Olof Johansson [Wed, 26 Sep 2007 21:23:31 +0000 (16:23 -0500)]
pasemi_mac: set interface speed correctly on XAUI ports
pasemi_mac: set interface speed correctly on XAUI ports
Set interface speed for XAUI to 10G per default, not 1G.
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Roland Dreier [Fri, 28 Sep 2007 22:33:51 +0000 (15:33 -0700)]
[IPoIB]: Convert to netdevice internal stats
Use the stats member of struct netdevice in IPoIB, so we can save
memory by deleting the stats member of struct ipoib_dev_priv, and save
code by deleting ipoib_get_stats().
Signed-off-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Joseph Fannin [Fri, 28 Sep 2007 21:47:32 +0000 (14:47 -0700)]
[NETFILTER]: bridge: remove broken netfilter binary sysctls
The netfilter sysctls in the bridging code don't set strategy routines:
sysctl table check failed: /net/bridge/bridge-nf-call-arptables .3.10.1 Missing strategy
sysctl table check failed: /net/bridge/bridge-nf-call-iptables .3.10.2 Missing strategy
sysctl table check failed: /net/bridge/bridge-nf-call-ip6tables .3.10.3 Missing strategy
sysctl table check failed: /net/bridge/bridge-nf-filter-vlan-tagged .3.10.4 Missing strategy
sysctl table check failed: /net/bridge/bridge-nf-filter-pppoe-tagged .3.10.5 Missing strategy
These binary sysctls can't work. The binary sysctl numbers of
other netfilter sysctls with this problem are being removed. These
need to go as well.
Signed-off-by: Joseph Fannin <jfannin@gmail.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jan Engelhardt [Fri, 28 Sep 2007 21:46:43 +0000 (14:46 -0700)]
[NETFILTER]: x_tables: add xt_time match
This is ipt_time from POM-ng enhanced by the following:
* xtables/ipv6 support
* second granularity for daytime
* day-of-month support (for example "match on the 15th of each month")
* match against UTC or local timezone
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michal Miroslaw [Fri, 28 Sep 2007 21:45:52 +0000 (14:45 -0700)]
[NETFILTER]: nfnetlink_log: fix some constants
Fix timeout (one second is 1 * HZ) and convert max packet copy length
to #defined constant.
Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michal Miroslaw [Fri, 28 Sep 2007 21:45:27 +0000 (14:45 -0700)]
[NETFILTER]: nfnetlink_log: fix instance_create() failure path
Fix memory leak on instance_create() while module is being unloaded.
Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michal Miroslaw [Fri, 28 Sep 2007 21:45:06 +0000 (14:45 -0700)]
[NETFILTER]: nfnetlink_log: fix style
Fix function definition style to match other functions in nfnetlink_log.c.
Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michal Miroslaw [Fri, 28 Sep 2007 21:44:44 +0000 (14:44 -0700)]
[NETFILTER]: nfnetlink_log: flush queue early
If queue is filled to its threshold, then flush it right away instead
of waiting for timer or next packet.
Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michal Miroslaw [Fri, 28 Sep 2007 21:44:21 +0000 (14:44 -0700)]
[NETFILTER]: nfnetlink_log: kill duplicate code
Kill some cut'n'paste effect.
Just after __nfulnl_send() returning, inst->skb is always NULL.
Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pablo Neira Ayuso [Fri, 28 Sep 2007 21:43:53 +0000 (14:43 -0700)]
[NETFILTER]: nf_conntrack_netlink: add support to related connections
This patch adds support to relate a connection to an existing master
connection. This patch is used by conntrackd to correctly replicate
related connections.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:41:50 +0000 (14:41 -0700)]
[NETFILTER]: nf_conntrack_expect: kill unique ID
Similar to the conntrack ID, the per-expectation ID is not needed
anymore, kill it.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:41:27 +0000 (14:41 -0700)]
[NETFILTER]: nf_conntrack: kill unique ID
Remove the per-conntrack ID, its not necessary anymore for dumping.
For compatiblity reasons we send the address of the conntrack to
userspace as ID.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:40:56 +0000 (14:40 -0700)]
[NETFILTER]: nfnetlink: kill nlattr_bad_size
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:39:55 +0000 (14:39 -0700)]
[NETFILTER]: ctnetlink: use netlink policy
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:39:26 +0000 (14:39 -0700)]
[NETFILTER]: nfnetlink_queue: use netlink policy
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:39:09 +0000 (14:39 -0700)]
[NETFILTER]: nfnetlink_log: use netlink policy
Also remove unused nfula_min array.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:38:52 +0000 (14:38 -0700)]
[NETFILTER]: nfnetlink: support attribute policies
Add support for automatic checking of per-callback attribute policies.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:38:07 +0000 (14:38 -0700)]
[NETFILTER]: nfnetlink: use nlmsg_notify()
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:37:41 +0000 (14:37 -0700)]
[NETFILTER]: nfnetlink: rename functions containing 'nfattr'
There is no struct nfattr anymore, rename functions to 'nlattr'.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:37:03 +0000 (14:37 -0700)]
[NETFILTER]: nfnetlink: convert to generic netlink attribute functions
Get rid of the duplicated rtnetlink macros and use the generic netlink
attribute functions. The old duplicated stuff is moved to a new header
file that exists just for userspace.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Patrick McHardy [Fri, 28 Sep 2007 21:15:45 +0000 (14:15 -0700)]
[NETFILTER]: nfnetlink: make subsystem and callbacks const
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Fri, 28 Sep 2007 00:10:06 +0000 (17:10 -0700)]
[NETNS]: CLONE_NEWNET don't use the same clone flag as the pid namespace.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Fri, 28 Sep 2007 00:09:39 +0000 (17:09 -0700)]
[NET]: Bring comments in loopback.c uptodate.
A hint as to why it is safe to use per cpu variables,
and note that we actually can have multiple instances
of the loopback device now.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ivo van Doorn [Thu, 27 Sep 2007 21:57:05 +0000 (14:57 -0700)]
[RFKILL]: Move rfkill_switch_all out of global header
rfkill_switch_all shouldn't be called by drivers directly,
instead they should send a signal over the input device.
To prevent confusion for driver developers, move the
function into a rfkill private header.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
John W. Linville [Thu, 27 Sep 2007 21:00:29 +0000 (17:00 -0400)]
[PATCH] iwlwifi: fix imcomplete conversion to print_mac API
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:44 +0000 (11:27 +0800)]
[PATCH] iwlwifi: Update iwlwifi version stamp to 1.1.17
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:43 +0000 (11:27 +0800)]
[PATCH] iwlwifi: add debugfs rate scale stats
This patch adds rates scale statistics to debugfs:
$ cat /sys/kernel/debug/ieee80211/phy<X>/stations/<mac>/rate_stats_table
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:42 +0000 (11:27 +0800)]
[PATCH] iwlwifi: set fixed rate through debugfs
This patch adds fixed rate setting through debugfs
$ echo <rate_n_flags> > \
/sys/kernel/debug/ieee80211/phy<X>/stations/<mac>/rate_scale_table
Currently there is no way to turn to rate scaling working again.
Will be fixed in later.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:41 +0000 (11:27 +0800)]
[PATCH] iwlwifi: rs_rate_scale_perform clean up
This patch cleans up rs_rate_scale_perform function. It removes dead
code, shortens variable names and removes useless return i.e. function
now returns void.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:40 +0000 (11:27 +0800)]
[PATCH] iwlwifi: add supp_rates to rate scale sta private data
This patch adds supp_rate bit mask to rate scale sta private data structre
and thus removes sta from the argument list in helper functions.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:39 +0000 (11:27 +0800)]
[PATCH] iwlwifi: limit printouts on hot path
This patch change printouts on TX path to the net_ratelimit version.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:38 +0000 (11:27 +0800)]
[PATCH] iwlwifi: add read rate scale table debugfs function
This patch adds read rate scale table debugfs function for 4965
rate scaling module.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:37 +0000 (11:27 +0800)]
[PATCH] iwlwifi: add debugfs framework to rate scale
This patch adds debugfs handler to rate scale algorithms.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:36 +0000 (11:27 +0800)]
[PATCH] iwlwifi: removing unnecessary memset in 4965 rate scale
This patch removes redundant memset in rate scale. In rs_alloc_sta,
kzalloc is used so the memset can be avoided. In rs_rate_init, it is
a bug fix since it overrides everything set in other handlers namely
add_debugfs.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:35 +0000 (11:27 +0800)]
[PATCH] iwlwifi: fix add_station to avoid FW error
There were a few Firmware errors reported the most reproducible
http://bughost.org/bugzilla/show_bug.cgi?id=1471
The root cause is rate_n_flags isn't set anymore. This patch fixes
the problem.
