a2 (bridge: allow creating bridge devices with netlink)

Reported-by: Jan Beulich <JBeulich@novell.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:50 -07:00
Eric Dumazet
8e24aecbcd arp: fix rcu lockdep splat in arp_process() 
[ Upstream commit 20e6074eb8 ]

Dave Jones reported a lockdep splat triggered by an arp_process() call
from parp_redo().

Commit faa9dcf793 (arp: RCU changes) is the origin of the bug, since
it assumed arp_process() was called under rcu_read_lock(), which is not
true in this particular path.

Instead of adding rcu_read_lock() in parp_redo(), I chose to add it in
neigh_proxy_process() to take care of IPv6 side too.

 ===================================================
 [ INFO: suspicious rcu_dereference_check() usage. ]
 ---------------------------------------------------
 include/linux/inetdevice.h:209 invoked rcu_dereference_check() without
protection!

 other info that might help us debug this:

 rcu_scheduler_active = 1, debug_locks = 0
 4 locks held by setfiles/2123:
  #0:  (&sb->s_type->i_mutex_key#13){+.+.+.}, at: [<ffffffff8114cbc4>]
walk_component+0x1ef/0x3e8
  #1:  (&isec->lock){+.+.+.}, at: [<ffffffff81204bca>]
inode_doinit_with_dentry+0x3f/0x41f
  #2:  (&tbl->proxy_timer){+.-...}, at: [<ffffffff8106a803>]
run_timer_softirq+0x157/0x372
  #3:  (class){+.-...}, at: [<ffffffff8141f256>] neigh_proxy_process
+0x36/0x103

 stack backtrace:
 Pid: 2123, comm: setfiles Tainted: G        W
3.1.0-0.rc2.git7.2.fc16.x86_64 #1
 Call Trace:
  <IRQ>  [<ffffffff8108ca23>] lockdep_rcu_dereference+0xa7/0xaf
  [<ffffffff8146a0b7>] __in_dev_get_rcu+0x55/0x5d
  [<ffffffff8146a751>] arp_process+0x25/0x4d7
  [<ffffffff8146ac11>] parp_redo+0xe/0x10
  [<ffffffff8141f2ba>] neigh_proxy_process+0x9a/0x103
  [<ffffffff8106a8c4>] run_timer_softirq+0x218/0x372
  [<ffffffff8106a803>] ? run_timer_softirq+0x157/0x372
  [<ffffffff8141f220>] ? neigh_stat_seq_open+0x41/0x41
  [<ffffffff8108f2f0>] ? mark_held_locks+0x6d/0x95
  [<ffffffff81062bb6>] __do_softirq+0x112/0x25a
  [<ffffffff8150d27c>] call_softirq+0x1c/0x30
  [<ffffffff81010bf5>] do_softirq+0x4b/0xa2
  [<ffffffff81062f65>] irq_exit+0x5d/0xcf
  [<ffffffff8150dc11>] smp_apic_timer_interrupt+0x7c/0x8a
  [<ffffffff8150baf3>] apic_timer_interrupt+0x73/0x80
  <EOI>  [<ffffffff8108f439>] ? trace_hardirqs_on_caller+0x121/0x158
  [<ffffffff814fc285>] ? __slab_free+0x30/0x24c
  [<ffffffff814fc283>] ? __slab_free+0x2e/0x24c
  [<ffffffff81204e74>] ? inode_doinit_with_dentry+0x2e9/0x41f
  [<ffffffff81204e74>] ? inode_doinit_with_dentry+0x2e9/0x41f
  [<ffffffff81204e74>] ? inode_doinit_with_dentry+0x2e9/0x41f
  [<ffffffff81130cb0>] kfree+0x108/0x131
  [<ffffffff81204e74>] inode_doinit_with_dentry+0x2e9/0x41f
  [<ffffffff81204fc6>] selinux_d_instantiate+0x1c/0x1e
  [<ffffffff81200f4f>] security_d_instantiate+0x21/0x23
  [<ffffffff81154625>] d_instantiate+0x5c/0x61
  [<ffffffff811563ca>] d_splice_alias+0xbc/0xd2
  [<ffffffff811b17ff>] ext4_lookup+0xba/0xeb
  [<ffffffff8114bf1e>] d_alloc_and_lookup+0x45/0x6b
  [<ffffffff8114cbea>] walk_component+0x215/0x3e8
  [<ffffffff8114cdf8>] lookup_last+0x3b/0x3d
  [<ffffffff8114daf3>] path_lookupat+0x82/0x2af
  [<ffffffff8110fc53>] ? might_fault+0xa5/0xac
  [<ffffffff8110fc0a>] ? might_fault+0x5c/0xac
  [<ffffffff8114c564>] ? getname_flags+0x31/0x1ca
  [<ffffffff8114dd48>] do_path_lookup+0x28/0x97
  [<ffffffff8114df2c>] user_path_at+0x59/0x96
  [<ffffffff811467ad>] ? cp_new_stat+0xf7/0x10d
  [<ffffffff811469a6>] vfs_fstatat+0x44/0x6e
  [<ffffffff811469ee>] vfs_lstat+0x1e/0x20
  [<ffffffff81146b3d>] sys_newlstat+0x1a/0x33
  [<ffffffff8108f439>] ? trace_hardirqs_on_caller+0x121/0x158
  [<ffffffff812535fe>] ? trace_hardirqs_on_thunk+0x3a/0x3f
  [<ffffffff8150af82>] system_call_fastpath+0x16/0x1b

Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:50 -07:00
Rajkumar Manoharan
cb49a34465 wireless: Reset beacon_found while updating regulatory 
commit aa3d7eef39 upstream.

During the association, the regulatory is updated by country IE
that reaps the previously found beacons. The impact is that
after a STA disconnects *or* when for any reason a regulatory
domain change happens the beacon hint flag is not cleared
therefore preventing future beacon hints to be learned.
This is important as a regulatory domain change or a restore
of regulatory settings would set back the passive scan and no-ibss
flags on the channel. This is the right place to do this given that
it covers any regulatory domain change.

Reviewed-by: Luis R. Rodriguez <mcgrof@gmail.com>
Signed-off-by: Rajkumar Manoharan <rmanohar@qca.qualcomm.com>
Acked-by: Luis R. Rodriguez <mcgrof@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:40 -07:00
Johannes Berg
e74aa3593a mac80211: fix missing sta_lock in __sta_info_destroy 
commit 4bae7d9769 upstream.

Since my commit 34e895075e
("mac80211: allow station add/remove to sleep") there is
a race in mac80211 when it clears the TIM bit because a
sleeping station disconnected, the spinlock isn't held
around the relevant code any more. Use the right API to
acquire the spinlock correctly.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:28 -07:00
Aneesh Kumar K.V
8926487ad8 net/9p: Fix kernel crash with msize 512K 
commit b49d8b5d70 upstream.

With msize equal to 512K (PAGE_SIZE * VIRTQUEUE_NUM), we hit multiple
crashes. This patch fix those.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:22 -07:00
Venkateswararao Jujjuri (JV)
8aeae69113 net/9p: Fix the msize calculation. 
commit c9ffb05ca5 upstream.

msize represents the maximum PDU size that includes P9_IOHDRSZ.

Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:18 -07:00
Aneesh Kumar K.V
a0be78ef93 fs/9p: Fid is not valid after a failed clunk. 
commit 5034990e28 upstream.

free the fid even in case of failed clunk.

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:17 -07:00
jvrao
0beac58515 VirtIO can transfer VIRTQUEUE_NUM of pages. 
commit 7f781679dd upstream.

Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:17 -07:00
jvrao
8b1aebc0be Fix the size of receive buffer packing onto VirtIO ring. 
commit 114e6f3a5e upstream.

Signed-off-by: Venkateswararao Jujjuri "<jvrao@linux.vnet.ibm.com>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:16 -07:00
Eric Van Hensbergen
7b551b7069 net/9p: fix client code to fail more gracefully on protocol error 
commit b85f7d92d7 upstream.

There was a BUG_ON to protect against a bad id which could be dealt with
more gracefully.

Reported-by: Natalie Orlin <norlin@us.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:40:16 -07:00
Daniel Schwierzeck
bdfd59ed66 atm: br2684: Fix oops due to skb->dev being NULL 
commit fbe5e29ec1 upstream.

This oops have been already fixed with commit

    27141666b6

    atm: [br2684] Fix oops due to skb->dev being NULL

    It happens that if a packet arrives in a VC between the call to open it on
    the hardware and the call to change the backend to br2684, br2684_regvcc
    processes the packet and oopses dereferencing skb->dev because it is
    NULL before the call to br2684_push().

but have been introduced again with commit

    b6211ae7f2

    atm: Use SKB queue and list helpers instead of doing it by-hand.

Signed-off-by: Daniel Schwierzeck <daniel.schwierzeck@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:39:57 -07:00
Mathieu Desnoyers
5772ee1f18 sendmmsg/sendmsg: fix unsafe user pointer access 
commit bc909d9ddb upstream.

