- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] Patch "mac80211: calculate min channel width correctly" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mac80211: calculate min channel width correctly to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: mac80211-calculate-min-channel-width-correctly.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Johannes Berg <johannes.berg(a)intel.com> Date: Fri, 7 Oct 2016 12:23:49 +0200 Subject: mac80211: calculate min channel width correctly From: Johannes Berg <johannes.berg(a)intel.com> [ Upstream commit 96aa2e7cf126773b16c6c19b7474a8a38d3c707e ] In the current minimum chandef code there's an issue in that the recalculation can happen after rate control is initialized for a station that has a wider bandwidth than the current chanctx, and then rate control can immediately start using those higher rates which could cause problems. Observe that first of all that this problem is because we don't take non-associated and non-uploaded stations into account. The restriction to non-associated is quite pointless and is one of the causes for the problem described above, since the rate init will happen before the station is set to associated; no frames could actually be sent until associated, but the rate table can already contain higher rates and that might cause problems. Also, rejecting non-uploaded stations is wrong, since the rate control can select higher rates for those as well. Secondly, it's then necessary to recalculate the minimal config before initializing rate control, so that when rate control is initialized, the higher rates are already available. This can be done easily by adding the necessary function call in rate init. Change-Id: Ib9bc02d34797078db55459d196993f39dcd43070 Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/mac80211/chan.c | 3 --- net/mac80211/rate.c | 2 ++ 2 files changed, 2 insertions(+), 3 deletions(-) --- a/net/mac80211/chan.c +++ b/net/mac80211/chan.c @@ -231,9 +231,6 @@ ieee80211_get_max_required_bw(struct iee !(sta->sdata->bss && sta->sdata->bss == sdata->bss)) continue; - if (!sta->uploaded || !test_sta_flag(sta, WLAN_STA_ASSOC)) - continue; - max_bw = max(max_bw, ieee80211_get_sta_bw(&sta->sta)); } rcu_read_unlock(); --- a/net/mac80211/rate.c +++ b/net/mac80211/rate.c @@ -40,6 +40,8 @@ void rate_control_rate_init(struct sta_i ieee80211_sta_set_rx_nss(sta); + ieee80211_recalc_min_chandef(sta->sdata); + if (!ref) return; Patches currently in stable-queue which might be from johannes.berg(a)intel.com are queue-4.9/mac80211-calculate-min-channel-width-correctly.patch queue-4.9/mac80211-prevent-skb-txq-mismatch.patch queue-4.9/mac80211-don-t-try-to-sleep-in-rate_control_rate_init.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "m68k: fix ColdFire node shift size calculation" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled m68k: fix ColdFire node shift size calculation to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: m68k-fix-coldfire-node-shift-size-calculation.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Greg Ungerer <gerg(a)linux-m68k.org> Date: Tue, 5 Sep 2017 22:57:06 +1000 Subject: m68k: fix ColdFire node shift size calculation From: Greg Ungerer <gerg(a)linux-m68k.org> [ Upstream commit f55ab8f27548ff3431a6567d400c6757c49fd520 ] The m68k pg_data_table is a fix size array defined in arch/m68k/mm/init.c. Index numbers within it are defined based on memory size. But for Coldfire these don't take into account a non-zero physical RAM base address, and this causes us to access past the end of this array at system start time. Change the node shift calculation so that we keep the index inside its range. Reported-by: Angelo Dureghello <angelo(a)sysam.it> Tested-by: Angelo Dureghello <angelo(a)sysam.it> Signed-off-by: Greg Ungerer <gerg(a)linux-m68k.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/m68k/mm/mcfmmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/m68k/mm/mcfmmu.c +++ b/arch/m68k/mm/mcfmmu.c @@ -169,7 +169,7 @@ void __init cf_bootmem_alloc(void) max_pfn = max_low_pfn = PFN_DOWN(_ramend); high_memory = (void *)_ramend; - m68k_virt_to_node_shift = fls(_ramend - _rambase - 1) - 6; + m68k_virt_to_node_shift = fls(_ramend - 1) - 6; module_fixup(NULL, __start_fixup, __stop_fixup); /* setup bootmem data */ Patches currently in stable-queue which might be from gerg(a)linux-m68k.org are queue-4.9/m68k-fix-coldfire-node-shift-size-calculation.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] [GIT PULL] commits for Linux 4.9

