Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v3.6 2012-08-30T16:27:14Z 2012-08-30T16:27:14Z Pablo Neira Ayuso pablo@netfilter.org 2012-08-29T15:24:09Z urn:sha1:3f509c689a07a4aa989b426893d8491a7ffcc410 We're hitting bug while trying to reinsert an already existing expectation: kernel BUG at kernel/timer.c:895! invalid opcode: 0000 [#1] SMP [...] Call Trace: <IRQ> [<ffffffffa0069563>] nf_ct_expect_related_report+0x4a0/0x57a [nf_conntrack] [<ffffffff812d423a>] ? in4_pton+0x72/0x131 [<ffffffffa00ca69e>] ip_nat_sdp_media+0xeb/0x185 [nf_nat_sip] [<ffffffffa00b5b9b>] set_expected_rtp_rtcp+0x32d/0x39b [nf_conntrack_sip] [<ffffffffa00b5f15>] process_sdp+0x30c/0x3ec [nf_conntrack_sip] [<ffffffff8103f1eb>] ? irq_exit+0x9a/0x9c [<ffffffffa00ca738>] ? ip_nat_sdp_media+0x185/0x185 [nf_nat_sip] We have to remove the RTP expectation if the RTCP expectation hits EBUSY since we keep trying with other ports until we succeed. Reported-by: Rafal Fitt <rafalf@aplusc.com.pl> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> 2012-08-10T09:53:18Z Patrick McHardy kaber@trash.net 2012-08-09T10:08:47Z urn:sha1:f22eb25cf5b1157b29ef88c793b71972efc47143 Via-headers are parsed beginning at the first character after the Via-address. When the address is translated first and its length decreases, the offset to start parsing at is incorrect and header parameters might be missed. Update the offset after translating the Via-address to fix this. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> 2012-08-10T09:53:11Z Patrick McHardy kaber@trash.net 2012-08-09T10:08:46Z urn:sha1:02b69cbdc2fb2e1bfbfd9ac0c246d7be1b08d3cd Within SIP messages IPv6 addresses are enclosed in square brackets in most cases, with the exception of the "received=" header parameter. Currently the helper fails to parse enclosed addresses. This patch: - changes the SIP address parsing function to enforce square brackets when required, and accept them when not required but present, as recommended by RFC 5118. - adds a new SDP address parsing function that never accepts square brackets since SDP doesn't use them. With these changes, the SIP helper correctly parses all test messages from RFC 5118 (Session Initiation Protocol (SIP) Torture Test Messages for Internet Protocol Version 6 (IPv6)). Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> 2012-07-20T20:31:20Z David S. Miller davem@davemloft.net 2012-07-13T12:03:45Z urn:sha1:f8126f1d5136be1ca1a3536d43ad7a710b5620f8 In order to allow prefixed routes, we have to adjust how rt_gateway is set and interpreted. The new interpretation is: 1) rt_gateway == 0, destination is on-link, nexthop is iph->daddr 2) rt_gateway != 0, destination requires a nexthop gateway Abstract the fetching of the proper nexthop value using a new inline helper, rt_nexthop(), as suggested by Joe Perches. Signed-off-by: David S. Miller <davem@davemloft.net> Tested-by: Vijay Subramanian <subramanian.vijay@gmail.com> 2012-07-07T23:18:50Z David S. Miller davem@davemloft.net 2012-07-07T23:18:50Z urn:sha1:d3a5ea6e2188adeea028c410c83c90e6b6d9347c 2012-07-04T17:37:22Z Pablo Neira Ayuso pablo@netfilter.org 2012-06-29T05:23:24Z urn:sha1:08911475d1d0921401e37d83292b217e1411d10b This patch generalizes nf_ct_l4proto_net by splitting it into chunks and moving the corresponding protocol part to where it really belongs to. To clarify, note that we follow two different approaches to support per-net depending if it's built-in or run-time loadable protocol tracker. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Gao feng <gaofeng@cn.fujitsu.com> 2012-06-29T23:46:02Z Pablo Neira Ayuso pablo@netfilter.org 2012-06-29T06:15:21Z urn:sha1:a31f2d17b331db970259e875b7223d3aba7e3821 This patch adds the following structure: struct netlink_kernel_cfg { unsigned int groups; void (*input)(struct sk_buff *skb); struct mutex *cb_mutex; }; That can be passed to netlink_kernel_create to set optional configurations for netlink kernel sockets. I've populated this structure by looking for NULL and zero parameters at the existing code. The remaining parameters that always need to be set are still left in the original interface. That includes optional parameters for the netlink socket creation. This allows easy extensibility of this interface in the future. This patch also adapts all callers to use this new interface. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2012-06-27T17:14:55Z Gao feng gaofeng@cn.fujitsu.com 2012-06-21T04:36:49Z urn:sha1:a9082b45ad3c7284db974a108e7c1f1af7387d7b Split sysctl function into smaller chucks to cleanup code and prepare patches to reduce ifdef pollution. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> 2012-06-27T16:31:14Z Gao feng gaofeng@cn.fujitsu.com 2012-06-21T04:36:39Z urn:sha1:f1caad274515ffd9841ac57ce9a7b5fc35bbf689 l4proto->init contain quite redundant code. We can simplify this by adding a new parameter l3proto. This patch prepares that code simplification. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> 2012-06-27T04:30:49Z David S. Miller davem@davemloft.net 2012-06-27T04:30:49Z urn:sha1:c2bd4baf410dafeba6aff8ca1cae94344551b0a3 And use nlmsg_data() while we're here too. Signed-off-by: David S. Miller <davem@davemloft.net>