* [PATCH 20/25] netfilter: xt_recent: add address masking option
From: pablo @ 2012-06-11 14:43 UTC (permalink / raw)
To: netfilter-devel; +Cc: davem, netdev
In-Reply-To: <1339425841-24171-1-git-send-email-pablo@netfilter.org>
From: Denys Fedoryshchenko <denys@visp.net.lb>
The mask option allows you put all address belonging that mask into
the same recent slot. This can be useful in case that recent is used
to detect attacks from the same network segment.
Tested for backward compatibility.
Signed-off-by: Denys Fedoryshchenko <denys@visp.net.lb>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
Documentation/feature-removal-schedule.txt | 7 ++++
include/linux/netfilter.h | 10 +++++
include/linux/netfilter/xt_recent.h | 10 +++++
net/netfilter/xt_recent.c | 62 ++++++++++++++++++++++++----
4 files changed, 80 insertions(+), 9 deletions(-)
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt
index 24ac00f..bc4b9c6 100644
--- a/Documentation/feature-removal-schedule.txt
+++ b/Documentation/feature-removal-schedule.txt
@@ -574,6 +574,13 @@ Why: Remount currently allows changing bound subsystems and
----------------------------
+What: xt_recent rev 0
+When: 2013
+Who: Pablo Neira Ayuso <pablo@netfilter.org>
+Files: net/netfilter/xt_recent.c
+
+----------------------------
+
What: KVM debugfs statistics
When: 2013
Why: KVM tracepoints provide mostly equivalent information in a much more
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index ff9c84c..4541f33 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -94,6 +94,16 @@ static inline int nf_inet_addr_cmp(const union nf_inet_addr *a1,
a1->all[3] == a2->all[3];
}
+static inline void nf_inet_addr_mask(const union nf_inet_addr *a1,
+ union nf_inet_addr *result,
+ const union nf_inet_addr *mask)
+{
+ result->all[0] = a1->all[0] & mask->all[0];
+ result->all[1] = a1->all[1] & mask->all[1];
+ result->all[2] = a1->all[2] & mask->all[2];
+ result->all[3] = a1->all[3] & mask->all[3];
+}
+
extern void netfilter_init(void);
/* Largest hook number + 1 */
diff --git a/include/linux/netfilter/xt_recent.h b/include/linux/netfilter/xt_recent.h
index 83318e0..6ef36c1 100644
--- a/include/linux/netfilter/xt_recent.h
+++ b/include/linux/netfilter/xt_recent.h
@@ -32,4 +32,14 @@ struct xt_recent_mtinfo {
__u8 side;
};
+struct xt_recent_mtinfo_v1 {
+ __u32 seconds;
+ __u32 hit_count;
+ __u8 check_set;
+ __u8 invert;
+ char name[XT_RECENT_NAME_LEN];
+ __u8 side;
+ union nf_inet_addr mask;
+};
+
#endif /* _LINUX_NETFILTER_XT_RECENT_H */
diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index fc0d6db..ae2ad1e 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -75,6 +75,7 @@ struct recent_entry {
struct recent_table {
struct list_head list;
char name[XT_RECENT_NAME_LEN];
+ union nf_inet_addr mask;
unsigned int refcnt;
unsigned int entries;
struct list_head lru_list;
@@ -228,10 +229,10 @@ recent_mt(const struct sk_buff *skb, struct xt_action_param *par)
{
struct net *net = dev_net(par->in ? par->in : par->out);
struct recent_net *recent_net = recent_pernet(net);
- const struct xt_recent_mtinfo *info = par->matchinfo;
+ const struct xt_recent_mtinfo_v1 *info = par->matchinfo;
struct recent_table *t;
struct recent_entry *e;
- union nf_inet_addr addr = {};
+ union nf_inet_addr addr = {}, addr_mask;
u_int8_t ttl;
bool ret = info->invert;
@@ -261,12 +262,15 @@ recent_mt(const struct sk_buff *skb, struct xt_action_param *par)
spin_lock_bh(&recent_lock);
t = recent_table_lookup(recent_net, info->name);
- e = recent_entry_lookup(t, &addr, par->family,
+
+ nf_inet_addr_mask(&addr, &addr_mask, &t->mask);
+
+ e = recent_entry_lookup(t, &addr_mask, par->family,
(info->check_set & XT_RECENT_TTL) ? ttl : 0);
if (e == NULL) {
if (!(info->check_set & XT_RECENT_SET))
goto out;
- e = recent_entry_init(t, &addr, par->family, ttl);
+ e = recent_entry_init(t, &addr_mask, par->family, ttl);
if (e == NULL)
par->hotdrop = true;
ret = !ret;
@@ -306,10 +310,10 @@ out:
return ret;
}
-static int recent_mt_check(const struct xt_mtchk_param *par)
+static int recent_mt_check(const struct xt_mtchk_param *par,
+ const struct xt_recent_mtinfo_v1 *info)
{
struct recent_net *recent_net = recent_pernet(par->net);
- const struct xt_recent_mtinfo *info = par->matchinfo;
struct recent_table *t;
#ifdef CONFIG_PROC_FS
struct proc_dir_entry *pde;
@@ -361,6 +365,8 @@ static int recent_mt_check(const struct xt_mtchk_param *par)
goto out;
}
t->refcnt = 1;
+
+ memcpy(&t->mask, &info->mask, sizeof(t->mask));
strcpy(t->name, info->name);
INIT_LIST_HEAD(&t->lru_list);
for (i = 0; i < ip_list_hash_size; i++)
@@ -385,10 +391,28 @@ out:
return ret;
}
+static int recent_mt_check_v0(const struct xt_mtchk_param *par)
+{
+ const struct xt_recent_mtinfo_v0 *info_v0 = par->matchinfo;
+ struct xt_recent_mtinfo_v1 info_v1;
+
+ /* Copy revision 0 structure to revision 1 */
+ memcpy(&info_v1, info_v0, sizeof(struct xt_recent_mtinfo));
+ /* Set default mask to ensure backward compatible behaviour */
+ memset(info_v1.mask.all, 0xFF, sizeof(info_v1.mask.all));
+
+ return recent_mt_check(par, &info_v1);
+}
+
+static int recent_mt_check_v1(const struct xt_mtchk_param *par)
+{
+ return recent_mt_check(par, par->matchinfo);
+}
+
static void recent_mt_destroy(const struct xt_mtdtor_param *par)
{
struct recent_net *recent_net = recent_pernet(par->net);
- const struct xt_recent_mtinfo *info = par->matchinfo;
+ const struct xt_recent_mtinfo_v1 *info = par->matchinfo;
struct recent_table *t;
mutex_lock(&recent_mutex);
@@ -625,7 +649,7 @@ static struct xt_match recent_mt_reg[] __read_mostly = {
.family = NFPROTO_IPV4,
.match = recent_mt,
.matchsize = sizeof(struct xt_recent_mtinfo),
- .checkentry = recent_mt_check,
+ .checkentry = recent_mt_check_v0,
.destroy = recent_mt_destroy,
.me = THIS_MODULE,
},
@@ -635,10 +659,30 @@ static struct xt_match recent_mt_reg[] __read_mostly = {
.family = NFPROTO_IPV6,
.match = recent_mt,
.matchsize = sizeof(struct xt_recent_mtinfo),
- .checkentry = recent_mt_check,
+ .checkentry = recent_mt_check_v0,
+ .destroy = recent_mt_destroy,
+ .me = THIS_MODULE,
+ },
+ {
+ .name = "recent",
+ .revision = 1,
+ .family = NFPROTO_IPV4,
+ .match = recent_mt,
+ .matchsize = sizeof(struct xt_recent_mtinfo_v1),
+ .checkentry = recent_mt_check_v1,
.destroy = recent_mt_destroy,
.me = THIS_MODULE,
},
+ {
+ .name = "recent",
+ .revision = 1,
+ .family = NFPROTO_IPV6,
+ .match = recent_mt,
+ .matchsize = sizeof(struct xt_recent_mtinfo_v1),
+ .checkentry = recent_mt_check_v1,
+ .destroy = recent_mt_destroy,
+ .me = THIS_MODULE,
+ }
};
static int __init recent_mt_init(void)
--
1.7.10
^ permalink raw reply related
* [PATCH 13/25] netfilter: nf_ct_sctp: add namespace support
From: pablo @ 2012-06-11 14:43 UTC (permalink / raw)
To: netfilter-devel; +Cc: davem, netdev
In-Reply-To: <1339425841-24171-1-git-send-email-pablo@netfilter.org>
From: Gao feng <gaofeng@cn.fujitsu.com>
This patch adds namespace support for SCTP protocol tracker.
