Jesper Juhl [Sun, 13 Feb 2011 11:15:35 +0000 (11:15 +0000)]
Net, USB, Option, hso: Do not dereference NULL pointer
In drivers/net/usb/hso.c::hso_create_bulk_serial_device() we have this
code:
...
serial = kzalloc(sizeof(*serial), GFP_KERNEL);
if (!serial)
goto exit;
...
exit:
hso_free_tiomget(serial);
...
hso_free_tiomget() directly dereferences its argument, which in the
example above is a NULL pointer, ouch.
I could just add a 'if (serial)' test at the 'exit' label, but since most
freeing functions in the kernel accept NULL pointers (and it seems like
this was also assumed here) I opted to instead change 'hso_free_tiomget()'
so that it is safe to call it with a NULL argument. I also modified the
function to get rid of a pointles conditional before the call to
'usb_free_urb()' since that function already tests for NULL itself -
besides fixing the NULL deref this change also buys us a few bytes in
size.
Before:
$ size drivers/net/usb/hso.o
text data bss dec hex filename
32200 592 9960 42752 a700 drivers/net/usb/hso.o
After:
$ size drivers/net/usb/hso.o
text data bss dec hex filename
32196 592 9960 42748 a6fc drivers/net/usb/hso.o
Jesper Juhl [Thu, 10 Feb 2011 10:58:45 +0000 (10:58 +0000)]
USB Network driver infrastructure: Fix leak when usb_autopm_get_interface() returns less than zero in kevent().
We'll leak the memory allocated to 'urb' in
drivers/net/usb/usbnet.c:kevent() when we 'goto fail_lowmem' and the 'urb'
variable goes out of scope while still completely unused.
John Fastabend [Mon, 31 Jan 2011 12:00:59 +0000 (12:00 +0000)]
net: dcb: application priority is per net_device
The app_data priority may not be the same for all net devices.
In order for stacks with application notifiers to identify the
specific net device dcb_app_type should be passed in the ptr.
This allows handlers to use dev_get_by_name() to pin priority
to net devices.
Herbert Xu [Sat, 12 Feb 2011 09:05:42 +0000 (01:05 -0800)]
bridge: Replace mp->mglist hlist with a bool
As it turns out we never need to walk through the list of multicast
groups subscribed by the bridge interface itself (the only time we'd
want to do that is when we shut down the bridge, in which case we
simply walk through all multicast groups), we don't really need to
keep an hlist for mp->mglist.
This means that we can replace it with just a single bit to indicate
whether the bridge interface is subscribed to a group.
Herbert Xu [Fri, 11 Feb 2011 12:36:55 +0000 (12:36 +0000)]
bridge: Fix mglist corruption that leads to memory corruption
The list mp->mglist is used to indicate whether a multicast group
is active on the bridge interface itself as opposed to one of the
constituent interfaces in the bridge.
Unfortunately the operation that adds the mp->mglist node to the
list neglected to check whether it has already been added. This
leads to list corruption in the form of nodes pointing to itself.
Normally this would be quite obvious as it would cause an infinite
loop when walking the list. However, as this list is never actually
walked (which means that we don't really need it, I'll get rid of
it in a subsequent patch), this instead is hidden until we perform
a delete operation on the affected nodes.
As the same node may now be pointed to by more than one node, the
delete operations can then cause modification of freed memory.
This was observed in practice to cause corruption in 512-byte slabs,
most commonly leading to crashes in jbd2.
Thanks to Josef Bacik for pointing me in the right direction.
Steffen Klassert [Fri, 11 Feb 2011 19:21:57 +0000 (11:21 -0800)]
ip_gre: Add IPPROTO_GRE to flowi in ipgre_tunnel_xmit
Commit 5811662b15db018c740c57d037523683fd3e6123 ("net: use the macros
defined for the members of flowi") accidentally removed the setting of
IPPROTO_GRE from the struct flowi in ipgre_tunnel_xmit. This patch
restores it.
Bruce Rogers [Thu, 10 Feb 2011 19:03:31 +0000 (11:03 -0800)]
virtio_net: Add schedule check to napi_enable call
Under harsh testing conditions, including low memory, the guest would
stop receiving packets. With this patch applied we no longer see any
problems in the driver while performing these tests for extended periods
of time.
Make sure napi is scheduled subsequent to each napi_enable.
Tomoya MORINAGA [Thu, 10 Feb 2011 00:46:21 +0000 (16:46 -0800)]
pch_can: fix tseg1/tseg2 setting issue
Previous patch "[PATCH 1/3] pch_can: fix 800k comms issue" is wrong.
I should have modified tseg1_min not tseg2_min.
This patch reverts tseg2_min to 1 and set tseg1_min to 2.
Some cases try to modify const strings, and in any event the
CVS revision strings have not changed in over ten years making
these printouts completely worthless.
softing_cs.c uses kzalloc & kfree, so it needs to include linux/slab.h.
drivers/net/can/softing/softing_cs.c:234: error: implicit declaration of function 'kfree'
drivers/net/can/softing/softing_cs.c:271: error: implicit declaration of function 'kzalloc'
However, this is a problem for the iptables' CT target event filtering
which will not work in this case since the conntrack template will not
be there for the new session. To fix this, we reassign the conntrack
template to the packet if we return NF_REPEAT.
Tomoya [Mon, 7 Feb 2011 23:29:02 +0000 (23:29 +0000)]
pch_can: fix rmmod issue
Currently, when rmmod pch_can, kernel failure occurs.
The cause is pci_iounmap executed before pch_can_reset.
Thus pci_iounmap moves after pch_can_reset.
Tomoya [Mon, 7 Feb 2011 23:29:01 +0000 (23:29 +0000)]
pch_can: fix 800k comms issue
Currently, 800k comms fails since prop_seg set zero.
(EG20T PCH CAN register of prop_seg must be set more than 1)
To prevent prop_seg set to zero, change tseg2_min 1 to 2.
David S. Miller [Tue, 8 Feb 2011 23:02:50 +0000 (15:02 -0800)]
net: Fix lockdep regression caused by initializing netdev queues too early.
In commit aa9421041128abb4d269ee1dc502ff65fb3b7d69 ("net: init ingress
queue") we moved the allocation and lock initialization of the queues
into alloc_netdev_mq() since register_netdevice() is way too late.
The problem is that dev->type is not setup until the setup()
callback is invoked by alloc_netdev_mq(), and the dev->type is
what determines the lockdep class to use for the locks in the
queues.
Fix this by doing the queue allocation after the setup() callback
runs.
This is safe because the setup() callback is not allowed to make any
state changes that need to be undone on error (memory allocations,
etc.). It may, however, make state changes that are undone by
free_netdev() (such as netif_napi_add(), which is done by the
ipoib driver's setup routine).
The previous code also leaked a reference to the &init_net namespace
object on RX/TX queue allocation failures.
David S. Miller [Tue, 8 Feb 2011 22:31:31 +0000 (14:31 -0800)]
net/caif: Fix dangling list pointer in freed object on error.
rtnl_link_ops->setup(), and the "setup" callback passed to alloc_netdev*(),
cannot make state changes which need to be undone on failure. There is
no cleanup mechanism available at this point.
So we have to add the caif private instance to the global list once we
are sure that register_netdev() has succedded in ->newlink().
Otherwise, if register_netdev() fails, the caller will invoke free_netdev()
and we will have a reference to freed up memory on the chnl_net_list.
Changes:
- driver updated to match cdc.h header with errata changes
- added support for USB_CDC_SET_NTB_INPUT_SIZE control request with
8 byte length
- fixes to comply with specification: send only control requests supported by
device, set number of datagrams for IN direction, connection speed structure
update, etc.
- packet loss fixed for tx direction; misleading flag renamed.
- adjusted hard_mtu value.
Alexey Orishko [Mon, 7 Feb 2011 09:45:09 +0000 (09:45 +0000)]
CDC NCM errata updates for cdc.h
Changes are based on the following documents:
- CDC NCM errata:
http://www.usb.org/developers/devclass_docs/NCM10_012011.zip
- CDC and WMC errata link:
http://www.usb.org/developers/devclass_docs/CDC1.2_WMC1.1_012011.zip
Don Skidmore [Tue, 18 Jan 2011 22:53:47 +0000 (22:53 +0000)]
ixgbe: fix for 82599 erratum on Header Splitting
We have found a hardware erratum on 82599 hardware that can lead to
unpredictable behavior when Header Splitting mode is enabled. So
we are no longer enabling this feature on affected hardware.
Please see the 82599 Specification Update for more information.
Florian Fainelli [Mon, 24 Jan 2011 14:48:03 +0000 (14:48 +0000)]
e1000: add support for Marvell Alaska M88E1118R PHY
This patch adds support for Marvell Alask M88E188R PHY chips. Support for
other M88* PHYs is already there, so there is nothing more to add than its
PHY id.
e1000e: tx_timeout should not increment for non-hang events
Currently the driver increments the tx_timeout counter (an error counter)
when simply resetting the part with outstanding transmit work pending.
This is an unnecessary count of an error, when all we should be doing is
just resetting the part and discarding the transmits. With this change the
only increment of tx_timeout is when the stack calls the watchdog reset
function due to a true Tx timeout.
Sven Eckelmann [Sun, 6 Feb 2011 23:26:43 +0000 (23:26 +0000)]
batman-adv: Linearize fragment packets before merge
We access the data inside the skbs of two fragments directly using memmove
during the merge. The data of the skb could span over multiple skb pages. An
direct access without knowledge about the pages would lead to an invalid memory
access.
andrew hendry [Mon, 7 Feb 2011 00:08:15 +0000 (00:08 +0000)]
x25: possible skb leak on bad facilities
Originally x25_parse_facilities returned
-1 for an error
0 meaning 0 length facilities
>0 the length of the facilities parsed.
5ef41308f94dc ("x25: Prevent crashing when parsing bad X.25 facilities") introduced more
error checking in x25_parse_facilities however used 0 to indicate bad parsing a6331d6f9a429 ("memory corruption in X.25 facilities parsing") followed this further for
DTE facilities, again using 0 for bad parsing.
The meaning of 0 got confused in the callers.
If the facilities are messed up we can't determine where the data starts.
So patch makes all parsing errors return -1 and ensures callers close and don't use the skb further.
Felix Fietkau [Mon, 7 Feb 2011 11:05:00 +0000 (12:05 +0100)]
mac80211: fix the skb cloned check in the tx path
Using skb_header_cloned to check if it's safe to write to the skb is not
enough - mac80211 also touches the tailroom of the skb.
Initially this check was only used to increase a counter, however this
commit changed the code to also skip skb data reallocation if no extra
head/tailroom was needed:
Prevent packets duplication for frames targeting FCoE L2 ring:
packets were arriving to stack from both L2 RSS and from FCoE
L2 in a promiscuous mode.
Configure FCoE L2 ring to DROP_ALL rx mode, when interface is
configured to PROMISC, and to accept only unicast frames, when
interface is configured to ALL_MULTI.
Jesper Juhl [Sat, 5 Feb 2011 10:41:53 +0000 (10:41 +0000)]
sis900: Fix mem leak in sis900_rx error path
Fix memory leak in error path of sis900_rx(). If we don't do this we'll
leak the skb we dev_alloc_skb()'ed just a few lines above when the
variable goes out of scope.
This patch reverts the following commit
ath9k: remove bfs_paprd_timestamp from struct ath_buf_state
Under high interference/noisy environment conditions where PAPRD frames
fails heavily introduces a possibility of double freeing skb's and causes
kernel panic after some time.This patch reverts back to the original approach
of using paprd_timestamp before freeing the PAPRD frame skb's
Pavel Emelyanov [Fri, 4 Feb 2011 21:02:36 +0000 (13:02 -0800)]
bridge: Don't put partly initialized fdb into hash
The fdb_create() puts a new fdb into hash with only addr set. This is
not good, since there are callers, that search the hash w/o the lock
and access all the other its fields.
Francois Romieu [Thu, 3 Feb 2011 11:02:36 +0000 (12:02 +0100)]
r8169: RxFIFO overflow oddities with 8168 chipsets.
Some experiment-based action to prevent my 8168 chipsets locking-up hard
in the irq handler under load (pktgen ~1Mpps). Apparently a reset is not
always mandatory (is it at all ?).
- RTL_GIGA_MAC_VER_12
- RTL_GIGA_MAC_VER_25
Missed ~55% packets. Note:
- this is an old SiS 965L motherboard
- the 8168 chipset emits (lots of) control frames towards the sender
- RTL_GIGA_MAC_VER_26
The chipset does not go into a frenzy of mac control pause when it
crashes yet but it can still be crashed. It needs more work.
Ivan Vecera [Thu, 27 Jan 2011 11:24:11 +0000 (12:24 +0100)]
r8169: use RxFIFO overflow workaround for 8168c chipset.
I found that one of the 8168c chipsets (concretely XID 1c4000c0) starts
generating RxFIFO overflow errors. The result is an infinite loop in
interrupt handler as the RxFIFOOver is handled only for ...MAC_VER_11.
With the workaround everything goes fine.
Julia Lawall [Fri, 28 Jan 2011 05:43:40 +0000 (05:43 +0000)]
include/net/genetlink.h: Allow genlmsg_cancel to accept a NULL argument
nlmsg_cancel can accept NULL as its second argument, so for similarity,
this patch extends genlmsg_cancel to be able to accept a NULL second
argument as well.
David S. Miller [Fri, 4 Feb 2011 01:21:31 +0000 (17:21 -0800)]
net: Fix bug in compat SIOCGETSGCNT handling.
Commit 709b46e8d90badda1898caea50483c12af178e96 ("net: Add compat
ioctl support for the ipv4 multicast ioctl SIOCGETSGCNT") added the
correct plumbing to handle SIOCGETSGCNT properly.
However, whilst definiting a proper "struct compat_sioc_sg_req" it
isn't actually used in ipmr_compat_ioctl().
David S. Miller [Fri, 4 Feb 2011 00:12:50 +0000 (16:12 -0800)]
niu: Fix races between up/down and get_stats.
As reported by Flavio Leitner, there is no synchronization to protect
NIU's get_stats method from seeing a NULL pointer in either
np->rx_rings or np->tx_rings. In fact, as far as ->ndo_get_stats
is concerned, these values are set completely asynchronously.
Flavio attempted to fix this using a RW semaphore, which in fact
works most of the time. However, dev_get_stats() can be invoked
from non-sleepable contexts in some cases, so this fix doesn't
work in all cases.
So instead, control the visibility of the np->{rx,tx}_ring pointers
when the device is being brough up, and use properties of the device
down sequence to our advantage.
In niu_get_stats(), return immediately if netif_running() is false.
The device shutdown sequence first marks the device as not running (by
clearing the __LINK_STATE_START bit), then it performans a
synchronize_rcu() (in dev_deactive_many()), and then finally it
invokes the driver ->ndo_stop() method.
This guarentees that all invocations of niu_get_stats() either see
netif_running() as false, or they see the channel pointers before
->ndo_stop() clears them out.
If netif_running() is true, protect against startup races by loading
the np->{rx,tx}_rings pointer into a local variable, and punting if
it is NULL. Use ACCESS_ONCE to prevent the compiler from reloading
the pointer on us.
Also, during open, control the order in which the pointers and the
ring counts become visible globally using SMP write memory barriers.
We make sure the np->num_{rx,tx}_rings value is stable and visible
before np->{rx,tx}_rings is.
Such visibility control is not necessary on the niu_free_channels()
side because of the RCU sequencing that happens during device down as
described above. We are always guarenteed that all niu_get_stats
calls are finished, or will see netif_running() false, by the time
->ndo_stop is invoked.
Jesper Juhl [Thu, 3 Feb 2011 20:14:01 +0000 (21:14 +0100)]
wireless, wl1251: Fix potential NULL pointer dereference in wl1251_op_bss_info_changed()
In drivers/net/wireless/wl1251/main.c:wl1251_op_bss_info_changed() we make
a call to ieee80211_beacon_get() which may return NULL, but we do not
check the return value before dereferencing the pointer.
Peter Chubb [Wed, 2 Feb 2011 23:39:58 +0000 (15:39 -0800)]
tcp_ecn is an integer not a boolean
There was some confusion at LCA as to why the sysctl tcp_ecn took one
of three values when it was documented as a Boolean. This patch fixes
the documentation.
Chuck Ebbert [Wed, 2 Feb 2011 23:02:08 +0000 (15:02 -0800)]
atl1c: Add missing PCI device ID
Commit 8f574b35f22fbb9b5e5f1d11ad6b55b6f35f4533 ("atl1c: Add AR8151 v2
support and change L0s/L1 routine") added support for a new adapter
but failed to add it to the PCI device table.
Stefan Weil [Wed, 2 Feb 2011 06:04:36 +0000 (06:04 +0000)]
s390: Fix possibly wrong size in strncmp (smsgiucv)
This error was reported by cppcheck:
drivers/s390/net/smsgiucv.c:63: error: Using sizeof for array given as
function argument returns the size of pointer.
Although there is no runtime problem as long as sizeof(u8 *) == 8,
this misleading code should get fixed.
Stefan Weil [Wed, 2 Feb 2011 06:04:35 +0000 (06:04 +0000)]
s390: Fix wrong size in memcmp (netiucv)
This error was reported by cppcheck:
drivers/s390/net/netiucv.c:568: error: Using sizeof for array given
as function argument returns the size of pointer.
sizeof(ipuser) did not result in 16 (as many programmers would have
expected) but sizeof(u8 *), so it is 4 or 8, too small here.
Ursula Braun [Wed, 2 Feb 2011 06:04:34 +0000 (06:04 +0000)]
qeth: allow OSA CHPARM change in suspend state
For OSA the CHPARM-definition determines the number of available
outbound queues.
A CHPARM-change may occur while a Linux system with probed
OSA device is in suspend state. This patch enables proper
resuming of an OSA device in this case.
Ursula Braun [Wed, 2 Feb 2011 06:04:33 +0000 (06:04 +0000)]
qeth: allow HiperSockets framesize change in suspend
For HiperSockets the framesize-definition determines the selected
mtu-size and the size of the allocated qdio buffers.
A framesize-change may occur while a Linux system with probed
HiperSockets device is in suspend state. This patch enables proper
resuming of a HiperSockets device in this case.
Ursula Braun [Wed, 2 Feb 2011 06:04:31 +0000 (06:04 +0000)]
qeth: show new mac-address if its setting fails
Setting of a MAC-address may fail because an already used MAC-address
is to bet set or because of authorization problems. In those cases
qeth issues a message, but the mentioned MAC-address is not the
new MAC-address to be set, but the actual MAC-address. This patch
chooses now the new MAC-address to be set for the error messages.
this may not be necessary at this point, but we should still clean up
the skb->skb_iif. If not we may end up with an invalid valid for
skb->skb_iif when the skb is reused and the check is done in
__netif_receive_skb.
Johannes Berg [Wed, 2 Feb 2011 15:58:06 +0000 (16:58 +0100)]
mac80211: fix TX status cookie in HW offload case
When the off-channel TX is done with remain-on-channel
offloaded to hardware, the reported cookie is wrong as
in that case we shouldn't use the SKB as the cookie but
need to instead use the corresponding r-o-c cookie
(XOR'ed with 2 to prevent API mismatches).
Fix this by keeping track of the hw_roc_skb pointer
just for the status processing and use the correct
cookie to report in this case. We can't use the
hw_roc_skb pointer itself because it is NULL'ed when
the frame is transmitted to prevent it being used
twice.
This fixes a bug where the P2P state machine in the
supplicant gets stuck because it never gets a correct
result for its transmitted frame.
Wey-Yi Guy [Mon, 31 Jan 2011 21:56:03 +0000 (13:56 -0800)]
iwlagn: overwrite EEPROM chain setting for 6250 devices
6250 2x2 devices have 2 tx chain and 2 rx chain. For some reason,
the EEPROM contain incorrect information and indicate it only has single
tx chain. overwrite it with .cfg parameter to make sure both chain 'A' and
chain 'B' can be used for transmit and receive
Ajit Khaparde [Tue, 1 Feb 2011 23:41:13 +0000 (15:41 -0800)]
be2net: fix a crash seen during insmod/rmmod test
While running insmod/rmood in a loop, an unnecessary netif_stop_queue
causes the system to crash. Remove the netif_stop_queue call
and netif_start_queue in the link status update path.
Stefan Weil [Sun, 30 Jan 2011 10:31:26 +0000 (10:31 +0000)]
isdn: icn: Fix potentially wrong string handling
This warning was reported by cppcheck:
drivers/isdn/icn/icn.c:1641: error: Dangerous usage of 'rev' (strncpy doesn't always 0-terminate it)
If strncpy copied 20 bytes, the destination string rev was not terminated.
The patch adds one more byte to rev and makes sure that this byte is
always 0.
The chip was erroneously configured to accept all multicast frames
in a normal (none-promisc) rx mode both on the RSS and on the FCoE L2 rings
when in an NPAR mode. This caused packet duplication for every received multicast
frame in this mode.
Stefan Weil [Fri, 28 Jan 2011 12:30:17 +0000 (12:30 +0000)]
vxge: Fix wrong boolean operator
This error is reported by cppcheck:
drivers/net/vxge/vxge-config.c:3693: warning: Mutual exclusion over || always evaluates to true. Did you intend to use && instead?
It looks like cppcheck is correct, so fix this. No test was run.
Note that the TCP protocol state is not included. For that reason
the CT event filtering is not very useful for conntrackd.
To resolve this issue, instead of conditionally setting the CT events
bits based on the ctmask, we always set them and perform the filtering
in the late stage, just before the delivery.
Thus, the event delivered looks like the following:
netfilter: arpt_mangle: fix return values of checkentry
In 135367b "netfilter: xtables: change xt_target.checkentry return type",
the type returned by checkentry was changed from boolean to int, but the
return values where not adjusted.
arptables: Input/output error
This broke arptables with the mangle target since it returns true
under success, which is interpreted by xtables as >0, thus
returning EIO.
When built with rcu checks enabled, vhost triggers
bogus warnings as vhost features are read without
dev->mutex sometimes, and private pointer is read
with our kind of rcu where work serves as a
read side critical section.
Fixing it properly is not trivial.
Disable the warnings by stubbing out the checks for now.
In my testing of 2.6.37 I was occassionally getting a warning about
sysctl table entries being unregistered in the wrong order. Digging
in it turns out this dates back to the last great sysctl reorg done
where Al Viro introduced the requirement that sysctl directories
needed to be created before and destroyed after the files in them.
It turns out that in that great reorg /proc/sys/net/ipv6/neigh was
overlooked. So this patch fixes that oversight and makes an annoying
warning message go away.
Tom Herbert [Tue, 1 Feb 2011 00:23:42 +0000 (16:23 -0800)]
net: Check rps_flow_table when RPS map length is 1
In get_rps_cpu, add check that the rps_flow_table for the device is
NULL when trying to take fast path when RPS map length is one.
Without this, RFS is effectively disabled if map length is one which
is not correct.
Roland Dreier [Mon, 31 Jan 2011 21:16:00 +0000 (13:16 -0800)]
net: Add default_mtu() methods to blackhole dst_ops
When an IPSEC SA is still being set up, __xfrm_lookup() will return
-EREMOTE and so ip_route_output_flow() will return a blackhole route.
This can happen in a sndmsg call, and after d33e455337ea ("net: Abstract
default MTU metric calculation behind an accessor.") this leads to a
crash in ip_append_data() because the blackhole dst_ops have no
default_mtu() method and so dst_mtu() calls a NULL pointer.
Fix this by adding default_mtu() methods (that simply return 0, matching
the old behavior) to the blackhole dst_ops.
The IPv4 part of this patch fixes a crash that I saw when using an IPSEC
VPN; the IPv6 part is untested because I don't have an IPv6 VPN, but it
looks to be needed as well.
Yaniv Rosner [Sun, 30 Jan 2011 04:14:48 +0000 (04:14 +0000)]
bnx2x: Remove setting XAUI low-power for BCM8073
A rare link issue with the BCM8073 PHY may occur due to setting XAUI low power mode, while the PHY microcode already does that.
The fix is not to set set XAUI low power mode for this PHY.
Sven Eckelmann [Fri, 28 Jan 2011 17:34:07 +0000 (18:34 +0100)]
batman-adv: Make vis info stack traversal threadsafe
The batman-adv vis server has to a stack which stores all information
about packets which should be send later. This stack is protected
with a spinlock that is used to prevent concurrent write access to it.
The send_vis_packets function has to take all elements from the stack
and send them to other hosts over the primary interface. The send will
be initiated without the lock which protects the stack.
The implementation using list_for_each_entry_safe has the problem that
it stores the next element as "safe ptr" to allow the deletion of the
current element in the list. The list may be modified during the
unlock/lock pair in the loop body which may make the safe pointer
not pointing to correct next element.
It is safer to remove and use the first element from the stack until no
elements are available. This does not need reduntant information which
would have to be validated each time the lock was removed.
Sven Eckelmann [Fri, 28 Jan 2011 17:34:06 +0000 (18:34 +0100)]
batman-adv: Remove vis info element in free_info
The free_info function will be called when no reference to the info
object exists anymore. It must be ensured that the allocated memory
gets freed and not only the elements which are managed by the info
object.
Sven Eckelmann [Fri, 28 Jan 2011 17:34:05 +0000 (18:34 +0100)]
batman-adv: Remove vis info on hashing errors
A newly created vis info object must be removed when it couldn't be
added to the hash. The old_info which has to be replaced was already
removed and isn't related to the hash anymore.
net: Add compat ioctl support for the ipv4 multicast ioctl SIOCGETSGCNT
SIOCGETSGCNT is not a unique ioctl value as it it maps tio SIOCPROTOPRIVATE +1,
which unfortunately means the existing infrastructure for compat networking
ioctls is insufficient. A trivial compact ioctl implementation would conflict
with:
To make this work I have updated the compat_ioctl decode path to mirror the
the normal ioctl decode path. I have added an ipv4 inet_compat_ioctl function
so that I can have ipv4 specific compat ioctls. I have added a compat_ioctl
function into struct proto so I can break out ioctls by which kind of ip socket
I am using. I have added a compat_raw_ioctl function because SIOCGETSGCNT only
works on raw sockets. I have added a ipmr_compat_ioctl that mirrors the normal
ipmr_ioctl.
This was necessary because unfortunately the struct layout for the SIOCGETSGCNT
has unsigned longs in it so changes between 32bit and 64bit kernels.
This change was sufficient to run a 32bit ip multicast routing daemon on a
64bit kernel.
projects / linux.git / log