1. 24 Dec, 2015 4 commits
  2. 23 Dec, 2015 5 commits
  3. 22 Dec, 2015 20 commits
  4. 20 Dec, 2015 1 commit
  5. 19 Dec, 2015 1 commit
    • Arnd Bergmann's avatar
      netcp: fix regression in receive processing · 958d104e
      Arnd Bergmann authored
      A cleanup patch I did was unfortunately wrong and introduced
      multiple serious bugs in the netcp rx processing, as indicated
      by these correct gcc warnings:
      
      drivers/net/ethernet/ti/netcp_core.c:776:14: warning: 'buf_ptr' may be used uninitialized in this function [-Wuninitialized]
      drivers/net/ethernet/ti/netcp_core.c:687:14: warning: 'ptr' may be used uninitialized in this function [-Wuninitialized]
      
      I have checked the patch once more and found that a call to
      get_pkt_info() accidentally got removed in netcp_free_rx_desc_chain,
      and netcp_process_one_rx_packet no longer retrieved the correct
      buffer length. This patch should fix all the known problems,
      but I did not test on real hardware.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Fixes: 89907779 ("netcp: try to reduce type confusion in descriptors")
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      958d104e
  6. 18 Dec, 2015 9 commits
    • stephen hemminger's avatar
      asix: silence log message from oversize packet · b70183db
      stephen hemminger authored
      Since it is possible for an external system to send oversize packets
      at anytime, it is best for driver not to print a message and spam
      the log (potential external DoS).
      
      Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=109471Signed-off-by: default avatarStephen Hemminger <stephen@networkplumber.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b70183db
    • Eric Dumazet's avatar
      tcp: diag: add support for request sockets to tcp_abort() · 07f6f4a3
      Eric Dumazet authored
      Adding support for SYN_RECV request sockets to tcp_abort()
      is quite easy after our tcp listener rewrite.
      
      Note that we also need to better handle listeners, or we might
      leak not yet accepted children, because of a missing
      inet_csk_listen_stop() call.
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: Lorenzo Colitti <lorenzo@google.com>
      Tested-by: default avatarLorenzo Colitti <lorenzo@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      07f6f4a3
    • David S. Miller's avatar
      Merge branch 'bpf-misc-updates' · d73e5f41
      David S. Miller authored
      Daniel Borkmann says:
      
      ====================
      Misc BPF updates
      
      This series contains a couple of misc updates to the BPF code, besides
      others a new helper bpf_skb_load_bytes(), moving clearing of A/X to the
      classic converter, etc. Please see individual patches for details.
      
      Thanks!
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d73e5f41
    • Daniel Borkmann's avatar
      bpf, test: add couple of test cases · 9dd2af83
      Daniel Borkmann authored
      Add couple of test cases for interpreter but also JITs, f.e. to test that
      when imm32 moves are being done, upper 32bits of the regs are being zero
      extended.
      
      Without JIT:
      
        [...]
        [ 1114.129301] test_bpf: #43 MOV REG64 jited:0 128 PASS
        [ 1114.130626] test_bpf: #44 MOV REG32 jited:0 139 PASS
        [ 1114.132055] test_bpf: #45 LD IMM64 jited:0 124 PASS
        [...]
      
      With JIT (generated code can as usual be nicely verified with the help of
      bpf_jit_disasm tool):
      
        [...]
        [ 1062.726782] test_bpf: #43 MOV REG64 jited:1 6 PASS
        [ 1062.726890] test_bpf: #44 MOV REG32 jited:1 6 PASS
        [ 1062.726993] test_bpf: #45 LD IMM64 jited:1 6 PASS
        [...]
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9dd2af83
    • Daniel Borkmann's avatar
      bpf, x86: detect/optimize loading 0 immediates · 606c88a8
      Daniel Borkmann authored
      When sometimes structs or variables need to be initialized/'memset' to 0 in
      an eBPF C program, the x86 BPF JIT converts this to use immediates. We can
      however save a couple of bytes (f.e. even up to 7 bytes on a single emmission
      of BPF_LD | BPF_IMM | BPF_DW) in the image by detecting such case and use xor
      on the dst register instead.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      606c88a8
    • Daniel Borkmann's avatar
      bpf: fix misleading comment in bpf_convert_filter · 23bf8807
      Daniel Borkmann authored
      Comment says "User BPF's register A is mapped to our BPF register 6",
      which is actually wrong as the mapping is on register 0. This can
      already be inferred from the code itself. So just remove it before
      someone makes assumptions based on that. Only code tells truth. ;)
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      23bf8807
    • Daniel Borkmann's avatar
      bpf: move clearing of A/X into classic to eBPF migration prologue · 8b614aeb
      Daniel Borkmann authored
      Back in the days where eBPF (or back then "internal BPF" ;->) was not
      exposed to user space, and only the classic BPF programs internally
      translated into eBPF programs, we missed the fact that for classic BPF
      A and X needed to be cleared. It was fixed back then via 83d5b7ef
      ("net: filter: initialize A and X registers"), and thus classic BPF
      specifics were added to the eBPF interpreter core to work around it.
      
      This added some confusion for JIT developers later on that take the
      eBPF interpreter code as an example for deriving their JIT. F.e. in
      f75298f5 ("s390/bpf: clear correct BPF accumulator register"), at
      least X could leak stack memory. Furthermore, since this is only needed
      for classic BPF translations and not for eBPF (verifier takes care
      that read access to regs cannot be done uninitialized), more complexity
      is added to JITs as they need to determine whether they deal with
      migrations or native eBPF where they can just omit clearing A/X in
      their prologue and thus reduce image size a bit, see f.e. cde66c2d
      ("s390/bpf: Only clear A and X for converted BPF programs"). In other
      cases (x86, arm64), A and X is being cleared in the prologue also for
      eBPF case, which is unnecessary.
      
      Lets move this into the BPF migration in bpf_convert_filter() where it
      actually belongs as long as the number of eBPF JITs are still few. It
      can thus be done generically; allowing us to remove the quirk from
      __bpf_prog_run() and to slightly reduce JIT image size in case of eBPF,
      while reducing code duplication on this matter in current(/future) eBPF
      JITs.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Reviewed-by: default avatarMichael Holzheu <holzheu@linux.vnet.ibm.com>
      Tested-by: default avatarMichael Holzheu <holzheu@linux.vnet.ibm.com>
      Cc: Zi Shen Lim <zlim.lnx@gmail.com>
      Cc: Yang Shi <yang.shi@linaro.org>
      Acked-by: default avatarYang Shi <yang.shi@linaro.org>
      Acked-by: default avatarZi Shen Lim <zlim.lnx@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8b614aeb
    • Daniel Borkmann's avatar
      bpf: add bpf_skb_load_bytes helper · 05c74e5e
      Daniel Borkmann authored
      When hacking tc programs with eBPF, one of the issues that come up
      from time to time is to load addresses from headers. In eBPF as in
      classic BPF, we have BPF_LD | BPF_ABS | BPF_{B,H,W} instructions that
      extract a byte, half-word or word out of the skb data though helpers
      such as bpf_load_pointer() (interpreter case).
      
      F.e. extracting a whole IPv6 address could possibly look like ...
      
        union v6addr {
          struct {
            __u32 p1;
            __u32 p2;
            __u32 p3;
            __u32 p4;
          };
          __u8 addr[16];
        };
      
        [...]
      
        a.p1 = htonl(load_word(skb, off));
        a.p2 = htonl(load_word(skb, off +  4));
        a.p3 = htonl(load_word(skb, off +  8));
        a.p4 = htonl(load_word(skb, off + 12));
      
        [...]
      
        /* access to a.addr[...] */
      
      This work adds a complementary helper bpf_skb_load_bytes() (we also
      have bpf_skb_store_bytes()) as an alternative where the same call
      would look like from an eBPF program:
      
        ret = bpf_skb_load_bytes(skb, off, addr, sizeof(addr));
      
      Same verifier restrictions apply as in ffeedafb ("bpf: introduce
      current->pid, tgid, uid, gid, comm accessors") case, where stack memory
      access needs to be statically verified and thus guaranteed to be
      initialized in first use (otherwise verifier cannot tell whether a
      subsequent access to it is valid or not as it's runtime dependent).
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      05c74e5e
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next · 59ce9670
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter updates for net-next
      
      The following patchset contains the first batch of Netfilter updates for
      the upcoming 4.5 kernel. This batch contains userspace netfilter header
      compilation fixes, support for packet mangling in nf_tables, the new
      tracing infrastructure for nf_tables and cgroup2 support for iptables.
      More specifically, they are:
      
      1) Two patches to include dependencies in our netfilter userspace
         headers to resolve compilation problems, from Mikko Rapeli.
      
      2) Four comestic cleanup patches for the ebtables codebase, from Ian Morris.
      
      3) Remove duplicate include in the netfilter reject infrastructure,
         from Stephen Hemminger.
      
      4) Two patches to simplify the netfilter defragmentation code for IPv6,
         patch from Florian Westphal.
      
      5) Fix root ownership of /proc/net netfilter for unpriviledged net
         namespaces, from Philip Whineray.
      
      6) Get rid of unused fields in struct nft_pktinfo, from Florian Westphal.
      
      7) Add mangling support to our nf_tables payload expression, from
         Patrick McHardy.
      
      8) Introduce a new netlink-based tracing infrastructure for nf_tables,
         from Florian Westphal.
      
      9) Change setter functions in nfnetlink_log to be void, from
          Rami Rosen.
      
      10) Add netns support to the cttimeout infrastructure.
      
      11) Add cgroup2 support to iptables, from Tejun Heo.
      
      12) Introduce nfnl_dereference_protected() in nfnetlink, from Florian.
      
      13) Add support for mangling pkttype in the nf_tables meta expression,
          also from Florian.
      
      BTW, I need that you pull net into net-next, I have another batch that
      requires changes that I don't yet see in net.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      59ce9670