Netdev Archive on lore.kernel.org
 help / color / Atom feed
* pull request (net): ipsec 2019-09-05
@ 2019-09-05 10:21 Steffen Klassert
  2019-09-05 10:21 ` [PATCH 1/5] xfrm interface: avoid corruption on changelink Steffen Klassert
                   ` (6 more replies)
  0 siblings, 7 replies; 15+ messages in thread
From: Steffen Klassert @ 2019-09-05 10:21 UTC (permalink / raw)
  To: David Miller; +Cc: Herbert Xu, Steffen Klassert, netdev

1) Several xfrm interface fixes from Nicolas Dichtel:
   - Avoid an interface ID corruption on changelink.
   - Fix wrong intterface names in the logs.
   - Fix a list corruption when changing network namespaces.
   - Fix unregistation of the underying phydev.

2) Fix a potential warning when merging xfrm_plocy nodes.
   From Florian Westphal.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit 114a5c3240155fdb01bf821c9d326d7bb05bd464:

  Merge tag 'mlx5-fixes-2019-07-11' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux (2019-07-11 15:06:37 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master

for you to fetch changes up to 769a807d0b41df4201dbeb01c22eaeb3e5905532:

  xfrm: policy: avoid warning splat when merging nodes (2019-08-20 08:09:42 +0200)

----------------------------------------------------------------
Florian Westphal (1):
      xfrm: policy: avoid warning splat when merging nodes

Nicolas Dichtel (4):
      xfrm interface: avoid corruption on changelink
      xfrm interface: ifname may be wrong in logs
      xfrm interface: fix list corruption for x-netns
      xfrm interface: fix management of phydev

 include/net/xfrm.h                         |  2 --
 net/xfrm/xfrm_interface.c                  | 56 +++++++++++++-----------------
 net/xfrm/xfrm_policy.c                     |  6 ++--
 tools/testing/selftests/net/xfrm_policy.sh |  7 ++++
 4 files changed, 36 insertions(+), 35 deletions(-)

^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH 1/5] xfrm interface: avoid corruption on changelink
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
@ 2019-09-05 10:21 ` Steffen Klassert
  2019-09-05 10:21 ` [PATCH 2/5] xfrm interface: ifname may be wrong in logs Steffen Klassert
                   ` (5 subsequent siblings)
  6 siblings, 0 replies; 15+ messages in thread
From: Steffen Klassert @ 2019-09-05 10:21 UTC (permalink / raw)
  To: David Miller; +Cc: Herbert Xu, Steffen Klassert, netdev

From: Nicolas Dichtel <nicolas.dichtel@6wind.com>

The new parameters must not be stored in the netdev_priv() before
validation, it may corrupt the interface. Note also that if data is NULL,
only a memset() is done.

$ ip link add xfrm1 type xfrm dev lo if_id 1
$ ip link add xfrm2 type xfrm dev lo if_id 2
$ ip link set xfrm1 type xfrm dev lo if_id 2
RTNETLINK answers: File exists
$ ip -d link list dev xfrm1
5: xfrm1@lo: <NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/none 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0 minmtu 68 maxmtu 1500
    xfrm if_id 0x2 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

=> "if_id 0x2"

Fixes: f203b76d7809 ("xfrm: Add virtual xfrm interfaces")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tested-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 net/xfrm/xfrm_interface.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/net/xfrm/xfrm_interface.c b/net/xfrm/xfrm_interface.c
index 74868f9d81fb..2310dc9e35c2 100644
--- a/net/xfrm/xfrm_interface.c
+++ b/net/xfrm/xfrm_interface.c
@@ -671,12 +671,12 @@ static int xfrmi_changelink(struct net_device *dev, struct nlattr *tb[],
 			   struct nlattr *data[],
 			   struct netlink_ext_ack *extack)
 {
-	struct xfrm_if *xi = netdev_priv(dev);
 	struct net *net = dev_net(dev);
+	struct xfrm_if_parms p;
+	struct xfrm_if *xi;
 
-	xfrmi_netlink_parms(data, &xi->p);
-
-	xi = xfrmi_locate(net, &xi->p);
+	xfrmi_netlink_parms(data, &p);
+	xi = xfrmi_locate(net, &p);
 	if (!xi) {
 		xi = netdev_priv(dev);
 	} else {
@@ -684,7 +684,7 @@ static int xfrmi_changelink(struct net_device *dev, struct nlattr *tb[],
 			return -EEXIST;
 	}
 
-	return xfrmi_update(xi, &xi->p);
+	return xfrmi_update(xi, &p);
 }
 
 static size_t xfrmi_get_size(const struct net_device *dev)
-- 
2.17.1


^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH 2/5] xfrm interface: ifname may be wrong in logs
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
  2019-09-05 10:21 ` [PATCH 1/5] xfrm interface: avoid corruption on changelink Steffen Klassert
@ 2019-09-05 10:21 ` Steffen Klassert
  2019-09-05 10:21 ` [PATCH 3/5] xfrm interface: fix list corruption for x-netns Steffen Klassert
                   ` (4 subsequent siblings)
  6 siblings, 0 replies; 15+ messages in thread
From: Steffen Klassert @ 2019-09-05 10:21 UTC (permalink / raw)
  To: David Miller; +Cc: Herbert Xu, Steffen Klassert, netdev

From: Nicolas Dichtel <nicolas.dichtel@6wind.com>

The ifname is copied when the interface is created, but is never updated
later. In fact, this property is used only in one error message, where the
netdevice pointer is available, thus let's use it.

Fixes: f203b76d7809 ("xfrm: Add virtual xfrm interfaces")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 include/net/xfrm.h        |  1 -
 net/xfrm/xfrm_interface.c | 10 +---------
 2 files changed, 1 insertion(+), 10 deletions(-)

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index b22db30c3d88..ad761ef84797 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -983,7 +983,6 @@ static inline void xfrm_dst_destroy(struct xfrm_dst *xdst)
 void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev);
 
 struct xfrm_if_parms {
-	char name[IFNAMSIZ];	/* name of XFRM device */
 	int link;		/* ifindex of underlying L2 interface */
 	u32 if_id;		/* interface identifyer */
 };
diff --git a/net/xfrm/xfrm_interface.c b/net/xfrm/xfrm_interface.c
index 2310dc9e35c2..68336ee00d72 100644
--- a/net/xfrm/xfrm_interface.c
+++ b/net/xfrm/xfrm_interface.c
@@ -145,8 +145,6 @@ static int xfrmi_create(struct net_device *dev)
 	if (err < 0)
 		goto out;
 
-	strcpy(xi->p.name, dev->name);
-
 	dev_hold(dev);
 	xfrmi_link(xfrmn, xi);
 
@@ -294,7 +292,7 @@ xfrmi_xmit2(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
 	if (tdev == dev) {
 		stats->collisions++;
 		net_warn_ratelimited("%s: Local routing loop detected!\n",
-				     xi->p.name);
+				     dev->name);
 		goto tx_err_dst_release;
 	}
 
@@ -638,12 +636,6 @@ static int xfrmi_newlink(struct net *src_net, struct net_device *dev,
 	int err;
 
 	xfrmi_netlink_parms(data, &p);
-
-	if (!tb[IFLA_IFNAME])
-		return -EINVAL;
-
-	nla_strlcpy(p.name, tb[IFLA_IFNAME], IFNAMSIZ);
-
 	xi = xfrmi_locate(net, &p);
 	if (xi)
 		return -EEXIST;
-- 
2.17.1


^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH 3/5] xfrm interface: fix list corruption for x-netns
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
  2019-09-05 10:21 ` [PATCH 1/5] xfrm interface: avoid corruption on changelink Steffen Klassert
  2019-09-05 10:21 ` [PATCH 2/5] xfrm interface: ifname may be wrong in logs Steffen Klassert
@ 2019-09-05 10:21 ` Steffen Klassert
  2019-09-05 10:22 ` [PATCH 4/5] xfrm interface: fix management of phydev Steffen Klassert
                   ` (3 subsequent siblings)
  6 siblings, 0 replies; 15+ messages in thread
From: Steffen Klassert @ 2019-09-05 10:21 UTC (permalink / raw)
  To: David Miller; +Cc: Herbert Xu, Steffen Klassert, netdev

From: Nicolas Dichtel <nicolas.dichtel@6wind.com>

dev_net(dev) is the netns of the device and xi->net is the link netns,
where the device has been linked.
changelink() must operate in the link netns to avoid a corruption of
the xfrm lists.

Note that xi->net and dev_net(xi->physdev) are always the same.

Before the patch, the xfrmi lists may be corrupted and can later trigger a
kernel panic.