by alexander.levin＠verizon.com

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 8743ce3d7c9698285310920c443c086e337aef44: Linux 4.9.66 (2017-11-30 08:39:15 +0000) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-02122017 for you to fetch changes up to ae0e4a7931bc644a811c3130fd4857fa5c1baffc: net: fec: fix multicast filtering hardware setup (2017-12-02 10:33:44 -0500) - ---------------------------------------------------------------- for-greg-4.9-02122017 - ---------------------------------------------------------------- Aaron Sierra (1): serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X Adam Ford (1): ARM: OMAP2+: Fix WL1283 Bluetooth Baud Rate Alexey Kardashevskiy (1): vfio/spapr: Fix missing mutex unlock when creating a window Alexey Khoroshilov (1): usb: phy: tahvo: fix error handling in tahvo_usb_probe() Andreas Schultz (2): gtp: clear DF bit on GTP packet tx gtp: fix cross netns recv on gtp socket Andrzej Hajda (3): drm/exynos/decon5433: update shadow registers iff there are active windows drm/exynos/decon5433: set STANDALONE_UPDATE_F also if planes are disabled drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement Andy Lutomirski (1): selftests/x86/ldt_get: Add a few additional tests for limits Arnaldo Carvalho de Melo (1): tools include: Do not use poison with C++ Ben Hutchings (1): usbip: tools: Install all headers needed for libusbip development Benjamin Coddington (1): nfs: Don't take a reference on fl->fl_file for LOCK operation Boshi Wang (1): ima: fix hash algorithm initialization Bryan O'Donoghue (1): staging: greybus: loopback: Fix iteration count on async path Christian Borntraeger (1): s390/pci: do not require AIS facility Christoffer Dall (1): KVM: arm/arm64: Fix occasional warning from the timer work function Colin Ian King (2): staging: rtl8188eu: avoid a null dereference on pmlmepriv net: sctp: fix array overrun read on sctp_timer_tbl Dave Hansen (1): x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() David Forster (1): vti6: fix device register to report IFLA_INFO_KIND Eric W. Biederman (1): libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount Florian Fainelli (2): net: systemport: Utilize skb_put_padto() net: systemport: Pad packet before inserting TSB Greg Ungerer (1): m68k: fix ColdFire node shift size calculation Guillaume Nault (1): l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups Gustavo A. R. Silva (1): EDAC, sb_edac: Fix missing break in switch Hans Verkuil (1): [media] cec: initiator should be the same as the destination for, poll Hiromitsu Yamasaki (1): spi: sh-msiof: Fix DMA transfer size check Iago Abal (1): dmaengine: pl330: fix double lock Ivan Vecera (3): be2net: fix accesses to unicast list be2net: fix unicast list filling be2net: fix initial MAC setting Jan Kara (2): dax: Avoid page invalidation races and unnecessary radix tree traversals mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers Jason Baron (1): tcp: correct memory barrier usage in tcp_check_space() Jibin Xu (1): sysrq : fix Show Regs call trace on ARM Jiri Olsa (1): perf/x86/intel: Account interrupts for PEBS errors Johan Hovold (1): spi: spi-axi: fix potential use-after-free after deregistration Johannes Berg (2): mac80211: calculate min channel width correctly mac80211: don't try to sleep in rate_control_rate_init() John Stultz (2): usb: dwc2: Fix UDC state tracking usb: dwc2: Error out of dwc2_hsotg_ep_disable() if we're in host mode Kazuya Mizuguchi (1): ravb: Remove Rx overflow log messages Kevin Hao (1): x86/fpu: Set the xcomp_bv when we fake up a XSAVES area Ladislav Michl (1): iio: adc: ti-ads1015: add 10% to conversion wait time Lukas Wunner (1): serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() M'boumba Cedric Madianga (2): dmaengine: stm32-dma: Set correct args number for DMA request from DT dmaengine: stm32-dma: Fix null pointer dereference in stm32_dma_tx_status Mart van Santen (1): xen-netback: vif counters from int/long to u64 Masami Hiramatsu (2): kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y kprobes/x86: Disable preemption in ftrace-based jprobes Michal Hocko (1): mm: fix remote numa hits statistics Michal Kazior (1): mac80211: prevent skb/txq mismatch Mike Looijmans (1): i2c: i2c-cadence: Initialize configuration before probing devices Parthasarathy Bhuvaragan (2): tipc: fix nametbl_lock soft lockup at module exit tipc: fix cleanup at module unload Peter Ujfalusi (1): ARM: OMAP1: DMA: Correct the number of logical channels Quinn Tran (1): qla2xxx: Fix wrong IOCB type assumption Ram Amrani (2): RDMA/qedr: Return success when not changing QP state RDMA/qedr: Fix RDMA CM loopback Rex Zhu (1): drm/amdgpu: fix bug set incorrect value to vce register Reza Arbab (1): powerpc/mm: Fix memory hotplug BUG() on radix Ross Lagerwall (1): xen-netfront: Improve error handling during initialization Rui Sousa (1): net: fec: fix multicast filtering hardware setup Sagi Grimberg (1): nvmet: cancel fatal error and flush async work before free controller Sean Nyekjaer (1): net: phy: micrel: KSZ8795 do not set SUPPORTED_[Asym_]Pause Slava Shwartsman (1): net/mlx4_en: Fix type mismatch for 32-bit systems Stephen Boyd (1): net: qrtr: Mark 'buf' as little endian Subhash Jadavani (1): mmc: sdhci-msm: fix issue with power irq Thomas Richter (1): perf test attr: Fix ignored test case result Trond Myklebust (1): NFSv4: Fix client recovery when server reboots multiple times Varun Prakash (1): libcxgb: fix error check for ip6_route_output() Vincent (1): net: thunderx: avoid dereferencing xcv when NULL Vincent Pelletier (1): usb: gadget: f_fs: Fix ExtCompat descriptor validation Vlad Tsyrklevich (1): net/appletalk: Fix kernel memory disclosure Xiangliang Yu (1): drm/amdgpu: fix unload driver issue for virtual display arch/Kconfig | 2 +- arch/arm/mach-omap1/dma.c | 16 ++++---- arch/arm/mach-omap2/pdata-quirks.c | 2 +- arch/m68k/mm/mcfmmu.c | 2 +- arch/powerpc/include/asm/book3s/64/hash.h | 4 ++ arch/powerpc/mm/hash_utils_64.c | 4 +- arch/powerpc/mm/pgtable-book3s64.c | 18 +++++++++ arch/s390/include/asm/pci_insn.h | 2 +- arch/s390/pci/pci.c | 5 ++- arch/s390/pci/pci_insn.c | 6 ++- arch/x86/events/intel/ds.c | 6 ++- arch/x86/include/asm/syscalls.h | 2 +- arch/x86/kernel/fpu/xstate.c | 1 + arch/x86/kernel/kprobes/ftrace.c | 23 ++++++----- arch/x86/kernel/ldt.c | 16 ++++++-- arch/x86/um/ldt.c | 7 +++- drivers/dma/pl330.c | 19 +++------ drivers/dma/stm32-dma.c | 17 +++----- drivers/edac/sb_edac.c | 1 + drivers/gpu/drm/amd/amdgpu/dce_virtual.c | 5 +-- drivers/gpu/drm/amd/amdgpu/vce_v3_0.c | 2 +- drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 9 +++-- drivers/i2c/busses/i2c-cadence.c | 8 ++-- drivers/iio/adc/ti-ads1015.c | 1 + drivers/infiniband/hw/qedr/qedr_cm.c | 4 +- drivers/infiniband/hw/qedr/verbs.c | 2 +- drivers/mmc/host/sdhci-msm.c | 18 +++++++++ drivers/net/appletalk/ipddp.c | 2 +- drivers/net/ethernet/broadcom/bcmsysport.c | 23 ++++++----- drivers/net/ethernet/cavium/thunder/thunder_xcv.c | 3 +- drivers/net/ethernet/chelsio/libcxgb/libcxgb_cm.c | 12 +++--- drivers/net/ethernet/emulex/benet/be_main.c | 45 +++++++++++++++------- drivers/net/ethernet/freescale/fec_main.c | 23 +++++------ drivers/net/ethernet/mellanox/mlx4/en_clock.c | 8 +--- drivers/net/ethernet/renesas/ravb_main.c | 8 +--- drivers/net/gtp.c | 12 +++--- drivers/net/phy/micrel.c | 2 +- drivers/net/xen-netback/common.h | 8 ++-- drivers/net/xen-netback/interface.c | 8 ++-- drivers/net/xen-netfront.c | 29 ++++++-------- drivers/nvme/target/core.c | 3 ++ drivers/scsi/qla2xxx/qla_target.c | 8 +--- drivers/spi/spi-axi-spi-engine.c | 4 +- drivers/spi/spi-sh-msiof.c | 2 +- drivers/staging/greybus/loopback.c | 4 +- drivers/staging/lustre/lustre/llite/llite_mmap.c | 4 +- drivers/staging/media/cec/cec-adap.c | 7 ++-- drivers/staging/rtl8188eu/core/rtw_mlme.c | 6 +-- drivers/tty/serial/8250/8250_fintek.c | 2 +- drivers/tty/serial/8250/8250_port.c | 5 ++- drivers/tty/sysrq.c | 9 ++++- drivers/usb/dwc2/gadget.c | 7 ++++ drivers/usb/gadget/function/f_fs.c | 2 +- drivers/usb/phy/phy-tahvo.c | 3 +- drivers/vfio/vfio_iommu_spapr_tce.c | 11 +++--- fs/dax.c | 28 ++++++-------- fs/libfs.c | 3 +- fs/nfs/nfs4proc.c | 3 -- fs/nfs/nfs4state.c | 1 - include/linux/buffer_head.h | 4 +- include/linux/perf_event.h | 1 + kernel/events/core.c | 47 +++++++++++++++-------- kernel/kprobes.c | 14 ++++--- mm/page_alloc.c | 15 ++------ net/ipv4/tcp_input.c | 2 +- net/ipv6/ip6_vti.c | 2 +- net/l2tp/l2tp_ip.c | 19 +++------ net/l2tp/l2tp_ip6.c | 20 +++------- net/mac80211/chan.c | 3 -- net/mac80211/tx.c | 17 ++++---- net/qrtr/qrtr.c | 4 +- net/sctp/debug.c | 2 +- net/tipc/server.c | 20 +++------- security/integrity/ima/ima_main.c | 4 ++ tools/include/linux/poison.h | 5 +++ tools/perf/tests/attr.c | 2 +- tools/testing/selftests/x86/ldt_gdt.c | 17 +++++++- tools/usb/usbip/Makefile.am | 3 +- virt/kvm/arm/arch_timer.c | 3 -- 79 files changed, 377 insertions(+), 324 deletions(-) -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJaIsqlAAoJEN6mb/eXdyzcFb8QAIMOrJopr22BXqL/1fjVjtHq JC/CRKAIyjKs7TqGTMdXjmDFwoqEoS5YWcjc+ZpBUMlqfcej5T8Sn6H7Qh6/2pP0 V76CUGiB6XUR0GN3ebkXH/KxTFaSPSELGpadCmTbStoNOZ0lLKnaP+52bHUVdNWs GMFvmXkP60nbkELK0Vg/3ECZT3BaKLBR0QZ2NtRZeL+RJrr1KFxDUwvAwK8W4W49 738AsBtyTASm4deq872vQQ/G0KhLhPgDv1lHKdItbDT0KvLCKLSkE7o1cFPjatht q4D8/BVrGQW5tJOHgojYlgNS9pCSeMQQxdIzkBxyE8RWsDWCobQYGbpLIrc/xYOs ndasfAddw4lq/1gC0wv3tYNwmXwZ5GqWJVzfiIlqNL85gdS/xcRDWDWR2x8o2mbp efadyM+vjDEwWBJUyFCOYg+8ckCOp/4Knxvalt+7we3YzgCShla98K1eqCKsoJ6k HqZ0lA3CeLojI4hM7Mf/4hN27H7Q0sDOdUNHGoEAowdnzZzHGyVIx1EYtoKlMY6k HFWJBFvWtNsFFqxCm9Ral+sHYfOz9CC6+fxUkm+mPxS/9ErdwU1nJv3xaY060JD4 liCxaQkGnDxsoU3eQetZOyTgnj8X6bl8K5/f/X07ijmO0ssUXhLjKw1lZ2xQqiJb Um3apv/8xyVY38vwRV0P =99Jv -----END PGP SIGNATURE-----

7 years, 2 months

2
1
0 0

[Linux-stable-mirror] Patch "libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: libfs-modify-mount_pseudo_xattr-to-be-clear-it-is-not-a-userspace-mount.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: "Eric W. Biederman" <ebiederm(a)xmission.com> Date: Wed, 4 Jan 2017 17:37:27 +1300 Subject: libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount From: "Eric W. Biederman" <ebiederm(a)xmission.com> [ Upstream commit 75422726b0f717d67db3283c2eb5bc14fa2619c5 ] Add MS_KERNMOUNT to the flags that are passed. Use sget_userns and force &init_user_ns instead of calling sget so that even if called from a weird context the internal filesystem will be considered to be in the intial user namespace. Luis Ressel reported that the the failure to pass MS_KERNMOUNT into mount_pseudo broke his in development graphics driver that uses the generic drm infrastructure. I am not certain the deriver was bug free in it's usage of that infrastructure but since mount_pseudo_xattr can never be triggered by userspace it is clearer and less error prone, and less problematic for the code to be explicit. Reported-by: Luis Ressel <aranea(a)aixah.de> Tested-by: Luis Ressel <aranea(a)aixah.de> Acked-by: Al Viro <viro(a)ZenIV.linux.org.uk> Signed-off-by: "Eric W. Biederman" <ebiederm(a)xmission.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- fs/libfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/fs/libfs.c +++ b/fs/libfs.c @@ -245,7 +245,8 @@ struct dentry *mount_pseudo_xattr(struct struct inode *root; struct qstr d_name = QSTR_INIT(name, strlen(name)); - s = sget(fs_type, NULL, set_anon_super, MS_NOUSER, NULL); + s = sget_userns(fs_type, NULL, set_anon_super, MS_KERNMOUNT|MS_NOUSER, + &init_user_ns, NULL); if (IS_ERR(s)) return ERR_CAST(s); Patches currently in stable-queue which might be from ebiederm(a)xmission.com are queue-4.9/libfs-modify-mount_pseudo_xattr-to-be-clear-it-is-not-a-userspace-mount.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "libcxgb: fix error check for ip6_route_output()" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled libcxgb: fix error check for ip6_route_output() to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: libcxgb-fix-error-check-for-ip6_route_output.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Varun Prakash <varun(a)chelsio.com> Date: Tue, 3 Jan 2017 21:25:48 +0530 Subject: libcxgb: fix error check for ip6_route_output() From: Varun Prakash <varun(a)chelsio.com> [ Upstream commit a9a8cdb368d99bb655b5cdabea560446db0527cc ] ip6_route_output() never returns NULL so check dst->error instead of !dst. Signed-off-by: Varun Prakash <varun(a)chelsio.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/ethernet/chelsio/libcxgb/libcxgb_cm.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) --- a/drivers/net/ethernet/chelsio/libcxgb/libcxgb_cm.c +++ b/drivers/net/ethernet/chelsio/libcxgb/libcxgb_cm.c @@ -133,17 +133,15 @@ cxgb_find_route6(struct cxgb4_lld_info * if (ipv6_addr_type(&fl6.daddr) & IPV6_ADDR_LINKLOCAL) fl6.flowi6_oif = sin6_scope_id; dst = ip6_route_output(&init_net, NULL, &fl6); - if (!dst) - goto out; - if (!cxgb_our_interface(lldi, get_real_dev, - ip6_dst_idev(dst)->dev) && - !(ip6_dst_idev(dst)->dev->flags & IFF_LOOPBACK)) { + if (dst->error || + (!cxgb_our_interface(lldi, get_real_dev, + ip6_dst_idev(dst)->dev) && + !(ip6_dst_idev(dst)->dev->flags & IFF_LOOPBACK))) { dst_release(dst); - dst = NULL; + return NULL; } } -out: return dst; } EXPORT_SYMBOL(cxgb_find_route6); Patches currently in stable-queue which might be from varun(a)chelsio.com are queue-4.9/libcxgb-fix-error-check-for-ip6_route_output.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: l2tp-take-remote-address-into-account-in-l2tp_ip-and-l2tp_ip6-socket-lookups.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Guillaume Nault <g.nault(a)alphalink.fr> Date: Fri, 30 Dec 2016 19:48:20 +0100 Subject: l2tp: take remote address into account in l2tp_ip and l2tp_ip6 socket lookups From: Guillaume Nault <g.nault(a)alphalink.fr> [ Upstream commit a9b2dff80be979432484afaf7f8d8e73f9e8838a ] For connected sockets, __l2tp_ip{,6}_bind_lookup() needs to check the remote IP when looking for a matching socket. Otherwise a connected socket can receive traffic not originating from its peer. Drop l2tp_ip_bind_lookup() and l2tp_ip6_bind_lookup() instead of updating their prototype, as these functions aren't used. Signed-off-by: Guillaume Nault <g.nault(a)alphalink.fr> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/l2tp/l2tp_ip.c | 19 ++++++------------- net/l2tp/l2tp_ip6.c | 20 ++++++-------------- 2 files changed, 12 insertions(+), 27 deletions(-) --- a/net/l2tp/l2tp_ip.c +++ b/net/l2tp/l2tp_ip.c @@ -48,7 +48,8 @@ static inline struct l2tp_ip_sock *l2tp_ return (struct l2tp_ip_sock *)sk; } -static struct sock *__l2tp_ip_bind_lookup(struct net *net, __be32 laddr, int dif, u32 tunnel_id) +static struct sock *__l2tp_ip_bind_lookup(const struct net *net, __be32 laddr, + __be32 raddr, int dif, u32 tunnel_id) { struct sock *sk; @@ -62,6 +63,7 @@ static struct sock *__l2tp_ip_bind_looku if ((l2tp->conn_id == tunnel_id) && net_eq(sock_net(sk), net) && !(inet->inet_rcv_saddr && inet->inet_rcv_saddr != laddr) && + (!inet->inet_daddr || !raddr || inet->inet_daddr == raddr) && (!sk->sk_bound_dev_if || !dif || sk->sk_bound_dev_if == dif)) goto found; @@ -72,15 +74,6 @@ found: return sk; } -static inline struct sock *l2tp_ip_bind_lookup(struct net *net, __be32 laddr, int dif, u32 tunnel_id) -{ - struct sock *sk = __l2tp_ip_bind_lookup(net, laddr, dif, tunnel_id); - if (sk) - sock_hold(sk); - - return sk; -} - /* When processing receive frames, there are two cases to * consider. Data frames consist of a non-zero session-id and an * optional cookie. Control frames consist of a regular L2TP header @@ -186,8 +179,8 @@ pass_up: struct iphdr *iph = (struct iphdr *) skb_network_header(skb); read_lock_bh(&l2tp_ip_lock); - sk = __l2tp_ip_bind_lookup(net, iph->daddr, inet_iif(skb), - tunnel_id); + sk = __l2tp_ip_bind_lookup(net, iph->daddr, iph->saddr, + inet_iif(skb), tunnel_id); if (!sk) { read_unlock_bh(&l2tp_ip_lock); goto discard; @@ -289,7 +282,7 @@ static int l2tp_ip_bind(struct sock *sk, inet->inet_saddr = 0; /* Use device */ write_lock_bh(&l2tp_ip_lock); - if (__l2tp_ip_bind_lookup(net, addr->l2tp_addr.s_addr, + if (__l2tp_ip_bind_lookup(net, addr->l2tp_addr.s_addr, 0, sk->sk_bound_dev_if, addr->l2tp_conn_id)) { write_unlock_bh(&l2tp_ip_lock); ret = -EADDRINUSE; --- a/net/l2tp/l2tp_ip6.c +++ b/net/l2tp/l2tp_ip6.c @@ -59,12 +59,14 @@ static inline struct l2tp_ip6_sock *l2tp static struct sock *__l2tp_ip6_bind_lookup(struct net *net, struct in6_addr *laddr, + const struct in6_addr *raddr, int dif, u32 tunnel_id) { struct sock *sk; sk_for_each_bound(sk, &l2tp_ip6_bind_table) { const struct in6_addr *sk_laddr = inet6_rcv_saddr(sk); + const struct in6_addr *sk_raddr = &sk->sk_v6_daddr; struct l2tp_ip6_sock *l2tp = l2tp_ip6_sk(sk); if (l2tp == NULL) @@ -73,6 +75,7 @@ static struct sock *__l2tp_ip6_bind_look if ((l2tp->conn_id == tunnel_id) && net_eq(sock_net(sk), net) && (!sk_laddr || ipv6_addr_any(sk_laddr) || ipv6_addr_equal(sk_laddr, laddr)) && + (!raddr || ipv6_addr_any(sk_raddr) || ipv6_addr_equal(sk_raddr, raddr)) && (!sk->sk_bound_dev_if || !dif || sk->sk_bound_dev_if == dif)) goto found; @@ -83,17 +86,6 @@ found: return sk; } -static inline struct sock *l2tp_ip6_bind_lookup(struct net *net, - struct in6_addr *laddr, - int dif, u32 tunnel_id) -{ - struct sock *sk = __l2tp_ip6_bind_lookup(net, laddr, dif, tunnel_id); - if (sk) - sock_hold(sk); - - return sk; -} - /* When processing receive frames, there are two cases to * consider. Data frames consist of a non-zero session-id and an * optional cookie. Control frames consist of a regular L2TP header @@ -200,8 +192,8 @@ pass_up: struct ipv6hdr *iph = ipv6_hdr(skb); read_lock_bh(&l2tp_ip6_lock); - sk = __l2tp_ip6_bind_lookup(net, &iph->daddr, inet6_iif(skb), - tunnel_id); + sk = __l2tp_ip6_bind_lookup(net, &iph->daddr, &iph->saddr, + inet6_iif(skb), tunnel_id); if (!sk) { read_unlock_bh(&l2tp_ip6_lock); goto discard; @@ -339,7 +331,7 @@ static int l2tp_ip6_bind(struct sock *sk rcu_read_unlock(); write_lock_bh(&l2tp_ip6_lock); - if (__l2tp_ip6_bind_lookup(net, &addr->l2tp_addr, bound_dev_if, + if (__l2tp_ip6_bind_lookup(net, &addr->l2tp_addr, NULL, bound_dev_if, addr->l2tp_conn_id)) { write_unlock_bh(&l2tp_ip6_lock); err = -EADDRINUSE; Patches currently in stable-queue which might be from g.nault(a)alphalink.fr are queue-4.9/l2tp-take-remote-address-into-account-in-l2tp_ip-and-l2tp_ip6-socket-lookups.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "KVM: arm/arm64: Fix occasional warning from the timer work function" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled KVM: arm/arm64: Fix occasional warning from the timer work function to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: kvm-arm-arm64-fix-occasional-warning-from-the-timer-work-function.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Christoffer Dall <christoffer.dall(a)linaro.org> Date: Mon, 9 Jan 2017 12:18:56 +0100 Subject: KVM: arm/arm64: Fix occasional warning from the timer work function From: Christoffer Dall <christoffer.dall(a)linaro.org> [ Upstream commit 63e41226afc3f7a044b70325566fa86ac3142538 ] When a VCPU blocks (WFI) and has programmed the vtimer, we program a soft timer to expire in the future to wake up the vcpu thread when appropriate. Because such as wake up involves a vcpu kick, and the timer expire function can get called from interrupt context, and the kick may sleep, we have to schedule the kick in the work function. The work function currently has a warning that gets raised if it turns out that the timer shouldn't fire when it's run, which was added because the idea was that in that case the work should never have been cancelled. However, it turns out that this whole thing is racy and we can get spurious warnings. The problem is that we clear the armed flag in the work function, which may run in parallel with the kvm_timer_unschedule->timer_disarm() call. This results in a possible situation where the timer_disarm() call does not call cancel_work_sync(), which effectively synchronizes the completion of the work function with running the VCPU. As a result, the VCPU thread proceeds before the work function completees, causing changes to the timer state such that kvm_timer_should_fire(vcpu) returns false in the work function. All we do in the work function is to kick the VCPU, and an occasional rare extra kick never harmed anyone. Since the race above is extremely rare, we don't bother checking if the race happens but simply remove the check and the clearing of the armed flag from the work function. Reported-by: Matthias Brugger <mbrugger(a)suse.com> Reviewed-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Christoffer Dall <christoffer.dall(a)linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- virt/kvm/arm/arch_timer.c | 3 --- 1 file changed, 3 deletions(-) --- a/virt/kvm/arm/arch_timer.c +++ b/virt/kvm/arm/arch_timer.c @@ -89,9 +89,6 @@ static void kvm_timer_inject_irq_work(st struct kvm_vcpu *vcpu; vcpu = container_of(work, struct kvm_vcpu, arch.timer_cpu.expired); - vcpu->arch.timer_cpu.armed = false; - - WARN_ON(!kvm_timer_should_fire(vcpu)); /* * If the vcpu is blocked we want to wake it up so that it will see Patches currently in stable-queue which might be from christoffer.dall(a)linaro.org are queue-4.9/kvm-arm-arm64-fix-occasional-warning-from-the-timer-work-function.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "kprobes/x86: Disable preemption in ftrace-based jprobes" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled kprobes/x86: Disable preemption in ftrace-based jprobes to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: kprobes-x86-disable-preemption-in-ftrace-based-jprobes.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Tue, 19 Sep 2017 19:01:40 +0900 Subject: kprobes/x86: Disable preemption in ftrace-based jprobes From: Masami Hiramatsu <mhiramat(a)kernel.org> [ Upstream commit 5bb4fc2d8641219732eb2bb654206775a4219aca ] Disable preemption in ftrace-based jprobe handlers as described in Documentation/kprobes.txt: "Probe handlers are run with preemption disabled." This will fix jprobes behavior when CONFIG_PREEMPT=y. Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Alexei Starovoitov <ast(a)fb.com> Cc: Alexei Starovoitov <ast(a)kernel.org> Cc: Ananth N Mavinakayanahalli <ananth(a)linux.vnet.ibm.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Paul E . McKenney <paulmck(a)linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Link: http://lkml.kernel.org/r/150581530024.32348.9863783558598926771.stgit@devbox Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/kernel/kprobes/ftrace.c | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) --- a/arch/x86/kernel/kprobes/ftrace.c +++ b/arch/x86/kernel/kprobes/ftrace.c @@ -26,7 +26,7 @@ #include "common.h" static nokprobe_inline -int __skip_singlestep(struct kprobe *p, struct pt_regs *regs, +void __skip_singlestep(struct kprobe *p, struct pt_regs *regs, struct kprobe_ctlblk *kcb, unsigned long orig_ip) { /* @@ -41,20 +41,21 @@ int __skip_singlestep(struct kprobe *p, __this_cpu_write(current_kprobe, NULL); if (orig_ip) regs->ip = orig_ip; - return 1; } int skip_singlestep(struct kprobe *p, struct pt_regs *regs, struct kprobe_ctlblk *kcb) { - if (kprobe_ftrace(p)) - return __skip_singlestep(p, regs, kcb, 0); - else - return 0; + if (kprobe_ftrace(p)) { + __skip_singlestep(p, regs, kcb, 0); + preempt_enable_no_resched(); + return 1; + } + return 0; } NOKPROBE_SYMBOL(skip_singlestep); -/* Ftrace callback handler for kprobes */ +/* Ftrace callback handler for kprobes -- called under preepmt disabed */ void kprobe_ftrace_handler(unsigned long ip, unsigned long parent_ip, struct ftrace_ops *ops, struct pt_regs *regs) { @@ -77,13 +78,17 @@ void kprobe_ftrace_handler(unsigned long /* Kprobe handler expects regs->ip = ip + 1 as breakpoint hit */ regs->ip = ip + sizeof(kprobe_opcode_t); + /* To emulate trap based kprobes, preempt_disable here */ + preempt_disable(); __this_cpu_write(current_kprobe, p); kcb->kprobe_status = KPROBE_HIT_ACTIVE; - if (!p->pre_handler || !p->pre_handler(p, regs)) + if (!p->pre_handler || !p->pre_handler(p, regs)) { __skip_singlestep(p, regs, kcb, orig_ip); + preempt_enable_no_resched(); + } /* * If pre_handler returns !0, it sets regs->ip and - * resets current kprobe. + * resets current kprobe, and keep preempt count +1. */ } end: Patches currently in stable-queue which might be from mhiramat(a)kernel.org are queue-4.9/kprobes-use-synchronize_rcu_tasks-for-optprobe-with-config_preempt-y.patch queue-4.9/kprobes-x86-disable-preemption-in-ftrace-based-jprobes.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: kprobes-use-synchronize_rcu_tasks-for-optprobe-with-config_preempt-y.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Fri, 20 Oct 2017 08:43:39 +0900 Subject: kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y From: Masami Hiramatsu <mhiramat(a)kernel.org> [ Upstream commit a30b85df7d599f626973e9cd3056fe755bd778e0 ] We want to wait for all potentially preempted kprobes trampoline execution to have completed. This guarantees that any freed trampoline memory is not in use by any task in the system anymore. synchronize_rcu_tasks() gives such a guarantee, so use it. Also, this guarantees to wait for all potentially preempted tasks on the instructions which will be replaced with a jump. Since this becomes a problem only when CONFIG_PREEMPT=y, enable CONFIG_TASKS_RCU=y for synchronize_rcu_tasks() in that case. Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Acked-by: Paul E. McKenney <paulmck(a)linux.vnet.ibm.com> Cc: Ananth N Mavinakayanahalli <ananth(a)linux.vnet.ibm.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Naveen N . Rao <naveen.n.rao(a)linux.vnet.ibm.com> Cc: Paul E . McKenney <paulmck(a)linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Link: http://lkml.kernel.org/r/150845661962.5443.17724352636247312231.stgit@devbox Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/Kconfig | 2 +- kernel/kprobes.c | 14 ++++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) --- a/arch/Kconfig +++ b/arch/Kconfig @@ -83,7 +83,7 @@ config STATIC_KEYS_SELFTEST config OPTPROBES def_bool y depends on KPROBES && HAVE_OPTPROBES - depends on !PREEMPT + select TASKS_RCU if PREEMPT config KPROBES_ON_FTRACE def_bool y --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -540,13 +540,15 @@ static void kprobe_optimizer(struct work do_unoptimize_kprobes(); /* - * Step 2: Wait for quiesence period to ensure all running interrupts - * are done. Because optprobe may modify multiple instructions - * there is a chance that Nth instruction is interrupted. In that - * case, running interrupt can return to 2nd-Nth byte of jump - * instruction. This wait is for avoiding it. + * Step 2: Wait for quiesence period to ensure all potentially + * preempted tasks to have normally scheduled. Because optprobe + * may modify multiple instructions, there is a chance that Nth + * instruction is preempted. In that case, such tasks can return + * to 2nd-Nth byte of jump instruction. This wait is for avoiding it. + * Note that on non-preemptive kernel, this is transparently converted + * to synchronoze_sched() to wait for all interrupts to have completed. */ - synchronize_sched(); + synchronize_rcu_tasks(); /* Step 3: Optimize kprobes after quiesence period */ do_optimize_kprobes(); Patches currently in stable-queue which might be from mhiramat(a)kernel.org are queue-4.9/kprobes-use-synchronize_rcu_tasks-for-optprobe-with-config_preempt-y.patch queue-4.9/kprobes-x86-disable-preemption-in-ftrace-based-jprobes.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "ima: fix hash algorithm initialization" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ima: fix hash algorithm initialization to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: ima-fix-hash-algorithm-initialization.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Dec 6 17:39:55 CET 2017 From: Boshi Wang <wangboshi(a)huawei.com> Date: Fri, 20 Oct 2017 16:01:03 +0800 Subject: ima: fix hash algorithm initialization From: Boshi Wang <wangboshi(a)huawei.com> [ Upstream commit ebe7c0a7be92bbd34c6ff5b55810546a0ee05bee ] The hash_setup function always sets the hash_setup_done flag, even when the hash algorithm is invalid. This prevents the default hash algorithm defined as CONFIG_IMA_DEFAULT_HASH from being used. This patch sets hash_setup_done flag only for valid hash algorithms. Fixes: e7a2ad7eb6f4 "ima: enable support for larger default filedata hash algorithms" Signed-off-by: Boshi Wang <wangboshi(a)huawei.com> Signed-off-by: Mimi Zohar <zohar(a)linux.vnet.ibm.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- security/integrity/ima/ima_main.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -51,6 +51,8 @@ static int __init hash_setup(char *str) ima_hash_algo = HASH_ALGO_SHA1; else if (strncmp(str, "md5", 3) == 0) ima_hash_algo = HASH_ALGO_MD5; + else + return 1; goto out; } @@ -60,6 +62,8 @@ static int __init hash_setup(char *str) break; } } + if (i == HASH_ALGO__LAST) + return 1; out: hash_setup_done = 1; return 1; Patches currently in stable-queue which might be from wangboshi(a)huawei.com are queue-4.9/ima-fix-hash-algorithm-initialization.patch

7 years, 2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror