is patch is to fix it by holding the sock after doing the
> existence check.
>
Nice fix. Thanks Xin!
Reviewed-by: Guillaume Nault
On Fri, Sep 14, 2018 at 04:28:05PM +0200, Guillaume Nault wrote:
> pppoe_rcv() needs to look back at the Ethernet header in order to
> lookup the PPPoE session. Therefore we need to ensure that the mac
> header is big enough to contain an Ethernet header. Otherwise
> eth_hdr(skb)->
430 arch/x86/entry/common.c:287
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
==
Fixes: 224cf5ad14c0 ("ppp: Move the PPP drivers")
Reported-by: syzbot+f5f6080811c849739...@syzkaller.appspotmail.com
Signed-off-by: Guillaume Nault
---
On Sun, Aug 05, 2018 at 01:24:13PM +0200, Guillaume Nault wrote:
> On Fri, Aug 03, 2018 at 12:42:22PM -0700, David Miller wrote:
> > From: Guillaume Nault
> > Date: Fri, 3 Aug 2018 17:00:11 +0200
> >
> > > If 'session' is not NULL and is not a PPP pseudo-wi
On Thu, Aug 09, 2018 at 11:54:05AM -0700, Wei Wang wrote:
> From: Wei Wang
>
> In l2tp code, if it is a L2TP_UDP_ENCAP tunnel, tunnel->sk points to a
> UDP socket. User could call sendmsg() on both this tunnel and the UDP
> socket itself concurrently. As l2tp_xmit_skb() holds socket lock and
the value that was originally passed in 'stats.session_id',
while session sockets have to report their own session_id.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 132 ++--
1 file changed, 53 insertions(+), 79 deletions(-)
diff --git a/net/l2tp/l2t
reference on the socket.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 33 ++---
1 file changed, 6 insertions(+), 27 deletions(-)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index cd43d02484e4..e3ed8d473d91 100644
--- a/net/l2tp/l2tp_ppp.c
+++ b
Return -ENOIOCTLCMD for unknown ioctl commands. This lets dev_ioctl()
handle generic socket ioctls like SIOCGIFNAME or SIOCGIFINDEX.
PF_PPPOX/PX_PROTO_OL2TP was one of the few socket types not honouring
this mechanism.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 2 +-
1 file
Use helper function to figure out if a tunnel is using ipsec.
Also, avoid accessing ->sk_policy directly since it's RCU protected.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.h| 19 +++
net/l2tp/l2tp_netlink.c | 7 +--
net/l2tp/l2tp_ppp.c | 5 +
and it is always nice to see l2tp getting
better integration with the rest of the stack.
Guillaume Nault (8):
l2tp: define l2tp_tunnel_uses_xfrm()
l2tp: split l2tp_session_get()
l2tp: simplify pppol2tp_ioctl()
l2tp: handle PPPIOC[GS]MRU and PPPIOC[GS]FLAGS in pppol2tp_ioctl()
l2tp: remove
Integrate memset(0) in pppol2tp_copy_stats() to avoid calling it
manually every time.
While there, constify 'stats'.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 7 +++
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index
provide both a namespace and a tunnel,
making the semantic of the call unclear.
This patch defines l2tp_tunnel_get_session() for lookups done in a
tunnel and restricts l2tp_session_get() to namespace searches.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.c| 50
ed-off-by: Guillaume Nault
---
include/uapi/linux/ppp-ioctl.h | 2 +-
net/l2tp/l2tp_ppp.c| 50 ++
2 files changed, 4 insertions(+), 48 deletions(-)
diff --git a/include/uapi/linux/ppp-ioctl.h b/include/uapi/linux/ppp-ioctl.h
index 784c2e3e572e..88b5f9
Let pppol2tp_ioctl() handle ioctl commands directly. It still relies on
pppol2tp_{session,tunnel}_ioctl() for PPPIOCGL2TPSTATS.
Signed-off-by: Guillaume Nault
---
Checkpatch does not like the -ENOSYS return value, which should only be
used for non-existing syscalls. I have kept them so
On Fri, Aug 03, 2018 at 12:42:22PM -0700, David Miller wrote:
> From: Guillaume Nault
> Date: Fri, 3 Aug 2018 17:00:11 +0200
>
> > If 'session' is not NULL and is not a PPP pseudo-wire, then we fail to
> > drop the reference taken by l2tp_session_get().