Signed-off-by: Ian Schram <ischram@telenet.be>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:34 +0000 (11:27 +0800)]
[PATCH] iwlwifi: Fix typo in rate sacling algorithm
This patch fixes tiny typo in 4965 rate sacling algorithm
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:33 +0000 (11:27 +0800)]
[PATCH] iwlwifi: clear station table in rxon unconditionally
This patch clears stations table for every rxon command.
It removes iwl_rxon_add_station function in 3945.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:32 +0000 (11:27 +0800)]
[PATCH] iwlwifi: Correction for sending beacon in config_ap
This patch takes out sending beacon from conditional in
config_ap function.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:31 +0000 (11:27 +0800)]
[PATCH] iwlwifi: workaournd REPLY_COMPRESSED_BA command in iwl_rx_handle
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Zhu Yi [Thu, 27 Sep 2007 03:27:30 +0000 (11:27 +0800)]
[PATCH] iwlwifi: replacing IPW with IWL in error messages
This patch repaces IPW with IWL in error messages.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Buesch [Thu, 27 Sep 2007 12:42:42 +0000 (14:42 +0200)]
[PATCH] rfkill: Fix documentation typos
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Buesch [Wed, 26 Sep 2007 19:08:47 +0000 (21:08 +0200)]
[PATCH] mac80211: bss_tim_clear must use ~ instead of !
We need to use bitwise NOT.
This also cleans up the code a little bit to make it more readable.
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:50 +0000 (15:19 +0200)]
[PATCH] mac80211: remove generic IE for AP interfaces
This is not useful since we do not support probe response
offload to hardware at this time and beacons are set in
another way.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:48 +0000 (15:19 +0200)]
[PATCH] mac80211: remove all prism2 ioctls
This patch removes all prism2 ioctls.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:47 +0000 (15:19 +0200)]
[PATCH] mac80211: fix iff_promiscs, iff_allmultis race
When we update the counters iff_promiscs and iff_allmultis
in struct ieee80211_local we have no common lock held to
protect them. The problem is that the update to each counter
may not be atomic, so we could end up with iff_promiscs == -1
in unfortunate conditions. To fix it, use atomic_t values.
It doesn't matter whether the two counters are updated
together atomically or not, if there are two invocations
of set_multicast_list we will end up with multiple
configure_filter() invocations of which the latter will always
be correct.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:45 +0000 (15:19 +0200)]
[PATCH] mac80211: fix TKIP IV update
The TKIP IV should be updated only after MMIC verification,
this patch changes it to be at that spot.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:43 +0000 (15:19 +0200)]
[PATCH] mac80211: fix vlan bug
VLAN interfaces have yet another bug: they aren't accounted
for properly in the receive path in prepare_for_handlers().
I noticed this by code inspection, but it would be easy for
the compiler to catch such things if we'd just use the proper
enum where appropriate.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:42 +0000 (15:19 +0200)]
[PATCH] mac80211: remove ieee80211_wep_get_keyidx
This function is not used any more.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:41 +0000 (15:19 +0200)]
[PATCH] mac80211: consolidate encryption
Currently we run through all crypto handlers for each transmitted
frame although we already know which one will be used. This
changes the code to invoke only the needed handler. It also moves
the wep code into wep.c.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:40 +0000 (15:19 +0200)]
[PATCH] mac80211: consolidate decryption
Currently, we run through all three crypto algorithms for each
received frame even though we have previously determined which
key we have and as such already know which algorithm will be
used. Change it to invoke only the needed function. Also move
the WEP decrypt handler to wep.c so that fewer functions need
to be non-static.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 13:19:39 +0000 (15:19 +0200)]
[PATCH] mac80211: pass frames to monitor interfaces early
This makes mac80211 pass all frames to monitor interfaces early
before all receive processing with the benefit that only a single
copy needs to be made, all monitors can receive clones of the skb
and if the frame will be discarded we don't even need to make a
single copy.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Wed, 26 Sep 2007 12:27:23 +0000 (14:27 +0200)]
[PATCH] mac80211: fix interface initialisation and deinitialisation
When an interface is registered it is still uninitialised so
ieee80211_if_reinit() can't be called on it (it will oops.)
