Commit Graph

5037 Commits

Author SHA1 Message Date
Trond Myklebust 03a1256f06 SUNRPC: Add a field to track the number of kernel users of an rpc_pipe
This allows us to correctly deduce when we need to remove the pipe.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:33 -04:00
Trond Myklebust 62e1761cef SUNRPC: Clean up rpc_pipefs.
Add a dentry_ops with a d_delete() method in order to ensure that dentries
are removed as soon as the last reference is gone.

Clean up rpc_depopulate() so that it only removes files that were created
via rpc_populate().

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:33 -04:00
Trond Myklebust 34f3089608 SUNRPC: Enable non-exclusive create in rpc_mkpipe()
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:32 -04:00
Trond Myklebust 6e84c7b66a SUNRPC: Add a downcall queue to struct rpc_inode
Currently, the downcall queue is tied to the struct gss_auth, which means
that different RPCSEC_GSS pseudoflavours must use different upcall pipes.
Add a list to struct rpc_inode that can be used instead.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:32 -04:00
Trond Myklebust 3b68aaeaf5 SUNRPC: Always match an upcall message in gss_pipe_downcall()
It used to be possible for an rpc.gssd daemon to stuff the RPC credential
cache for any rpc client simply by creating RPCSEC_GSS contexts and then
doing downcalls. In practice, no daemons ever made use of this feature.

Remove this feature now, since it will be impossible to figure out which
mechanism a given context actually matches if we enable more
than one gss mechanism to use the same upcall pipe.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:31 -04:00
Trond Myklebust b185f835e2 SUNRPC: Remove the gss_auth spinlock
We're just as well off using the inode spinlock instead.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:31 -04:00
Trond Myklebust 4a8c1344dc SUNRPC: Add a backpointer from the struct rpc_cred to the rpc_auth
Cleans up an issue whereby rpcsec_gss uses the rpc_clnt->cl_auth. If we want
to be able to add several rpc_auths to a single rpc_clnt, then this abuse
must go.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:31 -04:00
Trond Myklebust c1384c9c4c SUNRPC: fix hang due to eventd deadlock...
Brian Behlendorf writes:

The root cause of the NFS hang we were observing appears to be a rare
deadlock between the kernel provided usermodehelper API and the linux NFS
client.  The deadlock can arise because both of these services use the
generic linux work queues.  The usermodehelper API run the specified user
application in the context of the work queue.  And NFS submits both cleanup
and reconnect work to the generic work queue for handling.  Normally this
is fine but a deadlock can result in the following situation.

  - NFS client is in a disconnected state
  - [events/0] runs a usermodehelper app with an NFS dependent operation,
    this triggers an NFS reconnect.
  - NFS reconnect happens to be submitted to [events/0] work queue.
  - Deadlock, the [events/0] work queue will never process the
    reconnect because it is blocked on the previous NFS dependent
    operation which will not complete.`

The solution is simply to run reconnect requests on rpciod.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:31 -04:00
Trond Myklebust 6e5b70e9d1 SUNRPC: clean up rpc_call_async/rpc_call_sync/rpc_run_task
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:30 -04:00
Trond Myklebust 188fef11db SUNRPC: Move rpc_register_client and friends into net/sunrpc/clnt.c
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:30 -04:00
Trond Myklebust f61534dfd3 SUNRPC: Remove redundant calls to rpciod_up()/rpciod_down()
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:30 -04:00
Trond Myklebust 4ada539ed7 SUNRPC: Make create_client() take a reference to the rpciod workqueue
Ensures that an rpc_client always has the possibility to send asynchronous
RPC calls.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:30 -04:00
Trond Myklebust ab418d70e1 SUNRPC: Optimise rpciod_up()
Instead of taking the mutex every time we just need to increment/decrement
rpciod_users, we can optmise by using atomic_inc_not_zero and
atomic_dec_and_test.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:30 -04:00
Trond Myklebust d431a555fc SUNRPC: Don't create an rpc_pipefs directory before rpc_clone is initialised
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:29 -04:00
Trond Myklebust 4c402b4097 SUNRPC: Remove rpc_clnt->cl_count
The kref now does most of what cl_count + cl_user used to do. The only
remaining role for cl_count is to tell us if we are in a 'shutdown'
phase. We can provide that information using a single bit field instead
of a full atomic counter.

Also rename rpc_destroy_client() to rpc_close_client(), which reflects
better what its role is these days.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:29 -04:00
Trond Myklebust 8ad7c892e1 SUNRPC: Make rpc_clone take a reference instead of using cl_count
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:29 -04:00
Trond Myklebust 90c5755ff5 SUNRPC: Kill rpc_clnt->cl_oneshot
Replace it with explicit calls to rpc_shutdown_client() or
rpc_destroy_client() (for the case of asynchronous calls).

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:29 -04:00
Trond Myklebust 848f1fe6be SUNRPC: Kill rpc_clnt->cl_dead
Its use is at best racy, and there is only one user (lockd), which has
additional locking that makes the whole thing redundant.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:29 -04:00
Trond Myklebust 34f52e3591 SUNRPC: Convert rpc_clnt->cl_users to a kref
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:28 -04:00
Trond Myklebust c44fe70553 SUNRPC: Clean up tk_pid allocation and make it lockless
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:28 -04:00
Trond Myklebust 4bef61ff75 SUNRPC: Add a per-rpc_clnt spinlock
Use that to protect the rpc_clnt->cl_tasks list instead of using a global
lock.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:28 -04:00
Trond Myklebust 6529eba08f SUNRPC: Move rpc_task->tk_task list into struct rpc_clnt
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:28 -04:00
Trond Myklebust b39e625b6e NFSv4: Clean up nfs4_call_async()
Use rpc_run_task() instead of doing it ourselves.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2007-07-10 23:40:24 -04:00
Linus Torvalds 6ed911fb04 Merge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6
* 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6: (40 commits)
  bonding/bond_main.c: make 2 functions static
  ps3: gigabit ethernet driver for PS3, take3
  [netdrvr] Fix dependencies for ax88796 ne2k clone driver
  eHEA: Capability flag for DLPAR support
  Remove sk98lin ethernet driver.
  sunhme.c:quattro_pci_find() must be __devinit
  bonding / ipv6: no addrconf for slaves separately from master
  atl1: remove write-only var in tx handler
  macmace: use "unsigned long flags;"
  Cleanup usbnet_probe() return value handling
  netxen: deinline and sparse fix
  eeprom_93cx6: shorten pulse timing to match spec (bis)
  phylib: Add Marvell 88E1112 phy id
  phylib: cleanup marvell.c a bit
  AX88796 network driver
  IOC3: Switch to pci refcounting safe APIs
  e100: Fix Tyan motherboard e100 not receiving IPMI commands
  QE Ethernet driver writes to wrong register to mask interrupts
  rrunner.c:rr_init() must be __devinit
  tokenring/3c359.c:xl_init() must be __devinit
  ...
2007-07-10 14:56:22 -07:00
Jay Vosburgh c2edacf80e bonding / ipv6: no addrconf for slaves separately from master
At present, when a device is enslaved to bonding, if ipv6 is
active then addrconf will be initated on the slave (because it is closed
then opened during the enslavement processing).  This causes DAD and RS
packets to be sent from the slave.  These packets in turn can confuse
switches that perform ipv6 snooping, causing them to incorrectly update
their forwarding tables (if, e.g., the slave being added is an inactve
backup that won't be used right away) and direct traffic away from the
active slave to a backup slave (where the incoming packets will be
dropped).

	This patch alters the behavior so that addrconf will only run on
the master device itself.  I believe this is logically correct, as it
prevents slaves from having an IPv6 identity independent from the
master.  This is consistent with the IPv4 behavior for bonding.

	This is accomplished by (a) having bonding set IFF_SLAVE sooner
in the enslavement processing than currently occurs (before open, not
after), and (b) having ipv6 addrconf ignore UP and CHANGE events on
slave devices.

	The eql driver also uses the IFF_SLAVE flag.  I inspected eql,
and I believe this change is reasonable for its usage of IFF_SLAVE, but
I did not test it.

Signed-off-by: Jay Vosburgh <fubar@us.ibm.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-07-10 12:41:19 -04:00
Jens Axboe cf8208d0ea sendfile: convert nfsd to splice_direct_to_actor()
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2007-07-10 08:04:14 +02:00
Akinobu Mita 67c4f7aa9e [PATCH] softmac: use list_for_each_entry
Cleanup using list_for_each_entry.

Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: Joe Jezak <josejx@gentoo.org>
Cc: Daniel Drake <dsd@gentoo.org>
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2007-07-08 22:16:37 -04:00
David Woodhouse 1c39858b5d Fix use-after-free oops in Bluetooth HID.
When cleaning up HIDP sessions, we currently close the ACL connection
before deregistering the input device. Closing the ACL connection
schedules a workqueue to remove the associated objects from sysfs, but
the input device still refers to them -- and if the workqueue happens to
run before the input device removal, the kernel will oops when trying to
look up PHYSDEVPATH for the removed input device.

Fix this by deregistering the input device before closing the
connections.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-07 12:22:37 -07:00
Jarek Poplawski 25442cafb8 [NETPOLL]: Fixups for 'fix soft lockup when removing module'
>From my recent patch:

> >    #1
> >    Until kernel ver. 2.6.21 (including) cancel_rearming_delayed_work()
> >    required a work function should always (unconditionally) rearm with
> >    delay > 0 - otherwise it would endlessly loop. This patch replaces
> >    this function with cancel_delayed_work(). Later kernel versions don't
> >    require this, so here it's only for uniformity.

But Oleg Nesterov <oleg@tv-sign.ru> found:

> But 2.6.22 doesn't need this change, why it was merged?
> 
> In fact, I suspect this change adds a race,
...

His description was right (thanks), so this patch reverts #1.

Signed-off-by: Jarek Poplawski <jarkao2@o2.pl>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:42:44 -07:00
Adrian Bunk 94b83419e5 [NET]: net/core/netevent.c should #include <net/netevent.h>
Every file should include the headers containing the prototypes for
its global functions.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:40:27 -07:00
Jing Min Zhao 25845b5155 [NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values
Choices' index values may be out of range while still encoded in the fixed
length bit-field. This bug may cause access to undefined types (NULL
pointers) and thus crashes (Reported by Zhongling Wen).

This patch also adds checking of decode flag when decoding SEQUENCEs.

Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:40:23 -07:00
Johannes Berg 2cd052e443 [NET] skbuff: remove export of static symbol
skb_clone_fraglist is static so it shouldn't be exported.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:40:19 -07:00
Vlad Yasevich 1669d857a2 SCTP: Add scope_id validation for link-local binds
SCTP currently permits users to bind to link-local addresses,
but doesn't verify that the scope id specified at bind matches
the interface that the address is configured on.  It was report
that this can hang a system.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:40:15 -07:00
Vlad Yasevich f50f95cab7 SCTP: Check to make sure file is valid before setting timeout
In-kernel sockets created with sock_create_kern don't usually
have a file and file descriptor allocated to them.  As a result,
when SCTP tries to check the non-blocking flag, we Oops when
dereferencing a NULL file pointer.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:40:11 -07:00
Vlad Yasevich 3663c30660 SCTP: Fix thinko in sctp_copy_laddrs()
Correctly dereference bytes_copied in sctp_copy_laddrs().
I totally must have spaced when doing this.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-05 17:40:08 -07:00
Jarek Poplawski 17200811cf [NETPOLL] netconsole: fix soft lockup when removing module
#1
Until kernel ver. 2.6.21 (including) cancel_rearming_delayed_work()
required a work function should always (unconditionally) rearm with
delay > 0 - otherwise it would endlessly loop. This patch replaces
this function with cancel_delayed_work(). Later kernel versions don't
require this, so here it's only for uniformity.

#2
After deleting a timer in cancel_[rearming_]delayed_work() there could
stay a last skb queued in npinfo->txq causing a memory leak after
kfree(npinfo).

Initial patch & testing by: Jason Wessel <jason.wessel@windriver.com>

Signed-off-by: Jarek Poplawski <jarkao2@o2.pl>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-28 22:11:47 -07:00
David S. Miller 25243633c2 Merge master.kernel.org:/pub/scm/linux/kernel/git/vxy/lksctp-dev 2007-06-28 21:21:43 -07:00
Stephen Hemminger 0db3dc73f7 [NETPOLL]: tx lock deadlock fix
If sky2 device poll routine is called from netpoll_send_skb, it would
deadlock. The netpoll_send_skb held the netif_tx_lock, and the poll
routine could acquire it to clean up skb's. Other drivers might use
same locking model.

The driver is correct, netpoll should not introduce more locking
problems than it causes already. So change the code to drop lock
before calling poll handler.

Signed-off-by: Stephen Hemminger <shemminger@linux.foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-27 00:39:42 -07:00
Zach Brown 5131a184a3 SCTP: lock_sock_nested in sctp_sock_migrate
sctp_sock_migrate() grabs the socket lock on a newly allocated socket while
holding the socket lock on an old socket.  lockdep worries that this might
be a recursive lock attempt.

 task/3026 is trying to acquire lock:
  (sk_lock-AF_INET){--..}, at: [<ffffffff88105b8c>] sctp_sock_migrate+0x2e3/0x327 [sctp]
 but task is already holding lock:
  (sk_lock-AF_INET){--..}, at: [<ffffffff8810891f>] sctp_accept+0xdf/0x1e3 [sctp]

This patch tells lockdep that this locking is safe by using
lock_sock_nested().

Signed-off-by: Zach Brown <zach.brown@oracle.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-06-26 09:29:09 -04:00
Olaf Kirch 5b5a60da28 [NET]: Make skb_seq_read unmap the last fragment
Having walked through the entire skbuff, skb_seq_read would leave the
last fragment mapped.  As a consequence, the unwary caller would leak
kmaps, and proceed with preempt_count off by one. The only (kind of
non-intuitive) workaround is to use skb_seq_read_abort.

This patch makes sure skb_seq_read always unmaps frag_data after
having cycled through the skb's paged part.

Signed-off-by: Olaf Kirch <olaf.kirch@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-23 23:11:52 -07:00
Shannon Nelson 515e06c455 [NET]: Re-enable irqs before pushing pending DMA requests
This moves the local_irq_enable() call in net_rx_action() to before
calling the CONFIG_NET_DMA's dma_async_memcpy_issue_pending() rather
than after.  This shortens the irq disabled window and allows for DMA
drivers that need to do their own irq hold.

Signed-off-by: Shannon Nelson <shannon.nelson@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-23 23:09:23 -07:00
Jens Axboe ddb61a57bb [TCP] tcp_read_sock: Allow recv_actor() return return negative error value.
tcp_read_sock() currently assumes that the recv_actor() only returns
number of bytes copied. For network splice receive, we may have to
return an error in some cases. So allow the actor to return a negative
error value.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-23 23:07:50 -07:00
Florian Westphal 64beb8f3eb [TIPC]: Fix infinite loop in netlink handler
The tipc netlink config handler uses the nlmsg_pid from the
request header as destination for its reply. If the application
initialized nlmsg_pid to 0, the reply is looped back to the kernel,
causing hangup. Fix: use nlmsg_pid of the skb that triggered the
request.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-23 22:59:40 -07:00
Patrick McHardy dbbeb2f991 [SKBUFF]: Fix incorrect config #ifdef around skb_copy_secmark
secmark doesn't depend on CONFIG_NET_SCHED.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-23 22:58:34 -07:00
YOSHIFUJI Hideaki 6d5b78cdd5 [IPV6] NDISC: Fix thinko to control Router Preference support.
Bug reported by Haruhito Watanabe <haruhito@sfc.keio.ac.jp>.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-22 16:07:04 -07:00
Yasuyuki Kozakai e2d8e314ad [NETFILTER]: nfctnetlink: Don't allow to change helper
There is no realistic situation to change helper (Who wants IRC helper to
track FTP traffic ?). Moreover, if we want to do that, we need to fix race
issue by nfctnetlink and running helper. That will add overhead to packet
processing. It wouldn't pay. So this rejects the request to change
helper. The requests to add or remove helper are accepted as ever.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-22 14:10:22 -07:00
Jerome Borsboom d258131aae [NETFILTER]: nf_conntrack_sip: add missing message types containing RTP info
Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-22 14:08:17 -07:00
Neil Horman 186e234358 SCTP: Fix sctp_getsockopt_get_peer_addrs
This is the split out of the patch that we agreed I should split
out from my last patch.  It changes space_left to be computed in the same
way the to variable is.  I know we talked about changing space_left to an
int, but I think size_t is more appropriate, since we should never have
negative space in our buffer, and computing using offsetof means space_left
should now never drop below zero.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-06-19 09:47:32 -04:00
Neil Horman 408f22e81e SCTP: update sctp_getsockopt helpers to allow oversized buffers
I noted the other day while looking at a bug that was ostensibly
in some perl networking library, that we strictly avoid allowing getsockopt
operations to complete if we pass in oversized buffers.  This seems to make
libraries like Perl::NET malfunction since it seems to allocate oversized
buffers for use in several operations.  It also seems to be out of line with
the way udp, tcp and ip getsockopt routines handle buffer input (since the
*optlen pointer in both an input and an output and gets set to the length
of the data that we copy into the buffer).  This patch brings our getsockopt
helpers into line with other protocols, and allows us to accept oversized
buffers for our getsockopt operations.  Tested by me with good results.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
2007-06-19 09:46:34 -04:00
David Howells 19e6454ca7 [AF_RXRPC]: Return the number of bytes buffered in rxrpc_send_data()
Return the number of bytes buffered in rxrpc_send_data().

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-18 23:30:41 -07:00