Eric Lee / smarc-fsl-linux-kernel

15 May, 2013

1 commit

  • 8cdb46da0   netfilter: log: netns NULL ptr bug when calling from conntrack ... Browse Code »

    Since (69b34fb netfilter: xt_LOG: add net namespace support
    for xt_LOG), we hit this:

    [ 4224.708977] BUG: unable to handle kernel NULL pointer dereference at 0000000000000388
    [ 4224.709074] IP: [] ipt_log_packet+0x29/0x270

    when callling log functions from conntrack both in and out
    are NULL i.e. the net pointer is invalid.

    Adding struct net *net in call to nf_logfn() will secure that
    there always is a vaild net ptr.

    Reported as netfilter's bugzilla bug 818:
    https://bugzilla.netfilter.org/show_bug.cgi?id=818

    Reported-by: Ronald
    Signed-off-by: Hans Schillstrom
    Signed-off-by: Pablo Neira Ayuso

    Hans Schillstrom
     

04 May, 2013

1 commit

  • 83401eb49   bridge: fix race with topology change timer ... Browse Code »

    A bridge should only send topology change notice if it is not
    the root bridge. It is possible for message age timer to elect itself
    as a new root bridge, and still have a topology change timer running
    but waiting for bridge lock on other CPU.

    Solve the race by checking if we are root bridge before continuing.
    This was the root cause of the cases where br_send_tcn_bpdu would OOPS.

    Reported-by: JerryKang
    Signed-off-by: Stephen Hemminger
    Signed-off-by: David S. Miller

    stephen hemminger
     

01 May, 2013

1 commit

  • 91bc033c4   bridge: avoid OOPS if root port not found ... Browse Code »

    Bridge can crash while trying to send topology change packet.
    This happens if root port can't be found. This was reported by user
    but currently unable to reproduce it easily. The STP conditions that cause
    this are not known yet, but the problem doesn't have to be fatal.

    Signed-off-by: Stephen Hemminger
    Signed-off-by: David S. Miller

    stephen hemminger
     

29 Apr, 2013

1 commit

  • b0a397fb3   bridge: Add fdb dst check during fdb update ... Browse Code »

    Current bridge fdb update code does not seem to update the port
    during fdb update. This patch adds a check for fdb dst (port)
    change during fdb update. Also rearranges the call to
    fdb_notify to send only one notification for create and update.

    Changelog:
    v2 - Change notify flag to bool

    Signed-off-by: Roopa Prabhu
    Signed-off-by: Stephen Hemminger
    Signed-off-by: David S. Miller

    roopa
     

23 Apr, 2013

1 commit

  • 6e0895c2e   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net ... Browse Code »

    Conflicts:
    drivers/net/ethernet/emulex/benet/be_main.c
    drivers/net/ethernet/intel/igb/igb_main.c
    drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c
    include/net/scm.h
    net/batman-adv/routing.c
    net/ipv4/tcp_input.c

    The e{uid,gid} --> {uid,gid} credentials fix conflicted with the
    cleanup in net-next to now pass cred structs around.

    The be2net driver had a bug fix in 'net' that overlapped with the VLAN
    interface changes by Patrick McHardy in net-next.

    An IGB conflict existed because in 'net' the build_skb() support was
    reverted, and in 'net-next' there was a comment style fix within that
    code.

    Several batman-adv conflicts were resolved by making sure that all
    calls to batadv_is_my_mac() are changed to have a new bat_priv first
    argument.

    Eric Dumazet's TS ECR fix in TCP in 'net' conflicted with the F-RTO
    rewrite in 'net-next', mostly overlapping changes.

    Thanks to Stephen Rothwell and Antonio Quartulli for help with several
    of these merge resolutions.

