- 24 Apr, 2014 14 commits
-
-
David S. Miller authored
net/netfilter/nfnetlink.c: In function ‘nfnetlink_rcv’: net/netfilter/nfnetlink.c:371:14: warning: unused variable ‘net’ [-Wunused-variable] Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Eric W. Biederman says: ==================== netlink: Preventing abuse when passing file descriptors. Andy Lutomirski when looking at the networking stack noticed that it is possible to trick privilged processes into calling write on a netlink socket and send netlink messages they did not intend. In particular from time to time there are suid applications that will write to stdout or stderr without checking exactly what kind of file descriptors those are and can be tricked into acting as a limited form of suid cat. In other conversations the magic string CVE-2014-0181 has been used to talk about this issue. This patchset cleans things up a bit, adds some clean abstractions that when used prevent this kind of problem and then finally changes all of the handlers of netlink messages that I could find that call capable to use netlink_ns_capable or an appropriate wrapper. The abstraction netlink_ns_capable verifies that the original creator of the netlink socket a message is sent from had the necessary capabilities as well as verifying that the current sender of a netlink packet has the necessary capabilities. The idea is to prevent file descriptor passing of any form from resulting in a file descriptor that can do more than it can for the creator of the file descriptor. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
It is possible by passing a netlink socket to a more privileged executable and then to fool that executable into writing to the socket data that happens to be valid netlink message to do something that privileged executable did not intend to do. To keep this from happening replace bare capable and ns_capable calls with netlink_capable, netlink_net_calls and netlink_ns_capable calls. Which act the same as the previous calls except they verify that the opener of the socket had the desired permissions as well. Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
netlink_net_capable - The common case use, for operations that are safe on a network namespace netlink_capable - For operations that are only known to be safe for the global root netlink_ns_capable - The general case of capable used to handle special cases __netlink_ns_capable - Same as netlink_ns_capable except taking a netlink_skb_parms instead of the skbuff of a netlink message. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
sk_net_capable - The common case, operations that are safe in a network namespace. sk_capable - Operations that are not known to be safe in a network namespace sk_ns_capable - The general case for special cases. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
The permission check in sock_diag_put_filterinfo is wrong, and it is so removed from it's sources it is not clear why it is wrong. Move the computation into packet_diag_dump and pass a bool of the result into sock_diag_filterinfo. This does not yet correct the capability check but instead simply moves it to make it clear what is going on. Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
netlink_capable is a static internal function in af_netlink.c and we have better uses for the name netlink_capable. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Claudiu Manoil authored
This fixes a seg fault on 'ethtool -A' entry if the interface is down. Obviously we need to have the phy device initialized / "connected" (see of_phy_connect()) to be able to advertise pause frame capabilities. Fixes: 23402bddSigned-off-by: Claudiu Manoil <claudiu.manoil@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Shahed Shaikh says: ==================== qlcnic: Bug fixes This patch series contains following fixes - * Fix memory leak caused because of issuing mailbox command which can not wait for its completion. * Reset firmware API lock which might be in inconsistent state. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Rajesh Borundia authored
o In case QLC_83XX_MBX_CMD_NO_WAIT command type the calling function does not free the memory as it does not wait for response. So free it when get a response from adapter after sending the command. Signed-off-by: Rajesh Borundia <rajesh.borundia@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sony Chacko authored
Some firmware versions fails to reset the lock during initialization. Force reset firmware API lock during driver probe to ensure lock availability. Signed-off-by: Sony Chacko <sony.chacko@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jiri Pirko authored
There are two breaks missing there. The result is that userspace receives multiple messages which might be confusing. Introduced-by: 3d249d4c "net: introduce ethernet teaming device" Signed-off-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jean Delvare authored
I was told that the Cadence macb driver is also useful on Microblaze. Signed-off-by: Jean Delvare <jdelvare@suse.de> Cc: Nicolas Ferre <nicolas.ferre@atmel.com> Cc: David S. Miller <davem@davemloft.net> Cc: Michal Simek <monstr@monstr.eu> Cc: Mark Brown <broonie@kernel.org> Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Zi Shen Lim authored
Redefine some macros that were conditioned upon SMC_DEBUG level. By allowing compiler to verify parameters used by these macros unconditionally, we can flag compilation failures. Compiler will still optimize out the unused code path depending on SMC_DEBUG, so this is a net gain. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 23 Apr, 2014 6 commits
-
-
Alexei Starovoitov authored
exisiting BPF verifier allows uninitialized access to registers, 'ret A' is considered to be a valid filter. So initialize A and X to zero to prevent leaking kernel memory In the future BPF verifier will be rejecting such filters Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Cc: Daniel Borkmann <dborkman@redhat.com> Acked-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nicolas Dichtel authored
The goal of this patch is to fix rtnelink notification. The main problem was about notification for fdb entry with more than one remote. Before the patch, when a remote was added to an existing fdb entry, the kernel advertised the first remote instead of the added one. Also when a remote was removed from a fdb entry with several remotes, the deleted remote was not advertised. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hubert Chaumette authored
In ksz9021_load_values_from_of() val2 to val4 aren't tested against their initialization value. This causes the test to always succeed, and this value to be used as if it was loaded from the devicetree instead of being ignored, in case of a missing/invalid property in the ethernet OF device node. As a result, the value "0" is written to the relevant registers. Change the conditions to test against the right initialization value. Signed-off-by: Hubert Chaumette <hchaumette@adeneo-embedded.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Julia Lawall authored
A label just before a brace needs a following semicolon (empty statement). Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Zi Shen Lim authored
When SMC_DEBUG >= 2, we hit the following compilation error: drivers/net/ethernet/smsc/smc91x.c:85:0: drivers/net/ethernet/smsc/smc91x.c: In function ‘smc_findirq’: drivers/net/ethernet/smsc/smc91x.c:1784:9: error: ‘dev’ undeclared (first use in this function) DBG(2, dev, "%s: %s\n", CARDNAME, __func__); ^ Fix it by passing in the appropriate netdev pointer. Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 22 Apr, 2014 5 commits
-
-
Byungho An authored
This patch adds phy_found error path when there is no phy device and changes bus_name. Signed-off-by: Byungho An <bh74.an@samsung.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Byungho An authored
This patch moves cksum_ctl to tx_rd_des23 from cksum_pktlen for correct checksum offloading and modifies size for Tx/Rx descriptor. Signed-off-by: Byungho An <bh74.an@samsung.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Amos Kong authored
Execute "ethtool -L eth0 combined 0" in guest, if multiqueue is enabled, virtnet_send_command() will return -EINVAL error, there is a validation in QEMU. But if multiqueue is disabled, virtnet_set_queues() will just return zero (success). We should return error for this situation. Signed-off-by: Amos Kong <akong@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Max Schwarz authored
The MAC address retrieved from dt was not actually written to the hardware. This meant proper communication was only possible after changing the MAC address. Fix that by always writing the mac address during probing. Signed-off-by: Max Schwarz <max.schwarz@online.de> Acked-by: Heiko Stuebner <heiko@sntech.de> Tested-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lutomirski authored
The caller needs capabilities on the namespace being queried, not on their own namespace. This is a security bug, although it likely has only a minor impact. Cc: stable@vger.kernel.org Signed-off-by: Andy Lutomirski <luto@amacapital.net> Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 21 Apr, 2014 2 commits
-
-
Florian Fainelli authored
