Re: [PATCH 4/5] Correct initial and close hardware step.
On Mon, 02 Oct 2006 14:26:00 -0400 Jesse Huang <[EMAIL PROTECTED]> wrote: > Correct initial and close hardware step. Please provide a description of what was wrong with it, and how this patch fixes it, thanks. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2/5] Fix TX Pause bug (reset_tx, intr_handler)
On Mon, 02 Oct 2006 14:24:36 -0400 Jesse Huang <[EMAIL PROTECTED]> wrote: > Fix TX Pause bug (reset_tx, intr_handler) Please describe this bug more completely.How does this patch solve it? - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 5/5] Solve host error problem in low performance embedded system when continune down and up.
On Mon, 02 Oct 2006 14:26:36 -0400 Jesse Huang <[EMAIL PROTECTED]> wrote: > Solve host error problem in low performance embedded system when continune > down and up. I don't understand that. Please describe the actual problem which is being solved, as well as the means by which it was solved, thanks. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 1/5] remove TxStartThresh and RxEarlyThresh
On Mon, 02 Oct 2006 14:23:51 -0400 Jesse Huang <[EMAIL PROTECTED]> wrote: > For pattern issue need to remove TxStartThresh and RxEarlyThresh. Please describe this issue more completely. What are the implications of simply removing this feature? Presumably that code was there for a reason.. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 5/5] Solve host error problem in low performance embedded system when continune down and up.
From: Jesse Huang <[EMAIL PROTECTED]> Change Logs: Solve host error problem in low performance embedded system when continune down and up. Signed-off-by: Jesse Huang <[EMAIL PROTECTED]> --- drivers/net/sundance.c | 26 +++--- 1 files changed, 23 insertions(+), 3 deletions(-) c06c70e20a85facd640528ca66e0b579fc3ee745 diff --git a/drivers/net/sundance.c b/drivers/net/sundance.c index 14b4933..b4a6010 100755 --- a/drivers/net/sundance.c +++ b/drivers/net/sundance.c @@ -1643,6 +1643,14 @@ static int netdev_close(struct net_devic struct sk_buff *skb; int i; + /* Wait and kill tasklet */ + tasklet_kill(&np->rx_tasklet); + tasklet_kill(&np->tx_tasklet); + np->cur_tx = 0; + np->dirty_tx = 0; + np->cur_task = 0; + np->last_tx = 0; + netif_stop_queue(dev); if (netif_msg_ifdown(np)) { @@ -1663,9 +1671,20 @@ static int netdev_close(struct net_devic /* Stop the chip's Tx and Rx processes. */ iowrite16(TxDisable | RxDisable | StatsDisable, ioaddr + MACCtrl1); - /* Wait and kill tasklet */ - tasklet_kill(&np->rx_tasklet); - tasklet_kill(&np->tx_tasklet); + for (i = 2000; i > 0; i--) { + if ((ioread32(ioaddr + DMACtrl) &0xC000) == 0) + break; + mdelay(1); + } + + iowrite16(GlobalReset | DMAReset | FIFOReset | NetworkReset, ioaddr +ASICCtrl + 2); + + for (i = 2000; i > 0; i--) + { + if ((ioread16(ioaddr + ASICCtrl +2) &ResetBusy) == 0) + break; + mdelay(1); + } #ifdef __i386__ if (netif_msg_hw(np)) { @@ -1703,6 +1722,7 @@ #endif /* __i386__ debugging only */ } } for (i = 0; i < TX_RING_SIZE; i++) { + np->tx_ring[i].next_desc = 0; skb = np->tx_skbuff[i]; if (skb) { pci_unmap_single(np->pci_dev, -- 1.3.GIT - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/5] Fix TX Pause bug (reset_tx, intr_handler)
From: Jesse Huang <[EMAIL PROTECTED]> Change Logs: Fix TX Pause bug (reset_tx, intr_handler) Signed-off-by: Jesse Huang <[EMAIL PROTECTED]> --- drivers/net/sundance.c | 16 ++-- 1 files changed, 14 insertions(+), 2 deletions(-) e146d4c423de9c2e9d55fbf9c6b3abbee14ce9ac diff --git a/drivers/net/sundance.c b/drivers/net/sundance.c index a5dd1c3..11ca31e 100755 --- a/drivers/net/sundance.c +++ b/drivers/net/sundance.c @@ -1079,6 +1079,8 @@ reset_tx (struct net_device *dev) /* free all tx skbuff */ for (i = 0; i < TX_RING_SIZE; i++) { + np->tx_ring[i].next_desc = 0; + skb = np->tx_skbuff[i]; if (skb) { pci_unmap_single(np->pci_dev, @@ -1094,6 +1096,10 @@ reset_tx (struct net_device *dev) } np->cur_tx = np->dirty_tx = 0; np->cur_task = 0; + + np->last_tx = 0; + iowrite8(127, ioaddr + TxDMAPollPeriod); + iowrite16 (StatsEnable | RxEnable | TxEnable, ioaddr + MACCtrl1); return 0; } @@ -1162,8 +1168,14 @@ static irqreturn_t intr_handler(int irq, sundance_reset(dev, (NetworkReset|FIFOReset|TxReset) << 16); /* No need to reset the Tx pointer here */ } - /* Restart the Tx. */ - iowrite16 (TxEnable, ioaddr + MACCtrl1); + /* Restart the Tx. Need to make sure tx enabled */ + i = 10; + do { + iowrite16(ioread16(ioaddr + MACCtrl1) | TxEnable, ioaddr + MACCtrl1); + if (ioread16(ioaddr + MACCtrl1) & TxEnabled) + break; + mdelay(1); + } while (--i); } /* Yup, this is a documentation bug. It cost me *hours*. */ iowrite16 (0, ioaddr + TxStatus); -- 1.3.GIT - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 4/5] Correct initial and close hardware step.
From: Jesse Huang <[EMAIL PROTECTED]> Change Logs: Correct initial and close hardware step. Signed-off-by: Jesse Huang <[EMAIL PROTECTED]> --- drivers/net/sundance.c |8 1 files changed, 8 insertions(+), 0 deletions(-) 1bbb3f6231fa1f52a9f61e299f22610d357f6041 diff --git a/drivers/net/sundance.c b/drivers/net/sundance.c index 679eda4..14b4933 100755 --- a/drivers/net/sundance.c +++ b/drivers/net/sundance.c @@ -789,6 +789,7 @@ static int netdev_open(struct net_device { struct netdev_private *np = netdev_priv(dev); void __iomem *ioaddr = np->base; + unsigned long flags; int i; /* Do we need to reset the chip??? */ @@ -833,6 +834,10 @@ #endif iowrite8(0x01, ioaddr + DebugCtrl1); netif_start_queue(dev); + spin_lock_irqsave(&np->lock, flags); + reset_tx(dev); + spin_unlock_irqrestore(&np->lock, flags); + iowrite16 (StatsEnable | RxEnable | TxEnable, ioaddr + MACCtrl1); if (netif_msg_ifup(np)) @@ -1652,6 +1657,9 @@ static int netdev_close(struct net_devic /* Disable interrupts by clearing the interrupt mask. */ iowrite16(0x, ioaddr + IntrEnable); + /* Disable Rx and Tx DMA for safely release resource */ + iowrite32(0x500, ioaddr + DMACtrl); + /* Stop the chip's Tx and Rx processes. */ iowrite16(TxDisable | RxDisable | StatsDisable, ioaddr + MACCtrl1); -- 1.3.GIT - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 1/5] remove TxStartThresh and RxEarlyThresh
From: Jesse Huang <[EMAIL PROTECTED]> Change Logs: For pattern issue need to remove TxStartThresh and RxEarlyThresh. Signed-off-by: Jesse Huang <[EMAIL PROTECTED]> --- drivers/net/sundance.c |8 ++-- 1 files changed, 2 insertions(+), 6 deletions(-) 3751714e0fc36905c87a230172d9561c29321833 diff --git a/drivers/net/sundance.c b/drivers/net/sundance.c index 6b8f4ba..a5dd1c3 100755 --- a/drivers/net/sundance.c +++ b/drivers/net/sundance.c @@ -264,8 +264,6 @@ enum alta_offsets { ASICCtrl = 0x30, EEData = 0x34, EECtrl = 0x36, - TxStartThresh = 0x3c, - RxEarlyThresh = 0x3e, FlashAddr = 0x40, FlashData = 0x44, TxStatus = 0x46, @@ -,6 +1109,7 @@ static irqreturn_t intr_handler(int irq, int tx_cnt; int tx_status; int handled = 0; + int i; do { @@ -1153,17 +1152,14 @@ static irqreturn_t intr_handler(int irq, np->stats.tx_fifo_errors++; if (tx_status & 0x02) np->stats.tx_window_errors++; + /* ** This reset has been verified on ** DFE-580TX boards ! [EMAIL PROTECTED] */ if (tx_status & 0x10) { /* TxUnderrun */ - unsigned short txthreshold; - - txthreshold = ioread16 (ioaddr + TxStartThresh); /* Restart Tx FIFO and transmitter */ sundance_reset(dev, (NetworkReset|FIFOReset|TxReset) << 16); - iowrite16 (txthreshold, ioaddr + TxStartThresh); /* No need to reset the Tx pointer here */ } /* Restart the Tx. */ -- 1.3.GIT - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] Network Events Connector
This patch adds a connector which reports networking's events to userspace. It's sending events when a sock has its sk_state changed to : - LISTEN or CLOSE for DCCP and TCP - BIND or CLOSE for UDP. With this notification, a userspace tool can ask the user if he want to let the local firewall open for the corresponding sport or not, and if so open the firewall for the application which get the corresponding sport. For people behind a firewall (non-running in the user box) we can have a authentification between the user box, which have set the port to state TCP_LISTEN for example, and the firewall, in a such way that the firewall's router will forward incoming packet for this port to the user box. It will avoid adding specific rules to the user's firewall-script, and let the firewall be more interactive for users. Signed-off-by: Samir Bellabes <[EMAIL PROTECTED]> --- drivers/connector/Kconfig |8 ++ drivers/connector/Makefile |1 drivers/connector/cn_net.c | 161 include/linux/cn_net.h | 64 + include/linux/connector.h |4 + net/dccp/proto.c |6 +- net/ipv4/af_inet.c |6 ++ net/ipv4/tcp.c |5 + net/ipv4/udp.c |2 + 9 files changed, 254 insertions(+), 3 deletions(-) diff --git a/drivers/connector/Kconfig b/drivers/connector/Kconfig index e0bdc0d..bcb801f 100644 --- a/drivers/connector/Kconfig +++ b/drivers/connector/Kconfig @@ -18,4 +18,12 @@ config PROC_EVENTS Provide a connector that reports process events to userspace. Send events such as fork, exec, id change (uid, gid, suid, etc), and exit. +config NET_EVENTS + boolean "Report network events to userspace" + depends on CONNECTOR=y + default y + ---help--- + Provide a connector that reports networking's events to userspace. + Send events such as DCCP/TCP listen/close and UDP bind/close. + endmenu diff --git a/drivers/connector/Makefile b/drivers/connector/Makefile index 1f255e4..436bb5d 100644 --- a/drivers/connector/Makefile +++ b/drivers/connector/Makefile @@ -1,4 +1,5 @@ obj-$(CONFIG_CONNECTOR)+= cn.o obj-$(CONFIG_PROC_EVENTS) += cn_proc.o +obj-$(CONFIG_NET_EVENTS) += cn_net.o cn-y += cn_queue.o connector.o diff --git a/drivers/connector/cn_net.c b/drivers/connector/cn_net.c new file mode 100644 index 000..affe30a --- /dev/null +++ b/drivers/connector/cn_net.c @@ -0,0 +1,161 @@ +/* + * drivers/connector/cn_net.c + * + * Network events connector + * Samir Bellabes <[EMAIL PROTECTED]> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +MODULE_AUTHOR("Samir Bellabes <[EMAIL PROTECTED]>"); +MODULE_DESCRIPTION("Net events module"); +MODULE_LICENSE("GPL"); + +#define CN_NET_MSG_SIZE (sizeof(struct cn_msg) + sizeof(struct net_event)) + +static atomic_t net_event_num_listeners = ATOMIC_INIT(0); +static struct cb_id cn_net_event_id = { CN_IDX_NET, CN_VAL_NET }; +static char cn_net_event_name[] = "cn_net_event"; + +/** + * cn_net_event + * @sk: sock which sk->sk_state change to the state identified by @event + * @event: type of event + */ +void cn_net_event(struct sock *sk, unsigned int event) { + struct net_event *ev; + struct cn_msg *m; + struct inet_sock *inet = inet_sk(sk); + + __u8 buffer[CN_NET_MSG_SIZE]; + + if (atomic_read(&net_event_num_listeners) < 1) + goto out ; + + m = (struct cn_msg *) buffer; + ev = (struct net_event *) m->data; + + ev->event = event; + ktime_get_real_ts(&ev->timestamp); + ev->net_event_data.data.family = sk->sk_family; + ev->net_event_data.data.sport = ntohs(inet->sport); + switch (sk->sk_family) { + case AF_INET: + ev->net_event_data.data.saddr.ipv4 = inet->saddr; + break; + case AF_INET6: + memcpy(&(ev->net_event_data.data.saddr.ipv6), + &(inet->pinet6->saddr), sizeof(struct in6_addr)); + break; + default: + /* other protocol, sending nothing */ + goto out; + break; + }; + memcpy(&m->id, &cn_net_event_id, sizeof(m->id)); + m->seq = 0; + m->ack = 0; + m->len = sizeof(struct net_event); + + cn_netlink_send(m, CN_IDX_NET, gfp_any()); + +out: + return; +} +EXPORT_SYMBOL(cn_net_event); + +/** + * Send an acknowledgement message to userspace + * + * Use 0 for success, EFOO otherwise. + * Note: this is the negative of conventional kernel error + * values because
[PATCH] Introduce BROKEN_ON_64BIT facility
Add a broken-on-64bit option, similar to the existing broken-on-smp config option. This is just the first pass, marking the obvious candidates. Several driver have been marked as dependent on CONFIG_32BIT in the past, when they should really be dependent on this new CONFIG_BROKEN_ON_64BIT option, because the 32BIT marker was due to bugs rather than fundamentals. Signed-off-by: Jeff Garzik <[EMAIL PROTECTED]> drivers/atm/Kconfig|2 +- drivers/char/ftape/Kconfig |2 +- drivers/isdn/capi/Kconfig |4 ++-- drivers/isdn/hardware/eicon/Kconfig|2 +- drivers/isdn/hisax/Kconfig |1 + drivers/message/i2o/Kconfig|2 +- drivers/net/irda/Kconfig |2 +- drivers/scsi/megaraid/Kconfig.megaraid |2 +- drivers/usb/misc/sisusbvga/Kconfig |2 +- init/Kconfig |5 + sound/oss/Kconfig | 10 +- 11 files changed, 20 insertions(+), 14 deletions(-) diff --git a/drivers/atm/Kconfig b/drivers/atm/Kconfig index cfa5af8..36c0fd7 100644 --- a/drivers/atm/Kconfig +++ b/drivers/atm/Kconfig @@ -139,7 +139,7 @@ config ATM_ENI_BURST_RX_2W config ATM_FIRESTREAM tristate "Fujitsu FireStream (FS50/FS155) " - depends on PCI && ATM + depends on PCI && ATM && BROKEN_ON_64BIT help Driver for the Fujitsu FireStream 155 (MB86697) and FireStream 50 (MB86695) ATM PCI chips. diff --git a/drivers/char/ftape/Kconfig b/drivers/char/ftape/Kconfig index 0d65189..13c9460 100644 --- a/drivers/char/ftape/Kconfig +++ b/drivers/char/ftape/Kconfig @@ -56,7 +56,7 @@ comment "The compressor will be built as config ZFT_COMPRESSOR tristate - depends on FTAPE!=n && ZFTAPE!=n + depends on FTAPE!=n && ZFTAPE!=n && BROKEN_ON_64BIT default m config FT_NR_BUFFERS diff --git a/drivers/isdn/capi/Kconfig b/drivers/isdn/capi/Kconfig index 8b6c9a4..064b7bb 100644 --- a/drivers/isdn/capi/Kconfig +++ b/drivers/isdn/capi/Kconfig @@ -21,7 +21,7 @@ config ISDN_CAPI_MIDDLEWARE config ISDN_CAPI_CAPI20 tristate "CAPI2.0 /dev/capi support" - depends on ISDN_CAPI + depends on ISDN_CAPI && BROKEN_ON_64BIT help This option will provide the CAPI 2.0 interface to userspace applications via /dev/capi20. Applications should use the @@ -44,7 +44,7 @@ config ISDN_CAPI_CAPIFS config ISDN_CAPI_CAPIDRV tristate "CAPI2.0 capidrv interface support" - depends on ISDN_CAPI && ISDN_I4L + depends on ISDN_CAPI && ISDN_I4L && BROKEN_ON_64BIT help This option provides the glue code to hook up CAPI driven cards to the legacy isdn4linux link layer. If you have a card which is diff --git a/drivers/isdn/hardware/eicon/Kconfig b/drivers/isdn/hardware/eicon/Kconfig index 51e66bc..d41e99d 100644 --- a/drivers/isdn/hardware/eicon/Kconfig +++ b/drivers/isdn/hardware/eicon/Kconfig @@ -32,7 +32,7 @@ config ISDN_DIVAS_PRIPCI config ISDN_DIVAS_DIVACAPI tristate "DIVA CAPI2.0 interface support" - depends on ISDN_DIVAS && ISDN_CAPI + depends on ISDN_DIVAS && ISDN_CAPI && BROKEN_ON_64BIT help You need this to provide the CAPI interface for DIVA Server cards. diff --git a/drivers/isdn/hisax/Kconfig b/drivers/isdn/hisax/Kconfig index 6dfc941..b78abd8 100644 --- a/drivers/isdn/hisax/Kconfig +++ b/drivers/isdn/hisax/Kconfig @@ -4,6 +4,7 @@ menu "Passive cards" config ISDN_DRV_HISAX tristate "HiSax SiemensChipSet driver support" + depends on BROKEN_ON_64BIT select CRC_CCITT ---help--- This is a driver supporting the Siemens chipset on various diff --git a/drivers/message/i2o/Kconfig b/drivers/message/i2o/Kconfig index 6443392..0e135ce 100644 --- a/drivers/message/i2o/Kconfig +++ b/drivers/message/i2o/Kconfig @@ -56,7 +56,7 @@ config I2O_EXT_ADAPTEC_DMA64 config I2O_CONFIG tristate "I2O Configuration support" - depends on I2O + depends on I2O && BROKEN_ON_64BIT ---help--- Say Y for support of the configuration interface for the I2O adapters. If you have a RAID controller from Adaptec and you want to use the diff --git a/drivers/net/irda/Kconfig b/drivers/net/irda/Kconfig index 7c8ccc0..f8cf8e1 100644 --- a/drivers/net/irda/Kconfig +++ b/drivers/net/irda/Kconfig @@ -145,7 +145,7 @@ comment "Old SIR device drivers" config IRPORT_SIR tristate "IrPORT (IrDA serial driver)" - depends on IRDA && BROKEN_ON_SMP + depends on IRDA && BROKEN_ON_SMP && BROKEN_ON_64BIT ---help--- Say Y here if you want to build support for the IrPORT IrDA device driver. To compile it as a module, choose M here: the module will be diff --git a/drivers/scsi/megaraid/Kconfig.megaraid b/drivers/scsi/megaraid/Kconfig.megaraid index 17419e3..6227125 100644 --- a/drivers/scsi/megaraid/Kconfig
RE: [PATCH] Fix for IPsec leakage with SELinux enabled
On Sun, 1 Oct 2006, Venkat Yekkirala wrote: > > The way I was seeing the problem was when connecting via IPsec to a > > confined service on an SELinux box (vsftpd), which did not have the > > appropriate SELinux policy permissions to send packets via IPsec. > > > > The first SYNACK would be blocked, > > Given that the resolver fails to find a policy here, I am trying to > understand what exactly is blocking it (the first SYNACK) from > proceeding without IPSec. You're right. My explanation there was for the case where I'd modified the code to propagate the SELinux denial back to xfrm_lookup(), and not for the original issue (sorry, it's been a long week). In the original case, all packets originating from a confined domain will bypass ipsec. During xfrm_lookup, flow_cache_lookup() returns NULL policy: xfrm_lookup() { ... if (!policy) { /* To accelerate a bit... */ if ((dst_orig->flags & DST_NOXFRM) || !xfrm_policy_count[XFRM_POLICY_OUT]) return 0; policy = flow_cache_lookup(fl, dst_orig->ops->family, dir, xfrm_policy_lookup); } if (!policy) return 0; <- bad ... } The call chain is: flow_cache_lookup() xfrm_policy_lookup() xfrm_policy_lookup_bytype() xfrm_policy_match() { xfrm_selector_match => returns true, then security_xfrm_policy_lookup => returns -EACCESS } then xfrm_policy_match() => returns 0 xfrm_policy_lookup_bytype => returns 0 xfrm_policy_lookup() => sets obj to NULL w/ void return flow_cache_lookup() => returns NULL xfrm_lookup => returns 0 and the packet proceeds without error and with no transform applied (i.e. leaked as cleartext). The first component of the fix is to propagate errors back up to callers via the flow cache resolver, and handle them correctly, as this is where we can experience security module denials. The second component is to then ensure that, on failure, we kill the new flow cache entry created during lookup, so that it is not subsequently looked up with a null policy (i.e. allowing future packets to leak) and to force the security hook to be called again in case the policy has changed. Hope that clarifies. - James -- James Morris <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
RE: [PATCH 7/7] secid reconciliation-v03: Enforcement for SELinux
> >>In the case above I am concerned about the situation where the > >>skb->secmark == 0 and there is a IPv4 option (i.e. it is NetLabel > >>labeled) on the packet. > > It's unfortunate that you cut out the code in your reply. It's even more unfortunate that you should say this. The proper thing to do is to simply repaste portions that you feel like you need to. Remember, we aren't opponents standing for election this season. :) - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 4/9] secid reconciliation-v04: Invoke LSM hook for outbound traffic
Invoke the skb_flow_out LSM hook for outbound traffic for secid reconciliation and flow control. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- net/netfilter/xt_CONNSECMARK.c | 72 --- net/netfilter/xt_SECMARK.c | 45 ++- 2 files changed, 100 insertions(+), 17 deletions(-) diff --git a/net/netfilter/xt_CONNSECMARK.c b/net/netfilter/xt_CONNSECMARK.c index 4673862..cca4a0c 100644 --- a/net/netfilter/xt_CONNSECMARK.c +++ b/net/netfilter/xt_CONNSECMARK.c @@ -17,6 +17,8 @@ */ #include #include +#include +#include #include #include #include @@ -29,38 +31,78 @@ MODULE_DESCRIPTION("ip[6]tables CONNSECM MODULE_ALIAS("ipt_CONNSECMARK"); MODULE_ALIAS("ip6t_CONNSECMARK"); +static inline int outbound(unsigned short family, unsigned int hooknum) +{ + if ((family == AF_INET && + (hooknum == NF_IP_POST_ROUTING || +hooknum == NF_IP_LOCAL_OUT || +hooknum == NF_IP_FORWARD)) || + (family == AF_INET6 && + (hooknum == NF_IP6_POST_ROUTING || +hooknum == NF_IP6_LOCAL_OUT || +hooknum == NF_IP6_FORWARD))) + return 1; + else + return 0; +} + /* * If the packet has a security mark and the connection does not, copy * the security mark from the packet to the connection. */ -static void secmark_save(struct sk_buff *skb) +static void secmark_save(struct sk_buff *skb, unsigned int hooknum) { if (skb->secmark) { u32 *connsecmark; enum ip_conntrack_info ctinfo; connsecmark = nf_ct_get_secmark(skb, &ctinfo); - if (connsecmark && !*connsecmark) + if (connsecmark) if (*connsecmark != skb->secmark) *connsecmark = skb->secmark; } } /* - * If packet has no security mark, and the connection does, restore the - * security mark from the connection to the packet. + * On the inbound, restore the security mark from the connection to the packet. + * On the outbound, filter based on the current secmark. */ -static void secmark_restore(struct sk_buff *skb) +static unsigned int secmark_restore(struct sk_buff *skb, unsigned int hooknum, + const struct net_device *in, unsigned short family) { - if (!skb->secmark) { - u32 *connsecmark; - enum ip_conntrack_info ctinfo; - - connsecmark = nf_ct_get_secmark(skb, &ctinfo); - if (connsecmark && *connsecmark) - if (skb->secmark != *connsecmark) - skb->secmark = *connsecmark; + u32 *psecmark; + enum ip_conntrack_info ctinfo; + + psecmark = nf_ct_get_secmark(skb, &ctinfo); + + if (psecmark && *psecmark) { + + /* Set secmark on inbound and filter it on outbound */ + if (outbound(family, hooknum)) { + int err; + + err = security_skb_flow_out(skb, *psecmark); + if (!err) + return NF_DROP; + } else + /* +* inbound: +* loopback traffic should already be labeled +* and any filtering on outbound should suffice +*/ + if (in == &loopback_dev) + goto out; + + /* +* inbound or done with outbound check or no LSM hook +* for outbound +*/ + if (skb->secmark != *psecmark) + skb->secmark = *psecmark; } + +out: + return XT_CONTINUE; } static unsigned int target(struct sk_buff **pskb, const struct net_device *in, @@ -73,11 +115,11 @@ static unsigned int target(struct sk_buf switch (info->mode) { case CONNSECMARK_SAVE: - secmark_save(skb); + secmark_save(skb, hooknum); break; case CONNSECMARK_RESTORE: - secmark_restore(skb); + return secmark_restore(skb, hooknum, in, target->family); break; default: diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index add7521..9ecce66 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c @@ -15,8 +15,10 @@ #include #include #include +#include #include #include +#include MODULE_LICENSE("GPL"); MODULE_AUTHOR("James Morris <[EMAIL PROTECTED]>"); @@ -28,6 +30,21 @@ #define PFX "SECMARK: " static u8 mode; +static inline int outbound(unsigned short family, unsigned int hooknum) +{ + if ((family == AF_INET && + (hooknum == NF_IP_POST_ROUTING || +hooknum == NF_IP_LOCAL_OUT || +hooknum == NF_IP_FORWARD)) || + (family
[PATCH 8/9] secid reconciliation-v04: Use secmark when classifying flow using skb
This beings secmark into the picture when classifying flows using an skb. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- include/linux/security.h | 10 -- include/linux/skbuff.h | 20 2 files changed, 20 insertions(+), 10 deletions(-) --- net-2.6.sid/include/linux/security.h2006-09-30 16:02:59.0 -0500 +++ net-2.6/include/linux/security.h2006-10-01 13:07:43.0 -0500 @@ -3223,12 +3223,6 @@ static inline int security_xfrm_decode_s return security_ops->xfrm_decode_session(skb, secid, 1); } -static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl) -{ - int rc = security_ops->xfrm_decode_session(skb, &fl->secid, 0); - - BUG_ON(rc); -} #else /* CONFIG_SECURITY_NETWORK_XFRM */ static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx) { @@ -3297,10 +3291,6 @@ static inline int security_xfrm_decode_s return 0; } -static inline void security_skb_classify_flow(struct sk_buff *skb, struct flowi *fl) -{ -} - #endif /* CONFIG_SECURITY_NETWORK_XFRM */ #ifdef CONFIG_KEYS --- net-2.6.sid/include/linux/skbuff.h 2006-09-27 18:20:54.0 -0500 +++ net-2.6/include/linux/skbuff.h 2006-10-01 13:17:22.0 -0500 @@ -30,6 +30,7 @@ #include #include #include +#include #define HAVE_ALLOC_SKB /* For the drivers to know */ #define HAVE_ALIGNABLE_SKB /* Ditto 8)*/ @@ -1514,6 +1515,20 @@ static inline void security_flow_classif skb->secmark = fl->secid; } +static inline void security_skb_classify_flow(struct sk_buff *skb, + struct flowi *fl) +{ + /* +* We need to check for xfrm label here since secid reconciliation +* may or may not have happened yet and we want the +* flow to use the best available label. +*/ + int rc = security_xfrm_decode_session(skb, &fl->secid); + + if (rc || !fl->secid) + fl->secid = skb->secmark; +} + #else static inline void security_skb_classify_skb(struct sk_buff *from, @@ -1526,6 +1541,11 @@ static inline void security_flow_classif { } +static inline void security_skb_classify_flow(struct sk_buff *skb, + struct flowi *fl) +{ +} + #endif /* CONFIG_SECURITY_NETWORK */ #endif /* __KERNEL__ */ - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 5/9] secid reconciliation-v04: Label locally generated IPv6 traffic
This labels the skb(s) for locally generated IPv6 traffic. This will be used in pertinent flow control checks on the outbound later in the LSM hook. NOTE: Forwarded traffic is already labeled with the reconciled secmark on the inbound. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- include/linux/skbuff.h | 29 + net/ipv6/ip6_output.c|5 + net/ipv6/netfilter/ip6t_REJECT.c |2 ++ 3 files changed, 36 insertions(+) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 85577a4..18967f2 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -29,6 +29,7 @@ #include #include #include #include +#include #define HAVE_ALLOC_SKB /* For the drivers to know */ #define HAVE_ALIGNABLE_SKB /* Ditto 8)*/ @@ -1499,5 +1500,33 @@ static inline int skb_is_gso(const struc return skb_shinfo(skb)->gso_size; } +#ifdef CONFIG_SECURITY_NETWORK + +static inline void security_skb_classify_skb(struct sk_buff *from, + struct sk_buff *skb) +{ + skb->secmark = from->secmark; +} + +static inline void security_flow_classify_skb(struct flowi *fl, + struct sk_buff *skb) +{ + skb->secmark = fl->secid; +} + +#else + +static inline void security_skb_classify_skb(struct sk_buff *from, + struct sk_buff *skb) +{ +} + +static inline void security_flow_classify_skb(struct flowi *fl, + struct sk_buff *skb) +{ +} + +#endif /* CONFIG_SECURITY_NETWORK */ + #endif /* __KERNEL__ */ #endif /* _LINUX_SKBUFF_H */ diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 6671691..6648eb3 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -170,6 +170,8 @@ int ip6_xmit(struct sock *sk, struct sk_ int hlimit, tclass; u32 mtu; + security_flow_classify_skb(fl, skb); + if (opt) { int head_room; @@ -1150,6 +1152,9 @@ alloc_new_skb: } if (skb == NULL) goto error; + + security_flow_classify_skb(fl, skb); + /* * Fill in the control structures */ diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 311eae8..0508c30 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c @@ -128,6 +128,8 @@ static void send_reset(struct sk_buff *o ipv6_addr_copy(&ip6h->saddr, &oip6h->daddr); ipv6_addr_copy(&ip6h->daddr, &oip6h->saddr); + security_skb_classify_skb(oldskb, nskb); + tcph = (struct tcphdr *)skb_put(nskb, sizeof(struct tcphdr)); /* Truncate to length (no data) */ tcph->doff = sizeof(struct tcphdr)/4; - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 9/9] secid reconciliation-v04: Track peersecid at connection establishment
This tracks the peer's secid at connection establishment time for clients, for later retrieval using SO_PEERSEC. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- include/linux/security.h | 14 ++ net/ipv4/tcp_input.c |2 ++ security/dummy.c |6 ++ security/selinux/hooks.c |9 + 4 files changed, 31 insertions(+) --- net-2.6.sid2/include/linux/security.h 2006-10-01 13:07:43.0 -0500 +++ net-2.6/include/linux/security.h2006-10-01 15:18:23.0 -0500 @@ -826,6 +826,8 @@ struct request_sock; * Sets the openreq's sid to socket's sid with MLS portion taken from peer sid. * @inet_csk_clone: * Sets the new child socket's sid to the openreq sid. + * @inet_conn_established: + * Sets the connection's peersid to the secmark on skb. * @req_classify_flow: * Sets the flow's sid to the openreq sid. * @skb_flow_in: @@ -1380,6 +1382,7 @@ struct security_operations { int (*inet_conn_request)(struct sock *sk, struct sk_buff *skb, struct request_sock *req); void (*inet_csk_clone)(struct sock *newsk, const struct request_sock *req); + void (*inet_conn_established)(struct sock *sk, struct sk_buff *skb); void (*req_classify_flow)(const struct request_sock *req, struct flowi *fl); int (*skb_flow_in)(struct sk_buff *skb, unsigned short family); int (*skb_flow_out)(struct sk_buff *skb, u32 nf_secid); @@ -2985,6 +2988,12 @@ static inline void security_inet_csk_clo { security_ops->inet_csk_clone(newsk, req); } + +static inline void security_inet_conn_established(struct sock *sk, + struct sk_buff *skb) +{ + security_ops->inet_conn_established(sk, skb); +} #else /* CONFIG_SECURITY_NETWORK */ static inline int security_unix_stream_connect(struct socket * sock, struct socket * other, @@ -3146,6 +3155,11 @@ static inline void security_inet_csk_clo const struct request_sock *req) { } + +static inline void security_inet_conn_established(struct sock *sk, + struct sk_buff *skb) +{ +} #endif /* CONFIG_SECURITY_NETWORK */ #ifdef CONFIG_SECURITY_NETWORK_XFRM --- net-2.6.sid2/net/ipv4/tcp_input.c 2006-10-01 15:09:12.0 -0500 +++ net-2.6/net/ipv4/tcp_input.c2006-10-01 15:17:39.0 -0500 @@ -4230,6 +4230,8 @@ static int tcp_rcv_synsent_state_process mb(); tcp_set_state(sk, TCP_ESTABLISHED); + security_inet_conn_established(sk, skb); + /* Make sure socket is routed, for correct metrics. */ icsk->icsk_af_ops->rebuild_header(sk); --- net-2.6.sid2/security/dummy.c 2006-09-27 13:02:12.0 -0500 +++ net-2.6/security/dummy.c2006-10-01 15:45:26.0 -0500 @@ -828,6 +828,11 @@ static inline void dummy_inet_csk_clone( { } +static inline void dummy_inet_conn_established(struct sock *sk, + struct sk_buff *skb) +{ +} + static inline void dummy_req_classify_flow(const struct request_sock *req, struct flowi *fl) { @@ -1118,6 +1123,7 @@ void security_fixup_ops (struct security set_to_dummy_if_null(ops, sock_graft); set_to_dummy_if_null(ops, inet_conn_request); set_to_dummy_if_null(ops, inet_csk_clone); + set_to_dummy_if_null(ops, inet_conn_established); set_to_dummy_if_null(ops, req_classify_flow); set_to_dummy_if_null(ops, skb_flow_in); set_to_dummy_if_null(ops, skb_flow_out); --- net-2.6.sid2/security/selinux/hooks.c 2006-10-01 12:34:28.0 -0500 +++ net-2.6/security/selinux/hooks.c2006-10-01 15:43:12.0 -0500 @@ -3669,6 +3669,14 @@ static void selinux_inet_csk_clone(struc selinux_netlbl_sk_security_init(newsksec, req->rsk_ops->family); } +static void selinux_inet_conn_established(struct sock *sk, + struct sk_buff *skb) +{ + struct sk_security_struct *sksec = sk->sk_security; + + sksec->peer_sid = skb->secmark; +} + static void selinux_req_classify_flow(const struct request_sock *req, struct flowi *fl) { @@ -4800,6 +4808,7 @@ static struct security_operations selinu .sock_graft = selinux_sock_graft, .inet_conn_request =selinux_inet_conn_request, .inet_csk_clone = selinux_inet_csk_clone, + .inet_conn_established =selinux_inet_conn_established, .req_classify_flow =selinux_req_classify_flow, .skb_flow_in = selinux_skb_flow_in, .skb_flow_out = selinux_skb_flow_out, - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://
[PATCH 7/9] secid reconciliation-v04: Enforcement for SELinux
This defines SELinux enforcement of the 2 new LSM hooks as well as related changes elsewhere in the SELinux code. This also now keeps track of the peersid thru the establishment of a connection on the server (tracking peersid on the client is covered later in this patch set). Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- security/selinux/hooks.c| 148 +++--- security/selinux/include/xfrm.h | 11 +- security/selinux/xfrm.c | 66 + 3 files changed, 150 insertions(+), 75 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5a66c4c..fc65cc7 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3449,8 +3449,12 @@ static int selinux_sock_rcv_skb_compat(s err = avc_has_perm(sock_sid, port_sid, sock_class, recv_perm, ad); + if (err) + goto out; } + err = selinux_xfrm_sock_rcv_skb(sock_sid, skb, ad); + out: return err; } @@ -3489,10 +3493,6 @@ static int selinux_socket_sock_rcv_skb(s goto out; err = selinux_netlbl_sock_rcv_skb(sksec, skb, &ad); - if (err) - goto out; - - err = selinux_xfrm_sock_rcv_skb(sksec->sid, skb, &ad); out: return err; } @@ -3505,7 +3505,7 @@ static int selinux_socket_getpeersec_str u32 scontext_len; struct sk_security_struct *ssec; struct inode_security_struct *isec; - u32 peer_sid = 0; + u32 peer_sid; isec = SOCK_INODE(sock)->i_security; @@ -3516,8 +3516,10 @@ static int selinux_socket_getpeersec_str } else if (isec->sclass == SECCLASS_TCP_SOCKET) { peer_sid = selinux_netlbl_socket_getpeersec_stream(sock); - if (peer_sid == SECSID_NULL) - peer_sid = selinux_socket_getpeer_stream(sock->sk); + if (peer_sid == SECSID_NULL) { + ssec = sock->sk->sk_security; + peer_sid = ssec->peer_sid; + } if (peer_sid == SECSID_NULL) { err = -ENOPROTOOPT; goto out; @@ -3550,7 +3552,8 @@ out: return err; } -static int selinux_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid) +static int selinux_socket_getpeersec_dgram(struct socket *sock, + struct sk_buff *skb, u32 *secid) { u32 peer_secid = SECSID_NULL; int err = 0; @@ -3559,8 +3562,12 @@ static int selinux_socket_getpeersec_dgr selinux_get_inode_sid(SOCK_INODE(sock), &peer_secid); else if (skb) { peer_secid = selinux_netlbl_socket_getpeersec_dgram(skb); - if (peer_secid == SECSID_NULL) - peer_secid = selinux_socket_getpeer_dgram(skb); + if (peer_secid == SECSID_NULL) { + if (selinux_compat_net) + peer_secid = selinux_socket_getpeer_dgram(skb); + else + peer_secid = skb->secmark; + } } if (peer_secid == SECSID_NULL) @@ -3626,19 +3633,24 @@ static int selinux_inet_conn_request(str return 0; } - err = selinux_xfrm_decode_session(skb, &peersid, 0); - BUG_ON(err); + if (selinux_compat_net) { + err = selinux_xfrm_decode_session(skb, &peersid, 0); + BUG_ON(err); - if (peersid == SECSID_NULL) { - req->secid = sksec->sid; - return 0; - } + if (peersid == SECSID_NULL) { + req->secid = sksec->sid; + req->peer_secid = 0; + return 0; + } + } else + peersid = skb->secmark; err = security_sid_mls_copy(sksec->sid, peersid, &newsid); if (err) return err; req->secid = newsid; + req->peer_secid = peersid; return 0; } @@ -3648,6 +3660,7 @@ static void selinux_inet_csk_clone(struc struct sk_security_struct *newsksec = newsk->sk_security; newsksec->sid = req->secid; + newsksec->peer_sid = req->peer_secid; /* NOTE: Ideally, we should also get the isec->sid for the new socket in sync, but we don't have the isec available yet. So we will wait until sock_graft to do it, by which @@ -3662,6 +3675,66 @@ static void selinux_req_classify_flow(co fl->secid = req->secid; } +static int selinux_skb_flow_in(struct sk_buff *skb, unsigned short family) +{ + u32 xfrm_sid; + int err; + + if (selinux_compat_net) + return 1; + + /* +* loopback traffic already labeled and +* flow-controlled on outbound. We may +* need to flow-control on
[PATCH 1/9] secid reconciliation-v04
This patchset helps with leveraging secmark in defining fine-grained security check points with support for a. a default place holder domain defined using secmark for each of the check points and b. flow control and reconciliation of domains entering/leaving the system. The reconciliation steps for SELinux are explained in the Labeled Networking document at: http://marc.theaimsgroup.com/?l=linux-netdev&m=115136637800361&w=2 Also please refer to the discussion at: http://marc.theaimsgroup.com/?l=selinux&m=115885031311565&w=2 The following are the identifiers handled here: 1. secmark on the skb 2. xfrm security identifier associated with the skb if it used any xfrms, a zero secid otherwise. The following features are included: - Retain secmark (from the originating socket/flow) on loopback traffic; this traffic is now flow controlled on the outbound only. - When multiple iptables labeling rules are present (e.g.: both on PREROUTING and INPUT) INBOUND: The label in the last rule will prevail. OUTBOUND: secmark (from the originating socket) is flow-controlled against the label on the first rule, and, if it passes, the label on the first rule overrides the secmark (from the originating socket). This secmark is flow controlled against labels on the subsequent rules, each time, overridden by those labels. - Forwarded packets: The FORWARD chain is treated as an outbound chain for flow control purposes. e.g: label with PREROUTING and flow-control with FORWARD or POSTROUTING. - SELinux postroute_last hook: unfortunately, the secmark Vs. UNLABELED SID check will be done for ALL traffic (couldn't figure out a way to except traffic already processed by (CONN)SECMARK outbound rules). This patch: Add new flask definitions to SELinux Adds a new avperm "flow_in" to arbitrate among the identifiers on the inbound (input/forward). Also adds a new avperm "flow_out" to enable flow control checks on the outbound (output/forward), addressed in this patch as well. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- security/selinux/include/av_perm_to_string.h |2 ++ security/selinux/include/av_permissions.h|2 ++ 2 files changed, 4 insertions(+) diff --git a/security/selinux/include/av_perm_to_string.h b/security/selinux/include/av_perm_to_string.h index 09fc8a2..1e65d28 100644 --- a/security/selinux/include/av_perm_to_string.h +++ b/security/selinux/include/av_perm_to_string.h @@ -245,6 +245,8 @@ S_(SECCLASS_PACKET, PACKET__SEND, "send") S_(SECCLASS_PACKET, PACKET__RECV, "recv") S_(SECCLASS_PACKET, PACKET__RELABELTO, "relabelto") + S_(SECCLASS_PACKET, PACKET__FLOW_IN, "flow_in") + S_(SECCLASS_PACKET, PACKET__FLOW_OUT, "flow_out") S_(SECCLASS_KEY, KEY__VIEW, "view") S_(SECCLASS_KEY, KEY__READ, "read") S_(SECCLASS_KEY, KEY__WRITE, "write") diff --git a/security/selinux/include/av_permissions.h b/security/selinux/include/av_permissions.h index 81f4f52..2faf3d8 100644 --- a/security/selinux/include/av_permissions.h +++ b/security/selinux/include/av_permissions.h @@ -962,6 +962,8 @@ #define APPLETALK_SOCKET__NAME_BIND #define PACKET__SEND 0x0001UL #define PACKET__RECV 0x0002UL #define PACKET__RELABELTO 0x0004UL +#define PACKET__FLOW_IN 0x0008UL +#define PACKET__FLOW_OUT 0x0010UL #define KEY__VIEW 0x0001UL #define KEY__READ 0x0002UL - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 6/9] secid reconciliation-v04: Label locally generated IPv4 traffic
This labels the skb(s) for locally generated IPv4 traffic. This will be used in pertinent flow control checks on the outbound later in the LSM hook. This is not as pretty as it is for IPv6, but what to do? Note that skb(s) that derive the secmark from the originating socket do so in the outbound hook. NOTE: Forwarded traffic is already labeled with the reconciled secmark on the inbound. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- include/net/ip.h | 31 +++ include/net/request_sock.h | 18 ++ net/dccp/ipv4.c|5 + net/ipv4/icmp.c|4 net/ipv4/ip_output.c |6 ++ net/ipv4/tcp_ipv4.c|1 + 6 files changed, 65 insertions(+) diff --git a/include/net/ip.h b/include/net/ip.h index 98f9084..40ac276 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -48,6 +48,9 @@ struct ipcm_cookie u32 addr; int oif; struct ip_options *opt; +#ifdef CONFIG_SECURITY_NETWORK + u32 secid; +#endif /* CONFIG_SECURITY_NETWORK */ }; #define IPCB(skb) ((struct inet_skb_parm*)((skb)->cb)) @@ -383,4 +386,32 @@ #endif extern struct ctl_table ipv4_table[]; +#ifdef CONFIG_SECURITY_NETWORK + +static inline void security_skb_classify_ipcm(struct sk_buff *skb, + struct ipcm_cookie *ipc) +{ + ipc->secid = skb->secmark; +} + +static inline void security_ipcm_classify_skb(struct ipcm_cookie *ipc, + struct sk_buff *skb) +{ + skb->secmark = ipc->secid; +} + +#else + +static inline void security_skb_classify_ipcm(struct sk_buff *skb, + struct ipcm_cookie *ipc) +{ +} + +static inline void security_ipcm_classify_skb(struct ipcm_cookie *ipc, + struct sk_buff *skb) +{ +} + +#endif /* CONFIG_SECURITY_NETWORK */ + #endif /* _IP_H */ diff --git a/include/net/request_sock.h b/include/net/request_sock.h index 8e165ca..6d6da9c 100644 --- a/include/net/request_sock.h +++ b/include/net/request_sock.h @@ -54,6 +54,7 @@ struct request_sock { struct request_sock_ops *rsk_ops; struct sock *sk; u32 secid; + u32 peer_secid; }; static inline struct request_sock *reqsk_alloc(struct request_sock_ops *ops) @@ -259,4 +260,21 @@ static inline void reqsk_queue_hash_req( write_unlock(&queue->syn_wait_lock); } +#ifdef CONFIG_SECURITY_NETWORK + +static inline void security_req_classify_skb(struct request_sock *req, + struct sk_buff *skb) +{ + skb->secmark = req->secid; +} + +#else + +static inline void security_req_classify_skb(struct request_sock *req, + struct sk_buff *skb) +{ +} + +#endif /* CONFIG_SECURITY_NETWORK */ + #endif /* _REQUEST_SOCK_H */ diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c index 66be29b..57ba542 100644 --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c @@ -230,6 +230,8 @@ static void dccp_v4_reqsk_send_ack(struc dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), DCCP_SKB_CB(rxskb)->dccpd_seq); + security_req_classify_skb(req, skb); + bh_lock_sock(dccp_v4_ctl_socket->sk); err = ip_build_and_send_pkt(skb, dccp_v4_ctl_socket->sk, rxskb->nh.iph->daddr, @@ -261,6 +263,7 @@ static int dccp_v4_send_response(struct dh->dccph_checksum = dccp_v4_checksum(skb, ireq->loc_addr, ireq->rmt_addr); memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt)); + security_req_classify_skb(req, skb); err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr, ireq->rmt_addr, ireq->opt); @@ -743,6 +746,8 @@ static void dccp_v4_ctl_send_reset(struc dh->dccph_checksum = dccp_v4_checksum(skb, rxskb->nh.iph->saddr, rxskb->nh.iph->daddr); + security_skb_classify_skb(rxskb, skb); + bh_lock_sock(dccp_v4_ctl_socket->sk); err = ip_build_and_send_pkt(skb, dccp_v4_ctl_socket->sk, rxskb->nh.iph->daddr, diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index c2ad07e..956791a 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -389,6 +389,8 @@ static void icmp_reply(struct icmp_bxm * if (icmp_xmit_lock()) return; + security_skb_classify_ipcm(skb, &ipc); + icmp_param->data.icmph.checksum = 0; icmp_out_count(icmp_param->data.icmph.type); @@ -507,6 +509,8 @@ void icmp_send(struct sk_buff *skb_in, i if (icmp_xmit_lock()) return; +
[PATCH 3/9] secid reconciliation-v04: Invoke LSM hook for inbound traffic
Invoke the skb_flow_in LSM hook for inbound traffic for secid reconciliation and flow control. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- include/net/xfrm.h | 45 +-- 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 11e0b1d..8f9c184 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -675,22 +675,18 @@ extern int __xfrm_policy_check(struct so static inline int xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, unsigned short family) { - if (sk && sk->sk_policy[XFRM_POLICY_IN]) - return __xfrm_policy_check(sk, dir, skb, family); - - return (!xfrm_policy_count[dir] && !skb->sp) || - (skb->dst->flags & DST_NOPOLICY) || - __xfrm_policy_check(sk, dir, skb, family); -} - -static inline int xfrm4_policy_check(struct sock *sk, int dir, struct sk_buff *skb) -{ - return xfrm_policy_check(sk, dir, skb, AF_INET); -} + int ret; -static inline int xfrm6_policy_check(struct sock *sk, int dir, struct sk_buff *skb) -{ - return xfrm_policy_check(sk, dir, skb, AF_INET6); + if (sk && sk->sk_policy[XFRM_POLICY_IN]) + ret = __xfrm_policy_check(sk, dir, skb, family); + else + ret = (!xfrm_policy_count[dir] && !skb->sp) || + (skb->dst->flags & DST_NOPOLICY) || + __xfrm_policy_check(sk, dir, skb, family); + + if (ret) + ret = security_skb_flow_in(skb, family); + return ret; } extern int xfrm_decode_session(struct sk_buff *skb, struct flowi *fl, unsigned short family); @@ -742,19 +738,22 @@ static inline void xfrm_sk_free_policy(s static inline int xfrm_sk_clone_policy(struct sock *sk) { return 0; } static inline int xfrm6_route_forward(struct sk_buff *skb) { return 1; } static inline int xfrm4_route_forward(struct sk_buff *skb) { return 1; } -static inline int xfrm6_policy_check(struct sock *sk, int dir, struct sk_buff *skb) -{ - return 1; -} +static inline int xfrm_policy_check(struct sock *sk, int dir, + struct sk_buff *skb, unsigned short family) +{ + return security_skb_flow_in(skb, family); +} +#endif + static inline int xfrm4_policy_check(struct sock *sk, int dir, struct sk_buff *skb) { - return 1; + return xfrm_policy_check(sk, dir, skb, AF_INET); } -static inline int xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, unsigned short family) + +static inline int xfrm6_policy_check(struct sock *sk, int dir, struct sk_buff *skb) { - return 1; + return xfrm_policy_check(sk, dir, skb, AF_INET6); } -#endif static __inline__ xfrm_address_t *xfrm_flowi_daddr(struct flowi *fl, unsigned short family) - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/9] secid reconciliation-v04: Add LSM hooks
Add skb_policy_check and skb_netfilter_check hooks to LSM to enable reconciliation of the various security identifiers as well as enforce flow control on inbound (PREROUTING/INPUT) and outbound (OUTPUT/FORWARD/POSTROUTING) traffic. Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]> --- include/linux/security.h | 41 - security/dummy.c | 13 +++ 2 files changed, 53 insertions(+), 1 deletion(-) diff --git a/include/linux/security.h b/include/linux/security.h index 9f56fb8..84b826b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -828,6 +828,15 @@ #ifdef CONFIG_SECURITY * Sets the new child socket's sid to the openreq sid. * @req_classify_flow: * Sets the flow's sid to the openreq sid. + * @skb_flow_in: + * Checks to see if security policy would allow skb into the system + * while also reconciling the xfrm secid, cipso, etc, if any, and + * relabeling the skb with the reconciled secid. + * Returns 1 if skb allowed into system, 0 otherwise. + * @skb_flow_out: + * Checks to see if security policy would allow skb to go out of system. + * Returns 1 if skb allowed out of system, 0 if not, and -ENOENT if there's + * no hook defined. * * Security hooks for XFRM operations. * @@ -1372,6 +1381,8 @@ #ifdef CONFIG_SECURITY_NETWORK struct request_sock *req); void (*inet_csk_clone)(struct sock *newsk, const struct request_sock *req); void (*req_classify_flow)(const struct request_sock *req, struct flowi *fl); + int (*skb_flow_in)(struct sk_buff *skb, unsigned short family); + int (*skb_flow_out)(struct sk_buff *skb, u32 nf_secid); #endif /* CONFIG_SECURITY_NETWORK */ #ifdef CONFIG_SECURITY_NETWORK_XFRM @@ -2946,6 +2957,18 @@ static inline void security_req_classify security_ops->req_classify_flow(req, fl); } +static inline int security_skb_flow_in(struct sk_buff *skb, + unsigned short family) +{ + return security_ops->skb_flow_in(skb, family); +} + +static inline int security_skb_flow_out(struct sk_buff *skb, + u32 nf_secid) +{ + return security_ops->skb_flow_out(skb, nf_secid); +} + static inline void security_sock_graft(struct sock* sk, struct socket *parent) { security_ops->sock_graft(sk, parent); @@ -3097,6 +3120,18 @@ static inline void security_req_classify { } +static inline int security_skb_flow_in(struct sk_buff *skb, + unsigned short family) +{ + return 1; +} + +static inline int security_skb_flow_out(struct sk_buff *skb, + u32 nf_secid) +{ + return -ENOENT; +} + static inline void security_sock_graft(struct sock* sk, struct socket *parent) { } @@ -3150,7 +3185,11 @@ static inline int security_xfrm_state_al { if (!polsec) return 0; - return security_ops->xfrm_state_alloc_security(x, NULL, polsec, secid); + /* +* No need to pass polsec along since we want the context to be +* taken from secid which is usually from the sock. +*/ + return security_ops->xfrm_state_alloc_security(x, NULL, NULL, secid); } static inline int security_xfrm_state_delete(struct xfrm_state *x) diff --git a/security/dummy.c b/security/dummy.c index aeee705..921be56 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -832,6 +832,17 @@ static inline void dummy_req_classify_fl struct flowi *fl) { } + +static inline int dummy_skb_flow_in(struct sk_buff *skb, + unsigned short family) +{ + return -ENOENT; +} + +static inline int dummy_skb_flow_out(struct sk_buff *skb, u32 nf_secid) +{ + return -ENOENT; +} #endif /* CONFIG_SECURITY_NETWORK */ #ifdef CONFIG_SECURITY_NETWORK_XFRM @@ -1108,6 +1119,8 @@ #ifdef CONFIG_SECURITY_NETWORK set_to_dummy_if_null(ops, inet_conn_request); set_to_dummy_if_null(ops, inet_csk_clone); set_to_dummy_if_null(ops, req_classify_flow); + set_to_dummy_if_null(ops, skb_flow_in); + set_to_dummy_if_null(ops, skb_flow_out); #endif/* CONFIG_SECURITY_NETWORK */ #ifdef CONFIG_SECURITY_NETWORK_XFRM set_to_dummy_if_null(ops, xfrm_policy_alloc_security); - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/9] secid reconciliation-v04: Repost patchset with updates
This patchset is relative to davem's net-2.6.git The following are the changes included in this patchset since the previous post: - Create IPSec SAs to be acquired with the creating sock's context as opposed to that of the matching SPD rule, resulting in a simpler SPD as well as policy. - Set peer_sid on tcp sockets to the reconciled secmark so trusted applications can retrieve and service the data at the appropriate context. Also return secmark when security is queried for a UDP packet. - Fix minor things from James Morris' review. Paul, please spin a new patch to bring NetLabel into the reconciliation path as well as to address any NetLabel changes needed in regard to the above. Please consider for inclusion in 2.6.19. include/linux/security.h | 51 - include/linux/skbuff.h | 49 + include/net/ip.h | 31 +++ include/net/request_sock.h | 18 ++ include/net/xfrm.h | 45 ++--- net/dccp/ipv4.c |5 net/ipv4/icmp.c |4 net/ipv4/ip_output.c |6 net/ipv4/tcp_ipv4.c |1 net/ipv6/ip6_output.c|5 net/ipv6/netfilter/ip6t_REJECT.c |2 net/netfilter/xt_CONNSECMARK.c | 72 ++-- net/netfilter/xt_SECMARK.c | 45 - security/dummy.c | 13 + security/selinux/hooks.c | 148 + security/selinux/include/av_perm_to_string.h |2 security/selinux/include/av_permissions.h|2 security/selinux/include/xfrm.h | 11 - security/selinux/xfrm.c | 66 +++ 19 files changed, 450 insertions(+), 126 deletions(-) - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
RE: [PATCH] Fix for IPsec leakage with SELinux enabled
> The way I was seeing the problem was when connecting via IPsec to a > confined service on an SELinux box (vsftpd), which did not have the > appropriate SELinux policy permissions to send packets via IPsec. > > The first SYNACK would be blocked, Given that the resolver fails to find a policy here, I am trying to understand what exactly is blocking it (the first SYNACK) from proceeding without IPSec. > because of an uncached lookup via > flow_cache_lookup(), which would fail to resolve an xfrm > policy because > the SELinux policy is checked at that point via the resolver. > > However, retransmitted SYNACKs would then find a cached flow > entry when > calling into flow_cache_lookup() with a null xfrm policy, which is > interpreted by xfrm_lookup() as the packet not having any associated > policy and similarly to the first case, allowing it to pass without > transformation. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: ATM firestream bug
In message <[EMAIL PROTECTED]>,Jeff Garzik writes: >1) not safe on 64-bit firestream is not the only driver that's likely 32-bit safe only. zatm, nicstar, horizon and ambassdor all use virt_to_bus(). >2) variable 'tmc0' is indeed potentially used uninit'd, in particular if >make_rate() returns an error (use occurs before error check). i will fix this later. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
wan/pc300 bug found
The following gcc warning indicates a bug: drivers/net/wan/pc300_drv.c: In function ‘cpc_open’: drivers/net/wan/pc300_drv.c:2870: warning: ‘br’ may be used uninitialized in this function clock_rate_calc() is not checked for a negative return value. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] TIPC: fix printk warning
gcc spits out this warning: net/tipc/link.c: In function ‘link_retransmit_failure’: net/tipc/link.c:1669: warning: cast from pointer to integer of different size More than a little bit ugly, storing integers in void*, but at least the code is correct, unlike some of the more crufty Linux kernel code found elsewhere. Rather than having two casts to massage the value into u32, it's easier just to have a single cast and use "%lu", since it's just a printk. Signed-off-by: Jeff Garzik <[EMAIL PROTECTED]> diff --git a/net/tipc/link.c b/net/tipc/link.c index 693f02e..53bc8cb 100644 --- a/net/tipc/link.c +++ b/net/tipc/link.c @@ -1666,8 +1666,9 @@ static void link_retransmit_failure(stru char addr_string[16]; tipc_printf(TIPC_OUTPUT, "Msg seq number: %u, ", msg_seqno(msg)); - tipc_printf(TIPC_OUTPUT, "Outstanding acks: %u\n", (u32)TIPC_SKB_CB(buf)->handle); - + tipc_printf(TIPC_OUTPUT, "Outstanding acks: %lu\n", +(unsigned long) TIPC_SKB_CB(buf)->handle); + n_ptr = l_ptr->owner->next; tipc_node_lock(n_ptr); - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 1/3][ATM]: kmalloc to kzalloc patches for drivers/atm
You also need to mark firestream as 32-bit only, in Kconfig... (or fix it) - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: ATM bug found
chas williams - CONTRACTOR wrote: > still generates a warning from gcc though. The warning is bogus in this case, though -- the only way for "*pcr" to be unset is when alloc_shaper() returns non-zero > + *pcr = 0; You're right, 0 is better than ATM_MAX_PCR here. -Mitch - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: ATM bug found
In message <[EMAIL PROTECTED]>,Mitchell Blank Jr writes: >The fix is for alloc_shaper() should really do "*pcr = ATM_MAX_PCR" in >the "if (ubr)" stanza. Chas, want to submit that in the next batch >of patches? i dont think you can do that. pcr gets assigned to .min_pcr and .min_pcr = ATM_MAX_PCR has a different meaning. it should probably be set to 0. there is no minimum or maximum pcr for ubr. you get what you get. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 3/3][ATM]: [zatm] always *pcr in alloc_shaper()
please consider for 2.6.18 -- thanks! [ATM]: [zatm] always *pcr in alloc_shaper() Signed-off-by: Chas Williams <[EMAIL PROTECTED]> --- commit ae0e261f74750f57c963349f5c09c8057d5eee32 tree 5e9358ef3fd7d00e3be7a1862afa62a6852c8cb6 parent d7b1207f84d681df2e46c6f22ca153eb7f0944cb author chas williams - CONTRACTOR <[EMAIL PROTECTED]> Sun, 01 Oct 2006 11:14:19 -0400 committer chas williams - CONTRACTOR <[EMAIL PROTECTED]> Sun, 01 Oct 2006 11:14:19 -0400 drivers/atm/zatm.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/drivers/atm/zatm.c b/drivers/atm/zatm.c index c491ec4..083c5d3 100644 --- a/drivers/atm/zatm.c +++ b/drivers/atm/zatm.c @@ -800,6 +800,7 @@ static int alloc_shaper(struct atm_dev * i = m = 1; zatm_dev->ubr_ref_cnt++; zatm_dev->ubr = shaper; + *pcr = 0; } else { if (min) { - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/3][ATM]: [ambassador] Change the return type to reflect reality
please consider for 2.6.19 -- thanks! [ATM]: [ambassador] Change the return type to reflect reality Signed-off-by: Jeff Garzik <[EMAIL PROTECTED]> Signed-off-by: Chas Williams <[EMAIL PROTECTED]> --- commit d7b1207f84d681df2e46c6f22ca153eb7f0944cb tree 9204a7e7f6812bd683a0079a9a9177ec400fadbd parent 339d365266211690a446773e3eb9d864637a71bb author Jeff Garzik <[EMAIL PROTECTED]> Sun, 01 Oct 2006 10:23:44 -0400 committer chas williams - CONTRACTOR <[EMAIL PROTECTED]> Sun, 01 Oct 2006 10:23:44 -0400 drivers/atm/ambassador.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/atm/ambassador.c b/drivers/atm/ambassador.c index 4521a24..da599e6 100644 --- a/drivers/atm/ambassador.c +++ b/drivers/atm/ambassador.c @@ -915,8 +915,8 @@ #endif /** make rate (not quite as much fun as Horizon) **/ -static unsigned int make_rate (unsigned int rate, rounding r, - u16 * bits, unsigned int * actual) { +static int make_rate (unsigned int rate, rounding r, + u16 * bits, unsigned int * actual) { unsigned char exp = -1; // hush gcc unsigned int man = -1; // hush gcc - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 1/3][ATM]: kmalloc to kzalloc patches for drivers/atm
please consider for 2.6.19 -- thanks! [ATM]: kmalloc to kzalloc patches for drivers/atm Signed-off-by: Om Narasimhan <[EMAIL PROTECTED]> Signed-off-by: Chas Williams <[EMAIL PROTECTED]> --- commit 339d365266211690a446773e3eb9d864637a71bb tree d48530e7ba716797687d2831f0f5148cda4a999a parent f69365e8b58c325546d2e090c9019737436e0712 author Om Narasimhan <[EMAIL PROTECTED]> Sat, 30 Sep 2006 22:00:22 -0400 committer chas williams - CONTRACTOR <[EMAIL PROTECTED]> Sat, 30 Sep 2006 22:00:22 -0400 drivers/atm/adummy.c |6 ++ drivers/atm/firestream.c | 12 +++- drivers/atm/he.c |4 +--- drivers/atm/horizon.c|4 +--- drivers/atm/idt77252.c | 23 ++- drivers/atm/lanai.c |8 +--- drivers/atm/zatm.c |6 ++ 7 files changed, 16 insertions(+), 47 deletions(-) diff --git a/drivers/atm/adummy.c b/drivers/atm/adummy.c index 6cc93de..ac2c108 100644 --- a/drivers/atm/adummy.c +++ b/drivers/atm/adummy.c @@ -113,15 +113,13 @@ static int __init adummy_init(void) printk(KERN_ERR "adummy: version %s\n", DRV_VERSION); - adummy_dev = (struct adummy_dev *) kmalloc(sizeof(struct adummy_dev), + adummy_dev = kzalloc(sizeof(struct adummy_dev), GFP_KERNEL); if (!adummy_dev) { - printk(KERN_ERR DEV_LABEL ": kmalloc() failed\n"); + printk(KERN_ERR DEV_LABEL ": kzalloc() failed\n"); err = -ENOMEM; goto out; } - memset(adummy_dev, 0, sizeof(struct adummy_dev)); - atm_dev = atm_dev_register(DEV_LABEL, &adummy_ops, -1, NULL); if (!atm_dev) { printk(KERN_ERR DEV_LABEL ": atm_dev_register() failed\n"); diff --git a/drivers/atm/firestream.c b/drivers/atm/firestream.c index 38fc054..7c75adf 100644 --- a/drivers/atm/firestream.c +++ b/drivers/atm/firestream.c @@ -1784,7 +1784,7 @@ static int __devinit fs_init (struct fs_ write_fs (dev, RAM, (1 << (28 - FS155_VPI_BITS - FS155_VCI_BITS)) - 1); dev->nchannels = FS155_NR_CHANNELS; } - dev->atm_vccs = kmalloc (dev->nchannels * sizeof (struct atm_vcc *), + dev->atm_vccs = kcalloc (dev->nchannels, sizeof (struct atm_vcc *), GFP_KERNEL); fs_dprintk (FS_DEBUG_ALLOC, "Alloc atmvccs: %p(%Zd)\n", dev->atm_vccs, dev->nchannels * sizeof (struct atm_vcc *)); @@ -1794,9 +1794,8 @@ static int __devinit fs_init (struct fs_ /* XXX Clean up. */ return 1; } - memset (dev->atm_vccs, 0, dev->nchannels * sizeof (struct atm_vcc *)); - dev->tx_inuse = kmalloc (dev->nchannels / 8 /* bits/byte */ , GFP_KERNEL); + dev->tx_inuse = kzalloc (dev->nchannels / 8 /* bits/byte */ , GFP_KERNEL); fs_dprintk (FS_DEBUG_ALLOC, "Alloc tx_inuse: %p(%d)\n", dev->atm_vccs, dev->nchannels / 8); @@ -1805,8 +1804,6 @@ static int __devinit fs_init (struct fs_ /* XXX Clean up. */ return 1; } - memset (dev->tx_inuse, 0, dev->nchannels / 8); - /* -- RAS1 : FS155 and 50 differ. Default (0) should be OK for both */ /* -- RAS2 : FS50 only: Default is OK. */ @@ -1893,14 +1890,11 @@ static int __devinit firestream_init_one if (pci_enable_device(pci_dev)) goto err_out; - fs_dev = kmalloc (sizeof (struct fs_dev), GFP_KERNEL); + fs_dev = kzalloc (sizeof (struct fs_dev), GFP_KERNEL); fs_dprintk (FS_DEBUG_ALLOC, "Alloc fs-dev: %p(%Zd)\n", fs_dev, sizeof (struct fs_dev)); if (!fs_dev) goto err_out; - - memset (fs_dev, 0, sizeof (struct fs_dev)); - atm_dev = atm_dev_register("fs", &ops, -1, NULL); if (!atm_dev) goto err_out_free_fs_dev; diff --git a/drivers/atm/he.c b/drivers/atm/he.c index f2511b4..b22a914 100644 --- a/drivers/atm/he.c +++ b/drivers/atm/he.c @@ -383,14 +383,12 @@ he_init_one(struct pci_dev *pci_dev, con } pci_set_drvdata(pci_dev, atm_dev); - he_dev = (struct he_dev *) kmalloc(sizeof(struct he_dev), + he_dev = kzalloc(sizeof(struct he_dev), GFP_KERNEL); if (!he_dev) { err = -ENOMEM; goto init_one_failure; } - memset(he_dev, 0, sizeof(struct he_dev)); - he_dev->pci_dev = pci_dev; he_dev->atm_dev = atm_dev; he_dev->atm_dev->dev_data = he_dev; diff --git a/drivers/atm/horizon.c b/drivers/atm/horizon.c index d1113e8..209dba1 100644 --- a/drivers/atm/horizon.c +++ b/drivers/atm/horizon.c @@ -2719,7 +2719,7 @@ static int __devinit hrz_probe(struct pc goto out_disable; } - dev = kmalloc(sizeof(hrz_dev), GFP_KERNEL); + dev = kzalloc(sizeof(hrz_dev), GFP_KERNEL);
Re: ATM bug found
In message <[EMAIL PROTECTED]>,Jeff Garzik writes: >If alloc_shaper() argument 'unlimited' is true, then pcr is never >assigned a value. However, the caller of alloc_shaper() always tests >the pcr value, regardless of whether or not 'unlimited' is true. when unlimited is true, this means ubr. alloc_shaper() creates a queue to use for all ubr (best effort) traffic. ubr doesnt count against tx_bw so its handled a bit differently. alloc_shaper() should return a 0 for the pcr since this gets assigned to the vcc's qos parameters. min_pcr = 0 and max_pcr = 0 means "best effort". still generates a warning from gcc though. [ATM]: [zatm] always *pcr in alloc_shaper() Signed-off-by: Chas Williams <[EMAIL PROTECTED]> diff --git a/drivers/atm/zatm.c b/drivers/atm/zatm.c index c491ec4..083c5d3 100644 --- a/drivers/atm/zatm.c +++ b/drivers/atm/zatm.c @@ -800,6 +800,7 @@ static int alloc_shaper(struct atm_dev * i = m = 1; zatm_dev->ubr_ref_cnt++; zatm_dev->ubr = shaper; + *pcr = 0; } else { if (min) { - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: ATM firestream bug
Jeff Garzik wrote: > 1) not safe on 64-bit Almost certainly correct. Probably never will be -- IIRC this SAR was mainly used in embedded apps. I don't know if any commercially-available PCI cards were ever made with it. I could be wrong though, it's been awhile since I was up on the ATM industry. > 2) variable 'tmc0' is indeed potentially used uninit'd, in particular if > make_rate() returns an error (use occurs before error check). Exact same error as the one you spotted in ambassador.c -- make_rate()'s error is not checked at all. It should be. -Mitch - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: another ATM bug
(cc:'s trimmed again) Jeff Garzik wrote: > drivers/atm/ambassador.c: In function ?amb_open?: > drivers/atm/ambassador.c:1049: warning: ?tx_rate_bits? may be used > uninitialized in this function > > The variable is accessed before the make_rate() error code is checked, Or rather, the make_rate() error code isn't checked AT ALL ("error" appears to be a write-only variable) That seems to be the real bug -Mitch - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] atm/firestream: mark 32-bit only
This driver does some dodgy stuff, reading a 32-bit value directly from the hardware, calling bus_to_virt() on it, and then pretending that will work just fine on 64-bit. Signed-off-by: Jeff Garzik <[EMAIL PROTECTED]> diff --git a/drivers/atm/Kconfig b/drivers/atm/Kconfig index cfa5af8..8903ecf 100644 --- a/drivers/atm/Kconfig +++ b/drivers/atm/Kconfig @@ -139,7 +139,7 @@ config ATM_ENI_BURST_RX_2W config ATM_FIRESTREAM tristate "Fujitsu FireStream (FS50/FS155) " - depends on PCI && ATM + depends on PCI && ATM && 32BIT help Driver for the Fujitsu FireStream 155 (MB86697) and FireStream 50 (MB86695) ATM PCI chips. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: ATM bug found
(trimmed cc:'s since, IMO, isn't really all that general interest) Jeff Garzik wrote: > drivers/atm/zatm.c: In function ?zatm_open?: > drivers/atm/zatm.c:919: warning: ?pcr? may be used uninitialized in this > function Yeah, looks like a bug. Not very high-impact because: 1. it only results in garbled data in vcc->qos.txtp which doesn't really mean much for UBR vcc's anyway 2. zatm is a more-obscure-than-obscure piece of hardware. I'm sure 3c501.c has more users these days :-) The fix is for alloc_shaper() should really do "*pcr = ATM_MAX_PCR" in the "if (ubr)" stanza. Chas, want to submit that in the next batch of patches? -Mitch - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
ATM firestream bug
The gcc warning "may be used uninitialized" is correct here, as well: drivers/atm/firestream.c: In function ‘top_off_fp’: drivers/atm/firestream.c:1501: warning: cast to pointer from integer of different size drivers/atm/firestream.c: In function ‘fs_open’: drivers/atm/firestream.c:870: warning: ‘tmc0’ may be used uninitialized in this function This indicates two bugs: 1) not safe on 64-bit 2) variable 'tmc0' is indeed potentially used uninit'd, in particular if make_rate() returns an error (use occurs before error check). - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: mii-tool gigabit support.
Rick Jones wrote: > 2) develop some style >>> of register description definition type of text file, maybe XML, maybe >>> INI style or something stored in /etc/ethtool as .conf or >>> something like that. This way, ethtool doesn't have to be >>> changed/updated/patched/likely-bug-added for every single device known >>> to man. >>> Just a thought. >> >> We could switch to shared libraries like 'tc' uses. > > From a practical standpoint is shipping a new config file or a new > shared library all that much different from a new ethtool binary? New config - certainly yes. After all, it's trivial to change a line in a config file locally. But yes, new shared lib is the same as a new binary. . o O { /sys/class/net/$iface/config.xml };) But seriously, I don't think it's that a bad idea. Maybe not xml, but a plain list of registers with their names - a static string known to each driver isn't much a bloat really. I think anyway. /mjt - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
another ATM bug
The following warning appears to be real: drivers/atm/ambassador.c: In function ‘amb_open’: drivers/atm/ambassador.c:1049: warning: ‘tx_rate_bits’ may be used uninitialized in this function The variable is accessed before the make_rate() error code is checked, thus accessing an uninit'd value. Jeff - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] atm/ambassador: fix return code bug
While auditing a 'may be used uninitialized' warning, I found a minor bug: make_rate() has the standard error code convention -- zero for success, negative errno on error -- but its return type is defined as unsigned. Change the return type to reflect reality. Signed-off-by: Jeff Garzik <[EMAIL PROTECTED]> diff --git a/drivers/atm/ambassador.c b/drivers/atm/ambassador.c index 4521a24..da599e6 100644 --- a/drivers/atm/ambassador.c +++ b/drivers/atm/ambassador.c @@ -915,8 +915,8 @@ #endif /** make rate (not quite as much fun as Horizon) **/ -static unsigned int make_rate (unsigned int rate, rounding r, - u16 * bits, unsigned int * actual) { +static int make_rate (unsigned int rate, rounding r, + u16 * bits, unsigned int * actual) { unsigned char exp = -1; // hush gcc unsigned int man = -1; // hush gcc - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
ATM bug found
Unlike 98% of the warnings of this type, this gcc warning does indeed seem to indicate a bug: drivers/atm/zatm.c: In function ‘zatm_open’: drivers/atm/zatm.c:919: warning: ‘pcr’ may be used uninitialized in this function If alloc_shaper() argument 'unlimited' is true, then pcr is never assigned a value. However, the caller of alloc_shaper() always tests the pcr value, regardless of whether or not 'unlimited' is true. Jeff - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html