> >
>
If 'session' is not NULL and is not a PPP pseudo-wire, then we fail to
drop the reference taken by l2tp_session_get().
Fixes: ecd012e45ab5 ("l2tp: filter out non-PPP sessions in
pppol2tp_tunnel_ioctl()")
Signed-off-by: Guillaume Nault
---
Sorry for the stupid mistake. I guess I g
y). So let's just ignore it
entirely.
Signed-off-by: Guillaume Nault
---
include/uapi/linux/l2tp.h | 2 +-
net/l2tp/l2tp_core.c | 1 -
net/l2tp/l2tp_core.h | 2 --
net/l2tp/l2tp_debugfs.c | 3 +--
net/l2tp/l2tp_eth.c | 17 +++--
net/l2tp/l2tp_netlink.c | 9
Consolidate retrieval of tunnel's socket mtu in order to simplify
l2tp_eth and l2tp_ppp a bit.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.h | 18 ++
net/l2tp/l2tp_eth.c | 14 --
net/l2tp/l2tp_ppp.c | 15 ---
3 files changed, 26 insertions
off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 67 -
1 file changed, 18 insertions(+), 49 deletions(-)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index 1c6da02f976a..b403728e2757 100644
--- a/net/l2tp/l2tp_ppp.c
+++ b/net/l2tp/l2tp_pp
l_dst_mtu() in order to simplify the
following patches. Then patches #2 and #3 remove MTU handling from PPP
and Ethernet pseudo-wires respectively.
Guillaume Nault (3):
l2tp: define l2tp_tunnel_dst_mtu()
l2tp: simplify MTU handling in l2tp_ppp
l2tp: ignore L2TP_ATTR_MTU
include/uapi/linux/l2
On Fri, Jul 27, 2018 at 07:57:12AM -0700, Stephen Hemminger wrote:
> On Fri, 27 Jul 2018 12:26:28 +0200
> Guillaume Nault wrote:
>
> > Several fields of struct l2tp_parm are handled by create_session() but
> > can't actually be set by user.
> > Most of t
Several fields of struct l2tp_parm are handled by create_session() but
can't actually be set by user.
Most of these fields can also be set by get_response(), but are ignored
afterwards.
Since these fields can't have any visible effect, let's just remove
them.
Guillaume Nault (3):
l2tp: drop
This option is never set.
Signed-off-by: Guillaume Nault
---
ip/ipl2tp.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/ip/ipl2tp.c b/ip/ipl2tp.c
index 41fefb85..5e7f0390 100644
--- a/ip/ipl2tp.c
+++ b/ip/ipl2tp.c
@@ -58,7 +58,6 @@ struct l2tp_parm {
unsigned int udp_csum:1
This option can't be set by user and is never printed.
Signed-off-by: Guillaume Nault
---
ip/ipl2tp.c | 5 -
1 file changed, 5 deletions(-)
diff --git a/ip/ipl2tp.c b/ip/ipl2tp.c
index aca9912c..41fefb85 100644
--- a/ip/ipl2tp.c
+++ b/ip/ipl2tp.c
@@ -53,7 +53,6 @@ struct l2tp_parm
This option can't be set by user and is never printed. Furthermore,
L2TP_ATTR_DATA_SEQ has always been a noop in Linux.
Signed-off-by: Guillaume Nault
---
ip/ipl2tp.c | 5 -
1 file changed, 5 deletions(-)
diff --git a/ip/ipl2tp.c b/ip/ipl2tp.c
index 05e96387..aca9912c 100644
--- a/ip
This field is not used.
Treat PPPIOC*MRU the same way as PPPIOC*FLAGS: "get" requests return 0,
while "set" requests vadidate the user supplied pointer but discard its
value.
Signed-off-by: Guillaume Nault
---
include/uapi/linux/l2tp.h | 2 +-
net/l2tp/l2tp_core.c
Several fields of the session structures can be set, but remain unused
otherwise.
This series removes these fields and explicitely ignores the associated
ioctls and netlink attributes.
Guillaume Nault (4):
l2tp: ignore L2TP_ATTR_DATA_SEQ netlink attribute
l2tp: ignore L2TP_ATTR_VLAN_ID
This field is not used.
Keep validating user input in PPPIOCSFLAGS. Even though we discard the
value, it would look wrong to succeed if an invalid address was passed
from userspace.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 13 ++---
1 file changed, 2 insertions(+), 11
The value of this attribute is never used.
Signed-off-by: Guillaume Nault
---
include/uapi/linux/l2tp.h | 7 ---
net/l2tp/l2tp_core.h | 8
net/l2tp/l2tp_debugfs.c | 4 +---
net/l2tp/l2tp_netlink.c | 6 --
4 files changed, 5 insertions(+), 20 deletions(-)
diff --git
The value of this attribute is never used.
Signed-off-by: Guillaume Nault
---
include/uapi/linux/l2tp.h | 4 ++--
net/l2tp/l2tp_core.h | 1 -
net/l2tp/l2tp_netlink.c | 3 ---
3 files changed, 2 insertions(+), 6 deletions(-)
diff --git a/include/uapi/linux/l2tp.h b/include/uapi/linux
On Wed, Jul 25, 2018 at 02:53:33PM +0200, Guillaume Nault wrote:
> The tunnel reception hook is only used by l2tp_ppp for skipping PPP
> framing bytes. This is a session specific operation, but once a PPP
> session sets ->recv_payload_hook on its tunnel, all frames received by
net sessions (an L2TPv3 tunnel can multiplex PPP and
Ethernet sessions).
So this mechanism is wrong, and uselessly complex. Let's just move this
functionality to the pppol2tp rx handler and drop ->recv_payload_hook.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.c | 16 ---
().
A new structure, l2tp_connect_info, is used to pass sockaddr data back
to pppol2tp_connect(), to avoid passing too many parameters to
l2tp_sockaddr_get_info(). Also, the first parameter is void* in order
to avoid casting between all sockaddr_* structures manually.
Signed-off-by: Guillaume Nault
This function is only used in l2tp_core.c.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.c | 3 +--
net/l2tp/l2tp_core.h | 1 -
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 40261cb68e83..3adef4c35a3a 100644
--- a/net
This function is only used in l2tp_core.c.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.c | 3 +--
net/l2tp/l2tp_core.h | 1 -
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 3adef4c35a3a..96e31f2ae7cd 100644
--- a/net
This callback has never been implemented.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.h| 3 ---
net/l2tp/l2tp_debugfs.c | 3 ---
2 files changed, 6 deletions(-)
diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h
index c199020f8a8a..b21c20a4e08f 100644
--- a/net/l2tp
It always returns 0, and nobody reads the return value anyway.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 88c3001531b4..1ea285bad84b 100644
--- a/net/l2tp
l2tp_core.c verifies that ->session_close() is defined before calling
it. There's no need for a stub.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 7 ---
1 file changed, 7 deletions(-)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index 55188382845c..eea5d7844
Replace 'l2tp_pernet(tunnel->l2tp_net)' with 'pn', which has been set
on the preceding line.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
index 96e31f2ae7cd..88c300153
This function, and the associated .priv field, are unused.
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_core.h | 7 ---
1 file changed, 7 deletions(-)
diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h
index b21c20a4e08f..15e1171ecf7b 100644
--- a/net/l2tp/l2tp_core.h
+++ b/net
Just a set of unrelated trivial cleanups (remove unused code, make
local functions static, etc.).
Guillaume Nault (7):
l2tp: remove pppol2tp_session_close()
l2tp: remove .show from struct l2tp_tunnel
l2tp: remove l2tp_tunnel_priv()
l2tp: don't export l2tp_session_queue_purge()
l2tp
() points to an l2tp_eth_sess
structure instead, making pppol2tp_session_ioctl() access invalid
memory.
Fixes: d9e31d17ceba ("l2tp: Add L2TP ethernet pseudowire support")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
tunnels can only transport PPP sessions is right, but
l2tp_netlink failed to ensure that (fixed in patch 1).
When retrieving a session from an arbitrary tunnel, l2tp_ppp needs to
filter out non-PPP sessions (last occurrence fixed in patch 2).
Guillaume Nault (2):
l2tp: reject creation of non-PPP
2tp: Add L2TP ethernet pseudowire support")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_netlink.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c
index 6616c9fd292f..5b9900889e31 100644
--- a/net/l2tp/l2tp_netlink.c
+
, pppol2tp_connect() should refuse to
connect a session that is not PPPoL2TP, but that requires the session's
.pwtype field to be properly set.
Fixes: f7faffa3ff8e ("l2tp: Add L2TPv3 protocol support")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 1 +
1 file changed, 1 insertion(+)
diff -
there's no way to
get them from the current connect() parameters. So let's restrict
kernel sockets creation to the netlink API, which is the original use
case.
Fixes: 789a4a2c61d8 ("l2tp: Add support for static unmanaged L2TPv3 tunnels")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp
. It depends on patch 1 for correctly
identifying L2TP session types.
Patches 3 and 4 avoid creating stale tunnels and sessions.
Guillaume Nault (4):
l2tp: fix pseudo-wire type for sessions created by pppol2tp_connect()
l2tp: only accept PPP sessions in pppol2tp_connect()
l2tp: prevent
memory dereference when trying to lock ps->sk_lock.
Fixes: d9e31d17ceba ("l2tp: Add L2TP ethernet pseudowire support")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index
pppol2tp_connect() may create a tunnel or a session. Remove them in
case of error.
Fixes: fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp
parts")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 10 ++
1 file changed, 10 insertions(+)
diff --git
On Tue, Jun 05, 2018 at 09:41:24AM -0400, David Miller wrote:
> From: Guillaume Nault
> Date: Mon, 4 Jun 2018 18:52:19 +0200
>
> > Commit d02ba2a6110c ("l2tp: fix race in pppol2tp_release with session
> > object destroy") tried to fix a race condition where a PPPo
nnected.
Fixes: d02ba2a6110c ("l2tp: fix race in pppol2tp_release with session object
destroy")
Signed-off-by: Guillaume Nault
---
net/l2tp/l2tp_ppp.c | 35 +--
1 file changed, 17 insertions(+), 18 deletions(-)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp
table submissions himself.
Using a 'PATCH net' subject prefix would have made it clear that this
patch was fixing some released code and should be considered for -stable
backport.
Reviewed-by: Guillaume Nault <g.na...@alphalink.fr>
Tested-by: Guillaume Nault <g.na...@alphalink.fr>
On Tue, May 22, 2018 at 08:59:52PM -0700, Eric Biggers wrote:
> From: Eric Biggers
>
> The PPPIOCDETACH ioctl effectively tries to "close" the given ppp file
> before f_count has reached 0, which is fundamentally a bad idea. It
> does check 'f_count < 2', which excludes
On Tue, May 22, 2018 at 08:29:58PM -0700, Eric Biggers wrote:
> On Fri, May 18, 2018 at 06:02:23PM +0200, Guillaume Nault wrote:
> > On Sun, May 13, 2018 at 11:11:55PM -0700, Eric Biggers wrote:
> > > [+ppp list and maintainer]
> > >
> > > This is a bug in ppp_
On Sun, May 13, 2018 at 11:11:55PM -0700, Eric Biggers wrote:
> [+ppp list and maintainer]
>
> This is a bug in ppp_generic.c; it still happens on Linus' tree and it's
> easily
> reproducible, see program below. The bug is that the PPPIOCDETACH ioctl
> doesn't
> consider that the file can
On Thu, May 17, 2018 at 02:09:03PM -0400, David Miller wrote:
> From: Guillaume Nault <g.na...@alphalink.fr>
> Date: Thu, 17 May 2018 19:41:47 +0200
>
> > On Thu, Nov 16, 2017 at 10:13:28AM +0900, David Miller wrote:
> >> From: Guillaume Nault <g.na...@alphalink.f
On Thu, Nov 16, 2017 at 10:13:28AM +0900, David Miller wrote:
> From: Guillaume Nault <g.na...@alphalink.fr>
> Date: Wed, 15 Nov 2017 17:20:46 +0100
>
> > Can you please queue commit 46f1c52e66db
> > ("nfp: TX time stamp packets before HW doorbell is ru
On Tue, May 08, 2018 at 09:45:25PM -0700, Eric Biggers wrote:
> On Sun, Jan 28, 2018 at 11:24:01AM -0800, syzbot wrote:
> > Hello,
> >
> > syzbot hit the following crash on net-next commit
> > 6bb46bc57c8e9ce947cc605e555b7204b44d2b10 (Fri Jan 26 16:00:23 2018 +)
> > Merge branch
On Fri, Apr 27, 2018 at 06:24:24PM +0200, Guillaume Nault wrote:
> exact consequences. That being said if you consider the risk is
> sufficiently low, you can always submit the patch to net-next.
Humm, forget it. I didn't see David's reply before answering.
On Fri, Apr 27, 2018 at 11:51:31AM -0400, Kevin Easton wrote:
> On Fri, Apr 27, 2018 at 05:39:06PM +0200, Guillaume Nault wrote:
> > On Fri, Apr 27, 2018 at 08:23:16AM -0400, Kevin Easton wrote:
> ...
> > > There's another bug here - pppoe_connect() should also be validatin
On Fri, Apr 27, 2018 at 11:06:55AM -0400, David Miller wrote:
> From: Guillaume Nault <g.na...@alphalink.fr>
> Date: Wed, 25 Apr 2018 19:54:14 +0200
>
> > The 'pppol2tp' procfs and 'l2tp/tunnels' debugfs files handle reference
> > counting of sessions d
On Fri, Apr 27, 2018 at 08:23:16AM -0400, Kevin Easton wrote:
> On Mon, Apr 23, 2018 at 04:38:27PM +0200, Guillaume Nault wrote:
> > We must validate sockaddr_len, otherwise userspace can pass fewer data
> > than we expect and we end up accessing invalid data.
> >
> >
(rather than in .show()). If necessary
(if dump stops before *_next_session() returns NULL), drop the last
reference in .stop().
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp/l2tp_debugfs.c | 20 +---
net/l2tp/l2tp_ppp.c | 21 +
2
manually.
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp/l2tp_ppp.c | 169 ++--
1 file changed, 101 insertions(+), 68 deletions(-)
This patch originates from an attempt to remove the
'/* bad socket address */' else clause that became ob
On Tue, Apr 24, 2018 at 03:18:53PM +0200, Luc Van Oostenryck wrote:
> The method ndo_start_xmit() is defined as returning an 'netdev_tx_t',
> which is a typedef for an enum type, but the implementation in this
> driver returns an 'int'.
>
> Fix this by returning 'netdev_tx_t' in this driver too.
On Mon, Apr 23, 2018 at 09:11:22PM -0400, David Miller wrote:
> From: Guillaume Nault <g.na...@alphalink.fr>
> Date: Mon, 23 Apr 2018 16:15:14 +0200
>
> > Check sockaddr_len before dereferencing sp->sa_protocol, to ensure that
> > it actually points to valid data
On Mon, Apr 23, 2018 at 01:23:01AM -0700, syzbot wrote:
> Hello,
>
> syzbot hit the following crash on https://github.com/google/kmsan.git/master
> commit
> a7f95e9c8a95e9fbb388c3999b61a17667cd3bbe (Sat Apr 21 13:50:22 2018 +)
> kmsan: disable assembly checksums
> syzbot dashboard link:
>
We must validate sockaddr_len, otherwise userspace can pass fewer data
than we expect and we end up accessing invalid data.
Fixes: 224cf5ad14c0 ("ppp: Move the PPP drivers")
Reported-by: syzbot+4f03bdf92fdf9ef5d...@syzkaller.appspotmail.com
Signed-off-by: Guillaume Nault <g.na...
Check sockaddr_len before dereferencing sp->sa_protocol, to ensure that
it actually points to valid data.
Fixes: fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp
parts")
Reported-by: syzbot+a70ac890b23b1bf29...@syzkaller.appspotmail.com
Signed-off-by: Guillaum
non-NULL tunnel when pd->session is set.
The l2tp_debugfs module has the same issue. Fix it in the same way.
Fixes: 0e0c3fee3a59 ("l2tp: hold reference on tunnels printed in pppol2tp proc
file")
Fixes: f726214d9b23 ("l2tp: hold reference on tunnels printed in l2tp/tunnels
debug
On Fri, Apr 13, 2018 at 10:57:03AM -0400, David Miller wrote:
> From: Guillaume Nault <g.na...@alphalink.fr>
> Date: Thu, 12 Apr 2018 20:50:33 +0200
>
> > l2tp_tunnel_find_nth() is unsafe: no reference is held on the returned
> > tunnel, therefore it can be fre
reference. However, in case of error, pppol2tp_seq_stop() is called
directly, so we have to drop the reference there.
Fixes: fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp
parts")
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp
the last
accessed tunnel in l2tp_dfs_seq_stop().
That was the last use of l2tp_tunnel_find_nth().
Fixes: 0ad6614048cf ("l2tp: Add debugfs files for dumping l2tp debug info")
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp/l2tp_core.c| 20 --
Using l2tp_tunnel_find_nth() is racy, because the returned tunnel can
go away as soon as this function returns. This series introduce
l2tp_tunnel_get_nth() as a safe replacement to fixes these races.
With this series, all unsafe tunnel/session lookups are finally gone.
Guillaume Nault (3
using the tunnel.
Convert netlink dumps to make them safe against concurrent tunnel
deletion.
Fixes: 309795f4bec2 ("l2tp: Add netlink control API for L2TP")
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp/l2tp_core.c| 20
net/l2tp/l2t
pppol2tp patch into separate l2tp and ppp
parts")
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp/l2tp_core.c| 192 ++--
net/l2tp/l2tp_core.h| 3 +
net/l2tp/l2tp_netlink.c | 16 +++-
net/l2tp/l2tp_ppp.c | 9 ++
4
for
duplicate tunnels in a race-free way. This is done in patch #2, which
incidentally removes the last use of l2tp_tunnel_find().
Guillaume Nault (2):
l2tp: fix races in tunnel creation
l2tp: fix race in duplicate tunnel detection
net/l2tp/l2tp_core.c| 225
as it isn't use anywhere
anymore.
Fixes: 309795f4bec2 ("l2tp: Add netlink control API for L2TP")
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
net/l2tp/l2tp_core.c| 35 ++-
net/l2tp/l2tp_core.h| 1 -
net/l2tp/l2tp_netlink.c | 6
On Tue, Apr 10, 2018 at 11:28:10AM +0530, tejas...@codeaurora.org wrote:
> On 2018-04-09 20:34, David Miller wrote:
> > From: Tejaswi Tanikella
> > Date: Mon, 9 Apr 2018 14:23:49 +0530
> >
> > > @@ -673,6 +677,7 @@ struct slcompress *
> > > if (cs->cs_tcp.doff > 5)
> >
No 'g' to hairpin.
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
bridge/link.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bridge/link.c b/bridge/link.c
index 579d57e7..8d89aca2 100644
--- a/bridge/link.c
+++ b/bridge/link.c
@@ -312,7 +312,7 @@ stat
The offset and peer_offset parameters are only printed to avoid
confusing external scripts that may parse "ip l2tp show session"
output. There's no reason to keep them in JSON.
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
ip/ipl2tp.c | 5 +++--
1 file changed, 3
On Wed, Apr 04, 2018 at 04:43:10PM -0700, Stephen Hemminger wrote:
> On Tue, 3 Apr 2018 17:39:54 +0200
> Guillaume Nault <g.na...@alphalink.fr> wrote:
>
> > Ignore options "peer-offset" and "offset" when creating sessions. Keep
> > them when dumpi
Ignore options "peer-offset" and "offset" when creating sessions. Keep
them when dumping sessions in order to avoid breaking external scripts.
"peer-offset" has always been a noop in iproute2. "offset" is now
ignored in Linux 4.16 (and was broken befor
On Sat, Mar 24, 2018 at 11:29:42PM -0700, Joel Fernandes wrote:
> On Fri, Mar 23, 2018 at 1:41 PM, Thomas Gleixner wrote:
> > On Fri, 23 Mar 2018, Joel Fernandes wrote:
> >> On Fri, Mar 23, 2018 at 2:11 AM, Thomas Gleixner
> >> wrote:
> >> > On Thu, 22
On Thu, Mar 22, 2018 at 05:55:30PM -0700, Daniel Rosenberg wrote:
> f3c66d4e144a0904ea9b95d23ed9f8eb38c11bfb l2tp: prevent creation of
> sessions on terminated tunnels
> 9ee369a405c57613d7c83a3967780c3e30c52ecc l2tp: initialise session's
> refcount before making it reachable
>
On Wed, Mar 21, 2018 at 09:03:57AM +0800, xu heng wrote:
> Yes, i have tested it for 146390 seconds in my board, it's ok now. Thanks!
>
Feel free to add your Tested-by tag to the patch if you want to.
Thanks for your report.
Guillaume
BTW, for your future exchanges on the list, please avoid
old_dport;
> int addr_type;
> int err;
>
Acked-by: Guillaume Nault <g.na...@alphalink.fr>
5454a565836 ("ppp: avoid dealock on recursive xmit")
Signed-off-by: Guillaume Nault <g.na...@alphalink.fr>
---
drivers/net/ppp/ppp_generic.c | 26 ++
1 file changed, 14 insertions(+), 12 deletions(-)
diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/
On Fri, Mar 16, 2018 at 09:02:40PM +0100, Guillaume Nault wrote:
> On Fri, Mar 16, 2018 at 02:49:40PM +0800, xu heng wrote:
> >
> > For testing, in __ppp_channel_push(), disable sending anything from
> > the attached unit, just disable __ppp_xmit_process(ppp) in
&
On Fri, Mar 16, 2018 at 02:49:40PM +0800, xu heng wrote:
>
> For testing, in __ppp_channel_push(), disable sending anything from
> the attached unit, just disable __ppp_xmit_process(ppp) in
> __ppp_channel_push(). In my opinion, __ppp_xmit_process() should only called
> by
On Wed, Mar 14, 2018 at 08:02:17AM -0700, Stephen Hemminger wrote:
>
>
> Begin forwarded message:
>
> Date: Wed, 14 Mar 2018 06:56:09 +
> From: bugzilla-dae...@bugzilla.kernel.org
> To: step...@networkplumber.org
> Subject: [Bug 199109] New: pptp: kernel printk "recursion detected", and
On Thu, Mar 15, 2018 at 12:10:57PM +0300, Kirill Tkhai wrote:
> Init method is rather simple. Exit method queues del_work
> for every tunnel from per-net list. This seems to be safe
> to be marked async.
>
Acked-by: Guillaume Nault <g.na...@alphalink.fr>
eries:
Reviewed-by: Guillaume Nault <g.na...@alphalink.fr>
On Mon, Mar 12, 2018 at 09:53:18AM +0100, Paolo Abeni wrote:
> On Fri, 2018-03-09 at 19:26 +0100, Guillaume Nault wrote:
> > On Fri, Mar 09, 2018 at 06:58:00PM +0100, Paolo Abeni wrote:
> > > The single threaded reproducer does not trigger anymore after 1/2,
> > > _but
On Fri, Mar 09, 2018 at 06:58:00PM +0100, Paolo Abeni wrote:
> On Fri, 2018-03-09 at 18:47 +0100, Guillaume Nault wrote:
> > On Fri, Mar 09, 2018 at 06:04:03PM +0100, Paolo Abeni wrote:
> > > Hi,
> > >
> > > On Fri, 2018-03-09 at 17:43 +0100, Guillaume Nault wr
On Fri, Mar 09, 2018 at 06:04:03PM +0100, Paolo Abeni wrote:
> Hi,
>
> On Fri, 2018-03-09 at 17:43 +0100, Guillaume Nault wrote:
> > > diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
> > > index 83421c6f0bef..9726e3f37745 100644
> > > --- a/net/l
> diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
> index 83421c6f0bef..9726e3f37745 100644
> --- a/net/l2tp/l2tp_core.c
> +++ b/net/l2tp/l2tp_core.c
> @@ -1112,11 +1125,32 @@ int l2tp_xmit_skb(struct l2tp_session *session,
> struct sk_buff *skb, int hdr_len
> goto
On Thu, Mar 08, 2018 at 03:37:27PM +0100, Paolo Abeni wrote:
> When creating a new socket, l2tp_tunnel_create() ensures that
> such socket is connected, but when using a socket provided by
> the user space, no check is done on the socket state.
>
> This may foul the later check for ipv6 sockets
On Tue, Mar 06, 2018 at 07:54:53AM -0800, Eric Dumazet wrote:
> From: Eric Dumazet
>
> In another patch, we shall replace all pr_err() by less intrusive
> pr_debug() so that syzkaller can find other bugs faster.
>
Or maybe just remove them entirely. These messages aren't
d, missing checks have been the source of so many reports.
Acked-by: Guillaume Nault <g.na...@alphalink.fr>
1 - 100 of 417 matches
Mail list logo