linux-toradex.git/net/caif/caif_dev.c, branch v3.0.16 Linux kernel for Apalis and Colibri modules caif: Fix BUG() with network namespaces 2011-11-11T17:35:47+00:00 David Woodhouse dwmw2@infradead.org 2011-10-24T21:25:21+00:00 5c2433cdc72a03446184e2f898be3b05095b5ed0 commit 08613e4626c06ca408fc55071f6aedee36986a87 upstream. The caif code will register its own pernet_operations, and then register a netdevice_notifier. Each time the netdevice_notifier is triggered, it'll do some stuff... including a lookup of its own pernet stuff with net_generic(). If the net_generic() call ever returns NULL, the caif code will BUG(). That doesn't seem *so* unreasonable, I suppose — it does seem like it should never happen. However, it *does* happen. When we clone a network namespace, setup_net() runs through all the pernet_operations one at a time. It gets to loopback before it gets to caif. And loopback_net_init() registers a netdevice... while caif hasn't been initialised. So the caif netdevice notifier triggers, and immediately goes BUG(). We could imagine a complex and overengineered solution to this generic class of problems, but this patch takes the simple approach. It just makes caif_device_notify() *not* go looking for its pernet data structures if the device it's being notified about isn't a caif device in the first place. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Acked-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
commit 08613e4626c06ca408fc55071f6aedee36986a87 upstream.

The caif code will register its own pernet_operations, and then register
a netdevice_notifier. Each time the netdevice_notifier is triggered,
it'll do some stuff... including a lookup of its own pernet stuff with
net_generic().

If the net_generic() call ever returns NULL, the caif code will BUG().
That doesn't seem *so* unreasonable, I suppose — it does seem like it
should never happen.

However, it *does* happen. When we clone a network namespace,
setup_net() runs through all the pernet_operations one at a time. It
gets to loopback before it gets to caif. And loopback_net_init()
registers a netdevice... while caif hasn't been initialised. So the caif
netdevice notifier triggers, and immediately goes BUG().

We could imagine a complex and overengineered solution to this generic
class of problems, but this patch takes the simple approach. It just
makes caif_device_notify() *not* go looking for its pernet data
structures if the device it's being notified about isn't a caif device
in the first place.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Acked-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
caif: Plug memory leak for checksum error 2011-05-23T00:11:49+00:00 sjur.brandeland@stericsson.com sjur.brandeland@stericsson.com 2011-05-22T11:18:54+00:00 69c867c90c7fe0773d9aa4e8bbf777f574be13d2 In case of checksum error, the framing layer returns -EILSEQ, but does not free the packet. Plug this hole by freeing the packet if -EILSEQ is returned. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
In case of checksum error, the framing layer returns -EILSEQ, but
does not free the packet. Plug this hole by freeing the packet if
-EILSEQ is returned.

Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: Handle dev_queue_xmit errors. 2011-05-15T21:45:56+00:00 sjur.brandeland@stericsson.com sjur.brandeland@stericsson.com 2011-05-13T02:44:06+00:00 c85c2951d4da1236e32f1858db418221e624aba5 Do proper handling of dev_queue_xmit errors in order to avoid double free of skb and leaks in error conditions. In cfctrl pending requests are removed when CAIF Link layer goes down. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
Do proper handling of dev_queue_xmit errors in order to
avoid double free of skb and leaks in error conditions.
In cfctrl pending requests are removed when CAIF Link layer goes down.

Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: prepare support for namespaces 2011-05-15T21:45:55+00:00 sjur.brandeland@stericsson.com sjur.brandeland@stericsson.com 2011-05-13T02:44:05+00:00 bee925db9a77a5736596dcf6f91d0879f5ee915b Use struct net to reference CAIF configuration object instead of static variables. Refactor functions caif_connect_client, caif_disconnect_client and squach files cfcnfg.c and caif_config_utils. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
Use struct net to reference CAIF configuration object instead of static variables.
Refactor functions caif_connect_client, caif_disconnect_client and squach
files cfcnfg.c and caif_config_utils.

Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: Use RCU instead of spin-lock in caif_dev.c 2011-05-15T21:45:54+00:00 sjur.brandeland@stericsson.com sjur.brandeland@stericsson.com 2011-05-13T02:44:00+00:00 bd30ce4bc0b7dc859c1d1cba7ad87e08642418b0 RCU read_lock and refcount is used to protect in-flight packets. Use RCU and counters to manage freeing lower part of the CAIF stack if CAIF-link layer is removed. Old solution based on delaying removal of device is removed. When CAIF link layer goes down the use of CAIF link layer is disabled (by calling caif_set_phy_state()), but removal and freeing of the lower part of the CAIF stack is done when Link layer is unregistered. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
RCU read_lock and refcount is used to protect in-flight packets.

Use RCU and counters to manage freeing lower part of the CAIF stack if
CAIF-link layer is removed. Old solution based on delaying removal of
device is removed.

When CAIF link layer goes down the use of CAIF link layer is disabled
(by calling caif_set_phy_state()), but removal and freeing of the
lower part of the CAIF stack is done when Link layer is unregistered.

Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: Fix set-but-unused variables. 2011-04-17T23:57:55+00:00 David S. Miller davem@davemloft.net 2011-04-17T23:57:55+00:00 056693a38e56c520e208409d221cbc077282c19d The variable 'caifdef' is set but unused in modemcmd(). Similarly for 'net' in receive(), and 'res' in caif_device_notify() and caif_exit_net(). Just kill them off. Signed-off-by: David S. Miller <davem@davemloft.net> 
The variable 'caifdef' is set but unused in modemcmd().

Similarly for 'net' in receive(), and 'res' in
caif_device_notify() and caif_exit_net().

Just kill them off.

Signed-off-by: David S. Miller <davem@davemloft.net>
caif: Don't resend if dev_queue_xmit fails. 2011-04-11T22:08:48+00:00 Sjur Brændeland sjur.brandeland@stericsson.com 2011-04-11T10:43:51+00:00 4dd820c088d201e526840c9dbc2f0b87a0a41868 If CAIF Link Layer returns an error, we no longer try to re-build the CAIF packet and resend it. Instead, we simply return any transmission errors to the socket client. Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
If CAIF Link Layer returns an error, we no longer try to re-build the
CAIF packet and resend it. Instead, we simply return any transmission
errors to the socket client.

Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: code cleanup 2011-04-11T22:08:47+00:00 Stephen Hemminger shemminger@vyatta.com 2011-04-11T10:43:50+00:00 73d6ac633c6c0ca703f90db0b808d9593e46aef6 Cleanup of new CAIF code. * make local functions static * remove code that is never used * expand get_caif_conf() since wrapper is no longer needed * make args to comparison functions const * rename connect_req_to_link_param to keep exported names consistent Compile tested only. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Acked-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
Cleanup of new CAIF code.
  * make local functions static
  * remove code that is never used
  * expand get_caif_conf() since wrapper is no longer needed
  * make args to comparison functions const
  * rename connect_req_to_link_param to keep exported names
    consistent

Compile tested only.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: Bugfix for socket priority, bindtodev and dbg channel. 2010-11-04T01:50:03+00:00 André Carvalho de Matos andre.carvalho.matos@stericsson.com 2010-11-01T11:52:47+00:00 f2527ec436fd675f08a8e7434f6e940688cb96d0 Changes: o Bugfix: SO_PRIORITY for SOL_SOCKET could not be handled in caif's setsockopt, using the struct sock attribute priority instead. o Bugfix: SO_BINDTODEVICE for SOL_SOCKET could not be handled in caif's setsockopt, using the struct sock attribute ifindex instead. o Wrong assert statement for RFM layer segmentation. o CAIF Debug channels was not working over SPI, caif_payload_info containing padding info must be initialized. o Check on pointer before dereferencing when unregister dev in caif_dev.c Signed-off-by: Sjur Braendeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
Changes:
o Bugfix: SO_PRIORITY for SOL_SOCKET could not be handled
  in caif's setsockopt,  using the struct sock attribute priority instead.

o Bugfix: SO_BINDTODEVICE for SOL_SOCKET could not be handled
  in caif's setsockopt,  using the struct sock attribute ifindex instead.

o Wrong assert statement for RFM layer segmentation.

o CAIF Debug channels was not working over SPI, caif_payload_info
  containing padding info must be initialized.

o Check on pointer before dereferencing when unregister dev in caif_dev.c

Signed-off-by: Sjur Braendeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
caif: Fix function NULL pointer check. 2010-09-22T01:05:31+00:00 Sjur Braendeland sjur.brandeland@stericsson.com 2010-09-21T11:44:45+00:00 e5e03ce1e5c6c015cabf274b24976dff408dc07f Check that receive function pointer is not null before calling it. Signed-off-by: Sjur Braendeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
Check that receive function pointer is not null before calling it.

Signed-off-by: Sjur Braendeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>