diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-03-04 11:44:32 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-03-04 11:44:32 -0500 |
| commit | c3bebc71c4bcdafa24b506adf0c1de3c1f77e2e0 (patch) | |
| tree | 568bbd54cf26b82bc35907db9175cda10c7bc7d8 /net/xfrm | |
| parent | 16e3f5391c23a52a91a11ee4f2661a625b36dfe1 (diff) | |
| parent | 8b4703e9bd1172a5f8244276ebb94302e6153e26 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) Fix memory leak in ieee80211_prep_connection(), sta_info leaked on
error. From Eytan Lifshitz.
2) Unintentional switch case fallthrough in nft_reject_inet_eval(),
from Patrick McHardy.
3) Must check if payload lenth is a power of 2 in
nft_payload_select_ops(), from Nikolay Aleksandrov.
4) Fix mis-checksumming in xen-netfront driver, ip_hdr() is not in the
correct place when we invoke skb_checksum_setup(). From Wei Liu.
5) TUN driver should not advertise HW vlan offload features in
vlan_features. Fix from Fernando Luis Vazquez Cao.
6) IPV6_VTI needs to select NET_IPV_TUNNEL to avoid build errors, fix
from Steffen Klassert.
7) Add missing locking in xfrm_migrade_state_find(), we must hold the
per-namespace xfrm_state_lock while traversing the lists. Fix from
Steffen Klassert.
8) Missing locking in ath9k driver, access to tid->sched must be done
under ath_txq_lock(). Fix from Stanislaw Gruszka.
9) Fix two bugs in TCP fastopen. First respect the size argument given
to tcp_sendmsg() in the fastopen path, and secondly prevent
tcp_send_syn_data() from potentially using order-5 allocations.
From Eric Dumazet.
10) Fix handling of default neigh garbage collection params, from Jiri
Pirko.
11) Fix cwnd bloat and over-inflation of RTT when transmit segmentation
is in use. From Eric Dumazet.
12) Missing initialization of Realtek r8169 driver's statistics
seqlocks. Fix from Kyle McMartin.
13) Fix RTNL assertion failures in 802.3ad and AB ARP monitor of bonding
driver, from Ding Tianhong.
14) Bonding slave release race can cause divide by zero, fix from
Nikolay Aleksandrov.
15) Overzealous return from neigh_periodic_work() causes reachability
time to not be computed. Fix from Duain Jiong.
16) Fix regression in ipv6_find_hdr(), it should not return -ENOENT when
a specific target is specified and found. From Hans Schillstrom.
17) Fix VLAN tag stripping regression in BNA driver, from Ivan Vecera.
18) Tail loss probe can calculate bogus RTTs due to missing packet
marking on retransmit. Fix from Yuchung Cheng.
19) We cannot do skb_dst_drop() in iptunnel_pull_header() because
multicast loopback detection in later code paths need access to
skb_rtable(). Fix from Xin Long.
20) The macvlan driver regresses in that it propagates lower device
offload support disables into itself, causing severe slowdowns when
running over a bridge. Provide the software offloads always on
macvlan devices to deal with this and the regression is gone. From
Vlad Yasevich.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (103 commits)
macvlan: Add support for 'always_on' offload features
net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable
ip_tunnel:multicast process cause panic due to skb->_skb_refdst NULL pointer
net: cpsw: fix cpdma rx descriptor leak on down interface
be2net: isolate TX workarounds not applicable to Skyhawk-R
be2net: Fix skb double free in be_xmit_wrokarounds() failure path
be2net: clear promiscuous bits in adapter->flags while disabling promiscuous mode
be2net: Fix to reset transparent vlan tagging
qlcnic: dcb: a couple off by one bugs
tcp: fix bogus RTT on special retransmission
hsr: off by one sanity check in hsr_register_frame_in()
can: remove CAN FD compatibility for CAN 2.0 sockets
can: flexcan: factor out soft reset into seperate funtion
can: flexcan: flexcan_remove(): add missing netif_napi_del()
can: flexcan: fix transition from and to freeze mode in chip_{,un}freeze
can: flexcan: factor out transceiver {en,dis}able into seperate functions
can: flexcan: fix transition from and to low power mode in chip_{en,dis}able
can: flexcan: flexcan_open(): fix error path if flexcan_chip_start() fails
can: flexcan: fix shutdown: first disable chip, then all interrupts
USB AX88179/178A: Support D-Link DUB-1312
...
Diffstat (limited to 'net/xfrm')
| -rw-r--r-- | net/xfrm/xfrm_policy.c | 2 | ||||
| -rw-r--r-- | net/xfrm/xfrm_state.c | 23 | ||||
| -rw-r--r-- | net/xfrm/xfrm_user.c | 5 |
3 files changed, 18 insertions, 12 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 4b98b25793c5..1d5c7bf29938 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c | |||
| @@ -1158,7 +1158,7 @@ static struct xfrm_policy *__xfrm_policy_unlink(struct xfrm_policy *pol, | |||
| 1158 | if (hlist_unhashed(&pol->bydst)) | 1158 | if (hlist_unhashed(&pol->bydst)) |
| 1159 | return NULL; | 1159 | return NULL; |
| 1160 | 1160 | ||
| 1161 | hlist_del(&pol->bydst); | 1161 | hlist_del_init(&pol->bydst); |
| 1162 | hlist_del(&pol->byidx); | 1162 | hlist_del(&pol->byidx); |
| 1163 | list_del(&pol->walk.all); | 1163 | list_del(&pol->walk.all); |
| 1164 | net->xfrm.policy_count[dir]--; | 1164 | net->xfrm.policy_count[dir]--; |
diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index a26b7aa79475..40f1b3e92e78 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c | |||
| @@ -1159,6 +1159,11 @@ static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp) | |||
| 1159 | } | 1159 | } |
| 1160 | x->props.aalgo = orig->props.aalgo; | 1160 | x->props.aalgo = orig->props.aalgo; |
| 1161 | 1161 | ||
| 1162 | if (orig->aead) { | ||
| 1163 | x->aead = xfrm_algo_aead_clone(orig->aead); | ||
| 1164 | if (!x->aead) | ||
| 1165 | goto error; | ||
| 1166 | } | ||
| 1162 | if (orig->ealg) { | 1167 | if (orig->ealg) { |
| 1163 | x->ealg = xfrm_algo_clone(orig->ealg); | 1168 | x->ealg = xfrm_algo_clone(orig->ealg); |
| 1164 | if (!x->ealg) | 1169 | if (!x->ealg) |
| @@ -1201,6 +1206,9 @@ static struct xfrm_state *xfrm_state_clone(struct xfrm_state *orig, int *errp) | |||
| 1201 | x->props.flags = orig->props.flags; | 1206 | x->props.flags = orig->props.flags; |
| 1202 | x->props.extra_flags = orig->props.extra_flags; | 1207 | x->props.extra_flags = orig->props.extra_flags; |
| 1203 | 1208 | ||
| 1209 | x->tfcpad = orig->tfcpad; | ||
| 1210 | x->replay_maxdiff = orig->replay_maxdiff; | ||
| 1211 | x->replay_maxage = orig->replay_maxage; | ||
| 1204 | x->curlft.add_time = orig->curlft.add_time; | 1212 | x->curlft.add_time = orig->curlft.add_time; |
| 1205 | x->km.state = orig->km.state; | 1213 | x->km.state = orig->km.state; |
| 1206 | x->km.seq = orig->km.seq; | 1214 | x->km.seq = orig->km.seq; |
| @@ -1215,11 +1223,12 @@ out: | |||
| 1215 | return NULL; | 1223 | return NULL; |
| 1216 | } | 1224 | } |
| 1217 | 1225 | ||
| 1218 | /* net->xfrm.xfrm_state_lock is held */ | ||
| 1219 | struct xfrm_state *xfrm_migrate_state_find(struct xfrm_migrate *m, struct net *net) | 1226 | struct xfrm_state *xfrm_migrate_state_find(struct xfrm_migrate *m, struct net *net) |
| 1220 | { | 1227 | { |
| 1221 | unsigned int h; | 1228 | unsigned int h; |
| 1222 | struct xfrm_state *x; | 1229 | struct xfrm_state *x = NULL; |
| 1230 | |||
| 1231 | spin_lock_bh(&net->xfrm.xfrm_state_lock); | ||
| 1223 | 1232 | ||
| 1224 | if (m->reqid) { | 1233 | if (m->reqid) { |
| 1225 | h = xfrm_dst_hash(net, &m->old_daddr, &m->old_saddr, | 1234 | h = xfrm_dst_hash(net, &m->old_daddr, &m->old_saddr, |
| @@ -1236,7 +1245,7 @@ struct xfrm_state *xfrm_migrate_state_find(struct xfrm_migrate *m, struct net *n | |||
| 1236 | m->old_family)) | 1245 | m->old_family)) |
| 1237 | continue; | 1246 | continue; |
| 1238 | xfrm_state_hold(x); | 1247 | xfrm_state_hold(x); |
| 1239 | return x; | 1248 | break; |
| 1240 | } | 1249 | } |
| 1241 | } else { | 1250 | } else { |
| 1242 | h = xfrm_src_hash(net, &m->old_daddr, &m->old_saddr, | 1251 | h = xfrm_src_hash(net, &m->old_daddr, &m->old_saddr, |
| @@ -1251,11 +1260,13 @@ struct xfrm_state *xfrm_migrate_state_find(struct xfrm_migrate *m, struct net *n | |||
| 1251 | m->old_family)) | 1260 | m->old_family)) |
| 1252 | continue; | 1261 | continue; |
| 1253 | xfrm_state_hold(x); | 1262 | xfrm_state_hold(x); |
| 1254 | return x; | 1263 | break; |
| 1255 | } | 1264 | } |
| 1256 | } | 1265 | } |
| 1257 | 1266 | ||
| 1258 | return NULL; | 1267 | spin_unlock_bh(&net->xfrm.xfrm_state_lock); |
| 1268 | |||
| 1269 | return x; | ||
| 1259 | } | 1270 | } |
| 1260 | EXPORT_SYMBOL(xfrm_migrate_state_find); | 1271 | EXPORT_SYMBOL(xfrm_migrate_state_find); |
| 1261 | 1272 | ||
| @@ -1451,7 +1462,7 @@ xfrm_state_sort(struct xfrm_state **dst, struct xfrm_state **src, int n, | |||
| 1451 | { | 1462 | { |
| 1452 | int err = 0; | 1463 | int err = 0; |
| 1453 | struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); | 1464 | struct xfrm_state_afinfo *afinfo = xfrm_state_get_afinfo(family); |
| 1454 | struct net *net = xs_net(*dst); | 1465 | struct net *net = xs_net(*src); |
| 1455 | 1466 | ||
| 1456 | if (!afinfo) | 1467 | if (!afinfo) |
| 1457 | return -EAFNOSUPPORT; | 1468 | return -EAFNOSUPPORT; |
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 1ae3ec7c18b0..c274179d60a2 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -32,11 +32,6 @@ | |||
| 32 | #include <linux/in6.h> | 32 | #include <linux/in6.h> |
| 33 | #endif | 33 | #endif |
| 34 | 34 | ||
| 35 | static inline int aead_len(struct xfrm_algo_aead *alg) | ||
| 36 | { | ||
| 37 | return sizeof(*alg) + ((alg->alg_key_len + 7) / 8); | ||
| 38 | } | ||
| 39 | |||
| 40 | static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type) | 35 | static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type) |
| 41 | { | 36 | { |
| 42 | struct nlattr *rt = attrs[type]; | 37 | struct nlattr *rt = attrs[type]; |