* [PATCH 0/2] netlink: implement socket diag for netlink sockets
From: Andrey Vagin @ 2013-03-21 9:21 UTC (permalink / raw)
To: linux-kernel, netdev
Cc: Andrey Vagin, David S. Miller, Eric Dumazet, Pavel Emelyanov,
Pablo Neira Ayuso, Eric W. Biederman, Gao feng
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Pavel Emelyanov <xemul@parallels.com>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Andrey Vagin (2):
net: prepare netlink code for netlink diag
netlink: Diag core and basic socket info dumping
include/uapi/linux/netlink_diag.h | 40 ++++++++
net/Kconfig | 1 +
net/netlink/Kconfig | 10 ++
net/netlink/Makefile | 3 +
net/netlink/af_netlink.c | 59 +-----------
net/netlink/af_netlink.h | 62 +++++++++++++
net/netlink/diag.c | 186 ++++++++++++++++++++++++++++++++++++++
7 files changed, 307 insertions(+), 54 deletions(-)
create mode 100644 include/uapi/linux/netlink_diag.h
create mode 100644 net/netlink/Kconfig
create mode 100644 net/netlink/af_netlink.h
create mode 100644 net/netlink/diag.c
--
1.8.1.4
^ permalink raw reply
* Re: [BUG] bisected: PandaBoard smsc95xx ethernet driver error from USB timeout
From: Ming Lei @ 2013-03-21 9:00 UTC (permalink / raw)
To: frank.rowand
Cc: stern, gregkh, linux-usb, linux-kernel, linux-omap, balbi, netdev,
steve.glendinning
In-Reply-To: <514A7E81.9000501@am.sony.com>
Hi Frank,
On Thu, Mar 21, 2013 at 11:29 AM, Frank Rowand <frank.rowand@am.sony.com> wrote:
>
> I found the problem on 3.6.11, but have not replicated it on 3.9-rcX
> yet because my config fails to build on 3.9-rc1 and 3.9-rc2. I'll try
> to work on that issue tomorrow.
I play upstream kernel on Pandaboard A1 frequently, looks not
see the failure problem before. Maybe the problem is config dependent.
If you may share your config file, I'd like to do the test too.
Thanks,
--
Ming Lei
^ permalink raw reply
* [PATCH] net: sh-eth: Use pr_err instead of printk
From: Simon Horman @ 2013-03-21 8:46 UTC (permalink / raw)
To: David S. Miller
Cc: netdev, linux-sh, devicetree-discuss, Magnus Damm,
Nobuhiro Iwamatsu, Simon Horman
From: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Signed-off-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Signed-off-by: Simon Horman <horms+renesas@verge.net.au>
---
drivers/net/ethernet/renesas/sh_eth.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/renesas/sh_eth.c b/drivers/net/ethernet/renesas/sh_eth.c
index 56884c4..f632085 100644
--- a/drivers/net/ethernet/renesas/sh_eth.c
+++ b/drivers/net/ethernet/renesas/sh_eth.c
@@ -592,7 +592,7 @@ static int sh_eth_check_reset(struct net_device *ndev)
cnt--;
}
if (cnt < 0) {
- printk(KERN_ERR "Device reset fail\n");
+ pr_err("Device reset fail\n");
ret = -ETIMEDOUT;
}
return ret;
@@ -2321,7 +2321,7 @@ static const u16 *sh_eth_get_register_offset(int register_type)
reg_offset = sh_eth_offset_fast_sh3_sh2;
break;
default:
- printk(KERN_ERR "Unknown register type (%d)\n", register_type);
+ pr_err("Unknown register type (%d)\n", register_type);
break;
}
--
1.7.10.4
^ permalink raw reply related
* virtio: remove obsolete virtqueue_get_queue_index()
From: Rusty Russell @ 2013-03-21 7:17 UTC (permalink / raw)
To: mst, netdev, Cornelia Huck
You can access it directly now, since 3.8: v3.7-rc1-13-g06ca287
'virtio: move queue_index and num_free fields into core struct
virtqueue.'
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index d88d436..24fc9f5 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -153,7 +153,7 @@ struct padded_vnet_hdr {
*/
static int vq2txq(struct virtqueue *vq)
{
- return (virtqueue_get_queue_index(vq) - 1) / 2;
+ return (vq->index - 1) / 2;
}
static int txq2vq(int txq)
@@ -163,7 +163,7 @@ static int txq2vq(int txq)
static int vq2rxq(struct virtqueue *vq)
{
- return virtqueue_get_queue_index(vq) / 2;
+ return vq->index / 2;
}
static int rxq2vq(int rxq)
diff --git a/drivers/s390/kvm/virtio_ccw.c b/drivers/s390/kvm/virtio_ccw.c
index 2029b6c..a7eddc7 100644
--- a/drivers/s390/kvm/virtio_ccw.c
+++ b/drivers/s390/kvm/virtio_ccw.c
@@ -166,7 +166,7 @@ static void virtio_ccw_kvm_notify(struct virtqueue *vq)
vcdev = to_vc_device(info->vq->vdev);
ccw_device_get_schid(vcdev->cdev, &schid);
- do_kvm_notify(schid, virtqueue_get_queue_index(vq));
+ do_kvm_notify(schid, vq->index);
}
static int virtio_ccw_read_vq_conf(struct virtio_ccw_device *vcdev,
@@ -188,7 +188,7 @@ static void virtio_ccw_del_vq(struct virtqueue *vq, struct ccw1 *ccw)
unsigned long flags;
unsigned long size;
int ret;
- unsigned int index = virtqueue_get_queue_index(vq);
+ unsigned int index = vq->index;
/* Remove from our list. */
spin_lock_irqsave(&vcdev->lock, flags);
@@ -610,7 +610,7 @@ static struct virtqueue *virtio_ccw_vq_by_ind(struct virtio_ccw_device *vcdev,
vq = NULL;
spin_lock_irqsave(&vcdev->lock, flags);
list_for_each_entry(info, &vcdev->virtqueues, node) {
- if (virtqueue_get_queue_index(info->vq) == index) {
+ if (vq->index == index) {
vq = info->vq;
break;
}
diff --git a/include/linux/virtio.h b/include/linux/virtio.h
index 833f17b..9ff8645 100644
--- a/include/linux/virtio.h
+++ b/include/linux/virtio.h
@@ -76,12 +76,6 @@ void *virtqueue_detach_unused_buf(struct virtqueue *vq);
unsigned int virtqueue_get_vring_size(struct virtqueue *vq);
-/* FIXME: Obsolete accessor, but required for virtio_net merge. */
-static inline unsigned int virtqueue_get_queue_index(struct virtqueue *vq)
-{
- return vq->index;
-}
-
/**
* virtio_device - representation of a device using virtio
* @index: unique position on the virtio bus
^ permalink raw reply related
* [PATCH] net: add ETH_P_802_3_MIN
From: Simon Horman @ 2013-03-21 8:29 UTC (permalink / raw)
To: netdev
Cc: David S. Miller, Simon Horman, Jesse Gross, Stefan Richter,
Karsten Keil, Mauro Carvalho Chehab, linux1394-devel, linux-media,
dev
Add a new constant ETH_P_802_3_MIN, the minimum ethernet type for
an 802.3 frame. Frames with a lower value in the ethernet type field
are Ethernet II.
Also update all the users of this value that I could find to use the
new constant.
I anticipate adding some more users of this constant when
adding MPLS support to Open vSwtich.
As suggested by Jesse Gross.
Compile tested only.
Cc: Jesse Gross <jesse@nicira.com>
Cc: Stefan Richter <stefanr@s5r6.in-berlin.de>
Cc: Karsten Keil <isdn@linux-pingi.de>
Cc: Mauro Carvalho Chehab <mchehab@redhat.com>
Cc: linux1394-devel@lists.sourceforge.net
Cc: linux-media@vger.kernel.org
Cc: dev@openvswitch.org
Signed-off-by: Simon Horman <horms@verge.net.au>
---
drivers/firewire/net.c | 2 +-
drivers/isdn/i4l/isdn_net.c | 2 +-
drivers/media/dvb-core/dvb_net.c | 6 +++---
drivers/net/ethernet/sun/niu.c | 2 +-
drivers/net/plip/plip.c | 2 +-
include/uapi/linux/if_ether.h | 3 +++
net/ethernet/eth.c | 2 +-
net/openvswitch/datapath.c | 2 +-
8 files changed, 12 insertions(+), 9 deletions(-)
diff --git a/drivers/firewire/net.c b/drivers/firewire/net.c
index 2b27bff..bd34ca1 100644
--- a/drivers/firewire/net.c
+++ b/drivers/firewire/net.c
@@ -630,7 +630,7 @@ static int fwnet_finish_incoming_packet(struct net_device *net,
if (memcmp(eth->h_dest, net->dev_addr, net->addr_len))
skb->pkt_type = PACKET_OTHERHOST;
}
- if (ntohs(eth->h_proto) >= 1536) {
+ if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN) {
protocol = eth->h_proto;
} else {
rawp = (u16 *)skb->data;
diff --git a/drivers/isdn/i4l/isdn_net.c b/drivers/isdn/i4l/isdn_net.c
index babc621..88d657d 100644
--- a/drivers/isdn/i4l/isdn_net.c
+++ b/drivers/isdn/i4l/isdn_net.c
@@ -1385,7 +1385,7 @@ isdn_net_type_trans(struct sk_buff *skb, struct net_device *dev)
if (memcmp(eth->h_dest, dev->dev_addr, ETH_ALEN))
skb->pkt_type = PACKET_OTHERHOST;
}
- if (ntohs(eth->h_proto) >= 1536)
+ if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN)
return eth->h_proto;
rawp = skb->data;
diff --git a/drivers/media/dvb-core/dvb_net.c b/drivers/media/dvb-core/dvb_net.c
index 44225b1..9fc82a1 100644
--- a/drivers/media/dvb-core/dvb_net.c
+++ b/drivers/media/dvb-core/dvb_net.c
@@ -185,7 +185,7 @@ static __be16 dvb_net_eth_type_trans(struct sk_buff *skb,
skb->pkt_type=PACKET_MULTICAST;
}
- if (ntohs(eth->h_proto) >= 1536)
+ if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN)
return eth->h_proto;
rawp = skb->data;
@@ -228,9 +228,9 @@ static int ule_test_sndu( struct dvb_net_priv *p )
static int ule_bridged_sndu( struct dvb_net_priv *p )
{
struct ethhdr *hdr = (struct ethhdr*) p->ule_next_hdr;
- if(ntohs(hdr->h_proto) < 1536) {
+ if(ntohs(hdr->h_proto) < ETH_P_802_3_MIN) {
int framelen = p->ule_sndu_len - ((p->ule_next_hdr+sizeof(struct ethhdr)) - p->ule_skb->data);
- /* A frame Type < 1536 for a bridged frame, introduces a LLC Length field. */
+ /* A frame Type < ETH_P_802_3_MIN for a bridged frame, introduces a LLC Length field. */
if(framelen != ntohs(hdr->h_proto)) {
return -1;
}
diff --git a/drivers/net/ethernet/sun/niu.c b/drivers/net/ethernet/sun/niu.c
index e4c1c88..95cff98 100644
--- a/drivers/net/ethernet/sun/niu.c
+++ b/drivers/net/ethernet/sun/niu.c
@@ -6618,7 +6618,7 @@ static u64 niu_compute_tx_flags(struct sk_buff *skb, struct ethhdr *ehdr,
(len << TXHDR_LEN_SHIFT) |
((l3off / 2) << TXHDR_L3START_SHIFT) |
(ihl << TXHDR_IHL_SHIFT) |
- ((eth_proto_inner < 1536) ? TXHDR_LLC : 0) |
+ ((eth_proto_inner < ETH_P_802_3_MIN) ? TXHDR_LLC : 0) |
((eth_proto == ETH_P_8021Q) ? TXHDR_VLAN : 0) |
(ipv6 ? TXHDR_IP_VER : 0) |
csum_bits);
diff --git a/drivers/net/plip/plip.c b/drivers/net/plip/plip.c
index bed62d9..1f7bef9 100644
--- a/drivers/net/plip/plip.c
+++ b/drivers/net/plip/plip.c
@@ -560,7 +560,7 @@ static __be16 plip_type_trans(struct sk_buff *skb, struct net_device *dev)
* so don't forget to remove it.