Dereferencing a user pointer directly from kernel-space without going
through the copy_from_user family of functions is a bad idea. Two of
such usages can be found in the sendmsg code path called from sendmmsg,
added by

commit c71d8ebe7a upstream.
commit 5b47b8038f in the 3.0-stable tree.

Usages are performed through memcmp() and memcpy() directly. Fix those
by using the already copied msg_sys structure instead of the __user *msg
structure. Note that msg_sys can be set to NULL by verify_compat_iovec()
or verify_iovec(), which requires additional NULL pointer checks.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
CC: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
CC: Anton Blanchard <anton@samba.org>
CC: David S. Miller <davem@davemloft.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 2011-10-03 11:39:54 -07:00
JP Abgrall
4f3824a38c netfilter: ipv6: fix crash caused by ipv6_find_hdr() 
When calling:
    ipv6_find_hdr(skb, &thoff, -1, NULL)
on a fragmented packet, thoff would be left with a random
value causing callers to read random memory offsets with:
    skb_header_pointer(skb, thoff, ...)

Now we force ipv6_find_hdr() to return a failure in this case.
Calling:
  ipv6_find_hdr(skb, &thoff, -1, &fragoff)
will set fragoff as expected, and not return a failure.

Change-Id: Ib474e8a4267dd2b300feca325811330329684a88
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-09-30 19:24:19 -07:00
JP Abgrall
5c35106592 netfilter: xt_qtaguid: add missing tracking for no filp case 
In cases where the skb would have an sk_socket but no file, that skb
would not be counted at all. Assigning to uid 0 now.

Adding extra counters to track skb counts.

Change-Id: If049b4b525e1fbd5afc9c72b4a174c0a435f2ca7
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-09-29 19:14:27 -07:00
JP Abgrall
c843dede96 netfilter: xt_qtaguid: fix crash after using delete ctrl command 
* Crash fix
The delete command would delete a socket tag entry without removing it
from the proc_qtu_data { ..., sock_tag_list, }.
This in turn would cause an exiting process to crash while cleaning up
its matching proc_qtu_data.

* Added more aggressive tracking/cleanup of proc_qtu_data
This should allow one process to cleanup qtu_tag_data{} left around from
processes that didn't use resource tracking via /dev/xt_qtaguid.

* Debug printing tweaks
Better code inclusion/exclusion handling,
and extra debug out of full state.

Change-Id: I735965af2962ffcd7f3021cdc0068b3ab21245c2
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-09-25 19:24:14 -07:00
JP Abgrall
7007813a12 netfilter: xt_qtaguid: change WARN_ONCE into pr_warn_once 
Make the warning less scary.

Change-Id: I0276c5413e37ec991f24db57aeb90333fb1b5a65
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-09-20 14:23:51 -07:00
JP Abgrall
1d1fa838dd netfilter: xt_qtaguid: provide an iface_stat_all proc entry 
There is a
  /proc/net/xt_qtaguid/iface/<iface>/{rx_bytes,rx_packets,tx_bytes,...}
but for better convenience and to avoid getting overly stale net/dev stats
we now have
  /proc/net/xt_qtaguid/iface_stat_all
which outputs lines of:
  iface_name active rx_bytes rx_packets tx_bytes tx_packets
    net_dev_rx_bytes net_dev_rx_packets net_dev_tx_bytes net_dev_tx_packets

Change-Id: I12cc10d2d123b86b56d4eb489b1d77b2ce72ebcf
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-09-20 09:44:41 -07:00
JP Abgrall
a682462f22 netfilter: xt_qtaguid: work around devices that reset their stats 
Most net devs will not reset their stats when just going down/up,
unless a NETDEV_UNREGISTER was notified.
But some devs will not send out a NETDEV_UNREGISTER but still
reset their stats just before a NETDEV_UP.
Now we just track the dev stats during NETDEV_DOWN... just in case.
Then on NETDEV_UP we check the stats: if the device didn't do a
NETDEV_UNREGISTER and a prior NETDEV_DOWN captured stats, then we treat
it as an UNREGISTER and save the totals from the stashed values.

Added extra netdev event debugging.

Change-Id: Iec79e74bfd40269aa3e5892f161be71e09de6946
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-09-15 10:50:51 -07:00
Dmitry Shmidt
f6ec523a13 net: wireless: Add CFG80211_ALLOW_RECONNECT option 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
 2011-09-15 09:25:48 -07:00