diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/netpoll.c | 2 | ||||
| -rw-r--r-- | net/core/rtnetlink.c | 10 | ||||
| -rw-r--r-- | net/ipv4/ipmr.c | 13 | ||||
| -rw-r--r-- | net/ipv6/ip6_output.c | 14 | ||||
| -rw-r--r-- | net/ipv6/ip6mr.c | 13 | ||||
| -rw-r--r-- | net/key/af_key.c | 19 | ||||
| -rw-r--r-- | net/openvswitch/datapath.c | 9 | ||||
| -rw-r--r-- | net/openvswitch/flow.c | 3 | ||||
| -rw-r--r-- | net/tipc/subscr.c | 29 | ||||
| -rw-r--r-- | net/xfrm/xfrm_user.c | 6 |
10 files changed, 64 insertions, 54 deletions
diff --git a/net/core/netpoll.c b/net/core/netpoll.c index a664f7829a6d..df9e6b1a9759 100644 --- a/net/core/netpoll.c +++ b/net/core/netpoll.c | |||
| @@ -742,7 +742,7 @@ static bool pkt_is_ns(struct sk_buff *skb) | |||
| 742 | struct nd_msg *msg; | 742 | struct nd_msg *msg; |
| 743 | struct ipv6hdr *hdr; | 743 | struct ipv6hdr *hdr; |
| 744 | 744 | ||
| 745 | if (skb->protocol != htons(ETH_P_ARP)) | 745 | if (skb->protocol != htons(ETH_P_IPV6)) |
| 746 | return false; | 746 | return false; |
| 747 | if (!pskb_may_pull(skb, sizeof(struct ipv6hdr) + sizeof(struct nd_msg))) | 747 | if (!pskb_may_pull(skb, sizeof(struct ipv6hdr) + sizeof(struct nd_msg))) |
| 748 | return false; | 748 | return false; |
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 1a0dac2ef9ad..120eecc0f5a4 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c | |||
| @@ -2121,12 +2121,13 @@ EXPORT_SYMBOL(rtmsg_ifinfo); | |||
| 2121 | static int nlmsg_populate_fdb_fill(struct sk_buff *skb, | 2121 | static int nlmsg_populate_fdb_fill(struct sk_buff *skb, |
| 2122 | struct net_device *dev, | 2122 | struct net_device *dev, |
| 2123 | u8 *addr, u32 pid, u32 seq, | 2123 | u8 *addr, u32 pid, u32 seq, |
| 2124 | int type, unsigned int flags) | 2124 | int type, unsigned int flags, |
| 2125 | int nlflags) | ||
| 2125 | { | 2126 | { |
| 2126 | struct nlmsghdr *nlh; | 2127 | struct nlmsghdr *nlh; |
| 2127 | struct ndmsg *ndm; | 2128 | struct ndmsg *ndm; |
| 2128 | 2129 | ||
| 2129 | nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), NLM_F_MULTI); | 2130 | nlh = nlmsg_put(skb, pid, seq, type, sizeof(*ndm), nlflags); |
| 2130 | if (!nlh) | 2131 | if (!nlh) |
| 2131 | return -EMSGSIZE; | 2132 | return -EMSGSIZE; |
| 2132 | 2133 | ||
| @@ -2164,7 +2165,7 @@ static void rtnl_fdb_notify(struct net_device *dev, u8 *addr, int type) | |||
| 2164 | if (!skb) | 2165 | if (!skb) |
| 2165 | goto errout; | 2166 | goto errout; |
| 2166 | 2167 | ||
| 2167 | err = nlmsg_populate_fdb_fill(skb, dev, addr, 0, 0, type, NTF_SELF); | 2168 | err = nlmsg_populate_fdb_fill(skb, dev, addr, 0, 0, type, NTF_SELF, 0); |
| 2168 | if (err < 0) { | 2169 | if (err < 0) { |
| 2169 | kfree_skb(skb); | 2170 | kfree_skb(skb); |
| 2170 | goto errout; | 2171 | goto errout; |
| @@ -2389,7 +2390,8 @@ static int nlmsg_populate_fdb(struct sk_buff *skb, | |||
| 2389 | 2390 | ||
| 2390 | err = nlmsg_populate_fdb_fill(skb, dev, ha->addr, | 2391 | err = nlmsg_populate_fdb_fill(skb, dev, ha->addr, |
| 2391 | portid, seq, | 2392 | portid, seq, |
| 2392 | RTM_NEWNEIGH, NTF_SELF); | 2393 | RTM_NEWNEIGH, NTF_SELF, |
| 2394 | NLM_F_MULTI); | ||
| 2393 | if (err < 0) | 2395 | if (err < 0) |
| 2394 | return err; | 2396 | return err; |
| 2395 | skip: | 2397 | skip: |
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index b9b3472975ba..28863570dd60 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c | |||
| @@ -2255,13 +2255,14 @@ int ipmr_get_route(struct net *net, struct sk_buff *skb, | |||
| 2255 | } | 2255 | } |
| 2256 | 2256 | ||
| 2257 | static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, | 2257 | static int ipmr_fill_mroute(struct mr_table *mrt, struct sk_buff *skb, |
| 2258 | u32 portid, u32 seq, struct mfc_cache *c, int cmd) | 2258 | u32 portid, u32 seq, struct mfc_cache *c, int cmd, |
| 2259 | int flags) | ||
| 2259 | { | 2260 | { |
| 2260 | struct nlmsghdr *nlh; | 2261 | struct nlmsghdr *nlh; |
| 2261 | struct rtmsg *rtm; | 2262 | struct rtmsg *rtm; |
| 2262 | int err; | 2263 | int err; |
| 2263 | 2264 | ||
| 2264 | nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), NLM_F_MULTI); | 2265 | nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); |
| 2265 | if (nlh == NULL) | 2266 | if (nlh == NULL) |
| 2266 | return -EMSGSIZE; | 2267 | return -EMSGSIZE; |
| 2267 | 2268 | ||
| @@ -2329,7 +2330,7 @@ static void mroute_netlink_event(struct mr_table *mrt, struct mfc_cache *mfc, | |||
| 2329 | if (skb == NULL) | 2330 | if (skb == NULL) |
| 2330 | goto errout; | 2331 | goto errout; |
| 2331 | 2332 | ||
| 2332 | err = ipmr_fill_mroute(mrt, skb, 0, 0, mfc, cmd); | 2333 | err = ipmr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); |
| 2333 | if (err < 0) | 2334 | if (err < 0) |
| 2334 | goto errout; | 2335 | goto errout; |
| 2335 | 2336 | ||
| @@ -2368,7 +2369,8 @@ static int ipmr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 2368 | if (ipmr_fill_mroute(mrt, skb, | 2369 | if (ipmr_fill_mroute(mrt, skb, |
| 2369 | NETLINK_CB(cb->skb).portid, | 2370 | NETLINK_CB(cb->skb).portid, |
| 2370 | cb->nlh->nlmsg_seq, | 2371 | cb->nlh->nlmsg_seq, |
| 2371 | mfc, RTM_NEWROUTE) < 0) | 2372 | mfc, RTM_NEWROUTE, |
| 2373 | NLM_F_MULTI) < 0) | ||
| 2372 | goto done; | 2374 | goto done; |
| 2373 | next_entry: | 2375 | next_entry: |
| 2374 | e++; | 2376 | e++; |
| @@ -2382,7 +2384,8 @@ next_entry: | |||
| 2382 | if (ipmr_fill_mroute(mrt, skb, | 2384 | if (ipmr_fill_mroute(mrt, skb, |
| 2383 | NETLINK_CB(cb->skb).portid, | 2385 | NETLINK_CB(cb->skb).portid, |
| 2384 | cb->nlh->nlmsg_seq, | 2386 | cb->nlh->nlmsg_seq, |
| 2385 | mfc, RTM_NEWROUTE) < 0) { | 2387 | mfc, RTM_NEWROUTE, |
| 2388 | NLM_F_MULTI) < 0) { | ||
| 2386 | spin_unlock_bh(&mfc_unres_lock); | 2389 | spin_unlock_bh(&mfc_unres_lock); |
| 2387 | goto done; | 2390 | goto done; |
| 2388 | } | 2391 | } |
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c index 16f91a2e7888..64d6073731d3 100644 --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c | |||
| @@ -1101,21 +1101,19 @@ static void ip6_append_data_mtu(unsigned int *mtu, | |||
| 1101 | unsigned int fragheaderlen, | 1101 | unsigned int fragheaderlen, |
| 1102 | struct sk_buff *skb, | 1102 | struct sk_buff *skb, |
| 1103 | struct rt6_info *rt, | 1103 | struct rt6_info *rt, |
| 1104 | bool pmtuprobe) | 1104 | unsigned int orig_mtu) |
| 1105 | { | 1105 | { |
| 1106 | if (!(rt->dst.flags & DST_XFRM_TUNNEL)) { | 1106 | if (!(rt->dst.flags & DST_XFRM_TUNNEL)) { |
| 1107 | if (skb == NULL) { | 1107 | if (skb == NULL) { |
| 1108 | /* first fragment, reserve header_len */ | 1108 | /* first fragment, reserve header_len */ |
| 1109 | *mtu = *mtu - rt->dst.header_len; | 1109 | *mtu = orig_mtu - rt->dst.header_len; |
| 1110 | 1110 | ||
| 1111 | } else { | 1111 | } else { |
| 1112 | /* | 1112 | /* |
| 1113 | * this fragment is not first, the headers | 1113 | * this fragment is not first, the headers |
| 1114 | * space is regarded as data space. | 1114 | * space is regarded as data space. |
| 1115 | */ | 1115 | */ |
| 1116 | *mtu = min(*mtu, pmtuprobe ? | 1116 | *mtu = orig_mtu; |
| 1117 | rt->dst.dev->mtu : | ||
| 1118 | dst_mtu(rt->dst.path)); | ||
| 1119 | } | 1117 | } |
| 1120 | *maxfraglen = ((*mtu - fragheaderlen) & ~7) | 1118 | *maxfraglen = ((*mtu - fragheaderlen) & ~7) |
| 1121 | + fragheaderlen - sizeof(struct frag_hdr); | 1119 | + fragheaderlen - sizeof(struct frag_hdr); |
| @@ -1132,7 +1130,7 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to, | |||
| 1132 | struct ipv6_pinfo *np = inet6_sk(sk); | 1130 | struct ipv6_pinfo *np = inet6_sk(sk); |
| 1133 | struct inet_cork *cork; | 1131 | struct inet_cork *cork; |
| 1134 | struct sk_buff *skb, *skb_prev = NULL; | 1132 | struct sk_buff *skb, *skb_prev = NULL; |
| 1135 | unsigned int maxfraglen, fragheaderlen, mtu; | 1133 | unsigned int maxfraglen, fragheaderlen, mtu, orig_mtu; |
| 1136 | int exthdrlen; | 1134 | int exthdrlen; |
| 1137 | int dst_exthdrlen; | 1135 | int dst_exthdrlen; |
| 1138 | int hh_len; | 1136 | int hh_len; |
| @@ -1214,6 +1212,7 @@ int ip6_append_data(struct sock *sk, int getfrag(void *from, char *to, | |||
| 1214 | dst_exthdrlen = 0; | 1212 | dst_exthdrlen = 0; |
| 1215 | mtu = cork->fragsize; | 1213 | mtu = cork->fragsize; |
| 1216 | } | 1214 | } |
| 1215 | orig_mtu = mtu; | ||
| 1217 | 1216 | ||
| 1218 | hh_len = LL_RESERVED_SPACE(rt->dst.dev); | 1217 | hh_len = LL_RESERVED_SPACE(rt->dst.dev); |
| 1219 | 1218 | ||
| @@ -1311,8 +1310,7 @@ alloc_new_skb: | |||
| 1311 | if (skb == NULL || skb_prev == NULL) | 1310 | if (skb == NULL || skb_prev == NULL) |
| 1312 | ip6_append_data_mtu(&mtu, &maxfraglen, | 1311 | ip6_append_data_mtu(&mtu, &maxfraglen, |
| 1313 | fragheaderlen, skb, rt, | 1312 | fragheaderlen, skb, rt, |
| 1314 | np->pmtudisc >= | 1313 | orig_mtu); |
| 1315 | IPV6_PMTUDISC_PROBE); | ||
| 1316 | 1314 | ||
| 1317 | skb_prev = skb; | 1315 | skb_prev = skb; |
| 1318 | 1316 | ||
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c index 0eb4038a4d63..8737400af0a0 100644 --- a/net/ipv6/ip6mr.c +++ b/net/ipv6/ip6mr.c | |||
| @@ -2349,13 +2349,14 @@ int ip6mr_get_route(struct net *net, | |||
| 2349 | } | 2349 | } |
| 2350 | 2350 | ||
| 2351 | static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb, | 2351 | static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb, |
| 2352 | u32 portid, u32 seq, struct mfc6_cache *c, int cmd) | 2352 | u32 portid, u32 seq, struct mfc6_cache *c, int cmd, |
| 2353 | int flags) | ||
| 2353 | { | 2354 | { |
| 2354 | struct nlmsghdr *nlh; | 2355 | struct nlmsghdr *nlh; |
| 2355 | struct rtmsg *rtm; | 2356 | struct rtmsg *rtm; |
| 2356 | int err; | 2357 | int err; |
| 2357 | 2358 | ||
| 2358 | nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), NLM_F_MULTI); | 2359 | nlh = nlmsg_put(skb, portid, seq, cmd, sizeof(*rtm), flags); |
| 2359 | if (nlh == NULL) | 2360 | if (nlh == NULL) |
| 2360 | return -EMSGSIZE; | 2361 | return -EMSGSIZE; |
| 2361 | 2362 | ||
| @@ -2423,7 +2424,7 @@ static void mr6_netlink_event(struct mr6_table *mrt, struct mfc6_cache *mfc, | |||
| 2423 | if (skb == NULL) | 2424 | if (skb == NULL) |
| 2424 | goto errout; | 2425 | goto errout; |
| 2425 | 2426 | ||
| 2426 | err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd); | 2427 | err = ip6mr_fill_mroute(mrt, skb, 0, 0, mfc, cmd, 0); |
| 2427 | if (err < 0) | 2428 | if (err < 0) |
| 2428 | goto errout; | 2429 | goto errout; |
| 2429 | 2430 | ||
| @@ -2462,7 +2463,8 @@ static int ip6mr_rtm_dumproute(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 2462 | if (ip6mr_fill_mroute(mrt, skb, | 2463 | if (ip6mr_fill_mroute(mrt, skb, |
| 2463 | NETLINK_CB(cb->skb).portid, | 2464 | NETLINK_CB(cb->skb).portid, |
| 2464 | cb->nlh->nlmsg_seq, | 2465 | cb->nlh->nlmsg_seq, |
| 2465 | mfc, RTM_NEWROUTE) < 0) | 2466 | mfc, RTM_NEWROUTE, |
| 2467 | NLM_F_MULTI) < 0) | ||
| 2466 | goto done; | 2468 | goto done; |
| 2467 | next_entry: | 2469 | next_entry: |
| 2468 | e++; | 2470 | e++; |
| @@ -2476,7 +2478,8 @@ next_entry: | |||
| 2476 | if (ip6mr_fill_mroute(mrt, skb, | 2478 | if (ip6mr_fill_mroute(mrt, skb, |
| 2477 | NETLINK_CB(cb->skb).portid, | 2479 | NETLINK_CB(cb->skb).portid, |
| 2478 | cb->nlh->nlmsg_seq, | 2480 | cb->nlh->nlmsg_seq, |
| 2479 | mfc, RTM_NEWROUTE) < 0) { | 2481 | mfc, RTM_NEWROUTE, |
| 2482 | NLM_F_MULTI) < 0) { | ||
| 2480 | spin_unlock_bh(&mfc_unres_lock); | 2483 | spin_unlock_bh(&mfc_unres_lock); |
| 2481 | goto done; | 2484 | goto done; |
| 2482 | } | 2485 | } |
diff --git a/net/key/af_key.c b/net/key/af_key.c index 1a04c1329362..79326978517a 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c | |||
| @@ -433,12 +433,13 @@ static inline int verify_sec_ctx_len(const void *p) | |||
| 433 | return 0; | 433 | return 0; |
| 434 | } | 434 | } |
| 435 | 435 | ||
| 436 | static inline struct xfrm_user_sec_ctx *pfkey_sadb2xfrm_user_sec_ctx(const struct sadb_x_sec_ctx *sec_ctx) | 436 | static inline struct xfrm_user_sec_ctx *pfkey_sadb2xfrm_user_sec_ctx(const struct sadb_x_sec_ctx *sec_ctx, |
| 437 | gfp_t gfp) | ||
| 437 | { | 438 | { |
| 438 | struct xfrm_user_sec_ctx *uctx = NULL; | 439 | struct xfrm_user_sec_ctx *uctx = NULL; |
| 439 | int ctx_size = sec_ctx->sadb_x_ctx_len; | 440 | int ctx_size = sec_ctx->sadb_x_ctx_len; |
| 440 | 441 | ||
| 441 | uctx = kmalloc((sizeof(*uctx)+ctx_size), GFP_KERNEL); | 442 | uctx = kmalloc((sizeof(*uctx)+ctx_size), gfp); |
| 442 | 443 | ||
| 443 | if (!uctx) | 444 | if (!uctx) |
| 444 | return NULL; | 445 | return NULL; |
| @@ -1124,7 +1125,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net, | |||
| 1124 | 1125 | ||
| 1125 | sec_ctx = ext_hdrs[SADB_X_EXT_SEC_CTX - 1]; | 1126 | sec_ctx = ext_hdrs[SADB_X_EXT_SEC_CTX - 1]; |
| 1126 | if (sec_ctx != NULL) { | 1127 | if (sec_ctx != NULL) { |
| 1127 | struct xfrm_user_sec_ctx *uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx); | 1128 | struct xfrm_user_sec_ctx *uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx, GFP_KERNEL); |
| 1128 | 1129 | ||
| 1129 | if (!uctx) | 1130 | if (!uctx) |
| 1130 | goto out; | 1131 | goto out; |
| @@ -2231,14 +2232,14 @@ static int pfkey_spdadd(struct sock *sk, struct sk_buff *skb, const struct sadb_ | |||
| 2231 | 2232 | ||
| 2232 | sec_ctx = ext_hdrs[SADB_X_EXT_SEC_CTX - 1]; | 2233 | sec_ctx = ext_hdrs[SADB_X_EXT_SEC_CTX - 1]; |
| 2233 | if (sec_ctx != NULL) { | 2234 | if (sec_ctx != NULL) { |
| 2234 | struct xfrm_user_sec_ctx *uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx); | 2235 | struct xfrm_user_sec_ctx *uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx, GFP_KERNEL); |
| 2235 | 2236 | ||
| 2236 | if (!uctx) { | 2237 | if (!uctx) { |
| 2237 | err = -ENOBUFS; | 2238 | err = -ENOBUFS; |
| 2238 | goto out; | 2239 | goto out; |
| 2239 | } | 2240 | } |
| 2240 | 2241 | ||
| 2241 | err = security_xfrm_policy_alloc(&xp->security, uctx); | 2242 | err = security_xfrm_policy_alloc(&xp->security, uctx, GFP_KERNEL); |
| 2242 | kfree(uctx); | 2243 | kfree(uctx); |
| 2243 | 2244 | ||
| 2244 | if (err) | 2245 | if (err) |
| @@ -2335,12 +2336,12 @@ static int pfkey_spddelete(struct sock *sk, struct sk_buff *skb, const struct sa | |||
| 2335 | 2336 | ||
| 2336 | sec_ctx = ext_hdrs[SADB_X_EXT_SEC_CTX - 1]; | 2337 | sec_ctx = ext_hdrs[SADB_X_EXT_SEC_CTX - 1]; |
| 2337 | if (sec_ctx != NULL) { | 2338 | if (sec_ctx != NULL) { |
| 2338 | struct xfrm_user_sec_ctx *uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx); | 2339 | struct xfrm_user_sec_ctx *uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx, GFP_KERNEL); |
| 2339 | 2340 | ||
| 2340 | if (!uctx) | 2341 | if (!uctx) |
| 2341 | return -ENOMEM; | 2342 | return -ENOMEM; |
| 2342 | 2343 | ||
| 2343 | err = security_xfrm_policy_alloc(&pol_ctx, uctx); | 2344 | err = security_xfrm_policy_alloc(&pol_ctx, uctx, GFP_KERNEL); |
| 2344 | kfree(uctx); | 2345 | kfree(uctx); |
| 2345 | if (err) | 2346 | if (err) |
| 2346 | return err; | 2347 | return err; |
| @@ -3239,8 +3240,8 @@ static struct xfrm_policy *pfkey_compile_policy(struct sock *sk, int opt, | |||
| 3239 | } | 3240 | } |
| 3240 | if ((*dir = verify_sec_ctx_len(p))) | 3241 | if ((*dir = verify_sec_ctx_len(p))) |
| 3241 | goto out; | 3242 | goto out; |
| 3242 | uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx); | 3243 | uctx = pfkey_sadb2xfrm_user_sec_ctx(sec_ctx, GFP_ATOMIC); |
| 3243 | *dir = security_xfrm_policy_alloc(&xp->security, uctx); | 3244 | *dir = security_xfrm_policy_alloc(&xp->security, uctx, GFP_ATOMIC); |
| 3244 | kfree(uctx); | 3245 | kfree(uctx); |
| 3245 | 3246 | ||
| 3246 | if (*dir) | 3247 | if (*dir) |
diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c index e9a48baf8551..8601b320b443 100644 --- a/net/openvswitch/datapath.c +++ b/net/openvswitch/datapath.c | |||
| @@ -1174,7 +1174,7 @@ static void ovs_dp_reset_user_features(struct sk_buff *skb, struct genl_info *in | |||
| 1174 | struct datapath *dp; | 1174 | struct datapath *dp; |
| 1175 | 1175 | ||
| 1176 | dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs); | 1176 | dp = lookup_datapath(sock_net(skb->sk), info->userhdr, info->attrs); |
| 1177 | if (!dp) | 1177 | if (IS_ERR(dp)) |
| 1178 | return; | 1178 | return; |
| 1179 | 1179 | ||
| 1180 | WARN(dp->user_features, "Dropping previously announced user features\n"); | 1180 | WARN(dp->user_features, "Dropping previously announced user features\n"); |
| @@ -1762,11 +1762,12 @@ static int ovs_vport_cmd_dump(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 1762 | int bucket = cb->args[0], skip = cb->args[1]; | 1762 | int bucket = cb->args[0], skip = cb->args[1]; |
| 1763 | int i, j = 0; | 1763 | int i, j = 0; |
| 1764 | 1764 | ||
| 1765 | rcu_read_lock(); | ||
| 1765 | dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex); | 1766 | dp = get_dp(sock_net(skb->sk), ovs_header->dp_ifindex); |
| 1766 | if (!dp) | 1767 | if (!dp) { |
| 1768 | rcu_read_unlock(); | ||
| 1767 | return -ENODEV; | 1769 | return -ENODEV; |
| 1768 | 1770 | } | |
| 1769 | rcu_read_lock(); | ||
| 1770 | for (i = bucket; i < DP_VPORT_HASH_BUCKETS; i++) { | 1771 | for (i = bucket; i < DP_VPORT_HASH_BUCKETS; i++) { |
| 1771 | struct vport *vport; | 1772 | struct vport *vport; |
| 1772 | 1773 | ||
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c index 16f4b46161d4..dda451f4429c 100644 --- a/net/openvswitch/flow.c +++ b/net/openvswitch/flow.c | |||
| @@ -73,6 +73,7 @@ void ovs_flow_stats_update(struct sw_flow *flow, struct sk_buff *skb) | |||
| 73 | 73 | ||
| 74 | if ((flow->key.eth.type == htons(ETH_P_IP) || | 74 | if ((flow->key.eth.type == htons(ETH_P_IP) || |
| 75 | flow->key.eth.type == htons(ETH_P_IPV6)) && | 75 | flow->key.eth.type == htons(ETH_P_IPV6)) && |
| 76 | flow->key.ip.frag != OVS_FRAG_TYPE_LATER && | ||
| 76 | flow->key.ip.proto == IPPROTO_TCP && | 77 | flow->key.ip.proto == IPPROTO_TCP && |
| 77 | likely(skb->len >= skb_transport_offset(skb) + sizeof(struct tcphdr))) { | 78 | likely(skb->len >= skb_transport_offset(skb) + sizeof(struct tcphdr))) { |
| 78 | tcp_flags = TCP_FLAGS_BE16(tcp_hdr(skb)); | 79 | tcp_flags = TCP_FLAGS_BE16(tcp_hdr(skb)); |
| @@ -91,7 +92,7 @@ static void stats_read(struct flow_stats *stats, | |||
| 91 | unsigned long *used, __be16 *tcp_flags) | 92 | unsigned long *used, __be16 *tcp_flags) |
| 92 | { | 93 | { |
| 93 | spin_lock(&stats->lock); | 94 | spin_lock(&stats->lock); |
| 94 | if (time_after(stats->used, *used)) | 95 | if (!*used || time_after(stats->used, *used)) |
| 95 | *used = stats->used; | 96 | *used = stats->used; |
| 96 | *tcp_flags |= stats->tcp_flags; | 97 | *tcp_flags |= stats->tcp_flags; |
| 97 | ovs_stats->n_packets += stats->packet_count; | 98 | ovs_stats->n_packets += stats->packet_count; |
diff --git a/net/tipc/subscr.c b/net/tipc/subscr.c index 11c9ae00837d..642437231ad5 100644 --- a/net/tipc/subscr.c +++ b/net/tipc/subscr.c | |||
| @@ -263,9 +263,9 @@ static void subscr_cancel(struct tipc_subscr *s, | |||
| 263 | * | 263 | * |
| 264 | * Called with subscriber lock held. | 264 | * Called with subscriber lock held. |
| 265 | */ | 265 | */ |
| 266 | static struct tipc_subscription *subscr_subscribe(struct tipc_subscr *s, | 266 | static int subscr_subscribe(struct tipc_subscr *s, |
| 267 | struct tipc_subscriber *subscriber) | 267 | struct tipc_subscriber *subscriber, |
| 268 | { | 268 | struct tipc_subscription **sub_p) { |
| 269 | struct tipc_subscription *sub; | 269 | struct tipc_subscription *sub; |
| 270 | int swap; | 270 | int swap; |
| 271 | 271 | ||
| @@ -276,23 +276,21 @@ static struct tipc_subscription *subscr_subscribe(struct tipc_subscr *s, | |||
| 276 | if (s->filter & htohl(TIPC_SUB_CANCEL, swap)) { | 276 | if (s->filter & htohl(TIPC_SUB_CANCEL, swap)) { |
| 277 | s->filter &= ~htohl(TIPC_SUB_CANCEL, swap); | 277 | s->filter &= ~htohl(TIPC_SUB_CANCEL, swap); |
| 278 | subscr_cancel(s, subscriber); | 278 | subscr_cancel(s, subscriber); |
| 279 | return NULL; | 279 | return 0; |
| 280 | } | 280 | } |
| 281 | 281 | ||
| 282 | /* Refuse subscription if global limit exceeded */ | 282 | /* Refuse subscription if global limit exceeded */ |
| 283 | if (atomic_read(&subscription_count) >= TIPC_MAX_SUBSCRIPTIONS) { | 283 | if (atomic_read(&subscription_count) >= TIPC_MAX_SUBSCRIPTIONS) { |
| 284 | pr_warn("Subscription rejected, limit reached (%u)\n", | 284 | pr_warn("Subscription rejected, limit reached (%u)\n", |
| 285 | TIPC_MAX_SUBSCRIPTIONS); | 285 | TIPC_MAX_SUBSCRIPTIONS); |
| 286 | subscr_terminate(subscriber); | 286 | return -EINVAL; |
| 287 | return NULL; | ||
| 288 | } | 287 | } |
| 289 | 288 | ||
| 290 | /* Allocate subscription object */ | 289 | /* Allocate subscription object */ |
| 291 | sub = kmalloc(sizeof(*sub), GFP_ATOMIC); | 290 | sub = kmalloc(sizeof(*sub), GFP_ATOMIC); |
| 292 | if (!sub) { | 291 | if (!sub) { |
| 293 | pr_warn("Subscription rejected, no memory\n"); | 292 | pr_warn("Subscription rejected, no memory\n"); |
| 294 | subscr_terminate(subscriber); | 293 | return -ENOMEM; |
| 295 | return NULL; | ||
| 296 | } | 294 | } |
| 297 | 295 | ||
| 298 | /* Initialize subscription object */ | 296 | /* Initialize subscription object */ |
| @@ -306,8 +304,7 @@ static struct tipc_subscription *subscr_subscribe(struct tipc_subscr *s, | |||
| 306 | (sub->seq.lower > sub->seq.upper)) { | 304 | (sub->seq.lower > sub->seq.upper)) { |
| 307 | pr_warn("Subscription rejected, illegal request\n"); | 305 | pr_warn("Subscription rejected, illegal request\n"); |
| 308 | kfree(sub); | 306 | kfree(sub); |
| 309 | subscr_terminate(subscriber); | 307 | return -EINVAL; |
| 310 | return NULL; | ||
| 311 | } | 308 | } |
| 312 | INIT_LIST_HEAD(&sub->nameseq_list); | 309 | INIT_LIST_HEAD(&sub->nameseq_list); |
| 313 | list_add(&sub->subscription_list, &subscriber->subscription_list); | 310 | list_add(&sub->subscription_list, &subscriber->subscription_list); |
| @@ -320,8 +317,8 @@ static struct tipc_subscription *subscr_subscribe(struct tipc_subscr *s, | |||
| 320 | (Handler)subscr_timeout, (unsigned long)sub); | 317 | (Handler)subscr_timeout, (unsigned long)sub); |
| 321 | k_start_timer(&sub->timer, sub->timeout); | 318 | k_start_timer(&sub->timer, sub->timeout); |
| 322 | } | 319 | } |
| 323 | 320 | *sub_p = sub; | |
| 324 | return sub; | 321 | return 0; |
| 325 | } | 322 | } |
| 326 | 323 | ||
| 327 | /* Handle one termination request for the subscriber */ | 324 | /* Handle one termination request for the subscriber */ |
| @@ -335,10 +332,14 @@ static void subscr_conn_msg_event(int conid, struct sockaddr_tipc *addr, | |||
| 335 | void *usr_data, void *buf, size_t len) | 332 | void *usr_data, void *buf, size_t len) |
| 336 | { | 333 | { |
| 337 | struct tipc_subscriber *subscriber = usr_data; | 334 | struct tipc_subscriber *subscriber = usr_data; |
| 338 | struct tipc_subscription *sub; | 335 | struct tipc_subscription *sub = NULL; |
| 339 | 336 | ||
| 340 | spin_lock_bh(&subscriber->lock); | 337 | spin_lock_bh(&subscriber->lock); |
| 341 | sub = subscr_subscribe((struct tipc_subscr *)buf, subscriber); | 338 | if (subscr_subscribe((struct tipc_subscr *)buf, subscriber, &sub) < 0) { |
| 339 | spin_unlock_bh(&subscriber->lock); | ||
| 340 | subscr_terminate(subscriber); | ||
| 341 | return; | ||
| 342 | } | ||
| 342 | if (sub) | 343 | if (sub) |
| 343 | tipc_nametbl_subscribe(sub); | 344 | tipc_nametbl_subscribe(sub); |
| 344 | spin_unlock_bh(&subscriber->lock); | 345 | spin_unlock_bh(&subscriber->lock); |
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index c274179d60a2..2f7ddc3a59b4 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -1221,7 +1221,7 @@ static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct nlattr **attrs | |||
| 1221 | return 0; | 1221 | return 0; |
| 1222 | 1222 | ||
| 1223 | uctx = nla_data(rt); | 1223 | uctx = nla_data(rt); |
| 1224 | return security_xfrm_policy_alloc(&pol->security, uctx); | 1224 | return security_xfrm_policy_alloc(&pol->security, uctx, GFP_KERNEL); |
| 1225 | } | 1225 | } |
| 1226 | 1226 | ||
| 1227 | static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut, | 1227 | static void copy_templates(struct xfrm_policy *xp, struct xfrm_user_tmpl *ut, |
| @@ -1626,7 +1626,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
| 1626 | if (rt) { | 1626 | if (rt) { |
| 1627 | struct xfrm_user_sec_ctx *uctx = nla_data(rt); | 1627 | struct xfrm_user_sec_ctx *uctx = nla_data(rt); |
| 1628 | 1628 | ||
| 1629 | err = security_xfrm_policy_alloc(&ctx, uctx); | 1629 | err = security_xfrm_policy_alloc(&ctx, uctx, GFP_KERNEL); |
| 1630 | if (err) | 1630 | if (err) |
| 1631 | return err; | 1631 | return err; |
| 1632 | } | 1632 | } |
| @@ -1928,7 +1928,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
| 1928 | if (rt) { | 1928 | if (rt) { |
| 1929 | struct xfrm_user_sec_ctx *uctx = nla_data(rt); | 1929 | struct xfrm_user_sec_ctx *uctx = nla_data(rt); |
| 1930 | 1930 | ||
| 1931 | err = security_xfrm_policy_alloc(&ctx, uctx); | 1931 | err = security_xfrm_policy_alloc(&ctx, uctx, GFP_KERNEL); |
| 1932 | if (err) | 1932 | if (err) |
| 1933 | return err; | 1933 | return err; |
| 1934 | } | 1934 | } |