aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2018-02-23 18:14:17 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2018-02-23 18:14:17 -0500
commit9cb9c07d6b0c5fd97d83b8ab14d7e308ba4b612f (patch)
treeb0c3add28508577157a1012474d38d785a84159c
parent2eb02aa94f99ae2b94ab3c42d5d605128fd5c0c5 (diff)
parenta5f7add332b4ea6d4b9480971b3b0f5e66466ae9 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller: 1) Fix TTL offset calculation in mac80211 mesh code, from Peter Oh. 2) Fix races with procfs in ipt_CLUSTERIP, from Cong Wang. 3) Memory leak fix in lpm_trie BPF map code, from Yonghong Song. 4) Need to use GFP_ATOMIC in BPF cpumap allocations, from Jason Wang. 5) Fix potential deadlocks in netfilter getsockopt() code paths, from Paolo Abeni. 6) Netfilter stackpointer size checks really are needed to validate user input, from Florian Westphal. 7) Missing timer init in x_tables, from Paolo Abeni. 8) Don't use WQ_MEM_RECLAIM in mac80211 hwsim, from Johannes Berg. 9) When an ibmvnic device is brought down then back up again, it can be sent queue entries from a previous session, handle this properly instead of crashing. From Thomas Falcon. 10) Fix TCP checksum on LRO buffers in mlx5e, from Gal Pressman. 11) When we are dumping filters in cls_api, the output SKB is empty, and the filter we are dumping is too large for the space in the SKB, we should return -EMSGSIZE like other netlink dump operations do. Otherwise userland has no signal that is needs to increase the size of its read buffer. From Roman Kapl. 12) Several XDP fixes for virtio_net, from Jesper Dangaard Brouer. 13) Module refcount leak in netlink when a dump start fails, from Jason Donenfeld. 14) Handle sub-optimal GSO sizes better in TCP BBR congestion control, from Eric Dumazet. 15) Releasing bpf per-cpu arraymaps can take a long time, add a condtional scheduling point. From Eric Dumazet. 16) Implement retpolines for tail calls in x64 and arm64 bpf JITs. From Daniel Borkmann. 17) Fix page leak in gianfar driver, from Andy Spencer. 18) Missed clearing of estimator scratch buffer, from Eric Dumazet. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (76 commits) net_sched: gen_estimator: fix broken estimators based on percpu stats gianfar: simplify FCS handling and fix memory leak ipv6 sit: work around bogus gcc-8 -Wrestrict warning macvlan: fix use-after-free in macvlan_common_newlink() bpf, arm64: fix out of bounds access in tail call bpf, x64: implement retpoline for tail call rxrpc: Fix send in rxrpc_send_data_packet() net: aquantia: Fix error handling in aq_pci_probe() bpf: fix rcu lockdep warning for lpm_trie map_free callback bpf: add schedule points in percpu arrays management regulatory: add NUL to request alpha2 ibmvnic: Fix early release of login buffer net/smc9194: Remove bogus CONFIG_MAC reference net: ipv4: Set addr_type in hash_keys for forwarded case tcp_bbr: better deal with suboptimal GSO smsc75xx: fix smsc75xx_set_features() netlink: put module reference if dump start fails selftests/bpf/test_maps: exit child process without error in ENOMEM case selftests/bpf: update gitignore with test_libbpf_open selftests/bpf: tcpbpf_kern: use in6_* macros from glibc ..
Diffstat
-rw-r--r--.gitignore4
-rw-r--r--arch/arm64/net/bpf_jit_comp.c5
-rw-r--r--arch/x86/include/asm/nospec-branch.h37
-rw-r--r--arch/x86/net/bpf_jit_comp.c9
-rw-r--r--drivers/net/ethernet/amd/xgbe/xgbe-pci.c2
-rw-r--r--drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c14
-rw-r--r--drivers/net/ethernet/freescale/gianfar.c23
-rw-r--r--drivers/net/ethernet/ibm/ibmvnic.c7
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.c8
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/en_main.c14
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/en_rx.c49
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/en_selftest.c3
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/en_tc.c3
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/en_tx.c2
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/eswitch.c8
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/fs_core.c13
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c1
-rw-r--r--drivers/net/ethernet/mellanox/mlx5/core/main.c2
-rw-r--r--drivers/net/ethernet/smsc/Kconfig2
-rw-r--r--drivers/net/macvlan.c2
-rw-r--r--drivers/net/usb/smsc75xx.c7
-rw-r--r--drivers/net/virtio_net.c58
-rw-r--r--drivers/net/wireless/mac80211_hwsim.c2
-rw-r--r--include/net/mac80211.h2
-rw-r--r--include/net/regulatory.h2
-rw-r--r--kernel/bpf/arraymap.c33
-rw-r--r--kernel/bpf/core.c2
-rw-r--r--kernel/bpf/cpumap.c2
-rw-r--r--kernel/bpf/lpm_trie.c14
-rw-r--r--kernel/bpf/sockmap.c3
-rw-r--r--kernel/trace/bpf_trace.c2
-rw-r--r--net/bridge/netfilter/ebt_among.c10
-rw-r--r--net/bridge/netfilter/ebt_limit.c4
-rw-r--r--net/core/filter.c6
-rw-r--r--net/core/gen_estimator.c1
-rw-r--r--net/ipv4/ip_sockglue.c7
-rw-r--r--net/ipv4/netfilter/arp_tables.c4
-rw-r--r--net/ipv4/netfilter/ip_tables.c7
-rw-r--r--net/ipv4/netfilter/ipt_CLUSTERIP.c20
-rw-r--r--net/ipv4/netfilter/ipt_ECN.c12
-rw-r--r--net/ipv4/netfilter/ipt_REJECT.c4
-rw-r--r--net/ipv4/netfilter/ipt_rpfilter.c6
-rw-r--r--net/ipv4/route.c2
-rw-r--r--net/ipv4/tcp_output.c9
-rw-r--r--net/ipv6/ipv6_sockglue.c10
-rw-r--r--net/ipv6/netfilter/ip6_tables.c4
-rw-r--r--net/ipv6/netfilter/ip6t_REJECT.c4
-rw-r--r--net/ipv6/netfilter/ip6t_rpfilter.c6
-rw-r--r--net/ipv6/netfilter/ip6t_srh.c6
-rw-r--r--net/ipv6/sit.c2
-rw-r--r--net/mac80211/agg-rx.c4
-rw-r--r--net/mac80211/cfg.c2
-rw-r--r--net/mac80211/ieee80211_i.h2
-rw-r--r--net/mac80211/mesh.c17
-rw-r--r--net/mac80211/spectmgmt.c7
-rw-r--r--net/mac80211/sta_info.c3
-rw-r--r--net/netfilter/nf_nat_proto_common.c7
-rw-r--r--net/netfilter/x_tables.c74
-rw-r--r--net/netfilter/xt_AUDIT.c4
-rw-r--r--net/netfilter/xt_CHECKSUM.c8
-rw-r--r--net/netfilter/xt_CONNSECMARK.c10
-rw-r--r--net/netfilter/xt_CT.c25
-rw-r--r--net/netfilter/xt_DSCP.c4
-rw-r--r--net/netfilter/xt_HL.c13
-rw-r--r--net/netfilter/xt_HMARK.c27
-rw-r--r--net/netfilter/xt_IDLETIMER.c9
-rw-r--r--net/netfilter/xt_LED.c16
-rw-r--r--net/netfilter/xt_NFQUEUE.c8
-rw-r--r--net/netfilter/xt_SECMARK.c18
-rw-r--r--net/netfilter/xt_TCPMSS.c10
-rw-r--r--net/netfilter/xt_TPROXY.c6
-rw-r--r--net/netfilter/xt_addrtype.c33
-rw-r--r--net/netfilter/xt_bpf.c4
-rw-r--r--net/netfilter/xt_cgroup.c8
-rw-r--r--net/netfilter/xt_cluster.c8
-rw-r--r--net/netfilter/xt_connbytes.c4
-rw-r--r--net/netfilter/xt_connlabel.c7
-rw-r--r--net/netfilter/xt_connmark.c8
-rw-r--r--net/netfilter/xt_conntrack.c4
-rw-r--r--net/netfilter/xt_dscp.c4
-rw-r--r--net/netfilter/xt_ecn.c4
-rw-r--r--net/netfilter/xt_hashlimit.c26
-rw-r--r--net/netfilter/xt_helper.c4
-rw-r--r--net/netfilter/xt_ipcomp.c2
-rw-r--r--net/netfilter/xt_ipvs.c3
-rw-r--r--net/netfilter/xt_l2tp.c22
-rw-r--r--net/netfilter/xt_limit.c4
-rw-r--r--net/netfilter/xt_nat.c5
-rw-r--r--net/netfilter/xt_nfacct.c6
-rw-r--r--net/netfilter/xt_physdev.c4
-rw-r--r--net/netfilter/xt_policy.c23
-rw-r--r--net/netfilter/xt_recent.c14
-rw-r--r--net/netfilter/xt_set.c50
-rw-r--r--net/netfilter/xt_socket.c10
-rw-r--r--net/netfilter/xt_state.c4
-rw-r--r--net/netfilter/xt_time.c6
-rw-r--r--net/netlink/af_netlink.c4
-rw-r--r--net/rxrpc/output.c2
-rw-r--r--net/sched/cls_api.c7
-rw-r--r--net/wireless/mesh.c25
-rw-r--r--net/wireless/sme.c2
-rw-r--r--tools/bpf/bpftool/main.c2
-rw-r--r--tools/bpf/bpftool/prog.c3
-rw-r--r--tools/lib/bpf/libbpf.c5
-rw-r--r--tools/testing/selftests/bpf/.gitignore1
-rw-r--r--tools/testing/selftests/bpf/test_maps.c2
-rw-r--r--tools/testing/selftests/bpf/test_tcpbpf_kern.c1
-rw-r--r--tools/testing/selftests/bpf/test_verifier.c26
108 files changed, 625 insertions, 455 deletions
diff --git a/.gitignore b/.gitignore
index 705e09913dc2..1be78fd8163b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -127,3 +127,7 @@ all.config
127 127
128# Kdevelop4 128# Kdevelop4
129*.kdev4 129*.kdev4
130
131#Automatically generated by ASN.1 compiler
132net/ipv4/netfilter/nf_nat_snmp_basic-asn1.c
133net/ipv4/netfilter/nf_nat_snmp_basic-asn1.h
diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c
index 1d4f1da7c58f..a93350451e8e 100644
--- a/arch/arm64/net/bpf_jit_comp.c
+++ b/arch/arm64/net/bpf_jit_comp.c
@@ -250,8 +250,9 @@ static int emit_bpf_tail_call(struct jit_ctx *ctx)
250 off = offsetof(struct bpf_array, map.max_entries); 250 off = offsetof(struct bpf_array, map.max_entries);
251 emit_a64_mov_i64(tmp, off, ctx); 251 emit_a64_mov_i64(tmp, off, ctx);
252 emit(A64_LDR32(tmp, r2, tmp), ctx); 252 emit(A64_LDR32(tmp, r2, tmp), ctx);
253 emit(A64_MOV(0, r3, r3), ctx);
253 emit(A64_CMP(0, r3, tmp), ctx); 254 emit(A64_CMP(0, r3, tmp), ctx);
254 emit(A64_B_(A64_COND_GE, jmp_offset), ctx); 255 emit(A64_B_(A64_COND_CS, jmp_offset), ctx);
255 256
256 /* if (tail_call_cnt > MAX_TAIL_CALL_CNT) 257 /* if (tail_call_cnt > MAX_TAIL_CALL_CNT)
257 * goto out; 258 * goto out;
@@ -259,7 +260,7 @@ static int emit_bpf_tail_call(struct jit_ctx *ctx)
259 */ 260 */
260 emit_a64_mov_i64(tmp, MAX_TAIL_CALL_CNT, ctx); 261 emit_a64_mov_i64(tmp, MAX_TAIL_CALL_CNT, ctx);
261 emit(A64_CMP(1, tcc, tmp), ctx); 262 emit(A64_CMP(1, tcc, tmp), ctx);
262 emit(A64_B_(A64_COND_GT, jmp_offset), ctx); 263 emit(A64_B_(A64_COND_HI, jmp_offset), ctx);
263 emit(A64_ADD_I(1, tcc, tcc, 1), ctx); 264 emit(A64_ADD_I(1, tcc, tcc, 1), ctx);
264 265
265 /* prog = array->ptrs[index]; 266 /* prog = array->ptrs[index];
diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
index 76b058533e47..81a1be326571 100644
--- a/arch/x86/include/asm/nospec-branch.h
+++ b/arch/x86/include/asm/nospec-branch.h
@@ -177,4 +177,41 @@ static inline void indirect_branch_prediction_barrier(void)
177} 177}
178 178
179#endif /* __ASSEMBLY__ */ 179#endif /* __ASSEMBLY__ */
180
181/*
182 * Below is used in the eBPF JIT compiler and emits the byte sequence
183 * for the following assembly:
184 *
185 * With retpolines configured:
186 *
187 * callq do_rop
188 * spec_trap:
189 * pause
190 * lfence
191 * jmp spec_trap
192 * do_rop:
193 * mov %rax,(%rsp)
194 * retq
195 *
196 * Without retpolines configured:
197 *
198 * jmp *%rax
199 */
200#ifdef CONFIG_RETPOLINE
201# define RETPOLINE_RAX_BPF_JIT_SIZE 17
202# define RETPOLINE_RAX_BPF_JIT() \
203 EMIT1_off32(0xE8, 7); /* callq do_rop */ \
204 /* spec_trap: */ \
205 EMIT2(0xF3, 0x90); /* pause */ \
206 EMIT3(0x0F, 0xAE, 0xE8); /* lfence */ \
207 EMIT2(0xEB, 0xF9); /* jmp spec_trap */ \
208 /* do_rop: */ \
209 EMIT4(0x48, 0x89, 0x04, 0x24); /* mov %rax,(%rsp) */ \
210 EMIT1(0xC3); /* retq */
211#else
212# define RETPOLINE_RAX_BPF_JIT_SIZE 2
213# define RETPOLINE_RAX_BPF_JIT() \
214 EMIT2(0xFF, 0xE0); /* jmp *%rax */
215#endif
216
180#endif /* _ASM_X86_NOSPEC_BRANCH_H_ */ 217#endif /* _ASM_X86_NOSPEC_BRANCH_H_ */
diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
index 4923d92f918d..45e4eb5bcbb2 100644
--- a/arch/x86/net/bpf_jit_comp.c
+++ b/arch/x86/net/bpf_jit_comp.c
@@ -13,6 +13,7 @@
13#include <linux/if_vlan.h> 13#include <linux/if_vlan.h>
14#include <asm/cacheflush.h> 14#include <asm/cacheflush.h>
15#include <asm/set_memory.h> 15#include <asm/set_memory.h>
16#include <asm/nospec-branch.h>
16#include <linux/bpf.h> 17#include <linux/bpf.h>
17 18
18/* 19/*
@@ -290,7 +291,7 @@ static void emit_bpf_tail_call(u8 **pprog)
290 EMIT2(0x89, 0xD2); /* mov edx, edx */ 291 EMIT2(0x89, 0xD2); /* mov edx, edx */
291 EMIT3(0x39, 0x56, /* cmp dword ptr [rsi + 16], edx */ 292 EMIT3(0x39, 0x56, /* cmp dword ptr [rsi + 16], edx */
292 offsetof(struct bpf_array, map.max_entries)); 293 offsetof(struct bpf_array, map.max_entries));
293#define OFFSET1 43 /* number of bytes to jump */ 294#define OFFSET1 (41 + RETPOLINE_RAX_BPF_JIT_SIZE) /* number of bytes to jump */
294 EMIT2(X86_JBE, OFFSET1); /* jbe out */ 295 EMIT2(X86_JBE, OFFSET1); /* jbe out */
295 label1 = cnt; 296 label1 = cnt;
296 297
@@ -299,7 +300,7 @@ static void emit_bpf_tail_call(u8 **pprog)
299 */ 300 */
300 EMIT2_off32(0x8B, 0x85, 36); /* mov eax, dword ptr [rbp + 36] */ 301 EMIT2_off32(0x8B, 0x85, 36); /* mov eax, dword ptr [rbp + 36] */
301 EMIT3(0x83, 0xF8, MAX_TAIL_CALL_CNT); /* cmp eax, MAX_TAIL_CALL_CNT */ 302 EMIT3(0x83, 0xF8, MAX_TAIL_CALL_CNT); /* cmp eax, MAX_TAIL_CALL_CNT */
302#define OFFSET2 32 303#define OFFSET2 (30 + RETPOLINE_RAX_BPF_JIT_SIZE)
303 EMIT2(X86_JA, OFFSET2); /* ja out */ 304 EMIT2(X86_JA, OFFSET2); /* ja out */
304 label2 = cnt; 305 label2 = cnt;
305 EMIT3(0x83, 0xC0, 0x01); /* add eax, 1 */ 306 EMIT3(0x83, 0xC0, 0x01); /* add eax, 1 */
@@ -313,7 +314,7 @@ static void emit_bpf_tail_call(u8 **pprog)
313 * goto out; 314 * goto out;
314 */ 315 */
315 EMIT3(0x48, 0x85, 0xC0); /* test rax,rax */ 316 EMIT3(0x48, 0x85, 0xC0); /* test rax,rax */
316#define OFFSET3 10 317#define OFFSET3 (8 + RETPOLINE_RAX_BPF_JIT_SIZE)
317 EMIT2(X86_JE, OFFSET3); /* je out */ 318 EMIT2(X86_JE, OFFSET3); /* je out */
318 label3 = cnt; 319 label3 = cnt;
319 320
@@ -326,7 +327,7 @@ static void emit_bpf_tail_call(u8 **pprog)
326 * rdi == ctx (1st arg) 327 * rdi == ctx (1st arg)
327 * rax == prog->bpf_func + prologue_size 328 * rax == prog->bpf_func + prologue_size
328 */ 329 */
329 EMIT2(0xFF, 0xE0); /* jmp rax */ 330 RETPOLINE_RAX_BPF_JIT();
330 331
331 /* out: */ 332 /* out: */
332 BUILD_BUG_ON(cnt - label1 != OFFSET1); 333 BUILD_BUG_ON(cnt - label1 != OFFSET1);
diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-pci.c b/drivers/net/ethernet/amd/xgbe/xgbe-pci.c
index 3e5833cf1fab..eb23f9ba1a9a 100644
--- a/drivers/net/ethernet/amd/xgbe/xgbe-pci.c
+++ b/drivers/net/ethernet/amd/xgbe/xgbe-pci.c
@@ -426,6 +426,8 @@ static int xgbe_pci_resume(struct pci_dev *pdev)
426 struct net_device *netdev = pdata->netdev; 426 struct net_device *netdev = pdata->netdev;
427 int ret = 0; 427 int ret = 0;
428 428
429 XP_IOWRITE(pdata, XP_INT_EN, 0x1fffff);
430
429 pdata->lpm_ctrl &= ~MDIO_CTRL1_LPOWER; 431 pdata->lpm_ctrl &= ~MDIO_CTRL1_LPOWER;
430 XMDIO_WRITE(pdata, MDIO_MMD_PCS, MDIO_CTRL1, pdata->lpm_ctrl); 432 XMDIO_WRITE(pdata, MDIO_MMD_PCS, MDIO_CTRL1, pdata->lpm_ctrl);
431 433
diff --git a/drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c b/drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c
index 22889fc158f2..87c4308b52a7 100644
--- a/drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c
+++ b/drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c
@@ -226,6 +226,10 @@ static int aq_pci_probe(struct pci_dev *pdev,
226 goto err_ioremap; 226 goto err_ioremap;
227 227
228 self->aq_hw = kzalloc(sizeof(*self->aq_hw), GFP_KERNEL); 228 self->aq_hw = kzalloc(sizeof(*self->aq_hw), GFP_KERNEL);
229 if (!self->aq_hw) {
230 err = -ENOMEM;
231 goto err_ioremap;
232 }
229 self->aq_hw->aq_nic_cfg = aq_nic_get_cfg(self); 233 self->aq_hw->aq_nic_cfg = aq_nic_get_cfg(self);
230 234
231 for (bar = 0; bar < 4; ++bar) { 235 for (bar = 0; bar < 4; ++bar) {
@@ -235,19 +239,19 @@ static int aq_pci_probe(struct pci_dev *pdev,
235 mmio_pa = pci_resource_start(pdev, bar); 239 mmio_pa = pci_resource_start(pdev, bar);
236 if (mmio_pa == 0U) { 240 if (mmio_pa == 0U) {
237 err = -EIO; 241 err = -EIO;
238 goto err_ioremap; 242 goto err_free_aq_hw;
239 } 243 }
240 244
241 reg_sz = pci_resource_len(pdev, bar); 245 reg_sz = pci_resource_len(pdev, bar);
242 if ((reg_sz <= 24 /*ATL_REGS_SIZE*/)) { 246 if ((reg_sz <= 24 /*ATL_REGS_SIZE*/)) {
243 err = -EIO; 247 err = -EIO;
244 goto err_ioremap; 248 goto err_free_aq_hw;
245 } 249 }
246 250
247 self->aq_hw->mmio = ioremap_nocache(mmio_pa, reg_sz); 251 self->aq_hw->mmio = ioremap_nocache(mmio_pa, reg_sz);
248 if (!self->aq_hw->mmio) { 252 if (!self->aq_hw->mmio) {
249 err = -EIO; 253 err = -EIO;
250 goto err_ioremap; 254 goto err_free_aq_hw;
251 } 255 }
252 break; 256 break;
253 } 257 }
@@ -255,7 +259,7 @@ static int aq_pci_probe(struct pci_dev *pdev,
255 259
256 if (bar == 4) { 260 if (bar == 4) {
257 err = -EIO; 261 err = -EIO;
258 goto err_ioremap; 262 goto err_free_aq_hw;
259 } 263 }
260 264
261 numvecs = min((u8)AQ_CFG_VECS_DEF, 265 numvecs = min((u8)AQ_CFG_VECS_DEF,
@@ -290,6 +294,8 @@ err_register:
290 aq_pci_free_irq_vectors(self); 294 aq_pci_free_irq_vectors(self);
291err_hwinit: 295err_hwinit:
292 iounmap(self->aq_hw->mmio); 296 iounmap(self->aq_hw->mmio);
297err_free_aq_hw:
298 kfree(self->aq_hw);
293err_ioremap: 299err_ioremap:
294 free_netdev(ndev); 300 free_netdev(ndev);
295err_pci_func: 301err_pci_func:
diff --git a/drivers/net/ethernet/freescale/gianfar.c b/drivers/net/ethernet/freescale/gianfar.c
index 3bdeb295514b..f5c87bd35fa1 100644
--- a/drivers/net/ethernet/freescale/gianfar.c
+++ b/drivers/net/ethernet/freescale/gianfar.c
@@ -2934,29 +2934,17 @@ static bool gfar_add_rx_frag(struct gfar_rx_buff *rxb, u32 lstatus,
2934{ 2934{
2935 int size = lstatus & BD_LENGTH_MASK; 2935 int size = lstatus & BD_LENGTH_MASK;
2936 struct page *page = rxb->page; 2936 struct page *page = rxb->page;
2937 bool last = !!(lstatus & BD_LFLAG(RXBD_LAST));
2938
2939 /* Remove the FCS from the packet length */
2940 if (last)
2941 size -= ETH_FCS_LEN;
2942 2937
2943 if (likely(first)) { 2938 if (likely(first)) {
2944 skb_put(skb, size); 2939 skb_put(skb, size);
2945 } else { 2940 } else {
2946 /* the last fragments' length contains the full frame length */ 2941 /* the last fragments' length contains the full frame length */
2947 if (last) 2942 if (lstatus & BD_LFLAG(RXBD_LAST))
2948 size -= skb->len; 2943 size -= skb->len;
2949 2944
2950 /* Add the last fragment if it contains something other than 2945 skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, page,
2951 * the FCS, otherwise drop it and trim off any part of the FCS 2946 rxb->page_offset + RXBUF_ALIGNMENT,
2952 * that was already received. 2947 size, GFAR_RXB_TRUESIZE);
2953 */
2954 if (size > 0)
2955 skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, page,
2956 rxb->page_offset + RXBUF_ALIGNMENT,
2957 size, GFAR_RXB_TRUESIZE);
2958 else if (size < 0)
2959 pskb_trim(skb, skb->len + size);
2960 } 2948 }
2961 2949
2962 /* try reuse page */ 2950 /* try reuse page */
@@ -3069,6 +3057,9 @@ static void gfar_process_frame(struct net_device *ndev, struct sk_buff *skb)
3069 if (priv->padding) 3057 if (priv->padding)
3070 skb_pull(skb, priv->padding); 3058 skb_pull(skb, priv->padding);
3071 3059
3060 /* Trim off the FCS */
3061 pskb_trim(skb, skb->len - ETH_FCS_LEN);
3062
3072 if (ndev->features & NETIF_F_RXCSUM) 3063 if (ndev->features & NETIF_F_RXCSUM)
3073 gfar_rx_checksum(skb, fcb); 3064 gfar_rx_checksum(skb, fcb);
3074 3065
diff --git a/drivers/net/ethernet/ibm/ibmvnic.c b/drivers/net/ethernet/ibm/ibmvnic.c
index 996f47568f9e..1b3cc8bb0705 100644
--- a/drivers/net/ethernet/ibm/ibmvnic.c
+++ b/drivers/net/ethernet/ibm/ibmvnic.c
@@ -1901,6 +1901,11 @@ restart_poll:
1901 dev_kfree_skb_any(rx_buff->skb); 1901 dev_kfree_skb_any(rx_buff->skb);
1902 remove_buff_from_pool(adapter, rx_buff); 1902 remove_buff_from_pool(adapter, rx_buff);
1903 continue; 1903 continue;
1904 } else if (!rx_buff->skb) {
1905 /* free the entry */
1906 next->rx_comp.first = 0;
1907 remove_buff_from_pool(adapter, rx_buff);
1908 continue;
1904 } 1909 }
1905 1910
1906 length = be32_to_cpu(next->rx_comp.len); 1911 length = be32_to_cpu(next->rx_comp.len);
@@ -3755,7 +3760,6 @@ static int handle_login_rsp(union ibmvnic_crq *login_rsp_crq,
3755 3760
3756 dma_unmap_single(dev, adapter->login_buf_token, adapter->login_buf_sz, 3761 dma_unmap_single(dev, adapter->login_buf_token, adapter->login_buf_sz,
3757 DMA_BIDIRECTIONAL); 3762 DMA_BIDIRECTIONAL);
3758 release_login_buffer(adapter);
3759 dma_unmap_single(dev, adapter->login_rsp_buf_token, 3763 dma_unmap_single(dev, adapter->login_rsp_buf_token,
3760 adapter->login_rsp_buf_sz, DMA_BIDIRECTIONAL); 3764 adapter->login_rsp_buf_sz, DMA_BIDIRECTIONAL);
3761 3765
@@ -3786,6 +3790,7 @@ static int handle_login_rsp(union ibmvnic_crq *login_rsp_crq,
3786 ibmvnic_remove(adapter->vdev); 3790 ibmvnic_remove(adapter->vdev);
3787 return -EIO; 3791 return -EIO;
3788 } 3792 }
3793 release_login_buffer(adapter);
3789 complete(&adapter->init_done); 3794 complete(&adapter->init_done);
3790 3795
3791 return 0; 3796 return 0;
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.c b/drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.c
index 0be4575b58a2..fd509160c8f6 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.c
@@ -96,10 +96,10 @@ static void print_lyr_2_4_hdrs(struct trace_seq *p,
96 "%pI4"); 96 "%pI4");
97 } else if (ethertype.v == ETH_P_IPV6) { 97 } else if (ethertype.v == ETH_P_IPV6) {
98 static const struct in6_addr full_ones = { 98 static const struct in6_addr full_ones = {
99 .in6_u.u6_addr32 = {htonl(0xffffffff), 99 .in6_u.u6_addr32 = {__constant_htonl(0xffffffff),
100 htonl(0xffffffff), 100 __constant_htonl(0xffffffff),
101 htonl(0xffffffff), 101 __constant_htonl(0xffffffff),
102 htonl(0xffffffff)}, 102 __constant_htonl(0xffffffff)},
103 }; 103 };
104 DECLARE_MASK_VAL(struct in6_addr, src_ipv6); 104 DECLARE_MASK_VAL(struct in6_addr, src_ipv6);
105 DECLARE_MASK_VAL(struct in6_addr, dst_ipv6); 105 DECLARE_MASK_VAL(struct in6_addr, dst_ipv6);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
index 47bab842c5ee..da94c8cba5ee 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
@@ -1768,13 +1768,16 @@ static void mlx5e_build_rq_param(struct mlx5e_priv *priv,
1768 param->wq.linear = 1; 1768 param->wq.linear = 1;
1769} 1769}
1770 1770
1771static void mlx5e_build_drop_rq_param(struct mlx5e_rq_param *param) 1771static void mlx5e_build_drop_rq_param(struct mlx5_core_dev *mdev,
1772 struct mlx5e_rq_param *param)
1772{ 1773{
1773 void *rqc = param->rqc; 1774 void *rqc = param->rqc;
1774 void *wq = MLX5_ADDR_OF(rqc, rqc, wq); 1775 void *wq = MLX5_ADDR_OF(rqc, rqc, wq);
1775 1776
1776 MLX5_SET(wq, wq, wq_type, MLX5_WQ_TYPE_LINKED_LIST); 1777 MLX5_SET(wq, wq, wq_type, MLX5_WQ_TYPE_LINKED_LIST);
1777 MLX5_SET(wq, wq, log_wq_stride, ilog2(sizeof(struct mlx5e_rx_wqe))); 1778 MLX5_SET(wq, wq, log_wq_stride, ilog2(sizeof(struct mlx5e_rx_wqe)));
1779
1780 param->wq.buf_numa_node = dev_to_node(&mdev->pdev->dev);
1778} 1781}
1779 1782
1780static void mlx5e_build_sq_param_common(struct mlx5e_priv *priv, 1783static void mlx5e_build_sq_param_common(struct mlx5e_priv *priv,
@@ -2634,6 +2637,9 @@ static int mlx5e_alloc_drop_cq(struct mlx5_core_dev *mdev,
2634 struct mlx5e_cq *cq, 2637 struct mlx5e_cq *cq,
2635 struct mlx5e_cq_param *param) 2638 struct mlx5e_cq_param *param)
2636{ 2639{
2640 param->wq.buf_numa_node = dev_to_node(&mdev->pdev->dev);
2641 param->wq.db_numa_node = dev_to_node(&mdev->pdev->dev);
2642
2637 return mlx5e_alloc_cq_common(mdev, param, cq); 2643 return mlx5e_alloc_cq_common(mdev, param, cq);
2638} 2644}
2639 2645
@@ -2645,7 +2651,7 @@ static int mlx5e_open_drop_rq(struct mlx5_core_dev *mdev,
2645 struct mlx5e_cq *cq = &drop_rq->cq; 2651 struct mlx5e_cq *cq = &drop_rq->cq;
2646 int err; 2652 int err;
2647 2653
2648 mlx5e_build_drop_rq_param(&rq_param); 2654 mlx5e_build_drop_rq_param(mdev, &rq_param);
2649 2655
2650 err = mlx5e_alloc_drop_cq(mdev, cq, &cq_param); 2656 err = mlx5e_alloc_drop_cq(mdev, cq, &cq_param);
2651 if (err) 2657 if (err)
@@ -2994,8 +3000,8 @@ static int mlx5e_setup_tc_block(struct net_device *dev,
2994} 3000}
2995#endif 3001#endif
2996 3002
2997int mlx5e_setup_tc(struct net_device *dev, enum tc_setup_type type, 3003static int mlx5e_setup_tc(struct net_device *dev, enum tc_setup_type type,
2998 void *type_data) 3004 void *type_data)
2999{ 3005{
3000 switch (type) { 3006 switch (type) {
3001#ifdef CONFIG_MLX5_ESWITCH 3007#ifdef CONFIG_MLX5_ESWITCH
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
index 0d4bb0688faa..e5c3ab46a24a 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
@@ -36,6 +36,7 @@
36#include <linux/tcp.h> 36#include <linux/tcp.h>
37#include <linux/bpf_trace.h> 37#include <linux/bpf_trace.h>
38#include <net/busy_poll.h> 38#include <net/busy_poll.h>
39#include <net/ip6_checksum.h>
39#include "en.h" 40#include "en.h"
40#include "en_tc.h" 41#include "en_tc.h"
41#include "eswitch.h" 42#include "eswitch.h"
@@ -546,20 +547,33 @@ bool mlx5e_post_rx_mpwqes(struct mlx5e_rq *rq)
546 return true; 547 return true;
547} 548}
548 549
550static void mlx5e_lro_update_tcp_hdr(struct mlx5_cqe64 *cqe, struct tcphdr *tcp)
551{
552 u8 l4_hdr_type = get_cqe_l4_hdr_type(cqe);
553 u8 tcp_ack = (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_NO_DATA) ||
554 (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_AND_DATA);
555
556 tcp->check = 0;
557 tcp->psh = get_cqe_lro_tcppsh(cqe);
558
559 if (tcp_ack) {
560 tcp->ack = 1;
561 tcp->ack_seq = cqe->lro_ack_seq_num;
562 tcp->window = cqe->lro_tcp_win;
563 }
564}
565
549static void mlx5e_lro_update_hdr(struct sk_buff *skb, struct mlx5_cqe64 *cqe, 566static void mlx5e_lro_update_hdr(struct sk_buff *skb, struct mlx5_cqe64 *cqe,
550 u32 cqe_bcnt) 567 u32 cqe_bcnt)
551{ 568{
552 struct ethhdr *eth = (struct ethhdr *)(skb->data); 569 struct ethhdr *eth = (struct ethhdr *)(skb->data);
553 struct tcphdr *tcp; 570 struct tcphdr *tcp;
554 int network_depth = 0; 571 int network_depth = 0;
572 __wsum check;
555 __be16 proto; 573 __be16 proto;
556 u16 tot_len; 574 u16 tot_len;
557 void *ip_p; 575 void *ip_p;
558 576
559 u8 l4_hdr_type = get_cqe_l4_hdr_type(cqe);
560 u8 tcp_ack = (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_NO_DATA) ||
561 (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_AND_DATA);
562
563 proto = __vlan_get_protocol(skb, eth->h_proto, &network_depth); 577 proto = __vlan_get_protocol(skb, eth->h_proto, &network_depth);
564 578
565 tot_len = cqe_bcnt - network_depth; 579 tot_len = cqe_bcnt - network_depth;
@@ -576,23 +590,30 @@ static void mlx5e_lro_update_hdr(struct sk_buff *skb, struct mlx5_cqe64 *cqe,
576 ipv4->check = 0; 590 ipv4->check = 0;
577 ipv4->check = ip_fast_csum((unsigned char *)ipv4, 591 ipv4->check = ip_fast_csum((unsigned char *)ipv4,
578 ipv4->ihl); 592 ipv4->ihl);
593
594 mlx5e_lro_update_tcp_hdr(cqe, tcp);
595 check = csum_partial(tcp, tcp->doff * 4,
596 csum_unfold((__force __sum16)cqe->check_sum));
597 /* Almost done, don't forget the pseudo header */
598 tcp->check = csum_tcpudp_magic(ipv4->saddr, ipv4->daddr,
599 tot_len - sizeof(struct iphdr),
600 IPPROTO_TCP, check);
579 } else { 601 } else {
602 u16 payload_len = tot_len - sizeof(struct ipv6hdr);
580 struct ipv6hdr *ipv6 = ip_p; 603 struct ipv6hdr *ipv6 = ip_p;
581 604
582 tcp = ip_p + sizeof(struct ipv6hdr); 605 tcp = ip_p + sizeof(struct ipv6hdr);
583 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6; 606 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6;
584 607
585 ipv6->hop_limit = cqe->lro_min_ttl; 608 ipv6->hop_limit = cqe->lro_min_ttl;
586 ipv6->payload_len = cpu_to_be16(tot_len - 609 ipv6->payload_len = cpu_to_be16(payload_len);
587 sizeof(struct ipv6hdr)); 610
588 } 611 mlx5e_lro_update_tcp_hdr(cqe, tcp);
589 612 check = csum_partial(tcp, tcp->doff * 4,
590 tcp->psh = get_cqe_lro_tcppsh(cqe); 613 csum_unfold((__force __sum16)cqe->check_sum));
591 614 /* Almost done, don't forget the pseudo header */
592 if (tcp_ack) { 615 tcp->check = csum_ipv6_magic(&ipv6->saddr, &ipv6->daddr, payload_len,
593 tcp->ack = 1; 616 IPPROTO_TCP, check);
594 tcp->ack_seq = cqe->lro_ack_seq_num;
595 tcp->window = cqe->lro_tcp_win;
596 } 617 }
597} 618}
598 619
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_selftest.c b/drivers/net/ethernet/mellanox/mlx5/core/en_selftest.c
index 5a4608281f38..707976482c09 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_selftest.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_selftest.c
@@ -216,7 +216,8 @@ mlx5e_test_loopback_validate(struct sk_buff *skb,
216 if (iph->protocol != IPPROTO_UDP) 216 if (iph->protocol != IPPROTO_UDP)
217 goto out; 217 goto out;
218 218
219 udph = udp_hdr(skb); 219 /* Don't assume skb_transport_header() was set */
220 udph = (struct udphdr *)((u8 *)iph + 4 * iph->ihl);
220 if (udph->dest != htons(9)) 221 if (udph->dest != htons(9))
221 goto out; 222 goto out;
222 223
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
index fd98b0dc610f..fa86a1466718 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
@@ -2529,7 +2529,8 @@ static int parse_tc_fdb_actions(struct mlx5e_priv *priv, struct tcf_exts *exts,
2529 if (tcf_vlan_action(a) == TCA_VLAN_ACT_POP) { 2529 if (tcf_vlan_action(a) == TCA_VLAN_ACT_POP) {
2530 attr->action |= MLX5_FLOW_CONTEXT_ACTION_VLAN_POP; 2530 attr->action |= MLX5_FLOW_CONTEXT_ACTION_VLAN_POP;
2531 } else if (tcf_vlan_action(a) == TCA_VLAN_ACT_PUSH) { 2531 } else if (tcf_vlan_action(a) == TCA_VLAN_ACT_PUSH) {
2532 if (tcf_vlan_push_proto(a) != htons(ETH_P_8021Q)) 2532 if (tcf_vlan_push_proto(a) != htons(ETH_P_8021Q) ||
2533 tcf_vlan_push_prio(a))
2533 return -EOPNOTSUPP; 2534 return -EOPNOTSUPP;
2534 2535
2535 attr->action |= MLX5_FLOW_CONTEXT_ACTION_VLAN_PUSH; 2536 attr->action |= MLX5_FLOW_CONTEXT_ACTION_VLAN_PUSH;
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c
index 569b42a01026..11b4f1089d1c 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tx.c
@@ -176,7 +176,7 @@ static inline u16 mlx5e_calc_min_inline(enum mlx5_inline_modes mode,
176 default: 176 default:
177 hlen = mlx5e_skb_l2_header_offset(skb); 177 hlen = mlx5e_skb_l2_header_offset(skb);
178 } 178 }
179 return min_t(u16, hlen, skb->len); 179 return min_t(u16, hlen, skb_headlen(skb));
180} 180}
181 181
182static inline void mlx5e_tx_skb_pull_inline(unsigned char **skb_data, 182static inline void mlx5e_tx_skb_pull_inline(unsigned char **skb_data,
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c
index 5ecf2cddc16d..c2b1d7d351fc 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c
@@ -1529,6 +1529,10 @@ static void esw_enable_vport(struct mlx5_eswitch *esw, int vport_num,
1529 1529
1530 esw_debug(esw->dev, "Enabling VPORT(%d)\n", vport_num); 1530 esw_debug(esw->dev, "Enabling VPORT(%d)\n", vport_num);
1531 1531
1532 /* Create steering drop counters for ingress and egress ACLs */
1533 if (vport_num && esw->mode == SRIOV_LEGACY)
1534 esw_vport_create_drop_counters(vport);
1535
1532 /* Restore old vport configuration */ 1536 /* Restore old vport configuration */
1533 esw_apply_vport_conf(esw, vport); 1537 esw_apply_vport_conf(esw, vport);
1534 1538
@@ -1545,10 +1549,6 @@ static void esw_enable_vport(struct mlx5_eswitch *esw, int vport_num,
1545 if (!vport_num) 1549 if (!vport_num)
1546 vport->info.trusted = true; 1550 vport->info.trusted = true;
1547 1551
1548 /* create steering drop counters for ingress and egress ACLs */
1549 if (vport_num && esw->mode == SRIOV_LEGACY)
1550 esw_vport_create_drop_counters(vport);
1551
1552 esw_vport_change_handle_locked(vport); 1552 esw_vport_change_handle_locked(vport);
1553 1553
1554 esw->enabled_vports++; 1554 esw->enabled_vports++;
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
index c025c98700e4..31fc2cfac3b3 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
@@ -1429,7 +1429,8 @@ static bool check_conflicting_actions(u32 action1, u32 action2)
1429 1429
1430 if (xored_actions & (MLX5_FLOW_CONTEXT_ACTION_DROP | 1430 if (xored_actions & (MLX5_FLOW_CONTEXT_ACTION_DROP |
1431 MLX5_FLOW_CONTEXT_ACTION_ENCAP | 1431 MLX5_FLOW_CONTEXT_ACTION_ENCAP |
1432 MLX5_FLOW_CONTEXT_ACTION_DECAP)) 1432 MLX5_FLOW_CONTEXT_ACTION_DECAP |
1433 MLX5_FLOW_CONTEXT_ACTION_MOD_HDR))
1433 return true; 1434 return true;
1434 1435
1435 return false; 1436 return false;
@@ -1758,8 +1759,11 @@ search_again_locked:
1758 1759
1759 /* Collect all fgs which has a matching match_criteria */ 1760 /* Collect all fgs which has a matching match_criteria */
1760 err = build_match_list(&match_head, ft, spec); 1761 err = build_match_list(&match_head, ft, spec);
1761 if (err) 1762 if (err) {
1763 if (take_write)
1764 up_write_ref_node(&ft->node);
1762 return ERR_PTR(err); 1765 return ERR_PTR(err);
1766 }
1763 1767
1764 if (!take_write) 1768 if (!take_write)
1765 up_read_ref_node(&ft->node); 1769 up_read_ref_node(&ft->node);
@@ -1768,8 +1772,11 @@ search_again_locked:
1768 dest_num, version); 1772 dest_num, version);
1769 free_match_list(&match_head); 1773 free_match_list(&match_head);
1770 if (!IS_ERR(rule) || 1774 if (!IS_ERR(rule) ||
1771 (PTR_ERR(rule) != -ENOENT && PTR_ERR(rule) != -EAGAIN)) 1775 (PTR_ERR(rule) != -ENOENT && PTR_ERR(rule) != -EAGAIN)) {
1776 if (take_write)
1777 up_write_ref_node(&ft->node);
1772 return rule; 1778 return rule;
1779 }
1773 1780
1774 if (!take_write) { 1781 if (!take_write) {
1775 nested_down_write_ref_node(&ft->node, FS_LOCK_GRANDPARENT); 1782 nested_down_write_ref_node(&ft->node, FS_LOCK_GRANDPARENT);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c b/drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c
index e159243e0fcf..857035583ccd 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c
@@ -34,6 +34,7 @@
34#include <linux/highmem.h> 34#include <linux/highmem.h>
35#include <rdma/mlx5-abi.h> 35#include <rdma/mlx5-abi.h>
36#include "en.h" 36#include "en.h"
37#include "clock.h"
37 38
38enum { 39enum {
39 MLX5_CYCLES_SHIFT = 23 40 MLX5_CYCLES_SHIFT = 23
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/main.c b/drivers/net/ethernet/mellanox/mlx5/core/main.c
index 2ef641c91c26..ae391e4b7070 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/main.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/main.c
@@ -551,7 +551,7 @@ static int handle_hca_cap(struct mlx5_core_dev *dev)
551 MLX5_SET(cmd_hca_cap, 551 MLX5_SET(cmd_hca_cap,
552 set_hca_cap, 552 set_hca_cap,
553 cache_line_128byte, 553 cache_line_128byte,
554 cache_line_size() == 128 ? 1 : 0); 554 cache_line_size() >= 128 ? 1 : 0);
555 555
556 if (MLX5_CAP_GEN_MAX(dev, dct)) 556 if (MLX5_CAP_GEN_MAX(dev, dct))
557 MLX5_SET(cmd_hca_cap, set_hca_cap, dct, 1); 557 MLX5_SET(cmd_hca_cap, set_hca_cap, dct, 1);
diff --git a/drivers/net/ethernet/smsc/Kconfig b/drivers/net/ethernet/smsc/Kconfig
index 63aca9f847e1..4c2f612e4414 100644
--- a/drivers/net/ethernet/smsc/Kconfig
+++ b/drivers/net/ethernet/smsc/Kconfig
@@ -20,7 +20,7 @@ if NET_VENDOR_SMSC
20 20
21config SMC9194 21config SMC9194
22 tristate "SMC 9194 support" 22 tristate "SMC 9194 support"
23 depends on (ISA || MAC && BROKEN) 23 depends on ISA
24 select CRC32 24 select CRC32
25 ---help--- 25 ---help---
26 This is support for the SMC9xxx based Ethernet cards. Choose this 26 This is support for the SMC9xxx based Ethernet cards. Choose this
diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
index a0f2be81d52e..8fc02d9db3d0 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -1451,7 +1451,7 @@ destroy_macvlan_port:
1451 /* the macvlan port may be freed by macvlan_uninit when fail to register. 1451 /* the macvlan port may be freed by macvlan_uninit when fail to register.
1452 * so we destroy the macvlan port only when it's valid. 1452 * so we destroy the macvlan port only when it's valid.
1453 */ 1453 */
1454 if (create && macvlan_port_get_rtnl(dev)) 1454 if (create && macvlan_port_get_rtnl(lowerdev))
1455 macvlan_port_destroy(port->dev); 1455 macvlan_port_destroy(port->dev);
1456 return err; 1456 return err;
1457} 1457}
diff --git a/drivers/net/usb/smsc75xx.c b/drivers/net/usb/smsc75xx.c
index d0a113743195..7a6a1fe79309 100644
--- a/drivers/net/usb/smsc75xx.c
+++ b/drivers/net/usb/smsc75xx.c
@@ -954,10 +954,11 @@ static int smsc75xx_set_features(struct net_device *netdev,
954 /* it's racing here! */ 954 /* it's racing here! */
955 955
956 ret = smsc75xx_write_reg(dev, RFE_CTL, pdata->rfe_ctl); 956 ret = smsc75xx_write_reg(dev, RFE_CTL, pdata->rfe_ctl);
957 if (ret < 0) 957 if (ret < 0) {
958 netdev_warn(dev->net, "Error writing RFE_CTL\n"); 958 netdev_warn(dev->net, "Error writing RFE_CTL\n");
959 959 return ret;
960 return ret; 960 }
961 return 0;
961} 962}
962 963
963static int smsc75xx_wait_ready(struct usbnet *dev, int in_pm) 964static int smsc75xx_wait_ready(struct usbnet *dev, int in_pm)
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index 626c27352ae2..9bb9e562b893 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -443,12 +443,8 @@ static bool __virtnet_xdp_xmit(struct virtnet_info *vi,
443 sg_init_one(sq->sg, xdp->data, xdp->data_end - xdp->data); 443 sg_init_one(sq->sg, xdp->data, xdp->data_end - xdp->data);
444 444
445 err = virtqueue_add_outbuf(sq->vq, sq->sg, 1, xdp->data, GFP_ATOMIC); 445 err = virtqueue_add_outbuf(sq->vq, sq->sg, 1, xdp->data, GFP_ATOMIC);
446 if (unlikely(err)) { 446 if (unlikely(err))
447 struct page *page = virt_to_head_page(xdp->data); 447 return false; /* Caller handle free/refcnt */
448
449 put_page(page);
450 return false;
451 }
452 448
453 return true; 449 return true;
454} 450}
@@ -456,8 +452,18 @@ static bool __virtnet_xdp_xmit(struct virtnet_info *vi,
456static int virtnet_xdp_xmit(struct net_device *dev, struct xdp_buff *xdp) 452static int virtnet_xdp_xmit(struct net_device *dev, struct xdp_buff *xdp)
457{ 453{
458 struct virtnet_info *vi = netdev_priv(dev); 454 struct virtnet_info *vi = netdev_priv(dev);
459 bool sent = __virtnet_xdp_xmit(vi, xdp); 455 struct receive_queue *rq = vi->rq;
456 struct bpf_prog *xdp_prog;
457 bool sent;
460 458
459 /* Only allow ndo_xdp_xmit if XDP is loaded on dev, as this
460 * indicate XDP resources have been successfully allocated.
461 */
462 xdp_prog = rcu_dereference(rq->xdp_prog);
463 if (!xdp_prog)
464 return -ENXIO;
465
466 sent = __virtnet_xdp_xmit(vi, xdp);
461 if (!sent) 467 if (!sent)
462 return -ENOSPC; 468 return -ENOSPC;
463 return 0; 469 return 0;
@@ -546,8 +552,11 @@ static struct sk_buff *receive_small(struct net_device *dev,
546 unsigned int buflen = SKB_DATA_ALIGN(GOOD_PACKET_LEN + headroom) + 552 unsigned int buflen = SKB_DATA_ALIGN(GOOD_PACKET_LEN + headroom) +
547 SKB_DATA_ALIGN(sizeof(struct skb_shared_info)); 553 SKB_DATA_ALIGN(sizeof(struct skb_shared_info));
548 struct page *page = virt_to_head_page(buf); 554 struct page *page = virt_to_head_page(buf);
549 unsigned int delta = 0, err; 555 unsigned int delta = 0;
550 struct page *xdp_page; 556 struct page *xdp_page;
557 bool sent;
558 int err;
559
551 len -= vi->hdr_len; 560 len -= vi->hdr_len;
552 561
553 rcu_read_lock(); 562 rcu_read_lock();
@@ -558,7 +567,7 @@ static struct sk_buff *receive_small(struct net_device *dev,
558 void *orig_data; 567 void *orig_data;
559 u32 act; 568 u32 act;
560 569
561 if (unlikely(hdr->hdr.gso_type || hdr->hdr.flags)) 570 if (unlikely(hdr->hdr.gso_type))
562 goto err_xdp; 571 goto err_xdp;
563 572
564 if (unlikely(xdp_headroom < virtnet_get_headroom(vi))) { 573 if (unlikely(xdp_headroom < virtnet_get_headroom(vi))) {
@@ -596,16 +605,19 @@ static struct sk_buff *receive_small(struct net_device *dev,
596 delta = orig_data - xdp.data; 605 delta = orig_data - xdp.data;
597 break; 606 break;
598 case XDP_TX: 607 case XDP_TX:
599 if (unlikely(!__virtnet_xdp_xmit(vi, &xdp))) 608 sent = __virtnet_xdp_xmit(vi, &xdp);
609 if (unlikely(!sent)) {
600 trace_xdp_exception(vi->dev, xdp_prog, act); 610 trace_xdp_exception(vi->dev, xdp_prog, act);
601 else 611 goto err_xdp;
602 *xdp_xmit = true; 612 }
613 *xdp_xmit = true;
603 rcu_read_unlock(); 614 rcu_read_unlock();
604 goto xdp_xmit; 615 goto xdp_xmit;
605 case XDP_REDIRECT: 616 case XDP_REDIRECT:
606 err = xdp_do_redirect(dev, &xdp, xdp_prog); 617 err = xdp_do_redirect(dev, &xdp, xdp_prog);
607 if (!err) 618 if (err)
608 *xdp_xmit = true; 619 goto err_xdp;
620 *xdp_xmit = true;
609 rcu_read_unlock(); 621 rcu_read_unlock();
610 goto xdp_xmit; 622 goto xdp_xmit;
611 default: 623 default:
@@ -677,7 +689,7 @@ static struct sk_buff *receive_mergeable(struct net_device *dev,
677 struct bpf_prog *xdp_prog; 689 struct bpf_prog *xdp_prog;
678 unsigned int truesize; 690 unsigned int truesize;
679 unsigned int headroom = mergeable_ctx_to_headroom(ctx); 691 unsigned int headroom = mergeable_ctx_to_headroom(ctx);
680 int err; 692 bool sent;
681 693
682 head_skb = NULL; 694 head_skb = NULL;
683 695
@@ -746,20 +758,18 @@ static struct sk_buff *receive_mergeable(struct net_device *dev,
746 } 758 }
747 break; 759 break;
748 case XDP_TX: 760 case XDP_TX:
749 if (unlikely(!__virtnet_xdp_xmit(vi, &xdp))) 761 sent = __virtnet_xdp_xmit(vi, &xdp);
762 if (unlikely(!sent)) {
750 trace_xdp_exception(vi->dev, xdp_prog, act); 763 trace_xdp_exception(vi->dev, xdp_prog, act);
751 else 764 if (unlikely(xdp_page != page))
752 *xdp_xmit = true; 765 put_page(xdp_page);
766 goto err_xdp;
767 }
768 *xdp_xmit = true;
753 if (unlikely(xdp_page != page)) 769 if (unlikely(xdp_page != page))
754 goto err_xdp; 770 goto err_xdp;
755 rcu_read_unlock(); 771 rcu_read_unlock();
756 goto xdp_xmit; 772 goto xdp_xmit;
757 case XDP_REDIRECT:
758 err = xdp_do_redirect(dev, &xdp, xdp_prog);
759 if (!err)
760 *xdp_xmit = true;
761 rcu_read_unlock();
762 goto xdp_xmit;
763 default: 773 default:
764 bpf_warn_invalid_xdp_action(act); 774 bpf_warn_invalid_xdp_action(act);
765 case XDP_ABORTED: 775 case XDP_ABORTED:
diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c
index 1cf22e62e3dd..6e0af815f25e 100644
--- a/drivers/net/wireless/mac80211_hwsim.c
+++ b/drivers/net/wireless/mac80211_hwsim.c
@@ -3516,7 +3516,7 @@ static int __init init_mac80211_hwsim(void)
3516 3516
3517 spin_lock_init(&hwsim_radio_lock); 3517 spin_lock_init(&hwsim_radio_lock);
3518 3518
3519 hwsim_wq = alloc_workqueue("hwsim_wq",WQ_MEM_RECLAIM,0); 3519 hwsim_wq = alloc_workqueue("hwsim_wq", 0, 0);
3520 if (!hwsim_wq) 3520 if (!hwsim_wq)
3521 return -ENOMEM; 3521 return -ENOMEM;
3522 rhashtable_init(&hwsim_radios_rht, &hwsim_rht_params); 3522 rhashtable_init(&hwsim_radios_rht, &hwsim_rht_params);
diff --git a/include/net/mac80211.h b/include/net/mac80211.h
index 906e90223066..c96511fa9198 100644
--- a/include/net/mac80211.h
+++ b/include/net/mac80211.h
@@ -4149,7 +4149,7 @@ void ieee80211_sta_uapsd_trigger(struct ieee80211_sta *sta, u8 tid);
4149 * The TX headroom reserved by mac80211 for its own tx_status functions. 4149 * The TX headroom reserved by mac80211 for its own tx_status functions.
4150 * This is enough for the radiotap header. 4150 * This is enough for the radiotap header.
4151 */ 4151 */
4152#define IEEE80211_TX_STATUS_HEADROOM 14 4152#define IEEE80211_TX_STATUS_HEADROOM ALIGN(14, 4)
4153 4153
4154/** 4154/**
4155 * ieee80211_sta_set_buffered - inform mac80211 about driver-buffered frames 4155 * ieee80211_sta_set_buffered - inform mac80211 about driver-buffered frames
diff --git a/include/net/regulatory.h b/include/net/regulatory.h
index ebc5a2ed8631..f83cacce3308 100644
--- a/include/net/regulatory.h
+++ b/include/net/regulatory.h
@@ -78,7 +78,7 @@ struct regulatory_request {
78 int wiphy_idx; 78 int wiphy_idx;
79 enum nl80211_reg_initiator initiator; 79 enum nl80211_reg_initiator initiator;
80 enum nl80211_user_reg_hint_type user_reg_hint_type; 80 enum nl80211_user_reg_hint_type user_reg_hint_type;
81 char alpha2[2]; 81 char alpha2[3];
82 enum nl80211_dfs_regions dfs_region; 82 enum nl80211_dfs_regions dfs_region;
83 bool intersect; 83 bool intersect;
84 bool processed; 84 bool processed;
diff --git a/kernel/bpf/arraymap.c b/kernel/bpf/arraymap.c
index b1f66480135b..14750e7c5ee4 100644
--- a/kernel/bpf/arraymap.c
+++ b/kernel/bpf/arraymap.c
@@ -26,8 +26,10 @@ static void bpf_array_free_percpu(struct bpf_array *array)
26{ 26{
27 int i; 27 int i;
28 28
29 for (i = 0; i < array->map.max_entries; i++) 29 for (i = 0; i < array->map.max_entries; i++) {
30 free_percpu(array->pptrs[i]); 30 free_percpu(array->pptrs[i]);
31 cond_resched();
32 }
31} 33}
32 34
33static int bpf_array_alloc_percpu(struct bpf_array *array) 35static int bpf_array_alloc_percpu(struct bpf_array *array)
@@ -43,6 +45,7 @@ static int bpf_array_alloc_percpu(struct bpf_array *array)
43 return -ENOMEM; 45 return -ENOMEM;
44 } 46 }
45 array->pptrs[i] = ptr; 47 array->pptrs[i] = ptr;
48 cond_resched();
46 } 49 }
47 50
48 return 0; 51 return 0;
@@ -73,11 +76,11 @@ static int array_map_alloc_check(union bpf_attr *attr)
73static struct bpf_map *array_map_alloc(union bpf_attr *attr) 76static struct bpf_map *array_map_alloc(union bpf_attr *attr)
74{ 77{
75 bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY; 78 bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY;
76 int numa_node = bpf_map_attr_numa_node(attr); 79 int ret, numa_node = bpf_map_attr_numa_node(attr);
77 u32 elem_size, index_mask, max_entries; 80 u32 elem_size, index_mask, max_entries;
78 bool unpriv = !capable(CAP_SYS_ADMIN); 81 bool unpriv = !capable(CAP_SYS_ADMIN);
82 u64 cost, array_size, mask64;
79 struct bpf_array *array; 83 struct bpf_array *array;
80 u64 array_size, mask64;
81 84
82 elem_size = round_up(attr->value_size, 8); 85 elem_size = round_up(attr->value_size, 8);
83 86
@@ -109,8 +112,19 @@ static struct bpf_map *array_map_alloc(union bpf_attr *attr)
109 array_size += (u64) max_entries * elem_size; 112 array_size += (u64) max_entries * elem_size;
110 113
111 /* make sure there is no u32 overflow later in round_up() */ 114 /* make sure there is no u32 overflow later in round_up() */
112 if (array_size >= U32_MAX - PAGE_SIZE) 115 cost = array_size;
116 if (cost >= U32_MAX - PAGE_SIZE)
113 return ERR_PTR(-ENOMEM); 117 return ERR_PTR(-ENOMEM);
118 if (percpu) {
119 cost += (u64)attr->max_entries * elem_size * num_possible_cpus();
120 if (cost >= U32_MAX - PAGE_SIZE)
121 return ERR_PTR(-ENOMEM);
122 }
123 cost = round_up(cost, PAGE_SIZE) >> PAGE_SHIFT;
124
125 ret = bpf_map_precharge_memlock(cost);
126 if (ret < 0)
127 return ERR_PTR(ret);
114 128
115 /* allocate all map elements and zero-initialize them */ 129 /* allocate all map elements and zero-initialize them */
116 array = bpf_map_area_alloc(array_size, numa_node); 130 array = bpf_map_area_alloc(array_size, numa_node);
@@ -121,20 +135,13 @@ static struct bpf_map *array_map_alloc(union bpf_attr *attr)
121 135
122 /* copy mandatory map attributes */ 136 /* copy mandatory map attributes */
123 bpf_map_init_from_attr(&array->map, attr); 137 bpf_map_init_from_attr(&array->map, attr);
138 array->map.pages = cost;
124 array->elem_size = elem_size; 139 array->elem_size = elem_size;
125 140
126 if (!percpu) 141 if (percpu && bpf_array_alloc_percpu(array)) {
127 goto out;
128
129 array_size += (u64) attr->max_entries * elem_size * num_possible_cpus();
130
131 if (array_size >= U32_MAX - PAGE_SIZE ||
132 bpf_array_alloc_percpu(array)) {
133 bpf_map_area_free(array); 142 bpf_map_area_free(array);
134 return ERR_PTR(-ENOMEM); 143 return ERR_PTR(-ENOMEM);
135 } 144 }
136out:
137 array->map.pages = round_up(array_size, PAGE_SIZE) >> PAGE_SHIFT;
138 145
139 return &array->map; 146 return &array->map;
140} 147}
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 29ca9208dcfa..d315b393abdd 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -1590,7 +1590,7 @@ int bpf_prog_array_copy_to_user(struct bpf_prog_array __rcu *progs,
1590 * so always copy 'cnt' prog_ids to the user. 1590 * so always copy 'cnt' prog_ids to the user.
1591 * In a rare race the user will see zero prog_ids 1591 * In a rare race the user will see zero prog_ids
1592 */ 1592 */
1593 ids = kcalloc(cnt, sizeof(u32), GFP_USER); 1593 ids = kcalloc(cnt, sizeof(u32), GFP_USER | __GFP_NOWARN);
1594 if (!ids) 1594 if (!ids)
1595 return -ENOMEM; 1595 return -ENOMEM;
1596 rcu_read_lock(); 1596 rcu_read_lock();
diff --git a/kernel/bpf/cpumap.c b/kernel/bpf/cpumap.c
index fbfdada6caee..a4bb0b34375a 100644
--- a/kernel/bpf/cpumap.c
+++ b/kernel/bpf/cpumap.c
@@ -334,7 +334,7 @@ static int cpu_map_kthread_run(void *data)
334static struct bpf_cpu_map_entry *__cpu_map_entry_alloc(u32 qsize, u32 cpu, 334static struct bpf_cpu_map_entry *__cpu_map_entry_alloc(u32 qsize, u32 cpu,
335 int map_id) 335 int map_id)
336{ 336{
337 gfp_t gfp = GFP_ATOMIC|__GFP_NOWARN; 337 gfp_t gfp = GFP_KERNEL | __GFP_NOWARN;
338 struct bpf_cpu_map_entry *rcpu; 338 struct bpf_cpu_map_entry *rcpu;
339 int numa, err; 339 int numa, err;
340 340
diff --git a/kernel/bpf/lpm_trie.c b/kernel/bpf/lpm_trie.c
index 7b469d10d0e9..b4b5b81e7251 100644
--- a/kernel/bpf/lpm_trie.c
+++ b/kernel/bpf/lpm_trie.c
@@ -555,7 +555,10 @@ static void trie_free(struct bpf_map *map)
555 struct lpm_trie_node __rcu **slot; 555 struct lpm_trie_node __rcu **slot;
556 struct lpm_trie_node *node; 556 struct lpm_trie_node *node;
557 557
558 raw_spin_lock(&trie->lock); 558 /* Wait for outstanding programs to complete
559 * update/lookup/delete/get_next_key and free the trie.
560 */
561 synchronize_rcu();
559 562
560 /* Always start at the root and walk down to a node that has no 563 /* Always start at the root and walk down to a node that has no
561 * children. Then free that node, nullify its reference in the parent 564 * children. Then free that node, nullify its reference in the parent
@@ -566,10 +569,9 @@ static void trie_free(struct bpf_map *map)
566 slot = &trie->root; 569 slot = &trie->root;
567 570
568 for (;;) { 571 for (;;) {
569 node = rcu_dereference_protected(*slot, 572 node = rcu_dereference_protected(*slot, 1);
570 lockdep_is_held(&trie->lock));
571 if (!node) 573 if (!node)
572 goto unlock; 574 goto out;
573 575
574 if (rcu_access_pointer(node->child[0])) { 576 if (rcu_access_pointer(node->child[0])) {
575 slot = &node->child[0]; 577 slot = &node->child[0];
@@ -587,8 +589,8 @@ static void trie_free(struct bpf_map *map)
587 } 589 }
588 } 590 }
589 591
590unlock: 592out:
591 raw_spin_unlock(&trie->lock); 593 kfree(trie);
592} 594}
593 595
594static int trie_get_next_key(struct bpf_map *map, void *_key, void *_next_key) 596static int trie_get_next_key(struct bpf_map *map, void *_key, void *_next_key)
diff --git a/kernel/bpf/sockmap.c b/kernel/bpf/sockmap.c
index 48c33417d13c..a927e89dad6e 100644
--- a/kernel/bpf/sockmap.c
+++ b/kernel/bpf/sockmap.c
@@ -521,8 +521,8 @@ static struct smap_psock *smap_init_psock(struct sock *sock,
521static struct bpf_map *sock_map_alloc(union bpf_attr *attr) 521static struct bpf_map *sock_map_alloc(union bpf_attr *attr)
522{ 522{
523 struct bpf_stab *stab; 523 struct bpf_stab *stab;
524 int err = -EINVAL;
525 u64 cost; 524 u64 cost;
525 int err;
526 526
527 if (!capable(CAP_NET_ADMIN)) 527 if (!capable(CAP_NET_ADMIN))
528 return ERR_PTR(-EPERM); 528 return ERR_PTR(-EPERM);
@@ -547,6 +547,7 @@ static struct bpf_map *sock_map_alloc(union bpf_attr *attr)
547 547
548 /* make sure page count doesn't overflow */ 548 /* make sure page count doesn't overflow */
549 cost = (u64) stab->map.max_entries * sizeof(struct sock *); 549 cost = (u64) stab->map.max_entries * sizeof(struct sock *);
550 err = -EINVAL;
550 if (cost >= U32_MAX - PAGE_SIZE) 551 if (cost >= U32_MAX - PAGE_SIZE)
551 goto free_stab; 552 goto free_stab;
552 553
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index fc2838ac8b78..c0a9e310d715 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -872,6 +872,8 @@ int perf_event_query_prog_array(struct perf_event *event, void __user *info)
872 return -EINVAL; 872 return -EINVAL;
873 if (copy_from_user(&query, uquery, sizeof(query))) 873 if (copy_from_user(&query, uquery, sizeof(query)))
874 return -EFAULT; 874 return -EFAULT;
875 if (query.ids_len > BPF_TRACE_MAX_PROGS)
876 return -E2BIG;
875 877
876 mutex_lock(&bpf_event_mutex); 878 mutex_lock(&bpf_event_mutex);
877 ret = bpf_prog_array_copy_info(event->tp_event->prog_array, 879 ret = bpf_prog_array_copy_info(event->tp_event->prog_array,
diff --git a/net/bridge/netfilter/ebt_among.c b/net/bridge/netfilter/ebt_among.c
index 279527f8b1fe..ce7152a12bd8 100644
--- a/net/bridge/netfilter/ebt_among.c
+++ b/net/bridge/netfilter/ebt_among.c
@@ -187,17 +187,17 @@ static int ebt_among_mt_check(const struct xt_mtchk_param *par)
187 expected_length += ebt_mac_wormhash_size(wh_src); 187 expected_length += ebt_mac_wormhash_size(wh_src);
188 188
189 if (em->match_size != EBT_ALIGN(expected_length)) { 189 if (em->match_size != EBT_ALIGN(expected_length)) {
190 pr_info("wrong size: %d against expected %d, rounded to %zd\n", 190 pr_err_ratelimited("wrong size: %d against expected %d, rounded to %zd\n",
191 em->match_size, expected_length, 191 em->match_size, expected_length,
192 EBT_ALIGN(expected_length)); 192 EBT_ALIGN(expected_length));
193 return -EINVAL; 193 return -EINVAL;
194 } 194 }
195 if (wh_dst && (err = ebt_mac_wormhash_check_integrity(wh_dst))) { 195 if (wh_dst && (err = ebt_mac_wormhash_check_integrity(wh_dst))) {
196 pr_info("dst integrity fail: %x\n", -err); 196 pr_err_ratelimited("dst integrity fail: %x\n", -err);
197 return -EINVAL; 197 return -EINVAL;
198 } 198 }
199 if (wh_src && (err = ebt_mac_wormhash_check_integrity(wh_src))) { 199 if (wh_src && (err = ebt_mac_wormhash_check_integrity(wh_src))) {
200 pr_info("src integrity fail: %x\n", -err); 200 pr_err_ratelimited("src integrity fail: %x\n", -err);
201 return -EINVAL; 201 return -EINVAL;
202 } 202 }
203 return 0; 203 return 0;
diff --git a/net/bridge/netfilter/ebt_limit.c b/net/bridge/netfilter/ebt_limit.c
index 61a9f1be1263..165b9d678cf1 100644
--- a/net/bridge/netfilter/ebt_limit.c
+++ b/net/bridge/netfilter/ebt_limit.c
@@ -72,8 +72,8 @@ static int ebt_limit_mt_check(const struct xt_mtchk_param *par)
72 /* Check for overflow. */ 72 /* Check for overflow. */
73 if (info->burst == 0 || 73 if (info->burst == 0 ||
74 user2credits(info->avg * info->burst) < user2credits(info->avg)) { 74 user2credits(info->avg * info->burst) < user2credits(info->avg)) {
75 pr_info("overflow, try lower: %u/%u\n", 75 pr_info_ratelimited("overflow, try lower: %u/%u\n",
76 info->avg, info->burst); 76 info->avg, info->burst);
77 return -EINVAL; 77 return -EINVAL;
78 } 78 }
79 79
diff --git a/net/core/filter.c b/net/core/filter.c
index 08ab4c65a998..0c121adbdbaa 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -3381,17 +3381,13 @@ BPF_CALL_2(bpf_sock_ops_cb_flags_set, struct bpf_sock_ops_kern *, bpf_sock,
3381 struct sock *sk = bpf_sock->sk; 3381 struct sock *sk = bpf_sock->sk;
3382 int val = argval & BPF_SOCK_OPS_ALL_CB_FLAGS; 3382 int val = argval & BPF_SOCK_OPS_ALL_CB_FLAGS;
3383 3383
3384 if (!sk_fullsock(sk)) 3384 if (!IS_ENABLED(CONFIG_INET) || !sk_fullsock(sk))
3385 return -EINVAL; 3385 return -EINVAL;
3386 3386
3387#ifdef CONFIG_INET
3388 if (val) 3387 if (val)
3389 tcp_sk(sk)->bpf_sock_ops_cb_flags = val; 3388 tcp_sk(sk)->bpf_sock_ops_cb_flags = val;
3390 3389
3391 return argval & (~BPF_SOCK_OPS_ALL_CB_FLAGS); 3390 return argval & (~BPF_SOCK_OPS_ALL_CB_FLAGS);
3392#else
3393 return -EINVAL;
3394#endif
3395} 3391}
3396 3392
3397static const struct bpf_func_proto bpf_sock_ops_cb_flags_set_proto = { 3393static const struct bpf_func_proto bpf_sock_ops_cb_flags_set_proto = {
diff --git a/net/core/gen_estimator.c b/net/core/gen_estimator.c
index 0a3f88f08727..98fd12721221 100644
--- a/net/core/gen_estimator.c
+++ b/net/core/gen_estimator.c
@@ -66,6 +66,7 @@ struct net_rate_estimator {
66static void est_fetch_counters(struct net_rate_estimator *e, 66static void est_fetch_counters(struct net_rate_estimator *e,
67 struct gnet_stats_basic_packed *b) 67 struct gnet_stats_basic_packed *b)
68{ 68{
69 memset(b, 0, sizeof(*b));
69 if (e->stats_lock) 70 if (e->stats_lock)
70 spin_lock(e->stats_lock); 71 spin_lock(e->stats_lock);
71 72
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 008be04ac1cc..9c41a0cef1a5 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -1567,10 +1567,7 @@ int ip_getsockopt(struct sock *sk, int level,
1567 if (get_user(len, optlen)) 1567 if (get_user(len, optlen))
1568 return -EFAULT; 1568 return -EFAULT;
1569 1569
1570 lock_sock(sk); 1570 err = nf_getsockopt(sk, PF_INET, optname, optval, &len);
1571 err = nf_getsockopt(sk, PF_INET, optname, optval,
1572 &len);
1573 release_sock(sk);
1574 if (err >= 0) 1571 if (err >= 0)
1575 err = put_user(len, optlen); 1572 err = put_user(len, optlen);
1576 return err; 1573 return err;
@@ -1602,9 +1599,7 @@ int compat_ip_getsockopt(struct sock *sk, int level, int optname,
1602 if (get_user(len, optlen)) 1599 if (get_user(len, optlen))
1603 return -EFAULT; 1600 return -EFAULT;
1604 1601
1605 lock_sock(sk);
1606 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len); 1602 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len);
1607 release_sock(sk);
1608 if (err >= 0) 1603 if (err >= 0)
1609 err = put_user(len, optlen); 1604 err = put_user(len, optlen);
1610 return err; 1605 return err;
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 4ffe302f9b82..e3e420f3ba7b 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -252,6 +252,10 @@ unsigned int arpt_do_table(struct sk_buff *skb,
252 } 252 }
253 if (table_base + v 253 if (table_base + v
254 != arpt_next_entry(e)) { 254 != arpt_next_entry(e)) {
255 if (unlikely(stackidx >= private->stacksize)) {
256 verdict = NF_DROP;
257 break;
258 }
255 jumpstack[stackidx++] = e; 259 jumpstack[stackidx++] = e;
256 } 260 }
257 261
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 9a71f3149507..e38395a8dcf2 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -330,8 +330,13 @@ ipt_do_table(struct sk_buff *skb,
330 continue; 330 continue;
331 } 331 }
332 if (table_base + v != ipt_next_entry(e) && 332 if (table_base + v != ipt_next_entry(e) &&
333 !(e->ip.flags & IPT_F_GOTO)) 333 !(e->ip.flags & IPT_F_GOTO)) {
334 if (unlikely(stackidx >= private->stacksize)) {
335 verdict = NF_DROP;
336 break;
337 }
334 jumpstack[stackidx++] = e; 338 jumpstack[stackidx++] = e;
339 }
335 340
336 e = get_entry(table_base, v); 341 e = get_entry(table_base, v);
337 continue; 342 continue;
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c
index 3a84a60f6b39..4b02ab39ebc5 100644
--- a/net/ipv4/netfilter/ipt_CLUSTERIP.c
+++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c
@@ -107,12 +107,6 @@ clusterip_config_entry_put(struct net *net, struct clusterip_config *c)
107 107
108 local_bh_disable(); 108 local_bh_disable();
109 if (refcount_dec_and_lock(&c->entries, &cn->lock)) { 109 if (refcount_dec_and_lock(&c->entries, &cn->lock)) {
110 list_del_rcu(&c->list);
111 spin_unlock(&cn->lock);
112 local_bh_enable();
113
114 unregister_netdevice_notifier(&c->notifier);
115
116 /* In case anyone still accesses the file, the open/close 110 /* In case anyone still accesses the file, the open/close
117 * functions are also incrementing the refcount on their own, 111 * functions are also incrementing the refcount on their own,
118 * so it's safe to remove the entry even if it's in use. */ 112 * so it's safe to remove the entry even if it's in use. */
@@ -120,6 +114,12 @@ clusterip_config_entry_put(struct net *net, struct clusterip_config *c)
120 if (cn->procdir) 114 if (cn->procdir)
121 proc_remove(c->pde); 115 proc_remove(c->pde);
122#endif 116#endif
117 list_del_rcu(&c->list);
118 spin_unlock(&cn->lock);
119 local_bh_enable();
120
121 unregister_netdevice_notifier(&c->notifier);
122
123 return; 123 return;
124 } 124 }
125 local_bh_enable(); 125 local_bh_enable();
@@ -154,8 +154,12 @@ clusterip_config_find_get(struct net *net, __be32 clusterip, int entry)
154#endif 154#endif
