* Re: [PATCH 3/3] net: tipc: fix information leak to userland
From: Vasiliy Kulikov @ 2010-11-10 15:54 UTC (permalink / raw)
To: walter harms
Cc: David Miller, kernel-janitors, jon.maloy, allan.stephens,
tipc-discussion, netdev, linux-kernel
In-Reply-To: <4CDA88FE.8040801@bfs.de>
On Wed, Nov 10, 2010 at 12:58 +0100, walter harms wrote:
> NTL the core problem was that sizeof sa_data is 14 while dev->name is IFNAMESZ=15.
With this code it is NOT a bug because the output buffer is much bigger
than 14 (128 bytes). I think it was just designed to overflow 14 bytes,
assign sa_data[14] = 0 and ignore it (lack of snprintf() those days?).
Anywhere else sa_data[14] = ... is a bug.
--
Vasiliy
^ permalink raw reply
* Re: Routing over multiple interfaces
From: David Woodhouse @ 2010-11-10 15:51 UTC (permalink / raw)
To: Eric Dumazet; +Cc: David Miller, netdev, uweber
In-Reply-To: <1289401704.2860.182.camel@edumazet-laptop>
On Wed, 2010-11-10 at 16:08 +0100, Eric Dumazet wrote:
> Its a bit problematic, as you said you want to use both links to do
> one upload ;)
When it's *necessary*, yes :)
> Maybe it is possible to instruct teql to try to not change links
> unless one link is full...
Hm... teql doesn't have any visibility into which packets belong to
which flow, does it?
Perhaps the answer is based on my previous setup ('ip route add default
src 90.155.92.214 nexthop dev ppp0 nexthop dev ppp1'). That would
naturally distribute connections between the interfaces, so all we need
on top is a qdisc which will move packets from one interface to the
other when one queue becomes full (or at a given rate limit).
--
dwmw2
^ permalink raw reply
* [PATCH] macvlan: lockless tx path
From: Eric Dumazet @ 2010-11-10 15:41 UTC (permalink / raw)
To: David Miller; +Cc: Patrick McHardy, netdev
macvlan is a stacked device, like tunnels. We should use the lockless
mechanism we are using in tunnels and loopback.
This patch completely removes locking in TX path.
tx stat counters are added into existing percpu stat structure, renamed
from rx_stats to pcpu_stats.
Note : this reverts commit 2c11455321f37 (macvlan: add multiqueue
capability)
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
---
drivers/net/macvlan.c | 72 +++++++++++++----------------------
include/linux/if_macvlan.h | 26 +++++++-----
2 files changed, 43 insertions(+), 55 deletions(-)
diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
index 0fc9dc7..fce80a7 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -243,17 +243,19 @@ xmit_world:
netdev_tx_t macvlan_start_xmit(struct sk_buff *skb,
struct net_device *dev)
{
- int i = skb_get_queue_mapping(skb);
- struct netdev_queue *txq = netdev_get_tx_queue(dev, i);
unsigned int len = skb->len;
int ret;
+ const struct macvlan_dev *vlan = netdev_priv(dev);
+ struct macvlan_pcpu_stats *pcpu_stats = this_cpu_ptr(vlan->pcpu_stats);
ret = macvlan_queue_xmit(skb, dev);
if (likely(ret == NET_XMIT_SUCCESS || ret == NET_XMIT_CN)) {
- txq->tx_packets++;
- txq->tx_bytes += len;
+ u64_stats_update_begin(&pcpu_stats->syncp);
+ pcpu_stats->tx_packets++;
+ pcpu_stats->tx_bytes += len;
+ u64_stats_update_end(&pcpu_stats->syncp);
} else
- txq->tx_dropped++;
+ pcpu_stats->tx_dropped++;
return ret;
}
@@ -414,14 +416,15 @@ static int macvlan_init(struct net_device *dev)
dev->state = (dev->state & ~MACVLAN_STATE_MASK) |
(lowerdev->state & MACVLAN_STATE_MASK);
dev->features = lowerdev->features & MACVLAN_FEATURES;
+ dev->features |= NETIF_F_LLTX;
dev->gso_max_size = lowerdev->gso_max_size;
dev->iflink = lowerdev->ifindex;
dev->hard_header_len = lowerdev->hard_header_len;
macvlan_set_lockdep_class(dev);
- vlan->rx_stats = alloc_percpu(struct macvlan_rx_stats);
- if (!vlan->rx_stats)
+ vlan->pcpu_stats = alloc_percpu(struct macvlan_pcpu_stats);
+ if (!vlan->pcpu_stats)
return -ENOMEM;
return 0;
@@ -431,7 +434,7 @@ static void macvlan_uninit(struct net_device *dev)
{
struct macvlan_dev *vlan = netdev_priv(dev);
- free_percpu(vlan->rx_stats);
+ free_percpu(vlan->pcpu_stats);
}
static struct rtnl_link_stats64 *macvlan_dev_get_stats64(struct net_device *dev,
@@ -439,33 +442,34 @@ static struct rtnl_link_stats64 *macvlan_dev_get_stats64(struct net_device *dev,
{
struct macvlan_dev *vlan = netdev_priv(dev);
- dev_txq_stats_fold(dev, stats);
-
- if (vlan->rx_stats) {
- struct macvlan_rx_stats *p, accum = {0};
- u64 rx_packets, rx_bytes, rx_multicast;
+ if (vlan->pcpu_stats) {
+ struct macvlan_pcpu_stats *p;
+ u64 rx_packets, rx_bytes, rx_multicast, tx_packets, tx_bytes;
unsigned int start;
int i;
for_each_possible_cpu(i) {
- p = per_cpu_ptr(vlan->rx_stats, i);
+ p = per_cpu_ptr(vlan->pcpu_stats, i);
do {
start = u64_stats_fetch_begin_bh(&p->syncp);
rx_packets = p->rx_packets;
rx_bytes = p->rx_bytes;
rx_multicast = p->rx_multicast;
+ tx_packets = p->tx_packets;
+ tx_bytes = p->tx_bytes;
} while (u64_stats_fetch_retry_bh(&p->syncp, start));
- accum.rx_packets += rx_packets;
- accum.rx_bytes += rx_bytes;
- accum.rx_multicast += rx_multicast;
- /* rx_errors is an ulong, updated without syncp protection */
- accum.rx_errors += p->rx_errors;
+ stats->rx_packets += rx_packets;
+ stats->rx_bytes += rx_bytes;
+ stats->multicast += rx_multicast;
+ stats->tx_packets += tx_packets;
+ stats->tx_bytes += tx_bytes;
+ /* rx_errors & tx_dropped are ulong, updated
+ * without syncp protection
+ */
+ stats->rx_errors += p->rx_errors;
+ stats->tx_dropped += p->tx_dropped;
}
- stats->rx_packets = accum.rx_packets;
- stats->rx_bytes = accum.rx_bytes;
- stats->rx_errors = accum.rx_errors;
- stats->rx_dropped = accum.rx_errors;
- stats->multicast = accum.rx_multicast;
+ stats->rx_dropped = stats->rx_errors;
}
return stats;
}
@@ -601,25 +605,6 @@ static int macvlan_validate(struct nlattr *tb[], struct nlattr *data[])
return 0;
}
-static int macvlan_get_tx_queues(struct net *net,
- struct nlattr *tb[],
- unsigned int *num_tx_queues,
- unsigned int *real_num_tx_queues)
-{
- struct net_device *real_dev;
-
- if (!tb[IFLA_LINK])
- return -EINVAL;
-
- real_dev = __dev_get_by_index(net, nla_get_u32(tb[IFLA_LINK]));
- if (!real_dev)
- return -ENODEV;
-
- *num_tx_queues = real_dev->num_tx_queues;
- *real_num_tx_queues = real_dev->real_num_tx_queues;
- return 0;
-}
-
int macvlan_common_newlink(struct net *src_net, struct net_device *dev,
struct nlattr *tb[], struct nlattr *data[],
int (*receive)(struct sk_buff *skb),
@@ -743,7 +728,6 @@ int macvlan_link_register(struct rtnl_link_ops *ops)
{
/* common fields */
ops->priv_size = sizeof(struct macvlan_dev);
- ops->get_tx_queues = macvlan_get_tx_queues;
ops->validate = macvlan_validate;
ops->maxtype = IFLA_MACVLAN_MAX;
ops->policy = macvlan_policy;
diff --git a/include/linux/if_macvlan.h b/include/linux/if_macvlan.h
index 8a2fd66..3779b5f 100644
--- a/include/linux/if_macvlan.h
+++ b/include/linux/if_macvlan.h
@@ -25,19 +25,23 @@ struct macvlan_port;
struct macvtap_queue;
/**
- * struct macvlan_rx_stats - MACVLAN percpu rx stats
+ * struct macvlan_pcpu_stats - MACVLAN percpu stats
* @rx_packets: number of received packets
* @rx_bytes: number of received bytes
* @rx_multicast: number of received multicast packets
+ * @tx_
* @syncp: synchronization point for 64bit counters
* @rx_errors: number of errors
*/
-struct macvlan_rx_stats {
+struct macvlan_pcpu_stats {
u64 rx_packets;
u64 rx_bytes;
u64 rx_multicast;
+ u64 tx_packets;
+ u64 tx_bytes;
