diff options
| author | Greg Kroah-Hartman <gregkh@suse.de> | 2010-09-05 00:25:04 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-09-05 00:25:04 -0700 |
| commit | eea487fa0daadea3dbe2c25b9db5881976643e09 (patch) | |
| tree | 38e1a3006075a2d2d9e412a89c1b00a843ec4196 | |
| parent | 1a868133510faafb3747084d87a785afa1b6eb66 (diff) | |
| download | patches-eea487fa0daadea3dbe2c25b9db5881976643e09.tar.gz | |
staging revert patch
| -rw-r--r-- | series | 3 | ||||
| -rw-r--r-- | staging.current/revert-staging-batman-adv-adding-netfilter-bridge-hooks.patch | 88 |
2 files changed, 91 insertions, 0 deletions
@@ -56,6 +56,9 @@ staging.current/staging-spectra-depend-on-x86_mrst.patch staging.current/staging-octeon-depends-on-netdevices.patch staging.current/staging-wlan-ng-explicitly-set-some-fields-in-cfg80211-interface.patch +# after patches sent to linus +staging.current/revert-staging-batman-adv-adding-netfilter-bridge-hooks.patch + ##################################################################### # Stuff to be merged after 2.6.36 is out diff --git a/staging.current/revert-staging-batman-adv-adding-netfilter-bridge-hooks.patch b/staging.current/revert-staging-batman-adv-adding-netfilter-bridge-hooks.patch new file mode 100644 index 00000000000000..735aabe54259d3 --- /dev/null +++ b/staging.current/revert-staging-batman-adv-adding-netfilter-bridge-hooks.patch @@ -0,0 +1,88 @@ +From sven.eckelmann@gmx.de Sun Sep 5 00:23:24 2010 +From: Sven Eckelmann <sven.eckelmann@gmx.de> +Date: Sun, 5 Sep 2010 01:58:18 +0200 +Subject: Revert: "Staging: batman-adv: Adding netfilter-bridge hooks" +To: greg@kroah.com +Cc: b.a.t.m.a.n@lists.open-mesh.net, Sven Eckelmann <sven.eckelmann@gmx.de> +Message-ID: <1283644718-653-2-git-send-email-sven.eckelmann@gmx.de> + + +This reverts commit 96d592ed599434d2d5f339a1d282871bc6377d2c. + +The netfilter hook seems to be misused and may leak skbs in situations +when NF_HOOK returns NF_STOLEN. It may not filter everything as +expected. Also the ethernet bridge tables are not yet capable to +understand batman-adv packet correctly. + +It was only added for testing purposes and can be removed again. + +Reported-by: Vasiliy Kulikov <segooon@gmail.com> +Signed-off-by: Sven Eckelmann <sven.eckelmann@gmx.de> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + drivers/staging/batman-adv/hard-interface.c | 13 ------------- + drivers/staging/batman-adv/send.c | 8 ++------ + 2 files changed, 2 insertions(+), 19 deletions(-) + +--- a/drivers/staging/batman-adv/hard-interface.c ++++ b/drivers/staging/batman-adv/hard-interface.c +@@ -30,7 +30,6 @@ + #include "hash.h" + + #include <linux/if_arp.h> +-#include <linux/netfilter_bridge.h> + + #define MIN(x, y) ((x) < (y) ? (x) : (y)) + +@@ -431,11 +430,6 @@ out: + return NOTIFY_DONE; + } + +-static int batman_skb_recv_finish(struct sk_buff *skb) +-{ +- return NF_ACCEPT; +-} +- + /* receive a packet with the batman ethertype coming on a hard + * interface */ + int batman_skb_recv(struct sk_buff *skb, struct net_device *dev, +@@ -456,13 +450,6 @@ int batman_skb_recv(struct sk_buff *skb, + if (atomic_read(&module_state) != MODULE_ACTIVE) + goto err_free; + +- /* if netfilter/ebtables wants to block incoming batman +- * packets then give them a chance to do so here */ +- ret = NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_IN, skb, dev, NULL, +- batman_skb_recv_finish); +- if (ret != 1) +- goto err_out; +- + /* packet should hold at least type and version */ + if (unlikely(skb_headlen(skb) < 2)) + goto err_free; +--- a/drivers/staging/batman-adv/send.c ++++ b/drivers/staging/batman-adv/send.c +@@ -29,7 +29,6 @@ + #include "vis.h" + #include "aggregation.h" + +-#include <linux/netfilter_bridge.h> + + static void send_outstanding_bcast_packet(struct work_struct *work); + +@@ -92,12 +91,9 @@ int send_skb_packet(struct sk_buff *skb, + + /* dev_queue_xmit() returns a negative result on error. However on + * congestion and traffic shaping, it drops and returns NET_XMIT_DROP +- * (which is > 0). This will not be treated as an error. +- * Also, if netfilter/ebtables wants to block outgoing batman +- * packets then giving them a chance to do so here */ ++ * (which is > 0). This will not be treated as an error. */ + +- return NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, +- dev_queue_xmit); ++ return dev_queue_xmit(skb); + send_skb_err: + kfree_skb(skb); + return NET_XMIT_DROP; |