155 if (unlikely(!refcount_inc_not_zero(&c->refcount))) 155 if (unlikely(!refcount_inc_not_zero(&c->refcount)))
156 c = NULL; 156 c = NULL;
157 else if (entry) 157 else if (entry) {
158 refcount_inc(&c->entries); 158 if (unlikely(!refcount_inc_not_zero(&c->entries))) {
159 clusterip_config_put(c);
160 c = NULL;
161 }
162 }
159 } 163 }
160 rcu_read_unlock_bh(); 164 rcu_read_unlock_bh();
161 165
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c
index 270765236f5e..aaaf9a81fbc9 100644
--- a/net/ipv4/netfilter/ipt_ECN.c
+++ b/net/ipv4/netfilter/ipt_ECN.c
@@ -98,17 +98,15 @@ static int ecn_tg_check(const struct xt_tgchk_param *par)
98 const struct ipt_ECN_info *einfo = par->targinfo; 98 const struct ipt_ECN_info *einfo = par->targinfo;
99 const struct ipt_entry *e = par->entryinfo; 99 const struct ipt_entry *e = par->entryinfo;
100 100
101 if (einfo->operation & IPT_ECN_OP_MASK) { 101 if (einfo->operation & IPT_ECN_OP_MASK)
102 pr_info("unsupported ECN operation %x\n", einfo->operation);
103 return -EINVAL; 102 return -EINVAL;
104 } 103
105 if (einfo->ip_ect & ~IPT_ECN_IP_MASK) { 104 if (einfo->ip_ect & ~IPT_ECN_IP_MASK)
106 pr_info("new ECT codepoint %x out of mask\n", einfo->ip_ect);
107 return -EINVAL; 105 return -EINVAL;
108 } 106
109 if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) && 107 if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) &&
110 (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) { 108 (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) {
111 pr_info("cannot use TCP operations on a non-tcp rule\n"); 109 pr_info_ratelimited("cannot use operation on non-tcp rule\n");
112 return -EINVAL; 110 return -EINVAL;
113 } 111 }
114 return 0; 112 return 0;
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c
index 8bd0d7b26632..e8bed3390e58 100644
--- a/net/ipv4/netfilter/ipt_REJECT.c
+++ b/net/ipv4/netfilter/ipt_REJECT.c
@@ -74,13 +74,13 @@ static int reject_tg_check(const struct xt_tgchk_param *par)
74 const struct ipt_entry *e = par->entryinfo; 74 const struct ipt_entry *e = par->entryinfo;
75 75
76 if (rejinfo->with == IPT_ICMP_ECHOREPLY) { 76 if (rejinfo->with == IPT_ICMP_ECHOREPLY) {
77 pr_info("ECHOREPLY no longer supported.\n"); 77 pr_info_ratelimited("ECHOREPLY no longer supported.\n");
78 return -EINVAL; 78 return -EINVAL;
79 } else if (rejinfo->with == IPT_TCP_RESET) { 79 } else if (rejinfo->with == IPT_TCP_RESET) {
80 /* Must specify that it's a TCP packet */ 80 /* Must specify that it's a TCP packet */
81 if (e->ip.proto != IPPROTO_TCP || 81 if (e->ip.proto != IPPROTO_TCP ||
82 (e->ip.invflags & XT_INV_PROTO)) { 82 (e->ip.invflags & XT_INV_PROTO)) {
83 pr_info("TCP_RESET invalid for non-tcp\n"); 83 pr_info_ratelimited("TCP_RESET invalid for non-tcp\n");
84 return -EINVAL; 84 return -EINVAL;
85 } 85 }
86 } 86 }
diff --git a/net/ipv4/netfilter/ipt_rpfilter.c b/net/ipv4/netfilter/ipt_rpfilter.c
index 37fb9552e858..fd01f13c896a 100644
--- a/net/ipv4/netfilter/ipt_rpfilter.c
+++ b/net/ipv4/netfilter/ipt_rpfilter.c
@@ -105,14 +105,14 @@ static int rpfilter_check(const struct xt_mtchk_param *par)
105 const struct xt_rpfilter_info *info = par->matchinfo; 105 const struct xt_rpfilter_info *info = par->matchinfo;
106 unsigned int options = ~XT_RPFILTER_OPTION_MASK; 106 unsigned int options = ~XT_RPFILTER_OPTION_MASK;
107 if (info->flags & options) { 107 if (info->flags & options) {
108 pr_info("unknown options encountered"); 108 pr_info_ratelimited("unknown options\n");
109 return -EINVAL; 109 return -EINVAL;
110 } 110 }
111 111
112 if (strcmp(par->table, "mangle") != 0 && 112 if (strcmp(par->table, "mangle") != 0 &&
113 strcmp(par->table, "raw") != 0) { 113 strcmp(par->table, "raw") != 0) {
114 pr_info("match only valid in the \'raw\' " 114 pr_info_ratelimited("only valid in \'raw\' or \'mangle\' table, not \'%s\'\n",
115 "or \'mangle\' tables, not \'%s\'.\n", par->table); 115 par->table);
116 return -EINVAL; 116 return -EINVAL;
117 } 117 }
118 118
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 49cc1c1df1ba..a4f44d815a61 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1826,6 +1826,8 @@ int fib_multipath_hash(const struct fib_info *fi, const struct flowi4 *fl4,
1826 return skb_get_hash_raw(skb) >> 1; 1826 return skb_get_hash_raw(skb) >> 1;
1827 memset(&hash_keys, 0, sizeof(hash_keys)); 1827 memset(&hash_keys, 0, sizeof(hash_keys));
1828 skb_flow_dissect_flow_keys(skb, &keys, flag); 1828 skb_flow_dissect_flow_keys(skb, &keys, flag);
1829
1830 hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
1829 hash_keys.addrs.v4addrs.src = keys.addrs.v4addrs.src; 1831 hash_keys.addrs.v4addrs.src = keys.addrs.v4addrs.src;
1830 hash_keys.addrs.v4addrs.dst = keys.addrs.v4addrs.dst; 1832 hash_keys.addrs.v4addrs.dst = keys.addrs.v4addrs.dst;
1831 hash_keys.ports.src = keys.ports.src; 1833 hash_keys.ports.src = keys.ports.src;
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index b2bca373f8be..6818042cd8a9 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -1730,7 +1730,7 @@ u32 tcp_tso_autosize(const struct sock *sk, unsigned int mss_now,
1730 */ 1730 */
1731 segs = max_t(u32, bytes / mss_now, min_tso_segs); 1731 segs = max_t(u32, bytes / mss_now, min_tso_segs);
1732 1732
1733 return min_t(u32, segs, sk->sk_gso_max_segs); 1733 return segs;
1734} 1734}
1735EXPORT_SYMBOL(tcp_tso_autosize); 1735EXPORT_SYMBOL(tcp_tso_autosize);
1736 1736
@@ -1742,9 +1742,10 @@ static u32 tcp_tso_segs(struct sock *sk, unsigned int mss_now)
1742 const struct tcp_congestion_ops *ca_ops = inet_csk(sk)->icsk_ca_ops; 1742 const struct tcp_congestion_ops *ca_ops = inet_csk(sk)->icsk_ca_ops;
1743 u32 tso_segs = ca_ops->tso_segs_goal ? ca_ops->tso_segs_goal(sk) : 0; 1743 u32 tso_segs = ca_ops->tso_segs_goal ? ca_ops->tso_segs_goal(sk) : 0;
1744 1744
1745 return tso_segs ? : 1745 if (!tso_segs)
1746 tcp_tso_autosize(sk, mss_now, 1746 tso_segs = tcp_tso_autosize(sk, mss_now,
1747 sock_net(sk)->ipv4.sysctl_tcp_min_tso_segs); 1747 sock_net(sk)->ipv4.sysctl_tcp_min_tso_segs);
1748 return min_t(u32, tso_segs, sk->sk_gso_max_segs);
1748} 1749}
1749 1750
1750/* Returns the portion of skb which can be sent right away */ 1751/* Returns the portion of skb which can be sent right away */
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index d78d41fc4b1a..24535169663d 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -1367,10 +1367,7 @@ int ipv6_getsockopt(struct sock *sk, int level, int optname,
1367 if (get_user(len, optlen)) 1367 if (get_user(len, optlen))
1368 return -EFAULT; 1368 return -EFAULT;
1369 1369
1370 lock_sock(sk); 1370 err = nf_getsockopt(sk, PF_INET6, optname, optval, &len);
1371 err = nf_getsockopt(sk, PF_INET6, optname, optval,
1372 &len);
1373 release_sock(sk);
1374 if (err >= 0) 1371 if (err >= 0)
1375 err = put_user(len, optlen); 1372 err = put_user(len, optlen);
1376 } 1373 }
@@ -1409,10 +1406,7 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1409 if (get_user(len, optlen)) 1406 if (get_user(len, optlen))
1410 return -EFAULT; 1407 return -EFAULT;
1411 1408
1412 lock_sock(sk); 1409 err = compat_nf_getsockopt(sk, PF_INET6, optname, optval, &len);
1413 err = compat_nf_getsockopt(sk, PF_INET6,
1414 optname, optval, &len);
1415 release_sock(sk);
1416 if (err >= 0) 1410 if (err >= 0)
1417 err = put_user(len, optlen); 1411 err = put_user(len, optlen);
1418 } 1412 }
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index af4c917e0836..62358b93bbac 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -352,6 +352,10 @@ ip6t_do_table(struct sk_buff *skb,
352 } 352 }
353 if (table_base + v != ip6t_next_entry(e) && 353 if (table_base + v != ip6t_next_entry(e) &&
354 !(e->ipv6.flags & IP6T_F_GOTO)) { 354 !(e->ipv6.flags & IP6T_F_GOTO)) {
355 if (unlikely(stackidx >= private->stacksize)) {
356 verdict = NF_DROP;
357 break;
358 }
355 jumpstack[stackidx++] = e; 359 jumpstack[stackidx++] = e;
356 } 360 }
357 361
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index fa51a205918d..38dea8ff680f 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -85,14 +85,14 @@ static int reject_tg6_check(const struct xt_tgchk_param *par)
85 const struct ip6t_entry *e = par->entryinfo; 85 const struct ip6t_entry *e = par->entryinfo;
86 86
87 if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) { 87 if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) {
88 pr_info("ECHOREPLY is not supported.\n"); 88 pr_info_ratelimited("ECHOREPLY is not supported\n");
89 return -EINVAL; 89 return -EINVAL;
90 } else if (rejinfo->with == IP6T_TCP_RESET) { 90 } else if (rejinfo->with == IP6T_TCP_RESET) {
91 /* Must specify that it's a TCP packet */ 91 /* Must specify that it's a TCP packet */
92 if (!(e->ipv6.flags & IP6T_F_PROTO) || 92 if (!(e->ipv6.flags & IP6T_F_PROTO) ||
93 e->ipv6.proto != IPPROTO_TCP || 93 e->ipv6.proto != IPPROTO_TCP ||
94 (e->ipv6.invflags & XT_INV_PROTO)) { 94 (e->ipv6.invflags & XT_INV_PROTO)) {
95 pr_info("TCP_RESET illegal for non-tcp\n"); 95 pr_info_ratelimited("TCP_RESET illegal for non-tcp\n");
96 return -EINVAL; 96 return -EINVAL;
97 } 97 }
98 } 98 }
diff --git a/net/ipv6/netfilter/ip6t_rpfilter.c b/net/ipv6/netfilter/ip6t_rpfilter.c
index b12e61b7b16c..94deb69bbbda 100644
--- a/net/ipv6/netfilter/ip6t_rpfilter.c
+++ b/net/ipv6/netfilter/ip6t_rpfilter.c
@@ -103,14 +103,14 @@ static int rpfilter_check(const struct xt_mtchk_param *par)
103 unsigned int options = ~XT_RPFILTER_OPTION_MASK; 103 unsigned int options = ~XT_RPFILTER_OPTION_MASK;
104 104
105 if (info->flags & options) { 105 if (info->flags & options) {
106 pr_info("unknown options encountered"); 106 pr_info_ratelimited("unknown options\n");
107 return -EINVAL; 107 return -EINVAL;
108 } 108 }
109 109
110 if (strcmp(par->table, "mangle") != 0 && 110 if (strcmp(par->table, "mangle") != 0 &&
111 strcmp(par->table, "raw") != 0) { 111 strcmp(par->table, "raw") != 0) {
112 pr_info("match only valid in the \'raw\' " 112 pr_info_ratelimited("only valid in \'raw\' or \'mangle\' table, not \'%s\'\n",
113 "or \'mangle\' tables, not \'%s\'.\n", par->table); 113 par->table);
114 return -EINVAL; 114 return -EINVAL;
115 } 115 }
116 116
diff --git a/net/ipv6/netfilter/ip6t_srh.c b/net/ipv6/netfilter/ip6t_srh.c
index 9642164107ce..33719d5560c8 100644
--- a/net/ipv6/netfilter/ip6t_srh.c
+++ b/net/ipv6/netfilter/ip6t_srh.c
@@ -122,12 +122,14 @@ static int srh_mt6_check(const struct xt_mtchk_param *par)
122 const struct ip6t_srh *srhinfo = par->matchinfo; 122 const struct ip6t_srh *srhinfo = par->matchinfo;
123 123
124 if (srhinfo->mt_flags & ~IP6T_SRH_MASK) { 124 if (srhinfo->mt_flags & ~IP6T_SRH_MASK) {
125 pr_err("unknown srh match flags %X\n", srhinfo->mt_flags); 125 pr_info_ratelimited("unknown srh match flags %X\n",
126 srhinfo->mt_flags);
126 return -EINVAL; 127 return -EINVAL;
127 } 128 }
128 129
129 if (srhinfo->mt_invflags & ~IP6T_SRH_INV_MASK) { 130 if (srhinfo->mt_invflags & ~IP6T_SRH_INV_MASK) {
130 pr_err("unknown srh invflags %X\n", srhinfo->mt_invflags); 131 pr_info_ratelimited("unknown srh invflags %X\n",
132 srhinfo->mt_invflags);
131 return -EINVAL; 133 return -EINVAL;
132 } 134 }
133 135
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index 3873d3877135..3a1775a62973 100644
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -182,7 +182,7 @@ static void ipip6_tunnel_clone_6rd(struct net_device *dev, struct sit_net *sitn)
182#ifdef CONFIG_IPV6_SIT_6RD 182#ifdef CONFIG_IPV6_SIT_6RD
183 struct ip_tunnel *t = netdev_priv(dev); 183 struct ip_tunnel *t = netdev_priv(dev);
184 184
185 if (t->dev == sitn->fb_tunnel_dev) { 185 if (dev == sitn->fb_tunnel_dev) {
186 ipv6_addr_set(&t->ip6rd.prefix, htonl(0x20020000), 0, 0, 0); 186 ipv6_addr_set(&t->ip6rd.prefix, htonl(0x20020000), 0, 0, 0);
187 t->ip6rd.relay_prefix = 0; 187 t->ip6rd.relay_prefix = 0;
188 t->ip6rd.prefixlen = 16; 188 t->ip6rd.prefixlen = 16;
diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c
index a8b1616cec41..1f3188d03840 100644
--- a/net/mac80211/agg-rx.c
+++ b/net/mac80211/agg-rx.c
@@ -8,6 +8,7 @@
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2010, Intel Corporation 9 * Copyright 2007-2010, Intel Corporation
10 * Copyright(c) 2015-2017 Intel Deutschland GmbH 10 * Copyright(c) 2015-2017 Intel Deutschland GmbH
11 * Copyright (C) 2018 Intel Corporation
11 * 12 *
12 * This program is free software; you can redistribute it and/or modify 13 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License version 2 as 14 * it under the terms of the GNU General Public License version 2 as
@@ -304,9 +305,6 @@ void ___ieee80211_start_rx_ba_session(struct sta_info *sta,
304 * driver so reject the timeout update. 305 * driver so reject the timeout update.
305 */ 306 */
306 status = WLAN_STATUS_REQUEST_DECLINED; 307 status = WLAN_STATUS_REQUEST_DECLINED;
307 ieee80211_send_addba_resp(sta->sdata, sta->sta.addr,
308 tid, dialog_token, status,
309 1, buf_size, timeout);
310 goto end; 308 goto end;
311 } 309 }
312 310
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 46028e12e216..f4195a0f0279 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -2892,7 +2892,7 @@ cfg80211_beacon_dup(struct cfg80211_beacon_data *beacon)
2892 } 2892 }
2893 if (beacon->probe_resp_len) { 2893 if (beacon->probe_resp_len) {
2894 new_beacon->probe_resp_len = beacon->probe_resp_len; 2894 new_beacon->probe_resp_len = beacon->probe_resp_len;
2895 beacon->probe_resp = pos; 2895 new_beacon->probe_resp = pos;
2896 memcpy(pos, beacon->probe_resp, beacon->probe_resp_len); 2896 memcpy(pos, beacon->probe_resp, beacon->probe_resp_len);
2897 pos += beacon->probe_resp_len; 2897 pos += beacon->probe_resp_len;
2898 } 2898 }
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
index 26900025de2f..ae9c33cd8ada 100644
--- a/net/mac80211/ieee80211_i.h
+++ b/net/mac80211/ieee80211_i.h
@@ -1467,7 +1467,7 @@ struct ieee802_11_elems {
1467 const struct ieee80211_timeout_interval_ie *timeout_int; 1467 const struct ieee80211_timeout_interval_ie *timeout_int;
1468 const u8 *opmode_notif; 1468 const u8 *opmode_notif;
1469 const struct ieee80211_sec_chan_offs_ie *sec_chan_offs; 1469 const struct ieee80211_sec_chan_offs_ie *sec_chan_offs;
1470 const struct ieee80211_mesh_chansw_params_ie *mesh_chansw_params_ie; 1470 struct ieee80211_mesh_chansw_params_ie *mesh_chansw_params_ie;
1471 const struct ieee80211_bss_max_idle_period_ie *max_idle_period_ie; 1471 const struct ieee80211_bss_max_idle_period_ie *max_idle_period_ie;
1472 1472
1473 /* length of them, respectively */ 1473 /* length of them, respectively */
diff --git a/net/mac80211/mesh.c b/net/mac80211/mesh.c
index 73ac607beb5d..6a381cbe1e33 100644
--- a/net/mac80211/mesh.c
+++ b/net/mac80211/mesh.c
@@ -1255,13 +1255,12 @@ int ieee80211_mesh_csa_beacon(struct ieee80211_sub_if_data *sdata,
1255} 1255}
1256 1256
1257static int mesh_fwd_csa_frame(struct ieee80211_sub_if_data *sdata, 1257static int mesh_fwd_csa_frame(struct ieee80211_sub_if_data *sdata,
1258 struct ieee80211_mgmt *mgmt, size_t len) 1258 struct ieee80211_mgmt *mgmt, size_t len,
1259 struct ieee802_11_elems *elems)
1259{ 1260{
1260 struct ieee80211_mgmt *mgmt_fwd; 1261 struct ieee80211_mgmt *mgmt_fwd;
1261 struct sk_buff *skb; 1262 struct sk_buff *skb;
1262 struct ieee80211_local *local = sdata->local; 1263 struct ieee80211_local *local = sdata->local;
1263 u8 *pos = mgmt->u.action.u.chan_switch.variable;
1264 size_t offset_ttl;
1265 1264
1266 skb = dev_alloc_skb(local->tx_headroom + len); 1265 skb = dev_alloc_skb(local->tx_headroom + len);
1267 if (!skb) 1266 if (!skb)
@@ -1269,13 +1268,9 @@ static int mesh_fwd_csa_frame(struct ieee80211_sub_if_data *sdata,
1269 skb_reserve(skb, local->tx_headroom); 1268 skb_reserve(skb, local->tx_headroom);
1270 mgmt_fwd = skb_put(skb, len); 1269 mgmt_fwd = skb_put(skb, len);
1271 1270
1272 /* offset_ttl is based on whether the secondary channel 1271 elems->mesh_chansw_params_ie->mesh_ttl--;
1273 * offset is available or not. Subtract 1 from the mesh TTL 1272 elems->mesh_chansw_params_ie->mesh_flags &=
1274 * and disable the initiator flag before forwarding. 1273 ~WLAN_EID_CHAN_SWITCH_PARAM_INITIATOR;
1275 */
1276 offset_ttl = (len < 42) ? 7 : 10;
1277 *(pos + offset_ttl) -= 1;
1278 *(pos + offset_ttl + 1) &= ~WLAN_EID_CHAN_SWITCH_PARAM_INITIATOR;
1279 1274
1280 memcpy(mgmt_fwd, mgmt, len); 1275 memcpy(mgmt_fwd, mgmt, len);
1281 eth_broadcast_addr(mgmt_fwd->da); 1276 eth_broadcast_addr(mgmt_fwd->da);
@@ -1323,7 +1318,7 @@ static void mesh_rx_csa_frame(struct ieee80211_sub_if_data *sdata,
1323 1318
1324 /* forward or re-broadcast the CSA frame */ 1319 /* forward or re-broadcast the CSA frame */
1325 if (fwd_csa) { 1320 if (fwd_csa) {
1326 if (mesh_fwd_csa_frame(sdata, mgmt, len) < 0) 1321 if (mesh_fwd_csa_frame(sdata, mgmt, len, &elems) < 0)
1327 mcsa_dbg(sdata, "Failed to forward the CSA frame"); 1322 mcsa_dbg(sdata, "Failed to forward the CSA frame");
1328 } 1323 }
1329} 1324}
diff --git a/net/mac80211/spectmgmt.c b/net/mac80211/spectmgmt.c
index ee0181778a42..029334835747 100644
--- a/net/mac80211/spectmgmt.c
+++ b/net/mac80211/spectmgmt.c
@@ -8,6 +8,7 @@
8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net>
9 * Copyright 2007-2008, Intel Corporation 9 * Copyright 2007-2008, Intel Corporation
10 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net> 10 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net>
11 * Copyright (C) 2018 Intel Corporation
11 * 12 *
12 * This program is free software; you can redistribute it and/or modify 13 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License version 2 as 14 * it under the terms of the GNU General Public License version 2 as
@@ -27,7 +28,7 @@ int ieee80211_parse_ch_switch_ie(struct ieee80211_sub_if_data *sdata,
27 u32 sta_flags, u8 *bssid, 28 u32 sta_flags, u8 *bssid,
28 struct ieee80211_csa_ie *csa_ie) 29 struct ieee80211_csa_ie *csa_ie)
29{ 30{
30 enum nl80211_band new_band; 31 enum nl80211_band new_band = current_band;
31 int new_freq; 32 int new_freq;
32 u8 new_chan_no; 33 u8 new_chan_no;
33 struct ieee80211_channel *new_chan; 34 struct ieee80211_channel *new_chan;
@@ -55,15 +56,13 @@ int ieee80211_parse_ch_switch_ie(struct ieee80211_sub_if_data *sdata,
55 elems->ext_chansw_ie->new_operating_class, 56 elems->ext_chansw_ie->new_operating_class,
56 &new_band)) { 57 &new_band)) {
57 sdata_info(sdata, 58 sdata_info(sdata,
58 "cannot understand ECSA IE operating class %d, disconnecting\n", 59 "cannot understand ECSA IE operating class, %d, ignoring\n",
59 elems->ext_chansw_ie->new_operating_class); 60 elems->ext_chansw_ie->new_operating_class);
60 return -EINVAL;
61 } 61 }
62 new_chan_no = elems->ext_chansw_ie->new_ch_num; 62 new_chan_no = elems->ext_chansw_ie->new_ch_num;
63 csa_ie->count = elems->ext_chansw_ie->count; 63 csa_ie->count = elems->ext_chansw_ie->count;
64 csa_ie->mode = elems->ext_chansw_ie->mode; 64 csa_ie->mode = elems->ext_chansw_ie->mode;
65 } else if (elems->ch_switch_ie) { 65 } else if (elems->ch_switch_ie) {
66 new_band = current_band;
67 new_chan_no = elems->ch_switch_ie->new_ch_num; 66 new_chan_no = elems->ch_switch_ie->new_ch_num;
68 csa_ie->count = elems->ch_switch_ie->count; 67 csa_ie->count = elems->ch_switch_ie->count;
69 csa_ie->mode = elems->ch_switch_ie->mode; 68 csa_ie->mode = elems->ch_switch_ie->mode;
diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c
index 0c5627f8a104..af0b608ee8ed 100644
--- a/net/mac80211/sta_info.c
+++ b/net/mac80211/sta_info.c
@@ -314,7 +314,7 @@ struct sta_info *sta_info_alloc(struct ieee80211_sub_if_data *sdata,
314 314
315 if (ieee80211_hw_check(hw, USES_RSS)) { 315 if (ieee80211_hw_check(hw, USES_RSS)) {
316 sta->pcpu_rx_stats = 316 sta->pcpu_rx_stats =
317 alloc_percpu(struct ieee80211_sta_rx_stats); 317 alloc_percpu_gfp(struct ieee80211_sta_rx_stats, gfp);
318 if (!sta->pcpu_rx_stats) 318 if (!sta->pcpu_rx_stats)
319 goto free; 319 goto free;
320 } 320 }
@@ -433,6 +433,7 @@ free_txq:
433 if (sta->sta.txq[0]) 433 if (sta->sta.txq[0])
434 kfree(to_txq_info(sta->sta.txq[0])); 434 kfree(to_txq_info(sta->sta.txq[0]));
435free: 435free:
436 free_percpu(sta->pcpu_rx_stats);
436#ifdef CONFIG_MAC80211_MESH 437#ifdef CONFIG_MAC80211_MESH
437 kfree(sta->mesh); 438 kfree(sta->mesh);
438#endif 439#endif
diff --git a/net/netfilter/nf_nat_proto_common.c b/net/netfilter/nf_nat_proto_common.c
index fbce552a796e..7d7466dbf663 100644
--- a/net/netfilter/nf_nat_proto_common.c
+++ b/net/netfilter/nf_nat_proto_common.c
@@ -41,7 +41,7 @@ void nf_nat_l4proto_unique_tuple(const struct nf_nat_l3proto *l3proto,
41 const struct nf_conn *ct, 41 const struct nf_conn *ct,
42 u16 *rover) 42 u16 *rover)
43{ 43{
44 unsigned int range_size, min, i; 44 unsigned int range_size, min, max, i;
45 __be16 *portptr; 45 __be16 *portptr;
46 u_int16_t off; 46 u_int16_t off;
47 47
@@ -71,7 +71,10 @@ void nf_nat_l4proto_unique_tuple(const struct nf_nat_l3proto *l3proto,
71 } 71 }
72 } else { 72 } else {
73 min = ntohs(range->min_proto.all); 73 min = ntohs(range->min_proto.all);
74 range_size = ntohs(range->max_proto.all) - min + 1; 74 max = ntohs(range->max_proto.all);
75 if (unlikely(max < min))
76 swap(max, min);
77 range_size = max - min + 1;
75 } 78 }
76 79
77 if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) { 80 if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) {
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 2f685ee1f9c8..fa1655aff8d3 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -434,36 +434,35 @@ int xt_check_match(struct xt_mtchk_param *par,
434 * ebt_among is exempt from centralized matchsize checking 434 * ebt_among is exempt from centralized matchsize checking
435 * because it uses a dynamic-size data set. 435 * because it uses a dynamic-size data set.