*/
- if (ntohs(eth->h_proto) >= 1536)
+ if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN)
return eth->h_proto;
rawp = skb->data;
diff --git a/include/uapi/linux/if_ether.h b/include/uapi/linux/if_ether.h
index 798032d..ade07f1 100644
--- a/include/uapi/linux/if_ether.h
+++ b/include/uapi/linux/if_ether.h
@@ -94,6 +94,9 @@
#define ETH_P_EDSA 0xDADA /* Ethertype DSA [ NOT AN OFFICIALLY REGISTERED ID ] */
#define ETH_P_AF_IUCV 0xFBFB /* IBM af_iucv [ NOT AN OFFICIALLY REGISTERED ID ] */
+#define ETH_P_802_3_MIN 0x0600 /* If the value in the ethernet type is less than this value
+ * then the frame is Ethernet II. Else it is 802.3 */
+
/*
* Non DIX types. Won't clash for 1500 types.
*/
diff --git a/net/ethernet/eth.c b/net/ethernet/eth.c
index a36c85ea..5359560 100644
--- a/net/ethernet/eth.c
+++ b/net/ethernet/eth.c
@@ -195,7 +195,7 @@ __be16 eth_type_trans(struct sk_buff *skb, struct net_device *dev)
if (netdev_uses_trailer_tags(dev))
return htons(ETH_P_TRAILER);
- if (ntohs(eth->h_proto) >= 1536)
+ if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN)
return eth->h_proto;
/*
diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
index d61cd99..8759265 100644
--- a/net/openvswitch/datapath.c
+++ b/net/openvswitch/datapath.c
@@ -681,7 +681,7 @@ static int ovs_packet_cmd_execute(struct sk_buff *skb, struct genl_info *info)
/* Normally, setting the skb 'protocol' field would be handled by a
* call to eth_type_trans(), but it assumes there's a sending
* device, which we may not have. */
- if (ntohs(eth->h_proto) >= 1536)
+ if (ntohs(eth->h_proto) >= ETH_P_802_3_MIN)
packet->protocol = eth->h_proto;
else
packet->protocol = htons(ETH_P_802_2);
--
1.7.10.4
^ permalink raw reply related
* Re: [PATCH 1/2] genetlink: trigger BUG_ON if a group name is too long
From: Masatake YAMATO @ 2013-03-21 7:49 UTC (permalink / raw)
To: bhutchings; +Cc: davem, netdev
In-Reply-To: <1363800779.2677.16.camel@bwh-desktop.uk.solarflarecom.com>
I will look at sparse whether it can capture this kind of mistake.
Masatake YAMATO
From: Ben Hutchings <bhutchings@solarflare.com>
Date: Wed, 20 Mar 2013 17:32:59 +0000
> On Wed, 2013-03-20 at 12:07 -0400, David Miller wrote:
>> From: Masatake YAMATO <yamato@redhat.com>
>> Date: Tue, 19 Mar 2013 20:47:27 +0900
>>
>> > Trigger BUG_ON if a group name is longer than GENL_NAMSIZ.
>> >
>> > Signed-off-by: Masatake YAMATO <yamato@redhat.com>
>>
>> Applied, thanks.
>>
>> Although I'm disappointed that the compiler doesn't say anything about
>> this in the assignment.
>>
>> We're assigning "char[16] = STRING" and it doesn't say anything if the
>> final NULL char doesn't fit into the array.
>
> Unfortunately the C standard says this is allowed. (Though the C++
> standard says it's not!) That doesn't mean the compiler can't warn
> about it, of course.
>
> Ben.
>
> --
> Ben Hutchings, Staff Engineer, Solarflare
> Not speaking for my employer; that's the marketing department's job.
> They asked us to note that Solarflare product names are trademarked.
>
^ permalink raw reply
* Re: [PATCH 2/2] thermal: shorten too long mcast group name
From: Masatake YAMATO @ 2013-03-21 7:46 UTC (permalink / raw)
To: davem; +Cc: netdev
In-Reply-To: <20130320.120832.24140728832512231.davem@davemloft.net>
> From: Masatake YAMATO <yamato@redhat.com>
> Date: Tue, 19 Mar 2013 20:47:28 +0900
>
>> The original name is too long.
>>
>> Signed-off-by: Masatake YAMATO <yamato@redhat.com>
>
> This change needs to go in via the Thermal driver maintainers.
Thanks. I've submitted the patch to linux-acpi ML.
Masatake YAMATO
^ permalink raw reply
* [PATCH] lantiq_etop: use free_netdev(netdev) instead of kfree()
From: Wei Yongjun @ 2013-03-21 7:31 UTC (permalink / raw)
To: davem, jiri, wfp5p, jdmason, gregkh; +Cc: yongjun_wei, netdev
From: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Freeing netdev without free_netdev() leads to net, tx leaks.
And it may lead to dereferencing freed pointer.
Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
---
drivers/net/ethernet/lantiq_etop.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/lantiq_etop.c b/drivers/net/ethernet/lantiq_etop.c
index 6a21274..bfdb0686 100644
--- a/drivers/net/ethernet/lantiq_etop.c
+++ b/drivers/net/ethernet/lantiq_etop.c
@@ -769,7 +769,7 @@ ltq_etop_probe(struct platform_device *pdev)
return 0;
err_free:
- kfree(dev);
+ free_netdev(dev);
err_out:
return err;
}
^ permalink raw reply related
* Re: [PATCH v6] net: sh_eth: Add support of device tree probe
From: Nobuhiro Iwamatsu @ 2013-03-21 7:03 UTC (permalink / raw)
To: Sergei Shtylyov
Cc: netdev, devicetree-discuss, magnus.damm, kda, horms+renesas,
mark.rutland, grant.likely
In-Reply-To: <51486699.6000908@cogentembedded.com>
Hi,
Thank you for your comment.
(2013/03/19 22:22), Sergei Shtylyov wrote:
> On 19-03-2013 10:39, Nobuhiro Iwamatsu wrote:
>
>> This adds support of device tree probe for Renesas sh-ether driver.
>
>> Signed-off-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
>
>> V6: - Add renesas,sh-eth-gigabit, renesas,sh-eth-sh4 and
>> renesas,sh-eth-sh3-sh2 to compatible string.
>> - Remove sh-eth,register-type. This is supplemented by the
>> compatible string.
>> - Use the of_property_read_bool instead of of_find_property.
>> - Add sanity chheck for of_property_read_u32.
>> - Update document.
>> V5: - Rewrite sh_eth_parse_dt().
>> Remove of_device_is_available() and CONFIG_OF from support OF
>> checking function and re-add empty sh_eth_parse_dt().
>> - Add CONFIG_PM to definition of dev_pm_ops.
>> - Add CONFIG_OF to definition of of_device_id.
>> V4: - Remove empty sh_eth_parse_dt().
>> V3: - Remove empty sh_eth_parse_dt().
>> V3: - Removed sentnece of "needs-init" from document.
>> V2: - Removed ether_setup().
>> - Fixed typo from "sh-etn" to "sh-eth".
>> - Removed "needs-init" and sh-eth,endian from definition of DT.
>> - Changed "sh-eth,edmac-endian" instead of "sh-eth,edmac-big-endain"
>> in definition of DT.
>> ---
>> Documentation/devicetree/bindings/net/sh_ether.txt | 48 +++++++
>> drivers/net/ethernet/renesas/sh_eth.c | 145 ++++++++++++++++----
>> 2 files changed, 168 insertions(+), 25 deletions(-)
>> create mode 100644 Documentation/devicetree/bindings/net/sh_ether.txt
>
>> diff --git a/Documentation/devicetree/bindings/net/sh_ether.txt b/Documentation/devicetree/bindings/net/sh_ether.txt
>> new file mode 100644
>> index 0000000..d1f961c
>> --- /dev/null
>> +++ b/Documentation/devicetree/bindings/net/sh_ether.txt
>> @@ -0,0 +1,48 @@
>> +* Renesas Electronics SuperH EMAC
>> +
>> +This file provides information, what the device node
>> +for the sh_eth interface contains.