The mail address for Siva Reddy Kallam is bouncing, remove the email address from the MAINTAINERS entry for Samsung's SXGBE driver. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/netDavid S. Miller authored
Jeff Kirsher says: ==================== Intel Wired LAN Driver Updates This series contains updates to e1000e, igb, ixgbe and i40e. Most notably are Jakub's patches to clean up the Rx time stamping code for ixgbe and the fix up of debug messages with proper termination. Jesse's i40e patch fixes an issue reported by Eric Dumazet that the i40e driver was allowing the hardware to replicate the PSH flag on all segments of a TSO operation. With this fix, we are now configuring the CWR bit to only be set in the first packet of a TSO and we enable TSO_ECN in order to advertise to the stack that we do the right thing on the wire. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 19 Apr, 2014 13 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull x86 fix from Ingo Molnar: "This fixes the preemption-count imbalance crash reported by Owen Kibel" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mce: Fix CMCI preemption bugs
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull scheduler fixes from Ingo Molnar: "Two fixes: - a SCHED_DEADLINE task selection fix - a sched/numa related lockdep splat fix" * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched: Check for stop task appearance when balancing happens sched/numa: Fix task_numa_free() lockdep splat
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull perf fixes from Ingo Molnar: "Two kernel side fixes: - an Intel uncore PMU driver potential crash fix - a kprobes/perf-call-graph interaction fix" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf/x86/intel: Use rdmsrl_safe() when initializing RAPL PMU kprobes/x86: Fix page-fault handling logic
-
git://people.freedesktop.org/~airlied/linuxLinus Torvalds authored
Pull drm fixes from Dave Airlie: "Unfortunately this contains no easter eggs, its a bit larger than I'd like, but I included a patch that just moves code from one file to another and I'd like to avoid merge conflicts with that later, so it makes it seem worse than it is, Otherwise: - radeon: fixes to use new microcode to stabilise some cards, use some common displayport code, some runtime pm fixes, pll regression fixes - i915: fix for some context oopses, a warn in a used path, backlight fixes - nouveau: regression fix - omap: a bunch of fixes" * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (51 commits) drm: bochs: drop unused struct fields drm: bochs: add power management support drm: cirrus: add power management support drm: Split out drm_probe_helper.c from drm_crtc_helper.c drm/plane-helper: Don't fake-implement primary plane disabling drm/ast: fix value check in cbr_scan2 drm/nouveau/bios: fix a bit shift error introduced by 457e77b2 drm/radeon/ci: make sure mc ucode is loaded before checking the size drm/radeon/si: make sure mc ucode is loaded before checking the size drm/radeon: improve PLL params if we don't match exactly v2 drm/radeon: memory leak on bo reservation failure. v2 drm/radeon: fix VCE fence command drm/radeon: re-enable mclk dpm on R7 260X asics drm/radeon: add support for newer mc ucode on CI (v2) drm/radeon: add support for newer mc ucode on SI (v2) drm/radeon: apply more strict limits for PLL params v2 drm/radeon: update CI DPM powertune settings drm/radeon: fix runpm handling on APUs (v4) drm/radeon: disable mclk dpm on R7 260X drm/tegra: Remove gratuitous pad field ...
-
Jakub Kicinski authored
Add \n at the end of messages where missing, remove all \r. Reported-by: Joe Perches <joe@perches.com> Signed-off-by: Jakub Kicinski <kubakici@wp.pl> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com> Tested-by: Kavindya Deegala <kavindya.s.deegala@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Jakub Kicinski authored
Time stamping resources are per-interface so there is no need to keep separate last_rx_timestamp for each Rx ring, move last_rx_timestamp to the adapter structure. With last_rx_timestamp inside adapter, ixgbe_ptp_rx_hwtstamp() inline function is reduced to a single if statement so it is no longer necessary. If statement is placed directly in ixgbe_process_skb_fields() fixing likely/unlikely marking. Checks for q_vector or adapter to be NULL are superfluous. Comment about taking I/O hit is a leftover from previous design. Signed-off-by: Jakub Kicinski <kubakici@wp.pl> Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Todd Fujinaka authored
RQDPC on i210/i211 is R/W not ReadClear. Clear after reading. Signed-off-by: Todd Fujinaka <todd.fujinaka@intel.com> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
git://people.freedesktop.org/~deathsimple/linuxDave Airlie authored
Some i2c fixes over DisplayPort. * 'drm-next-3.15-wip' of git://people.freedesktop.org/~deathsimple/linux: drm/radeon: Improve vramlimit module param documentation drm/radeon: fix audio pin counts for DCE6+ (v2) drm/radeon/dp: switch to the common i2c over aux code drm/dp/i2c: Update comments about common i2c over dp assumptions (v3) drm/dp/i2c: send bare addresses to properly reset i2c connections (v4) drm/radeon/dp: handle zero sized i2c over aux transactions (v2) drm/i915: support address only i2c-over-aux transactions drm/tegra: dp: Support address-only I2C-over-AUX transactions
-
Hiroaki SHIMODA authored
Fix following compilation warning: drivers/net/ethernet/intel/e1000e/netdev.c:6238:12: warning ‘e1000e_pm_thaw’ defined but not used [-Wunused-function] static int e1000e_pm_thaw(struct device *dev) ^ Signed-off-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Vlad Yasevich authored
When changing the interface mtu, the driver starts with a value that doesn't include VLAN_HLEN. Later tests in the driver set the rx_buffer_len based on the mtu. As a result, when the user increases the mtu to 1504 (to support 802.1AD for example), the driver rx_buffer_len does not change and frames longer the 1522 bytes are rejected as too long. Include VLAN_HLEN from the start so that an user mtu greater then 1500 bytes is correctly reflected in the driver rx_buffer_len. CC: e1000-devel@lists.sourceforge.net Signed-off-by: Vlad Yasevich <vyasevic@redhat.com> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds authored
Pull more networking fixes from David Miller: 1) Fix mlx4_en_netpoll implementation, it needs to schedule a NAPI context, not synchronize it. From Chris Mason. 2) Ipv4 flow input interface should never be zero, it should be LOOPBACK_IFINDEX instead. From Cong Wang and Julian Anastasov. 3) Properly configure MAC to PHY connection in mvneta devices, from Thomas Petazzoni. 4) sys_recv should use SYSCALL_DEFINE. From Jan Glauber. 5) Tunnel driver ioctls do not use the correct namespace, fix from Nicolas Dichtel. 6) Fix memory leak on seccomp filter attach, from Kees Cook. 7) Fix lockdep warning for nested vlans, from Ding Tianhong. 8) Crashes can happen in SCTP due to how the auth_enable value is managed, fix from Vlad Yasevich. 9) Wireless fixes from John W Linville and co. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (45 commits) net: sctp: cache auth_enable per endpoint tg3: update rx_jumbo_pending ring param only when jumbo frames are enabled vlan: Fix lockdep warning when vlan dev handle notification seccomp: fix memory leak on filter attach isdn: icn: buffer overflow in icn_command() ip6_tunnel: use the right netns in ioctl handler sit: use the right netns in ioctl handler ip_tunnel: use the right netns in ioctl handler net: use SYSCALL_DEFINEx for sys_recv net: mdio-gpio: Add support for separate MDI and MDO gpio pins net: mdio-gpio: Add support for active low gpio pins net: mdio-gpio: Use devm_ functions where possible ipv4, route: pass 0 instead of LOOPBACK_IFINDEX to fib_validate_source() ipv4, fib: pass LOOPBACK_IFINDEX instead of 0 to flowi4_iif mlx4_en: don't use napi_synchronize inside mlx4_en_netpoll net: mvneta: properly configure the MAC <-> PHY connection in all situations net: phy: add minimal support for QSGMII PHY sfc:On MCDI timeout, issue an FLR (and mark MCDI to fail-fast) mwifiex: fix hung task on command timeout mwifiex: process event before command response ...
-
git://git.samba.org/sfrench/cifs-2.6Linus Torvalds authored
Pull cifs fixes from Steve French: "A set of 5 small cifs fixes" * 'for-next' of git://git.samba.org/sfrench/cifs-2.6: cif: fix dead code cifs: fix error handling cifs_user_readv fs: cifs: remove unused variable. Return correct error on query of xattr on file with empty xattrs cifs: Wait for writebacks to complete before attempting write.
-
Jesse Brandeburg authored
As reported by Eric Dumazet, the i40e driver was allowing the hardware to replicate the PSH flag on all segments of a TSO operation. This patch fixes the first/middle/last TCP flags settings which makes the TSO operations work correctly. With this change we are now configuring the CWR bit to only be set in the first packet of a TSO, so this patch also enables TSO_ECN, in order to advertise to the stack that we do the right thing on the wire. Reported-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com> Tested-by: Kavindya Deegala <kavindya.s.deegala@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-