1. 21 Dec, 2018 8 commits
    • Stephen Hemminger's avatar
      linux/netlink.h: drop unnecessary extern prefix · aa9d6e0f
      Stephen Hemminger authored
      Don't need extern prefix before function prototypes.
      Checkpatch has complained about this for a couple of years.
      Signed-off-by: default avatarStephen Hemminger <stephen@networkplumber.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      aa9d6e0f
    • David S. Miller's avatar
      Merge branch 'ipv4-Prevent-user-triggerable-warning' · 7de33309
      David S. Miller authored
      Ido Schimmel says:
      
      ====================
      net: ipv4: Prevent user triggerable warning
      
      Patch #1 prevents a user triaggerable warning in the flow dissector by
      setting 'skb->dev' in skbs used for IPv4 output route get requests.
      
      Patch #2 adds a test case that triggers the warning without the first
      patch.
      
      I have audited all the RTM_GETROUTE handlers and could not find any
      other callpath where an skb is passed to the flow dissector with both
      'skb->dev' and 'skb->sk' cleared.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7de33309
    • Ido Schimmel's avatar
      selftests: rtnetlink: Add a test case for multipath route get · 676f4bb1
      Ido Schimmel authored
      Without previous patch a warning would be generated upon multipath route
      get when FIB multipath hash policy is to use a 5-tuple for multipath
      hash calculation.
      Signed-off-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      676f4bb1
    • Ido Schimmel's avatar
      net: ipv4: Set skb->dev for output route resolution · 21f94775
      Ido Schimmel authored
      When user requests to resolve an output route, the kernel synthesizes
      an skb where the relevant parameters (e.g., source address) are set. The
      skb is then passed to ip_route_output_key_hash_rcu() which might call
      into the flow dissector in case a multipath route was hit and a nexthop
      needs to be selected based on the multipath hash.
      
      Since both 'skb->dev' and 'skb->sk' are not set, a warning is triggered
      in the flow dissector [1]. The warning is there to prevent codepaths
      from silently falling back to the standard flow dissector instead of the
      BPF one.
      
      Therefore, instead of removing the warning, set 'skb->dev' to the
      loopback device, as its not used for anything but resolving the correct
      namespace.
      
      [1]
      WARNING: CPU: 1 PID: 24819 at net/core/flow_dissector.c:764 __skb_flow_dissect+0x314/0x16b0
      ...
      RSP: 0018:ffffa0df41fdf650 EFLAGS: 00010246
      RAX: 0000000000000000 RBX: ffff8bcded232000 RCX: 0000000000000000
      RDX: ffffa0df41fdf7e0 RSI: ffffffff98e415a0 RDI: ffff8bcded232000
      RBP: ffffa0df41fdf760 R08: 0000000000000000 R09: 0000000000000000
      R10: ffffa0df41fdf7e8 R11: ffff8bcdf27a3000 R12: ffffffff98e415a0
      R13: ffffa0df41fdf7e0 R14: ffffffff98dd2980 R15: ffffa0df41fdf7e0
      FS:  00007f46f6897680(0000) GS:ffff8bcdf7a80000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 000055933e95f9a0 CR3: 000000021e636000 CR4: 00000000001006e0
      Call Trace:
       fib_multipath_hash+0x28c/0x2d0
       ? fib_multipath_hash+0x28c/0x2d0
       fib_select_path+0x241/0x32f
       ? __fib_lookup+0x6a/0xb0
       ip_route_output_key_hash_rcu+0x650/0xa30
       ? __alloc_skb+0x9b/0x1d0
       inet_rtm_getroute+0x3f7/0xb80
       ? __alloc_pages_nodemask+0x11c/0x2c0
       rtnetlink_rcv_msg+0x1d9/0x2f0
       ? rtnl_calcit.isra.24+0x120/0x120
       netlink_rcv_skb+0x54/0x130
       rtnetlink_rcv+0x15/0x20
       netlink_unicast+0x20a/0x2c0
       netlink_sendmsg+0x2d1/0x3d0
       sock_sendmsg+0x39/0x50
       ___sys_sendmsg+0x2a0/0x2f0
       ? filemap_map_pages+0x16b/0x360
       ? __handle_mm_fault+0x108e/0x13d0
       __sys_sendmsg+0x63/0xa0
       ? __sys_sendmsg+0x63/0xa0
       __x64_sys_sendmsg+0x1f/0x30
       do_syscall_64+0x5a/0x120
       entry_SYSCALL_64_after_hwframe+0x44/0xa9
      
      Fixes: d0e13a14 ("flow_dissector: lookup netns by skb->sk if skb->dev is NULL")
      Signed-off-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      21f94775
    • Steen Hegelund's avatar
      net: mscc: ocelot: Register poll timeout should be wall time not attempts · 639c1b26
      Steen Hegelund authored
      When doing indirect access in the Ocelot chip, a command is setup,
      issued and then we need to poll until the result is ready. The polling
      timeout is specified in milliseconds in the datasheet and not in
      register access attempts.
      It is not a bug on the currently supported platform, but we observed
      that the code does not work properly on other platforms that we want to
      support as the timing requirements there are different.
      Signed-off-by: default avatarSteen Hegelund <steen.hegelund@microchip.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      639c1b26
    • Colin Ian King's avatar
      neighbour: remove stray semicolon · 463561e6
      Colin Ian King authored
      Currently the stray semicolon means that the final term in the addition
      is being missed.  Fix this by removing it. Cleans up clang warning:
      
      net/core/neighbour.c:2821:9: warning: expression result unused [-Wunused-value]
      
      Fixes: 82cbb5c6 ("neighbour: register rtnl doit handler")
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Acked-By: default avatarRoopa Prabhu <roopa@cumulusnetworks.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      463561e6
    • Tristram Ha's avatar
      net: dsa: microchip: fix unicast frame leak · 962ad710
      Tristram Ha authored
      Port partitioning is done by enabling UNICAST_VLAN_BOUNDARY and changing
      the default port membership of 0x7f to other values such that there is
      no communication between ports.  In KSZ9477 the member for port 1 is
      0x41; port 2, 0x42; port 3, 0x44; port 4, 0x48; port 5, 0x50; and port 7,
      0x60.  Port 6 is the host port.
      
      Setting a zero value can be used to stop port from receiving.
      
      However, when UNICAST_VLAN_BOUNDARY is disabled and the unicast addresses
      are already learned in the dynamic MAC table, setting zero still allows
      devices connected to those ports to communicate.  This does not apply to
      multicast and broadcast addresses though.  To prevent these leaks and
      make the function of port membership consistent UNICAST_VLAN_BOUNDARY
      should never be disabled.
      
      Note that UNICAST_VLAN_BOUNDARY is enabled by default in KSZ9477.
      
      Fixes: b987e98e ("dsa: add DSA switch driver for Microchip KSZ9477")
      Signed-off-by: default avatarTristram Ha <Tristram.Ha@microchip.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      962ad710
    • David S. Miller's avatar
      vxlan: Correct merge error. · 3a6d528a
      David S. Miller authored
      When resolving the conflict wrt. the vxlan_fdb_update call
      in vxlan_changelink() I made the last argument false instead
      of true.
      
      Fix this.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3a6d528a
  2. 20 Dec, 2018 32 commits