Hence, we need to move the uninit method assignment.
Also, this patch fixes the bug that the master device is never
initialised nor deinitialised at all. Oddly, the deinit code
had an if statement to not run some code when running for the
master interface (which never happened), but that if statement
is also wrong. Fix that too.
Now that the uninit code is run for the master device, another
bug surfaced: it tries to remove all dependent interfaces and
that oopses or BUGs at some point, either because it unregisters
already unregistered interfaces (missing list_del bug) or due
to trying to iterate a list that has had other things removed.
Fix this too by handling the master interface specially.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Herbert Xu [Thu, 27 Sep 2007 19:48:05 +0000 (12:48 -0700)]
[PKT_SCHED]: Add stateless NAT
Stateless NAT is useful in controlled environments where restrictions are
placed on through traffic such that we don't need connection tracking to
correctly NAT protocol-specific data.
In particular, this is of interest when the number of flows or the number
of addresses being NATed is large, or if connection tracking information
has to be replicated and where it is not practical to do so.
Previously we had stateless NAT functionality which was integrated into
the IPv4 routing subsystem. This was a great solution as long as the NAT
worked on a subnet to subnet basis such that the number of NAT rules was
relatively small. The reason is that for SNAT the routing based system
had to perform a linear scan through the rules.
If the number of rules is large then major renovations would have take
place in the routing subsystem to make this practical.
For the time being, the least intrusive way of achieving this is to use
the u32 classifier written by Alexey Kuznetsov along with the actions
infrastructure implemented by Jamal Hadi Salim.
The following patch is an attempt at this problem by creating a new nat
action that can be invoked from u32 hash tables which would allow large
number of stateless NAT rules that can be used/updated in constant time.
The actual NAT code is mostly based on the previous stateless NAT code
written by Alexey. In future we might be able to utilise the protocol
NAT code from netfilter to improve support for other protocols.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michael Wu [Mon, 24 Sep 2007 22:10:25 +0000 (18:10 -0400)]
[PATCH] adm8211: Detect interface up/down in suspend/resume hooks correctly
Interface up/down detection was incorrectly changed during the filter API
update.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Wu [Mon, 24 Sep 2007 22:10:25 +0000 (18:10 -0400)]
[PATCH] adm8211: Pass all TXed frames to tx_status_irqsafe
ieee80211_tx_status_irqsafe can handle the freeing of all TXed frames.
Also, set excessive_retries for failed frames.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Wu [Mon, 24 Sep 2007 22:10:25 +0000 (18:10 -0400)]
[PATCH] adm8211: Use revision from pci_dev
No need to load the revision ourselves anymore.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Wu [Mon, 24 Sep 2007 22:10:25 +0000 (18:10 -0400)]
[PATCH] adm8211: kill version printks
No need to pollute dmesg with copyright info.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Wu [Mon, 24 Sep 2007 22:10:25 +0000 (18:10 -0400)]
[PATCH] adm8211: Improve writing of mac addrs to registers
The mac address write is broken for big endian and the bssid write can be
simplified. This patch does both.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Wu [Mon, 24 Sep 2007 22:10:25 +0000 (18:10 -0400)]
[PATCH] adm8211: kill interrupt loop
Looping in the interrupt handler is unnecessary.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:58:08 +0000 (20:58 +0200)]
[PATCH] rt2x00: Release rt2x00 2.0.9
Version bump
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:57:49 +0000 (20:57 +0200)]
[PATCH] rt2x00: Fix panic on rmmod with rfkill enabled
When ieee80211_hw.config indicates that the radio
is enabled and is configuring options that require
the link tuner to be restarted the link tuner will
cause a kernel panic when rfkill has indicated the
radio was in fact disabled.
Signed-off-by: Modestas Vainius <modestas@vainius.eu>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:57:25 +0000 (20:57 +0200)]
[PATCH] rt2x00: Fix obvious typo in comment
Signed-off-by: Modestas Vainius <modestas@vainius.eu>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:57:04 +0000 (20:57 +0200)]
[PATCH] rt2x00: Stop link tuning when radio is down
As pointed out by Modestas Vainius the link tuner
could continue working while the radio is already
down. This because at the start of disable_radio
the ENABLED_RADIO flag is cleared and causes the
toggle_rx to skip the stop_link_tuner() call.
This will add a check to the start of the link tuner
which will automatically stop the link tuner when the
radio is disabled.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:56:36 +0000 (20:56 +0200)]
[PATCH] rt2x00: make rt2x00lib_stop_link_tuner() reentrant with link_tuner work
Calling cancel_delayed_work_sync() unconditionally won't hurt
and it will avoid race conditions when another CPU is already
executing link_tuner work.
Signed-off-by: Modestas Vainius <modestas@vainius.eu>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:13:51 +0000 (20:13 +0200)]
rt2x00: Add rt2x00dev->flags to debugfs
Loosely based on the patch by Matthijs Kooijman,
this will add the dev_flags entry into debugfs which
will display rt2x00dev->flags.
This will allow easier debugging of flag handling.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:55:39 +0000 (20:55 +0200)]
[PATCH] rt2x00: Reorganize rt2x00dev->flags
The rt2x00dev->flags has become a chaos over time,
this will reorganize the flags by renaming, deleting, adding
and properly implement the flags.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:54:44 +0000 (20:54 +0200)]
[PATCH] rt2x00: Correctly identify rt2561turbo
Apparently rt2561s actually has PCI ID 0x0301
and rt2561 actually has PCI ID 0x0302.
Where rt2561s supports Turbo.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:54:20 +0000 (20:54 +0200)]
[PATCH] rt2x00: Increase rt2x00usb_vendor_request timeout.
By increasing the timeout for rt2x00usb_vendor_request,
we should limit the number of loops required to send
a signal to the device succefully.
500ms timeout is specified by the Ralink legacy drivers
for rt2500usb. For rt73usb 1000ms is specified, but that
includes the timeout for the firmware which is already
specified in a different define.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:53:43 +0000 (20:53 +0200)]
[PATCH] rt2x00: Make *_beacon_update static
Make rt61pci_beacon_update and rt73usb_beacon_update static,
they are only used inside their own source file and then only
for setting it as callback funtion for mac80211.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Tue, 25 Sep 2007 18:53:20 +0000 (20:53 +0200)]
[PATCH] rt2x00: Correct error in calculating rssi for link tuner
The call to rt2x00lib_precalculate_link_signal resets link.rx_success
which is needed when calculating the average rssi for the link
tuner. Change the call order so the link tuner runs first as it
doesn't need the result of the precalculate.
Signed-off-by: Adam Baker <linux@baker-net.org.uk>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 18 Sep 2007 21:29:21 +0000 (17:29 -0400)]
[PATCH] mac80211: fix virtual interface locking
Florian Lohoff noticed a bug in mac80211: when bringing the
master interface down while other virtual interfaces are up
we call dev_close() under a spinlock which is not allowed.
This patch removes the sub_if_lock used by mac80211 in favour
of using an RCU list. All list manipulations are already done
under rtnl so are well protected against each other, and the
read-side locks we took in the RX and TX code are already in
RCU read-side critical sections.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Cc: Florian Lohoff <flo@rfc822.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Michal Piotrowski <michal.k.k.piotrowski@gmail.com>
Cc: Satyam Sharma <satyam@infradead.org>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 18 Sep 2007 21:29:21 +0000 (17:29 -0400)]
[PATCH] mac80211: remove crypto algorithm typedef
The typedef is not required, we can just use "enum ieee80211_key_alg"
instead of "ieee80211_key_alg"
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 18 Sep 2007 21:29:20 +0000 (17:29 -0400)]
[PATCH] wireless networking: move frame inline functions to generic header
These inlines are generally useful, not just with mac80211.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 18 Sep 2007 21:29:20 +0000 (17:29 -0400)]
[PATCH] mac80211: document a lot more
This patch adds a lot more documentation (in kernel-doc format)
to include/net/mac80211.h
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Tue, 18 Sep 2007 21:29:15 +0000 (17:29 -0400)]
[PATCH] mac80211: renumber and document the hardware flags
Currently, hardware flags that drivers must set are not
documented well enough. Fix this.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Mon, 17 Sep 2007 05:29:24 +0000 (01:29 -0400)]
[PATCH] mac80211: validate VLAN interfaces better
This patch changes mac80211 to verify that VLAN interfaces
are valid and not bother drivers about them any more.
VLAN interfaces are now only valid when an AP interface
is up with the same MAC address, and are automatically
turned off when the AP interface is set down.
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Cc: Jouni Malinen <j@w1.fi>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Johannes Berg [Mon, 17 Sep 2007 05:29:23 +0000 (01:29 -0400)]
[PATCH] mac80211: revamp interface and filter configuration
Drivers are currently supposed to keep track of monitor
interfaces if they allow so-called "hard" monitor, and
they are also supposed to keep track of multicast etc.
This patch changes that, replaces the set_multicast_list()
callback with a new configure_filter() callback that takes
filter flags (FIF_*) instead of interface flags (IFF_*).
For a driver, this means it should open the filter as much
as necessary to get all frames requested by the filter flags.
Accordingly, the filter flags are named "positively", e.g.
FIF_ALLMULTI.
Multicast filtering is a bit special in that drivers that
have no multicast address filters need to allow multicast
frames through when either the FIF_ALLMULTI flag is set or
when the mc_count value is positive.
At the same time, drivers are no longer notified about
monitor interfaces at all, this means they now need to
implement the start() and stop() callbacks and the new
change_filter_flags() callback. Also, the start()/stop()
ordering changed, start() is now called *before* any
add_interface() as it really should be, and stop() after
any remove_interface().
The patch also changes the behaviour of setting the bssid
to multicast for scanning when IEEE80211_HW_NO_PROBE_FILTERING
is set; the IEEE80211_HW_NO_PROBE_FILTERING flag is removed
and the filter flag FIF_BCN_PRBRESP_PROMISC introduced.
This is a lot more efficient for hardware like b43 that
supports it and other hardware can still set the BSSID
to all-ones.
Driver modifications by Johannes Berg (b43 & iwlwifi), Michael Wu
(rtl8187, adm8211, and p54), Larry Finger (b43legacy), and
Ivo van Doorn (rt2x00).
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Denis V. Lunev [Thu, 27 Sep 2007 19:04:19 +0000 (12:04 -0700)]
[NET]: Proper comment for loopback initialization order.
Loopback device is special. It should be initialized at the very
beginning. Initialization order has been changed by
Eric W. Biederman <ebiederm@xmission.com> and this change is non-obvious
and important enough to add proper comment.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:40:08 +0000 (22:40 -0700)]
[NETNS]: Simplify the network namespace list locking rules.
Denis V. Lunev <den@sw.ru> noticed that the locking rules
for the network namespace list are over complicated and broken.
In particular the current register_netdev_notifier currently
does not take any lock making the for_each_net iteration racy
with network namespace creation and destruction. Oops.
The fact that we need to use for_each_net in rtnl_unlock() when
the rtnetlink support becomes per network namespace makes designing
the proper locking tricky. In addition we need to be able to call
rtnl_lock() and rtnl_unlock() when we have the net_mutex held.
After thinking about it and looking at the alternatives carefully
it looks like the simplest and most maintainable solution is
to remove net_list_mutex altogether, and to use the rtnl_mutex instead.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jonathan Bastien-Filiatrault [Thu, 27 Sep 2007 05:34:25 +0000 (22:34 -0700)]
[IRDA]: Document the fact that smsc-ircc2 will not use PNP by default
This avoids user confusion when they see that their device is not detected.
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Andrew Morton [Thu, 27 Sep 2007 05:31:19 +0000 (22:31 -0700)]
[ATM] net/atm/lec.c: printk warning fix
net/atm/lec.c: In function 'lec_start_xmit':
net/atm/lec.c:371: warning: format '%x' expects type 'unsigned int', but argument 4 has type 'long unsigned int'
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Satyam Sharma [Thu, 27 Sep 2007 05:29:51 +0000 (22:29 -0700)]
[PASEMI_MAC]: remove unused function
drivers/net/pasemi_mac.c: At top level:
drivers/net/pasemi_mac.c:89: warning: 'read_iob_reg' defined but not used
Signed-off-by: Satyam Sharma <satyam@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Satyam Sharma [Thu, 27 Sep 2007 05:29:02 +0000 (22:29 -0700)]
[SPIDERNET] spider_net_ethtool: Keep up with recent netdev stats changes
drivers/net/spider_net_ethtool.c: In function 'spider_net_get_ethtool_stats':
drivers/net/spider_net_ethtool.c:160: error: structure has no member named 'netdev_stats'
drivers/net/spider_net_ethtool.c:161: error: structure has no member named 'netdev_stats'
drivers/net/spider_net_ethtool.c:162: error: structure has no member named 'netdev_stats'
drivers/net/spider_net_ethtool.c:163: error: structure has no member named 'netdev_stats'
drivers/net/spider_net_ethtool.c:164: error: structure has no member named 'netdev_stats'
drivers/net/spider_net_ethtool.c:165: error: structure has no member named 'netdev_stats'
drivers/net/spider_net_ethtool.c:166: error: structure has no member named 'netdev_stats'
make[2]: *** [drivers/net/spider_net_ethtool.o] Error 1
Also do another ARRAY_SIZE() cleanup while at it.
Signed-off-by: Satyam Sharma <satyam@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Andrew Morton [Thu, 27 Sep 2007 05:21:28 +0000 (22:21 -0700)]
[WIRELESS]: Fix Kconfig.
Seems that a bare "depends" is no longer allowed in Sam's kbuild tree.
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Stephen Hemminger [Tue, 9 Oct 2007 08:40:57 +0000 (01:40 -0700)]
[NET]: Move hardware header operations out of netdevice.
Since hardware header operations are part of the protocol class
not the device instance, make them into a separate object and
save memory.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Stephen Hemminger [Thu, 27 Sep 2007 05:13:38 +0000 (22:13 -0700)]
[NET]: Wrap hard_header_parse
Wrap the hard_header_parse function to simplify next step of
header_ops conversion.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Stephen Hemminger [Tue, 9 Oct 2007 08:36:32 +0000 (01:36 -0700)]
[NET]: Wrap netdevice hardware header creation.
Add inline for common usage of hardware header creation, and
fix bug in IPV6 mcast where the assumption about negative return is
an errno. Negative return from hard_header means not enough space
was available,(ie -N bytes).
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 27 Sep 2007 05:11:56 +0000 (22:11 -0700)]
[NET]: Remove no longer relevant comment in loopback driver.
It talks about __get_cpu_var() which the driver no longer
does.
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:10:56 +0000 (22:10 -0700)]
[NET]: Make the loopback device per network namespace.
This patch makes loopback_dev per network namespace. Adding
code to create a different loopback device for each network
namespace and adding the code to free a loopback device
when a network namespace exits.
This patch modifies all users the loopback_dev so they
access it as init_net.loopback_dev, keeping all of the
code compiling and working. A later pass will be needed to
update the users to use something other than the initial network
namespace.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:10:06 +0000 (22:10 -0700)]
[IPV4]: When possible test for IFF_LOOPBACK and not dev == loopback_dev
Now that multiple loopback devices are becoming possible it makes
the code a little cleaner and more maintainable to test if a deivice
is th a loopback device by testing dev->flags & IFF_LOOPBACK instead
of dev == loopback_dev.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:09:25 +0000 (22:09 -0700)]
[IPV4]: Remove unnecessary test for the loopback device from inetdev_destroy
Currently we never call unregister_netdev for the loopback device so
it is impossible for us to reach inetdev_destroy with the loopback
device. So the test in inetdev_destroy is unnecessary.
Further when testing with my network namespace patches removing
unregistering the loopback device and calling inetdev_destroy works
fine so there appears to be no reason for avoiding unregistering the
loopback device.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:08:12 +0000 (22:08 -0700)]
[NET]: Dynamically allocate the per cpu counters for the loopback device.
This patch add support for dynamically allocating the statistics counters
for the loopback device and adds appropriate device methods for allocating
and freeing the loopback device.
This completes support for creating multiple instances of the loopback
device, in preparation for creating per network namespace instances.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:04:26 +0000 (22:04 -0700)]
[NET]: Add network namespace clone & unshare support.
This patch allows you to create a new network namespace
using sys_clone, or sys_unshare.
As the network namespace is still experimental and under development
clone and unshare support is only made available when CONFIG_NET_NS is
selected at compile time.
As this patch introduces network namespace support into code paths
that exist when the CONFIG_NET is not selected there are a few
additions made to net_namespace.h to allow a few more functions
to be used when the networking stack is not compiled in.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric W. Biederman [Thu, 27 Sep 2007 05:02:53 +0000 (22:02 -0700)]
[NET]: Fix running without sysfs
When sysfs support is compiled out the kernel still keeps and maintains
the kobject tree. So it is not safe to skip our kobject reference counting or
to avoid becoming members of the kobject tree. It is safe to not add
the networking specific sysfs attributes.
This patch removes the sysfs special cases from net/core/dev.c
renames functions from netdev_sysfs_xxxx to netdev_kobject_xxxx
and always compiles in net-sysfs.c
net-sysfs.c is modified with a CONFIG_SYSFS guard around the parts
that are actually sysfs specific.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Arnaldo Carvalho de Melo [Wed, 26 Sep 2007 22:38:55 +0000 (19:38 -0300)]
[CCID3]: Remove ifdef surrounding BUG_ON
As suggested by DaveM.
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Gerrit Renker [Wed, 26 Sep 2007 22:36:08 +0000 (19:36 -0300)]
[DCCP]: Reduce the number of writable states
Since DCCP requires to close both ends of a connection simultaneously,
permission to write in state DCCP_CLOSING is removed in dccp_sendmsg():
* if the sending end closed, it would encounter a write error anyhow;
* if the other end has closed the connection, it accepts no more data.
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Gerrit Renker [Wed, 26 Sep 2007 17:35:19 +0000 (14:35 -0300)]
[DCCP]: Factor out common code for generating Resets
This factors code common to dccp_v{4,6}_ctl_send_reset into a separate function,
and adds support for filling in the Data 1 ... Data 3 fields from RFC 4340, 5.6.
It is useful to have this separate, since the following Reset codes will always
be generated from the control socket rather than via dccp_send_reset:
* Code 3, "No Connection", cf. 8.3.1;
* Code 4, "Packet Error" (identification for Data 1 added);
* Code 5, "Option Error" (identification for Data 1..3 added, will be used later);
* Code 6, "Mandatory Error" (same as Option Error);
* Code 7, "Connection Refused" (what on Earth is the difference to "No Connection"?);
* Code 8, "Bad Service Code";
* Code 9, "Too Busy";
* Code 10, "Bad Init Cookie" (not used).
Code 0 is not recommended by the RFC, the following codes would be used in
dccp_send_reset() instead, since they all relate to an established DCCP connection:
* Code 1, "Closed";
* Code 2, "Aborted";
* Code 11, "Aggression Penalty" (12.3).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Gerrit Renker [Wed, 26 Sep 2007 14:32:49 +0000 (11:32 -0300)]
[DCCP]: Sequence number wrap-around when sending reset
This replaces normal addition with mod-48 addition so that sequence number
wraparound is respected.
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Gerrit Renker [Wed, 26 Sep 2007 14:31:49 +0000 (11:31 -0300)]
[DCCP]: Rate-limit DCCP-Syncs
This implements a SHOULD from RFC 4340, 7.5.4:
"To protect against denial-of-service attacks, DCCP implementations SHOULD
impose a rate limit on DCCP-Syncs sent in response to sequence-invalid packets,
such as not more than eight DCCP-Syncs per second."
The rate-limit is maintained on a per-socket basis. This is a more stringent
policy than enforcing the rate-limit on a per-source-address basis and
protects against attacks with forged source addresses.
Moreover, the mechanism is deliberately kept simple. In contrast to
xrlim_allow(), bursts of Sync packets in reply to sequence-invalid packets
are not supported. This foils such attacks where the receipt of a Sync
triggers further sequence-invalid packets. (I have tested this mechanism against
xrlim_allow algorithm for Syncs, permitting bursts just increases the problems.)
In order to keep flexibility, the timeout parameter can be set via sysctl; and
the whole mechanism can even be disabled (which is however not recommended).
The algorithm in this patch has been improved with regard to wrapping issues
thanks to a suggestion by Arnaldo.
Commiter note: Rate limited the step 6 DCCP_WARN too, as it says we're
sending a sync.
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Gerrit Renker [Wed, 26 Sep 2007 14:30:02 +0000 (11:30 -0300)]
[DCCP]: Remove duplicate code for Reset from connected socket
In this patch, duplicated code is removed for the case when a Reset packet is
sent from a connected socket. This code duplication is between dccp_make_reset
and dccp_transmit_skb, which already contained an (up to now entirely unused)
switch statement to fill in the reset code from the DCCP_SKB_CB.
The only thing that has been removed is the call to dst_clone(dst), since
the queue_xmit functions use sk_dst_cache anyway.
I wasn't sure which purpose inet_sk_rebuild_header served, so I left it in.
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>