linux-toradex.git/net/ipv4/ip_options.c, branch v2.6.22 Linux kernel for Apalis and Colibri modules [SK_BUFF]: Introduce ip_hdr(), remove skb->nh.iph 2007-04-26T05:25:10+00:00 Arnaldo Carvalho de Melo acme@redhat.com 2007-04-21T05:47:35+00:00 eddc9ec53be2ecdbf4efe0efd4a83052594f0ac0 Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
[SK_BUFF]: Introduce skb_network_header() 2007-04-26T05:24:59+00:00 Arnaldo Carvalho de Melo acme@redhat.com 2007-04-11T03:50:43+00:00 d56f90a7c96da5187f0cdf07ee7434fe6aa78bbc For the places where we need a pointer to the network header, it is still legal to touch skb->nh.raw directly if just adding to, subtracting from or setting it to another layer header. Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
For the places where we need a pointer to the network header, it is still legal
to touch skb->nh.raw directly if just adding to, subtracting from or setting it
to another layer header.

Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NET] IPV4: Fix whitespace errors. 2007-02-11T07:19:39+00:00 YOSHIFUJI Hideaki yoshfuji@linux-ipv6.org 2007-02-09T14:24:47+00:00 e905a9edab7f4f14f9213b52234e4a346c690911 Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NetLabel]: protect the CIPSOv4 socket option from setsockopt() 2006-10-30T23:24:49+00:00 Paul Moore paul.moore@hp.com 2006-10-30T23:22:15+00:00 f8687afefcc821fc47c75775eec87731fe3de360 This patch makes two changes to protect applications from either removing or tampering with the CIPSOv4 IP option on a socket. The first is the requirement that applications have the CAP_NET_RAW capability to set an IPOPT_CIPSO option on a socket; this prevents untrusted applications from setting their own CIPSOv4 security attributes on the packets they send. The second change is to SELinux and it prevents applications from setting any IPv4 options when there is an IPOPT_CIPSO option already present on the socket; this prevents applications from removing CIPSOv4 security attributes from the packets they send. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
This patch makes two changes to protect applications from either removing or
tampering with the CIPSOv4 IP option on a socket.  The first is the requirement
that applications have the CAP_NET_RAW capability to set an IPOPT_CIPSO option
on a socket; this prevents untrusted applications from setting their own
CIPSOv4 security attributes on the packets they send.  The second change is to
SELinux and it prevents applications from setting any IPv4 options when there
is an IPOPT_CIPSO option already present on the socket; this prevents
applications from removing CIPSOv4 security attributes from the packets they
send.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV4]: trivial ip_options.c annotations 2006-09-29T01:01:55+00:00 Al Viro viro@zeniv.linux.org.uk 2006-09-28T01:28:47+00:00 e25d2ca6b2808c427704b01608baf0f7dea1696e Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV4]: struct ip_options annotations 2006-09-29T01:01:53+00:00 Al Viro viro@zeniv.linux.org.uk 2006-09-28T01:28:07+00:00 3ca3c68e76686bee058937ade2b96f4de58ee434 ->faddr is net-endian; annotated as such, variables inferred to be net-endian annotated. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> 
->faddr is net-endian; annotated as such, variables inferred to be net-endian
annotated.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV4]: ip_options_build() annotations 2006-09-29T01:01:18+00:00 Al Viro viro@zeniv.linux.org.uk 2006-09-27T05:27:05+00:00 8712f774dc47ec6353c9b75317d6db62e58d9367 daddr is net-endian Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> 
daddr is net-endian

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV4]: inet_addr_type() annotations 2006-09-29T01:01:07+00:00 Al Viro viro@zeniv.linux.org.uk 2006-09-27T05:17:51+00:00 fd6832220974809141b3981e380b78690bba8911 argument and inferred net-endian variables in callers annotated. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> 
argument and inferred net-endian variables in callers annotated.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
[IPV4]: ip_route_input() annotations 2006-09-29T00:54:02+00:00 Al Viro viro@zeniv.linux.org.uk 2006-09-27T04:25:20+00:00 9e12bb22e32389b41222c9d9fb55724fed83a038 ip_route_input() takes net-endian source and destination address. * Annotated as such. * arguments of its invocations annotated where needed. * local helpers getting the same values passed to by it (ip_route_input_mc(), ip_route_input_slow(), ip_handle_martian_source(), ip_mkroute_input(), ip_mkroute_input_def(), __mkroute_input()) annotated Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> 
ip_route_input() takes net-endian source and destination address.
* Annotated as such.
* arguments of its invocations annotated where needed.
* local helpers getting the same values passed to by it (ip_route_input_mc(),
ip_route_input_slow(), ip_handle_martian_source(), ip_mkroute_input(),
ip_mkroute_input_def(), __mkroute_input()) annotated

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
[INET]: Remove is_setbyuser patch 2006-09-22T21:54:10+00:00 Louis Nyffenegger louis.nyffenegger@gmail.com 2006-08-08T07:56:11+00:00 1a01912ae0a5666c4c24eaae2b4821711e2ad79a The value is_setbyuser from struct ip_options is never used and set only one time (http://linux-net.osdl.org/index.php/TODO#IPV4). This little patch removes it from the kernel source. Signed-off-by: Louis Nyffenegger <louis.nyffenegger@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 
The value is_setbyuser from struct ip_options is never used and set
only one time (http://linux-net.osdl.org/index.php/TODO#IPV4).
This little patch removes it from the kernel source.

Signed-off-by: Louis Nyffenegger <louis.nyffenegger@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>