Contents of /trunk/kernel26-alx/patches-2.6.23-r1/0103-2.6.23.4-all-fixes.patch
Parent Directory | Revision Log
Revision 658 -
(show annotations)
(download)
Mon Jun 23 21:39:39 2008 UTC (16 years, 3 months ago) by niro
File size: 29652 byte(s)
Mon Jun 23 21:39:39 2008 UTC (16 years, 3 months ago) by niro
File size: 29652 byte(s)
2.6.23-alx-r1: new default as we fix the via epia clocksource=tsc quircks -linux-2.6.23.17 -fbcondecor-0.9.4 -squashfs-3.3 -unionfs-2.3.3 -ipw3945-1.2.2 -mptbase-vmware fix
1 | diff --git a/include/linux/netlink.h b/include/linux/netlink.h |
2 | index 83d8239..63af986 100644 |
3 | --- a/include/linux/netlink.h |
4 | +++ b/include/linux/netlink.h |
5 | @@ -175,7 +175,7 @@ extern int netlink_unregister_notifier(struct notifier_block *nb); |
6 | /* finegrained unicast helpers: */ |
7 | struct sock *netlink_getsockbyfilp(struct file *filp); |
8 | int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock, |
9 | - long timeo, struct sock *ssk); |
10 | + long *timeo, struct sock *ssk); |
11 | void netlink_detachskb(struct sock *sk, struct sk_buff *skb); |
12 | int netlink_sendskb(struct sock *sk, struct sk_buff *skb, int protocol); |
13 | |
14 | diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
15 | index a656cec..ed2c458 100644 |
16 | --- a/include/linux/skbuff.h |
17 | +++ b/include/linux/skbuff.h |
18 | @@ -41,8 +41,7 @@ |
19 | #define SKB_DATA_ALIGN(X) (((X) + (SMP_CACHE_BYTES - 1)) & \ |
20 | ~(SMP_CACHE_BYTES - 1)) |
21 | #define SKB_WITH_OVERHEAD(X) \ |
22 | - (((X) - sizeof(struct skb_shared_info)) & \ |
23 | - ~(SMP_CACHE_BYTES - 1)) |
24 | + ((X) - SKB_DATA_ALIGN(sizeof(struct skb_shared_info))) |
25 | #define SKB_MAX_ORDER(X, ORDER) \ |
26 | SKB_WITH_OVERHEAD((PAGE_SIZE << (ORDER)) - (X)) |
27 | #define SKB_MAX_HEAD(X) (SKB_MAX_ORDER((X), 0)) |
28 | diff --git a/include/net/9p/9p.h b/include/net/9p/9p.h |
29 | index 88884d3..7726ff4 100644 |
30 | --- a/include/net/9p/9p.h |
31 | +++ b/include/net/9p/9p.h |
32 | @@ -412,6 +412,18 @@ int p9_idpool_check(int id, struct p9_idpool *p); |
33 | |
34 | int p9_error_init(void); |
35 | int p9_errstr2errno(char *, int); |
36 | + |
37 | +#ifdef CONFIG_SYSCTL |
38 | int __init p9_sysctl_register(void); |
39 | void __exit p9_sysctl_unregister(void); |
40 | +#else |
41 | +static inline int p9_sysctl_register(void) |
42 | +{ |
43 | + return 0; |
44 | +} |
45 | +static inline void p9_sysctl_unregister(void) |
46 | +{ |
47 | +} |
48 | +#endif |
49 | + |
50 | #endif /* NET_9P_H */ |
51 | diff --git a/include/net/sock.h b/include/net/sock.h |
52 | index dfeb8b1..bdd9ebe 100644 |
53 | --- a/include/net/sock.h |
54 | +++ b/include/net/sock.h |
55 | @@ -1199,14 +1199,16 @@ static inline struct sk_buff *sk_stream_alloc_pskb(struct sock *sk, |
56 | gfp_t gfp) |
57 | { |
58 | struct sk_buff *skb; |
59 | - int hdr_len; |
60 | |
61 | - hdr_len = SKB_DATA_ALIGN(sk->sk_prot->max_header); |
62 | - skb = alloc_skb_fclone(size + hdr_len, gfp); |
63 | + skb = alloc_skb_fclone(size + sk->sk_prot->max_header, gfp); |
64 | if (skb) { |
65 | skb->truesize += mem; |
66 | if (sk_stream_wmem_schedule(sk, skb->truesize)) { |
67 | - skb_reserve(skb, hdr_len); |
68 | + /* |
69 | + * Make sure that we have exactly size bytes |
70 | + * available to the caller, no more, no less. |
71 | + */ |
72 | + skb_reserve(skb, skb_tailroom(skb) - size); |
73 | return skb; |
74 | } |
75 | __kfree_skb(skb); |
76 | diff --git a/ipc/mqueue.c b/ipc/mqueue.c |
77 | index 145d5a0..1c0de2c 100644 |
78 | --- a/ipc/mqueue.c |
79 | +++ b/ipc/mqueue.c |
80 | @@ -1014,6 +1014,8 @@ asmlinkage long sys_mq_notify(mqd_t mqdes, |
81 | return -EINVAL; |
82 | } |
83 | if (notification.sigev_notify == SIGEV_THREAD) { |
84 | + long timeo; |
85 | + |
86 | /* create the notify skb */ |
87 | nc = alloc_skb(NOTIFY_COOKIE_LEN, GFP_KERNEL); |
88 | ret = -ENOMEM; |
89 | @@ -1042,8 +1044,8 @@ retry: |
90 | goto out; |
91 | } |
92 | |
93 | - ret = netlink_attachskb(sock, nc, 0, |
94 | - MAX_SCHEDULE_TIMEOUT, NULL); |
95 | + timeo = MAX_SCHEDULE_TIMEOUT; |
96 | + ret = netlink_attachskb(sock, nc, 0, &timeo, NULL); |
97 | if (ret == 1) |
98 | goto retry; |
99 | if (ret) { |
100 | diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c |
101 | index 2a54691..ef3f789 100644 |
102 | --- a/net/8021q/vlan.c |
103 | +++ b/net/8021q/vlan.c |
104 | @@ -629,6 +629,10 @@ static int vlan_device_event(struct notifier_block *unused, unsigned long event, |
