user/sven/linux.git/net/llc, branch v3.8

net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm

2012-11-19T01:32:45Z

Allow an unpriviled user who has created a user namespace, and then created a network namespace to effectively use the new network namespace, by reducing capable(CAP_NET_ADMIN) and capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns, CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls. Allow creation of af_key sockets. Allow creation of llc sockets. Allow creation of af_packet sockets. Allow sending xfrm netlink control messages. Allow binding to netlink multicast groups. Allow sending to netlink multicast groups. Allow adding and dropping netlink multicast groups. Allow sending to all netlink multicast groups and port ids. Allow reading the netfilter SO_IP_SET socket option. Allow sending netfilter netlink messages. Allow setting and getting ip_vs netfilter socket options. Signed-off-by: "Eric W. Biederman" Signed-off-by: David S. Miller

llc: Remove stray reference to sysctl_llc_station_ack_timeout.

2012-09-17T17:13:24Z

Signed-off-by: David S. Miller

llc2: Collapse remainder of state machine into simple if-else if-statement

2012-09-17T17:04:19Z

Signed-off-by: Ben Hutchings Signed-off-by: David S. Miller

llc2: Remove explicit indexing of state action arrays

2012-09-17T17:04:19Z

These arrays are accessed by iteration in llc_exec_station_trans_actions(). There must not be any zero-filled gaps in them, so the explicit indices are pointless. Signed-off-by: Ben Hutchings Signed-off-by: David S. Miller

llc2: Remove the station send queue

2012-09-17T17:04:18Z

We only ever put one skb on the send queue, and then immediately send it. Remove the queue and call dev_queue_xmit() directly. This leaves struct llc_station empty, so remove that as well. Signed-off-by: Ben Hutchings Signed-off-by: David S. Miller

llc2: Collapse the station event receive path

2012-09-17T17:04:18Z

We only ever put one skb on the event queue, and then immediately process it. Remove the queue and fold together the related functions, removing several blatantly false comments. Signed-off-by: Ben Hutchings Signed-off-by: David S. Miller

llc2: Remove dead code for state machine

2012-09-17T17:04:18Z

The initial state is UP and there is no way to enter the other states as the required event type is never generated. Delete all states, event types, and other dead code. The only thing left is handling of the XID and TEST commands. Signed-off-by: Ben Hutchings Signed-off-by: David S. Miller

llc2: Remove pointless indirection through llc_stat_state_trans_end

2012-09-17T17:04:18Z

Signed-off-by: Ben Hutchings Signed-off-by: David S. Miller

Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

2012-08-24T22:54:37Z

This is an initial merge in of Eric Biederman's work to start adding user namespace support to the networking. Signed-off-by: David S. Miller

llc: fix info leak via getsockname()

2012-08-16T04:36:31Z

The LLC code wrongly returns 0, i.e. "success", when the socket is zapped. Together with the uninitialized uaddrlen pointer argument from sys_getsockname this leads to an arbitrary memory leak of up to 128 bytes kernel stack via the getsockname() syscall. Return an error instead when the socket is zapped to prevent the info leak. Also remove the unnecessary memset(0). We don't directly write to the memory pointed by uaddr but memcpy() a local structure at the end of the function that is properly initialized. Signed-off-by: Mathias Krause Cc: Arnaldo Carvalho de Melo Signed-off-by: David S. Miller