Acked-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nf_conntrack_proto_sctp.c | 175 ++++++++++++++++++++++++++-----
1 file changed, 146 insertions(+), 29 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 97bbc20..9e5738d 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -127,6 +127,17 @@ static const u8 sctp_conntracks[2][9][SCTP_CONNTRACK_MAX] = {
}
};
+static int sctp_net_id __read_mostly;
+struct sctp_net {
+ struct nf_proto_net pn;
+ unsigned int timeouts[SCTP_CONNTRACK_MAX];
+};
+
+static inline struct sctp_net *sctp_pernet(struct net *net)
+{
+ return net_generic(net, sctp_net_id);
+}
+
static bool sctp_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff,
struct nf_conntrack_tuple *tuple)
{
@@ -281,7 +292,7 @@ static int sctp_new_state(enum ip_conntrack_dir dir,
static unsigned int *sctp_get_timeouts(struct net *net)
{
- return sctp_timeouts;
+ return sctp_pernet(net)->timeouts;
}
/* Returns verdict for packet, or -NF_ACCEPT for invalid. */
@@ -604,49 +615,42 @@ static struct ctl_table_header *sctp_sysctl_header;
static struct ctl_table sctp_sysctl_table[] = {
{
.procname = "nf_conntrack_sctp_timeout_closed",
- .data = &sctp_timeouts[SCTP_CONNTRACK_CLOSED],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "nf_conntrack_sctp_timeout_cookie_wait",
- .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_WAIT],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "nf_conntrack_sctp_timeout_cookie_echoed",
- .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_ECHOED],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "nf_conntrack_sctp_timeout_established",
- .data = &sctp_timeouts[SCTP_CONNTRACK_ESTABLISHED],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "nf_conntrack_sctp_timeout_shutdown_sent",
- .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_SENT],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "nf_conntrack_sctp_timeout_shutdown_recd",
- .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_RECD],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "nf_conntrack_sctp_timeout_shutdown_ack_sent",
- .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_ACK_SENT],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
@@ -658,49 +662,42 @@ static struct ctl_table sctp_sysctl_table[] = {
static struct ctl_table sctp_compat_sysctl_table[] = {
{
.procname = "ip_conntrack_sctp_timeout_closed",
- .data = &sctp_timeouts[SCTP_CONNTRACK_CLOSED],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "ip_conntrack_sctp_timeout_cookie_wait",
- .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_WAIT],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "ip_conntrack_sctp_timeout_cookie_echoed",
- .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_ECHOED],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "ip_conntrack_sctp_timeout_established",
- .data = &sctp_timeouts[SCTP_CONNTRACK_ESTABLISHED],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "ip_conntrack_sctp_timeout_shutdown_sent",
- .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_SENT],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "ip_conntrack_sctp_timeout_shutdown_recd",
- .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_RECD],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
},
{
.procname = "ip_conntrack_sctp_timeout_shutdown_ack_sent",
- .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_ACK_SENT],
.maxlen = sizeof(unsigned int),
.mode = 0644,
.proc_handler = proc_dointvec_jiffies,
@@ -710,6 +707,101 @@ static struct ctl_table sctp_compat_sysctl_table[] = {
#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
#endif
+static void sctp_init_net_data(struct sctp_net *sn)
+{
+ int i;
+#ifdef CONFIG_SYSCTL
+ if (!sn->pn.ctl_table) {
+#else
+ if (!sn->pn.users++) {
+#endif
+ for (i = 0; i < SCTP_CONNTRACK_MAX; i++)
+ sn->timeouts[i] = sctp_timeouts[i];
+ }
+}
+
+static int sctp_kmemdup_sysctl_table(struct nf_proto_net *pn)
+{
+#ifdef CONFIG_SYSCTL
+ struct sctp_net *sn = (struct sctp_net *)pn;
+ if (pn->ctl_table)
+ return 0;
+
+ pn->ctl_table = kmemdup(sctp_sysctl_table,
+ sizeof(sctp_sysctl_table),
+ GFP_KERNEL);
+ if (!pn->ctl_table)
+ return -ENOMEM;
+
+ pn->ctl_table[0].data = &sn->timeouts[SCTP_CONNTRACK_CLOSED];
+ pn->ctl_table[1].data = &sn->timeouts[SCTP_CONNTRACK_COOKIE_WAIT];
+ pn->ctl_table[2].data = &sn->timeouts[SCTP_CONNTRACK_COOKIE_ECHOED];
+ pn->ctl_table[3].data = &sn->timeouts[SCTP_CONNTRACK_ESTABLISHED];
+ pn->ctl_table[4].data = &sn->timeouts[SCTP_CONNTRACK_SHUTDOWN_SENT];
+ pn->ctl_table[5].data = &sn->timeouts[SCTP_CONNTRACK_SHUTDOWN_RECD];
+ pn->ctl_table[6].data = &sn->timeouts[SCTP_CONNTRACK_SHUTDOWN_ACK_SENT];
+#endif
+ return 0;
+}
+
+static int sctp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
+{
+#ifdef CONFIG_SYSCTL
+#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
+ struct sctp_net *sn = (struct sctp_net *)pn;
+ pn->ctl_compat_table = kmemdup(sctp_compat_sysctl_table,
+ sizeof(sctp_compat_sysctl_table),
+ GFP_KERNEL);
+ if (!pn->ctl_compat_table)
+ return -ENOMEM;
+
+ pn->ctl_compat_table[0].data = &sn->timeouts[SCTP_CONNTRACK_CLOSED];
+ pn->ctl_compat_table[1].data = &sn->timeouts[SCTP_CONNTRACK_COOKIE_WAIT];
+ pn->ctl_compat_table[2].data = &sn->timeouts[SCTP_CONNTRACK_COOKIE_ECHOED];
+ pn->ctl_compat_table[3].data = &sn->timeouts[SCTP_CONNTRACK_ESTABLISHED];
+ pn->ctl_compat_table[4].data = &sn->timeouts[SCTP_CONNTRACK_SHUTDOWN_SENT];
+ pn->ctl_compat_table[5].data = &sn->timeouts[SCTP_CONNTRACK_SHUTDOWN_RECD];
+ pn->ctl_compat_table[6].data = &sn->timeouts[SCTP_CONNTRACK_SHUTDOWN_ACK_SENT];
+#endif
+#endif
+ return 0;
+}
+
+static int sctpv4_init_net(struct net *net)
+{
+ int ret;
+ struct sctp_net *sn = sctp_pernet(net);
+ struct nf_proto_net *pn = (struct nf_proto_net *)sn;
+
+ sctp_init_net_data(sn);
+
+ ret = sctp_kmemdup_compat_sysctl_table(pn);
+ if (ret < 0)
+ return ret;
+
+ ret = sctp_kmemdup_sysctl_table(pn);
+
+#ifdef CONFIG_SYSCTL
+#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
+ if (ret < 0) {
+
+ kfree(pn->ctl_compat_table);
+ pn->ctl_compat_table = NULL;
+ }
+#endif
+#endif
+ return ret;
+}
+
+static int sctpv6_init_net(struct net *net)
+{
+ struct sctp_net *sn = sctp_pernet(net);
+ struct nf_proto_net *pn = (struct nf_proto_net *)sn;
+
+ sctp_init_net_data(sn);
+ return sctp_kmemdup_sysctl_table(pn);
+}
+
static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
.l3proto = PF_INET,
.l4proto = IPPROTO_SCTP,
@@ -748,6 +840,8 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
.ctl_compat_table = sctp_compat_sysctl_table,
#endif
#endif
+ .net_id = &sctp_net_id,
+ .init_net = sctpv4_init_net,
};
static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
@@ -785,35 +879,58 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
.ctl_table_header = &sctp_sysctl_header,
.ctl_table = sctp_sysctl_table,
#endif
+ .net_id = &sctp_net_id,
+ .init_net = sctpv6_init_net,
};
-static int __init nf_conntrack_proto_sctp_init(void)
+static int sctp_net_init(struct net *net)
{
- int ret;
+ int ret = 0;
- ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_sctp4);
- if (ret) {
- pr_err("nf_conntrack_l4proto_sctp4: protocol register failed\n");
+ ret = nf_conntrack_l4proto_register(net,
+ &nf_conntrack_l4proto_sctp4);
+ if (ret < 0) {
+ pr_err("nf_conntrack_l4proto_sctp4 :protocol register failed.\n");
goto out;
}
- ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_sctp6);
- if (ret) {
- pr_err("nf_conntrack_l4proto_sctp6: protocol register failed\n");
+ ret = nf_conntrack_l4proto_register(net,
+ &nf_conntrack_l4proto_sctp6);
+ if (ret < 0) {
+ pr_err("nf_conntrack_l4proto_sctp6 :protocol register failed.\n");
goto cleanup_sctp4;
}
+ return 0;
+cleanup_sctp4:
+ nf_conntrack_l4proto_unregister(net,
+ &nf_conntrack_l4proto_sctp4);
+out:
return ret;
+}
- cleanup_sctp4:
- nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_sctp4);
- out:
- return ret;
+static void sctp_net_exit(struct net *net)
+{
+ nf_conntrack_l4proto_unregister(net,
+ &nf_conntrack_l4proto_sctp6);
+ nf_conntrack_l4proto_unregister(net,
+ &nf_conntrack_l4proto_sctp4);
+}
+
+static struct pernet_operations sctp_net_ops = {
+ .init = sctp_net_init,
+ .exit = sctp_net_exit,
+ .id = &sctp_net_id,
+ .size = sizeof(struct sctp_net),
+};
+
+static int __init nf_conntrack_proto_sctp_init(void)
+{
+ return register_pernet_subsys(&sctp_net_ops);
}
static void __exit nf_conntrack_proto_sctp_fini(void)
{
- nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_sctp6);
- nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_sctp4);
+ unregister_pernet_subsys(&sctp_net_ops);
}
module_init(nf_conntrack_proto_sctp_init);
--
1.7.10
^ permalink raw reply related
* [PATCH 25/25] netfilter: selinux: switch hook PFs to nfproto
From: pablo @ 2012-06-11 14:44 UTC (permalink / raw)
To: netfilter-devel; +Cc: davem, netdev
In-Reply-To: <1339425841-24171-1-git-send-email-pablo@netfilter.org>
From: Alban Crequy <alban.crequy@collabora.co.uk>
This patch is a cleanup. Use NFPROTO_* for consistency with other
netfilter code.
Signed-off-by: Alban Crequy <alban.crequy@collabora.co.uk>
Reviewed-by: Javier Martinez Canillas <javier.martinez@collabora.co.uk>
Reviewed-by: Vincent Sanders <vincent.sanders@collabora.co.uk>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
security/selinux/hooks.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 372ec65..4ee6f23 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -5763,21 +5763,21 @@ static struct nf_hook_ops selinux_ipv4_ops[] = {
{
.hook = selinux_ipv4_postroute,
.owner = THIS_MODULE,
- .pf = PF_INET,
+ .pf = NFPROTO_IPV4,
.hooknum = NF_INET_POST_ROUTING,
.priority = NF_IP_PRI_SELINUX_LAST,
},
{
.hook = selinux_ipv4_forward,
.owner = THIS_MODULE,
- .pf = PF_INET,
+ .pf = NFPROTO_IPV4,
.hooknum = NF_INET_FORWARD,
.priority = NF_IP_PRI_SELINUX_FIRST,
},
{
.hook = selinux_ipv4_output,
.owner = THIS_MODULE,
- .pf = PF_INET,
+ .pf = NFPROTO_IPV4,
.hooknum = NF_INET_LOCAL_OUT,
.priority = NF_IP_PRI_SELINUX_FIRST,
}
@@ -5789,14 +5789,14 @@ static struct nf_hook_ops selinux_ipv6_ops[] = {
{
.hook = selinux_ipv6_postroute,
.owner = THIS_MODULE,
- .pf = PF_INET6,
+ .pf = NFPROTO_IPV6,
.hooknum = NF_INET_POST_ROUTING,
.priority = NF_IP6_PRI_SELINUX_LAST,
},
{
.hook = selinux_ipv6_forward,
.owner = THIS_MODULE,
- .pf = PF_INET6,
+ .pf = NFPROTO_IPV6,
.hooknum = NF_INET_FORWARD,
.priority = NF_IP6_PRI_SELINUX_FIRST,
}
--
1.7.10
^ permalink raw reply related
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Sasha Levin @ 2012-06-11 14:50 UTC (permalink / raw)
To: Eric Dumazet
Cc: Samuel Ortiz, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <1339425693.6001.2268.camel@edumazet-glaptop>
On Mon, 2012-06-11 at 16:41 +0200, Eric Dumazet wrote:
> On Mon, 2012-06-11 at 16:41 +0200, Samuel Ortiz wrote:
> > Hi Sasha,
> >
> > On Mon, Jun 11, 2012 at 04:00:41PM +0200, Sasha Levin wrote:
> > > Hi all,
> > >
> > > I've stumbled on the following while fuzzing with trinity inside a KVM tools guest, running on 3.5-rc2:
> > >
> > Thanks for the report, it could be worth adding this one to
> > bugzilla.kernel.org.
> >
> > What's trinity ?
> > Also, if this one is reproducible, would you mind sharing some details about
> > how we could reproduce it ?
