1. 30 May, 2021 1 commit
    • Sriranjani P's avatar
      net: stmmac: fix kernel panic due to NULL pointer dereference of mdio_bus_data · 593f555f
      Sriranjani P authored
      Fixed link does not need mdio bus and in that case mdio_bus_data will
      not be allocated. Before using mdio_bus_data we should check for NULL.
      
      This patch fix the kernel panic due to NULL pointer dereference of
      mdio_bus_data when it is not allocated.
      
      Without this patch we do see following kernel crash caused due to kernel
      NULL pointer dereference.
      
      Call trace:
      stmmac_dvr_probe+0x3c/0x10b0
      dwc_eth_dwmac_probe+0x224/0x378
      platform_probe+0x68/0xe0
      really_probe+0x130/0x3d8
      driver_probe_device+0x68/0xd0
      device_driver_attach+0x74/0x80
      __driver_attach+0x58/0xf8
      bus_for_each_dev+0x7c/0xd8
      driver_attach+0x24/0x30
      bus_add_driver+0x148/0x1f0
      driver_register+0x64/0x120
      __platform_driver_register+0x28/0x38
      dwc_eth_dwmac_driver_init+0x1c/0x28
      do_one_initcall+0x78/0x158
      kernel_init_freeable+0x1f0/0x244
      kernel_init+0x14/0x118
      ret_from_fork+0x10/0x30
      Code: f9002bfb 9113e2d9 910e6273 aa0003f7 (f9405c78)
      ---[ end trace 32d9d41562ddc081 ]---
      
      Fixes: e5e5b771 ("net: stmmac: make in-band AN mode parsing is supported for non-DT")
      Signed-off-by: default avatarSriranjani P <sriranjani.p@samsung.com>
      Signed-off-by: default avatarPankaj Dubey <pankaj.dubey@samsung.com>
      Link: https://lore.kernel.org/r/20210528071056.35252-1-sriranjani.p@samsung.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      593f555f
  2. 28 May, 2021 5 commits
  3. 27 May, 2021 6 commits
    • Jakub Kicinski's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · 44991d61
      Jakub Kicinski authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter/IPVS fixes for net
      
      The following patchset contains Netfilter/IPVS fixes for net:
      
      1) Fix incorrect sockopts unregistration from error path,
         from Florian Westphal.
      
      2) A few patches to provide better error reporting when missing kernel
         netfilter options are missing in .config.
      
      3) Fix dormant table flag updates.
      
      4) Memleak in IPVS  when adding service with IP_VS_SVC_F_HASHED flag.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf:
        ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service
        netfilter: nf_tables: fix table flag updates
        netfilter: nf_tables: extended netlink error reporting for chain type
        netfilter: nf_tables: missing error reporting for not selected expressions
        netfilter: conntrack: unregister ipv4 sockopts on error unwind
      ====================
      
      Link: https://lore.kernel.org/r/20210527190115.98503-1-pablo@netfilter.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      44991d61
    • Ariel Levkovich's avatar
      net/sched: act_ct: Fix ct template allocation for zone 0 · fb91702b
      Ariel Levkovich authored
      Fix current behavior of skipping template allocation in case the
      ct action is in zone 0.
      
      Skipping the allocation may cause the datapath ct code to ignore the
      entire ct action with all its attributes (commit, nat) in case the ct
      action in zone 0 was preceded by a ct clear action.
      
      The ct clear action sets the ct_state to untracked and resets the
      skb->_nfct pointer. Under these conditions and without an allocated
      ct template, the skb->_nfct pointer will remain NULL which will
      cause the tc ct action handler to exit without handling commit and nat
      actions, if such exist.
      
      For example, the following rule in OVS dp:
      recirc_id(0x2),ct_state(+new-est-rel-rpl+trk),ct_label(0/0x1), \
      in_port(eth0),actions:ct_clear,ct(commit,nat(src=10.11.0.12)), \
      recirc(0x37a)
      
      Will result in act_ct skipping the commit and nat actions in zone 0.
      
      The change removes the skipping of template allocation for zone 0 and
      treats it the same as any other zone.
      
