tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Pull networking fixes from David Miller:

1) Fix TTL offset calculation in mac80211 mesh code, from Peter Oh.

2) Fix races with procfs in ipt_CLUSTERIP, from Cong Wang.

3) Memory leak fix in lpm_trie BPF map code, from Yonghong Song.

4) Need to use GFP_ATOMIC in BPF cpumap allocations, from Jason Wang.

5) Fix potential deadlocks in netfilter getsockopt() code paths, from
Paolo Abeni.

6) Netfilter stackpointer size checks really are needed to validate
user input, from Florian Westphal.

7) Missing timer init in x_tables, from Paolo Abeni.

8) Don't use WQ_MEM_RECLAIM in mac80211 hwsim, from Johannes Berg.

9) When an ibmvnic device is brought down then back up again, it can be
sent queue entries from a previous session, handle this properly
instead of crashing. From Thomas Falcon.

10) Fix TCP checksum on LRO buffers in mlx5e, from Gal Pressman.

11) When we are dumping filters in cls_api, the output SKB is empty, and
the filter we are dumping is too large for the space in the SKB, we
should return -EMSGSIZE like other netlink dump operations do.
Otherwise userland has no signal that is needs to increase the size
of its read buffer. From Roman Kapl.

12) Several XDP fixes for virtio_net, from Jesper Dangaard Brouer.

13) Module refcount leak in netlink when a dump start fails, from Jason
Donenfeld.

14) Handle sub-optimal GSO sizes better in TCP BBR congestion control,
from Eric Dumazet.

15) Releasing bpf per-cpu arraymaps can take a long time, add a
condtional scheduling point. From Eric Dumazet.

16) Implement retpolines for tail calls in x64 and arm64 bpf JITs. From
Daniel Borkmann.

17) Fix page leak in gianfar driver, from Andy Spencer.

18) Missed clearing of estimator scratch buffer, from Eric Dumazet.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (76 commits)
net_sched: gen_estimator: fix broken estimators based on percpu stats
gianfar: simplify FCS handling and fix memory leak
ipv6 sit: work around bogus gcc-8 -Wrestrict warning
macvlan: fix use-after-free in macvlan_common_newlink()
bpf, arm64: fix out of bounds access in tail call
bpf, x64: implement retpoline for tail call
rxrpc: Fix send in rxrpc_send_data_packet()
net: aquantia: Fix error handling in aq_pci_probe()
bpf: fix rcu lockdep warning for lpm_trie map_free callback
bpf: add schedule points in percpu arrays management
regulatory: add NUL to request alpha2
ibmvnic: Fix early release of login buffer
net/smc9194: Remove bogus CONFIG_MAC reference
net: ipv4: Set addr_type in hash_keys for forwarded case
tcp_bbr: better deal with suboptimal GSO
smsc75xx: fix smsc75xx_set_features()
netlink: put module reference if dump start fails
selftests/bpf/test_maps: exit child process without error in ENOMEM case
selftests/bpf: update gitignore with test_libbpf_open
selftests/bpf: tcpbpf_kern: use in6_* macros from glibc
..