>
> Well, bugfix should be trivial enough ;)
>
> diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c
> index ec1134c..208416e 100644
> --- a/net/nfc/rawsock.c
> +++ b/net/nfc/rawsock.c
> @@ -54,11 +54,12 @@ static int rawsock_release(struct socket *sock)
> {
> struct sock *sk = sock->sk;
>
> - pr_debug("sock=%p\n", sock);
> -
> - sock_orphan(sk);
> - sock_put(sk);
> + pr_debug("sock=%p sk=%p\n", sock, sk);
>
> + if (sk) {
> + sock_orphan(sk);
> + sock_put(sk);
> + }
> return 0;
> }
Eric, Is there something that documents at what state each of the
callbacks in the network subsystem can be called? Like a big flow chart
of some sorts?
I'm asking because I've looked at this as well before sending this mail,
and while the fix does look trivial, I wasn't sure whether it is really
the correct fix, or the problem is that this callback wasn't supposed be
called at all so something else is broken (we had such issue with
namespaces and unshare() not long ago).
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Samuel Ortiz @ 2012-06-11 14:57 UTC (permalink / raw)
To: Eric Dumazet
Cc: Sasha Levin, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <1339425693.6001.2268.camel@edumazet-glaptop>
Hi Eric,
On Mon, Jun 11, 2012 at 04:41:33PM +0200, Eric Dumazet wrote:
> On Mon, 2012-06-11 at 16:41 +0200, Samuel Ortiz wrote:
> > Hi Sasha,
> >
> > On Mon, Jun 11, 2012 at 04:00:41PM +0200, Sasha Levin wrote:
> > > Hi all,
> > >
> > > I've stumbled on the following while fuzzing with trinity inside a KVM tools guest, running on 3.5-rc2:
> > >
> > Thanks for the report, it could be worth adding this one to
> > bugzilla.kernel.org.
> >
> > What's trinity ?
> > Also, if this one is reproducible, would you mind sharing some details about
> > how we could reproduce it ?
>
> Well, bugfix should be trivial enough ;)
Yep, I looked at the code only after looking at Sasha's report.
Thanks for the patch, do you mind if I add your SOB to it ?
Cheers,
Samuel.
--
Intel Open Source Technology Centre
http://oss.intel.com/
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Eric Dumazet @ 2012-06-11 14:58 UTC (permalink / raw)
To: Sasha Levin
Cc: Samuel Ortiz, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <1339426241.4999.62.camel@lappy>
On Mon, 2012-06-11 at 16:50 +0200, Sasha Levin wrote:
> Eric, Is there something that documents at what state each of the
> callbacks in the network subsystem can be called? Like a big flow chart
> of some sorts?
>
> I'm asking because I've looked at this as well before sending this mail,
> and while the fix does look trivial, I wasn't sure whether it is really
> the correct fix, or the problem is that this callback wasn't supposed be
> called at all so something else is broken (we had such issue with
> namespaces and unshare() not long ago).
>
I am not aware of such 'document'.
Things change, and only *good* reference is actual source code.
Now, take a look at sock_graft()/sock_orphan()/inet_release() ...
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Eric Dumazet @ 2012-06-11 14:59 UTC (permalink / raw)
To: Samuel Ortiz
Cc: Sasha Levin, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <20120611145700.GY22557@sortiz-mobl>
On Mon, 2012-06-11 at 16:57 +0200, Samuel Ortiz wrote:
> Hi Eric,
>
> On Mon, Jun 11, 2012 at 04:41:33PM +0200, Eric Dumazet wrote:
> > On Mon, 2012-06-11 at 16:41 +0200, Samuel Ortiz wrote:
> > > Hi Sasha,
> > >
> > > On Mon, Jun 11, 2012 at 04:00:41PM +0200, Sasha Levin wrote:
> > > > Hi all,
> > > >
> > > > I've stumbled on the following while fuzzing with trinity inside a KVM tools guest, running on 3.5-rc2:
> > > >
> > > Thanks for the report, it could be worth adding this one to
> > > bugzilla.kernel.org.
> > >
> > > What's trinity ?
> > > Also, if this one is reproducible, would you mind sharing some details about
> > > how we could reproduce it ?
> >
> > Well, bugfix should be trivial enough ;)
> Yep, I looked at the code only after looking at Sasha's report.
>
> Thanks for the patch, do you mind if I add your SOB to it ?
I would prefer making sure it fixes the bug first ;)
Thanks
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Dave Jones @ 2012-06-11 15:05 UTC (permalink / raw)
To: Samuel Ortiz
Cc: Sasha Levin, David Miller, lauro.venancio, aloisio.almeida,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <20120611144134.GX22557@sortiz-mobl>
On Mon, Jun 11, 2012 at 04:41:34PM +0200, Samuel Ortiz wrote:
> Hi Sasha,
>
> On Mon, Jun 11, 2012 at 04:00:41PM +0200, Sasha Levin wrote:
> > Hi all,
> >
> > I've stumbled on the following while fuzzing with trinity inside a KVM tools guest, running on 3.5-rc2:
> >
> Thanks for the report, it could be worth adding this one to
> bugzilla.kernel.org.
>
> What's trinity ?
http://codemonkey.org.uk/projects/trinity/
Dave
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Samuel Ortiz @ 2012-06-11 15:20 UTC (permalink / raw)
To: Eric Dumazet
Cc: Sasha Levin, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <1339426778.6001.2312.camel@edumazet-glaptop>
On Mon, Jun 11, 2012 at 04:59:38PM +0200, Eric Dumazet wrote:
> On Mon, 2012-06-11 at 16:57 +0200, Samuel Ortiz wrote:
> > Hi Eric,
> >
> > On Mon, Jun 11, 2012 at 04:41:33PM +0200, Eric Dumazet wrote:
> > > On Mon, 2012-06-11 at 16:41 +0200, Samuel Ortiz wrote:
> > > > Hi Sasha,
> > > >
> > > > On Mon, Jun 11, 2012 at 04:00:41PM +0200, Sasha Levin wrote:
> > > > > Hi all,
> > > > >
> > > > > I've stumbled on the following while fuzzing with trinity inside a KVM tools guest, running on 3.5-rc2:
> > > > >
> > > > Thanks for the report, it could be worth adding this one to
> > > > bugzilla.kernel.org.
> > > >
> > > > What's trinity ?
> > > > Also, if this one is reproducible, would you mind sharing some details about
> > > > how we could reproduce it ?
> > >
> > > Well, bugfix should be trivial enough ;)
> > Yep, I looked at the code only after looking at Sasha's report.
> >
> > Thanks for the patch, do you mind if I add your SOB to it ?
>
> I would prefer making sure it fixes the bug first ;)
Sure, although your patch makes sense regardless of that :)
I'll still wait for Sasha to confirm that it fixes his crash.
Cheers,
Samuel.
--
Intel Open Source Technology Centre
http://oss.intel.com/
^ permalink raw reply
* Re: [PATCH 2/4] drivers/net/ethernet/dec/tulip: Add tulip_ prefix to set_bit_le()
From: Grant Grundler @ 2012-06-11 15:42 UTC (permalink / raw)
To: Takuya Yoshikawa
Cc: grundler, bhutchings, arnd, avi, mtosatti, linux-net-drivers,
netdev, linux-kernel, linux-arch, kvm, takuya.yoshikawa
In-Reply-To: <20120611213002.caaf0e05.yoshikawa.takuya@oss.ntt.co.jp>
On Mon, Jun 11, 2012 at 5:30 AM, Takuya Yoshikawa
<yoshikawa.takuya@oss.ntt.co.jp> wrote:
> From: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp>
>
> Needed to introduce generic set_bit_le().
>
> Signed-off-by: Takuya Yoshikawa <yoshikawa.takuya@oss.ntt.co.jp>
> Cc: Grant Grundler <grundler@parisc-linux.org>
> ---
> drivers/net/ethernet/dec/tulip/de2104x.c | 7 +++----
> drivers/net/ethernet/dec/tulip/tulip_core.c | 7 +++----
> 2 files changed, 6 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/net/ethernet/dec/tulip/de2104x.c b/drivers/net/ethernet/dec/tulip/de2104x.c
> index 61cc093..e635f1a 100644
> --- a/drivers/net/ethernet/dec/tulip/de2104x.c
> +++ b/drivers/net/ethernet/dec/tulip/de2104x.c
> @@ -661,8 +661,7 @@ static netdev_tx_t de_start_xmit (struct sk_buff *skb,
> new frame, not around filling de->setup_frame. This is non-deterministic
> when re-entered but still correct. */
>
> -#undef set_bit_le
> -#define set_bit_le(i,p) do { ((char *)(p))[(i)/8] |= (1<<((i)%8)); } while(0)
> +#define tulip_set_bit_le(i,p) do { ((char *)(p))[(i)/8] |= (1<<((i)%8)); } while(0)
I am ok with this patch going in. This code predates the clear
understanding of bit_ops that we have now and will continue to work
with this patch.
If you have time to follow Arnd's suggestion to use __set_bit_le()
(and removing both local definitions), that would be better. Either
way:
Acked-by: Grant Grundler <grundler@parisc-linux.org>
thanks!
grant
>
> static void build_setup_frame_hash(u16 *setup_frm, struct net_device *dev)
> {
> @@ -673,12 +672,12 @@ static void build_setup_frame_hash(u16 *setup_frm, struct net_device *dev)
> u16 *eaddrs;
>
> memset(hash_table, 0, sizeof(hash_table));
> - set_bit_le(255, hash_table); /* Broadcast entry */
> + tulip_set_bit_le(255, hash_table); /* Broadcast entry */
> /* This should work on big-endian machines as well. */
> netdev_for_each_mc_addr(ha, dev) {
> int index = ether_crc_le(ETH_ALEN, ha->addr) & 0x1ff;
>
> - set_bit_le(index, hash_table);
> + tulip_set_bit_le(index, hash_table);
> }
>
> for (i = 0; i < 32; i++) {
> diff --git a/drivers/net/ethernet/dec/tulip/tulip_core.c b/drivers/net/ethernet/dec/tulip/tulip_core.c
> index c4f37ac..3a1ebd02 100644
> --- a/drivers/net/ethernet/dec/tulip/tulip_core.c
> +++ b/drivers/net/ethernet/dec/tulip/tulip_core.c
> @@ -1010,8 +1010,7 @@ static int private_ioctl (struct net_device *dev, struct ifreq *rq, int cmd)
> new frame, not around filling tp->setup_frame. This is non-deterministic
> when re-entered but still correct. */
>
> -#undef set_bit_le
> -#define set_bit_le(i,p) do { ((char *)(p))[(i)/8] |= (1<<((i)%8)); } while(0)
> +#define tulip_set_bit_le(i,p) do { ((char *)(p))[(i)/8] |= (1<<((i)%8)); } while(0)
>
> static void build_setup_frame_hash(u16 *setup_frm, struct net_device *dev)
> {
> @@ -1022,12 +1021,12 @@ static void build_setup_frame_hash(u16 *setup_frm, struct net_device *dev)
> u16 *eaddrs;
>
> memset(hash_table, 0, sizeof(hash_table));
> - set_bit_le(255, hash_table); /* Broadcast entry */
> + tulip_set_bit_le(255, hash_table); /* Broadcast entry */
> /* This should work on big-endian machines as well. */
> netdev_for_each_mc_addr(ha, dev) {
> int index = ether_crc_le(ETH_ALEN, ha->addr) & 0x1ff;
>
> - set_bit_le(index, hash_table);
> + tulip_set_bit_le(index, hash_table);
> }
> for (i = 0; i < 32; i++) {
> *setup_frm++ = hash_table[i];
> --
> 1.7.5.4
>
^ permalink raw reply
* Re: 3.4-rc: NETDEV WATCHDOG: eth0 (r8169): transmit queue 0 timed out
From: Tomas Papan @ 2012-06-11 15:55 UTC (permalink / raw)
To: netdev
In-Reply-To: <20120602111335.0b94fb59@stein>
Stefan Richter <stefanr <at> s5r6.in-berlin.de> writes:
>
> On May 03 Stefan Richter wrote:
> > On May 01 Francois Romieu wrote:
> > [...]