Fixes: f203b76d7809 ("xfrm: Add virtual xfrm interfaces")
Reported-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tested-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 net/xfrm/xfrm_interface.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/net/xfrm/xfrm_interface.c b/net/xfrm/xfrm_interface.c
index 68336ee00d72..53e5e47b2c55 100644
--- a/net/xfrm/xfrm_interface.c
+++ b/net/xfrm/xfrm_interface.c
@@ -503,7 +503,7 @@ static int xfrmi_change(struct xfrm_if *xi, const struct xfrm_if_parms *p)
 
 static int xfrmi_update(struct xfrm_if *xi, struct xfrm_if_parms *p)
 {
-	struct net *net = dev_net(xi->dev);
+	struct net *net = xi->net;
 	struct xfrmi_net *xfrmn = net_generic(net, xfrmi_net_id);
 	int err;
 
@@ -663,9 +663,9 @@ static int xfrmi_changelink(struct net_device *dev, struct nlattr *tb[],
 			   struct nlattr *data[],
 			   struct netlink_ext_ack *extack)
 {
-	struct net *net = dev_net(dev);
+	struct xfrm_if *xi = netdev_priv(dev);
+	struct net *net = xi->net;
 	struct xfrm_if_parms p;
-	struct xfrm_if *xi;
 
 	xfrmi_netlink_parms(data, &p);
 	xi = xfrmi_locate(net, &p);
@@ -707,7 +707,7 @@ static struct net *xfrmi_get_link_net(const struct net_device *dev)
 {
 	struct xfrm_if *xi = netdev_priv(dev);
 
-	return dev_net(xi->phydev);
+	return xi->net;
 }
 
 static const struct nla_policy xfrmi_policy[IFLA_XFRM_MAX + 1] = {
-- 
2.17.1


^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH 4/5] xfrm interface: fix management of phydev
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
                   ` (2 preceding siblings ...)
  2019-09-05 10:21 ` [PATCH 3/5] xfrm interface: fix list corruption for x-netns Steffen Klassert
@ 2019-09-05 10:22 ` Steffen Klassert
  2019-09-05 10:22 ` [PATCH 5/5] xfrm: policy: avoid warning splat when merging nodes Steffen Klassert
                   ` (2 subsequent siblings)
  6 siblings, 0 replies; 15+ messages in thread
From: Steffen Klassert @ 2019-09-05 10:22 UTC (permalink / raw)
  To: David Miller; +Cc: Herbert Xu, Steffen Klassert, netdev

From: Nicolas Dichtel <nicolas.dichtel@6wind.com>

With the current implementation, phydev cannot be removed:

$ ip link add dummy type dummy
$ ip link add xfrm1 type xfrm dev dummy if_id 1
$ ip l d dummy
 kernel:[77938.465445] unregister_netdevice: waiting for dummy to become free. Usage count = 1

Manage it like in ip tunnels, ie just keep the ifindex. Not that the side
effect, is that the phydev is now optional.

Fixes: f203b76d7809 ("xfrm: Add virtual xfrm interfaces")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tested-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 include/net/xfrm.h        |  1 -
 net/xfrm/xfrm_interface.c | 32 +++++++++++++++++---------------
 2 files changed, 17 insertions(+), 16 deletions(-)

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index ad761ef84797..aa08a7a5f6ac 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -990,7 +990,6 @@ struct xfrm_if_parms {
 struct xfrm_if {
 	struct xfrm_if __rcu *next;	/* next interface in list */
 	struct net_device *dev;		/* virtual device associated with interface */
-	struct net_device *phydev;	/* physical device */
 	struct net *net;		/* netns for packet i/o */
 	struct xfrm_if_parms p;		/* interface parms */
 
diff --git a/net/xfrm/xfrm_interface.c b/net/xfrm/xfrm_interface.c
index 53e5e47b2c55..2ab4859df55a 100644
--- a/net/xfrm/xfrm_interface.c
+++ b/net/xfrm/xfrm_interface.c
@@ -175,7 +175,6 @@ static void xfrmi_dev_uninit(struct net_device *dev)
 	struct xfrmi_net *xfrmn = net_generic(xi->net, xfrmi_net_id);
 
 	xfrmi_unlink(xfrmn, xi);
-	dev_put(xi->phydev);
 	dev_put(dev);
 }
 
@@ -362,7 +361,7 @@ static netdev_tx_t xfrmi_xmit(struct sk_buff *skb, struct net_device *dev)
 		goto tx_err;
 	}
 
-	fl.flowi_oif = xi->phydev->ifindex;
+	fl.flowi_oif = xi->p.link;
 
 	ret = xfrmi_xmit2(skb, dev, &fl);
 	if (ret < 0)
@@ -548,7 +547,7 @@ static int xfrmi_get_iflink(const struct net_device *dev)
 {
 	struct xfrm_if *xi = netdev_priv(dev);
 
-	return xi->phydev->ifindex;
+	return xi->p.link;
 }
 
 
@@ -574,12 +573,14 @@ static void xfrmi_dev_setup(struct net_device *dev)
 	dev->needs_free_netdev	= true;
 	dev->priv_destructor	= xfrmi_dev_free;
 	netif_keep_dst(dev);
+
+	eth_broadcast_addr(dev->broadcast);
 }
 
 static int xfrmi_dev_init(struct net_device *dev)
 {
 	struct xfrm_if *xi = netdev_priv(dev);
-	struct net_device *phydev = xi->phydev;
+	struct net_device *phydev = __dev_get_by_index(xi->net, xi->p.link);
 	int err;
 
 	dev->tstats = netdev_alloc_pcpu_stats(struct pcpu_sw_netstats);
@@ -594,13 +595,19 @@ static int xfrmi_dev_init(struct net_device *dev)
 
 	dev->features |= NETIF_F_LLTX;
 
