Received: by 10.213.65.68 with SMTP id h4csp1817993imn; Thu, 29 Mar 2018 11:35:49 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+aP0LGxoEj4n0JuLkLkg7IeWcu61nWkTh/001hd2RfU/gBv+KMzgCaaL7jAyT1nB4X2xMB X-Received: by 2002:a17:902:2d01:: with SMTP id o1-v6mr9361341plb.309.1522348549696; Thu, 29 Mar 2018 11:35:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522348549; cv=none; d=google.com; s=arc-20160816; b=AMJnYqOHLMqSyF9nfrwJi3f7fn7cxipATNcoGUUYLpST5tON3w4PaXK3DV4iMiYYZt mQ7yZBgDNg/oVLfGw+oatl0OeRXKMl1wegHp/LwivUwZT+OgK2/Dp6nk7NOBEoQhtTRn EtSzzMp+S4lAyDL35Rf4V3UOsVaFE+r4ibixXA57J98rvjl1h4NsXBzslxc55yxdY86q +TWW5Lqjk60J5SDL75XxdpqlQGtuD6VpU+rOSLjWqD4nLPEq/yhxVAuDMyUQNqYvrkPH MxKptZn5kCzOhhHSpe/HRIIggBX10RoTGQ3iJnrqdkosqBUHKyxYet8bd0Uut845c04+ xS5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=f2rWHV7X+VzOAdj7mwYMp624qf4hnKJ1YkC8SaSJrGI=; b=hUgxmWZLx2A0nvI88Ht9i1aRBXqPQTdkTIQWiyieRVqPPyT/adQDZqd70ZCvc0M55P FZRJtRSIpr8PX67i65PNgToaPh1ppNRSmuuMLnmoR2aMkvD6EVXxmVIGqnwmWiC66XpL ipuOPP1JhObNE4BaOj15aLWqcSx/vF0FAuLr+xmwSgY8hbGCHTYm6QFnxeON1aMvRUb7 kUWlR7/cluUHqA6J7qZFG46QWC5h6hmhV5O6zociBnhE7/iup+K5cSXn9WEDTab0yNH+ jtr5JRyUf0B6yKWE2cwEkxt6BXnMhN3m+0fKvVUL3MyOXWtzy9yYFopW+6yKQd7ifRjG wPPg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 142si3613023pgg.29.2018.03.29.11.35.31; Thu, 29 Mar 2018 11:35:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752838AbeC2SDH (ORCPT + 99 others); Thu, 29 Mar 2018 14:03:07 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:58404 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752147AbeC2SDF (ORCPT ); Thu, 29 Mar 2018 14:03:05 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 6E5E9C19; Thu, 29 Mar 2018 18:03:04 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Alexey Kodanev , Shannon Nelson , "David S. Miller" Subject: [PATCH 4.15 09/47] macvlan: filter out unsupported feature flags Date: Thu, 29 Mar 2018 19:59:50 +0200 Message-Id: <20180329175729.812639758@linuxfoundation.org> X-Mailer: git-send-email 2.16.3 In-Reply-To: <20180329175729.225211114@linuxfoundation.org> References: <20180329175729.225211114@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.15-stable review patch. If anyone has any objections, please let me know. ------------------ From: Shannon Nelson [ Upstream commit 13fbcc8dc573482dd3f27568257fd7087f8935f4 ] Adding a macvlan device on top of a lowerdev that supports the xfrm offloads fails with a new regression: # ip link add link ens1f0 mv0 type macvlan RTNETLINK answers: Operation not permitted Tracing down the failure shows that the macvlan device inherits the NETIF_F_HW_ESP and NETIF_F_HW_ESP_TX_CSUM feature flags from the lowerdev, but with no dev->xfrmdev_ops API filled in, it doesn't actually support xfrm. When the request is made to add the new macvlan device, the XFRM listener for NETDEV_REGISTER calls xfrm_api_check() which fails the new registration because dev->xfrmdev_ops is NULL. The macvlan creation succeeds when we filter out the ESP feature flags in macvlan_fix_features(), so let's filter them out like we're already filtering out ~NETIF_F_NETNS_LOCAL. When XFRM support is added in the future, we can add the flags into MACVLAN_FEATURES. This same problem could crop up in the future with any other new feature flags, so let's filter out any flags that aren't defined as supported in macvlan. Fixes: d77e38e612a0 ("xfrm: Add an IPsec hardware offloading API") Reported-by: Alexey Kodanev Signed-off-by: Shannon Nelson Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/macvlan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/net/macvlan.c +++ b/drivers/net/macvlan.c @@ -1036,7 +1036,7 @@ static netdev_features_t macvlan_fix_fea lowerdev_features &= (features | ~NETIF_F_LRO); features = netdev_increment_features(lowerdev_features, features, mask); features |= ALWAYS_ON_FEATURES; - features &= ~NETIF_F_NETNS_LOCAL; + features &= (ALWAYS_ON_FEATURES | MACVLAN_FEATURES); return features; }