105 | if (!vlandev) |
106 | continue; |
107 | |
108 | + flgs = vlandev->flags; |
109 | + if (!(flgs & IFF_UP)) |
110 | + continue; |
111 | + |
112 | vlan_sync_address(dev, vlandev); |
113 | } |
114 | break; |
115 | @@ -740,6 +744,7 @@ static int vlan_ioctl_handler(void __user *arg) |
116 | vlan_dev_set_ingress_priority(dev, |
117 | args.u.skb_priority, |
118 | args.vlan_qos); |
119 | + err = 0; |
120 | break; |
121 | |
122 | case SET_VLAN_EGRESS_PRIORITY_CMD: |
123 | diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c |
124 | index 5a48d8e..7f11dd9 100644 |
125 | --- a/net/ieee80211/ieee80211_crypt_tkip.c |
126 | +++ b/net/ieee80211/ieee80211_crypt_tkip.c |
127 | @@ -584,7 +584,7 @@ static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) |
128 | if (stype & IEEE80211_STYPE_QOS_DATA) { |
129 | const struct ieee80211_hdr_3addrqos *qoshdr = |
130 | (struct ieee80211_hdr_3addrqos *)skb->data; |
131 | - hdr[12] = qoshdr->qos_ctl & cpu_to_le16(IEEE80211_QCTL_TID); |
132 | + hdr[12] = le16_to_cpu(qoshdr->qos_ctl) & IEEE80211_QCTL_TID; |
133 | } else |
134 | hdr[12] = 0; /* priority */ |
135 | |
136 | diff --git a/net/ieee80211/softmac/ieee80211softmac_wx.c b/net/ieee80211/softmac/ieee80211softmac_wx.c |
137 | index 5742dc8..2b0b4c7 100644 |
138 | --- a/net/ieee80211/softmac/ieee80211softmac_wx.c |
139 | +++ b/net/ieee80211/softmac/ieee80211softmac_wx.c |
140 | @@ -469,7 +469,7 @@ ieee80211softmac_wx_set_mlme(struct net_device *dev, |
141 | { |
142 | struct ieee80211softmac_device *mac = ieee80211_priv(dev); |
143 | struct iw_mlme *mlme = (struct iw_mlme *)extra; |
144 | - u16 reason = cpu_to_le16(mlme->reason_code); |
145 | + u16 reason = mlme->reason_code; |
146 | struct ieee80211softmac_network *net; |
147 | int err = -EINVAL; |
148 | |
149 | diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c |
150 | index e787044..a8a9f13 100644 |
151 | --- a/net/ipv4/ipcomp.c |
152 | +++ b/net/ipv4/ipcomp.c |
153 | @@ -17,6 +17,7 @@ |
154 | #include <asm/scatterlist.h> |
155 | #include <asm/semaphore.h> |
156 | #include <linux/crypto.h> |
157 | +#include <linux/err.h> |
158 | #include <linux/pfkeyv2.h> |
159 | #include <linux/percpu.h> |
160 | #include <linux/smp.h> |
161 | @@ -355,7 +356,7 @@ static struct crypto_comp **ipcomp_alloc_tfms(const char *alg_name) |
162 | for_each_possible_cpu(cpu) { |
163 | struct crypto_comp *tfm = crypto_alloc_comp(alg_name, 0, |
164 | CRYPTO_ALG_ASYNC); |
165 | - if (!tfm) |
166 | + if (IS_ERR(tfm)) |
167 | goto error; |
168 | *per_cpu_ptr(tfms, cpu) = tfm; |
169 | } |
170 | diff --git a/net/ipv6/ipcomp6.c b/net/ipv6/ipcomp6.c |
171 | index 473f165..9dd1ebc 100644 |
172 | --- a/net/ipv6/ipcomp6.c |
173 | +++ b/net/ipv6/ipcomp6.c |
174 | @@ -37,6 +37,7 @@ |
175 | #include <asm/scatterlist.h> |
176 | #include <asm/semaphore.h> |
177 | #include <linux/crypto.h> |
178 | +#include <linux/err.h> |
179 | #include <linux/pfkeyv2.h> |
180 | #include <linux/random.h> |
181 | #include <linux/percpu.h> |
182 | @@ -366,7 +367,7 @@ static struct crypto_comp **ipcomp6_alloc_tfms(const char *alg_name) |
183 | for_each_possible_cpu(cpu) { |
184 | struct crypto_comp *tfm = crypto_alloc_comp(alg_name, 0, |
185 | CRYPTO_ALG_ASYNC); |
186 | - if (!tfm) |
187 | + if (IS_ERR(tfm)) |
188 | goto error; |
189 | *per_cpu_ptr(tfms, cpu) = tfm; |
190 | } |
191 | diff --git a/net/mac80211/ieee80211.c b/net/mac80211/ieee80211.c |
192 | index ff2172f..9e0da6e 100644 |
193 | --- a/net/mac80211/ieee80211.c |
194 | +++ b/net/mac80211/ieee80211.c |
195 | @@ -350,7 +350,7 @@ static int ieee80211_get_radiotap_len(struct sk_buff *skb) |
196 | struct ieee80211_radiotap_header *hdr = |
197 | (struct ieee80211_radiotap_header *) skb->data; |
198 | |
199 | - return le16_to_cpu(hdr->it_len); |
200 | + return le16_to_cpu(get_unaligned(&hdr->it_len)); |
201 | } |
202 | |
203 | #ifdef CONFIG_MAC80211_LOWTX_FRAME_DUMP |
204 | @@ -1680,46 +1680,54 @@ int ieee80211_monitor_start_xmit(struct sk_buff *skb, |
205 | struct ieee80211_tx_packet_data *pkt_data; |
206 | struct ieee80211_radiotap_header *prthdr = |
207 | (struct ieee80211_radiotap_header *)skb->data; |
208 | - u16 len; |
209 | + u16 len_rthdr; |
210 | |
211 | - /* |
212 | - * there must be a radiotap header at the |
213 | - * start in this case |
214 | - */ |
215 | - if (unlikely(prthdr->it_version)) { |
