This is the start of the stable review cycle for the 4.19.1 release.
There are 24 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sun Nov 4 18:28:10 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.1-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <[email protected]>
Linux 4.19.1-rc1
Nikolay Aleksandrov <[email protected]>
net: bridge: remove ipv6 zero address check in mcast queries
David S. Miller <[email protected]>
sparc64: Wire up compat getpeername and getsockname.
David Miller <[email protected]>
sparc64: Make corrupted user stacks more debuggable.
David S. Miller <[email protected]>
sparc64: Export __node_distance.
Xin Long <[email protected]>
sctp: check policy more carefully when getting pr status
Ivan Vecera <[email protected]>
Revert "be2net: remove desc field from be_eq_obj"
Heiner Kallweit <[email protected]>
r8169: fix broken Wake-on-LAN from S5 (poweroff)
David S. Miller <[email protected]>
net: Properly unlink GRO packets on overflow.
Cong Wang <[email protected]>
net: drop skb on failure in ip_check_defrag()
Shalom Toledo <[email protected]>
mlxsw: core: Fix devlink unregister flow
Petr Machata <[email protected]>
mlxsw: spectrum_switchdev: Don't ignore deletions of learned MACs
Karsten Graul <[email protected]>
net/smc: fix smc_buf_unuse to use the lgr pointer
David Ahern <[email protected]>
net/ipv6: Allow onlink routes to have a device mismatch if it is the default route
Jaime Caamaño Ruiz <[email protected]>
openvswitch: Fix push/pop ethernet validation
Tobias Jungel <[email protected]>
bonding: fix length of actor system
Jason Wang <[email protected]>
vhost: Fix Spectre V1 vulnerability
Ido Schimmel <[email protected]>
rtnetlink: Disallow FDB configuration for non-Ethernet device
Karsten Graul <[email protected]>
Revert "net: simplify sock_poll_wait"
Sean Tranchetti <[email protected]>
net: udp: fix handling of CHECKSUM_COMPLETE packets
Niklas Cassel <[email protected]>
net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules
Jakub Kicinski <[email protected]>
net: sched: gred: pass the right attribute to gred_change_table_def()
Eric Dumazet <[email protected]>
net/mlx5e: fix csum adjustments caused by RXFCS
Stefano Brivio <[email protected]>
ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called
Hangbin Liu <[email protected]>
bridge: do not add port to router list when receives query with source 0.0.0.0
-------------
Diffstat:
Makefile | 4 +-
arch/sparc/include/asm/switch_to_64.h | 3 +-
arch/sparc/kernel/process_64.c | 25 +++++++++---
arch/sparc/kernel/rtrap_64.S | 1 +
arch/sparc/kernel/signal32.c | 12 +++++-
arch/sparc/kernel/signal_64.c | 6 ++-
arch/sparc/kernel/systbls_64.S | 4 +-
arch/sparc/mm/init_64.c | 1 +
crypto/af_alg.c | 2 +-
drivers/net/bonding/bond_netlink.c | 3 +-
drivers/net/ethernet/emulex/benet/be.h | 1 +
drivers/net/ethernet/emulex/benet/be_main.c | 6 +--
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 45 +++++-----------------
drivers/net/ethernet/mellanox/mlxsw/core.c | 24 ++++++++----
.../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 2 -
drivers/net/ethernet/realtek/r8169.c | 9 ++++-
drivers/net/ethernet/stmicro/stmmac/stmmac_mdio.c | 2 +-
drivers/vhost/vhost.c | 2 +
include/net/sock.h | 12 ++++--
net/atm/common.c | 2 +-
net/bridge/br_multicast.c | 9 ++++-
net/caif/caif_socket.c | 2 +-
net/core/datagram.c | 7 ++--
net/core/dev.c | 1 +
net/core/rtnetlink.c | 10 +++++
net/dccp/proto.c | 2 +-
net/ipv4/ip_fragment.c | 12 ++++--
net/ipv4/tcp.c | 2 +-
net/ipv4/udp.c | 20 +++++++++-
net/ipv6/ip6_checksum.c | 20 +++++++++-
net/ipv6/ndisc.c | 3 +-
net/ipv6/route.c | 2 +
net/iucv/af_iucv.c | 2 +-
net/nfc/llcp_sock.c | 2 +-
net/openvswitch/flow_netlink.c | 4 +-
net/rxrpc/af_rxrpc.c | 2 +-
net/sched/sch_gred.c | 2 +-
net/sctp/socket.c | 8 ++--
net/smc/af_smc.c | 2 +-
net/smc/smc_core.c | 25 ++++++------
net/tipc/socket.c | 2 +-
net/unix/af_unix.c | 4 +-
tools/testing/selftests/net/fib-onlink-tests.sh | 14 +++----
43 files changed, 200 insertions(+), 123 deletions(-)
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Hangbin Liu <[email protected]>
[ Upstream commit 5a2de63fd1a59c30c02526d427bc014b98adf508 ]
Based on RFC 4541, 2.1.1. IGMP Forwarding Rules
The switch supporting IGMP snooping must maintain a list of
multicast routers and the ports on which they are attached. This
list can be constructed in any combination of the following ways:
a) This list should be built by the snooping switch sending
Multicast Router Solicitation messages as described in IGMP
Multicast Router Discovery [MRDISC]. It may also snoop
Multicast Router Advertisement messages sent by and to other
nodes.
b) The arrival port for IGMP Queries (sent by multicast routers)
where the source address is not 0.0.0.0.
We should not add the port to router list when receives query with source
0.0.0.0.
Reported-by: Ying Xu <[email protected]>
Signed-off-by: Hangbin Liu <[email protected]>
Acked-by: Nikolay Aleksandrov <[email protected]>
Acked-by: Roopa Prabhu <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/bridge/br_multicast.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
--- a/net/bridge/br_multicast.c
+++ b/net/bridge/br_multicast.c
@@ -1420,7 +1420,15 @@ static void br_multicast_query_received(
return;
br_multicast_update_query_timer(br, query, max_delay);
- br_multicast_mark_router(br, port);
+
+ /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules,
+ * the arrival port for IGMP Queries where the source address
+ * is 0.0.0.0 should not be added to router port list.
+ */
+ if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
+ (saddr->proto == htons(ETH_P_IPV6) &&
+ !ipv6_addr_any(&saddr->u.ip6)))
+ br_multicast_mark_router(br, port);
}
static void br_ip4_multicast_query(struct net_bridge *br,
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Eric Dumazet <[email protected]>
[ Upstream commit d48051c5b8376038c2b287c3b1bd55b8d391d567 ]
As shown by Dmitris, we need to use csum_block_add() instead of csum_add()
when adding the FCS contribution to skb csum.
Before 4.18 (more exactly commit 88078d98d1bb "net: pskb_trim_rcsum()
and CHECKSUM_COMPLETE are friends"), the whole skb csum was thrown away,
so RXFCS changes were ignored.
Then before commit d55bef5059dd ("net: fix pskb_trim_rcsum_slow() with
odd trim offset") both mlx5 and pskb_trim_rcsum_slow() bugs were canceling
each other.
Now we fixed pskb_trim_rcsum_slow() we need to fix mlx5.
Note that this patch also rewrites mlx5e_get_fcs() to :
- Use skb_header_pointer() instead of reinventing it.
- Use __get_unaligned_cpu32() to avoid possible non aligned accesses
as Dmitris pointed out.
Fixes: 902a545904c7 ("net/mlx5e: When RXFCS is set, add FCS data into checksum calculation")
Reported-by: Paweł Staszewski <[email protected]>
Signed-off-by: Eric Dumazet <[email protected]>
Cc: Eran Ben Elisha <[email protected]>
Cc: Saeed Mahameed <[email protected]>
Cc: Dimitris Michailidis <[email protected]>
Cc: Cong Wang <[email protected]>
Cc: Paweł Staszewski <[email protected]>
Reviewed-by: Eran Ben Elisha <[email protected]>
Tested-By: Maria Pasechnik <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 45 ++++--------------------
1 file changed, 9 insertions(+), 36 deletions(-)
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
@@ -696,43 +696,15 @@ static inline bool is_last_ethertype_ip(
return (ethertype == htons(ETH_P_IP) || ethertype == htons(ETH_P_IPV6));
}
-static __be32 mlx5e_get_fcs(struct sk_buff *skb)
+static u32 mlx5e_get_fcs(const struct sk_buff *skb)
{
- int last_frag_sz, bytes_in_prev, nr_frags;
- u8 *fcs_p1, *fcs_p2;
- skb_frag_t *last_frag;
- __be32 fcs_bytes;
-
- if (!skb_is_nonlinear(skb))
- return *(__be32 *)(skb->data + skb->len - ETH_FCS_LEN);
-
- nr_frags = skb_shinfo(skb)->nr_frags;
- last_frag = &skb_shinfo(skb)->frags[nr_frags - 1];
- last_frag_sz = skb_frag_size(last_frag);
-
- /* If all FCS data is in last frag */
- if (last_frag_sz >= ETH_FCS_LEN)
- return *(__be32 *)(skb_frag_address(last_frag) +
- last_frag_sz - ETH_FCS_LEN);
-
- fcs_p2 = (u8 *)skb_frag_address(last_frag);
- bytes_in_prev = ETH_FCS_LEN - last_frag_sz;
-
- /* Find where the other part of the FCS is - Linear or another frag */
- if (nr_frags == 1) {
- fcs_p1 = skb_tail_pointer(skb);
- } else {
- skb_frag_t *prev_frag = &skb_shinfo(skb)->frags[nr_frags - 2];
+ const void *fcs_bytes;
+ u32 _fcs_bytes;
- fcs_p1 = skb_frag_address(prev_frag) +
- skb_frag_size(prev_frag);
- }
- fcs_p1 -= bytes_in_prev;
-
- memcpy(&fcs_bytes, fcs_p1, bytes_in_prev);
- memcpy(((u8 *)&fcs_bytes) + bytes_in_prev, fcs_p2, last_frag_sz);
+ fcs_bytes = skb_header_pointer(skb, skb->len - ETH_FCS_LEN,
+ ETH_FCS_LEN, &_fcs_bytes);
- return fcs_bytes;
+ return __get_unaligned_cpu32(fcs_bytes);
}
static inline void mlx5e_handle_csum(struct net_device *netdev,
@@ -765,8 +737,9 @@ static inline void mlx5e_handle_csum(str
network_depth - ETH_HLEN,
skb->csum);
if (unlikely(netdev->features & NETIF_F_RXFCS))
- skb->csum = csum_add(skb->csum,
- (__force __wsum)mlx5e_get_fcs(skb));
+ skb->csum = csum_block_add(skb->csum,
+ (__force __wsum)mlx5e_get_fcs(skb),
+ skb->len - ETH_FCS_LEN);
stats->csum_complete++;
return;
}
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: David Ahern <[email protected]>
[ Upstream commit 4ed591c8ab44e711e56b8e021ffaf4f407c045f5 ]
The intent of ip6_route_check_nh_onlink is to make sure the gateway
given for an onlink route is not actually on a connected route for
a different interface (e.g., 2001:db8:1::/64 is on dev eth1 and then
an onlink route has a via 2001:db8:1::1 dev eth2). If the gateway
lookup hits the default route then it most likely will be a different
interface than the onlink route which is ok.
Update ip6_route_check_nh_onlink to disregard the device mismatch
if the gateway lookup hits the default route. Turns out the existing
onlink tests are passing because there is no default route or it is
an unreachable default, so update the onlink tests to have a default
route other than unreachable.
Fixes: fc1e64e1092f6 ("net/ipv6: Add support for onlink flag")
Signed-off-by: David Ahern <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/ipv6/route.c | 2 ++
tools/testing/selftests/net/fib-onlink-tests.sh | 14 +++++++-------
2 files changed, 9 insertions(+), 7 deletions(-)
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -2799,6 +2799,8 @@ static int ip6_route_check_nh_onlink(str
grt = ip6_nh_lookup_table(net, cfg, gw_addr, tbid, 0);
if (grt) {
if (!grt->dst.error &&
+ /* ignore match if it is the default route */
+ grt->from && !ipv6_addr_any(&grt->from->fib6_dst.addr) &&
(grt->rt6i_flags & flags || dev != grt->dst.dev)) {
NL_SET_ERR_MSG(extack,
"Nexthop has invalid gateway or device mismatch");
--- a/tools/testing/selftests/net/fib-onlink-tests.sh
+++ b/tools/testing/selftests/net/fib-onlink-tests.sh
@@ -167,8 +167,8 @@ setup()
# add vrf table
ip li add ${VRF} type vrf table ${VRF_TABLE}
ip li set ${VRF} up
- ip ro add table ${VRF_TABLE} unreachable default
- ip -6 ro add table ${VRF_TABLE} unreachable default
+ ip ro add table ${VRF_TABLE} unreachable default metric 8192
+ ip -6 ro add table ${VRF_TABLE} unreachable default metric 8192
# create test interfaces
ip li add ${NETIFS[p1]} type veth peer name ${NETIFS[p2]}
@@ -185,20 +185,20 @@ setup()
for n in 1 3 5 7; do
ip li set ${NETIFS[p${n}]} up
ip addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]}
- ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]}
+ ip addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad
done
# move peer interfaces to namespace and add addresses
for n in 2 4 6 8; do
ip li set ${NETIFS[p${n}]} netns ${PEER_NS} up
ip -netns ${PEER_NS} addr add ${V4ADDRS[p${n}]}/24 dev ${NETIFS[p${n}]}
- ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]}
+ ip -netns ${PEER_NS} addr add ${V6ADDRS[p${n}]}/64 dev ${NETIFS[p${n}]} nodad
done
- set +e
+ ip -6 ro add default via ${V6ADDRS[p3]/::[0-9]/::64}
+ ip -6 ro add table ${VRF_TABLE} default via ${V6ADDRS[p7]/::[0-9]/::64}
- # let DAD complete - assume default of 1 probe
- sleep 1
+ set +e
}
cleanup()
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Shalom Toledo <[email protected]>
[ Upstream commit a22712a962912faf257e857ab6857f56a93cfb34 ]
After a failed reload, the driver is still registered to devlink, its
devlink instance is still allocated and the 'reload_fail' flag is set.
Then, in the next reload try, the driver's allocated devlink instance will
be freed without unregistering from devlink and its components (e.g,
resources). This scenario can cause a use-after-free if the user tries to
execute command via devlink user-space tool.
Fix by not freeing the devlink instance during reload (failed or not).
Fixes: 24cc68ad6c46 ("mlxsw: core: Add support for reload")
Signed-off-by: Shalom Toledo <[email protected]>
Reviewed-by: Jiri Pirko <[email protected]>
Signed-off-by: Ido Schimmel <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/ethernet/mellanox/mlxsw/core.c | 24 +++++++++++++++++-------
1 file changed, 17 insertions(+), 7 deletions(-)
--- a/drivers/net/ethernet/mellanox/mlxsw/core.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/core.c
@@ -943,8 +943,8 @@ static int mlxsw_devlink_core_bus_device
mlxsw_core->bus,
mlxsw_core->bus_priv, true,
devlink);
- if (err)
- mlxsw_core->reload_fail = true;
+ mlxsw_core->reload_fail = !!err;
+
return err;
}
@@ -1083,8 +1083,15 @@ void mlxsw_core_bus_device_unregister(st
{
struct devlink *devlink = priv_to_devlink(mlxsw_core);
- if (mlxsw_core->reload_fail)
- goto reload_fail;
+ if (mlxsw_core->reload_fail) {
+ if (!reload)
+ /* Only the parts that were not de-initialized in the
+ * failed reload attempt need to be de-initialized.
+ */
+ goto reload_fail_deinit;
+ else
+ return;
+ }
if (mlxsw_core->driver->fini)
mlxsw_core->driver->fini(mlxsw_core);
@@ -1098,9 +1105,12 @@ void mlxsw_core_bus_device_unregister(st
if (!reload)
devlink_resources_unregister(devlink, NULL);
mlxsw_core->bus->fini(mlxsw_core->bus_priv);
- if (reload)
- return;
-reload_fail:
+
+ return;
+
+reload_fail_deinit:
+ devlink_unregister(devlink);
+ devlink_resources_unregister(devlink, NULL);
devlink_free(devlink);
}
EXPORT_SYMBOL(mlxsw_core_bus_device_unregister);
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Cong Wang <[email protected]>
[ Upstream commit 7de414a9dd91426318df7b63da024b2b07e53df5 ]
Most callers of pskb_trim_rcsum() simply drop the skb when
it fails, however, ip_check_defrag() still continues to pass
the skb up to stack. This is suspicious.
In ip_check_defrag(), after we learn the skb is an IP fragment,
passing the skb to callers makes no sense, because callers expect
fragments are defrag'ed on success. So, dropping the skb when we
can't defrag it is reasonable.
Note, prior to commit 88078d98d1bb, this is not a big problem as
checksum will be fixed up anyway. After it, the checksum is not
correct on failure.
Found this during code review.
Fixes: 88078d98d1bb ("net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends")
Cc: Eric Dumazet <[email protected]>
Signed-off-by: Cong Wang <[email protected]>
Reviewed-by: Eric Dumazet <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/ipv4/ip_fragment.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -720,10 +720,14 @@ struct sk_buff *ip_check_defrag(struct n
if (ip_is_fragment(&iph)) {
skb = skb_share_check(skb, GFP_ATOMIC);
if (skb) {
- if (!pskb_may_pull(skb, netoff + iph.ihl * 4))
- return skb;
- if (pskb_trim_rcsum(skb, netoff + len))
- return skb;
+ if (!pskb_may_pull(skb, netoff + iph.ihl * 4)) {
+ kfree_skb(skb);
+ return NULL;
+ }
+ if (pskb_trim_rcsum(skb, netoff + len)) {
+ kfree_skb(skb);
+ return NULL;
+ }
memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
if (ip_defrag(net, skb, user))
return NULL;
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: "David S. Miller" <[email protected]>
[ Upstream commti ece23711dd956cd5053c9cb03e9fe0668f9c8894 ]
Just like with normal GRO processing, we have to initialize
skb->next to NULL when we unlink overflow packets from the
GRO hash lists.
Fixes: d4546c2509b1 ("net: Convert GRO SKB handling to list_head.")
Reported-by: Oleksandr Natalenko <[email protected]>
Tested-by: Oleksandr Natalenko <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/core/dev.c | 1 +
1 file changed, 1 insertion(+)
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -5431,6 +5431,7 @@ static void gro_flush_oldest(struct list
* SKB to the chain.
*/
list_del(&oldest->list);
+ oldest->next = NULL;
napi_gro_complete(oldest);
}
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Heiner Kallweit <[email protected]>
[ Upstream commit 649f0837a8cc2b39329f2de00fa0d04b029291c5 ]
It was reported that WoL from S5 is broken (WoL from S3 works) and the
analysis showed that during system shutdown the network interface was
brought down already when the actual kernel shutdown started.
Therefore netif_running() returned false and as a consequence the PHY
was suspended. Obviously WoL wasn't working then.
To fix this the original patch needs to be effectively reverted.
A side effect is that when normally bringing down the interface and
WoL is enabled the PHY will remain powered on (like it was before the
original patch).
Fixes: fe87bef01f9b ("r8169: don't check WoL when powering down PHY and interface is down")
Reported-by: Neil MacLeod <[email protected]>
Signed-off-by: Heiner Kallweit <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/ethernet/realtek/r8169.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
--- a/drivers/net/ethernet/realtek/r8169.c
+++ b/drivers/net/ethernet/realtek/r8169.c
@@ -4175,10 +4175,15 @@ static void rtl_wol_suspend_quirk(struct
static bool rtl_wol_pll_power_down(struct rtl8169_private *tp)
{
- if (!netif_running(tp->dev) || !__rtl8169_get_wol(tp))
+ struct phy_device *phydev;
+
+ if (!__rtl8169_get_wol(tp))
return false;
- phy_speed_down(tp->dev->phydev, false);
+ /* phydev may not be attached to netdevice */
+ phydev = mdiobus_get_phy(tp->mii_bus, 0);
+
+ phy_speed_down(phydev, false);
rtl_wol_suspend_quirk(tp);
return true;
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jakub Kicinski <[email protected]>
[ Upstream commit 38b4f18d56372e1e21771ab7b0357b853330186c ]
gred_change_table_def() takes a pointer to TCA_GRED_DPS attribute,
and expects it will be able to interpret its contents as
struct tc_gred_sopt. Pass the correct gred attribute, instead of
TCA_OPTIONS.
This bug meant the table definition could never be changed after
Qdisc was initialized (unless whatever TCA_OPTIONS contained both
passed netlink validation and was a valid struct tc_gred_sopt...).
Old behaviour:
$ ip link add type dummy
$ tc qdisc replace dev dummy0 parent root handle 7: \
gred setup vqs 4 default 0
$ tc qdisc replace dev dummy0 parent root handle 7: \
gred setup vqs 4 default 0
RTNETLINK answers: Invalid argument
Now:
$ ip link add type dummy
$ tc qdisc replace dev dummy0 parent root handle 7: \
gred setup vqs 4 default 0
$ tc qdisc replace dev dummy0 parent root handle 7: \
gred setup vqs 4 default 0
$ tc qdisc replace dev dummy0 parent root handle 7: \
gred setup vqs 4 default 0
Fixes: f62d6b936df5 ("[PKT_SCHED]: GRED: Use central VQ change procedure")
Signed-off-by: Jakub Kicinski <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/sched/sch_gred.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/net/sched/sch_gred.c
+++ b/net/sched/sch_gred.c
@@ -413,7 +413,7 @@ static int gred_change(struct Qdisc *sch
if (tb[TCA_GRED_PARMS] == NULL && tb[TCA_GRED_STAB] == NULL) {
if (tb[TCA_GRED_LIMIT] != NULL)
sch->limit = nla_get_u32(tb[TCA_GRED_LIMIT]);
- return gred_change_table_def(sch, opt);
+ return gred_change_table_def(sch, tb[TCA_GRED_DPS]);
}
if (tb[TCA_GRED_PARMS] == NULL ||
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Sean Tranchetti <[email protected]>
[ Upstream commit db4f1be3ca9b0ef7330763d07bf4ace83ad6f913 ]
Current handling of CHECKSUM_COMPLETE packets by the UDP stack is
incorrect for any packet that has an incorrect checksum value.
udp4/6_csum_init() will both make a call to
__skb_checksum_validate_complete() to initialize/validate the csum
field when receiving a CHECKSUM_COMPLETE packet. When this packet
fails validation, skb->csum will be overwritten with the pseudoheader
checksum so the packet can be fully validated by software, but the
skb->ip_summed value will be left as CHECKSUM_COMPLETE so that way
the stack can later warn the user about their hardware spewing bad
checksums. Unfortunately, leaving the SKB in this state can cause
problems later on in the checksum calculation.