    Signed-off-by: David S. Miller

    David S. Miller
     

20 Apr, 2013

4 commits

16 Apr, 2013

1 commit

08 Apr, 2013

1 commit

  • d16658206   Merge branch 'master' of git://1984.lsi.us.es/nf-next ... Browse Code »

    Pablo Neira Ayuso says:

    ====================
    The following patchset contains Netfilter and IPVS updates for
    your net-next tree, most relevantly they are:

    * Add net namespace support to NFLOG, ULOG and ebt_ulog and NFQUEUE.
    The LOG and ebt_log target has been also adapted, but they still
    depend on the syslog netnamespace that seems to be missing, from
    Gao Feng.

    * Don't lose indications of congestion in IPv6 fragmentation handling,
    from Hannes Frederic Sowa.i

    * IPVS conversion to use RCU, including some code consolidation patches
    and optimizations, also some from Julian Anastasov.

    * cpu fanout support for NFQUEUE, from Holger Eitzenberger.

    * Better error reporting to userspace when dropping packets from
    all our _*_[xfrm|route]_me_harder functions, from Patrick McHardy.
    ====================

    Signed-off-by: David S. Miller

    David S. Miller
     

06 Apr, 2013

3 commits

  • 5b175b7eb   netfilter: ebt_ulog: add net namespace support for ebt_ulog ... Browse Code »

    Add pernet support to ebt_ulog by means of the new nf_log_set
    function added in (30e0c6a netfilter: nf_log: prepare net
    namespace support for loggers).

    This patch also make ulog_buffers and netlink socket
    ebtulognl per netns.

    Signed-off-by: Gao feng
    Signed-off-by: Pablo Neira Ayuso

    Gao feng
     
  • 7d2789246   netfilter: ebt_log: add net namespace support for ebt_log ... Browse Code »

    Add pernet support to ebt_log by means of the new nf_log_set
    function added in (30e0c6a netfilter: nf_log: prepare net
    namespace support for loggers).

    Since syslog ns has yet not been implemented, we don't want
    the containers to DDOS host's syslogd. So only enable ebt_log
    only from init_net and wait for syslog ns support.

    Signed-off-by: Gao feng
    Signed-off-by: Pablo Neira Ayuso

    Gao feng
     
  • 30e0c6a6b   netfilter: nf_log: prepare net namespace support for loggers ... Browse Code »

    This patch adds netns support to nf_log and it prepares netns
    support for existing loggers. It is composed of four major
    changes.

    1) nf_log_register has been split to two functions: nf_log_register
    and nf_log_set. The new nf_log_register is used to globally
    register the nf_logger and nf_log_set is used for enabling
    pernet support from nf_loggers.

    Per netns is not yet complete after this patch, it comes in
    separate follow up patches.

    2) Add net as a parameter of nf_log_bind_pf. Per netns is not
    yet complete after this patch, it only allows to bind the
    nf_logger to the protocol family from init_net and it skips
    other cases.

    3) Adapt all nf_log_packet callers to pass netns as parameter.
    After this patch, this function only works for init_net.

    4) Make the sysctl net/netfilter/nf_log pernet.

    Signed-off-by: Gao feng
    Signed-off-by: Pablo Neira Ayuso

    Gao feng
     

03 Apr, 2013

1 commit

  • 4a0b5ec12   bridge: remove a redundant synchronize_net() ... Browse Code »

    commit 00cfec37484761 (net: add a synchronize_net() in
    netdev_rx_handler_unregister())
    allows us to remove the synchronized_net() call from del_nbp()

    Signed-off-by: Eric Dumazet
    Cc: Veaceslav Falico
    Cc: Stephen Hemminger
    Acked-by: Veaceslav Falico
    Signed-off-by: David S. Miller

    Eric Dumazet
     

29 Mar, 2013

2 commits

28 Mar, 2013

2 commits

  • e5c5d22e8   net: add ETH_P_802_3_MIN ... Browse Code »

    Add a new constant ETH_P_802_3_MIN, the minimum ethernet type for
    an 802.3 frame. Frames with a lower value in the ethernet type field
    are Ethernet II.

    Also update all the users of this value that David Miller and
    I could find to use the new constant.

    Also correct a bug in util.c. The comparison with ETH_P_802_3_MIN
    should be >= not >.

