Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Pull networking fixes from David Miller: 1) Don't use uninitialized data in IPVS, from Dan Carpenter. 2) conntrack race fixes from Pablo Neira Ayuso. 3) Fix TX hangs with i40e, from Jesse Brandeburg. 4) Fix budget return from poll calls in dnet and alx, from Eric Dumazet. 5) Fix bugus "if (unlikely(x) < 0)" test in AF_PACKET, from Christoph Jaeger. 6) Fix bug introduced by conversion to list_head in TIPC retransmit code, from Jon Paul Maloy. 7) Don't use GFP_NOIO under spinlock in USB kaweth driver, from Alexey Khoroshilov. 8) Fix bridge build with INET disabled, from Arnd Bergmann. 9) Fix netlink array overrun for PROBE attributes in openvswitch, from Thomas Graf. 10) Don't hold spinlock across synchronize_irq() in tg3 driver, from Prashant Sreedharan. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (44 commits) tg3: Release tp->lock before invoking synchronize_irq() tg3: tg3_reset_task() needs to use rtnl_lock to synchronize tg3: tg3_timer() should grab tp->lock before checking for tp->irq_sync team: avoid possible underflow of count_pending value for notify_peers and mcast_rejoin openvswitch: packet messages need their own probe attribtue i40e: adds FCoE configure option cxgb4vf: Fix queue allocation for 40G adapter netdevice: Add missing parentheses in macro bridge: only provide proxy ARP when CONFIG_INET is enabled neighbour: fix base_reachable_time(_ms) not effective immediatly when changed net: fec: fix MDIO bus assignement for dual fec SoC's xen-netfront: use different locks for Rx and Tx stats drivers: net: cpsw: fix multicast flush in dual emac mode cxgb4vf: Initialize mdio_addr before using it net: Corrected the comment describing the ndo operations to reflect the actual prototype for couple of operations usb/kaweth: use GFP_ATOMIC under spin_lock in usb_start_wait_urb() MAINTAINERS: add me as ibmveth maintainer tipc: fix bug in broadcast retransmit code update ip-sysctl.txt documentation (v2) net/at91_ether: prepare and unprepare clock ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2015-01-14 17:17:37 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2015-01-14 17:17:37 -0500
commit: a6391a924cf5a16761ccd6b45094a7d5b9aeebac (patch)
tree: e428ed53a58c96d3da2fec562212c08d2d3b2385 /net
parent: 48c53db22032841290113799d43b24a677a4b24a (diff)
parent: c637dbcedf31ce1dd813a461de406f45aa7a3d38 (diff)
12 files changed, 90 insertions, 40 deletions
diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
index 1f1de715197c..e2aa7be3a847 100644
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
@@ -154,7 +154,8 @@ int br_handle_frame_finish(struct sk_buff *skb)
        dst = NULL;
        if (is_broadcast_ether_addr(dest)) {
-                if (p->flags & BR_PROXYARP &&
+                if (IS_ENABLED(CONFIG_INET) &&
+                    p->flags & BR_PROXYARP &&
                    skb->protocol == htons(ETH_P_ARP))
                        br_do_proxy_arp(skb, br, vid);
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 8e38f17288d3..8d614c93f86a 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -2043,6 +2043,12 @@ static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh)
                        case NDTPA_BASE_REACHABLE_TIME:
                                NEIGH_VAR_SET(p, BASE_REACHABLE_TIME,
                                              nla_get_msecs(tbp[i]));
+                                /* update reachable_time as well, otherwise, the change will
+                                 * only be effective after the next time neigh_periodic_work
+                                 * decides to recompute it (can be multiple minutes)
+                                 */
+                                p->reachable_time =
+                                        neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
                                break;
                        case NDTPA_GC_STALETIME:
                                NEIGH_VAR_SET(p, GC_STALETIME,
@@ -2921,6 +2927,31 @@ static int neigh_proc_dointvec_unres_qlen(struct ctl_table *ctl, int write,
        return ret;
 }
+static int neigh_proc_base_reachable_time(struct ctl_table *ctl, int write,
+                                          void __user *buffer,
+                                          size_t *lenp, loff_t *ppos)
+{
+        struct neigh_parms *p = ctl->extra2;
+        int ret;
+        if (strcmp(ctl->procname, "base_reachable_time") == 0)
+                ret = neigh_proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
+        else if (strcmp(ctl->procname, "base_reachable_time_ms") == 0)
+                ret = neigh_proc_dointvec_ms_jiffies(ctl, write, buffer, lenp, ppos);
+        else
+                ret = -1;
+        if (write && ret == 0) {
+                /* update reachable_time as well, otherwise, the change will
+                 * only be effective after the next time neigh_periodic_work
+                 * decides to recompute it
+                 */
+                p->reachable_time =
+                        neigh_rand_reach_time(NEIGH_VAR(p, BASE_REACHABLE_TIME));
+        }
+        return ret;
+}
 #define NEIGH_PARMS_DATA_OFFSET(index)  \
        (&((struct neigh_parms *) 0)->data[index])
@@ -3047,6 +3078,19 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
                t->neigh_vars[NEIGH_VAR_RETRANS_TIME_MS].proc_handler = handler;
                /* ReachableTime (in milliseconds) */
                t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler = handler;
+        } else {
+                /* Those handlers will update p->reachable_time after
+                 * base_reachable_time(_ms) is set to ensure the new timer starts being
+                 * applied after the next neighbour update instead of waiting for
+                 * neigh_periodic_work to update its value (can be multiple minutes)
+                 * So any handler that replaces them should do this as well
+                 */
+                /* ReachableTime */
+                t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME].proc_handler =
+                        neigh_proc_base_reachable_time;
+                /* ReachableTime (in milliseconds) */
+                t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].proc_handler =
+                        neigh_proc_base_reachable_time;
        }
        /* Don't export sysctls to unprivileged users */
diff --git a/net/ipv4/netfilter/nft_redir_ipv4.c b/net/ipv4/netfilter/nft_redir_ipv4.c
index ff2d23d8c87a..6ecfce63201a 100644
--- a/net/ipv4/netfilter/nft_redir_ipv4.c
+++ b/net/ipv4/netfilter/nft_redir_ipv4.c
@@ -27,10 +27,10 @@ static void nft_redir_ipv4_eval(const struct nft_expr *expr,
        memset(&mr, 0, sizeof(mr));
        if (priv->sreg_proto_min) {
-                mr.range[0].min.all = (__force __be16)
+                mr.range[0].min.all =
-                                        data[priv->sreg_proto_min].data[0];
+                        *(__be16 *)&data[priv->sreg_proto_min].data[0];
-                mr.range[0].max.all = (__force __be16)
+                mr.range[0].max.all =
-                                        data[priv->sreg_proto_max].data[0];
+                        *(__be16 *)&data[priv->sreg_proto_max].data[0];
                mr.range[0].flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
        }
diff --git a/net/ipv6/netfilter/nft_redir_ipv6.c b/net/ipv6/netfilter/nft_redir_ipv6.c
index 2433a6bfb191..11820b6b3613 100644
--- a/net/ipv6/netfilter/nft_redir_ipv6.c
+++ b/net/ipv6/netfilter/nft_redir_ipv6.c
@@ -27,10 +27,10 @@ static void nft_redir_ipv6_eval(const struct nft_expr *expr,
        memset(&range, 0, sizeof(range));
        if (priv->sreg_proto_min) {
-                range.min_proto.all = (__force __be16)
+                range.min_proto.all =
-                                        data[priv->sreg_proto_min].data[0];
+                        *(__be16 *)&data[priv->sreg_proto_min].data[0];
-                range.max_proto.all = (__force __be16)
+                range.max_proto.all =
-                                        data[priv->sreg_proto_max].data[0];
+                        *(__be16 *)&data[priv->sreg_proto_max].data[0];
                range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
        }
diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index 1d5341f3761d..5d3daae98bf0 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -183,6 +183,8 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp,
        struct nf_conn *ct;
        struct net *net;
+        *diff = 0;
 #ifdef CONFIG_IP_VS_IPV6
        /* This application helper doesn't work with IPv6 yet,
         * so turn this into a no-op for IPv6 packets
@@ -191,8 +193,6 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp,
                return 1;
 #endif
-        *diff = 0;
        /* Only useful for established sessions */
        if (cp->state != IP_VS_TCP_S_ESTABLISHED)
                return 1;
@@ -322,6 +322,9 @@ static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp,
        struct ip_vs_conn *n_cp;
        struct net *net;
+        /* no diff required for incoming packets */
+        *diff = 0;
 #ifdef CONFIG_IP_VS_IPV6
        /* This application helper doesn't work with IPv6 yet,
         * so turn this into a no-op for IPv6 packets
@@ -330,9 +333,6 @@ static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp,
                return 1;
 #endif
-        /* no diff required for incoming packets */
-        *diff = 0;
        /* Only useful for established sessions */
        if (cp->state != IP_VS_TCP_S_ESTABLISHED)
                return 1;
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index a11674806707..46d1b26a468e 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -611,16 +611,15 @@ __nf_conntrack_confirm(struct sk_buff *skb)
         */
        NF_CT_ASSERT(!nf_ct_is_confirmed(ct));
        pr_debug("Confirming conntrack %p\n", ct);
-        /* We have to check the DYING flag inside the lock to prevent
+        /* We have to check the DYING flag after unlink to prevent
-           a race against nf_ct_get_next_corpse() possibly called from
+         * a race against nf_ct_get_next_corpse() possibly called from
-           user context, else we insert an already 'dead' hash, blocking
+         * user context, else we insert an already 'dead' hash, blocking
-           further use of that particular connection -JM */
+         * further use of that particular connection -JM.
+         */
+        nf_ct_del_from_dying_or_unconfirmed_list(ct);
-        if (unlikely(nf_ct_is_dying(ct))) {
+        if (unlikely(nf_ct_is_dying(ct)))
-                nf_conntrack_double_unlock(hash, reply_hash);
+                goto out;
-                local_bh_enable();
-                return NF_ACCEPT;
-        }
        /* See if there's one in the list already, including reverse:
           NAT could have grabbed it without realizing, since we're
@@ -636,8 +635,6 @@ __nf_conntrack_confirm(struct sk_buff *skb)
                    zone == nf_ct_zone(nf_ct_tuplehash_to_ctrack(h)))
                        goto out;
-        nf_ct_del_from_dying_or_unconfirmed_list(ct);
        /* Timer relative to confirmation time, not original
           setting time, otherwise we'd get timer wrap in
           weird delay cases. */
@@ -673,6 +670,7 @@ __nf_conntrack_confirm(struct sk_buff *skb)
        return NF_ACCEPT;
 out:
+        nf_ct_add_to_dying_list(ct);
        nf_conntrack_double_unlock(hash, reply_hash);
        NF_CT_STAT_INC(net, insert_failed);
        local_bh_enable();
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 129a8daa4abf..3b3ddb4fb9ee 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -713,16 +713,12 @@ static int nft_flush_table(struct nft_ctx *ctx)
        struct nft_chain *chain, *nc;
        struct nft_set *set, *ns;
-        list_for_each_entry_safe(chain, nc, &ctx->table->chains, list) {
+        list_for_each_entry(chain, &ctx->table->chains, list) {
                ctx->chain = chain;
                err = nft_delrule_by_chain(ctx);
                if (err < 0)
                        goto out;
-                err = nft_delchain(ctx);
-                if (err < 0)
-                        goto out;
        }
        list_for_each_entry_safe(set, ns, &ctx->table->sets, list) {
@@ -735,6 +731,14 @@ static int nft_flush_table(struct nft_ctx *ctx)
                        goto out;
        }
+        list_for_each_entry_safe(chain, nc, &ctx->table->chains, list) {
+                ctx->chain = chain;
+                err = nft_delchain(ctx);
+                if (err < 0)
+                        goto out;
+        }
        err = nft_deltable(ctx);
 out:
        return err;
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index cde4a6702fa3..c421d94c4652 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -321,7 +321,8 @@ replay:
                nlh = nlmsg_hdr(skb);
                err = 0;
-                if (nlh->nlmsg_len < NLMSG_HDRLEN) {
+                if (nlmsg_len(nlh) < sizeof(struct nfgenmsg) ||
+                    skb->len < nlh->nlmsg_len) {
                        err = -EINVAL;
                        goto ack;
                }
@@ -469,7 +470,7 @@ static int nfnetlink_bind(struct net *net, int group)
        int type;
        if (group <= NFNLGRP_NONE || group > NFNLGRP_MAX)
-                return -EINVAL;
+                return 0;
        type = nfnl_group2type[group];
diff --git a/net/netfilter/nft_nat.c b/net/netfilter/nft_nat.c
index afe2b0b45ec4..aff54fb1c8a0 100644
--- a/net/netfilter/nft_nat.c
+++ b/net/netfilter/nft_nat.c
@@ -65,10 +65,10 @@ static void nft_nat_eval(const struct nft_expr *expr,
        }
        if (priv->sreg_proto_min) {
-                range.min_proto.all = (__force __be16)
+                range.min_proto.all =
-                                        data[priv->sreg_proto_min].data[0];
+                        *(__be16 *)&data[priv->sreg_proto_min].data[0];
-                range.max_proto.all = (__force __be16)
+                range.max_proto.all =
-                                        data[priv->sreg_proto_max].data[0];
+                        *(__be16 *)&data[priv->sreg_proto_max].data[0];
                range.flags |= NF_NAT_RANGE_PROTO_SPECIFIED;
        }
diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
index 4e9a5f035cbc..b07349e82d78 100644
--- a/net/openvswitch/datapath.c
+++ b/net/openvswitch/datapath.c
@@ -524,7 +524,7 @@ static int ovs_packet_cmd_execute(struct sk_buff *skb, struct genl_info *info)
        struct vport *input_vport;
        int len;
        int err;
-        bool log = !a[OVS_FLOW_ATTR_PROBE];
+        bool log = !a[OVS_PACKET_ATTR_PROBE];
        err = -EINVAL;
        if (!a[OVS_PACKET_ATTR_PACKET] || !a[OVS_PACKET_ATTR_KEY] ||
@@ -610,6 +610,7 @@ static const struct nla_policy packet_policy[OVS_PACKET_ATTR_MAX + 1] = {
        [OVS_PACKET_ATTR_PACKET] = { .len = ETH_HLEN },
        [OVS_PACKET_ATTR_KEY] = { .type = NLA_NESTED },
        [OVS_PACKET_ATTR_ACTIONS] = { .type = NLA_NESTED },
+        [OVS_PACKET_ATTR_PROBE] = { .type = NLA_FLAG },
 };
 static const struct genl_ops dp_packet_genl_ops[] = {
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 6880f34a529a..9cfe2e1dd8b5 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -2517,7 +2517,7 @@ static int packet_snd(struct socket *sock, struct msghdr *msg, size_t len)
        err = -EINVAL;
        if (sock->type == SOCK_DGRAM) {
                offset = dev_hard_header(skb, dev, ntohs(proto), addr, NULL, len);
-                if (unlikely(offset) < 0)
+                if (unlikely(offset < 0))
                        goto out_free;
        } else {
                if (ll_header_truncated(dev, len))
diff --git a/net/tipc/bcast.c b/net/tipc/bcast.c
index 96ceefeb9daf..a9e174fc0f91 100644
--- a/net/tipc/bcast.c
+++ b/net/tipc/bcast.c
@@ -220,10 +220,11 @@ static void bclink_retransmit_pkt(u32 after, u32 to)
        struct sk_buff *skb;
        skb_queue_walk(&bcl->outqueue, skb) {
-                if (more(buf_seqno(skb), after))
+                if (more(buf_seqno(skb), after)) {
+                        tipc_link_retransmit(bcl, skb, mod(to - after));
                        break;
+                }
        }
-        tipc_link_retransmit(bcl, skb, mod(to - after));
 }
 /**
author	Linus Torvalds <torvalds@linux-foundation.org>	2015-01-14 17:17:37 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2015-01-14 17:17:37 -0500
commit	a6391a924cf5a16761ccd6b45094a7d5b9aeebac (patch)
tree	e428ed53a58c96d3da2fec562212c08d2d3b2385 /net
parent	48c53db22032841290113799d43b24a677a4b24a (diff)
parent	c637dbcedf31ce1dd813a461de406f45aa7a3d38 (diff)