-	dev->needed_headroom = phydev->needed_headroom;
-	dev->needed_tailroom = phydev->needed_tailroom;
+	if (phydev) {
+		dev->needed_headroom = phydev->needed_headroom;
+		dev->needed_tailroom = phydev->needed_tailroom;
 
-	if (is_zero_ether_addr(dev->dev_addr))
-		eth_hw_addr_inherit(dev, phydev);
-	if (is_zero_ether_addr(dev->broadcast))
-		memcpy(dev->broadcast, phydev->broadcast, dev->addr_len);
+		if (is_zero_ether_addr(dev->dev_addr))
+			eth_hw_addr_inherit(dev, phydev);
+		if (is_zero_ether_addr(dev->broadcast))
+			memcpy(dev->broadcast, phydev->broadcast,
+			       dev->addr_len);
+	} else {
+		eth_hw_addr_random(dev);
+		eth_broadcast_addr(dev->broadcast);
+	}
 
 	return 0;
 }
@@ -644,13 +651,8 @@ static int xfrmi_newlink(struct net *src_net, struct net_device *dev,
 	xi->p = p;
 	xi->net = net;
 	xi->dev = dev;
-	xi->phydev = dev_get_by_index(net, p.link);
-	if (!xi->phydev)
-		return -ENODEV;
 
 	err = xfrmi_create(dev);
-	if (err < 0)
-		dev_put(xi->phydev);
 	return err;
 }
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH 5/5] xfrm: policy: avoid warning splat when merging nodes
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
                   ` (3 preceding siblings ...)
  2019-09-05 10:22 ` [PATCH 4/5] xfrm interface: fix management of phydev Steffen Klassert
@ 2019-09-05 10:22 ` Steffen Klassert
  2019-09-06 13:09 ` pull request (net): ipsec 2019-09-05 David Miller
  2019-10-14  9:31 ` Nicolas Dichtel
  6 siblings, 0 replies; 15+ messages in thread
From: Steffen Klassert @ 2019-09-05 10:22 UTC (permalink / raw)
  To: David Miller; +Cc: Herbert Xu, Steffen Klassert, netdev

From: Florian Westphal <fw@strlen.de>

syzbot reported a splat:
 xfrm_policy_inexact_list_reinsert+0x625/0x6e0 net/xfrm/xfrm_policy.c:877
 CPU: 1 PID: 6756 Comm: syz-executor.1 Not tainted 5.3.0-rc2+ #57
 Call Trace:
  xfrm_policy_inexact_node_reinsert net/xfrm/xfrm_policy.c:922 [inline]
  xfrm_policy_inexact_node_merge net/xfrm/xfrm_policy.c:958 [inline]
  xfrm_policy_inexact_insert_node+0x537/0xb50 net/xfrm/xfrm_policy.c:1023
  xfrm_policy_inexact_alloc_chain+0x62b/0xbd0 net/xfrm/xfrm_policy.c:1139
  xfrm_policy_inexact_insert+0xe8/0x1540 net/xfrm/xfrm_policy.c:1182
  xfrm_policy_insert+0xdf/0xce0 net/xfrm/xfrm_policy.c:1574
  xfrm_add_policy+0x4cf/0x9b0 net/xfrm/xfrm_user.c:1670
  xfrm_user_rcv_msg+0x46b/0x720 net/xfrm/xfrm_user.c:2676
  netlink_rcv_skb+0x1f0/0x460 net/netlink/af_netlink.c:2477
  xfrm_netlink_rcv+0x74/0x90 net/xfrm/xfrm_user.c:2684
  netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
  netlink_unicast+0x809/0x9a0 net/netlink/af_netlink.c:1328
  netlink_sendmsg+0xa70/0xd30 net/netlink/af_netlink.c:1917
  sock_sendmsg_nosec net/socket.c:637 [inline]
  sock_sendmsg net/socket.c:657 [inline]

There is no reproducer, however, the warning can be reproduced
by adding rules with ever smaller prefixes.

The sanity check ("does the policy match the node") uses the prefix value
of the node before its updated to the smaller value.

To fix this, update the prefix earlier.  The bug has no impact on tree
correctness, this is only to prevent a false warning.

