* [PATCH AUTOSEL 5.4 04/19] bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp
[not found] <20210329222303.2383319-1-sashal@kernel.org>
@ 2021-03-29 22:22 ` Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 05/19] net/mlx5e: Enforce minimum value check for ICOSQ size Sasha Levin
` (5 subsequent siblings)
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Yonghong Song, Alexei Starovoitov, Daniel Borkmann, Sasha Levin,
netdev, bpf
From: Yonghong Song <yhs@fb.com>
[ Upstream commit de920fc64cbaa031f947e9be964bda05fd090380 ]
x86 bpf_jit_comp.c used kmalloc_array to store jited addresses
for each bpf insn. With a large bpf program, we have see the
following allocation failures in our production server:
page allocation failure: order:5, mode:0x40cc0(GFP_KERNEL|__GFP_COMP),
nodemask=(null),cpuset=/,mems_allowed=0"
Call Trace:
dump_stack+0x50/0x70
warn_alloc.cold.120+0x72/0xd2
? __alloc_pages_direct_compact+0x157/0x160
__alloc_pages_slowpath+0xcdb/0xd00
? get_page_from_freelist+0xe44/0x1600
? vunmap_page_range+0x1ba/0x340
__alloc_pages_nodemask+0x2c9/0x320
kmalloc_order+0x18/0x80
kmalloc_order_trace+0x1d/0xa0
bpf_int_jit_compile+0x1e2/0x484
? kmalloc_order_trace+0x1d/0xa0
bpf_prog_select_runtime+0xc3/0x150
bpf_prog_load+0x480/0x720
? __mod_memcg_lruvec_state+0x21/0x100
__do_sys_bpf+0xc31/0x2040
? close_pdeo+0x86/0xe0
do_syscall_64+0x42/0x110
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7f2f300f7fa9
Code: Bad RIP value.
Dumped assembly:
ffffffff810b6d70 <bpf_int_jit_compile>:
; {
ffffffff810b6d70: e8 eb a5 b4 00 callq 0xffffffff81c01360 <__fentry__>
ffffffff810b6d75: 41 57 pushq %r15
...
ffffffff810b6f39: e9 72 fe ff ff jmp 0xffffffff810b6db0 <bpf_int_jit_compile+0x40>
; addrs = kmalloc_array(prog->len + 1, sizeof(*addrs), GFP_KERNEL);
ffffffff810b6f3e: 8b 45 0c movl 12(%rbp), %eax
; return __kmalloc(bytes, flags);
ffffffff810b6f41: be c0 0c 00 00 movl $3264, %esi
; addrs = kmalloc_array(prog->len + 1, sizeof(*addrs), GFP_KERNEL);
ffffffff810b6f46: 8d 78 01 leal 1(%rax), %edi
; if (unlikely(check_mul_overflow(n, size, &bytes)))
ffffffff810b6f49: 48 c1 e7 02 shlq $2, %rdi
; return __kmalloc(bytes, flags);
ffffffff810b6f4d: e8 8e 0c 1d 00 callq 0xffffffff81287be0 <__kmalloc>
; if (!addrs) {
ffffffff810b6f52: 48 85 c0 testq %rax, %rax
Change kmalloc_array() to kvmalloc_array() to avoid potential
allocation error for big bpf programs.
Signed-off-by: Yonghong Song <yhs@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20210309015647.3657852-1-yhs@fb.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/x86/net/bpf_jit_comp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
index 18936533666e..44c7d7aef8c1 100644
--- a/arch/x86/net/bpf_jit_comp.c
+++ b/arch/x86/net/bpf_jit_comp.c
@@ -1118,7 +1118,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
extra_pass = true;
goto skip_init_addrs;
}
- addrs = kmalloc_array(prog->len + 1, sizeof(*addrs), GFP_KERNEL);
+ addrs = kvmalloc_array(prog->len + 1, sizeof(*addrs), GFP_KERNEL);
if (!addrs) {
prog = orig_prog;
goto out_addrs;
@@ -1195,7 +1195,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
if (image)
bpf_prog_fill_jited_linfo(prog, addrs + 1);
out_addrs:
- kfree(addrs);
+ kvfree(addrs);
kfree(jit_data);
prog->aux->jit_data = NULL;
}
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH AUTOSEL 5.4 05/19] net/mlx5e: Enforce minimum value check for ICOSQ size
[not found] <20210329222303.2383319-1-sashal@kernel.org>
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 04/19] bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp Sasha Levin
@ 2021-03-29 22:22 ` Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 06/19] net: pxa168_eth: Fix a potential data race in pxa168_eth_remove Sasha Levin
` (4 subsequent siblings)
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Tariq Toukan, Maxim Mikityanskiy, Saeed Mahameed, Sasha Levin,
netdev, linux-rdma
From: Tariq Toukan <tariqt@nvidia.com>
[ Upstream commit 5115daa675ccf70497fe56e8916cf738d8212c10 ]
The ICOSQ size should not go below MLX5E_PARAMS_MINIMUM_LOG_SQ_SIZE.
Enforce this where it's missing.
Signed-off-by: Tariq Toukan <tariqt@nvidia.com>
Reviewed-by: Maxim Mikityanskiy <maximmi@mellanox.com>
Reviewed-by: Saeed Mahameed <saeedm@nvidia.com>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
index 8b8581f71e79..36b9a364ef26 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
@@ -2365,8 +2365,9 @@ static u8 mlx5e_build_icosq_log_wq_sz(struct mlx5e_params *params,
{
switch (params->rq_wq_type) {
case MLX5_WQ_TYPE_LINKED_LIST_STRIDING_RQ:
- return order_base_2(MLX5E_UMR_WQEBBS) +
- mlx5e_get_rq_log_wq_sz(rqp->rqc);
+ return max_t(u8, MLX5E_PARAMS_MINIMUM_LOG_SQ_SIZE,
+ order_base_2(MLX5E_UMR_WQEBBS) +
+ mlx5e_get_rq_log_wq_sz(rqp->rqc));
default: /* MLX5_WQ_TYPE_CYCLIC */
return MLX5E_PARAMS_MINIMUM_LOG_SQ_SIZE;
}
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH AUTOSEL 5.4 06/19] net: pxa168_eth: Fix a potential data race in pxa168_eth_remove
[not found] <20210329222303.2383319-1-sashal@kernel.org>
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 04/19] bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 05/19] net/mlx5e: Enforce minimum value check for ICOSQ size Sasha Levin
@ 2021-03-29 22:22 ` Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 07/19] mISDN: fix crash in fritzpci Sasha Levin
` (3 subsequent siblings)
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Pavel Andrianov, David S . Miller, Sasha Levin, netdev
From: Pavel Andrianov <andrianov@ispras.ru>
[ Upstream commit 0571a753cb07982cc82f4a5115e0b321da89e1f3 ]
pxa168_eth_remove() firstly calls unregister_netdev(),
then cancels a timeout work. unregister_netdev() shuts down a device
interface and removes it from the kernel tables. If the timeout occurs
in parallel, the timeout work (pxa168_eth_tx_timeout_task) performs stop
and open of the device. It may lead to an inconsistent state and memory
leaks.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Pavel Andrianov <andrianov@ispras.ru>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/ethernet/marvell/pxa168_eth.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/marvell/pxa168_eth.c b/drivers/net/ethernet/marvell/pxa168_eth.c
index 51b77c2de400..235bbb2940a8 100644
--- a/drivers/net/ethernet/marvell/pxa168_eth.c
+++ b/drivers/net/ethernet/marvell/pxa168_eth.c
@@ -1554,8 +1554,8 @@ static int pxa168_eth_remove(struct platform_device *pdev)
mdiobus_unregister(pep->smi_bus);
mdiobus_free(pep->smi_bus);
- unregister_netdev(dev);
cancel_work_sync(&pep->tx_timeout_task);
+ unregister_netdev(dev);
free_netdev(dev);
return 0;
}
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH AUTOSEL 5.4 07/19] mISDN: fix crash in fritzpci
[not found] <20210329222303.2383319-1-sashal@kernel.org>
` (2 preceding siblings ...)
