[PATCH net v3 1/1] net: tcp: Permit user set TCP_MAXSEG to default value

From: Gao Feng When user_mss is zero, it means use the default value. But the current codes don't permit user set TCP_MAXSEG to the default value. It would return the -EINVAL when val is zero. Signed-off-by: Gao Feng --- v3: Correct the logic error, per Neal

[PATCH net v2 1/1] net: tcp: Permit user set TCP_MAXSEG to default value

From: Gao Feng When user_mss is zero, it means use the default value. But the current codes don't permit user set TCP_MAXSEG to the default value. It would return the -EINVAL when val is zero. Signed-off-by: Gao Feng --- v2: Make codes more clearer, per Eric

[PATCH nf v3 1/1] netfilter: snmp: Fix one possible panic when snmp_trap_helper fail to register

From: Gao Feng In the commit 93557f53e1fb ("netfilter: nf_conntrack: nf_conntrack snmp helper"), the snmp_helper is replaced by nf_nat_snmp_hook. So the snmp_helper is never registered. But it still tries to unregister the snmp_helper, it could cause the panic. Now remove the

[PATCH net 1/1] net: tcp: Permit user set TCP_MAXSEG to default value

From: Gao Feng When user_mss is zero, it means use the default value. But the current codes don't permit user set TCP_MAXSEG to the default value. It would return the -EINVAL when val is zero. Signed-off-by: Gao Feng --- net/ipv4/tcp.c | 3 ++- 1 file

[PATCH nf v2 1/1] netfilter: snmp: Fix one possible panic when snmp_trap_helper fail to register

From: Gao Feng In the commit <93557f53e1fb> ("netfilter: nf_conntrack: nf_conntrack snmp helper"), the snmp_helper is replaced by nf_nat_snmp_hook. So the snmp_helper is never registered. But it still tries to unregister the snmp_helper, it could cause the panic. Now remove the

[PATCH nf 1/1] netfilter: snmp: Fix one possible panic when snmp_trap_helper fail to register

From: Gao Feng In the commit ("netfilter: nf_conntrack: nf_conntrack snmp helper"), the snmp_helper is replaced by nf_nat_snmp_hook. So the snmp_helper is never registered. But it still tries to unregister the snmp_helper, it could cause the panic. Now remove the useless

[PATCH v4 net-next 1/1] net: Eliminate duplicated codes by creating one new function in_dev_select_addr

From: Gao Feng There are two duplicated loops codes which used to select right address in current codes. Now eliminate these codes by creating one new function in_dev_select_addr. Signed-off-by: Gao Feng --- v4: Drop the first patch in series, per David Ahern

[PATCH v3 net-next 2/2] net: Eliminate duplicated codes by creating one new function in_dev_select_addr

From: Gao Feng There are two duplicated loops codes which used to select right address in current codes. Now eliminate these codes by creating one new function in_dev_select_addr. Signed-off-by: Gao Feng --- v3: Add cover letter v2: Correct the comit log and

[PATCH v3 net-next 0/2] net: Refine the inet_select_addr codes

From: Gao Feng This collection contains two patches used to refine the inet_select_addr codes. Gao Feng (2): net: Avoid unnessary loop when master_idx is invalid in inet_select_addr net: Eliminate duplicated codes by creating one new function in_dev_select_addr

[PATCH v3 net-next 1/2] net: Avoid unnessary loop when master_idx is invalid in inet_select_addr

From: Gao Feng When master_idx is invalid, it is zero. It is unnecessary to iterate all netdevs. Because l3mdev_master_ifindex_rcu(dev) != master_idx must be true. Now put this loop into the condition block when master_idx is valid. Signed-off-by: Gao Feng ---

[PATCH v2 net-next 2/2] net: Eliminate duplicated codes by creating one new function in_dev_select_addr

From: Gao Feng There are two duplicated loops codes which used to select right address in current codes. Now eliminate these codes by creating one new function in_dev_select_addr. Signed-off-by: Gao Feng --- v2: Correct the comit log and remove useless

[PATCH net-next 1/2] net: Avoid unnessary loop when master_idx is invalid in inet_select_addr

From: Gao Feng When master_idx is invalid, it is zero. It is unnecessary to iterate all netdevs. Because l3mdev_master_ifindex_rcu(dev) != master_idx must be true. Now put this loop into the condition block when master_idx is valid. Signed-off-by: Gao Feng ---

[PATCH net-next 2/2] net: Eliminate duplicated codes by creating one new function in_dev_select_addr

From: Gao Feng There are two duplicated loop codes which used to select right address in current codes. Now eliminate these codes by creating one new function in_dev_select_addr. Signed-off-by: Gao Feng --- net/ipv4/devinet.c | 34

[PATCH net-next 1/1] decnet: Use TCP nagle macro instead of literal number in decnet

From: Gao Feng Use existing TCP nagle macro TCP_NAGLE_OFF and TCP_NAGLE_CORK instead of the literal number 1 and 2 in the current decnet codes. Signed-off-by: Gao Feng --- net/decnet/af_decnet.c | 13 +++-- 1 file changed, 7 insertions(+), 6

[PATCH nf 1/1] netfilter: h323,sip: Fix possible dead loop in nat_rtp_rtcp and nf_nat_sdp_media

From: Gao Feng When h323 and sip try to insert expect nodes, they would increase the port by 2 for loop, and the loop condition is that "port != 0". So when the start port is odd number, port never increases to zero. Now make port as u32 instead of u_int16_t, and the loop

[PATCH net-next v2 1/1] net: sock: Use USEC_PER_SEC macro instead of literal 1000000

From: Gao Feng The USEC_PER_SEC is used once in sock_set_timeout as the max value of tv_usec. But there are other similar codes which use the literal 100 in this file. It is minor cleanup to keep consitent. Signed-off-by: Gao Feng --- v2: Use

[PATCH net-next 1/1] net: sock: Use USEC_PER_SEC macro instead of literal 1000000

From: Gao Feng The USEC_PER_SEC is used once in sock_set_timeout as the max value of tv_usec. But there are other similar codes which use the literal 100 in this file. It is minor cleanup to keep consitent. Signed-off-by: Gao Feng --- net/core/sock.c | 6

[PATCH net-next 1/1] pkt_sched: Remove useless qdisc_stab_lock

From: Gao Feng The qdisc_stab_lock is used in qdisc_get_stab and qdisc_put_stab. These two functions are invoked in qdisc_create, qdisc_change, and qdisc_destroy which run fully under RTNL. So it already makes sure only one could access the qdisc_stab_list at the same time.

[PATCH net 1/1] net: sock: Use double send/recv buff value to compare with max value

From: Gao Feng Because the value of SO_SNDBUF and SO_RCVBUF is doubled before assignment, so the real value of send and recv buffer could be more than the max sysctl config sysctl_wmem_max and sysctl_rmem_max. Now use doulbe send/recv buffer value to compare with

[PATCH net-next 1/1] net: ping: Use right format specifier to avoid type casting

From: Gao Feng The inet_num is u16, so use %hu instead of casting it to int. And the sk_bound_dev_if is int actually, so it needn't cast to int. Signed-off-by: Gao Feng --- net/ipv4/ping.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff

[PATCH net-next RESEND 1/1] driver: ipvlan: Define common functions to decrease duplicated codes used to add or del IP address

From: Gao Feng There are some duplicated codes in ipvlan_add_addr6/4 and ipvlan_del_addr6/4. Now define two common functions ipvlan_add_addr and ipvlan_del_addr to decrease the duplicated codes. It could be helful to maintain the codes. Signed-off-by: Gao Feng

[PATCH net-next RESEND 1/1] driver: ipvlan: Remove unnecessary ipvlan NULL check in ipvlan_count_rx

From: Gao Feng There are three functions which would invoke the ipvlan_count_rx. They are ipvlan_process_multicast, ipvlan_rcv_frame, and ipvlan_nf_input. The former two functions already use the ipvlan directly before ipvlan_count_rx, and ipvlan_nf_input gets the ipvlan from

[PATCH net-next 1/1] driver: ipvlan: Define common functions to decrease duplicated codes used to add or del IP address

From: Gao Feng There are some duplicated codes in ipvlan_add_addr6/4 and ipvlan_del_addr6/4. Now define two common functions ipvlan_add_addr and ipvlan_del_addr to decrease the duplicated codes. It could be helful to maintain the codes. Signed-off-by: Gao Feng

[PATCH net-next 1/1] driver: ipvlan: Remove unnecessary ipvlan NULL check in ipvlan_count_rx

From: Gao Feng There are three functions which would invoke the ipvlan_count_rx. They are ipvlan_process_multicast, ipvlan_rcv_frame, and ipvlan_nf_input. The former two functions already use the ipvlan directly before ipvlan_count_rx, and ipvlan_nf_input gets the ipvlan from

[PATCH net-next 1/1] driver: ipvlan: Define common functions to decrease duplicated codes used to add or del IP address

From: Gao Feng There are some duplicated codes in ipvlan_add_addr6/4 and ipvlan_del_addr6/4. Now define two common functions ipvlan_add_addr and ipvlan_del_addr to decrease the duplicated codes. It could be helful to maintain the codes. Signed-off-by: Gao Feng

[PATCH net v2 1/1] driver: ipvlan: Unlink the upper dev when ipvlan_link_new failed

From: Gao Feng When netdev_upper_dev_unlink failed in ipvlan_link_new, need to unlink the ipvlan dev with upper dev. Signed-off-by: Gao Feng --- v2: Rename the label to unlink_netdev, per Mahesh Bandewar v1: Initial patch drivers/net/ipvlan/ipvlan_main.c |

[PATCH net 1/1] driver: ipvlan: Unlink the upper dev when ipvlan_link_new failed

From: Gao Feng When netdev_upper_dev_unlink failed in ipvlan_link_new, need to unlink the ipvlan dev with upper dev. Signed-off-by: Gao Feng --- drivers/net/ipvlan/ipvlan_main.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git

[PATCH net-next 1/1] driver: macvlan: Remove the rcu member of macvlan_port

From: Gao Feng When free macvlan_port in macvlan_port_destroy, it is safe to free directly because netdev_rx_handler_unregister could enforce one grace period. So it is unnecessary to use kfree_rcu for macvlan_port. Signed-off-by: Gao Feng ---

[PATCH net-next v3 1/1] driver: ipvlan: Free ipvl_port directly with kfree instead of kfree_rcu

From: Gao Feng There are two functions which would free the ipvl_port now. The first is ipvlan_port_create. It frees the ipvl_port in the error handler, so it could kfree it directly. The second is ipvlan_port_destroy. It invokes netdev_rx_handler_unregister which enforces one

[PATCH net-next v2 1/1] driver: ipvlan: Free ipvl_port directly with kfree instead of kfree_rcu

From: Gao Feng There is no one which may reference the ipvlan port when free it in ipvlan_port_create and ipvlan_port_destroy. So it is unnecessary to use kfree_rcu. Signed-off-by: Gao Feng --- v2: Remove the rcu of ipvl_port directly v1: Initial

[PATCH net-next 1/1] driver: ipvlan: Free the port memory directly with kfree instead of kfree_rcu

From: Gao Feng There is no one which may reference the "port" in ipvlan_port_create when netdev_rx_handler_register failed. So it could free it directly with kfree instead of kfree_rcu. Signed-off-by: Gao Feng --- drivers/net/ipvlan/ipvlan_main.c | 2 +- 1

[PATCH net-next 1/1] driver: ipvlan: Remove useless member mtu_adj of struct ipvl_dev

From: Gao Feng The mtu_adj is initialized to zero when alloc mem, there is no any assignment to mtu_adj. It is only used in ipvlan_adjust_mtu as one right value. So it is useless member of struct ipvl_dev, then remove it. Signed-off-by: Gao Feng ---

[PATCH net-next 1/1] driver: ipvlan: Add the sanity check for ipvlan mode

From: Gao Feng The ipvlan mode variable "nval" is from userspace, so the ipvlan codes should check if the mode variable "nval" is valid. Signed-off-by: Gao Feng --- drivers/net/ipvlan/ipvlan_main.c | 3 +++ 1 file changed, 3 insertions(+) diff --git

[PATCH net-next v2 1/1] driver: ipvlan: Use NF_IP_PRI_LAST as hook priority instead of INT_MAX

From: Gao Feng It is better to use NF_IP_PRI_LAST instead of INT_MAX as hook priority. The former is good at readability and easier to maintain. Signed-off-by: Gao Feng --- v2: Add the lost header file. It is added in local but not in v1 patch v1: Inital

[PATCH net-next 1/1] driver: ipvlan: Use NF_IP_PRI_LAST as hook priority instead of INT_MAX

From: Gao Feng It is better to use NF_IP_PRI_LAST instead of INT_MAX as hook priority. The former is good at readability and easier to maintain. Signed-off-by: Gao Feng --- drivers/net/ipvlan/ipvlan_main.c | 4 ++-- 1 file changed, 2 insertions(+), 2

[PATCH net 1/1] driver: macvtap: Unregister netdev rx_handler if macvtap_newlink fails

From: Gao Feng The macvtap_newlink registers the netdev rx_handler firstly, but it does not unregister the handler if macvlan_common_newlink failed. Signed-off-by: Gao Feng --- drivers/net/macvtap.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-)

[PATCH net 1/1] driver: ipvlan: Fix one possible memleak in ipvlan_link_new

From: Gao Feng When ipvlan_link_new fails and creates one ipvlan port, it does not destroy the ipvlan port created. It causes mem leak and the physical device contains invalid ipvlan data. Signed-off-by: Gao Feng --- drivers/net/ipvlan/ipvlan_main.c | 17

[PATCH net 1/1] driver: macvlan: Check if need rollback multicast setting in macvlan_open

From: Gao Feng When dev_set_promiscuity failed in macvlan_open, it always invokes dev_set_allmulti without checking if necessary. Now check the IFF_ALLMULTI flag firstly before rollback the multicast setting in the error handler. Signed-off-by: Gao Feng ---

[PATCH net-next 1/2] net: batman-adv: Treat NET_XMIT_CN as transmit successfully

From: Gao Feng The tc could return NET_XMIT_CN as one congestion notification, but it does not mean the packet is lost. Other modules like ipvlan, macvlan, and others treat NET_XMIT_CN as success too. So batman-adv should add the NET_XMIT_CN check. Signed-off-by: Gao Feng

[PATCH net-next 2/2] net: batman-adv: Remove one condition check in batadv_route_unicast_packet

From: Gao Feng It could decrease one condition check to collect some statements in the first condition block. Signed-off-by: Gao Feng --- net/batman-adv/routing.c | 10 -- 1 file changed, 4 insertions(+), 6 deletions(-) diff --git

[PATCH net-next 1/2] net: batman-adv: Treat NET_XMIT_CN as transmit successfully

From: Gao Feng The tc could return NET_XMIT_CN as one congestion notification, but it does not mean the packet is lost. Other modules like ipvlan, macvlan, and others treat NET_XMIT_CN as success too. So batman-adv should add the NET_XMIT_CN check. Signed-off-by: Gao Feng

[PATCH net v2 1/1] net: batman-adv: Treat NET_XMIT_CN as transmit successfully

From: Gao Feng The tc could return NET_XMIT_CN as one congestion notification, but it does not mean the packet is lost. Other modules like ipvlan, macvlan, and others treat NET_XMIT_CN as success too. So batman-adv should add the NET_XMIT_CN check. Signed-off-by: Gao Feng

[PATCH net 1/1] net: l2tp: Treat NET_XMIT_CN as success in l2tp_eth_dev_xmit

From: Gao Feng The tc could return NET_XMIT_CN as one congestion notification, but it does not mean the packe is lost. Other modules like ipvlan, macvlan, and others treat NET_XMIT_CN as success too. So l2tp_eth_dev_xmit should add the NET_XMIT_CN check. Signed-off-by: Gao

[PATCH net 1/1] net: batman-adv: Treat NET_XMIT_CN as transmit successfully

From: Gao Feng The tc could return NET_XMIT_CN as one congestion notification, but it does not mean the packe is lost. Other modules like ipvlan, macvlan, and others treat NET_XMIT_CN as success too. So batman-adv should add the NET_XMIT_CN check. Signed-off-by: Gao Feng

[PATCH net-next 1/1] driver: macvlan: Remove duplicated IFF_UP condition check in macvlan_forward_source

From: Gao Feng The function macvlan_forward_source_one has already checked the flag IFF_UP, so needn't check it outside in macvlan_forward_source too. Signed-off-by: Gao Feng --- v2: Remove the IFF_UP check in macvlan_forward_source instead of

[PATCH net-next 1/1] driver: macvlan: Remove duplicated IFF_UP condition check in macvlan_forward_source_one

From: Gao Feng The condition check "dev->flags & IFF_UP" is duplicated in macvlan_forward_source_one, because its caller macvlan_forward_source has already checked this flag. Signed-off-by: Gao Feng --- drivers/net/macvlan.c | 3 --- 1 file changed,

[PATCH net-next 1/1] driver: macvlan: Replace integer number with bool value

From: Gao Feng The return value of function macvlan_addr_busy is used as bool value, so use bool value instead of integer number "1" and "0". Signed-off-by: Gao Feng --- drivers/net/macvlan.c | 10 +- 1 file changed, 5 insertions(+), 5

[PATCH net 1/1] driver: macvlan: Destroy new macvlan port if macvlan_common_newlink failed.

From: Gao Feng When there is no existing macvlan port in lowdev, one new macvlan port would be created. But it doesn't be destoried when something failed later. It casues some memleak. Now add one flag to indicate if new macvlan port is created. Signed-off-by: Gao Feng

[PATCH net-next v2 1/1] driver: veth: Refine the statistics codes of veth driver

From: Gao Feng The dropped count of veth is located in struct veth_priv, but other statistics like packets and bytes are in another struct pcpu_vstats. Now keep these three counters in the same struct. Signed-off-by: Gao Feng --- v2: Use right "peer" instead

[PATCH net-next 1/1] driver: veth: Refine the statistics codes of veth driver

From: Gao Feng The dropped count of veth is located in struct veth_priv, but other statistics like packets and bytes are in another struct pcpu_vstats. Now keep these three counters in the same struct. Signed-off-by: Gao Feng --- drivers/net/veth.c | 32

[PATCH net 1/1] driver: veth: Return the actual value instead return NETDEV_TX_OK always

From: Gao Feng Current veth_xmit always returns NETDEV_TX_OK whatever if it is really sent successfully. Now return the actual value instead of NETDEV_TX_OK always. Signed-off-by: Gao Feng --- drivers/net/veth.c | 7 +-- 1 file changed, 5 insertions(+), 2

[PATCH net-next v2 1/1] driver: tun: Use new macro SOCK_IOC_TYPE instead of literal number 0x89

From: Gao Feng The current codes use _IOC_TYPE(cmd) == 0x89 to check if the cmd is one socket ioctl command like SIOCGIFHWADDR. But the literal number 0x89 may confuse readers. So create one macro SOCK_IOC_TYPE to enhance the readability. Signed-off-by: Gao Feng

[PATCH net-next 1/1] driver: tun: Move tun check into the block of TUNSETIFF condition check

From: Gao Feng When cmd is TUNSETIFF and tun is not null, the original codes go ahead, then reach the default case of switch(cmd) and set the ret is -EINVAL. It is not clear for readers. Now move the tun check into the block of TUNSETIFF condition check, and return -EEXIST

[PATCH net-next 1/1] driver: tun: Use new macro SOCK_IOC_MAGIC instead of literal number 0x89

From: Gao Feng The current codes use _IOC_TYPE(cmd) == 0x89 to check if the cmd is one socket ioctl command like SIOCGIFHWADDR. But the literal number 0x89 may confuse readers. So create one macro SOCK_IOC_MAGIC like SPI_IOC_MAGIC to enhance the readability. Signed-off-by: Gao

[PATCH v2 net-next 1/1] driver: tun: Forbid to set IFF_TUN and IFF_TAP at the same time

From: Gao Feng Current tun driver permits the ifr_flags is set with IFF_TUN and IFF_TAP at the same time. But actually there is only IFF_TUN flag works. And it does not make sense these two flags are set, so add this check. Signed-off-by: Gao Feng --- v2:

[PATCH net-next 1/1] driver: tun: Forbid to set IFF_TUN and IFF_TAP at the same time

From: Gao Feng Current tun driver permits the ifr_flags is set with IFF_TUN and IFF_TAP at the same time. But actually there is only IFF_TUN flag works. And it does not make sense these two flags are set, so add this check. Signed-off-by: Gao Feng ---

[PATCH net-next 1/1] net: vlan: Use sizeof instead of literal number

From: Gao Feng Use sizeof variable instead of literal number to enhance the readability. Signed-off-by: Gao Feng --- net/8021q/vlan.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index

[PATCH 1/1] net: vlan: Use sizeof instead of literal number

From: Gao Feng Use sizeof variable instead of literal number to enhance the readability. Signed-off-by: Gao Feng --- net/8021q/vlan.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index

[PATCH nf-next] netfilter: xt_osf: Use explicit member assignment to avoid implicit no padding rule

From: Gao Feng Current xt_osf codes use memcmp to check if two user fingers are same, so it depends on that the struct xt_osf_user_finger is no padding. It is one implicit rule, and is not good to maintain. Now use zero memory and assign the members explicitly. Signed-off-by:

[PATCH nf v5] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. But current seqadj codes would adjust the "0" ack to invalid ack number. Actually seqadj need to check the ack flag before adjust it for these RST packets. The

[PATCH nf v4] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. But current seqadj codes would adjust the "0" ack to invalid ack number. Actually seqadj need to check the ack flag before adjust it for these RST packets. The

[PATCH nf v3] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. But current seqadj codes would adjust the "0" ack to invalid ack number. Actually seqadj need to check the ack flag before adjust it for these RST packets. The

[PATCH v5 nf] netfilter: seqadj: Drop the packet directly when fail to add seqadj extension to avoid dereference NULL pointer later

From: Gao Feng When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj extension. But the function nf_ct_seqadj_init doesn't check if get valid seqadj pointer by the nfct_seqadj. Now drop the packet directly when fail to add seqadj extension to avoid

[PATCH nf] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. For these RST packets, seqadj could not adjust the ack number. Signed-off-by: Gao Feng --- v2: Regenerate because the first patch is removed v1:

[PATCH v4 nf] netfilter: seqadj: Drop the packet directly when fail to add seqadj extension to avoid dereference NULL pointer later

From: Gao Feng When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj extension. But the function nf_ct_seqadj_init doesn't check if get valid seqadj pointer by the nfct_seqadj. Now drop the packet directly when fail to add seqadj extension to avoid

[PATCH 2/2 nf] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. For these RST packets, seqadj could not adjust the ack number. Signed-off-by: Gao Feng --- net/netfilter/nf_conntrack_seqadj.c | 34

[PATCH v3 nf] netfilter: seqadj: Fix one possible panic in seqadj when mem is exhausted

From: Gao Feng When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj extension. But the function nf_ct_seqadj_init doesn't check if get valid seqadj pointer by the nfct_seqadj, while other functions perform the sanity check. So the system would be panic when

[PATCH v2 1/2 nf] netfilter: seqadj: Fix one possible panic in seqadj when mem is exhausted

From: Gao Feng When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj extension. But the function nf_ct_seqadj_init doesn't check if get valid seqadj pointer by the nfct_seqadj, while other functions perform the sanity check. So the system would be panic when

[PATCH 2/2 nf-next] netfilter: seqadj: print the warning log when fail to add seqadj extension

From: Gao Feng Print the warning log when fail to add seqadj extension like nf_ct_acct_ext_add does. It could be helpful to find the problem. Signed-off-by: Gao Feng --- include/net/netfilter/nf_conntrack_seqadj.h | 8 +++- 1 file changed, 7

[PATCH 1/2 nf] netfilter: seqadj: Fix some possible panics of seqadj when mem is exhausted

From: Gao Feng When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj extension. But these interface functions nf_ct_seqadj_init and nf_ct_seq_adjust don't check if they get the valid seqadj pointer by the nfct_seqadj, while nf_ct_seqadj_set and

[PATCH v2 net] rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly

From: Gao Feng The original codes depend on that the function parameters are evaluated from left to right. But the parameter's evaluation order is not defined in C standard actually. When flow_keys_have_l4() is invoked before ___skb_get_hash(skb, , hashrnd) with some compilers

[PATCH net-next] rps: flow_dissector: Add the const for the parameter of flow_keys_have_l4

From: Gao Feng Add the const for the parameter of flow_keys_have_l4 for the readability. Signed-off-by: Gao Feng --- include/net/flow_dissector.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/net/flow_dissector.h

[PATCH net] rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly

From: Gao Feng The original codes depend on that the function parameters are evaluated from left to right. But the parameter's evaluation order is not defined in C standard actually. When flow_keys_have_l4() is invoked before ___skb_get_hash(skb, , hashrnd) with some compilers

[PATCH v2 nf] netfilter: log: Check param to avoid overflow in nf_log_set

From: Gao Feng The nf_log_set is an interface function, so it should do the strict sanity check of parameters. Convert the return value of nf_log_set as int instead of void. When the pf is invalid, return -EOPNOTSUPP. Signed-off-by: Gao Feng --- v2: Use

[PATCH nf-next] netfilter: log: Check param to avoid overflow in nf_log_set

From: Gao Feng The nf_log_set is an interface function, so it should do the strict sanity check of parameters. Add one sanity check for pf, it could not exceed NFPROTO_NUMPROTO, and print error log when pf is invalid. Signed-off-by: Gao Feng ---

[PATCH v1 1/1 net-next] 8139cp: Fix one possible deadloop in cp_rx_poll

From: Gao Feng When cp_rx_poll does not get enough packet, it will check the rx interrupt status again. If so, it will jumpt to rx_status_loop again. But the goto jump resets the rx variable as zero too. As a result, it causes one possible deadloop. Assume this case,

[PATCH v2 1/2 net-next] netfilter: gre: Use consistent GRE_* macros instead of ones defined by netfilter.

From: Gao Feng There are already some GRE_* macros in kernel, so it is unnecessary to define these macros. And remove some useless macros Signed-off-by: Gao Feng --- v2: Split the original patch to review easily v1: Intial patch

[PATCH v2 2/2 net-next] netfilter: gre: Use consistent GRE and PTTP header structure instead of the ones defined by netfilter

From: Gao Feng There are two existing strutures which defines the GRE and PPTP header. So use these two structures instead of the ones defined by netfilter to keep consitent with other codes. Signed-off-by: Gao Feng --- v2: Split the original patch to review

[PATCH v2 1/2 net-next] netfilter: gre: Use consistent GRE_* macros instead of ones defined by netfilter.

From: Gao Feng There are already some GRE_* macros in kernel, so it is unnecessary to define these macros. And remove some useless macros Signed-off-by: Gao Feng --- v2: Split the original patch to review easily v1: Intial patch

[PATCH v5 net-next] l2tp: Refactor the codes with existing macros instead of literal number

From: Gao Feng Use PPP_ALLSTATIONS, PPP_UI, and SEND_SHUTDOWN instead of 0xff, 0x03, and 2 separately. Signed-off-by: Gao Feng --- v5: Remove tail space; v4: Remove two static ppph variables; v3: Modify the subject; v2: Only replace the literal number with

[PATCH v4 net-next] l2tp: Refactor the codes with existing macros instead of literal number

From: Gao Feng Use PPP_ALLSTATIONS, PPP_UI, and SEND_SHUTDOWN instead of 0xff, 0x03, and 2 separately. Signed-off-by: Gao Feng --- v4: Remove two static ppph variables; v3: Modify the subject; v2: Only replace the literal number with macros according to

[PATCH v4 net-next] ppp: Fix one deadlock issue of PPP when reentrant

From: Gao Feng PPP channel holds one spinlock before send frame. But the skb may select the same PPP channel with wrong route policy. As a result, the skb reaches the same channel path. It tries to get the same spinlock which is held before. Bang, the deadlock comes out. Now

[PATCH v3 net-next] l2tp: Refactor the codes with existing macros instead of literal number

From: Gao Feng Use PPP_ALLSTATIONS, PPP_UI, and SEND_SHUTDOWN instead of 0xff, 0x03, and 2 separately. Signed-off-by: Gao Feng --- v3: Modify the subject; v2: Only replace the literal number with macros according to Guillaume's advice v1: Inital patch

[PATCH 1/1] ppp: Fix one deadlock issue of PPP when reentrant

From: Gao Feng PPP channel holds one spinlock before send frame. But the skb may select the same PPP channel with wrong route policy. As a result, the skb reaches the same channel path. It tries to get the same spinlock which is held before. Bang, the deadlock comes out. Now

[PATCH 1/1] netfilter: gre: Use the consitent GRE and PPTP struct instead of the structures defined in netfilter

From: Gao Feng There are two structures which define the GRE header and PPTP header. So it is unneccessary to define duplicated structures in netfilter again. Signed-off-by: Gao Feng --- v1: Intial patch include/linux/netfilter/nf_conntrack_proto_gre.h | 63

[PATCH v1 1/1] l2tp: Use existing macros instead of literal number

From: Gao Feng 1. Use PPP_ALLSTATIONS/PPP_UI instead of literal 0xff/0x03; 2. Use one static const global fixed_ppphdr instead of two same static variable ppph in two different functions; 3. Use SEND_SHUTDOWN instead of literal 2; Signed-off-by: Gao Feng ---

[PATCH 1/1] l2tp: Fix the connect status check in pppol2tp_getname

From: Gao Feng The sk->sk_state is bits flag, so need use bit operation check instead of value check. Signed-off-by: Gao Feng --- net/l2tp/l2tp_ppp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c

[PATCH v1 1/1] l2tp: Use existing macros instead of literal number

From: Gao Feng 1. Use PPP_ALLSTATIONS/PPP_UI instead of literal 0xff/0x03; 2. Use one static const global fixed_ppphdr instead of two same static variable ppph in two different functions; 3. Use SEND_SHUTDOWN instead of literal 2; Signed-off-by: Gao Feng ---

[PATCH 2/2] pptp: Reset call_id as 0 to avoid one useless lookup at next time

From: Gao Feng When pptp fails to get valid callid, the global call_id is set as MAX_CALLID. Then it must fail to get callid at next time, when invoke find_next_zero_bit from call_id+1. Because the call_id+1 exceeds the limit "MAX_CALLID". So reset call_id as 0 when fail to get

[PATCH v1 1/2] pptp: Use macro and sizeof instead of literal number

From: Gao Feng Use existing macros like PPP_ADDRESS, SC_COMP_PROT and sizeof fixed variables instead of original literal number to enhance readbility. BTW, the original pptp_rcv uses literal number "12" as the param of pskb_may_pull. Actually the "12" is less than the size of

[PATCH v1 1/1] pppoe: l2tp: the PPPOX_CONNECTED should be used with bit operation

From: Gao Feng There are some codes in pppoe and l2tp which use the PPPOX_CONNECTED as the value including assignment and condition check. They should keep consistent with other codes. Signed-off-by: Gao Feng --- v1: Initial Patch drivers/net/ppp/pppoe.c |

[PATCH v2 1/1] ppp: Fix one deadlock issue of PPP when send frame

From: Gao Feng PPP channel holds one spinlock before send frame. But the skb may select the same PPP channel with wrong route policy. As a result, the skb reaches the same channel path. It tries to get the same spinlock which is held before. Bang, the deadlock comes out. Now

[PATCH 1/1] ppp: Fix one deadlock issue of PPP when send frame

From: Gao Feng PPP channel holds one spinlock before send frame. But the skb may select the same PPP channel with wrong route policy. As a result, the skb reaches the same channel path. It tries to get the same spinlock which is held before. Bang, the deadlock comes out. Now

[PATCH v1 1/1] pptp: Refactor the struct and macros of PPTP codes

From: Gao Feng 1. Use struct gre_base_hdr directly in pptp_gre_header instead of duplicated members; 2. Use existing macros like GRE_KEY, GRE_SEQ, and so on instead of duplicated macros defined by PPTP; 3. Add new macros like GRE_IS_ACK/SEQ and so on instead of PPTP_GRE_IS_A/S

[PATCH v6 1/1] rps: Inspect PPTP encapsulated by GRE to get flow hash

From: Gao Feng The PPTP is encapsulated by GRE header with that GRE_VERSION bits must contain one. But current GRE RPS needs the GRE_VERSION must be zero. So RPS does not work for PPTP traffic. In my test environment, there are four MIPS cores, and all traffic are passed

[PATCH v5 1/1] rps: Inspect PPTP encapsulated by GRE to get flow hash

From: Gao Feng The PPTP is encapsulated by GRE header with that GRE_VERSION bits must contain one. But current GRE RPS needs the GRE_VERSION must be zero. So RPS does not work for PPTP traffic. In my test environment, there are four MIPS cores, and all traffic are passed

[PATCH v4 1/1] rps: Inspect PPTP encapsulated by GRE to get flow hash

From: Gao Feng The PPTP is encapsulated by GRE header with that GRE_VERSION bits must contain one. But current GRE RPS needs the GRE_VERSION must be zero. So RPS does not work for PPTP traffic. In my test environment, there are four MIPS cores, and all traffic are passed

[PATCH v3 1/1] rps: Inspect PPTP encapsulated by GRE to get flow hash

From: Gao Feng The PPTP is encapsulated by GRE header with that GRE_VERSION bits must contain one. But current GRE RPS needs the GRE_VERSION must be zero. So RPS does not work for PPTP traffic. In my test environment, there are four MIPS cores, and all traffic are passed

[PATCH 1/1] rps: Inspect PPTP encapsulated by GRE to get flow hash

From: Gao Feng The PPTP is encapsulated by GRE header with that GRE_VERSION bits must contain one. But current GRE RPS needs the GRE_VERSION must be zero. So RPS does not work for PPTP traffic. In my test environment, there are four MIPS cores, and all traffic are passed

[PATCH 1/1] rps: Inspect PPTP encapsulated by GRE to get flow hash

From: Gao Feng The PPTP is encapsulated by GRE header with that GRE_VERSION bits must contain one. But current GRE RPS needs the GRE_VERSION must be zero. So RPS does not work for PPTP traffic. In my test environment, there are four MIPS cores, and all traffic are passed

  1   2   >