diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-06-02 21:16:41 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-06-02 21:16:41 -0400 |
| commit | cae61ba37b4c2672704cbd8a626fbd85be7e67d9 (patch) | |
| tree | 035a181a7c079ff3c4f073c8d5abfc9da8c4a407 /net/core | |
| parent | ca755175f245b91f72cfa474aaa8acd9c26996f4 (diff) | |
| parent | 418c96ac151a16a5094a95d14252c92c1d47ec67 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) Unbreak zebra and other netlink apps, from Eric W Biederman.
2) Some new qmi_wwan device IDs, from Aleksander Morgado.
3) Fix info leak in DCB netlink handler of qlcnic driver, from Dan
Carpenter.
4) inet_getid() and ipv6_select_ident() do not generate monotonically
increasing ID numbers, fix from Eric Dumazet.
5) Fix memory leak in __sk_prepare_filter(), from Leon Yu.
6) Netlink leftover bytes warning message is user triggerable, rate
limit it. From Michal Schmidt.
7) Fix non-linear SKB panic in ipvs, from Peter Christensen.
8) Congestion window undo needs to be performed even if only never
retransmitted data is SACK'd, fix from Yuching Cheng.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (24 commits)
net: filter: fix possible memory leak in __sk_prepare_filter()
net: ec_bhf: Add runtime dependencies
tcp: fix cwnd undo on DSACK in F-RTO
netlink: Only check file credentials for implicit destinations
ipheth: Add support for iPad 2 and iPad 3
team: fix mtu setting
net: fix inet_getid() and ipv6_select_ident() bugs
net: qmi_wwan: interface #11 in Sierra Wireless MC73xx is not QMI
net: qmi_wwan: add additional Sierra Wireless QMI devices
bridge: Prevent insertion of FDB entry with disallowed vlan
netlink: rate-limit leftover bytes warning and print process name
bridge: notify user space after fdb update
net: qmi_wwan: add Netgear AirCard 341U
net: fix wrong mac_len calculation for vlans
batman-adv: fix NULL pointer dereferences
net/mlx4_core: Reset RoCE VF gids when guest driver goes down
emac: aggregation of v1-2 PLB errors for IER register
emac: add missing support of 10mbit in emac/rgmii
can: only rename enabled led triggers when changing the netdev name
ipvs: Fix panic due to non-linear skb
...
Diffstat (limited to 'net/core')
| -rw-r--r-- | net/core/dev.c | 35 | ||||
| -rw-r--r-- | net/core/filter.c | 7 |
2 files changed, 31 insertions, 11 deletions
diff --git a/net/core/dev.c b/net/core/dev.c index 9abc503b19b7..fb8b0546485b 100644 --- a/net/core/dev.c +++ b/net/core/dev.c | |||
| @@ -2283,8 +2283,8 @@ EXPORT_SYMBOL(skb_checksum_help); | |||
| 2283 | 2283 | ||
| 2284 | __be16 skb_network_protocol(struct sk_buff *skb, int *depth) | 2284 | __be16 skb_network_protocol(struct sk_buff *skb, int *depth) |
| 2285 | { | 2285 | { |
| 2286 | unsigned int vlan_depth = skb->mac_len; | ||
| 2286 | __be16 type = skb->protocol; | 2287 | __be16 type = skb->protocol; |
| 2287 | int vlan_depth = skb->mac_len; | ||
| 2288 | 2288 | ||
| 2289 | /* Tunnel gso handlers can set protocol to ethernet. */ | 2289 | /* Tunnel gso handlers can set protocol to ethernet. */ |
| 2290 | if (type == htons(ETH_P_TEB)) { | 2290 | if (type == htons(ETH_P_TEB)) { |
| @@ -2297,15 +2297,30 @@ __be16 skb_network_protocol(struct sk_buff *skb, int *depth) | |||
| 2297 | type = eth->h_proto; | 2297 | type = eth->h_proto; |
| 2298 | } | 2298 | } |
| 2299 | 2299 | ||
| 2300 | while (type == htons(ETH_P_8021Q) || type == htons(ETH_P_8021AD)) { | 2300 | /* if skb->protocol is 802.1Q/AD then the header should already be |
| 2301 | struct vlan_hdr *vh; | 2301 | * present at mac_len - VLAN_HLEN (if mac_len > 0), or at |
| 2302 | 2302 | * ETH_HLEN otherwise | |
| 2303 | if (unlikely(!pskb_may_pull(skb, vlan_depth + VLAN_HLEN))) | 2303 | */ |
| 2304 | return 0; | 2304 | if (type == htons(ETH_P_8021Q) || type == htons(ETH_P_8021AD)) { |
| 2305 | 2305 | if (vlan_depth) { | |
| 2306 | vh = (struct vlan_hdr *)(skb->data + vlan_depth); | 2306 | if (unlikely(WARN_ON(vlan_depth < VLAN_HLEN))) |
| 2307 | type = vh->h_vlan_encapsulated_proto; | 2307 | return 0; |
| 2308 | vlan_depth += VLAN_HLEN; | 2308 | vlan_depth -= VLAN_HLEN; |
| 2309 | } else { | ||
| 2310 | vlan_depth = ETH_HLEN; | ||
| 2311 | } | ||
| 2312 | do { | ||
| 2313 | struct vlan_hdr *vh; | ||
| 2314 | |||
| 2315 | if (unlikely(!pskb_may_pull(skb, | ||
| 2316 | vlan_depth + VLAN_HLEN))) | ||
| 2317 | return 0; | ||
| 2318 | |||
| 2319 | vh = (struct vlan_hdr *)(skb->data + vlan_depth); | ||
| 2320 | type = vh->h_vlan_encapsulated_proto; | ||
| 2321 | vlan_depth += VLAN_HLEN; | ||
| 2322 | } while (type == htons(ETH_P_8021Q) || | ||
| 2323 | type == htons(ETH_P_8021AD)); | ||
| 2309 | } | 2324 | } |
| 2310 | 2325 | ||
| 2311 | *depth = vlan_depth; | 2326 | *depth = vlan_depth; |
diff --git a/net/core/filter.c b/net/core/filter.c index 9d79ca0a6e8e..4aec7b93f1a9 100644 --- a/net/core/filter.c +++ b/net/core/filter.c | |||
| @@ -1559,8 +1559,13 @@ static struct sk_filter *__sk_prepare_filter(struct sk_filter *fp, | |||
| 1559 | fp->jited = 0; | 1559 | fp->jited = 0; |
| 1560 | 1560 | ||
| 1561 | err = sk_chk_filter(fp->insns, fp->len); | 1561 | err = sk_chk_filter(fp->insns, fp->len); |
| 1562 | if (err) | 1562 | if (err) { |
| 1563 | if (sk != NULL) | ||
| 1564 | sk_filter_uncharge(sk, fp); | ||
| 1565 | else | ||
| 1566 | kfree(fp); | ||
| 1563 | return ERR_PTR(err); | 1567 | return ERR_PTR(err); |
| 1568 | } | ||
| 1564 | 1569 | ||
| 1565 | /* Probe if we can JIT compile the filter and if so, do | 1570 | /* Probe if we can JIT compile the filter and if so, do |
| 1566 | * the compilation of the filter. | 1571 | * the compilation of the filter. |