216 | - /* only version 0 is supported */ |
217 | - dev_kfree_skb(skb); |
218 | - return NETDEV_TX_OK; |
219 | - } |
220 | + /* check for not even having the fixed radiotap header part */ |
221 | + if (unlikely(skb->len < sizeof(struct ieee80211_radiotap_header))) |
222 | + goto fail; /* too short to be possibly valid */ |
223 | + |
224 | + /* is it a header version we can trust to find length from? */ |
225 | + if (unlikely(prthdr->it_version)) |
226 | + goto fail; /* only version 0 is supported */ |
227 | + |
228 | + /* then there must be a radiotap header with a length we can use */ |
229 | + len_rthdr = ieee80211_get_radiotap_len(skb); |
230 | + |
231 | + /* does the skb contain enough to deliver on the alleged length? */ |
232 | + if (unlikely(skb->len < len_rthdr)) |
233 | + goto fail; /* skb too short for claimed rt header extent */ |
234 | |
235 | skb->dev = local->mdev; |
236 | |
237 | pkt_data = (struct ieee80211_tx_packet_data *)skb->cb; |
238 | memset(pkt_data, 0, sizeof(*pkt_data)); |
239 | + /* needed because we set skb device to master */ |
240 | pkt_data->ifindex = dev->ifindex; |
241 | + |
242 | pkt_data->mgmt_iface = 0; |
243 | pkt_data->do_not_encrypt = 1; |
244 | |
245 | - /* above needed because we set skb device to master */ |
246 | - |
247 | /* |
248 | * fix up the pointers accounting for the radiotap |
249 | * header still being in there. We are being given |
250 | * a precooked IEEE80211 header so no need for |
251 | * normal processing |
252 | */ |
253 | - len = le16_to_cpu(get_unaligned(&prthdr->it_len)); |
254 | - skb_set_mac_header(skb, len); |
255 | - skb_set_network_header(skb, len + sizeof(struct ieee80211_hdr)); |
256 | - skb_set_transport_header(skb, len + sizeof(struct ieee80211_hdr)); |
257 | - |
258 | + skb_set_mac_header(skb, len_rthdr); |
259 | /* |
260 | - * pass the radiotap header up to |
261 | - * the next stage intact |
262 | + * these are just fixed to the end of the rt area since we |
263 | + * don't have any better information and at this point, nobody cares |
264 | */ |
265 | - dev_queue_xmit(skb); |
266 | + skb_set_network_header(skb, len_rthdr); |
267 | + skb_set_transport_header(skb, len_rthdr); |
268 | |
269 | + /* pass the radiotap header up to the next stage intact */ |
270 | + dev_queue_xmit(skb); |
271 | return NETDEV_TX_OK; |
272 | + |
273 | +fail: |
274 | + dev_kfree_skb(skb); |
275 | + return NETDEV_TX_OK; /* meaning, we dealt with the skb */ |
276 | } |
277 | |
278 | |
279 | @@ -2836,9 +2844,10 @@ ieee80211_rx_h_data(struct ieee80211_txrx_data *rx) |
280 | memcpy(dst, hdr->addr1, ETH_ALEN); |
281 | memcpy(src, hdr->addr3, ETH_ALEN); |
282 | |
283 | - if (sdata->type != IEEE80211_IF_TYPE_STA) { |
284 | + if (sdata->type != IEEE80211_IF_TYPE_STA || |
285 | + (is_multicast_ether_addr(dst) && |
286 | + !compare_ether_addr(src, dev->dev_addr))) |
287 | return TXRX_DROP; |
288 | - } |
289 | break; |
290 | case 0: |
291 | /* DA SA BSSID */ |
292 | diff --git a/net/mac80211/ieee80211_ioctl.c b/net/mac80211/ieee80211_ioctl.c |
293 | index e7904db..7b5b801 100644 |
294 | --- a/net/mac80211/ieee80211_ioctl.c |
295 | +++ b/net/mac80211/ieee80211_ioctl.c |
296 | @@ -687,10 +687,11 @@ static int ieee80211_ioctl_giwap(struct net_device *dev, |
297 | |
298 | static int ieee80211_ioctl_siwscan(struct net_device *dev, |
299 | struct iw_request_info *info, |
300 | - struct iw_point *data, char *extra) |
301 | + union iwreq_data *wrqu, char *extra) |
302 | { |
303 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
304 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
305 | + struct iw_scan_req *req = NULL; |
306 | u8 *ssid = NULL; |
307 | size_t ssid_len = 0; |
308 | |
309 | @@ -715,6 +716,14 @@ static int ieee80211_ioctl_siwscan(struct net_device *dev, |
310 | return -EOPNOTSUPP; |
311 | } |
312 | |
313 | + /* if SSID was specified explicitly then use that */ |
314 | + if (wrqu->data.length == sizeof(struct iw_scan_req) && |
315 | + wrqu->data.flags & IW_SCAN_THIS_ESSID) { |
316 | + req = (struct iw_scan_req *)extra; |
317 | + ssid = req->essid; |
318 | + ssid_len = req->essid_len; |
319 | + } |
320 | + |
321 | return ieee80211_sta_req_scan(dev, ssid, ssid_len); |
322 | } |
323 | |
324 | diff --git a/net/mac80211/ieee80211_sta.c b/net/mac80211/ieee80211_sta.c |
325 | index 0d99b68..73d39e1 100644 |
326 | --- a/net/mac80211/ieee80211_sta.c |
327 | +++ b/net/mac80211/ieee80211_sta.c |
