1. 01 May, 2012 2 commits
  2. 13 Apr, 2012 2 commits
  3. 26 Jan, 2012 1 commit
    • James Chapman's avatar
      l2tp: l2tp_ip - fix possible oops on packet receive · 68315801
      James Chapman authored
      When a packet is received on an L2TP IP socket (L2TPv3 IP link
      encapsulation), the l2tpip socket's backlog_rcv function calls
      xfrm4_policy_check(). This is not necessary, since it was called
      before the skb was added to the backlog. With CONFIG_NET_NS enabled,
      xfrm4_policy_check() will oops if skb->dev is null, so this trivial
      patch removes the call.
      
      This bug has always been present, but only when CONFIG_NET_NS is
      enabled does it cause problems. Most users are probably using UDP
      encapsulation for L2TP, hence the problem has only recently
      surfaced.
      
      EIP: 0060:[<c12bb62b>] EFLAGS: 00210246 CPU: 0
      EIP is at l2tp_ip_recvmsg+0xd4/0x2a7
      EAX: 00000001 EBX: d77b5180 ECX: 00000000 EDX: 00200246
      ESI: 00000000 EDI: d63cbd30 EBP: d63cbd18 ESP: d63cbcf4
       DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
      Call Trace:
       [<c1218568>] sock_common_recvmsg+0x31/0x46
       [<c1215c92>] __sock_recvmsg_nosec+0x45/0x4d
       [<c12163a1>] __sock_recvmsg+0x31/0x3b
       [<c1216828>] sock_recvmsg+0x96/0xab
       [<c10b2693>] ? might_fault+0x47/0x81
       [<c10b2693>] ? might_fault+0x47/0x81
       [<c1167fd0>] ? _copy_from_user+0x31/0x115
       [<c121e8c8>] ? copy_from_user+0x8/0xa
       [<c121ebd6>] ? verify_iovec+0x3e/0x78
       [<c1216604>] __sys_recvmsg+0x10a/0x1aa
       [<c1216792>] ? sock_recvmsg+0x0/0xab
       [<c105a99b>] ? __lock_acquire+0xbdf/0xbee
       [<c12d5a99>] ? do_page_fault+0x193/0x375
       [<c10d1200>] ? fcheck_files+0x9b/0xca
       [<c10d1259>] ? fget_light+0x2a/0x9c
       [<c1216bbb>] sys_recvmsg+0x2b/0x43
       [<c1218145>] sys_socketcall+0x16d/0x1a5
       [<c11679f0>] ? trace_hardirqs_on_thunk+0xc/0x10
       [<c100305f>] sysenter_do_call+0x12/0x38
      Code: c6 05 8c ea a8 c1 01 e8 0c d4 d9 ff 85 f6 74 07 3e ff 86 80 00 00 00 b9 17 b6 2b c1 ba 01 00 00 00 b8 78 ed 48 c1 e8 23 f6 d9 ff <ff> 76 0c 68 28 e3 30 c1 68 2d 44 41 c1 e8 89 57 01 00 83 c4 0c
      Signed-off-by: default avatarJames Chapman <jchapman@katalix.com>
      Acked-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      68315801
  4. 13 Jun, 2011 1 commit
  5. 08 May, 2011 3 commits
  6. 04 May, 2011 1 commit
  7. 29 Apr, 2011 2 commits
  8. 28 Apr, 2011 2 commits
    • David S. Miller's avatar
      l2tp: Fix inet_opt conversion. · 778865a5
      David S. Miller authored
      We don't actually hold the socket lock at this point, so the
      rcu_dereference_protected() isn't' correct.  Thanks to Eric
      Dumazet for pointing this out.
      
      Thankfully, we're only interested in fetching the faddr value
      if srr is enabled, so we can simply make this an RCU sequence
      and use plain rcu_dereference().
      Reported-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      778865a5
    • Eric Dumazet's avatar
      inet: add RCU protection to inet->opt · f6d8bd05
      Eric Dumazet authored
      We lack proper synchronization to manipulate inet->opt ip_options
      
      Problem is ip_make_skb() calls ip_setup_cork() and
      ip_setup_cork() possibly makes a copy of ipc->opt (struct ip_options),
      without any protection against another thread manipulating inet->opt.
      
      Another thread can change inet->opt pointer and free old one under us.
      
      Use RCU to protect inet->opt (changed to inet->inet_opt).
      
      Instead of handling atomic refcounts, just copy ip_options when
      necessary, to avoid cache line dirtying.
      
      We cant insert an rcu_head in struct ip_options since its included in
      skb->cb[], so this patch is large because I had to introduce a new
      ip_options_rcu structure.
      Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f6d8bd05
  9. 27 Apr, 2011 2 commits
    • David S. Miller's avatar
      ipv4: Sanitize and simplify ip_route_{connect,newports}() · 2d7192d6
      David S. Miller authored
      These functions are used together as a unit for route resolution
      during connect().  They address the chicken-and-egg problem that
      exists when ports need to be allocated during connect() processing,
      yet such port allocations require addressing information from the
      routing code.
      
      It's currently more heavy handed than it needs to be, and in
      particular we allocate and initialize a flow object twice.
      
      Let the callers provide the on-stack flow object.  That way we only
      need to initialize it once in the ip_route_connect() call.
      
      Later, if ip_route_newports() needs to do anything, it re-uses that
      flow object as-is except for the ports which it updates before the
      route re-lookup.
      
      Also, describe why this set of facilities are needed and how it works
      in a big comment.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Reviewed-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      2d7192d6
    • Lucas De Marchi's avatar
      Revert wrong fixes for common misspellings · e9c54999
      Lucas De Marchi authored
      These changes were incorrectly fixed by codespell. They were now
      manually corrected.
      Signed-off-by: default avatarLucas De Marchi <lucas.demarchi@profusion.mobi>
      e9c54999
  10. 12 Mar, 2011 1 commit
  11. 02 Mar, 2011 1 commit
  12. 01 Mar, 2011 3 commits
  13. 08 Dec, 2010 1 commit
  14. 17 Nov, 2010 1 commit
  15. 24 Oct, 2010 1 commit
  16. 21 Oct, 2010 1 commit
  17. 11 Jun, 2010 1 commit
  18. 16 Apr, 2010 1 commit
  19. 03 Apr, 2010 1 commit
    • James Chapman's avatar
      l2tp: Add L2TPv3 IP encapsulation (no UDP) support · 0d76751f
      James Chapman authored
      This patch adds a new L2TPIP socket family and modifies the core to
      handle the case where there is no UDP header in the L2TP
      packet. L2TP/IP uses IP protocol 115. Since L2TP/UDP and L2TP/IP
      packets differ in layout, the datapath packet handling code needs
      changes too. Userspace uses an L2TPIP socket instead of a UDP socket
      when IP encapsulation is required.
      
      We can't use raw sockets for this because the semantics of raw sockets
      don't lend themselves to the socket-per-tunnel model - we need to
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0d76751f