- 16 May, 2013 1 commit
-
-
Pablo Neira Ayuso authored
This target assumes that tcph->doff is well-formed, that may be well not the case. Add extra sanity checkings to avoid possible crash due to read/write out of the real packet boundary. After this patch, the default action on malformed TCP packets is to drop them. Moreover, fragments are skipped. Reported-by: Rafal Kupka <rkupka@telemetry.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
- 15 May, 2013 1 commit
-
-
Hans Schillstrom authored
Since (69b34fb9 netfilter: xt_LOG: add net namespace support for xt_LOG), we hit this: [ 4224.708977] BUG: unable to handle kernel NULL pointer dereference at 0000000000000388 [ 4224.709074] IP: [<ffffffff8147f699>] ipt_log_packet+0x29/0x270 when callling log functions from conntrack both in and out are NULL i.e. the net pointer is invalid. Adding struct net *net in call to nf_logfn() will secure that there always is a vaild net ptr. Reported as netfilter's bugzilla bug 818: https://bugzilla.netfilter.org/show_bug.cgi?id=818Reported-by: Ronald <ronald645@gmail.com> Signed-off-by: Hans Schillstrom <hans@schillstrom.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
- 06 May, 2013 2 commits
-
-
Pablo Neira Ayuso authored
* Remove reference to ipchains (not any longer in the tree) * Remove all P: (person) as this tag is obsolete according to the description. Therefore, update Jozsef Kadlecsik to M: so he can still show in the list of people. * Add URI to Netfilter's patchwork at ozlabs.org * Update URIs to Netfilter's git trees to point to kernel.org. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
This patch fixes the following compilation error: net/netfilter/nf_log.c:373:38: error: 'struct netns_nf' has no member named 'proc_netfilter' if procfs is not set. The netns support for nf_log, nfnetlink_log and nfnetlink_queue_core requires CONFIG_PROC_FS in the removal path of their respective /proc interface since net->nf.proc_netfilter is undefined in that case. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Gao feng <gaofeng@cn.fujitsu.com>
-
- 05 May, 2013 32 commits
-
-
Eric Dumazet authored
TCP metric cache expires entries after one hour. This probably make sense for TCP RTT/RTTVAR/CWND, but not for TCP fastopen cookies. Its better to try previous cookie. If it appears to be obsolete, server will send us new cookie anyway. Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Yuchung Cheng <ycheng@google.com> Cc: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Benjamin Herrenschmidt authored
Some ancient pHyp versions used to create a 8 bytes local-mac-address property in the device-tree instead of a 6 bytes one for veth. The Linux driver code to deal with that is an insane hack which also happens to break with some choices of MAC addresses in qemu by testing for a bit in the address rather than just looking at the size of the property. Sanitize this by doing the latter instead. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> CC: <stable@vger.kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
stephen hemminger authored
Programs using virtio headers outside of kernel will no longer build because u16 type does not exist in userspace. All user ABI must use __u16 typedef instead. Bug introduce by: commit 986a4f4d Author: Jason Wang <jasowang@redhat.com> Date: Fri Dec 7 07:04:56 2012 +0000 virtio_net: multiqueue support Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linuxLinus Torvalds authored
Pull mudule updates from Rusty Russell: "We get rid of the general module prefix confusion with a binary config option, fix a remove/insert race which Never Happens, and (my favorite) handle the case when we have too many modules for a single commandline. Seriously, the kernel is full, please go away!" * tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: modpost: fix unwanted VMLINUX_SYMBOL_STR expansion X.509: Support parse long form of length octets in Authority Key Identifier module: don't unlink the module until we've removed all exposure. kernel: kallsyms: memory override issue, need check destination buffer length MODSIGN: do not send garbage to stderr when enabling modules signature modpost: handle huge numbers of modules. modpost: add -T option to read module names from file/stdin. modpost: minor cleanup. genksyms: pass symbol-prefix instead of arch module: fix symbol versioning with symbol prefixes CONFIG_SYMBOL_PREFIX: cleanup.
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds authored
Pull single_open() leak fixes from Al Viro: "A bunch of fixes for a moderately common class of bugs: file with single_open() done by its ->open() and seq_release as its ->release(). That leaks; fortunately, it's not _too_ common (either people manage to RTFM that says "When using single_open(), the programmer should use single_release() instead of seq_release() in the file_operations structure to avoid a memory leak", or they just copy a correct instance), but grepping through the tree has caught quite a pile. All of that is, AFAICS, -stable fodder, for as far as the patches apply. I tried to carve it up into reasonably-sized pieces (more or less "comes from the same tree")" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: rcutrace: single_open() leaks gadget: single_open() leaks staging: single_open() leaks megaraid: single_open() leak wireless: single_open() leaks input: single_open() leak rtc: single_open() leaks ds1620: single_open() leak sh: single_open() leaks parisc: single_open() leaks mips: single_open() leaks ia64: single_open() leaks h8300: single_open() leaks cris: single_open() leaks arm: single_open() leaks
-
Linus Torvalds authored
Merge ipc fixes and cleanups from my IPC branch. The ipc locking has always been pretty ugly, and the scalability fixes to some degree made it even less readable. We had two cases of double unlocks in error paths due to this (one rcu read unlock, one semaphore unlock), and this fixes the bugs I found while trying to clean things up a bit so that we are less likely to have more. * ipc-cleanups: ipc: simplify rcu_read_lock() in semctl_nolock() ipc: simplify semtimedop/semctl_main() common error path handling ipc: move sem_obtain_lock() rcu locking into the only caller ipc: fix double sem unlock in semctl error path ipc: move the rcu_read_lock() from sem_lock_and_putref() into callers ipc: sem_putref() does not need the semaphore lock any more ipc: move rcu_read_unlock() out of sem_unlock() and into callers
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds authored
Pull networking fixes from David Miller: 1) Several routines do not use netdev_features_t to hold such bitmasks, fixes from Patrick McHardy and Bjørn Mork. 2) Update cpsw IRQ software state and the actual HW irq enabling in the correct order. From Mugunthan V N. 3) When sending tipc packets to multiple bearers, we have to make copies of the SKB rather than just giving the original SKB directly. Fix from Gerlando Falauto. 4) Fix race with bridging topology change timer, from Stephen Hemminger. 5) Fix TCPv6 segmentation handling in GRE and VXLAN, from Pravin B Shelar. 6) Endian bug in USB pegasus driver, from Dan Carpenter. 7) Fix crashes on MTU reduction in USB asix driver, from Holger Eitzenberger. 8) Don't allow the kernel to BUG() just because the user puts some crap in an AF_PACKET mmap() ring descriptor. Fix from Daniel Borkmann. 9) Don't use variable sized arrays on the stack in xen-netback, from Wei Liu. 10) Fix stats reporting and an unbalanced napi_disable() in be2net driver. From Somnath Kotur and Ajit Khaparde. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (25 commits) cxgb4: fix error recovery when t4_fw_hello returns a positive value sky2: Fix crash on receiving VLAN frames packet: tpacket_v3: do not trigger bug() on wrong header status asix: fix BUG in receive path when lowering MTU net: qmi_wwan: Add Telewell TW-LTE 4G usbnet: pegasus: endian bug in write_mii_word() vxlan: Fix TCPv6 segmentation. gre: Fix GREv4 TCPv6 segmentation. bridge: fix race with topology change timer tipc: pskb_copy() buffers when sending on more than one bearer tipc: tipc_bcbearer_send(): simplify bearer selection tipc: cosmetic: clean up comments and break a long line drivers: net: cpsw: irq not disabled in cpsw isr in particular sequence xen-netback: better names for thresholds xen-netback: avoid allocating variable size array on stack xen-netback: remove redundent parameter in netbk_count_requests be2net: Fix to fail probe if MSI-X enable fails for a VF be2net: avoid napi_disable() when it has not been enabled be2net: Fix firmware download for Lancer be2net: Fix to receive Multicast Packets when Promiscuous mode is enabled on certain devices ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-nextLinus Torvalds authored
Pull sparc updates from David Miller: 1) Hibernation support, as well as removal of excess interrupt twiddling in MMU context allocation on sparc64 from Kirill Tkhai. 2) Kill references to __ARCH_WANT_UNLOCKED_CTXSW. 3) Sparc32 LEON bug fixes from Daniel Hellstrom and Andreas Larsson. 4) Provide cmpxchg64(), from Geert Uytterhoeven. 5) Device refcount and registry bug fixes from Federico Vaga and Wei Yongjun. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-next: serial: sunsu: add missing platform_driver_unregister() when module exit sparc32, leon: Do not overwrite previously set irq flow handlers sparc/kernel/vio.c: add put_device() after device_find_child() sparc64: Do not save/restore interrupts in get_new_mmu_context() sparc: Consistently use 'wr' and 'rd' instructions for ASRs. sparc64: Kill __ARCH_WANT_UNLOCKED_CTXSW sparc64: Provide cmpxchg64() sparc64: Do not change num_physpages during initmem freeing sparc64: Hibernation support sparc,leon: updated GRPCI2 config name sparc,leon: support for GRPCI1 PCI host bridge controller sparc32,leon: add support for PCI busn resource for GRPCI2
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparcDavid S. Miller authored
Merge sparc bug fixes that didn't make it into v3.9 into sparc-next. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Wei Yongjun authored
We have registered platform driver when module init, and need unregister it when module exit. Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andreas Larsson authored
This is needed because when scan_of_devices finds the GAISLER_GPTIMER core that corresponds to the SMP "ticker" timer, the previously set proper irq flow handler gets overwritten with an incorrect one. This leads to very flaky timer interrupt handling on some hardware. Proper updates to handlers can still be done using leon_update_virq_handling. Signed-off-by: Andreas Larsson <andreas@gaisler.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Federico Vaga authored
The vio_remove() function uses device_find_child() but it does not drop the reference of the retrieved child. Signed-off-by: Federico Vaga <federico.vaga@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Linus Torvalds authored
This trivially combines two rcu_read_lock() calls in both sides of a if-statement into one single one in front of the if-statement. Split out as an independent cleanup from the previous commit. Acked-by: Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Rik van Riel <riel@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
With various straight RCU lock/unlock movements, one common exit path pattern had become rcu_read_unlock(); goto out_wakeup; and in fact there were no cases where we wanted to exit to out_wakeup _without_ releasing the RCU read lock. So replace that pattern with "goto out_rcu_wakeup", and remove the old out_wakeup. Acked-by: Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Rik van Riel <riel@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
sem_obtain_lock() was another of those functions that returned with the RCU lock held for reading in the success case. Move the RCU locking to the caller (semtimedop()), making it more obvious. We already did RCU locking elsewhere in that function. Side note: why does semtimedop() re-do the semphore lookup after the sleep, rather than just getting a reference to the semaphore it already looked up originally? Acked-by: Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Rik van Riel <riel@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
Fix another ipc locking buglet introduced by the scalability patches: when semctl_down() was changed to delay the semaphore locking, one error path for security_sem_semctl() went through the semaphore unlock logic even though the semaphore had never been locked. Introduced by commit 16df3674 ("ipc,sem: do not hold ipc lock more than necessary") Acked-by: Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Rik van Riel <riel@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
This is another ipc semaphore locking cleanup, trying to make the locking more straightforward. We move the rcu read locking into the callers of sem_lock_and_putref(), which in general means that we now mostly do the rcu_read_lock() and rcu_read_unlock() in the same function. Mostly. We still have the ipc_addid/newary/freeary mess, and things like ipcctl_pre_down_nolock(). Acked-by: Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Rik van Riel <riel@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
- 04 May, 2013 4 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmcLinus Torvalds authored
Pull MMC update from Chris Ball: "MMC highlights for 3.10: Core: - Introduce MMC_CAP2_NO_PRESCAN_POWERUP to allow skipping mmc_power_up() at boot/initialization time if it's already happened, for performance (faster boot time) reasons. - Fix a bit width test failure that resulted in old eMMC cards being put into 1-bit mode when 4-bit mode was available. - Expose fwrev/hwrev for MMCv4 parts. - Improve card removal logic in the case where the card's removed slowly; we were missing card removal events if the card retained contact with the slot pads for long enough to reply to a CMD13 while being removed. Drivers: - davinci_mmc: Support using PIO instead of DMA. - dw_mmc: Add support for Exynos4412. - mxcmmc: DT support, use slot-gpio API. - mxs-mmc: Add broken-cd/cd-inverted/non-removable DT property support. - sdhci-sirf: New sdhci-pltfm driver for CSR SiRF SoCs: SiRFprimaII: unicore ARM Cortex-A9 SiRFatlas6: unicore ARM Cortex-A9 SiRFmarco: dual core ARM Cortex-A9 SMP - sdhci-tegra: Add support for Tegra114 platforms, use mmc_of_parse()" * tag 'mmc-updates-for-3.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc: (66 commits) mmc: sdhci-tegra: fix MODULE_DEVICE_TABLE mmc: core: fix init controller performance regression, updated patch mmc: mxcmmc: enable DMA support on mpc512x mmc: mxcmmc: constify mxcmci_devtype mmc: mxcmmc: use slot-gpio API for write-protect detection mmc: mxcmmc: add mpc512x SDHC support mmc: mxcmmc: fix race conditions for host->req and host->data access mmc: mxcmmc: DT support mmc: dw_mmc: let device core setup the default pin configuration mmc: mxs-mmc: add broken-cd property mmc: mxs-mmc: add non-removable property mmc: mxs-mmc: add cd-inverted property mmc: core: call pm_runtime_put_noidle in pm_runtime_get_sync failed case mmc: mxcmmc: Fix bug when card is present during boot mmc: core: fix performance regression initializing MMC host controllers Revert "mmc: core: wait while adding MMC host to ensure root mounts successfully" mmc: atmel-mci: pio hang on block errors mmc: core: Fix bit width test failing on old eMMC cards mmc: dw_mmc: Use pr_info instead of printk mmc: dw_mmc: Check return value of regulator_enable ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/stagingLinus Torvalds authored
Pull hwmon update from Jean Delvare: "Only lm75 driver updates this time" * 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging: hwmon: (lm75) Add support for the Dallas/Maxim DS7505 hwmon: (lm75) Tune resolution and sample time per chip hwmon: (lm75) Prepare to support per-chip resolution and sample time hwmon: (lm75) Per-chip configuration register initialization
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds authored
Pull second round of VFS updates from Al Viro: "Assorted fixes" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: xtensa simdisk: fix braino in "xtensa simdisk: switch to proc_create_data()" hostfs: use kmalloc instead of kzalloc hostfs: move HOSTFS_SUPER_MAGIC to <linux/magic.h> hostfs: remove "will unlock" comment vfs: use list_move instead of list_del/list_add proc_devtree: Replace include linux/module.h with linux/export.h create_mnt_ns: unidiomatic use of list_add() fs: remove dentry_lru_prune() Removed unused typedef to avoid "unused local typedef" warnings. kill fs/read_write.h fs: Fix hang with BSD accounting on frozen filesystem sun3_scsi: add ->show_info() nubus: Kill nubus_proc_detach_device() more mode_t whack-a-mole... do_coredump(): don't wait for thaw if coredump has already been interrupted do_mount(): fix a leak introduced in 3.9 ("mount: consolidate permission checks")
-
Al Viro authored
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-