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 06/19] net: pxa168_eth: Fix a potential data race in pxa168_eth_remove Sasha Levin
@ 2021-03-29 22:22 ` Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 08/19] mac80211: fix double free in ibss_leave Sasha Levin
` (2 subsequent siblings)
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable; +Cc: Tong Zhang, David S . Miller, Sasha Levin, netdev
From: Tong Zhang <ztong0001@gmail.com>
[ Upstream commit a9f81244d2e33e6dfcef120fefd30c96b3f7cdb0 ]
setup_fritz() in avmfritz.c might fail with -EIO and in this case the
isac.type and isac.write_reg is not initialized and remains 0(NULL).
A subsequent call to isac_release() will dereference isac->write_reg and
crash.
[ 1.737444] BUG: kernel NULL pointer dereference, address: 0000000000000000
[ 1.737809] #PF: supervisor instruction fetch in kernel mode
[ 1.738106] #PF: error_code(0x0010) - not-present page
[ 1.738378] PGD 0 P4D 0
[ 1.738515] Oops: 0010 [#1] SMP NOPTI
[ 1.738711] CPU: 0 PID: 180 Comm: systemd-udevd Not tainted 5.12.0-rc2+ #78
[ 1.739077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-48-gd9c812dda519-p
rebuilt.qemu.org 04/01/2014
[ 1.739664] RIP: 0010:0x0
[ 1.739807] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[ 1.740200] RSP: 0018:ffffc9000027ba10 EFLAGS: 00010202
[ 1.740478] RAX: 0000000000000000 RBX: ffff888102f41840 RCX: 0000000000000027
[ 1.740853] RDX: 00000000000000ff RSI: 0000000000000020 RDI: ffff888102f41800
[ 1.741226] RBP: ffffc9000027ba20 R08: ffff88817bc18440 R09: ffffc9000027b808
[ 1.741600] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888102f41840
[ 1.741976] R13: 00000000fffffffb R14: ffff888102f41800 R15: ffff8881008b0000
[ 1.742351] FS: 00007fda3a38a8c0(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000
[ 1.742774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1.743076] CR2: ffffffffffffffd6 CR3: 00000001021ec000 CR4: 00000000000006f0
[ 1.743452] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1.743828] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1.744206] Call Trace:
[ 1.744339] isac_release+0xcc/0xe0 [mISDNipac]
[ 1.744582] fritzpci_probe.cold+0x282/0x739 [avmfritz]
[ 1.744861] local_pci_probe+0x48/0x80
[ 1.745063] pci_device_probe+0x10f/0x1c0
[ 1.745278] really_probe+0xfb/0x420
[ 1.745471] driver_probe_device+0xe9/0x160
[ 1.745693] device_driver_attach+0x5d/0x70
[ 1.745917] __driver_attach+0x8f/0x150
[ 1.746123] ? device_driver_attach+0x70/0x70
[ 1.746354] bus_for_each_dev+0x7e/0xc0
[ 1.746560] driver_attach+0x1e/0x20
[ 1.746751] bus_add_driver+0x152/0x1f0
[ 1.746957] driver_register+0x74/0xd0
[ 1.747157] ? 0xffffffffc00d8000
[ 1.747334] __pci_register_driver+0x54/0x60
[ 1.747562] AVM_init+0x36/0x1000 [avmfritz]
[ 1.747791] do_one_initcall+0x48/0x1d0
[ 1.747997] ? __cond_resched+0x19/0x30
[ 1.748206] ? kmem_cache_alloc_trace+0x390/0x440
[ 1.748458] ? do_init_module+0x28/0x250
[ 1.748669] do_init_module+0x62/0x250
[ 1.748870] load_module+0x23ee/0x26a0
[ 1.749073] __do_sys_finit_module+0xc2/0x120
[ 1.749307] ? __do_sys_finit_module+0xc2/0x120
[ 1.749549] __x64_sys_finit_module+0x1a/0x20
[ 1.749782] do_syscall_64+0x38/0x90
Signed-off-by: Tong Zhang <ztong0001@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/isdn/hardware/mISDN/mISDNipac.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/isdn/hardware/mISDN/mISDNipac.c b/drivers/isdn/hardware/mISDN/mISDNipac.c
index bca880213e91..51e3d45daaa7 100644
--- a/drivers/isdn/hardware/mISDN/mISDNipac.c
+++ b/drivers/isdn/hardware/mISDN/mISDNipac.c
@@ -694,7 +694,7 @@ isac_release(struct isac_hw *isac)
{
if (isac->type & IPAC_TYPE_ISACX)
WriteISAC(isac, ISACX_MASK, 0xff);
- else
+ else if (isac->type != 0)
WriteISAC(isac, ISAC_MASK, 0xff);
if (isac->dch.timer.function != NULL) {
del_timer(&isac->dch.timer);
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH AUTOSEL 5.4 08/19] mac80211: fix double free in ibss_leave
[not found] <20210329222303.2383319-1-sashal@kernel.org>
` (3 preceding siblings ...)