Linus Torvalds 9cb9c07d 2eb02aa9

+624 -454
+4
.gitignore
··· 127 127 128 128 # Kdevelop4 129 129 *.kdev4 130 + 131 + #Automatically generated by ASN.1 compiler 132 + net/ipv4/netfilter/nf_nat_snmp_basic-asn1.c 133 + net/ipv4/netfilter/nf_nat_snmp_basic-asn1.h
+3 -2
arch/arm64/net/bpf_jit_comp.c
··· 250 250 off = offsetof(struct bpf_array, map.max_entries); 251 251 emit_a64_mov_i64(tmp, off, ctx); 252 252 emit(A64_LDR32(tmp, r2, tmp), ctx); 253 + emit(A64_MOV(0, r3, r3), ctx); 253 254 emit(A64_CMP(0, r3, tmp), ctx); 254 - emit(A64_B_(A64_COND_GE, jmp_offset), ctx); 255 + emit(A64_B_(A64_COND_CS, jmp_offset), ctx); 255 256 256 257 /* if (tail_call_cnt > MAX_TAIL_CALL_CNT) 257 258 * goto out; ··· 260 259 */ 261 260 emit_a64_mov_i64(tmp, MAX_TAIL_CALL_CNT, ctx); 262 261 emit(A64_CMP(1, tcc, tmp), ctx); 263 - emit(A64_B_(A64_COND_GT, jmp_offset), ctx); 262 + emit(A64_B_(A64_COND_HI, jmp_offset), ctx); 264 263 emit(A64_ADD_I(1, tcc, tcc, 1), ctx); 265 264 266 265 /* prog = array->ptrs[index];
+37
arch/x86/include/asm/nospec-branch.h
··· 177 177 } 178 178 179 179 #endif /* __ASSEMBLY__ */ 180 + 181 + /* 182 + * Below is used in the eBPF JIT compiler and emits the byte sequence 183 + * for the following assembly: 184 + * 185 + * With retpolines configured: 186 + * 187 + * callq do_rop 188 + * spec_trap: 189 + * pause 190 + * lfence 191 + * jmp spec_trap 192 + * do_rop: 193 + * mov %rax,(%rsp) 194 + * retq 195 + * 196 + * Without retpolines configured: 197 + * 198 + * jmp *%rax 199 + */ 200 + #ifdef CONFIG_RETPOLINE 201 + # define RETPOLINE_RAX_BPF_JIT_SIZE 17 202 + # define RETPOLINE_RAX_BPF_JIT() \ 203 + EMIT1_off32(0xE8, 7); /* callq do_rop */ \ 204 + /* spec_trap: */ \ 205 + EMIT2(0xF3, 0x90); /* pause */ \ 206 + EMIT3(0x0F, 0xAE, 0xE8); /* lfence */ \ 207 + EMIT2(0xEB, 0xF9); /* jmp spec_trap */ \ 208 + /* do_rop: */ \ 209 + EMIT4(0x48, 0x89, 0x04, 0x24); /* mov %rax,(%rsp) */ \ 210 + EMIT1(0xC3); /* retq */ 211 + #else 212 + # define RETPOLINE_RAX_BPF_JIT_SIZE 2 213 + # define RETPOLINE_RAX_BPF_JIT() \ 214 + EMIT2(0xFF, 0xE0); /* jmp *%rax */ 215 + #endif 216 + 180 217 #endif /* _ASM_X86_NOSPEC_BRANCH_H_ */
+5 -4
arch/x86/net/bpf_jit_comp.c
··· 13 13 #include <linux/if_vlan.h> 14 14 #include <asm/cacheflush.h> 15 15 #include <asm/set_memory.h> 16 + #include <asm/nospec-branch.h> 16 17 #include <linux/bpf.h> 17 18 18 19 /* ··· 291 290 EMIT2(0x89, 0xD2); /* mov edx, edx */ 292 291 EMIT3(0x39, 0x56, /* cmp dword ptr [rsi + 16], edx */ 293 292 offsetof(struct bpf_array, map.max_entries)); 294 - #define OFFSET1 43 /* number of bytes to jump */ 293 + #define OFFSET1 (41 + RETPOLINE_RAX_BPF_JIT_SIZE) /* number of bytes to jump */ 295 294 EMIT2(X86_JBE, OFFSET1); /* jbe out */ 296 295 label1 = cnt; 297 296 ··· 300 299 */ 301 300 EMIT2_off32(0x8B, 0x85, 36); /* mov eax, dword ptr [rbp + 36] */ 302 301 EMIT3(0x83, 0xF8, MAX_TAIL_CALL_CNT); /* cmp eax, MAX_TAIL_CALL_CNT */ 303 - #define OFFSET2 32 302 + #define OFFSET2 (30 + RETPOLINE_RAX_BPF_JIT_SIZE) 304 303 EMIT2(X86_JA, OFFSET2); /* ja out */ 305 304 label2 = cnt; 306 305 EMIT3(0x83, 0xC0, 0x01); /* add eax, 1 */ ··· 314 313 * goto out; 315 314 */ 316 315 EMIT3(0x48, 0x85, 0xC0); /* test rax,rax */ 317 - #define OFFSET3 10 316 + #define OFFSET3 (8 + RETPOLINE_RAX_BPF_JIT_SIZE) 318 317 EMIT2(X86_JE, OFFSET3); /* je out */ 319 318 label3 = cnt; 320 319 ··· 327 326 * rdi == ctx (1st arg) 328 327 * rax == prog->bpf_func + prologue_size 329 328 */ 330 - EMIT2(0xFF, 0xE0); /* jmp rax */ 329 + RETPOLINE_RAX_BPF_JIT(); 331 330 332 331 /* out: */ 333 332 BUILD_BUG_ON(cnt - label1 != OFFSET1);
