linux-stable.git/net/ipv6, branch linux-2.6.13.y Linux kernel stable tree [PATCH] fix IPv6 per-socket multicast filtering in exact-match case 2005-10-03T23:27:17+00:00 David Stevens dlstevens@us.ibm.com 2005-09-15T19:46:06+00:00 6ce0c8dfdfdacc4d370ccd51fa5d4cd28118a9cf per-socket multicast filters were not being applied to all sockets in the case of an exact-match bound address, due to an over-exuberant "return" in the look-up code. Fix below. IPv4 does not have this problem. Thanks to Hoerdt Mickael for reporting the bug. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: Chris Wright <chrisw@osdl.org> 
per-socket multicast filters were not being applied to all sockets
in the case of an exact-match bound address, due to an over-exuberant
"return" in the look-up code. Fix below. IPv4 does not have this problem.

Thanks to Hoerdt Mickael for reporting the bug.

Signed-off-by: David L Stevens <dlstevens@us.ibm.com>
Signed-off-by: Chris Wright <chrisw@osdl.org>
[PATCH] raw_sendmsg DoS (CAN-2005-2492) 2005-09-10T02:42:53+00:00 Al Viro aviro@redhat.com 2005-08-31T09:55:12+00:00 0721a681c617fdd498f2f0f40e69895354baf099 Fix unchecked __get_user that could be tricked into generating a memory read on an arbitrary address. The result of the read is not returned directly but you may be able to divine some information about it, or use the read to cause a crash on some architectures by reading hardware state. CAN-2005-2492. Fix from Al Viro, ack from Dave Miller. Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
Fix unchecked __get_user that could be tricked into generating a
memory read on an arbitrary address.  The result of the read is not
returned directly but you may be able to divine some information about
it, or use the read to cause a crash on some architectures by reading
hardware state.  CAN-2005-2492.

Fix from Al Viro, ack from Dave Miller.

Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
[TCP]: Document non-trivial locking path in tcp_v{4,6}_get_port(). 2005-08-23T17:49:54+00:00 David S. Miller davem@davemloft.net 2005-08-23T17:49:54+00:00 d5d283751ef3c05b6766501a46800cbee84959d6 This trips up a lot of folks reading this code. Put an unlikely() around the port-exhaustion test for good measure. Signed-off-by: David S. Miller <davem@davemloft.net> 
This trips up a lot of folks reading this code.
Put an unlikely() around the port-exhaustion test
for good measure.

Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER]: Fix HW checksum handling in ip_queue/ip6_queue 2005-08-23T17:10:35+00:00 Patrick McHardy kaber@trash.net 2005-08-23T17:10:35+00:00 66a79a19a7c582efd99bb143c3a59fbda006eb39 The checksum needs to be filled in on output, after mangling a packet ip_summed needs to be reset. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 
The checksum needs to be filled in on output, after mangling a packet
ip_summed needs to be reset.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPCOMP]: Fix false smp_processor_id warning 2005-08-18T21:36:59+00:00 Herbert Xu herbert@gondor.apana.org.au 2005-08-18T21:36:59+00:00 6fc8b9e7c60d4a3d4d7f1189f74e37651f5610e6 This patch fixes a false-positive from debug_smp_processor_id(). The processor ID is only used to look up crypto_tfm objects. Any processor ID is acceptable here as long as it is one that is iterated on by for_each_cpu(). Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> 
This patch fixes a false-positive from debug_smp_processor_id().

The processor ID is only used to look up crypto_tfm objects.
Any processor ID is acceptable here as long as it is one that is
iterated on by for_each_cpu().

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV6]: Fix SKB leak in ip6_input_finish() 2005-08-17T04:03:41+00:00 Patrick McHardy kaber@trash.net 2005-08-17T04:03:41+00:00 fad87acaea7b0965fe91f0351fdd688fc9761cbe Changing it to how ip_input handles should fix it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 
Changing it to how ip_input handles should fix it.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV6]: Fix raw socket hardware checksum failures 2005-08-17T03:39:38+00:00 Patrick McHardy kaber@trash.net 2005-08-17T03:39:38+00:00 793245eeb97bd28e363f2b0f2e766fdbff0c9619 When packets hit raw sockets the csum update isn't done yet, do it manually. Packets can also reach rawv6_rcv on the output path through ip6_call_ra_chain, in this case skb->ip_summed is CHECKSUM_NONE and this codepath isn't executed. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 
When packets hit raw sockets the csum update isn't done yet, do it manually.
Packets can also reach rawv6_rcv on the output path through
ip6_call_ra_chain, in this case skb->ip_summed is CHECKSUM_NONE and this
codepath isn't executed.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPSEC]: Restrict socket policy loading to CAP_NET_ADMIN. 2005-08-06T13:33:15+00:00 Herbert Xu herbert@gondor.apana.org.au 2005-08-06T13:33:15+00:00 6fc0b4a7a73a81e74d0004732df358f4f9975be2 The interface needs much redesigning if we wish to allow normal users to do this in some way. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> 
The interface needs much redesigning if we wish to allow
normal users to do this in some way.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NET]: fix oops after tunnel module unload 2005-07-31T00:46:44+00:00 Alexey Kuznetsov kuznet@ms2.inr.ac.ru 2005-07-31T00:46:44+00:00 db44575f6fd55df6ff67ddd21f7ad5be5a741136 Tunnel modules used to obtain module refcount each time when some tunnel was created, which meaned that tunnel could be unloaded only after all the tunnels are deleted. Since killing old MOD_*_USE_COUNT macros this protection has gone. It is possible to return it back as module_get/put, but it looks more natural and practically useful to force destruction of all the child tunnels on module unload. Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by: David S. Miller <davem@davemloft.net> 
Tunnel modules used to obtain module refcount each time when
some tunnel was created, which meaned that tunnel could be unloaded
only after all the tunnels are deleted.

Since killing old MOD_*_USE_COUNT macros this protection has gone.
It is possible to return it back as module_get/put, but it looks
more natural and practically useful to force destruction of all
the child tunnels on module unload.

Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Signed-off-by: David S. Miller <davem@davemloft.net>
[PATCH] turn many #if $undefined_string into #ifdef $undefined_string 2005-07-27T23:26:08+00:00 Olaf Hering olh@suse.de 2005-07-27T18:45:17+00:00 44456d37b59d8e541936ed26d8b6e08d27e88ac1 turn many #if $undefined_string into #ifdef $undefined_string to fix some warnings after -Wno-def was added to global CFLAGS Signed-off-by: Olaf Hering <olh@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> 
turn many #if $undefined_string into #ifdef $undefined_string to fix some
warnings after -Wno-def was added to global CFLAGS

Signed-off-by: Olaf Hering <olh@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>