>> +
>> +Required properties:
>> +- compatible: "renesas,sh-eth-gigabit": If a device has
>> + a function of gigabit, you should
>> + set this.
>> + "renesas,sh-eth-sh4": If this is provided by
>> + SH4, you should set this.
>> + "renesas,sh-eth-sh3-sh2": If this is provided
>> + by SH3 or SH2, you should set this.
>> +
>> +- interrupt-parent: The phandle for the interrupt controller that
>> + services interrupts for this device.
>> +
>> +- reg: Offset and length of the register set for the
>> + device. If device has TSU registers, you need
>> + to set up two register information here.
>> +
>> +- interrupts: Interrupt mapping for the sh_eth interrupt
>> + sources (vector id). You can set one value.
>> +
>> +- phy-mode: String, operation mode of the PHY interface
>> + (a string that of_get_phy_mode() can understand).
>> +
>> +- sh-eth,phy-id: PHY id.
>> +
>> +Optional properties:
>> +- local-mac-address: 6 bytes, mac address
>> +- sh-eth,no-ether-link: Set link control by software. When device does
>
> I got the impression that usually the vendor name, not driver name is used as a property prefix.
Ok, I will change to vendor name.
>
>> diff --git a/drivers/net/ethernet/renesas/sh_eth.c b/drivers/net/ethernet/renesas/sh_eth.c
>> index 7a6471d..d9df68e 100644
>> --- a/drivers/net/ethernet/renesas/sh_eth.c
>> +++ b/drivers/net/ethernet/renesas/sh_eth.c
>> @@ -1,7 +1,7 @@
>> /*
>> * SuperH Ethernet device driver
>> *
>> - * Copyright (C) 2006-2012 Nobuhiro Iwamatsu
>> + * Copyright (C) 2006-2013 Nobuhiro Iwamatsu
>> * Copyright (C) 2008-2012 Renesas Solutions Corp.
>
> Don't you want to extend the copyright of Renesas also -- you seem to be still working there. :-)
>
Thanks, I will fix.
>> @@ -2391,12 +2451,33 @@ static int sh_eth_drv_probe(struct platform_device *pdev)
>> goto out_release;
>> }
>>
>> + if (np) {
>> + pd = sh_eth_parse_dt(&pdev->dev, ndev, np);
>> + if (pdev->dev.platform_data && pd) {
>> + struct sh_eth_plat_data *tmp =
>> + pdev->dev.platform_data;
>> + pd->set_mdio_gate = tmp->set_mdio_gate;
>> + pd->needs_init = tmp->needs_init;
>
> OK, so we can't fully convert this driver to the device tree due to procedural platform data.
> I then would advice just using OF_DEV_AUXDATA() in the platform data instead of trying to convert the driver to device tree.
Yes, I knew about this.
>
> [...]
>> @@ -2422,20 +2505,16 @@ static int sh_eth_drv_probe(struct platform_device *pdev)
> [...]
>> mdp->tsu_addr = ioremap(rtsu->start,
>> - resource_size(rtsu));
>> + resource_size(rtsu));
>
> Why? It was indented perfectly before. Anyway, you shouldn't be doing collateral whitespace changes.
>
Ok, I will remove this change from this patch.
>> mdp->port = devno % 2;
>> ndev->features = NETIF_F_HW_VLAN_FILTER;
>> }
>> @@ -2502,6 +2581,7 @@ static int sh_eth_drv_remove(struct platform_device *pdev)
>> return 0;
>> }
>>
>> +#ifdef CONFIG_PM
>
> Unrelated change.
>
>> static int sh_eth_runtime_nop(struct device *dev)
>> {
>> /*
>> @@ -2515,17 +2595,32 @@ static int sh_eth_runtime_nop(struct device *dev)
>> return 0;
>> }
>>
>> -static struct dev_pm_ops sh_eth_dev_pm_ops = {
>> +static const struct dev_pm_ops sh_eth_dev_pm_ops = {
>> .runtime_suspend = sh_eth_runtime_nop,
>> .runtime_resume = sh_eth_runtime_nop,
>> };
>> +#define SH_ETH_PM_OPS (&sh_eth_dev_pm_ops)
>
> () not needed.
>
>> +#else
>> +#define SH_ETH_PM_OPS NULL
>> +#endif
>
> Unrelated change. Should be in a different patch.
Yes, I will remove these changes from this patch.
>
>> +
>> +#ifdef CONFIG_OF
>> +static const struct of_device_id sh_eth_match[] = {
>> + { .compatible = "renesas,sh-eth-gigabit", },
>> + { .compatible = "renesas,sh-eth-sh4", },
>> + { .compatible = "renesas,sh-eth-sh3-sh2", },
>
> Biut this is not really enough: the driver supports much more variations of the SH and ARM SoCs
> all of which have difference not only in register layout but also in the registers bits or even
> presence of the whole register blocks. All this IMO should be reflected in the different values
> of the compatible "property". BTW, it seems another register layout and instance needs to be added
> for the R-Car SoCs (instead of the current ugly hack).
I see.
Latest source code was defined compatible as renesas,sh-eth-gigabit,
sh-eth-sh4 and sh-eth-sh3-sh2. I will change ito renesas,<CPU>-sh-eth.
And I think that we should define the sh7757-sh-eth-gitabit and
sh7757-sh-eth-fast for this. Becauase sh7757 is special device.
There is a device that supports only devices that support fast
ether and gigabit ether on single CPU.
Therefore, the compatible property of this device becomes <CPU>-sh-eth
or <CPU>-sh-eth-<ETHER TYPE>.
How about this?
>
>> + {},
>> +};
>> +MODULE_DEVICE_TABLE(of, sh_eth_match);
>> +#endif
>>
>> static struct platform_driver sh_eth_driver = {
>> .probe = sh_eth_drv_probe,
>> .remove = sh_eth_drv_remove,
>> .driver = {
>> .name = CARDNAME,
>> - .pm = &sh_eth_dev_pm_ops,
>> + .pm = SH_ETH_PM_OPS,
>
> Unrelated as well.
>
Yes, this is too.
> WBR, Sergei
>
>
^ permalink raw reply
* Re: [PATCH 1/3] net: Clean up SCM_CREDENTIALS code
From: Eric W. Biederman @ 2013-03-21 6:54 UTC (permalink / raw)
To: Andy Lutomirski; +Cc: netdev, containers
In-Reply-To: <3d7ffb6d9b73971f1a526fc490ef84ef7a33eecc.1363815201.git.luto@amacapital.net>
Andy Lutomirski <luto@amacapital.net> writes:
> I was curious whether the uids, gids, and pids passed around worked
> correctly in the presence of multiple namespaces. I gave up trying
> to figure it out: there are two copies of the pid (one of which has
> type u32, which is odd), a struct cred * (!), and a separate kuid
> and kgid. IOW, all of the relevant data is stored twice, and it's
> unclear which copy is used when.
>
> I also wondered what prevented a SO_CREDENTIALS message from being
> recieved when the credentials weren't filled out. Answer: not very
> much (and there have been serious security bugs here in the past).
>
> So just rewrite the thing to store a pid_t relative to the init pid
> ns, a kuid, and a kgid, and to explicitly track whether the data is
> filled out.
>
> I haven't played with the secid code. I have no idea whether it has
> similar problems.
>
> I haven't benchmarked this, but it should be a respectable speedup
> in the cases where the credentials are in use.
The basic principle of no longer passing the struct cred we can
certainly do.
I am less convinced about the struct pid, but arguably that is the
proper approach.
A patch that proclaims that you didn't understand what the code was
doing but you changed it anyway, suggests there are subtle bugs
in there that you overlooked.
Certainly killing NETLINK_CB(sbk).ssk is a bug.
I do think there is a lot of good stuff in here and if you break this up
into smaller patches simpler patches, and keep an eye on the speed of
sending things messages without credentials. I am pretty certain you
can cook up something that is mergable.
Eric
^ permalink raw reply
* Re: [PATCH 2/3] netlink: Remove an unused pointer in netlink_skb_parms
From: Eric W. Biederman @ 2013-03-21 6:36 UTC (permalink / raw)
To: Andy Lutomirski
Cc: netdev-u79uwXL29TY76Z2rM5mHXA,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
In-Reply-To: <a8766c8b116b5e6fcaa932fe94f84a584554b98f.1363815201.git.luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
net/ipv4/inet_diag.c: sk_user_ns(NETLINK_CB(in_skb).ssk),
net/ipv4/inet_diag.c: sk_user_ns(NETLINK_CB(cb->skb).ssk),
net/ipv4/inet_diag.c: sk_user_ns(NETLINK_CB(cb->skb).ssk),
net/ipv4/udp_diag.c: sk_user_ns(NETLINK_CB(cb->skb).ssk),
net/ipv4/udp_diag.c: sk_user_ns(NETLINK_CB(in_skb).ssk),
net/netfilter/nfnetlink_log.c: sk_user_ns(NETLINK_CB(skb).ssk));
net/netlink/af_netlink.c: NETLINK_CB(skb).ssk = ssk;
net/sched/cls_flow.c: sk_user_ns(NETLINK_CB(in_skb).ssk) != &init_user_ns)
I count 8 uses.
