[PATCH 4.2 36/61] net_sched: fix qdisc_tree_decrease_qlen() races

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 4eaf3b84f2881c9c028f1d5e76c52ab575fe3a66 ] qdisc_tree_decrease_qlen() suffers from two problems on multiqueue devices. One problem is that it updates

[PATCH 4.2 55/61] debugfs: fix refcount imbalance in start_creating

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann commit 0ee9608c89e81a1ccee52ecb58a7ff040e2522d9 upstream. In debugfs' start_creating(), we pin the file system to safely access its root. When we failed to create a file, we

[PATCH 4.2 38/61] btrfs: fix resending received snapshot with parent

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Robin Ruede commit b96b1db039ebc584d03a9933b279e0d3e704c528 upstream. This fixes a regression introduced by 37b8d27d between v4.1 and v4.2. When a snapshot is received, its received_uuid is

[PATCH 4.2 37/61] via-rhine: fix VLAN receive handling regression.

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Andrej Ota [ Upstream commit 5f715c097965c0ad037f64393d0b95c50287775b ] Because eth_type_trans() consumes ethernet header worth of bytes, a call to read TCI from end of packet using

[PATCH 4.2 39/61] btrfs: check unsupported filters in balance arguments

4.2-stable review patch. If anyone has any objections, please let me know. -- From: David Sterba commit 849ef9286f30c88113906dc35f44a499c0cb385d upstream. We don't verify that all the balance filter arguments supplemented by the flags are actually known to the kernel. Thus we

[PATCH 4.2 58/61] ocfs2: fix umask ignored issue

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Junxiao Bi commit 8f1eb48758aacf6c1ffce18179295adbf3bd7640 upstream. New created file's mode is not masked with umask, and this makes umask not work for ocfs2 volume. Fixes: 702e5bc ("ocfs2:

[PATCH 4.3 29/71] tcp: fix potential huge kmalloc() calls in TCP_REPAIR

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 5d4c9bfbabdb1d497f21afd81501e5c54b0c85d9 ] tcp_send_rcvq() is used for re-injecting data into tcp receive queue. Problems : - No check against size is

[PATCH 4.2 32/61] bpf, array: fix heap out-of-bounds access when updating elements

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit fbca9d2d35c6ef1b323fae75cc9545005ba25097 ] During own review but also reported by Dmitry's syzkaller [1] it has been noticed that we trigger a heap

[PATCH 4.2 41/61] Btrfs: fix truncation of compressed and inlined extents

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit 0305cd5f7fca85dae392b9ba85b116896eb7c1c7 upstream. When truncating a file to a smaller size which consists of an inline extent that is compressed, we did not discard (or

[PATCH 4.2 40/61] Btrfs: fix file corruption and data loss after cloning inline extents

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit 8039d87d9e473aeb740d4fdbd59b9d2f89b2ced9 upstream. Currently the clone ioctl allows to clone an inline extent from one file to another that already has other (non-inlined)

[PATCH 4.3 11/71] Revert "ipv6: ndisc: inherit metadata dst when creating ndisc requests"

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Nicolas Dichtel [ Upstream commit 304d888b29cf96f1dd53511ee686499cd8cdf249 ] This reverts commit ab450605b35caa768ca33e86db9403229bf42be4. In IPv6, we cannot inherit the dst of the original

[PATCH 4.3 01/71] certs: add .gitignore to stop git nagging about x509_certificate_list

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Paul Gortmaker commit 48dbc164b40dd9195dea8cd966e394819e420b64 upstream. Currently we see this in "git status" if we build in the source dir: Untracked files: (use "git add ..." to include

[PATCH 4.3 10/71] ipv6: Check rt->dst.from for the DST_NOCACHE route

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Martin KaFai Lau [ Upstrem commit 02bcf4e082e4dc634409a6a6cb7def8806d6e5e6 ] All DST_NOCACHE rt6_info used to have rt->dst.from set to its parent. After commit 8e3d5be73681 ("ipv6: Avoid