struct u64_stats_sync syncp;
unsigned long rx_errors;
+ unsigned long tx_dropped;
};
/*
@@ -52,7 +56,7 @@ struct macvlan_dev {
struct hlist_node hlist;
struct macvlan_port *port;
struct net_device *lowerdev;
- struct macvlan_rx_stats __percpu *rx_stats;
+ struct macvlan_pcpu_stats __percpu *pcpu_stats;
enum macvlan_mode mode;
int (*receive)(struct sk_buff *skb);
int (*forward)(struct net_device *dev, struct sk_buff *skb);
@@ -64,18 +68,18 @@ static inline void macvlan_count_rx(const struct macvlan_dev *vlan,
unsigned int len, bool success,
bool multicast)
{
- struct macvlan_rx_stats *rx_stats;
+ struct macvlan_pcpu_stats *pcpu_stats;
- rx_stats = this_cpu_ptr(vlan->rx_stats);
+ pcpu_stats = this_cpu_ptr(vlan->pcpu_stats);
if (likely(success)) {
- u64_stats_update_begin(&rx_stats->syncp);
- rx_stats->rx_packets++;;
- rx_stats->rx_bytes += len;
+ u64_stats_update_begin(&pcpu_stats->syncp);
+ pcpu_stats->rx_packets++;;
+ pcpu_stats->rx_bytes += len;
if (multicast)
- rx_stats->rx_multicast++;
- u64_stats_update_end(&rx_stats->syncp);
+ pcpu_stats->rx_multicast++;
+ u64_stats_update_end(&pcpu_stats->syncp);
} else {
- rx_stats->rx_errors++;
+ pcpu_stats->rx_errors++;
}
}
^ permalink raw reply related
* Re: [RESEND PATCH] virtio-net: init link state correctly
From: Michael S. Tsirkin @ 2010-11-10 15:08 UTC (permalink / raw)
To: Rusty Russell; +Cc: Jason Wang, netdev, linux-kernel, davem, markmc, kvm
In-Reply-To: <201011080941.28190.rusty@rustcorp.com.au>
On Mon, Nov 08, 2010 at 09:41:27AM +1030, Rusty Russell wrote:
> On Fri, 5 Nov 2010 08:17:18 pm Jason Wang wrote:
> > For device that supports VIRTIO_NET_F_STATUS, there's no need to
> > assume the link is up and we need to call nerif_carrier_off() before
> > querying device status, otherwise we may get wrong operstate after
> > diver was loaded because the link watch event was not fired as
> > expected.
> >
> > For device that does not support VIRITO_NET_F_STATUS, we could not get
> > its status through virtnet_update_status() and what we can only do is
> > always assuming the link is up.
> >
> > Acked-by: Michael S. Tsirkin <mst@redhat.com>
> > Signed-off-by: Jason Wang <jasowang@redhat.com>
>
> Acked-by: Rusty Russell <rusty@rustcorp.com.au>
>
> Thanks!
> Rusty.
Rusty, just to verify: who shall be queueing this up?
^ permalink raw reply
* Re: Routing over multiple interfaces
From: Eric Dumazet @ 2010-11-10 15:08 UTC (permalink / raw)
To: David Woodhouse; +Cc: David Miller, netdev, uweber
In-Reply-To: <1289400654.2721.7.camel@macbook.infradead.org>
Le mercredi 10 novembre 2010 à 14:50 +0000, David Woodhouse a écrit :
> On Mon, 2010-11-01 at 22:35 +0100, Eric Dumazet wrote:
> >
> > David W. probably wants to use teql or some bonding ?
> >
> > # tc qdisc add dev ppp0 root teql0
> > # tc qdisc add dev ppp1 root teql0
> > # ip link set dev teql0 up
> > # ip route add default src 90.155.92.214 dev teql0
>
> That works; thanks. Or it should do... there's a slight complication
> right now in that one of my lines is actually routed through a separate
> ADSL<->Ethernet box, because one of the ports on my Solos card is a bit
> shagged and syncs a lot slower than it should. So it's actually eth1 and
> ppp1 that I'm sharing. That should be fixed relatively soon as they're
> sending me a new box.
>
> There's a minor issue with this setup though — ideally, any given TCP
> connection would tend to use the *same* interface as much as possible,
> and only 'overflow' onto the other interface if it's actually saturating
> the uplink on the first. That would tend to reduce the amount of packet
> re-ordering. At the moment it will split outbound packets over both
> lines even when they're relatively idle, introducing packet re-ordering
> where it wasn't really necessary.
>
> That said, the world is supposed to cope with packet re-ordering, so I'm
> not going to lose a lot of sleep over it. And I have a feeling the
> downstream link from the ISP does it exactly the same.
>
Its a bit problematic, as you said you want to use both links to do one
upload ;)
Maybe it is possible to instruct teql to try to not change links unless
one link is full...
^ permalink raw reply
* Re: Routing over multiple interfaces
From: David Woodhouse @ 2010-11-10 14:50 UTC (permalink / raw)
To: Eric Dumazet; +Cc: David Miller, netdev, uweber
In-Reply-To: <1288647330.2660.116.camel@edumazet-laptop>
On Mon, 2010-11-01 at 22:35 +0100, Eric Dumazet wrote:
>
> David W. probably wants to use teql or some bonding ?
>
> # tc qdisc add dev ppp0 root teql0
> # tc qdisc add dev ppp1 root teql0
> # ip link set dev teql0 up
> # ip route add default src 90.155.92.214 dev teql0
That works; thanks. Or it should do... there's a slight complication
right now in that one of my lines is actually routed through a separate
ADSL<->Ethernet box, because one of the ports on my Solos card is a bit
shagged and syncs a lot slower than it should. So it's actually eth1 and
ppp1 that I'm sharing. That should be fixed relatively soon as they're
sending me a new box.
There's a minor issue with this setup though — ideally, any given TCP
connection would tend to use the *same* interface as much as possible,
and only 'overflow' onto the other interface if it's actually saturating
the uplink on the first. That would tend to reduce the amount of packet
re-ordering. At the moment it will split outbound packets over both
lines even when they're relatively idle, introducing packet re-ordering
where it wasn't really necessary.
That said, the world is supposed to cope with packet re-ordering, so I'm
not going to lose a lot of sleep over it. And I have a feeling the
downstream link from the ISP does it exactly the same.
--
dwmw2
^ permalink raw reply
* Re: [PATCH] Prevent reading uninitialized memory with socketfilters
From: Tetsuo Handa @ 2010-11-10 14:25 UTC (permalink / raw)
To: eric.dumazet; +Cc: netdev
In-Reply-To: <1289373771.2700.110.camel@edumazet-laptop>
Just I thought...
> unsigned int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int flen)
> {
> struct sock_filter *fentry; /* We walk down these */
Can't this be "const struct sock_filter *"?
> (...snipped...)
> for (pc = 0; pc < flen; pc++) {
> fentry = &filter[pc];
Can't we do
u32 f_k = fentry->k;
and replace 27 repetition of fentry->k with f_k?
^ permalink raw reply
* Re: [PATCH] ucc_geth: Fix hung tasks.
From: Joakim Tjernlund @ 2010-11-10 14:11 UTC (permalink / raw)
Cc: Anton Vorontsov, netdev
In-Reply-To: <OFEBFE0319.7D12AA7E-ONC12577D7.00423B59-C12577D7.00426B71@LocalDomain>
Actually, there is something wrong anyway with TX timeout
so don't use this patch. I must investigate more but
it seems like cancel_work_sync hangs whenever an TX timeout
occurs.
Jocke
Joakim Tjernlund/Transmode wrote on 2010/11/10 13:05:28:
>
> Ping?
>
> Even though this patch didn't solve my hang it is still a bug.
>
> Jocke
>
> Joakim Tjernlund <Joakim.Tjernlund@transmode.se> wrote on 2010/11/08 11:23:39:
>
> > From: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> > To: linuxppc-dev@lists.ozlabs.org, netdev@vger.kernel.org, Anton Vorontsov <avorontsov@ru.mvista.com>
> > Cc: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> > Date: 2010/11/08 11:23
> > Subject: [PATCH] ucc_geth: Fix hung tasks.
> >
> > We noticed a few hangs like this:
> >
> > INFO: task ifconfig:572 blocked for more than 120 seconds.