328 | @@ -12,7 +12,6 @@ |
329 | */ |
330 | |
331 | /* TODO: |
332 | - * BSS table: use <BSSID,SSID> as the key to support multi-SSID APs |
333 | * order BSS list by RSSI(?) ("quality of AP") |
334 | * scan result table filtering (by capability (privacy, IBSS/BSS, WPA/RSN IE, |
335 | * SSID) |
336 | @@ -61,7 +60,8 @@ |
337 | static void ieee80211_send_probe_req(struct net_device *dev, u8 *dst, |
338 | u8 *ssid, size_t ssid_len); |
339 | static struct ieee80211_sta_bss * |
340 | -ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid); |
341 | +ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel, |
342 | + u8 *ssid, u8 ssid_len); |
343 | static void ieee80211_rx_bss_put(struct net_device *dev, |
344 | struct ieee80211_sta_bss *bss); |
345 | static int ieee80211_sta_find_ibss(struct net_device *dev, |
346 | @@ -108,15 +108,11 @@ struct ieee802_11_elems { |
347 | u8 wmm_param_len; |
348 | }; |
349 | |
350 | -typedef enum { ParseOK = 0, ParseUnknown = 1, ParseFailed = -1 } ParseRes; |
351 | - |
352 | - |
353 | -static ParseRes ieee802_11_parse_elems(u8 *start, size_t len, |
354 | - struct ieee802_11_elems *elems) |
355 | +static void ieee802_11_parse_elems(u8 *start, size_t len, |
356 | + struct ieee802_11_elems *elems) |
357 | { |
358 | size_t left = len; |
359 | u8 *pos = start; |
360 | - int unknown = 0; |
361 | |
362 | memset(elems, 0, sizeof(*elems)); |
363 | |
364 | @@ -127,15 +123,8 @@ static ParseRes ieee802_11_parse_elems(u8 *start, size_t len, |
365 | elen = *pos++; |
366 | left -= 2; |
367 | |
368 | - if (elen > left) { |
369 | -#if 0 |
370 | - if (net_ratelimit()) |
371 | - printk(KERN_DEBUG "IEEE 802.11 element parse " |
372 | - "failed (id=%d elen=%d left=%d)\n", |
373 | - id, elen, left); |
374 | -#endif |
375 | - return ParseFailed; |
376 | - } |
377 | + if (elen > left) |
378 | + return; |
379 | |
380 | switch (id) { |
381 | case WLAN_EID_SSID: |
382 | @@ -202,28 +191,15 @@ static ParseRes ieee802_11_parse_elems(u8 *start, size_t len, |
383 | elems->ext_supp_rates_len = elen; |
384 | break; |
385 | default: |
386 | -#if 0 |
387 | - printk(KERN_DEBUG "IEEE 802.11 element parse ignored " |
388 | - "unknown element (id=%d elen=%d)\n", |
389 | - id, elen); |
390 | -#endif |
391 | - unknown++; |
392 | break; |
393 | } |
394 | |
395 | left -= elen; |
396 | pos += elen; |
397 | } |
398 | - |
399 | - /* Do not trigger error if left == 1 as Apple Airport base stations |
400 | - * send AssocResps that are one spurious byte too long. */ |
401 | - |
402 | - return unknown ? ParseUnknown : ParseOK; |
403 | } |
404 | |
405 | |
406 | - |
407 | - |
408 | static int ecw2cw(int ecw) |
409 | { |
410 | int cw = 1; |
411 | @@ -387,6 +363,7 @@ static void ieee80211_set_associated(struct net_device *dev, |
412 | struct ieee80211_if_sta *ifsta, int assoc) |
413 | { |
414 | union iwreq_data wrqu; |
415 | + struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
416 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
417 | |
418 | if (ifsta->associated == assoc) |
419 | @@ -401,7 +378,9 @@ static void ieee80211_set_associated(struct net_device *dev, |
420 | if (sdata->type != IEEE80211_IF_TYPE_STA) |
421 | return; |
422 | |
423 | - bss = ieee80211_rx_bss_get(dev, ifsta->bssid); |
424 | + bss = ieee80211_rx_bss_get(dev, ifsta->bssid, |
425 | + local->hw.conf.channel, |
426 | + ifsta->ssid, ifsta->ssid_len); |
427 | if (bss) { |
428 | if (bss->has_erp_value) |
429 | ieee80211_handle_erp_ie(dev, bss->erp_value); |
430 | @@ -543,7 +522,8 @@ static void ieee80211_send_assoc(struct net_device *dev, |
431 | capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME | |
432 | WLAN_CAPABILITY_SHORT_PREAMBLE; |
433 | } |
434 | - bss = ieee80211_rx_bss_get(dev, ifsta->bssid); |
435 | + bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel, |
436 | + ifsta->ssid, ifsta->ssid_len); |
437 | if (bss) { |
438 | if (bss->capability & WLAN_CAPABILITY_PRIVACY) |
439 | capab |= WLAN_CAPABILITY_PRIVACY; |
440 | @@ -695,6 +675,7 @@ static void ieee80211_send_disassoc(struct net_device *dev, |
441 | static int ieee80211_privacy_mismatch(struct net_device *dev, |
442 | struct ieee80211_if_sta *ifsta) |
443 | { |
444 | + struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
445 | struct ieee80211_sta_bss *bss; |
446 | int res = 0; |
447 | |
448 | @@ -702,7 +683,8 @@ static int ieee80211_privacy_mismatch(struct net_device *dev, |
