commit 75b8c133267053c9986a7c8db5131f0e7349e806 Author: Herbert Xu Date: Tue Dec 11 04:38:08 2007 -0800 [IPSEC]: Fix potential dst leak in xfrm_lookup If we get an error during the actual policy lookup we don't free the original dst while the caller expects us to always free the original dst in case of error. This patch fixes that. Signed-off-by: Herbert Xu Signed-off-by: David S. Miller commit 3f03e387893ffa07a4d5dac96772f9db3221a185 Author: Pavel Emelyanov Date: Tue Dec 11 02:41:25 2007 -0800 [VLAN]: Fix potential race in vlan_cleanup_module vs vlan_ioctl_handler. The vlan module cleanup function starts with vlan_netlink_fini(); vlan_ioctl_set(NULL); The first call removes all the vlan devices and the second one closes the vlan ioctl. AFAIS there's a tiny race window between these two calls - after rtnl unregistered all the vlans, but the ioctl handler isn't set to NULL yet, user can manage to call this ioctl and create one vlan device, and that this function will later BUG_ON seeing non-emply hashes. I think, that we must first close the vlan ioctl and only after this remove all the vlans with the vlan_netlink_fini() call. Signed-off-by: Pavel Emelyanov Acked-by: Patrick McHardy Signed-off-by: David S. Miller commit d59b54b150b3b69b721f1e161efd42ecb7619897 Author: Wang Chen Date: Tue Dec 11 02:28:03 2007 -0800 [NET]: Fix wrong comments for unregister_net* There are some return value comments for void functions. Fixed it. Signed-off-by: Wang Chen Signed-off-by: David S. Miller commit bbe42974215eb7a483c344fca50652b3b9dd1ae4 Author: Michael Chan Date: Mon Dec 10 17:18:51 2007 -0800 [BNX2]: Update version to 1.6.9. Signed-off-by: Michael Chan Signed-off-by: David S. Miller commit c09c262783dcac62352293912d82b794063cefc3 Author: Michael Chan Date: Mon Dec 10 17:18:37 2007 -0800 [BNX2]: Fix RX packet rot. Packets can be left in the RX ring if the NAPI budget is reached. This is caused by storing the latest rx index at the beginning of bnx2_rx_int(). We may not process all the work up to this index if the budget is reached and so some packets in the RX ring may rot when we later check for more work using this stored rx index. The fix is to not store this latest hw index and only store the processed rx index. We use a new function bnx2_get_hw_rx_cons() to fetch the latest hw rx index. Signed-off-by: Michael Chan Signed-off-by: David S. Miller commit fb0c18bd1f61086fcfac90017b59891a356cc288 Author: Michael Chan Date: Mon Dec 10 17:18:23 2007 -0800 [BNX2]: Add PHY_DIS_EARLY_DAC workaround. 5709 Ax and Bx chips all need this workaround. Signed-off-by: Michael Chan Signed-off-by: David S. Miller commit 9b3efc0133a807070dbd21254102995b65969965 Author: Julia Lawall Date: Mon Dec 10 17:17:37 2007 -0800 [S390]: Fix use of skb after netif_rx Recently, Wang Chen submitted a patch (d30f53aeb31d453a5230f526bea592af07944564) to move a call to netif_rx(skb) after a subsequent reference to skb, because netif_rx may call kfree_skb on its argument. netif_rx_ni calls netif_rx, so the same problem occurs in the files below. I have left the updating of dev->last_rx after the calls to netif_rx_ni because it seems time dependent, but moved the other field updates before. This was found using the following semantic match. (http://www.emn.fr/x-info/coccinelle/) // @@ expression skb, e,e1; @@ ( netif_rx(skb); | netif_rx_ni(skb); ) ... when != skb = e ( skb = e1 | * skb ) // Signed-off-by: Julia Lawall Signed-off-by: David S. Miller commit 299f590f26da9764f20e905879f0090552ff2e86 Author: Julia Lawall Date: Mon Dec 10 17:16:56 2007 -0800 [XTENSA]: Fix use of skb after netif_rx Recently, Wang Chen submitted a patch (d30f53aeb31d453a5230f526bea592af07944564) to move a call to netif_rx(skb) after a subsequent reference to skb, because netif_rx may call kfree_skb on its argument. The same problem occurs in some other drivers as well. This was found using the following semantic match. (http://www.emn.fr/x-info/coccinelle/) // @@ expression skb, e,e1; @@ ( netif_rx(skb); | netif_rx_ni(skb); ) ... when != skb = e ( skb = e1 | * skb ) // Signed-off-by: Julia Lawall Signed-off-by: David S. Miller commit 505a41d43c24345f3fa77ddab152d1f82dd8264d Author: Julia Lawall Date: Mon Dec 10 17:14:46 2007 -0800 [UM]: Fix use of skb after netif_rx Recently, Wang Chen submitted a patch (d30f53aeb31d453a5230f526bea592af07944564) to move a call to netif_rx(skb) after a subsequent reference to skb, because netif_rx may call kfree_skb on its argument. The same problem occurs in some other drivers as well. This was found using the following semantic match. (http://www.emn.fr/x-info/coccinelle/) // @@ expression skb, e,e1; @@ ( netif_rx(skb); | netif_rx_ni(skb); ) ... when != skb = e ( skb = e1 | * skb ) // Signed-off-by: Julia Lawall Signed-off-by: David S. Miller commit 95a02cfd4d33886c166d4a5f309120f8d32ced58 Author: Thomas Graf Date: Mon Dec 10 16:53:29 2007 -0800 [IPv6] ESP: Discard dummy packets introduced in rfc4303 RFC4303 introduces dummy packets with a nexthdr value of 59 to implement traffic confidentiality. Such packets need to be dropped silently and the payload may not be attempted to be parsed as it consists of random chunk. Signed-off-by: Thomas Graf Signed-off-by: David S. Miller commit 2017a72c070033830b460d31cd4703f9d2ec0d56 Author: Thomas Graf Date: Mon Dec 10 16:53:05 2007 -0800 [IPv4] ESP: Discard dummy packets introduced in rfc4303 RFC4303 introduces dummy packets with a nexthdr value of 59 to implement traffic confidentiality. Such packets need to be dropped silently and the payload may not be attempted to be parsed as it consists of random chunk. Signed-off-by: Thomas Graf Signed-off-by: David S. Miller commit a4e65d36a959005f14142535b58c44cd0f1de8cb Author: Pavel Emelyanov Date: Fri Dec 7 23:55:43 2007 -0800 [IPV4]: Swap the ifa allocation with the"ipv4_devconf_setall" call According to Herbert, the ipv4_devconf_setall should be called only when the ifa is added to the device. However, failed ifa allocation may bring things into inconsistent state. Move the call to ipv4_devconf_setall after the ifa allocation. Fits both net-2.6 (with offsets) and net-2.6.25 (cleanly). Signed-off-by: Pavel Emelyanov Signed-off-by: David S. Miller commit 1df2e44560c0d72f381126e52a3ba53614c1c484 Author: YOSHIFUJI Hideaki Date: Fri Dec 7 23:50:40 2007 -0800 [IPV6] XFRM: Fix auditing rt6i_flags; use RTF_xxx flags instead of RTCF_xxx. RTCF_xxx flags, defined in include/linux/in_route.h) are available for IPv4 route (rtable) entries only. Use RTF_xxx flags instead, defined in include/linux/ipv6_route.h, for IPv6 route entries (rt6_info). Signed-off-by: YOSHIFUJI Hideaki Signed-off-by: David S. Miller