[PATCH net-next] ptr_ring: fix integer overflow

We try to allocate one more entry for lockless peeking. The adding operation may overflow which causes zero to be passed to kmalloc(). In this case, it returns ZERO_SIZE_PTR without any notice by ptr ring. Try to do producing or consuming on such ring will lead NULL dereference. Fix this detect

[PATCH net] ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only

If a sk_v6_rcv_saddr is !IPV6_ADDR_ANY and !IPV6_ADDR_MAPPED, it implicitly implies it is an ipv6only socket. However, in inet6_bind(), this addr_type checking and setting sk->sk_ipv6only to 1 are only done after sk->sk_prot->get_port(sk, snum) has been completed successfully. This inconsistency

linux-next: manual merge of the net-next tree with the vfs tree

Hi all, Today's linux-next merge of the net-next tree got a conflict in: net/tipc/socket.c between commit: ade994f4f6c8 ("net: annotate ->poll() instances") from the vfs tree and commit: 60c253069632 ("tipc: fix race between poll() and setsockopt()") from the net-next tree. I fixed

Re: [PATCH] net/mlx4_en: ensure rx_desc updating reaches HW before prod db updating

Hi Eric Thanks for you kindly response and suggestion. That's really appreciated. Jianchao On 01/25/2018 11:55 AM, Eric Dumazet wrote: > On Thu, 2018-01-25 at 11:27 +0800, jianchao.wang wrote: >> Hi Tariq >> >> On 01/22/2018 10:12 AM, jianchao.wang wrote: > On 19/01/2018 5:49 PM, Eric

[RFC] net: qcom/emac: mdiobus-dev fwnode should point to emac-adev

mdiobus always try to get a GPIO "reset" consumer, based on ACPI the GPIO should be described in emac-adev _DSD or _CRS. ACPI uses mido common API to register, however mdio->dev->fwnode is not pointing to any adev. So the "reset" consumer can never be found. OF has done this by using an

Re: [PATCH v2 net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}

Eric Dumazet wrote: > From: Eric Dumazet > > It looks like syzbot found its way into netfilter territory. > > Issue here is that @name comes from user space and might > not be null terminated. > > Out-of-bound reads happen, KASAN is not happy. > >

Re: [PATCH] cls_flower: check if filter is in HW before calling fl_hw_destroy_filter()

On Wed, Jan 24, 2018 at 9:37 PM, Jiri Pirko wrote: > Wed, Jan 24, 2018 at 12:42:55PM CET, sathya.pe...@broadcom.com wrote: >>When a filter cannot be added in HW (i.e, fl_hw_replace_filter() returns >>error), the TCA_CLS_FLAGS_IN_HW flag is not set in the filter flags. >> >>This

Re: [PATCH] cls_flower: check if filter is in HW before calling fl_hw_destroy_filter()

On Thu, Jan 25, 2018 at 3:53 AM, Jakub Kicinski wrote: > > On Wed, 24 Jan 2018 17:12:55 +0530, Sathya Perla wrote: > > When a filter cannot be added in HW (i.e, fl_hw_replace_filter() returns > > error), the TCA_CLS_FLAGS_IN_HW flag is not set in the filter flags. > > > > This

Re: [v2] wcn36xx: release resources in case of error

Ramon Fried wrote: > wcn36xx_dxe_init() doesn't check for the return value of > wcn36xx_dxe_init_descs(), release the resources in case an error ocurred. > > Signed-off-by: Ramon Fried > Signed-off-by: Kalle Valo Patch

[PATCH v2 4/4] net: check the size of a packet in validate_xmit_skb

There are a number of paths where an oversize skb could be sent to a driver. The driver should not be required to check for this - the core layer should do it instead. Add a check to validate_xmit_skb that checks both GSO and non-GSO packets and drops them if they are too large. Signed-off-by:

[PATCH v2 1/4] net: rename skb_gso_validate_mtu -> skb_gso_validate_network_len

If you take a GSO skb, and split it into packets, will the network length (L3 headers + L4 headers + payload) of those packets be small enough to fit within a given MTU? skb_gso_validate_mtu gives you the answer to that question. However, we're about to add a way to validate the MAC length of a

[PATCH v2 2/4] net: move skb_gso_mac_seglen to skbuff.h

We're about to use this elsewhere, so move it into the header with the other related functions like skb_gso_network_seglen(). Signed-off-by: Daniel Axtens --- include/linux/skbuff.h | 15 +++ net/sched/sch_tbf.c| 10 -- 2 files changed, 15 insertions(+),

[PATCH v2 3/4] net: is_skb_forwardable: check the size of GSO segments

is_skb_forwardable attempts to detect if a packet is too large to be sent to the destination device. However, this test does not consider GSO skbs, and it is possible that a GSO skb, when segmented, will be larger than the device can transmit. Create skb_gso_validate_mac_len, and use that to

[PATCH v2 0/4] Check size of packets before sending

There are a few ways we can send packets that are too large to a network driver. When non-GSO packets are forwarded, we validate their size, based on the MTU of the destination device. However, when GSO packets are forwarded, we do not validate their size. We implicitly assume that when they are

Re: [PATCH 10/10] kill kernel_sock_ioctl()

From: Al Viro Date: Thu, 25 Jan 2018 00:01:25 + > On Wed, Jan 24, 2018 at 03:52:44PM -0500, David Miller wrote: >> >> Al this series looks fine to me, want me to toss it into net-next? > > Do you want them reposted (with updated commit messages), or would > you

Re: [PATCH] net/mlx4_en: ensure rx_desc updating reaches HW before prod db updating

On Thu, 2018-01-25 at 11:27 +0800, jianchao.wang wrote: > Hi Tariq > > On 01/22/2018 10:12 AM, jianchao.wang wrote: > > > > On 19/01/2018 5:49 PM, Eric Dumazet wrote: > > > > > On Fri, 2018-01-19 at 23:16 +0800, jianchao.wang wrote: > > > > > > Hi Tariq > > > > > > > > > > > > Very sad that the

[PATCH net-next 1/2] net: vrf: Add support for sends to local broadcast address

Sukumar reported that sends to the local broadcast address (255.255.255.255) are broken. Check for the address in vrf driver and do not redirect to the VRF device - similar to multicast packets. With this change sockets can use SO_BINDTODEVICE to specify an egress interface and receive responses.

[PATCH net-next 2/2] net/ipv4: Allow send to local broadcast from a socket bound to a VRF

Message sends to the local broadcast address (255.255.255.255) require uc_index or sk_bound_dev_if to be set to an egress device. However, responses or only received if the socket is bound to the device. This is overly constraining for processes running in an L3 domain. This patch allows a socket

[PATCH net-next 0/2] net: vrf: Fix send to local broadcast address

Patch set to fix packet send to the 255.255.255.255 address from a VRF. First patch tell vrf driver to ignore those packets. Second patches updates the uapi to allow sends from sockets bound to an L3 master device. David Ahern (2): net: vrf: Add support for sends to local broadcast address

Re: [PATCH v6 16/36] nds32: DMA mapping API

Hi, Arnd: 2018-01-24 19:36 GMT+08:00 Arnd Bergmann : > On Tue, Jan 23, 2018 at 12:52 PM, Greentime Hu wrote: >> Hi, Arnd: >> >> 2018-01-23 16:23 GMT+08:00 Greentime Hu : >>> Hi, Arnd: >>> >>> 2018-01-18 18:26 GMT+08:00 Arnd Bergmann

[PATCH v3 net-next] net/ipv6: Do not allow route add with a device that is down

IPv6 allows routes to be installed when the device is not up (admin up). Worse, it does not mark it as LINKDOWN. IPv4 does not allow it and really there is no reason for IPv6 to allow it, so check the flags and deny if device is admin down. Signed-off-by: David Ahern --- v3 -

Re: [PATCH] net/mlx4_en: ensure rx_desc updating reaches HW before prod db updating

Hi Tariq On 01/22/2018 10:12 AM, jianchao.wang wrote: >>> On 19/01/2018 5:49 PM, Eric Dumazet wrote: On Fri, 2018-01-19 at 23:16 +0800, jianchao.wang wrote: > Hi Tariq > > Very sad that the crash was reproduced again after applied the patch. >> Memory barriers vary for different

[PATCH bpf-next v9 11/12] bpf: Add BPF_SOCK_OPS_STATE_CB

Adds support for calling sock_ops BPF program when there is a TCP state change. Two arguments are used; one for the old state and another for the new state. There is a new enum in include/uapi/linux/bpf.h that exports the TCP states that prepends BPF_ to the current TCP state names. If it is ever

[PATCH bpf-next v9 01/12] bpf: Only reply field should be writeable

Currently, a sock_ops BPF program can write the op field and all the reply fields (reply and replylong). This is a bug. The op field should not have been writeable and there is currently no way to use replylong field for indices >= 1. This patch enforces that only the reply field (which equals

