- 10 Dec, 2023 4 commits
-
-
Yoshihiro Shimoda authored
Drop unused argument and return value of rswitch_tx_free() to simplify the code. Signed-off-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com> Reviewed-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Justin Stitt authored
strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We expect mdiodev->modalias to be NUL-terminated based on its usage with strcmp(): | return strcmp(mdiodev->modalias, drv->name) == 0; Moreover, mdiodev->modalias is already zero-allocated: | mdiodev = kzalloc(sizeof(*mdiodev), GFP_KERNEL); ... which means the NUL-padding strncpy provides is not necessary. Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Justin Stitt authored
strncpy() is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. We expect fw_info->fw_file_name to be NUL-terminated based on its use within _request_firmware_prepare() wherein `name` refers to it: | if (firmware_request_builtin_buf(firmware, name, dbuf, size)) { | dev_dbg(device, "using built-in %s\n", name); | return 0; /* assigned */ | } ... and with firmware_request_builtin() also via `name`: | if (strcmp(name, b_fw->name) == 0) { There is no evidence that NUL-padding is required. Additionally replace size macro (QLC_FW_FILE_NAME_LEN) with sizeof(fw_info->fw_file_name) to more directly tie the maximum buffer size to the destination buffer: Considering the above, a suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
justinstitt@google.com authored
`strncpy` is deprecated for use on NUL-terminated destination strings [1] and as such we should prefer more robust and less ambiguous string interfaces. A suitable replacement is `strscpy` [2] due to the fact that it guarantees NUL-termination on the destination buffer without unnecessarily NUL-padding. host_info allocation is done in ena_com_allocate_host_info() via dma_alloc_coherent() and is not zero initialized by alloc_etherdev_mq(). However zero initialization of the destination doesn't matter in this case, because strscpy() guarantees a NULL termination. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt <justinstitt@google.com> Acked-by: Arthur Kiyanovski <akiyano@amazon.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 09 Dec, 2023 2 commits
-
-
Eric Dumazet authored
My prior patch went a bit too far, because apparently fib6_has_expires() could be true while f6i->gc_link is not hashed yet. fib6_set_expires_locked() can indeed set RTF_EXPIRES while f6i->fib6_table is NULL. Original syzbot reports were about corruptions caused by dangling f6i->gc_link. Fixes: 5a08d006 ("ipv6: add debug checks in fib6_info_release()") Reported-by: syzbot+c15aa445274af8674f41@syzkaller.appspotmail.com Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Kui-Feng Lee <thinker.li@gmail.com> Reviewed-by: David Ahern <dsahern@kernel.org> Link: https://lore.kernel.org/r/20231207201322.549000-1-edumazet@google.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Johannes Berg authored
My previous patch added a call to linkwatch_sync_dev(), but that of course needs to be called under RTNL, which I missed earlier, but now saw RCU warnings from. Fix that by acquiring the RTNL in a similar fashion to how other files do it here. Fixes: facd15df ("net: core: synchronize link-watch when carrier is queried") Signed-off-by: Johannes Berg <johannes.berg@intel.com> Link: https://lore.kernel.org/r/20231206172122.859df6ba937f.I9c80608bcfbab171943ff4942b52dbd5e97fe06e@changeidSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
- 08 Dec, 2023 22 commits
-
-
Kees Cook authored
The return value from nla_len() is never expected to be negative, and can never be more than struct nlattr::nla_len (a u16). Adjust the prototype on the function. This will let GCC's value range optimization passes know that the return can never be negative, and can never be larger than u16. As recently discussed[1], this silences the following warning in GCC 12+: net/wireless/nl80211.c: In function 'nl80211_set_cqm_rssi.isra': net/wireless/nl80211.c:12892:17: warning: 'memcpy' specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=] 12892 | memcpy(cqm_config->rssi_thresholds, thresholds, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 12893 | flex_array_size(cqm_config, rssi_thresholds, | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 12894 | n_thresholds)); | ~~~~~~~~~~~~~~ A future change would be to clamp the subtraction to make sure it never wraps around if nla_len is somehow less than NLA_HDRLEN, which would have the additional benefit of being defensive in the face of nlattr corruption or logic errors. Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202311090752.hWcJWAHL-lkp@intel.com/ [1] Cc: Johannes Berg <johannes@sipsolutions.net> Cc: Jeff Johnson <quic_jjohnson@quicinc.com> Cc: Michael Walle <mwalle@kernel.org> Cc: Max Schulze <max.schulze@online.de> Link: https://lore.kernel.org/r/20231202202539.it.704-kees@kernel.orgSigned-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20231206205904.make.018-kees@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Sean Nyekjaer authored
Correct the use of define DSA_TAG_PROTO_LAN937X_VALUE to DSA_TAG_PROTO_LAN937X to improve readability. Signed-off-by: Sean Nyekjaer <sean@geanix.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Acked-by: Arun Ramadoss <arun.ramadoss@microchip.com> Link: https://lore.kernel.org/r/20231206160124.1935451-1-sean@geanix.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
David Laight authored
Commit 227b60f5 added a seqlock to ensure that the low and high port numbers were always updated together. This is overkill because the two 16bit port numbers can be held in a u32 and read/written in a single instruction. More recently 91d0b78c added support for finer per-socket limits. The user-supplied value is 'high << 16 | low' but they are held separately and the socket options protected by the socket lock. Use a u32 containing 'high << 16 | low' for both the 'net' and 'sk' fields and use READ_ONCE()/WRITE_ONCE() to ensure both values are always updated together. Change (the now trival) inet_get_local_port_range() to a static inline to optimise the calling code. (In particular avoiding returning integers by reference.) Signed-off-by: David Laight <david.laight@aculab.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Reviewed-by: David Ahern <dsahern@kernel.org> Acked-by: Mat Martineau <martineau@kernel.org> Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com> Link: https://lore.kernel.org/r/4e505d4198e946a8be03fb1b4c3072b0@AcuMS.aculab.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
David S. Miller authored
Hangbin Liu says: ==================== Convert net selftests to run in unique namespace (Part 2) Here is the 2nd part of converting net selftests to run in unique namespace. This part converts all bridge, vxlan, vrf tests. Here is the part 1 link: https://lore.kernel.org/netdev/20231202020110.362433-1-liuhangbin@gmail.com ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./vrf-xfrm-tests.sh No qdisc on VRF device TEST: IPv4 no xfrm policy [ OK ] TEST: IPv6 no xfrm policy [ OK ] TEST: IPv4 xfrm policy based on address [ OK ] TEST: IPv6 xfrm policy based on address [ OK ] TEST: IPv6 xfrm policy with VRF in selector [ OK ] TEST: IPv4 xfrm policy with xfrm device [ OK ] TEST: IPv6 xfrm policy with xfrm device [ OK ] netem qdisc on VRF device TEST: IPv4 no xfrm policy [ OK ] TEST: IPv6 no xfrm policy [ OK ] TEST: IPv4 xfrm policy based on address [ OK ] TEST: IPv6 xfrm policy based on address [ OK ] TEST: IPv6 xfrm policy with VRF in selector [ OK ] TEST: IPv4 xfrm policy with xfrm device [ OK ] TEST: IPv6 xfrm policy with xfrm device [ OK ] Tests passed: 14 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./vrf_strict_mode_test.sh ################################################################################ TEST SECTION: VRF strict_mode test on init network namespace ################################################################################ TEST: init: net.vrf.strict_mode is available [ OK ] TEST: init: strict_mode=0 by default, 0 vrfs [ OK ] ... TEST: init: check strict_mode=1 [ OK ] TEST: testns-HvoZkB: check strict_mode=0 [ OK ] Tests passed: 37 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./vrf_route_leaking.sh ########################################################################### IPv4 (sym route): VRF ICMP ttl error route lookup ping ########################################################################### TEST: Basic IPv4 connectivity [ OK ] TEST: Ping received ICMP ttl exceeded [ OK ] ... TEST: Basic IPv6 connectivity [ OK ] TEST: Traceroute6 reports a hop on r1 [ OK ] Tests passed: 18 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./test_vxlan_vnifiltering.sh TEST: Create traditional