    As suggested by Jesse Gross.

    Compile tested only.

    Cc: David Miller
    Cc: Jesse Gross
    Cc: Karsten Keil
    Cc: John W. Linville
    Cc: Johannes Berg
    Cc: Bart De Schuymer
    Cc: Stephen Hemminger
    Cc: Patrick McHardy
    Cc: Marcel Holtmann
    Cc: Gustavo Padovan
    Cc: Johan Hedberg
    Cc: linux-bluetooth@vger.kernel.org
    Cc: netfilter-devel@vger.kernel.org
    Cc: bridge@lists.linux-foundation.org
    Cc: linux-wireless@vger.kernel.org
    Cc: linux1394-devel@lists.sourceforge.net
    Cc: linux-media@vger.kernel.org
    Cc: netdev@vger.kernel.org
    Cc: dev@openvswitch.org
    Acked-by: Mauro Carvalho Chehab
    Acked-by: Stefan Richter
    Signed-off-by: Simon Horman
    Signed-off-by: David S. Miller

    Simon Horman
     
  • e2a553dbf   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net ... Browse Code »

    Conflicts:
    include/net/ipip.h

    The changes made to ipip.h in 'net' were already included
    in 'net-next' before that header was moved to another location.

    Signed-off-by: David S. Miller

    David S. Miller
     

26 Mar, 2013

1 commit

  • da1348253   Merge branch 'master' of git://1984.lsi.us.es/nf-next ... Browse Code »

    Pablo Neira Ayuso says:

    ====================
    The following patchset contains Netfilter/IPVS updates for
    your net-next tree, they are:

    * Better performance in nfnetlink_queue by avoiding copy from the
    packet to netlink message, from Eric Dumazet.

    * Remove unnecessary locking in the exit path of ebt_ulog, from Gao Feng.

    * Use new function ipv6_iface_scope_id in nf_ct_ipv6, from Hannes Frederic Sowa.

    * A couple of sparse fixes for IPVS, from Julian Anastasov.

    * Use xor hashing in nfnetlink_queue, as suggested by Eric Dumazet, from
    myself.

    * Allow to dump expectations per master conntrack via ctnetlink, from myself.

    * A couple of cleanups to use PTR_RET in module init path, from Silviu-Mihai
    Popescu.

    * Remove nf_conntrack module a bit faster if netns are in use, from
    Vladimir Davydov.

    * Use checksum_partial in ip6t_NPT, from YOSHIFUJI Hideaki.

    * Sparse fix for nf_conntrack, from Stephen Hemminger.
    ====================

    Signed-off-by: David S. Miller

    David S. Miller
     

25 Mar, 2013

2 commits

  • 9b46922e1   bridge: fix crash when set mac address of br interface ... Browse Code »

    When I tried to set mac address of a bridge interface to a mac
    address which already learned on this bridge, I got system hang.

    The cause is straight forward: function br_fdb_change_mac_address
    calls fdb_insert with NULL source nbp. Then an fdb lookup is
    performed. If an fdb entry is found and it's local, it's OK. But
    if it's not local, source is dereferenced for printk without NULL
    check.

    Signed-off-by: Hong Zhiguo
    Signed-off-by: David S. Miller

    Hong zhi guo
     
  • 7b99a9939   bridge: avoid br_ifinfo_notify when nothing changed ... Browse Code »

    When neither IFF_BRIDGE nor IFF_BRIDGE_PORT is set,
    and afspec == NULL but protinfo != NULL, we run into
    "if (err == 0) br_ifinfo_notify(RTM_NEWLINK, p);" with
    random value in ret.

    Thanks to Sergei for pointing out the error in commit comments.

    Signed-off-by: Hong Zhiguo
    Signed-off-by: David S. Miller

    Hong zhi guo
     

22 Mar, 2013

1 commit

21 Mar, 2013

1 commit

18 Mar, 2013

1 commit

15 Mar, 2013

2 commits

12 Mar, 2013

4 commits

10 Mar, 2013

1 commit

  • c085c4992   bridge: fix mdb info leaks ... Browse Code »

    The bridging code discloses heap and stack bytes via the RTM_GETMDB
    netlink interface and via the notify messages send to group RTNLGRP_MDB
    afer a successful add/del.

    Fix both cases by initializing all unset members/padding bytes with
    memset(0).

    Cc: Stephen Hemminger
    Signed-off-by: Mathias Krause
    Signed-off-by: David S. Miller

    Mathias Krause
     

08 Mar, 2013

2 commits

28 Feb, 2013

1 commit

  • b67bfe0d4   hlist: drop the node parameter from iterators ... Browse Code »

    I'm not sure why, but the hlist for each entry iterators were conceived

    list_for_each_entry(pos, head, member)

    The hlist ones were greedy and wanted an extra parameter:

    hlist_for_each_entry(tpos, pos, head, member)

    Why did they need an extra pos parameter? I'm not quite sure. Not only
    they don't really need it, it also prevents the iterator from looking
    exactly like the list iterator, which is unfortunate.

    Besides the semantic patch, there was some manual work required:

    - Fix up the actual hlist iterators in linux/list.h
    - Fix up the declaration of other iterators based on the hlist ones.
    - A very small amount of places were using the 'node' parameter, this
    was modified to use 'obj->member' instead.
    - Coccinelle didn't handle the hlist_for_each_entry_safe iterator
    properly, so those had to be fixed up manually.

    The semantic patch which is mostly the work of Peter Senna Tschudin is here:

    @@
    iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;

    type T;
    expression a,c,d,e;
    identifier b;
    statement S;
    @@

    -T b;

    [akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
    [akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
    [akpm@linux-foundation.org: checkpatch fixes]
    [akpm@linux-foundation.org: fix warnings]
    [akpm@linux-foudnation.org: redo intrusive kvm changes]
    Tested-by: Peter Senna Tschudin
    Acked-by: Paul E. McKenney
    Signed-off-by: Sasha Levin
    Cc: Wu Fengguang
    Cc: Marcelo Tosatti
    Cc: Gleb Natapov
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Sasha Levin
     

15 Feb, 2013

1 commit

14 Feb, 2013

4 commits

  • 35e03f3a0   bridge: Separate egress policy bitmap ... Browse Code »

    Add an ability to configure a separate "untagged" egress
    policy to the VLAN information of the bridge. This superseeds PVID
    policy and makes PVID ingress-only. The policy is configured with a
    new flag and is represented as a port bitmap per vlan. Egress frames
    with a VLAN id in "untagged" policy bitmap would egress
    the port without VLAN header.

    Signed-off-by: Vlad Yasevich
    Signed-off-by: David S. Miller

    Vlad Yasevich
     
  • bc9a25d21   bridge: Add vlan support for local fdb entries ... Browse Code »

    When VLAN is added to the port, a local fdb entry for that port
    (the entry with the mac address of the port) is added for that
    VLAN. This way we can correctly determine if the traffic
    is for the bridge itself. If the address of the port changes,
    we try to change all the local fdb entries we have for that port.

    Signed-off-by: Vlad Yasevich
    Signed-off-by: David S. Miller

    Vlad Yasevich
     
  • 1690be63a   bridge: Add vlan support to static neighbors ... Browse Code »

    When a user adds bridge neighbors, allow him to specify VLAN id.
    If the VLAN id is not specified, the neighbor will be added
    for VLANs currently in the ports filter list. If no VLANs are
    configured on the port, we use vlan 0 and only add 1 entry.

    Signed-off-by: Vlad Yasevich
    Acked-by: Jitendra Kalsaria
    Signed-off-by: David S. Miller

    Vlad Yasevich
     
  • b0e9a30dd   bridge: Add vlan id to multicast groups ... Browse Code »

    Add vlan_id to multicasts groups so that we know which vlan
    each group belongs to and can correctly forward to appropriate vlan.

    Signed-off-by: Vlad Yasevich
    Signed-off-by: David S. Miller

    Vlad Yasevich