449 | ifsta->key_mgmt != IEEE80211_KEY_MGMT_NONE) |
450 | return 0; |
451 | |
452 | - bss = ieee80211_rx_bss_get(dev, ifsta->bssid); |
453 | + bss = ieee80211_rx_bss_get(dev, ifsta->bssid, local->hw.conf.channel, |
454 | + ifsta->ssid, ifsta->ssid_len); |
455 | if (!bss) |
456 | return 0; |
457 | |
458 | @@ -901,12 +883,7 @@ static void ieee80211_auth_challenge(struct net_device *dev, |
459 | |
460 | printk(KERN_DEBUG "%s: replying to auth challenge\n", dev->name); |
461 | pos = mgmt->u.auth.variable; |
462 | - if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems) |
463 | - == ParseFailed) { |
464 | - printk(KERN_DEBUG "%s: failed to parse Auth(challenge)\n", |
465 | - dev->name); |
466 | - return; |
467 | - } |
468 | + ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); |
469 | if (!elems.challenge) { |
470 | printk(KERN_DEBUG "%s: no challenge IE in shared key auth " |
471 | "frame\n", dev->name); |
472 | @@ -1174,15 +1151,11 @@ static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev, |
473 | capab_info = le16_to_cpu(mgmt->u.assoc_resp.capab_info); |
474 | status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); |
475 | aid = le16_to_cpu(mgmt->u.assoc_resp.aid); |
476 | - if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) |
477 | - printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not " |
478 | - "set\n", dev->name, aid); |
479 | - aid &= ~(BIT(15) | BIT(14)); |
480 | |
481 | printk(KERN_DEBUG "%s: RX %sssocResp from " MAC_FMT " (capab=0x%x " |
482 | "status=%d aid=%d)\n", |
483 | dev->name, reassoc ? "Rea" : "A", MAC_ARG(mgmt->sa), |
484 | - capab_info, status_code, aid); |
485 | + capab_info, status_code, aid & ~(BIT(15) | BIT(14))); |
486 | |
487 | if (status_code != WLAN_STATUS_SUCCESS) { |
488 | printk(KERN_DEBUG "%s: AP denied association (code=%d)\n", |
489 | @@ -1192,13 +1165,13 @@ static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev, |
490 | return; |
491 | } |
492 | |
493 | + if ((aid & (BIT(15) | BIT(14))) != (BIT(15) | BIT(14))) |
494 | + printk(KERN_DEBUG "%s: invalid aid value %d; bits 15:14 not " |
495 | + "set\n", dev->name, aid); |
496 | + aid &= ~(BIT(15) | BIT(14)); |
497 | + |
498 | pos = mgmt->u.assoc_resp.variable; |
499 | - if (ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems) |
500 | - == ParseFailed) { |
501 | - printk(KERN_DEBUG "%s: failed to parse AssocResp\n", |
502 | - dev->name); |
503 | - return; |
504 | - } |
505 | + ieee802_11_parse_elems(pos, len - (pos - (u8 *) mgmt), &elems); |
506 | |
507 | if (!elems.supp_rates) { |
508 | printk(KERN_DEBUG "%s: no SuppRates element in AssocResp\n", |
509 | @@ -1210,7 +1183,9 @@ static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev, |
510 | * update our stored copy */ |
511 | if (elems.erp_info && elems.erp_info_len >= 1) { |
512 | struct ieee80211_sta_bss *bss |
513 | - = ieee80211_rx_bss_get(dev, ifsta->bssid); |
514 | + = ieee80211_rx_bss_get(dev, ifsta->bssid, |
515 | + local->hw.conf.channel, |
516 | + ifsta->ssid, ifsta->ssid_len); |
517 | if (bss) { |
518 | bss->erp_value = elems.erp_info[0]; |
519 | bss->has_erp_value = 1; |
520 | @@ -1240,7 +1215,9 @@ static void ieee80211_rx_mgmt_assoc_resp(struct net_device *dev, |
521 | " AP\n", dev->name); |
522 | return; |
523 | } |
524 | - bss = ieee80211_rx_bss_get(dev, ifsta->bssid); |
525 | + bss = ieee80211_rx_bss_get(dev, ifsta->bssid, |
526 | + local->hw.conf.channel, |
527 | + ifsta->ssid, ifsta->ssid_len); |
528 | if (bss) { |
529 | sta->last_rssi = bss->rssi; |
530 | sta->last_signal = bss->signal; |
531 | @@ -1321,7 +1298,8 @@ static void __ieee80211_rx_bss_hash_del(struct net_device *dev, |
532 | |
533 | |
534 | static struct ieee80211_sta_bss * |
535 | -ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid) |
536 | +ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid, int channel, |
537 | + u8 *ssid, u8 ssid_len) |
538 | { |
539 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
540 | struct ieee80211_sta_bss *bss; |
541 | @@ -1332,6 +1310,11 @@ ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid) |
542 | atomic_inc(&bss->users); |
543 | atomic_inc(&bss->users); |
544 | memcpy(bss->bssid, bssid, ETH_ALEN); |
545 | + bss->channel = channel; |
546 | + if (ssid && ssid_len <= IEEE80211_MAX_SSID_LEN) { |
547 | + memcpy(bss->ssid, ssid, ssid_len); |
548 | + bss->ssid_len = ssid_len; |