> > "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
> > ifconfig D 0ff65760 0 572 369 0x00000000
> > Call Trace:
> > [c6157be0] [c6008460] 0xc6008460 (unreliable)
> > [c6157ca0] [c0008608] __switch_to+0x4c/0x6c
> > [c6157cb0] [c028fecc] schedule+0x184/0x310
> > [c6157ce0] [c0290e54] __mutex_lock_slowpath+0xa4/0x150
> > [c6157d20] [c0290c48] mutex_lock+0x44/0x48
> > [c6157d30] [c01aba74] phy_stop+0x20/0x70
> > [c6157d40] [c01aef40] ucc_geth_stop+0x30/0x98
> > [c6157d60] [c01b18fc] ucc_geth_close+0x9c/0xdc
> > [c6157d80] [c01db0cc] __dev_close+0xa0/0xd0
> > [c6157d90] [c01deddc] __dev_change_flags+0x8c/0x148
> > [c6157db0] [c01def54] dev_change_flags+0x1c/0x64
> > [c6157dd0] [c0237ac8] devinet_ioctl+0x678/0x784
> > [c6157e50] [c0239a58] inet_ioctl+0xb0/0xbc
> > [c6157e60] [c01cafa8] sock_ioctl+0x174/0x2a0
> > [c6157e80] [c009a16c] vfs_ioctl+0xcc/0xe0
> > [c6157ea0] [c009a998] do_vfs_ioctl+0xc4/0x79c
> > [c6157f10] [c009b0b0] sys_ioctl+0x40/0x74
> > [c6157f40] [c00117c4] ret_from_syscall+0x0/0x38
> >
> > I THINK this is due to a missing cancel_work_sync in the driver
> > although we cannot be sure. I found this by comparing
> > ucc_geth with gianfar.
> >
> > Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> > ---
> > drivers/net/ucc_geth.c | 1 +
> > 1 files changed, 1 insertions(+), 0 deletions(-)
> >
> > diff --git a/drivers/net/ucc_geth.c b/drivers/net/ucc_geth.c
> > index 97f9f7d..6647ed7 100644
> > --- a/drivers/net/ucc_geth.c
> > +++ b/drivers/net/ucc_geth.c
> > @@ -3556,6 +3556,7 @@ static int ucc_geth_close(struct net_device *dev)
> >
> > napi_disable(&ugeth->napi);
> >
> > + cancel_work_sync(&ugeth->timeout_work);
> > ucc_geth_stop(ugeth);
> >
> > free_irq(ugeth->ug_info->uf_info.irq, ugeth->ndev);
> > --
> > 1.7.2.2
> >
^ permalink raw reply
* possible kernel oops from user MSS
From: Steve Chen @ 2010-11-10 13:24 UTC (permalink / raw)
To: netdev
Hello
With commit f5fff5dc8a7a3f395b0525c02ba92c95d42b7390, a user program
can pass in TCP_MAXSEG of 12 (or TCPOLEN_TSTAMP_ALIGNED), and cause
kernel oops with division by 0
in tcp_select_initial_window. One way to prevent it is to change the
minimum value for TCP_MAXSEG in do_tcp_setsockopt from 8 to some value
over 12. Two questions.
1. Is this the right solution?
2. If it is, what is a good minimum value?
Thanks,
Steve
^ permalink raw reply
* Re: [PATCH] Prevent reading uninitialized memory with socket filters
From: Dan Rosenberg @ 2010-11-10 13:19 UTC (permalink / raw)
To: David Miller; +Cc: netdev, stable, security
In-Reply-To: <1289387567.7380.63.camel@dan>
For reasons I don't understand, this code seems to cause some people's
machines to lock up:
BUG: soft lockup - CPU#0 stuck for 10s! [dz:11844]
I haven't been able to reproduce this myself. Very strange. I'll send
a stack trace if I can reproduce.
-Dan
On Wed, 2010-11-10 at 06:12 -0500, Dan Rosenberg wrote:
> >
> > Prove it.
>
> I hope this was a joke. In either case, my reply is a joke:
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html
^ permalink raw reply
* Re: [PATCH] ucc_geth: Fix hung tasks.
From: Joakim Tjernlund @ 2010-11-10 12:05 UTC (permalink / raw)
Cc: Anton Vorontsov, netdev
In-Reply-To: <1289211819-21746-1-git-send-email-Joakim.Tjernlund@transmode.se>
Ping?
Even though this patch didn't solve my hang it is still a bug.
Jocke
Joakim Tjernlund <Joakim.Tjernlund@transmode.se> wrote on 2010/11/08 11:23:39:
> From: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> To: linuxppc-dev@lists.ozlabs.org, netdev@vger.kernel.org, Anton Vorontsov <avorontsov@ru.mvista.com>
> Cc: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> Date: 2010/11/08 11:23
> Subject: [PATCH] ucc_geth: Fix hung tasks.
>
> We noticed a few hangs like this:
>
> INFO: task ifconfig:572 blocked for more than 120 seconds.
> "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
> ifconfig D 0ff65760 0 572 369 0x00000000
> Call Trace:
> [c6157be0] [c6008460] 0xc6008460 (unreliable)
> [c6157ca0] [c0008608] __switch_to+0x4c/0x6c
> [c6157cb0] [c028fecc] schedule+0x184/0x310
> [c6157ce0] [c0290e54] __mutex_lock_slowpath+0xa4/0x150
> [c6157d20] [c0290c48] mutex_lock+0x44/0x48
> [c6157d30] [c01aba74] phy_stop+0x20/0x70
> [c6157d40] [c01aef40] ucc_geth_stop+0x30/0x98
> [c6157d60] [c01b18fc] ucc_geth_close+0x9c/0xdc
> [c6157d80] [c01db0cc] __dev_close+0xa0/0xd0
> [c6157d90] [c01deddc] __dev_change_flags+0x8c/0x148
> [c6157db0] [c01def54] dev_change_flags+0x1c/0x64
> [c6157dd0] [c0237ac8] devinet_ioctl+0x678/0x784
> [c6157e50] [c0239a58] inet_ioctl+0xb0/0xbc
> [c6157e60] [c01cafa8] sock_ioctl+0x174/0x2a0
> [c6157e80] [c009a16c] vfs_ioctl+0xcc/0xe0
> [c6157ea0] [c009a998] do_vfs_ioctl+0xc4/0x79c
> [c6157f10] [c009b0b0] sys_ioctl+0x40/0x74
> [c6157f40] [c00117c4] ret_from_syscall+0x0/0x38
>
> I THINK this is due to a missing cancel_work_sync in the driver
> although we cannot be sure. I found this by comparing
> ucc_geth with gianfar.
>
> Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> ---
> drivers/net/ucc_geth.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/drivers/net/ucc_geth.c b/drivers/net/ucc_geth.c
> index 97f9f7d..6647ed7 100644
> --- a/drivers/net/ucc_geth.c
> +++ b/drivers/net/ucc_geth.c
> @@ -3556,6 +3556,7 @@ static int ucc_geth_close(struct net_device *dev)
>
> napi_disable(&ugeth->napi);
>
> + cancel_work_sync(&ugeth->timeout_work);
> ucc_geth_stop(ugeth);
>
> free_irq(ugeth->ug_info->uf_info.irq, ugeth->ndev);
> --
> 1.7.2.2
>
^ permalink raw reply
* Re: [PATCH 3/3] net: tipc: fix information leak to userland
From: walter harms @ 2010-11-10 11:58 UTC (permalink / raw)
To: Vasiliy Kulikov
Cc: David Miller, kernel-janitors, jon.maloy, allan.stephens,
tipc-discussion, netdev, linux-kernel
In-Reply-To: <20101109203317.GA24933@albatros>
Am 09.11.2010 21:33, schrieb Vasiliy Kulikov:
> On Tue, Nov 09, 2010 at 09:26 -0800, David Miller wrote:
>> From: Vasiliy Kulikov <segooon@gmail.com>
>> Date: Sun, 31 Oct 2010 20:10:32 +0300
>>
>>> Structure sockaddr_tipc is copied to userland with padding bytes after
>>> "id" field in union field "name" unitialized. It leads to leaking of
>>> contents of kernel stack memory. We have to initialize them to zero.
>>>
>>> Signed-off-by: Vasiliy Kulikov <segooon@gmail.com>
>>
>> Applied.
>>
>> Patches #1 and #2 were given feedback which I need you to integrate
>> and submit new patches based upon, thanks.
>
> About #2:
>
> I still think that this:
>
> if (dev)
> strncpy(uaddr->sa_data, dev->name, 14);
> else
> memset(uaddr->sa_data, 0, 14);
>
> is better than this:
>
> memset(uaddr->sa_data, 0, 14);
> dev = dev_get_by_index_rcu(sock_net(sk), pkt_sk(sk)->ifindex);
> if (dev)
> strlcpy(uaddr->sa_data, dev->name, 15);
>
> Doesn't it? Explicitly filling with zero on the same "if" level is
> slightly easier to read and understand.