vxlan device [ OK ] TEST: Cannot create vnifilter device without external flag [ OK ] TEST: Creating external vxlan device with vnifilter flag [ OK ] ... TEST: VM connectivity over traditional vxlan (ipv6 default rdst) [ OK ] TEST: VM connectivity over metadata nonfiltering vxlan (ipv4 default rdst) [ OK ] Tests passed: 27 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./test_vxlan_under_vrf.sh Checking HV connectivity [ OK ] Check VM connectivity through VXLAN (underlay in the default VRF) [ OK ] Check VM connectivity through VXLAN (underlay in a VRF) [ OK ] Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./test_vxlan_nolocalbypass.sh TEST: localbypass enabled [ OK ] TEST: Packet received by local VXLAN device - localbypass [ OK ] TEST: localbypass disabled [ OK ] TEST: Packet not received by local VXLAN device - nolocalbypass [ OK ] TEST: localbypass enabled [ OK ] TEST: Packet received by local VXLAN device - localbypass [ OK ] Tests passed: 6 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./test_vxlan_mdb.sh Control path: Basic (*, G) operations - IPv4 overlay / IPv4 underlay -------------------------------------------------------------------- TEST: MDB entry addition [ OK ] ... Data path: MDB torture test - IPv6 overlay / IPv6 underlay ---------------------------------------------------------- TEST: Torture test [ OK ] Tests passed: 620 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
Here is the test result after conversion. ]# ./test_bridge_neigh_suppress.sh Per-port ARP suppression - VLAN 10 ---------------------------------- TEST: arping [ OK ] TEST: ARP suppression [ OK ] ... TEST: NS suppression (VLAN 20) [ OK ] Tests passed: 148 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hangbin Liu authored
There is no h1 h2 actually. Remove it. Here is the test result after conversion. ]# ./test_bridge_backup_port.sh Backup port ----------- TEST: Forwarding out of swp1 [ OK ] TEST: No forwarding out of vx0 [ OK ] TEST: swp1 carrier off [ OK ] TEST: No forwarding out of swp1 [ OK ] ... Backup nexthop ID - ping ------------------------ TEST: Ping with backup nexthop ID [ OK ] TEST: Ping after disabling backup nexthop ID [ OK ] Backup nexthop ID - torture test -------------------------------- TEST: Torture test [ OK ] Tests passed: 83 Tests failed: 0 Acked-by: David Ahern <dsahern@kernel.org> Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Justin Stitt says: ==================== ethtool: Add ethtool_puts() This series aims to implement ethtool_puts() and send out a wave 1 of conversions from ethtool_sprintf(). There's also a checkpatch patch included to check for the cases listed below. This was sparked from recent discussion here [1] The conversions are used in cases where ethtool_sprintf() was being used with just two arguments: | ethtool_sprintf(&data, buffer[i].name); or when it's used with format string: "%s" | ethtool_sprintf(&data, "%s", buffer[i].name); which both now become: | ethtool_puts(&data, buffer[i].name); The first case commonly triggers a -Wformat-security warning with Clang due to potential problems with format flags present in the strings [3]. The second is just a bit weird with a plain-ol' "%s". Changes found with Cocci [4] and grep [5]. [1]: https://lore.kernel.org/all/202310141935.B326C9E@keescook/ [2]: https://lore.kernel.org/all/?q=dfb%3Aethtool_sprintf+AND+f%3Ajustinstitt [3]: https://lore.kernel.org/all/202310101528.9496539BE@keescook/ [4]: (script authored by Kees w/ modifications from Joe) @replace_2_args@ expression BUF; expression VAR; @@ - ethtool_sprintf(BUF, VAR) + ethtool_puts(BUF, VAR) @replace_3_args@ expression BUF; expression VAR; @@ - ethtool_sprintf(BUF, "%s", VAR) + ethtool_puts(BUF, VAR) - ethtool_sprintf(&BUF, "%s", VAR) + ethtool_puts(&BUF, VAR) [5]: $ rg "ethtool_sprintf\(\s*[^,)]+\s*,\s*[^,)]+\s*\)" Signed-off-by: Justin Stitt <justinstitt@google.com> --- Changes in v5: - updated documentation to include info about the lack of a trailing newline (Thanks Russell) - rebased onto mainline - Link to v4: https://lore.kernel.org/r/20231102-ethtool_puts_impl-v4-0-14e1e9278496@google.com Changes in v4: - update documentation to match: https://lore.kernel.org/all/20231028192511.100001-1-andrew@lunn.ch/ - Link to v3: https://lore.kernel.org/r/20231027-ethtool_puts_impl-v3-0-3466ac679304@google.com Changes in v3: - fix force_speed_maps merge conflict + formatting (thanks Vladimir) - rebase onto net-next (thanks Andrew, Vladimir) - change subject (thanks Vladimir) - fix checkpatch formatting + implementation (thanks Joe) - Link to v2: https://lore.kernel.org/r/20231026-ethtool_puts_impl-v2-0-0d67cbdd0538@google.com Changes in v2: - wrap lines better in replacement (thanks Joe, Kees) - add --fix to checkpatch (thanks Joe) - clean up checkpatch formatting (thanks Joe, et al.) - rebase against next - Link to v1: https://lore.kernel.org/r/20231025-ethtool_puts_impl-v1-0-6a53a93d3b72@google.com ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