Eric
>
> diff --git a/include/linux/netlink.h b/include/linux/netlink.h
> index e0f746b..9ac1201 100644
> --- a/include/linux/netlink.h
> +++ b/include/linux/netlink.h
> @@ -19,7 +19,6 @@ struct netlink_skb_parms {
> struct scm_creds creds; /* Skb credentials */
> __u32 portid;
> __u32 dst_group;
> - struct sock *ssk;
> };
>
> #define NETLINK_CB(skb) (*(struct netlink_skb_parms*)&((skb)->cb))
^ permalink raw reply
* Re: [PATCH net-next] net: fix psock_fanout selftest hash collision
From: Daniel Borkmann @ 2013-03-21 6:31 UTC (permalink / raw)
To: Willem de Bruijn; +Cc: David Miller, netdev
In-Reply-To: <CA+FuTScnkvSZ1U=vmELNEpS4hU62iMV7B2ZDHT8KGAwxCxA-Ng@mail.gmail.com>
On 03/21/2013 01:07 AM, Willem de Bruijn wrote:
> On Wed, Mar 20, 2013 at 1:59 PM, David Miller <davem@davemloft.net> wrote:
>> From: David Miller <davem@davemloft.net>
>> Date: Wed, 20 Mar 2013 12:33:44 -0400 (EDT)
>>
>>> From: Willem de Bruijn <willemb@google.com>
>>> Date: Wed, 20 Mar 2013 02:42:44 -0400
>>>
>>>> Fix flaky results with PACKET_FANOUT_HASH depending on whether the
>>>> two flows hash into the same packet socket or not.
>>>>
>>>> Also adds tests for PACKET_FANOUT_LB and PACKET_FANOUT_CPU and
>>>> replaces the counting method with a packet ring.
>>>>
>>>> Signed-off-by: Willem de Bruijn <willemb@google.com>
>>>
>>> Applied, thanks. I'll retest on my sparc64 box later today.
>>
>> Unfortunately, it's still broken there:
>
> This looks like a new problem. Now the counters all stay zero.
>
> I am looking into it. I have not been able to reproduce this on my
> x86_64 so far, so just brought a sparc32 up in qemu. Had less luck
> with sparc64, but impressive that it works at all. Come to think of
> it, is this a 64-bit kernel with 32-bit userland? Perhaps that
> affects packet ring memory layout.
That can affect the ring buffer in case of TPACKET_V1, which is default
if not specified otherwise. See Documentation/networking/packet_mmap.txt +514
^ permalink raw reply
* Re: [PATCH] fec: Unify fec_ptp.c and fec.c
From: Uwe Kleine-König @ 2013-03-21 6:21 UTC (permalink / raw)
To: Fabio Estevam; +Cc: davem, Frank.Li, netdev, Fabio Estevam
In-Reply-To: <1363810268-24398-1-git-send-email-festevam@gmail.com>
Hello Fabio,
On Wed, Mar 20, 2013 at 05:11:07PM -0300, Fabio Estevam wrote:
> Currently CONFIG_FEC=y generates two separate modules: fec_ptp.ko and fec.ko.
CONFIG_FEC=m
> These modules cannot be used independently, so it is better to unify them.
>
> Move fec_ptp.c code into fec.c and its definitions into fec.h.
>
> Suggested-by: Uwe Kleine-Koenig <u.kleine-koenig@pengutronix.de>
s/Koe/Kö/
> Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
You could note that you dropped the EXPORT_SYMBOLs. Other than that I
assume it's a 1:1 change?
Best regards
Uwe
--
Pengutronix e.K. | Uwe Kleine-König |
Industrial Linux Solutions | http://www.pengutronix.de/ |
^ permalink raw reply
* Re: [PATCH net] vhost/net: fix heads usage of ubuf_info
From: Michael S. Tsirkin @ 2013-03-21 6:02 UTC (permalink / raw)
To: David Miller; +Cc: kvm, netdev, linux-kernel, nab, virtualization, basil.gor
In-Reply-To: <20130317.142955.1114572401286297685.davem@davemloft.net>
On Sun, Mar 17, 2013 at 02:29:55PM -0400, David Miller wrote:
> From: "Michael S. Tsirkin" <mst@redhat.com>
> Date: Sun, 17 Mar 2013 14:46:09 +0200
>
> > ubuf info allocator uses guest controlled head as an index,
> > so a malicious guest could put the same head entry in the ring twice,
> > and we will get two callbacks on the same value.
> > To fix use upend_idx which is guaranteed to be unique.
> >
> > Reported-by: Rusty Russell <rusty@rustcorp.com.au>
> > Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
>
> Applied and queued up for -stable, thanks.
>
> And thankfully you got the stable URL wrong,
Yes I wrote stable@kernel.org that's what an old copy
says here:
https://www.kernel.org/doc/Documentation/stable_kernel_rules.txt
I should have known better than look at it on the 'net. The top
'Everything you ever wanted to know about Linux 2.6 -stable releases.'
is a big hint that it's stale.
Any idea who maintains this? Better update it or remove it or redirect to git.
> please do not CC:
> networking patches to stable, just make sure I apply them and in
> your post-commit text explicitly ask me to queue it up to my
> -stable queue.
>
> Thanks.
^ permalink raw reply
* Re: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors
From: Fernando Luis Vazquez Cao @ 2013-03-21 5:07 UTC (permalink / raw)
To: Pablo Neira Ayuso
Cc: Michael Kerrisk, linux-man, netdev, netfilter-devel,
Patrick McHardy, Hirotaka Sasaki
In-Reply-To: <20130319101223.GA3672@localhost>
On 2013/03/19 19:12, Pablo Neira Ayuso wrote:
> On Tue, Mar 19, 2013 at 03:52:40PM +0900, Fernando Luis Vázquez Cao wrote:
>> Subject: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors
>>
>> This bug has been known since early 2009 (the latest) and discussed in
>> netdev before:
>>
>> http://marc.info/?l=linux-netdev&w=2&r=1&s=Possible+race+condition+in+conntracking+&q=b
>>
>> It seems that a proper fix would be non trivial, so document the bug
>> in the meantime.
>>
>> Reported-by: Hirotaka Sasaki <sasaki.hirotaka@lab.ntt.co.jp>
>> Signed-off-by: Fernando Luis Vazquez Cao <fernando@oss.ntt.co.jp>
>> ---
>>
>> diff -urNp man-pages-3.50-orig/man2/send.2 man-pages-3.50/man2/send.2
>> --- man-pages-3.50-orig/man2/send.2 2013-03-19 15:18:03.784306647 +0900
>> +++ man-pages-3.50/man2/send.2 2013-03-19 15:30:40.788060426 +0900
>> @@ -420,6 +420,11 @@ Linux may return
>> .B EPIPE
>> instead of
>> .BR ENOTCONN .
>> +
>> +Linux may return spurious
>> +.B EPERM
>> +errors when netfilter's conntrack module is loaded and two or more
>> +UDP packets belonging to the same connection are processed in parallel.
> The Connection tracking system may drop packets for different reasons
> under rare circunstances, not only in this case.
> I'd prefer if you only apply patch 1/2.
I'd agree with you if we *silently* dropped packets in such
situations, but unfortunately that's not the case.
The problem is that sometimes we end up returning spurious EPERM
errors to user space. Applications may (and many actually do)
interpret EPERM as "an attempt was made to perform an operation
limited to processes with appropriate privileges or to the owner of a
file or other resource" and just bail out after seeing the first
EPERM; after all, if its cause is system policy-related there is no
point in retrying. Spurious EPERM errors would break such (perfectly
compliant) applications, so the least we can do is document them
properly.
Thanks,
Fernando
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH v2 3/3 net-next] tcp: implement RFC5682 F-RTO
From: Eric Dumazet @ 2013-03-21 5:00 UTC (permalink / raw)
To: Yuchung Cheng; +Cc: davem, ncardwell, edumazet, nanditad, ilpo.jarvinen, netdev
In-Reply-To: <1363822380-16687-3-git-send-email-ycheng@google.com>
On Wed, 2013-03-20 at 16:33 -0700, Yuchung Cheng wrote:
> This patch implements F-RTO (foward RTO recovery):
>
> When the first retransmission after timeout is acknowledged, F-RTO
> sends new data instead of old data. If the next ACK acknowledges
> some never-retransmitted data, then the timeout was spurious and the
> congestion state is reverted. Otherwise if the next ACK selectively
> acknowledges the new data, then the timeout was genuine and the
> loss recovery continues. This idea applies to recurring timeouts
> as well. While F-RTO sends different data during timeout recovery,
> it does not (and should not) change the congestion control.
>
> The implementaion follows the three steps of SACK enhanced algorithm
> (section 3) in RFC5682. Step 1 is in tcp_enter_loss(). Step 2 and
> 3 are in tcp_process_loss(). The basic version is not supported
> because SACK enhanced version also works for non-SACK connections.
>
> The new implementation is functionally in parity with the old F-RTO
> implementation except the one case where it increases undo events:
> In addition to the RFC algorithm, a spurious timeout may be detected
> without sending data in step 2, as long as the SACK confirms not
> all the original data are dropped. When this happens, the sender
> will undo the cwnd and perhaps enter fast recovery instead. This
> additional check increases the F-RTO undo events by 5x compared
> to the prior implementation on Google Web servers, since the sender
> often does not have new data to send for HTTP.
>
> Note F-RTO may detect spurious timeout before Eifel with timestamps
> does so.
>
> Signed-off-by: Yuchung Cheng <ycheng@google.com>
> ---
> ChangeLog in v2:
> - Removed extra while spaces
> - Allow F-RTO in sack reneging case to detect spurious retransmit(s)
> - Re-tested after merging with the recent TCP tail loss probe patch
>
> Documentation/networking/ip-sysctl.txt | 18 +++------
> include/linux/tcp.h | 3 +-
> net/ipv4/tcp_input.c | 73 ++++++++++++++++++++++++++++------
> 3 files changed, 68 insertions(+), 26 deletions(-)
Acked-by: Eric Dumazet <edumazet@google.com>
^ permalink raw reply
* [PATCH net-next] gro: relax ID check in inet_gro_receive()
From: Eric Dumazet @ 2013-03-21 4:52 UTC (permalink / raw)
To: David Miller
Cc: netdev, Dmitry Kravkov, Eilon Greenstein, Pravin B Shelar,
H.K. Jerry Chu, Maciej Żenczykowski
From: Eric Dumazet <edumazet@google.com>
GRE TSO support doesn't increment the ID in the inner IP header.
Remove the ID check in inet_gro_receive() so that GRO can properly
aggregate GRE encapsulated TCP packets, instead of forcing
a flush for every packet.
Testing the IP ID is not really needed anyway for proper GRO operation.
We can use more readable (and faster) code to access tot_len and
frag_off fields.
Tested on a bnx2x setup after commit a848ade408b6b
(bnx2x: add CSUM and TSO support for encapsulation protocols)
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Dmitry Kravkov <dmitry@broadcom.com>
Cc: Eilon Greenstein <eilong@broadcom.com>
Cc: Pravin B Shelar <pshelar@nicira.com>
Cc: H.K. Jerry Chu <hkchu@google.com>
Cc: Maciej Żenczykowski <maze@google.com>
---
net/ipv4/af_inet.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 9e5882c..302a47e 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1355,7 +1355,6 @@ static struct sk_buff **inet_gro_receive(struct sk_buff **head,
const struct iphdr *iph;
unsigned int hlen;
unsigned int off;
- unsigned int id;
int flush = 1;
int proto;
@@ -1381,9 +1380,9 @@ static struct sk_buff **inet_gro_receive(struct sk_buff **head,
if (unlikely(ip_fast_csum((u8 *)iph, 5)))
goto out_unlock;
- id = ntohl(*(__be32 *)&iph->id);
- flush = (u16)((ntohl(*(__be32 *)iph) ^ skb_gro_len(skb)) | (id ^ IP_DF));
- id >>= 16;
+ flush = ntohs(iph->tot_len) ^ skb_gro_len(skb);
+
+ flush |= (__force u16)iph->frag_off ^ htons(IP_DF);
for (p = *head; p; p = p->next) {
struct iphdr *iph2;
@@ -1400,11 +1399,9 @@ static struct sk_buff **inet_gro_receive(struct sk_buff **head,
continue;
}
- /* All fields must match except length and checksum. */
NAPI_GRO_CB(p)->flush |=
(iph->ttl ^ iph2->ttl) |
- (iph->tos ^ iph2->tos) |
- ((u16)(ntohs(iph2->id) + NAPI_GRO_CB(p)->count) ^ id);
+ (iph->tos ^ iph2->tos);
NAPI_GRO_CB(p)->flush |= flush;
}
^ permalink raw reply related
* Attn:charity work money alert
From: Mark huffman @ 2013-03-20 20:40 UTC (permalink / raw)
This is to inform you that we want to donate some amount to you as part of
our charity work. you can contact us for further inquiring.
^ permalink raw reply
* [BUG] bisected: PandaBoard smsc95xx ethernet driver error from USB timeout
From: Frank Rowand @ 2013-03-21 3:29 UTC (permalink / raw)
To: stern, gregkh, linux-usb, linux-kernel, linux-usb, linux-omap,
balbi, netdev, steve.glendinning
Hi All,
Not quite sure quite where the problem is (USB, OMAP, smsc95xx driver, other???),
so casting the nets wide...
The PandaBoard frequently fails to boot with an eth0 error when mounting
the root file system via NFS (ethernet driver fails due to a USB timeout;
no ethernet means NFS won't work). A typical set of error messages is:
[ 3.264373] smsc95xx 1-1.1:1.0: usb_probe_interface
[ 3.269500] smsc95xx 1-1.1:1.0: usb_probe_interface - got id
[ 3.275543] smsc95xx v1.0.4
[ 8.078674] smsc95xx 1-1.1:1.0: eth0: register 'smsc95xx' at usb-ehci-omap.0-1.1, smsc95xx USB 2.0 Ethernet, 82:b9:1d:fa:67:0d
[ 8.091003] hub 1-1:1.0: state 7 ports 5 chg 0000 evt 0002
[ 13.509918] usb 1-1.1: swapper/0 timed out on ep0out len=0/4
[ 13.515869] smsc95xx 1-1.1:1.0: eth0: Failed to write register index 0x00000108
[ 13.523559] smsc95xx 1-1.1:1.0: eth0: Failed to write ADDRL: -110
[ 13.529998] IP-Config: Failed to open eth0
I have bisected this to:
commit 18aafe64d75d0e27dae206cacf4171e4e485d285
Author: Alan Stern <stern@rowland.harvard.edu>
Date: Wed Jul 11 11:23:04 2012 -0400
USB: EHCI: use hrtimer for the I/O watchdog
Note that to compile this version of the kernel, an additional fix must
also be applied:
commit ba5952e0711b14d8d4fe172671f8aa6091ace3ee
Author: Ming Lei <ming.lei@canonical.com>
Date: Fri Jul 13 17:25:24 2012 +0800
USB: ehci-omap: fix compile failure(v1)
The symptom can be worked around by retrying the USB access if a timeout
occurs. This is clearly _not_ the fix, just a hack that I used to
investigate the problem:
http://article.gmane.org/gmane.linux.rt.user/9773
My kernel configuration is:
arch/arm/configs/omap2plus_defconfig
plus to get the ethernet driver I add:
CONFIG_USB_EHCI_HCD
CONFIG_USB_NET_SMSC95XX
I found the problem on 3.6.11, but have not replicated it on 3.9-rcX
yet because my config fails to build on 3.9-rc1 and 3.9-rc2. I'll try
to work on that issue tomorrow.
^ permalink raw reply
* [PATCH] net: remove redundant ifdef CONFIG_CGROUPS
From: Li Zefan @ 2013-03-21 2:54 UTC (permalink / raw)
To: David Miller; +Cc: Neil Horman, LKML, netdev
The cgroup code has been surrounded by ifdef CONFIG_NET_CLS_CGROUP
and CONFIG_NETPRIO_CGROUP.
Signed-off-by: Li Zefan <lizefan@huawei.com>
---
net/core/sock.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/net/core/sock.c b/net/core/sock.c
index b261a79..a19e728 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1298,7 +1298,6 @@ static void sk_prot_free(struct proto *prot, struct sock *sk)
module_put(owner);
}
-#ifdef CONFIG_CGROUPS
#if IS_ENABLED(CONFIG_NET_CLS_CGROUP)
void sock_update_classid(struct sock *sk, struct task_struct *task)
{
@@ -1321,7 +1320,6 @@ void sock_update_netprioidx(struct sock *sk, struct task_struct *task)
}
EXPORT_SYMBOL_GPL(sock_update_netprioidx);
#endif
-#endif
/**
* sk_alloc - All socket objects are allocated here
--
1.8.0.2
^ permalink raw reply related
* Re: [PATCH 1/3] net: Clean up SCM_CREDENTIALS code
From: James Morris @ 2013-03-21 2:15 UTC (permalink / raw)
To: Andy Lutomirski; +Cc: netdev, containers, Eric W. Biederman, David Howells
In-Reply-To: <3d7ffb6d9b73971f1a526fc490ef84ef7a33eecc.1363815201.git.luto@amacapital.net>
(adding David Howells)
On Wed, 20 Mar 2013, Andy Lutomirski wrote:
> I was curious whether the uids, gids, and pids passed around worked
> correctly in the presence of multiple namespaces. I gave up trying
> to figure it out: there are two copies of the pid (one of which has
> type u32, which is odd), a struct cred * (!), and a separate kuid
> and kgid. IOW, all of the relevant data is stored twice, and it's
> unclear which copy is used when.
>
> I also wondered what prevented a SO_CREDENTIALS message from being
> recieved when the credentials weren't filled out. Answer: not very
> much (and there have been serious security bugs here in the past).
>
> So just rewrite the thing to store a pid_t relative to the init pid
> ns, a kuid, and a kgid, and to explicitly track whether the data is
> filled out.
>
> I haven't played with the secid code. I have no idea whether it has
> similar problems.
>
> I haven't benchmarked this, but it should be a respectable speedup
> in the cases where the credentials are in use.
>
> Signed-off-by: Andy Lutomirski <luto@amacapital.net>
> ---
>
> Before, the program below printed this:
>
> $ passcred
> My pid = 19873
> No SO_PASSCRED: uid=65534 gid=65534 pid=0 [this is a bug]
> SO_PASSCRED: uid=1000 gid=1000 pid=19873
> SO_PASSCRED, forked to pid 19874: uid=1000 gid=1000 pid=19874
>
> # passcred
> My pid = 19886
> No SO_PASSCRED: uid=65534 gid=65534 pid=0
> SO_PASSCRED: uid=0 gid=0 pid=19886
> SO_PASSCRED, forked to pid 19887: uid=0 gid=0 pid=19887
>
>
> After:
>
> # passcred
> My pid = 83
> No creds received
> SO_PASSCRED: uid=0 gid=0 pid=83
> SO_PASSCRED, forked to pid 84: uid=0 gid=0 pid=0
>
>
> #define _GNU_SOURCE
> #include <sys/types.h>
> #include <sys/wait.h>
> #include <sys/socket.h>
> #include <stdlib.h>
> #include <stdint.h>
> #include <stdbool.h>
> #include <stdio.h>
> #include <string.h>
> #include <unistd.h>
> #include <err.h>
>
> static void send_str(int fd, const char *msg)
> {
> if (send(fd, msg, strlen(msg)+1, 0) < 0)
> err(1, "send");
> }
>
> int main()
> {
> int fds[2];
> if (socketpair(AF_UNIX, SOCK_DGRAM, 0, fds))
> err(1, "socketpair");
>
> send_str(fds[1], "No SO_PASSCRED");
>
> int one = 1;
> if (setsockopt(fds[0], SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) != 0)
> err(1, "SO_PASSCRED");
>
> send_str(fds[1], "SO_PASSCRED");
>
> if (fork() == 0) {
> char msg[1024];
> sprintf(msg, "SO_PASSCRED, forked to pid %ld", (long)getpid());
> send_str(fds[1], msg);
> return 0;
> }
>
> int status;
> wait(&status);
> printf("My pid = %ld\n", getpid());
>
> for (int i = 0; i < 3; i++) {
> char buf[1024];
> char cbuf[CMSG_SPACE(sizeof(struct ucred))];
> struct iovec iov;
> iov.iov_base = &buf;
> iov.iov_len = sizeof(buf);
> struct msghdr hdr;
> memset(&hdr, 0, sizeof(hdr));
> hdr.msg_iov = &iov;
> hdr.msg_iovlen = 1;
> hdr.msg_control = cbuf;
> hdr.msg_controllen = sizeof(cbuf);
> ssize_t bytes = recvmsg(fds[0], &hdr, 0);
> if (bytes < 0)
> err(1, "recvmsg");
>
> if (hdr.msg_flags & (MSG_TRUNC | MSG_CTRUNC))
> errx(1, "truncated");
>
> struct ucred cred;
> bool ok = false;
>
> for (struct cmsghdr *cmsg = CMSG_FIRSTHDR(&hdr); cmsg; cmsg = CMSG_NXTHDR(&hdr, cmsg)) {
> if (cmsg->cmsg_level == SOL_SOCKET &&
> cmsg->cmsg_type == SCM_CREDENTIALS) {
> cred = *((struct ucred *)CMSG_DATA(cmsg));
> ok = true;
> break;
> }
> }
> if (!ok) {
> printf("No creds received\n");
> } else {
> printf("%s: uid=%ld gid=%ld pid=%ld\n",
> buf, (long)cred.uid, (long)cred.gid, (long)cred.pid);
> }
> }
>
> return 0;
> }
>
>
> include/net/af_unix.h | 6 ++--
> include/net/scm.h | 83 ++++++++++++++++++++++++++++++++----------------
> net/core/scm.c | 49 ++++++++++------------------
> net/netlink/af_netlink.c | 14 +++++---
> net/unix/af_unix.c | 35 +++++++++-----------
> 5 files changed, 99 insertions(+), 88 deletions(-)
>
> diff --git a/include/net/af_unix.h b/include/net/af_unix.h
> index 0a996a3..7874f3e 100644
> --- a/include/net/af_unix.h
> +++ b/include/net/af_unix.h
> @@ -27,12 +27,12 @@ struct unix_address {
> struct sockaddr_un name[0];
> };
>
> +/* This structure is identical to struct scm_cookie. */
> struct unix_skb_parms {
> - struct pid *pid; /* Skb credentials */
> - const struct cred *cred;
> + struct scm_creds creds;
> struct scm_fp_list *fp; /* Passed files */
> #ifdef CONFIG_SECURITY_NETWORK
> - u32 secid; /* Security ID */
> + u32 secid; /* Passed security ID */
> #endif
> };
>
> diff --git a/include/net/scm.h b/include/net/scm.h
> index 975cca0..f6f0626 100644
> --- a/include/net/scm.h
> +++ b/include/net/scm.h
> @@ -13,9 +13,24 @@
> #define SCM_MAX_FD 253
>
> struct scm_creds {
> - u32 pid;
> - kuid_t uid;
> - kgid_t gid;
> + bool has_creds;
> +
> + /*
> + * Keeping reference counts (as to a struct pid *) in here is
> + * annoying -- things like skb_set_owner_[rw] and skb_clone assume
> + * that it's ok to memcpy skb->cb around.