>
no problem with me, since i came up with the idea a simple explanation:
IMHO the pattern clear/if/copy is more robust
NTL the core problem was that sizeof sa_data is 14 while dev->name is IFNAMESZ=15.
re,
wh
^ permalink raw reply
* Re: Loopback performance from kernel 2.6.12 to 2.6.37
From: Jesper Dangaard Brouer @ 2010-11-10 11:24 UTC (permalink / raw)
To: Eric Dumazet; +Cc: netdev, acme
In-Reply-To: <1289313516.17448.28.camel@traveldev.cxnet.dk>
On Tue, 2010-11-09 at 15:38 +0100, Jesper Dangaard Brouer wrote:
> On Tue, 2010-11-09 at 15:16 +0100, Jesper Dangaard Brouer wrote:
> > On Tue, 2010-11-09 at 14:59 +0100, Jesper Dangaard Brouer wrote:
> > > On Mon, 2010-11-08 at 16:06 +0100, Eric Dumazet wrote:
> > > ...
> >
> > To fix this I added "-q 0" to netcat. Thus my working commands are:
> >
> > netcat -l -p 9999 >/dev/null &
> > time dd if=/dev/zero bs=1M count=10000 | netcat -q0 127.0.0.1 9999
> >
> > Running this on my "big" 10G testlab system, Dual Xeon 5550 2.67GHz,
> > kernel version 2.6.32-5-amd64 (which I usually don't use)
> > The results are 7.487 sec
>
> Using kernel 2.6.35.8-comx01+ (which is 35-stable with some minor
> patches of my own) on the same type of hardware (our preprod server).
> The result is 12 sec.
>
> time dd if=/dev/zero bs=1M count=10000 | netcat -q0 127.0.0.1 9999
> 10000+0 records in
> 10000+0 records out
> 10485760000 bytes (10 GB) copied, 12,0805 s, 868 MB/s
>
> real 0m12.082s
> user 0m0.311s
> sys 0m15.896s
On the same system I can better performance IF I pin the processes on
different CPUs. BUT the trick here is I choose CPUs with different "core
id", thus I avoid the HT CPUs in the system (hint look in /proc/cpuinfo
for choosing the CPUs).
Commands:
taskset 16 netcat -lv -p 9999 >/dev/null &
time taskset 1 dd if=/dev/zero bs=1M count=10000 | taskset 4 netcat -q0 127.0.0.1 9999
Result:
10485760000 bytes (10 GB) copied, 8,74021 s, 1,2 GB/s
real 0m8.742s
user 0m0.208s
sys 0m11.426s
So, perhaps the Core i7 has a problem with the HT CPUs with this
workload?
Forcing dd and netcat on the same HT CPU gives a result of approx 18
sec!
Commands:
taskset 16 netcat -lv -p 9999 >/dev/null
time taskset 1 dd if=/dev/zero bs=1M count=10000 | taskset 2 netcat -q0 127.0.0.1 9999
Result:
10485760000 bytes (10 GB) copied, 18,6575 s, 562 MB/s
real 0m18.659s
user 0m0.341s
sys 0m18.969s
> BUT perf top reveals that its probably related to the function
> 'find_busiest_group' ... any kernel config hints how I get rid of that?
The 'find_busiest_group' seems to be an artifact of "perf top", if I use
"perf record" then the 'find_busiest_group' function disappears. Which
is kind of strange, as 'find_busiest_group' seem the be related to
sched_fair.c.
perf --version
perf version 2.6.35.7.1.g60d9c
--
Med venlig hilsen / Best regards
Jesper Brouer
ComX Networks A/S
Linux Network Kernel Developer
Cand. Scient Datalog / MSc.CS
Author of http://adsl-optimizer.dk
LinkedIn: http://www.linkedin.com/in/brouer
^ permalink raw reply
* Re: [PATCH] Prevent reading uninitialized memory with socket filters
From: Dan Rosenberg @ 2010-11-10 11:12 UTC (permalink / raw)
To: David Miller; +Cc: netdev, stable, security
In-Reply-To: <20101109.212838.193698340.davem@davemloft.net>
>
> Prove it.
I hope this was a joke. In either case, my reply is a joke:
http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077321.html
^ permalink raw reply
* Re: [RFC 0/3] MPEG2/TS drop analyzer iptables match extension
From: Jesper Dangaard Brouer @ 2010-11-10 11:02 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: Netfilter Developers, Eric Dumazet, netdev, Solvik Blum
In-Reply-To: <alpine.LNX.2.01.1011041121170.16551@obet.zrqbmnf.qr>
On Thu, 4 Nov 2010, Jan Engelhardt wrote:
> On Thursday 2010-11-04 10:20, Jesper Dangaard Brouer wrote:
>> On Thu, 4 Nov 2010, Jan Engelhardt wrote:
>>>
>>> This now lives in the mp2t branch (since NFWS already actually) of xt-a,
>>> and I have taken the liberty to start updating it to higher standards.
>>> Please watch that branch, as I don't have any MPEG equipment around me
>>> to do runtime tests.
>>
>> Jan, I would actually like to maintain the source via my own git tree. And I
>> would gladly accept your patches against that tree.
>
> I do not mind who is hosting what parts, as git repos can be
> transferred easily, but I strongly suggest not to decouple xt_mp2t
> from (any clone of) the xtables-addons structure base, because doing
> so would bring you back to square one with regard to maintenance.
>
> I recognize you may dislike splitting up the IPTV codebase, so I
> propose that you make use of submodules, and have an Xt-a clone as
> one submodule. That would allow merging in both directions.
Well, I'm ready to maintain the module my self. I know we talked (during
Netfilter Workshop) about putting the module into the Xtables-addons
git-tree, because the project had stalled.
But things have changed! - I now have some people/developers interested in
the project, thus I'm taking an active maintainer role instead.
My plan is to keep the module "compatible" with the Xtables-addon build
system. Thats why I make my module use your compat_* system from xt-a.
This way you can easier copy the module into you tree, if I fail to
maintain the module...
I have looked at your improvements in the "mp2t" branch of you tree. I'll
integrate those changes/improvement in my tree, and give you the author
credits in my tree.
(ps. this email got delayed on my postponed email outbox, sorry. Have
already had some offlist discussions with Jan)
Cheers,
Jesper Brouer
--
-------------------------------------------------------------------
MSc. Master of Computer Science
Dept. of Computer Science, University of Copenhagen
Author of http://www.adsl-optimizer.dk
-------------------------------------------------------------------
^ permalink raw reply
* Re: sk->sk_socket seems to disappear before connection termination
From: Jan Engelhardt @ 2010-11-10 10:53 UTC (permalink / raw)
To: Eric Dumazet
Cc: David Howells, Netfilter Developer Mailing List, netdev,
Rafał Maj
In-Reply-To: <1289368037.2700.14.camel@edumazet-laptop>
On Wednesday 2010-11-10 06:47, Eric Dumazet wrote:
>Le mercredi 10 novembre 2010 à 02:09 +0100, Jan Engelhardt a écrit :
>> Hi,
>>
>> Rafał reported this to us on IRC, paraphrasing what has been observed:
>>
>> Using a simple rule like `iptables -A OUTPUT -p tcp --dport 80 -j LOG
>> --log-uid`, one can observe on creating a connection and terminating
>> it that the trailing packets have skb->sk->sk_socket == NULL.
>> Is this intended? Is the socket not retained until after TCP has
>> sent out the closing exchange?
>>
>> As I can reproduce:
>>
>> $ telnet 134.76.13.21 80
>> Trying 134.76.13.21...
>> Connected to 134.76.13.21.
>> Escape character is '^]'.
>> ^]
>> telnet> ^D
>> Connection closed.
>>
>> [491419.500978] IN= OUT=tun0 SRC=134.76.2.163 DST=134.76.13.21 LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=35420 DF PROTO=TCP SPT=58613 DPT=80 WINDOW=5488 RES=0x00 SYN URGP=0 UID=25121 GID=100
>> [491419.511533] IN= OUT=tun0 SRC=134.76.2.163 DST=134.76.13.21 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=35421 DF PROTO=TCP SPT=58613 DPT=80 WINDOW=86 RES=0x00 ACK URGP=0 UID=25121 GID=100
>> [491420.052182] IN= OUT=tun0 SRC=134.76.2.163 DST=134.76.13.21 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=35422 DF PROTO=TCP SPT=58613 DPT=80 WINDOW=86 RES=0x00 ACK FIN URGP=0 UID=25121 GID=100
>> [491420.063619] IN= OUT=tun0 SRC=134.76.2.163 DST=134.76.13.21 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=35423 DF PROTO=TCP SPT=58613 DPT=80 WINDOW=86 RES=0x00 ACK URGP=0
>
>Hmmm... skb->sk->sk_socket is really NULL ?
>Are you sure its not skb->sk->sk_socket->file which is NULL ?
I am certain of it, having augmented ipt_LOG/xt_LOGMARK temporarily by
appropriate printks.
>In this case, you might need to use sock_i_uid() / sock_i_ino() as a
>fallback ? (expensive because they take a rwlock)
No, sock_i_uid also uses sk->sk_socket. What is interesting though is
that sock_i_uid uses SOCK_INODE(sk->sk_socket)->i_uid, but xt_owner uses
sk->sk_socket->file->f_cred->fsuid. Would you have an idea as to why
that is?