436 */ 436 */
437 pr_err("%s_tables: %s.%u match: invalid size " 437 pr_err_ratelimited("%s_tables: %s.%u match: invalid size %u (kernel) != (user) %u\n",
438 "%u (kernel) != (user) %u\n", 438 xt_prefix[par->family], par->match->name,
439 xt_prefix[par->family], par->match->name, 439 par->match->revision,
440 par->match->revision, 440 XT_ALIGN(par->match->matchsize), size);
441 XT_ALIGN(par->match->matchsize), size);
442 return -EINVAL; 441 return -EINVAL;
443 } 442 }
444 if (par->match->table != NULL && 443 if (par->match->table != NULL &&
445 strcmp(par->match->table, par->table) != 0) { 444 strcmp(par->match->table, par->table) != 0) {
446 pr_err("%s_tables: %s match: only valid in %s table, not %s\n", 445 pr_info_ratelimited("%s_tables: %s match: only valid in %s table, not %s\n",
447 xt_prefix[par->family], par->match->name, 446 xt_prefix[par->family], par->match->name,
448 par->match->table, par->table); 447 par->match->table, par->table);
449 return -EINVAL; 448 return -EINVAL;
450 } 449 }
451 if (par->match->hooks && (par->hook_mask & ~par->match->hooks) != 0) { 450 if (par->match->hooks && (par->hook_mask & ~par->match->hooks) != 0) {
452 char used[64], allow[64]; 451 char used[64], allow[64];
453 452
454 pr_err("%s_tables: %s match: used from hooks %s, but only " 453 pr_info_ratelimited("%s_tables: %s match: used from hooks %s, but only valid from %s\n",
455 "valid from %s\n", 454 xt_prefix[par->family], par->match->name,
456 xt_prefix[par->family], par->match->name, 455 textify_hooks(used, sizeof(used),
457 textify_hooks(used, sizeof(used), par->hook_mask, 456 par->hook_mask, par->family),
458 par->family), 457 textify_hooks(allow, sizeof(allow),
459 textify_hooks(allow, sizeof(allow), par->match->hooks, 458 par->match->hooks,
460 par->family)); 459 par->family));
461 return -EINVAL; 460 return -EINVAL;
462 } 461 }
463 if (par->match->proto && (par->match->proto != proto || inv_proto)) { 462 if (par->match->proto && (par->match->proto != proto || inv_proto)) {
464 pr_err("%s_tables: %s match: only valid for protocol %u\n", 463 pr_info_ratelimited("%s_tables: %s match: only valid for protocol %u\n",
465 xt_prefix[par->family], par->match->name, 464 xt_prefix[par->family], par->match->name,
466 par->match->proto); 465 par->match->proto);
467 return -EINVAL; 466 return -EINVAL;
468 } 467 }
469 if (par->match->checkentry != NULL) { 468 if (par->match->checkentry != NULL) {
@@ -814,36 +813,35 @@ int xt_check_target(struct xt_tgchk_param *par,
814 int ret; 813 int ret;
815 814
816 if (XT_ALIGN(par->target->targetsize) != size) { 815 if (XT_ALIGN(par->target->targetsize) != size) {
817 pr_err("%s_tables: %s.%u target: invalid size " 816 pr_err_ratelimited("%s_tables: %s.%u target: invalid size %u (kernel) != (user) %u\n",
818 "%u (kernel) != (user) %u\n", 817 xt_prefix[par->family], par->target->name,
819 xt_prefix[par->family], par->target->name, 818 par->target->revision,
820 par->target->revision, 819 XT_ALIGN(par->target->targetsize), size);
821 XT_ALIGN(par->target->targetsize), size);
822 return -EINVAL; 820 return -EINVAL;
823 } 821 }
824 if (par->target->table != NULL && 822 if (par->target->table != NULL &&
825 strcmp(par->target->table, par->table) != 0) { 823 strcmp(par->target->table, par->table) != 0) {
826 pr_err("%s_tables: %s target: only valid in %s table, not %s\n", 824 pr_info_ratelimited("%s_tables: %s target: only valid in %s table, not %s\n",
827 xt_prefix[par->family], par->target->name, 825 xt_prefix[par->family], par->target->name,
828 par->target->table, par->table); 826 par->target->table, par->table);
829 return -EINVAL; 827 return -EINVAL;
830 } 828 }
831 if (par->target->hooks && (par->hook_mask & ~par->target->hooks) != 0) { 829 if (par->target->hooks && (par->hook_mask & ~par->target->hooks) != 0) {
832 char used[64], allow[64]; 830 char used[64], allow[64];
833 831
834 pr_err("%s_tables: %s target: used from hooks %s, but only " 832 pr_info_ratelimited("%s_tables: %s target: used from hooks %s, but only usable from %s\n",
835 "usable from %s\n", 833 xt_prefix[par->family], par->target->name,
836 xt_prefix[par->family], par->target->name, 834 textify_hooks(used, sizeof(used),
837 textify_hooks(used, sizeof(used), par->hook_mask, 835 par->hook_mask, par->family),
838 par->family), 836 textify_hooks(allow, sizeof(allow),
839 textify_hooks(allow, sizeof(allow), par->target->hooks, 837 par->target->hooks,
840 par->family)); 838 par->family));
841 return -EINVAL; 839 return -EINVAL;
842 } 840 }
843 if (par->target->proto && (par->target->proto != proto || inv_proto)) { 841 if (par->target->proto && (par->target->proto != proto || inv_proto)) {
844 pr_err("%s_tables: %s target: only valid for protocol %u\n", 842 pr_info_ratelimited("%s_tables: %s target: only valid for protocol %u\n",
845 xt_prefix[par->family], par->target->name, 843 xt_prefix[par->family], par->target->name,
846 par->target->proto); 844 par->target->proto);
847 return -EINVAL; 845 return -EINVAL;
848 } 846 }
849 if (par->target->checkentry != NULL) { 847 if (par->target->checkentry != NULL) {
@@ -1004,10 +1002,6 @@ struct xt_table_info *xt_alloc_table_info(unsigned int size)
1004 if (sz < sizeof(*info)) 1002 if (sz < sizeof(*info))
1005 return NULL; 1003 return NULL;
1006 1004
1007 /* Pedantry: prevent them from hitting BUG() in vmalloc.c --RR */
1008 if ((size >> PAGE_SHIFT) + 2 > totalram_pages)
1009 return NULL;
1010
1011 /* __GFP_NORETRY is not fully supported by kvmalloc but it should 1005 /* __GFP_NORETRY is not fully supported by kvmalloc but it should
1012 * work reasonably well if sz is too large and bail out rather 1006 * work reasonably well if sz is too large and bail out rather
1013 * than shoot all processes down before realizing there is nothing 1007 * than shoot all processes down before realizing there is nothing
diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c
index c502419d6306..f368ee6741db 100644
--- a/net/netfilter/xt_AUDIT.c
+++ b/net/netfilter/xt_AUDIT.c
@@ -120,8 +120,8 @@ static int audit_tg_check(const struct xt_tgchk_param *par)
120 const struct xt_audit_info *info = par->targinfo; 120 const struct xt_audit_info *info = par->targinfo;
121 121
122 if (info->type > XT_AUDIT_TYPE_MAX) { 122 if (info->type > XT_AUDIT_TYPE_MAX) {
123 pr_info("Audit type out of range (valid range: 0..%hhu)\n", 123 pr_info_ratelimited("Audit type out of range (valid range: 0..%hhu)\n",
124 XT_AUDIT_TYPE_MAX); 124 XT_AUDIT_TYPE_MAX);
125 return -ERANGE; 125 return -ERANGE;
126 } 126 }
127 127
diff --git a/net/netfilter/xt_CHECKSUM.c b/net/netfilter/xt_CHECKSUM.c
index 0f642ef8cd26..9f4151ec3e06 100644
--- a/net/netfilter/xt_CHECKSUM.c
+++ b/net/netfilter/xt_CHECKSUM.c
@@ -36,13 +36,13 @@ static int checksum_tg_check(const struct xt_tgchk_param *par)
36 const struct xt_CHECKSUM_info *einfo = par->targinfo; 36 const struct xt_CHECKSUM_info *einfo = par->targinfo;
37 37
38 if (einfo->operation & ~XT_CHECKSUM_OP_FILL) { 38 if (einfo->operation & ~XT_CHECKSUM_OP_FILL) {
39 pr_info("unsupported CHECKSUM operation %x\n", einfo->operation); 39 pr_info_ratelimited("unsupported CHECKSUM operation %x\n",
40 einfo->operation);
40 return -EINVAL; 41 return -EINVAL;
41 } 42 }
42 if (!einfo->operation) { 43 if (!einfo->operation)
43 pr_info("no CHECKSUM operation enabled\n");
44 return -EINVAL; 44 return -EINVAL;
45 } 45
46 return 0; 46 return 0;
47} 47}
48 48
diff --git a/net/netfilter/xt_CONNSECMARK.c b/net/netfilter/xt_CONNSECMARK.c
index da56c06a443c..f3f1caac949b 100644
--- a/net/netfilter/xt_CONNSECMARK.c
+++ b/net/netfilter/xt_CONNSECMARK.c
@@ -91,8 +91,8 @@ static int connsecmark_tg_check(const struct xt_tgchk_param *par)
91 91
92 if (strcmp(par->table, "mangle") != 0 && 92 if (strcmp(par->table, "mangle") != 0 &&
93 strcmp(par->table, "security") != 0) { 93 strcmp(par->table, "security") != 0) {
94 pr_info("target only valid in the \'mangle\' " 94 pr_info_ratelimited("only valid in \'mangle\' or \'security\' table, not \'%s\'\n",
95 "or \'security\' tables, not \'%s\'.\n", par->table); 95 par->table);
96 return -EINVAL; 96 return -EINVAL;
97 } 97 }
98 98
@@ -102,14 +102,14 @@ static int connsecmark_tg_check(const struct xt_tgchk_param *par)
102 break; 102 break;
103 103
104 default: 104 default:
105 pr_info("invalid mode: %hu\n", info->mode); 105 pr_info_ratelimited("invalid mode: %hu\n", info->mode);
106 return -EINVAL; 106 return -EINVAL;
107 } 107 }
108 108
109 ret = nf_ct_netns_get(par->net, par->family); 109 ret = nf_ct_netns_get(par->net, par->family);
110 if (ret < 0) 110 if (ret < 0)
111 pr_info("cannot load conntrack support for proto=%u\n", 111 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
112 par->family); 112 par->family);
113 return ret; 113 return ret;
114} 114}
115 115
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
index 5a152e2acfd5..8790190c6feb 100644
--- a/net/netfilter/xt_CT.c
+++ b/net/netfilter/xt_CT.c
@@ -82,15 +82,14 @@ xt_ct_set_helper(struct nf_conn *ct, const char *helper_name,
82 82
83 proto = xt_ct_find_proto(par); 83 proto = xt_ct_find_proto(par);
84 if (!proto) { 84 if (!proto) {
85 pr_info("You must specify a L4 protocol, and not use " 85 pr_info_ratelimited("You must specify a L4 protocol and not use inversions on it\n");
86 "inversions on it.\n");
87 return -ENOENT; 86 return -ENOENT;
88 } 87 }
89 88
90 helper = nf_conntrack_helper_try_module_get(helper_name, par->family, 89 helper = nf_conntrack_helper_try_module_get(helper_name, par->family,
91 proto); 90 proto);
92 if (helper == NULL) { 91 if (helper == NULL) {
93 pr_info("No such helper \"%s\"\n", helper_name); 92 pr_info_ratelimited("No such helper \"%s\"\n", helper_name);
94 return -ENOENT; 93 return -ENOENT;
95 } 94 }
96 95
@@ -124,6 +123,7 @@ xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par,
124 const struct nf_conntrack_l4proto *l4proto; 123 const struct nf_conntrack_l4proto *l4proto;
125 struct ctnl_timeout *timeout; 124 struct ctnl_timeout *timeout;
126 struct nf_conn_timeout *timeout_ext; 125 struct nf_conn_timeout *timeout_ext;
126 const char *errmsg = NULL;
127 int ret = 0; 127 int ret = 0;
128 u8 proto; 128 u8 proto;
129 129
@@ -131,29 +131,29 @@ xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par,
131 timeout_find_get = rcu_dereference(nf_ct_timeout_find_get_hook); 131 timeout_find_get = rcu_dereference(nf_ct_timeout_find_get_hook);
132 if (timeout_find_get == NULL) { 132 if (timeout_find_get == NULL) {
133 ret = -ENOENT; 133 ret = -ENOENT;
134 pr_info("Timeout policy base is empty\n"); 134 errmsg = "Timeout policy base is empty";
135 goto out; 135 goto out;
136 } 136 }
137 137
138 proto = xt_ct_find_proto(par); 138 proto = xt_ct_find_proto(par);
139 if (!proto) { 139 if (!proto) {
140 ret = -EINVAL; 140 ret = -EINVAL;
141 pr_info("You must specify a L4 protocol, and not use " 141 errmsg = "You must specify a L4 protocol and not use inversions on it";
142 "inversions on it.\n");
143 goto out; 142 goto out;
144 } 143 }
145 144
146 timeout = timeout_find_get(par->net, timeout_name); 145 timeout = timeout_find_get(par->net, timeout_name);
147 if (timeout == NULL) { 146 if (timeout == NULL) {
148 ret = -ENOENT; 147 ret = -ENOENT;
149 pr_info("No such timeout policy \"%s\"\n", timeout_name); 148 pr_info_ratelimited("No such timeout policy \"%s\"\n",
149 timeout_name);
150 goto out; 150 goto out;
151 } 151 }
152 152
153 if (timeout->l3num != par->family) { 153 if (timeout->l3num != par->family) {
154 ret = -EINVAL; 154 ret = -EINVAL;
155 pr_info("Timeout policy `%s' can only be used by L3 protocol " 155 pr_info_ratelimited("Timeout policy `%s' can only be used by L%d protocol number %d\n",
156 "number %d\n", timeout_name, timeout->l3num); 156 timeout_name, 3, timeout->l3num);
157 goto err_put_timeout; 157 goto err_put_timeout;
158 } 158 }
159 /* Make sure the timeout policy matches any existing protocol tracker, 159 /* Make sure the timeout policy matches any existing protocol tracker,
@@ -162,9 +162,8 @@ xt_ct_set_timeout(struct nf_conn *ct, const struct xt_tgchk_param *par,
162 l4proto = __nf_ct_l4proto_find(par->family, proto); 162 l4proto = __nf_ct_l4proto_find(par->family, proto);
163 if (timeout->l4proto->l4proto != l4proto->l4proto) { 163 if (timeout->l4proto->l4proto != l4proto->l4proto) {
164 ret = -EINVAL; 164 ret = -EINVAL;
165 pr_info("Timeout policy `%s' can only be used by L4 protocol " 165 pr_info_ratelimited("Timeout policy `%s' can only be used by L%d protocol number %d\n",
166 "number %d\n", 166 timeout_name, 4, timeout->l4proto->l4proto);
167 timeout_name, timeout->l4proto->l4proto);
168 goto err_put_timeout; 167 goto err_put_timeout;
169 } 168 }
170 timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC); 169 timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC);
@@ -180,6 +179,8 @@ err_put_timeout:
180 __xt_ct_tg_timeout_put(timeout); 179 __xt_ct_tg_timeout_put(timeout);
181out: 180out:
182 rcu_read_unlock(); 181 rcu_read_unlock();
182 if (errmsg)
183 pr_info_ratelimited("%s\n", errmsg);
183 return ret; 184 return ret;
184#else 185#else
185 return -EOPNOTSUPP; 186 return -EOPNOTSUPP;
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c
index 3f83d38c4e5b..098ed851b7a7 100644
--- a/net/netfilter/xt_DSCP.c
+++ b/net/netfilter/xt_DSCP.c
@@ -66,10 +66,8 @@ static int dscp_tg_check(const struct xt_tgchk_param *par)
66{ 66{
67 const struct xt_DSCP_info *info = par->targinfo; 67 const struct xt_DSCP_info *info = par->targinfo;
68 68
69 if (info->dscp > XT_DSCP_MAX) { 69 if (info->dscp > XT_DSCP_MAX)
70 pr_info("dscp %x out of range\n", info->dscp);
71 return -EDOM; 70 return -EDOM;
72 }
73 return 0; 71 return 0;
74} 72}
75 73
diff --git a/net/netfilter/xt_HL.c b/net/netfilter/xt_HL.c
index 1535e87ed9bd..4653b071bed4 100644
--- a/net/netfilter/xt_HL.c
+++ b/net/netfilter/xt_HL.c
@@ -105,10 +105,8 @@ static int ttl_tg_check(const struct xt_tgchk_param *par)
105{ 105{
106 const struct ipt_TTL_info *info = par->targinfo; 106 const struct ipt_TTL_info *info = par->targinfo;
107 107
108 if (info->mode > IPT_TTL_MAXMODE) { 108 if (info->mode > IPT_TTL_MAXMODE)
109 pr_info("TTL: invalid or unknown mode %u\n", info->mode);
110 return -EINVAL; 109 return -EINVAL;
111 }
112 if (info->mode != IPT_TTL_SET && info->ttl == 0) 110 if (info->mode != IPT_TTL_SET && info->ttl == 0)
113 return -EINVAL; 111 return -EINVAL;
114 return 0; 112 return 0;
@@ -118,15 +116,10 @@ static int hl_tg6_check(const struct xt_tgchk_param *par)
118{ 116{
119 const struct ip6t_HL_info *info = par->targinfo; 117 const struct ip6t_HL_info *info = par->targinfo;
120 118
121 if (info->mode > IP6T_HL_MAXMODE) { 119 if (info->mode > IP6T_HL_MAXMODE)
122 pr_info("invalid or unknown mode %u\n", info->mode);
123 return -EINVAL; 120 return -EINVAL;
124 } 121 if (info->mode != IP6T_HL_SET && info->hop_limit == 0)
125 if (info->mode != IP6T_HL_SET && info->hop_limit == 0) {
126 pr_info("increment/decrement does not "
127 "make sense with value 0\n");
128 return -EINVAL; 122 return -EINVAL;
129 }
130 return 0; 123 return 0;
131} 124}
132 125
diff --git a/net/netfilter/xt_HMARK.c b/net/netfilter/xt_HMARK.c
index 60e6dbe12460..9c75f419cd80 100644
--- a/net/netfilter/xt_HMARK.c
+++ b/net/netfilter/xt_HMARK.c
@@ -9,6 +9,8 @@
9 * the Free Software Foundation. 9 * the Free Software Foundation.