Reported-by: syzbot+8cc27ace5f6972910b31@syzkaller.appspotmail.com
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
 net/xfrm/xfrm_policy.c                     | 6 ++++--
 tools/testing/selftests/net/xfrm_policy.sh | 7 +++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 8ca637a72697..0fa7c5ce3b2c 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -912,6 +912,7 @@ static void xfrm_policy_inexact_node_reinsert(struct net *net,
 		} else if (delta > 0) {
 			p = &parent->rb_right;
 		} else {
+			bool same_prefixlen = node->prefixlen == n->prefixlen;
 			struct xfrm_policy *tmp;
 
 			hlist_for_each_entry(tmp, &n->hhead, bydst) {
@@ -919,9 +920,11 @@ static void xfrm_policy_inexact_node_reinsert(struct net *net,
 				hlist_del_rcu(&tmp->bydst);
 			}
 
+			node->prefixlen = prefixlen;
+
 			xfrm_policy_inexact_list_reinsert(net, node, family);
 
-			if (node->prefixlen == n->prefixlen) {
+			if (same_prefixlen) {
 				kfree_rcu(n, rcu);
 				return;
 			}
@@ -929,7 +932,6 @@ static void xfrm_policy_inexact_node_reinsert(struct net *net,
 			rb_erase(*p, new);
 			kfree_rcu(n, rcu);
 			n = node;
-			n->prefixlen = prefixlen;
 			goto restart;
 		}
 	}
diff --git a/tools/testing/selftests/net/xfrm_policy.sh b/tools/testing/selftests/net/xfrm_policy.sh
index 5445943bf07f..7a1bf94c5bd3 100755
--- a/tools/testing/selftests/net/xfrm_policy.sh
+++ b/tools/testing/selftests/net/xfrm_policy.sh
@@ -106,6 +106,13 @@ do_overlap()
     #
     # 10.0.0.0/24 and 10.0.1.0/24 nodes have been merged as 10.0.0.0/23.
     ip -net $ns xfrm policy add src 10.1.0.0/24 dst 10.0.0.0/23 dir fwd priority 200 action block
+
+    # similar to above: add policies (with partially random address), with shrinking prefixes.
+    for p in 29 28 27;do
+      for k in $(seq 1 32); do
+       ip -net $ns xfrm policy add src 10.253.1.$((RANDOM%255))/$p dst 10.254.1.$((RANDOM%255))/$p dir fwd priority $((200+k)) action block 2>/dev/null
+      done
+    done
 }
 
 do_esp_policy_get_check() {
-- 
2.17.1


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: pull request (net): ipsec 2019-09-05
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
                   ` (4 preceding siblings ...)
  2019-09-05 10:22 ` [PATCH 5/5] xfrm: policy: avoid warning splat when merging nodes Steffen Klassert
@ 2019-09-06 13:09 ` David Miller
  2019-10-14  9:31 ` Nicolas Dichtel
  6 siblings, 0 replies; 15+ messages in thread
From: David Miller @ 2019-09-06 13:09 UTC (permalink / raw)
  To: steffen.klassert; +Cc: herbert, netdev

From: Steffen Klassert <steffen.klassert@secunet.com>
Date: Thu, 5 Sep 2019 12:21:56 +0200

> 1) Several xfrm interface fixes from Nicolas Dichtel:
>    - Avoid an interface ID corruption on changelink.
>    - Fix wrong intterface names in the logs.
>    - Fix a list corruption when changing network namespaces.
>    - Fix unregistation of the underying phydev.
> 
> 2) Fix a potential warning when merging xfrm_plocy nodes.
>    From Florian Westphal.
> 
> Please pull or let me know if there are problems.

Pulled, thanks Steffen.

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: pull request (net): ipsec 2019-09-05
  2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
                   ` (5 preceding siblings ...)
  2019-09-06 13:09 ` pull request (net): ipsec 2019-09-05 David Miller
@ 2019-10-14  9:31 ` Nicolas Dichtel
  2019-11-18 15:31   ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Nicolas Dichtel
  6 siblings, 1 reply; 15+ messages in thread
From: Nicolas Dichtel @ 2019-10-14  9:31 UTC (permalink / raw)
  To: Steffen Klassert, David Miller; +Cc: Herbert Xu, netdev

Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
> 1) Several xfrm interface fixes from Nicolas Dichtel:
>    - Avoid an interface ID corruption on changelink.
>    - Fix wrong intterface names in the logs.
>    - Fix a list corruption when changing network namespaces.
>    - Fix unregistation of the underying phydev.
Is it possible to queue those patches for the stable trees?
And also 56c5ee1a5823 ("xfrm interface: fix memory leak on creation")?