Dave Howells (cced) did the last change on it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH 0/2] net: Changes in queue allocation and freeing
From: Eric Dumazet @ 2010-11-10 10:41 UTC (permalink / raw)
To: Tom Herbert; +Cc: davem, netdev
In-Reply-To: <alpine.DEB.1.00.1011091240470.18565@pokey.mtv.corp.google.com>
Le mardi 09 novembre 2010 à 12:47 -0800, Tom Herbert a écrit :
> Changes to both RX and TX queue allocation. In both cases allocate
> in alloc_netdev_mq and free in free_netdev. For RX the reference
> couting also changed, the device reference count can now be used.
Oh well :)
Are they preliminary patches so that XPS also dont need the "reference
counts specific to TX queues" ? ;)
^ permalink raw reply
* [PATCH] net: avoid limits overflow
From: Eric Dumazet @ 2010-11-10 9:24 UTC (permalink / raw)
To: Robin Holt
Cc: David Miller, akpm, w, linux-kernel, netdev, kuznet, pekkas,
jmorris, yoshfuji, kaber
In-Reply-To: <20101110061507.GF4330@sgi.com>
Le mercredi 10 novembre 2010 à 00:15 -0600, Robin Holt a écrit :
> On Tue, Oct 05, 2010 at 02:50:55PM -0700, David Miller wrote:
> > From: Eric Dumazet <eric.dumazet@gmail.com>
> > Date: Sat, 02 Oct 2010 15:22:16 +0200
> >
> > > [PATCH] net: avoid limits overflow
> > >
> > > Robin Holt tried to boot a 16TB machine and found some limits were
> > > reached : sysctl_tcp_mem[2], sysctl_udp_mem[2]
> > >
> > > We can switch infrastructure to use long "instead" of "int", now
> > > atomic_long_t primitives are available for free.
> > >
> > > Reported-by: Robin Holt <holt@sgi.com>
> > > Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
> >
> > Eric please resubmit this when the sysctl fix is resolved.
>
> It looks like the sysctl fix is upstream. Has this been resubmitted
> and I missed it?
>
> Robin
I believe it was in Andrew mm tree for a while, and Andrew sent it do
David the 21th of october, I am not sure what happened.
Here it is again for latest linux-2.6 tree, thanks for the headup !
[PATCH] net: avoid limits overflow
Robin Holt tried to boot a 16TB machine and found some limits were
reached : sysctl_tcp_mem[2], sysctl_udp_mem[2]
We can switch infrastructure to use long "instead" of "int", now
atomic_long_t primitives are available for free.
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Reported-by: Robin Holt <holt@sgi.com>
Reviewed-by: Robin Holt <holt@sgi.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
include/net/dn.h | 2 +-
include/net/sock.h | 4 ++--
include/net/tcp.h | 6 +++---
include/net/udp.h | 4 ++--
net/core/sock.c | 14 +++++++-------
net/decnet/af_decnet.c | 2 +-
net/decnet/sysctl_net_decnet.c | 4 ++--
net/ipv4/proc.c | 8 ++++----
net/ipv4/sysctl_net_ipv4.c | 5 ++---
net/ipv4/tcp.c | 4 ++--
net/ipv4/tcp_input.c | 11 +++++++----
net/ipv4/udp.c | 4 ++--
net/sctp/protocol.c | 2 +-
net/sctp/socket.c | 4 ++--
net/sctp/sysctl.c | 4 ++--
15 files changed, 40 insertions(+), 38 deletions(-)
diff --git a/include/net/dn.h b/include/net/dn.h
index e5469f7..a514a3c 100644
--- a/include/net/dn.h
+++ b/include/net/dn.h
@@ -225,7 +225,7 @@ extern int decnet_di_count;
extern int decnet_dr_count;
extern int decnet_no_fc_max_cwnd;
-extern int sysctl_decnet_mem[3];
+extern long sysctl_decnet_mem[3];
extern int sysctl_decnet_wmem[3];
extern int sysctl_decnet_rmem[3];
diff --git a/include/net/sock.h b/include/net/sock.h
index c7a7362..a6338d0 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -762,7 +762,7 @@ struct proto {
/* Memory pressure */
void (*enter_memory_pressure)(struct sock *sk);
- atomic_t *memory_allocated; /* Current allocated memory. */
+ atomic_long_t *memory_allocated; /* Current allocated memory. */
struct percpu_counter *sockets_allocated; /* Current number of sockets. */
/*
* Pressure flag: try to collapse.
@@ -771,7 +771,7 @@ struct proto {
* is strict, actions are advisory and have some latency.
*/
int *memory_pressure;
- int *sysctl_mem;
+ long *sysctl_mem;
int *sysctl_wmem;
int *sysctl_rmem;
int max_header;
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 4fee042..e36c874 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -224,7 +224,7 @@ extern int sysctl_tcp_fack;
extern int sysctl_tcp_reordering;
extern int sysctl_tcp_ecn;
extern int sysctl_tcp_dsack;
-extern int sysctl_tcp_mem[3];
+extern long sysctl_tcp_mem[3];
extern int sysctl_tcp_wmem[3];
extern int sysctl_tcp_rmem[3];
extern int sysctl_tcp_app_win;
@@ -247,7 +247,7 @@ extern int sysctl_tcp_cookie_size;
extern int sysctl_tcp_thin_linear_timeouts;
extern int sysctl_tcp_thin_dupack;
-extern atomic_t tcp_memory_allocated;
+extern atomic_long_t tcp_memory_allocated;
extern struct percpu_counter tcp_sockets_allocated;
extern int tcp_memory_pressure;
@@ -280,7 +280,7 @@ static inline bool tcp_too_many_orphans(struct sock *sk, int shift)
}
if (sk->sk_wmem_queued > SOCK_MIN_SNDBUF &&
- atomic_read(&tcp_memory_allocated) > sysctl_tcp_mem[2])
+ atomic_long_read(&tcp_memory_allocated) > sysctl_tcp_mem[2])
return true;
return false;
}
diff --git a/include/net/udp.h b/include/net/udp.h
index 200b828..bb967dd 100644
--- a/include/net/udp.h
+++ b/include/net/udp.h
@@ -105,10 +105,10 @@ static inline struct udp_hslot *udp_hashslot2(struct udp_table *table,
extern struct proto udp_prot;
-extern atomic_t udp_memory_allocated;
+extern atomic_long_t udp_memory_allocated;
/* sysctl variables for udp */
-extern int sysctl_udp_mem[3];
+extern long sysctl_udp_mem[3];
extern int sysctl_udp_rmem_min;
extern int sysctl_udp_wmem_min;
diff --git a/net/core/sock.c b/net/core/sock.c
index 3eed542..fb60801 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1653,10 +1653,10 @@ int __sk_mem_schedule(struct sock *sk, int size, int kind)
{
struct proto *prot = sk->sk_prot;
int amt = sk_mem_pages(size);
- int allocated;
+ long allocated;
sk->sk_forward_alloc += amt * SK_MEM_QUANTUM;
- allocated = atomic_add_return(amt, prot->memory_allocated);
+ allocated = atomic_long_add_return(amt, prot->memory_allocated);
/* Under limit. */
if (allocated <= prot->sysctl_mem[0]) {
@@ -1714,7 +1714,7 @@ suppress_allocation:
/* Alas. Undo changes. */
sk->sk_forward_alloc -= amt * SK_MEM_QUANTUM;
- atomic_sub(amt, prot->memory_allocated);
+ atomic_long_sub(amt, prot->memory_allocated);
return 0;
}
EXPORT_SYMBOL(__sk_mem_schedule);
@@ -1727,12 +1727,12 @@ void __sk_mem_reclaim(struct sock *sk)
{
struct proto *prot = sk->sk_prot;
- atomic_sub(sk->sk_forward_alloc >> SK_MEM_QUANTUM_SHIFT,
+ atomic_long_sub(sk->sk_forward_alloc >> SK_MEM_QUANTUM_SHIFT,
prot->memory_allocated);
sk->sk_forward_alloc &= SK_MEM_QUANTUM - 1;
if (prot->memory_pressure && *prot->memory_pressure &&
- (atomic_read(prot->memory_allocated) < prot->sysctl_mem[0]))
+ (atomic_long_read(prot->memory_allocated) < prot->sysctl_mem[0]))
*prot->memory_pressure = 0;
}
EXPORT_SYMBOL(__sk_mem_reclaim);
@@ -2452,12 +2452,12 @@ static char proto_method_implemented(const void *method)
static void proto_seq_printf(struct seq_file *seq, struct proto *proto)
{
- seq_printf(seq, "%-9s %4u %6d %6d %-3s %6u %-3s %-10s "
+ seq_printf(seq, "%-9s %4u %6d %6ld %-3s %6u %-3s %-10s "
"%2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c %2c\n",
proto->name,
proto->obj_size,
sock_prot_inuse_get(seq_file_net(seq), proto),
- proto->memory_allocated != NULL ? atomic_read(proto->memory_allocated) : -1,
+ proto->memory_allocated != NULL ? atomic_long_read(proto->memory_allocated) : -1L,
proto->memory_pressure != NULL ? *proto->memory_pressure ? "yes" : "no" : "NI",
proto->max_header,
proto->slab == NULL ? "no" : "yes",
diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c
index d6b93d1..a76b78d 100644
--- a/net/decnet/af_decnet.c
+++ b/net/decnet/af_decnet.c
@@ -155,7 +155,7 @@ static const struct proto_ops dn_proto_ops;
static DEFINE_RWLOCK(dn_hash_lock);
static struct hlist_head dn_sk_hash[DN_SK_HASH_SIZE];
static struct hlist_head dn_wild_sk;
-static atomic_t decnet_memory_allocated;
+static atomic_long_t decnet_memory_allocated;
static int __dn_setsockopt(struct socket *sock, int level, int optname, char __user *optval, unsigned int optlen, int flags);
static int __dn_getsockopt(struct socket *sock, int level, int optname, char __user *optval, int __user *optlen, int flags);
diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c
index be3eb8e..28f8b5e 100644
--- a/net/decnet/sysctl_net_decnet.c
+++ b/net/decnet/sysctl_net_decnet.c
@@ -38,7 +38,7 @@ int decnet_log_martians = 1;
int decnet_no_fc_max_cwnd = NSP_MIN_WINDOW;
/* Reasonable defaults, I hope, based on tcp's defaults */
-int sysctl_decnet_mem[3] = { 768 << 3, 1024 << 3, 1536 << 3 };
+long sysctl_decnet_mem[3] = { 768 << 3, 1024 << 3, 1536 << 3 };
int sysctl_decnet_wmem[3] = { 4 * 1024, 16 * 1024, 128 * 1024 };
int sysctl_decnet_rmem[3] = { 4 * 1024, 87380, 87380 * 2 };
@@ -324,7 +324,7 @@ static ctl_table dn_table[] = {
.data = &sysctl_decnet_mem,
.maxlen = sizeof(sysctl_decnet_mem),
.mode = 0644,
- .proc_handler = proc_dointvec,
+ .proc_handler = proc_doulongvec_minmax
},
{
.procname = "decnet_rmem",
diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c
index 4ae1f20..1b48eb1 100644
--- a/net/ipv4/proc.c
+++ b/net/ipv4/proc.c
@@ -59,13 +59,13 @@ static int sockstat_seq_show(struct seq_file *seq, void *v)
local_bh_enable();
socket_seq_show(seq);
- seq_printf(seq, "TCP: inuse %d orphan %d tw %d alloc %d mem %d\n",
+ seq_printf(seq, "TCP: inuse %d orphan %d tw %d alloc %d mem %ld\n",
sock_prot_inuse_get(net, &tcp_prot), orphans,
tcp_death_row.tw_count, sockets,
- atomic_read(&tcp_memory_allocated));
- seq_printf(seq, "UDP: inuse %d mem %d\n",
+ atomic_long_read(&tcp_memory_allocated));
+ seq_printf(seq, "UDP: inuse %d mem %ld\n",
sock_prot_inuse_get(net, &udp_prot),
- atomic_read(&udp_memory_allocated));
+ atomic_long_read(&udp_memory_allocated));
seq_printf(seq, "UDPLITE: inuse %d\n",
sock_prot_inuse_get(net, &udplite_prot));
seq_printf(seq, "RAW: inuse %d\n",
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index d96c1da..e91911d 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -398,7 +398,7 @@ static struct ctl_table ipv4_table[] = {
.data = &sysctl_tcp_mem,
.maxlen = sizeof(sysctl_tcp_mem),
.mode = 0644,
- .proc_handler = proc_dointvec
+ .proc_handler = proc_doulongvec_minmax
},
{
.procname = "tcp_wmem",
@@ -602,8 +602,7 @@ static struct ctl_table ipv4_table[] = {
.data = &sysctl_udp_mem,
.maxlen = sizeof(sysctl_udp_mem),
.mode = 0644,
- .proc_handler = proc_dointvec_minmax,
- .extra1 = &zero
+ .proc_handler = proc_doulongvec_minmax,
},
{
.procname = "udp_rmem_min",
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 1664a05..245603c 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -282,7 +282,7 @@ int sysctl_tcp_fin_timeout __read_mostly = TCP_FIN_TIMEOUT;
struct percpu_counter tcp_orphan_count;
EXPORT_SYMBOL_GPL(tcp_orphan_count);
-int sysctl_tcp_mem[3] __read_mostly;
+long sysctl_tcp_mem[3] __read_mostly;
int sysctl_tcp_wmem[3] __read_mostly;
int sysctl_tcp_rmem[3] __read_mostly;
@@ -290,7 +290,7 @@ EXPORT_SYMBOL(sysctl_tcp_mem);
EXPORT_SYMBOL(sysctl_tcp_rmem);
EXPORT_SYMBOL(sysctl_tcp_wmem);
-atomic_t tcp_memory_allocated; /* Current allocated memory. */
+atomic_long_t tcp_memory_allocated; /* Current allocated memory. */
EXPORT_SYMBOL(tcp_memory_allocated);
/*
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 3357f69..6d8ab1c 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -259,8 +259,11 @@ static void tcp_fixup_sndbuf(struct sock *sk)
int sndmem = tcp_sk(sk)->rx_opt.mss_clamp + MAX_TCP_HEADER + 16 +
sizeof(struct sk_buff);
- if (sk->sk_sndbuf < 3 * sndmem)
- sk->sk_sndbuf = min(3 * sndmem, sysctl_tcp_wmem[2]);
+ if (sk->sk_sndbuf < 3 * sndmem) {
+ sk->sk_sndbuf = 3 * sndmem;
+ if (sk->sk_sndbuf > sysctl_tcp_wmem[2])
+ sk->sk_sndbuf = sysctl_tcp_wmem[2];
+ }
}
/* 2. Tuning advertised window (window_clamp, rcv_ssthresh)
@@ -396,7 +399,7 @@ static void tcp_clamp_window(struct sock *sk)
if (sk->sk_rcvbuf < sysctl_tcp_rmem[2] &&
!(sk->sk_userlocks & SOCK_RCVBUF_LOCK) &&
!tcp_memory_pressure &&
- atomic_read(&tcp_memory_allocated) < sysctl_tcp_mem[0]) {
+ atomic_long_read(&tcp_memory_allocated) < sysctl_tcp_mem[0]) {
sk->sk_rcvbuf = min(atomic_read(&sk->sk_rmem_alloc),
sysctl_tcp_rmem[2]);
}
@@ -4861,7 +4864,7 @@ static int tcp_should_expand_sndbuf(struct sock *sk)
return 0;
/* If we are under soft global TCP memory pressure, do not expand. */
- if (atomic_read(&tcp_memory_allocated) >= sysctl_tcp_mem[0])
+ if (atomic_long_read(&tcp_memory_allocated) >= sysctl_tcp_mem[0])
return 0;
/* If we filled the congestion window, do not expand. */
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 28cb2d7..5e0a3a5 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -110,7 +110,7 @@
struct udp_table udp_table __read_mostly;
EXPORT_SYMBOL(udp_table);
-int sysctl_udp_mem[3] __read_mostly;
+long sysctl_udp_mem[3] __read_mostly;
EXPORT_SYMBOL(sysctl_udp_mem);
int sysctl_udp_rmem_min __read_mostly;
@@ -119,7 +119,7 @@ EXPORT_SYMBOL(sysctl_udp_rmem_min);
int sysctl_udp_wmem_min __read_mostly;
EXPORT_SYMBOL(sysctl_udp_wmem_min);
-atomic_t udp_memory_allocated;
+atomic_long_t udp_memory_allocated;
EXPORT_SYMBOL(udp_memory_allocated);
#define MAX_UDP_PORTS 65536
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index 1ef29c7..e58f947 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -92,7 +92,7 @@ static struct sctp_af *sctp_af_v6_specific;
struct kmem_cache *sctp_chunk_cachep __read_mostly;
struct kmem_cache *sctp_bucket_cachep __read_mostly;
-int sysctl_sctp_mem[3];
+long sysctl_sctp_mem[3];
int sysctl_sctp_rmem[3];
int sysctl_sctp_wmem[3];
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index e34ca9c..6bd5543 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -111,12 +111,12 @@ static void sctp_sock_migrate(struct sock *, struct sock *,
static char *sctp_hmac_alg = SCTP_COOKIE_HMAC_ALG;
extern struct kmem_cache *sctp_bucket_cachep;
-extern int sysctl_sctp_mem[3];
+extern long sysctl_sctp_mem[3];
extern int sysctl_sctp_rmem[3];
extern int sysctl_sctp_wmem[3];
static int sctp_memory_pressure;
-static atomic_t sctp_memory_allocated;
+static atomic_long_t sctp_memory_allocated;
struct percpu_counter sctp_sockets_allocated;
static void sctp_enter_memory_pressure(struct sock *sk)
diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c
index 832590b..50cb57f 100644
--- a/net/sctp/sysctl.c
+++ b/net/sctp/sysctl.c
@@ -54,7 +54,7 @@ static int sack_timer_max = 500;
static int addr_scope_max = 3; /* check sctp_scope_policy_t in include/net/sctp/constants.h for max entries */
static int rwnd_scale_max = 16;
-extern int sysctl_sctp_mem[3];
+extern long sysctl_sctp_mem[3];
extern int sysctl_sctp_rmem[3];
extern int sysctl_sctp_wmem[3];
@@ -203,7 +203,7 @@ static ctl_table sctp_table[] = {
.data = &sysctl_sctp_mem,
.maxlen = sizeof(sysctl_sctp_mem),
.mode = 0644,
- .proc_handler = proc_dointvec,
+ .proc_handler = proc_doulongvec_minmax
},
{
.procname = "sctp_rmem",
^ permalink raw reply related
* Re: [PATCH v15 00/17] Provide a zero-copy method on KVM virtio-net.
