- 24 Apr, 2014 18 commits
-
-
Kumar Sundararajan authored
When the ipv6 fib changes during a table dump, the walk is restarted and the number of nodes dumped are skipped. But the existing code doesn't advance to the next node after a node is skipped. This can cause the dump to loop or produce lots of duplicates when the fib is modified during the dump. This change advances the walk to the next node if the current node is skipped after a restart. Signed-off-by: Kumar Sundararajan <kumar@fb.com> Signed-off-by: Chris Mason <clm@fb.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
David Gibson says: ==================== Fix problems with with IFLA_VF_PORTS (v2) I've had a customer encounter a problem with getifaddrs(3) freezing up on a system with a Cisco enic device. I've discovered that the problem is caused by an enic device with a large number of SR-IOV virtual functions overflowing the normal sized packet buffer for netlink, leading to interfaces not being reported from an RTM_GETLINK request. The first patch here just makes the problem easier to locate if it occurs again in a different way, by adding a WARN_ON() when we run out of room in a netlink packet in this manner. The second patch actually fixes the problem, by only reporting IFLA_VF_PORTS information when the RTEXT_FILTER_VF flag is specified. v2: Corrected some CodingStyle problems ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Gibson authored
Since 115c9b81 (rtnetlink: Fix problem with buffer allocation), RTM_NEWLINK messages only contain the IFLA_VFINFO_LIST attribute if they were solicited by a GETLINK message containing an IFLA_EXT_MASK attribute with the RTEXT_FILTER_VF flag. That was done because some user programs broke when they received more data than expected - because IFLA_VFINFO_LIST contains information for each VF it can become large if there are many VFs. However, the IFLA_VF_PORTS attribute, supplied for devices which implement ndo_get_vf_port (currently the 'enic' driver only), has the same problem. It supplies per-VF information and can therefore become large, but it is not currently conditional on the IFLA_EXT_MASK value. Worse, it interacts badly with the existing EXT_MASK handling. When IFLA_EXT_MASK is not supplied, the buffer for netlink replies is fixed at NLMSG_GOODSIZE. If the information for IFLA_VF_PORTS exceeds this, then rtnl_fill_ifinfo() returns -EMSGSIZE on the first message in a packet. netlink_dump() will misinterpret this as having finished the listing and omit data for this interface and all subsequent ones. That can cause getifaddrs(3) to enter an infinite loop. This patch addresses the problem by only supplying IFLA_VF_PORTS when IFLA_EXT_MASK is supplied with the RTEXT_FILTER_VF flag set. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Gibson authored
Without IFLA_EXT_MASK specified, the information reported for a single interface in response to RTM_GETLINK is expected to fit within a netlink packet of NLMSG_GOODSIZE. If it doesn't, however, things will go badly wrong, When listing all interfaces, netlink_dump() will incorrectly treat -EMSGSIZE on the first message in a packet as the end of the listing and omit information for that interface and all subsequent ones. This can cause getifaddrs(3) to enter an infinite loop. This patch won't fix the problem, but it will WARN_ON() making it easier to track down what's going wrong. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Jiri Pirko <jpirko@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
net/netfilter/nfnetlink.c: In function ‘nfnetlink_rcv’: net/netfilter/nfnetlink.c:371:14: warning: unused variable ‘net’ [-Wunused-variable] Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Eric W. Biederman says: ==================== netlink: Preventing abuse when passing file descriptors. Andy Lutomirski when looking at the networking stack noticed that it is possible to trick privilged processes into calling write on a netlink socket and send netlink messages they did not intend. In particular from time to time there are suid applications that will write to stdout or stderr without checking exactly what kind of file descriptors those are and can be tricked into acting as a limited form of suid cat. In other conversations the magic string CVE-2014-0181 has been used to talk about this issue. This patchset cleans things up a bit, adds some clean abstractions that when used prevent this kind of problem and then finally changes all of the handlers of netlink messages that I could find that call capable to use netlink_ns_capable or an appropriate wrapper. The abstraction netlink_ns_capable verifies that the original creator of the netlink socket a message is sent from had the necessary capabilities as well as verifying that the current sender of a netlink packet has the necessary capabilities. The idea is to prevent file descriptor passing of any form from resulting in a file descriptor that can do more than it can for the creator of the file descriptor. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
It is possible by passing a netlink socket to a more privileged executable and then to fool that executable into writing to the socket data that happens to be valid netlink message to do something that privileged executable did not intend to do. To keep this from happening replace bare capable and ns_capable calls with netlink_capable, netlink_net_calls and netlink_ns_capable calls. Which act the same as the previous calls except they verify that the opener of the socket had the desired permissions as well. Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
netlink_net_capable - The common case use, for operations that are safe on a network namespace netlink_capable - For operations that are only known to be safe for the global root netlink_ns_capable - The general case of capable used to handle special cases __netlink_ns_capable - Same as netlink_ns_capable except taking a netlink_skb_parms instead of the skbuff of a netlink message. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
sk_net_capable - The common case, operations that are safe in a network namespace. sk_capable - Operations that are not known to be safe in a network namespace sk_ns_capable - The general case for special cases. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
The permission check in sock_diag_put_filterinfo is wrong, and it is so removed from it's sources it is not clear why it is wrong. Move the computation into packet_diag_dump and pass a bool of the result into sock_diag_filterinfo. This does not yet correct the capability check but instead simply moves it to make it clear what is going on. Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric W. Biederman authored
netlink_capable is a static internal function in af_netlink.c and we have better uses for the name netlink_capable. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Claudiu Manoil authored
This fixes a seg fault on 'ethtool -A' entry if the interface is down. Obviously we need to have the phy device initialized / "connected" (see of_phy_connect()) to be able to advertise pause frame capabilities. Fixes: 23402bddSigned-off-by: Claudiu Manoil <claudiu.manoil@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Shahed Shaikh says: ==================== qlcnic: Bug fixes This patch series contains following fixes - * Fix memory leak caused because of issuing mailbox command which can not wait for its completion. * Reset firmware API lock which might be in inconsistent state. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Rajesh Borundia authored
o In case QLC_83XX_MBX_CMD_NO_WAIT command type the calling function does not free the memory as it does not wait for response. So free it when get a response from adapter after sending the command. Signed-off-by: Rajesh Borundia <rajesh.borundia@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sony Chacko authored
Some firmware versions fails to reset the lock during initialization. Force reset firmware API lock during driver probe to ensure lock availability. Signed-off-by: Sony Chacko <sony.chacko@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jiri Pirko authored
There are two breaks missing there. The result is that userspace receives multiple messages which might be confusing. Introduced-by: 3d249d4c "net: introduce ethernet teaming device" Signed-off-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jean Delvare authored
I was told that the Cadence macb driver is also useful on Microblaze. Signed-off-by: Jean Delvare <jdelvare@suse.de> Cc: Nicolas Ferre <nicolas.ferre@atmel.com> Cc: David S. Miller <davem@davemloft.net> Cc: Michal Simek <monstr@monstr.eu> Cc: Mark Brown <broonie@kernel.org> Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Zi Shen Lim authored
Redefine some macros that were conditioned upon SMC_DEBUG level. By allowing compiler to verify parameters used by these macros unconditionally, we can flag compilation failures. Compiler will still optimize out the unused code path depending on SMC_DEBUG, so this is a net gain. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 23 Apr, 2014 6 commits
-
-
Alexei Starovoitov authored
exisiting BPF verifier allows uninitialized access to registers, 'ret A' is considered to be a valid filter. So initialize A and X to zero to prevent leaking kernel memory In the future BPF verifier will be rejecting such filters Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Cc: Daniel Borkmann <dborkman@redhat.com> Acked-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nicolas Dichtel authored
The goal of this patch is to fix rtnelink notification. The main problem was about notification for fdb entry with more than one remote. Before the patch, when a remote was added to an existing fdb entry, the kernel advertised the first remote instead of the added one. Also when a remote was removed from a fdb entry with several remotes, the deleted remote was not advertised. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hubert Chaumette authored
In ksz9021_load_values_from_of() val2 to val4 aren't tested against their initialization value. This causes the test to always succeed, and this value to be used as if it was loaded from the devicetree instead of being ignored, in case of a missing/invalid property in the ethernet OF device node. As a result, the value "0" is written to the relevant registers. Change the conditions to test against the right initialization value. Signed-off-by: Hubert Chaumette <hchaumette@adeneo-embedded.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Julia Lawall authored
A label just before a brace needs a following semicolon (empty statement). Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Zi Shen Lim authored
When SMC_DEBUG >= 2, we hit the following compilation error: drivers/net/ethernet/smsc/smc91x.c:85:0: drivers/net/ethernet/smsc/smc91x.c: In function ‘smc_findirq’: drivers/net/ethernet/smsc/smc91x.c:1784:9: error: ‘dev’ undeclared (first use in this function) DBG(2, dev, "%s: %s\n", CARDNAME, __func__); ^ Fix it by passing in the appropriate netdev pointer. Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 22 Apr, 2014 5 commits
-
-
Byungho An authored
This patch adds phy_found error path when there is no phy device and changes bus_name. Signed-off-by: Byungho An <bh74.an@samsung.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Byungho An authored
This patch moves cksum_ctl to tx_rd_des23 from cksum_pktlen for correct checksum offloading and modifies size for Tx/Rx descriptor. Signed-off-by: Byungho An <bh74.an@samsung.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Amos Kong authored
Execute "ethtool -L eth0 combined 0" in guest, if multiqueue is enabled, virtnet_send_command() will return -EINVAL error, there is a validation in QEMU. But if multiqueue is disabled, virtnet_set_queues() will just return zero (success). We should return error for this situation. Signed-off-by: Amos Kong <akong@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Max Schwarz authored
The MAC address retrieved from dt was not actually written to the hardware. This meant proper communication was only possible after changing the MAC address. Fix that by always writing the mac address during probing. Signed-off-by: Max Schwarz <max.schwarz@online.de> Acked-by: Heiko Stuebner <heiko@sntech.de> Tested-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lutomirski authored
The caller needs capabilities on the namespace being queried, not on their own namespace. This is a security bug, although it likely has only a minor impact. Cc: stable@vger.kernel.org Signed-off-by: Andy Lutomirski <luto@amacapital.net> Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 21 Apr, 2014 2 commits
-
-
Florian Fainelli authored
The mail address for Siva Reddy Kallam is bouncing, remove the email address from the MAINTAINERS entry for Samsung's SXGBE driver. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/netDavid S. Miller authored
Jeff Kirsher says: ==================== Intel Wired LAN Driver Updates This series contains updates to e1000e, igb, ixgbe and i40e. Most notably are Jakub's patches to clean up the Rx time stamping code for ixgbe and the fix up of debug messages with proper termination. Jesse's i40e patch fixes an issue reported by Eric Dumazet that the i40e driver was allowing the hardware to replicate the PSH flag on all segments of a TSO operation. With this fix, we are now configuring the CWR bit to only be set in the first packet of a TSO and we enable TSO_ECN in order to advertise to the stack that we do the right thing on the wire. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 19 Apr, 2014 9 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull x86 fix from Ingo Molnar: "This fixes the preemption-count imbalance crash reported by Owen Kibel" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mce: Fix CMCI preemption bugs
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull scheduler fixes from Ingo Molnar: "Two fixes: - a SCHED_DEADLINE task selection fix - a sched/numa related lockdep splat fix" * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched: Check for stop task appearance when balancing happens sched/numa: Fix task_numa_free() lockdep splat
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull perf fixes from Ingo Molnar: "Two kernel side fixes: - an Intel uncore PMU driver potential crash fix - a kprobes/perf-call-graph interaction fix" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf/x86/intel: Use rdmsrl_safe() when initializing RAPL PMU kprobes/x86: Fix page-fault handling logic
-
git://people.freedesktop.org/~airlied/linuxLinus Torvalds authored
Pull drm fixes from Dave Airlie: "Unfortunately this contains no easter eggs, its a bit larger than I'd like, but I included a patch that just moves code from one file to another and I'd like to avoid merge conflicts with that later, so it makes it seem worse than it is, Otherwise: - radeon: fixes to use new microcode to stabilise some cards, use some common displayport code, some runtime pm fixes, pll regression fixes - i915: fix for some context oopses, a warn in a used path, backlight fixes - nouveau: regression fix - omap: a bunch of fixes" * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (51 commits) drm: bochs: drop unused struct fields drm: bochs: add power management support drm: cirrus: add power management support drm: Split out drm_probe_helper.c from drm_crtc_helper.c drm/plane-helper: Don't fake-implement primary plane disabling drm/ast: fix value check in cbr_scan2 drm/nouveau/bios: fix a bit shift error introduced by 457e77b2 drm/radeon/ci: make sure mc ucode is loaded before checking the size drm/radeon/si: make sure mc ucode is loaded before checking the size drm/radeon: improve PLL params if we don't match exactly v2 drm/radeon: memory leak on bo reservation failure. v2 drm/radeon: fix VCE fence command drm/radeon: re-enable mclk dpm on R7 260X asics drm/radeon: add support for newer mc ucode on CI (v2) drm/radeon: add support for newer mc ucode on SI (v2) drm/radeon: apply more strict limits for PLL params v2 drm/radeon: update CI DPM powertune settings drm/radeon: fix runpm handling on APUs (v4) drm/radeon: disable mclk dpm on R7 260X drm/tegra: Remove gratuitous pad field ...
-
Jakub Kicinski authored
Add \n at the end of messages where missing, remove all \r. Reported-by: Joe Perches <joe@perches.com> Signed-off-by: Jakub Kicinski <kubakici@wp.pl> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com> Tested-by: Kavindya Deegala <kavindya.s.deegala@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Jakub Kicinski authored
Time stamping resources are per-interface so there is no need to keep separate last_rx_timestamp for each Rx ring, move last_rx_timestamp to the adapter structure. With last_rx_timestamp inside adapter, ixgbe_ptp_rx_hwtstamp() inline function is reduced to a single if statement so it is no longer necessary. If statement is placed directly in ixgbe_process_skb_fields() fixing likely/unlikely marking. Checks for q_vector or adapter to be NULL are superfluous. Comment about taking I/O hit is a leftover from previous design. Signed-off-by: Jakub Kicinski <kubakici@wp.pl> Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Todd Fujinaka authored
RQDPC on i210/i211 is R/W not ReadClear. Clear after reading. Signed-off-by: Todd Fujinaka <todd.fujinaka@intel.com> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
git://people.freedesktop.org/~deathsimple/linuxDave Airlie authored
Some i2c fixes over DisplayPort. * 'drm-next-3.15-wip' of git://people.freedesktop.org/~deathsimple/linux: drm/radeon: Improve vramlimit module param documentation drm/radeon: fix audio pin counts for DCE6+ (v2) drm/radeon/dp: switch to the common i2c over aux code drm/dp/i2c: Update comments about common i2c over dp assumptions (v3) drm/dp/i2c: send bare addresses to properly reset i2c connections (v4) drm/radeon/dp: handle zero sized i2c over aux transactions (v2) drm/i915: support address only i2c-over-aux transactions drm/tegra: dp: Support address-only I2C-over-AUX transactions
-
Hiroaki SHIMODA authored
Fix following compilation warning: drivers/net/ethernet/intel/e1000e/netdev.c:6238:12: warning ‘e1000e_pm_thaw’ defined but not used [-Wunused-function] static int e1000e_pm_thaw(struct device *dev) ^ Signed-off-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> Tested-by: Aaron Brown <aaron.f.brown@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-