549 | + } |
550 | |
551 | spin_lock_bh(&local->sta_bss_lock); |
552 | /* TODO: order by RSSI? */ |
553 | @@ -1343,7 +1326,8 @@ ieee80211_rx_bss_add(struct net_device *dev, u8 *bssid) |
554 | |
555 | |
556 | static struct ieee80211_sta_bss * |
557 | -ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid) |
558 | +ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid, int channel, |
559 | + u8 *ssid, u8 ssid_len) |
560 | { |
561 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
562 | struct ieee80211_sta_bss *bss; |
563 | @@ -1351,7 +1335,10 @@ ieee80211_rx_bss_get(struct net_device *dev, u8 *bssid) |
564 | spin_lock_bh(&local->sta_bss_lock); |
565 | bss = local->sta_bss_hash[STA_HASH(bssid)]; |
566 | while (bss) { |
567 | - if (memcmp(bss->bssid, bssid, ETH_ALEN) == 0) { |
568 | + if (!memcmp(bss->bssid, bssid, ETH_ALEN) && |
569 | + bss->channel == channel && |
570 | + bss->ssid_len == ssid_len && |
571 | + (ssid_len == 0 || !memcmp(bss->ssid, ssid, ssid_len))) { |
572 | atomic_inc(&bss->users); |
573 | break; |
574 | } |
575 | @@ -1413,7 +1400,7 @@ static void ieee80211_rx_bss_info(struct net_device *dev, |
576 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
577 | struct ieee802_11_elems elems; |
578 | size_t baselen; |
579 | - int channel, invalid = 0, clen; |
580 | + int channel, clen; |
581 | struct ieee80211_sta_bss *bss; |
582 | struct sta_info *sta; |
583 | struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
584 | @@ -1457,9 +1444,7 @@ static void ieee80211_rx_bss_info(struct net_device *dev, |
585 | #endif /* CONFIG_MAC80211_IBSS_DEBUG */ |
586 | } |
587 | |
588 | - if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, |
589 | - &elems) == ParseFailed) |
590 | - invalid = 1; |
591 | + ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); |
592 | |
593 | if (sdata->type == IEEE80211_IF_TYPE_IBSS && elems.supp_rates && |
594 | memcmp(mgmt->bssid, sdata->u.sta.bssid, ETH_ALEN) == 0 && |
595 | @@ -1519,9 +1504,11 @@ static void ieee80211_rx_bss_info(struct net_device *dev, |
596 | else |
597 | channel = rx_status->channel; |
598 | |
599 | - bss = ieee80211_rx_bss_get(dev, mgmt->bssid); |
600 | + bss = ieee80211_rx_bss_get(dev, mgmt->bssid, channel, |
601 | + elems.ssid, elems.ssid_len); |
602 | if (!bss) { |
603 | - bss = ieee80211_rx_bss_add(dev, mgmt->bssid); |
604 | + bss = ieee80211_rx_bss_add(dev, mgmt->bssid, channel, |
605 | + elems.ssid, elems.ssid_len); |
606 | if (!bss) |
607 | return; |
608 | } else { |
609 | @@ -1547,10 +1534,6 @@ static void ieee80211_rx_bss_info(struct net_device *dev, |
610 | |
611 | bss->beacon_int = le16_to_cpu(mgmt->u.beacon.beacon_int); |
612 | bss->capability = le16_to_cpu(mgmt->u.beacon.capab_info); |
613 | - if (elems.ssid && elems.ssid_len <= IEEE80211_MAX_SSID_LEN) { |
614 | - memcpy(bss->ssid, elems.ssid, elems.ssid_len); |
615 | - bss->ssid_len = elems.ssid_len; |
616 | - } |
617 | |
618 | bss->supp_rates_len = 0; |
619 | if (elems.supp_rates) { |
620 | @@ -1621,7 +1604,6 @@ static void ieee80211_rx_bss_info(struct net_device *dev, |
621 | |
622 | |
623 | bss->hw_mode = rx_status->phymode; |
624 | - bss->channel = channel; |
625 | bss->freq = rx_status->freq; |
626 | if (channel != rx_status->channel && |
627 | (bss->hw_mode == MODE_IEEE80211G || |
628 | @@ -1681,9 +1663,7 @@ static void ieee80211_rx_mgmt_beacon(struct net_device *dev, |
629 | if (baselen > len) |
630 | return; |
631 | |
632 | - if (ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, |
633 | - &elems) == ParseFailed) |
634 | - return; |
635 | + ieee802_11_parse_elems(mgmt->u.beacon.variable, len - baselen, &elems); |
636 | |
637 | if (elems.erp_info && elems.erp_info_len >= 1) |
638 | ieee80211_handle_erp_ie(dev, elems.erp_info[0]); |
639 | @@ -2332,7 +2312,7 @@ static int ieee80211_sta_create_ibss(struct net_device *dev, |
640 | { |
641 | struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); |
642 | struct ieee80211_sta_bss *bss; |
643 | - struct ieee80211_sub_if_data *sdata; |
644 | + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
645 | struct ieee80211_hw_mode *mode; |
646 | u8 bssid[ETH_ALEN], *pos; |
647 | int i; |
648 | @@ -2354,18 +2334,17 @@ static int ieee80211_sta_create_ibss(struct net_device *dev, |
649 | printk(KERN_DEBUG "%s: Creating new IBSS network, BSSID " MAC_FMT "\n", |
650 | dev->name, MAC_ARG(bssid)); |
651 | |
