user/sven/linux.git/net/ipv4, branch v2.6.19

[NETFILTER]: ipt_REJECT: fix memory corruption

2006-11-29T04:59:38Z

On devices with hard_header_len > LL_MAX_HEADER ip_route_me_harder() reallocates the skb, leading to memory corruption when using the stale tcph pointer to update the checksum. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller

[NETFILTER]: conntrack: fix refcount leak when finding expectation

2006-11-29T04:59:37Z

All users of __{ip,nf}_conntrack_expect_find() don't expect that it increments the reference count of expectation. Signed-off-by: Yasuyuki Kozakai Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller

[NETFILTER]: ctnetlink: fix reference count leak

2006-11-29T04:59:36Z

When NFA_NEST exceeds the skb size the protocol reference is leaked. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller

[NET]: Fix kfifo_alloc() error check.

2006-11-25T23:16:49Z

The return value of kfifo_alloc() should be checked by IS_ERR(). Signed-off-by: Akinobu Mita Signed-off-by: David S. Miller

[UDP]: Make udp_encap_rcv use pskb_may_pull

2006-11-25T23:16:48Z

Make udp_encap_rcv use pskb_may_pull IPsec with NAT-T breaks on some notebooks using the latest e1000 chipset, when header split is enabled. When receiving sufficiently large packets, the driver puts everything up to and including the UDP header into the header portion of the skb, and the rest goes into the paged part. udp_encap_rcv forgets to use pskb_may_pull, and fails to decapsulate it. Instead, it passes it up it to the IKE daemon. Signed-off-by: Olaf Kirch Signed-off-by: Jean Delvare Signed-off-by: David S. Miller

[NETFILTER]: H.323 conntrack: fix crash with CONFIG_IP_NF_CT_ACCT

2006-11-25T23:16:47Z

H.323 connection tracking code calls ip_ct_refresh_acct() when processing RCFs and URQs but passes NULL as the skb. When CONFIG_IP_NF_CT_ACCT is enabled, the connection tracking core tries to derefence the skb, which results in an obvious panic. A similar fix was applied on the SIP connection tracking code some time ago. Signed-off-by: Faidon Liambotis Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller

[TCP]: Fix up sysctl_tcp_mem initialization.

2006-11-16T05:18:51Z

Fix up tcp_mem initial settings to take into account the size of the hash entries (different on SMP and non-SMP systems). Signed-off-by: John Heffner Signed-off-by: David S. Miller

[NETFILTER]: Use pskb_trim in {ip,ip6,nfnetlink}_queue

2006-11-16T05:18:48Z

Based on patch by James D. Nurmi: I've got some code very dependant on nfnetlink_queue, and turned up a large number of warns coming from skb_trim. While it's quite possibly my code, having not seen it on older kernels made me a bit suspect. Anyhow, based on some googling I turned up this thread: http://lkml.org/lkml/2006/8/13/56 And believe the issue to be related, so attached is a small patch to the kernel -- not sure if this is completely correct, but for anyone else hitting the WARN_ON(1) in skbuff.h, it might be helpful.. Signed-off-by: James D. Nurmi Ported to ip6_queue and nfnetlink_queue and added return value checks. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller

[IPVS]: More endianness fixed.

2006-11-10T22:57:37Z

- make sure port in FTP data is in network order (in fact it was looking buggy for big endian boxes before Viro's changes) - htonl -> htons for port Signed-off-by: Julian Anastasov Signed-off-by: David S. Miller

[TCP]: Don't use highmem in tcp hash size calculation.

2006-11-07T23:10:11Z

This patch removes consideration of high memory when determining TCP hash table sizes. Taking into account high memory results in tcp_mem values that are too large. Signed-off-by: John Heffner Signed-off-by: David S. Miller