From 9184a9cba622d9e38462ce11dff7da094b4fea84 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Tue, 24 May 2011 10:20:19 +0200 Subject: netfilter: ipset: fix ip_set_flush return code ip_set_flush returned -EPROTO instead of -IPSET_ERR_PROTOCOL, fixed Signed-off-by: Jozsef Kadlecsik Signed-off-by: Pablo Neira Ayuso --- net/netfilter/ipset/ip_set_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 72d1ac611fd..8041befc655 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -815,7 +815,7 @@ ip_set_flush(struct sock *ctnl, struct sk_buff *skb, ip_set_id_t i; if (unlikely(protocol_failed(attr))) - return -EPROTO; + return -IPSET_ERR_PROTOCOL; if (!attr[IPSET_ATTR_SETNAME]) { for (i = 0; i < ip_set_max; i++) -- cgit v1.2.3-18-g5258 From 97242c85a2c8160eac5a6e945209b5b6ae8ab5a3 Mon Sep 17 00:00:00 2001 From: David Miller Date: Thu, 19 May 2011 18:14:39 -0400 Subject: netfilter: Fix several warnings in compat_mtw_from_user(). Kill set but not used 'entry_offset'. Add a default case to the switch statement so the compiler can see that we always initialize off and size_kern before using them. Signed-off-by: David S. Miller Signed-off-by: Pablo Neira Ayuso --- net/bridge/netfilter/ebtables.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'net') diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 1a92b369c82..2b5ca1a0054 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c @@ -1883,14 +1883,13 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt, struct xt_target *wt; void *dst = NULL; int off, pad = 0; - unsigned int size_kern, entry_offset, match_size = mwt->match_size; + unsigned int size_kern, match_size = mwt->match_size; strlcpy(name, mwt->u.name, sizeof(name)); if (state->buf_kern_start) dst = state->buf_kern_start + state->buf_kern_offset; - entry_offset = (unsigned char *) mwt - base; switch (compat_mwt) { case EBT_COMPAT_MATCH: match = try_then_request_module(xt_find_match(NFPROTO_BRIDGE, @@ -1933,6 +1932,9 @@ static int compat_mtw_from_user(struct compat_ebt_entry_mwt *mwt, size_kern = wt->targetsize; module_put(wt->me); break; + + default: + return -EINVAL; } state->buf_kern_offset += match_size + off; -- cgit v1.2.3-18-g5258 From fd0daf9d58f6b3342d07c5f6bbfb304dbe5db4ec Mon Sep 17 00:00:00 2001 From: Michał Mirosław Date: Thu, 26 May 2011 00:42:57 +0000 Subject: net: fix ETHTOOL_SFEATURES compatibility with old ethtool_ops.set_flags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Current code squashes flags to bool - this makes set_flags fail whenever some ETH_FLAG_* equivalent features are set. Fix this. Signed-off-by: Michał Mirosław Signed-off-by: David S. Miller --- net/core/ethtool.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) (limited to 'net') diff --git a/net/core/ethtool.c b/net/core/ethtool.c index 84e7304532e..fd14116ad7f 100644 --- a/net/core/ethtool.c +++ b/net/core/ethtool.c @@ -233,6 +233,29 @@ static int ethtool_set_feature_compat(struct net_device *dev, return 1; } +static int ethtool_set_flags_compat(struct net_device *dev, + int (*legacy_set)(struct net_device *, u32), + struct ethtool_set_features_block *features, u32 mask) +{ + u32 value; + + if (!legacy_set) + return 0; + + if (!(features[0].valid & mask)) + return 0; + + value = dev->features & ~features[0].valid; + value |= features[0].requested; + + features[0].valid &= ~mask; + + if (legacy_set(dev, value & mask) < 0) + netdev_info(dev, "Legacy flags change failed\n"); + + return 1; +} + static int ethtool_set_features_compat(struct net_device *dev, struct ethtool_set_features_block *features) { @@ -249,7 +272,7 @@ static int ethtool_set_features_compat(struct net_device *dev, features, NETIF_F_ALL_TSO); compat |= ethtool_set_feature_compat(dev, dev->ethtool_ops->set_rx_csum, features, NETIF_F_RXCSUM); - compat |= ethtool_set_feature_compat(dev, dev->ethtool_ops->set_flags, + compat |= ethtool_set_flags_compat(dev, dev->ethtool_ops->set_flags, features, flags_dup_features); return compat; -- cgit v1.2.3-18-g5258 From 12e6c419b48c4d1803918e5d952ebee07bae7465 Mon Sep 17 00:00:00 2001 From: Oliver Hartkopp Date: Thu, 26 May 2011 04:57:53 +0000 Subject: can: convert to %pK for kptr_restrict support As these pointers have been printed without using %p they were missed in the big network kptr_restrict conversion patch %p -> %pK from Dan Rosenberg. Signed-off-by: Oliver Hartkopp Signed-off-by: David S. Miller --- net/can/proc.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'net') diff --git a/net/can/proc.c b/net/can/proc.c index f4265cc9c3f..0016f733969 100644 --- a/net/can/proc.c +++ b/net/can/proc.c @@ -204,12 +204,11 @@ static void can_print_rcvlist(struct seq_file *m, struct hlist_head *rx_list, hlist_for_each_entry_rcu(r, n, rx_list, list) { char *fmt = (r->can_id & CAN_EFF_FLAG)? - " %-5s %08X %08x %08x %08x %8ld %s\n" : - " %-5s %03X %08x %08lx %08lx %8ld %s\n"; + " %-5s %08x %08x %pK %pK %8ld %s\n" : + " %-5s %03x %08x %pK %pK %8ld %s\n"; seq_printf(m, fmt, DNAME(dev), r->can_id, r->mask, - (unsigned long)r->func, (unsigned long)r->data, - r->matches, r->ident); + r->func, r->data, r->matches, r->ident); } } -- cgit v1.2.3-18-g5258 From da7c06c4a773b7903d3c09a25edbcb20bdc4af22 Mon Sep 17 00:00:00 2001 From: Justin Mattock Date: Mon, 23 May 2011 20:43:48 +0000 Subject: net:8021q:vlan.c Fix pr_info to just give the vlan fullname and version. The below patch removes vlan_buggyright and vlan_copyright from vlan_proto_init, so that it prints out just the fullname of vlan and the version number. before: [ 30.438203] 802.1Q VLAN Support v1.8 Ben Greear [ 30.441542] All bugs added by David S. Miller after: [ 31.513910] 802.1Q VLAN Support v1.8 Signed-off-by: Justin P. Mattock CC: Joe Perches CC: David S. Miller CC: Ben Greear Signed-off-by: David S. Miller --- net/8021q/vlan.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'net') diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c index b2274d1fd60..c7a581a9689 100644 --- a/net/8021q/vlan.c +++ b/net/8021q/vlan.c @@ -46,8 +46,6 @@ int vlan_net_id __read_mostly; const char vlan_fullname[] = "802.1Q VLAN Support"; const char vlan_version[] = DRV_VERSION; -static const char vlan_copyright[] = "Ben Greear "; -static const char vlan_buggyright[] = "David S. Miller "; /* End of global variables definitions. */ @@ -673,8 +671,7 @@ static int __init vlan_proto_init(void) { int err; - pr_info("%s v%s %s\n", vlan_fullname, vlan_version, vlan_copyright); - pr_info("All bugs added by %s\n", vlan_buggyright); + pr_info("%s v%s\n", vlan_fullname, vlan_version); err = register_pernet_subsys(&vlan_net_ops); if (err < 0) -- cgit v1.2.3-18-g5258 From 86e4ca66e81bba0f8640f1fa19b8b8f72cbd0561 Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Thu, 26 May 2011 15:00:31 -0400 Subject: bug.h: Move ratelimit warn interfaces to ratelimit.h As reported by Ingo Molnar, we still have configuration combinations where use of the WARN_RATELIMIT interfaces break the build because dependencies don't get met. Instead of going down the long road of trying to make it so that ratelimit.h can get included by kernel.h or asm-generic/bug.h, just move the interface into ratelimit.h and make users have to include that. Reported-by: Ingo Molnar Signed-off-by: David S. Miller Acked-by: Randy Dunlap --- net/core/filter.c | 1 + 1 file changed, 1 insertion(+) (limited to 'net') diff --git a/net/core/filter.c b/net/core/filter.c index 0e3622f1dcb..36f975fa87c 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -38,6 +38,7 @@ #include #include #include +#include /* No hurry in this branch */ static void *__load_pointer(const struct sk_buff *skb, int k, unsigned int size) -- cgit v1.2.3-18-g5258 From c74c0bfe0b61cf41a897c2444c038e0d3f600556 Mon Sep 17 00:00:00 2001 From: Hans Schillstrom Date: Tue, 24 May 2011 14:11:05 +0200 Subject: IPVS: bug in ip_vs_ftp, same list heaad used in all netns. When ip_vs was adapted to netns the ftp application was not adapted in a correct way. However this is a fix to avoid kernel errors. In the long term another solution might be chosen. I.e the ports that the ftp appl, uses should be per netns. Signed-off-by: Hans Schillstrom Acked-by: Julian Anastasov Signed-off-by: Pablo Neira Ayuso --- net/netfilter/ipvs/ip_vs_ftp.c | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) (limited to 'net') diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c index 6b5dd6ddaae..af63553fa33 100644 --- a/net/netfilter/ipvs/ip_vs_ftp.c +++ b/net/netfilter/ipvs/ip_vs_ftp.c @@ -411,25 +411,35 @@ static struct ip_vs_app ip_vs_ftp = { static int __net_init __ip_vs_ftp_init(struct net *net) { int i, ret; - struct ip_vs_app *app = &ip_vs_ftp; + struct ip_vs_app *app; + struct netns_ipvs *ipvs = net_ipvs(net); + + app = kmemdup(&ip_vs_ftp, sizeof(struct ip_vs_app), GFP_KERNEL); + if (!app) + return -ENOMEM; + INIT_LIST_HEAD(&app->a_list); + INIT_LIST_HEAD(&app->incs_list); + ipvs->ftp_app = app; ret = register_ip_vs_app(net, app); if (ret) - return ret; + goto err_exit; for (i=0; iprotocol, ports[i]); if (ret) - break; + goto err_unreg; pr_info("%s: loaded support on port[%d] = %d\n", app->name, i, ports[i]); } + return 0; - if (ret) - unregister_ip_vs_app(net, app); - +err_unreg: + unregister_ip_vs_app(net, app); +err_exit: + kfree(ipvs->ftp_app); return ret; } /* @@ -437,9 +447,10 @@ static int __net_init __ip_vs_ftp_init(struct net *net) */ static void __ip_vs_ftp_exit(struct net *net) { - struct ip_vs_app *app = &ip_vs_ftp; + struct netns_ipvs *ipvs = net_ipvs(net); - unregister_ip_vs_app(net, app); + unregister_ip_vs_app(net, ipvs->ftp_app); + kfree(ipvs->ftp_app); } static struct pernet_operations ip_vs_ftp_ops = { -- cgit v1.2.3-18-g5258 From e7a46b4d0839c2a3aa2e0ae0b145f293f6738498 Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Fri, 27 May 2011 04:51:54 +0000 Subject: atm: expose ATM device index in sysfs It's currently exposed only through /proc which, besides requiring screen-scraping, doesn't allow userspace to distinguish between two identical ATM adapters with different ATM indexes. The ATM device index is required when using PPPoATM on a system with multiple ATM adapters. Signed-off-by: Dan Williams Reviewed-by: Eric Dumazet Tested-by: David Woodhouse Cc: stable@kernel.org Signed-off-by: David S. Miller --- net/atm/atm_sysfs.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'net') diff --git a/net/atm/atm_sysfs.c b/net/atm/atm_sysfs.c index f7fa67c7876..f49da5814bc 100644 --- a/net/atm/atm_sysfs.c +++ b/net/atm/atm_sysfs.c @@ -59,6 +59,14 @@ static ssize_t show_atmaddress(struct device *cdev, return pos - buf; } +static ssize_t show_atmindex(struct device *cdev, + struct device_attribute *attr, char *buf) +{ + struct atm_dev *adev = to_atm_dev(cdev); + + return sprintf(buf, "%d\n", adev->number); +} + static ssize_t show_carrier(struct device *cdev, struct device_attribute *attr, char *buf) { @@ -99,6 +107,7 @@ static ssize_t show_link_rate(struct device *cdev, static DEVICE_ATTR(address, S_IRUGO, show_address, NULL); static DEVICE_ATTR(atmaddress, S_IRUGO, show_atmaddress, NULL); +static DEVICE_ATTR(atmindex, S_IRUGO, show_atmindex, NULL); static DEVICE_ATTR(carrier, S_IRUGO, show_carrier, NULL); static DEVICE_ATTR(type, S_IRUGO, show_type, NULL); static DEVICE_ATTR(link_rate, S_IRUGO, show_link_rate, NULL); @@ -106,6 +115,7 @@ static DEVICE_ATTR(link_rate, S_IRUGO, show_link_rate, NULL); static struct device_attribute *atm_attrs[] = { &dev_attr_atmaddress, &dev_attr_address, + &dev_attr_atmindex, &dev_attr_carrier, &dev_attr_type, &dev_attr_link_rate, -- cgit v1.2.3-18-g5258 From 686a7e32ca7fdd819eb9606abd3db52b77d1479f Mon Sep 17 00:00:00 2001 From: Eric Dumazet Date: Thu, 26 May 2011 17:27:11 +0000 Subject: inetpeer: fix race in unused_list manipulations Several crashes in cleanup_once() were reported in recent kernels. Commit d6cc1d642de9 (inetpeer: various changes) added a race in unlink_from_unused(). One way to avoid taking unused_peers.lock before doing the list_empty() test is to catch 0->1 refcnt transitions, using full barrier atomic operations variants (atomic_cmpxchg() and atomic_inc_return()) instead of previous atomic_inc() and atomic_add_unless() variants. We then call unlink_from_unused() only for the owner of the 0->1 transition. Add a new atomic_add_unless_return() static helper With help from Arun Sharma. Refs: https://bugzilla.kernel.org/show_bug.cgi?id=32772 Reported-by: Arun Sharma Reported-by: Maximilian Engelhardt Reported-by: Yann Dupont Reported-by: Denys Fedoryshchenko Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller --- net/ipv4/inetpeer.c | 42 +++++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 15 deletions(-) (limited to 'net') diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c index 9df4e635fb5..ce616d92cc5 100644 --- a/net/ipv4/inetpeer.c +++ b/net/ipv4/inetpeer.c @@ -154,11 +154,9 @@ void __init inet_initpeers(void) /* Called with or without local BH being disabled. */ static void unlink_from_unused(struct inet_peer *p) { - if (!list_empty(&p->unused)) { - spin_lock_bh(&unused_peers.lock); - list_del_init(&p->unused); - spin_unlock_bh(&unused_peers.lock); - } + spin_lock_bh(&unused_peers.lock); + list_del_init(&p->unused); + spin_unlock_bh(&unused_peers.lock); } static int addr_compare(const struct inetpeer_addr *a, @@ -205,6 +203,20 @@ static int addr_compare(const struct inetpeer_addr *a, u; \ }) +static bool atomic_add_unless_return(atomic_t *ptr, int a, int u, int *newv) +{ + int cur, old = atomic_read(ptr); + + while (old != u) { + *newv = old + a; + cur = atomic_cmpxchg(ptr, old, *newv); + if (cur == old) + return true; + old = cur; + } + return false; +} + /* * Called with rcu_read_lock() * Because we hold no lock against a writer, its quite possible we fall @@ -213,7 +225,8 @@ static int addr_compare(const struct inetpeer_addr *a, * We exit from this function if number of links exceeds PEER_MAXDEPTH */ static struct inet_peer *lookup_rcu(const struct inetpeer_addr *daddr, - struct inet_peer_base *base) + struct inet_peer_base *base, + int *newrefcnt) { struct inet_peer *u = rcu_dereference(base->root); int count = 0; @@ -226,7 +239,7 @@ static struct inet_peer *lookup_rcu(const struct inetpeer_addr *daddr, * distinction between an unused entry (refcnt=0) and * a freed one. */ - if (unlikely(!atomic_add_unless(&u->refcnt, 1, -1))) + if (!atomic_add_unless_return(&u->refcnt, 1, -1, newrefcnt)) u = NULL; return u; } @@ -465,22 +478,23 @@ struct inet_peer *inet_getpeer(struct inetpeer_addr *daddr, int create) struct inet_peer_base *base = family_to_base(daddr->family); struct inet_peer *p; unsigned int sequence; - int invalidated; + int invalidated, newrefcnt = 0; /* Look up for the address quickly, lockless. * Because of a concurrent writer, we might not find an existing entry. */ rcu_read_lock(); sequence = read_seqbegin(&base->lock); - p = lookup_rcu(daddr, base); + p = lookup_rcu(daddr, base, &newrefcnt); invalidated = read_seqretry(&base->lock, sequence); rcu_read_unlock(); if (p) { - /* The existing node has been found. +found: /* The existing node has been found. * Remove the entry from unused list if it was there. */ - unlink_from_unused(p); + if (newrefcnt == 1) + unlink_from_unused(p); return p; } @@ -494,11 +508,9 @@ struct inet_peer *inet_getpeer(struct inetpeer_addr *daddr, int create) write_seqlock_bh(&base->lock); p = lookup(daddr, stack, base); if (p != peer_avl_empty) { - atomic_inc(&p->refcnt); + newrefcnt = atomic_inc_return(&p->refcnt); write_sequnlock_bh(&base->lock); - /* Remove the entry from unused list if it was there. */ - unlink_from_unused(p); - return p; + goto found; } p = create ? kmem_cache_alloc(peer_cachep, GFP_ATOMIC) : NULL; if (p) { -- cgit v1.2.3-18-g5258 From c5c177b4aca83338781e72be2e6dd1601c560cb3 Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Fri, 27 May 2011 13:41:33 -0400 Subject: net: Kill ratelimit.h dependency in linux/net.h Ingo Molnar noticed that we have this unnecessary ratelimit.h dependency in linux/net.h, which hid compilation problems from people doing builds only with CONFIG_NET enabled. Move this stuff out to a seperate net/net_ratelimit.h file and include that in the only two places where this thing is needed. Signed-off-by: David S. Miller Acked-by: Ingo Molnar --- net/core/sysctl_net_core.c | 1 + net/core/utils.c | 1 + 2 files changed, 2 insertions(+) (limited to 'net') diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index a829e3f60ae..77a65f03148 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c @@ -17,6 +17,7 @@ #include #include +#include #ifdef CONFIG_RPS static int rps_sock_flow_sysctl(ctl_table *table, int write, diff --git a/net/core/utils.c b/net/core/utils.c index 2012bc797f9..386e263f606 100644 --- a/net/core/utils.c +++ b/net/core/utils.c @@ -27,6 +27,7 @@ #include #include +#include #include #include -- cgit v1.2.3-18-g5258