diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-10-06 11:13:35 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-10-06 11:13:35 -0400 |
| commit | d230ec72c4efed7d0f414a80a756c54d4c422a6e (patch) | |
| tree | d437aaad8dfb78dc6926a704b96f09fed6a874e8 | |
| parent | f84d9fa86820b3074a8c143444a6932c0c0fd019 (diff) | |
| parent | af70c1f92d3567035d2f73f39079459d58c706dc (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixups from David Miller:
"Here are the build and merge fixups for the networking stuff"
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
phy: micrel.c: Enable ksz9031 energy-detect power-down mode
netfilter: merge fixup for "nf_tables_netdev: remove redundant ip_hdr assignment"
netfilter: nft_limit: fix divided by zero panic
netfilter: fix namespace handling in nf_log_proc_dostring
netfilter: xt_hashlimit: Fix link error in 32bit arch because of 64bit division
netfilter: accommodate different kconfig in nf_set_hooks_head
netfilter: Fix potential null pointer dereference
| -rw-r--r-- | drivers/net/phy/micrel.c | 21 | ||||
| -rw-r--r-- | include/net/netfilter/nf_tables_ipv4.h | 1 | ||||
| -rw-r--r-- | net/netfilter/core.c | 17 | ||||
| -rw-r--r-- | net/netfilter/nf_log.c | 6 | ||||
| -rw-r--r-- | net/netfilter/nft_limit.c | 4 | ||||
| -rw-r--r-- | net/netfilter/xt_hashlimit.c | 15 |
6 files changed, 47 insertions, 17 deletions
diff --git a/drivers/net/phy/micrel.c b/drivers/net/phy/micrel.c index 885ac9cbab5a..081df68d2ce1 100644 --- a/drivers/net/phy/micrel.c +++ b/drivers/net/phy/micrel.c | |||
| @@ -439,6 +439,10 @@ static int ksz9021_config_init(struct phy_device *phydev) | |||
| 439 | #define MII_KSZ9031RN_TX_DATA_PAD_SKEW 6 | 439 | #define MII_KSZ9031RN_TX_DATA_PAD_SKEW 6 |
| 440 | #define MII_KSZ9031RN_CLK_PAD_SKEW 8 | 440 | #define MII_KSZ9031RN_CLK_PAD_SKEW 8 |
| 441 | 441 | ||
| 442 | /* MMD Address 0x1C */ | ||
| 443 | #define MII_KSZ9031RN_EDPD 0x23 | ||
| 444 | #define MII_KSZ9031RN_EDPD_ENABLE BIT(0) | ||
| 445 | |||
| 442 | static int ksz9031_extended_write(struct phy_device *phydev, | 446 | static int ksz9031_extended_write(struct phy_device *phydev, |
| 443 | u8 mode, u32 dev_addr, u32 regnum, u16 val) | 447 | u8 mode, u32 dev_addr, u32 regnum, u16 val) |
| 444 | { | 448 | { |
| @@ -510,6 +514,18 @@ static int ksz9031_center_flp_timing(struct phy_device *phydev) | |||
| 510 | return genphy_restart_aneg(phydev); | 514 | return genphy_restart_aneg(phydev); |
| 511 | } | 515 | } |
| 512 | 516 | ||
| 517 | /* Enable energy-detect power-down mode */ | ||
| 518 | static int ksz9031_enable_edpd(struct phy_device *phydev) | ||
| 519 | { | ||
| 520 | int reg; | ||
| 521 | |||
| 522 | reg = ksz9031_extended_read(phydev, OP_DATA, 0x1C, MII_KSZ9031RN_EDPD); | ||
| 523 | if (reg < 0) | ||
| 524 | return reg; | ||
| 525 | return ksz9031_extended_write(phydev, OP_DATA, 0x1C, MII_KSZ9031RN_EDPD, | ||
| 526 | reg | MII_KSZ9031RN_EDPD_ENABLE); | ||
| 527 | } | ||
| 528 | |||
| 513 | static int ksz9031_config_init(struct phy_device *phydev) | 529 | static int ksz9031_config_init(struct phy_device *phydev) |
| 514 | { | 530 | { |
| 515 | const struct device *dev = &phydev->mdio.dev; | 531 | const struct device *dev = &phydev->mdio.dev; |
| @@ -525,6 +541,11 @@ static int ksz9031_config_init(struct phy_device *phydev) | |||
| 525 | }; | 541 | }; |
| 526 | static const char *control_skews[2] = {"txen-skew-ps", "rxdv-skew-ps"}; | 542 | static const char *control_skews[2] = {"txen-skew-ps", "rxdv-skew-ps"}; |
| 527 | const struct device *dev_walker; | 543 | const struct device *dev_walker; |
| 544 | int result; | ||
| 545 | |||
| 546 | result = ksz9031_enable_edpd(phydev); | ||
| 547 | if (result < 0) | ||
| 548 | return result; | ||
| 528 | 549 | ||
| 529 | /* The Micrel driver has a deprecated option to place phy OF | 550 | /* The Micrel driver has a deprecated option to place phy OF |
| 530 | * properties in the MAC node. Walk up the tree of devices to | 551 | * properties in the MAC node. Walk up the tree of devices to |
diff --git a/include/net/netfilter/nf_tables_ipv4.h b/include/net/netfilter/nf_tables_ipv4.h index 968f00b82fb5..25e33aee91e7 100644 --- a/include/net/netfilter/nf_tables_ipv4.h +++ b/include/net/netfilter/nf_tables_ipv4.h | |||
| @@ -33,7 +33,6 @@ __nft_set_pktinfo_ipv4_validate(struct nft_pktinfo *pkt, | |||
| 33 | if (!iph) | 33 | if (!iph) |
| 34 | return -1; | 34 | return -1; |
| 35 | 35 | ||
| 36 | iph = ip_hdr(skb); | ||
| 37 | if (iph->ihl < 5 || iph->version != 4) | 36 | if (iph->ihl < 5 || iph->version != 4) |
| 38 | return -1; | 37 | return -1; |
| 39 | 38 | ||
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index fa6715db4581..c9d90eb64046 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c | |||
| @@ -90,10 +90,12 @@ static void nf_set_hooks_head(struct net *net, const struct nf_hook_ops *reg, | |||
| 90 | { | 90 | { |
| 91 | switch (reg->pf) { | 91 | switch (reg->pf) { |
| 92 | case NFPROTO_NETDEV: | 92 | case NFPROTO_NETDEV: |
| 93 | #ifdef CONFIG_NETFILTER_INGRESS | ||
| 93 | /* We already checked in nf_register_net_hook() that this is | 94 | /* We already checked in nf_register_net_hook() that this is |
| 94 | * used from ingress. | 95 | * used from ingress. |
| 95 | */ | 96 | */ |
| 96 | rcu_assign_pointer(reg->dev->nf_hooks_ingress, entry); | 97 | rcu_assign_pointer(reg->dev->nf_hooks_ingress, entry); |
| 98 | #endif | ||
| 97 | break; | 99 | break; |
| 98 | default: | 100 | default: |
| 99 | rcu_assign_pointer(net->nf.hooks[reg->pf][reg->hooknum], | 101 | rcu_assign_pointer(net->nf.hooks[reg->pf][reg->hooknum], |
| @@ -107,10 +109,15 @@ int nf_register_net_hook(struct net *net, const struct nf_hook_ops *reg) | |||
| 107 | struct nf_hook_entry *hooks_entry; | 109 | struct nf_hook_entry *hooks_entry; |
| 108 | struct nf_hook_entry *entry; | 110 | struct nf_hook_entry *entry; |
| 109 | 111 | ||
| 110 | if (reg->pf == NFPROTO_NETDEV && | 112 | if (reg->pf == NFPROTO_NETDEV) { |
| 111 | (reg->hooknum != NF_NETDEV_INGRESS || | 113 | #ifndef CONFIG_NETFILTER_INGRESS |
| 112 | !reg->dev || dev_net(reg->dev) != net)) | 114 | if (reg->hooknum == NF_NETDEV_INGRESS) |
| 113 | return -EINVAL; | 115 | return -EOPNOTSUPP; |
| 116 | #endif | ||
| 117 | if (reg->hooknum != NF_NETDEV_INGRESS || | ||
| 118 | !reg->dev || dev_net(reg->dev) != net) | ||
| 119 | return -EINVAL; | ||
| 120 | } | ||
| 114 | 121 | ||
| 115 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); | 122 | entry = kmalloc(sizeof(*entry), GFP_KERNEL); |
| 116 | if (!entry) | 123 | if (!entry) |
| @@ -160,7 +167,7 @@ void nf_unregister_net_hook(struct net *net, const struct nf_hook_ops *reg) | |||
| 160 | 167 | ||
| 161 | mutex_lock(&nf_hook_mutex); | 168 | mutex_lock(&nf_hook_mutex); |
| 162 | hooks_entry = nf_hook_entry_head(net, reg); | 169 | hooks_entry = nf_hook_entry_head(net, reg); |
| 163 | if (hooks_entry->orig_ops == reg) { | 170 | if (hooks_entry && hooks_entry->orig_ops == reg) { |
| 164 | nf_set_hooks_head(net, reg, | 171 | nf_set_hooks_head(net, reg, |
| 165 | nf_entry_dereference(hooks_entry->next)); | 172 | nf_entry_dereference(hooks_entry->next)); |
| 166 | goto unlock; | 173 | goto unlock; |
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 30a17d649a83..3dca90dc24ad 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c | |||
| @@ -422,7 +422,7 @@ static int nf_log_proc_dostring(struct ctl_table *table, int write, | |||
| 422 | char buf[NFLOGGER_NAME_LEN]; | 422 | char buf[NFLOGGER_NAME_LEN]; |
| 423 | int r = 0; | 423 | int r = 0; |
| 424 | int tindex = (unsigned long)table->extra1; | 424 | int tindex = (unsigned long)table->extra1; |
| 425 | struct net *net = current->nsproxy->net_ns; | 425 | struct net *net = table->extra2; |
| 426 | 426 | ||
| 427 | if (write) { | 427 | if (write) { |
| 428 | struct ctl_table tmp = *table; | 428 | struct ctl_table tmp = *table; |
| @@ -476,7 +476,6 @@ static int netfilter_log_sysctl_init(struct net *net) | |||
| 476 | 3, "%d", i); | 476 | 3, "%d", i); |
| 477 | nf_log_sysctl_table[i].procname = | 477 | nf_log_sysctl_table[i].procname = |
| 478 | nf_log_sysctl_fnames[i]; | 478 | nf_log_sysctl_fnames[i]; |
| 479 | nf_log_sysctl_table[i].data = NULL; | ||
| 480 | nf_log_sysctl_table[i].maxlen = NFLOGGER_NAME_LEN; | 479 | nf_log_sysctl_table[i].maxlen = NFLOGGER_NAME_LEN; |
| 481 | nf_log_sysctl_table[i].mode = 0644; | 480 | nf_log_sysctl_table[i].mode = 0644; |
| 482 | nf_log_sysctl_table[i].proc_handler = | 481 | nf_log_sysctl_table[i].proc_handler = |
| @@ -486,6 +485,9 @@ static int netfilter_log_sysctl_init(struct net *net) | |||
| 486 | } | 485 | } |
| 487 | } | 486 | } |
| 488 | 487 | ||
| 488 | for (i = NFPROTO_UNSPEC; i < NFPROTO_NUMPROTO; i++) | ||
| 489 | table[i].extra2 = net; | ||
| 490 | |||
| 489 | net->nf.nf_log_dir_header = register_net_sysctl(net, | 491 | net->nf.nf_log_dir_header = register_net_sysctl(net, |
| 490 | "net/netfilter/nf_log", | 492 | "net/netfilter/nf_log", |
| 491 | table); | 493 | table); |
diff --git a/net/netfilter/nft_limit.c b/net/netfilter/nft_limit.c index 070b98938e02..c6baf412236d 100644 --- a/net/netfilter/nft_limit.c +++ b/net/netfilter/nft_limit.c | |||
| @@ -145,7 +145,7 @@ static int nft_limit_pkts_init(const struct nft_ctx *ctx, | |||
| 145 | if (err < 0) | 145 | if (err < 0) |
| 146 | return err; | 146 | return err; |
| 147 | 147 | ||
| 148 | priv->cost = div_u64(priv->limit.nsecs, priv->limit.rate); | 148 | priv->cost = div64_u64(priv->limit.nsecs, priv->limit.rate); |
| 149 | return 0; | 149 | return 0; |
| 150 | } | 150 | } |
| 151 | 151 | ||
| @@ -170,7 +170,7 @@ static void nft_limit_pkt_bytes_eval(const struct nft_expr *expr, | |||
| 170 | const struct nft_pktinfo *pkt) | 170 | const struct nft_pktinfo *pkt) |
| 171 | { | 171 | { |
| 172 | struct nft_limit *priv = nft_expr_priv(expr); | 172 | struct nft_limit *priv = nft_expr_priv(expr); |
| 173 | u64 cost = div_u64(priv->nsecs * pkt->skb->len, priv->rate); | 173 | u64 cost = div64_u64(priv->nsecs * pkt->skb->len, priv->rate); |
| 174 | 174 | ||
| 175 | if (nft_limit_eval(priv, cost)) | 175 | if (nft_limit_eval(priv, cost)) |
| 176 | regs->verdict.code = NFT_BREAK; | 176 | regs->verdict.code = NFT_BREAK; |
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 44a095ecc7b7..2fab0c65aa94 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
| @@ -467,17 +467,18 @@ static u64 user2credits(u64 user, int revision) | |||
| 467 | /* If multiplying would overflow... */ | 467 | /* If multiplying would overflow... */ |
| 468 | if (user > 0xFFFFFFFF / (HZ*CREDITS_PER_JIFFY_v1)) | 468 | if (user > 0xFFFFFFFF / (HZ*CREDITS_PER_JIFFY_v1)) |
| 469 | /* Divide first. */ | 469 | /* Divide first. */ |
| 470 | return (user / XT_HASHLIMIT_SCALE) *\ | 470 | return div64_u64(user, XT_HASHLIMIT_SCALE) |
| 471 | HZ * CREDITS_PER_JIFFY_v1; | 471 | * HZ * CREDITS_PER_JIFFY_v1; |
| 472 | 472 | ||
| 473 | return (user * HZ * CREDITS_PER_JIFFY_v1) \ | 473 | return div64_u64(user * HZ * CREDITS_PER_JIFFY_v1, |
| 474 | / XT_HASHLIMIT_SCALE; | 474 | XT_HASHLIMIT_SCALE); |
| 475 | } else { | 475 | } else { |
| 476 | if (user > 0xFFFFFFFFFFFFFFFF / (HZ*CREDITS_PER_JIFFY)) | 476 | if (user > 0xFFFFFFFFFFFFFFFF / (HZ*CREDITS_PER_JIFFY)) |
| 477 | return (user / XT_HASHLIMIT_SCALE_v2) *\ | 477 | return div64_u64(user, XT_HASHLIMIT_SCALE_v2) |
| 478 | HZ * CREDITS_PER_JIFFY; | 478 | * HZ * CREDITS_PER_JIFFY; |
| 479 | 479 | ||
| 480 | return (user * HZ * CREDITS_PER_JIFFY) / XT_HASHLIMIT_SCALE_v2; | 480 | return div64_u64(user * HZ * CREDITS_PER_JIFFY, |
| 481 | XT_HASHLIMIT_SCALE_v2); | ||
| 481 | } | 482 | } |
| 482 | } | 483 | } |
| 483 | 484 | ||