From: xiaohui.xin @ 2010-11-10 9:23 UTC (permalink / raw)
To: netdev, kvm, linux-kernel, mst, mingo, herbert, jdike, davem; +Cc: Xin Xiaohui
In-Reply-To: <20101109.091516.112581012.davem@davemloft.net>
From: Xin Xiaohui <xiaohui.xin@intel.com>
>2) The idea to key off of skb->dev in skb_release_data() is
> fundamentally flawed since many actions can change skb->dev on you,
> which will end up causing a leak of your external data areas.
How about this one? If the destructor_arg is not a good candidate,
then I have to add an apparent field in shinfo.
Thanks
Xiaohui
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 10ba67d..ad4636e 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -199,14 +199,15 @@ struct skb_shared_info {
struct sk_buff *frag_list;
struct skb_shared_hwtstamps hwtstamps;
+ /* Intermediate layers must ensure that destructor_arg
+ * remains valid until skb destructor */
+ void * destructor_arg;
+
/*
* Warning : all fields before dataref are cleared in __alloc_skb()
*/
atomic_t dataref;
- /* Intermediate layers must ensure that destructor_arg
- * remains valid until skb destructor */
- void * destructor_arg;
/* must be last field, see pskb_expand_head() */
skb_frag_t frags[MAX_SKB_FRAGS];
};
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index c83b421..eb040f4 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -343,6 +343,13 @@ static void skb_release_data(struct sk_buff *skb)
if (skb_has_frags(skb))
skb_drop_fraglist(skb);
+ if (skb_shinfo(skb)->destructor_arg) {
+ struct skb_ext_page *ext_page =
+ skb_shinfo(skb)->destructor_arg;
+ if (ext_page->dtor)
+ ext_page->dtor(ext_page);
+ }
+
kfree(skb->head);
}
}
--
1.7.3
^ permalink raw reply related
* Re: Loopback performance from kernel 2.6.12 to 2.6.37
From: Jesper Dangaard Brouer @ 2010-11-10 8:49 UTC (permalink / raw)
To: Xose Vazquez Perez; +Cc: netdev
In-Reply-To: <4CD9BE9C.30003@gmail.com>
On Tue, 2010-11-09 at 22:35 +0100, Xose Vazquez Perez wrote:
> Jesper Dangaard Brouer wrote:
>
> > To fix this I added "-q 0" to netcat. Thus my working commands are:
> >
> > netcat -l -p 9999 >/dev/null &
> > time dd if=/dev/zero bs=1M count=10000 | netcat -q0 127.0.0.1 9999
> >
> > Running this on my "big" 10G testlab system, Dual Xeon 5550 2.67GHz,
> > kernel version 2.6.32-5-amd64 (which I usually don't use)
> > The results are 7.487 sec:
>
> netcat flavor ?
Debian package netcat-traditional
netcat version [v1.10-38]
>From "aptitude show netcat-traditional":
This is the "classic" netcat, written by *Hobbit*. It lacks many
features found in netcat-openbsd.
Didn't know there were that many flavors...
> http://nc110.sourceforge.net/
> http://nmap.org/ncat/
> http://www.dest-unreach.org/socat/
> http://cryptcat.sourceforge.net/
> http://netcat.sourceforge.net/
> http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
--
Med venlig hilsen / Best regards
Jesper Brouer
ComX Networks A/S
Linux Network Kernel Developer
Cand. Scient Datalog / MSc.CS
Author of http://adsl-optimizer.dk
LinkedIn: http://www.linkedin.com/in/brouer
^ permalink raw reply
* Re: [PATCH] Prevent reading uninitialized memory with socket filters
From: Eric Dumazet @ 2010-11-10 7:22 UTC (permalink / raw)
To: David Miller; +Cc: drosenberg, netdev, stable, security
In-Reply-To: <1289368423.2700.17.camel@edumazet-laptop>
Le mercredi 10 novembre 2010 à 06:53 +0100, Eric Dumazet a écrit :
> Le mardi 09 novembre 2010 à 21:28 -0800, David Miller a écrit :
> > From: Dan Rosenberg <drosenberg@vsecurity.com>
> > Date: Tue, 09 Nov 2010 17:28:44 -0500
> >
> > > The "mem" array used as scratch space for socket filters is not
> > > initialized, allowing unprivileged users to leak kernel stack bytes.
> > >
> > > Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
> >
> > Prove it.
>
> And once done, add the checks in sk_chk_filter() ?
>
> Allow a load of mem[X] only if a prior store of mem[X] is proven.
>
>
This seems complex, and might fail on some valid filters.
What about the following patch then ?
[PATCH] filter: make sure filters dont read uninitialized memory
There is a possibility malicious users can get limited information about
uninitialized stack mem array. Even if sk_run_filter() result is bound
to packet length (0 .. 65535), we could imagine this can be used by
hostile user.
Initializing mem[] array, like Dan Rosenberg suggested in his patch is
expensive since most filters dont even use this array.
Its hard to make the filter validation in sk_chk_filter(), because of
the jumps. This might be done later.
In this patch, I use a bitmap (a single long var) so that only filters
using mem[] loads/stores pay the price of added security checks.
For other filters, additional cost is a single instruction.
Reported-by: Dan Rosenberg <drosenberg@vsecurity.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
---
net/core/filter.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/net/core/filter.c b/net/core/filter.c
index 7beaec3..4d84dc2 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -117,10 +117,12 @@ unsigned int sk_run_filter(struct sk_buff *skb, struct sock_filter *filter, int
u32 A = 0; /* Accumulator */
u32 X = 0; /* Index Register */
u32 mem[BPF_MEMWORDS]; /* Scratch Memory Store */
+ unsigned long memvalid = 0;
u32 tmp;
int k;
int pc;
+ BUILD_BUG_ON(BPF_MEMWORDS > BITS_PER_LONG);
/*
* Process array of filter instructions.
*/
@@ -264,10 +266,12 @@ load_b:
X = fentry->k;
continue;
case BPF_S_LD_MEM:
- A = mem[fentry->k];
+ A = (memvalid & (1UL << fentry->k)) ?
+ mem[fentry->k] : 0;
continue;
case BPF_S_LDX_MEM:
- X = mem[fentry->k];
+ X = (memvalid & (1UL << fentry->k)) ?
+ mem[fentry->k] : 0;
continue;
case BPF_S_MISC_TAX:
X = A;
@@ -280,9 +284,11 @@ load_b:
case BPF_S_RET_A:
return A;
case BPF_S_ST:
+ memvalid |= 1UL << fentry->k;
mem[fentry->k] = A;
continue;
case BPF_S_STX:
+ memvalid |= 1UL << fentry->k;
mem[fentry->k] = X;
continue;
default:
^ permalink raw reply related
* Re: [PATCH net-2.6 1/3] vlan: Add function to retrieve EtherType from vlan packets.
From: Jesse Gross @ 2010-11-10 7:18 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: David Miller, netdev, Hao Zheng
In-Reply-To: <20101109215412.38412cff@nehalam>
On Tue, Nov 9, 2010 at 9:54 PM, Stephen Hemminger <shemminger@vyatta.com> wrote:
> On Tue, 9 Nov 2010 17:09:02 -0800
> Jesse Gross <jesse@nicira.com> wrote:
>
>> From: Hao Zheng <hzheng@nicira.com>
>>
>> Depending on how a packet is vlan tagged (i.e. hardware accelerated or
>> not), the encapsulated protocol is stored in different locations. This
>> provides a consistent method of accessing that protocol, which is needed
>> by drivers, security checks, etc.
>>
>> Signed-off-by: Hao Zheng <hzheng@nicira.com>
>> Signed-off-by: Jesse Gross <jesse@nicira.com>
>> ---
>> include/linux/if_vlan.h | 20 ++++++++++++++++++++
>> 1 files changed, 20 insertions(+), 0 deletions(-)
>>
>> diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h
>> index c2f3a72..ee06c52 100644
>> --- a/include/linux/if_vlan.h
>> +++ b/include/linux/if_vlan.h
>> @@ -339,6 +339,26 @@ static inline int vlan_get_tag(const struct sk_buff *skb, u16 *vlan_tci)
>> }
>> }
>>
>> +/**
>> + * vlan_get_protocol - get protocol EtherType.