> > > Can you apply the patch below on top of current ethtool
> > > (git://git.kernel.org/pub/scm/network/ethtool/ethtool.git) and see
> > > if it is enough to compare the register dumps (ethtool -d eth0).
> > [...]
> > > This is a firmware free chipset anyway. Nothing strange in the interface
> > > stats (ethtool -S eth0) ?
> > >
> > > You may have to narrow things. Can you check if the r8169.c at
> > > 036dafa28da1e2565a8529de2ae663c37b7a0060 behaves the same ?
> >
> > I will follow up on this eventually, but it may take quite some time due
> > to interfering work.
> >
> > Thank you for looking into it and giving directions,
>
> I haven't had time to look further into it yet. Just two minor findings:
>
> (a) After update from 3.4-rc5 to 3.4, the problem persisted.
>
> (b) Later I noticed that silent file corruptions on FireWire disks happened
> and happen under 3.4-rc5 and 3.4, so I reverted into 3.3.1 which fixed
> that issue. Furthermore, since 6 days uptime of 3.3.1, the eth0 (r8169)
> transmit queue time-out did never occur.
>
> I have no idea whether the FireWire and networking issues might be somehow
> connected, and I still lack time to investigate these issues (using Linux
> only at home, not at work), but I will eventually get back to it.
Hi,
I have the same problem on 3.4.1 and 3.4.2 (3.2.x is fine)
interestingly enough, the problem occurs only once, then it is running fine
(3.4.1 and six days uptime)
WARNING: at net/sched/sch_generic.c:256 dev_watchdog+0x16b/0x20f()
[ 2839.337554] Pid: 0, comm: swapper/3 Not tainted 3.4.2 #1
[ 2839.337556] Call Trace:
[ 2839.337559] <IRQ> [<ffffffff81026881>] ? warn_slowpath_common+0x78/0x8c
[ 2839.337571] [<ffffffff81026936>] ? warn_slowpath_fmt+0x45/0x4a
[ 2839.337576] [<ffffffff81042fc2>] ? scheduler_tick+0xaf/0xc3
[ 2839.337582] [<ffffffff812535a0>] ? dev_watchdog+0x16b/0x20f
[ 2839.337588] [<ffffffff8102f3ae>] ? run_timer_softirq+0x177/0x209
[ 2839.337594] [<ffffffff8103e7b3>] ? hrtimer_interrupt+0x100/0x19b
[ 2839.337599] [<ffffffff81253435>] ? qdisc_reset+0x35/0x35
[ 2839.337605] [<ffffffff8102b256>] ? __do_softirq+0x7f/0x106
[ 2839.337611] [<ffffffff812e298c>] ? call_softirq+0x1c/0x30
[ 2839.337616] [<ffffffff81003376>] ? do_softirq+0x31/0x67
[ 2839.337621] [<ffffffff8102b503>] ? irq_exit+0x44/0x75
[ 2839.337625] [<ffffffff810032b5>] ? do_IRQ+0x94/0xad
[ 2839.337631] [<ffffffff812e10a7>] ? common_interrupt+0x67/0x67
[ 2839.337634] <EOI> [<ffffffff81163f07>] ? intel_idle+0xde/0x103
[ 2839.337645] [<ffffffff81163ee3>] ? intel_idle+0xba/0x103
[ 2839.337652] [<ffffffff81220bfa>] ? cpuidle_idle_call+0x7e/0xc4
[ 2839.337659] [<ffffffff81008e92>] ? cpu_idle+0x53/0x7c
[ 2839.337663] ---[ end trace 04a2b9c09e9d7860 ]---
[ 2839.341697] r8169 0000:01:00.0: eth1: link up
Regards
Tomas
^ permalink raw reply
* [PATCH net-next] net: keep name_hlist close to name
From: Eric Dumazet @ 2012-06-11 16:36 UTC (permalink / raw)
To: David Miller; +Cc: netdev
From: Eric Dumazet <edumazet@google.com>
__dev_get_by_name() is slow because pm_qos_req has been inserted between
name[] and name_hlist, adding cache misses.
pm_qos_req has nothing to do at the beginning of struct net_device
Signed-off-by: Eric Dumazet <edumazet@google.com>
---
include/linux/netdevice.h | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index d94cb14..a0b84e3 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -1046,10 +1046,9 @@ struct net_device {
*/
char name[IFNAMSIZ];
- struct pm_qos_request pm_qos_req;
-
- /* device name hash chain */
+ /* device name hash chain, please keep it close to name[] */
struct hlist_node name_hlist;
+
/* snmp alias */
char *ifalias;
@@ -1322,6 +1321,8 @@ struct net_device {
/* group the device belongs to */
int group;
+
+ struct pm_qos_request pm_qos_req;
};
#define to_net_dev(d) container_of(d, struct net_device, dev)
^ permalink raw reply related
* Re: [PATCH v2] dummy: fix rcu_sched self-detected stalls
From: Stephen Hemminger @ 2012-06-11 16:51 UTC (permalink / raw)
To: Eric Dumazet; +Cc: David Miller, netdev
In-Reply-To: <1339398717.6001.1538.camel@edumazet-glaptop>
On Mon, 11 Jun 2012 09:11:57 +0200
Eric Dumazet <eric.dumazet@gmail.com> wrote:
> From: Eric Dumazet <edumazet@google.com>
>
> Trying to "modprobe dummy numdummies=30000" triggers :
>
> INFO: rcu_sched self-detected stall on CPU { 8} (t=60000 jiffies)
>
> After this splat, RTNL is locked and reboot is needed.
>
> We must call cond_resched() to avoid this, even holding RTNL.
>
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> ---
> drivers/net/dummy.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/net/dummy.c b/drivers/net/dummy.c
> index 442d91a..bab0158 100644
> --- a/drivers/net/dummy.c
> +++ b/drivers/net/dummy.c
> @@ -187,8 +187,10 @@ static int __init dummy_init_module(void)
> rtnl_lock();
> err = __rtnl_link_register(&dummy_link_ops);
>
> - for (i = 0; i < numdummies && !err; i++)
> + for (i = 0; i < numdummies && !err; i++) {
> err = dummy_init_one();
> + cond_resched();
> + }
> if (err < 0)
> __rtnl_link_unregister(&dummy_link_ops);
> rtnl_unlock();
>
Rather than holding lock for the whole loop, why not reacquire
each time to keep from holding off everything els.
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Sasha Levin @ 2012-06-11 16:55 UTC (permalink / raw)
To: Eric Dumazet
Cc: Samuel Ortiz, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <1339426726.6001.2309.camel@edumazet-glaptop>
On Mon, 2012-06-11 at 16:58 +0200, Eric Dumazet wrote:
> On Mon, 2012-06-11 at 16:50 +0200, Sasha Levin wrote:
>
> > Eric, Is there something that documents at what state each of the
> > callbacks in the network subsystem can be called? Like a big flow chart
> > of some sorts?
> >
> > I'm asking because I've looked at this as well before sending this mail,
> > and while the fix does look trivial, I wasn't sure whether it is really
> > the correct fix, or the problem is that this callback wasn't supposed be
> > called at all so something else is broken (we had such issue with
> > namespaces and unshare() not long ago).
> >
>
> I am not aware of such 'document'.
>
> Things change, and only *good* reference is actual source code.
>
> Now, take a look at sock_graft()/sock_orphan()/inet_release() ...
I see.
I grepped for release callbacks and the first few in the result (atm,
ax_25) did check for !sk, so I guess I'll just follow what I see in
other code in the future :)
^ permalink raw reply
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Sasha Levin @ 2012-06-11 16:56 UTC (permalink / raw)
To: Samuel Ortiz
Cc: Eric Dumazet, David Miller, lauro.venancio, aloisio.almeida,
Dave Jones, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
linux-wireless
In-Reply-To: <20120611152007.GZ22557@sortiz-mobl>
On Mon, 2012-06-11 at 17:20 +0200, Samuel Ortiz wrote:
> On Mon, Jun 11, 2012 at 04:59:38PM +0200, Eric Dumazet wrote:
> > On Mon, 2012-06-11 at 16:57 +0200, Samuel Ortiz wrote:
> > > Hi Eric,
> > >
> > > On Mon, Jun 11, 2012 at 04:41:33PM +0200, Eric Dumazet wrote:
> > > > On Mon, 2012-06-11 at 16:41 +0200, Samuel Ortiz wrote:
> > > > > Hi Sasha,
> > > > >
> > > > > On Mon, Jun 11, 2012 at 04:00:41PM +0200, Sasha Levin wrote:
> > > > > > Hi all,
> > > > > >
> > > > > > I've stumbled on the following while fuzzing with trinity inside a KVM tools guest, running on 3.5-rc2:
> > > > > >
> > > > > Thanks for the report, it could be worth adding this one to
> > > > > bugzilla.kernel.org.
> > > > >
> > > > > What's trinity ?
> > > > > Also, if this one is reproducible, would you mind sharing some details about
> > > > > how we could reproduce it ?
> > > >
> > > > Well, bugfix should be trivial enough ;)
> > > Yep, I looked at the code only after looking at Sasha's report.
> > >
> > > Thanks for the patch, do you mind if I add your SOB to it ?
> >
> > I would prefer making sure it fixes the bug first ;)
> Sure, although your patch makes sense regardless of that :)
> I'll still wait for Sasha to confirm that it fixes his crash.
I don't have a direct way of reproducing it, but I've put it in the test
vm and the fuzzer is running, I'll let you know tomorrow if it happened
again.