[PATCH bpf-next v9 07/12] bpf: Add sock_ops RTO callback

Adds an optional call to sock_ops BPF program based on whether the BPF_SOCK_OPS_RTO_CB_FLAG is set in bpf_sock_ops_flags. The BPF program is passed 2 arguments: icsk_retransmits and whether the RTO has expired. Signed-off-by: Lawrence Brakmo --- include/uapi/linux/bpf.h | 5 +

[PATCH bpf-next v9 06/12] bpf: Adds field bpf_sock_ops_cb_flags to tcp_sock

Adds field bpf_sock_ops_cb_flags to tcp_sock and bpf_sock_ops. Its primary use is to determine if there should be calls to sock_ops bpf program at various points in the TCP code. The field is initialized to zero, disabling the calls. A sock_ops BPF program can set it, per connection and as

[PATCH bpf-next v9 08/12] bpf: Add support for reading sk_state and more

Add support for reading many more tcp_sock fields state,same as sk->sk_state rtt_min same as sk->rtt_min.s[0].v (current rtt_min) snd_ssthresh rcv_nxt snd_nxt snd_una mss_cache ecn_flags rate_delivered rate_interval_us packets_out retrans_out total_retrans

[PATCH bpf-next v9 00/12] bpf: More sock_ops callbacks

This patchset adds support for: - direct R or R/W access to many tcp_sock fields - passing up to 4 arguments to sock_ops BPF functions - tcp_sock field bpf_sock_ops_cb_flags for controlling callbacks - optionally calling sock_ops BPF program when RTO fires - optionally calling sock_ops BPF

[PATCH bpf-next v9 04/12] bpf: Add write access to tcp_sock and sock fields

This patch adds a macro, SOCK_OPS_SET_FIELD, for writing to struct tcp_sock or struct sock fields. This required adding a new field "temp" to struct bpf_sock_ops_kern for temporary storage that is used by sock_ops_convert_ctx_access. It is used to store and recover the contents of a register, so

[PATCH bpf-next v9 03/12] bpf: Make SOCK_OPS_GET_TCP struct independent

Changed SOCK_OPS_GET_TCP to SOCK_OPS_GET_FIELD and added 2 arguments so now it can also work with struct sock fields. The first argument is the name of the field in the bpf_sock_ops struct, the 2nd argument is the name of the field in the OBJ struct. Previous: SOCK_OPS_GET_TCP(FIELD_NAME) New:

[PATCH bpf-next v9 05/12] bpf: Support passing args to sock_ops bpf function

Adds support for passing up to 4 arguments to sock_ops bpf functions. It reusues the reply union, so the bpf_sock_ops structures are not increased in size. Signed-off-by: Lawrence Brakmo --- include/linux/filter.h | 1 + include/net/tcp.h| 40

[PATCH bpf-next v9 10/12] bpf: Add BPF_SOCK_OPS_RETRANS_CB

Adds support for calling sock_ops BPF program when there is a retransmission. Three arguments are used; one for the sequence number, another for the number of segments retransmitted, and the last one for the return value of tcp_transmit_skb (0 => success). Does not include syn-ack retransmissions.

[PATCH bpf-next v9 12/12] bpf: add selftest for tcpbpf

Added a selftest for tcpbpf (sock_ops) that checks that the appropriate callbacks occured and that it can access tcp_sock fields and that their values are correct. Run with command: ./test_tcpbpf_user Signed-off-by: Lawrence Brakmo Acked-by: Alexei Starovoitov

[PATCH bpf-next v9 09/12] bpf: Add sock_ops R/W access to tclass

Adds direct write access to sk_txhash and access to tclass for ipv6 flows through getsockopt and setsockopt. Sample usage for tclass: bpf_getsockopt(skops, SOL_IPV6, IPV6_TCLASS, , sizeof(v)) where skops is a pointer to the ctx (struct bpf_sock_ops). Signed-off-by: Lawrence Brakmo

[PATCH bpf-next v9 02/12] bpf: Make SOCK_OPS_GET_TCP size independent

Make SOCK_OPS_GET_TCP helper macro size independent (before only worked with 4-byte fields. Signed-off-by: Lawrence Brakmo --- net/core/filter.c | 13 - 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/net/core/filter.c b/net/core/filter.c index

Re: [net-next 0/8][pull request] 1GbE Intel Wired LAN Driver Updates 2018-01-24

On Wed, Jan 24, 2018 at 1:10 PM, David Miller wrote: > From: Jeff Kirsher > Date: Wed, 24 Jan 2018 12:55:12 -0800 > >> This series contains updates to igb and e1000e only. > > Pulled, however: > >> Corinna Vinschen implements the ability to set

[PATCH net-next] ipv6: raw: use IPv4 raw_sendmsg on v4-mapped IPv6 destinations

Make IPv6 SOCK_RAW sockets operate like IPv6 UDP and TCP sockets with respect to IPv4 mapped addresses by calling IPv4 raw_sendmsg from rawv6_sendmsg to send those messages out. Signed-off-by: Travis Brown Signed-off-by: Ivan Delalande ---

[PATCH] kbuild: make Makefile|Kbuild in each directory optional

It is useful to be able to build single object files, e.g.: $ make net/sched/cls_flower.o W=1 C=2 Currently kbuild does a hard include of a Kbuild or Makefile for directory where that object would reside. Kbuild doesn't cater too well to multi-directory drivers, meaning such drivers will usually

Re: [PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support

On Thu, 25 Jan 2018 01:09:41 +0100, Pablo Neira Ayuso wrote: > This patch adds the infrastructure to offload flows to hardware, in case > the nic/switch comes with built-in flow tables capabilities. > > If the hardware comes with no hardware flow tables or they have > limitations in terms of

[PATCH v2 net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}

From: Eric Dumazet It looks like syzbot found its way into netfilter territory. Issue here is that @name comes from user space and might not be null terminated. Out-of-bound reads happen, KASAN is not happy. v2 added similar fix for xt_request_find_target(), as Florian

Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()

On Thu, 2018-01-25 at 01:13 +0100, Pablo Neira Ayuso wrote: > On Thu, Jan 25, 2018 at 12:50:56AM +0100, Pablo Neira Ayuso wrote: > > On Thu, Jan 25, 2018 at 12:19:52AM +0100, Florian Westphal wrote: > > > Eric Dumazet wrote: > > > > From: Eric Dumazet

[PATCH net-next] rds: tcp: per-netns flag to stop new connection creation when rds-tcp is being dismantled

An rds_connection can get added during netns deletion between lines 528 and 529 of 506 static void rds_tcp_kill_sock(struct net *net) : /* code to pull out all the rds_connections that should be destroyed */ : 528 spin_unlock_irq(_tcp_conn_lock); 529

Re: [PATCH net-next 1/4] net: core: Fix kernel-doc for carrier_* attributes

Hi Florian, I love your patch! Perhaps something to improve: [auto build test WARNING on net-next/master] url: https://github.com/0day-ci/linux/commits/Florian-Fainelli/net-core-Fix-kernel-doc-for-carrier_-attributes/20180125-062300 reproduce: make htmldocs All warnings (new ones prefixed

Re: [PATCH 10/10] kill kernel_sock_ioctl()

On Thu, Jan 25, 2018 at 12:01:25AM +, Al Viro wrote: > On Wed, Jan 24, 2018 at 03:52:44PM -0500, David Miller wrote: > > > > Al this series looks fine to me, want me to toss it into net-next? > > Do you want them reposted (with updated commit messages), or would > you prefer a pull request

[PATCH net] net: memcontrol: charge allocated memory after mem_cgroup_sk_alloc()

We've catched several cgroup css refcounting issues on 4.15-rc7, triggered from different release paths. We've used cgroups v2. I've added a temporarily per-memcg sockmem atomic counter, and found, that we're sometimes falling below 0. It was easy to reproduce, so I was able to bisect the problem.

[PATCH net-next 3/8] mlx5: use tc_cls_can_offload_and_chain0()

Make use of tc_cls_can_offload_and_chain0() to set extack msg in case ethtool tc offload flag is not set or chain unsupported. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman --- CC: Saeed Mahameed CC: Or

[PATCH net-next 1/8] pkt_cls: add new tc cls helper to check offload flag and chain index

Very few (mlxsw) upstream drivers seem to allow offload of chains other than 0. Save driver developers typing and add a helper for checking both if ethtool's TC offload flag is on and if chain is 0. This helper will set the extack appropriately in both error cases. Signed-off-by: Jakub Kicinski

[PATCH net-next 0/8] use tc_cls_can_offload_and_chain0() throughout the drivers

Hi! This set makes most drivers use a new tc_cls_can_offload_and_chain0() helper which will set extack in case TC hw offload flag is disabled. i40e patch will follow after net -> net-next merge. I chose to keep the new helper which also looks at the chain but renamed it more appropriately. The

[PATCH net-next 2/8] cxgb4: use tc_cls_can_offload_and_chain0()

Make use of tc_cls_can_offload_and_chain0() to set extack msg in case ethtool tc offload flag is not set or chain unsupported. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman --- CC: Ganesh Goudar ---

[PATCH net-next 6/8] ixgbe: use tc_cls_can_offload_and_chain0()

Make use of tc_cls_can_offload_and_chain0() to set extack msg in case ethtool tc offload flag is not set or chain unsupported. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman --- CC: Jeff Kirsher ---

[PATCH net-next 8/8] selftests/bpf: check for spurious extacks from the driver

Drivers should not report errors when offload is not forced. Check stdout and stderr for familiar messages when with no skip flags and with skip_hw. Check for add, replace, and destroy. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman

[PATCH net-next 4/8] bnxt: use tc_cls_can_offload_and_chain0()

Make use of tc_cls_can_offload_and_chain0() to set extack msg in case ethtool tc offload flag is not set or chain unsupported. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman --- CC: Michael Chan ---

[PATCH net-next 7/8] mlxsw: use tc_cls_can_offload_and_chain0()

Make use of tc_cls_can_offload_and_chain0() to set extack msg in case ethtool tc offload flag is not set or chain unsupported. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman --- CC: Jiri Pirko CC: Ido

[PATCH net-next 5/8] nfp: flower: use tc_cls_can_offload_and_chain0()

Make use of tc_cls_can_offload_and_chain0() to set extack msg in case ethtool tc offload flag is not set or chain unsupported. Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman ---

Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()

On Thu, Jan 25, 2018 at 12:50:56AM +0100, Pablo Neira Ayuso wrote: > On Thu, Jan 25, 2018 at 12:19:52AM +0100, Florian Westphal wrote: > > Eric Dumazet wrote: > > > From: Eric Dumazet > > > > > > It looks like syzbot found its way into netfilter

[PATCH nf-next,RFC v4] netfilter: nf_flow_table: add hardware offload support

This patch adds the infrastructure to offload flows to hardware, in case the nic/switch comes with built-in flow tables capabilities. If the hardware comes with no hardware flow tables or they have limitations in terms of features, the existing infrastructure falls back to the software flow table

[PATCH bpf-next v7 0/5] libbpf: add XDP setup support

Hello, This patchset fixes the problem found by Alexei when building libbpf on a system with old headers. It has been tested on an old Ubuntu and seems to behave fine. Best regards, -- Eric

[PATCH bpf-next v7 2/5] libbpf: add function to setup XDP

Most of the code is taken from set_link_xdp_fd() in bpf_load.c and slightly modified to be library compliant. Signed-off-by: Eric Leblond Acked-by: Alexei Starovoitov --- tools/lib/bpf/bpf.c| 127 +

Re: [Patch net-next v2 2/3] net_sched: plug in qdisc ops change_tx_queue_len

On 01/23/2018 10:18 AM, Cong Wang wrote: > Introduce a new qdisc ops ->change_tx_queue_len() so that > each qdisc could decide how to implement this if it wants. > Previously we simply read dev->tx_queue_len, after pfifo_fast > switches to skb array, we need this API to resize the skb array > when

[PATCH bpf-next v7 1/5] tools: import netlink header in tools uapi

The header is necessary for libbpf compilation on system with older version of the headers. Signed-off-by: Eric Leblond --- tools/include/uapi/linux/netlink.h | 251 + tools/lib/bpf/Makefile | 3 + 2 files changed, 254

[PATCH bpf-next v7 4/5] libbpf: add missing SPDX-License-Identifier

Signed-off-by: Eric Leblond Acked-by: Alexei Starovoitov --- tools/lib/bpf/bpf.c| 2 ++ tools/lib/bpf/bpf.h| 2 ++ tools/lib/bpf/libbpf.c | 2 ++ tools/lib/bpf/libbpf.h | 2 ++ 4 files changed, 8 insertions(+) diff --git a/tools/lib/bpf/bpf.c

[PATCH bpf-next v7 3/5] libbpf: add error reporting in XDP

Parse netlink ext attribute to get the error message returned by the card. Code is partially take from libnl. We add netlink.h to the uapi include of tools. And we need to avoid include of userspace netlink header to have a successful build of sample so nlattr.h has a define to avoid the

[PATCH bpf-next v7 5/5] samples/bpf: use bpf_set_link_xdp_fd

Use bpf_set_link_xdp_fd instead of set_link_xdp_fd to remove some code duplication and benefit of netlink ext ack errors message. Signed-off-by: Eric Leblond --- samples/bpf/bpf_load.c | 102 samples/bpf/bpf_load.h |

Re: [PATCH 10/10] kill kernel_sock_ioctl()

On Wed, Jan 24, 2018 at 03:52:44PM -0500, David Miller wrote: > > Al this series looks fine to me, want me to toss it into net-next? Do you want them reposted (with updated commit messages), or would you prefer a pull request (with or without rebase to current tip of net-next)?

