From 5c41542bdeaafe922a07bcdebc10d96a3b8ffeee Mon Sep 17 00:00:00 2001 From: Adrian Bunk Date: Tue, 30 Oct 2007 15:34:34 -0700 Subject: [WAN]: fix drivers/net/wan/lmc/ compilation Signed-off-by: Adrian Bunk Signed-off-by: David S. Miller --- drivers/net/wan/lmc/lmc_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wan/lmc/lmc_main.c b/drivers/net/wan/lmc/lmc_main.c index 64eb5789360..37c52e13175 100644 --- a/drivers/net/wan/lmc/lmc_main.c +++ b/drivers/net/wan/lmc/lmc_main.c @@ -234,7 +234,7 @@ int lmc_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) /*fold00*/ sc->lmc_xinfo.Magic1 = 0xDEADBEEF; if (copy_to_user(ifr->ifr_data, &sc->lmc_xinfo, - sizeof(struct lmc_xinfo))) { + sizeof(struct lmc_xinfo))) ret = -EFAULT; else ret = 0; -- cgit v1.2.3 From 93ee31f14f6f7b5b427c2fdc715d5571eb0be9e5 Mon Sep 17 00:00:00 2001 From: Daniel Lezcano Date: Tue, 30 Oct 2007 15:38:18 -0700 Subject: [NET]: Fix free_netdev on register_netdev failure. Point 1: The unregistering of a network device schedule a netdev_run_todo. This function calls dev->destructor when it is set and the destructor calls free_netdev. Point 2: In the case of an initialization of a network device the usual code is: * alloc_netdev * register_netdev -> if this one fails, call free_netdev and exit with error. Point 3: In the register_netdevice function at the later state, when the device is at the registered state, a call to the netdevice_notifiers is made. If one of the notification falls into an error, a rollback to the registered state is done using unregister_netdevice. Conclusion: When a network device fails to register during initialization because one network subsystem returned an error during a notification call chain, the network device is freed twice because of fact 1 and fact 2. The second free_netdev will be done with an invalid pointer. Proposed solution: The following patch move all the code of unregister_netdevice *except* the call to net_set_todo, to a new function "rollback_registered". The following functions are changed in this way: * register_netdevice: calls rollback_registered when a notification fails * unregister_netdevice: calls rollback_register + net_set_todo, the call order to net_set_todo is changed because it is the latest now. Since it justs add an element to a list that should not break anything. Signed-off-by: Daniel Lezcano Signed-off-by: David S. Miller --- net/core/dev.c | 112 ++++++++++++++++++++++++++++++--------------------------- 1 file changed, 59 insertions(+), 53 deletions(-) diff --git a/net/core/dev.c b/net/core/dev.c index 02e7d8377c4..91ece48e127 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -3496,6 +3496,60 @@ static void net_set_todo(struct net_device *dev) spin_unlock(&net_todo_list_lock); } +static void rollback_registered(struct net_device *dev) +{ + BUG_ON(dev_boot_phase); + ASSERT_RTNL(); + + /* Some devices call without registering for initialization unwind. */ + if (dev->reg_state == NETREG_UNINITIALIZED) { + printk(KERN_DEBUG "unregister_netdevice: device %s/%p never " + "was registered\n", dev->name, dev); + + WARN_ON(1); + return; + } + + BUG_ON(dev->reg_state != NETREG_REGISTERED); + + /* If device is running, close it first. */ + dev_close(dev); + + /* And unlink it from device chain. */ + unlist_netdevice(dev); + + dev->reg_state = NETREG_UNREGISTERING; + + synchronize_net(); + + /* Shutdown queueing discipline. */ + dev_shutdown(dev); + + + /* Notify protocols, that we are about to destroy + this device. They should clean all the things. + */ + call_netdevice_notifiers(NETDEV_UNREGISTER, dev); + + /* + * Flush the unicast and multicast chains + */ + dev_addr_discard(dev); + + if (dev->uninit) + dev->uninit(dev); + + /* Notifier chain MUST detach us from master device. */ + BUG_TRAP(!dev->master); + + /* Remove entries from kobject tree */ + netdev_unregister_kobject(dev); + + synchronize_net(); + + dev_put(dev); +} + /** * register_netdevice - register a network device * @dev: device to register @@ -3633,8 +3687,10 @@ int register_netdevice(struct net_device *dev) /* Notify protocols, that a new device appeared. */ ret = call_netdevice_notifiers(NETDEV_REGISTER, dev); ret = notifier_to_errno(ret); - if (ret) - unregister_netdevice(dev); + if (ret) { + rollback_registered(dev); + dev->reg_state = NETREG_UNREGISTERED; + } out: return ret; @@ -3911,59 +3967,9 @@ void synchronize_net(void) void unregister_netdevice(struct net_device *dev) { - BUG_ON(dev_boot_phase); - ASSERT_RTNL(); - - /* Some devices call without registering for initialization unwind. */ - if (dev->reg_state == NETREG_UNINITIALIZED) { - printk(KERN_DEBUG "unregister_netdevice: device %s/%p never " - "was registered\n", dev->name, dev); - - WARN_ON(1); - return; - } - - BUG_ON(dev->reg_state != NETREG_REGISTERED); - - /* If device is running, close it first. */ - dev_close(dev); - - /* And unlink it from device chain. */ - unlist_netdevice(dev); - - dev->reg_state = NETREG_UNREGISTERING; - - synchronize_net(); - - /* Shutdown queueing discipline. */ - dev_shutdown(dev); - - - /* Notify protocols, that we are about to destroy - this device. They should clean all the things. - */ - call_netdevice_notifiers(NETDEV_UNREGISTER, dev); - - /* - * Flush the unicast and multicast chains - */ - dev_addr_discard(dev); - - if (dev->uninit) - dev->uninit(dev); - - /* Notifier chain MUST detach us from master device. */ - BUG_TRAP(!dev->master); - - /* Remove entries from kobject tree */ - netdev_unregister_kobject(dev); - + rollback_registered(dev); /* Finish processing unregister after unlock */ net_set_todo(dev); - - synchronize_net(); - - dev_put(dev); } /** -- cgit v1.2.3 From 310928d9633b04866a47f07eb43c498b2d82ebcb Mon Sep 17 00:00:00 2001 From: Daniel Lezcano Date: Tue, 30 Oct 2007 15:38:57 -0700 Subject: [NETNS]: fix net released by rcu callback When a network namespace reference is held by a network subsystem, and when this reference is decremented in a rcu update callback, we must ensure that there is no more outstanding rcu update before trying to free the network namespace. In the normal case, the rcu_barrier is called when the network namespace is exiting in the cleanup_net function. But when a network namespace creation fails, and the subsystems are undone (like the cleanup), the rcu_barrier is missing. This patch adds the missing rcu_barrier. Signed-off-by: Daniel Lezcano Signed-off-by: David S. Miller --- net/core/net_namespace.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c index 6f71db8c442..662e6ea1cec 100644 --- a/net/core/net_namespace.c +++ b/net/core/net_namespace.c @@ -112,6 +112,8 @@ out_undo: if (ops->exit) ops->exit(net); } + + rcu_barrier(); goto out; } -- cgit v1.2.3 From 1675c7b254cd37cb58921abd95cdfef36ae82059 Mon Sep 17 00:00:00 2001 From: Daniel Lezcano Date: Tue, 30 Oct 2007 15:39:33 -0700 Subject: [IPV6]: remove duplicate call to proc_net_remove The file /proc/net/if_inet6 is removed twice. First time in: inet6_exit ->addrconf_cleanup And followed a few lines after by: inet6_exit -> if6_proc_exit Signed-off-by: Daniel Lezcano Signed-off-by: David S. Miller --- net/ipv6/addrconf.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 348bd8d0611..1bd8d818f8e 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -4288,8 +4288,4 @@ void __exit addrconf_cleanup(void) del_timer(&addr_chk_timer); rtnl_unlock(); - -#ifdef CONFIG_PROC_FS - proc_net_remove(&init_net, "if_inet6"); -#endif } -- cgit v1.2.3 From 07afa040252eb41f91f46f8e538b434a63122999 Mon Sep 17 00:00:00 2001 From: Alexey Dobriyan Date: Tue, 30 Oct 2007 15:40:49 -0700 Subject: [IPVS]: Remove /proc/net/ip_vs_lblcr It's under CONFIG_IP_VS_LBLCR_DEBUG option which never existed. Signed-off-by: Alexey Dobriyan Signed-off-by: David S. Miller --- net/ipv4/ipvs/ip_vs_lblcr.c | 76 --------------------------------------------- 1 file changed, 76 deletions(-) diff --git a/net/ipv4/ipvs/ip_vs_lblcr.c b/net/ipv4/ipvs/ip_vs_lblcr.c index 6a1fec416ea..427b593c106 100644 --- a/net/ipv4/ipvs/ip_vs_lblcr.c +++ b/net/ipv4/ipvs/ip_vs_lblcr.c @@ -48,8 +48,6 @@ /* for sysctl */ #include #include -/* for proc_net_create/proc_net_remove */ -#include #include #include @@ -547,71 +545,6 @@ static void ip_vs_lblcr_check_expire(unsigned long data) mod_timer(&tbl->periodic_timer, jiffies+CHECK_EXPIRE_INTERVAL); } - -#ifdef CONFIG_IP_VS_LBLCR_DEBUG -static struct ip_vs_lblcr_table *lblcr_table_list; - -/* - * /proc/net/ip_vs_lblcr to display the mappings of - * destination IP address <==> its serverSet - */ -static int -ip_vs_lblcr_getinfo(char *buffer, char **start, off_t offset, int length) -{ - off_t pos=0, begin; - int len=0, size; - struct ip_vs_lblcr_table *tbl; - unsigned long now = jiffies; - int i; - struct ip_vs_lblcr_entry *en; - - tbl = lblcr_table_list; - - size = sprintf(buffer, "LastTime Dest IP address Server set\n"); - pos += size; - len += size; - - for (i=0; ilock); - list_for_each_entry(en, &tbl->bucket[i], list) { - char tbuf[16]; - struct ip_vs_dest_list *d; - - sprintf(tbuf, "%u.%u.%u.%u", NIPQUAD(en->addr)); - size = sprintf(buffer+len, "%8lu %-16s ", - now-en->lastuse, tbuf); - - read_lock(&en->set.lock); - for (d=en->set.list; d!=NULL; d=d->next) { - size += sprintf(buffer+len+size, - "%u.%u.%u.%u ", - NIPQUAD(d->dest->addr)); - } - read_unlock(&en->set.lock); - size += sprintf(buffer+len+size, "\n"); - len += size; - pos += size; - if (pos <= offset) - len=0; - if (pos >= offset+length) { - read_unlock_bh(&tbl->lock); - goto done; - } - } - read_unlock_bh(&tbl->lock); - } - - done: - begin = len - (pos - offset); - *start = buffer + begin; - len -= begin; - if(len>length) - len = length; - return len; -} -#endif - - static int ip_vs_lblcr_init_svc(struct ip_vs_service *svc) { int i; @@ -650,9 +583,6 @@ static int ip_vs_lblcr_init_svc(struct ip_vs_service *svc) tbl->periodic_timer.expires = jiffies+CHECK_EXPIRE_INTERVAL; add_timer(&tbl->periodic_timer); -#ifdef CONFIG_IP_VS_LBLCR_DEBUG - lblcr_table_list = tbl; -#endif return 0; } @@ -843,18 +773,12 @@ static int __init ip_vs_lblcr_init(void) { INIT_LIST_HEAD(&ip_vs_lblcr_scheduler.n_list); sysctl_header = register_sysctl_table(lblcr_root_table); -#ifdef CONFIG_IP_VS_LBLCR_DEBUG - proc_net_create(&init_net, "ip_vs_lblcr", 0, ip_vs_lblcr_getinfo); -#endif return register_ip_vs_scheduler(&ip_vs_lblcr_scheduler); } static void __exit ip_vs_lblcr_cleanup(void) { -#ifdef CONFIG_IP_VS_LBLCR_DEBUG - proc_net_remove(&init_net, "ip_vs_lblcr"); -#endif unregister_sysctl_table(sysctl_header); unregister_ip_vs_scheduler(&ip_vs_lblcr_scheduler); } -- cgit v1.2.3 From 51c739d1f484b2562040a3e496dc8e1670d4e279 Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Tue, 30 Oct 2007 21:29:29 -0700 Subject: [NET]: Fix incorrect sg_mark_end() calls. This fixes scatterlist corruptions added by commit 68e3f5dd4db62619fdbe520d36c9ebf62e672256 [CRYPTO] users: Fix up scatterlist conversion errors The issue is that the code calls sg_mark_end() which clobbers the sg_page() pointer of the final scatterlist entry. The first part fo the fix makes skb_to_sgvec() do __sg_mark_end(). After considering all skb_to_sgvec() call sites the most correct solution is to call __sg_mark_end() in skb_to_sgvec() since that is what all of the callers would end up doing anyways. I suspect this might have fixed some problems in virtio_net which is the sole non-crypto user of skb_to_sgvec(). Other similar sg_mark_end() cases were converted over to __sg_mark_end() as well. Arguably sg_mark_end() is a poorly named function because it doesn't just "mark", it clears out the page pointer as a side effect, which is what led to these bugs in the first place. The one remaining plain sg_mark_end() call is in scsi_alloc_sgtable() and arguably it could be converted to __sg_mark_end() if only so that we can delete this confusing interface from linux/scatterlist.h Signed-off-by: David S. Miller --- net/core/skbuff.c | 16 +++++++++++++--- net/ipv4/esp4.c | 12 +++++++----- net/ipv4/tcp_ipv4.c | 2 +- net/ipv6/esp6.c | 13 +++++++------ net/ipv6/tcp_ipv6.c | 2 +- net/rxrpc/rxkad.c | 9 +++++---- net/sunrpc/auth_gss/gss_krb5_crypto.c | 6 +++--- 7 files changed, 37 insertions(+), 23 deletions(-) diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 573e1724019..64b50ff7a41 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -2028,8 +2028,8 @@ void __init skb_init(void) * Fill the specified scatter-gather list with mappings/pointers into a * region of the buffer space attached to a socket buffer. */ -int -skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len) +static int +__skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len) { int start = skb_headlen(skb); int i, copy = start - offset; @@ -2078,7 +2078,8 @@ skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len) if ((copy = end - offset) > 0) { if (copy > len) copy = len; - elt += skb_to_sgvec(list, sg+elt, offset - start, copy); + elt += __skb_to_sgvec(list, sg+elt, offset - start, + copy); if ((len -= copy) == 0) return elt; offset += copy; @@ -2090,6 +2091,15 @@ skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len) return elt; } +int skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len) +{ + int nsg = __skb_to_sgvec(skb, sg, offset, len); + + __sg_mark_end(&sg[nsg - 1]); + + return nsg; +} + /** * skb_cow_data - Check that a socket buffer's data buffers are writable * @skb: The socket buffer to check. diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c index cad4278025a..c31bccb9b52 100644 --- a/net/ipv4/esp4.c +++ b/net/ipv4/esp4.c @@ -111,9 +111,10 @@ static int esp_output(struct xfrm_state *x, struct sk_buff *skb) goto unlock; } sg_init_table(sg, nfrags); - sg_mark_end(sg, skb_to_sgvec(skb, sg, esph->enc_data + - esp->conf.ivlen - - skb->data, clen)); + skb_to_sgvec(skb, sg, + esph->enc_data + + esp->conf.ivlen - + skb->data, clen); err = crypto_blkcipher_encrypt(&desc, sg, sg, clen); if (unlikely(sg != &esp->sgbuf[0])) kfree(sg); @@ -205,8 +206,9 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb) goto out; } sg_init_table(sg, nfrags); - sg_mark_end(sg, skb_to_sgvec(skb, sg, sizeof(*esph) + esp->conf.ivlen, - elen)); + skb_to_sgvec(skb, sg, + sizeof(*esph) + esp->conf.ivlen, + elen); err = crypto_blkcipher_decrypt(&desc, sg, sg, elen); if (unlikely(sg != &esp->sgbuf[0])) kfree(sg); diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index d3d8d5dfcee..eec02b29ffc 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1083,7 +1083,7 @@ static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, sg_set_buf(&sg[block++], key->key, key->keylen); nbytes += key->keylen; - sg_mark_end(sg, block); + __sg_mark_end(&sg[block - 1]); /* Now store the Hash into the packet */ err = crypto_hash_init(desc); diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index ab17b5e6235..7db66f10e00 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -110,9 +110,10 @@ static int esp6_output(struct xfrm_state *x, struct sk_buff *skb) goto unlock; } sg_init_table(sg, nfrags); - sg_mark_end(sg, skb_to_sgvec(skb, sg, esph->enc_data + - esp->conf.ivlen - - skb->data, clen)); + skb_to_sgvec(skb, sg, + esph->enc_data + + esp->conf.ivlen - + skb->data, clen); err = crypto_blkcipher_encrypt(&desc, sg, sg, clen); if (unlikely(sg != &esp->sgbuf[0])) kfree(sg); @@ -209,9 +210,9 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb) } } sg_init_table(sg, nfrags); - sg_mark_end(sg, skb_to_sgvec(skb, sg, - sizeof(*esph) + esp->conf.ivlen, - elen)); + skb_to_sgvec(skb, sg, + sizeof(*esph) + esp->conf.ivlen, + elen); ret = crypto_blkcipher_decrypt(&desc, sg, sg, elen); if (unlikely(sg != &esp->sgbuf[0])) kfree(sg); diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index f1523b82cac..4b903288095 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -781,7 +781,7 @@ static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, sg_set_buf(&sg[block++], key->key, key->keylen); nbytes += key->keylen; - sg_mark_end(sg, block); + __sg_mark_end(&sg[block - 1]); /* Now store the hash into the packet */ err = crypto_hash_init(desc); diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index eebefb6ef13..c387cf68a08 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -237,7 +237,8 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call, len = data_size + call->conn->size_align - 1; len &= ~(call->conn->size_align - 1); - sg_init_table(sg, skb_to_sgvec(skb, sg, 0, len)); + sg_init_table(sg, nsg); + skb_to_sgvec(skb, sg, 0, len); crypto_blkcipher_encrypt_iv(&desc, sg, sg, len); _leave(" = 0"); @@ -344,7 +345,7 @@ static int rxkad_verify_packet_auth(const struct rxrpc_call *call, goto nomem; sg_init_table(sg, nsg); - sg_mark_end(sg, skb_to_sgvec(skb, sg, 0, 8)); + skb_to_sgvec(skb, sg, 0, 8); /* start the decryption afresh */ memset(&iv, 0, sizeof(iv)); @@ -426,7 +427,7 @@ static int rxkad_verify_packet_encrypt(const struct rxrpc_call *call, } sg_init_table(sg, nsg); - sg_mark_end(sg, skb_to_sgvec(skb, sg, 0, skb->len)); + skb_to_sgvec(skb, sg, 0, skb->len); /* decrypt from the session key */ payload = call->conn->key->payload.data; @@ -701,7 +702,7 @@ static void rxkad_sg_set_buf2(struct scatterlist sg[2], nsg++; } - sg_mark_end(sg, nsg); + __sg_mark_end(&sg[nsg - 1]); ASSERTCMP(sg[0].length + sg[1].length, ==, buflen); } diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index 91cd8f0d1e1..ab7cbd6575c 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c @@ -211,8 +211,8 @@ encryptor(struct scatterlist *sg, void *data) if (thislen == 0) return 0; - sg_mark_end(desc->infrags, desc->fragno); - sg_mark_end(desc->outfrags, desc->fragno); + __sg_mark_end(&desc->infrags[desc->fragno - 1]); + __sg_mark_end(&desc->outfrags[desc->fragno - 1]); ret = crypto_blkcipher_encrypt_iv(&desc->desc, desc->outfrags, desc->infrags, thislen); @@ -293,7 +293,7 @@ decryptor(struct scatterlist *sg, void *data) if (thislen == 0) return 0; - sg_mark_end(desc->frags, desc->fragno); + __sg_mark_end(&desc->frags[desc->fragno - 1]); ret = crypto_blkcipher_decrypt_iv(&desc->desc, desc->frags, desc->frags, thislen); -- cgit v1.2.3 From be48be08a829db09a4f786f44a1872ef0f533c85 Mon Sep 17 00:00:00 2001 From: Benjamin Herrenschmidt Date: Tue, 30 Oct 2007 20:40:45 -0700 Subject: [COMPAT]: Fix new dev_ifname32 returning -EFAULT A stray semicolon slipped in the patch that updated dev_ifname32 to not be inline, causing it to always return -EFAULT. This fixes it. Signed-off-by: Benjamin Herrenschmidt Signed-off-by: David S. Miller --- fs/compat_ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c index a4284ccac1f..bd26e4cbb99 100644 --- a/fs/compat_ioctl.c +++ b/fs/compat_ioctl.c @@ -322,7 +322,7 @@ static int dev_ifname32(unsigned int fd, unsigned int cmd, unsigned long arg) int err; uifr = compat_alloc_user_space(sizeof(struct ifreq)); - if (copy_in_user(uifr, compat_ptr(arg), sizeof(struct ifreq32))); + if (copy_in_user(uifr, compat_ptr(arg), sizeof(struct ifreq32))) return -EFAULT; err = sys_ioctl(fd, SIOCGIFNAME, (unsigned long)uifr); -- cgit v1.2.3 From 6cf92e98a48ba4bd5aeb8932b3844d3f8eacac76 Mon Sep 17 00:00:00 2001 From: Michal Januszewski Date: Tue, 30 Oct 2007 20:41:49 -0700 Subject: [CONNECTOR]: Fix a spurious kfree_skb() call Remove a spurious call to kfree_skb() in the connector rx_skb handler. This fixes a regression introduced by the '[NET]: make netlink user -> kernel interface synchronious' patch (cd40b7d3983c708aabe3d3008ec64ffce56d33b0) Signed-off-by: Michal Januszewski Signed-off-by: David S. Miller --- drivers/connector/connector.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/drivers/connector/connector.c b/drivers/connector/connector.c index 0e328d387af..6883fcb79ad 100644 --- a/drivers/connector/connector.c +++ b/drivers/connector/connector.c @@ -218,7 +218,7 @@ static void cn_rx_skb(struct sk_buff *__skb) skb->len < nlh->nlmsg_len || nlh->nlmsg_len > CONNECTOR_MAX_MSG_SIZE) { kfree_skb(skb); - goto out; + return; } len = NLMSG_ALIGN(nlh->nlmsg_len); @@ -229,9 +229,6 @@ static void cn_rx_skb(struct sk_buff *__skb) if (err < 0) kfree_skb(skb); } - -out: - kfree_skb(__skb); } /* -- cgit v1.2.3 From f3baa4827a4b13905dbbdddf15463541bd671dfd Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Mon, 29 Oct 2007 00:54:39 -0700 Subject: [COMPAT]: Fix build on COMPAT platforms when CONFIG_NET is disabled. Add some missing cond_syscall() entries for this case. Signed-off-by: David S. Miller --- kernel/sys_ni.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 52c7a151e29..56cb009a4b3 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -40,10 +40,14 @@ cond_syscall(sys_recvfrom); cond_syscall(sys_recv); cond_syscall(sys_socket); cond_syscall(sys_setsockopt); +cond_syscall(compat_sys_setsockopt); cond_syscall(sys_getsockopt); +cond_syscall(compat_sys_getsockopt); cond_syscall(sys_shutdown); cond_syscall(sys_sendmsg); +cond_syscall(compat_sys_sendmsg); cond_syscall(sys_recvmsg); +cond_syscall(compat_sys_recvmsg); cond_syscall(sys_socketcall); cond_syscall(sys_futex); cond_syscall(compat_sys_futex); -- cgit v1.2.3 From 97ef1bb0c8e371b7988287f38bd107c4aa14d78d Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Tue, 30 Oct 2007 21:44:00 -0700 Subject: [TIPC]: Fix headercheck wrt. tipc_config.h It wants string functions like memcpy() for inline routines, and these define userland interfaces. The only clean way to deal with this is to simply put linux/string.h into unifdef-y and have it include when not-__KERNEL__. Signed-off-by: David S. Miller --- include/linux/Kbuild | 1 + include/linux/string.h | 12 +++--------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/include/linux/Kbuild b/include/linux/Kbuild index bd33c22315c..37bfa19d806 100644 --- a/include/linux/Kbuild +++ b/include/linux/Kbuild @@ -326,6 +326,7 @@ unifdef-y += sonypi.h unifdef-y += soundcard.h unifdef-y += stat.h unifdef-y += stddef.h +unifdef-y += string.h unifdef-y += synclink.h unifdef-y += sysctl.h unifdef-y += tcp.h diff --git a/include/linux/string.h b/include/linux/string.h index 836062b7582..c5d3fcad7b5 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -3,16 +3,14 @@ /* We don't want strings.h stuff being user by user stuff by accident */ -#ifdef __KERNEL__ +#ifndef __KERNEL__ +#include +#else #include /* for inline */ #include /* for size_t */ #include /* for NULL */ -#ifdef __cplusplus -extern "C" { -#endif - extern char *strndup_user(const char __user *, long); /* @@ -111,9 +109,5 @@ extern void *kmemdup(const void *src, size_t len, gfp_t gfp); extern char **argv_split(gfp_t gfp, const char *str, int *argcp); extern void argv_free(char **argv); -#ifdef __cplusplus -} -#endif - #endif #endif /* _LINUX_STRING_H_ */ -- cgit v1.2.3 From 298bb62175a8e8c2f21f3e00543cda853f423599 Mon Sep 17 00:00:00 2001 From: Stephen Rothwell Date: Tue, 30 Oct 2007 23:57:05 -0700 Subject: [AF_KEY]: suppress a warning for 64k pages. On PowerPC allmodconfig build we get this: net/key/af_key.c:400: warning: comparison is always false due to limited range of data type Signed-off-by: Stephen Rothwell Signed-off-by: David S. Miller --- net/key/af_key.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/key/af_key.c b/net/key/af_key.c index 7969f8a716d..266f112c38c 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -395,9 +395,9 @@ static inline int pfkey_sec_ctx_len(struct sadb_x_sec_ctx *sec_ctx) static inline int verify_sec_ctx_len(void *p) { struct sadb_x_sec_ctx *sec_ctx = (struct sadb_x_sec_ctx *)p; - int len; + int len = sec_ctx->sadb_x_ctx_len; - if (sec_ctx->sadb_x_ctx_len > PAGE_SIZE) + if (len > PAGE_SIZE) return -EINVAL; len = pfkey_sec_ctx_len(sec_ctx); -- cgit v1.2.3