10 */ 10 */
11 11
12#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13
12#include <linux/module.h> 14#include <linux/module.h>
13#include <linux/skbuff.h> 15#include <linux/skbuff.h>
14#include <linux/icmp.h> 16#include <linux/icmp.h>
@@ -312,29 +314,30 @@ hmark_tg_v4(struct sk_buff *skb, const struct xt_action_param *par)
312static int hmark_tg_check(const struct xt_tgchk_param *par) 314static int hmark_tg_check(const struct xt_tgchk_param *par)
313{ 315{
314 const struct xt_hmark_info *info = par->targinfo; 316 const struct xt_hmark_info *info = par->targinfo;
317 const char *errmsg = "proto mask must be zero with L3 mode";
315 318
316 if (!info->hmodulus) { 319 if (!info->hmodulus)
317 pr_info("xt_HMARK: hash modulus can't be zero\n");
318 return -EINVAL; 320 return -EINVAL;
319 } 321
320 if (info->proto_mask && 322 if (info->proto_mask &&
321 (info->flags & XT_HMARK_FLAG(XT_HMARK_METHOD_L3))) { 323 (info->flags & XT_HMARK_FLAG(XT_HMARK_METHOD_L3)))
322 pr_info("xt_HMARK: proto mask must be zero with L3 mode\n"); 324 goto err;
323 return -EINVAL; 325
324 }
325 if (info->flags & XT_HMARK_FLAG(XT_HMARK_SPI_MASK) && 326 if (info->flags & XT_HMARK_FLAG(XT_HMARK_SPI_MASK) &&
326 (info->flags & (XT_HMARK_FLAG(XT_HMARK_SPORT_MASK) | 327 (info->flags & (XT_HMARK_FLAG(XT_HMARK_SPORT_MASK) |
327 XT_HMARK_FLAG(XT_HMARK_DPORT_MASK)))) { 328 XT_HMARK_FLAG(XT_HMARK_DPORT_MASK))))
328 pr_info("xt_HMARK: spi-mask and port-mask can't be combined\n");
329 return -EINVAL; 329 return -EINVAL;
330 } 330
331 if (info->flags & XT_HMARK_FLAG(XT_HMARK_SPI) && 331 if (info->flags & XT_HMARK_FLAG(XT_HMARK_SPI) &&
332 (info->flags & (XT_HMARK_FLAG(XT_HMARK_SPORT) | 332 (info->flags & (XT_HMARK_FLAG(XT_HMARK_SPORT) |
333 XT_HMARK_FLAG(XT_HMARK_DPORT)))) { 333 XT_HMARK_FLAG(XT_HMARK_DPORT)))) {
334 pr_info("xt_HMARK: spi-set and port-set can't be combined\n"); 334 errmsg = "spi-set and port-set can't be combined";
335 return -EINVAL; 335 goto err;
336 } 336 }
337 return 0; 337 return 0;
338err:
339 pr_info_ratelimited("%s\n", errmsg);
340 return -EINVAL;
338} 341}
339 342
340static struct xt_target hmark_tg_reg[] __read_mostly = { 343static struct xt_target hmark_tg_reg[] __read_mostly = {
diff --git a/net/netfilter/xt_IDLETIMER.c b/net/netfilter/xt_IDLETIMER.c
index 6c2482b709b1..1ac6600bfafd 100644
--- a/net/netfilter/xt_IDLETIMER.c
+++ b/net/netfilter/xt_IDLETIMER.c
@@ -146,11 +146,11 @@ static int idletimer_tg_create(struct idletimer_tg_info *info)
146 timer_setup(&info->timer->timer, idletimer_tg_expired, 0); 146 timer_setup(&info->timer->timer, idletimer_tg_expired, 0);
147 info->timer->refcnt = 1; 147 info->timer->refcnt = 1;
148 148
149 INIT_WORK(&info->timer->work, idletimer_tg_work);
150
149 mod_timer(&info->timer->timer, 151 mod_timer(&info->timer->timer,
150 msecs_to_jiffies(info->timeout * 1000) + jiffies); 152 msecs_to_jiffies(info->timeout * 1000) + jiffies);
151 153
152 INIT_WORK(&info->timer->work, idletimer_tg_work);
153
154 return 0; 154 return 0;
155 155
156out_free_attr: 156out_free_attr:
@@ -191,7 +191,10 @@ static int idletimer_tg_checkentry(const struct xt_tgchk_param *par)
191 pr_debug("timeout value is zero\n"); 191 pr_debug("timeout value is zero\n");
192 return -EINVAL; 192 return -EINVAL;
193 } 193 }
194 194 if (info->timeout >= INT_MAX / 1000) {
195 pr_debug("timeout value is too big\n");
196 return -EINVAL;
197 }
195 if (info->label[0] == '\0' || 198 if (info->label[0] == '\0' ||
196 strnlen(info->label, 199 strnlen(info->label,
197 MAX_IDLETIMER_LABEL_SIZE) == MAX_IDLETIMER_LABEL_SIZE) { 200 MAX_IDLETIMER_LABEL_SIZE) == MAX_IDLETIMER_LABEL_SIZE) {
diff --git a/net/netfilter/xt_LED.c b/net/netfilter/xt_LED.c
index 1dcad893df78..19846445504d 100644
--- a/net/netfilter/xt_LED.c
+++ b/net/netfilter/xt_LED.c
@@ -111,10 +111,8 @@ static int led_tg_check(const struct xt_tgchk_param *par)
111 struct xt_led_info_internal *ledinternal; 111 struct xt_led_info_internal *ledinternal;
112 int err; 112 int err;
113 113
114 if (ledinfo->id[0] == '\0') { 114 if (ledinfo->id[0] == '\0')
115 pr_info("No 'id' parameter given.\n");
116 return -EINVAL; 115 return -EINVAL;
117 }
118 116
119 mutex_lock(&xt_led_mutex); 117 mutex_lock(&xt_led_mutex);
120 118
@@ -138,13 +136,14 @@ static int led_tg_check(const struct xt_tgchk_param *par)
138 136
139 err = led_trigger_register(&ledinternal->netfilter_led_trigger); 137 err = led_trigger_register(&ledinternal->netfilter_led_trigger);
140 if (err) { 138 if (err) {
141 pr_err("Trigger name is already in use.\n"); 139 pr_info_ratelimited("Trigger name is already in use.\n");
142 goto exit_alloc; 140 goto exit_alloc;
143 } 141 }
144 142
145 /* See if we need to set up a timer */ 143 /* Since the letinternal timer can be shared between multiple targets,
146 if (ledinfo->delay > 0) 144 * always set it up, even if the current target does not need it
147 timer_setup(&ledinternal->timer, led_timeout_callback, 0); 145 */
146 timer_setup(&ledinternal->timer, led_timeout_callback, 0);
148 147
149 list_add_tail(&ledinternal->list, &xt_led_triggers); 148 list_add_tail(&ledinternal->list, &xt_led_triggers);
150 149
@@ -181,8 +180,7 @@ static void led_tg_destroy(const struct xt_tgdtor_param *par)
181 180
182 list_del(&ledinternal->list); 181 list_del(&ledinternal->list);
183 182
184 if (ledinfo->delay > 0) 183 del_timer_sync(&ledinternal->timer);
185 del_timer_sync(&ledinternal->timer);
186 184
187 led_trigger_unregister(&ledinternal->netfilter_led_trigger); 185 led_trigger_unregister(&ledinternal->netfilter_led_trigger);
188 186
diff --git a/net/netfilter/xt_NFQUEUE.c b/net/netfilter/xt_NFQUEUE.c
index a360b99a958a..a9aca80a32ae 100644
--- a/net/netfilter/xt_NFQUEUE.c
+++ b/net/netfilter/xt_NFQUEUE.c
@@ -8,6 +8,8 @@
8 * 8 *
9 */ 9 */
10 10
11#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
12
11#include <linux/module.h> 13#include <linux/module.h>
12#include <linux/skbuff.h> 14#include <linux/skbuff.h>
13 15
@@ -67,13 +69,13 @@ static int nfqueue_tg_check(const struct xt_tgchk_param *par)
67 init_hashrandom(&jhash_initval); 69 init_hashrandom(&jhash_initval);
68 70
69 if (info->queues_total == 0) { 71 if (info->queues_total == 0) {
70 pr_err("NFQUEUE: number of total queues is 0\n"); 72 pr_info_ratelimited("number of total queues is 0\n");
71 return -EINVAL; 73 return -EINVAL;
72 } 74 }
73 maxid = info->queues_total - 1 + info->queuenum; 75 maxid = info->queues_total - 1 + info->queuenum;
74 if (maxid > 0xffff) { 76 if (maxid > 0xffff) {
75 pr_err("NFQUEUE: number of queues (%u) out of range (got %u)\n", 77 pr_info_ratelimited("number of queues (%u) out of range (got %u)\n",
76 info->queues_total, maxid); 78 info->queues_total, maxid);
77 return -ERANGE; 79 return -ERANGE;
78 } 80 }
79 if (par->target->revision == 2 && info->flags > 1) 81 if (par->target->revision == 2 && info->flags > 1)
diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c
index 9faf5e050b79..4ad5fe27e08b 100644
--- a/net/netfilter/xt_SECMARK.c
+++ b/net/netfilter/xt_SECMARK.c
@@ -60,18 +60,20 @@ static int checkentry_lsm(struct xt_secmark_target_info *info)
60 &info->secid); 60 &info->secid);
61 if (err) { 61 if (err) {
62 if (err == -EINVAL) 62 if (err == -EINVAL)
63 pr_info("invalid security context \'%s\'\n", info->secctx); 63 pr_info_ratelimited("invalid security context \'%s\'\n",
64 info->secctx);
64 return err; 65 return err;
65 } 66 }
66 67
67 if (!info->secid) { 68 if (!info->secid) {
68 pr_info("unable to map security context \'%s\'\n", info->secctx); 69 pr_info_ratelimited("unable to map security context \'%s\'\n",
70 info->secctx);
69 return -ENOENT; 71 return -ENOENT;
70 } 72 }
71 73
72 err = security_secmark_relabel_packet(info->secid); 74 err = security_secmark_relabel_packet(info->secid);
73 if (err) { 75 if (err) {
74 pr_info("unable to obtain relabeling permission\n"); 76 pr_info_ratelimited("unable to obtain relabeling permission\n");
75 return err; 77 return err;
76 } 78 }
77 79
@@ -86,14 +88,14 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
86 88
87 if (strcmp(par->table, "mangle") != 0 && 89 if (strcmp(par->table, "mangle") != 0 &&
88 strcmp(par->table, "security") != 0) { 90 strcmp(par->table, "security") != 0) {
89 pr_info("target only valid in the \'mangle\' " 91 pr_info_ratelimited("only valid in \'mangle\' or \'security\' table, not \'%s\'\n",
90 "or \'security\' tables, not \'%s\'.\n", par->table); 92 par->table);
91 return -EINVAL; 93 return -EINVAL;
92 } 94 }
93 95
94 if (mode && mode != info->mode) { 96 if (mode && mode != info->mode) {
95 pr_info("mode already set to %hu cannot mix with " 97 pr_info_ratelimited("mode already set to %hu cannot mix with rules for mode %hu\n",
96 "rules for mode %hu\n", mode, info->mode); 98 mode, info->mode);
97 return -EINVAL; 99 return -EINVAL;
98 } 100 }
99 101
@@ -101,7 +103,7 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
101 case SECMARK_MODE_SEL: 103 case SECMARK_MODE_SEL:
102 break; 104 break;
103 default: 105 default:
104 pr_info("invalid mode: %hu\n", info->mode); 106 pr_info_ratelimited("invalid mode: %hu\n", info->mode);
105 return -EINVAL; 107 return -EINVAL;
106 } 108 }
107 109
diff --git a/net/netfilter/xt_TCPMSS.c b/net/netfilter/xt_TCPMSS.c
index 99bb8e410f22..98efb202f8b4 100644
--- a/net/netfilter/xt_TCPMSS.c
+++ b/net/netfilter/xt_TCPMSS.c
@@ -273,8 +273,7 @@ static int tcpmss_tg4_check(const struct xt_tgchk_param *par)
273 (par->hook_mask & ~((1 << NF_INET_FORWARD) | 273 (par->hook_mask & ~((1 << NF_INET_FORWARD) |
274 (1 << NF_INET_LOCAL_OUT) | 274 (1 << NF_INET_LOCAL_OUT) |
275 (1 << NF_INET_POST_ROUTING))) != 0) { 275 (1 << NF_INET_POST_ROUTING))) != 0) {
276 pr_info("path-MTU clamping only supported in " 276 pr_info_ratelimited("path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks\n");
277 "FORWARD, OUTPUT and POSTROUTING hooks\n");
278 return -EINVAL; 277 return -EINVAL;
279 } 278 }
280 if (par->nft_compat) 279 if (par->nft_compat)
@@ -283,7 +282,7 @@ static int tcpmss_tg4_check(const struct xt_tgchk_param *par)
283 xt_ematch_foreach(ematch, e) 282 xt_ematch_foreach(ematch, e)
284 if (find_syn_match(ematch)) 283 if (find_syn_match(ematch))
285 return 0; 284 return 0;
286 pr_info("Only works on TCP SYN packets\n"); 285 pr_info_ratelimited("Only works on TCP SYN packets\n");
287 return -EINVAL; 286 return -EINVAL;
288} 287}
289 288
@@ -298,8 +297,7 @@ static int tcpmss_tg6_check(const struct xt_tgchk_param *par)
298 (par->hook_mask & ~((1 << NF_INET_FORWARD) | 297 (par->hook_mask & ~((1 << NF_INET_FORWARD) |
299 (1 << NF_INET_LOCAL_OUT) | 298 (1 << NF_INET_LOCAL_OUT) |
300 (1 << NF_INET_POST_ROUTING))) != 0) { 299 (1 << NF_INET_POST_ROUTING))) != 0) {
301 pr_info("path-MTU clamping only supported in " 300 pr_info_ratelimited("path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks\n");
302 "FORWARD, OUTPUT and POSTROUTING hooks\n");
303 return -EINVAL; 301 return -EINVAL;
304 } 302 }
305 if (par->nft_compat) 303 if (par->nft_compat)
@@ -308,7 +306,7 @@ static int tcpmss_tg6_check(const struct xt_tgchk_param *par)
308 xt_ematch_foreach(ematch, e) 306 xt_ematch_foreach(ematch, e)
309 if (find_syn_match(ematch)) 307 if (find_syn_match(ematch))
310 return 0; 308 return 0;
311 pr_info("Only works on TCP SYN packets\n"); 309 pr_info_ratelimited("Only works on TCP SYN packets\n");
312 return -EINVAL; 310 return -EINVAL;
313} 311}
314#endif 312#endif
diff --git a/net/netfilter/xt_TPROXY.c b/net/netfilter/xt_TPROXY.c
index 17d7705e3bd4..8c89323c06af 100644
--- a/net/netfilter/xt_TPROXY.c
+++ b/net/netfilter/xt_TPROXY.c
@@ -540,8 +540,7 @@ static int tproxy_tg6_check(const struct xt_tgchk_param *par)
540 !(i->invflags & IP6T_INV_PROTO)) 540 !(i->invflags & IP6T_INV_PROTO))
541 return 0; 541 return 0;
542 542
543 pr_info("Can be used only in combination with " 543 pr_info_ratelimited("Can be used only with -p tcp or -p udp\n");
544 "either -p tcp or -p udp\n");
545 return -EINVAL; 544 return -EINVAL;
546} 545}
547#endif 546#endif
@@ -559,8 +558,7 @@ static int tproxy_tg4_check(const struct xt_tgchk_param *par)
559 && !(i->invflags & IPT_INV_PROTO)) 558 && !(i->invflags & IPT_INV_PROTO))
560 return 0; 559 return 0;
561 560
562 pr_info("Can be used only in combination with " 561 pr_info_ratelimited("Can be used only with -p tcp or -p udp\n");
563 "either -p tcp or -p udp\n");
564 return -EINVAL; 562 return -EINVAL;
565} 563}
566 564
diff --git a/net/netfilter/xt_addrtype.c b/net/netfilter/xt_addrtype.c
index 911a7c0da504..89e281b3bfc2 100644
--- a/net/netfilter/xt_addrtype.c
+++ b/net/netfilter/xt_addrtype.c
@@ -164,48 +164,47 @@ addrtype_mt_v1(const struct sk_buff *skb, struct xt_action_param *par)
164 164
165static int addrtype_mt_checkentry_v1(const struct xt_mtchk_param *par) 165static int addrtype_mt_checkentry_v1(const struct xt_mtchk_param *par)
166{ 166{
167 const char *errmsg = "both incoming and outgoing interface limitation cannot be selected";
167 struct xt_addrtype_info_v1 *info = par->matchinfo; 168 struct xt_addrtype_info_v1 *info = par->matchinfo;
168 169
169 if (info->flags & XT_ADDRTYPE_LIMIT_IFACE_IN && 170 if (info->flags & XT_ADDRTYPE_LIMIT_IFACE_IN &&
170 info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT) { 171 info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT)
171 pr_info("both incoming and outgoing " 172 goto err;
172 "interface limitation cannot be selected\n");
173 return -EINVAL;
174 }
175 173
176 if (par->hook_mask & ((1 << NF_INET_PRE_ROUTING) | 174 if (par->hook_mask & ((1 << NF_INET_PRE_ROUTING) |
177 (1 << NF_INET_LOCAL_IN)) && 175 (1 << NF_INET_LOCAL_IN)) &&
178 info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT) { 176 info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT) {
179 pr_info("output interface limitation " 177 errmsg = "output interface limitation not valid in PREROUTING and INPUT";
180 "not valid in PREROUTING and INPUT\n"); 178 goto err;
181 return -EINVAL;
182 } 179 }
183 180
184 if (par->hook_mask & ((1 << NF_INET_POST_ROUTING) | 181 if (par->hook_mask & ((1 << NF_INET_POST_ROUTING) |
185 (1 << NF_INET_LOCAL_OUT)) && 182 (1 << NF_INET_LOCAL_OUT)) &&
186 info->flags & XT_ADDRTYPE_LIMIT_IFACE_IN) { 183 info->flags & XT_ADDRTYPE_LIMIT_IFACE_IN) {
187 pr_info("input interface limitation " 184 errmsg = "input interface limitation not valid in POSTROUTING and OUTPUT";
188 "not valid in POSTROUTING and OUTPUT\n"); 185 goto err;
189 return -EINVAL;
190 } 186 }
191 187
192#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) 188#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
193 if (par->family == NFPROTO_IPV6) { 189 if (par->family == NFPROTO_IPV6) {
194 if ((info->source | info->dest) & XT_ADDRTYPE_BLACKHOLE) { 190 if ((info->source | info->dest) & XT_ADDRTYPE_BLACKHOLE) {
195 pr_err("ipv6 BLACKHOLE matching not supported\n"); 191 errmsg = "ipv6 BLACKHOLE matching not supported";
196 return -EINVAL; 192 goto err;
197 } 193 }
198 if ((info->source | info->dest) >= XT_ADDRTYPE_PROHIBIT) { 194 if ((info->source | info->dest) >= XT_ADDRTYPE_PROHIBIT) {
199 pr_err("ipv6 PROHIBIT (THROW, NAT ..) matching not supported\n"); 195 errmsg = "ipv6 PROHIBIT (THROW, NAT ..) matching not supported";
200 return -EINVAL; 196 goto err;
201 } 197 }
202 if ((info->source | info->dest) & XT_ADDRTYPE_BROADCAST) { 198 if ((info->source | info->dest) & XT_ADDRTYPE_BROADCAST) {
203 pr_err("ipv6 does not support BROADCAST matching\n"); 199 errmsg = "ipv6 does not support BROADCAST matching";
204 return -EINVAL; 200 goto err;
205 } 201 }
206 } 202 }
207#endif 203#endif
208 return 0; 204 return 0;
205err:
206 pr_info_ratelimited("%s\n", errmsg);
207 return -EINVAL;
209} 208}
210 209
211static struct xt_match addrtype_mt_reg[] __read_mostly = { 210static struct xt_match addrtype_mt_reg[] __read_mostly = {
diff --git a/net/netfilter/xt_bpf.c b/net/netfilter/xt_bpf.c
index 06b090d8e901..a2cf8a6236d6 100644
--- a/net/netfilter/xt_bpf.c
+++ b/net/netfilter/xt_bpf.c
@@ -7,6 +7,8 @@
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 */ 8 */
9 9
10#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
11
10#include <linux/module.h> 12#include <linux/module.h>
11#include <linux/syscalls.h> 13#include <linux/syscalls.h>
12#include <linux/skbuff.h> 14#include <linux/skbuff.h>
@@ -34,7 +36,7 @@ static int __bpf_mt_check_bytecode(struct sock_filter *insns, __u16 len,
34 program.filter = insns; 36 program.filter = insns;
35 37
36 if (bpf_prog_create(ret, &program)) { 38 if (bpf_prog_create(ret, &program)) {
37 pr_info("bpf: check failed: parse error\n"); 39 pr_info_ratelimited("check failed: parse error\n");
38 return -EINVAL; 40 return -EINVAL;
39 } 41 }
40 42
diff --git a/net/netfilter/xt_cgroup.c b/net/netfilter/xt_cgroup.c
index 891f4e7e8ea7..7df2dece57d3 100644
--- a/net/netfilter/xt_cgroup.c
+++ b/net/netfilter/xt_cgroup.c
@@ -12,6 +12,8 @@
12 * published by the Free Software Foundation. 12 * published by the Free Software Foundation.
13 */ 13 */
14 14
15#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
16
15#include <linux/skbuff.h> 17#include <linux/skbuff.h>
16#include <linux/module.h> 18#include <linux/module.h>
17#include <linux/netfilter/x_tables.h> 19#include <linux/netfilter/x_tables.h>
@@ -48,7 +50,7 @@ static int cgroup_mt_check_v1(const struct xt_mtchk_param *par)
48 } 50 }
49 51
50 if (info->has_path && info->has_classid) { 52 if (info->has_path && info->has_classid) {
51 pr_info("xt_cgroup: both path and classid specified\n"); 53 pr_info_ratelimited("path and classid specified\n");
52 return -EINVAL; 54 return -EINVAL;
53 } 55 }
54 56
@@ -56,8 +58,8 @@ static int cgroup_mt_check_v1(const struct xt_mtchk_param *par)
56 if (info->has_path) { 58 if (info->has_path) {
57 cgrp = cgroup_get_from_path(info->path); 59 cgrp = cgroup_get_from_path(info->path);
58 if (IS_ERR(cgrp)) { 60 if (IS_ERR(cgrp)) {
59 pr_info("xt_cgroup: invalid path, errno=%ld\n", 61 pr_info_ratelimited("invalid path, errno=%ld\n",
60 PTR_ERR(cgrp)); 62 PTR_ERR(cgrp));
61 return -EINVAL; 63 return -EINVAL;
62 } 64 }
63 info->priv = cgrp; 65 info->priv = cgrp;
diff --git a/net/netfilter/xt_cluster.c b/net/netfilter/xt_cluster.c
index 57ef175dfbfa..0068688995c8 100644
--- a/net/netfilter/xt_cluster.c
+++ b/net/netfilter/xt_cluster.c
@@ -135,14 +135,12 @@ static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par)
135 struct xt_cluster_match_info *info = par->matchinfo; 135 struct xt_cluster_match_info *info = par->matchinfo;
136 136
137 if (info->total_nodes > XT_CLUSTER_NODES_MAX) { 137 if (info->total_nodes > XT_CLUSTER_NODES_MAX) {
138 pr_info("you have exceeded the maximum " 138 pr_info_ratelimited("you have exceeded the maximum number of cluster nodes (%u > %u)\n",
139 "number of cluster nodes (%u > %u)\n", 139 info->total_nodes, XT_CLUSTER_NODES_MAX);
140 info->total_nodes, XT_CLUSTER_NODES_MAX);
141 return -EINVAL; 140 return -EINVAL;
142 } 141 }
143 if (info->node_mask >= (1ULL << info->total_nodes)) { 142 if (info->node_mask >= (1ULL << info->total_nodes)) {
144 pr_info("this node mask cannot be " 143 pr_info_ratelimited("node mask cannot exceed total number of nodes\n");
145 "higher than the total number of nodes\n");
146 return -EDOM; 144 return -EDOM;
147 } 145 }
148 return 0; 146 return 0;
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c
index cad0b7b5eb35..93cb018c3055 100644
--- a/net/netfilter/xt_connbytes.c
+++ b/net/netfilter/xt_connbytes.c
@@ -112,8 +112,8 @@ static int connbytes_mt_check(const struct xt_mtchk_param *par)
112 112
113 ret = nf_ct_netns_get(par->net, par->family); 113 ret = nf_ct_netns_get(par->net, par->family);
114 if (ret < 0) 114 if (ret < 0)
115 pr_info("cannot load conntrack support for proto=%u\n", 115 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
116 par->family); 116 par->family);
117 117
118 /* 118 /*
119 * This filter cannot function correctly unless connection tracking 119 * This filter cannot function correctly unless connection tracking
diff --git a/net/netfilter/xt_connlabel.c b/net/netfilter/xt_connlabel.c
index 23372879e6e3..4fa4efd24353 100644
--- a/net/netfilter/xt_connlabel.c
+++ b/net/netfilter/xt_connlabel.c
@@ -57,14 +57,15 @@ static int connlabel_mt_check(const struct xt_mtchk_param *par)
57 int ret; 57 int ret;
58 58
59 if (info->options & ~options) { 59 if (info->options & ~options) {
60 pr_err("Unknown options in mask %x\n", info->options); 60 pr_info_ratelimited("Unknown options in mask %x\n",
61 info->options);
61 return -EINVAL; 62 return -EINVAL;
62 } 63 }
63 64
64 ret = nf_ct_netns_get(par->net, par->family); 65 ret = nf_ct_netns_get(par->net, par->family);
65 if (ret < 0) { 66 if (ret < 0) {
66 pr_info("cannot load conntrack support for proto=%u\n", 67 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
67 par->family); 68 par->family);
68 return ret; 69 return ret;
69 } 70 }
70 71
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index ec377cc6a369..809639ce6f5a 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -79,8 +79,8 @@ static int connmark_tg_check(const struct xt_tgchk_param *par)
79 79
80 ret = nf_ct_netns_get(par->net, par->family); 80 ret = nf_ct_netns_get(par->net, par->family);
81 if (ret < 0) 81 if (ret < 0)
82 pr_info("cannot load conntrack support for proto=%u\n", 82 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
83 par->family); 83 par->family);
84 return ret; 84 return ret;
85} 85}
86 86
@@ -109,8 +109,8 @@ static int connmark_mt_check(const struct xt_mtchk_param *par)
109 109
110 ret = nf_ct_netns_get(par->net, par->family); 110 ret = nf_ct_netns_get(par->net, par->family);
111 if (ret < 0) 111 if (ret < 0)
112 pr_info("cannot load conntrack support for proto=%u\n", 112 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
113 par->family); 113 par->family);
114 return ret; 114 return ret;
115} 115}
116 116
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index 39cf1d019240..df80fe7d391c 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -272,8 +272,8 @@ static int conntrack_mt_check(const struct xt_mtchk_param *par)
272 272
273 ret = nf_ct_netns_get(par->net, par->family); 273 ret = nf_ct_netns_get(par->net, par->family);
274 if (ret < 0) 274 if (ret < 0)
275 pr_info("cannot load conntrack support for proto=%u\n", 275 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
276 par->family); 276 par->family);
277 return ret; 277 return ret;
278} 278}
279 279
diff --git a/net/netfilter/xt_dscp.c b/net/netfilter/xt_dscp.c
index 236ac8008909..a4c2b862f820 100644
--- a/net/netfilter/xt_dscp.c
+++ b/net/netfilter/xt_dscp.c
@@ -46,10 +46,8 @@ static int dscp_mt_check(const struct xt_mtchk_param *par)
46{ 46{
47 const struct xt_dscp_info *info = par->matchinfo; 47 const struct xt_dscp_info *info = par->matchinfo;
48 48
49 if (info->dscp > XT_DSCP_MAX) { 49 if (info->dscp > XT_DSCP_MAX)
50 pr_info("dscp %x out of range\n", info->dscp);
51 return -EDOM; 50 return -EDOM;
52 }
53 51
54 return 0; 52 return 0;
55} 53}
diff --git a/net/netfilter/xt_ecn.c b/net/netfilter/xt_ecn.c
index 3c831a8efebc..c7ad4afa5fb8 100644
--- a/net/netfilter/xt_ecn.c
+++ b/net/netfilter/xt_ecn.c
@@ -97,7 +97,7 @@ static int ecn_mt_check4(const struct xt_mtchk_param *par)
97 97
98 if (info->operation & (XT_ECN_OP_MATCH_ECE | XT_ECN_OP_MATCH_CWR) && 98 if (info->operation & (XT_ECN_OP_MATCH_ECE | XT_ECN_OP_MATCH_CWR) &&
99 (ip->proto != IPPROTO_TCP || ip->invflags & IPT_INV_PROTO)) { 99 (ip->proto != IPPROTO_TCP || ip->invflags & IPT_INV_PROTO)) {
100 pr_info("cannot match TCP bits in rule for non-tcp packets\n"); 100 pr_info_ratelimited("cannot match TCP bits for non-tcp packets\n");
101 return -EINVAL; 101 return -EINVAL;
102 } 102 }
103 103
@@ -139,7 +139,7 @@ static int ecn_mt_check6(const struct xt_mtchk_param *par)
139 139
140 if (info->operation & (XT_ECN_OP_MATCH_ECE | XT_ECN_OP_MATCH_CWR) && 140 if (info->operation & (XT_ECN_OP_MATCH_ECE | XT_ECN_OP_MATCH_CWR) &&
141 (ip->proto != IPPROTO_TCP || ip->invflags & IP6T_INV_PROTO)) { 141 (ip->proto != IPPROTO_TCP || ip->invflags & IP6T_INV_PROTO)) {
142 pr_info("cannot match TCP bits in rule for non-tcp packets\n"); 142 pr_info_ratelimited("cannot match TCP bits for non-tcp packets\n");
143 return -EINVAL; 143 return -EINVAL;
144 } 144 }
145 145
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index ca6847403ca2..66f5aca62a08 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -523,7 +523,8 @@ static u64 user2rate(u64 user)
523 if (user != 0) { 523 if (user != 0) {
524 return div64_u64(XT_HASHLIMIT_SCALE_v2, user); 524 return div64_u64(XT_HASHLIMIT_SCALE_v2, user);
525 } else { 525 } else {
526 pr_warn("invalid rate from userspace: %llu\n", user); 526 pr_info_ratelimited("invalid rate from userspace: %llu\n",
527 user);
527 return 0; 528 return 0;
528 } 529 }
529} 530}
@@ -774,7 +775,7 @@ hashlimit_mt_common(const struct sk_buff *skb, struct xt_action_param *par,
774 if (!dh->rateinfo.prev_window && 775 if (!dh->rateinfo.prev_window &&
775 (dh->rateinfo.current_rate <= dh->rateinfo.burst)) { 776 (dh->rateinfo.current_rate <= dh->rateinfo.burst)) {
776 spin_unlock(&dh->lock); 777 spin_unlock(&dh->lock);
777 rcu_read_unlock_bh(); 778 local_bh_enable();
778 return !(cfg->mode & XT_HASHLIMIT_INVERT); 779 return !(cfg->mode & XT_HASHLIMIT_INVERT);
779 } else { 780 } else {
780 goto overlimit; 781 goto overlimit;
@@ -865,33 +866,34 @@ static int hashlimit_mt_check_common(const struct xt_mtchk_param *par,
865 } 866 }
866 867
867 if (cfg->mode & ~XT_HASHLIMIT_ALL) { 868 if (cfg->mode & ~XT_HASHLIMIT_ALL) {
868 pr_info("Unknown mode mask %X, kernel too old?\n", 869 pr_info_ratelimited("Unknown mode mask %X, kernel too old?\n",
869 cfg->mode); 870 cfg->mode);
870 return -EINVAL; 871 return -EINVAL;
871 } 872 }
872 873
873 /* Check for overflow. */ 874 /* Check for overflow. */
874 if (revision >= 3 && cfg->mode & XT_HASHLIMIT_RATE_MATCH) { 875 if (revision >= 3 && cfg->mode & XT_HASHLIMIT_RATE_MATCH) {
875 if (cfg->avg == 0 || cfg->avg > U32_MAX) { 876 if (cfg->avg == 0 || cfg->avg > U32_MAX) {
876 pr_info("hashlimit invalid rate\n"); 877 pr_info_ratelimited("invalid rate\n");
877 return -ERANGE; 878 return -ERANGE;
878 } 879 }
879 880
880 if (cfg->interval == 0) { 881 if (cfg->interval == 0) {
881 pr_info("hashlimit invalid interval\n"); 882 pr_info_ratelimited("invalid interval\n");
882 return -EINVAL; 883 return -EINVAL;
883 } 884 }
884 } else if (cfg->mode & XT_HASHLIMIT_BYTES) { 885 } else if (cfg->mode & XT_HASHLIMIT_BYTES) {
885 if (user2credits_byte(cfg->avg) == 0) { 886 if (user2credits_byte(cfg->avg) == 0) {
886 pr_info("overflow, rate too high: %llu\n", cfg->avg); 887 pr_info_ratelimited("overflow, rate too high: %llu\n",
888 cfg->avg);
887 return -EINVAL; 889 return -EINVAL;
888 } 890 }
889 } else if (cfg->burst == 0 || 891 } else if (cfg->burst == 0 ||
890 user2credits(cfg->avg * cfg->burst, revision) < 892 user2credits(cfg->avg * cfg->burst, revision) <
891 user2credits(cfg->avg, revision)) { 893 user2credits(cfg->avg, revision)) {
892 pr_info("overflow, try lower: %llu/%llu\n", 894 pr_info_ratelimited("overflow, try lower: %llu/%llu\n",
893 cfg->avg, cfg->burst); 895 cfg->avg, cfg->burst);
894 return -ERANGE; 896 return -ERANGE;
895 } 897 }
896 898
897 mutex_lock(&hashlimit_mutex); 899 mutex_lock(&hashlimit_mutex);
diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c
index 38a78151c0e9..fd077aeaaed9 100644
--- a/net/netfilter/xt_helper.c
+++ b/net/netfilter/xt_helper.c
@@ -61,8 +61,8 @@ static int helper_mt_check(const struct xt_mtchk_param *par)
61 61
62 ret = nf_ct_netns_get(par->net, par->family); 62 ret = nf_ct_netns_get(par->net, par->family);
63 if (ret < 0) { 63 if (ret < 0) {
64 pr_info("cannot load conntrack support for proto=%u\n", 64 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
65 par->family); 65 par->family);
66 return ret; 66 return ret;
67 } 67 }
68 info->name[sizeof(info->name) - 1] = '\0'; 68 info->name[sizeof(info->name) - 1] = '\0';
diff --git a/net/netfilter/xt_ipcomp.c b/net/netfilter/xt_ipcomp.c
index 7ca64a50db04..57f1df575701 100644
--- a/net/netfilter/xt_ipcomp.c
+++ b/net/netfilter/xt_ipcomp.c
@@ -72,7 +72,7 @@ static int comp_mt_check(const struct xt_mtchk_param *par)
72 72
73 /* Must specify no unknown invflags */ 73 /* Must specify no unknown invflags */
74 if (compinfo->invflags & ~XT_IPCOMP_INV_MASK) { 74 if (compinfo->invflags & ~XT_IPCOMP_INV_MASK) {
75 pr_err("unknown flags %X\n", compinfo->invflags); 75 pr_info_ratelimited("unknown flags %X\n", compinfo->invflags);
76 return -EINVAL; 76 return -EINVAL;
77 } 77 }
78 return 0; 78 return 0;
diff --git a/net/netfilter/xt_ipvs.c b/net/netfilter/xt_ipvs.c
index 42540d26c2b8..1d950a6100af 100644
--- a/net/netfilter/xt_ipvs.c
+++ b/net/netfilter/xt_ipvs.c
@@ -158,7 +158,8 @@ static int ipvs_mt_check(const struct xt_mtchk_param *par)
158 && par->family != NFPROTO_IPV6 158 && par->family != NFPROTO_IPV6
159#endif 159#endif
160 ) { 160 ) {
161 pr_info("protocol family %u not supported\n", par->family); 161 pr_info_ratelimited("protocol family %u not supported\n",
162 par->family);
162 return -EINVAL; 163 return -EINVAL;
163 } 164 }
164 165
diff --git a/net/netfilter/xt_l2tp.c b/net/netfilter/xt_l2tp.c
index 8aee572771f2..c43482bf48e6 100644
--- a/net/netfilter/xt_l2tp.c
+++ b/net/netfilter/xt_l2tp.c
@@ -216,7 +216,7 @@ static int l2tp_mt_check(const struct xt_mtchk_param *par)
216 /* Check for invalid flags */ 216 /* Check for invalid flags */
217 if (info->flags & ~(XT_L2TP_TID | XT_L2TP_SID | XT_L2TP_VERSION | 217 if (info->flags & ~(XT_L2TP_TID | XT_L2TP_SID | XT_L2TP_VERSION |
218 XT_L2TP_TYPE)) { 218 XT_L2TP_TYPE)) {
219 pr_info("unknown flags: %x\n", info->flags); 219 pr_info_ratelimited("unknown flags: %x\n", info->flags);
220 return -EINVAL; 220 return -EINVAL;
221 } 221 }
222 222
@@ -225,7 +225,8 @@ static int l2tp_mt_check(const struct xt_mtchk_param *par)
225 (!(info->flags & XT_L2TP_SID)) && 225 (!(info->flags & XT_L2TP_SID)) &&
226 ((!(info->flags & XT_L2TP_TYPE)) || 226 ((!(info->flags & XT_L2TP_TYPE)) ||
227 (info->type != XT_L2TP_TYPE_CONTROL))) { 227 (info->type != XT_L2TP_TYPE_CONTROL))) {
228 pr_info("invalid flags combination: %x\n", info->flags); 228 pr_info_ratelimited("invalid flags combination: %x\n",
229 info->flags);
229 return -EINVAL; 230 return -EINVAL;
230 } 231 }
231 232
@@ -234,19 +235,22 @@ static int l2tp_mt_check(const struct xt_mtchk_param *par)
234 */ 235 */
235 if (info->flags & XT_L2TP_VERSION) { 236 if (info->flags & XT_L2TP_VERSION) {
236 if ((info->version < 2) || (info->version > 3)) { 237 if ((info->version < 2) || (info->version > 3)) {
237 pr_info("wrong L2TP version: %u\n", info->version); 238 pr_info_ratelimited("wrong L2TP version: %u\n",
239 info->version);
238 return -EINVAL; 240 return -EINVAL;
239 } 241 }
240 242
241 if (info->version == 2) { 243 if (info->version == 2) {
242 if ((info->flags & XT_L2TP_TID) && 244 if ((info->flags & XT_L2TP_TID) &&
243 (info->tid > 0xffff)) { 245 (info->tid > 0xffff)) {
244 pr_info("v2 tid > 0xffff: %u\n", info->tid); 246 pr_info_ratelimited("v2 tid > 0xffff: %u\n",
247 info->tid);
245 return -EINVAL; 248 return -EINVAL;
246 } 249 }
247 if ((info->flags & XT_L2TP_SID) && 250 if ((info->flags & XT_L2TP_SID) &&
248 (info->sid > 0xffff)) { 251 (info->sid > 0xffff)) {
249 pr_info("v2 sid > 0xffff: %u\n", info->sid); 252 pr_info_ratelimited("v2 sid > 0xffff: %u\n",
253 info->sid);
250 return -EINVAL; 254 return -EINVAL;
251 } 255 }
252 } 256 }
@@ -268,13 +272,13 @@ static int l2tp_mt_check4(const struct xt_mtchk_param *par)
268 272
269 if ((ip->proto != IPPROTO_UDP) && 273 if ((ip->proto != IPPROTO_UDP) &&
270 (ip->proto != IPPROTO_L2TP)) { 274 (ip->proto != IPPROTO_L2TP)) {
271 pr_info("missing protocol rule (udp|l2tpip)\n"); 275 pr_info_ratelimited("missing protocol rule (udp|l2tpip)\n");
272 return -EINVAL; 276 return -EINVAL;
273 } 277 }
274 278
275 if ((ip->proto == IPPROTO_L2TP) && 279 if ((ip->proto == IPPROTO_L2TP) &&
276 (info->version == 2)) { 280 (info->version == 2)) {
277 pr_info("v2 doesn't support IP mode\n"); 281 pr_info_ratelimited("v2 doesn't support IP mode\n");
278 return -EINVAL; 282 return -EINVAL;
279 } 283 }
280 284
@@ -295,13 +299,13 @@ static int l2tp_mt_check6(const struct xt_mtchk_param *par)
295 299
296 if ((ip->proto != IPPROTO_UDP) && 300 if ((ip->proto != IPPROTO_UDP) &&
297 (ip->proto != IPPROTO_L2TP)) { 301 (ip->proto != IPPROTO_L2TP)) {
298 pr_info("missing protocol rule (udp|l2tpip)\n"); 302 pr_info_ratelimited("missing protocol rule (udp|l2tpip)\n");
299 return -EINVAL; 303 return -EINVAL;
300 } 304 }
301 305
302 if ((ip->proto == IPPROTO_L2TP) && 306 if ((ip->proto == IPPROTO_L2TP) &&
303 (info->version == 2)) { 307 (info->version == 2)) {
304 pr_info("v2 doesn't support IP mode\n"); 308 pr_info_ratelimited("v2 doesn't support IP mode\n");
305 return -EINVAL; 309 return -EINVAL;
306 } 310 }
307 311
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c
index 61403b77361c..55d18cd67635 100644
--- a/net/netfilter/xt_limit.c
+++ b/net/netfilter/xt_limit.c
@@ -106,8 +106,8 @@ static int limit_mt_check(const struct xt_mtchk_param *par)
106 /* Check for overflow. */ 106 /* Check for overflow. */
107 if (r->burst == 0 107 if (r->burst == 0
108 || user2credits(r->avg * r->burst) < user2credits(r->avg)) { 108 || user2credits(r->avg * r->burst) < user2credits(r->avg)) {
109 pr_info("Overflow, try lower: %u/%u\n", 109 pr_info_ratelimited("Overflow, try lower: %u/%u\n",
110 r->avg, r->burst); 110 r->avg, r->burst);
111 return -ERANGE; 111 return -ERANGE;
112 } 112 }
113 113
diff --git a/net/netfilter/xt_nat.c b/net/netfilter/xt_nat.c
index 0fd14d1eb09d..bdb689cdc829 100644
--- a/net/netfilter/xt_nat.c
+++ b/net/netfilter/xt_nat.c
@@ -8,6 +8,8 @@
8 * published by the Free Software Foundation. 8 * published by the Free Software Foundation.
9 */ 9 */
10 10
11#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
12
11#include <linux/module.h> 13#include <linux/module.h>
12#include <linux/skbuff.h> 14#include <linux/skbuff.h>
13#include <linux/netfilter.h> 15#include <linux/netfilter.h>
@@ -19,8 +21,7 @@ static int xt_nat_checkentry_v0(const struct xt_tgchk_param *par)
19 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo; 21 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
20 22
21 if (mr->rangesize != 1) { 23 if (mr->rangesize != 1) {
22 pr_info("%s: multiple ranges no longer supported\n", 24 pr_info_ratelimited("multiple ranges no longer supported\n");
23 par->target->name);
24 return -EINVAL; 25 return -EINVAL;
25 } 26 }
26 return nf_ct_netns_get(par->net, par->family); 27 return nf_ct_netns_get(par->net, par->family);
diff --git a/net/netfilter/xt_nfacct.c b/net/netfilter/xt_nfacct.c
index 6f92d25590a8..c8674deed4eb 100644
--- a/net/netfilter/xt_nfacct.c
+++ b/net/netfilter/xt_nfacct.c
@@ -6,6 +6,8 @@
6 * it under the terms of the GNU General Public License version 2 (or any 6 * it under the terms of the GNU General Public License version 2 (or any
7 * later at your option) as published by the Free Software Foundation. 7 * later at your option) as published by the Free Software Foundation.
8 */ 8 */
9#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10
9#include <linux/module.h> 11#include <linux/module.h>
10#include <linux/skbuff.h> 12#include <linux/skbuff.h>
11 13
@@ -39,8 +41,8 @@ nfacct_mt_checkentry(const struct xt_mtchk_param *par)
39 41
40 nfacct = nfnl_acct_find_get(par->net, info->name); 42 nfacct = nfnl_acct_find_get(par->net, info->name);
41 if (nfacct == NULL) { 43 if (nfacct == NULL) {
42 pr_info("xt_nfacct: accounting object with name `%s' " 44 pr_info_ratelimited("accounting object `%s' does not exists\n",
43 "does not exists\n", info->name); 45 info->name);
44 return -ENOENT; 46 return -ENOENT;
45 } 47 }
46 info->nfacct = nfacct; 48 info->nfacct = nfacct;
diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c
index bb33598e4530..9d6d67b953ac 100644
--- a/net/netfilter/xt_physdev.c
+++ b/net/netfilter/xt_physdev.c
@@ -107,9 +107,7 @@ static int physdev_mt_check(const struct xt_mtchk_param *par)
107 info->invert & XT_PHYSDEV_OP_BRIDGED) && 107 info->invert & XT_PHYSDEV_OP_BRIDGED) &&
108 par->hook_mask & ((1 << NF_INET_LOCAL_OUT) | 108 par->hook_mask & ((1 << NF_INET_LOCAL_OUT) |
109 (1 << NF_INET_FORWARD) | (1 << NF_INET_POST_ROUTING))) { 109 (1 << NF_INET_FORWARD) | (1 << NF_INET_POST_ROUTING))) {
110 pr_info("using --physdev-out and --physdev-is-out are only " 110 pr_info_ratelimited("--physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic\n");
111 "supported in the FORWARD and POSTROUTING chains with "
112 "bridged traffic.\n");
113 if (par->hook_mask & (1 << NF_INET_LOCAL_OUT)) 111 if (par->hook_mask & (1 << NF_INET_LOCAL_OUT))
114 return -EINVAL; 112 return -EINVAL;
115 } 113 }
diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c
index 5639fb03bdd9..13f8ccf946d6 100644
--- a/net/netfilter/xt_policy.c
+++ b/net/netfilter/xt_policy.c
@@ -132,26 +132,29 @@ policy_mt(const struct sk_buff *skb, struct xt_action_param *par)
132static int policy_mt_check(const struct xt_mtchk_param *par) 132static int policy_mt_check(const struct xt_mtchk_param *par)
133{ 133{
134 const struct xt_policy_info *info = par->matchinfo; 134 const struct xt_policy_info *info = par->matchinfo;
135 const char *errmsg = "neither incoming nor outgoing policy selected";
136
137 if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT)))
138 goto err;
135 139
136 if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) {
137 pr_info("neither incoming nor outgoing policy selected\n");
138 return -EINVAL;
139 }
140 if (par->hook_mask & ((1 << NF_INET_PRE_ROUTING) | 140 if (par->hook_mask & ((1 << NF_INET_PRE_ROUTING) |
141 (1 << NF_INET_LOCAL_IN)) && info->flags & XT_POLICY_MATCH_OUT) { 141 (1 << NF_INET_LOCAL_IN)) && info->flags & XT_POLICY_MATCH_OUT) {
142 pr_info("output policy not valid in PREROUTING and INPUT\n"); 142 errmsg = "output policy not valid in PREROUTING and INPUT";
143 return -EINVAL; 143 goto err;
144 } 144 }
145 if (par->hook_mask & ((1 << NF_INET_POST_ROUTING) | 145 if (par->hook_mask & ((1 << NF_INET_POST_ROUTING) |
146 (1 << NF_INET_LOCAL_OUT)) && info->flags & XT_POLICY_MATCH_IN) { 146 (1 << NF_INET_LOCAL_OUT)) && info->flags & XT_POLICY_MATCH_IN) {
147 pr_info("input policy not valid in POSTROUTING and OUTPUT\n"); 147 errmsg = "input policy not valid in POSTROUTING and OUTPUT";
148 return -EINVAL; 148 goto err;
149 } 149 }
150 if (info->len > XT_POLICY_MAX_ELEM) { 150 if (info->len > XT_POLICY_MAX_ELEM) {
151 pr_info("too many policy elements\n"); 151 errmsg = "too many policy elements";
152 return -EINVAL; 152 goto err;
153 } 153 }
154 return 0; 154 return 0;
155err:
156 pr_info_ratelimited("%s\n", errmsg);
157 return -EINVAL;
155} 158}
156 159
157static struct xt_match policy_mt_reg[] __read_mostly = { 160static struct xt_match policy_mt_reg[] __read_mostly = {
diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 245fa350a7a8..6d232d18faff 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -342,8 +342,8 @@ static int recent_mt_check(const struct xt_mtchk_param *par,
342 net_get_random_once(&hash_rnd, sizeof(hash_rnd)); 342 net_get_random_once(&hash_rnd, sizeof(hash_rnd));
343 343
344 if (info->check_set & ~XT_RECENT_VALID_FLAGS) { 344 if (info->check_set & ~XT_RECENT_VALID_FLAGS) {
345 pr_info("Unsupported user space flags (%08x)\n", 345 pr_info_ratelimited("Unsupported userspace flags (%08x)\n",
346 info->check_set); 346 info->check_set);
347 return -EINVAL; 347 return -EINVAL;
348 } 348 }
349 if (hweight8(info->check_set & 349 if (hweight8(info->check_set &
@@ -357,8 +357,8 @@ static int recent_mt_check(const struct xt_mtchk_param *par,
357 if ((info->check_set & XT_RECENT_REAP) && !info->seconds) 357 if ((info->check_set & XT_RECENT_REAP) && !info->seconds)
358 return -EINVAL; 358 return -EINVAL;
359 if (info->hit_count >= XT_RECENT_MAX_NSTAMPS) { 359 if (info->hit_count >= XT_RECENT_MAX_NSTAMPS) {
360 pr_info("hitcount (%u) is larger than allowed maximum (%u)\n", 360 pr_info_ratelimited("hitcount (%u) is larger than allowed maximum (%u)\n",
361 info->hit_count, XT_RECENT_MAX_NSTAMPS - 1); 361 info->hit_count, XT_RECENT_MAX_NSTAMPS - 1);
362 return -EINVAL; 362 return -EINVAL;
363 } 363 }
364 if (info->name[0] == '\0' || 364 if (info->name[0] == '\0' ||
@@ -587,7 +587,7 @@ recent_mt_proc_write(struct file *file, const char __user *input,
587 add = true; 587 add = true;
588 break; 588 break;
589 default: 589 default:
590 pr_info("Need \"+ip\", \"-ip\" or \"/\"\n"); 590 pr_info_ratelimited("Need \"+ip\", \"-ip\" or \"/\"\n");
591 return -EINVAL; 591 return -EINVAL;
592 } 592 }
593 593
@@ -601,10 +601,8 @@ recent_mt_proc_write(struct file *file, const char __user *input,
601 succ = in4_pton(c, size, (void *)&addr, '\n', NULL); 601 succ = in4_pton(c, size, (void *)&addr, '\n', NULL);
602 } 602 }
603 603
604 if (!succ) { 604 if (!succ)
605 pr_info("illegal address written to procfs\n");
606 return -EINVAL; 605 return -EINVAL;
607 }
608 606
609 spin_lock_bh(&recent_lock); 607 spin_lock_bh(&recent_lock);
610 e = recent_entry_lookup(t, &addr, family, 0); 608 e = recent_entry_lookup(t, &addr, family, 0);
diff --git a/net/netfilter/xt_set.c b/net/netfilter/xt_set.c
index 16b6b11ee83f..6f4c5217d835 100644
--- a/net/netfilter/xt_set.c
+++ b/net/netfilter/xt_set.c
@@ -92,12 +92,12 @@ set_match_v0_checkentry(const struct xt_mtchk_param *par)
92 index = ip_set_nfnl_get_byindex(par->net, info->match_set.index); 92 index = ip_set_nfnl_get_byindex(par->net, info->match_set.index);
93 93
94 if (index == IPSET_INVALID_ID) { 94 if (index == IPSET_INVALID_ID) {
95 pr_warn("Cannot find set identified by id %u to match\n", 95 pr_info_ratelimited("Cannot find set identified by id %u to match\n",
96 info->match_set.index); 96 info->match_set.index);
97 return -ENOENT; 97 return -ENOENT;
98 } 98 }
99 if (info->match_set.u.flags[IPSET_DIM_MAX - 1] != 0) { 99 if (info->match_set.u.flags[IPSET_DIM_MAX - 1] != 0) {
100 pr_warn("Protocol error: set match dimension is over the limit!\n"); 100 pr_info_ratelimited("set match dimension is over the limit!\n");
101 ip_set_nfnl_put(par->net, info->match_set.index); 101 ip_set_nfnl_put(par->net, info->match_set.index);
102 return -ERANGE; 102 return -ERANGE;
103 } 103 }
@@ -143,12 +143,12 @@ set_match_v1_checkentry(const struct xt_mtchk_param *par)
143 index = ip_set_nfnl_get_byindex(par->net, info->match_set.index); 143 index = ip_set_nfnl_get_byindex(par->net, info->match_set.index);
144 144
145 if (index == IPSET_INVALID_ID) { 145 if (index == IPSET_INVALID_ID) {
146 pr_warn("Cannot find set identified by id %u to match\n", 146 pr_info_ratelimited("Cannot find set identified by id %u to match\n",
147 info->match_set.index); 147 info->match_set.index);
148 return -ENOENT; 148 return -ENOENT;
149 } 149 }
150 if (info->match_set.dim > IPSET_DIM_MAX) { 150 if (info->match_set.dim > IPSET_DIM_MAX) {
151 pr_warn("Protocol error: set match dimension is over the limit!\n"); 151 pr_info_ratelimited("set match dimension is over the limit!\n");
152 ip_set_nfnl_put(par->net, info->match_set.index); 152 ip_set_nfnl_put(par->net, info->match_set.index);
153 return -ERANGE; 153 return -ERANGE;
154 } 154 }
@@ -241,8 +241,8 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par)
241 if (info->add_set.index != IPSET_INVALID_ID) { 241 if (info->add_set.index != IPSET_INVALID_ID) {
242 index = ip_set_nfnl_get_byindex(par->net, info->add_set.index); 242 index = ip_set_nfnl_get_byindex(par->net, info->add_set.index);
243 if (index == IPSET_INVALID_ID) { 243 if (index == IPSET_INVALID_ID) {
244 pr_warn("Cannot find add_set index %u as target\n", 244 pr_info_ratelimited("Cannot find add_set index %u as target\n",
245 info->add_set.index); 245 info->add_set.index);
246 return -ENOENT; 246 return -ENOENT;
247 } 247 }
248 } 248 }
@@ -250,8 +250,8 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par)
250 if (info->del_set.index != IPSET_INVALID_ID) { 250 if (info->del_set.index != IPSET_INVALID_ID) {
251 index = ip_set_nfnl_get_byindex(par->net, info->del_set.index); 251 index = ip_set_nfnl_get_byindex(par->net, info->del_set.index);
252 if (index == IPSET_INVALID_ID) { 252 if (index == IPSET_INVALID_ID) {
253 pr_warn("Cannot find del_set index %u as target\n", 253 pr_info_ratelimited("Cannot find del_set index %u as target\n",
254 info->del_set.index); 254 info->del_set.index);
255 if (info->add_set.index != IPSET_INVALID_ID) 255 if (info->add_set.index != IPSET_INVALID_ID)
256 ip_set_nfnl_put(par->net, info->add_set.index); 256 ip_set_nfnl_put(par->net, info->add_set.index);
257 return -ENOENT; 257 return -ENOENT;
@@ -259,7 +259,7 @@ set_target_v0_checkentry(const struct xt_tgchk_param *par)
259 } 259 }
260 if (info->add_set.u.flags[IPSET_DIM_MAX - 1] != 0 || 260 if (info->add_set.u.flags[IPSET_DIM_MAX - 1] != 0 ||
261 info->del_set.u.flags[IPSET_DIM_MAX - 1] != 0) { 261 info->del_set.u.flags[IPSET_DIM_MAX - 1] != 0) {
262 pr_warn("Protocol error: SET target dimension is over the limit!\n"); 262 pr_info_ratelimited("SET target dimension over the limit!\n");
263 if (info->add_set.index != IPSET_INVALID_ID) 263 if (info->add_set.index != IPSET_INVALID_ID)
264 ip_set_nfnl_put(par->net, info->add_set.index); 264 ip_set_nfnl_put(par->net, info->add_set.index);
265 if (info->del_set.index != IPSET_INVALID_ID) 265 if (info->del_set.index != IPSET_INVALID_ID)
@@ -316,8 +316,8 @@ set_target_v1_checkentry(const struct xt_tgchk_param *par)
316 if (info->add_set.index != IPSET_INVALID_ID) { 316 if (info->add_set.index != IPSET_INVALID_ID) {
317 index = ip_set_nfnl_get_byindex(par->net, info->add_set.index); 317 index = ip_set_nfnl_get_byindex(par->net, info->add_set.index);
318 if (index == IPSET_INVALID_ID) { 318 if (index == IPSET_INVALID_ID) {
319 pr_warn("Cannot find add_set index %u as target\n", 319 pr_info_ratelimited("Cannot find add_set index %u as target\n",
320 info->add_set.index); 320 info->add_set.index);
321 return -ENOENT; 321 return -ENOENT;
322 } 322 }
323 } 323 }
@@ -325,8 +325,8 @@ set_target_v1_checkentry(const struct xt_tgchk_param *par)
325 if (info->del_set.index != IPSET_INVALID_ID) { 325 if (info->del_set.index != IPSET_INVALID_ID) {
326 index = ip_set_nfnl_get_byindex(par->net, info->del_set.index); 326 index = ip_set_nfnl_get_byindex(par->net, info->del_set.index);
327 if (index == IPSET_INVALID_ID) { 327 if (index == IPSET_INVALID_ID) {
328 pr_warn("Cannot find del_set index %u as target\n", 328 pr_info_ratelimited("Cannot find del_set index %u as target\n",
329 info->del_set.index); 329 info->del_set.index);
330 if (info->add_set.index != IPSET_INVALID_ID) 330 if (info->add_set.index != IPSET_INVALID_ID)
331 ip_set_nfnl_put(par->net, info->add_set.index); 331 ip_set_nfnl_put(par->net, info->add_set.index);
332 return -ENOENT; 332 return -ENOENT;
@@ -334,7 +334,7 @@ set_target_v1_checkentry(const struct xt_tgchk_param *par)
334 } 334 }
335 if (info->add_set.dim > IPSET_DIM_MAX || 335 if (info->add_set.dim > IPSET_DIM_MAX ||
336 info->del_set.dim > IPSET_DIM_MAX) { 336 info->del_set.dim > IPSET_DIM_MAX) {
337 pr_warn("Protocol error: SET target dimension is over the limit!\n"); 337 pr_info_ratelimited("SET target dimension over the limit!\n");
338 if (info->add_set.index != IPSET_INVALID_ID) 338 if (info->add_set.index != IPSET_INVALID_ID)
339 ip_set_nfnl_put(par->net, info->add_set.index); 339 ip_set_nfnl_put(par->net, info->add_set.index);
340 if (info->del_set.index != IPSET_INVALID_ID) 340 if (info->del_set.index != IPSET_INVALID_ID)
@@ -444,8 +444,8 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
444 index = ip_set_nfnl_get_byindex(par->net, 444 index = ip_set_nfnl_get_byindex(par->net,
445 info->add_set.index); 445 info->add_set.index);
446 if (index == IPSET_INVALID_ID) { 446 if (index == IPSET_INVALID_ID) {
447 pr_warn("Cannot find add_set index %u as target\n", 447 pr_info_ratelimited("Cannot find add_set index %u as target\n",
448 info->add_set.index); 448 info->add_set.index);
449 return -ENOENT; 449 return -ENOENT;
450 } 450 }
451 } 451 }
@@ -454,8 +454,8 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
454 index = ip_set_nfnl_get_byindex(par->net, 454 index = ip_set_nfnl_get_byindex(par->net,
455 info->del_set.index); 455 info->del_set.index);
456 if (index == IPSET_INVALID_ID) { 456 if (index == IPSET_INVALID_ID) {
457 pr_warn("Cannot find del_set index %u as target\n", 457 pr_info_ratelimited("Cannot find del_set index %u as target\n",
458 info->del_set.index); 458 info->del_set.index);
459 if (info->add_set.index != IPSET_INVALID_ID) 459 if (info->add_set.index != IPSET_INVALID_ID)
460 ip_set_nfnl_put(par->net, 460 ip_set_nfnl_put(par->net,
461 info->add_set.index); 461 info->add_set.index);
@@ -465,7 +465,7 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
465 465
466 if (info->map_set.index != IPSET_INVALID_ID) { 466 if (info->map_set.index != IPSET_INVALID_ID) {
467 if (strncmp(par->table, "mangle", 7)) { 467 if (strncmp(par->table, "mangle", 7)) {
468 pr_warn("--map-set only usable from mangle table\n"); 468 pr_info_ratelimited("--map-set only usable from mangle table\n");
469 return -EINVAL; 469 return -EINVAL;
470 } 470 }
471 if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) | 471 if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) |
@@ -473,14 +473,14 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
473 !(par->hook_mask & (1 << NF_INET_FORWARD | 473 !(par->hook_mask & (1 << NF_INET_FORWARD |
474 1 << NF_INET_LOCAL_OUT | 474 1 << NF_INET_LOCAL_OUT |
475 1 << NF_INET_POST_ROUTING))) { 475 1 << NF_INET_POST_ROUTING))) {
476 pr_warn("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n"); 476 pr_info_ratelimited("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n");
477 return -EINVAL; 477 return -EINVAL;
478 } 478 }
479 index = ip_set_nfnl_get_byindex(par->net, 479 index = ip_set_nfnl_get_byindex(par->net,
480 info->map_set.index); 480 info->map_set.index);
481 if (index == IPSET_INVALID_ID) { 481 if (index == IPSET_INVALID_ID) {
482 pr_warn("Cannot find map_set index %u as target\n", 482 pr_info_ratelimited("Cannot find map_set index %u as target\n",
483 info->map_set.index); 483 info->map_set.index);
484 if (info->add_set.index != IPSET_INVALID_ID) 484 if (info->add_set.index != IPSET_INVALID_ID)
485 ip_set_nfnl_put(par->net, 485 ip_set_nfnl_put(par->net,
486 info->add_set.index); 486 info->add_set.index);
@@ -494,7 +494,7 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
494 if (info->add_set.dim > IPSET_DIM_MAX || 494 if (info->add_set.dim > IPSET_DIM_MAX ||
495 info->del_set.dim > IPSET_DIM_MAX || 495 info->del_set.dim > IPSET_DIM_MAX ||
496 info->map_set.dim > IPSET_DIM_MAX) { 496 info->map_set.dim > IPSET_DIM_MAX) {
497 pr_warn("Protocol error: SET target dimension is over the limit!\n"); 497 pr_info_ratelimited("SET target dimension over the limit!\n");
498 if (info->add_set.index != IPSET_INVALID_ID) 498 if (info->add_set.index != IPSET_INVALID_ID)
499 ip_set_nfnl_put(par->net, info->add_set.index); 499 ip_set_nfnl_put(par->net, info->add_set.index);
500 if (info->del_set.index != IPSET_INVALID_ID) 500 if (info->del_set.index != IPSET_INVALID_ID)
diff --git a/net/netfilter/xt_socket.c b/net/netfilter/xt_socket.c
index 575d2153e3b8..2ac7f674d19b 100644
--- a/net/netfilter/xt_socket.c
+++ b/net/netfilter/xt_socket.c
@@ -171,7 +171,8 @@ static int socket_mt_v1_check(const struct xt_mtchk_param *par)
171 return err; 171 return err;
172 172
173 if (info->flags & ~XT_SOCKET_FLAGS_V1) { 173 if (info->flags & ~XT_SOCKET_FLAGS_V1) {
174 pr_info("unknown flags 0x%x\n", info->flags & ~XT_SOCKET_FLAGS_V1); 174 pr_info_ratelimited("unknown flags 0x%x\n",
175 info->flags & ~XT_SOCKET_FLAGS_V1);
175 return -EINVAL; 176 return -EINVAL;
176 } 177 }
177 return 0; 178 return 0;
@@ -187,7 +188,8 @@ static int socket_mt_v2_check(const struct xt_mtchk_param *par)
187 return err; 188 return err;
188 189
189 if (info->flags & ~XT_SOCKET_FLAGS_V2) { 190 if (info->flags & ~XT_SOCKET_FLAGS_V2) {
190 pr_info("unknown flags 0x%x\n", info->flags & ~XT_SOCKET_FLAGS_V2); 191 pr_info_ratelimited("unknown flags 0x%x\n",
192 info->flags & ~XT_SOCKET_FLAGS_V2);
191 return -EINVAL; 193 return -EINVAL;
192 } 194 }
193 return 0; 195 return 0;
@@ -203,8 +205,8 @@ static int socket_mt_v3_check(const struct xt_mtchk_param *par)
203 if (err) 205 if (err)
204 return err; 206 return err;
205 if (info->flags & ~XT_SOCKET_FLAGS_V3) { 207 if (info->flags & ~XT_SOCKET_FLAGS_V3) {
206 pr_info("unknown flags 0x%x\n", 208 pr_info_ratelimited("unknown flags 0x%x\n",
207 info->flags & ~XT_SOCKET_FLAGS_V3); 209 info->flags & ~XT_SOCKET_FLAGS_V3);
208 return -EINVAL; 210 return -EINVAL;
209 } 211 }
210 return 0; 212 return 0;
diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c
index 5fbd79194d21..0b41c0befe3c 100644
--- a/net/netfilter/xt_state.c
+++ b/net/netfilter/xt_state.c
@@ -44,8 +44,8 @@ static int state_mt_check(const struct xt_mtchk_param *par)
44 44
45 ret = nf_ct_netns_get(par->net, par->family); 45 ret = nf_ct_netns_get(par->net, par->family);
46 if (ret < 0) 46 if (ret < 0)
47 pr_info("cannot load conntrack support for proto=%u\n", 47 pr_info_ratelimited("cannot load conntrack support for proto=%u\n",
48 par->family); 48 par->family);
49 return ret; 49 return ret;
50} 50}
51 51
diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c
index 1b01eec1fbda..0160f505e337 100644
--- a/net/netfilter/xt_time.c
+++ b/net/netfilter/xt_time.c
@@ -235,13 +235,13 @@ static int time_mt_check(const struct xt_mtchk_param *par)
235 235
236 if (info->daytime_start > XT_TIME_MAX_DAYTIME || 236 if (info->daytime_start > XT_TIME_MAX_DAYTIME ||
237 info->daytime_stop > XT_TIME_MAX_DAYTIME) { 237 info->daytime_stop > XT_TIME_MAX_DAYTIME) {
238 pr_info("invalid argument - start or " 238 pr_info_ratelimited("invalid argument - start or stop time greater than 23:59:59\n");
239 "stop time greater than 23:59:59\n");
240 return -EDOM; 239 return -EDOM;
241 } 240 }
242 241
243 if (info->flags & ~XT_TIME_ALL_FLAGS) { 242 if (info->flags & ~XT_TIME_ALL_FLAGS) {
244 pr_info("unknown flags 0x%x\n", info->flags & ~XT_TIME_ALL_FLAGS); 243 pr_info_ratelimited("unknown flags 0x%x\n",
244 info->flags & ~XT_TIME_ALL_FLAGS);
245 return -EINVAL; 245 return -EINVAL;
246 } 246 }
247 247
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 2ad445c1d27c..07e8478068f0 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -2308,7 +2308,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
2308 if (cb->start) { 2308 if (cb->start) {
2309 ret = cb->start(cb); 2309 ret = cb->start(cb);
2310 if (ret) 2310 if (ret)
2311 goto error_unlock; 2311 goto error_put;
2312 } 2312 }
2313 2313
2314 nlk->cb_running = true; 2314 nlk->cb_running = true;
@@ -2328,6 +2328,8 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
2328 */ 2328 */
2329 return -EINTR; 2329 return -EINTR;
2330 2330
2331error_put:
2332 module_put(control->module);
2331error_unlock: 2333error_unlock:
2332 sock_put(sk); 2334 sock_put(sk);
2333 mutex_unlock(nlk->cb_mutex); 2335 mutex_unlock(nlk->cb_mutex);
diff --git a/net/rxrpc/output.c b/net/rxrpc/output.c
index 42410e910aff..cf73dc006c3b 100644
--- a/net/rxrpc/output.c
+++ b/net/rxrpc/output.c
@@ -445,7 +445,7 @@ send_fragmentable:
445 (char *)&opt, sizeof(opt)); 445 (char *)&opt, sizeof(opt));
446 if (ret == 0) { 446 if (ret == 0) {
447 ret = kernel_sendmsg(conn->params.local->socket, &msg, 447 ret = kernel_sendmsg(conn->params.local->socket, &msg,
448 iov, 1, iov[0].iov_len); 448 iov, 2, len);
449 449
450 opt = IPV6_PMTUDISC_DO; 450 opt = IPV6_PMTUDISC_DO;
451 kernel_setsockopt(conn->params.local->socket, 451 kernel_setsockopt(conn->params.local->socket,
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index a7dc7271042a..247b7cc20c13 100644
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -1397,13 +1397,18 @@ static int tc_dump_tfilter(struct sk_buff *skb, struct netlink_callback *cb)
1397 nla_get_u32(tca[TCA_CHAIN]) != chain->index) 1397 nla_get_u32(tca[TCA_CHAIN]) != chain->index)
1398 continue; 1398 continue;
1399 if (!tcf_chain_dump(chain, q, parent, skb, cb, 1399 if (!tcf_chain_dump(chain, q, parent, skb, cb,
1400 index_start, &index)) 1400 index_start, &index)) {
1401 err = -EMSGSIZE;
1401 break; 1402 break;
1403 }
1402 } 1404 }
1403 1405
1404 cb->args[0] = index; 1406 cb->args[0] = index;
1405 1407
1406out: 1408out:
1409 /* If we did no progress, the error (EMSGSIZE) is real */
1410 if (skb->len == 0 && err)
1411 return err;
1407 return skb->len; 1412 return skb->len;
1408} 1413}
1409 1414
diff --git a/net/wireless/mesh.c b/net/wireless/mesh.c
index 51aa55618ef7..b12da6ef3c12 100644
--- a/net/wireless/mesh.c
+++ b/net/wireless/mesh.c
@@ -170,9 +170,28 @@ int __cfg80211_join_mesh(struct cfg80211_registered_device *rdev,
170 enum nl80211_bss_scan_width scan_width; 170 enum nl80211_bss_scan_width scan_width;
171 struct ieee80211_supported_band *sband = 171 struct ieee80211_supported_band *sband =
172 rdev->wiphy.bands[setup->chandef.chan->band]; 172 rdev->wiphy.bands[setup->chandef.chan->band];
173 scan_width = cfg80211_chandef_to_scan_width(&setup->chandef); 173
174 setup->basic_rates = ieee80211_mandatory_rates(sband, 174 if (setup->chandef.chan->band == NL80211_BAND_2GHZ) {
175 scan_width); 175 int i;
176
177 /*
178 * Older versions selected the mandatory rates for
179 * 2.4 GHz as well, but were broken in that only
180 * 1 Mbps was regarded as a mandatory rate. Keep
181 * using just 1 Mbps as the default basic rate for
182 * mesh to be interoperable with older versions.
183 */
184 for (i = 0; i < sband->n_bitrates; i++) {
185 if (sband->bitrates[i].bitrate == 10) {
186 setup->basic_rates = BIT(i);
187 break;
188 }
189 }
190 } else {
191 scan_width = cfg80211_chandef_to_scan_width(&setup->chandef);
192 setup->basic_rates = ieee80211_mandatory_rates(sband,
193 scan_width);
194 }
176 } 195 }
177 196
178 err = cfg80211_chandef_dfs_required(&rdev->wiphy, 197 err = cfg80211_chandef_dfs_required(&rdev->wiphy,
diff --git a/net/wireless/sme.c b/net/wireless/sme.c
index fdb3646274a5..701cfd7acc1b 100644
--- a/net/wireless/sme.c
+++ b/net/wireless/sme.c
@@ -1032,6 +1032,8 @@ void __cfg80211_disconnected(struct net_device *dev, const u8 *ie,
1032 wdev->current_bss = NULL; 1032 wdev->current_bss = NULL;
1033 wdev->ssid_len = 0; 1033 wdev->ssid_len = 0;
1034 wdev->conn_owner_nlportid = 0; 1034 wdev->conn_owner_nlportid = 0;
1035 kzfree(wdev->connect_keys);
1036 wdev->connect_keys = NULL;
1035 1037
1036 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap); 1038 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap);
1037 1039
diff --git a/tools/bpf/bpftool/main.c b/tools/bpf/bpftool/main.c
index 3a0396d87c42..185acfa229b5 100644
--- a/tools/bpf/bpftool/main.c
+++ b/tools/bpf/bpftool/main.c
@@ -244,7 +244,7 @@ static int do_batch(int argc, char **argv)
244 } 244 }
245 245
246 if (errno && errno != ENOENT) { 246 if (errno && errno != ENOENT) {
247 perror("reading batch file failed"); 247 p_err("reading batch file failed: %s", strerror(errno));
248 err = -1; 248 err = -1;
249 } else { 249 } else {
250 p_info("processed %d lines", lines); 250 p_info("processed %d lines", lines);
diff --git a/tools/bpf/bpftool/prog.c b/tools/bpf/bpftool/prog.c
index e8e2baaf93c2..e549e329be82 100644
--- a/tools/bpf/bpftool/prog.c
+++ b/tools/bpf/bpftool/prog.c
@@ -774,6 +774,9 @@ static int do_dump(int argc, char **argv)
774 n < 0 ? strerror(errno) : "short write"); 774 n < 0 ? strerror(errno) : "short write");
775 goto err_free; 775 goto err_free;
776 } 776 }
777
778 if (json_output)
779 jsonw_null(json_wtr);
777 } else { 780 } else {
778 if (member_len == &info.jited_prog_len) { 781 if (member_len == &info.jited_prog_len) {
779 const char *name = NULL; 782 const char *name = NULL;
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index 97073d649c1a..5bbbf285af74 100644
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -1060,11 +1060,12 @@ bpf_program__reloc_text(struct bpf_program *prog, struct bpf_object *obj,
1060 prog->insns = new_insn; 1060 prog->insns = new_insn;
1061 prog->main_prog_cnt = prog->insns_cnt; 1061 prog->main_prog_cnt = prog->insns_cnt;
1062 prog->insns_cnt = new_cnt; 1062 prog->insns_cnt = new_cnt;
1063 pr_debug("added %zd insn from %s to prog %s\n",
1064 text->insns_cnt, text->section_name,
1065 prog->section_name);
1063 } 1066 }
1064 insn = &prog->insns[relo->insn_idx]; 1067 insn = &prog->insns[relo->insn_idx];
1065 insn->imm += prog->main_prog_cnt - relo->insn_idx; 1068 insn->imm += prog->main_prog_cnt - relo->insn_idx;
1066 pr_debug("added %zd insn from %s to prog %s\n",
1067 text->insns_cnt, text->section_name, prog->section_name);
1068 return 0; 1069 return 0;
1069} 1070}
1070 1071
diff --git a/tools/testing/selftests/bpf/.gitignore b/tools/testing/selftests/bpf/.gitignore
index cc15af2e54fe..9cf83f895d98 100644
--- a/tools/testing/selftests/bpf/.gitignore
+++ b/tools/testing/selftests/bpf/.gitignore
@@ -11,3 +11,4 @@ test_progs
11test_tcpbpf_user 11test_tcpbpf_user
12test_verifier_log 12test_verifier_log
13feature 13feature
14test_libbpf_open
diff --git a/tools/testing/selftests/bpf/test_maps.c b/tools/testing/selftests/bpf/test_maps.c
index 436c4c72414f..9e03a4c356a4 100644
--- a/tools/testing/selftests/bpf/test_maps.c
+++ b/tools/testing/selftests/bpf/test_maps.c
@@ -126,6 +126,8 @@ static void test_hashmap_sizes(int task, void *data)
126 fd = bpf_create_map(BPF_MAP_TYPE_HASH, i, j, 126 fd = bpf_create_map(BPF_MAP_TYPE_HASH, i, j,
127 2, map_flags); 127 2, map_flags);
128 if (fd < 0) { 128 if (fd < 0) {
129 if (errno == ENOMEM)
130 return;
129 printf("Failed to create hashmap key=%d value=%d '%s'\n", 131 printf("Failed to create hashmap key=%d value=%d '%s'\n",
130 i, j, strerror(errno)); 132 i, j, strerror(errno));
131 exit(1); 133 exit(1);
diff --git a/tools/testing/selftests/bpf/test_tcpbpf_kern.c b/tools/testing/selftests/bpf/test_tcpbpf_kern.c
index 57119ad57a3f..3e645ee41ed5 100644
--- a/tools/testing/selftests/bpf/test_tcpbpf_kern.c
+++ b/tools/testing/selftests/bpf/test_tcpbpf_kern.c
@@ -5,7 +5,6 @@
5#include <linux/if_ether.h> 5#include <linux/if_ether.h>
6#include <linux/if_packet.h> 6#include <linux/if_packet.h>
7#include <linux/ip.h> 7#include <linux/ip.h>
8#include <linux/in6.h>
9#include <linux/types.h> 8#include <linux/types.h>
10#include <linux/socket.h> 9#include <linux/socket.h>
11#include <linux/tcp.h> 10#include <linux/tcp.h>
diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
index c0f16e93f9bd..c73592fa3d41 100644
--- a/tools/testing/selftests/bpf/test_verifier.c
+++ b/tools/testing/selftests/bpf/test_verifier.c
@@ -2587,6 +2587,32 @@ static struct bpf_test tests[] = {
2587 .result = ACCEPT, 2587 .result = ACCEPT,
2588 }, 2588 },
2589 { 2589 {
2590 "runtime/jit: pass negative index to tail_call",
2591 .insns = {
2592 BPF_MOV64_IMM(BPF_REG_3, -1),
2593 BPF_LD_MAP_FD(BPF_REG_2, 0),
2594 BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
2595 BPF_FUNC_tail_call),
2596 BPF_MOV64_IMM(BPF_REG_0, 0),
2597 BPF_EXIT_INSN(),
2598 },
2599 .fixup_prog = { 1 },
2600 .result = ACCEPT,
2601 },
2602 {
2603 "runtime/jit: pass > 32bit index to tail_call",
2604 .insns = {
2605 BPF_LD_IMM64(BPF_REG_3, 0x100000000ULL),
2606 BPF_LD_MAP_FD(BPF_REG_2, 0),
2607 BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
2608 BPF_FUNC_tail_call),
2609 BPF_MOV64_IMM(BPF_REG_0, 0),
2610 BPF_EXIT_INSN(),
2611 },
2612 .fixup_prog = { 2 },
2613 .result = ACCEPT,
2614 },
2615 {
2590 "stack pointer arithmetic", 2616 "stack pointer arithmetic",
2591 .insns = { 2617 .insns = {
2592 BPF_MOV64_IMM(BPF_REG_1, 4), 2618 BPF_MOV64_IMM(BPF_REG_1, 4),
generated by cgit v1.2.2 (git 2.25.0) at 2025-12-29 11:17:00 -0500