From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, "Pali Rohár" <pali@kernel.org>,
"David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.9 28/30] ppp: Fix generating ppp unit id when ifname is not specified
Date: Fri, 13 Aug 2021 17:06:56 +0200 [thread overview]
Message-ID: <20210813150523.356054031@linuxfoundation.org> (raw)
In-Reply-To: <20210813150522.445553924@linuxfoundation.org>
From: Pali Rohár <pali@kernel.org>
commit 3125f26c514826077f2a4490b75e9b1c7a644c42 upstream.
When registering new ppp interface via PPPIOCNEWUNIT ioctl then kernel has
to choose interface name as this ioctl API does not support specifying it.
Kernel in this case register new interface with name "ppp<id>" where <id>
is the ppp unit id, which can be obtained via PPPIOCGUNIT ioctl. This
applies also in the case when registering new ppp interface via rtnl
without supplying IFLA_IFNAME.
PPPIOCNEWUNIT ioctl allows to specify own ppp unit id which will kernel
assign to ppp interface, in case this ppp id is not already used by other
ppp interface.
In case user does not specify ppp unit id then kernel choose the first free
ppp unit id. This applies also for case when creating ppp interface via
rtnl method as it does not provide a way for specifying own ppp unit id.
If some network interface (does not have to be ppp) has name "ppp<id>"
with this first free ppp id then PPPIOCNEWUNIT ioctl or rtnl call fails.
And registering new ppp interface is not possible anymore, until interface
which holds conflicting name is renamed. Or when using rtnl method with
custom interface name in IFLA_IFNAME.
As list of allocated / used ppp unit ids is not possible to retrieve from
kernel to userspace, userspace has no idea what happens nor which interface
is doing this conflict.
So change the algorithm how ppp unit id is generated. And choose the first
number which is not neither used as ppp unit id nor in some network
interface with pattern "ppp<id>".
This issue can be simply reproduced by following pppd call when there is no
ppp interface registered and also no interface with name pattern "ppp<id>":
pppd ifname ppp1 +ipv6 noip noauth nolock local nodetach pty "pppd +ipv6 noip noauth nolock local nodetach notty"
Or by creating the one ppp interface (which gets assigned ppp unit id 0),
renaming it to "ppp1" and then trying to create a new ppp interface (which
will always fails as next free ppp unit id is 1, but network interface with
name "ppp1" exists).
This patch fixes above described issue by generating new and new ppp unit
id until some non-conflicting id with network interfaces is generated.
Signed-off-by: Pali Rohár <pali@kernel.org>
Cc: stable@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/net/ppp/ppp_generic.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
--- a/drivers/net/ppp/ppp_generic.c
+++ b/drivers/net/ppp/ppp_generic.c
@@ -285,7 +285,7 @@ static struct channel *ppp_find_channel(
static int ppp_connect_channel(struct channel *pch, int unit);
static int ppp_disconnect_channel(struct channel *pch);
static void ppp_destroy_channel(struct channel *pch);
-static int unit_get(struct idr *p, void *ptr);
+static int unit_get(struct idr *p, void *ptr, int min);
static int unit_set(struct idr *p, void *ptr, int n);
static void unit_put(struct idr *p, int n);
static void *unit_find(struct idr *p, int n);
@@ -976,9 +976,20 @@ static int ppp_unit_register(struct ppp
mutex_lock(&pn->all_ppp_mutex);
if (unit < 0) {
- ret = unit_get(&pn->units_idr, ppp);
+ ret = unit_get(&pn->units_idr, ppp, 0);
if (ret < 0)
goto err;
+ if (!ifname_is_set) {
+ while (1) {
+ snprintf(ppp->dev->name, IFNAMSIZ, "ppp%i", ret);
+ if (!__dev_get_by_name(ppp->ppp_net, ppp->dev->name))
+ break;
+ unit_put(&pn->units_idr, ret);
+ ret = unit_get(&pn->units_idr, ppp, ret + 1);
+ if (ret < 0)
+ goto err;
+ }
+ }
} else {
/* Caller asked for a specific unit number. Fail with -EEXIST
* if unavailable. For backward compatibility, return -EEXIST
@@ -3265,9 +3276,9 @@ static int unit_set(struct idr *p, void
}
/* get new free unit number and associate pointer with it */
-static int unit_get(struct idr *p, void *ptr)
+static int unit_get(struct idr *p, void *ptr, int min)
{
- return idr_alloc(p, ptr, 0, 0, GFP_KERNEL);
+ return idr_alloc(p, ptr, min, 0, GFP_KERNEL);
}
/* put unit number back to a pool */
next prev parent reply other threads:[~2021-08-13 15:11 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-13 15:06 [PATCH 4.9 00/30] 4.9.280-rc1 review Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 01/30] ALSA: seq: Fix racy deletion of subscriber Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 02/30] scsi: sr: Return correct event when media event code is 3 Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 03/30] media: videobuf2-core: dequeue if start_streaming fails Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 04/30] net: natsemi: Fix missing pci_disable_device() in probe and remove Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 05/30] mips: Fix non-POSIX regexp Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 06/30] bnx2x: fix an error code in bnx2x_nic_load() Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 07/30] net: pegasus: fix uninit-value in get_interrupt_interval Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 08/30] net: fec: fix use-after-free in fec_drv_remove Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 09/30] net: vxge: fix use-after-free in vxge_device_unregister Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 10/30] Bluetooth: defer cleanup of resources in hci_unregister_dev() Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 11/30] USB: usbtmc: Fix RCU stall warning Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 12/30] USB: serial: option: add Telit FD980 composition 0x1056 Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 13/30] USB: serial: ch341: fix character loss at high transfer rates Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 14/30] USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 15/30] usb: otg-fsm: Fix hrtimer list corruption Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 16/30] scripts/tracing: fix the bug that cant parse raw_trace_func Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 17/30] media: rtl28xxu: fix zero-length control request Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 18/30] pipe: increase minimum default pipe size to 2 pages Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 19/30] serial: 8250: Mask out floating 16/32-bit bus bits Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 20/30] MIPS: Malta: Do not byte-swap accesses to the CBUS UART Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 21/30] pcmcia: i82092: fix a null pointer dereference bug Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 22/30] perf/x86/amd: Dont touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 23/30] reiserfs: add check for root_inode in reiserfs_fill_super Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 24/30] reiserfs: check directory items on read from disk Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 25/30] alpha: Send stop IPI to send to online CPUs Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 26/30] net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 27/30] USB:ehci:fix Kunpeng920 ehci hardware problem Greg Kroah-Hartman
2021-08-13 15:06 ` Greg Kroah-Hartman [this message]
2021-08-13 15:06 ` [PATCH 4.9 29/30] net: xilinx_emaclite: Do not print real IOMEM pointer Greg Kroah-Hartman
2021-08-13 15:06 ` [PATCH 4.9 30/30] ovl: prevent private clone if bind mount is not allowed Greg Kroah-Hartman
2021-08-13 23:26 ` [PATCH 4.9 00/30] 4.9.280-rc1 review Shuah Khan
2021-08-14 14:12 ` Naresh Kamboju
2021-08-14 19:50 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210813150523.356054031@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=pali@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.