^ permalink raw reply
* RE: [net-next 3/9] igb: Update firmware info output
From: Wyborny, Carolyn @ 2012-06-11 17:10 UTC (permalink / raw)
To: Ben Hutchings, Kirsher, Jeffrey T
Cc: davem@davemloft.net, netdev@vger.kernel.org, gospo@redhat.com,
sassmann@redhat.com
In-Reply-To: <1339289854.21665.161.camel@deadeye.wl.decadent.org.uk>
>-----Original Message-----
>From: Ben Hutchings [mailto:bhutchings@solarflare.com]
>Sent: Saturday, June 09, 2012 5:58 PM
>To: Kirsher, Jeffrey T
>Cc: davem@davemloft.net; Wyborny, Carolyn; netdev@vger.kernel.org;
>gospo@redhat.com; sassmann@redhat.com
>Subject: Re: [net-next 3/9] igb: Update firmware info output
>
>On Sat, 2012-06-09 at 01:20 -0700, Jeff Kirsher wrote:
>> From: Carolyn Wyborny <carolyn.wyborny@intel.com>
>>
>> Our NVM image creation tools have evolved over the years and there are
>> multiple versions contained in them, depending on the tool used to
>create
>> them. This patch outputs the NVM versions available in ethtool -i
>output.
[...]
>Doesn't this driver support online firmware upgrades using
>ETHTOOL_SEEPROM? If so then you should carry on reading the version
>from NVRAM here, rather than only doing it at probe time.
>
Yes, good catch, thanks. Will update patch to include creating the version string during igb_set_ethtool.
Carolyn
Carolyn Wyborny
Linux Development
LAN Access Division
Intel Corporation
^ permalink raw reply
* [PATCH] net: lpc_eth: fix tx completion
From: Eric Dumazet @ 2012-06-11 17:21 UTC (permalink / raw)
To: Roland Stigge
Cc: davem, netdev, linux-kernel, kevin.wells, srinivas.bakki,
aletes.xgr, linux-arm-kernel
In-Reply-To: <1339404835.6001.1788.camel@edumazet-glaptop>
From: Eric Dumazet <edumazet@google.com>
__lpc_handle_xmit() has two bugs :
1) It can leak skbs in case TXSTATUS_ERROR is set
2) It can wake up txqueue while no slot was freed.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Roland Stigge <stigge@antcom.de>
Tested-by: Roland Stigge <stigge@antcom.de>
Cc: Kevin Wells <kevin.wells@nxp.com>
---
drivers/net/ethernet/nxp/lpc_eth.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/net/ethernet/nxp/lpc_eth.c b/drivers/net/ethernet/nxp/lpc_eth.c
index 8d2666f..ff76c21 100644
--- a/drivers/net/ethernet/nxp/lpc_eth.c
+++ b/drivers/net/ethernet/nxp/lpc_eth.c
@@ -946,16 +946,16 @@ static void __lpc_handle_xmit(struct net_device *ndev)
/* Update stats */
ndev->stats.tx_packets++;
ndev->stats.tx_bytes += skb->len;
-
- /* Free buffer */
- dev_kfree_skb_irq(skb);
}
+ dev_kfree_skb_irq(skb);
txcidx = readl(LPC_ENET_TXCONSUMEINDEX(pldat->net_base));
}
- if (netif_queue_stopped(ndev))
- netif_wake_queue(ndev);
+ if (pldat->num_used_tx_buffs <= ENET_TX_DESC/2) {
+ if (netif_queue_stopped(ndev))
+ netif_wake_queue(ndev);
+ }
}
static int __lpc_handle_recv(struct net_device *ndev, int budget)
^ permalink raw reply related
* Re: net: nfc: BUG and panic in accept() on 3.5-rc2
From: Dave Jones @ 2012-06-11 17:25 UTC (permalink / raw)
To: Sasha Levin
Cc: Samuel Ortiz, Eric Dumazet, David Miller, lauro.venancio,
aloisio.almeida, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, linux-wireless
In-Reply-To: <1339433810.4999.65.camel@lappy>
On Mon, Jun 11, 2012 at 06:56:50PM +0200, Sasha Levin wrote:
> > > > > > What's trinity ?
> > > > > > Also, if this one is reproducible, would you mind sharing some details about
> > > > > > how we could reproduce it ?
> > > > >
> > > > > Well, bugfix should be trivial enough ;)
> > > > Yep, I looked at the code only after looking at Sasha's report.
> > > >
> > > > Thanks for the patch, do you mind if I add your SOB to it ?
> > >
> > > I would prefer making sure it fixes the bug first ;)
> > Sure, although your patch makes sense regardless of that :)
> > I'll still wait for Sasha to confirm that it fixes his crash.
>
> I don't have a direct way of reproducing it, but I've put it in the test
> vm and the fuzzer is running, I'll let you know tomorrow if it happened
> again.
You might be able to trigger it faster by using -P PF_NFC, which will
force trinity to only use NFC sockets.
sidenote: most protocols trigger the module to be auto-loaded when a socket
is created. This doesn't seem to happen with nfc, making me need to manually
modprobe it first. Intentional ?
Dave
^ permalink raw reply
* Re: [patch] can: c_can: precedence error in c_can_chip_config()
From: Oliver Hartkopp @ 2012-06-11 17:42 UTC (permalink / raw)
To: Marc Kleine-Budde
Cc: Dan Carpenter, Wolfgang Grandegger, AnilKumar Ch, David S. Miller,
Jiri Kosina, linux-can, netdev, kernel-janitors
In-Reply-To: <4FD4DEF2.6070802@pengutronix.de>
On 10.06.2012 19:52, Marc Kleine-Budde wrote:
> On 06/09/2012 05:56 PM, Dan Carpenter wrote:
>> (CAN_CTRLMODE_LISTENONLY & CAN_CTRLMODE_LOOPBACK) is (0x02 & 0x01) which
>> is zero so the condition is never true. The intent here was to test
>> that both flags were set.
>>
>> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>> ---
>> This is a static checker fix. I'm not super familiar with the c_can
>> code.
>
> Good catch. Applied to can-next.
>
> Marc
>
Shouldn't this fix go through the net-tree and stable instead of net-next?
Regards,
Oliver
^ permalink raw reply
* Re: kernel ipsec error
From: Ben Hutchings @ 2012-06-11 17:49 UTC (permalink / raw)
To: Marco Berizzi; +Cc: netdev
In-Reply-To: <DUB108-W3906ACEA67D9618490CB02B2F70@phx.gbl>
On Mon, 2012-06-11 at 14:45 +0200, Marco Berizzi wrote:
> Hello everybody.
>
> After 12 days uptime I got this message.
> Linux is 3.3.5 32bit, running openswan
> (this is an ipsec gateway/netfilter
> firewall) and squid.
>
> Jun 11 12:53:02 Pleiadi kernel: SLUB: Unable to allocate memory on node -1 (gfp=0x20)
> Jun 11 12:53:02 Pleiadi kernel: cache: kmalloc-2048, object size: 2048, buffer size: 2048, default order: 2, min order: 0
> Jun 11 12:53:02 Pleiadi kernel: node 0: slabs: 61, objs: 476, free: 0
> Jun 11 12:53:02 Pleiadi kernel: kworker/0:2: page allocation failure: order:0, mode:0x4020
So a single page allocation in atomic (non-sleeping) context failed.
[...]
> Jun 11 12:53:02 Pleiadi kernel: Free swap = 130908kB
> Jun 11 12:53:02 Pleiadi kernel: Total swap = 151164kB
> Jun 11 12:53:02 Pleiadi kernel: 40944 pages RAM
[...]
Not too surprising with this little RAM available (swap didn't help
since we couldn't wait for swap-out).
There could be a memory leak, but you would need to read /proc/meminfo
and /proc/slabinfo at intervals to work out whether that was the case.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
^ permalink raw reply
* Re: [patch] can: c_can: precedence error in c_can_chip_config()
From: Marc Kleine-Budde @ 2012-06-11 17:51 UTC (permalink / raw)
To: Oliver Hartkopp
Cc: Dan Carpenter, Wolfgang Grandegger, AnilKumar Ch, David S. Miller,
Jiri Kosina, linux-can, netdev, kernel-janitors
In-Reply-To: <4FD62E21.3020209@hartkopp.net>
[-- Attachment #1: Type: text/plain, Size: 931 bytes --]
On 06/11/2012 07:42 PM, Oliver Hartkopp wrote:
> On 10.06.2012 19:52, Marc Kleine-Budde wrote:
>
>> On 06/09/2012 05:56 PM, Dan Carpenter wrote:
>>> (CAN_CTRLMODE_LISTENONLY & CAN_CTRLMODE_LOOPBACK) is (0x02 & 0x01) which
>>> is zero so the condition is never true. The intent here was to test
>>> that both flags were set.
>>>
>>> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>>> ---
>>> This is a static checker fix. I'm not super familiar with the c_can
>>> code.
>>
>> Good catch. Applied to can-next.
>>
>> Marc
>>
>
>
> Shouldn't this fix go through the net-tree and stable instead of net-next?
Indeed.
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Industrial Linux Solutions | Phone: +49-231-2826-924 |
Vertretung West/Dortmund | Fax: +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686 | http://www.pengutronix.de |
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 262 bytes --]
^ permalink raw reply
* Re: [PATCH] net: socket: fixed coding style issues.
From: Ben Hutchings @ 2012-06-11 17:53 UTC (permalink / raw)
To: Matthew Shaw; +Cc: davem, netdev, linux-kernel
In-Reply-To: <1339420656-11512-1-git-send-email-shaw500@gmail.com>
On Mon, 2012-06-11 at 14:17 +0100, Matthew Shaw wrote:
> Fixed an instance where brances are used but not needed, and some lines
> in the comments and code that exceed the 80 character limit.
>
> Signed-off-by: Matthew Shaw <shaw500@gmail.com>
> ---
> net/socket.c | 137 ++++++++++++++++++++++++++++++++--------------------------
> 1 file changed, 75 insertions(+), 62 deletions(-)
>
> diff --git a/net/socket.c b/net/socket.c
> index 6e0ccc0..2133040 100644
> --- a/net/socket.c
> +++ b/net/socket.c
> @@ -8,48 +8,48 @@
> * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
> *
> * Fixes:
> - * Anonymous : NOTSOCK/BADF cleanup. Error fix in
> - * shutdown()
> - * Alan Cox : verify_area() fixes
> - * Alan Cox : Removed DDI
> - * Jonathan Kamens : SOCK_DGRAM reconnect bug
[...]
I would question whether such lists of bug fixes are worth keeping at
all. The names should probably be kept as credits, but the details are
ancient history now.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
^ permalink raw reply
* Re: [PATCH] net: socket: fixed coding style issues.
From: Daniel Baluta @ 2012-06-11 18:03 UTC (permalink / raw)
To: Matthew Shaw; +Cc: davem, netdev, linux-kernel
In-Reply-To: <1339420656-11512-1-git-send-email-shaw500@gmail.com>
On Mon, Jun 11, 2012 at 4:17 PM, Matthew Shaw <shaw500@gmail.com> wrote:
> Fixed an instance where brances are used but not needed, and some lines
> in the comments and code that exceed the 80 character limit.
