1. 11 Dec, 2013 2 commits
    • Sasha Levin's avatar
      net: unix: allow set_peek_off to fail · 12663bfc
      Sasha Levin authored
      unix_dgram_recvmsg() will hold the readlock of the socket until recv
      is complete.
      
      In the same time, we may try to setsockopt(SO_PEEK_OFF) which will hang until
      unix_dgram_recvmsg() will complete (which can take a while) without allowing
      us to break out of it, triggering a hung task spew.
      
      Instead, allow set_peek_off to fail, this way userspace will not hang.
      Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
      Acked-by: default avatarPavel Emelyanov <xemul@parallels.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      12663bfc
    • David S. Miller's avatar
      Merge branch 'sfc-3.13' of git://git.kernel.org/pub/scm/linux/kernel/git/bwh/sfc · 88b07b36
      David S. Miller authored
      Ben Hutchings says:
      
      ====================
      Several fixes for the PTP hardware support added in 3.7:
      1. Fix filtering of PTP packets on the TX path to be robust against bad
      header lengths.
      2. Limit logging on the RX path in case of a PTP packet flood, partly
      from Laurence Evans.
      3. Disable PTP hardware when the interface is down so that we don't
      receive RX timestamp events, from Alexandre Rames.
      4. Maintain clock frequency adjustment when a time offset is applied.
      
      Also fixes for the SFC9100 family support added in 3.12:
      5. Take the RX prefix length into account when applying NET_IP_ALIGN,
      from Andrew Rybchenko.
      6. Work around a bug that breaks communication between the driver and
      firmware, from Robert Stonehouse.
      
      Please also queue these up for the appropriate stable branches.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      88b07b36
  2. 10 Dec, 2013 8 commits
  3. 07 Dec, 2013 2 commits
    • Pablo Neira Ayuso's avatar
      netfilter: nf_tables: fix missing rules flushing per table · cf9dc09d
      Pablo Neira Ayuso authored
      This patch allows you to atomically remove all rules stored in
      a table via the NFT_MSG_DELRULE command. You only need to indicate
      the specific table and no chain to flush all rules stored in that
      table.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      cf9dc09d
    • Sergey Popovich's avatar
      netfilter: xt_hashlimit: fix proc entry leak in netns destroy path · b4ef4ce0
      Sergey Popovich authored
      In (32263dd1 netfilter: xt_hashlimit: fix namespace destroy path)
      the hashlimit_net_exit() function is always called right before
      hashlimit_mt_destroy() to release netns data. If you use xt_hashlimit
      with IPv4 and IPv6 together, this produces the following splat via
      netconsole in the netns destroy path:
      
       Pid: 9499, comm: kworker/u:0 Tainted: G        WC O 3.2.0-5-netctl-amd64-core2
       Call Trace:
        [<ffffffff8104708d>] ? warn_slowpath_common+0x78/0x8c
        [<ffffffff81047139>] ? warn_slowpath_fmt+0x45/0x4a
        [<ffffffff81144a99>] ? remove_proc_entry+0xd8/0x22e
        [<ffffffff810ebbaa>] ? kfree+0x5b/0x6c
        [<ffffffffa043c501>] ? hashlimit_net_exit+0x45/0x8d [xt_hashlimit]
        [<ffffffff8128ab30>] ? ops_exit_list+0x1c/0x44
        [<ffffffff8128b28e>] ? cleanup_net+0xf1/0x180
        [<ffffffff810369fc>] ? should_resched+0x5/0x23
        [<ffffffff8105b8f9>] ? process_one_work+0x161/0x269
        [<ffffffff8105aea5>] ? cwq_activate_delayed_work+0x3c/0x48
        [<ffffffff8105c8c2>] ? worker_thread+0xc2/0x145
        [<ffffffff8105c800>] ? manage_workers.isra.25+0x15b/0x15b
        [<ffffffff8105fa01>] ? kthread+0x76/0x7e
        [<ffffffff813581f4>] ? kernel_thread_helper+0x4/0x10
        [<ffffffff8105f98b>] ? kthread_worker_fn+0x139/0x139
        [<ffffffff813581f0>] ? gs_change+0x13/0x13
       ---[ end trace d8c3cc0ad163ef79 ]---
       ------------[ cut here ]------------
       WARNING: at /usr/src/linux-3.2.52/debian/build/source_netctl/fs/proc/generic.c:849
       remove_proc_entry+0x217/0x22e()
       Hardware name:
       remove_proc_entry: removing non-empty directory 'net/ip6t_hashlimit', leaking at least 'IN-REJECT'
      
      This is due to lack of removal net/ip6t_hashlimit/* entries in
      hashlimit_proc_net_exit(), since only IPv4 entries are deleted. Fix
      it by always removing the IPv4 and IPv6 entries and their parent
      directories in the netns destroy path.
      Signed-off-by: default avatarSergey Popovich <popovich_sergei@mail.ru>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      b4ef4ce0
  4. 06 Dec, 2013 28 commits