Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-2.6.36.y 2010-12-09T21:32:51Z 2010-12-09T21:32:51Z Eric Dumazet eric.dumazet@gmail.com 2010-10-28T10:34:21Z urn:sha1:259821741e7e4c5f349bd2d91df715e4a5c79f88 commit 6b1686a71e3158d3c5f125260effce171cc7852b upstream. commit ea781f197d6a8 (use SLAB_DESTROY_BY_RCU and get rid of call_rcu()) did a mistake in __vmalloc() call in nf_ct_alloc_hashtable(). I forgot to add __GFP_HIGHMEM, so pages were taken from LOWMEM only. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2010-11-22T19:03:17Z Eric Paris eparis@redhat.com 2010-10-12T15:40:08Z urn:sha1:6bd415f814fe58a973d494c0669c09c8bacdf8f4 commit 15714f7b58011cf3948cab2988abea560240c74f upstream. Commit 4a5a5c73 attempted to pass decent error messages back to userspace for netfilter errors. In xt_SECMARK.c however the patch screwed up and returned on 0 (aka no error) early and didn't finish setting up secmark. This results in a kernel BUG if you use SECMARK. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 2010-09-22T20:13:33Z Eric Dumazet eric.dumazet@gmail.com 2010-09-21T21:17:32Z urn:sha1:15cdeadaa5d76009e20c7792aed69f5a73808f97 As soon as rcu_read_unlock() is called, there is no guarantee current thread can safely derefence t pointer, rcu protected. Fix is to copy t->alloc_size in a temporary variable. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-09-22T20:13:32Z Simon Horman horms@verge.net.au 2010-09-21T21:17:30Z urn:sha1:7874896a26624214bd7c05eeba7c8ab01548b1b5 I initially noticed this because of the compiler warning below, but it does seem to be a valid concern in the case where ct_sip_get_header() returns 0 in the first iteration of the while loop. net/netfilter/nf_conntrack_sip.c: In function 'sip_help_tcp': net/netfilter/nf_conntrack_sip.c:1379: warning: 'ret' may be used uninitialized in this function Signed-off-by: Simon Horman <horms@verge.net.au> [Patrick: changed NF_DROP to NF_ACCEPT] Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-09-22T20:13:31Z Eric Dumazet eric.dumazet@gmail.com 2010-09-21T21:17:29Z urn:sha1:d485d500cf6b13a33bc7a6c09091deea7ea603ca transparent field of a socket is either inet_twsk(sk)->tw_transparent for timewait sockets, or inet_sk(sk)->transparent for other sockets (TCP/UDP). Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-09-08T17:39:57Z Julian Anastasov ja@ssi.bg 2010-09-05T18:02:29Z urn:sha1:6523ce1525e88c598c75a1a6b8c4edddfa9defe8 - Do not create expectation when forwarding the PORT command to avoid blocking the connection. The problem is that nf_conntrack_ftp.c:help() tries to create the same expectation later in POST_ROUTING and drops the packet with "dropping packet" message after failure in nf_ct_expect_related. - Change ip_vs_update_conntrack to alter the conntrack for related connections from real server. If we do not alter the reply in this direction the next packet from client sent to vport 20 comes as NEW connection. We alter it but may be some collision happens for both conntracks and the second conntrack gets destroyed immediately. The connection stucks too. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-09-02T17:05:00Z Julian Anastasov ja@ssi.bg 2010-09-01T23:07:10Z urn:sha1:7bcbf81a2296a8f71342445560dcbe16100b567c Fix Passive FTP problem in ip_vs_ftp: - Do not oops in nf_nat_set_seq_adjust (adjust_tcp_sequence) when iptable_nat module is not loaded Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-08-04T22:31:02Z Linus Torvalds torvalds@linux-foundation.org 2010-08-04T22:31:02Z urn:sha1:3cfc2c42c1cbc8e238bb9c0612c0df4565e3a8b4 * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (48 commits) Documentation: update broken web addresses. fix comment typo "choosed" -> "chosen" hostap:hostap_hw.c Fix typo in comment Fix spelling contorller -> controller in comments Kconfig.debug: FAIL_IO_TIMEOUT: typo Faul -> Fault fs/Kconfig: Fix typo Userpace -> Userspace Removing dead MACH_U300_BS26 drivers/infiniband: Remove unnecessary casts of private_data fs/ocfs2: Remove unnecessary casts of private_data libfc: use ARRAY_SIZE scsi: bfa: use ARRAY_SIZE drm: i915: use ARRAY_SIZE drm: drm_edid: use ARRAY_SIZE synclink: use ARRAY_SIZE block: cciss: use ARRAY_SIZE comment typo fixes: charater => character fix comment typos concerning "challenge" arm: plat-spear: fix typo in kerneldoc reiserfs: typo comment fix update email address ... 2010-08-04T13:14:38Z Jiri Kosina jkosina@suse.cz 2010-08-04T13:14:38Z urn:sha1:d790d4d583aeaed9fc6f8a9f4d9f8ce6b1c15c7f 2010-08-02T15:56:28Z Changli Gao xiaosuo@gmail.com 2010-08-02T15:56:28Z urn:sha1:6661481d5a8975657742c7ed40ae16bdaa7d0a6e use skb->len for accounting as xt_quota does. Since nf_conntrack works at the network layer, skb_network_offset should always returns ZERO. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>