[PATCH 4.3 04/71] af_unix: dont append consumed skbs to sk_receive_queue

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit 8844f97238ca6c1ca92a5d6c69f53efd361a266f ] In case multiple writes to a unix stream socket race we could end up in a situation where we pre-allocate a

[PATCH 4.3 05/71] af_unix: take receive queue lock while appending new skb

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit a3a116e04cc6a94d595ead4e956ab1bc1d2f4746 ] While possibly in future we don't necessarily need to use sk_buff_head.lock this is a rather larger change, as

[PATCH] ptrace: being capable wrt a process requires mapped uids/gids

ptrace_has_cap() checks whether the current process should be treated as having a certain capability for ptrace checks against another process. Until now, this was equivalent to has_ns_capability(current, target_ns, CAP_SYS_PTRACE). However, if a root-owned process wants to enter a user namespace

[PATCH 4.3 03/71] af-unix: fix use-after-free with concurrent readers while splicing

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit 73ed5d25dce0354ea381d6dc93005c3085fae03d ] During splicing an af-unix socket to a pipe we have to drop all af-unix socket locks. While doing so we allow

[PATCH V2 4/4] scsi: storvsc: Tighten up the interrupt path

On the interrupt path, we repeatedly establish the pointer to the storvsc_device. Fix this. Signed-off-by: K. Y. Srinivasan Reviewed-by: Long Li Reviewed-by: Johannes Thumshirn Tested-by: Alex Ng --- drivers/scsi/storvsc_drv.c | 23 --- 1 files changed, 8 insertions(+),

[PATCH V2 2/4] scsi: storvsc: Properly support Fibre Channel devices

For FC devices managed by this driver, atttach the appropriate transport template. This will allow us to create the appropriate sysfs files for these devices. With this we can publish the wwn for both the port and the node. Signed-off-by: K. Y. Srinivasan Reviewed-by: Long Li Tested-by: Alex Ng

[PATCH V2 3/4] scsi: storvsc: Refactor the code in storvsc_channel_init()

The function storvsc_channel_init() repeatedly interacts with the host to extract various channel properties. Refactor this code to eliminate code repetition. Signed-off-by: K. Y. Srinivasan Reviewed-by: Long Li Reviewed-by: Johannes Thumshirn Tested-by: Alex Ng --- V2: Fixed error

[PATCH V2 1/4] scsi: storvsc: Fix a bug in the layout of the hv_fc_wwn_packet

The hv_fc_wwn_packet is exchanged over vmbus. Make the definition in Linux match the Window's definition. Signed-off-by: K. Y. Srinivasan Reviewed-by: Johannes Thumshirn Reviewed-by: Long Li Tested-by: Alex Ng --- drivers/scsi/storvsc_drv.c |5 ++--- 1 files changed, 2 insertions(+), 3

[PATCH 4.3 02/71] r8169: fix kasan reported skb use-after-free.

4.3-stable review patch. If anyone has any objections, please let me know. -- From: =?UTF-8?q?fran=C3=A7ois=20romieu?= [ Upstream commit 39174291d8e8acfd1113214a943263aaa03c57c8 ] Signed-off-by: Francois Romieu Reported-by: Dave Jones Fixes: d7d2d89d4b0af ("r8169: Add

[PATCH V2 0/4] scsi: storvsc: Properly support FC hosts

Properly support FC hosts. Additional cleanup patches are also included. In this version I have adddressed comments from Dan Carpenter and from Johannes Thumshirn . K. Y. Srinivasan (4): scsi: storvsc: Fix a bug in the layout of the hv_fc_wwn_packet scsi: storvsc: Properly support Fibre

[PATCH 4.3 07/71] af-unix: passcred support for sendpage

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit 9490f886b192964796285907d777ff00fba1fa0f ] sendpage did not care about credentials at all. This could lead to situations in which because of fd passing

[PATCH 4.3 14/71] packet: always probe for transport header

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 8fd6c80d9dd938ca338c70698533a7e304752846 ] We concluded that the skb_probe_transport_header() should better be called unconditionally. Avoiding the call into

[PATCH 4.3 15/71] packet: only allow extra vlan len on ethernet devices

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 3c70c132488794e2489ab045559b0ce0afcf17de ] Packet sockets can be used by various net devices and are not really restricted to ARPHRD_ETHER device types.

[PATCH 4.3 06/71] unix: avoid use-after-free in ep_remove_wait_queue

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Rainer Weikusat [ Upstream commit 7d267278a9ece963d77eefec61630223fce08c6c ] Rainer Weikusat writes: An AF_UNIX datagram socket being the client in an n:1 association with some server socket

[PATCH 4.3 17/71] packet: fix tpacket_snd max frame len

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 5cfb4c8d05b4409c4044cb9c05b19705c1d9818b ] Since it's introduction in commit 69e3c75f4d54 ("net: TX_RING and packet mmap"), TX_RING could be used from

[PATCH 4.3 00/71] 4.3.3-stable review

This is the start of the stable review cycle for the 4.3.3 release. There are 71 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Dec 14 20:05:02 UTC 2015. Anything

[PATCH 4.3 09/71] ipv6: Check expire on DST_NOCACHE route

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Martin KaFai Lau [ Upstream commit 5973fb1e245086071bf71994c8b54d99526ded03 ] Since the expires of the DST_NOCACHE rt can be set during the ip6_rt_update_pmtu(), we also need to consider the

[PATCH 4.3 13/71] packet: do skb_probe_transport_header when we actually have data

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit efdfa2f7848f64517008136fb41f53c4a1faf93a ] In tpacket_fill_skb() commit c1aad275b029 ("packet: set transport header before doing xmit") and later on

[PATCH 4.2 61/61] [media] cobalt: fix Kconfig dependency

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Hans Verkuil commit fc88dd16a0e430f57458e6bd9b62a631c6ea53a1 upstream. The cobalt driver should depend on VIDEO_V4L2_SUBDEV_API. This fixes this kbuild error: tree:

[PATCH 4.3 12/71] tools/net: Use include/uapi with __EXPORTED_HEADERS__

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Kamal Mostafa [ Upstream commit d7475de58575c904818efa369c82e88c6648ce2e ] Use the local uapi headers to keep in sync with "recently" added #define's (e.g. SKF_AD_VLAN_TPID). Refactored

[PATCH 4.3 08/71] ipv6: Avoid creating RTF_CACHE from a rt that is not managed by fib6 tree

4.3-stable review patch. If anyone has any objections, please let me know. -- From: Martin KaFai Lau [ Upstream commit 0d3f6d297bfb7af24d0508460fdb3d1ec4903fa3 ] The original bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1272571 The setup has a IPv4 GRE tunnel

[PATCH 4.2 03/61] af_unix: take receive queue lock while appending new skb

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit a3a116e04cc6a94d595ead4e956ab1bc1d2f4746 ] While possibly in future we don't necessarily need to use sk_buff_head.lock this is a rather larger change, as

[PATCH 4.2 04/61] unix: avoid use-after-free in ep_remove_wait_queue

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Rainer Weikusat [ Upstream commit 7d267278a9ece963d77eefec61630223fce08c6c ] Rainer Weikusat writes: An AF_UNIX datagram socket being the client in an n:1 association with some server socket

[PATCH 4.2 51/61] ext4, jbd2: ensure entering into panic after recording an error in superblock

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daeho Jeong commit 4327ba52afd03fc4b5afa0ee1d774c9c5b0e85c5 upstream. If a EXT4 filesystem utilizes JBD2 journaling and an error occurs, the journaling will be aborted first and the error

[PATCH 4.2 02/61] af_unix: dont append consumed skbs to sk_receive_queue

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit 8844f97238ca6c1ca92a5d6c69f53efd361a266f ] In case multiple writes to a unix stream socket race we could end up in a situation where we pre-allocate a

[PATCH 4.2 15/61] sctp: translate host order to network order when setting a hmacid

4.2-stable review patch. If anyone has any objections, please let me know. -- From: lucien [ Upstream commit ed5a377d87dc4c87fb3e1f7f698cba38cd893103 ] now sctp auth cannot work well when setting a hmacid manually, which is caused by that we didn't use the network order for

[PATCH 4.2 05/61] af-unix: passcred support for sendpage

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit 9490f886b192964796285907d777ff00fba1fa0f ] sendpage did not care about credentials at all. This could lead to situations in which because of fd passing

[PATCH 4.2 06/61] ipv6: Avoid creating RTF_CACHE from a rt that is not managed by fib6 tree

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Martin KaFai Lau [ Upstream commit 0d3f6d297bfb7af24d0508460fdb3d1ec4903fa3 ] The original bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1272571 The setup has a IPv4 GRE tunnel

[PATCH 4.2 08/61] ipv6: Check rt->dst.from for the DST_NOCACHE route

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Martin KaFai Lau [ Upstrem commit 02bcf4e082e4dc634409a6a6cb7def8806d6e5e6 ] All DST_NOCACHE rt6_info used to have rt->dst.from set to its parent. After commit 8e3d5be73681 ("ipv6: Avoid

[PATCH 4.2 07/61] ipv6: Check expire on DST_NOCACHE route

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Martin KaFai Lau [ Upstream commit 5973fb1e245086071bf71994c8b54d99526ded03 ] Since the expires of the DST_NOCACHE rt can be set during the ip6_rt_update_pmtu(), we also need to consider the

[PATCH 4.2 48/61] ext4 crypto: fix memory leak in ext4_bio_write_page()

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 937d7b84dca58f2565715f2c8e52f14c3d65fb22 upstream. There are times when ext4_bio_write_page() is called even though we don't actually need to do any I/O. This happens

Re: [RFC] kprobe'ing conditionally executed instructions

On 12/12/2015 01:48 PM, William Cohen wrote: On 12/12/2015 12:56 AM, David Long wrote: On 12/11/2015 11:09 AM, William Cohen wrote: On 12/11/2015 12:05 AM, David Long wrote: There is a moderate amount of code already in kprobes on ARM and the current ARMv8 patch to deal with conditional

[PATCH 4.2 30/61] ipv6: distinguish frag queues by device for multicast and link-local packets

4.2-stable review patch. If anyone has any objections, please let me know. -- From: =?UTF-8?q?Michal=20Kube=C4=8Dek?= [ Upstream commit 264640fc2c5f4f913db5c73fa3eb1ead2c45e9d7 ] If a fragmented multicast packet is received on an ethernet device which has an active macvlan on

[PATCH 4.2 09/61] tools/net: Use include/uapi with __EXPORTED_HEADERS__

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Kamal Mostafa [ Upstream commit d7475de58575c904818efa369c82e88c6648ce2e ] Use the local uapi headers to keep in sync with "recently" added #define's (e.g. SKF_AD_VLAN_TPID). Refactored

[PATCH 4.2 22/61] tcp: md5: fix lockdep annotation

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 1b8e6a01e19f001e9f93b39c32387961c91ed3cc ] When a passive TCP is created, we eventually call tcp_md5_do_add() with sk pointing to the child. It is not owner by

[PATCH 4.2 24/61] tcp: fix potential huge kmalloc() calls in TCP_REPAIR

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 5d4c9bfbabdb1d497f21afd81501e5c54b0c85d9 ] tcp_send_rcvq() is used for re-injecting data into tcp receive queue. Problems : - No check against size is

[PATCH 4.2 23/61] tcp: disable Fast Open on timeouts after handshake

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Yuchung Cheng [ Upstream commit 0e45f4da5981895e885dd72fe912a3f8e32bae73 ] Some middle-boxes black-hole the data after the Fast Open handshake

[PATCH 4.2 27/61] net: ipmr: fix static mfc/dev leaks on table destruction

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Nikolay Aleksandrov [ Upstream commit 0e615e9601a15efeeb8942cf7cd4dadba0c8c5a7 ] When destroying an mrt table the static mfc entries and the static devices are kept, which leads to devices

[PATCH 4.2 29/61] broadcom: fix PHY_ID_BCM5481 entry in the id table

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Aaro Koskinen [ Upstream commit 3c25a860d17b7378822f35d8c9141db9507e3beb ] Commit fcb26ec5b18d ("broadcom: move all PHY_ID's to header") updated broadcom_tbl to use PHY_IDs, but incorrectly

[PATCH 4.2 25/61] tcp: initialize tp->copied_seq in case of cross SYN connection

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 142a2e7ece8d8ac0e818eb2c91f99ca894730e2a ] Dmitry provided a syzkaller (http://github.com/google/syzkaller) generated program that triggers the WARNING at

[PATCH 4.2 14/61] packet: fix tpacket_snd max frame len

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 5cfb4c8d05b4409c4044cb9c05b19705c1d9818b ] Since it's introduction in commit 69e3c75f4d54 ("net: TX_RING and packet mmap"), TX_RING could be used from

[PATCH 4.2 28/61] net: ip6mr: fix static mfc/dev leaks on table destruction

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Nikolay Aleksandrov [ Upstream commit 4c6980462f32b4f282c5d8e5f7ea8070e2937725 ] Similar to ipv4, when destroying an mrt table the static mfc entries and the static devices are kept, which

[PATCH 4.2 26/61] net, scm: fix PaX detected msg_controllen overflow in scm_detach_fds

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 6900317f5eff0a7070c5936e5383f589e0de7a09 ] David and HacKurx reported a following/similar size overflow triggered in a grsecurity kernel, thanks to PaX's gcc

[PATCH 4.2 43/61] Btrfs: fix race leading to incorrect item deletion when dropping extents

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit aeafbf8486c9e2bd53f5cc3c10c0b7fd7149d69c upstream. While running a stress test I got the following warning triggered: [191627.672810] [ cut here

[PATCH 4.2 12/61] packet: only allow extra vlan len on ethernet devices

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 3c70c132488794e2489ab045559b0ce0afcf17de ] Packet sockets can be used by various net devices and are not really restricted to ARPHRD_ETHER device types.

[PATCH 4.2 45/61] Btrfs: fix race when listing an inodes xattrs

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit f1cd1f0b7d1b5d4aaa5711e8f4e4898b0045cb6d upstream. When listing a inode's xattrs we have a time window where we race against a concurrent operation for adding a new hard

[PATCH 4.2 46/61] btrfs: fix signed overflows in btrfs_sync_file

4.2-stable review patch. If anyone has any objections, please let me know. -- From: David Sterba commit 9dcbeed4d7e11e1dcf5e55475de3754f0855d1c2 upstream. The calculation of range length in btrfs_sync_file leads to signed overflow. This was caught by PaX gcc SIZE_OVERFLOW

[PATCH 4.2 44/61] Btrfs: fix race leading to BUG_ON when running delalloc for nodatacow

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit 1d512cb77bdbda80f0dd0620a3b260d697fd581d upstream. If we are using the NO_HOLES feature, we have a tiny time window when running delalloc for a nodatacow inode where we

[PATCH 4.2 13/61] packet: infer protocol from ethernet header if unset

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit c72219b75fde768efccf7666342282fab7f9e4e7 ] In case no struct sockaddr_ll has been passed to packet socket's sendmsg() when doing a TX_RING flush run, then

[PATCH 4.2 20/61] snmp: Remove duplicate OUTMCAST stat increment

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Neil Horman [ Upstream commit 41033f029e393a64e81966cbe34d66c6cf8a2e7e ] the OUTMCAST stat is double incremented, getting bumped once in the mcast code itself, and again in the common ip

[PATCH 4.2 31/61] RDS: fix race condition when sending a message on unbound socket

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Quentin Casasnovas [ Upstream commit 8c7188b23474cca017b3ef354c4a58456f68303a ] Sasha's found a NULL pointer dereference in the RDS connection code when sending a message to an apparently

[PATCH 4.2 33/61] ipv6: add complete rcu protection around np->opt

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 45f6fad84cc305103b28d73482b344d7f5b76f39 ] This patch addresses multiple problems : UDP/RAW sendmsg() need to get a stable struct ipv6_txoptions while socket is

[PATCH 4.2 01/61] af-unix: fix use-after-free with concurrent readers while splicing

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Hannes Frederic Sowa [ Upstream commit 73ed5d25dce0354ea381d6dc93005c3085fae03d ] During splicing an af-unix socket to a pipe we have to drop all af-unix socket locks. While doing so we allow

[PATCH 4.2 10/61] packet: do skb_probe_transport_header when we actually have data

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit efdfa2f7848f64517008136fb41f53c4a1faf93a ] In tpacket_fill_skb() commit c1aad275b029 ("packet: set transport header before doing xmit") and later on

[PATCH 4.2 11/61] packet: always probe for transport header

4.2-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 8fd6c80d9dd938ca338c70698533a7e304752846 ] We concluded that the skb_probe_transport_header() should better be called unconditionally. Avoiding the call into

[PATCH 4.2 00/61] 4.2.8-stable review

=== NOTE: This is the last 4.2.y kernel to be released, unless something major comes up, it is end-of-life after this release. Everyone should have moved to 4.3.y by now, you have been warned. === This is the start of the stable review

Re: NFS issue on v4.4-rc3

Ping ? On Saturday 05 December 2015 00:53:24 Laurent Pinchart wrote: > Hello, > > I ran into the following warning when running v4.4-rc3 on a TI OMAP4 > (pandaboard) using nfsroot. > > [ 8063.208526] [ cut here ] > [ 8063.213653] WARNING: CPU: 1 PID: 81 at

Re: [PATCH 1/7] iscsi-target: Use a variable initialisation in iscsi_set_default_param() directly

On Sat, Dec 12, 2015 at 03:34:50PM +0100, SF Markus Elfring wrote: > From: Markus Elfring > Date: Sat, 12 Dec 2015 11:36:02 +0100 > > Omit the unnecessary setting to a null pointer for the variable "param" > at the beginning of the function "iscsi_set_default_param" > because it can be directly

[PATCH 4.1 01/45] unix: avoid use-after-free in ep_remove_wait_queue

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Rainer Weikusat [ Upstream commit 7d267278a9ece963d77eefec61630223fce08c6c ] Rainer Weikusat writes: An AF_UNIX datagram socket being the client in an n:1 association with some server socket

[PATCH 4.1 12/45] tcp: md5: fix lockdep annotation

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 1b8e6a01e19f001e9f93b39c32387961c91ed3cc ] When a passive TCP is created, we eventually call tcp_md5_do_add() with sk pointing to the child. It is not owner by

[PATCH 4.1 10/45] snmp: Remove duplicate OUTMCAST stat increment

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Neil Horman [ Upstream commit 41033f029e393a64e81966cbe34d66c6cf8a2e7e ] the OUTMCAST stat is double incremented, getting bumped once in the mcast code itself, and again in the common ip

[PATCH 4.1 14/45] tcp: fix potential huge kmalloc() calls in TCP_REPAIR

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 5d4c9bfbabdb1d497f21afd81501e5c54b0c85d9 ] tcp_send_rcvq() is used for re-injecting data into tcp receive queue. Problems : - No check against size is

[PATCH 4.1 05/45] packet: only allow extra vlan len on ethernet devices

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 3c70c132488794e2489ab045559b0ce0afcf17de ] Packet sockets can be used by various net devices and are not really restricted to ARPHRD_ETHER device types.

[PATCH 4.1 13/45] tcp: disable Fast Open on timeouts after handshake

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Yuchung Cheng [ Upstream commit 0e45f4da5981895e885dd72fe912a3f8e32bae73 ] Some middle-boxes black-hole the data after the Fast Open handshake

[PATCH 4.1 44/45] ceph: fix message length computation

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Arnd Bergmann commit 777d738a5e58ba3b6f3932ab1543ce93703f4873 upstream. create_request_message() computes the maximum length of a message, but uses the wrong type for the time stamp:

[PATCH 4.1 45/45] ALSA: hda/hdmi - apply Skylake fix-ups to Broxton display codec

4.1-stable review patch. If anyone has any objections, please let me know. -- From: "Lu, Han" commit e2656412f2a7343ecfd13eb74bac0a6e6e9c5aad upstream. Broxton and Skylake have the same behavior on display audio. So this patch applys Skylake fix-ups to Broxton.

[PATCH 4.1 04/45] packet: always probe for transport header

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 8fd6c80d9dd938ca338c70698533a7e304752846 ] We concluded that the skb_probe_transport_header() should better be called unconditionally. Avoiding the call into

[PATCH 4.1 03/45] packet: do skb_probe_transport_header when we actually have data

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit efdfa2f7848f64517008136fb41f53c4a1faf93a ] In tpacket_fill_skb() commit c1aad275b029 ("packet: set transport header before doing xmit") and later on

[PATCH 4.1 19/45] broadcom: fix PHY_ID_BCM5481 entry in the id table

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Aaro Koskinen [ Upstream commit 3c25a860d17b7378822f35d8c9141db9507e3beb ] Commit fcb26ec5b18d ("broadcom: move all PHY_ID's to header") updated broadcom_tbl to use PHY_IDs, but incorrectly

[PATCH 4.1 20/45] ipv6: distinguish frag queues by device for multicast and link-local packets

4.1-stable review patch. If anyone has any objections, please let me know. -- From: =?UTF-8?q?Michal=20Kube=C4=8Dek?= [ Upstream commit 264640fc2c5f4f913db5c73fa3eb1ead2c45e9d7 ] If a fragmented multicast packet is received on an ethernet device which has an active macvlan on

[PATCH 4.1 02/45] tools/net: Use include/uapi with __EXPORTED_HEADERS__

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Kamal Mostafa [ Upstream commit d7475de58575c904818efa369c82e88c6648ce2e ] Use the local uapi headers to keep in sync with "recently" added #define's (e.g. SKF_AD_VLAN_TPID). Refactored

[PATCH 4.1 18/45] net: ip6mr: fix static mfc/dev leaks on table destruction

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Nikolay Aleksandrov [ Upstream commit 4c6980462f32b4f282c5d8e5f7ea8070e2937725 ] Similar to ipv4, when destroying an mrt table the static mfc entries and the static devices are kept, which

[PATCH 4.1 17/45] net: ipmr: fix static mfc/dev leaks on table destruction

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Nikolay Aleksandrov [ Upstream commit 0e615e9601a15efeeb8942cf7cd4dadba0c8c5a7 ] When destroying an mrt table the static mfc entries and the static devices are kept, which leads to devices

[PATCH 4.1 16/45] net, scm: fix PaX detected msg_controllen overflow in scm_detach_fds

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 6900317f5eff0a7070c5936e5383f589e0de7a09 ] David and HacKurx reported a following/similar size overflow triggered in a grsecurity kernel, thanks to PaX's gcc

Re: [PATCH] lock_page() doesn't lock if __wait_on_bit_lock returns -EINTR

On Sat, Dec 12, 2015 at 10:33 AM, Linus Torvalds wrote: > > Peter, did that patch also handle just plain "lock_page()" case? Looking more at it, I think this all goes back to commit 743162013d40 ("sched: Remove proliferation of wait_on_bit() action functions"). Before that, we had

[PATCH 4.1 07/45] packet: fix tpacket_snd max frame len

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit 5cfb4c8d05b4409c4044cb9c05b19705c1d9818b ] Since it's introduction in commit 69e3c75f4d54 ("net: TX_RING and packet mmap"), TX_RING could be used from

[PATCH 4.1 37/45] firewire: ohci: fix JMicron JMB38x IT context discovery

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Stefan Richter commit 100ceb66d5c40cc0c7018e06a9474302470be73c upstream. Reported by Clifford and Craig for JMicron OHCI-1394 + SDHCI combo controllers: Often or even most of the time, the

[PATCH 4.1 38/45] nfsd: serialize state seqid morphing operations

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Jeff Layton commit 35a92fe8770ce54c5eb275cd76128645bea2d200 upstream. Andrew was seeing a race occur when an OPEN and OPEN_DOWNGRADE were running in parallel. The server would receive the

[PATCH 4.1 06/45] packet: infer protocol from ethernet header if unset

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Borkmann [ Upstream commit c72219b75fde768efccf7666342282fab7f9e4e7 ] In case no struct sockaddr_ll has been passed to packet socket's sendmsg() when doing a TX_RING flush run, then

[PATCH 4.1 08/45] sctp: translate host order to network order when setting a hmacid

4.1-stable review patch. If anyone has any objections, please let me know. -- From: lucien [ Upstream commit ed5a377d87dc4c87fb3e1f7f698cba38cd893103 ] now sctp auth cannot work well when setting a hmacid manually, which is caused by that we didn't use the network order for

[PATCH 4.1 24/45] net/neighbour: fix crash at dumping device-agnostic proxy entries

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Konstantin Khlebnikov [ Upstream commit 6adc5fd6a142c6e2c80574c1db0c7c17dedaa42e ] Proxy entries could have null pointer to net-device. Signed-off-by: Konstantin Khlebnikov Fixes:

[PATCH 4.1 21/45] RDS: fix race condition when sending a message on unbound socket

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Quentin Casasnovas [ Upstream commit 8c7188b23474cca017b3ef354c4a58456f68303a ] Sasha's found a NULL pointer dereference in the RDS connection code when sending a message to an apparently

[PATCH 4.1 36/45] ext4, jbd2: ensure entering into panic after recording an error in superblock

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Daeho Jeong commit 4327ba52afd03fc4b5afa0ee1d774c9c5b0e85c5 upstream. If a EXT4 filesystem utilizes JBD2 journaling and an error occurs, the journaling will be aborted first and the error

[PATCH 4.1 26/45] net_sched: fix qdisc_tree_decrease_qlen() races

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit 4eaf3b84f2881c9c028f1d5e76c52ab575fe3a66 ] qdisc_tree_decrease_qlen() suffers from two problems on multiqueue devices. One problem is that it updates

[PATCH 4.1 35/45] ext4: fix potential use after free in __ext4_journal_stop

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Lukas Czerner commit 6934da9238da947628be83635e365df41064b09b upstream. There is a use-after-free possibility in __ext4_journal_stop() in the case that we free the handle in the first

[PATCH 4.1 27/45] btrfs: check unsupported filters in balance arguments

4.1-stable review patch. If anyone has any objections, please let me know. -- From: David Sterba commit 849ef9286f30c88113906dc35f44a499c0cb385d upstream. We don't verify that all the balance filter arguments supplemented by the flags are actually known to the kernel. Thus we

[PATCH 4.1 42/45] nfs: if we have no valid attrs, then dont declare the attribute cache valid

4.1-stable review patch. If anyone has any objections, please let me know. -- From: Jeff Layton commit c812012f9ca7cf89c9e1a1cd512e6c3b5be04b85 upstream. If we pass in an empty nfs_fattr struct to nfs_update_inode, it will (correctly) not update any of the attributes, but it

<    1   2   3   4   5   6   7   8   9   10   >