>> + * @skb: skbuff to query
>> + *
>> + * Returns the EtherType of the packet, regardless of whether it is
>> + * vlan encapsulated (normal or hardware accelerated) or not.
>> + */
>> +static inline __be16 vlan_get_protocol(struct sk_buff *skb)
>> +{
>> + __be16 protocol = 0;
>> +
>> + if (vlan_tx_tag_present(skb) ||
>> + skb->protocol != cpu_to_be16(ETH_P_8021Q))
>> + protocol = skb->protocol;
>> + else if (likely(pskb_may_pull(skb, VLAN_ETH_HLEN)))
>> + protocol = ((const struct vlan_ethhdr *)skb->data)->
>> + h_vlan_encapsulated_proto;
>> +
>> + return protocol;
>> +}
>
> This this calls pskb_may_pull, which modifies the skb data
> offsets and therefore could invalidate any callers pointers
> to ip header or other fields.
> Therefore you will need to audit all callers of this function!
That's a good point. I switched it to use skb_header_pointer()
instead, which is probably more efficient anyways and avoids the
potential for a problem.
>
> Also, your code doesn't handle the case of too small a frame (VLAN header only).
The goal is to get equivalence to checking skb->protocol, except to
handle vlan accelerated vs non-accelerated consistently. In this
case, the caller would need to check the length of the protocol header
as appropriate. If the packet claims to be a vlan frame and the
length is less than the size of a vlan header then we'll return 0,
which should be sufficient to avoid any protocol processing.
Thanks.
^ permalink raw reply
* Re: [PATCH] Fix CAN info leak/minor heap overflow
From: Oliver Hartkopp @ 2010-11-10 6:52 UTC (permalink / raw)
To: David Miller; +Cc: urs, netdev, drosenberg, security, torvalds
In-Reply-To: <20101109.090523.189685701.davem@davemloft.net>
On 09.11.2010 18:05, David Miller wrote:
> From: Oliver Hartkopp <socketcan@hartkopp.net>
> Date: Tue, 09 Nov 2010 08:52:21 +0100
>
>> Once this patch is applied (and the procfs layout is changed anyway), i'd also
>> like to send a patch from my backlog that would extend the procfs output for
>> can-bcm with an additional drop counter.
>
> I find this kind of discussion extremely disappointing.
>
> All of this stuff you CAN guys do with procfs files and version
> strings is completely wrong and bogus.
>
> Once you create a procfs file layout, you're basically stuck and you
> can at best only reasonably add new fields at the end, you can't
> really change existing fields.
>
> And sysfs would have been a lot more appropriate, you could use
> attributes for each value you want to export and then just add new
> sysfs attributes when you want to export new values which has very
> clear semantics and backwards compatability implications.
I admit that from my todays knowledge i would have done things differently.
But the network layer information bits have been always exposed in /proc/net
as it was in 2003 when we started the implementation on a 2.4.x kernel.
There are netdriver infos in sysfs but no netlayer entries.
>From my point of view the only thing could be to improve the current
situation, which the posted patch does:
- remove kernel addresses that were only relevant at implementation time
- allow AF_CAN protocols to provide their own information due to their needs
- provide inode numbers that can be found in procfs at several places
=> improvements for developers in userspace & kernelspace
The patch has been discussed on SocketCAN ML and the filter entries have not
been identified as a problem for userspace tools. E.g. /proc/net/can/stats is
one of the entries that's used by userspace tools.
IMHO the patch improves the historic situation and fixes the useless leakage
of kernel addresses. Please consider to apply that procfs changes.
Best regards,
Oliver
^ permalink raw reply
* Re: [Patch] Limit sysctl_tcp_mem and sysctl_udp_mem initializers to prevent integer overflows.
From: Robin Holt @ 2010-11-10 6:15 UTC (permalink / raw)
To: eric.dumazet
Cc: David Miller, holt, akpm, w, linux-kernel, netdev, kuznet, pekkas,
jmorris, yoshfuji, kaber
In-Reply-To: <20101005.145055.63017205.davem@davemloft.net>
On Tue, Oct 05, 2010 at 02:50:55PM -0700, David Miller wrote:
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Sat, 02 Oct 2010 15:22:16 +0200
>
> > [PATCH] net: avoid limits overflow
> >
> > Robin Holt tried to boot a 16TB machine and found some limits were
> > reached : sysctl_tcp_mem[2], sysctl_udp_mem[2]
> >
> > We can switch infrastructure to use long "instead" of "int", now
> > atomic_long_t primitives are available for free.
> >
> > Reported-by: Robin Holt <holt@sgi.com>
> > Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
>
> Eric please resubmit this when the sysctl fix is resolved.
It looks like the sysctl fix is upstream. Has this been resubmitted
and I missed it?
Robin
^ permalink raw reply
* Re: warnings in 2.6.37-rc1+
From: Eric Dumazet @ 2010-11-10 5:59 UTC (permalink / raw)
To: Norbert Preining; +Cc: linux-kernel, netdev
In-Reply-To: <20101110054948.GA16612@gamma.logic.tuwien.ac.at>
Le mercredi 10 novembre 2010 à 14:49 +0900, Norbert Preining a écrit :
> Hi all
>
> (please keep in Cc, thanks)
>
> [ 1592.320059] ------------[ cut here ]------------
> [ 1592.320077] WARNING: at net/ipv4/devinet.c:137 in_dev_finish_destroy+0x3d/0x6e()
> [ 1592.320083] Hardware name: VGN-Z11VN_B
> [ 1592.320088] Modules linked in: vboxnetadp vboxnetflt sco bnep rfcomm l2cap crc16 binfmt_misc dm_crypt dm_mod isofs btrfs zlib_deflate crc32c libcrc32c vfat fat hso fuse vboxdrv loop uinput snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi arc4 snd_rawmidi snd_seq_midi_event snd_seq iwlagn iwlcore mac80211 snd_timer btusb firewire_ohci firewire_core bluetooth snd_seq_device tpm_infineon sony_laptop snd soundcore crc_itu_t cfg80211 rfkill joydev snd_page_alloc
> [ 1592.320207] Pid: 0, comm: kworker/0:0 Tainted: P W 2.6.37-rc1+ #3
> [ 1592.320213] Call Trace:
> [ 1592.320218] <IRQ> [<ffffffff81035075>] warn_slowpath_common+0x80/0x98
> [ 1592.320236] [<ffffffff810350a2>] warn_slowpath_null+0x15/0x17
> [ 1592.320245] [<ffffffff81352ede>] in_dev_finish_destroy+0x3d/0x6e
> [ 1592.320257] [<ffffffff8132b5f7>] ipv4_dst_destroy+0x53/0x58
> [ 1592.320266] [<ffffffff81314c26>] dst_destroy+0x78/0xd6
> [ 1592.320275] [<ffffffff8132b340>] dst_free+0x1a/0x29
> [ 1592.320283] [<ffffffff8132b358>] dst_rcu_free+0x9/0xb
> [ 1592.320292] [<ffffffff8107b5fd>] __rcu_process_callbacks+0x173/0x265
> [ 1592.320301] [<ffffffff8107b72e>] rcu_process_callbacks+0x3f/0x60
> [ 1592.320310] [<ffffffff81039e1c>] __do_softirq+0x8f/0x140
> [ 1592.320322] [<ffffffff810563fa>] ? tick_program_event+0x21/0x23
> [ 1592.320331] [<ffffffff8100304c>] call_softirq+0x1c/0x28
> [ 1592.320339] [<ffffffff81004c23>] do_softirq+0x33/0x68
> [ 1592.320347] [<ffffffff8103a036>] irq_exit+0x36/0x8b
> [ 1592.320358] [<ffffffff81019699>] smp_apic_timer_interrupt+0x88/0x96
> [ 1592.320366] [<ffffffff81002b13>] apic_timer_interrupt+0x13/0x20
> [ 1592.320371] <EOI> [<ffffffff811ae0ef>] ? acpi_idle_enter_simple+0xc8/0xfa
> [ 1592.320389] [<ffffffff811ae0ea>] ? acpi_idle_enter_simple+0xc3/0xfa
> [ 1592.320401] [<ffffffff812e053c>] cpuidle_idle_call+0x9e/0xd6
> [ 1592.320408] [<ffffffff81001484>] cpu_idle+0x56/0x9c
> [ 1592.320418] [<ffffffff813816c8>] start_secondary+0x199/0x19d
> [ 1592.320426] ---[ end trace 5f7d0c35de1972f1 ]---
>
> followed by a strange message:
> [ 1592.320431] Freeing alive in_device ffff88013e49b200
>
> happened several times, starting after a wake up from suspend to ram.
>
> Best wishes
Should be solved by a patch David will send to Linus in next round.
http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=18943d292facbc70e6a36fc62399ae833f64671b
Thanks
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox