1. 09 1月, 2019 14 次提交
  2. 08 1月, 2019 10 次提交
  3. 07 1月, 2019 5 次提交
  4. 06 1月, 2019 4 次提交
  5. 05 1月, 2019 7 次提交
    • A
      Merge branch 'udpv6_sendmsg-addr_any-fix' · 466f89e9
      Alexei Starovoitov 提交于
      Andrey Ignatov says:
      
      ====================
      The patch set fixes BSD'ism in sys_sendmsg to rewrite unspecified
      destination IPv6 for unconnected UDP sockets in sys_sendmsg with [::1] in
      case when either CONFIG_CGROUP_BPF is enabled or when sys_sendmsg BPF hook
      sets destination IPv6 to [::].
      
      Patch 1 is the fix and provides more details.
      Patch 2 adds two test cases to verify the fix.
      
      v1->v2:
      * Fix compile error in patch 1.
      ====================
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      466f89e9
    • A
      selftests/bpf: Test [::] -> [::1] rewrite in sys_sendmsg in test_sock_addr · 976b4f3a
      Andrey Ignatov 提交于
      Test that sys_sendmsg BPF hook doesn't break sys_sendmsg behaviour to
      rewrite destination IPv6 = [::] with [::1] (BSD'ism).
      
      Two test cases are added:
      
      1) User passes dst IPv6 = [::] and BPF_CGROUP_UDP6_SENDMSG program
         doesn't touch it.
      
      2) User passes dst IPv6 != [::], but BPF_CGROUP_UDP6_SENDMSG program
         rewrites it with [::].
      
      In both cases [::1] is used by sys_sendmsg code eventually and datagram
      is sent successfully for unconnected UDP socket.
      
      Example of relevant output:
        Test case: sendmsg6: set dst IP = [::] (BSD'ism) .. [PASS]
        Test case: sendmsg6: preserve dst IP = [::] (BSD'ism) .. [PASS]
      Signed-off-by: NAndrey Ignatov <rdna@fb.com>
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      976b4f3a
    • A
      bpf: Fix [::] -> [::1] rewrite in sys_sendmsg · e8e36984
      Andrey Ignatov 提交于
      sys_sendmsg has supported unspecified destination IPv6 (wildcard) for
      unconnected UDP sockets since 876c7f41. When [::] is passed by user as
      destination, sys_sendmsg rewrites it with [::1] to be consistent with
      BSD (see "BSD'ism" comment in the code).
      
      This didn't work when cgroup-bpf was enabled though since the rewrite
      [::] -> [::1] happened before passing control to cgroup-bpf block where
      fl6.daddr was updated with passed by user sockaddr_in6.sin6_addr (that
      might or might not be changed by BPF program). That way if user passed
      [::] as dst IPv6 it was first rewritten with [::1] by original code from
      876c7f41, but then rewritten back with [::] by cgroup-bpf block.
      
      It happened even when BPF_CGROUP_UDP6_SENDMSG program was not present
      (CONFIG_CGROUP_BPF=y was enough).
      
      The fix is to apply BSD'ism after cgroup-bpf block so that [::] is
      replaced with [::1] no matter where it came from: passed by user to
      sys_sendmsg or set by BPF_CGROUP_UDP6_SENDMSG program.
      
      Fixes: 1cedee13 ("bpf: Hooks for sys_sendmsg")
      Reported-by: NNitin Rawat <nitin.rawat@intel.com>
      Signed-off-by: NAndrey Ignatov <rdna@fb.com>
      Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
      e8e36984
    • D
      ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address · ec90ad33
      David Ahern 提交于
      Similar to c5ee0663 ("ipv6: Consider sk_bound_dev_if when binding a
      socket to an address"), binding a socket to v4 mapped addresses needs to
      consider if the socket is bound to a device.
      
      This problem also exists from the beginning of git history.
      Signed-off-by: NDavid Ahern <dsahern@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ec90ad33
    • J
      ixgbe: fix Kconfig when driver is not a module · ae84e4a8
      Jeff Kirsher 提交于
      The new ability added to the driver to use mii_bus to handle MII related
      ioctls is causing compile issues when the driver is compiled into the
      kernel (i.e. not a module).
      
      The problem was in selecting MDIO_DEVICE instead of the preferred PHYLIB
      Kconfig option.  The reason being that MDIO_DEVICE had a dependency on
      PHYLIB and would be compiled as a module when PHYLIB was a module, no
      matter whether ixgbe was compiled into the kernel.
      
      CC: Dave Jones <davej@codemonkey.org.uk>
      CC: Steve Douthit <stephend@silicom-usa.com>
      CC: Florian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      Reviewed-by: NStephen Douthit <stephend@silicom-usa.com>
      Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ae84e4a8
    • E
      ipv6: make icmp6_send() robust against null skb->dev · 8d933670
      Eric Dumazet 提交于
      syzbot was able to crash one host with the following stack trace :
      
      kasan: GPF could be caused by NULL-ptr deref or user memory access
      general protection fault: 0000 [#1] PREEMPT SMP KASAN
      CPU: 0 PID: 8625 Comm: syz-executor4 Not tainted 4.20.0+ #8
      RIP: 0010:dev_net include/linux/netdevice.h:2169 [inline]
      RIP: 0010:icmp6_send+0x116/0x2d30 net/ipv6/icmp.c:426
       icmpv6_send
       smack_socket_sock_rcv_skb
       security_sock_rcv_skb
       sk_filter_trim_cap
       __sk_receive_skb
       dccp_v6_do_rcv
       release_sock
      
      This is because a RX packet found socket owned by user and
      was stored into socket backlog. Before leaving RCU protected section,
      skb->dev was cleared in __sk_receive_skb(). When socket backlog
      was finally handled at release_sock() time, skb was fed to
      smack_socket_sock_rcv_skb() then icmp6_send()
      
      We could fix the bug in smack_socket_sock_rcv_skb(), or simply
      make icmp6_send() more robust against such possibility.
      
      In the future we might provide to icmp6_send() the net pointer
      instead of infering it.
      
      Fixes: d66a8acb ("Smack: Inform peer that IPv6 traffic has been blocked")
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Piotr Sawicki <p.sawicki2@partner.samsung.com>
      Cc: Casey Schaufler <casey@schaufler-ca.com>
      Reported-by: Nsyzbot <syzkaller@googlegroups.com>
      Acked-by: NCasey Schaufler <casey@schaufler-ca.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8d933670
    • P
      selftests: net: fix/improve ip_defrag selftest · 3271a482
      Peter Oskolkov 提交于
      Commit ade44640 ("net: ipv4: do not handle duplicate fragments as
      overlapping") changed IPv4 defragmentation so that duplicate fragments,
      as well as _some_ fragments completely covered by previously delivered
      fragments, do not lead to the whole frag queue being discarded. This
      makes the existing ip_defrag selftest flaky.
      
      This patch
      * makes sure that negative IPv4 defrag tests generate truly overlapping
        fragments that trigger defrag queue drops;
      * tests that duplicate IPv4 fragments do not trigger defrag queue drops;
      * makes a couple of minor tweaks to the test aimed at increasing its code
        coverage and reduce flakiness.
      Signed-off-by: NPeter Oskolkov <posk@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      3271a482