Since the the packet is still marked as CHECKSUM_COMPLETE,
udp_csum_pull_header() will SUBTRACT the checksum of the UDP header
from skb->csum instead of adding it, leaving us with a garbage value
in that field. Once we try to copy the packet to userspace in the
udp4/6_recvmsg(), we'll make a call to skb_copy_and_csum_datagram_msg()
to checksum the packet data and add it in the garbage skb->csum value
to perform our final validation check.
Since the value we're validating is not the proper checksum, it's possible
that the folded value could come out to 0, causing us not to drop the
packet. Instead, we believe that the packet was checksummed incorrectly
by hardware since skb->ip_summed is still CHECKSUM_COMPLETE, and we attempt
to warn the user with netdev_rx_csum_fault(skb->dev);
Unfortunately, since this is the UDP path, skb->dev has been overwritten
by skb->dev_scratch and is no longer a valid pointer, so we end up
reading invalid memory.
This patch addresses this problem in two ways:
1) Do not use the dev pointer when calling netdev_rx_csum_fault()
from skb_copy_and_csum_datagram_msg(). Since this gets called
from the UDP path where skb->dev has been overwritten, we have
no way of knowing if the pointer is still valid. Also for the
sake of consistency with the other uses of
netdev_rx_csum_fault(), don't attempt to call it if the
packet was checksummed by software.
2) Add better CHECKSUM_COMPLETE handling to udp4/6_csum_init().
If we receive a packet that's CHECKSUM_COMPLETE that fails
verification (i.e. skb->csum_valid == 0), check who performed
the calculation. It's possible that the checksum was done in
software by the network stack earlier (such as Netfilter's
CONNTRACK module), and if that says the checksum is bad,
we can drop the packet immediately instead of waiting until
we try and copy it to userspace. Otherwise, we need to
mark the SKB as CHECKSUM_NONE, since the skb->csum field
no longer contains the full packet checksum after the
call to __skb_checksum_validate_complete().
Fixes: e6afc8ace6dd ("udp: remove headers from UDP packets before queueing")
Fixes: c84d949057ca ("udp: copy skb->truesize in the first cache line")
Cc: Sam Kumar <[email protected]>
Cc: Eric Dumazet <[email protected]>
Signed-off-by: Sean Tranchetti <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/core/datagram.c | 5 +++--
net/ipv4/udp.c | 20 ++++++++++++++++++--
net/ipv6/ip6_checksum.c | 20 ++++++++++++++++++--
3 files changed, 39 insertions(+), 6 deletions(-)
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -808,8 +808,9 @@ int skb_copy_and_csum_datagram_msg(struc
return -EINVAL;
}
- if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE))
- netdev_rx_csum_fault(skb->dev);
+ if (unlikely(skb->ip_summed == CHECKSUM_COMPLETE) &&
+ !skb->csum_complete_sw)
+ netdev_rx_csum_fault(NULL);
}
return 0;
fault:
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -2120,8 +2120,24 @@ static inline int udp4_csum_init(struct
/* Note, we are only interested in != 0 or == 0, thus the
* force to int.
*/
- return (__force int)skb_checksum_init_zero_check(skb, proto, uh->check,
- inet_compute_pseudo);
+ err = (__force int)skb_checksum_init_zero_check(skb, proto, uh->check,
+ inet_compute_pseudo);
+ if (err)
+ return err;
+
+ if (skb->ip_summed == CHECKSUM_COMPLETE && !skb->csum_valid) {
+ /* If SW calculated the value, we know it's bad */
+ if (skb->csum_complete_sw)
+ return 1;
+
+ /* HW says the value is bad. Let's validate that.
+ * skb->csum is no longer the full packet checksum,
+ * so don't treat it as such.
+ */
+ skb_checksum_complete_unset(skb);
+ }
+
+ return 0;
}
/* wrapper for udp_queue_rcv_skb tacking care of csum conversion and
--- a/net/ipv6/ip6_checksum.c
+++ b/net/ipv6/ip6_checksum.c
@@ -88,8 +88,24 @@ int udp6_csum_init(struct sk_buff *skb,
* Note, we are only interested in != 0 or == 0, thus the
* force to int.
*/
- return (__force int)skb_checksum_init_zero_check(skb, proto, uh->check,
- ip6_compute_pseudo);
+ err = (__force int)skb_checksum_init_zero_check(skb, proto, uh->check,
+ ip6_compute_pseudo);
+ if (err)
+ return err;
+
+ if (skb->ip_summed == CHECKSUM_COMPLETE && !skb->csum_valid) {
+ /* If SW calculated the value, we know it's bad */
+ if (skb->csum_complete_sw)
+ return 1;
+
+ /* HW says the value is bad. Let's validate that.
+ * skb->csum is no longer the full packet checksum,
+ * so don't treat is as such.
+ */
+ skb_checksum_complete_unset(skb);
+ }
+
+ return 0;
}
EXPORT_SYMBOL(udp6_csum_init);
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Niklas Cassel <[email protected]>
[ Upstream commit 30549aab146ccb1275230c3b4b4bc6b4181fd54e ]
When building stmmac, it is only possible to select CONFIG_DWMAC_GENERIC,
or any of the glue drivers, when CONFIG_STMMAC_PLATFORM is set.
The only exception is CONFIG_STMMAC_PCI.
When calling of_mdiobus_register(), it will call our ->reset()
callback, which is set to stmmac_mdio_reset().
Most of the code in stmmac_mdio_reset() is protected by a
"#if defined(CONFIG_STMMAC_PLATFORM)", which will evaluate
to false when CONFIG_STMMAC_PLATFORM=m.
Because of this, the phy reset gpio will only be pulled when
stmmac is built as built-in, but not when built as modules.
Fix this by using "#if IS_ENABLED()" instead of "#if defined()".
Signed-off-by: Niklas Cassel <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/ethernet/stmicro/stmmac/stmmac_mdio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/net/ethernet/stmicro/stmmac/stmmac_mdio.c
+++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_mdio.c
@@ -243,7 +243,7 @@ static int stmmac_mdio_write(struct mii_
*/
int stmmac_mdio_reset(struct mii_bus *bus)
{
-#if defined(CONFIG_STMMAC_PLATFORM)
+#if IS_ENABLED(CONFIG_STMMAC_PLATFORM)
struct net_device *ndev = bus->priv;
struct stmmac_priv *priv = netdev_priv(ndev);
unsigned int mii_address = priv->hw->mii.addr;
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Karsten Graul <[email protected]>
[ Upstream commit 89ab066d4229acd32e323f1569833302544a4186 ]
This reverts commit dd979b4df817e9976f18fb6f9d134d6bc4a3c317.
This broke tcp_poll for SMC fallback: An AF_SMC socket establishes an
internal TCP socket for the initial handshake with the remote peer.
Whenever the SMC connection can not be established this TCP socket is
used as a fallback. All socket operations on the SMC socket are then
forwarded to the TCP socket. In case of poll, the file->private_data
pointer references the SMC socket because the TCP socket has no file
assigned. This causes tcp_poll to wait on the wrong socket.
Signed-off-by: Karsten Graul <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
crypto/af_alg.c | 2 +-
include/net/sock.h | 12 +++++++++---
net/atm/common.c | 2 +-
net/caif/caif_socket.c | 2 +-
net/core/datagram.c | 2 +-
net/dccp/proto.c | 2 +-
net/ipv4/tcp.c | 2 +-
net/iucv/af_iucv.c | 2 +-
net/nfc/llcp_sock.c | 2 +-
net/rxrpc/af_rxrpc.c | 2 +-
net/smc/af_smc.c | 2 +-
net/tipc/socket.c | 2 +-
net/unix/af_unix.c | 4 ++--
13 files changed, 22 insertions(+), 16 deletions(-)
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -1071,7 +1071,7 @@ __poll_t af_alg_poll(struct file *file,
struct af_alg_ctx *ctx = ask->private;
__poll_t mask;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
if (!ctx->more || ctx->used)
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -2057,14 +2057,20 @@ static inline bool skwq_has_sleeper(stru
/**
* sock_poll_wait - place memory barrier behind the poll_wait call.
* @filp: file
+ * @sock: socket to wait on
* @p: poll_table
*
* See the comments in the wq_has_sleeper function.
+ *
+ * Do not derive sock from filp->private_data here. An SMC socket establishes
+ * an internal TCP socket that is used in the fallback case. All socket
+ * operations on the SMC socket are then forwarded to the TCP socket. In case of
+ * poll, the filp->private_data pointer references the SMC socket because the
+ * TCP socket has no file assigned.
*/
-static inline void sock_poll_wait(struct file *filp, poll_table *p)
+static inline void sock_poll_wait(struct file *filp, struct socket *sock,
+ poll_table *p)
{
- struct socket *sock = filp->private_data;
-
if (!poll_does_not_wait(p)) {
poll_wait(filp, &sock->wq->wait, p);
/* We need to be sure we are in sync with the
--- a/net/atm/common.c
+++ b/net/atm/common.c
@@ -653,7 +653,7 @@ __poll_t vcc_poll(struct file *file, str
struct atm_vcc *vcc;
__poll_t mask;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
vcc = ATM_SD(sock);
--- a/net/caif/caif_socket.c
+++ b/net/caif/caif_socket.c
@@ -941,7 +941,7 @@ static __poll_t caif_poll(struct file *f
__poll_t mask;
struct caifsock *cf_sk = container_of(sk, struct caifsock, sk);
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
/* exceptional events? */
--- a/net/core/datagram.c
+++ b/net/core/datagram.c
@@ -838,7 +838,7 @@ __poll_t datagram_poll(struct file *file
struct sock *sk = sock->sk;
__poll_t mask;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
/* exceptional events? */
--- a/net/dccp/proto.c
+++ b/net/dccp/proto.c
@@ -325,7 +325,7 @@ __poll_t dccp_poll(struct file *file, st
__poll_t mask;
struct sock *sk = sock->sk;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
if (sk->sk_state == DCCP_LISTEN)
return inet_csk_listen_poll(sk);
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -507,7 +507,7 @@ __poll_t tcp_poll(struct file *file, str
const struct tcp_sock *tp = tcp_sk(sk);
int state;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
state = inet_sk_state_load(sk);
if (state == TCP_LISTEN)
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -1505,7 +1505,7 @@ __poll_t iucv_sock_poll(struct file *fil
struct sock *sk = sock->sk;
__poll_t mask = 0;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
if (sk->sk_state == IUCV_LISTEN)
return iucv_accept_poll(sk);
--- a/net/nfc/llcp_sock.c
+++ b/net/nfc/llcp_sock.c
@@ -556,7 +556,7 @@ static __poll_t llcp_sock_poll(struct fi
pr_debug("%p\n", sk);
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
if (sk->sk_state == LLCP_LISTEN)
return llcp_accept_poll(sk);
--- a/net/rxrpc/af_rxrpc.c
+++ b/net/rxrpc/af_rxrpc.c
@@ -741,7 +741,7 @@ static __poll_t rxrpc_poll(struct file *
struct rxrpc_sock *rx = rxrpc_sk(sk);
__poll_t mask;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
/* the socket is readable if there are any messages waiting on the Rx
--- a/net/smc/af_smc.c
+++ b/net/smc/af_smc.c
@@ -1543,7 +1543,7 @@ static __poll_t smc_poll(struct file *fi
mask |= EPOLLERR;
} else {
if (sk->sk_state != SMC_CLOSED)
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
if (sk->sk_err)
mask |= EPOLLERR;
if ((sk->sk_shutdown == SHUTDOWN_MASK) ||
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -715,7 +715,7 @@ static __poll_t tipc_poll(struct file *f
struct tipc_sock *tsk = tipc_sk(sk);
__poll_t revents = 0;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
if (sk->sk_shutdown & RCV_SHUTDOWN)
revents |= EPOLLRDHUP | EPOLLIN | EPOLLRDNORM;
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -2640,7 +2640,7 @@ static __poll_t unix_poll(struct file *f
struct sock *sk = sock->sk;
__poll_t mask;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
/* exceptional events? */
@@ -2677,7 +2677,7 @@ static __poll_t unix_dgram_poll(struct f
unsigned int writable;
__poll_t mask;
- sock_poll_wait(file, wait);
+ sock_poll_wait(file, sock, wait);
mask = 0;
/* exceptional events? */
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Ido Schimmel <[email protected]>
[ Upstream commit da71577545a52be3e0e9225a946e5fd79cfab015 ]
When an FDB entry is configured, the address is validated to have the
length of an Ethernet address, but the device for which the address is
configured can be of any type.
The above can result in the use of uninitialized memory when the address
is later compared against existing addresses since 'dev->addr_len' is
used and it may be greater than ETH_ALEN, as with ip6tnl devices.
Fix this by making sure that FDB entries are only configured for
Ethernet devices.
BUG: KMSAN: uninit-value in memcmp+0x11d/0x180 lib/string.c:863
CPU: 1 PID: 4318 Comm: syz-executor998 Not tainted 4.19.0-rc3+ #49
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x14b/0x190 lib/dump_stack.c:113
kmsan_report+0x183/0x2b0 mm/kmsan/kmsan.c:956
__msan_warning+0x70/0xc0 mm/kmsan/kmsan_instr.c:645
memcmp+0x11d/0x180 lib/string.c:863
dev_uc_add_excl+0x165/0x7b0 net/core/dev_addr_lists.c:464
ndo_dflt_fdb_add net/core/rtnetlink.c:3463 [inline]
rtnl_fdb_add+0x1081/0x1270 net/core/rtnetlink.c:3558
rtnetlink_rcv_msg+0xa0b/0x1530 net/core/rtnetlink.c:4715
netlink_rcv_skb+0x36e/0x5f0 net/netlink/af_netlink.c:2454
rtnetlink_rcv+0x50/0x60 net/core/rtnetlink.c:4733
netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
netlink_unicast+0x1638/0x1720 net/netlink/af_netlink.c:1343
netlink_sendmsg+0x1205/0x1290 net/netlink/af_netlink.c:1908
sock_sendmsg_nosec net/socket.c:621 [inline]
sock_sendmsg net/socket.c:631 [inline]
___sys_sendmsg+0xe70/0x1290 net/socket.c:2114
__sys_sendmsg net/socket.c:2152 [inline]
__do_sys_sendmsg net/socket.c:2161 [inline]
__se_sys_sendmsg+0x2a3/0x3d0 net/socket.c:2159
__x64_sys_sendmsg+0x4a/0x70 net/socket.c:2159
do_syscall_64+0xb8/0x100 arch/x86/entry/common.c:291
entry_SYSCALL_64_after_hwframe+0x63/0xe7
RIP: 0033:0x440ee9
Code: e8 cc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7
48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
ff 0f 83 bb 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fff6a93b518 EFLAGS: 00000213 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440ee9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000004002c8 R11: 0000000000000213 R12: 000000000000b4b0
R13: 0000000000401ec0 R14: 0000000000000000 R15: 0000000000000000
Uninit was created at:
kmsan_save_stack_with_flags mm/kmsan/kmsan.c:256 [inline]
kmsan_internal_poison_shadow+0xb8/0x1b0 mm/kmsan/kmsan.c:181
kmsan_kmalloc+0x98/0x100 mm/kmsan/kmsan_hooks.c:91
kmsan_slab_alloc+0x10/0x20 mm/kmsan/kmsan_hooks.c:100
slab_post_alloc_hook mm/slab.h:446 [inline]
slab_alloc_node mm/slub.c:2718 [inline]
__kmalloc_node_track_caller+0x9e7/0x1160 mm/slub.c:4351
__kmalloc_reserve net/core/skbuff.c:138 [inline]
__alloc_skb+0x2f5/0x9e0 net/core/skbuff.c:206
alloc_skb include/linux/skbuff.h:996 [inline]
netlink_alloc_large_skb net/netlink/af_netlink.c:1189 [inline]
netlink_sendmsg+0xb49/0x1290 net/netlink/af_netlink.c:1883
sock_sendmsg_nosec net/socket.c:621 [inline]
sock_sendmsg net/socket.c:631 [inline]
___sys_sendmsg+0xe70/0x1290 net/socket.c:2114
__sys_sendmsg net/socket.c:2152 [inline]
__do_sys_sendmsg net/socket.c:2161 [inline]
__se_sys_sendmsg+0x2a3/0x3d0 net/socket.c:2159
__x64_sys_sendmsg+0x4a/0x70 net/socket.c:2159
do_syscall_64+0xb8/0x100 arch/x86/entry/common.c:291
entry_SYSCALL_64_after_hwframe+0x63/0xe7
v2:
* Make error message more specific (David)
Fixes: 090096bf3db1 ("net: generic fdb support for drivers without ndo_fdb_<op>")
Signed-off-by: Ido Schimmel <[email protected]>
Reported-and-tested-by: [email protected]
Reported-and-tested-by: [email protected]
Cc: Vlad Yasevich <[email protected]>
Cc: David Ahern <[email protected]>
Reviewed-by: David Ahern <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/core/rtnetlink.c | 10 ++++++++++
1 file changed, 10 insertions(+)
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -3530,6 +3530,11 @@ static int rtnl_fdb_add(struct sk_buff *
return -EINVAL;
}
+ if (dev->type != ARPHRD_ETHER) {
+ NL_SET_ERR_MSG(extack, "FDB delete only supported for Ethernet devices");
+ return -EINVAL;
+ }
+
addr = nla_data(tb[NDA_LLADDR]);
err = fdb_vid_parse(tb[NDA_VLAN], &vid, extack);
@@ -3634,6 +3639,11 @@ static int rtnl_fdb_del(struct sk_buff *
return -EINVAL;
}
+ if (dev->type != ARPHRD_ETHER) {
+ NL_SET_ERR_MSG(extack, "FDB add only supported for Ethernet devices");
+ return -EINVAL;
+ }
+
addr = nla_data(tb[NDA_LLADDR]);
err = fdb_vid_parse(tb[NDA_VLAN], &vid, extack);
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jason Wang <[email protected]>
[ Upstream commit ff002269a4ee9c769dbf9365acef633ebcbd6cbe ]
The idx in vhost_vring_ioctl() was controlled by userspace, hence a
potential exploitation of the Spectre variant 1 vulnerability.
Fixing this by sanitizing idx before using it to index d->vqs.
Cc: Michael S. Tsirkin <[email protected]>
Cc: Josh Poimboeuf <[email protected]>
Cc: Andrea Arcangeli <[email protected]>
Signed-off-by: Jason Wang <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/vhost/vhost.c | 2 ++
1 file changed, 2 insertions(+)
--- a/drivers/vhost/vhost.c
+++ b/drivers/vhost/vhost.c
@@ -30,6 +30,7 @@
#include <linux/sched/mm.h>
#include <linux/sched/signal.h>
#include <linux/interval_tree_generic.h>
+#include <linux/nospec.h>
#include "vhost.h"
@@ -1397,6 +1398,7 @@ long vhost_vring_ioctl(struct vhost_dev
if (idx >= d->nvqs)
return -ENOBUFS;
+ idx = array_index_nospec(idx, d->nvqs);
vq = d->vqs[idx];
mutex_lock(&vq->mutex);
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Tobias Jungel <[email protected]>
[ Upstream commit 414dd6fb9a1a1b59983aea7bf0f79f0085ecc5b8 ]
The attribute IFLA_BOND_AD_ACTOR_SYSTEM is sent to user space having the
length of sizeof(bond->params.ad_actor_system) which is 8 byte. This
patch aligns the length to ETH_ALEN to have the same MAC address exposed
as using sysfs.
Fixes: f87fda00b6ed2 ("bonding: prevent out of bound accesses")
Signed-off-by: Tobias Jungel <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/bonding/bond_netlink.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/drivers/net/bonding/bond_netlink.c
+++ b/drivers/net/bonding/bond_netlink.c
@@ -638,8 +638,7 @@ static int bond_fill_info(struct sk_buff
goto nla_put_failure;
if (nla_put(skb, IFLA_BOND_AD_ACTOR_SYSTEM,
- sizeof(bond->params.ad_actor_system),
- &bond->params.ad_actor_system))
+ ETH_ALEN, &bond->params.ad_actor_system))
goto nla_put_failure;
}
if (!bond_3ad_get_active_agg_info(bond, &info)) {
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: "Jaime Caama?o Ruiz" <[email protected]>
[ Upstream commit 46ebe2834ba5b541f28ee72e556a3fed42c47570 ]
When there are both pop and push ethernet header actions among the
actions to be applied to a packet, an unexpected EINVAL (Invalid
argument) error is obtained. This is due to mac_proto not being reset
correctly when those actions are validated.
Reported-at:
https://mail.openvswitch.org/pipermail/ovs-discuss/2018-October/047554.html
Fixes: 91820da6ae85 ("openvswitch: add Ethernet push and pop actions")
Signed-off-by: Jaime Caamaño Ruiz <[email protected]>
Tested-by: Greg Rose <[email protected]>
Reviewed-by: Greg Rose <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/openvswitch/flow_netlink.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/net/openvswitch/flow_netlink.c
+++ b/net/openvswitch/flow_netlink.c
@@ -3030,7 +3030,7 @@ static int __ovs_nla_copy_actions(struct
* is already present */
if (mac_proto != MAC_PROTO_NONE)
return -EINVAL;
- mac_proto = MAC_PROTO_NONE;
+ mac_proto = MAC_PROTO_ETHERNET;
break;
case OVS_ACTION_ATTR_POP_ETH:
@@ -3038,7 +3038,7 @@ static int __ovs_nla_copy_actions(struct
return -EINVAL;
if (vlan_tci & htons(VLAN_TAG_PRESENT))
return -EINVAL;
- mac_proto = MAC_PROTO_ETHERNET;
+ mac_proto = MAC_PROTO_NONE;
break;
case OVS_ACTION_ATTR_PUSH_NSH:
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Stefano Brivio <[email protected]>
[ Upstream commit ee1abcf689353f36d9322231b4320926096bdee0 ]
Commit a61bbcf28a8c ("[NET]: Store skb->timestamp as offset to a base
timestamp") introduces a neighbour control buffer and zeroes it out in
ndisc_rcv(), as ndisc_recv_ns() uses it.
Commit f2776ff04722 ("[IPV6]: Fix address/interface handling in UDP and
DCCP, according to the scoping architecture.") introduces the usage of the
IPv6 control buffer in protocol error handlers (e.g. inet6_iif() in
present-day __udp6_lib_err()).
Now, with commit b94f1c0904da ("ipv6: Use icmpv6_notify() to propagate
redirect, instead of rt6_redirect()."), we call protocol error handlers
from ndisc_redirect_rcv(), after the control buffer is already stolen and
some parts are already zeroed out. This implies that inet6_iif() on this
path will always return zero.
This gives unexpected results on UDP socket lookup in __udp6_lib_err(), as
we might actually need to match sockets for a given interface.
Instead of always claiming the control buffer in ndisc_rcv(), do that only
when needed.
Fixes: b94f1c0904da ("ipv6: Use icmpv6_notify() to propagate redirect, instead of rt6_redirect().")
Signed-off-by: Stefano Brivio <[email protected]>
Reviewed-by: Sabrina Dubroca <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/ipv6/ndisc.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -1732,10 +1732,9 @@ int ndisc_rcv(struct sk_buff *skb)
return 0;
}
- memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
-
switch (msg->icmph.icmp6_type) {
case NDISC_NEIGHBOUR_SOLICITATION:
+ memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
ndisc_recv_ns(skb);
break;
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: David Miller <[email protected]>
[ Upstream commit 5b4fc3882a649c9411dd0dcad2ddb78e911d340e ]
Right now if we get a corrupted user stack frame we do a
do_exit(SIGILL) which is not helpful.
If under a debugger, this behavior causes the inferior process to
exit. So the register and other state cannot be examined at the time
of the event.
Instead, conditionally log a rate limited kernel log message and then
force a SIGSEGV.
With bits and ideas borrowed (as usual) from powerpc.
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
arch/sparc/include/asm/switch_to_64.h | 3 ++-
arch/sparc/kernel/process_64.c | 25 +++++++++++++++++++------
arch/sparc/kernel/rtrap_64.S | 1 +
arch/sparc/kernel/signal32.c | 12 ++++++++++--
arch/sparc/kernel/signal_64.c | 6 +++++-
5 files changed, 37 insertions(+), 10 deletions(-)
--- a/arch/sparc/include/asm/switch_to_64.h
+++ b/arch/sparc/include/asm/switch_to_64.h
@@ -67,6 +67,7 @@ do { save_and_clear_fpu(); \
} while(0)
void synchronize_user_stack(void);
-void fault_in_user_windows(void);
+struct pt_regs;
+void fault_in_user_windows(struct pt_regs *);
#endif /* __SPARC64_SWITCH_TO_64_H */
--- a/arch/sparc/kernel/process_64.c
+++ b/arch/sparc/kernel/process_64.c
@@ -36,6 +36,7 @@
#include <linux/sysrq.h>
#include <linux/nmi.h>
#include <linux/context_tracking.h>
+#include <linux/signal.h>
#include <linux/uaccess.h>
#include <asm/page.h>
@@ -521,7 +522,12 @@ static void stack_unaligned(unsigned lon
force_sig_fault(SIGBUS, BUS_ADRALN, (void __user *) sp, 0, current);
}
-void fault_in_user_windows(void)
+static const char uwfault32[] = KERN_INFO \
+ "%s[%d]: bad register window fault: SP %08lx (orig_sp %08lx) TPC %08lx O7 %08lx\n";
+static const char uwfault64[] = KERN_INFO \
+ "%s[%d]: bad register window fault: SP %016lx (orig_sp %016lx) TPC %08lx O7 %016lx\n";
+
+void fault_in_user_windows(struct pt_regs *regs)
{
struct thread_info *t = current_thread_info();
unsigned long window;
@@ -534,9 +540,9 @@ void fault_in_user_windows(void)
do {
struct reg_window *rwin = &t->reg_window[window];
int winsize = sizeof(struct reg_window);
- unsigned long sp;
+ unsigned long sp, orig_sp;
- sp = t->rwbuf_stkptrs[window];
+ orig_sp = sp = t->rwbuf_stkptrs[window];
if (test_thread_64bit_stack(sp))
sp += STACK_BIAS;
@@ -547,8 +553,16 @@ void fault_in_user_windows(void)
stack_unaligned(sp);
if (unlikely(copy_to_user((char __user *)sp,
- rwin, winsize)))
+ rwin, winsize))) {
+ if (show_unhandled_signals)
+ printk_ratelimited(is_compat_task() ?
+ uwfault32 : uwfault64,
+ current->comm, current->pid,
+ sp, orig_sp,
+ regs->tpc,
+ regs->u_regs[UREG_I7]);
goto barf;
+ }
} while (window--);
}
set_thread_wsaved(0);
@@ -556,8 +570,7 @@ void fault_in_user_windows(void)
barf:
set_thread_wsaved(window + 1);
- user_exit();
- do_exit(SIGILL);
+ force_sig(SIGSEGV, current);
}
asmlinkage long sparc_do_fork(unsigned long clone_flags,
--- a/arch/sparc/kernel/rtrap_64.S
+++ b/arch/sparc/kernel/rtrap_64.S
@@ -39,6 +39,7 @@ __handle_preemption:
wrpr %g0, RTRAP_PSTATE_IRQOFF, %pstate
__handle_user_windows:
+ add %sp, PTREGS_OFF, %o0
call fault_in_user_windows
661: wrpr %g0, RTRAP_PSTATE, %pstate
/* If userspace is using ADI, it could potentially pass
--- a/arch/sparc/kernel/signal32.c
+++ b/arch/sparc/kernel/signal32.c
@@ -371,7 +371,11 @@ static int setup_frame32(struct ksignal
get_sigframe(ksig, regs, sigframe_size);
if (invalid_frame_pointer(sf, sigframe_size)) {
- do_exit(SIGILL);
+ if (show_unhandled_signals)
+ pr_info("%s[%d] bad frame in setup_frame32: %08lx TPC %08lx O7 %08lx\n",
+ current->comm, current->pid, (unsigned long)sf,
+ regs->tpc, regs->u_regs[UREG_I7]);
+ force_sigsegv(ksig->sig, current);
return -EINVAL;
}
@@ -501,7 +505,11 @@ static int setup_rt_frame32(struct ksign
get_sigframe(ksig, regs, sigframe_size);
if (invalid_frame_pointer(sf, sigframe_size)) {
- do_exit(SIGILL);
+ if (show_unhandled_signals)
+ pr_info("%s[%d] bad frame in setup_rt_frame32: %08lx TPC %08lx O7 %08lx\n",
+ current->comm, current->pid, (unsigned long)sf,
+ regs->tpc, regs->u_regs[UREG_I7]);
+ force_sigsegv(ksig->sig, current);
return -EINVAL;
}
--- a/arch/sparc/kernel/signal_64.c
+++ b/arch/sparc/kernel/signal_64.c
@@ -370,7 +370,11 @@ setup_rt_frame(struct ksignal *ksig, str
get_sigframe(ksig, regs, sf_size);
if (invalid_frame_pointer (sf)) {
- do_exit(SIGILL); /* won't return, actually */
+ if (show_unhandled_signals)
+ pr_info("%s[%d] bad frame in setup_rt_frame: %016lx TPC %016lx O7 %016lx\n",
+ current->comm, current->pid, (unsigned long)sf,
+ regs->tpc, regs->u_regs[UREG_I7]);
+ force_sigsegv(ksig->sig, current);
return -EINVAL;
}
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Ivan Vecera <[email protected]>
[ Upstream commit 5ef79151c2fbc401cf38325e9a32e77b9fc593ae ]
The mentioned commit needs to be reverted because we cannot pass
string allocated on stack to request_irq(). This function stores
uses this pointer for later use (e.g. /proc/interrupts) so we need
to keep this string persistently.
Fixes: d6d9704af8f4 ("be2net: remove desc field from be_eq_obj")
Signed-off-by: Ivan Vecera <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/ethernet/emulex/benet/be.h | 1 +
drivers/net/ethernet/emulex/benet/be_main.c | 6 ++----
2 files changed, 3 insertions(+), 4 deletions(-)
--- a/drivers/net/ethernet/emulex/benet/be.h
+++ b/drivers/net/ethernet/emulex/benet/be.h
@@ -185,6 +185,7 @@ static inline void queue_tail_inc(struct
struct be_eq_obj {
struct be_queue_info q;
+ char desc[32];
struct be_adapter *adapter;
struct napi_struct napi;
--- a/drivers/net/ethernet/emulex/benet/be_main.c
+++ b/drivers/net/ethernet/emulex/benet/be_main.c
@@ -3488,11 +3488,9 @@ static int be_msix_register(struct be_ad
int status, i, vec;
for_all_evt_queues(adapter, eqo, i) {
- char irq_name[IFNAMSIZ+4];
-
- snprintf(irq_name, sizeof(irq_name), "%s-q%d", netdev->name, i);
+ sprintf(eqo->desc, "%s-q%d", netdev->name, i);
vec = be_msix_vec_get(adapter, eqo);
- status = request_irq(vec, be_msix, 0, irq_name, eqo);
+ status = request_irq(vec, be_msix, 0, eqo->desc, eqo);
if (status)
goto err_msix;
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Xin Long <[email protected]>
[ Upstream commit 713358369382cebf92f6e98ce2005f94e7344931 ]
When getting pr_assocstatus and pr_streamstatus by sctp_getsockopt,
it doesn't correctly process the case when policy is set with
SCTP_PR_SCTP_ALL | SCTP_PR_SCTP_MASK. It even causes a
slab-out-of-bounds in sctp_getsockopt_pr_streamstatus().
This patch fixes it by return -EINVAL for this case.
Fixes: 0ac1077e3a54 ("sctp: get pr_assoc and pr_stream all status with SCTP_PR_SCTP_ALL")
Reported-by: [email protected]
Suggested-by: Marcelo Ricardo Leitner <[email protected]>
Signed-off-by: Xin Long <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/sctp/socket.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -7101,14 +7101,15 @@ static int sctp_getsockopt_pr_assocstatu
}
policy = params.sprstat_policy;
- if (!policy || (policy & ~(SCTP_PR_SCTP_MASK | SCTP_PR_SCTP_ALL)))
+ if (!policy || (policy & ~(SCTP_PR_SCTP_MASK | SCTP_PR_SCTP_ALL)) ||
+ ((policy & SCTP_PR_SCTP_ALL) && (policy & SCTP_PR_SCTP_MASK)))
goto out;
asoc = sctp_id2assoc(sk, params.sprstat_assoc_id);
if (!asoc)
goto out;
- if (policy & SCTP_PR_SCTP_ALL) {
+ if (policy == SCTP_PR_SCTP_ALL) {
params.sprstat_abandoned_unsent = 0;
params.sprstat_abandoned_sent = 0;
for (policy = 0; policy <= SCTP_PR_INDEX(MAX); policy++) {
@@ -7160,7 +7161,8 @@ static int sctp_getsockopt_pr_streamstat
}
policy = params.sprstat_policy;
- if (!policy || (policy & ~(SCTP_PR_SCTP_MASK | SCTP_PR_SCTP_ALL)))
+ if (!policy || (policy & ~(SCTP_PR_SCTP_MASK | SCTP_PR_SCTP_ALL)) ||
+ ((policy & SCTP_PR_SCTP_ALL) && (policy & SCTP_PR_SCTP_MASK)))
goto out;
asoc = sctp_id2assoc(sk, params.sprstat_assoc_id);
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: "David S. Miller" <[email protected]>
[ Upstream commit 2b4792eaa9f553764047d157365ed8b7787751a3 ]
Some drivers reference it via node_distance(), for example the
NVME host driver core.
ERROR: "__node_distance" [drivers/nvme/host/nvme-core.ko] undefined!
make[1]: *** [scripts/Makefile.modpost:92: __modpost] Error 1
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
arch/sparc/mm/init_64.c | 1 +
1 file changed, 1 insertion(+)
--- a/arch/sparc/mm/init_64.c
+++ b/arch/sparc/mm/init_64.c
@@ -1383,6 +1383,7 @@ int __node_distance(int from, int to)
}
return numa_latency[from][to];
}
+EXPORT_SYMBOL(__node_distance);
static int __init find_best_numa_node_for_mlgroup(struct mdesc_mlgroup *grp)
{
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: "David S. Miller" <[email protected]>
[ Upstream commit 1f2b5b8e2df4591fbca430aff9c5a072dcc0f408 ]
Fixes: 8b30ca73b7cc ("sparc: Add all necessary direct socket system calls.")
Reported-by: Joseph Myers <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
arch/sparc/kernel/systbls_64.S | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/arch/sparc/kernel/systbls_64.S
+++ b/arch/sparc/kernel/systbls_64.S
@@ -47,9 +47,9 @@ sys_call_table32:
.word sys_recvfrom, sys_setreuid16, sys_setregid16, sys_rename, compat_sys_truncate
/*130*/ .word compat_sys_ftruncate, sys_flock, compat_sys_lstat64, sys_sendto, sys_shutdown
.word sys_socketpair, sys_mkdir, sys_rmdir, compat_sys_utimes, compat_sys_stat64
-/*140*/ .word sys_sendfile64, sys_nis_syscall, compat_sys_futex, sys_gettid, compat_sys_getrlimit
+/*140*/ .word sys_sendfile64, sys_getpeername, compat_sys_futex, sys_gettid, compat_sys_getrlimit
.word compat_sys_setrlimit, sys_pivot_root, sys_prctl, sys_pciconfig_read, sys_pciconfig_write
-/*150*/ .word sys_nis_syscall, sys_inotify_init, sys_inotify_add_watch, sys_poll, sys_getdents64
+/*150*/ .word sys_getsockname, sys_inotify_init, sys_inotify_add_watch, sys_poll, sys_getdents64
.word compat_sys_fcntl64, sys_inotify_rm_watch, compat_sys_statfs, compat_sys_fstatfs, sys_oldumount
/*160*/ .word compat_sys_sched_setaffinity, compat_sys_sched_getaffinity, sys_getdomainname, sys_setdomainname, sys_nis_syscall
.word sys_quotactl, sys_set_tid_address, compat_sys_mount, compat_sys_ustat, sys_setxattr
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Nikolay Aleksandrov <[email protected]>
commit 0fe5119e267f3e3d8ac206895f5922195ec55a8a upstream.
Recently a check was added which prevents marking of routers with zero
source address, but for IPv6 that cannot happen as the relevant RFCs
actually forbid such packets:
RFC 2710 (MLDv1):
"To be valid, the Query message MUST
come from a link-local IPv6 Source Address, be at least 24 octets
long, and have a correct MLD checksum."
Same goes for RFC 3810.
And also it can be seen as a requirement in ipv6_mc_check_mld_query()
which is used by the bridge to validate the message before processing
it. Thus any queries with :: source address won't be processed anyway.
So just remove the check for zero IPv6 source address from the query
processing function.
Fixes: 5a2de63fd1a5 ("bridge: do not add port to router list when receives query with source 0.0.0.0")
Signed-off-by: Nikolay Aleksandrov <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Cc: Hangbin Liu <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/bridge/br_multicast.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/net/bridge/br_multicast.c
+++ b/net/bridge/br_multicast.c
@@ -1426,8 +1426,7 @@ static void br_multicast_query_received(
* is 0.0.0.0 should not be added to router port list.
*/
if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
- (saddr->proto == htons(ETH_P_IPV6) &&
- !ipv6_addr_any(&saddr->u.ip6)))
+ saddr->proto == htons(ETH_P_IPV6))
br_multicast_mark_router(br, port);
}
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Petr Machata <[email protected]>
[ Upstream commit ad0b9d94182be8356978d220c82f9837cffeb7a9 ]
Demands to remove FDB entries should be honored even if the FDB entry in
question was originally learned, and not added by the user. Therefore
ignore the added_by_user datum for SWITCHDEV_FDB_DEL_TO_DEVICE.
Fixes: 816a3bed9549 ("switchdev: Add fdb.added_by_user to switchdev notifications")
Signed-off-by: Petr Machata <[email protected]>
Suggested-by: Ido Schimmel <[email protected]>
Signed-off-by: Ido Schimmel <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 2 --
1 file changed, 2 deletions(-)
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c
@@ -2317,8 +2317,6 @@ static void mlxsw_sp_switchdev_event_wor
break;
case SWITCHDEV_FDB_DEL_TO_DEVICE:
fdb_info = &switchdev_work->fdb_info;
- if (!fdb_info->added_by_user)
- break;
mlxsw_sp_port_fdb_set(mlxsw_sp_port, fdb_info, false);
break;
case SWITCHDEV_FDB_ADD_TO_BRIDGE: /* fall through */
4.19-stable review patch. If anyone has any objections, please let me know.
------------------
From: Karsten Graul <[email protected]>
[ Upstream commit fb692ec4117f6fd25044cfb5720d6b79d400dc65 ]
The pointer to the link group is unset in the smc connection structure
right before the call to smc_buf_unuse. Provide the lgr pointer to
smc_buf_unuse explicitly.
And move the call to smc_lgr_schedule_free_work to the end of
smc_conn_free.
Fixes: a6920d1d130c ("net/smc: handle unregistered buffers")
Signed-off-by: Karsten Graul <[email protected]>
Signed-off-by: Ursula Braun <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/smc/smc_core.c | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
--- a/net/smc/smc_core.c
+++ b/net/smc/smc_core.c
@@ -122,22 +122,17 @@ static void __smc_lgr_unregister_conn(st
sock_put(&smc->sk); /* sock_hold in smc_lgr_register_conn() */
}
-/* Unregister connection and trigger lgr freeing if applicable
+/* Unregister connection from lgr
*/
static void smc_lgr_unregister_conn(struct smc_connection *conn)
{
struct smc_link_group *lgr = conn->lgr;
- int reduced = 0;
write_lock_bh(&lgr->conns_lock);
if (conn->alert_token_local) {
- reduced = 1;
__smc_lgr_unregister_conn(conn);
}
write_unlock_bh(&lgr->conns_lock);
- if (!reduced || lgr->conns_num)
- return;
- smc_lgr_schedule_free_work(lgr);
}
/* Send delete link, either as client to request the initiation
@@ -291,7 +286,8 @@ out:
return rc;
}
-static void smc_buf_unuse(struct smc_connection *conn)
+static void smc_buf_unuse(struct smc_connection *conn,
+ struct smc_link_group *lgr)
{
if (conn->sndbuf_desc)
conn->sndbuf_desc->used = 0;
@@ -301,8 +297,6 @@ static void smc_buf_unuse(struct smc_con
conn->rmb_desc->used = 0;
} else {
/* buf registration failed, reuse not possible */
- struct smc_link_group *lgr = conn->lgr;
-
write_lock_bh(&lgr->rmbs_lock);
list_del(&conn->rmb_desc->list);
write_unlock_bh(&lgr->rmbs_lock);
@@ -315,16 +309,21 @@ static void smc_buf_unuse(struct smc_con
/* remove a finished connection from its link group */
void smc_conn_free(struct smc_connection *conn)
{
- if (!conn->lgr)
+ struct smc_link_group *lgr = conn->lgr;
+
+ if (!lgr)
return;
- if (conn->lgr->is_smcd) {
+ if (lgr->is_smcd) {
smc_ism_unset_conn(conn);
tasklet_kill(&conn->rx_tsklet);
} else {
smc_cdc_tx_dismiss_slots(conn);
}
- smc_lgr_unregister_conn(conn);
- smc_buf_unuse(conn);
+ smc_lgr_unregister_conn(conn); /* unsets conn->lgr */
+ smc_buf_unuse(conn, lgr); /* allow buffer reuse */
+
+ if (!lgr->conns_num)
+ smc_lgr_schedule_free_work(lgr);
}
static void smc_link_clear(struct smc_link *lnk)
On 11/2/18 11:34 AM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.19.1 release.
> There are 24 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun Nov 4 18:28:10 UTC 2018.
> Anything received after that time might be too late.
>
Build results:
total: 135 pass: 135 fail: 0
Qemu test results:
total: 316 pass: 316 fail: 0
Details are available at https://kerneltests.org/builders/.
Guenter
On Sat, 3 Nov 2018 at 00:06, Greg Kroah-Hartman
<[email protected]> wrote:
>
> This is the start of the stable review cycle for the 4.19.1 release.
> There are 24 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun Nov 4 18:28:10 UTC 2018.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.1-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
Results from Linaro’s test farm.
No regressions on arm64, arm, x86_64 and i386.
NOTE: kernel selftest version updated to 4.19
Summary
------------------------------------------------------------------------
kernel: 4.19.1-rc1
git repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git
git branch: linux-4.19.y
git commit: 6eebea1ddae93f3931387c0672ff2d130a4888ce
git describe: v4.19-25-g6eebea1ddae9
Test details: https://qa-reports.linaro.org/lkft/linux-stable-rc-4.19-oe/build/v4.19-25-g6eebea1ddae9
No regressions (compared to build v4.19-25-ga3c575473f6c) and mainline.
On Sun, Nov 04, 2018 at 09:54:12AM +0530, Naresh Kamboju wrote:
> On Sat, 3 Nov 2018 at 00:06, Greg Kroah-Hartman
> <[email protected]> wrote:
> >
> > This is the start of the stable review cycle for the 4.19.1 release.
> > There are 24 patches in this series, all will be posted as a response
> > to this one. If anyone has any issues with these being applied, please
> > let me know.
> >
> > Responses should be made by Sun Nov 4 18:28:10 UTC 2018.
> > Anything received after that time might be too late.
> >
> > The whole patch series can be found in one patch at:
> > https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.1-rc1.gz
> > or in the git tree and branch at:
> > git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> > and the diffstat can be found below.
> >
> > thanks,
> >
> > greg k-h
>
> Results from Linaro’s test farm.
> No regressions on arm64, arm, x86_64 and i386.
>
> NOTE: kernel selftest version updated to 4.19
>
> Summary
> ------------------------------------------------------------------------
>
> kernel: 4.19.1-rc1
> git repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git
> git branch: linux-4.19.y
> git commit: 6eebea1ddae93f3931387c0672ff2d130a4888ce
> git describe: v4.19-25-g6eebea1ddae9
> Test details: https://qa-reports.linaro.org/lkft/linux-stable-rc-4.19-oe/build/v4.19-25-g6eebea1ddae9
>
> No regressions (compared to build v4.19-25-ga3c575473f6c) and mainline.
Thanks for testing all of these and letting me know.
greg k-h
according to user reports this patch will cause a serious regression.
igmp snooping is not working anymore with this patch
Am 02.11.2018 um 19:34 schrieb Greg Kroah-Hartman:
> 4.19-stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Hangbin Liu <[email protected]>
>
> [ Upstream commit 5a2de63fd1a59c30c02526d427bc014b98adf508 ]
>
> Based on RFC 4541, 2.1.1. IGMP Forwarding Rules
>
> The switch supporting IGMP snooping must maintain a list of
> multicast routers and the ports on which they are attached. This
> list can be constructed in any combination of the following ways:
>
> a) This list should be built by the snooping switch sending
> Multicast Router Solicitation messages as described in IGMP
> Multicast Router Discovery [MRDISC]. It may also snoop
> Multicast Router Advertisement messages sent by and to other
> nodes.
>
> b) The arrival port for IGMP Queries (sent by multicast routers)
> where the source address is not 0.0.0.0.
>
> We should not add the port to router list when receives query with source
> 0.0.0.0.
>
> Reported-by: Ying Xu <[email protected]>
> Signed-off-by: Hangbin Liu <[email protected]>
> Acked-by: Nikolay Aleksandrov <[email protected]>
> Acked-by: Roopa Prabhu <[email protected]>
> Signed-off-by: David S. Miller <[email protected]>
> Signed-off-by: Greg Kroah-Hartman <[email protected]>
> ---
> net/bridge/br_multicast.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> --- a/net/bridge/br_multicast.c
> +++ b/net/bridge/br_multicast.c
> @@ -1420,7 +1420,15 @@ static void br_multicast_query_received(
> return;
>
> br_multicast_update_query_timer(br, query, max_delay);
> - br_multicast_mark_router(br, port);
> +
> + /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules,
> + * the arrival port for IGMP Queries where the source address
> + * is 0.0.0.0 should not be added to router port list.
> + */
> + if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
> + (saddr->proto == htons(ETH_P_IPV6) &&
> + !ipv6_addr_any(&saddr->u.ip6)))
> + br_multicast_mark_router(br, port);
> }
>
> static void br_ip4_multicast_query(struct net_bridge *br,
>
>
>
On Sun, Feb 17, 2019 at 03:29:22PM +0100, Sebastian Gottschall wrote:
> according to user reports this patch will cause a serious regression. igmp
> snooping is not working anymore with this patch
>
> Am 02.11.2018 um 19:34 schrieb Greg Kroah-Hartman:
> > 4.19-stable review patch. If anyone has any objections, please let me know.
> >
> > ------------------
> >
> > From: Hangbin Liu <[email protected]>
> >
> > [ Upstream commit 5a2de63fd1a59c30c02526d427bc014b98adf508 ]
> >
> > Based on RFC 4541, 2.1.1. IGMP Forwarding Rules
> >
> > The switch supporting IGMP snooping must maintain a list of
> > multicast routers and the ports on which they are attached. This
> > list can be constructed in any combination of the following ways:
> >
> > a) This list should be built by the snooping switch sending
> > Multicast Router Solicitation messages as described in IGMP
> > Multicast Router Discovery [MRDISC]. It may also snoop
> > Multicast Router Advertisement messages sent by and to other
> > nodes.
> >
> > b) The arrival port for IGMP Queries (sent by multicast routers)
> > where the source address is not 0.0.0.0.
> >
> > We should not add the port to router list when receives query with source
> > 0.0.0.0.
> >
> > Reported-by: Ying Xu <[email protected]>
> > Signed-off-by: Hangbin Liu <[email protected]>
> > Acked-by: Nikolay Aleksandrov <[email protected]>
> > Acked-by: Roopa Prabhu <[email protected]>
> > Signed-off-by: David S. Miller <[email protected]>
> > Signed-off-by: Greg Kroah-Hartman <[email protected]>
> > ---
> > net/bridge/br_multicast.c | 10 +++++++++-
> > 1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > --- a/net/bridge/br_multicast.c
> > +++ b/net/bridge/br_multicast.c
> > @@ -1420,7 +1420,15 @@ static void br_multicast_query_received(
> > return;
> > br_multicast_update_query_timer(br, query, max_delay);
> > - br_multicast_mark_router(br, port);
> > +
> > + /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules,
> > + * the arrival port for IGMP Queries where the source address
> > + * is 0.0.0.0 should not be added to router port list.
> > + */
> > + if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
> > + (saddr->proto == htons(ETH_P_IPV6) &&
> > + !ipv6_addr_any(&saddr->u.ip6)))
> > + br_multicast_mark_router(br, port);
> > }
> > static void br_ip4_multicast_query(struct net_bridge *br,
Is this also a problem in 4.20? This patch went into 4.20-rc1, so it
has been around for a while with no reported issues that I can find.
Any pointers to the reports?
thanks,
greg k-h
Am 17.02.2019 um 17:48 schrieb Greg Kroah-Hartman:
> On Sun, Feb 17, 2019 at 03:29:22PM +0100, Sebastian Gottschall wrote:
>> according to user reports this patch will cause a serious regression.
>> igmp
>> snooping is not working anymore with this patch
>>
>> Am 02.11.2018 um 19:34 schrieb Greg Kroah-Hartman:
>>> 4.19-stable review patch. If anyone has any objections, please let
>>> me know.
>>>
>>> ------------------
>>>
>>> From: Hangbin Liu <[email protected]>
>>>
>>> [ Upstream commit 5a2de63fd1a59c30c02526d427bc014b98adf508 ]
>>>
>>> Based on RFC 4541, 2.1.1. IGMP Forwarding Rules
>>>
>>> The switch supporting IGMP snooping must maintain a list of
>>> multicast routers and the ports on which they are attached. This
>>> list can be constructed in any combination of the following ways:
>>>
>>> a) This list should be built by the snooping switch sending
>>> Multicast Router Solicitation messages as described in IGMP
>>> Multicast Router Discovery [MRDISC]. It may also snoop
>>> Multicast Router Advertisement messages sent by and to other
>>> nodes.
>>>
>>> b) The arrival port for IGMP Queries (sent by multicast routers)
>>> where the source address is not 0.0.0.0.
>>>
>>> We should not add the port to router list when receives query with
>>> source
>>> 0.0.0.0.
>>>
>>> Reported-by: Ying Xu <[email protected]>
>>> Signed-off-by: Hangbin Liu <[email protected]>
>>> Acked-by: Nikolay Aleksandrov <[email protected]>
>>> Acked-by: Roopa Prabhu <[email protected]>
>>> Signed-off-by: David S. Miller <[email protected]>
>>> Signed-off-by: Greg Kroah-Hartman <[email protected]>
>>> ---
>>> net/bridge/br_multicast.c | 10 +++++++++-
>>> 1 file changed, 9 insertions(+), 1 deletion(-)
>>>
>>> --- a/net/bridge/br_multicast.c
>>> +++ b/net/bridge/br_multicast.c
>>> @@ -1420,7 +1420,15 @@ static void br_multicast_query_received(
>>> return;
>>> br_multicast_update_query_timer(br, query, max_delay);
>>> - br_multicast_mark_router(br, port);
>>> +
>>> + /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules,
>>> + * the arrival port for IGMP Queries where the source address
>>> + * is 0.0.0.0 should not be added to router port list.
>>> + */
>>> + if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
>>> + (saddr->proto == htons(ETH_P_IPV6) &&
>>> + !ipv6_addr_any(&saddr->u.ip6)))
>>> + br_multicast_mark_router(br, port);
>>> }
>>> static void br_ip4_multicast_query(struct net_bridge *br,
> Is this also a problem in 4.20? This patch went into 4.20-rc1, so it
> has been around for a while with no reported issues that I can find.
> Any pointers to the reports?
i need to check this. i found this patch in 4.9, 4.14 and 4.4
the rest was picked up from the mailinglist. according to the git
sources of 4.20 and 5.0 the same code is in there as well
i just got the report from users today and was able to reproduce it with
iptv streams. just by disabling the code it was working again.
Sebastian
>
> thanks,
>
> greg k-h
>
*reminder*
Am 18.02.2019 um 11:18 schrieb Sebastian Gottschall:
>
> Am 17.02.2019 um 17:48 schrieb Greg Kroah-Hartman:
>> On Sun, Feb 17, 2019 at 03:29:22PM +0100, Sebastian Gottschall wrote:
>>> according to user reports this patch will cause a serious
>>> regression. igmp
>>> snooping is not working anymore with this patch
>>>
>>> Am 02.11.2018 um 19:34 schrieb Greg Kroah-Hartman:
>>>> 4.19-stable review patch. If anyone has any objections, please let
>>>> me know.
>>>>
>>>> ------------------
>>>>
>>>> From: Hangbin Liu <[email protected]>
>>>>
>>>> [ Upstream commit 5a2de63fd1a59c30c02526d427bc014b98adf508 ]
>>>>
>>>> Based on RFC 4541, 2.1.1. IGMP Forwarding Rules
>>>>
>>>> The switch supporting IGMP snooping must maintain a list of
>>>> multicast routers and the ports on which they are attached. This
>>>> list can be constructed in any combination of the following ways:
>>>>
>>>> a) This list should be built by the snooping switch sending
>>>> Multicast Router Solicitation messages as described in IGMP
>>>> Multicast Router Discovery [MRDISC]. It may also snoop
>>>> Multicast Router Advertisement messages sent by and to other
>>>> nodes.
>>>>
>>>> b) The arrival port for IGMP Queries (sent by multicast routers)
>>>> where the source address is not 0.0.0.0.
>>>>
>>>> We should not add the port to router list when receives query with
>>>> source
>>>> 0.0.0.0.
>>>>
>>>> Reported-by: Ying Xu <[email protected]>
>>>> Signed-off-by: Hangbin Liu <[email protected]>
>>>> Acked-by: Nikolay Aleksandrov <[email protected]>
>>>> Acked-by: Roopa Prabhu <[email protected]>
>>>> Signed-off-by: David S. Miller <[email protected]>
>>>> Signed-off-by: Greg Kroah-Hartman <[email protected]>
>>>> ---
>>>> net/bridge/br_multicast.c | 10 +++++++++-
>>>> 1 file changed, 9 insertions(+), 1 deletion(-)
>>>>
>>>> --- a/net/bridge/br_multicast.c
>>>> +++ b/net/bridge/br_multicast.c
>>>> @@ -1420,7 +1420,15 @@ static void br_multicast_query_received(
>>>> return;
>>>> br_multicast_update_query_timer(br, query, max_delay);
>>>> - br_multicast_mark_router(br, port);
>>>> +
>>>> + /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules,
>>>> + * the arrival port for IGMP Queries where the source address
>>>> + * is 0.0.0.0 should not be added to router port list.
>>>> + */
>>>> + if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
>>>> + (saddr->proto == htons(ETH_P_IPV6) &&
>>>> + !ipv6_addr_any(&saddr->u.ip6)))
>>>> + br_multicast_mark_router(br, port);
>>>> }
>>>> static void br_ip4_multicast_query(struct net_bridge *br,
>> Is this also a problem in 4.20? This patch went into 4.20-rc1, so it
>> has been around for a while with no reported issues that I can find.
>> Any pointers to the reports?
>
> i need to check this. i found this patch in 4.9, 4.14 and 4.4
> the rest was picked up from the mailinglist. according to the git
> sources of 4.20 and 5.0 the same code is in there as well
>
> i just got the report from users today and was able to reproduce it
> with iptv streams. just by disabling the code it was working again.
>
> Sebastian
>>
>> thanks,
>>
>> greg k-h
>>
>
On 20/02/2019 14:48, Sebastian Gottschall wrote:
> *reminder*
>
[snip]
>>>>> }
>>>>> static void br_ip4_multicast_query(struct net_bridge *br,
>>> Is this also a problem in 4.20? This patch went into 4.20-rc1, so it
>>> has been around for a while with no reported issues that I can find.
>>> Any pointers to the reports?
>>
>> i need to check this. i found this patch in 4.9, 4.14 and 4.4
>> the rest was picked up from the mailinglist. according to the git sources of 4.20 and 5.0 the same code is in there as well
>>
>> i just got the report from users today and was able to reproduce it with iptv streams. just by disabling the code it was working again.
>>
>> Sebastian
>>>
>>> thanks,
>>>
>>> greg k-h
>>>
>>
Could you please include more details about the setup that's broken ?
Note that we were warned[1] of potential breakage from this change
after it went in and regardless of the suggestion from the RFC we'll
probably have to revert this patch.
Ying Xu as author of the patch, any thoughts ?
Also adding Linus Lüssing to the CC as he was the one who warned against it.
Note that the warning was sent as a reply to my breakage fix, but it was intended
for the original patch.
Thanks,
Nik
[1] https://www.mail-archive.com/[email protected]/msg272944.html
On 20/02/2019 15:09, Nikolay Aleksandrov wrote:
> On 20/02/2019 14:48, Sebastian Gottschall wrote:
>> *reminder*
>>
> [snip]
>>>>>> }
>>>>>> static void br_ip4_multicast_query(struct net_bridge *br,
>>>> Is this also a problem in 4.20? This patch went into 4.20-rc1, so it
>>>> has been around for a while with no reported issues that I can find.
>>>> Any pointers to the reports?
>>>
>>> i need to check this. i found this patch in 4.9, 4.14 and 4.4
>>> the rest was picked up from the mailinglist. according to the git sources of 4.20 and 5.0 the same code is in there as well
>>>
>>> i just got the report from users today and was able to reproduce it with iptv streams. just by disabling the code it was working again.
>>>
>>> Sebastian
>>>>
>>>> thanks,
>>>>
>>>> greg k-h
>>>>
>>>
>
> Could you please include more details about the setup that's broken ?
> Note that we were warned[1] of potential breakage from this change
> after it went in and regardless of the suggestion from the RFC we'll
> probably have to revert this patch.
>
> Ying Xu as author of the patch, any thoughts ?
>
My bad, it's Hangbin Liu's patch. It was reported by Ying Xu.
> Also adding Linus Lüssing to the CC as he was the one who warned against it.
> Note that the warning was sent as a reply to my breakage fix, but it was intended
> for the original patch.
>
> Thanks,
> Nik
>
> [1] https://www.mail-archive.com/[email protected]/msg272944.html
>
On Wed, Feb 20, 2019 at 03:09:21PM +0200, Nikolay Aleksandrov wrote:
> On 20/02/2019 14:48, Sebastian Gottschall wrote:
> > *reminder*
> >
> [snip]
> >>>>> ?? }
> >>>>> ?? static void br_ip4_multicast_query(struct net_bridge *br,
> >>> Is this also a problem in 4.20?? This patch went into 4.20-rc1, so it
> >>> has been around for a while with no reported issues that I can find.
> >>> Any pointers to the reports?
> >>
> >> i need to check this. i found this patch in 4.9, 4.14 and 4.4
> >> the rest was picked up from the mailinglist. according to the git sources of 4.20 and 5.0 the same code is in there as well
> >>
> >> i just got the report from users today and was able to reproduce it with iptv streams. just by disabling the code it was working again.
> >>
> >> Sebastian
> >>>
> >>> thanks,
> >>>
> >>> greg k-h
> >>>
> >>
>
> Could you please include more details about the setup that's broken ?
> Note that we were warned[1] of potential breakage from this change
Sorry I missed Linus's reply after Ying Xu replied. I will read it and
disscuss with Ying Xu.
> after it went in and regardless of the suggestion from the RFC we'll
> probably have to revert this patch.
>
> Ying Xu as author of the patch, any thoughts ?
No, we are also waiting for more details from Sebastian.
Thanks
Hangbin
>
> Also adding Linus L?ssing to the CC as he was the one who warned against it.
> Note that the warning was sent as a reply to my breakage fix, but it was intended
> for the original patch.
>
> Thanks,
> Nik
>
> [1] https://www.mail-archive.com/[email protected]/msg272944.html
>
On Wed, Feb 20, 2019 at 01:48:47PM +0100, Sebastian Gottschall wrote:
> *reminder*
>
> Am 18.02.2019 um 11:18 schrieb Sebastian Gottschall:
> >
> > Am 17.02.2019 um 17:48 schrieb Greg Kroah-Hartman:
> > > On Sun, Feb 17, 2019 at 03:29:22PM +0100, Sebastian Gottschall wrote:
> > > > according to user reports this patch will cause a serious
> > > > regression. igmp
> > > > snooping is not working anymore with this patch
> > > >
> > > > Am 02.11.2018 um 19:34 schrieb Greg Kroah-Hartman:
> > > > > 4.19-stable review patch.? If anyone has any objections,
> > > > > please let me know.
> > > > >
> > > > > ------------------
> > > > >
> > > > > From: Hangbin Liu <[email protected]>
> > > > >
> > > > > [ Upstream commit 5a2de63fd1a59c30c02526d427bc014b98adf508 ]
> > > > >
> > > > > Based on RFC 4541, 2.1.1.? IGMP Forwarding Rules
> > > > >
> > > > > ??? The switch supporting IGMP snooping must maintain a list of
> > > > > ??? multicast routers and the ports on which they are attached.? This
> > > > > ??? list can be constructed in any combination of the following ways:
> > > > >
> > > > > ??? a) This list should be built by the snooping switch sending
> > > > > ?????? Multicast Router Solicitation messages as described in IGMP
> > > > > ?????? Multicast Router Discovery [MRDISC].? It may also snoop
> > > > > ?????? Multicast Router Advertisement messages sent by and to other
> > > > > ?????? nodes.
> > > > >
> > > > > ??? b) The arrival port for IGMP Queries (sent by multicast routers)
> > > > > ?????? where the source address is not 0.0.0.0.
> > > > >
> > > > > We should not add the port to router list when receives
> > > > > query with source
> > > > > 0.0.0.0.
> > > > >
> > > > > Reported-by: Ying Xu <[email protected]>
> > > > > Signed-off-by: Hangbin Liu <[email protected]>
> > > > > Acked-by: Nikolay Aleksandrov <[email protected]>
> > > > > Acked-by: Roopa Prabhu <[email protected]>
> > > > > Signed-off-by: David S. Miller <[email protected]>
> > > > > Signed-off-by: Greg Kroah-Hartman <[email protected]>
> > > > > ---
> > > > > ?? net/bridge/br_multicast.c |?? 10 +++++++++-
> > > > > ?? 1 file changed, 9 insertions(+), 1 deletion(-)
> > > > >
> > > > > --- a/net/bridge/br_multicast.c
> > > > > +++ b/net/bridge/br_multicast.c
> > > > > @@ -1420,7 +1420,15 @@ static void br_multicast_query_received(
> > > > > ?????????? return;
> > > > > ?????? br_multicast_update_query_timer(br, query, max_delay);
> > > > > -??? br_multicast_mark_router(br, port);
> > > > > +
> > > > > +??? /* Based on RFC4541, section 2.1.1 IGMP Forwarding Rules,
> > > > > +???? * the arrival port for IGMP Queries where the source address
> > > > > +???? * is 0.0.0.0 should not be added to router port list.
> > > > > +???? */
> > > > > +??? if ((saddr->proto == htons(ETH_P_IP) && saddr->u.ip4) ||
> > > > > +??????? (saddr->proto == htons(ETH_P_IPV6) &&
> > > > > +???????? !ipv6_addr_any(&saddr->u.ip6)))
> > > > > +??????? br_multicast_mark_router(br, port);
> > > > > ?? }
> > > > > ?? static void br_ip4_multicast_query(struct net_bridge *br,
> > > Is this also a problem in 4.20?? This patch went into 4.20-rc1, so it
> > > has been around for a while with no reported issues that I can find.
> > > Any pointers to the reports?
> >
> > i need to check this. i found this patch in 4.9, 4.14 and 4.4
> > the rest was picked up from the mailinglist. according to the git
> > sources of 4.20 and 5.0 the same code is in there as well
> >
> > i just got the report from users today and was able to reproduce it with
> > iptv streams. just by disabling the code it was working again.
Reminder of what?
If this is still an issue in 4.20, and 5.0-rc, there's nothing I can do.
Please work with the networking developers to resolve the issue and get
the fix merged into Linus's tree and then I will be glad to take the fix
into the stable trees.
If this is _not_ an issue with 4.20 and 5.0-rc, I need to know that as
well.
thanks,
greg k-h
Am 20.02.2019 um 15:46 schrieb Hangbin Liu:
>> Could you please include more details about the setup that's broken ?
>> Note that we were warned[1] of potential breakage from this change
> Sorry I missed Linus's reply after Ying Xu replied. I will read it and
> disscuss with Ying Xu.
>
>> after it went in and regardless of the suggestion from the RFC we'll
>> probably have to revert this patch.
>>
>> Ying Xu as author of the patch, any thoughts ?
> No, we are also waiting for more details from Sebastian.
the test scenario is the following. one of my testers of the dd-wrt
firmware is using a iptv stream from the france isp "orange".
he just bridged the iptv vlan interface which has no ip (the isp doesnt
provide a ip configuration here) to a bridge and played with igmp
snooping to avoid flooding of all ports within the same bridge.
he found out that this setting simply does not work with the current
kernel, but does
if this patch has been removed. we used kernel 4.4 in the test scenario.
all latest revision.
i was able to reproduce the same problem on kernel 4.9 and 4.14 on a
different device using a german isp based iptv stream. same effect.
after reverting the problematic code it worked again.
Sebastian
>
> Thanks
> Hangbin
>
>> Also adding Linus Lüssing to the CC as he was the one who warned against it.
>> Note that the warning was sent as a reply to my breakage fix, but it was intended
>> for the original patch.
>>
>> Thanks,
>> Nik
>>
>> [1] https://www.mail-archive.com/[email protected]/msg272944.html
>>