Thank you,
Nicolas

> 
> 2) Fix a potential warning when merging xfrm_plocy nodes.
>    From Florian Westphal.
> 
> Please pull or let me know if there are problems.
> 
> Thanks!
> 
> The following changes since commit 114a5c3240155fdb01bf821c9d326d7bb05bd464:
> 
>   Merge tag 'mlx5-fixes-2019-07-11' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux (2019-07-11 15:06:37 -0700)
> 
> are available in the Git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master
> 
> for you to fetch changes up to 769a807d0b41df4201dbeb01c22eaeb3e5905532:
> 
>   xfrm: policy: avoid warning splat when merging nodes (2019-08-20 08:09:42 +0200)
> 
> ----------------------------------------------------------------
> Florian Westphal (1):
>       xfrm: policy: avoid warning splat when merging nodes
> 
> Nicolas Dichtel (4):
>       xfrm interface: avoid corruption on changelink
>       xfrm interface: ifname may be wrong in logs
>       xfrm interface: fix list corruption for x-netns
>       xfrm interface: fix management of phydev
> 
>  include/net/xfrm.h                         |  2 --
>  net/xfrm/xfrm_interface.c                  | 56 +++++++++++++-----------------
>  net/xfrm/xfrm_policy.c                     |  6 ++--
>  tools/testing/selftests/net/xfrm_policy.sh |  7 ++++
>  4 files changed, 36 insertions(+), 35 deletions(-)
> 

^ permalink raw reply	[flat|nested] 15+ messages in thread

* xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05)
  2019-10-14  9:31 ` Nicolas Dichtel
@ 2019-11-18 15:31   ` Nicolas Dichtel
  2019-11-24 10:07     ` Steffen Klassert
  2019-12-03 13:03     ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Steffen Klassert
  0 siblings, 2 replies; 15+ messages in thread
From: Nicolas Dichtel @ 2019-11-18 15:31 UTC (permalink / raw)
  To: Steffen Klassert, David Miller; +Cc: Herbert Xu, netdev

Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
> Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
>> 1) Several xfrm interface fixes from Nicolas Dichtel:
>>    - Avoid an interface ID corruption on changelink.
>>    - Fix wrong intterface names in the logs.
>>    - Fix a list corruption when changing network namespaces.
>>    - Fix unregistation of the underying phydev.
> Is it possible to queue those patches for the stable trees?

Is there a chance to get them in the 4.19 stable tree?

Here are the sha1:
e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
22d6552f827e ("xfrm interface: fix management of phydev")


Regards,
Nicolas

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05)
  2019-11-18 15:31   ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Nicolas Dichtel
@ 2019-11-24 10:07     ` Steffen Klassert
  2019-11-25  3:02       ` xfrmi: request for stable trees David Miller
  2019-12-03 13:03     ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Steffen Klassert
  1 sibling, 1 reply; 15+ messages in thread
From: Steffen Klassert @ 2019-11-24 10:07 UTC (permalink / raw)
  To: Nicolas Dichtel; +Cc: David Miller, Herbert Xu, netdev

On Mon, Nov 18, 2019 at 04:31:14PM +0100, Nicolas Dichtel wrote:
> Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
> > Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
> >> 1) Several xfrm interface fixes from Nicolas Dichtel:
> >>    - Avoid an interface ID corruption on changelink.
> >>    - Fix wrong intterface names in the logs.
> >>    - Fix a list corruption when changing network namespaces.
> >>    - Fix unregistation of the underying phydev.
> > Is it possible to queue those patches for the stable trees?
> 
> Is there a chance to get them in the 4.19 stable tree?
> 
> Here are the sha1:
> e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
> e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
> c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
> 22d6552f827e ("xfrm interface: fix management of phydev")

I'm ok with this. David does the stable submitting for
networking patches usually. So I guess he will pick them
into his stable queue after the patches are mainline some
time.

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: xfrmi: request for stable trees
  2019-11-24 10:07     ` Steffen Klassert
@ 2019-11-25  3:02       ` David Miller
  2019-11-26  8:12         ` Steffen Klassert
  0 siblings, 1 reply; 15+ messages in thread
From: David Miller @ 2019-11-25  3:02 UTC (permalink / raw)
  To: steffen.klassert; +Cc: nicolas.dichtel, herbert, netdev

From: Steffen Klassert <steffen.klassert@secunet.com>
Date: Sun, 24 Nov 2019 11:07:46 +0100

> On Mon, Nov 18, 2019 at 04:31:14PM +0100, Nicolas Dichtel wrote:
>> Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
>> > Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
>> >> 1) Several xfrm interface fixes from Nicolas Dichtel:
>> >>    - Avoid an interface ID corruption on changelink.
>> >>    - Fix wrong intterface names in the logs.
>> >>    - Fix a list corruption when changing network namespaces.
>> >>    - Fix unregistation of the underying phydev.
>> > Is it possible to queue those patches for the stable trees?
>> 
>> Is there a chance to get them in the 4.19 stable tree?
>> 
>> Here are the sha1:
>> e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
>> e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
>> c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
>> 22d6552f827e ("xfrm interface: fix management of phydev")
> 
> I'm ok with this. David does the stable submitting for
> networking patches usually. So I guess he will pick them
> into his stable queue after the patches are mainline some
> time.

Steffen you can submit things directly to -stable for IPSEC if you
wish, and it would help me in this case.

Thanks!

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: xfrmi: request for stable trees
  2019-11-25  3:02       ` xfrmi: request for stable trees David Miller
@ 2019-11-26  8:12         ` Steffen Klassert
  2019-11-27  8:33           ` Nicolas Dichtel
  0 siblings, 1 reply; 15+ messages in thread
From: Steffen Klassert @ 2019-11-26  8:12 UTC (permalink / raw)
  To: David Miller; +Cc: nicolas.dichtel, herbert, netdev

On Sun, Nov 24, 2019 at 07:02:49PM -0800, David Miller wrote:
> From: Steffen Klassert <steffen.klassert@secunet.com>
> Date: Sun, 24 Nov 2019 11:07:46 +0100
> 
> > On Mon, Nov 18, 2019 at 04:31:14PM +0100, Nicolas Dichtel wrote:
> >> Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
> >> > Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
> >> >> 1) Several xfrm interface fixes from Nicolas Dichtel:
> >> >>    - Avoid an interface ID corruption on changelink.
> >> >>    - Fix wrong intterface names in the logs.
> >> >>    - Fix a list corruption when changing network namespaces.
> >> >>    - Fix unregistation of the underying phydev.
> >> > Is it possible to queue those patches for the stable trees?
> >> 
> >> Is there a chance to get them in the 4.19 stable tree?
> >> 
> >> Here are the sha1:
> >> e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
> >> e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
> >> c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
> >> 22d6552f827e ("xfrm interface: fix management of phydev")
> > 
> > I'm ok with this. David does the stable submitting for
> > networking patches usually. So I guess he will pick them
> > into his stable queue after the patches are mainline some
> > time.
> 
> Steffen you can submit things directly to -stable for IPSEC if you
> wish, and it would help me in this case.

Ok, can do that, no problem.
I'll submit these and do all the future IPSEC -stable submits directly.

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: xfrmi: request for stable trees
  2019-11-26  8:12         ` Steffen Klassert
@ 2019-11-27  8:33           ` Nicolas Dichtel
  0 siblings, 0 replies; 15+ messages in thread
From: Nicolas Dichtel @ 2019-11-27  8:33 UTC (permalink / raw)
  To: Steffen Klassert, David Miller; +Cc: herbert, netdev

Le 26/11/2019 à 09:12, Steffen Klassert a écrit :
> On Sun, Nov 24, 2019 at 07:02:49PM -0800, David Miller wrote:
>> From: Steffen Klassert <steffen.klassert@secunet.com>
>> Date: Sun, 24 Nov 2019 11:07:46 +0100
>>
>>> On Mon, Nov 18, 2019 at 04:31:14PM +0100, Nicolas Dichtel wrote:
>>>> Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
>>>>> Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
>>>>>> 1) Several xfrm interface fixes from Nicolas Dichtel:
>>>>>>    - Avoid an interface ID corruption on changelink.
>>>>>>    - Fix wrong intterface names in the logs.
>>>>>>    - Fix a list corruption when changing network namespaces.
>>>>>>    - Fix unregistation of the underying phydev.
>>>>> Is it possible to queue those patches for the stable trees?
>>>>
>>>> Is there a chance to get them in the 4.19 stable tree?
>>>>
>>>> Here are the sha1:
>>>> e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
>>>> e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
>>>> c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
>>>> 22d6552f827e ("xfrm interface: fix management of phydev")
>>>
>>> I'm ok with this. David does the stable submitting for
>>> networking patches usually. So I guess he will pick them
>>> into his stable queue after the patches are mainline some
>>> time.
>>
>> Steffen you can submit things directly to -stable for IPSEC if you
>> wish, and it would help me in this case.
> 
> Ok, can do that, no problem.
> I'll submit these and do all the future IPSEC -stable submits directly.
> 
Thank you Steffen!

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05)
  2019-11-18 15:31   ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Nicolas Dichtel
  2019-11-24 10:07     ` Steffen Klassert
@ 2019-12-03 13:03     ` Steffen Klassert
  2019-12-03 15:50       ` xfrmi: request for stable trees Nicolas Dichtel
  1 sibling, 1 reply; 15+ messages in thread
From: Steffen Klassert @ 2019-12-03 13:03 UTC (permalink / raw)
  To: Nicolas Dichtel; +Cc: David Miller, Herbert Xu, netdev

On Mon, Nov 18, 2019 at 04:31:14PM +0100, Nicolas Dichtel wrote:
> Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
> > Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
> >> 1) Several xfrm interface fixes from Nicolas Dichtel:
> >>    - Avoid an interface ID corruption on changelink.
> >>    - Fix wrong intterface names in the logs.
> >>    - Fix a list corruption when changing network namespaces.
> >>    - Fix unregistation of the underying phydev.
> > Is it possible to queue those patches for the stable trees?
> 
> Is there a chance to get them in the 4.19 stable tree?
> 
> Here are the sha1:
> e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
> e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
> c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
> 22d6552f827e ("xfrm interface: fix management of phydev")

Nicolas,

I'm currently processing the stable queue for v4.19.
I guess we also need this patch from you:

56c5ee1a5823 ("xfrm interface: fix memory leak on creation")

before we apply the above mentioned patches, right?


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: xfrmi: request for stable trees
  2019-12-03 13:03     ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Steffen Klassert
@ 2019-12-03 15:50       ` Nicolas Dichtel
  0 siblings, 0 replies; 15+ messages in thread
From: Nicolas Dichtel @ 2019-12-03 15:50 UTC (permalink / raw)
  To: Steffen Klassert; +Cc: David Miller, Herbert Xu, netdev, Sasha Levin

Le 03/12/2019 à 14:03, Steffen Klassert a écrit :
> On Mon, Nov 18, 2019 at 04:31:14PM +0100, Nicolas Dichtel wrote:
>> Le 14/10/2019 à 11:31, Nicolas Dichtel a écrit :
>>> Le 05/09/2019 à 12:21, Steffen Klassert a écrit :
>>>> 1) Several xfrm interface fixes from Nicolas Dichtel:
>>>>    - Avoid an interface ID corruption on changelink.
>>>>    - Fix wrong intterface names in the logs.
>>>>    - Fix a list corruption when changing network namespaces.
>>>>    - Fix unregistation of the underying phydev.
>>> Is it possible to queue those patches for the stable trees?
>>
>> Is there a chance to get them in the 4.19 stable tree?
>>
>> Here are the sha1:
>> e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink")
>> e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs")
>> c5d1030f2300 ("xfrm interface: fix list corruption for x-netns")
>> 22d6552f827e ("xfrm interface: fix management of phydev")
> 
> Nicolas,
> 
> I'm currently processing the stable queue for v4.19.
> I guess we also need this patch from you:
> 
> 56c5ee1a5823 ("xfrm interface: fix memory leak on creation")
> 
> before we apply the above mentioned patches, right?
> 
Right, I point it in my first email but I get an email from Sasha Levin the 25th
October:
[PATCH AUTOSEL 4.19 16/37] xfrm interface: fix memory leak on creation

so I was thinking that it is already queued. But I can't see it in linux-stable.

^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, back to index

Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-05 10:21 pull request (net): ipsec 2019-09-05 Steffen Klassert
2019-09-05 10:21 ` [PATCH 1/5] xfrm interface: avoid corruption on changelink Steffen Klassert
2019-09-05 10:21 ` [PATCH 2/5] xfrm interface: ifname may be wrong in logs Steffen Klassert
2019-09-05 10:21 ` [PATCH 3/5] xfrm interface: fix list corruption for x-netns Steffen Klassert
2019-09-05 10:22 ` [PATCH 4/5] xfrm interface: fix management of phydev Steffen Klassert
2019-09-05 10:22 ` [PATCH 5/5] xfrm: policy: avoid warning splat when merging nodes Steffen Klassert
2019-09-06 13:09 ` pull request (net): ipsec 2019-09-05 David Miller
2019-10-14  9:31 ` Nicolas Dichtel
2019-11-18 15:31   ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Nicolas Dichtel
2019-11-24 10:07     ` Steffen Klassert
2019-11-25  3:02       ` xfrmi: request for stable trees David Miller
2019-11-26  8:12         ` Steffen Klassert
2019-11-27  8:33           ` Nicolas Dichtel
2019-12-03 13:03     ` xfrmi: request for stable trees (was: Re: pull request (net): ipsec 2019-09-05) Steffen Klassert
2019-12-03 15:50       ` xfrmi: request for stable trees Nicolas Dichtel

Netdev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/netdev/0 netdev/git/0.git
	git clone --mirror https://lore.kernel.org/netdev/1 netdev/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 netdev netdev/ https://lore.kernel.org/netdev \
		netdev@vger.kernel.org
	public-inbox-index netdev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.netdev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git