>
> Signed-off-by: Matthew Shaw <shaw500@gmail.com>
> ---
> net/socket.c | 137 ++++++++++++++++++++++++++++++++--------------------------
> 1 file changed, 75 insertions(+), 62 deletions(-)
>
> diff --git a/net/socket.c b/net/socket.c
> index 6e0ccc0..2133040 100644
> --- a/net/socket.c
> +++ b/net/socket.c
> @@ -8,48 +8,48 @@
> * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
> *
> * Fixes:
> - * Anonymous : NOTSOCK/BADF cleanup. Error fix in
> - * shutdown()
> - * Alan Cox : verify_area() fixes
> - * Alan Cox : Removed DDI
> - * Jonathan Kamens : SOCK_DGRAM reconnect bug
> - * Alan Cox : Moved a load of checks to the very
> - * top level.
> - * Alan Cox : Move address structures to/from user
> - * mode above the protocol layers.
> - * Rob Janssen : Allow 0 length sends.
> - * Alan Cox : Asynchronous I/O support (cribbed from the
> - * tty drivers).
> - * Niibe Yutaka : Asynchronous I/O for writes (4.4BSD style)
> - * Jeff Uphoff : Made max number of sockets command-line
> - * configurable.
> - * Matti Aarnio : Made the number of sockets dynamic,
> - * to be allocated when needed, and mr.
> - * Uphoff's max is used as max to be
> - * allowed to allocate.
> - * Linus : Argh. removed all the socket allocation
> - * altogether: it's in the inode now.
> - * Alan Cox : Made sock_alloc()/sock_release() public
> - * for NetROM and future kernel nfsd type
> - * stuff.
> - * Alan Cox : sendmsg/recvmsg basics.
> - * Tom Dyas : Export net symbols.
> - * Marcin Dalecki : Fixed problems with CONFIG_NET="n".
> - * Alan Cox : Added thread locking to sys_* calls
> - * for sockets. May have errors at the
> - * moment.
> - * Kevin Buhr : Fixed the dumb errors in the above.
> - * Andi Kleen : Some small cleanups, optimizations,
> - * and fixed a copy_from_user() bug.
> - * Tigran Aivazian : sys_send(args) calls sys_sendto(args, NULL, 0)
> - * Tigran Aivazian : Made listen(2) backlog sanity checks
> - * protocol-independent
> + * Anonymous : NOTSOCK/BADF cleanup. Error fix in
> + * shutdown()
> + * Alan Cox : verify_area() fixes
> + * Alan Cox : Removed DDI
> + * Jonathan Kamens : SOCK_DGRAM reconnect bug
> + * Alan Cox : Moved a load of checks to the very
> + * top level.
> + * Alan Cox : Move address structures to/from user
> + * mode above the protocol layers.
> + * Rob Janssen : Allow 0 length sends.
> + * Alan Cox : Asynchronous I/O support (cribbed from the
> + * tty drivers).
> + * Niibe Yutaka : Asynchronous I/O for writes (4.4BSD style)
> + * Jeff Uphoff : Made max number of sockets command-line
> + * configurable.
> + * Matti Aarnio : Made the number of sockets dynamic,
> + * to be allocated when needed, and mr.
> + * Uphoff's max is used as max to be
> + * allowed to allocate.
> + * Linus : Argh. removed all the socket allocation
> + * altogether: it's in the inode now.
> + * Alan Cox : Made sock_alloc()/sock_release() public
> + * for NetROM and future kernel nfsd type
> + * stuff.
> + * Alan Cox : sendmsg/recvmsg basics.
> + * Tom Dyas : Export net symbols.
> + * Marcin Dalecki : Fixed problems with CONFIG_NET="n".
> + * Alan Cox : Added thread locking to sys_* calls
> + * for sockets. May have errors at the
> + * moment.
> + * Kevin Buhr : Fixed the dumb errors in the above.
> + * Andi Kleen : Some small cleanups, optimizations,
> + * and fixed a copy_from_user() bug.
> + * Tigran Aivazian : sys_send(args) calls sys_sendto(args, NULL, 0)
> + * Tigran Aivazian : Made listen(2) backlog sanity checks
> + * protocol-independent
> *
> *
> - * This program is free software; you can redistribute it and/or
> - * modify it under the terms of the GNU General Public License
> - * as published by the Free Software Foundation; either version
> - * 2 of the License, or (at your option) any later version.
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version
> + * 2 of the License, or (at your option) any later version.
> *
> *
> * This module is effectively the top level interface to the BSD socket
> @@ -128,8 +128,9 @@ static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
> unsigned int flags);
>
> /*
> - * Socket files have a set of 'special' operations as well as the generic file ones. These don't appear
> - * in the operation structures but are done directly via the socketcall() multiplexor.
> + * Socket files have a set of 'special' operations as well as the generic
> + * file ones. These don't appear in the operation structures but are done
> + * directly via the socketcall() multiplexor.
> */
>
> static const struct file_operations socket_file_ops = {
> @@ -181,7 +182,8 @@ static DEFINE_PER_CPU(int, sockets_in_use);
> * invalid addresses -EFAULT is returned. On a success 0 is returned.
> */
>
> -int move_addr_to_kernel(void __user *uaddr, int ulen, struct sockaddr_storage *kaddr)
> +int move_addr_to_kernel(void __user *uaddr, int ulen,
> + struct sockaddr_storage *kaddr)
> {
> if (ulen < 0 || ulen > sizeof(struct sockaddr_storage))
> return -EINVAL;
> @@ -584,7 +586,8 @@ int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
> }
> EXPORT_SYMBOL(sock_sendmsg);
>
> -static int sock_sendmsg_nosec(struct socket *sock, struct msghdr *msg, size_t size)
> +static int sock_sendmsg_nosec(struct socket *sock, struct msghdr *msg,
> + size_t size)
> {
> struct kiocb iocb;
> struct sock_iocb siocb;
> @@ -711,7 +714,8 @@ void __sock_recv_ts_and_drops(struct msghdr *msg, struct sock *sk,
> EXPORT_SYMBOL_GPL(__sock_recv_ts_and_drops);
>
> static inline int __sock_recvmsg_nosec(struct kiocb *iocb, struct socket *sock,
> - struct msghdr *msg, size_t size, int flags)
> + struct msghdr *msg, size_t size,
> + int flags)
> {
> struct sock_iocb *si = kiocb_to_siocb(iocb);
>
> @@ -1158,7 +1162,9 @@ static int sock_fasync(int fd, struct file *filp, int on)
> return 0;
> }
>
> -/* This function may be called only under socket lock or callback_lock or rcu_lock */
> +/* This function may be called only under socket lock or callback_lock
> + * or rcu_lock.
> + */
>
> int sock_wake_async(struct socket *sock, int how, int band)
> {
> @@ -1229,8 +1235,8 @@ int __sock_create(struct net *net, int family, int type, int protocol,
>
> /*
> * Allocate the socket and allow the family to set things up. if
> - * the protocol is 0, the family is instructed to select an appropriate
> - * default.
> + * the protocol is 0, the family is instructed to select an
> + * appropriate default.
> */
> sock = sock_alloc();
> if (!sock) {
> @@ -1308,7 +1314,8 @@ EXPORT_SYMBOL(__sock_create);
>
> int sock_create(int family, int type, int protocol, struct socket **res)
> {
> - return __sock_create(current->nsproxy->net_ns, family, type, protocol, res, 0);
> + return __sock_create(current->nsproxy->net_ns, family, type, protocol,
> + res, 0);
> }
> EXPORT_SYMBOL(sock_create);
>
> @@ -1928,9 +1935,9 @@ static int __sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
> }
>
> /* This will also move the address data into kernel space */
> - if (MSG_CMSG_COMPAT & flags) {
> + if (MSG_CMSG_COMPAT & flags)
> err = verify_compat_iovec(msg_sys, iov, &address, VERIFY_READ);
> - } else
> + else
> err = verify_iovec(msg_sys, iov, &address, VERIFY_READ);
> if (err < 0)
> goto out_freeiov;
> @@ -1957,9 +1964,9 @@ static int __sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
> }
> err = -EFAULT;
> /*
> - * Careful! Before this, msg_sys->msg_control contains a user pointer.
> - * Afterwards, it will be a kernel pointer. Thus the compiler-assisted
> - * checking falls down on this.
> + * Careful! Before this, msg_sys->msg_control contains a user
> + * pointer. Afterwards, it will be a kernel pointer. Thus the
> + * compiler-assisted checking falls down on this.
> */
> if (copy_from_user(ctl_buf,
> (void __user __force *)msg_sys->msg_control,
> @@ -2010,7 +2017,8 @@ out:
> * BSD sendmsg interface
> */
>
> -SYSCALL_DEFINE3(sendmsg, int, fd, struct msghdr __user *, msg, unsigned int, flags)
> +SYSCALL_DEFINE3(sendmsg, int, fd, struct msghdr __user *, msg, unsigned int,
> + flags)
> {
> int fput_needed, err;
> struct msghdr msg_sys;
> @@ -2056,7 +2064,8 @@ int __sys_sendmmsg(int fd, struct mmsghdr __user *mmsg, unsigned int vlen,
>
> while (datagrams < vlen) {
> if (MSG_CMSG_COMPAT & flags) {
> - err = __sys_sendmsg(sock, (struct msghdr __user *)compat_entry,
> + err = __sys_sendmsg(sock,
> + (struct msghdr __user *)compat_entry,
> &msg_sys, flags, &used_address);
> if (err < 0)
> break;
> @@ -2132,9 +2141,9 @@ static int __sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
>
> uaddr = (__force void __user *)msg_sys->msg_name;
> uaddr_len = COMPAT_NAMELEN(msg);
> - if (MSG_CMSG_COMPAT & flags) {
> + if (MSG_CMSG_COMPAT & flags)
> err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE);
> - } else
> + else
> err = verify_iovec(msg_sys, iov, &addr, VERIFY_WRITE);
> if (err < 0)
> goto out_freeiov;
> @@ -2661,13 +2670,15 @@ static int dev_ifconf(struct net *net, struct compat_ifconf __user *uifc32)
> ifc.ifc_req = NULL;
> uifc = compat_alloc_user_space(sizeof(struct ifconf));
> } else {
> - size_t len = ((ifc32.ifc_len / sizeof(struct compat_ifreq)) + 1) *
> + size_t len = ((ifc32.ifc_len /
> + sizeof(struct compat_ifreq)) + 1) *
> sizeof(struct ifreq);
> uifc = compat_alloc_user_space(sizeof(struct ifconf) + len);
> ifc.ifc_len = len;
> ifr = ifc.ifc_req = (void __user *)(uifc + 1);
> ifr32 = compat_ptr(ifc32.ifcbuf);
> - for (i = 0; i < ifc32.ifc_len; i += sizeof(struct compat_ifreq)) {
> + for (i = 0; i < ifc32.ifc_len;
> + i += sizeof(struct compat_ifreq)) {
> if (copy_in_user(ifr, ifr32, sizeof(struct compat_ifreq)))
> return -EFAULT;
> ifr++;
> @@ -2832,7 +2843,8 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
> return 0;
> }
>
> -static int compat_siocwandev(struct net *net, struct compat_ifreq __user *uifr32)
> +static int compat_siocwandev(struct net *net,
> + struct compat_ifreq __user *uifr32)
> {
> void __user *uptr;
> compat_uptr_t uptr32;
> @@ -3000,7 +3012,8 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
> return err;
> }
>
> -static int compat_siocshwtstamp(struct net *net, struct compat_ifreq __user *uifr32)
> +static int compat_siocshwtstamp(struct net *net,
> + struct compat_ifreq __user *uifr32)
I think that going over the 80 chars limit is acceptable in this kind
of situations. The code
looks ugly with the new formatting.
> {
> void __user *uptr;
> compat_uptr_t uptr32;
> --
> 1.7.9.5
thanks,
Daniel.
^ permalink raw reply
* Re: [PATCH] net: lpc_eth: fix tx completion
From: Roland Stigge @ 2012-06-11 18:58 UTC (permalink / raw)
To: Eric Dumazet
Cc: davem, netdev, linux-kernel, kevin.wells, srinivas.bakki,
aletes.xgr, linux-arm-kernel
In-Reply-To: <1339435296.6001.2484.camel@edumazet-glaptop>
On 11/06/12 19:21, Eric Dumazet wrote:
> From: Eric Dumazet <edumazet@google.com>
>
> __lpc_handle_xmit() has two bugs :
>
> 1) It can leak skbs in case TXSTATUS_ERROR is set
>
> 2) It can wake up txqueue while no slot was freed.
>
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Reported-by: Roland Stigge <stigge@antcom.de>
> Tested-by: Roland Stigge <stigge@antcom.de>
> Cc: Kevin Wells <kevin.wells@nxp.com>
Thanks!
Would be good for v3.5 and for stable v3.4 also.
> ---
> drivers/net/ethernet/nxp/lpc_eth.c | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/net/ethernet/nxp/lpc_eth.c b/drivers/net/ethernet/nxp/lpc_eth.c
> index 8d2666f..ff76c21 100644
> --- a/drivers/net/ethernet/nxp/lpc_eth.c
> +++ b/drivers/net/ethernet/nxp/lpc_eth.c
> @@ -946,16 +946,16 @@ static void __lpc_handle_xmit(struct net_device *ndev)
> /* Update stats */
> ndev->stats.tx_packets++;
> ndev->stats.tx_bytes += skb->len;
> -
> - /* Free buffer */
> - dev_kfree_skb_irq(skb);
> }
> + dev_kfree_skb_irq(skb);
>
> txcidx = readl(LPC_ENET_TXCONSUMEINDEX(pldat->net_base));
> }
>
> - if (netif_queue_stopped(ndev))
> - netif_wake_queue(ndev);
> + if (pldat->num_used_tx_buffs <= ENET_TX_DESC/2) {
> + if (netif_queue_stopped(ndev))
> + netif_wake_queue(ndev);
> + }
> }
>
> static int __lpc_handle_recv(struct net_device *ndev, int budget)
>
^ permalink raw reply
* pull request: wireless 2012-06-11
From: John W. Linville @ 2012-06-11 19:17 UTC (permalink / raw)
To: davem; +Cc: linux-wireless, netdev, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 16566 bytes --]
commit ed6be3dcfee0bb891efd6ea908ca32bea711085b
Dave,
Here is another group of fixes intended for 3.5.
Emmanuel Grumbach brings a fix to avoid some firmware memory
corruption, and he disables a problematic hardware feature in the
iwlwifi driver.
Hauke Mehrtens fixes a null pointer dereference in bcma.
Johannes Berg updates MAINTAINERS to reflect that he is now maintaining
separate feeder trees for the wireless stack components.
Meenakshi Venkataraman points iwlwifi to the correct firmware for
the 6035 device.
Oleksij Rempel prevents b43 from calling ieee80211_unregister_hw if
they haven't registered any hardware, avoiding a BUG exit.
Qasim Javed fixes mac80211_hwsim to maintain ACK stats appropriately.
Sasha Levin fixes a possible null pointer dereference in the NFC code.
Stanislav Yakovlev avoids a WARN_ON in ipw2100, mirroring a similar
fix already applied to ipw2200.
Stanislaw Gruszka avoids an rtl8187 bug with sleeping in an invalid
context. He also restores a previously removed mac80211 flag that
is needed by the iwl4965 driver.
Please let me know if there are problems!
Thanks,
John
---
The following changes since commit 16b0dc29c1af9df341428f4c49ada4f626258082:
dummy: fix rcu_sched self-detected stalls (2012-06-11 01:12:04 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless.git for-davem
Emmanuel Grumbach (2):
iwlwifi: don't mess up the SCD when removing a key
iwlwifi: disable the buggy chain extension feature in HW
Hauke Mehrtens (1):
bcma: fix null pointer in bcma_core_pci_irq_ctl
Johannes Berg (1):
wireless: add my new trees to MAINTAINERS
John W. Linville (1):
Merge branch 'master' of git://git.kernel.org/.../linville/wireless into for-davem
Meenakshi Venkataraman (1):
iwlwifi: use correct supported firmware for 6035 and 6000g2
Oleksij Rempel (1):
b43: do not call ieee80211_unregister_hw if we are not registred
Qasim Javed (1):
mac80211_hwsim: Set IEEE80211_STAT_ACK flag when userspace indicates that the frame has been acknowledged.
Sasha Levin (1):
NFC: Fix possible NULL ptr deref when getting the name of a socket
Stanislav Yakovlev (1):
net/wireless: ipw2100: Fix WARN_ON occurring in wiphy_register called by ipw2100_pci_init_one
Stanislaw Gruszka (2):
rtl8187: ->brightness_set can not sleep
mac80211: add back channel change flag
MAINTAINERS | 12 ++++++++++--
drivers/bcma/driver_pci.c | 6 ++++--
drivers/net/wireless/b43/b43.h | 4 ++++
drivers/net/wireless/b43/main.c | 19 ++++++++++++-------
drivers/net/wireless/ipw2x00/ipw2100.c | 20 +++++---------------
drivers/net/wireless/iwlwifi/iwl-6000.c | 23 +++++++++++++++++++++--
drivers/net/wireless/iwlwifi/iwl-agn-sta.c | 2 +-
drivers/net/wireless/iwlwifi/iwl-prph.h | 1 +
drivers/net/wireless/iwlwifi/iwl-trans-pcie.c | 5 +++++
drivers/net/wireless/mac80211_hwsim.c | 1 +
drivers/net/wireless/rtl818x/rtl8187/leds.c | 2 +-
net/mac80211/mlme.c | 2 +-
net/nfc/llcp/sock.c | 3 +++
13 files changed, 69 insertions(+), 31 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index 55f0fda..03660de 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1800,6 +1800,9 @@ F: include/linux/cfag12864b.h
CFG80211 and NL80211
M: Johannes Berg <johannes@sipsolutions.net>
L: linux-wireless@vger.kernel.org
+W: http://wireless.kernel.org/
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git
S: Maintained
F: include/linux/nl80211.h
F: include/net/cfg80211.h
@@ -4340,7 +4343,8 @@ MAC80211
M: Johannes Berg <johannes@sipsolutions.net>
L: linux-wireless@vger.kernel.org
W: http://linuxwireless.org/
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git
S: Maintained
F: Documentation/networking/mac80211-injection.txt
F: include/net/mac80211.h
@@ -4351,7 +4355,8 @@ M: Stefano Brivio <stefano.brivio@polimi.it>
M: Mattias Nissler <mattias.nissler@gmx.de>
L: linux-wireless@vger.kernel.org
W: http://linuxwireless.org/en/developers/Documentation/mac80211/RateControl/PID
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git
S: Maintained
F: net/mac80211/rc80211_pid*
@@ -5695,6 +5700,9 @@ F: include/linux/remoteproc.h
RFKILL
M: Johannes Berg <johannes@sipsolutions.net>
L: linux-wireless@vger.kernel.org
+W: http://wireless.kernel.org/
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git
S: Maintained
F: Documentation/rfkill.txt
F: net/rfkill/
diff --git a/drivers/bcma/driver_pci.c b/drivers/bcma/driver_pci.c
index 9a96f14..c32ebd5 100644
--- a/drivers/bcma/driver_pci.c
+++ b/drivers/bcma/driver_pci.c
@@ -232,17 +232,19 @@ void __devinit bcma_core_pci_init(struct bcma_drv_pci *pc)
int bcma_core_pci_irq_ctl(struct bcma_drv_pci *pc, struct bcma_device *core,
bool enable)
{
- struct pci_dev *pdev = pc->core->bus->host_pci;
+ struct pci_dev *pdev;
u32 coremask, tmp;
int err = 0;
- if (core->bus->hosttype != BCMA_HOSTTYPE_PCI) {
+ if (!pc || core->bus->hosttype != BCMA_HOSTTYPE_PCI) {
/* This bcma device is not on a PCI host-bus. So the IRQs are
* not routed through the PCI core.
* So we must not enable routing through the PCI core. */
goto out;
}
+ pdev = pc->core->bus->host_pci;
+
err = pci_read_config_dword(pdev, BCMA_PCI_IRQMASK, &tmp);
if (err)
goto out;
diff --git a/drivers/net/wireless/b43/b43.h b/drivers/net/wireless/b43/b43.h
index 67c13af..c06b6cb 100644
--- a/drivers/net/wireless/b43/b43.h
+++ b/drivers/net/wireless/b43/b43.h
@@ -877,6 +877,10 @@ struct b43_wl {
* from the mac80211 subsystem. */
u16 mac80211_initially_registered_queues;
+ /* Set this if we call ieee80211_register_hw() and check if we call
+ * ieee80211_unregister_hw(). */
+ bool hw_registred;
+
/* We can only have one operating interface (802.11 core)
* at a time. General information about this interface follows.