      Fixes: b57dc7c1 ("net/sched: Introduce action ct")
      Signed-off-by: default avatarAriel Levkovich <lariel@nvidia.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Link: https://lore.kernel.org/r/20210526170110.54864-1-lariel@nvidia.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      fb91702b
    • Paul Blakey's avatar
      net/sched: act_ct: Offload connections with commit action · 0cc254e5
      Paul Blakey authored
      Currently established connections are not offloaded if the filter has a
      "ct commit" action. This behavior will not offload connections of the
      following scenario:
      
      $ tc_filter add dev $DEV ingress protocol ip prio 1 flower \
        ct_state -trk \
        action ct commit action goto chain 1
      
      $ tc_filter add dev $DEV ingress protocol ip chain 1 prio 1 flower \
        action mirred egress redirect dev $DEV2
      
      $ tc_filter add dev $DEV2 ingress protocol ip prio 1 flower \
        action ct commit action goto chain 1
      
      $ tc_filter add dev $DEV2 ingress protocol ip prio 1 chain 1 flower \
        ct_state +trk+est \
        action mirred egress redirect dev $DEV
      
      Offload established connections, regardless of the commit flag.
      
      Fixes: 46475bb2 ("net/sched: act_ct: Software offload of established flows")
      Reviewed-by: default avatarOz Shlomo <ozsh@nvidia.com>
      Reviewed-by: default avatarJiri Pirko <jiri@nvidia.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarPaul Blakey <paulb@nvidia.com>
      Link: https://lore.kernel.org/r/1622029449-27060-1-git-send-email-paulb@nvidia.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      0cc254e5
    • Parav Pandit's avatar
      devlink: Correct VIRTUAL port to not have phys_port attributes · b28d8f0c
      Parav Pandit authored
      Physical port name, port number attributes do not belong to virtual port
      flavour. When VF or SF virtual ports are registered they incorrectly
      append "np0" string in the netdevice name of the VF/SF.
      
      Before this fix, VF netdevice name were ens2f0np0v0, ens2f0np0v1 for VF
      0 and 1 respectively.
      
      After the fix, they are ens2f0v0, ens2f0v1.
      
      With this fix, reading /sys/class/net/ens2f0v0/phys_port_name returns
      -EOPNOTSUPP.
      
      Also devlink port show example for 2 VFs on one PF to ensure that any
      physical port attributes are not exposed.
      
      $ devlink port show
      pci/0000:06:00.0/65535: type eth netdev ens2f0np0 flavour physical port 0 splittable false
      pci/0000:06:00.3/196608: type eth netdev ens2f0v0 flavour virtual splittable false
      pci/0000:06:00.4/262144: type eth netdev ens2f0v1 flavour virtual splittable false
      
      This change introduces a netdevice name change on systemd/udev
      version 245 and higher which honors phys_port_name sysfs file for
      generation of netdevice name.
      
      This also aligns to phys_port_name usage which is limited to switchdev
      ports as described in [1].
      
      [1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/tree/Documentation/networking/switchdev.rst
      
      Fixes: acf1ee44 ("devlink: Introduce devlink port flavour virtual")
      Signed-off-by: default avatarParav Pandit <parav@nvidia.com>
      Reviewed-by: default avatarJiri Pirko <jiri@nvidia.com>
      Link: https://lore.kernel.org/r/20210526200027.14008-1-parav@nvidia.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      b28d8f0c
    • Julian Anastasov's avatar
      ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service · 56e4ee82
      Julian Anastasov authored
      syzbot reported memory leak [1] when adding service with
      HASHED flag. We should ignore this flag both from sockopt
      and netlink provided data, otherwise the service is not
      hashed and not visible while releasing resources.
      
      [1]
      BUG: memory leak
      unreferenced object 0xffff888115227800 (size 512):
        comm "syz-executor263", pid 8658, jiffies 4294951882 (age 12.560s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<ffffffff83977188>] kmalloc include/linux/slab.h:556 [inline]
          [<ffffffff83977188>] kzalloc include/linux/slab.h:686 [inline]
          [<ffffffff83977188>] ip_vs_add_service+0x598/0x7c0 net/netfilter/ipvs/ip_vs_ctl.c:1343
          [<ffffffff8397d770>] do_ip_vs_set_ctl+0x810/0xa40 net/netfilter/ipvs/ip_vs_ctl.c:2570
          [<ffffffff838449a8>] nf_setsockopt+0x68/0xa0 net/netfilter/nf_sockopt.c:101
          [<ffffffff839ae4e9>] ip_setsockopt+0x259/0x1ff0 net/ipv4/ip_sockglue.c:1435
          [<ffffffff839fa03c>] raw_setsockopt+0x18c/0x1b0 net/ipv4/raw.c:857
          [<ffffffff83691f20>] __sys_setsockopt+0x1b0/0x360 net/socket.c:2117
          [<ffffffff836920f2>] __do_sys_setsockopt net/socket.c:2128 [inline]
          [<ffffffff836920f2>] __se_sys_setsockopt net/socket.c:2125 [inline]
          [<ffffffff836920f2>] __x64_sys_setsockopt+0x22/0x30 net/socket.c:2125
          [<ffffffff84350efa>] do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
          [<ffffffff84400068>] entry_SYSCALL_64_after_hwframe+0x44/0xae
      
      Reported-and-tested-by: syzbot+e562383183e4b1766930@syzkaller.appspotmail.com
      Fixes: 1da177e4 ("Linux-2.6.12-rc2")
      Signed-off-by: default avatarJulian Anastasov <ja@ssi.bg>
      Reviewed-by: default avatarSimon Horman <horms@verge.net.au>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      56e4ee82
    • Linus Torvalds's avatar
      Merge tag 'net-5.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · d7c5303f
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Networking fixes for 5.13-rc4, including fixes from bpf, netfilter,
        can and wireless trees. Notably including fixes for the recently
        announced "FragAttacks" WiFi vulnerabilities. Rather large batch,
        touching some core parts of the stack, too, but nothing hair-raising.
      
        Current release - regressions:
      
         - tipc: make node link identity publish thread safe
      
         - dsa: felix: re-enable TAS guard band mode
      
         - stmmac: correct clocks enabled in stmmac_vlan_rx_kill_vid()
      
         - stmmac: fix system hang if change mac address after interface
           ifdown
      
        Current release - new code bugs:
      
         - mptcp: avoid OOB access in setsockopt()
      
         - bpf: Fix nested bpf_bprintf_prepare with more per-cpu buffers
      
         - ethtool: stats: fix a copy-paste error - init correct array size
      
        Previous releases - regressions:
      
         - sched: fix packet stuck problem for lockless qdisc
      
         - net: really orphan skbs tied to closing sk
      
         - mlx4: fix EEPROM dump support
      
         - bpf: fix alu32 const subreg bound tracking on bitwise operations
      
         - bpf: fix mask direction swap upon off reg sign change
      
         - bpf, offload: reorder offload callback 'prepare' in verifier
      
         - stmmac: Fix MAC WoL not working if PHY does not support WoL
      
         - packetmmap: fix only tx timestamp on request
      
         - tipc: skb_linearize the head skb when reassembling msgs
      
        Previous releases - always broken:
      
         - mac80211: address recent "FragAttacks" vulnerabilities
      
         - mac80211: do not accept/forward invalid EAPOL frames
      
         - mptcp: avoid potential error message floods
      
         - bpf, ringbuf: deny reserve of buffers larger than ringbuf to
           prevent out of buffer writes
      
         - bpf: forbid trampoline attach for functions with variable arguments
      
         - bpf: add deny list of functions to prevent inf recursion of tracing
           programs
      
         - tls splice: check SPLICE_F_NONBLOCK instead of MSG_DONTWAIT
      
         - can: isotp: prevent race between isotp_bind() and
           isotp_setsockopt()
      
         - netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check,
           fallback to non-AVX2 version
      
        Misc:
      
         - bpf: add kconfig knob for disabling unpriv bpf by default"
      
      * tag 'net-5.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (172 commits)
        net: phy: Document phydev::dev_flags bits allocation
        mptcp: validate 'id' when stopping the ADD_ADDR retransmit timer
        mptcp: avoid error message on infinite mapping
        mptcp: drop unconditional pr_warn on bad opt
        mptcp: avoid OOB access in setsockopt()
        nfp: update maintainer and mailing list addresses
        net: mvpp2: add buffer header handling in RX
        bnx2x: Fix missing error code in bnx2x_iov_init_one()
        net: zero-initialize tc skb extension on allocation
        net: hns: Fix kernel-doc
        sctp: fix the proc_handler for sysctl encap_port
        sctp: add the missing setting for asoc encap_port
        bpf, selftests: Adjust few selftest result_unpriv outcomes
        bpf: No need to simulate speculative domain for immediates
        bpf: Fix mask direction swap upon off reg sign change
        bpf: Wrap aux data inside bpf_sanitize_info container
        bpf: Fix BPF_LSM kconfig symbol dependency
        selftests/bpf: Add test for l3 use of bpf_redirect_peer
        bpftool: Add sock_release help info for cgroup attach/prog load command
        net: dsa: microchip: enable phy errata workaround on 9567
        ...
      d7c5303f
  4. 26 May, 2021 2 commits
  5. 25 May, 2021 26 commits