Re: [PATCH net-next 2/2] net: sched: add em_ipt ematch for calling xtables matches

On Wed, Jan 24, 2018 at 04:37:16PM -0500, David Miller wrote: > From: Eyal Birger > Date: Tue, 23 Jan 2018 11:17:32 +0200 > > > + network_offset = skb_network_offset(skb); > > + skb_pull(skb, network_offset); > > + > > + rcu_read_lock(); > > + > > + if

Re: Repeatable inet6_dump_fib crash in stock 4.12.0-rc4+

On 06/20/2017 08:03 PM, David Ahern wrote: On 6/20/17 5:41 PM, Ben Greear wrote: On 06/20/2017 11:05 AM, Michal Kubecek wrote: On Tue, Jun 20, 2017 at 07:12:27AM -0700, Ben Greear wrote: On 06/14/2017 03:25 PM, David Ahern wrote: On 6/14/17 4:23 PM, Ben Greear wrote: On 06/13/2017 07:27 PM,

Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()

On Thu, Jan 25, 2018 at 12:19:52AM +0100, Florian Westphal wrote: > Eric Dumazet wrote: > > From: Eric Dumazet > > > > It looks like syzbot found its way into netfilter territory. > > Excellent. This will sure allow to find and fix more bugs :-) >

Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()

On Wed, Jan 24, 2018 at 02:49:48PM -0800, Eric Dumazet wrote: > From: Eric Dumazet > > It looks like syzbot found its way into netfilter territory. > > Issue here is that @name comes from user space and might > not be null terminated. > > Out-of-bound reads happen, KASAN

[GIT] Networking

1) Avoid negative netdev refcount in error flow of xfrm state add, from Aviad Yehezkel. 2) Fix tcpdump decoding of IPSEC decap'd frames by filling in the ethernet header protocol field in xfrm{4,6}_mode_tunnel_input(). From Yossi Kuperman. 3) Fix a syzbot triggered skb_under_panic in

Re: [PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()

Eric Dumazet wrote: > From: Eric Dumazet > > It looks like syzbot found its way into netfilter territory. Excellent. This will sure allow to find and fix more bugs :-) > Issue here is that @name comes from user space and might > not be null

Re: [PATCH v2 1/2] net/ibm/emac: add 8192 rx/tx fifo size

From: Ivan Mikhaylov Date: Wed, 24 Jan 2018 15:53:24 +0300 > emac4syn chips has availability to use 8192 rx/tx fifo buffer sizes, > in current state if we set it up in dts 8192 as example, we will get > only 2048 which may impact on network speed. > > Signed-off-by: Ivan

Re: [PATCH v2 2/2] net/ibm/emac: wrong bit is used for STA control register write

From: Ivan Mikhaylov Date: Wed, 24 Jan 2018 15:53:25 +0300 > STA control register has areas of mode and opcodes for opeations. 18 bit is > using for mode selection, where 0 is old MIO/MDIO access method and 1 is > indirect access mode. 19-20 bits are using for setting up

Re: [net-next 0/7][pull request] 100GbE Intel Wired LAN Driver Updates 2018-01-24

From: Jeff Kirsher Date: Wed, 24 Jan 2018 14:45:39 -0800 > This series contains updates to fm10k only. > > Alex fixes MACVLAN offload for fm10k, where we were not seeing unicast > packets being received because we did not correctly configure the > default VLAN ID

Re: [PATCH net-next 3/3] net/ipv6: Add support for onlink flag

From: David Ahern Date: Wed, 24 Jan 2018 15:08:39 -0700 > On 1/23/18 8:00 PM, David Ahern wrote: >> +tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN; >> +if (cfg->fc_table && cfg->fc_table != tbid) { >> +NL_SET_ERR_MSG(extack, >> +

[PATCH net] netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_match()

From: Eric Dumazet It looks like syzbot found its way into netfilter territory. Issue here is that @name comes from user space and might not be null terminated. Out-of-bound reads happen, KASAN is not happy. Signed-off-by: Eric Dumazet Reported-by:

Re: [Intel-wired-lan] [RFC v2 net-next 01/10] net: Add a new socket option for a future transmit time.

Hi Richard, Richard Cochran writes: > On Tue, Jan 23, 2018 at 01:22:37PM -0800, Vinicius Costa Gomes wrote: >> What I think would be the ideal scenario would be if the clockid >> parameter to the TBS Qdisc would not be necessary (if offload was >> enabled), but that's

[net-next 1/7] fm10k: Fix configuration for macvlan offload

From: Alexander Duyck The fm10k driver didn't work correctly when macvlan offload was enabled. Specifically what would occur is that we would see no unicast packets being received. This was traced down to us not correctly configuring the default VLAN ID for the port

[net-next 5/7] fm10k: don't assume VLAN 1 is enabled

From: Jacob Keller Since commit 856dfd69e84f ("fm10k: Fix multicast mode synch issues", 2016-03-03) we've incorrectly assumed that VLAN 1 is enabled when the default VID is not set. This occurs because we check the default_vid and if it's zero, start several loops over

[net-next 7/7] fm10k: clarify action when updating the VLAN table

From: Ngai-Mint Kwan Clarify the comment for when entering promiscuous mode that we update the VLAN table. Add a comment distinguishing the case where we're exiting promiscuous mode and need to clear the entire VLAN table. Signed-off-by: Ngai-Mint Kwan

[net-next 0/7][pull request] 100GbE Intel Wired LAN Driver Updates 2018-01-24

This series contains updates to fm10k only. Alex fixes MACVLAN offload for fm10k, where we were not seeing unicast packets being received because we did not correctly configure the default VLAN ID for the port and defaulting to 0. Jake cleans up unnecessary parenthesis in a couple of "if"

[net-next 4/7] fm10k: stop adding VLAN 0 to the VLAN table

From: Jacob Keller Currently, when the driver loads, it sends a request to add VLAN 0 to the VLAN table. For the PF, this is honored, and VLAN 0 is indeed set. For the VF, this request is silently converted into a request for the default VLAN as defined by either the

[net-next 3/7] fm10k: fix "failed to kill vid" message for VF

From: Ngai-Mint Kwan When a VF is under PF VLAN assignment: ip link set vf <#> vlan This will remove all previous entries in the VLAN table including those generated by VLAN interfaces created on the VF. The issue arises when the VF is under PF VLAN assignment and

[net-next 6/7] fm10k: correct typo in fm10k_pf.c

From: Ngai-Mint Kwan Signed-off-by: Ngai-Mint Kwan Tested-by: Krishneil Singh Signed-off-by: Jeff Kirsher --- drivers/net/ethernet/intel/fm10k/fm10k_pf.c | 2 +- 1 file changed, 1

[net-next 2/7] fm10k: cleanup unnecessary parenthesis in fm10k_iov.c

From: Jacob Keller This fixes a few warnings found by checkpatch.pl --strict Signed-off-by: Jacob Keller Tested-by: Krishneil Singh Signed-off-by: Jeff Kirsher ---

Re: [PATCH] cls_flower: check if filter is in HW before calling fl_hw_destroy_filter()

On Wed, 24 Jan 2018 17:12:55 +0530, Sathya Perla wrote: > When a filter cannot be added in HW (i.e, fl_hw_replace_filter() returns > error), the TCA_CLS_FLAGS_IN_HW flag is not set in the filter flags. > > This flag (via tc_in_hw()) must be checked before issuing the call > to delete a filter in

Re: [PATCH bpf-next v8 08/12] bpf: Add support for reading sk_state and more

On 1/24/18, 12:07 PM, "netdev-ow...@vger.kernel.org on behalf of Yuchung Cheng" wrote: On Tue, Jan 23, 2018 at 11:57 PM, Lawrence Brakmo wrote: > Add support for reading many more tcp_sock fields > >

Re: [PATCH net-next 3/3] net/ipv6: Add support for onlink flag

On 1/23/18 8:00 PM, David Ahern wrote: > + tbid = l3mdev_fib_table(dev) ? : RT_TABLE_MAIN; > + if (cfg->fc_table && cfg->fc_table != tbid) { > + NL_SET_ERR_MSG(extack, > +"Table id mismatch between given table and > device"); > + return

Re: [PATCH net-next] cxgb4: make symbol pedits static

From: Wei Yongjun Date: Wed, 24 Jan 2018 02:14:33 + > Fixes the following sparse warning: > > drivers/net/ethernet/chelsio/cxgb4/cxgb4_tc_flower.c:46:27: warning: > symbol 'pedits' was not declared. Should it be static? > > Fixes: 27ece1f357b7 ("cxgb4: add tc

Re: [PATCH net 1/2] vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()

From: "Michael S. Tsirkin" Date: Wed, 24 Jan 2018 23:46:19 +0200 > On Wed, Jan 24, 2018 at 04:38:30PM -0500, David Miller wrote: >> From: Jason Wang >> Date: Tue, 23 Jan 2018 17:27:25 +0800 >> >> > We used to call mutex_lock() in vhost_dev_lock_vqs() which

Re: [PATCH net] net: erspan: fix use-after-free

From: William Tu Date: Tue, 23 Jan 2018 17:01:29 -0800 > When building the erspan header for either v1 or v2, the eth_hdr() > does not point to the right inner packet's eth_hdr, > causing kasan report use-after-free and slab-out-of-bouds read. ... > Fixes: f551c91de262

Re: [PATCH net] i40e: flower: check if TC offload is enabled on a netdev

From: Jeff Kirsher Date: Tue, 23 Jan 2018 08:47:29 -0800 > On Tue, 2018-01-23 at 00:08 -0800, Jakub Kicinski wrote: >> Since TC block changes drivers are required to check if >> the TC hw offload flag is set on the interface themselves. >> >> Fixes: 2f4b411a3d67

Re: [Patch net-next v2 0/3] net_sched: reflect tx_queue_len change for pfifo_fast

From: Cong Wang Date: Tue, 23 Jan 2018 10:18:56 -0800 > This pathcset restores the pfifo_fast qdisc behavior of dropping > packets based on latest dev->tx_queue_len. Patch 1 introduces > a helper, patch 2 introduces a new Qdisc ops which is called when > we modify

Re: [PATCH net-next v2 00/12] net: sched: propagate extack to cls offloads on destroy and only with skip_sw

On Wed, 24 Jan 2018 22:15:00 +0100, Jiri Pirko wrote: > Wed, Jan 24, 2018 at 10:07:25PM CET, dsah...@gmail.com wrote: > >On 1/24/18 2:04 PM, Jiri Pirko wrote: > >> For the record, I still think it is odd to have 6 patches just to add > >> one arg to a function. I wonder where this unnecessary

Re: [PATCH net 1/2] vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()

On Wed, Jan 24, 2018 at 04:38:30PM -0500, David Miller wrote: > From: Jason Wang > Date: Tue, 23 Jan 2018 17:27:25 +0800 > > > We used to call mutex_lock() in vhost_dev_lock_vqs() which tries to > > hold mutexes of all virtqueues. This may confuse lockdep to report a > >

Re: [PATCH net 0/2] qed: rdma bug fixes

From: Michal Kalderon Date: Tue, 23 Jan 2018 11:33:45 +0200 > This patch contains two small bug fixes related to RDMA. > Both related to resource reservations. > > Signed-off-by: Michal Kalderon > Signed-off-by: Ariel Elior

Re: [PATCH net-next] rds: tcp: per-netns flag to stop new connection creation when rds-tcp is being dismantled

On 1/24/2018 1:03 PM, Sowmini Varadhan wrote: An rds_connection can get added during netns deletion between lines 528 and 529 of 506 static void rds_tcp_kill_sock(struct net *net) : /* code to pull out all the rds_connections that should be destroyed */ : 528

Re: [PATCH net 1/2] vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()

From: Jason Wang Date: Tue, 23 Jan 2018 17:27:25 +0800 > We used to call mutex_lock() in vhost_dev_lock_vqs() which tries to > hold mutexes of all virtqueues. This may confuse lockdep to report a > possible deadlock because of trying to hold locks belong to same > class.

Re: [PATCH net-next 2/2] net: sched: add em_ipt ematch for calling xtables matches

From: Eyal Birger Date: Tue, 23 Jan 2018 11:17:32 +0200 > + network_offset = skb_network_offset(skb); > + skb_pull(skb, network_offset); > + > + rcu_read_lock(); > + > + if (skb->skb_iif) > + indev = dev_get_by_index_rcu(em->net, skb->skb_iif);

Re: [PATCH v4] net: qcom/emac: extend DMA mask to 46bits

From: Wang Dongsheng Date: Mon, 22 Jan 2018 20:25:06 -0800 > Bit TPD3[31] is used as a timestamp bit if PTP is enabled, but > it's used as an address bit if PTP is disabled. Since PTP isn't > supported by the driver, we can extend the DMA address to 46 bits. >

Re: [PATCH] ip_tunnel: Use mark in skb by default

From: Thomas Winter Date: Tue, 23 Jan 2018 16:46:24 +1300 > This allows marks set by connmark in iptables > to be used for route lookups. > > Signed-off-by: Thomas Winter Applied to net-next, thanks.

  1   2   3   >