652 | - bss = ieee80211_rx_bss_add(dev, bssid); |
653 | + bss = ieee80211_rx_bss_add(dev, bssid, local->hw.conf.channel, |
654 | + sdata->u.sta.ssid, sdata->u.sta.ssid_len); |
655 | if (!bss) |
656 | return -ENOMEM; |
657 | |
658 | - sdata = IEEE80211_DEV_TO_SUB_IF(dev); |
659 | mode = local->oper_hw_mode; |
660 | |
661 | if (local->hw.conf.beacon_int == 0) |
662 | local->hw.conf.beacon_int = 100; |
663 | bss->beacon_int = local->hw.conf.beacon_int; |
664 | bss->hw_mode = local->hw.conf.phymode; |
665 | - bss->channel = local->hw.conf.channel; |
666 | bss->freq = local->hw.conf.freq; |
667 | bss->last_update = jiffies; |
668 | bss->capability = WLAN_CAPABILITY_IBSS; |
669 | @@ -2425,7 +2404,8 @@ static int ieee80211_sta_find_ibss(struct net_device *dev, |
670 | MAC_FMT "\n", MAC_ARG(bssid), MAC_ARG(ifsta->bssid)); |
671 | #endif /* CONFIG_MAC80211_IBSS_DEBUG */ |
672 | if (found && memcmp(ifsta->bssid, bssid, ETH_ALEN) != 0 && |
673 | - (bss = ieee80211_rx_bss_get(dev, bssid))) { |
674 | + (bss = ieee80211_rx_bss_get(dev, bssid, local->hw.conf.channel, |
675 | + ifsta->ssid, ifsta->ssid_len))) { |
676 | printk(KERN_DEBUG "%s: Selected IBSS BSSID " MAC_FMT |
677 | " based on configured SSID\n", |
678 | dev->name, MAC_ARG(bssid)); |
679 | diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c |
680 | index eb3fe74..70c5b7d 100644 |
681 | --- a/net/netfilter/nf_conntrack_proto_tcp.c |
682 | +++ b/net/netfilter/nf_conntrack_proto_tcp.c |
683 | @@ -831,6 +831,22 @@ static int tcp_packet(struct nf_conn *conntrack, |
684 | tuple = &conntrack->tuplehash[dir].tuple; |
685 | |
686 | switch (new_state) { |
687 | + case TCP_CONNTRACK_SYN_SENT: |
688 | + if (old_state < TCP_CONNTRACK_TIME_WAIT) |
689 | + break; |
690 | + if ((conntrack->proto.tcp.seen[!dir].flags & |
691 | + IP_CT_TCP_FLAG_CLOSE_INIT) |
692 | + || (conntrack->proto.tcp.last_dir == dir |
693 | + && conntrack->proto.tcp.last_index == TCP_RST_SET)) { |
694 | + /* Attempt to reopen a closed/aborted connection. |
695 | + * Delete this connection and look up again. */ |
696 | + write_unlock_bh(&tcp_lock); |
697 | + if (del_timer(&conntrack->timeout)) |
698 | + conntrack->timeout.function((unsigned long) |
699 | + conntrack); |
700 | + return -NF_REPEAT; |
701 | + } |
702 | + /* Fall through */ |
703 | case TCP_CONNTRACK_IGNORE: |
704 | /* Ignored packets: |
705 | * |
706 | @@ -879,27 +895,6 @@ static int tcp_packet(struct nf_conn *conntrack, |
707 | nf_log_packet(pf, 0, skb, NULL, NULL, NULL, |
708 | "nf_ct_tcp: invalid state "); |
709 | return -NF_ACCEPT; |
710 | - case TCP_CONNTRACK_SYN_SENT: |
711 | - if (old_state < TCP_CONNTRACK_TIME_WAIT) |
712 | - break; |
713 | - if ((conntrack->proto.tcp.seen[dir].flags & |
714 | - IP_CT_TCP_FLAG_CLOSE_INIT) |
715 | - || after(ntohl(th->seq), |
716 | - conntrack->proto.tcp.seen[dir].td_end)) { |
717 | - /* Attempt to reopen a closed connection. |
718 | - * Delete this connection and look up again. */ |
719 | - write_unlock_bh(&tcp_lock); |
720 | - if (del_timer(&conntrack->timeout)) |
721 | - conntrack->timeout.function((unsigned long) |
722 | - conntrack); |
723 | - return -NF_REPEAT; |
724 | - } else { |
725 | - write_unlock_bh(&tcp_lock); |
726 | - if (LOG_INVALID(IPPROTO_TCP)) |
727 | - nf_log_packet(pf, 0, skb, NULL, NULL, |
728 | - NULL, "nf_ct_tcp: invalid SYN"); |
729 | - return -NF_ACCEPT; |
730 | - } |
731 | case TCP_CONNTRACK_CLOSE: |
732 | if (index == TCP_RST_SET |
733 | && ((test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) |
734 | @@ -932,6 +927,7 @@ static int tcp_packet(struct nf_conn *conntrack, |
735 | in_window: |
736 | /* From now on we have got in-window packets */ |
737 | conntrack->proto.tcp.last_index = index; |
738 | + conntrack->proto.tcp.last_dir = dir; |
739 | |
740 | pr_debug("tcp_conntracks: "); |
741 | NF_CT_DUMP_TUPLE(tuple); |
742 | diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
743 | index 5681ce3..1a0fcc5 100644 |
744 | --- a/net/netlink/af_netlink.c |
745 | +++ b/net/netlink/af_netlink.c |
746 | @@ -744,7 +744,7 @@ struct sock *netlink_getsockbyfilp(struct file *filp) |
747 | * 1: repeat lookup - reference dropped while waiting for socket memory. |
748 | */ |
749 | int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock, |
750 | - long timeo, struct sock *ssk) |
751 | + long *timeo, struct sock *ssk) |
752 | { |
753 | struct netlink_sock *nlk; |
754 | |
755 | @@ -753,7 +753,7 @@ int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock, |
756 | if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf || |
757 | test_bit(0, &nlk->state)) { |
758 | DECLARE_WAITQUEUE(wait, current); |
759 | - if (!timeo) { |
760 | + if (!*timeo) { |
761 | if (!ssk || nlk_sk(ssk)->pid == 0) |
762 | netlink_overrun(sk); |
763 | sock_put(sk); |
764 | @@ -767,7 +767,7 @@ int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock, |
765 | if ((atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf || |
766 | test_bit(0, &nlk->state)) && |
767 | !sock_flag(sk, SOCK_DEAD)) |
768 | - timeo = schedule_timeout(timeo); |
769 | + *timeo = schedule_timeout(*timeo); |
770 | |
771 | __set_current_state(TASK_RUNNING); |
772 | remove_wait_queue(&nlk->wait, &wait); |
773 | @@ -775,7 +775,7 @@ int netlink_attachskb(struct sock *sk, struct sk_buff *skb, int nonblock, |
774 | |
775 | if (signal_pending(current)) { |
776 | kfree_skb(skb); |
777 | - return sock_intr_errno(timeo); |
778 | + return sock_intr_errno(*timeo); |
779 | } |
780 | return 1; |
781 | } |
782 | @@ -839,7 +839,7 @@ retry: |
783 | kfree_skb(skb); |
784 | return PTR_ERR(sk); |
785 | } |
786 | - err = netlink_attachskb(sk, skb, nonblock, timeo, ssk); |
787 | + err = netlink_attachskb(sk, skb, nonblock, &timeo, ssk); |
788 | if (err == 1) |
789 | goto retry; |
790 | if (err) |
791 | diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c |
792 | index d4d5d2f..fceb75b 100644 |
793 | --- a/net/sched/cls_u32.c |
794 | +++ b/net/sched/cls_u32.c |
795 | @@ -91,7 +91,7 @@ static struct tc_u_common *u32_list; |
796 | |
797 | static __inline__ unsigned u32_hash_fold(u32 key, struct tc_u32_sel *sel, u8 fshift) |
798 | { |
799 | - unsigned h = (key & sel->hmask)>>fshift; |
800 | + unsigned h = ntohl(key & sel->hmask)>>fshift; |
801 | |
802 | return h; |
803 | } |
804 | @@ -615,7 +615,7 @@ static int u32_change(struct tcf_proto *tp, unsigned long base, u32 handle, |
805 | n->handle = handle; |
806 | { |
807 | u8 i = 0; |
808 | - u32 mask = s->hmask; |
809 | + u32 mask = ntohl(s->hmask); |
810 | if (mask) { |
811 | while (!(mask & 1)) { |
812 | i++; |
813 | diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c |
814 | index dee0d5f..8f1bcf6 100644 |
815 | --- a/net/sched/sch_api.c |
816 | +++ b/net/sched/sch_api.c |
817 | @@ -1225,10 +1225,13 @@ EXPORT_SYMBOL(tcf_destroy_chain); |
818 | #ifdef CONFIG_PROC_FS |
819 | static int psched_show(struct seq_file *seq, void *v) |
820 | { |
821 | + struct timespec ts; |
822 | + |
823 | + hrtimer_get_res(CLOCK_MONOTONIC, &ts); |
824 | seq_printf(seq, "%08x %08x %08x %08x\n", |
825 | (u32)NSEC_PER_USEC, (u32)PSCHED_US2NS(1), |
826 | 1000000, |
827 | - (u32)NSEC_PER_SEC/(u32)ktime_to_ns(KTIME_MONOTONIC_RES)); |
828 | + (u32)NSEC_PER_SEC/(u32)ktime_to_ns(timespec_to_ktime(ts))); |
829 | |
830 | return 0; |
831 | } |
832 | diff --git a/net/sched/sch_teql.c b/net/sched/sch_teql.c |
833 | index 0968184..cb5754b 100644 |
834 | --- a/net/sched/sch_teql.c |
835 | +++ b/net/sched/sch_teql.c |
836 | @@ -249,6 +249,9 @@ __teql_resolve(struct sk_buff *skb, struct sk_buff *skb_res, struct net_device * |
837 | static __inline__ int |
838 | teql_resolve(struct sk_buff *skb, struct sk_buff *skb_res, struct net_device *dev) |
839 | { |
840 | + if (dev->qdisc == &noop_qdisc) |
841 | + return -ENODEV; |
842 | + |
843 | if (dev->hard_header == NULL || |
844 | skb->dst == NULL || |
845 | skb->dst->neighbour == NULL) |
846 | diff --git a/net/socket.c b/net/socket.c |
847 | index b09eb90..8e5be74 100644 |
848 | --- a/net/socket.c |
849 | +++ b/net/socket.c |
850 | @@ -1245,11 +1245,14 @@ asmlinkage long sys_socketpair(int family, int type, int protocol, |
851 | goto out_release_both; |
852 | |
853 | fd1 = sock_alloc_fd(&newfile1); |
854 | - if (unlikely(fd1 < 0)) |
855 | + if (unlikely(fd1 < 0)) { |
856 | + err = fd1; |
857 | goto out_release_both; |
858 | + } |
859 | |
860 | fd2 = sock_alloc_fd(&newfile2); |
861 | if (unlikely(fd2 < 0)) { |
862 | + err = fd2; |
863 | put_filp(newfile1); |
864 | put_unused_fd(fd1); |
865 | goto out_release_both; |
866 | @@ -2230,6 +2233,7 @@ int kernel_accept(struct socket *sock, struct socket **newsock, int flags) |
867 | err = sock->ops->accept(sock, *newsock, flags); |
868 | if (err < 0) { |
869 | sock_release(*newsock); |
870 | + *newsock = NULL; |
871 | goto done; |
872 | } |
873 |