justinstitt@google.com authored
This patch converts some basic cases of ethtool_sprintf() to ethtool_puts(). The conversions are used in cases where ethtool_sprintf() was being used with just two arguments: | ethtool_sprintf(&data, buffer[i].name); or when it's used with format string: "%s" | ethtool_sprintf(&data, "%s", buffer[i].name); which both now become: | ethtool_puts(&data, buffer[i].name); Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Wei Fang <wei.fang@nxp.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Reviewed-by: Louis Peens <louis.peens@corigine.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
justinstitt@google.com authored
Add some warnings for using ethtool_sprintf() where a simple ethtool_puts() would suffice. The two cases are: 1) Use ethtool_sprintf() with just two arguments: | ethtool_sprintf(&data, driver[i].name); or 2) Use ethtool_sprintf() with a standalone "%s" fmt string: | ethtool_sprintf(&data, "%s", driver[i].name); The former may cause -Wformat-security warnings while the latter is just not preferred. Both are safely in the category of warnings, not errors. Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Przemek Kitszel <przemyslaw.kitszel@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
justinstitt@google.com authored
Use strscpy() to implement ethtool_puts(). Functionally the same as ethtool_sprintf() when it's used with two arguments or with just "%s" format specifier. Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Przemek Kitszel <przemyslaw.kitszel@intel.com> Reviewed-by: Andrew Lunn <andrew@lunn.ch> Reviewed-by: Madhuri Sripada <madhuri.sripada@microchip.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jakub Kicinski authored
Louis Peens says: ==================== nfp: add ext_ack messages to supported callbacks This is a mostly cosmetic series to add error messages to devlink and ethtool callbacks which supports them but did not have them added in the nfp driver yet. ==================== Link: https://lore.kernel.org/r/20231206151209.20296-1-louis.peens@corigine.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Ryno Swart authored
Add descriptive error messages to common devlink failures to be more user friendly. Signed-off-by: Ryno Swart <ryno.swart@corigine.com> Signed-off-by: Louis Peens <louis.peens@corigine.com> Link: https://lore.kernel.org/r/20231206151209.20296-3-louis.peens@corigine.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Ryno Swart authored
Add descriptive error messages to common ethtool failures to be more user friendly. Update `nfp_net_coalesce_para_check` to only check one argument, which facilitates unique error messages. Additionally, three error codes are updated to `EOPNOTSUPP` to reflect that these operations are not supported. Signed-off-by: Ryno Swart <ryno.swart@corigine.com> Signed-off-by: Louis Peens <louis.peens@corigine.com> Link: https://lore.kernel.org/r/20231206151209.20296-2-louis.peens@corigine.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski authored
Cross-merge networking fixes after downstream PR. Conflicts: drivers/net/ethernet/stmicro/stmmac/dwmac5.c drivers/net/ethernet/stmicro/stmmac/dwmac5.h drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c drivers/net/ethernet/stmicro/stmmac/hwif.h 37e4b8df ("net: stmmac: fix FPE events losing") c3f3b972 ("net: stmmac: Refactor EST implementation") https://lore.kernel.org/all/20231206110306.01e91114@canb.auug.org.au/ Adjacent changes: net/ipv4/tcp_ao.c 9396c4ee ("net/tcp: Don't store TCP-AO maclen on reqsk") 7b0f570f ("tcp: Move TCP-AO bits from cookie_v[46]_check() to tcp_ao_syncookie().") Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netLinus Torvalds authored
Pull networking fixes from Jakub Kicinski: "Including fixes from bpf and netfilter. Current release - regressions: - veth: fix packet segmentation in veth_convert_skb_to_xdp_buff Current release - new code bugs: - tcp: assorted fixes to the new Auth Option support Older releases - regressions: - tcp: fix mid stream window clamp - tls: fix incorrect splice handling - ipv4: ip_gre: handle skb_pull() failure in ipgre_xmit() - dsa: mv88e6xxx: restore USXGMII support for 6393X - arcnet: restore support for multiple Sohard Arcnet cards Older releases - always broken: - tcp: do not accept ACK of bytes we never sent - require admin privileges to receive packet traces via netlink - packet: move reference count in packet_sock to atomic_long_t - bpf: - fix incorrect branch offset comparison with cpu=v4 - fix prog_array_map_poke_run map poke update - netfilter: - three fixes for crashes on bad admin commands - xt_owner: fix race accessing sk->sk_socket, TOCTOU null-deref - nf_tables: fix 'exist' matching on bigendian arches - leds: netdev: fix RTNL handling to prevent potential deadlock - eth: tg3: prevent races in error/reset handling - eth: r8169: fix rtl8125b PAUSE storm when suspended - eth: r8152: improve reset and surprise removal handling - eth: hns: fix race between changing features and sending - eth: nfp: fix sleep in atomic for bonding offload" * tag 'net-6.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (62 commits) vsock/virtio: fix "comparison of distinct pointer types lacks a cast" warning net/smc: fix missing byte order conversion in CLC handshake net: dsa: microchip: provide a list of valid protocols for xmit handler drop_monitor: Require 'CAP_SYS_ADMIN' when joining "events" group psample: Require 'CAP_NET_ADMIN' when joining "packets" group bpf: sockmap, updating the sg structure should also update curr net: tls, update curr on splice as well nfp: flower: fix for take a mutex lock in soft irq context and rcu lock net: dsa: mv88e6xxx: Restore USXGMII support for 6393X tcp: do not accept ACK of bytes we never sent selftests/bpf: Add test for early update in prog_array_map_poke_run bpf: Fix prog_array_map_poke_run map poke update netfilter: xt_owner: Fix for unsafe access of sk->sk_socket netfilter: nf_tables: validate family when identifying table via handle netfilter: nf_tables: bail out on mismatching dynset and set expressions netfilter: nf_tables: fix 'exist' matching on bigendian arches netfilter: nft_set_pipapo: skip inactive elements during set walk netfilter: bpf: fix bad registration on nf_defrag leds: trigger: netdev: fix RTNL handling to prevent potential deadlock octeontx2-af: Update Tx link register range ...
-
- 07 Dec, 2023 12 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroupLinus Torvalds authored
Pull cgroup fix from Tejun Heo: "Just one fix. Commit f5d39b02 ("freezer,sched: Rewrite core freezer logic") changed how freezing state is recorded which made cgroup_freezing() disagree with the actual state of the task while thawing triggering a warning. Fix it by updating cgroup_freezing()" * tag 'cgroup-for-6.7-rc4-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: cgroup_freezer: cgroup_freezing: Check if not frozen
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/wqLinus Torvalds authored
Pull workqueue fix from Tejun Heo: "Just one patch to fix a bug which can crash the kernel if the housekeeping and wq_unbound_cpu cpumask configuration combination leaves the latter empty" * tag 'wq-for-6.7-rc4-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: workqueue: Make sure that wq_unbound_cpumask is never empty
-
git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmapLinus Torvalds authored
Pull regmap fix from Mark Brown: "An incremental fix for the fix introduced during the merge window for caching of the selector for windowed register ranges. We were incorrectly leaking an error code in the case where the last selector accessed was for some reason not cached" * tag 'regmap-fix-v6.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap: regmap: fix bogus error on regcache_sync success
-
git://git.kernel.org/pub/scm/linux/kernel/git/robh/linuxLinus Torvalds authored
Pull devicetree fixes from Rob Herring: - Fix dt-extract-compatibles for builds with in tree build directory - Drop Xinlei Lee <xinlei.lee@mediatek.com> bouncing email - Fix the of_reconfig_get_state_change() return value documentation - Add missing #power-domain-cells property to QCom MPM - Fix warnings in i.MX LCDIF and adi,adv7533 * tag 'devicetree-fixes-for-6.7-1' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux: dt-bindings: display: adi,adv75xx: Document #sound-dai-cells dt-bindings: lcdif: Properly describe the i.MX23 interrupts dt-bindings: interrupt-controller: Allow #power-domain-cells of: dynamic: Fix of_reconfig_get_state_change() return value documentation dt-bindings: display: mediatek: dsi: remove Xinlei's mail dt: dt-extract-compatibles: Don't follow symlinks when walking tree
-
Linus Torvalds authored
Merge tag 'platform-drivers-x86-v6.7-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 Pull x86 platform driver fixes from Ilpo Järvinen: - Fix i8042 filter resource handling, input, and suspend issues in asus-wmi - Skip zero instance WMI blocks to avoid issues with some laptops - Differentiate dev/production keys in mlxbf-bootctl - Correct surface serdev related return value to avoid leaking errno into userspace - Error checking fixes * tag 'platform-drivers-x86-v6.7-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: platform/mellanox: Check devm_hwmon_device_register_with_groups() return value platform/mellanox: Add null pointer checks for devm_kasprintf() mlxbf-bootctl: correctly identify secure boot with development keys platform/x86: wmi: Skip blocks with zero instances platform/surface: aggregator: fix recv_buf() return value platform/x86: asus-wmi: disable USB0 hub on ROG Ally before suspend platform/x86: asus-wmi: Filter Volume key presses if also reported via atkbd platform/x86: asus-wmi: Change q500a_i8042_filter() into a generic i8042-filter platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull x86 int80 fixes from Dave Hansen: "Avoid VMM misuse of 'int 0x80' handling in TDX and SEV guests. It also has the very nice side effect of getting rid of a bunch of assembly entry code" * tag 'x86-int80-20231207' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/tdx: Allow 32-bit emulation by default x86/entry: Do not allow external 0x80 interrupts x86/entry: Convert INT 0x80 emulation to IDTENTRY x86/coco: Disable 32-bit emulation by default on TDX and SEV
-
Stefano Garzarella authored
After backporting commit 581512a6 ("vsock/virtio: MSG_ZEROCOPY flag support") in CentOS Stream 9, CI reported the following error: In file included from ./include/linux/kernel.h:17, from ./include/linux/list.h:9, from ./include/linux/preempt.h:11, from ./include/linux/spinlock.h:56, from net/vmw_vsock/virtio_transport_common.c:9: net/vmw_vsock/virtio_transport_common.c: In function ‘virtio_transport_can_zcopy‘: ./include/linux/minmax.h:20:35: error: comparison of distinct pointer types lacks a cast [-Werror] 20 | (!!(sizeof((typeof(x) *)1 == (typeof(y) *)1))) | ^~ ./include/linux/minmax.h:26:18: note: in expansion of macro ‘__typecheck‘ 26 | (__typecheck(x, y) && __no_side_effects(x, y)) | ^~~~~~~~~~~ ./include/linux/minmax.h:36:31: note: in expansion of macro ‘__safe_cmp‘ 36 | __builtin_choose_expr(__safe_cmp(x, y), \ | ^~~~~~~~~~ ./include/linux/minmax.h:45:25: note: in expansion of macro ‘__careful_cmp‘ 45 | #define min(x, y) __careful_cmp(x, y, <) | ^~~~~~~~~~~~~ net/vmw_vsock/virtio_transport_common.c:63:37: note: in expansion of macro ‘min‘ 63 | int pages_to_send = min(pages_in_iov, MAX_SKB_FRAGS); We could solve it by using min_t(), but this operation seems entirely unnecessary, because we also pass MAX_SKB_FRAGS to iov_iter_npages(), which performs almost the same check, returning at most MAX_SKB_FRAGS elements. So, let's eliminate this unnecessary comparison. Fixes: 581512a6 ("vsock/virtio: MSG_ZEROCOPY flag support") Cc: avkrasnov@salutedevices.com Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Arseniy Krasnov <avkrasnov@salutedevices.com> Link: https://lore.kernel.org/r/20231206164143.281107-1-sgarzare@redhat.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Wen Gu authored
The byte order conversions of ISM GID and DMB token are missing in process of CLC accept and confirm. So fix it. Fixes: 3d9725a6 ("net/smc: common routine for CLC accept and confirm") Signed-off-by: Wen Gu <guwen@linux.alibaba.com> Reviewed-by: Tony Lu <tonylu@linux.alibaba.com> Reviewed-by: Alexandra Winter <wintera@linux.ibm.com> Reviewed-by: Wenjia Zhang <wenjia@linux.ibm.com> Link: https://lore.kernel.org/r/1701882157-87956-1-git-send-email-guwen@linux.alibaba.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
duanqiangwen authored
in some bonding mode, service need to change mac when netif is running. Wangxun netdev add IFF_LIVE_ADDR_CHANGE priv_flag to support it. Signed-off-by: duanqiangwen <duanqiangwen@net-swift.com> Link: https://lore.kernel.org/r/20231206095044.17844-1-duanqiangwen@net-swift.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Sean Nyekjaer authored
Provide a list of valid protocols for which the driver will provide it's deferred xmit handler. When using DSA_TAG_PROTO_KSZ8795 protocol, it does not provide a "connect" method, therefor ksz_connect() is not allocating ksz_tagger_data. This avoids the following null pointer dereference: ksz_connect_tag_protocol from dsa_register_switch+0x9ac/0xee0 dsa_register_switch from ksz_switch_register+0x65c/0x828 ksz_switch_register from ksz_spi_probe+0x11c/0x168 ksz_spi_probe from spi_probe+0x84/0xa8 spi_probe from really_probe+0xc8/0x2d8 Fixes: ab32f56a ("net: dsa: microchip: ptp: add packet transmission timestamping") Signed-off-by: Sean Nyekjaer <sean@geanix.com> Reviewed-by: Florian Fainelli <florian.fainelli@broadcom.com> Reviewed-by: Vladimir Oltean <vladimir.oltean@nxp.com> Link: https://lore.kernel.org/r/20231206071655.1626479-1-sean@geanix.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
Ido Schimmel says: ==================== Generic netlink multicast fixes Restrict two generic netlink multicast groups - in the "psample" and "NET_DM" families - to be root-only with the appropriate capabilities. See individual patches for more details. ==================== Link: https://lore.kernel.org/r/20231206213102.1824398-1-idosch@nvidia.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Ido Schimmel authored
The "NET_DM" generic netlink family notifies drop locations over the "events" multicast group. This is problematic since by default generic netlink allows non-root users to listen to these notifications. Fix by adding a new field to the generic netlink multicast group structure that when set prevents non-root users or root without the 'CAP_SYS_ADMIN' capability (in the user namespace owning the network namespace) from joining the group. Set this field for the "events" group. Use 'CAP_SYS_ADMIN' rather than 'CAP_NET_ADMIN' because of the nature of the information that is shared over this group. Note that the capability check in this case will always be performed against the initial user namespace since the family is not netns aware and only operates in the initial network namespace. A new field is added to the structure rather than using the "flags" field because the existing field uses uAPI flags and it is inappropriate to add a new uAPI flag for an internal kernel check. In net-next we can rework the "flags" field to use internal flags and fold the new field into it. But for now, in order to reduce the amount of changes, add a new field. Since the information can only be consumed by root, mark the control plane operations that start and stop the tracing as root-only using the 'GENL_ADMIN_PERM' flag. Tested using [1]. Before: # capsh -- -c ./dm_repo # capsh --drop=cap_sys_admin -- -c ./dm_repo After: # capsh -- -c ./dm_repo # capsh --drop=cap_sys_admin -- -c ./dm_repo Failed to join "events" multicast group [1] $ cat dm.c #include <stdio.h> #include <netlink/genl/ctrl.h> #include <netlink/genl/genl.h> #include <netlink/socket.h> int main(int argc, char **argv) { struct nl_sock *sk; int grp, err; sk = nl_socket_alloc(); if (!sk) { fprintf(stderr, "Failed to allocate socket\n"); return -1; } err = genl_connect(sk); if (err) { fprintf(stderr, "Failed to connect socket\n"); return err; } grp = genl_ctrl_resolve_grp(sk, "NET_DM", "events"); if (grp < 0) { fprintf(stderr, "Failed to resolve \"events\" multicast group\n"); return grp; } err = nl_socket_add_memberships(sk, grp, NFNLGRP_NONE); if (err) { fprintf(stderr, "Failed to join \"events\" multicast group\n"); return err; } return 0; } $ gcc -I/usr/include/libnl3 -lnl-3 -lnl-genl-3 -o dm_repo dm.c Fixes: 9a8afc8d ("Network Drop Monitor: Adding drop monitor implementation & Netlink protocol") Reported-by: "The UK's National Cyber Security Centre (NCSC)" <security@ncsc.gov.uk> Signed-off-by: Ido Schimmel <idosch@nvidia.com> Reviewed-by: Jacob Keller <jacob.e.keller@intel.com> Reviewed-by: Jiri Pirko <jiri@nvidia.com> Link: https://lore.kernel.org/r/20231206213102.1824398-3-idosch@nvidia.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-