Herbert Xu [Wed, 10 Oct 2007 22:42:23 +0000 (15:42 -0700)]
[IPSEC] beet: Fix extension header support on output
The beet output function completely kills any extension headers by replacing
them with the IPv6 header. This is because it essentially ignores the
result of ip6_find_1stfragopt by simply acting as if there aren't any
extension headers.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Wed, 10 Oct 2007 22:41:41 +0000 (15:41 -0700)]
[IPSEC] esp: Remove NAT-T checksum invalidation for BEET
I pointed this out back when this patch was first proposed but it looks like
it got lost along the way.
The checksum only needs to be ignored for NAT-T in transport mode where
we lose the original inner addresses due to NAT. With BEET the inner
addresses will be intact so the checksum remains valid.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Mitsuru Chinen [Wed, 10 Oct 2007 09:53:43 +0000 (02:53 -0700)]
[IPV6]: Defer IPv6 device initialization until a valid qdisc is specified
To judge the timing for DAD, netif_carrier_ok() is used. However,
there is a possibility that dev->qdisc stays noop_qdisc even if
netif_carrier_ok() returns true. In that case, DAD NS is not sent out.
We need to defer the IPv6 device initialization until a valid qdisc
is specified.
Signed-off-by: Mitsuru Chinen <mitch@linux.vnet.ibm.com>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Wed, 10 Oct 2007 09:49:09 +0000 (02:49 -0700)]
[NET]: Remove double dev->flags checking when calling dev_close()
The unregister_netdevice() and dev_change_net_namespace()
both check for dev->flags to be IFF_UP before calling the
dev_close(), but the dev_close() checks for IFF_UP itself,
so remove those unneeded checks.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ilpo Järvinen [Wed, 10 Oct 2007 09:45:32 +0000 (02:45 -0700)]
[TCP]: Separate lost_retrans loop into own function
Follows own function for each task principle, this is really
somewhat separate task being done in sacktag. Also reduces
indentation.
In addition, added ack_seq local var to break some long
lines & fixed coding style things.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jan Glauber [Tue, 9 Oct 2007 14:43:13 +0000 (22:43 +0800)]
[CRYPTO] sha: Add header file for SHA definitions
There are currently several SHA implementations that all define their own
initialization vectors and size values. Since this values are idential
move them to a header file under include/crypto.
Signed-off-by: Jan Glauber <jang@de.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Sebastian Siewior [Mon, 8 Oct 2007 03:45:10 +0000 (11:45 +0800)]
[CRYPTO] sha: Load the SHA[1|256] module by an alias
Loading the crypto algorithm by the alias instead of by module directly
has the advantage that all possible implementations of this algorithm
are loaded automatically and the crypto API can choose the best one
depending on its priority.
Additionally it ensures that the generic implementation as well as the
HW driver (if available) is loaded in case the HW driver needs the
generic version as fallback in corner cases.
Also remove the probe for sha1 in padlock's init code.
Quote from Herbert:
The probe is actually pointless since we can always probe when
the algorithm is actually used which does not lead to dead-locks
like this.
Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Sebastian Siewior [Fri, 5 Oct 2007 08:52:01 +0000 (16:52 +0800)]
[CRYPTO] aes: Rename aes to aes-generic
Loading the crypto algorithm by the alias instead of by module directly
has the advantage that all possible implementations of this algorithm
are loaded automatically and the crypto API can choose the best one
depending on its priority.
Additionally it ensures that the generic implementation as well as the
HW driver (if available) is loaded in case the HW driver needs the
generic version as fallback in corner cases.
Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Sebastian Siewior [Fri, 5 Oct 2007 08:42:03 +0000 (16:42 +0800)]
[CRYPTO] des: Rename des to des-generic
Loading the crypto algorithm by the alias instead of by module directly
has the advantage that all possible implementations of this algorithm
are loaded automatically and the crypto API can choose the best one
depending on its priority.
Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 4 Oct 2007 07:24:05 +0000 (15:24 +0800)]
[CRYPTO] blkcipher: Added blkcipher_walk_virt_block
This patch adds the helper blkcipher_walk_virt_block which is similar to
blkcipher_walk_virt but uses a supplied block size instead of the block
size of the block cipher. This is useful for CTR where the block size is
1 but we still want to walk by the block size of the underlying cipher.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 4 Oct 2007 06:49:00 +0000 (14:49 +0800)]
[CRYPTO] blkcipher: Increase kmalloc amount to aligned block size
Now that the block size is no longer a multiple of the alignment, we need to
increase the kmalloc amount in blkcipher_next_slow to use the aligned block
size.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Tue, 2 Oct 2007 14:27:29 +0000 (22:27 +0800)]
[CRYPTO] api: Explain the comparison on larval cra_name
This patch adds a comment to explain why we compare the cra_driver_name of
the algorithm being registered against the cra_name of a larval as opposed
to the cra_driver_name of the larval.
In fact larvals have only one name, cra_name which is the name that was
requested by the user. The test here is simply trying to find out whether
the algorithm being registered can or can not satisfy the larval.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sat, 29 Sep 2007 13:24:23 +0000 (21:24 +0800)]
[CRYPTO] blkcipher: Remove alignment restriction on block size
Previously we assumed for convenience that the block size is a multiple of
the algorithm's required alignment. With the pending addition of CTR this
will no longer be the case as the block size will be 1 due to it being a
stream cipher. However, the alignment requirement will be that of the
underlying implementation which will most likely be greater than 1.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Fri, 28 Sep 2007 01:07:12 +0000 (09:07 +0800)]
[CRYPTO] authenc: Kill spaces in algorithm names
We do not allow spaces in algorithm names or parameters. Thanks to Joy Latten
for pointing this out.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Fri, 28 Sep 2007 01:06:11 +0000 (09:06 +0800)]
[CRYPTO] cryptomgr: Fix parsing of recursive algorithms
As Joy Latten points out, inner algorithm parameters will miss the closing
bracket which will also cause the outer algorithm to terminate prematurely.
This patch fixes that also kills the WARN_ON if the number of parameters
exceed the maximum as that is a user error.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Rik Snel [Wed, 19 Sep 2007 12:23:13 +0000 (20:23 +0800)]
[CRYPTO] xts: XTS blockcipher mode implementation without partial blocks
XTS currently considered to be the successor of the LRW mode by the IEEE1619
workgroup. LRW was discarded, because it was not secure if the encyption key
itself is encrypted with LRW.
XTS does not have this problem. The implementation is pretty straightforward,
a new function was added to gf128mul to handle GF(128) elements in ble format.
Four testvectors from the specification
http://grouper.ieee.org/groups/1619/email/pdf00086.pdf
were added, and they verify on my system.
Signed-off-by: Rik Snel <rsnel@cube.dyndns.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Ingo Oeser [Wed, 19 Sep 2007 11:11:41 +0000 (19:11 +0800)]
[CRYPTO] blkcipher: Use max() in blkcipher_get_spot() to state the intention
Use max in blkcipher_get_spot() instead of open coding it.
Signed-off-by: Ingo Oeser <ioe-lkml@rameria.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sat, 1 Sep 2007 08:52:13 +0000 (16:52 +0800)]
[CRYPTO] api: Kill crypto_km_types
When scatterwalk is built as a module digest.c was broken because it
requires the crypto_km_types structure which is in scatterwalk. This
patch removes the crypto_km_types structure by encoding the logic into
crypto_kmap_type directly.
In fact, this even saves a few bytes of code (not to mention the data
structure itself) on i386 which is about the only place where it's
needed.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 30 Aug 2007 08:24:15 +0000 (16:24 +0800)]
[CRYPTO] aead: Add authenc
This patch adds the authenc algorithm which constructs an AEAD algorithm
from an asynchronous block cipher and a hash. The construction is done
by concatenating the encrypted result from the cipher with the output
from the hash, as is used by the IPsec ESP protocol.
The authenc algorithm exists as a template with four parameters:
authenc(auth, authsize, enc, enckeylen).
The authentication algorithm, the authentication size (i.e., truncating
the output of the authentication algorithm), the encryption algorithm,
and the encryption key length. Both the size field and the key length
field are in bytes. For example, AES-128 with SHA1-HMAC would be
represented by
authenc(hmac(sha1), 12, cbc(aes), 16)
The key for the authenc algorithm is the concatenation of the keys for
the authentication algorithm with the encryption algorithm. For the
above example, if a key of length 36 bytes is given, then hmac(sha1)
would receive the first 20 bytes while the last 16 would be given to
cbc(aes).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Wed, 29 Aug 2007 11:02:04 +0000 (19:02 +0800)]
[CRYPTO] api: Fixed crypto_*_reqsize return type
This patch changes the return type of crypto_*_reqsize from int to
unsigned int which matches what the underlying type is (and should
be).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Wed, 29 Aug 2007 08:31:34 +0000 (16:31 +0800)]
[CRYPTO] scatterwalk: Add scatterwalk_map_and_copy
This patch adds the function scatterwalk_map_and_copy which reads or
writes a chunk of data from a scatterlist at a given offset. It will
be used by authenc which would read/write the authentication data at
the end of the cipher/plain text.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Wed, 29 Aug 2007 08:06:15 +0000 (16:06 +0800)]
[CRYPTO] api: Move scatterwalk into algapi
The scatterwalk code is only used by algorithms that can be built as
a module. Therefore we can move it into algapi.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Sun, 26 Aug 2007 11:12:47 +0000 (19:12 +0800)]
[CRYPTO] ablkcipher: Remove queue pointer from common alg object
Since not everyone needs a queue pointer and those who need it can
always get it from the context anyway the queue pointer in the
common alg object is redundant.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 23 Aug 2007 08:23:01 +0000 (16:23 +0800)]
[CRYPTO] api: Add missing headers for setkey_unaligned
This patch ensures that kernel.h and slab.h are included for
the setkey_unaligned function. It also breaks a couple of
long lines.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Wed, 29 Aug 2007 11:27:26 +0000 (19:27 +0800)]
[CRYPTO] api: Add support for multiple template parameters
This patch adds support for having multiple parameters to
a template, separated by a comma. It also adds support
for integer parameters in addition to the current algorithm
parameter type.
This will be used by the authenc template which will have
four parameters: the authentication algorithm, the encryption
algorithm, the authentication size and the encryption key
length.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Herbert Xu [Thu, 30 Aug 2007 07:36:14 +0000 (15:36 +0800)]
[CRYPTO] api: Add aead crypto type
This patch adds crypto_aead which is the interface for AEAD
(Authenticated Encryption with Associated Data) algorithms.
AEAD algorithms perform authentication and encryption in one
step. Traditionally users (such as IPsec) would use two
different crypto algorithms to perform these. With AEAD
this comes down to one algorithm and one operation.
Of course if traditional algorithms were used we'd still
be doing two operations underneath. However, real AEAD
algorithms may allow the underlying operations to be
optimised as well.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Hye-Shik Chang [Tue, 21 Aug 2007 12:01:03 +0000 (20:01 +0800)]
[CRYPTO] seed: New cipher algorithm
This patch adds support for the SEED cipher (RFC4269).
This patch have been used in few VPN appliance vendors in Korea for
several years. And it was verified by KISA, who developed the
algorithm itself.
As its importance in Korean banking industry, it would be great
if linux incorporates the support.
Signed-off-by: Hye-Shik Chang <perky@FreeBSD.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Sebastian Siewior [Thu, 2 Aug 2007 12:41:53 +0000 (20:41 +0800)]
[CRYPTO] api: Add crypto_ablkcipher_ctx_aligned
This is function does the same thing for ablkcipher that is done for
blkcipher by crypto_blkcipher_ctx_aligned(): it returns an aligned
address of the private ctx.
Signed-off-by: Sebastian Siewior <sebastian@breakpoint.cc>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Adrian Bunk [Tue, 17 Jul 2007 12:33:16 +0000 (20:33 +0800)]
[CRYPTO] drivers/Kconfig: Remove "default m"s
Hardware drivers shouldn't default to m.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Adrian Bunk [Tue, 17 Jul 2007 12:31:34 +0000 (20:31 +0800)]
[CRYPTO] Kconfig: Remove "default m"s
Other options requiring specific block cipher algorithms already have
the appropriate select's.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Pavel Emelyanov [Wed, 10 Oct 2007 09:31:07 +0000 (02:31 -0700)]
[SUNRPC]: Make the sunrpc use the seq_open_private()
Just switch to the consolidated code.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Wed, 10 Oct 2007 09:30:45 +0000 (02:30 -0700)]
[IRDA]: Make the IRDA use the seq_open_private()
Just switch to the consolidated code
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Wed, 10 Oct 2007 09:30:23 +0000 (02:30 -0700)]
[DECNET]: Make decnet code use the seq_open_private()
Just switch to the consolidated code.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Wed, 10 Oct 2007 09:29:58 +0000 (02:29 -0700)]
[NETFILTER]: Make netfilter code use the seq_open_private
Just switch to the consolidated calls.
ipt_recent() has to initialize the private, so use
the __seq_open_private() helper.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Wed, 10 Oct 2007 09:29:29 +0000 (02:29 -0700)]
[NET]: Make core networking code use seq_open_private
This concerns the ipv4 and ipv6 code mostly, but also the netlink
and unix sockets.
The netlink code is an example of how to use the __seq_open_private()
call - it saves the net namespace on this private.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Wed, 10 Oct 2007 09:28:42 +0000 (02:28 -0700)]
[FS] seq_file: Introduce the seq_open_private()
This function allocates the zeroed chunk of memory and
call seq_open(). The __seq_open_private() helper returns
the allocated memory to make it possible for the caller
to initialize it.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Roland Dreier [Tue, 9 Oct 2007 22:48:56 +0000 (15:48 -0700)]
ibm_emac: Convert to use napi_struct independent of struct net_device
Commit
da3dedd9 ("[NET]: Make NAPI polling independent of struct
net_device objects.") changed the interface to NAPI polling. Fix up
the ibm_newemac driver so that it works with this new interface. This
is actually a nice cleanup because ibm_newemac is one of the drivers
that wants to have multiple NAPI structures for a single net_device.
Compile-tested only as I don't have a system that uses the ibm_newemac
driver. This conversion the conversion for the ibm_emac driver that
was tested on real PowerPC 440SPe hardware.
Signed-off-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Roland Dreier [Tue, 9 Oct 2007 22:47:59 +0000 (15:47 -0700)]
ibm_new_emac: Nuke SET_MODULE_OWNER() use
Signed-off-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Roland Dreier [Tue, 9 Oct 2007 22:47:37 +0000 (15:47 -0700)]
ibm_emac: Convert to use napi_struct independent of struct net_device
Commit
da3dedd9 ("[NET]: Make NAPI polling independent of struct
net_device objects.") changed the interface to NAPI polling. Fix up
the ibm_emac driver so that it works with this new interface. This is
actually a nice cleanup because ibm_emac is one of the drivers that
wants to have multiple NAPI structures for a single net_device.
Tested with the internal MAC of a PowerPC 440SPe SoC with an AMCC
'Yucca' evaluation board.
Signed-off-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Roland Dreier [Tue, 9 Oct 2007 22:46:13 +0000 (15:46 -0700)]
IPoIB: Fix unused variable warning
The conversion to use netdevice internal stats left an unused variable
in ipoib_neigh_free(), since there's no longer any reason to get
netdev_priv() in order to increment dropped packets. Delete the
unused priv variable.
Signed-off-by: Roland Dreier <rolandd@cisco.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Mark Brown [Tue, 9 Oct 2007 21:57:39 +0000 (22:57 +0100)]
natsemi: Use NATSEMI_TIMER_FREQ consistently
The natsemi driver has a define NATSEMI_TIMER_FREQ which looks like it
controls the normal frequency of the chip poll timer but in fact only
takes effect for the first run of the timer. Adjust the value of the
define to match that used by the timer and use the define consistently.
Signed-off-by: Mark Brown <broonie@sirena.org.uk>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Stephen Hemminger [Mon, 8 Oct 2007 23:22:29 +0000 (16:22 -0700)]
cxgb3 sparse warning fixes
Fix warnings from sparse related to shadowed variables and routines
that should be declared static.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Stephen Hemminger [Mon, 8 Oct 2007 23:19:10 +0000 (16:19 -0700)]
chelsio: sparse warning fixes (old cxgb2)
Fix problems detected by sparse:
1. whole chunk of MAC code was for defined and never used
2. hook for running ext intr in workqueue wasn't being used
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Jan-Bernd Themann [Mon, 8 Oct 2007 14:01:33 +0000 (16:01 +0200)]
ehea: use kernel event queue
eHEA recovery and DLPAR functions are called seldomly. The eHEA workqueues
are replaced by the kernel event queue.
Signed-off-by: Jan-Bernd Themann <themann@de.ibm.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Stephen Hemminger [Sat, 6 Oct 2007 00:19:47 +0000 (17:19 -0700)]
network drivers: sparse warning fixes
Fix some of the easy warnings in network device drivers.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Stephen Hemminger [Fri, 5 Oct 2007 19:39:21 +0000 (12:39 -0700)]
s2io: sparse warnings fix (rev2)
Fix warnings from sparse checker about shadowed definition and improperly
formatted ethtool_strings.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Auke Kok [Fri, 5 Oct 2007 22:22:02 +0000 (15:22 -0700)]
e1000e: restore flow control settings properly
After a cable unplug the forced flow control settings were lost
accidentally and the flow control settings fell back to the default
EEPROM determined values. This breaks for people who want to
run without fc enabled - after a cable reset the driver would
refuse to run with fc disabled.
Signed-off-by: Auke Kok <auke-jan.h.kok@intel.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Auke Kok [Fri, 5 Oct 2007 21:15:23 +0000 (14:15 -0700)]
e1000e: Simple optimizations in e1000_xmit_frame
After an e1000 patch from Krishna Kumar <krkumar2@in.ibm.com>.
Signed-off-by: Auke Kok <auke-jan.h.kok@intel.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Krishna Kumar [Fri, 5 Oct 2007 21:15:16 +0000 (14:15 -0700)]
e1000: Simple optimizations in e1000_xmit_frame
Some simple optimizations in e1000_xmit_frame.
Signed-off-by: Krishna Kumar <krkumar2@in.ibm.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
Mattias Nissler [Sun, 7 Oct 2007 14:35:31 +0000 (16:35 +0200)]
[PATCH] mac80211: Defer setting of RX_FLAG_DECRYPTED.
The decryption handlers will skip the frame if the RX_FLAG_DECRYPTED
flag is set, so the early flag setting introduced by Johannes breaks
decryption. To work around this, call the handlers first and then set
the flag.
Signed-off-by: Mattias Nissler <mattias.nissler@gmx.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
John W. Linville [Thu, 4 Oct 2007 18:04:40 +0000 (14:04 -0400)]
[PATCH] ieee80211_if_set_type: make check for master dev more explicit
Problem description by Daniel Drake <dsd@gentoo.org>:
"This sequence of events causes loss of connectivity:
<plug in>
<associate as normal in managed mode>
ifconfig eth7 down
iwconfig eth7 mode monitor
ifconfig eth7 up
ifconfig eth7 down
iwconfig eth7 mode managed
<associate as normal>
At this point you are associated but TX does not work. This is because
the eth7 hard_start_xmit is still ieee80211_monitor_start_xmit."
The problem is caused by ieee80211_if_set_type checking for a non-zero
hard_start_xmit pointer value in order to avoid changing that value for
master devices. The fix is to make that check more explicitly linked to
master devices rather than simply checking if the value has been
previously set.
CC: Daniel Drake <dsd@gentoo.org>
Acked-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Holger Schurig [Tue, 9 Oct 2007 13:04:14 +0000 (15:04 +0200)]
[PATCH] libertas: let get nick return what set nick has set
Make the get-nickname wireless extension actually work. Before
this patch, I could do "iwconfig eth1 nick BLAH" but "iwconfig
eth1" would have still showed "MRVL-USB8388" to me. Hey, and that
was wrong anyway, I'm on a CF card, not on USB :-)
Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de>
Acked-By: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Holger Schurig [Tue, 9 Oct 2007 12:30:10 +0000 (14:30 +0200)]
[PATCH] libertas: remove one superfluous include
This makes scripts/checkincludes.pl happy.
Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Holger Schurig [Tue, 9 Oct 2007 12:15:19 +0000 (14:15 +0200)]
[PATCH] libertas: clean up scan debug messages
* make scan debug output cleaner
* change some LBS_DEB_ASSOC messages to LBS_DEB_SCAN, which is more correct
* move helper functions together
* print function return value in the tracing code at one central location
Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de>
Acked-By: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Holger Schurig [Mon, 8 Oct 2007 10:20:04 +0000 (12:20 +0200)]
[PATCH] libertas: fix "warning: Using plain integer as NULL pointer" sparse warnings
This fixes three "warning: Using plain integer as NULL pointer"
sparse warnings.
Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Holger Schurig [Mon, 8 Oct 2007 09:09:30 +0000 (11:09 +0200)]
[PATCH] libertas: fix a debug statement
Fix a debug statement
Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Geert Uytterhoeven [Mon, 8 Oct 2007 07:43:02 +0000 (09:43 +0200)]
[PATCH] libertas link error due to gcc `smartness'
Some versions of gcc replace strstr() calls with a single-character `needle'
parameter by strchr() behind our back. This causes a link error if strchr() is
defined as an inline function in <asm/string.h> (e.g. on m68k):
| drivers/built-in.o: In function `libertas_parse_chan':
| linux/drivers/net/wireless/libertas/debugfs.c:209: undefined reference to `strchr'
| drivers/built-in.o: In function `libertas_parse_ssid':
| linux/drivers/net/wireless/libertas/debugfs.c:260: undefined reference to `strchr'
Avoid this by explicitly calling strchr() instead.
Also include <linux/string.h>, because this file calls lots of str*() routines.
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Acked-By: Holger Schurig <hs4233@mail.mn-solutions.de>
Acked-By: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Holger Schurig [Mon, 8 Oct 2007 09:07:27 +0000 (11:07 +0200)]
[PATCH] libertas: fix u8 constant
Don't write constants that are (per documentation and struct) u8
as 0x0001, use 0x01 instead. Also remove an useless cast.
Signed-off-by: Holger Schurig <hs4233@mail.mn-solutions.de>
Acked-By: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Dan Williams [Wed, 3 Oct 2007 14:37:45 +0000 (10:37 -0400)]
[PATCH] libertas: problems setting wpa keys
The 88w8385 chip, using SDIO interface and firmware release 5.0.11p0,
has problems when both unicast and multicast WPA keys are set in one
command. This patch ensures the keys are set independently.
The original author of this patch is Marc Pignat <marc.pignat@hevs.ch>
Signed-off-by: Marc Pignat <marc.pignat@hevs.ch>
Signed-off-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:18:41 +0000 (14:18 +0200)]
[PATCH] rt2x00: Release 2.0.10
Version bump
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:18:22 +0000 (14:18 +0200)]
[PATCH] rt2x00: Allways memset memory obtained from skb_push()
When skb_push() is used we should memset the memory before
usage. This will prevent bugs which could occur when the
data is treated as TX descriptor.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:18:00 +0000 (14:18 +0200)]
[PATCH] rt2x00: Clean disabling of rt73usb_get_tsf
By defining rt73usb_get_tsf to NULL we only
have 1 location that needs to be edited
when rt73usb_get_tsf can be enabled again.
This also reduces the number of #ifdefs in
the code which is also a "good thing"
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 11:34:52 +0000 (13:34 +0200)]
[PATCH] rt2x00: Reorganize configuration handler
Reorganize configuration handling by creating a extra
structure which contains precalculated values based
on the mac80211 values which are usefull for all
individual drivers.
This also fixes the preamble configuration problem,
up untill now preamble was never configured since
by default the rate->val value was used when changing
the mode.
Now rate->val will only be used to set the basic rate mask.
The preamble configuration will now be done correctly
through the erp_ie_changed callback function.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:16:30 +0000 (14:16 +0200)]
[PATCH] rt2x00: Small optimizations
Make some small optimizations by removing
some simple if-statements.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:16:09 +0000 (14:16 +0200)]
[PATCH] rt2x00: Pass dev_state to rt2x00lib_toggle_rx
Directly pass a value from the enum dev_state with rt2x00lib_toggle_rx,
this will save us a ? : statement, and it is clearer then passing a 1 0
argument.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:15:46 +0000 (14:15 +0200)]
[PATCH] rt2x00: Add get_tx_data_len callback function
The TX datalen must always be converted to a value rt73 and rt2500usb
understand. Both require to use a different size then skb->len.
First off this is required because the descriptor must be added,
but the second is because the value must be a multiple of either 2 or 4,
and it should not be a multiple of the USB packetmax
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:15:20 +0000 (14:15 +0200)]
[PATCH] rt2x00: Cut lines down to 80 characters
rt61pci contained 1 line of 88 characters width,
this needs to be cut down.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:14:58 +0000 (14:14 +0200)]
[PATCH] rt2x00: get_duration expects values in 100kbs
get_duration expects all speeds to be passed in 100kbs,
this means that passing 2 is incorrect and should be raised to 20
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:14:29 +0000 (14:14 +0200)]
[PATCH] rt2x00: Move TSF sync values into rt2x00config
All drivers use the same values for TSF sync,
this will move the value determination into rt2x00config.c,
and the definition for the values to rt2x00reg.h
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:14:06 +0000 (14:14 +0200)]
[PATCH] rt2x00: Fix rfkill handling
As reported by Modestas Vainius, enabling rkfill in 1 driver and
disabling it in a second could cause a NULL pointer exception when
the rfkill-disabled driver still sets the CONFIG_SUPPORT_HW_BUTTON flag.
Furthermore, rfkill expects the timeout as a value in milliseconds
instead of jiffies. Also increase the timeout to a second,
since this 250ms would be overkill.
Also the flag DEVICE_ENABLED_RADIO_HW is causing problems
for devices which do not support the hardware button
while rfkill is enabled in the driver.
To remidy this we should inverse the flag and its meaning,
rename the flag to DEVICE_DISABLED_RADIO_HW this means that
by default the radio is enabled by the hardware button (if present)
and can only be disabled explicitely.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:13:38 +0000 (14:13 +0200)]
[PATCH] rt2x00: Don't use changed_flags inside configure_packet_filter
We shouldn't use changed_flags when configuring the packet filter,
we work directly with the total_flags which is safe enough since
we already check if something has changed after we applied our
packet filtering flag rules.
Also make sure that when the packet filter is scheduled, the
rt2x00dev->interface.filter is cleared to make sure the drivers
will update the packet filter instead of failing at the check:
*total_flags == rt2x00dev->interface.filter
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:13:06 +0000 (14:13 +0200)]
[PATCH] rt2x00: Move rt2x00dev flags into enumeration
By putting the flags into a enumeration we can
make it easier maintable since we don't have to
assign numbers for each flag. This makes it easier
to insert and remove flags.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:12:42 +0000 (14:12 +0200)]
[PATCH] rt2x00: Store "STARTED" state during suspend
Store the started state into a new flag DEVICE_STARTED_SUSPEND
and set this when suspending while the device was started.
We can't check for is_interface_present() since only mac80211
knows if there are monitor interfaces present.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:12:13 +0000 (14:12 +0200)]
[PATCH] rt2x00: Remove radio check from rt2x00lib_toggle_rx
Don't check if the radio is enabled in rt2x00lib_toggle_rx,
this is required since the link tuner should be disabled
when shutting down the device. The remaining calls inside the
rt2x00lib_toggle_rx handler should deliver no problems when
called while the radio is done.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Ivo van Doorn [Sat, 6 Oct 2007 12:11:46 +0000 (14:11 +0200)]
[PATCH] rt2x00: Remove duplicate code in MAC & BSSID handling
The various drivers contained duplicate code to handle the
MAC and BSSID initialization correctly. This moves the
address copy to little endian variables to rt2x00config.
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Martti Huttunen [Thu, 4 Oct 2007 04:06:00 +0000 (00:06 -0400)]
[PATCH] p54usb: Add device ID for Linksys WUSB54AG
Add the device ID for Linksys WUSB54AG.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Michael Wu [Thu, 4 Oct 2007 04:04:07 +0000 (00:04 -0400)]
[PATCH] rtl8187: Add device ID for HP wireless print kit usb dongle
This adds the device ID for the HP wireless print kit usb dongle.
Thanks to Thierry Merle for the patch to the original rtl8187 driver.
Signed-off-by: Michael Wu <flamingice@sourmilk.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Dan Williams [Tue, 9 Oct 2007 17:55:24 +0000 (13:55 -0400)]
[PATCH] ipw2200: batch non-user-requested scan result notifications
ipw2200 makes extensive use of background scanning when unassociated or
down. Unfortunately, the firmware sends scan completed events many
times per second, which the driver pushes directly up to userspace.
This needlessly wakes up processes listening for wireless events many
times per second. Batch together scan completed events for
non-user-requested scans and send them up to userspace every 4 seconds.
Scan completed events resulting from an SIOCSIWSCAN call are pushed up
without delay.
Signed-off-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Marcin Juszkiewicz [Sun, 7 Oct 2007 18:51:08 +0000 (20:51 +0200)]
[PATCH] Add Linksys card to HostAP driver
Socket 1:
product info: "The Linksys Group, Inc.", "Wireless Network CF Card", "ISL37300P", "RevA"
manfid: 0x0274, 0x3301
Signed-off-by: Marcin Juszkiewicz <openembedded@haerwu.biz>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Daniel Drake [Sun, 7 Oct 2007 15:24:26 +0000 (16:24 +0100)]
[PATCH] zd1211rw: Add ID for TalkTalk SNU5630NS/05
Tested by Su-Jong You
zd1211b chip 0471:1237 v4810 high 00-12-bf AL2230_RF pa0 g--N
Signed-off-by: Daniel Drake <dsd@gentoo.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Stefan Lippers-Hollmann [Fri, 5 Oct 2007 21:42:51 +0000 (23:42 +0200)]
[PATCH] hostap_cs: Add device ID for Telekom T-Sinus 111card
This adds the PCMCIA device ID for the Deutsche Telekom T-Sinus 111card to
hostap_cs.
$ /sbin/lspcmcia -v
[...]
Socket 0 Device 0: [hostap_cs] (bus ID: 0.0)
Configuration: state: on
Product Name: T-Sinus 111card 2.0.0
Identification: manf_id: 0x01bf card_id: 0x3301
function: 6 (network)
prod_id(1): "T-Sinus" (0x8c389dc1)
prod_id(2): "111card" (0x6a23ac17)
prod_id(3): --- (---)
prod_id(4): "2.0.0" (0x92b9effb)
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Herbert Xu [Tue, 9 Oct 2007 20:33:35 +0000 (13:33 -0700)]
[IPSEC]: Move state lock into x->type->output
This patch releases the lock on the state before calling x->type->output.
It also adds the lock to the spots where they're currently needed.
Most of those places (all except mip6) are expected to disappear with
async crypto.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 20:31:47 +0000 (13:31 -0700)]
[IPSEC]: Lock state when copying non-atomic fields to user-space
This patch adds locking so that when we're copying non-atomic fields such as
life-time or coaddr to user-space we don't get a partial result.
For af_key I've changed every instance of pfkey_xfrm_state2msg apart from
expiration notification to include the keys and life-times. This is in-line
with XFRM behaviour.
The actual cases affected are:
* pfkey_getspi: No change as we don't have any keys to copy.
* key_notify_sa:
+ ADD/UPD: This wouldn't work otherwise.
+ DEL: It can't hurt.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 20:30:57 +0000 (13:30 -0700)]
[XFRM] user: Move attribute copying code into copy_to_user_state_extra
Here's a good example of code duplication leading to code rot. The
notification patch did its own netlink message creation for xfrm states.
It duplicated code that was already in dump_one_state. Guess what, the
next time (and the time after) when someone updated dump_one_state the
notification path got zilch.
This patch moves that code from dump_one_state to copy_to_user_state_extra
and uses it in xfrm_notify_sa too. Unfortunately whoever updates this
still needs to update xfrm_sa_len since the notification path wants to
know the exact size for allocation.
At least I've added a comment saying so and if someone still forgest, we'll
have a WARN_ON telling us so.
I also changed the security size calculation to use xfrm_user_sec_ctx since
that's what we actually put into the skb. However it makes no practical
difference since it has the same size as xfrm_sec_ctx.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 20:29:52 +0000 (13:29 -0700)]
[IPSEC]: Move common code into xfrm_alloc_spi
This patch moves some common code that conceptually belongs to the xfrm core
from af_key/xfrm_user into xfrm_alloc_spi.
In particular, the spin lock on the state is now taken inside xfrm_alloc_spi.
Previously it also protected the construction of the response PF_KEY/XFRM
messages to user-space. This is inconsistent as other identical constructions
are not protected by the state lock. This is bad because they in fact should
be protected but only in certain spots (so as not to hold the lock for too
long which may cause packet drops).
The SPI byte order conversion has also been moved.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 20:27:27 +0000 (13:27 -0700)]
[IPSEC]: Remove gratuitous km wake-up events on ACQUIRE
There is no point in waking people up when creating/updating larval states
because they'll just go back to sleep again as larval states by definition
cannot be found by xfrm_state_find.
We should only wake them up when the larvals mature or die.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 20:25:59 +0000 (13:25 -0700)]
[IPSEC]: Store IPv6 nh pointer in mac_header on output
Current the x->mode->output functions store the IPv6 nh pointer in the
skb network header. This is inconvenient because the network header then
has to be fixed up before the packet can leave the IPsec stack. The mac
header field is unused on output so we can use that to store this instead.
This patch does that and removes the network header fix-up in xfrm_output.
It also uses ipv6_hdr where appropriate in the x->type->output functions.
There is also a minor clean-up in esp4 to make it use the same code as
esp6 to help any subsequent effort to merge the two.
Lastly it kills two redundant skb_set_* statements in BEET that were
simply copied over from transport mode.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 20:24:07 +0000 (13:24 -0700)]
[IPSEC]: Remove bogus ref count in xfrm_secpath_reject
Constructs of the form
xfrm_state_hold(x);
foo(x);
xfrm_state_put(x);
tend to be broken because foo is either synchronous where this is totally
unnecessary or if foo is asynchronous then the reference count is in the
wrong spot.
In the case of xfrm_secpath_reject, the function is synchronous and therefore
we should just kill the reference count.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Tue, 9 Oct 2007 20:02:17 +0000 (13:02 -0700)]
[NETNS]: Don't memset() netns to zero manually
The newly created net namespace is set to 0 with memset()
in setup_net(). The setup_net() is also called for the
init_net_ns(), which is zeroed naturally as a global var.
So remove this memset and allocate new nets with the
kmem_cache_zalloc().
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Benjamin Thery [Tue, 9 Oct 2007 03:39:36 +0000 (20:39 -0700)]
[IPv6]: use container_of() macro in fib6_clean_node()
In ip6_fib.c, fib6_clean_node() casts a fib6_walker_t pointer to
a fib6_cleaner_t pointer assuming a struct fib6_walker_t (field 'w')
is the first field in struct fib6_walker_t.
To prevent any future problems that may occur if one day a field
is inadvertently inserted before the 'w' field in struct fib6_cleaner_t,
(and to improve readability), this patch uses the container_of() macro.
Signed-off-by: Benjamin Thery <benjamin.thery@bull.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pavel Emelyanov [Tue, 9 Oct 2007 03:38:39 +0000 (20:38 -0700)]
[NETNS]: Move some code into __init section when CONFIG_NET_NS=n
With the net namespaces many code leaved the __init section,
thus making the kernel occupy more memory than it did before.
Since we have a config option that prohibits the namespace
creation, the functions that initialize/finalize some netns
stuff are simply not needed and can be freed after the boot.
Currently, this is almost not noticeable, since few calls
are no longer in __init, but when the namespaces will be
merged it will be possible to free more code. I propose to
use the __net_init, __net_exit and __net_initdata "attributes"
for functions/variables that are not used if the CONFIG_NET_NS
is not set to save more space in memory.
The exiting functions cannot just reside in the __exit section,
as noticed by David, since the init section will have
references on it and the compilation will fail due to modpost
checks. These references can exist, since the init namespace
never dies and the exit callbacks are never called. So I
introduce the __exit_refok attribute just like it is already
done with the __init_refok.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Karsten Keil [Tue, 9 Oct 2007 03:37:11 +0000 (20:37 -0700)]
[ISDN]: Change I4L to use alloc_netdev().
Signed-off-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ursula Braun [Tue, 9 Oct 2007 03:28:47 +0000 (20:28 -0700)]
[8021Q]: transfer dev_id from real device
A net_device struct provides field dev_id. It is used for
unique ipv6 generation in case of shared network cards
(as for the OSA network cards of IBM System z).
If VLAN devices are built on top of such shared network cards,
this dev_id information needs to be transferred to the VLAN device.
Signed-off-by: Ursula Braun <braunu@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:27:19 +0000 (17:27 -0700)]
[IPSEC]: Move RO-specific output code into xfrm6_mode_ro.c
The lastused update check in xfrm_output can be done just as well in
the mode output function which is specific to RO.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:26:34 +0000 (17:26 -0700)]
[IPSEC]: Unexport xfrm_replay_notify
Now that the only callers of xfrm_replay_notify are in xfrm, we can remove
the export.
This patch also removes xfrm_aevent_doreplay since it's now called in just
one spot.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:25:53 +0000 (17:25 -0700)]
[IPSEC]: Move output replay code into xfrm_output
The replay counter is one of only two remaining things in the output code
that requires a lock on the xfrm state (the other being the crypto). This
patch moves it into the generic xfrm_output so we can remove the lock from
the transforms themselves.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:25:08 +0000 (17:25 -0700)]
[IPSEC]: Move xfrm_state_check into xfrm_output.c
The functions xfrm_state_check and xfrm_state_check_space are only used by
the output code in xfrm_output.c so we can move them over.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:16:30 +0000 (17:16 -0700)]
[IPSEC]: Move common output code to xfrm_output
Most of the code in xfrm4_output_one and xfrm6_output_one are identical so
this patch moves them into a common xfrm_output function which will live
in net/xfrm.
In fact this would seem to fix a bug as on IPv4 we never reset the network
header after a transform which may upset netfilter later on.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:14:34 +0000 (17:14 -0700)]
[IPSEC] ah: Remove keys from ah_data structure
The keys are only used during initialisation so we don't need to carry them
in esp_data. Since we don't have to allocate them again, there is no need
to place a limit on the authentication key length anymore.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Tue, 9 Oct 2007 00:13:44 +0000 (17:13 -0700)]
[IPSEC] esp: Remove keys from esp_data structure
The keys are only used during initialisation so we don't need to carry them
in esp_data. Since we don't have to allocate them again, there is no need
to place a limit on the authentication key length anymore.
This patch also kills the unused auth.icv member.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>