*/
diff --git a/drivers/net/wireless/b43/main.c b/drivers/net/wireless/b43/main.c
index 5a39b22..acd03a4 100644
--- a/drivers/net/wireless/b43/main.c
+++ b/drivers/net/wireless/b43/main.c
@@ -2437,6 +2437,7 @@ start_ieee80211:
err = ieee80211_register_hw(wl->hw);
if (err)
goto err_one_core_detach;
+ wl->hw_registred = true;
b43_leds_register(wl->current_dev);
goto out;
@@ -5299,6 +5300,7 @@ static struct b43_wl *b43_wireless_init(struct b43_bus_dev *dev)
hw->queues = modparam_qos ? B43_QOS_QUEUE_NUM : 1;
wl->mac80211_initially_registered_queues = hw->queues;
+ wl->hw_registred = false;
hw->max_rates = 2;
SET_IEEE80211_DEV(hw, dev->dev);
if (is_valid_ether_addr(sprom->et1mac))
@@ -5370,12 +5372,15 @@ static void b43_bcma_remove(struct bcma_device *core)
* as the ieee80211 unreg will destroy the workqueue. */
cancel_work_sync(&wldev->restart_work);
- /* Restore the queues count before unregistering, because firmware detect
- * might have modified it. Restoring is important, so the networking
- * stack can properly free resources. */
- wl->hw->queues = wl->mac80211_initially_registered_queues;
- b43_leds_stop(wldev);
- ieee80211_unregister_hw(wl->hw);
+ B43_WARN_ON(!wl);
+ if (wl->current_dev == wldev && wl->hw_registred) {
+ /* Restore the queues count before unregistering, because firmware detect
+ * might have modified it. Restoring is important, so the networking
+ * stack can properly free resources. */
+ wl->hw->queues = wl->mac80211_initially_registered_queues;
+ b43_leds_stop(wldev);
+ ieee80211_unregister_hw(wl->hw);
+ }
b43_one_core_detach(wldev->dev);
@@ -5446,7 +5451,7 @@ static void b43_ssb_remove(struct ssb_device *sdev)
cancel_work_sync(&wldev->restart_work);
B43_WARN_ON(!wl);
- if (wl->current_dev == wldev) {
+ if (wl->current_dev == wldev && wl->hw_registred) {
/* Restore the queues count before unregistering, because firmware detect
* might have modified it. Restoring is important, so the networking
* stack can properly free resources. */
diff --git a/drivers/net/wireless/ipw2x00/ipw2100.c b/drivers/net/wireless/ipw2x00/ipw2100.c
index 9cfae0c..95aa8e1 100644
--- a/drivers/net/wireless/ipw2x00/ipw2100.c
+++ b/drivers/net/wireless/ipw2x00/ipw2100.c
@@ -1903,14 +1903,6 @@ static void ipw2100_down(struct ipw2100_priv *priv)
netif_stop_queue(priv->net_dev);
}
-/* Called by register_netdev() */
-static int ipw2100_net_init(struct net_device *dev)
-{
- struct ipw2100_priv *priv = libipw_priv(dev);
-
- return ipw2100_up(priv, 1);
-}
-
static int ipw2100_wdev_init(struct net_device *dev)
{
struct ipw2100_priv *priv = libipw_priv(dev);
@@ -6087,7 +6079,6 @@ static const struct net_device_ops ipw2100_netdev_ops = {
.ndo_stop = ipw2100_close,
.ndo_start_xmit = libipw_xmit,
.ndo_change_mtu = libipw_change_mtu,
- .ndo_init = ipw2100_net_init,
.ndo_tx_timeout = ipw2100_tx_timeout,
.ndo_set_mac_address = ipw2100_set_address,
.ndo_validate_addr = eth_validate_addr,
@@ -6329,6 +6320,10 @@ static int ipw2100_pci_init_one(struct pci_dev *pci_dev,
printk(KERN_INFO DRV_NAME
": Detected Intel PRO/Wireless 2100 Network Connection\n");
+ err = ipw2100_up(priv, 1);
+ if (err)
+ goto fail;
+
err = ipw2100_wdev_init(dev);
if (err)
goto fail;
@@ -6338,12 +6333,7 @@ static int ipw2100_pci_init_one(struct pci_dev *pci_dev,
* network device we would call ipw2100_up. This introduced a race
* condition with newer hotplug configurations (network was coming
* up and making calls before the device was initialized).
- *
- * If we called ipw2100_up before we registered the device, then the
- * device name wasn't registered. So, we instead use the net_dev->init
- * member to call a function that then just turns and calls ipw2100_up.
- * net_dev->init is called after name allocation but before the
- * notifier chain is called */
+ */
err = register_netdev(dev);
if (err) {
printk(KERN_WARNING DRV_NAME
diff --git a/drivers/net/wireless/iwlwifi/iwl-6000.c b/drivers/net/wireless/iwlwifi/iwl-6000.c
index 19f7ee8..e5e8ada 100644
--- a/drivers/net/wireless/iwlwifi/iwl-6000.c
+++ b/drivers/net/wireless/iwlwifi/iwl-6000.c
@@ -35,17 +35,20 @@
#define IWL6000_UCODE_API_MAX 6
#define IWL6050_UCODE_API_MAX 5
#define IWL6000G2_UCODE_API_MAX 6
+#define IWL6035_UCODE_API_MAX 6
/* Oldest version we won't warn about */
#define IWL6000_UCODE_API_OK 4
#define IWL6000G2_UCODE_API_OK 5
#define IWL6050_UCODE_API_OK 5
#define IWL6000G2B_UCODE_API_OK 6
+#define IWL6035_UCODE_API_OK 6
/* Lowest firmware API version supported */
#define IWL6000_UCODE_API_MIN 4
#define IWL6050_UCODE_API_MIN 4
-#define IWL6000G2_UCODE_API_MIN 4
+#define IWL6000G2_UCODE_API_MIN 5
+#define IWL6035_UCODE_API_MIN 6
/* EEPROM versions */
#define EEPROM_6000_TX_POWER_VERSION (4)
@@ -227,9 +230,25 @@ const struct iwl_cfg iwl6030_2bg_cfg = {
IWL_DEVICE_6030,
};
+#define IWL_DEVICE_6035 \
+ .fw_name_pre = IWL6030_FW_PRE, \
+ .ucode_api_max = IWL6035_UCODE_API_MAX, \
+ .ucode_api_ok = IWL6035_UCODE_API_OK, \
+ .ucode_api_min = IWL6035_UCODE_API_MIN, \
+ .device_family = IWL_DEVICE_FAMILY_6030, \
+ .max_inst_size = IWL60_RTC_INST_SIZE, \
+ .max_data_size = IWL60_RTC_DATA_SIZE, \
+ .eeprom_ver = EEPROM_6030_EEPROM_VERSION, \
+ .eeprom_calib_ver = EEPROM_6030_TX_POWER_VERSION, \
+ .base_params = &iwl6000_g2_base_params, \
+ .bt_params = &iwl6000_bt_params, \
+ .need_temp_offset_calib = true, \
+ .led_mode = IWL_LED_RF_STATE, \
+ .adv_pm = true
+
const struct iwl_cfg iwl6035_2agn_cfg = {
.name = "Intel(R) Centrino(R) Advanced-N 6235 AGN",
- IWL_DEVICE_6030,
+ IWL_DEVICE_6035,
.ht_params = &iwl6000_ht_params,
};
diff --git a/drivers/net/wireless/iwlwifi/iwl-agn-sta.c b/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
index aea07aa..eb6a8ea 100644
--- a/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
+++ b/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
@@ -1267,7 +1267,7 @@ int iwl_remove_dynamic_key(struct iwl_priv *priv,
key_flags |= STA_KEY_MULTICAST_MSK;
sta_cmd.key.key_flags = key_flags;
- sta_cmd.key.key_offset = WEP_INVALID_OFFSET;
+ sta_cmd.key.key_offset = keyconf->hw_key_idx;
sta_cmd.sta.modify_mask = STA_MODIFY_KEY_MASK;
sta_cmd.mode = STA_CONTROL_MODIFY_MSK;
diff --git a/drivers/net/wireless/iwlwifi/iwl-prph.h b/drivers/net/wireless/iwlwifi/iwl-prph.h
index 3b10692..dfd5466 100644
--- a/drivers/net/wireless/iwlwifi/iwl-prph.h
+++ b/drivers/net/wireless/iwlwifi/iwl-prph.h
@@ -224,6 +224,7 @@
#define SCD_TXFACT (SCD_BASE + 0x10)
#define SCD_ACTIVE (SCD_BASE + 0x14)
#define SCD_QUEUECHAIN_SEL (SCD_BASE + 0xe8)
+#define SCD_CHAINEXT_EN (SCD_BASE + 0x244)
#define SCD_AGGR_SEL (SCD_BASE + 0x248)
#define SCD_INTERRUPT_MASK (SCD_BASE + 0x108)
diff --git a/drivers/net/wireless/iwlwifi/iwl-trans-pcie.c b/drivers/net/wireless/iwlwifi/iwl-trans-pcie.c
index ec6fb39..79c6b91 100644
--- a/drivers/net/wireless/iwlwifi/iwl-trans-pcie.c
+++ b/drivers/net/wireless/iwlwifi/iwl-trans-pcie.c
@@ -1058,6 +1058,11 @@ static void iwl_tx_start(struct iwl_trans *trans)
iwl_write_prph(trans, SCD_DRAM_BASE_ADDR,
trans_pcie->scd_bc_tbls.dma >> 10);
+ /* The chain extension of the SCD doesn't work well. This feature is
+ * enabled by default by the HW, so we need to disable it manually.
+ */
+ iwl_write_prph(trans, SCD_CHAINEXT_EN, 0);
+
/* Enable DMA channel */
for (chan = 0; chan < FH_TCSR_CHNL_NUM ; chan++)
iwl_write_direct32(trans, FH_TCSR_CHNL_TX_CONFIG_REG(chan),
diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c
index 4c9336c..a0b7cfd 100644
--- a/drivers/net/wireless/mac80211_hwsim.c
+++ b/drivers/net/wireless/mac80211_hwsim.c
@@ -1555,6 +1555,7 @@ static int hwsim_tx_info_frame_received_nl(struct sk_buff *skb_2,
hdr = (struct ieee80211_hdr *) skb->data;
mac80211_hwsim_monitor_ack(data2->hw, hdr->addr2);
}
+ txi->flags |= IEEE80211_TX_STAT_ACK;
}
ieee80211_tx_status_irqsafe(data2->hw, skb);
return 0;
diff --git a/drivers/net/wireless/rtl818x/rtl8187/leds.c b/drivers/net/wireless/rtl818x/rtl8187/leds.c
index 2e0de2f..c2d5b49 100644
--- a/drivers/net/wireless/rtl818x/rtl8187/leds.c
+++ b/drivers/net/wireless/rtl818x/rtl8187/leds.c
@@ -117,7 +117,7 @@ static void rtl8187_led_brightness_set(struct led_classdev *led_dev,
radio_on = true;
} else if (radio_on) {
radio_on = false;
- cancel_delayed_work_sync(&priv->led_on);
+ cancel_delayed_work(&priv->led_on);
ieee80211_queue_delayed_work(hw, &priv->led_off, 0);
}
} else if (radio_on) {
diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
index d94627c..91d84cc 100644
--- a/net/mac80211/mlme.c
+++ b/net/mac80211/mlme.c
@@ -3124,7 +3124,7 @@ static int ieee80211_prep_connection(struct ieee80211_sub_if_data *sdata,
}
local->oper_channel = cbss->channel;
- ieee80211_hw_config(local, 0);
+ ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL);
if (!have_sta) {
u32 rates = 0, basic_rates = 0;
diff --git a/net/nfc/llcp/sock.c b/net/nfc/llcp/sock.c
index 3f339b1..17a707d 100644
--- a/net/nfc/llcp/sock.c
+++ b/net/nfc/llcp/sock.c
@@ -292,6 +292,9 @@ static int llcp_sock_getname(struct socket *sock, struct sockaddr *addr,
pr_debug("%p\n", sk);
+ if (llcp_sock == NULL)
+ return -EBADFD;
+
addr->sa_family = AF_NFC;
*len = sizeof(struct sockaddr_nfc_llcp);
--
John W. Linville Someday the world will need a hero, and you
linville@tuxdriver.com might be all we have. Be ready.
[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox