1. 25 1月, 2018 13 次提交
  2. 24 1月, 2018 6 次提交
    • Y
      mlxsw: spectrum_router: Don't log an error on missing neighbor · 1ecdaea0
      Yuval Mintz 提交于
      Driver periodically samples all neighbors configured in device
      in order to update the kernel regarding their state. When finding
      an entry configured in HW that doesn't show in neigh_lookup()
      driver logs an error message.
      This introduces a race when removing multiple neighbors -
      it's possible that a given entry would still be configured in HW
      as its removal is still being processed but is already removed
      from the kernel's neighbor tables.
      
      Simply remove the error message and gracefully accept such events.
      
      Fixes: c723c735 ("mlxsw: spectrum_router: Periodically update the kernel's neigh table")
      Fixes: 60f040ca ("mlxsw: spectrum_router: Periodically dump active IPv6 neighbours")
      Signed-off-by: NYuval Mintz <yuvalm@mellanox.com>
      Reviewed-by: NIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: NJiri Pirko <jiri@mellanox.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1ecdaea0
    • D
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec · 97edf7c5
      David S. Miller 提交于
      Steffen Klassert says:
      
      ====================
      pull request (net): ipsec 2018-01-24
      
      1) Only offloads SAs after they are fully initialized.
         Otherwise a NIC may receive packets on a SA we can
         not yet handle in the stack.
         From Yossi Kuperman.
      
      2) Fix negative refcount in case of a failing offload.
         From Aviad Yehezkel.
      
      3) Fix inner IP ptoro version when decapsulating
         from interaddress family tunnels.
         From Yossi Kuperman.
      
      4) Use true or false for boolean variables instead of an
         integer value in xfrm_get_type_offload.
         From Gustavo A. R. Silva.
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      97edf7c5
    • N
      vmxnet3: repair memory leak · 848b1598
      Neil Horman 提交于
      with the introduction of commit
      b0eb57cb, it appears that rq->buf_info
      is improperly handled.  While it is heap allocated when an rx queue is
      setup, and freed when torn down, an old line of code in
      vmxnet3_rq_destroy was not properly removed, leading to rq->buf_info[0]
      being set to NULL prior to its being freed, causing a memory leak, which
      eventually exhausts the system on repeated create/destroy operations
      (for example, when  the mtu of a vmxnet3 interface is changed
      frequently.
      
      Fix is pretty straight forward, just move the NULL set to after the
      free.
      
      Tested by myself with successful results
      
      Applies to net, and should likely be queued for stable, please
      Signed-off-by: NNeil Horman <nhorman@tuxdriver.com>
      Reported-By: boyang@redhat.com
      CC: boyang@redhat.com
      CC: Shrikrishna Khare <skhare@vmware.com>
      CC: "VMware, Inc." <pv-drivers@vmware.com>
      CC: David S. Miller <davem@davemloft.net>
      Acked-by: NShrikrishna Khare <skhare@vmware.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      848b1598
    • B
      ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL · e9191ffb
      Ben Hutchings 提交于
      Commit 513674b5 ("net: reevalulate autoflowlabel setting after
      sysctl setting") removed the initialisation of
      ipv6_pinfo::autoflowlabel and added a second flag to indicate
      whether this field or the net namespace default should be used.
      
      The getsockopt() handling for this case was not updated, so it
      currently returns 0 for all sockets for which IPV6_AUTOFLOWLABEL is
      not explicitly enabled.  Fix it to return the effective value, whether
      that has been set at the socket or net namespace level.
      
      Fixes: 513674b5 ("net: reevalulate autoflowlabel setting after sysctl ...")
      Signed-off-by: NBen Hutchings <ben.hutchings@codethink.co.uk>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e9191ffb
    • G
      pppoe: take ->needed_headroom of lower device into account on xmit · 02612bb0
      Guillaume Nault 提交于
      In pppoe_sendmsg(), reserving dev->hard_header_len bytes of headroom
      was probably fine before the introduction of ->needed_headroom in
      commit f5184d26 ("net: Allow netdevices to specify needed head/tailroom").
      
      But now, virtual devices typically advertise the size of their overhead
      in dev->needed_headroom, so we must also take it into account in
      skb_reserve().
      Allocation size of skb is also updated to take dev->needed_tailroom
      into account and replace the arbitrary 32 bytes with the real size of
      a PPPoE header.
      
      This issue was discovered by syzbot, who connected a pppoe socket to a
      gre device which had dev->header_ops->create == ipgre_header and
      dev->hard_header_len == 0. Therefore, PPPoE didn't reserve any
      headroom, and dev_hard_header() crashed when ipgre_header() tried to
      prepend its header to skb->data.
      
      skbuff: skb_under_panic: text:000000001d390b3a len:31 put:24
      head:00000000d8ed776f data:000000008150e823 tail:0x7 end:0xc0 dev:gre0
      ------------[ cut here ]------------
      kernel BUG at net/core/skbuff.c:104!
      invalid opcode: 0000 [#1] SMP KASAN
      Dumping ftrace buffer:
          (ftrace buffer empty)
      Modules linked in:
      CPU: 1 PID: 3670 Comm: syzkaller801466 Not tainted
      4.15.0-rc7-next-20180115+ #97
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
      Google 01/01/2011
      RIP: 0010:skb_panic+0x162/0x1f0 net/core/skbuff.c:100
      RSP: 0018:ffff8801d9bd7840 EFLAGS: 00010282
      RAX: 0000000000000083 RBX: ffff8801d4f083c0 RCX: 0000000000000000
      RDX: 0000000000000083 RSI: 1ffff1003b37ae92 RDI: ffffed003b37aefc
      RBP: ffff8801d9bd78a8 R08: 1ffff1003b37ae8a R09: 0000000000000000
      R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff86200de0
      R13: ffffffff84a981ad R14: 0000000000000018 R15: ffff8801d2d34180
      FS:  00000000019c4880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 00000000208bc000 CR3: 00000001d9111001 CR4: 00000000001606e0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
      Call Trace:
        skb_under_panic net/core/skbuff.c:114 [inline]
        skb_push+0xce/0xf0 net/core/skbuff.c:1714
        ipgre_header+0x6d/0x4e0 net/ipv4/ip_gre.c:879
        dev_hard_header include/linux/netdevice.h:2723 [inline]
        pppoe_sendmsg+0x58e/0x8b0 drivers/net/ppp/pppoe.c:890
        sock_sendmsg_nosec net/socket.c:630 [inline]
        sock_sendmsg+0xca/0x110 net/socket.c:640
        sock_write_iter+0x31a/0x5d0 net/socket.c:909
        call_write_iter include/linux/fs.h:1775 [inline]
        do_iter_readv_writev+0x525/0x7f0 fs/read_write.c:653
        do_iter_write+0x154/0x540 fs/read_write.c:932
        vfs_writev+0x18a/0x340 fs/read_write.c:977
        do_writev+0xfc/0x2a0 fs/read_write.c:1012
        SYSC_writev fs/read_write.c:1085 [inline]
        SyS_writev+0x27/0x30 fs/read_write.c:1082
        entry_SYSCALL_64_fastpath+0x29/0xa0
      
      Admittedly PPPoE shouldn't be allowed to run on non Ethernet-like
      interfaces, but reserving space for ->needed_headroom is a more
      fundamental issue that needs to be addressed first.
      
      Same problem exists for __pppoe_xmit(), which also needs to take
      dev->needed_headroom into account in skb_cow_head().
      
      Fixes: f5184d26 ("net: Allow netdevices to specify needed head/tailroom")
      Reported-by: syzbot+ed0838d0fa4c4f2b528e20286e6dc63effc7c14d@syzkaller.appspotmail.com
      Signed-off-by: NGuillaume Nault <g.nault@alphalink.fr>
      Reviewed-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      02612bb0
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · a84a8ab9
      Linus Torvalds 提交于
      Pull networking fixes from David Miller:
      
       1) Fix divide by zero in mlx5, from Talut Batheesh.
      
       2) Guard against invalid GSO packets coming from untrusted guests and
          arriving in qdisc_pkt_len_init(), from Eric Dumazet.
      
       3) Similarly add such protection to the various protocol GSO handlers.
          From Willem de Bruijn.
      
       4) Fix regression added to IGMP source address checking for IGMPv3
          reports, from Felix Feitkau.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
        tls: Correct length of scatterlist in tls_sw_sendpage
        be2net: restore properly promisc mode after queues reconfiguration
        net: igmp: fix source address check for IGMPv3 reports
        gso: validate gso_type in GSO handlers
        net: qdisc_pkt_len_init() should be more robust
        ibmvnic: Allocate and request vpd in init_resources
        ibmvnic: Revert to previous mtu when unsupported value requested
        ibmvnic: Modify buffer size and number of queues on failover
        rds: tcp: compute m_ack_seq as offset from ->write_seq
        usbnet: silence an unnecessary warning
        cxgb4: fix endianness for vlan value in cxgb4_tc_flower
        cxgb4: set filter type to 1 for ETH_P_IPV6
        net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare
      a84a8ab9
  3. 23 1月, 2018 20 次提交
  4. 22 1月, 2018 1 次提交