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 07/19] mISDN: fix crash in fritzpci Sasha Levin
@ 2021-03-29 22:22 ` Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 09/19] mac80211: choose first enabled channel for monitor Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 12/19] netfilter: conntrack: Fix gre tunneling over ipv6 Sasha Levin
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Markus Theil, syzbot+93976391bf299d425f44, Johannes Berg,
Sasha Levin, linux-wireless, netdev
From: Markus Theil <markus.theil@tu-ilmenau.de>
[ Upstream commit 3bd801b14e0c5d29eeddc7336558beb3344efaa3 ]
Clear beacon ie pointer and ie length after free
in order to prevent double free.
==================================================================
BUG: KASAN: double-free or invalid-free \
in ieee80211_ibss_leave+0x83/0xe0 net/mac80211/ibss.c:1876
CPU: 0 PID: 8472 Comm: syz-executor100 Not tainted 5.11.0-rc6-syzkaller #0
Call Trace:
__dump_stack lib/dump_stack.c:79 [inline]
dump_stack+0x107/0x163 lib/dump_stack.c:120
print_address_description.constprop.0.cold+0x5b/0x2c6 mm/kasan/report.c:230
kasan_report_invalid_free+0x51/0x80 mm/kasan/report.c:355
____kasan_slab_free+0xcc/0xe0 mm/kasan/common.c:341
kasan_slab_free include/linux/kasan.h:192 [inline]
__cache_free mm/slab.c:3424 [inline]
kfree+0xed/0x270 mm/slab.c:3760
ieee80211_ibss_leave+0x83/0xe0 net/mac80211/ibss.c:1876
rdev_leave_ibss net/wireless/rdev-ops.h:545 [inline]
__cfg80211_leave_ibss+0x19a/0x4c0 net/wireless/ibss.c:212
__cfg80211_leave+0x327/0x430 net/wireless/core.c:1172
cfg80211_leave net/wireless/core.c:1221 [inline]
cfg80211_netdev_notifier_call+0x9e8/0x12c0 net/wireless/core.c:1335
notifier_call_chain+0xb5/0x200 kernel/notifier.c:83
call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:2040
call_netdevice_notifiers_extack net/core/dev.c:2052 [inline]
call_netdevice_notifiers net/core/dev.c:2066 [inline]
__dev_close_many+0xee/0x2e0 net/core/dev.c:1586
__dev_close net/core/dev.c:1624 [inline]
__dev_change_flags+0x2cb/0x730 net/core/dev.c:8476
dev_change_flags+0x8a/0x160 net/core/dev.c:8549
dev_ifsioc+0x210/0xa70 net/core/dev_ioctl.c:265
dev_ioctl+0x1b1/0xc40 net/core/dev_ioctl.c:511
sock_do_ioctl+0x148/0x2d0 net/socket.c:1060
sock_ioctl+0x477/0x6a0 net/socket.c:1177
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Reported-by: syzbot+93976391bf299d425f44@syzkaller.appspotmail.com
Signed-off-by: Markus Theil <markus.theil@tu-ilmenau.de>
Link: https://lore.kernel.org/r/20210213133653.367130-1-markus.theil@tu-ilmenau.de
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/mac80211/ibss.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c
index 0a6ff01c68a9..0e26c83b6b41 100644
--- a/net/mac80211/ibss.c
+++ b/net/mac80211/ibss.c
@@ -1868,6 +1868,8 @@ int ieee80211_ibss_leave(struct ieee80211_sub_if_data *sdata)
/* remove beacon */
kfree(sdata->u.ibss.ie);
+ sdata->u.ibss.ie = NULL;
+ sdata->u.ibss.ie_len = 0;
/* on the next join, re-program HT parameters */
memset(&ifibss->ht_capa, 0, sizeof(ifibss->ht_capa));
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH AUTOSEL 5.4 09/19] mac80211: choose first enabled channel for monitor
[not found] <20210329222303.2383319-1-sashal@kernel.org>
` (4 preceding siblings ...)
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 08/19] mac80211: fix double free in ibss_leave Sasha Levin
@ 2021-03-29 22:22 ` Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 12/19] netfilter: conntrack: Fix gre tunneling over ipv6 Sasha Levin
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Karthikeyan Kathirvel, Johannes Berg, Sasha Levin,
linux-wireless, netdev
From: Karthikeyan Kathirvel <kathirve@codeaurora.org>
[ Upstream commit 041c881a0ba8a75f71118bd9766b78f04beed469 ]
Even if the first channel from sband channel list is invalid
or disabled mac80211 ends up choosing it as the default channel
for monitor interfaces, making them not usable.
Fix this by assigning the first available valid or enabled
channel instead.
Signed-off-by: Karthikeyan Kathirvel <kathirve@codeaurora.org>
Link: https://lore.kernel.org/r/1615440547-7661-1-git-send-email-kathirve@codeaurora.org
[reword commit message, comment, code cleanups]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/mac80211/main.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/net/mac80211/main.c b/net/mac80211/main.c
index 3e8561c3b0e7..5b3189a37680 100644
--- a/net/mac80211/main.c
+++ b/net/mac80211/main.c
@@ -954,8 +954,19 @@ int ieee80211_register_hw(struct ieee80211_hw *hw)
continue;
if (!dflt_chandef.chan) {
+ /*
+ * Assign the first enabled channel to dflt_chandef
+ * from the list of channels
+ */
+ for (i = 0; i < sband->n_channels; i++)
+ if (!(sband->channels[i].flags &
+ IEEE80211_CHAN_DISABLED))
+ break;
+ /* if none found then use the first anyway */
+ if (i == sband->n_channels)
+ i = 0;
cfg80211_chandef_create(&dflt_chandef,
- &sband->channels[0],
+ &sband->channels[i],
NL80211_CHAN_NO_HT);
/* init channel we're on */
if (!local->use_chanctx && !local->_oper_chandef.chan) {
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH AUTOSEL 5.4 12/19] netfilter: conntrack: Fix gre tunneling over ipv6
[not found] <20210329222303.2383319-1-sashal@kernel.org>
` (5 preceding siblings ...)
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 09/19] mac80211: choose first enabled channel for monitor Sasha Levin
@ 2021-03-29 22:22 ` Sasha Levin
6 siblings, 0 replies; 7+ messages in thread
From: Sasha Levin @ 2021-03-29 22:22 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Ludovic Senecaux, Florian Westphal, Pablo Neira Ayuso,
Sasha Levin, netfilter-devel, coreteam, netdev
From: Ludovic Senecaux <linuxludo@free.fr>
[ Upstream commit 8b2030b4305951f44afef80225f1475618e25a73 ]
This fix permits gre connections to be tracked within ip6tables rules
Signed-off-by: Ludovic Senecaux <linuxludo@free.fr>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/netfilter/nf_conntrack_proto_gre.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index 5b05487a60d2..db11e403d818 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -218,9 +218,6 @@ int nf_conntrack_gre_packet(struct nf_conn *ct,
enum ip_conntrack_info ctinfo,
const struct nf_hook_state *state)
{
- if (state->pf != NFPROTO_IPV4)
- return -NF_ACCEPT;
-
if (!nf_ct_is_confirmed(ct)) {
unsigned int *timeouts = nf_ct_timeout_lookup(ct);
--
2.30.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-03-29 22:30 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20210329222303.2383319-1-sashal@kernel.org>
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 04/19] bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 05/19] net/mlx5e: Enforce minimum value check for ICOSQ size Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 06/19] net: pxa168_eth: Fix a potential data race in pxa168_eth_remove Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 07/19] mISDN: fix crash in fritzpci Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 08/19] mac80211: fix double free in ibss_leave Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 09/19] mac80211: choose first enabled channel for monitor Sasha Levin
2021-03-29 22:22 ` [PATCH AUTOSEL 5.4 12/19] netfilter: conntrack: Fix gre tunneling over ipv6 Sasha Levin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).