Furthermore, it twiddles with the details of SKB list handling
directly, which we're trying to eliminate.
Signed-off-by: David S. Miller <davem@davemloft.net>
Passive OS fingerprinting netfilter module allows to passively detect
remote OS and perform various netfilter actions based on that knowledge.
This module compares some data (WS, MSS, options and it's order, ttl, df
and others) from packets with SYN bit set with dynamically loaded OS
fingerprints.
Fingerprint matching rules can be downloaded from OpenBSD source tree
or found in archive and loaded via netfilter netlink subsystem into
the kernel via special util found in archive.
Archive contains library file (also attached), which was shipped
with iptables extensions some time ago (at least when ipt_osf existed
in patch-o-matic).
Following changes were made in this release:
* added NLM_F_CREATE/NLM_F_EXCL checks
* dropped _rcu list traversing helpers in the protected add/remove calls
* dropped unneded structures, debug prints, obscure comment and check
Fingerprints can be downloaded from
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
or can be found in archive
Example usage:
-d switch removes fingerprints
Please consider for inclusion.
Thank you.
Passive OS fingerprint homepage (archives, examples):
http://www.ioremap.net/projects/osf
Signed-off-by: Evgeniy Polyakov <zbr@ioremap.net>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Current conntrack code kills the ICMP conntrack entry as soon as
the first reply is received. This is incorrect, as we then see only
the first ICMP echo reply out of several possible duplicates as
ESTABLISHED, while the rest will be INVALID. Also this unnecessarily
increases the conntrackd traffic on H-A firewalls.
Make all the ICMP conntrack entries (including the replied ones)
last for the default of nf_conntrack_icmp{,v6}_timeout seconds.
Signed-off-by: Jan "Yenya" Kasprzak <kas@fi.muni.cz>
Signed-off-by: Patrick McHardy <kaber@trash.net>
With the re-write of the RFKILL subsystem it is now possible to easily
integrate RFKILL soft-switch support into the Bluetooth subsystem. All
Bluetooth devices will now get automatically RFKILL support.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The virtual driver implements fasync and ioctl support, but it is not used
and unneeded due to its constraints via the Bluetooth core layer. So too
just make the driver simpler, remove support for both of them.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The BKL push down added some BKL into the open callback of the virtual
driver. The driver is really simple and need no such locking and so just
remove it.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The virtual driver still uses a home grown way of waiting for events and
so just replace it with wait_event_interruptible. And while at it remove
the useless access_ok() checks.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Allowing to specify a specific misc minor number for the virtual driver
is pretty much useless and nobody is using this feature. So just remove
it and use MISC_DYNAMIC_MINOR all the time.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The Bluetooth source uses some endian conversion helpers, that in the end
translate to kernel standard routines. So remove this obfuscation since it
is fully pointless.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This adds the basic constants required to add support for L2CAP Enhanced
Retransmission feature.
Based on a patch from Nathan Holstein <nathan@lampreynetworks.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch fixes the errors without changing the l2cap.o binary:
text data bss dec hex filename
18059 568 0 18627 48c3 l2cap.o.after
18059 568 0 18627 48c3 l2cap.o.before
Signed-off-by: Gustavo F. Padovan <gustavo@las.ic.unicamp.br>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The initial value of err is not used until it is set to -ENOMEM. So just
remove the initialization completely.
Based on a patch from Gustavo F. Padovan <gustavo@las.ic.unicamp.br>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Using the L2CAP_CONF_HINT macro is easier to understand than using a
hardcoded 0x80 value.
Signed-off-by: Gustavo F. Padovan <gustavo@las.ic.unicamp.br>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Use macros instead of hardcoded numbers to make the L2CAP source code
more readable.
Signed-off-by: Gustavo F. Padovan <gustavo@las.ic.unicamp.br>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
A driver overhaul on 29 Feb 2000 (!) broke locking around fiddling with
the tx descriptor ring in start_xmit(); a follow-on "fix" removed the
broken remnants altogether. Here's a patch to restore proper locking in
the function -- the complement in the interrupt handler has been correct
all the time.
This *may* have been the reason for the occasional confusion of the chip
-- triggering a tx timeout followed by a chip reset sequence -- seen on
R4k-based DECstations with the onboard Ethernet interface. Another theory
is the confusion is due to an unindentified problem -- perhaps a silicon
erratum -- associated with the variation of the MT ASIC used to interface
the R4k CPU to the rest of the system on these computers; with its
aggressive write-back buffering the design is particularly weakly ordered
when it comes to MMIO (in the absence of ordering barriers uncached reads
are allowed to bypass earlier uncached writes, even if to the same
location), which may trigger all kinds of corner cases in peripheral
hardware as well as software.
Either way this piece of code is buggy.
Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Clarify calling context and return codes of callback methods, and
add a description of the _cmsg structure and helper functions.
Impact: documentation
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
The dereferencing of the private pointer cmsg->m in capi_cmsg2str() may
cause an Oops in case of an error, which is particularly inconvenient
as that function is typically used to format an error message. Add a
NULL pointer check to avoid this.
Impact: error handling improvement
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add kerneldoc comments for the exported funtions in capiutil.c.
Impact: documentation
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
Change the name of the Kernel CAPI exported function capi_ctr_reseted()
to something representing its purpose better.
Impact: renaming, no functional change
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
It is possible for tun_chr_close to race with dellink on the
a tun device. In which case if __tun_get runs before dellink
but dellink runs before tun_chr_close calls unregister_netdevice
we will attempt to unregister the netdevice after it is already
gone.
The two cases are already serialized on the rtnl_lock, so I have
gone for the cheap simple fix of moving rtnl_lock to cover __tun_get
in tun_chr_close. Eliminating the possibility of the tun device
being unregistered between __tun_get and unregister_netdevice in
tun_chr_close.
Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
Tested-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
BUG_ON(!test_bit(NAPI_STATE_SCHED, &n->state)) was being hit
during e100 EEH recovery. The problem source was a napi_enable
call being made during e100_io_error_detected. Napi should remain
disabled after e100_down, and only be reenabled when the interface
is recovered.
This patch also updates e100_io_error_detected in order to make
it similar to the current versions of the error_detected callback
in drivers such as e1000e and ixgbe.
Signed-off-by: Andre Detsch <adetsch@br.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
vfree() does its own 'NULL' check, so no need for check before
calling it.
Signed-off-by: Figo.zhang <figo1802@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
If mlx4_create_eq() would fail for one of EQ's assigned for
completion handling, the code would try to free the same EQ
we failed to create.
The crash was found by Christoph Lameter
Signed-off-by: Yevgeny Petrilin <yevgenyp@mellanox.co.il>
Signed-off-by: David S. Miller <davem@davemloft.net>
Use the right structure while incrementing the offset in tun_get_user.
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Increment the iovec base by the offset passed in for the initial
copy_to_user() in memcpy_to_iovecend().
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
skb_dma_unmap() is quite expensive for small packets,
because we use two different cache lines from skb_shared_info.
One to access nr_frags, one to access dma_maps[0]
Instead of dma_maps being an array of MAX_SKB_FRAGS + 1 elements,
let dma_head alone in a new dma_head field, close to nr_frags,
to reduce cache lines misses.
Tested on my dev machine (bnx2 & tg3 adapters), nice speedup !
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Get rid of num_dma_maps in struct skb_shared_info, as it seems unused.
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Remove the private definition of TRUE/FALSE and use the ones from
linux/stddef.h. Also remove the definition of BOOL which is not referenced
inside the driver anyway.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
This is a driver for the Micrel KS8842 ethernet switch.
The supplied code is for driving the KS8842 through the Timberdale FPGA
on the Russellville board, a development board for Intel Atom CPU
in the automotive area.
Signed-off-by: Richard Röjfors <richard.rojfors.ext@mocean-labs.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
On Thu, Jun 04, 2009 at 09:06:00PM +1000, Herbert Xu wrote:
>
> tun: Optimise handling of bogus gso->hdr_len
>
> As all current versions of virtio_net generate a value for the
> header length that's too small, we should optimise this so that
> we don't copy it twice. This can be done by ensuring that it is
> at least as large as the place where we'll write the checksum.
>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
With this applied we can strengthen the partial checksum check:
In skb_partial_csum_set we check to see if the checksum offset
is within the packet. However, we really should check that it
is within the skb head as that's the only bit we can modify
without copying.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
As all current versions of virtio_net generate a value for the
header length that's too small, we should optimise this so that
we don't copy it twice. This can be done by ensuring that it is
at least as large as the place where we'll write the checksum.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Through a bug in the tun driver, I noticed that virtio_net is
producing bogus hdr_len values. In particular, it only includes
the IP header in the linear area, and excludes the entire TCP
header. This causes the TCP header to be copied twice for each
packet. (The bug omitted the second copy :)
This patch corrects this.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Fixes an initialization error; the chip negotiates gigabit, but
the driver mistakenly handled it as 100Mb.
Changes based on both SiS own GPL driver and forcedeth.
Hopefully should fix
http://bugzilla.kernel.org/show_bug.cgi?id=9735http://bugzilla.kernel.org/show_bug.cgi?id=11149
Signed-off-by: Riccardo Ghetta <birrachiara@tin.it>
Signed-off-by: David S. Miller <davem@davemloft.net>
Corrected dma sync handling on small packets. Should fix
http://bugzilla.kernel.org/show_bug.cgi?id=11509
Note:
While this bug was reported only on x86_64, it could have affected
any architecture.
Signed-off-by: Riccardo Ghetta <birrachiara@tin.it>
Signed-off-by: David S. Miller <davem@davemloft.net>
Some firmware mailbox commands require the firmware to
communicate with the FCoE driver running on another
PCI function. This can potentially take several seconds.
This wait is done in process context only.
Signed-off-by: Ron Mercer <ron.mercer@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
There are 8 banks of 'sub-registers' each of which are accessed
through address/data register pair. An example would be reading
flash or the xgmac. Accessing these require the driver to wait for
a ready bit before writing the address and then accessing the data.
This patch increases the timeout to 100us to prevent timeouts
that have been seen on some platforms.
These register are accessed in process context only.
Signed-off-by: Ron Mercer <ron.mercer@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Since an FCoE function shares a port with this NIC function, the
jumbo settings must always be in place. This patch causes the
hardware to be set up for jumbo if it is not already done.
Signed-off-by: Ron Mercer <ron.mercer@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Each firmware mailbox command can have a different number of
valid data elements. When waiting for a mailbox command to
complete it the process passes it's element count and
waits for the completion. It is possible that while waiting
an unrelated firmware async event (AE) can arrive. When this
happens, the handler will over write the element count
with the value for the newly arrived AE. This can cause
the mailbox command to not get all of it's data.
This patch restores original mailbox count at the end
of the handler.
Signed-off-by: Ron Mercer <ron.mercer@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Check status on every iteration of event handler loop and exit
if an error occurred. If an error occurred then recover process
will be queued so this loop should no continue.
Signed-off-by: Ron Mercer <ron.mercer@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The smsc911x_drv_remove() function is declared with __devexit, so the
assignment to the driver structure needs __devexit_p() wrappings to prevent
build failure when hotplug is disabled.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
The smsc911x driver works fine on Blackfin systems, so add it to the arch
list in the Kconfig.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
With all the last patchsets going in for 82599 feature enablement, the
driver version needs to be increased for better identification.
Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
82599 has a FW running that helps manage the internal SFI PHY. There are
also a number of pre-production samples of these SFI-based devices in the
field. This patch adds a check to look for the firmware running on all
SFP+ based adapters, and displays a warning to the system log if a
pre-production adapter is identified. The driver will continue loading
though, with no functional degradation.
Also remove an old function prototype from ixgbe_82599.c that isn't being
used.
Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch rearranges the ixgbe_ring struct to make better use of
cacheline efficiency.
Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch enables Flow Director's ATR functionality to the main base
driver for 82599.
Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Acked-by: Mallikarjuna R Chilakala <mallikarjuna.chilakala@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch adds the functions for ixgbe to initialize Flow Director. It
also has the function APIs to add Flow Director filters from the base
driver. This also includes ATR, Application Targeted Routing, which is a
feature set of Flow Director. This is the hash-based mechanism to
automatically identify flows and add filters based on the hash, and direct
the Rx of that flow back to that same CPU.
Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>