> + *
> + * Fortunately (?) anything that uses the pid field in SCM_CREDENTIALS
> + * is fundamentally racy, since the networking code certainly isn't
> + * going to keep a reference alive *after* recvmsg. So let's embrace
> + * the race condition at the cost of an extra hash lookup on receive.
> + *
> + * (There's an added benefit here: this approach doesn't write to
> + * any shared cachelines.)
> + */
> + pid_t init_ns_pid;
> + kuid_t uid;
> + kgid_t gid;
> };
>
> struct scm_fp_list {
> @@ -25,15 +40,15 @@ struct scm_fp_list {
> };
>
> struct scm_cookie {
> - struct pid *pid; /* Skb credentials */
> - const struct cred *cred;
> + struct scm_creds creds;
> struct scm_fp_list *fp; /* Passed files */
> - struct scm_creds creds; /* Skb credentials */
> #ifdef CONFIG_SECURITY_NETWORK
> u32 secid; /* Passed security ID */
> #endif
> };
>
> +#define SCM_COOKIE_INIT {} /* All zeros is good. */
> +
> extern void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm);
> extern void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm);
> extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm);
> @@ -50,39 +65,47 @@ static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_co
> { }
> #endif /* CONFIG_SECURITY_NETWORK */
>
> -static __inline__ void scm_set_cred(struct scm_cookie *scm,
> - struct pid *pid, const struct cred *cred)
> +static __inline__ bool scm_creds_equal(const struct scm_creds *a,
> + const struct scm_creds *b)
> {
> - scm->pid = get_pid(pid);
> - scm->cred = cred ? get_cred(cred) : NULL;
> - scm->creds.pid = pid_vnr(pid);
> - scm->creds.uid = cred ? cred->euid : INVALID_UID;
> - scm->creds.gid = cred ? cred->egid : INVALID_GID;
> + if (a->has_creds)
> + return a->init_ns_pid == b->init_ns_pid &&
> + uid_eq(a->uid, b->uid) && gid_eq(a->gid, b->gid);
> + else
> + return !b->has_creds;
> }
>
> -static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
> +static __inline__ void scm_creds_from_current(struct scm_creds *creds)
> {
> - put_pid(scm->pid);
> - scm->pid = NULL;
> + const struct cred *cred = get_current_cred();
> + creds->has_creds = true;
> + creds->init_ns_pid = task_tgid_nr(current);
> + creds->uid = cred->uid;
> + creds->gid = cred->gid;
> +}
>
> - if (scm->cred)
> - put_cred(scm->cred);
> - scm->cred = NULL;
> +static __inline__ void scm_creds_from_kernel(struct scm_creds *creds)
> +{
> + creds->has_creds = true;
> + creds->init_ns_pid = 0;
> + creds->uid = GLOBAL_ROOT_UID;
> + creds->gid = GLOBAL_ROOT_GID;
> +}
> +
> +static __inline__ void scm_creds_wipe(struct scm_creds *creds)
> +{
> + creds->has_creds = false;
> }
>
> static __inline__ void scm_destroy(struct scm_cookie *scm)
> {
> - scm_destroy_cred(scm);
> if (scm->fp)
> __scm_destroy(scm);
> }
>
> static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
> - struct scm_cookie *scm, bool forcecreds)
> + struct scm_cookie *scm)
> {
> - memset(scm, 0, sizeof(*scm));
> - if (forcecreds)
> - scm_set_cred(scm, task_tgid(current), current_cred());
> unix_get_peersec_dgram(sock, scm);
> if (msg->msg_controllen <= 0)
> return 0;
> @@ -120,18 +143,22 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
> return;
> }
>
> - if (test_bit(SOCK_PASSCRED, &sock->flags)) {
> + if (test_bit(SOCK_PASSCRED, &sock->flags) && scm->creds.has_creds) {
> struct user_namespace *current_ns = current_user_ns();
> struct ucred ucreds = {
> - .pid = scm->creds.pid,
> .uid = from_kuid_munged(current_ns, scm->creds.uid),
> .gid = from_kgid_munged(current_ns, scm->creds.gid),
> };
> +
> + rcu_read_lock();
> + /* On error, this will result in pid 0. */
> + ucreds.pid = pid_vnr(find_pid_ns(scm->creds.init_ns_pid,
> + &init_pid_ns));
> + rcu_read_unlock();
> +
> put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
> }
>
> - scm_destroy_cred(scm);
> -
> scm_passec(sock, msg, scm);
>
> if (!scm->fp)
> diff --git a/net/core/scm.c b/net/core/scm.c
> index 905dcc6..7dd7534 100644
> --- a/net/core/scm.c
> +++ b/net/core/scm.c
> @@ -157,8 +157,7 @@ int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *p)
> case SCM_CREDENTIALS:
> {
> struct ucred creds;
> - kuid_t uid;
> - kgid_t gid;
> + struct pid *pid;
> if (cmsg->cmsg_len != CMSG_LEN(sizeof(struct ucred)))
> goto error;
> memcpy(&creds, CMSG_DATA(cmsg), sizeof(struct ucred));
> @@ -166,41 +165,25 @@ int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *p)
> if (err)
> goto error;
>
> - p->creds.pid = creds.pid;
> - if (!p->pid || pid_vnr(p->pid) != creds.pid) {
> - struct pid *pid;
> - err = -ESRCH;
> - pid = find_get_pid(creds.pid);
> - if (!pid)
> - goto error;
> - put_pid(p->pid);
> - p->pid = pid;
> - }
> -
> err = -EINVAL;
> - uid = make_kuid(current_user_ns(), creds.uid);
> - gid = make_kgid(current_user_ns(), creds.gid);
> - if (!uid_valid(uid) || !gid_valid(gid))
> + p->creds.uid = make_kuid(current_user_ns(), creds.uid);
> + p->creds.gid = make_kgid(current_user_ns(), creds.gid);
> + if (!uid_valid(p->creds.uid) ||
> + !gid_valid(p->creds.gid))
> goto error;
>
> - p->creds.uid = uid;
> - p->creds.gid = gid;
> -
> - if (!p->cred ||
> - !uid_eq(p->cred->euid, uid) ||
> - !gid_eq(p->cred->egid, gid)) {
> - struct cred *cred;
> - err = -ENOMEM;
> - cred = prepare_creds();
> - if (!cred)
> - goto error;
> -
> - cred->uid = cred->euid = uid;
> - cred->gid = cred->egid = gid;
> - if (p->cred)
> - put_cred(p->cred);
> - p->cred = cred;
> + rcu_read_lock();
> + pid = find_vpid(creds.pid);
> + if (!pid) {
> + rcu_read_unlock();
> + err = -ESRCH;
> + goto error;
> }
> + p->creds.init_ns_pid = pid_nr(pid);
> + rcu_read_unlock();
> +
> + p->creds.has_creds = true;
> +
> break;
> }
> default:
> diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
> index 1e3fd5b..8245f61 100644
> --- a/net/netlink/af_netlink.c
> +++ b/net/netlink/af_netlink.c
> @@ -936,7 +936,6 @@ static int netlink_unicast_kernel(struct sock *sk, struct sk_buff *skb,
> if (nlk->netlink_rcv != NULL) {
> ret = skb->len;
> skb_set_owner_r(skb, sk);
> - NETLINK_CB(skb).ssk = ssk;
> nlk->netlink_rcv(skb);
> consume_skb(skb);
> } else {
> @@ -1368,7 +1367,7 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
> u32 dst_group;
> struct sk_buff *skb;
> int err;
> - struct scm_cookie scm;
> + struct scm_cookie scm = SCM_COOKIE_INIT;
>
> if (msg->msg_flags&MSG_OOB)
> return -EOPNOTSUPP;
> @@ -1376,7 +1375,8 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
> if (NULL == siocb->scm)
> siocb->scm = &scm;
>
> - err = scm_send(sock, msg, siocb->scm, true);
> + scm_creds_from_current(&siocb->scm->creds);
> + err = scm_send(sock, msg, siocb->scm);
> if (err < 0)
> return err;
>
> @@ -1411,7 +1411,9 @@ static int netlink_sendmsg(struct kiocb *kiocb, struct socket *sock,
>
> NETLINK_CB(skb).portid = nlk->portid;
> NETLINK_CB(skb).dst_group = dst_group;
> - NETLINK_CB(skb).creds = siocb->scm->creds;
> +
> + /* This is mandatory. See netlink_recvmsg. */
> + NETLINK_CB(skb).creds = siocb->scm->creds;
>
> err = -EFAULT;
> if (memcpy_fromiovec(skb_put(skb, len), msg->msg_iov, len)) {
> @@ -1504,7 +1506,11 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
> memset(&scm, 0, sizeof(scm));
> siocb->scm = &scm;
> }
> + /* skbs without creds are from the kernel. */
> siocb->scm->creds = *NETLINK_CREDS(skb);
> + if (!siocb->scm->creds.has_creds)
> + scm_creds_from_kernel(&siocb->scm->creds);
> +
> if (flags & MSG_TRUNC)
> copied = data_skb->len;
>
> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
> index 51be64f..0881739 100644
> --- a/net/unix/af_unix.c
> +++ b/net/unix/af_unix.c
> @@ -1338,10 +1338,8 @@ static void unix_detach_fds(struct scm_cookie *scm, struct sk_buff *skb)
>
> static void unix_destruct_scm(struct sk_buff *skb)
> {
> - struct scm_cookie scm;
> - memset(&scm, 0, sizeof(scm));
> - scm.pid = UNIXCB(skb).pid;
> - scm.cred = UNIXCB(skb).cred;
> + struct scm_cookie scm = SCM_COOKIE_INIT;
> + scm.creds = UNIXCB(skb).creds;
> if (UNIXCB(skb).fp)
> unix_detach_fds(&scm, skb);
>
> @@ -1391,9 +1389,7 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
> {
> int err = 0;
>
> - UNIXCB(skb).pid = get_pid(scm->pid);
> - if (scm->cred)
> - UNIXCB(skb).cred = get_cred(scm->cred);
> + UNIXCB(skb).creds = scm->creds;
> UNIXCB(skb).fp = NULL;
> if (scm->fp && send_fds)
> err = unix_attach_fds(scm, skb);
> @@ -1410,13 +1406,12 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
> static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
> const struct sock *other)
> {
> - if (UNIXCB(skb).cred)
> + if (UNIXCB(skb).creds.has_creds)
> return;
> if (test_bit(SOCK_PASSCRED, &sock->flags) ||
> !other->sk_socket ||
> test_bit(SOCK_PASSCRED, &other->sk_socket->flags)) {
> - UNIXCB(skb).pid = get_pid(task_tgid(current));
> - UNIXCB(skb).cred = get_current_cred();
> + scm_creds_from_current(&UNIXCB(skb).creds);
> }
> }
>
> @@ -1438,14 +1433,14 @@ static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock,
> unsigned int hash;
> struct sk_buff *skb;
> long timeo;
> - struct scm_cookie tmp_scm;
> + struct scm_cookie tmp_scm = SCM_COOKIE_INIT;
> int max_level;
> int data_len = 0;
>
> if (NULL == siocb->scm)
> siocb->scm = &tmp_scm;
> wait_for_unix_gc();
> - err = scm_send(sock, msg, siocb->scm, false);
> + err = scm_send(sock, msg, siocb->scm);
> if (err < 0)
> return err;
>
> @@ -1607,14 +1602,14 @@ static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock,
> int err, size;
> struct sk_buff *skb;
> int sent = 0;
> - struct scm_cookie tmp_scm;
> + struct scm_cookie tmp_scm = SCM_COOKIE_INIT;
> bool fds_sent = false;
> int max_level;
>
> if (NULL == siocb->scm)
> siocb->scm = &tmp_scm;
> wait_for_unix_gc();
> - err = scm_send(sock, msg, siocb->scm, false);
> + err = scm_send(sock, msg, siocb->scm);
> if (err < 0)
> return err;
>
> @@ -1765,7 +1760,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
> int flags)
> {
> struct sock_iocb *siocb = kiocb_to_siocb(iocb);
> - struct scm_cookie tmp_scm;
> + struct scm_cookie tmp_scm = SCM_COOKIE_INIT;
> struct sock *sk = sock->sk;
> struct unix_sock *u = unix_sk(sk);
> int noblock = flags & MSG_DONTWAIT;
> @@ -1820,7 +1815,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
> siocb->scm = &tmp_scm;
> memset(&tmp_scm, 0, sizeof(tmp_scm));
> }
> - scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).cred);
> + siocb->scm->creds = UNIXCB(skb).creds;
> unix_set_secdata(siocb->scm, skb);
>
> if (!(flags & MSG_PEEK)) {
> @@ -1898,7 +1893,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
> int flags)
> {
> struct sock_iocb *siocb = kiocb_to_siocb(iocb);
> - struct scm_cookie tmp_scm;
> + struct scm_cookie tmp_scm = SCM_COOKIE_INIT;
> struct sock *sk = sock->sk;
> struct unix_sock *u = unix_sk(sk);
> struct sockaddr_un *sunaddr = msg->msg_name;
> @@ -1991,12 +1986,12 @@ again:
>
> if (check_creds) {
> /* Never glue messages from different writers */
> - if ((UNIXCB(skb).pid != siocb->scm->pid) ||
> - (UNIXCB(skb).cred != siocb->scm->cred))
> + if (!scm_creds_equal(&UNIXCB(skb).creds,
> + &siocb->scm->creds));
> break;
> } else {
> /* Copy credentials */
> - scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).cred);
> + siocb->scm->creds = UNIXCB(skb).creds;
> check_creds = 1;
> }
>
> --
> 1.8.1.4
>
> _______________________________________________
> Containers mailing list
> Containers@lists.linux-foundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/containers
>
--
James Morris
<jmorris@namei.org>
^ permalink raw reply
* Re: Re: [BUG][mvebu] mvneta: cannot request irq 25 on openblocks-ax3
From: Masami Hiramatsu @ 2013-03-21 1:56 UTC (permalink / raw)
To: Gregory CLEMENT
Cc: Ezequiel Garcia, linux-arm-kernel, thomas.petazzoni, Jason Cooper,
netdev, linux-kernel, yrl.pp-manager.tt@hitachi.com,
Florian Fainelli
In-Reply-To: <514895C5.40706@free-electrons.com>
(2013/03/20 1:43), Gregory CLEMENT wrote:
> Hi Masami,
>
> You can try this patch if you want.
> I don't have the hardware today so I didn't test it.
> If you (and also Florian and Ezequiel) can test it and if it fixed
> the bug, then I will be able send a proper email for it,
Hi Gregory,
Thank you for giving me the latest patch.
I've tested it on OpenBlocks-AX4 and that fixed the problem!
Tested-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Thanks,
--
Masami HIRAMATSU
IT Management Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com
^ permalink raw reply
* Re: e1000e: avoid NULL pointer deref in e1000_print_hw_hang()
From: akepner @ 2013-03-21 1:52 UTC (permalink / raw)
To: netdev; +Cc: e1000-devel
In-Reply-To: <20130321014005.GD6755@riverbed.com>
(Resending - the previous version was against our local
tree, not the upstream tree.)
If an e1000e interface is brought down, and subsequently
'print_hang_task' is run we'll dereference a NULL 'buffer_info'
pointer and crash with something like this:
Mar 19 13:20:27 BUG: unable to handle kernel NULL pointer dereference at 000000000000001a
Mar 19 13:20:27 IP: [<ffffffff8145040c>] e1000_print_hw_hang+0x4c/0x390
Mar 19 13:20:27 PGD 82668067 PUD 763f6067 PMD 0
Mar 19 13:20:27 Oops: 0000 [#1] SMP
Mar 19 13:20:27 last sysfs file: /sys/devices/virtual/bypass/2-3/ping_watchdog
Mar 19 13:20:27 CPU 3
Mar 19 13:20:27 Pid: 18, comm: events/3 Tainted: P ---------------- 2.6.32 #1 empty
Mar 19 13:20:28 RIP: 0010:[<ffffffff8145040c>] [<ffffffff8145040c>] e1000_print_hw_hang+0x4c/0x390
Mar 19 13:20:28 RSP: 0000:ffff88019ee71d40 EFLAGS: 00010202
Mar 19 13:20:28 RAX: 0000000000000000 RBX: ffff88019b64b3a0 RCX: ffff88019b648700
Mar 19 13:20:28 RDX: 0000000000000000 RSI: ffff88019b648000 RDI: ffff88019b64b3a0
Mar 19 13:20:28 RBP: ffff88019ee71e30 R08: 0000000000000000 R09: 0000000000000000
Mar 19 13:20:28 R10: ffff880028401340 R11: 0000000000000006 R12: ffff88019b5865c0
Mar 19 13:20:28 R13: ffffffff814503c0 R14: 0000000000000000 R15: ffff8800282d8a08
Mar 19 13:20:28 FS: 0000000000000000(0000) GS:ffff8800282c0000(0000) knlGS:0000000000000000
Mar 19 13:20:28 CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
Mar 19 13:20:28 CR2: 000000000000001a CR3: 0000000076364000 CR4: 00000000000406e0
Mar 19 13:20:28 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Mar 19 13:20:28 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Mar 19 13:20:28 Process events/3 (pid: 18, threadinfo ffff88019ee70000, task ffff88019ee6f560)
Mar 19 13:20:28 Stack:
Mar 19 13:20:28 0000000000000000 0000000000000001 ffff88019ee71fd8 ffffea000173d740
Mar 19 13:20:28 <0> ffff88019ee71dd0 0000000000000282 ffff88019ee71fd8 ffff8800282d8a08
Mar 19 13:20:29 <0> ffff88019ee71da0 ffffffff811045ed ffffea000173d740 0000000000000000
Mar 19 13:20:29 Call Trace:
Mar 19 13:20:29 [<ffffffff811045ed>] ? free_hot_page+0x2d/0x60
Mar 19 13:20:29 [<ffffffff81127a6c>] ? __vunmap+0x9c/0x120
Mar 19 13:20:29 [<ffffffff8116cfb0>] ? free_fdtable_work+0x0/0x90
Mar 19 13:20:29 [<ffffffff814503c0>] ? e1000_print_hw_hang+0x0/0x390
Mar 19 13:20:29 [<ffffffff81081120>] worker_thread+0x170/0x2a0
Mar 19 13:20:29 [<ffffffff81086a60>] ? autoremove_wake_function+0x0/0x40
Mar 19 13:20:29 [<ffffffff81080fb0>] ? worker_thread+0x0/0x2a0
Mar 19 13:20:29 [<ffffffff810866f6>] kthread+0x96/0xa0
Mar 19 13:20:29 [<ffffffff8100c0ea>] child_rip+0xa/
(This was seen on a pretty old kernel/driver, but looks like
the same bug is still possible.)
Signed-off-by: <akepner@riverbed.com>
---
diff --git a/drivers/net/ethernet/intel/e1000e/netdev.c b/drivers/net/ethernet/intel/e1000e/netdev.c
index 948b86ff..46a3ea4 100644
--- a/drivers/net/ethernet/intel/e1000e/netdev.c
+++ b/drivers/net/ethernet/intel/e1000e/netdev.c
@@ -1070,18 +1070,25 @@ static void e1000_print_hw_hang(struct work_struct *work)
struct e1000_adapter *adapter = container_of(work,
struct e1000_adapter,
print_hang_task);
- struct net_device *netdev = adapter->netdev;
- struct e1000_ring *tx_ring = adapter->tx_ring;
- unsigned int i = tx_ring->next_to_clean;
- unsigned int eop = tx_ring->buffer_info[i].next_to_watch;
- struct e1000_tx_desc *eop_desc = E1000_TX_DESC(*tx_ring, eop);
- struct e1000_hw *hw = &adapter->hw;
+ struct net_device *netdev;
+ struct e1000_ring *tx_ring;
+ unsigned int i;
+ unsigned int eop;
+ struct e1000_tx_desc *eop_desc;
+ struct e1000_hw *hw;
u16 phy_status, phy_1000t_status, phy_ext_status;
u16 pci_status;
if (test_bit(__E1000_DOWN, &adapter->state))
return;
+ netdev = adapter->netdev;
+ tx_ring = adapter->tx_ring;
+ i = tx_ring->next_to_clean;
+ eop = tx_ring->buffer_info[i].next_to_watch;
+ eop_desc = E1000_TX_DESC(*tx_ring, eop);
+ hw = &adapter->hw;
+
if (!adapter->tx_hang_recheck &&
(adapter->flags2 & FLAG2_DMA_BURST)) {
/* May be block on write-back, flush and detect again
^ permalink raw reply related
* e1000e: avoid NULL pointer deref in e1000_print_hw_hang()
From: akepner @ 2013-03-21 1:40 UTC (permalink / raw)
To: netdev
If an e1000e interface is brought down, and subsequently
'print_hang_task' is run we'll dereference a NULL 'buffer_info'
pointer and crash with something like this:
Mar 19 13:20:27 RXDATA: BUG: unable to handle kernel NULL pointer dereference at 000000000000001a
Mar 19 13:20:27 RXDATA: IP: [<ffffffff8145040c>] e1000_print_hw_hang+0x4c/0x390
Mar 19 13:20:27 RXDATA: PGD 82668067 PUD 763f6067 PMD 0
Mar 19 13:20:27 RXDATA: Oops: 0000 [#1] SMP
Mar 19 13:20:27 RXDATA: last sysfs file: /sys/devices/virtual/bypass/2-3/ping_watchdog
Mar 19 13:20:27 RXDATA: CPU 3
Mar 19 13:20:27 RXDATA: Pid: 18, comm: events/3 Tainted: P ---------------- 2.6.32 #1 empty
Mar 19 13:20:28 RXDATA: RIP: 0010:[<ffffffff8145040c>] [<ffffffff8145040c>] e1000_print_hw_hang+0x4c/0x390
Mar 19 13:20:28 RXDATA: RSP: 0000:ffff88019ee71d40 EFLAGS: 00010202
Mar 19 13:20:28 RXDATA: RAX: 0000000000000000 RBX: ffff88019b64b3a0 RCX: ffff88019b648700
Mar 19 13:20:28 RXDATA: RDX: 0000000000000000 RSI: ffff88019b648000 RDI: ffff88019b64b3a0
Mar 19 13:20:28 RXDATA: RBP: ffff88019ee71e30 R08: 0000000000000000 R09: 0000000000000000
Mar 19 13:20:28 RXDATA: R10: ffff880028401340 R11: 0000000000000006 R12: ffff88019b5865c0
Mar 19 13:20:28 RXDATA: R13: ffffffff814503c0 R14: 0000000000000000 R15: ffff8800282d8a08
Mar 19 13:20:28 RXDATA: FS: 0000000000000000(0000) GS:ffff8800282c0000(0000) knlGS:0000000000000000
Mar 19 13:20:28 RXDATA: CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
Mar 19 13:20:28 RXDATA: CR2: 000000000000001a CR3: 0000000076364000 CR4: 00000000000406e0
Mar 19 13:20:28 RXDATA: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Mar 19 13:20:28 RXDATA: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Mar 19 13:20:28 RXDATA: Process events/3 (pid: 18, threadinfo ffff88019ee70000, task ffff88019ee6f560)
Mar 19 13:20:28 RXDATA: Stack:
Mar 19 13:20:28 RXDATA: 0000000000000000 0000000000000001 ffff88019ee71fd8 ffffea000173d740
Mar 19 13:20:28 RXDATA: <0> ffff88019ee71dd0 0000000000000282 ffff88019ee71fd8 ffff8800282d8a08
Mar 19 13:20:29 RXDATA: <0> ffff88019ee71da0 ffffffff811045ed ffffea000173d740 0000000000000000
Mar 19 13:20:29 RXDATA: Call Trace:
Mar 19 13:20:29 RXDATA: [<ffffffff811045ed>] ? free_hot_page+0x2d/0x60
Mar 19 13:20:29 RXDATA: [<ffffffff81127a6c>] ? __vunmap+0x9c/0x120
Mar 19 13:20:29 RXDATA: [<ffffffff8116cfb0>] ? free_fdtable_work+0x0/0x90
Mar 19 13:20:29 RXDATA: [<ffffffff814503c0>] ? e1000_print_hw_hang+0x0/0x390
Mar 19 13:20:29 RXDATA: [<ffffffff81081120>] worker_thread+0x170/0x2a0
Mar 19 13:20:29 RXDATA: [<ffffffff81086a60>] ? autoremove_wake_function+0x0/0x40
Mar 19 13:20:29 RXDATA: [<ffffffff81080fb0>] ? worker_thread+0x0/0x2a0
Mar 19 13:20:29 RXDATA: [<ffffffff810866f6>] kthread+0x96/0xa0
Mar 19 13:20:29 RXDATA: [<ffffffff8100c0ea>] child_rip+0xa/
(This was seen on a pretty old kernel/driver, but looks like
the same bug is still possible.)
Signed-off-by: <akepner@riverbed.com>
---
Index: drivers/net/e1000e/netdev.c
===================================================================
--- drivers/net/e1000e/netdev.c (revision 15849)
+++ drivers/net/e1000e/netdev.c (working copy)
@@ -1441,18 +1441,25 @@ static void e1000_print_hw_hang(struct work_struct
struct e1000_adapter *adapter = container_of(work,
struct e1000_adapter,
print_hang_task);
- struct net_device *netdev = adapter->netdev;
- struct e1000_ring *tx_ring = adapter->tx_ring;
- unsigned int i = tx_ring->next_to_clean;
- unsigned int eop = tx_ring->buffer_info[i].next_to_watch;
- struct e1000_tx_desc *eop_desc = E1000_TX_DESC(*tx_ring, eop);
- struct e1000_hw *hw = &adapter->hw;
+ struct net_device *netdev;
+ struct e1000_ring *tx_ring;
+ unsigned int i;
+ unsigned int eop;
+ struct e1000_tx_desc *eop_desc;
+ struct e1000_hw *hw;
u16 phy_status, phy_1000t_status, phy_ext_status;
u16 pci_status;
if (test_bit(__E1000_DOWN, &adapter->state))
return;
+ netdev = adapter->netdev;
+ tx_ring = adapter->tx_ring;
+ i = tx_ring->next_to_clean;
+ eop = tx_ring->buffer_info[i].next_to_watch;
+ eop_desc = E1000_TX_DESC(*tx_ring, eop);
+ hw = &adapter->hw;
+
if (!adapter->tx_hang_recheck && (adapter->flags2 & FLAG2_DMA_BURST)) {
/* May be block on write-back, flush and detect again
* flush pending descriptor writebacks to memory
^ permalink raw reply
* JUMBO 2013 NEW YEAR DRAW
From: Mahgoub, Ahmed (NSN - EG/Cairo) @ 2013-03-20 23:32 UTC (permalink / raw)
Your Email Id has Won 1,000,000.00 Pounds From JUMBO 2013 NEW YEAR DRAW, Held on January 28th, 2013 attached with draw number "244". You are to contact our claim agent on this Email: (jumboclaims203@hotmail.co.uk<mailto:jumboclaims203@hotmail.co.uk> ) with the below details for claims.
Full Name:
Address:
Mobile Number:
Age:
Country:
Contact Person: Mr. John Carrick
Contact Email: jumboclaims203@hotmail.co.uk<mailto:jumboclaims203@hotmail.co.uk>
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox