* [net-next-2.6 PATCH] enic: Bug Fix: Dont reset ENIC_SET_APPLIED flag on port profile disassociate
From: Roopa Prabhu @ 2011-01-21 0:35 UTC (permalink / raw)
To: davem; +Cc: netdev
From: Roopa Prabhu <roprabhu@cisco.com>
enic_get_vf_port returns port profile operation status only if ENIC_SET_APPLIED
flag is set. A recent rework of enic_set_port_profile added code to reset this
flag on disassociate. As a result of which a client calling enic_get_vf_port
to get the status of port profile disassociate will always get a return value
of ENODATA. This patch renames ENIC_SET_APPLIED to more appropriate
ENIC_PORT_REQUEST_APPLIED and reverts back the recent change so that the
flag is set both at associate and disassociate of a port profile.
Signed-off-by: Roopa Prabhu <roprabhu@cisco.com>
Signed-off-by: David Wang <dwang2@cisco.com>
Signed-off-by: Christian Benvenuti <benve@cisco.com>
---
drivers/net/enic/enic.h | 6 +++---
drivers/net/enic/enic_main.c | 10 ++++++----
2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/drivers/net/enic/enic.h b/drivers/net/enic/enic.h
index a937f49..ca3be4f 100644
--- a/drivers/net/enic/enic.h
+++ b/drivers/net/enic/enic.h
@@ -32,8 +32,8 @@
#define DRV_NAME "enic"
#define DRV_DESCRIPTION "Cisco VIC Ethernet NIC Driver"
-#define DRV_VERSION "1.4.1.10"
-#define DRV_COPYRIGHT "Copyright 2008-2010 Cisco Systems, Inc"
+#define DRV_VERSION "2.1.1.2"
+#define DRV_COPYRIGHT "Copyright 2008-2011 Cisco Systems, Inc"
#define ENIC_BARS_MAX 6
@@ -49,7 +49,7 @@ struct enic_msix_entry {
void *devid;
};
-#define ENIC_SET_APPLIED (1 << 0)
+#define ENIC_PORT_REQUEST_APPLIED (1 << 0)
#define ENIC_SET_REQUEST (1 << 1)
#define ENIC_SET_NAME (1 << 2)
#define ENIC_SET_INSTANCE (1 << 3)
diff --git a/drivers/net/enic/enic_main.c b/drivers/net/enic/enic_main.c
index a0af48c..89664c6 100644
--- a/drivers/net/enic/enic_main.c
+++ b/drivers/net/enic/enic_main.c
@@ -1318,18 +1318,20 @@ static int enic_set_port_profile(struct enic *enic, u8 *mac)
vic_provinfo_free(vp);
if (err)
return err;
-
- enic->pp.set |= ENIC_SET_APPLIED;
break;
case PORT_REQUEST_DISASSOCIATE:
- enic->pp.set &= ~ENIC_SET_APPLIED;
break;
default:
return -EINVAL;
}
+ /* Set flag to indicate that the port assoc/disassoc
+ * request has been sent out to fw
+ */
+ enic->pp.set |= ENIC_PORT_REQUEST_APPLIED;
+
return 0;
}
@@ -1411,7 +1413,7 @@ static int enic_get_vf_port(struct net_device *netdev, int vf,
int err, error, done;
u16 response = PORT_PROFILE_RESPONSE_SUCCESS;
- if (!(enic->pp.set & ENIC_SET_APPLIED))
+ if (!(enic->pp.set & ENIC_PORT_REQUEST_APPLIED))
return -ENODATA;
err = enic_dev_init_done(enic, &done, &error);
^ permalink raw reply related
* Re: [GIT] Networking
From: Linus Torvalds @ 2011-01-21 0:11 UTC (permalink / raw)
To: Colin Walters, Davide Libenzi
Cc: Eric Dumazet, David Miller, akpm, netdev, linux-kernel
In-Reply-To: <AANLkTim71374Qb1TW5Lc8H+rpQNk5a25ARczHU-+cn=D@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 352 bytes --]
On Thu, Jan 20, 2011 at 4:02 PM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> So far I only did a revert, I didn't see exactly _which_ of the wakeup
> cases it was. But it's definitely that commit.
This patch - that adds all the appropriate POLLxxx flags - seems to
fix it for me. Will commit. Anybody wants to review/ack?
Linus
[-- Attachment #2: patch.diff --]
[-- Type: text/x-patch, Size: 1773 bytes --]
fs/pipe.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/pipe.c b/fs/pipe.c
index 89e9e19..da42f7d 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -441,7 +441,7 @@ redo:
break;
}
if (do_wakeup) {
- wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT);
+ wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT | POLLWRNORM);
kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT);
}
pipe_wait(pipe);
@@ -450,7 +450,7 @@ redo:
/* Signal writers asynchronously that there is more room. */
if (do_wakeup) {
- wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT);
+ wake_up_interruptible_sync_poll(&pipe->wait, POLLOUT | POLLWRNORM);
kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT);
}
if (ret > 0)
@@ -612,7 +612,7 @@ redo2:
break;
}
if (do_wakeup) {
- wake_up_interruptible_sync_poll(&pipe->wait, POLLIN);
+ wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLRDNORM);
kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
do_wakeup = 0;
}
@@ -623,7 +623,7 @@ redo2:
out:
mutex_unlock(&inode->i_mutex);
if (do_wakeup) {
- wake_up_interruptible_sync_poll(&pipe->wait, POLLIN);
+ wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLRDNORM);
kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
}
if (ret > 0)
@@ -715,7 +715,7 @@ pipe_release(struct inode *inode, int decr, int decw)
if (!pipe->readers && !pipe->writers) {
free_pipe_info(inode);
} else {
- wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT);
+ wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM | POLLERR | POLLHUP);
kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT);
}
^ permalink raw reply related
* Re: [PATCH] Fix NULL dereference in rtlwifi driver
From: Jesper Juhl @ 2011-01-21 0:04 UTC (permalink / raw)
To: Larry Finger
Cc: netdev, linux-wireless, linux-kernel, John W. Linville,
Chaoming Li
In-Reply-To: <4D38CB7E.5000304@lwfinger.net>
On Thu, 20 Jan 2011, Larry Finger wrote:
> On 01/20/2011 04:18 PM, Jesper Juhl wrote:
> > In drivers/net/wireless/rtlwifi/pci.c::_rtl_pci_rx_interrupt() we call
> > dev_alloc_skb(), which may fail and return NULL, but we do not check the
> > returned value against NULL before dereferencing the returned pointer.
> > This may lead to a NULL pointer dereference which means we'll crash - not
> > good.
> >
> > This patch tries to solve the issue by testing for NULL and bailing out if
> > we couldn't allocate a skb. However, I don't know this code well, so I'm
> > not sure that jumping to the 'done' label here is the correct action to
> > take. Someone more knowledgable about this code than me should definately
> > review it before it is applied anywhere.
> > While I was in the area I also moved an assignment in
> > _rtl_pci_init_rx_ring() a bit - if the dev_alloc_skb() call in that
> > function fails there's no reason to waste clock cycles assigning to the
> > local variable 'entry', we may as well do that after the NULL check and
> > potential bail out.
> >
> > Here's the proposed patch, but please don't take it as much more than a
> > bug report. If it happens to be correct, then by all means apply it, but
> > I'm not personally making any guarantees.
> >
> > Signed-off-by: Jesper Juhl <jj@chaosbits.net>
> > ---
> > pci.c | 9 ++++++++-
> > 1 file changed, 8 insertions(+), 1 deletion(-)
> >
> > compile tested only, I don't have the hardware to test for real.
> >
> > diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c
> > index 0fa36aa..5e99f89 100644
> > --- a/drivers/net/wireless/rtlwifi/pci.c
> > +++ b/drivers/net/wireless/rtlwifi/pci.c
> > @@ -619,6 +619,13 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw)
> > struct sk_buff *uskb = NULL;
> > u8 *pdata;
> > uskb = dev_alloc_skb(skb->len + 128);
> > + if (!uskb) {
> > + RT_TRACE(rtlpriv,
> > + (COMP_INTR | COMP_RECV),
> > + DBG_DMESG,
> > + ("can't alloc rx skb\n"));
> > + goto done;
> > + }
> > memcpy(IEEE80211_SKB_RXCB(uskb),
> > &rx_status,
> > sizeof(rx_status));
> > @@ -1066,9 +1073,9 @@ static int _rtl_pci_init_rx_ring(struct ieee80211_hw *hw)
> > struct sk_buff *skb =
> > dev_alloc_skb(rtlpci->rxbuffersize);
> > u32 bufferaddress;
> > - entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
> > if (!skb)
> > return 0;
> > + entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
> >
> > /*skb->dev = dev; */
> >
>
> This patch looks mostly good to me. The only change I would make is to replace
> "DBG_DMESG" in the RT_TRACE statement with "DBG_EMERG". The standard setting of
> the debug variable does not generate output for DBG_DMESG.
>
> With that change, ACK and
> Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
>
Here you go.
Signed-off-by: Jesper Juhl <jj@chaosbits.net>
---
pci.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c
index 0fa36aa..1758d44 100644
--- a/drivers/net/wireless/rtlwifi/pci.c
+++ b/drivers/net/wireless/rtlwifi/pci.c
@@ -619,6 +619,13 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw)
struct sk_buff *uskb = NULL;
u8 *pdata;
uskb = dev_alloc_skb(skb->len + 128);
+ if (!uskb) {
+ RT_TRACE(rtlpriv,
+ (COMP_INTR | COMP_RECV),
+ DBG_EMERG,
+ ("can't alloc rx skb\n"));
+ goto done;
+ }
memcpy(IEEE80211_SKB_RXCB(uskb),
&rx_status,
sizeof(rx_status));
@@ -641,7 +648,7 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw)
new_skb = dev_alloc_skb(rtlpci->rxbuffersize);
if (unlikely(!new_skb)) {
RT_TRACE(rtlpriv, (COMP_INTR | COMP_RECV),
- DBG_DMESG,
+ DBG_EMERG,
("can't alloc skb for rx\n"));
goto done;
}
@@ -1066,9 +1073,9 @@ static int _rtl_pci_init_rx_ring(struct ieee80211_hw *hw)
struct sk_buff *skb =
dev_alloc_skb(rtlpci->rxbuffersize);
u32 bufferaddress;
- entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
if (!skb)
return 0;
+ entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
/*skb->dev = dev; */
--
Jesper Juhl <jj@chaosbits.net> http://www.chaosbits.net/
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please.
^ permalink raw reply related
* Re: [GIT] Networking
From: Linus Torvalds @ 2011-01-21 0:02 UTC (permalink / raw)
To: Colin Walters, Davide Libenzi
Cc: Eric Dumazet, David Miller, akpm, netdev, linux-kernel
In-Reply-To: <AANLkTin-RBwg+J4MqOm7A40-TFAJ1sp4e6tzi6OaobNi@mail.gmail.com>
On Thu, Jan 20, 2011 at 3:43 PM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
>
> But it turns out to be a kernel bug after all, although not in
> networking. It bisected down to commit e462c448fdc8: "pipe: use event
> aware wakeups".
>
> Anyway, I'll double-check my bisect by doing a revert of that commit
> on top of current -git, but I'm pretty sure the bisect was correct,
> since it did end up pointing to a commit that clearly changed poll
> behavior.
Confirmed. With that commit reverted, gnome-screensaver-dialog works again.
So far I only did a revert, I didn't see exactly _which_ of the wakeup
cases it was. But it's definitely that commit.
Linus
^ permalink raw reply
* Re: [PATCH] Fix NULL dereference in rtlwifi driver
From: Larry Finger @ 2011-01-20 23:55 UTC (permalink / raw)
To: Jesper Juhl
Cc: netdev, linux-wireless, linux-kernel, John W. Linville,
Chaoming Li
In-Reply-To: <alpine.LNX.2.00.1101202309030.11854@swampdragon.chaosbits.net>
On 01/20/2011 04:18 PM, Jesper Juhl wrote:
> In drivers/net/wireless/rtlwifi/pci.c::_rtl_pci_rx_interrupt() we call
> dev_alloc_skb(), which may fail and return NULL, but we do not check the
> returned value against NULL before dereferencing the returned pointer.
> This may lead to a NULL pointer dereference which means we'll crash - not
> good.
>
> This patch tries to solve the issue by testing for NULL and bailing out if
> we couldn't allocate a skb. However, I don't know this code well, so I'm
> not sure that jumping to the 'done' label here is the correct action to
> take. Someone more knowledgable about this code than me should definately
> review it before it is applied anywhere.
> While I was in the area I also moved an assignment in
> _rtl_pci_init_rx_ring() a bit - if the dev_alloc_skb() call in that
> function fails there's no reason to waste clock cycles assigning to the
> local variable 'entry', we may as well do that after the NULL check and
> potential bail out.
>
> Here's the proposed patch, but please don't take it as much more than a
> bug report. If it happens to be correct, then by all means apply it, but
> I'm not personally making any guarantees.
>
> Signed-off-by: Jesper Juhl <jj@chaosbits.net>
> ---
> pci.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> compile tested only, I don't have the hardware to test for real.
>
> diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c
> index 0fa36aa..5e99f89 100644
> --- a/drivers/net/wireless/rtlwifi/pci.c
> +++ b/drivers/net/wireless/rtlwifi/pci.c
> @@ -619,6 +619,13 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw)
> struct sk_buff *uskb = NULL;
> u8 *pdata;
> uskb = dev_alloc_skb(skb->len + 128);
> + if (!uskb) {
> + RT_TRACE(rtlpriv,
> + (COMP_INTR | COMP_RECV),
> + DBG_DMESG,
> + ("can't alloc rx skb\n"));
> + goto done;
> + }
> memcpy(IEEE80211_SKB_RXCB(uskb),
> &rx_status,
> sizeof(rx_status));
> @@ -1066,9 +1073,9 @@ static int _rtl_pci_init_rx_ring(struct ieee80211_hw *hw)
> struct sk_buff *skb =
> dev_alloc_skb(rtlpci->rxbuffersize);
> u32 bufferaddress;
> - entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
> if (!skb)
> return 0;
> + entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
>
> /*skb->dev = dev; */
>
This patch looks mostly good to me. The only change I would make is to replace
"DBG_DMESG" in the RT_TRACE statement with "DBG_EMERG". The standard setting of
the debug variable does not generate output for DBG_DMESG.
With that change, ACK and
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Larry
^ permalink raw reply
* Re: [GIT] Networking
From: Linus Torvalds @ 2011-01-20 23:43 UTC (permalink / raw)
To: Colin Walters, Davide Libenzi
Cc: Eric Dumazet, David Miller, akpm, netdev, linux-kernel
In-Reply-To: <AANLkTin6GM5W0nmWgD1a-2FK=CvHk=P3o6CYe-sFe6c=@mail.gmail.com>
On Thu, Jan 20, 2011 at 2:38 PM, Colin Walters <walters@verbum.org> wrote:
>
> It is actually; see src/gs-auth-pam.c; there is some pretty scary code
> there; basically all of PAM is put in a thread to avoid blocking the
> mainloop. Whether the code is actually buggy I can't say immediately;
> it's certainly possible.
I stand corrected.
But it turns out to be a kernel bug after all, although not in
networking. It bisected down to commit e462c448fdc8: "pipe: use event
aware wakeups".
I don't immediately see why, but I suspect it's the pipe_release()
case that needs to add POLLHUP to the wakeup cases. I suspect that
what is going on is that gnome-screensaver-dialog uses a pipe to talk
to the PAM code, and waits for the pipe to close. And we used to wake
it up unconditionally, but now we only wake up the poll waiter if it's
waiting for POLLIN/POLLOUT, rather than for anything else.
Anyway, I'll double-check my bisect by doing a revert of that commit
on top of current -git, but I'm pretty sure the bisect was correct,
since it did end up pointing to a commit that clearly changed poll
behavior.
Linus
^ permalink raw reply
* Re: [PATCH] CHOKe flow scheduler (0.10)
From: Eric Dumazet @ 2011-01-20 22:46 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: Patrick McHardy, David Miller, netdev
In-Reply-To: <1295547589.2825.497.camel@edumazet-laptop>
Le jeudi 20 janvier 2011 à 19:19 +0100, Eric Dumazet a écrit :
> Le jeudi 20 janvier 2011 à 09:38 -0800, Stephen Hemminger a écrit :
>
> ...
>
> Hi Stephen
>
> I am contemplating choke_linearize_header() (yet another hash
> function... oh well...) and say :
>
> Instead of this boolean return, just use skb_get_rxhash(). It performs
> what you want, and return 32bits of information, instead of one bit.
>
> (if result (rxhash) is zero, it means you can drop packet because it is
> not linearized)
>
> So choke_match_flow() can be faster if rxhash differs (no cache miss on
> skb->data on an old skb)
> (Do the full check only if rxhash is equal on skb1 / skb2)
>
> More over, the skb_get_rxhash() call is _really_ needed only if CHOKe
> triggers :
> if (p->qavg <= p->qth_min)
> we dont have to compute rxhash at all.
>
> If you want, I can send a diff on your v0.10, just tell me !
Here is my diff against v 0.10
Seems to work well here
qdisc choke 11: parent 1:11 limit 130000b min 10833b max 32500b ewma 13 Plog 21 Scell_log 30
Sent 459876256 bytes 836183 pkt (dropped 318428, overlimits 28 requeues 0)
rate 51823Kbit 11779pps backlog 5926323b 10781p requeues 0
marked 0 early 28 pdrop 0 other 0 matched 159200
Thanks !
net/sched/sch_choke.c | 114 ++++++++++++----------------------------
1 file changed, 37 insertions(+), 77 deletions(-)
diff --git a/net/sched/sch_choke.c b/net/sched/sch_choke.c
index e1ac560..0e898ed 100644
--- a/net/sched/sch_choke.c
+++ b/net/sched/sch_choke.c
@@ -141,63 +141,24 @@ static void choke_drop_by_idx(struct Qdisc *sch, unsigned int idx)
--sch->q.qlen;
}
-/* Make sure network and transport headers can be dereferenced */
-static bool choke_linearize_header(struct sk_buff *skb)
-{
- int nhoff, poff;
- struct ipv6hdr *ip6;
- struct iphdr *ip;
- u8 ip_proto;
- u32 ihl;
-
- nhoff = skb_network_offset(skb);
-
- switch (skb->protocol) {
- case __constant_htons(ETH_P_IP):
- if (!pskb_may_pull(skb, sizeof(*ip) + nhoff))
- return false;
-
- ip = (struct iphdr *) (skb->data + nhoff);
- if (ip->frag_off & htons(IP_MF | IP_OFFSET))
- return false;
-
- ip_proto = ip->protocol;
- ihl = ip->ihl;
- break;
- case __constant_htons(ETH_P_IPV6):
- if (!pskb_may_pull(skb, sizeof(*ip6) + nhoff))
- return false;
-
- ip6 = (struct ipv6hdr *) (skb->data + nhoff);
- ip_proto = ip6->nexthdr;
- ihl = (40 >> 2);
- break;
- default:
- return true;
- }
-
- poff = proto_ports_offset(ip_proto);
- if (poff >= 0) {
- nhoff += ihl * 4 + poff;
- if (!pskb_may_pull(skb, nhoff + 4))
- return false;
- }
-
- return true;
-}
-
/*
* Compare flow of two packets
* Returns true only if source and destination address and port match.
* false for special cases
*/
-static bool choke_match_flow(const struct sk_buff *skb1,
- const struct sk_buff *skb2)
+static bool choke_match_flow(struct sk_buff *skb1,
+ struct sk_buff *skb2)
{
int off1, off2, poff;
+ const u32 *ports1, *ports2;
+ u8 ip_proto;
if (skb1->protocol != skb2->protocol)
return false;
+ if (skb_get_rxhash(skb1) != skb_get_rxhash(skb2))
+ return false;
+ if (!skb_get_rxhash(skb1))
+ return true;
off1 = skb_network_offset(skb1);
off2 = skb_network_offset(skb2);
@@ -209,27 +170,14 @@ static bool choke_match_flow(const struct sk_buff *skb1,
ip1 = (struct iphdr *) (skb1->data + off1);
ip2 = (struct iphdr *) (skb2->data + off2);
- if (ip1->protocol != ip2->protocol ||
+ ip_proto = ip1->protocol;
+ if (ip_proto != ip2->protocol ||
ip1->saddr != ip2->saddr || ip1->daddr != ip2->daddr)
return false;
-
- if (ip1->frag_off & htons(IP_MF | IP_OFFSET) ||
- ip2->frag_off & htons(IP_MF | IP_OFFSET))
- return ip1->id == ip2->id;
-
- poff = proto_ports_offset(ip1->protocol);
- if (poff < 0)
- return true;
- else {
- const u32 *ports1, *ports2;
-
- ports1 = (__force u32 *) (skb1->data + off1
- + ip1->ihl * 4 + poff);
- ports2 = (__force u32 *) (skb2->data + off2
- + ip2->ihl * 4 + poff);
-
- return *ports1 == *ports2;
- }
+ if ((ip1->frag_off | ip2->frag_off) & htons(IP_MF | IP_OFFSET))
+ ip_proto = 0;
+ off1 += ip1->ihl * 4;
+ off2 += ip2->ihl * 4;
break;
}
@@ -239,15 +187,32 @@ static bool choke_match_flow(const struct sk_buff *skb1,
ip1 = (struct ipv6hdr *) (skb1->data + off1);
ip2 = (struct ipv6hdr *) (skb2->data + off2);
- return (ip1->nexthdr == ip2->nexthdr &&
- ipv6_addr_cmp(&ip1->saddr, &ip2->saddr) == 0 &&
- ipv6_addr_cmp(&ip1->daddr, &ip2->daddr) == 0);
+ ip_proto = ip1->nexthdr;
+ if (ip_proto != ip2->nexthdr ||
+ ipv6_addr_cmp(&ip1->saddr, &ip2->saddr) ||
+ ipv6_addr_cmp(&ip1->daddr, &ip2->daddr))
+ return false;
+ off1 += 40;
+ off2 += 40;
}
default: /* Maybe compare MAC header here? */
return false;
}
- /* not reached */
+ poff = proto_ports_offset(ip_proto);
+ if (poff < 0)
+ return true;
+ off1 += poff;
+ off2 += poff;
+ if (!pskb_may_pull(skb1, off1 + 4))
+ return false;
+
+ if (!pskb_may_pull(skb2, off2 + 4))
+ return false;
+
+ ports1 = (__force u32 *)(skb1->data + off1);
+ ports2 = (__force u32 *)(skb2->data + off2);
+ return *ports1 == *ports2;
}
static inline void choke_set_classid(struct sk_buff *skb, u16 classid)
@@ -319,10 +284,10 @@ static struct sk_buff *choke_peek_random(const struct choke_sched_data *q,
* returns true if matched and sets *pidx
*/
static bool choke_match_random(const struct choke_sched_data *q,
- const struct sk_buff *nskb,
+ struct sk_buff *nskb,
unsigned int *pidx)
{
- const struct sk_buff *oskb;
+ struct sk_buff *oskb;
if (q->head == q->tail)
return false;
@@ -331,7 +296,6 @@ static bool choke_match_random(const struct choke_sched_data *q,
if (q->filter_list)
return choke_get_classid(nskb) == choke_get_classid(oskb);
-
return choke_match_flow(oskb, nskb);
}
@@ -345,10 +309,6 @@ static int choke_enqueue(struct sk_buff *skb, struct Qdisc *sch)
/* If using external classifiers, get result and record it. */
if (!choke_classify(skb, sch, &ret))
goto other_drop; /* Packet was eaten by filter */
- } else {
- /* for internal classifier, make header accessible */
- if (!choke_linearize_header(skb))
- goto other_drop;
}
/* Compute average queue usage (see RED) */
^ permalink raw reply related
* Re: [GIT] Networking
From: Colin Walters @ 2011-01-20 22:38 UTC (permalink / raw)
To: Linus Torvalds; +Cc: Eric Dumazet, David Miller, akpm, netdev, linux-kernel
In-Reply-To: <AANLkTikLY1B3=C2TjAbYKVHbub-aPeG2heaUBWRUAg=R@mail.gmail.com>
On Thu, Jan 20, 2011 at 5:21 PM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
> On Thu, Jan 20, 2011 at 1:40 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>>
>> Then here ask for fd=3 both POLLIN and POLLOUT :
>> kernel answers : OK for POLLOUT (not POLLIN), so previous poll() call
>> was OK to be blocked after all...
>>
>> So I'm wondering if it could be a userland bug, that triggers with
>> recent kernel changes.
>
> As far as I can tell, that program isn't multi-threaded
It is actually; see src/gs-auth-pam.c; there is some pretty scary code
there; basically all of PAM is put in a thread to avoid blocking the
mainloop. Whether the code is actually buggy I can't say immediately;
it's certainly possible.
^ permalink raw reply
* Re: [GIT] Networking
From: Linus Torvalds @ 2011-01-20 22:21 UTC (permalink / raw)
To: Eric Dumazet; +Cc: David Miller, akpm, netdev, linux-kernel
In-Reply-To: <1295559646.2613.35.camel@edumazet-laptop>
On Thu, Jan 20, 2011 at 1:40 PM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
>
> Then here ask for fd=3 both POLLIN and POLLOUT :
> kernel answers : OK for POLLOUT (not POLLIN), so previous poll() call
> was OK to be blocked after all...
>
> So I'm wondering if it could be a userland bug, that triggers with
> recent kernel changes.
As far as I can tell, that program isn't multi-threaded, and it should
not have returned to user land at all (no signal, and a restart). So I
think it's a kernel-only thing - there should have been nothing that
could have changed the poll list in user space. But I didn't really
check the threading status.
I'm trying to bisect it now to figure out more hints.
Linus
^ permalink raw reply
* [PATCH] Fix NULL dereference in rtlwifi driver
From: Jesper Juhl @ 2011-01-20 22:18 UTC (permalink / raw)
To: Larry Finger
Cc: netdev, linux-wireless, linux-kernel, John W. Linville,
Chaoming Li
In drivers/net/wireless/rtlwifi/pci.c::_rtl_pci_rx_interrupt() we call
dev_alloc_skb(), which may fail and return NULL, but we do not check the
returned value against NULL before dereferencing the returned pointer.
This may lead to a NULL pointer dereference which means we'll crash - not
good.
This patch tries to solve the issue by testing for NULL and bailing out if
we couldn't allocate a skb. However, I don't know this code well, so I'm
not sure that jumping to the 'done' label here is the correct action to
take. Someone more knowledgable about this code than me should definately
review it before it is applied anywhere.
While I was in the area I also moved an assignment in
_rtl_pci_init_rx_ring() a bit - if the dev_alloc_skb() call in that
function fails there's no reason to waste clock cycles assigning to the
local variable 'entry', we may as well do that after the NULL check and
potential bail out.
Here's the proposed patch, but please don't take it as much more than a
bug report. If it happens to be correct, then by all means apply it, but
I'm not personally making any guarantees.
Signed-off-by: Jesper Juhl <jj@chaosbits.net>
---
pci.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
compile tested only, I don't have the hardware to test for real.
diff --git a/drivers/net/wireless/rtlwifi/pci.c b/drivers/net/wireless/rtlwifi/pci.c
index 0fa36aa..5e99f89 100644
--- a/drivers/net/wireless/rtlwifi/pci.c
+++ b/drivers/net/wireless/rtlwifi/pci.c
@@ -619,6 +619,13 @@ static void _rtl_pci_rx_interrupt(struct ieee80211_hw *hw)
struct sk_buff *uskb = NULL;
u8 *pdata;
uskb = dev_alloc_skb(skb->len + 128);
+ if (!uskb) {
+ RT_TRACE(rtlpriv,
+ (COMP_INTR | COMP_RECV),
+ DBG_DMESG,
+ ("can't alloc rx skb\n"));
+ goto done;
+ }
memcpy(IEEE80211_SKB_RXCB(uskb),
&rx_status,
sizeof(rx_status));
@@ -1066,9 +1073,9 @@ static int _rtl_pci_init_rx_ring(struct ieee80211_hw *hw)
struct sk_buff *skb =
dev_alloc_skb(rtlpci->rxbuffersize);
u32 bufferaddress;
- entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
if (!skb)
return 0;
+ entry = &rtlpci->rx_ring[rx_queue_idx].desc[i];
/*skb->dev = dev; */
--
Jesper Juhl <jj@chaosbits.net> http://www.chaosbits.net/
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please.
^ permalink raw reply related
* Re: [GIT] Networking
From: Eric Dumazet @ 2011-01-20 21:40 UTC (permalink / raw)
To: Linus Torvalds; +Cc: David Miller, akpm, netdev, linux-kernel
In-Reply-To: <AANLkTin32jUnBtHF-EAkSMnFQM6cTbn-G3NZQJ3xjTWU@mail.gmail.com>
Le jeudi 20 janvier 2011 à 13:12 -0800, Linus Torvalds a écrit :
> ...
> read(3, 0x9806500, 4096) = -1 EAGAIN (Resource
> temporarily unavailable)
> poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}, {fd=12,
> events=POLLIN|POLLPRI}, {fd=14, events=POLLIN|POLLPRI}, {fd=9,
> events=POLLIN|POLLPRI}, {fd=10, events=POLLIN|POLLPRI}, {fd=15,
> events=POLLIN}, {fd=16, events=POLLIN}, {fd=17, events=0}, {fd=19,
> events=POLLIN}], 10, -1) = ? ERESTART_RESTARTBLOCK (To be restarted)
> restart_syscall(
>
Hmm, poll() here on fd=3 only asks events=POLLIN
> and that's it - it's now hung. So why did it work when I straced it
> while hung? And why is it doing that ERESTART_RESTARTBLOCK in the
> first place, I'm not seeing any signals there?
>
> So I tried sending it a useless signal, which will re-animate the
> strace, and now I get:
>
> restart_syscall(<... resuming interrupted call ...>) = 1
> --- SIGWINCH (Window changed) @ 0 (0) ---
> poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
>
Then here ask for fd=3 both POLLIN and POLLOUT :
kernel answers : OK for POLLOUT (not POLLIN), so previous poll() call
was OK to be blocked after all...
So I'm wondering if it could be a userland bug, that triggers with
recent kernel changes.
^ permalink raw reply
* Re: [GIT] Networking
From: Eric Dumazet @ 2011-01-20 21:30 UTC (permalink / raw)
To: Linus Torvalds; +Cc: David Miller, akpm, netdev, linux-kernel
In-Reply-To: <1295558748.2613.28.camel@edumazet-laptop>
Le jeudi 20 janvier 2011 à 22:25 +0100, Eric Dumazet a écrit :
> Do you know the type of socket ? UNIX or INET ?
>
> You could try a revert of 2c6607c611cb7bf0a6750bcea3
> (net: add POLLPRI to sock_def_readable())
>
> But I dont understand how it could hurt...
>
>
>
Another candidate (AF_UNIX side) would be 973a34aa8593dbfe84386343c69
(af_unix: optimize unix_dgram_poll())
Thanks
^ permalink raw reply
* Re: [GIT] Networking
From: Rafael J. Wysocki @ 2011-01-20 21:28 UTC (permalink / raw)
To: Linus Torvalds; +Cc: David Miller, akpm, netdev, linux-kernel, Tejun Heo
In-Reply-To: <AANLkTin32jUnBtHF-EAkSMnFQM6cTbn-G3NZQJ3xjTWU@mail.gmail.com>
On Thursday, January 20, 2011, Linus Torvalds wrote:
> On Wed, Jan 19, 2011 at 6:04 PM, David Miller <davem@davemloft.net> wrote:
> >
> > 1) Revert a netlink flag sanity check that is causing regressions in
> > existing applications.
> ...
>
> This is a long-shot, but I thought I'd ask before I start trying to
> bisect the fourth independent suspend/resume related issue in this
> merge window..
>
> When I suspend/resume while logged in by closing the lid on my laptop
> on FC14, it causes the gnome-screensaver-dialog to start up. So far so
> fine, that's what I want, and it all works fin in 2.6.37.
>
> But in current -git (and in -rc8, so it's not changed by your latest
> pull request), gnome-screensaver-dialog gets stuck after I type in my
> password, making the box basically useless.
>
> So I straced it over the network, and if I attach _when_ it is already
> stuck, it immediately becomes unstuck. But if I attach to it before
> typing my password, I can see the hang in strace, and it looks like
> this:
>
> ...
> read(3, 0x9806500, 4096) = -1 EAGAIN (Resource
> temporarily unavailable)
> poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}, {fd=12,
> events=POLLIN|POLLPRI}, {fd=14, events=POLLIN|POLLPRI}, {fd=9,
> events=POLLIN|POLLPRI}, {fd=10, events=POLLIN|POLLPRI}, {fd=15,
> events=POLLIN}, {fd=16, events=POLLIN}, {fd=17, events=0}, {fd=19,
> events=POLLIN}], 10, -1) = ? ERESTART_RESTARTBLOCK (To be restarted)
> restart_syscall(
>
> and that's it - it's now hung. So why did it work when I straced it
> while hung? And why is it doing that ERESTART_RESTARTBLOCK in the
> first place, I'm not seeing any signals there?
>
> So I tried sending it a useless signal, which will re-animate the
> strace, and now I get:
>
> restart_syscall(<... resuming interrupted call ...>) = 1
> --- SIGWINCH (Window changed) @ 0 (0) ---
> poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
>
> Whee. That signal got it started again, and the poll finished immediately.
>
> And how/why did the input to the poll apparently change? That looks
> suspicious too. Might be some odd strace artifact, but whatever.
>
> So I'm contacting you because that fd=3 is a socket (I didn't check
> details), and because anything I find in the git logs that discusses
> "poll" seems to be network-related. So I'm wondering it this rings any
> bells, because bisecting this is going to be painful as hell (since I
> have to carefully work around all the _other_ problems I've bisected
> on that machine while doing so).
This is a long shot too, but perhaps it's related to
8cfe400 Freezer: Fix a race during freezing of TASK_STOPPED tasks
(adding Tejun to the CC just in case).
Rafael
^ permalink raw reply
* Re: [GIT] Networking
From: Eric Dumazet @ 2011-01-20 21:25 UTC (permalink / raw)
To: Linus Torvalds; +Cc: David Miller, akpm, netdev, linux-kernel
In-Reply-To: <AANLkTin32jUnBtHF-EAkSMnFQM6cTbn-G3NZQJ3xjTWU@mail.gmail.com>
Le jeudi 20 janvier 2011 à 13:12 -0800, Linus Torvalds a écrit :
> On Wed, Jan 19, 2011 at 6:04 PM, David Miller <davem@davemloft.net> wrote:
> >
> > 1) Revert a netlink flag sanity check that is causing regressions in
> > existing applications.
> ...
>
> This is a long-shot, but I thought I'd ask before I start trying to
> bisect the fourth independent suspend/resume related issue in this
> merge window..
>
> When I suspend/resume while logged in by closing the lid on my laptop
> on FC14, it causes the gnome-screensaver-dialog to start up. So far so
> fine, that's what I want, and it all works fin in 2.6.37.
>
> But in current -git (and in -rc8, so it's not changed by your latest
> pull request), gnome-screensaver-dialog gets stuck after I type in my
> password, making the box basically useless.
>
> So I straced it over the network, and if I attach _when_ it is already
> stuck, it immediately becomes unstuck. But if I attach to it before
> typing my password, I can see the hang in strace, and it looks like
> this:
>
> ...
> read(3, 0x9806500, 4096) = -1 EAGAIN (Resource
> temporarily unavailable)
> poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}, {fd=12,
> events=POLLIN|POLLPRI}, {fd=14, events=POLLIN|POLLPRI}, {fd=9,
> events=POLLIN|POLLPRI}, {fd=10, events=POLLIN|POLLPRI}, {fd=15,
> events=POLLIN}, {fd=16, events=POLLIN}, {fd=17, events=0}, {fd=19,
> events=POLLIN}], 10, -1) = ? ERESTART_RESTARTBLOCK (To be restarted)
> restart_syscall(
>
> and that's it - it's now hung. So why did it work when I straced it
> while hung? And why is it doing that ERESTART_RESTARTBLOCK in the
> first place, I'm not seeing any signals there?
>
> So I tried sending it a useless signal, which will re-animate the
> strace, and now I get:
>
> restart_syscall(<... resuming interrupted call ...>) = 1
> --- SIGWINCH (Window changed) @ 0 (0) ---
> poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
>
> Whee. That signal got it started again, and the poll finished immediately.
>
> And how/why did the input to the poll apparently change? That looks
> suspicious too. Might be some odd strace artifact, but whatever.
>
> So I'm contacting you because that fd=3 is a socket (I didn't check
> details), and because anything I find in the git logs that discusses
> "poll" seems to be network-related. So I'm wondering it this rings any
> bells, because bisecting this is going to be painful as hell (since I
> have to carefully work around all the _other_ problems I've bisected
> on that machine while doing so).
>
Do you know the type of socket ? UNIX or INET ?
You could try a revert of 2c6607c611cb7bf0a6750bcea3
(net: add POLLPRI to sock_def_readable())
But I dont understand how it could hurt...
^ permalink raw reply
* Re: [GIT] Networking
From: Linus Torvalds @ 2011-01-20 21:12 UTC (permalink / raw)
To: David Miller; +Cc: akpm, netdev, linux-kernel
In-Reply-To: <20110119.180418.216749267.davem@davemloft.net>
On Wed, Jan 19, 2011 at 6:04 PM, David Miller <davem@davemloft.net> wrote:
>
> 1) Revert a netlink flag sanity check that is causing regressions in
> existing applications.
...
This is a long-shot, but I thought I'd ask before I start trying to
bisect the fourth independent suspend/resume related issue in this
merge window..
When I suspend/resume while logged in by closing the lid on my laptop
on FC14, it causes the gnome-screensaver-dialog to start up. So far so
fine, that's what I want, and it all works fin in 2.6.37.
But in current -git (and in -rc8, so it's not changed by your latest
pull request), gnome-screensaver-dialog gets stuck after I type in my
password, making the box basically useless.
So I straced it over the network, and if I attach _when_ it is already
stuck, it immediately becomes unstuck. But if I attach to it before
typing my password, I can see the hang in strace, and it looks like
this:
...
read(3, 0x9806500, 4096) = -1 EAGAIN (Resource
temporarily unavailable)
poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}, {fd=12,
events=POLLIN|POLLPRI}, {fd=14, events=POLLIN|POLLPRI}, {fd=9,
events=POLLIN|POLLPRI}, {fd=10, events=POLLIN|POLLPRI}, {fd=15,
events=POLLIN}, {fd=16, events=POLLIN}, {fd=17, events=0}, {fd=19,
events=POLLIN}], 10, -1) = ? ERESTART_RESTARTBLOCK (To be restarted)
restart_syscall(
and that's it - it's now hung. So why did it work when I straced it
while hung? And why is it doing that ERESTART_RESTARTBLOCK in the
first place, I'm not seeing any signals there?
So I tried sending it a useless signal, which will re-animate the
strace, and now I get:
restart_syscall(<... resuming interrupted call ...>) = 1
--- SIGWINCH (Window changed) @ 0 (0) ---
poll([{fd=3, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}])
Whee. That signal got it started again, and the poll finished immediately.
And how/why did the input to the poll apparently change? That looks
suspicious too. Might be some odd strace artifact, but whatever.
So I'm contacting you because that fd=3 is a socket (I didn't check
details), and because anything I find in the git logs that discusses
"poll" seems to be network-related. So I'm wondering it this rings any
bells, because bisecting this is going to be painful as hell (since I
have to carefully work around all the _other_ problems I've bisected
on that machine while doing so).
Linus
^ permalink raw reply
* Re: [Bugme-new] [Bug 27212] New: Warning kmemcheck: Caught 64-bit read from uninitialized memory in netlink_broadcast_filtered
From: Eric Dumazet @ 2011-01-20 20:41 UTC (permalink / raw)
To: Andrew Morton
Cc: netdev, bugzilla-daemon, bugme-daemon, casteyde.christian,
Changli Gao, Vegard Nossum, Pekka Enberg
In-Reply-To: <20110120122549.85863a84.akpm@linux-foundation.org>
Le jeudi 20 janvier 2011 à 12:25 -0800, Andrew Morton a écrit :
> (switched to email. Please respond via emailed reply-to-all, not via the
> bugzilla web interface).
>
> On Thu, 20 Jan 2011 20:08:32 GMT
> bugzilla-daemon@bugzilla.kernel.org wrote:
>
> > https://bugzilla.kernel.org/show_bug.cgi?id=27212
> >
> > Summary: Warning kmemcheck: Caught 64-bit read from
> > uninitialized memory in netlink_broadcast_filtered
> > Product: Other
> > Version: 2.5
> > Kernel Version: 2.6.38-rc1
> > Platform: All
> > OS/Version: Linux
> > Tree: Mainline
> > Status: NEW
> > Severity: normal
> > Priority: P1
> > Component: Other
> > AssignedTo: other_other@kernel-bugs.osdl.org
> > ReportedBy: casteyde.christian@free.fr
> > Regression: Yes
> >
> >
> > Athlon 64 X2 3000 in 64bits
> > Slackware64 13.1
> > Kernel compiled with kmemcheck and other debug options
> >
> > At boot I got the following warning:
> >
> > PCI: Using ACPI for IRQ routing
> > PCI: pci_cache_line_size set to 64 bytes
> > pci 0000:00:00.0: address space collision: [mem 0xe0000000-0xefffffff pref]
> > conflicts with GART [mem 0x
> > e0000000-0xefffffff]
> > reserve RAM buffer: 000000000009fc00 - 000000000009ffff
> > reserve RAM buffer: 000000003ffb0000 - 000000003fffffff
> > WARNING: kmemcheck: Caught 64-bit read from uninitialized memory
> > (ffff88003e170eb0)
> > 0000000000000000010000000000000000000000000000000000000000000000
> > i i i i i i i i i i i i u u u u u u u u u u u u u u u u u u u u
> > ^
> >
> > Pid: 1, comm: swapper Not tainted 2.6.38-rc1 #2 K8 Combo-Z/K8 Combo-Z
> > RIP: 0010:[<ffffffff8127ad72>] [<ffffffff8127ad72>] memmove+0x122/0x1a0
> > RSP: 0018:ffff88003e0b3c60 EFLAGS: 00010202
> > RAX: ffff88003e170080 RBX: ffff88003e27b500 RCX: 0000000000000020
> > RDX: 0000000000000018 RSI: ffff88003e170ea0 RDI: ffff88003e1700a0
> > RBP: ffff88003e0b3c60 R08: 0000000000000001 R09: 0000000000000001
> > R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
> > R13: 0000000000000080 R14: 0000000000000000 R15: 0000000000000001
> > FS: 0000000000000000(0000) GS:ffff88003fc00000(0000) knlGS:0000000000000000
> > CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> > CR2: ffff88003e018abc CR3: 0000000001a1c000 CR4: 00000000000006f0
> > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> > DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
> > [<ffffffff814741c2>] pskb_expand_head+0xc2/0x2a0
> > [<ffffffff81498fa7>] netlink_broadcast_filtered+0xa7/0x4a0
> > [<ffffffff814993b8>] netlink_broadcast+0x18/0x20
> > [<ffffffff8149b884>] genlmsg_mcast+0x144/0x180
> > [<ffffffff8149bc4a>] genl_ctrl_event+0xca/0x450
> > [<ffffffff8149c75d>] genl_register_mc_group+0x10d/0x2a0
> > [<ffffffff81ad9da4>] genl_init+0x6c/0x84
> > [<ffffffff810001de>] do_one_initcall+0x3e/0x170
> > [<ffffffff81aae6ea>] kernel_init+0x197/0x21b
> > [<ffffffff81003254>] kernel_thread_helper+0x4/0x10
> > [<ffffffffffffffff>] 0xffffffffffffffff
> > pnp: PnP ACPI init
> > ACPI: bus type pnp registered
> > pnp 00:00: [bus 00-ff]
> > pnp 00:00: [io 0x0cf8-0x0cff]
> >
> > This is specific to 2.6.38-rc1.
> >
>
Likely a false positive after commit ca44ac38
(net: don't reallocate skb->head unless the current one hasn't the
needed extra size or is shared)
ksize() allows us to use a bit more than what was asked at kmalloc()
time, because of discrete kmem caches sizes.
We probably need to instruct kmemcheck of this.
^ permalink raw reply
* Re: [Bugme-new] [Bug 27212] New: Warning kmemcheck: Caught 64-bit read from uninitialized memory in netlink_broadcast_filtered
From: Andrew Morton @ 2011-01-20 20:25 UTC (permalink / raw)
To: netdev; +Cc: bugzilla-daemon, bugme-daemon, casteyde.christian
In-Reply-To: <bug-27212-10286@https.bugzilla.kernel.org/>
(switched to email. Please respond via emailed reply-to-all, not via the
bugzilla web interface).
On Thu, 20 Jan 2011 20:08:32 GMT
bugzilla-daemon@bugzilla.kernel.org wrote:
> https://bugzilla.kernel.org/show_bug.cgi?id=27212
>
> Summary: Warning kmemcheck: Caught 64-bit read from
> uninitialized memory in netlink_broadcast_filtered
> Product: Other
> Version: 2.5
> Kernel Version: 2.6.38-rc1
> Platform: All
> OS/Version: Linux
> Tree: Mainline
> Status: NEW
> Severity: normal
> Priority: P1
> Component: Other
> AssignedTo: other_other@kernel-bugs.osdl.org
> ReportedBy: casteyde.christian@free.fr
> Regression: Yes
>
>
> Athlon 64 X2 3000 in 64bits
> Slackware64 13.1
> Kernel compiled with kmemcheck and other debug options
>
> At boot I got the following warning:
>
> PCI: Using ACPI for IRQ routing
> PCI: pci_cache_line_size set to 64 bytes
> pci 0000:00:00.0: address space collision: [mem 0xe0000000-0xefffffff pref]
> conflicts with GART [mem 0x
> e0000000-0xefffffff]
> reserve RAM buffer: 000000000009fc00 - 000000000009ffff
> reserve RAM buffer: 000000003ffb0000 - 000000003fffffff
> WARNING: kmemcheck: Caught 64-bit read from uninitialized memory
> (ffff88003e170eb0)
> 0000000000000000010000000000000000000000000000000000000000000000
> i i i i i i i i i i i i u u u u u u u u u u u u u u u u u u u u
> ^
>
> Pid: 1, comm: swapper Not tainted 2.6.38-rc1 #2 K8 Combo-Z/K8 Combo-Z
> RIP: 0010:[<ffffffff8127ad72>] [<ffffffff8127ad72>] memmove+0x122/0x1a0
> RSP: 0018:ffff88003e0b3c60 EFLAGS: 00010202
> RAX: ffff88003e170080 RBX: ffff88003e27b500 RCX: 0000000000000020
> RDX: 0000000000000018 RSI: ffff88003e170ea0 RDI: ffff88003e1700a0
> RBP: ffff88003e0b3c60 R08: 0000000000000001 R09: 0000000000000001
> R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
> R13: 0000000000000080 R14: 0000000000000000 R15: 0000000000000001
> FS: 0000000000000000(0000) GS:ffff88003fc00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> CR2: ffff88003e018abc CR3: 0000000001a1c000 CR4: 00000000000006f0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
> [<ffffffff814741c2>] pskb_expand_head+0xc2/0x2a0
> [<ffffffff81498fa7>] netlink_broadcast_filtered+0xa7/0x4a0
> [<ffffffff814993b8>] netlink_broadcast+0x18/0x20
> [<ffffffff8149b884>] genlmsg_mcast+0x144/0x180
> [<ffffffff8149bc4a>] genl_ctrl_event+0xca/0x450
> [<ffffffff8149c75d>] genl_register_mc_group+0x10d/0x2a0
> [<ffffffff81ad9da4>] genl_init+0x6c/0x84
> [<ffffffff810001de>] do_one_initcall+0x3e/0x170
> [<ffffffff81aae6ea>] kernel_init+0x197/0x21b
> [<ffffffff81003254>] kernel_thread_helper+0x4/0x10
> [<ffffffffffffffff>] 0xffffffffffffffff
> pnp: PnP ACPI init
> ACPI: bus type pnp registered
> pnp 00:00: [bus 00-ff]
> pnp 00:00: [io 0x0cf8-0x0cff]
>
> This is specific to 2.6.38-rc1.
>
^ permalink raw reply
* [PATCH 7/7] netfilter: add a missing include in nf_conntrack_reasm.c
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem
Cc: netfilter-devel, netdev, Eric Dumazet, KOVACS Krisztian,
Patrick McHardy
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Eric Dumazet <eric.dumazet@gmail.com>
After commit ae90bdeaeac6b (netfilter: fix compilation when conntrack is
disabled but tproxy is enabled) we have following warnings :
net/ipv6/netfilter/nf_conntrack_reasm.c:520:16: warning: symbol
'nf_ct_frag6_gather' was not declared. Should it be static?
net/ipv6/netfilter/nf_conntrack_reasm.c:591:6: warning: symbol
'nf_ct_frag6_output' was not declared. Should it be static?
net/ipv6/netfilter/nf_conntrack_reasm.c:612:5: warning: symbol
'nf_ct_frag6_init' was not declared. Should it be static?
net/ipv6/netfilter/nf_conntrack_reasm.c:640:6: warning: symbol
'nf_ct_frag6_cleanup' was not declared. Should it be static?
Fix this including net/netfilter/ipv6/nf_defrag_ipv6.h
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
CC: KOVACS Krisztian <hidden@balabit.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 66e003e..0857272 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -45,6 +45,7 @@
#include <linux/netfilter_ipv6.h>
#include <linux/kernel.h>
#include <linux/module.h>
+#include <net/netfilter/ipv6/nf_defrag_ipv6.h>
struct nf_ct_frag6_skb_cb
--
1.7.3.4
^ permalink raw reply related
* [PATCH 2/7] netfilter: do not omit re-route check on NF_QUEUE verdict
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev, Florian Westphal, Patrick McHardy
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Florian Westphal <fw@strlen.de>
ret != NF_QUEUE only works in the "--queue-num 0" case; for
queues > 0 the test should be '(ret & NF_VERDICT_MASK) != NF_QUEUE'.
However, NF_QUEUE no longer DROPs the skb unconditionally if queueing
fails (due to NF_VERDICT_FLAG_QUEUE_BYPASS verdict flag), so the
re-route test should also be performed if this flag is set in the
verdict.
The full test would then look something like
&& ((ret & NF_VERDICT_MASK) == NF_QUEUE && (ret & NF_VERDICT_FLAG_QUEUE_BYPASS))
This is rather ugly, so just remove the NF_QUEUE test altogether.
The only effect is that we might perform an unnecessary route lookup
in the NF_QUEUE case.
ip6table_mangle did not have such a check.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
net/ipv4/netfilter/iptable_mangle.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c
index 294a2a3..aef5d1f 100644
--- a/net/ipv4/netfilter/iptable_mangle.c
+++ b/net/ipv4/netfilter/iptable_mangle.c
@@ -60,7 +60,7 @@ ipt_mangle_out(struct sk_buff *skb, const struct net_device *out)
ret = ipt_do_table(skb, NF_INET_LOCAL_OUT, NULL, out,
dev_net(out)->ipv4.iptable_mangle);
/* Reroute for ANY change. */
- if (ret != NF_DROP && ret != NF_STOLEN && ret != NF_QUEUE) {
+ if (ret != NF_DROP && ret != NF_STOLEN) {
iph = ip_hdr(skb);
if (iph->saddr != saddr ||
--
1.7.3.4
^ permalink raw reply related
* [PATCH 1/7] netfilter: xtables: connlimit revision 1
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev, Jan Engelhardt
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Jan Engelhardt <jengelh@medozas.de>
This adds destination address-based selection. The old "inverse"
member is overloaded (memory-wise) with a new "flags" variable,
similar to how J.Park did it with xt_string rev 1. Since revision 0
userspace only sets flag 0x1, no great changes are made to explicitly
test for different revisions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
Documentation/feature-removal-schedule.txt | 7 ++++
include/linux/netfilter/xt_connlimit.h | 12 +++++++
net/netfilter/xt_connlimit.c | 44 +++++++++++++++++++---------
3 files changed, 49 insertions(+), 14 deletions(-)
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt
index 22f1081..45cc804 100644
--- a/Documentation/feature-removal-schedule.txt
+++ b/Documentation/feature-removal-schedule.txt
@@ -576,3 +576,10 @@ Why: The functions have been superceded by cancel_delayed_work_sync()
Who: Tejun Heo <tj@kernel.org>
----------------------------
+
+What: xt_connlimit rev 0
+When: 2012
+Who: Jan Engelhardt <jengelh@medozas.de>
+Files: net/netfilter/xt_connlimit.c
+
+----------------------------
diff --git a/include/linux/netfilter/xt_connlimit.h b/include/linux/netfilter/xt_connlimit.h
index 7e3284b..8884efc 100644
--- a/include/linux/netfilter/xt_connlimit.h
+++ b/include/linux/netfilter/xt_connlimit.h
@@ -3,6 +3,11 @@
struct xt_connlimit_data;
+enum {
+ XT_CONNLIMIT_INVERT = 1 << 0,
+ XT_CONNLIMIT_DADDR = 1 << 1,
+};
+
struct xt_connlimit_info {
union {
union nf_inet_addr mask;
@@ -14,6 +19,13 @@ struct xt_connlimit_info {
#endif
};
unsigned int limit, inverse;
+ union {
+ /* revision 0 */
+ unsigned int inverse;
+
+ /* revision 1 */
+ __u32 flags;
+ };
/* Used internally by the kernel */
struct xt_connlimit_data *data __attribute__((aligned(8)));
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index 452bc16..7fd3fd5 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -193,10 +193,12 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par)
if (par->family == NFPROTO_IPV6) {
const struct ipv6hdr *iph = ipv6_hdr(skb);
- memcpy(&addr.ip6, &iph->saddr, sizeof(iph->saddr));
+ memcpy(&addr.ip6, (info->flags & XT_CONNLIMIT_DADDR) ?
+ &iph->daddr : &iph->saddr, sizeof(addr.ip6));
} else {
const struct iphdr *iph = ip_hdr(skb);
- addr.ip = iph->saddr;
+ addr.ip = (info->flags & XT_CONNLIMIT_DADDR) ?
+ iph->daddr : iph->saddr;
}
spin_lock_bh(&info->data->lock);
@@ -208,7 +210,8 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par)
/* kmalloc failed, drop it entirely */
goto hotdrop;
- return (connections > info->limit) ^ info->inverse;
+ return (connections > info->limit) ^
+ !!(info->flags & XT_CONNLIMIT_INVERT);
hotdrop:
par->hotdrop = true;
@@ -266,25 +269,38 @@ static void connlimit_mt_destroy(const struct xt_mtdtor_param *par)
kfree(info->data);
}
-static struct xt_match connlimit_mt_reg __read_mostly = {
- .name = "connlimit",
- .revision = 0,
- .family = NFPROTO_UNSPEC,
- .checkentry = connlimit_mt_check,
- .match = connlimit_mt,
- .matchsize = sizeof(struct xt_connlimit_info),
- .destroy = connlimit_mt_destroy,
- .me = THIS_MODULE,
+static struct xt_match connlimit_mt_reg[] __read_mostly = {
+ {
+ .name = "connlimit",
+ .revision = 0,
+ .family = NFPROTO_UNSPEC,
+ .checkentry = connlimit_mt_check,
+ .match = connlimit_mt,
+ .matchsize = sizeof(struct xt_connlimit_info),
+ .destroy = connlimit_mt_destroy,
+ .me = THIS_MODULE,
+ },
+ {
+ .name = "connlimit",
+ .revision = 1,
+ .family = NFPROTO_UNSPEC,
+ .checkentry = connlimit_mt_check,
+ .match = connlimit_mt,
+ .matchsize = sizeof(struct xt_connlimit_info),
+ .destroy = connlimit_mt_destroy,
+ .me = THIS_MODULE,
+ },
};
static int __init connlimit_mt_init(void)
{
- return xt_register_match(&connlimit_mt_reg);
+ return xt_register_matches(connlimit_mt_reg,
+ ARRAY_SIZE(connlimit_mt_reg));
}
static void __exit connlimit_mt_exit(void)
{
- xt_unregister_match(&connlimit_mt_reg);
+ xt_unregister_matches(connlimit_mt_reg, ARRAY_SIZE(connlimit_mt_reg));
}
module_init(connlimit_mt_init);
--
1.7.3.4
^ permalink raw reply related
* [PATCH 6/7] netfilter: nf_conntrack: fix linker error with NF_CONNTRACK_TIMESTAMP=n
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev, Patrick McHardy
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Patrick McHardy <kaber@trash.net>
net/built-in.o: In function `nf_conntrack_init_net':
net/netfilter/nf_conntrack_core.c:1521:
undefined reference to `nf_conntrack_tstamp_init'
net/netfilter/nf_conntrack_core.c:1531:
undefined reference to `nf_conntrack_tstamp_fini'
Add dummy inline functions for the =n case to fix this.
Reported-by: John Fastabend <john.r.fastabend@intel.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
include/net/netfilter/nf_conntrack_timestamp.h | 12 ++++++++++++
1 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_timestamp.h b/include/net/netfilter/nf_conntrack_timestamp.h
index f17dcb6..fc9c82b 100644
--- a/include/net/netfilter/nf_conntrack_timestamp.h
+++ b/include/net/netfilter/nf_conntrack_timestamp.h
@@ -47,7 +47,19 @@ static inline void nf_ct_set_tstamp(struct net *net, bool enable)
net->ct.sysctl_tstamp = enable;
}
+#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP
extern int nf_conntrack_tstamp_init(struct net *net);
extern void nf_conntrack_tstamp_fini(struct net *net);
+#else
+static inline int nf_conntrack_tstamp_init(struct net *net)
+{
+ return 0;
+}
+
+static inline void nf_conntrack_tstamp_fini(struct net *net)
+{
+ return;
+}
+#endif /* CONFIG_NF_CONNTRACK_TIMESTAMP */
#endif /* _NF_CONNTRACK_TSTAMP_H */
--
1.7.3.4
^ permalink raw reply related
* [PATCH 5/7] netfilter: xtables: add missing header inclusions for headers_check
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev, Jan Engelhardt
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Jan Engelhardt <jengelh@medozas.de>
Resolve these warnings on `make headers_check`:
usr/include/linux/netfilter/xt_CT.h:7: found __[us]{8,16,32,64} type
without #include <linux/types.h>
...
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
include/linux/netfilter/xt_CT.h | 2 ++
include/linux/netfilter/xt_TCPOPTSTRIP.h | 2 ++
include/linux/netfilter/xt_TPROXY.h | 2 ++
include/linux/netfilter/xt_cluster.h | 2 ++
include/linux/netfilter/xt_connlimit.h | 2 ++
include/linux/netfilter/xt_quota.h | 2 ++
include/linux/netfilter/xt_socket.h | 2 ++
include/linux/netfilter/xt_time.h | 2 ++
include/linux/netfilter/xt_u32.h | 2 ++
include/linux/netfilter_bridge/ebt_802_3.h | 2 ++
include/linux/netfilter_bridge/ebt_among.h | 2 ++
include/linux/netfilter_bridge/ebt_arp.h | 2 ++
include/linux/netfilter_bridge/ebt_ip.h | 2 ++
include/linux/netfilter_bridge/ebt_ip6.h | 2 ++
include/linux/netfilter_bridge/ebt_limit.h | 2 ++
include/linux/netfilter_bridge/ebt_log.h | 2 ++
include/linux/netfilter_bridge/ebt_mark_m.h | 2 ++
include/linux/netfilter_bridge/ebt_nflog.h | 2 ++
include/linux/netfilter_bridge/ebt_pkttype.h | 2 ++
include/linux/netfilter_bridge/ebt_stp.h | 2 ++
include/linux/netfilter_bridge/ebt_ulog.h | 2 ++
include/linux/netfilter_bridge/ebt_vlan.h | 2 ++
include/linux/netfilter_ipv4/ipt_CLUSTERIP.h | 2 ++
include/linux/netfilter_ipv4/ipt_ECN.h | 2 ++
include/linux/netfilter_ipv4/ipt_SAME.h | 2 ++
include/linux/netfilter_ipv4/ipt_TTL.h | 2 ++
include/linux/netfilter_ipv4/ipt_addrtype.h | 2 ++
include/linux/netfilter_ipv4/ipt_ah.h | 2 ++
include/linux/netfilter_ipv4/ipt_ecn.h | 2 ++
include/linux/netfilter_ipv4/ipt_ttl.h | 2 ++
include/linux/netfilter_ipv6/ip6t_HL.h | 2 ++
include/linux/netfilter_ipv6/ip6t_REJECT.h | 2 ++
include/linux/netfilter_ipv6/ip6t_ah.h | 2 ++
include/linux/netfilter_ipv6/ip6t_frag.h | 2 ++
include/linux/netfilter_ipv6/ip6t_hl.h | 2 ++
| 2 ++
include/linux/netfilter_ipv6/ip6t_mh.h | 2 ++
include/linux/netfilter_ipv6/ip6t_opts.h | 2 ++
include/linux/netfilter_ipv6/ip6t_rt.h | 1 +
39 files changed, 77 insertions(+), 0 deletions(-)
diff --git a/include/linux/netfilter/xt_CT.h b/include/linux/netfilter/xt_CT.h
index fbf4c56..b56e768 100644
--- a/include/linux/netfilter/xt_CT.h
+++ b/include/linux/netfilter/xt_CT.h
@@ -1,6 +1,8 @@
#ifndef _XT_CT_H
#define _XT_CT_H
+#include <linux/types.h>
+
#define XT_CT_NOTRACK 0x1
struct xt_ct_target_info {
diff --git a/include/linux/netfilter/xt_TCPOPTSTRIP.h b/include/linux/netfilter/xt_TCPOPTSTRIP.h
index 342ef14..7157318 100644
--- a/include/linux/netfilter/xt_TCPOPTSTRIP.h
+++ b/include/linux/netfilter/xt_TCPOPTSTRIP.h
@@ -1,6 +1,8 @@
#ifndef _XT_TCPOPTSTRIP_H
#define _XT_TCPOPTSTRIP_H
+#include <linux/types.h>
+
#define tcpoptstrip_set_bit(bmap, idx) \
(bmap[(idx) >> 5] |= 1U << (idx & 31))
#define tcpoptstrip_test_bit(bmap, idx) \
diff --git a/include/linux/netfilter/xt_TPROXY.h b/include/linux/netfilter/xt_TPROXY.h
index 8097e0b..902043c 100644
--- a/include/linux/netfilter/xt_TPROXY.h
+++ b/include/linux/netfilter/xt_TPROXY.h
@@ -1,6 +1,8 @@
#ifndef _XT_TPROXY_H
#define _XT_TPROXY_H
+#include <linux/types.h>
+
/* TPROXY target is capable of marking the packet to perform
* redirection. We can get rid of that whenever we get support for
* mutliple targets in the same rule. */
diff --git a/include/linux/netfilter/xt_cluster.h b/include/linux/netfilter/xt_cluster.h
index 66cfa3c..9b883c8 100644
--- a/include/linux/netfilter/xt_cluster.h
+++ b/include/linux/netfilter/xt_cluster.h
@@ -1,6 +1,8 @@
#ifndef _XT_CLUSTER_MATCH_H
#define _XT_CLUSTER_MATCH_H
+#include <linux/types.h>
+
enum xt_cluster_flags {
XT_CLUSTER_F_INV = (1 << 0)
};
diff --git a/include/linux/netfilter/xt_connlimit.h b/include/linux/netfilter/xt_connlimit.h
index ab1d3b5..0ca66e9 100644
--- a/include/linux/netfilter/xt_connlimit.h
+++ b/include/linux/netfilter/xt_connlimit.h
@@ -1,6 +1,8 @@
#ifndef _XT_CONNLIMIT_H
#define _XT_CONNLIMIT_H
+#include <linux/types.h>
+
struct xt_connlimit_data;
enum {
diff --git a/include/linux/netfilter/xt_quota.h b/include/linux/netfilter/xt_quota.h
index 8bda65f..ca6e03e 100644
--- a/include/linux/netfilter/xt_quota.h
+++ b/include/linux/netfilter/xt_quota.h
@@ -1,6 +1,8 @@
#ifndef _XT_QUOTA_H
#define _XT_QUOTA_H
+#include <linux/types.h>
+
enum xt_quota_flags {
XT_QUOTA_INVERT = 0x1,
};
diff --git a/include/linux/netfilter/xt_socket.h b/include/linux/netfilter/xt_socket.h
index 6f475b8..26d7217 100644
--- a/include/linux/netfilter/xt_socket.h
+++ b/include/linux/netfilter/xt_socket.h
@@ -1,6 +1,8 @@
#ifndef _XT_SOCKET_H
#define _XT_SOCKET_H
+#include <linux/types.h>
+
enum {
XT_SOCKET_TRANSPARENT = 1 << 0,
};
diff --git a/include/linux/netfilter/xt_time.h b/include/linux/netfilter/xt_time.h
index b8bd456..7c37fac 100644
--- a/include/linux/netfilter/xt_time.h
+++ b/include/linux/netfilter/xt_time.h
@@ -1,6 +1,8 @@
#ifndef _XT_TIME_H
#define _XT_TIME_H 1
+#include <linux/types.h>
+
struct xt_time_info {
__u32 date_start;
__u32 date_stop;
diff --git a/include/linux/netfilter/xt_u32.h b/include/linux/netfilter/xt_u32.h
index e8c3d87..04d1bfe 100644
--- a/include/linux/netfilter/xt_u32.h
+++ b/include/linux/netfilter/xt_u32.h
@@ -1,6 +1,8 @@
#ifndef _XT_U32_H
#define _XT_U32_H 1
+#include <linux/types.h>
+
enum xt_u32_ops {
XT_U32_AND,
XT_U32_LEFTSH,
diff --git a/include/linux/netfilter_bridge/ebt_802_3.h b/include/linux/netfilter_bridge/ebt_802_3.h
index c427764..be5be15 100644
--- a/include/linux/netfilter_bridge/ebt_802_3.h
+++ b/include/linux/netfilter_bridge/ebt_802_3.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_802_3_H
#define __LINUX_BRIDGE_EBT_802_3_H
+#include <linux/types.h>
+
#define EBT_802_3_SAP 0x01
#define EBT_802_3_TYPE 0x02
diff --git a/include/linux/netfilter_bridge/ebt_among.h b/include/linux/netfilter_bridge/ebt_among.h
index 686c961..bd4e3ad 100644
--- a/include/linux/netfilter_bridge/ebt_among.h
+++ b/include/linux/netfilter_bridge/ebt_among.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_AMONG_H
#define __LINUX_BRIDGE_EBT_AMONG_H
+#include <linux/types.h>
+
#define EBT_AMONG_DST 0x01
#define EBT_AMONG_SRC 0x02
diff --git a/include/linux/netfilter_bridge/ebt_arp.h b/include/linux/netfilter_bridge/ebt_arp.h
index e62b5af..522f3e4 100644
--- a/include/linux/netfilter_bridge/ebt_arp.h
+++ b/include/linux/netfilter_bridge/ebt_arp.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_ARP_H
#define __LINUX_BRIDGE_EBT_ARP_H
+#include <linux/types.h>
+
#define EBT_ARP_OPCODE 0x01
#define EBT_ARP_HTYPE 0x02
#define EBT_ARP_PTYPE 0x04
diff --git a/include/linux/netfilter_bridge/ebt_ip.h b/include/linux/netfilter_bridge/ebt_ip.h
index d99de58..c4bbc41 100644
--- a/include/linux/netfilter_bridge/ebt_ip.h
+++ b/include/linux/netfilter_bridge/ebt_ip.h
@@ -15,6 +15,8 @@
#ifndef __LINUX_BRIDGE_EBT_IP_H
#define __LINUX_BRIDGE_EBT_IP_H
+#include <linux/types.h>
+
#define EBT_IP_SOURCE 0x01
#define EBT_IP_DEST 0x02
#define EBT_IP_TOS 0x04
diff --git a/include/linux/netfilter_bridge/ebt_ip6.h b/include/linux/netfilter_bridge/ebt_ip6.h
index 998e9d5..42b8896 100644
--- a/include/linux/netfilter_bridge/ebt_ip6.h
+++ b/include/linux/netfilter_bridge/ebt_ip6.h
@@ -12,6 +12,8 @@
#ifndef __LINUX_BRIDGE_EBT_IP6_H
#define __LINUX_BRIDGE_EBT_IP6_H
+#include <linux/types.h>
+
#define EBT_IP6_SOURCE 0x01
#define EBT_IP6_DEST 0x02
#define EBT_IP6_TCLASS 0x04
diff --git a/include/linux/netfilter_bridge/ebt_limit.h b/include/linux/netfilter_bridge/ebt_limit.h
index 721d51f..66d80b3 100644
--- a/include/linux/netfilter_bridge/ebt_limit.h
+++ b/include/linux/netfilter_bridge/ebt_limit.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_LIMIT_H
#define __LINUX_BRIDGE_EBT_LIMIT_H
+#include <linux/types.h>
+
#define EBT_LIMIT_MATCH "limit"
/* timings are in milliseconds. */
diff --git a/include/linux/netfilter_bridge/ebt_log.h b/include/linux/netfilter_bridge/ebt_log.h
index 564beb4..7e7f1d1 100644
--- a/include/linux/netfilter_bridge/ebt_log.h
+++ b/include/linux/netfilter_bridge/ebt_log.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_LOG_H
#define __LINUX_BRIDGE_EBT_LOG_H
+#include <linux/types.h>
+
#define EBT_LOG_IP 0x01 /* if the frame is made by ip, log the ip information */
#define EBT_LOG_ARP 0x02
#define EBT_LOG_NFLOG 0x04
diff --git a/include/linux/netfilter_bridge/ebt_mark_m.h b/include/linux/netfilter_bridge/ebt_mark_m.h
index 97b96c4..410f9e5 100644
--- a/include/linux/netfilter_bridge/ebt_mark_m.h
+++ b/include/linux/netfilter_bridge/ebt_mark_m.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_MARK_M_H
#define __LINUX_BRIDGE_EBT_MARK_M_H
+#include <linux/types.h>
+
#define EBT_MARK_AND 0x01
#define EBT_MARK_OR 0x02
#define EBT_MARK_MASK (EBT_MARK_AND | EBT_MARK_OR)
diff --git a/include/linux/netfilter_bridge/ebt_nflog.h b/include/linux/netfilter_bridge/ebt_nflog.h
index 477315b..df829fc 100644
--- a/include/linux/netfilter_bridge/ebt_nflog.h
+++ b/include/linux/netfilter_bridge/ebt_nflog.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_NFLOG_H
#define __LINUX_BRIDGE_EBT_NFLOG_H
+#include <linux/types.h>
+
#define EBT_NFLOG_MASK 0x0
#define EBT_NFLOG_PREFIX_SIZE 64
diff --git a/include/linux/netfilter_bridge/ebt_pkttype.h b/include/linux/netfilter_bridge/ebt_pkttype.h
index 7c0fb0f..c241bad 100644
--- a/include/linux/netfilter_bridge/ebt_pkttype.h
+++ b/include/linux/netfilter_bridge/ebt_pkttype.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_PKTTYPE_H
#define __LINUX_BRIDGE_EBT_PKTTYPE_H
+#include <linux/types.h>
+
struct ebt_pkttype_info {
__u8 pkt_type;
__u8 invert;
diff --git a/include/linux/netfilter_bridge/ebt_stp.h b/include/linux/netfilter_bridge/ebt_stp.h
index 13a0bd4..1025b9f 100644
--- a/include/linux/netfilter_bridge/ebt_stp.h
+++ b/include/linux/netfilter_bridge/ebt_stp.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_STP_H
#define __LINUX_BRIDGE_EBT_STP_H
+#include <linux/types.h>
+
#define EBT_STP_TYPE 0x0001
#define EBT_STP_FLAGS 0x0002
diff --git a/include/linux/netfilter_bridge/ebt_ulog.h b/include/linux/netfilter_bridge/ebt_ulog.h
index de35a51..89a6bec 100644
--- a/include/linux/netfilter_bridge/ebt_ulog.h
+++ b/include/linux/netfilter_bridge/ebt_ulog.h
@@ -1,6 +1,8 @@
#ifndef _EBT_ULOG_H
#define _EBT_ULOG_H
+#include <linux/types.h>
+
#define EBT_ULOG_DEFAULT_NLGROUP 0
#define EBT_ULOG_DEFAULT_QTHRESHOLD 1
#define EBT_ULOG_MAXNLGROUPS 32 /* hardcoded netlink max */
diff --git a/include/linux/netfilter_bridge/ebt_vlan.h b/include/linux/netfilter_bridge/ebt_vlan.h
index 48dffc1..967d1d5 100644
--- a/include/linux/netfilter_bridge/ebt_vlan.h
+++ b/include/linux/netfilter_bridge/ebt_vlan.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_VLAN_H
#define __LINUX_BRIDGE_EBT_VLAN_H
+#include <linux/types.h>
+
#define EBT_VLAN_ID 0x01
#define EBT_VLAN_PRIO 0x02
#define EBT_VLAN_ENCAP 0x04
diff --git a/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h b/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h
index 3114f06..c6a204c 100644
--- a/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h
+++ b/include/linux/netfilter_ipv4/ipt_CLUSTERIP.h
@@ -1,6 +1,8 @@
#ifndef _IPT_CLUSTERIP_H_target
#define _IPT_CLUSTERIP_H_target
+#include <linux/types.h>
+
enum clusterip_hashmode {
CLUSTERIP_HASHMODE_SIP = 0,
CLUSTERIP_HASHMODE_SIP_SPT,
diff --git a/include/linux/netfilter_ipv4/ipt_ECN.h b/include/linux/netfilter_ipv4/ipt_ECN.h
index c6e3e01..bb88d53 100644
--- a/include/linux/netfilter_ipv4/ipt_ECN.h
+++ b/include/linux/netfilter_ipv4/ipt_ECN.h
@@ -8,6 +8,8 @@
*/
#ifndef _IPT_ECN_TARGET_H
#define _IPT_ECN_TARGET_H
+
+#include <linux/types.h>
#include <linux/netfilter/xt_DSCP.h>
#define IPT_ECN_IP_MASK (~XT_DSCP_MASK)
diff --git a/include/linux/netfilter_ipv4/ipt_SAME.h b/include/linux/netfilter_ipv4/ipt_SAME.h
index fa0ebec..5bca782 100644
--- a/include/linux/netfilter_ipv4/ipt_SAME.h
+++ b/include/linux/netfilter_ipv4/ipt_SAME.h
@@ -1,6 +1,8 @@
#ifndef _IPT_SAME_H
#define _IPT_SAME_H
+#include <linux/types.h>
+
#define IPT_SAME_MAX_RANGE 10
#define IPT_SAME_NODST 0x01
diff --git a/include/linux/netfilter_ipv4/ipt_TTL.h b/include/linux/netfilter_ipv4/ipt_TTL.h
index f6250e4..f6ac169 100644
--- a/include/linux/netfilter_ipv4/ipt_TTL.h
+++ b/include/linux/netfilter_ipv4/ipt_TTL.h
@@ -4,6 +4,8 @@
#ifndef _IPT_TTL_H
#define _IPT_TTL_H
+#include <linux/types.h>
+
enum {
IPT_TTL_SET = 0,
IPT_TTL_INC,
diff --git a/include/linux/netfilter_ipv4/ipt_addrtype.h b/include/linux/netfilter_ipv4/ipt_addrtype.h
index f29c3cf..0da4223 100644
--- a/include/linux/netfilter_ipv4/ipt_addrtype.h
+++ b/include/linux/netfilter_ipv4/ipt_addrtype.h
@@ -1,6 +1,8 @@
#ifndef _IPT_ADDRTYPE_H
#define _IPT_ADDRTYPE_H
+#include <linux/types.h>
+
enum {
IPT_ADDRTYPE_INVERT_SOURCE = 0x0001,
IPT_ADDRTYPE_INVERT_DEST = 0x0002,
diff --git a/include/linux/netfilter_ipv4/ipt_ah.h b/include/linux/netfilter_ipv4/ipt_ah.h
index 8fea283..4e02bb0 100644
--- a/include/linux/netfilter_ipv4/ipt_ah.h
+++ b/include/linux/netfilter_ipv4/ipt_ah.h
@@ -1,6 +1,8 @@
#ifndef _IPT_AH_H
#define _IPT_AH_H
+#include <linux/types.h>
+
struct ipt_ah {
__u32 spis[2]; /* Security Parameter Index */
__u8 invflags; /* Inverse flags */
diff --git a/include/linux/netfilter_ipv4/ipt_ecn.h b/include/linux/netfilter_ipv4/ipt_ecn.h
index 78b98aa..eabf95f 100644
--- a/include/linux/netfilter_ipv4/ipt_ecn.h
+++ b/include/linux/netfilter_ipv4/ipt_ecn.h
@@ -8,6 +8,8 @@
*/
#ifndef _IPT_ECN_H
#define _IPT_ECN_H
+
+#include <linux/types.h>
#include <linux/netfilter/xt_dscp.h>
#define IPT_ECN_IP_MASK (~XT_DSCP_MASK)
diff --git a/include/linux/netfilter_ipv4/ipt_ttl.h b/include/linux/netfilter_ipv4/ipt_ttl.h
index 93d9a06..37bee44 100644
--- a/include/linux/netfilter_ipv4/ipt_ttl.h
+++ b/include/linux/netfilter_ipv4/ipt_ttl.h
@@ -4,6 +4,8 @@
#ifndef _IPT_TTL_H
#define _IPT_TTL_H
+#include <linux/types.h>
+
enum {
IPT_TTL_EQ = 0, /* equals */
IPT_TTL_NE, /* not equals */
diff --git a/include/linux/netfilter_ipv6/ip6t_HL.h b/include/linux/netfilter_ipv6/ip6t_HL.h
index 81cdaf0..ebd8ead 100644
--- a/include/linux/netfilter_ipv6/ip6t_HL.h
+++ b/include/linux/netfilter_ipv6/ip6t_HL.h
@@ -5,6 +5,8 @@
#ifndef _IP6T_HL_H
#define _IP6T_HL_H
+#include <linux/types.h>
+
enum {
IP6T_HL_SET = 0,
IP6T_HL_INC,
diff --git a/include/linux/netfilter_ipv6/ip6t_REJECT.h b/include/linux/netfilter_ipv6/ip6t_REJECT.h
index b999aa4..205ed62 100644
--- a/include/linux/netfilter_ipv6/ip6t_REJECT.h
+++ b/include/linux/netfilter_ipv6/ip6t_REJECT.h
@@ -1,6 +1,8 @@
#ifndef _IP6T_REJECT_H
#define _IP6T_REJECT_H
+#include <linux/types.h>
+
enum ip6t_reject_with {
IP6T_ICMP6_NO_ROUTE,
IP6T_ICMP6_ADM_PROHIBITED,
diff --git a/include/linux/netfilter_ipv6/ip6t_ah.h b/include/linux/netfilter_ipv6/ip6t_ah.h
index a602c16..5da2b65 100644
--- a/include/linux/netfilter_ipv6/ip6t_ah.h
+++ b/include/linux/netfilter_ipv6/ip6t_ah.h
@@ -1,6 +1,8 @@
#ifndef _IP6T_AH_H
#define _IP6T_AH_H
+#include <linux/types.h>
+
struct ip6t_ah {
__u32 spis[2]; /* Security Parameter Index */
__u32 hdrlen; /* Header Length */
diff --git a/include/linux/netfilter_ipv6/ip6t_frag.h b/include/linux/netfilter_ipv6/ip6t_frag.h
index 538b31e..b47f61b 100644
--- a/include/linux/netfilter_ipv6/ip6t_frag.h
+++ b/include/linux/netfilter_ipv6/ip6t_frag.h
@@ -1,6 +1,8 @@
#ifndef _IP6T_FRAG_H
#define _IP6T_FRAG_H
+#include <linux/types.h>
+
struct ip6t_frag {
__u32 ids[2]; /* Security Parameter Index */
__u32 hdrlen; /* Header Length */
diff --git a/include/linux/netfilter_ipv6/ip6t_hl.h b/include/linux/netfilter_ipv6/ip6t_hl.h
index c6fddcb..6e76dbc 100644
--- a/include/linux/netfilter_ipv6/ip6t_hl.h
+++ b/include/linux/netfilter_ipv6/ip6t_hl.h
@@ -5,6 +5,8 @@
#ifndef _IP6T_HL_H
#define _IP6T_HL_H
+#include <linux/types.h>
+
enum {
IP6T_HL_EQ = 0, /* equals */
IP6T_HL_NE, /* not equals */
--git a/include/linux/netfilter_ipv6/ip6t_ipv6header.h b/include/linux/netfilter_ipv6/ip6t_ipv6header.h
index 73d53bd..efae3a2 100644
--- a/include/linux/netfilter_ipv6/ip6t_ipv6header.h
+++ b/include/linux/netfilter_ipv6/ip6t_ipv6header.h
@@ -8,6 +8,8 @@ on whether they contain certain headers */
#ifndef __IPV6HEADER_H
#define __IPV6HEADER_H
+#include <linux/types.h>
+
struct ip6t_ipv6header_info {
__u8 matchflags;
__u8 invflags;
diff --git a/include/linux/netfilter_ipv6/ip6t_mh.h b/include/linux/netfilter_ipv6/ip6t_mh.h
index 98c8cf6..a7729a5 100644
--- a/include/linux/netfilter_ipv6/ip6t_mh.h
+++ b/include/linux/netfilter_ipv6/ip6t_mh.h
@@ -1,6 +1,8 @@
#ifndef _IP6T_MH_H
#define _IP6T_MH_H
+#include <linux/types.h>
+
/* MH matching stuff */
struct ip6t_mh {
__u8 types[2]; /* MH type range */
diff --git a/include/linux/netfilter_ipv6/ip6t_opts.h b/include/linux/netfilter_ipv6/ip6t_opts.h
index 405d309..17d419a 100644
--- a/include/linux/netfilter_ipv6/ip6t_opts.h
+++ b/include/linux/netfilter_ipv6/ip6t_opts.h
@@ -1,6 +1,8 @@
#ifndef _IP6T_OPTS_H
#define _IP6T_OPTS_H
+#include <linux/types.h>
+
#define IP6T_OPTS_OPTSNR 16
struct ip6t_opts {
diff --git a/include/linux/netfilter_ipv6/ip6t_rt.h b/include/linux/netfilter_ipv6/ip6t_rt.h
index e8dad20..7605a5f 100644
--- a/include/linux/netfilter_ipv6/ip6t_rt.h
+++ b/include/linux/netfilter_ipv6/ip6t_rt.h
@@ -1,6 +1,7 @@
#ifndef _IP6T_RT_H
#define _IP6T_RT_H
+#include <linux/types.h>
/*#include <linux/in6.h>*/
#define IP6T_RT_HOPS 16
--
1.7.3.4
^ permalink raw reply related
* [PATCH 4/7] netfilter: nf_nat: place conntrack in source hash after SNAT is done
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev, Changli Gao, Patrick McHardy
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Changli Gao <xiaosuo@gmail.com>
If SNAT isn't done, the wrong info maybe got by the other cts.
As the filter table is after DNAT table, the packets dropped in filter
table also bother bysource hash table.
Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
net/ipv4/netfilter/nf_nat_core.c | 18 +++++++++++-------
1 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
index 3002c04..21bcf47 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -221,7 +221,14 @@ get_unique_tuple(struct nf_conntrack_tuple *tuple,
manips not an issue. */
if (maniptype == IP_NAT_MANIP_SRC &&
!(range->flags & IP_NAT_RANGE_PROTO_RANDOM)) {
- if (find_appropriate_src(net, zone, orig_tuple, tuple, range)) {
+ /* try the original tuple first */
+ if (in_range(orig_tuple, range)) {
+ if (!nf_nat_used_tuple(orig_tuple, ct)) {
+ *tuple = *orig_tuple;
+ return;
+ }
+ } else if (find_appropriate_src(net, zone, orig_tuple, tuple,
+ range)) {
pr_debug("get_unique_tuple: Found current src map\n");
if (!nf_nat_used_tuple(tuple, ct))
return;
@@ -266,7 +273,6 @@ nf_nat_setup_info(struct nf_conn *ct,
struct net *net = nf_ct_net(ct);
struct nf_conntrack_tuple curr_tuple, new_tuple;
struct nf_conn_nat *nat;
- int have_to_hash = !(ct->status & IPS_NAT_DONE_MASK);
/* nat helper or nfctnetlink also setup binding */
nat = nfct_nat(ct);
@@ -306,8 +312,7 @@ nf_nat_setup_info(struct nf_conn *ct,
ct->status |= IPS_DST_NAT;
}
- /* Place in source hash if this is the first time. */
- if (have_to_hash) {
+ if (maniptype == IP_NAT_MANIP_SRC) {
unsigned int srchash;
srchash = hash_by_src(net, nf_ct_zone(ct),
@@ -535,7 +540,7 @@ static void nf_nat_cleanup_conntrack(struct nf_conn *ct)
if (nat == NULL || nat->ct == NULL)
return;
- NF_CT_ASSERT(nat->ct->status & IPS_NAT_DONE_MASK);
+ NF_CT_ASSERT(nat->ct->status & IPS_SRC_NAT_DONE);
spin_lock_bh(&nf_nat_lock);
hlist_del_rcu(&nat->bysource);
@@ -548,11 +553,10 @@ static void nf_nat_move_storage(void *new, void *old)
struct nf_conn_nat *old_nat = old;
struct nf_conn *ct = old_nat->ct;
- if (!ct || !(ct->status & IPS_NAT_DONE_MASK))
+ if (!ct || !(ct->status & IPS_SRC_NAT_DONE))
return;
spin_lock_bh(&nf_nat_lock);
- new_nat->ct = ct;
hlist_replace_rcu(&old_nat->bysource, &new_nat->bysource);
spin_unlock_bh(&nf_nat_lock);
}
--
1.7.3.4
^ permalink raw reply related
* [PATCH 3/7] netfilter: xtables: remove duplicate member
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev, Jan Engelhardt
In-Reply-To: <1295554966-5263-1-git-send-email-kaber@trash.net>
From: Jan Engelhardt <jengelh@medozas.de>
Accidentally missed removing the old out-of-union "inverse" member,
which caused the struct size to change which then gives size mismatch
warnings when using an old iptables.
It is interesting to see that gcc did not warn about this before.
(Filed http://gcc.gnu.org/bugzilla/show_bug.cgi?id=47376 )
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
include/linux/netfilter/xt_connlimit.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/linux/netfilter/xt_connlimit.h b/include/linux/netfilter/xt_connlimit.h
index 8884efc..ab1d3b5 100644
--- a/include/linux/netfilter/xt_connlimit.h
+++ b/include/linux/netfilter/xt_connlimit.h
@@ -18,7 +18,7 @@ struct xt_connlimit_info {
};
#endif
};
- unsigned int limit, inverse;
+ unsigned int limit;
union {
/* revision 0 */
unsigned int inverse;
--
1.7.3.4
^ permalink raw reply related
* [PATCH 0/7] netfilter: netfilter fixes for net-next
From: kaber @ 2011-01-20 20:22 UTC (permalink / raw)
To: davem; +Cc: netfilter-devel, netdev
the following patches fix a couple of problems in yesterdays netfilter pull,
as well as a few unrelated bugs:
- an inconsistency in rerouting with userspace queueing when using queue
numbers other than zero, from Florian
- a duplicate member in the xt_connlimit_info struct, from Jan
- a missing include in nf_conntrack_reasm, from Eric
- a linking error with NF_CONNTRACK_TIMESTAMP=n, from myself
- missing linux/types.h includes in netfilter headers after the change
to use __[us]XX types, from Jan
Additionally a few new features are contained:
- connlimit revision 1, supporting limiting by destination
- NAT fixes for source address selection, from Changli
Please apply or pull from:
git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6.git master
Thanks!
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox