lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 02 Jan 2019 22:12:13 -0800 (PST)
From:   David Miller <davem@...emloft.net>
To:     torvalds@...ux-foundation.org
CC:     akpm@...ux-foundation.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [GIT] Networking


Several fixes here.  Basically split down the line between newly
introduced regressions and long existing problems:

1) Double free in tipc_enable_bearer(), from Cong Wang.

2) Many fixes to nf_conncount, from Florian Westphal.

3) op->get_regs_len() can throw an error, check it, from Yunsheng Lin.

4) Need to use GFP_ATOMIC in *_add_hash_mac_address() of fsl/fman
   driver, from Scott Wood.

5) Inifnite loop in fib_empty_table(), from Yue Haibing.

6) Use after free in ax25_fillin_cb(), from Cong Wang.

7) Fix socket locking in nr_find_socket(), also from Cong Wang.

8) Fix WoL wakeup enable in r8169, from Heiner Kallweit.

9) On 32-bit sock->sk_stamp is not thread-safe, from Deepa Dinamani.

10) Fix ptr_ring wrap during queue swap, from Cong Wang.

11) Missing shutdown callback in hinic driver, from Xue Chaojing.

12) Need to return NULL on error from ip6_neigh_lookup(), from Stefano
    Brivio.

13) BPF out of bounds speculation fixes from Daniel Borkmann.

Please pull, thanks a lot!

The following changes since commit b71acb0e372160167bf6d5500b88b30b52ccef6e:

  Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 (2018-12-27 13:53:32 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 

for you to fetch changes up to c5ee066333ebc322a24a00a743ed941a0c68617e:

  ipv6: Consider sk_bound_dev_if when binding a socket to an address (2019-01-02 20:16:37 -0800)

----------------------------------------------------------------
Aditya Pakki (2):
      ipv6/route: Add a missing check on proc_dointvec
      net: chelsio: Add a missing check on cudg_get_buffer

Alexei Starovoitov (1):
      Merge branch 'prevent-oob-under-speculation'

Christophe JAILLET (1):
      net/ipv6: Fix a test against 'ipv6_find_idev()' return value

Cong Wang (5):
      tipc: fix a double free in tipc_enable_bearer()
      ax25: fix a use-after-free in ax25_fillin_cb()
      net/wan: fix a double free in x25_asy_open_tty()
      netrom: fix locking in nr_find_socket()
      ptr_ring: wrap back ->producer in __ptr_ring_swap_queue()

Daniel Borkmann (9):
      bpf: move {prev_,}insn_idx into verifier env
      bpf: move tmp variable into ax register in interpreter
      bpf: enable access to ax register also from verifier rewrite
      bpf: restrict map value pointer arithmetic for unprivileged
      bpf: restrict stack pointer arithmetic for unprivileged
      bpf: restrict unknown scalars of mixed signed bounds for unprivileged
      bpf: fix check_map_access smin_value test when pointer contains offset
      bpf: prevent out of bounds speculation on pointer arithmetic
      bpf: add various test cases to selftests

David Ahern (2):
      ipv6: Fix dump of specific table with strict checking
      ipv6: Consider sk_bound_dev_if when binding a socket to an address

David S. Miller (2):
      Merge git://git.kernel.org/.../pablo/nf
      Merge git://git.kernel.org/.../bpf/bpf

Deepa Dinamani (1):
      sock: Make sock->sk_stamp thread-safe

Eric Dumazet (2):
      net/hamradio/6pack: use mod_timer() to rearm timers
      isdn: fix kernel-infoleak in capi_unlocked_ioctl

Florian Westphal (5):
      netfilter: nf_conncount: don't skip eviction when age is negative
      netfilter: nf_conncount: split gc in two phases
      netfilter: nf_conncount: restart search when nodes have been erased
      netfilter: nf_conncount: merge lookup and add functions
      netfilter: nf_conncount: fix argument order to find_next_bit

Heiner Kallweit (1):
      r8169: fix WoL device wakeup enable

Huazhong Tan (1):
      net: hns3: call hns3_nic_net_open() while doing HNAE3_UP_CLIENT

Jia-Ju Bai (1):
      isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw()

Kangjie Lu (8):
      niu: fix missing checks of niu_pci_eeprom_read
      net: (cpts) fix a missing check of clk_prepare
      net: stmicro: fix a missing check of clk_prepare
      net: dsa: bcm_sf2: Propagate error value from mdio_write
      atl1e: checking the status of atl1e_write_phy_reg
      tipc: fix a missing check of genlmsg_put
      net: marvell: fix a missing check of acpi_match_device
      netfilter: nf_tables: fix a missing check of nla_put_failure

Nikolay Aleksandrov (1):
      net: rtnetlink: address is mandatory for rtnl_fdb_get

Pablo Neira Ayuso (2):
      netfilter: nf_conncount: move all list iterations under spinlock
      netfilter: nf_conncount: speculative garbage collection on empty lists

Robert P. J. Day (2):
      phy.h: fix obvious errors in doc and kerneldoc content
      include/linux/phy/phy.h: fix minor kerneldoc errors

Scott Wood (1):
      fsl/fman: Use GFP_ATOMIC in {memac,tgec}_add_hash_mac_address()

Shawn Bohrer (1):
      netfilter: nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS

Stefano Brivio (1):
      ipv6: route: Fix return value of ip6_neigh_lookup() on neigh_create() error

Su Yanjun (1):
      ipv6: fix typo in net/ipv6/reassembly.c

Tyrel Datwyler (1):
      ibmveth: fix DMA unmap error in ibmveth_xmit_start error path

Wen Yang (1):
      net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe()

Willem de Bruijn (2):
      tap: call skb_probe_transport_header after setting skb->dev
      ip: validate header length on virtual device xmit

Xiaozhou Liu (1):
      selftests/bpf: fix error printing in test_devmap()

Xue Chaojing (1):
      net-next/hinic:add shutdown callback

YueHaibing (1):
      ipv4: fib_rules: Fix possible infinite loop in fib_empty_table

Yunsheng Lin (1):
      ethtool: check the return value of get_regs_len

Zhu Yanjun (1):
      net: rds: remove unnecessary NULL check

yupeng (1):
      add document for TCP OFO, PAWS and skip ACK counters

 Documentation/networking/snmp_counter.rst         |  240 ++++++++++++++++-
 drivers/isdn/capi/kcapi.c                         |    4 +-
 drivers/isdn/hisax/hfc_pci.c                      |    2 +
 drivers/net/dsa/bcm_sf2.c                         |    7 +-
 drivers/net/ethernet/atheros/atl1e/atl1e_main.c   |    4 +-
 drivers/net/ethernet/chelsio/cxgb4/cudbg_lib.c    |    4 +
 drivers/net/ethernet/freescale/fman/fman_memac.c  |    2 +-
 drivers/net/ethernet/freescale/fman/fman_tgec.c   |    2 +-
 drivers/net/ethernet/hisilicon/hns3/hns3_enet.c   |    7 +-
 drivers/net/ethernet/huawei/hinic/hinic_main.c    |    6 +
 drivers/net/ethernet/ibm/ibmveth.c                |    6 +-
 drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c   |    2 +
 drivers/net/ethernet/realtek/r8169.c              |    4 +-
 drivers/net/ethernet/stmicro/stmmac/dwmac-sunxi.c |    4 +-
 drivers/net/ethernet/sun/niu.c                    |   10 +-
 drivers/net/ethernet/ti/cpts.c                    |    4 +-
 drivers/net/hamradio/6pack.c                      |   16 +-
 drivers/net/tap.c                                 |    3 +-
 drivers/net/wan/fsl_ucc_hdlc.c                    |    1 -
 drivers/net/wan/x25_asy.c                         |    2 +
 include/linux/bpf_verifier.h                      |   12 +
 include/linux/filter.h                            |   10 +-
 include/linux/phy.h                               |   13 +-
 include/linux/phy/phy.h                           |    2 +-
 include/linux/ptr_ring.h                          |    2 +
 include/net/ip_tunnels.h                          |   20 ++
 include/net/netfilter/nf_conntrack_count.h        |   19 +-
 include/net/sock.h                                |   38 ++-
 kernel/bpf/core.c                                 |   54 ++--
 kernel/bpf/verifier.c                             |  336 ++++++++++++++++++-----
 net/ax25/af_ax25.c                                |   11 +-
 net/ax25/ax25_dev.c                               |    2 +
 net/compat.c                                      |   15 +-
 net/core/ethtool.c                                |   12 +-
 net/core/rtnetlink.c                              |    5 +
 net/core/sock.c                                   |   15 +-
 net/ipv4/fib_rules.c                              |    8 +-
 net/ipv4/ip_gre.c                                 |    9 +
 net/ipv4/ip_tunnel.c                              |    9 -
 net/ipv4/ip_vti.c                                 |   12 +-
 net/ipv6/addrconf.c                               |    4 +-
 net/ipv6/af_inet6.c                               |    3 +
 net/ipv6/ip6_fib.c                                |    6 +-
 net/ipv6/ip6_gre.c                                |   10 +-
 net/ipv6/ip6_tunnel.c                             |   10 +-
 net/ipv6/ip6_vti.c                                |    8 +-
 net/ipv6/ip6mr.c                                  |   17 +-
 net/ipv6/reassembly.c                             |    2 +-
 net/ipv6/route.c                                  |   10 +-
 net/ipv6/sit.c                                    |    3 +
 net/netfilter/nf_conncount.c                      |  290 +++++++++-----------
 net/netfilter/nf_tables_api.c                     |    2 +
 net/netfilter/nft_connlimit.c                     |   14 +-
 net/netrom/af_netrom.c                            |   15 +-
 net/rds/tcp.c                                     |    2 +-
 net/sunrpc/svcsock.c                              |    2 +-
 net/tipc/bearer.c                                 |    1 -
 net/tipc/netlink_compat.c                         |    2 +
 tools/testing/selftests/bpf/test_maps.c           |    2 +-
 tools/testing/selftests/bpf/test_verifier.c       | 1146 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
 60 files changed, 2079 insertions(+), 404 deletions(-)

Powered by blists - more mailing lists