| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Dec 2017 16:32:05 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: torvalds@...ux-foundation.org
CC: akpm@...ux-foundation.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [GIT] Networking
What's a holiday weekend without some networking bug fixes?
1) Fix some eBPF JIT bugs wrt. SKB pointers across helper function
calls, from Daniel Borkmann.
2) Fix regression from errata limiting change to marvell PHY driver,
from Zhao Qiang.
3) Fix u16 overflow in SCTP, from Xin Long.
4) Fix potential memory leak during bridge newlink, from Nikolay
Aleksandrov.
5) Fix BPF selftest build on s390, from Hendrik Brueckner.
6) Don't append to cfg80211 automatically generated certs file,
always write new ones from scratch. From Thierry Reding.
7) Fix sleep in atomic in mac80211 hwsim, from Jia-Ju Bai.
8) Fix hang on tg3 MTU change with certain chips, from Brian King.
9) Add stall detection to arc emac driver and reset chip when this
happens, from Alexander Kochetkov.
10) Fix MTU limitng in GRE tunnel drivers, from Xin Long.
11) Fix stmmac timestamping bug due to mis-shifting of field.
From Fredrik Hallenberg.
12) Fix metrics match when deleting an ipv4 route. The kernel sets
some internal metrics bits which the user isn't going to set
when it makes the delete request. From Phil Sutter.
13) mvneta driver loop over RX queues limits on "txq_number" :-)
Fix from Yelena Krivosheev.
14) Fix double free and memory corruption in get_net_ns_by_id, from
Eric W. Biederman.
15) Flush ipv4 FIB tables in the reverse order. Some tables can
share their actual backing data, in particular this happens
for the MAIN and LOCAL tables. We have to kill the LOCAL
table first, because it uses MAIN's backing memory. Fix from
Ido Schimmel.
16) Several eBPF verifier value tracking fixes, from Edward Cree,
Jann Horn, and Alexei Starovoitov.
17) Make changes to ipv6 autoflowlabel sysctl really propagate to
sockets, unless the socket has set the per-socket value
explicitly. From Shaohua Li.
18) Fix leaks and double callback invocations of zerocopy SKBs,
from Willem de Bruijn.
Please pull, thanks a lot!
The following changes since commit f3b5ad89de16f5d42e8ad36fbdf85f705c1ae051:
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma (2017-12-16 13:43:08 -0800)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git
for you to fetch changes up to c50b7c473f609189da3bccd28ee5dcf3b55109cd:
Merge branch 'net-zerocopy-fixes' (2017-12-21 15:00:59 -0500)
----------------------------------------------------------------
Adiel Aloni (1):
mac80211_hwsim: enable TODS BIT in null data frame
Alexander Kochetkov (2):
net: arc_emac: fix arc_emac_rx() error paths
net: arc_emac: restart stalled EMAC
Alexei Starovoitov (3):
Merge branch 'bpf-jit-fixes'
bpf: fix integer overflows
bpf: do not allow root to mangle valid pointers
Alexey Khoroshilov (1):
net: phy: xgene: disable clk on error paths
Alexey Kodanev (1):
vxlan: restore dev->mtu setting based on lower device
Brendan McGrath (1):
ipv6: icmp6: Allow icmp messages to be looped back
Brian King (1):
tg3: Fix rx hang on MTU change with 5717/5719
Daniel Borkmann (6):
bpf, s390x: do not reload skb pointers in non-skb context
bpf, ppc64: do not reload skb pointers in non-skb context
bpf: guarantee r1 to be ctx in case of bpf_helper_changes_pkt_data
bpf, sparc: fix usage of wrong reg for load_skb_regs after call
bpf: add test case for ld_abs and helper changing pkt data
Merge branch 'bpf-verifier-sec-fixes'
David Miller (1):
bpf: Fix tools and testing build.
David S. Miller (7):
Merge git://git.kernel.org/.../bpf/bpf
Merge tag 'mac80211-for-davem-2017-12-19' of git://git.kernel.org/.../jberg/mac80211
Merge branch 'mvneta-fixes'
Merge branch 'cls_bpf-fix-offload-state-tracking-with-block-callbacks'
Merge tag 'mlx5-fixes-2017-12-19' of git://git.kernel.org/.../saeed/linux
Merge git://git.kernel.org/.../bpf/bpf
Merge branch 'net-zerocopy-fixes'
Edward Cree (1):
bpf/verifier: fix bounds calculation on BPF_RSH
Eran Ben Elisha (1):
net/mlx5: Fix rate limit packet pacing naming and struct
Eric Garver (1):
openvswitch: Fix pop_vlan action for double tagged frames
Eric W. Biederman (1):
net: Fix double free and memory corruption in get_net_ns_by_id()
Eugenia Emantayev (2):
net/mlx5e: Fix defaulting RX ring size when not needed
net/mlx5: Fix misspelling in the error message and comment
Fredrik Hallenberg (2):
net: stmmac: Fix TX timestamp calculation
net: stmmac: Fix bad RX timestamp extraction
Gal Pressman (4):
net/mlx5e: Fix features check of IPv6 traffic
net/mlx5e: Fix possible deadlock of VXLAN lock
net/mlx5e: Add refcount to VXLAN structure
net/mlx5e: Prevent possible races in VXLAN control flow
Hemanth Puranik (1):
net: qcom/emac: Change the order of mac up and sgmii open
Hendrik Brueckner (1):
bpf: fix broken BPF selftest build on s390
Huy Nguyen (1):
net/mlx5e: Fix ETS BW check
Ido Schimmel (2):
ipv4: Fix use-after-free when flushing FIB tables
ipv6: Honor specified parameters in fibmatch lookup
Jakub Kicinski (2):
cls_bpf: fix offload assumptions after callback conversion
nfp: bpf: keep track of the offloaded program
Jann Horn (7):
bpf: fix incorrect sign extension in check_alu_op()
bpf: fix incorrect tracking of register size truncation
bpf: fix 32-bit ALU op verification
bpf: fix missing error return in check_stack_boundary()
bpf: force strict alignment checks for stack pointers
bpf: don't prune branches when a scalar is replaced with a pointer
selftests/bpf: add tests for recent bugfixes
Jia-Ju Bai (1):
mac80211_hwsim: Fix a possible sleep-in-atomic bug in hwsim_get_radio_nl
Johannes Berg (2):
nl80211: fix nl80211_send_iface() error paths
cfg80211: ship certificates as hex files
Jon Maloy (4):
tipc: fix lost member events bug
tipc: remove leaving group member from all lists
tipc: fix list sorting bug in function tipc_group_update_member()
tipc: remove joining group member from congested list
Jonathan Corbet (1):
nl80211: Remove obsolete kerneldoc line
Julian Wiedmann (1):
s390/qeth: fix error handling in checksum cmd callback
Kamal Heib (1):
net/mlx5: FPGA, return -EINVAL if size is zero
Maor Gottlieb (1):
net/mlx5: Fix steering memory leak
Moni Shoua (1):
net/mlx5: Fix error flow in CREATE_QP command
Moshe Shemesh (2):
net/mlx5: Cleanup IRQs in case of unload failure
net/mlx5: Stay in polling mode when command EQ destroy fails
Naresh Kamboju (1):
selftests: net: Adding config fragment CONFIG_NUMA=y
Nikolay Aleksandrov (1):
net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks
Petr Machata (1):
mlxsw: spectrum_router: Remove batch neighbour deletion causing FW bug
Phil Sutter (1):
ipv4: fib: Fix metrics match when deleting a route
Russell King (1):
net: phy: marvell: avoid pause mode on SGMII-to-Copper for 88e151x
Saeed Mahameed (1):
Revert "mlx5: move affinity hints assignments to generic code"
Sean Wang (1):
net: mediatek: setup proper state for disabled GMAC on the default
Shaohua Li (1):
net: reevalulate autoflowlabel setting after sysctl setting
Song Liu (1):
xdp: linearize skb in netif_receive_generic_xdp()
Thierry Reding (1):
cfg80211: always rewrite generated files from scratch
Willem de Bruijn (2):
skbuff: orphan frags before zerocopy clone
skbuff: skb_copy_ubufs must release uarg even without user frags
Xin Long (6):
sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege
sctp: add SCTP_CID_RECONF conversion in sctp_cname
vxlan: update skb dst pmtu on tx path
ip_gre: remove the incorrect mtu limit for ipgre tap
ip6_gre: remove the incorrect mtu limit for ipgre tap
ip6_tunnel: get the min mtu properly in ip6_tnl_xmit
Yelena Krivosheev (3):
net: mvneta: clear interface link status on port disable
net: mvneta: use proper rxq_number in loop on rx queues
net: mvneta: eliminate wrong call to handle rx descriptor error
Zhao Qiang (1):
net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well.
arch/powerpc/net/bpf_jit_comp64.c | 6 +-
arch/s390/net/bpf_jit_comp.c | 11 +-
arch/sparc/net/bpf_jit_comp_64.c | 6 +-
drivers/net/ethernet/arc/emac.h | 2 +
drivers/net/ethernet/arc/emac_main.c | 164 ++++++++++++++++++++++++----
drivers/net/ethernet/broadcom/tg3.c | 4 +-
drivers/net/ethernet/marvell/mvneta.c | 8 +-
drivers/net/ethernet/mediatek/mtk_eth_soc.c | 11 +-
drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/en.h | 9 +-
drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 10 +-
drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c | 10 +-
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 63 ++++++-----
drivers/net/ethernet/mellanox/mlx5/core/eq.c | 20 ++--
drivers/net/ethernet/mellanox/mlx5/core/fpga/sdk.c | 6 +
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 16 ++-
drivers/net/ethernet/mellanox/mlx5/core/health.c | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib.c | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/main.c | 75 ++++++++++++-
drivers/net/ethernet/mellanox/mlx5/core/qp.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/rl.c | 22 ++--
drivers/net/ethernet/mellanox/mlx5/core/vxlan.c | 64 ++++++-----
drivers/net/ethernet/mellanox/mlx5/core/vxlan.h | 1 +
drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 15 +--
drivers/net/ethernet/netronome/nfp/bpf/main.c | 55 ++++++++--
drivers/net/ethernet/netronome/nfp/bpf/main.h | 8 ++
drivers/net/ethernet/qualcomm/emac/emac.c | 6 +-
drivers/net/ethernet/stmicro/stmmac/common.h | 2 +-
drivers/net/ethernet/stmicro/stmmac/dwmac4_descs.c | 5 +-
drivers/net/ethernet/stmicro/stmmac/enh_desc.c | 3 +-
drivers/net/ethernet/stmicro/stmmac/norm_desc.c | 2 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c | 6 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
drivers/net/phy/marvell.c | 14 ++-
drivers/net/phy/mdio-xgene.c | 21 +++-
drivers/net/vxlan.c | 19 ++++
drivers/net/wireless/mac80211_hwsim.c | 3 +-
drivers/s390/net/qeth_core_main.c | 9 +-
include/linux/bpf_verifier.h | 4 +-
include/linux/ipv6.h | 3 +-
include/linux/mlx5/driver.h | 3 +-
include/linux/mlx5/mlx5_ifc.h | 8 +-
include/net/cfg80211.h | 1 -
include/net/pkt_cls.h | 5 +-
kernel/bpf/verifier.c | 283 +++++++++++++++++++++++++++--------------------
lib/test_bpf.c | 43 ++++++++
net/bridge/br_netlink.c | 11 +-
net/core/dev.c | 2 +-
net/core/net_namespace.c | 2 +-
net/core/skbuff.c | 7 +-
net/ipv4/fib_frontend.c | 9 +-
net/ipv4/fib_semantics.c | 8 +-
net/ipv4/ip_gre.c | 1 +
net/ipv6/af_inet6.c | 1 -
net/ipv6/ip6_gre.c | 1 +
net/ipv6/ip6_output.c | 12 +-
net/ipv6/ip6_tunnel.c | 9 +-
net/ipv6/ipv6_sockglue.c | 1 +
net/ipv6/route.c | 20 ++--
net/openvswitch/flow.c | 15 ++-
net/sched/cls_bpf.c | 93 +++++++---------
net/sctp/debug.c | 3 +
net/sctp/ulpqueue.c | 24 ++--
net/tipc/group.c | 16 +--
net/wireless/Makefile | 31 ++----
net/wireless/certs/sforshee.hex | 86 +++++++++++++++
net/wireless/certs/sforshee.x509 | Bin 680 -> 0 bytes
net/wireless/nl80211.c | 6 +-
tools/arch/s390/include/uapi/asm/bpf_perf_event.h | 2 +-
tools/testing/selftests/bpf/Makefile | 2 +-
tools/testing/selftests/bpf/test_progs.c | 8 +-
tools/testing/selftests/bpf/test_verifier.c | 629 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------
tools/testing/selftests/net/config | 1 +
73 files changed, 1548 insertions(+), 492 deletions(-)
create mode 100644 net/wireless/certs/sforshee.hex
delete mode 100644 net/wireless/certs/sforshee.x509
Powered by blists - more mailing lists