+2
drivers/net/ethernet/amd/xgbe/xgbe-pci.c
··· 426 426 struct net_device *netdev = pdata->netdev; 427 427 int ret = 0; 428 428 429 + XP_IOWRITE(pdata, XP_INT_EN, 0x1fffff); 430 + 429 431 pdata->lpm_ctrl &= ~MDIO_CTRL1_LPOWER; 430 432 XMDIO_WRITE(pdata, MDIO_MMD_PCS, MDIO_CTRL1, pdata->lpm_ctrl); 431 433
+10 -4
drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c
··· 226 226 goto err_ioremap; 227 227 228 228 self->aq_hw = kzalloc(sizeof(*self->aq_hw), GFP_KERNEL); 229 + if (!self->aq_hw) { 230 + err = -ENOMEM; 231 + goto err_ioremap; 232 + } 229 233 self->aq_hw->aq_nic_cfg = aq_nic_get_cfg(self); 230 234 231 235 for (bar = 0; bar < 4; ++bar) { ··· 239 235 mmio_pa = pci_resource_start(pdev, bar); 240 236 if (mmio_pa == 0U) { 241 237 err = -EIO; 242 - goto err_ioremap; 238 + goto err_free_aq_hw; 243 239 } 244 240 245 241 reg_sz = pci_resource_len(pdev, bar); 246 242 if ((reg_sz <= 24 /*ATL_REGS_SIZE*/)) { 247 243 err = -EIO; 248 - goto err_ioremap; 244 + goto err_free_aq_hw; 249 245 } 250 246 251 247 self->aq_hw->mmio = ioremap_nocache(mmio_pa, reg_sz); 252 248 if (!self->aq_hw->mmio) { 253 249 err = -EIO; 254 - goto err_ioremap; 250 + goto err_free_aq_hw; 255 251 } 256 252 break; 257 253 } ··· 259 255 260 256 if (bar == 4) { 261 257 err = -EIO; 262 - goto err_ioremap; 258 + goto err_free_aq_hw; 263 259 } 264 260 265 261 numvecs = min((u8)AQ_CFG_VECS_DEF, ··· 294 290 aq_pci_free_irq_vectors(self); 295 291 err_hwinit: 296 292 iounmap(self->aq_hw->mmio); 293 + err_free_aq_hw: 294 + kfree(self->aq_hw); 297 295 err_ioremap: 298 296 free_netdev(ndev); 299 297 err_pci_func:
+7 -16
drivers/net/ethernet/freescale/gianfar.c
··· 2934 2934 { 2935 2935 int size = lstatus & BD_LENGTH_MASK; 2936 2936 struct page *page = rxb->page; 2937 - bool last = !!(lstatus & BD_LFLAG(RXBD_LAST)); 2938 - 2939 - /* Remove the FCS from the packet length */ 2940 - if (last) 2941 - size -= ETH_FCS_LEN; 2942 2937 2943 2938 if (likely(first)) { 2944 2939 skb_put(skb, size); 2945 2940 } else { 2946 2941 /* the last fragments' length contains the full frame length */ 2947 - if (last) 2942 + if (lstatus & BD_LFLAG(RXBD_LAST)) 2948 2943 size -= skb->len; 2949 2944 2950 - /* Add the last fragment if it contains something other than 2951 - * the FCS, otherwise drop it and trim off any part of the FCS 2952 - * that was already received. 2953 - */ 2954 - if (size > 0) 2955 - skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, page, 2956 - rxb->page_offset + RXBUF_ALIGNMENT, 2957 - size, GFAR_RXB_TRUESIZE); 2958 - else if (size < 0) 2959 - pskb_trim(skb, skb->len + size); 2945 + skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, page, 2946 + rxb->page_offset + RXBUF_ALIGNMENT, 2947 + size, GFAR_RXB_TRUESIZE); 2960 2948 } 2961 2949 2962 2950 /* try reuse page */ ··· 3056 3068 3057 3069 if (priv->padding) 3058 3070 skb_pull(skb, priv->padding); 3071 + 3072 + /* Trim off the FCS */ 3073 + pskb_trim(skb, skb->len - ETH_FCS_LEN); 3059 3074 3060 3075 if (ndev->features & NETIF_F_RXCSUM) 3061 3076 gfar_rx_checksum(skb, fcb);
+6 -1
drivers/net/ethernet/ibm/ibmvnic.c
··· 1901 1901 dev_kfree_skb_any(rx_buff->skb); 1902 1902 remove_buff_from_pool(adapter, rx_buff); 1903 1903 continue; 1904 + } else if (!rx_buff->skb) { 1905 + /* free the entry */ 1906 + next->rx_comp.first = 0; 1907 + remove_buff_from_pool(adapter, rx_buff); 1908 + continue; 1904 1909 } 1905 1910 1906 1911 length = be32_to_cpu(next->rx_comp.len); ··· 3760 3755 3761 3756 dma_unmap_single(dev, adapter->login_buf_token, adapter->login_buf_sz, 3762 3757 DMA_BIDIRECTIONAL); 3763 - release_login_buffer(adapter); 3764 3758 dma_unmap_single(dev, adapter->login_rsp_buf_token, 3765 3759 adapter->login_rsp_buf_sz, DMA_BIDIRECTIONAL); 3766 3760 ··· 3790 3786 ibmvnic_remove(adapter->vdev); 3791 3787 return -EIO; 3792 3788 } 3789 + release_login_buffer(adapter); 3793 3790 complete(&adapter->init_done); 3794 3791 3795 3792 return 0;
+4 -4
drivers/net/ethernet/mellanox/mlx5/core/diag/fs_tracepoint.c
··· 96 96 "%pI4"); 97 97 } else if (ethertype.v == ETH_P_IPV6) { 98 98 static const struct in6_addr full_ones = { 99 - .in6_u.u6_addr32 = {htonl(0xffffffff), 100 - htonl(0xffffffff), 101 - htonl(0xffffffff), 102 - htonl(0xffffffff)}, 99 + .in6_u.u6_addr32 = {__constant_htonl(0xffffffff), 100 + __constant_htonl(0xffffffff), 101 + __constant_htonl(0xffffffff), 102 + __constant_htonl(0xffffffff)}, 103 103 }; 104 104 DECLARE_MASK_VAL(struct in6_addr, src_ipv6); 105 105 DECLARE_MASK_VAL(struct in6_addr, dst_ipv6);
+10 -4
drivers/net/ethernet/mellanox/mlx5/core/en_main.c
··· 1768 1768 param->wq.linear = 1; 1769 1769 } 1770 1770 1771 - static void mlx5e_build_drop_rq_param(struct mlx5e_rq_param *param) 1771 + static void mlx5e_build_drop_rq_param(struct mlx5_core_dev *mdev, 1772 + struct mlx5e_rq_param *param) 1772 1773 { 1773 1774 void *rqc = param->rqc; 1774 1775 void *wq = MLX5_ADDR_OF(rqc, rqc, wq); 1775 1776 1776 1777 MLX5_SET(wq, wq, wq_type, MLX5_WQ_TYPE_LINKED_LIST); 1777 1778 MLX5_SET(wq, wq, log_wq_stride, ilog2(sizeof(struct mlx5e_rx_wqe))); 1779 + 1780 + param->wq.buf_numa_node = dev_to_node(&mdev->pdev->dev); 1778 1781 } 1779 1782 1780 1783 static void mlx5e_build_sq_param_common(struct mlx5e_priv *priv, ··· 2637 2634 struct mlx5e_cq *cq, 2638 2635 struct mlx5e_cq_param *param) 2639 2636 { 2637 + param->wq.buf_numa_node = dev_to_node(&mdev->pdev->dev); 2638 + param->wq.db_numa_node = dev_to_node(&mdev->pdev->dev); 2639 + 2640 2640 return mlx5e_alloc_cq_common(mdev, param, cq); 2641 2641 } 2642 2642 ··· 2651 2645 struct mlx5e_cq *cq = &drop_rq->cq; 2652 2646 int err; 2653 2647 2654 - mlx5e_build_drop_rq_param(&rq_param); 2648 + mlx5e_build_drop_rq_param(mdev, &rq_param); 2655 2649 2656 2650 err = mlx5e_alloc_drop_cq(mdev, cq, &cq_param); 2657 2651 if (err) ··· 3000 2994 } 3001 2995 #endif 3002 2996 3003 - int mlx5e_setup_tc(struct net_device *dev, enum tc_setup_type type, 3004 - void *type_data) 2997 + static int mlx5e_setup_tc(struct net_device *dev, enum tc_setup_type type, 2998 + void *type_data) 3005 2999 { 3006 3000 switch (type) { 3007 3001 #ifdef CONFIG_MLX5_ESWITCH
+34 -13
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
··· 36 36 #include <linux/tcp.h> 37 37 #include <linux/bpf_trace.h> 38 38 #include <net/busy_poll.h> 39 + #include <net/ip6_checksum.h> 39 40 #include "en.h" 40 41 #include "en_tc.h" 41 42 #include "eswitch.h" ··· 547 546 return true; 548 547 } 549 548 549 + static void mlx5e_lro_update_tcp_hdr(struct mlx5_cqe64 *cqe, struct tcphdr *tcp) 550 + { 551 + u8 l4_hdr_type = get_cqe_l4_hdr_type(cqe); 552 + u8 tcp_ack = (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_NO_DATA) || 553 + (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_AND_DATA); 554 + 555 + tcp->check = 0; 556 + tcp->psh = get_cqe_lro_tcppsh(cqe); 557 + 558 + if (tcp_ack) { 559 + tcp->ack = 1; 560 + tcp->ack_seq = cqe->lro_ack_seq_num; 561 + tcp->window = cqe->lro_tcp_win; 562 + } 563 + } 564 + 550 565 static void mlx5e_lro_update_hdr(struct sk_buff *skb, struct mlx5_cqe64 *cqe, 551 566 u32 cqe_bcnt) 552 567 { 553 568 struct ethhdr *eth = (struct ethhdr *)(skb->data); 554 569 struct tcphdr *tcp; 555 570 int network_depth = 0; 571 + __wsum check; 556 572 __be16 proto; 557 573 u16 tot_len; 558 574 void *ip_p; 559 - 560 - u8 l4_hdr_type = get_cqe_l4_hdr_type(cqe); 561 - u8 tcp_ack = (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_NO_DATA) || 562 - (l4_hdr_type == CQE_L4_HDR_TYPE_TCP_ACK_AND_DATA); 563 575 564 576 proto = __vlan_get_protocol(skb, eth->h_proto, &network_depth); 565 577 ··· 590 576 ipv4->check = 0; 591 577 ipv4->check = ip_fast_csum((unsigned char *)ipv4, 592 578 ipv4->ihl); 579 + 580 + mlx5e_lro_update_tcp_hdr(cqe, tcp); 581 + check = csum_partial(tcp, tcp->doff * 4, 582 + csum_unfold((__force __sum16)cqe->check_sum)); 583 + /* Almost done, don't forget the pseudo header */ 584 + tcp->check = csum_tcpudp_magic(ipv4->saddr, ipv4->daddr, 585 + tot_len - sizeof(struct iphdr), 586 + IPPROTO_TCP, check); 593 587 } else { 588 + u16 payload_len = tot_len - sizeof(struct ipv6hdr); 594 589 struct ipv6hdr *ipv6 = ip_p; 595 590 596 591 tcp = ip_p + sizeof(struct ipv6hdr); 597 592 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV6; 598 593 599 594 ipv6->hop_limit = cqe->lro_min_ttl; 600 - ipv6->payload_len = cpu_to_be16(tot_len - 601 - sizeof(struct ipv6hdr)); 602 - } 595 + ipv6->payload_len = cpu_to_be16(payload_len); 603 596 604 - tcp->psh = get_cqe_lro_tcppsh(cqe); 605 - 606 - if (tcp_ack) { 607 - tcp->ack = 1; 608 - tcp->ack_seq = cqe->lro_ack_seq_num; 609 - tcp->window = cqe->lro_tcp_win; 597 + mlx5e_lro_update_tcp_hdr(cqe, tcp); 598 + check = csum_partial(tcp, tcp->doff * 4, 599 + csum_unfold((__force __sum16)cqe->check_sum)); 600 + /* Almost done, don't forget the pseudo header */ 601 + tcp->check = csum_ipv6_magic(&ipv6->saddr, &ipv6->daddr, payload_len, 602 + IPPROTO_TCP, check); 610 603 } 611 604 } 612 605
+2 -1
drivers/net/ethernet/mellanox/mlx5/core/en_selftest.c
··· 216 216 if (iph->protocol != IPPROTO_UDP) 217 217 goto out; 218 218 219 - udph = udp_hdr(skb); 219 + /* Don't assume skb_transport_header() was set */ 220 + udph = (struct udphdr *)((u8 *)iph + 4 * iph->ihl); 220 221 if (udph->dest != htons(9)) 221 222 goto out; 222 223
+2 -1
drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
··· 2529 2529 if (tcf_vlan_action(a) == TCA_VLAN_ACT_POP) { 2530 2530 attr->action |= MLX5_FLOW_CONTEXT_ACTION_VLAN_POP; 2531 2531 } else if (tcf_vlan_action(a) == TCA_VLAN_ACT_PUSH) { 2532 - if (tcf_vlan_push_proto(a) != htons(ETH_P_8021Q)) 2532 + if (tcf_vlan_push_proto(a) != htons(ETH_P_8021Q) || 2533 + tcf_vlan_push_prio(a)) 2533 2534 return -EOPNOTSUPP; 2534 2535 2535 2536 attr->action |= MLX5_FLOW_CONTEXT_ACTION_VLAN_PUSH;
+1 -1
drivers/net/ethernet/mellanox/mlx5/core/en_tx.c
··· 176 176 default: 177 177 hlen = mlx5e_skb_l2_header_offset(skb); 178 178 } 179 - return min_t(u16, hlen, skb->len); 179 + return min_t(u16, hlen, skb_headlen(skb)); 180 180 } 181 181 182 182 static inline void mlx5e_tx_skb_pull_inline(unsigned char **skb_data,
+4 -4
drivers/net/ethernet/mellanox/mlx5/core/eswitch.c
··· 1529 1529 1530 1530 esw_debug(esw->dev, "Enabling VPORT(%d)\n", vport_num); 1531 1531 1532 + /* Create steering drop counters for ingress and egress ACLs */ 1533 + if (vport_num && esw->mode == SRIOV_LEGACY) 1534 + esw_vport_create_drop_counters(vport); 1535 + 1532 1536 /* Restore old vport configuration */ 1533 1537 esw_apply_vport_conf(esw, vport); 1534 1538 ··· 1548 1544 /* only PF is trusted by default */ 1549 1545 if (!vport_num) 1550 1546 vport->info.trusted = true; 1551 - 1552 - /* create steering drop counters for ingress and egress ACLs */ 1553 - if (vport_num && esw->mode == SRIOV_LEGACY) 1554 - esw_vport_create_drop_counters(vport); 1555 1547 1556 1548 esw_vport_change_handle_locked(vport); 1557 1549
+10 -3
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
··· 1429 1429 1430 1430 if (xored_actions & (MLX5_FLOW_CONTEXT_ACTION_DROP | 1431 1431 MLX5_FLOW_CONTEXT_ACTION_ENCAP | 1432 - MLX5_FLOW_CONTEXT_ACTION_DECAP)) 1432 + MLX5_FLOW_CONTEXT_ACTION_DECAP | 1433 + MLX5_FLOW_CONTEXT_ACTION_MOD_HDR)) 1433 1434 return true; 1434 1435 1435 1436 return false; ··· 1759 1758 1760 1759 /* Collect all fgs which has a matching match_criteria */ 1761 1760 err = build_match_list(&match_head, ft, spec); 1762 - if (err) 1761 + if (err) { 1762 + if (take_write) 1763 + up_write_ref_node(&ft->node); 1763 1764 return ERR_PTR(err); 1765 + } 1764 1766 1765 1767 if (!take_write) 1766 1768 up_read_ref_node(&ft->node); ··· 1772 1768 dest_num, version); 1773 1769 free_match_list(&match_head); 1774 1770 if (!IS_ERR(rule) || 1775 - (PTR_ERR(rule) != -ENOENT && PTR_ERR(rule) != -EAGAIN)) 1771 + (PTR_ERR(rule) != -ENOENT && PTR_ERR(rule) != -EAGAIN)) { 1772 + if (take_write) 1773 + up_write_ref_node(&ft->node); 1776 1774 return rule; 1775 + } 1777 1776 1778 1777 if (!take_write) { 1779 1778 nested_down_write_ref_node(&ft->node, FS_LOCK_GRANDPARENT);
+1
drivers/net/ethernet/mellanox/mlx5/core/lib/clock.c
··· 34 34 #include <linux/highmem.h> 35 35 #include <rdma/mlx5-abi.h> 36 36 #include "en.h" 37 + #include "clock.h" 37 38 38 39 enum { 39 40 MLX5_CYCLES_SHIFT = 23
+1 -1
drivers/net/ethernet/mellanox/mlx5/core/main.c
··· 551 551 MLX5_SET(cmd_hca_cap, 552 552 set_hca_cap, 553 553 cache_line_128byte, 554 - cache_line_size() == 128 ? 1 : 0); 554 + cache_line_size() >= 128 ? 1 : 0); 555 555 556 556 if (MLX5_CAP_GEN_MAX(dev, dct)) 557 557 MLX5_SET(cmd_hca_cap, set_hca_cap, dct, 1);
+1 -1
drivers/net/ethernet/smsc/Kconfig
··· 20 20 21 21 config SMC9194 22 22 tristate "SMC 9194 support" 23 - depends on (ISA || MAC && BROKEN) 23 + depends on ISA 24 24 select CRC32 25 25 ---help--- 26 26 This is support for the SMC9xxx based Ethernet cards. Choose this
+1 -1
drivers/net/macvlan.c
··· 1451 1451 /* the macvlan port may be freed by macvlan_uninit when fail to register. 1452 1452 * so we destroy the macvlan port only when it's valid. 1453 1453 */ 1454 - if (create && macvlan_port_get_rtnl(dev)) 1454 + if (create && macvlan_port_get_rtnl(lowerdev)) 1455 1455 macvlan_port_destroy(port->dev); 1456 1456 return err; 1457 1457 }
+4 -3
drivers/net/usb/smsc75xx.c
··· 954 954 /* it's racing here! */ 955 955 956 956 ret = smsc75xx_write_reg(dev, RFE_CTL, pdata->rfe_ctl); 957 - if (ret < 0) 957 + if (ret < 0) { 958 958 netdev_warn(dev->net, "Error writing RFE_CTL\n"); 959 - 960 - return ret; 959 + return ret; 960 + } 961 + return 0; 961 962 } 962 963 963 964 static int smsc75xx_wait_ready(struct usbnet *dev, int in_pm)
+34 -24
drivers/net/virtio_net.c
··· 443 443 sg_init_one(sq->sg, xdp->data, xdp->data_end - xdp->data); 444 444 445 445 err = virtqueue_add_outbuf(sq->vq, sq->sg, 1, xdp->data, GFP_ATOMIC); 446 - if (unlikely(err)) { 447 - struct page *page = virt_to_head_page(xdp->data); 448 - 449 - put_page(page); 450 - return false; 451 - } 446 + if (unlikely(err)) 447 + return false; /* Caller handle free/refcnt */ 452 448 453 449 return true; 454 450 } ··· 452 456 static int virtnet_xdp_xmit(struct net_device *dev, struct xdp_buff *xdp) 453 457 { 454 458 struct virtnet_info *vi = netdev_priv(dev); 455 - bool sent = __virtnet_xdp_xmit(vi, xdp); 459 + struct receive_queue *rq = vi->rq; 460 + struct bpf_prog *xdp_prog; 461 + bool sent; 456 462 463 + /* Only allow ndo_xdp_xmit if XDP is loaded on dev, as this 464 + * indicate XDP resources have been successfully allocated. 465 + */ 466 + xdp_prog = rcu_dereference(rq->xdp_prog); 467 + if (!xdp_prog) 468 + return -ENXIO; 469 + 470 + sent = __virtnet_xdp_xmit(vi, xdp); 457 471 if (!sent) 458 472 return -ENOSPC; 459 473 return 0; ··· 552 546 unsigned int buflen = SKB_DATA_ALIGN(GOOD_PACKET_LEN + headroom) + 553 547 SKB_DATA_ALIGN(sizeof(struct skb_shared_info)); 554 548 struct page *page = virt_to_head_page(buf); 555 - unsigned int delta = 0, err; 549 + unsigned int delta = 0; 556 550 struct page *xdp_page; 551 + bool sent; 552 + int err; 553 + 557 554 len -= vi->hdr_len; 558 555 559 556 rcu_read_lock(); ··· 567 558 void *orig_data; 568 559 u32 act; 569 560 570 - if (unlikely(hdr->hdr.gso_type || hdr->hdr.flags)) 561 + if (unlikely(hdr->hdr.gso_type)) 571 562 goto err_xdp; 572 563 573 564 if (unlikely(xdp_headroom < virtnet_get_headroom(vi))) { ··· 605 596 delta = orig_data - xdp.data; 606 597 break; 607 598 case XDP_TX: 608 - if (unlikely(!__virtnet_xdp_xmit(vi, &xdp))) 599 + sent = __virtnet_xdp_xmit(vi, &xdp); 600 + if (unlikely(!sent)) { 609 601 trace_xdp_exception(vi->dev, xdp_prog, act); 610 - else 611 - *xdp_xmit = true; 602 + goto err_xdp; 603 + } 604 + *xdp_xmit = true; 612 605 rcu_read_unlock(); 613 606 goto xdp_xmit; 614 607 case XDP_REDIRECT: 615 608 err = xdp_do_redirect(dev, &xdp, xdp_prog); 616 - if (!err) 617 - *xdp_xmit = true; 609 + if (err) 610 + goto err_xdp; 611 + *xdp_xmit = true; 618 612 rcu_read_unlock(); 619 613 goto xdp_xmit; 620 614 default: ··· 689 677 struct bpf_prog *xdp_prog; 690 678 unsigned int truesize; 691 679 unsigned int headroom = mergeable_ctx_to_headroom(ctx); 692 - int err; 680 + bool sent; 693 681 694 682 head_skb = NULL; 695 683 ··· 758 746 } 759 747 break; 760 748 case XDP_TX: 761 - if (unlikely(!__virtnet_xdp_xmit(vi, &xdp))) 749 + sent = __virtnet_xdp_xmit(vi, &xdp); 750 + if (unlikely(!sent)) { 762 751 trace_xdp_exception(vi->dev, xdp_prog, act); 763 - else 764 - *xdp_xmit = true; 752 + if (unlikely(xdp_page != page)) 753 + put_page(xdp_page); 754 + goto err_xdp; 755 + } 756 + *xdp_xmit = true; 765 757 if (unlikely(xdp_page != page)) 766 758 goto err_xdp; 767 - rcu_read_unlock(); 768 - goto xdp_xmit; 769 - case XDP_REDIRECT: 770 - err = xdp_do_redirect(dev, &xdp, xdp_prog); 771 - if (!err) 772 - *xdp_xmit = true; 773 759 rcu_read_unlock(); 774 760 goto xdp_xmit; 775 761 default:
+1 -1
drivers/net/wireless/mac80211_hwsim.c
··· 3516 3516 3517 3517 spin_lock_init(&hwsim_radio_lock); 3518 3518 3519 - hwsim_wq = alloc_workqueue("hwsim_wq",WQ_MEM_RECLAIM,0); 3519 + hwsim_wq = alloc_workqueue("hwsim_wq", 0, 0); 3520 3520 if (!hwsim_wq) 3521 3521 return -ENOMEM; 3522 3522 rhashtable_init(&hwsim_radios_rht, &hwsim_rht_params);
+1 -1
include/net/mac80211.h
··· 4149 4149 * The TX headroom reserved by mac80211 for its own tx_status functions. 4150 4150 * This is enough for the radiotap header. 4151 4151 */ 4152 - #define IEEE80211_TX_STATUS_HEADROOM 14 4152 + #define IEEE80211_TX_STATUS_HEADROOM ALIGN(14, 4) 4153 4153 4154 4154 /** 4155 4155 * ieee80211_sta_set_buffered - inform mac80211 about driver-buffered frames
+1 -1
include/net/regulatory.h
··· 78 78 int wiphy_idx; 79 79 enum nl80211_reg_initiator initiator; 80 80 enum nl80211_user_reg_hint_type user_reg_hint_type; 81 - char alpha2[2]; 81 + char alpha2[3]; 82 82 enum nl80211_dfs_regions dfs_region; 83 83 bool intersect; 84 84 bool processed;
+20 -13
kernel/bpf/arraymap.c
··· 26 26 { 27 27 int i; 28 28 29 - for (i = 0; i < array->map.max_entries; i++) 29 + for (i = 0; i < array->map.max_entries; i++) { 30 30 free_percpu(array->pptrs[i]); 31 + cond_resched(); 32 + } 31 33 } 32 34 33 35 static int bpf_array_alloc_percpu(struct bpf_array *array) ··· 45 43 return -ENOMEM; 46 44 } 47 45 array->pptrs[i] = ptr; 46 + cond_resched(); 48 47 } 49 48 50 49 return 0; ··· 76 73 static struct bpf_map *array_map_alloc(union bpf_attr *attr) 77 74 { 78 75 bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY; 79 - int numa_node = bpf_map_attr_numa_node(attr); 76 + int ret, numa_node = bpf_map_attr_numa_node(attr); 80 77 u32 elem_size, index_mask, max_entries; 81 78 bool unpriv = !capable(CAP_SYS_ADMIN); 79 + u64 cost, array_size, mask64; 82 80 struct bpf_array *array; 83 - u64 array_size, mask64; 84 81 85 82 elem_size = round_up(attr->value_size, 8); 86 83 ··· 112 109 array_size += (u64) max_entries * elem_size; 113 110 114 111 /* make sure there is no u32 overflow later in round_up() */ 115 - if (array_size >= U32_MAX - PAGE_SIZE) 112 + cost = array_size; 113 + if (cost >= U32_MAX - PAGE_SIZE) 116 114 return ERR_PTR(-ENOMEM); 115 + if (percpu) { 116 + cost += (u64)attr->max_entries * elem_size * num_possible_cpus(); 117 + if (cost >= U32_MAX - PAGE_SIZE) 118 + return ERR_PTR(-ENOMEM); 119 + } 120 + cost = round_up(cost, PAGE_SIZE) >> PAGE_SHIFT; 121 + 122 + ret = bpf_map_precharge_memlock(cost); 123 + if (ret < 0) 124 + return ERR_PTR(ret); 117 125 118 126 /* allocate all map elements and zero-initialize them */ 119 127 array = bpf_map_area_alloc(array_size, numa_node); ··· 135 121 136 122 /* copy mandatory map attributes */ 137 123 bpf_map_init_from_attr(&array->map, attr); 124 + array->map.pages = cost; 138 125 array->elem_size = elem_size; 139 126 140 - if (!percpu) 141 - goto out; 142 - 143 - array_size += (u64) attr->max_entries * elem_size * num_possible_cpus(); 144 - 145 - if (array_size >= U32_MAX - PAGE_SIZE || 146 - bpf_array_alloc_percpu(array)) { 127 + if (percpu && bpf_array_alloc_percpu(array)) { 147 128 bpf_map_area_free(array); 148 129 return ERR_PTR(-ENOMEM); 149 130 } 150 - out: 151 - array->map.pages = round_up(array_size, PAGE_SIZE) >> PAGE_SHIFT; 152 131 153 132 return &array->map; 154 133 }
+1 -1
kernel/bpf/core.c
··· 1590 1590 * so always copy 'cnt' prog_ids to the user. 1591 1591 * In a rare race the user will see zero prog_ids 1592 1592 */ 1593 - ids = kcalloc(cnt, sizeof(u32), GFP_USER); 1593 + ids = kcalloc(cnt, sizeof(u32), GFP_USER | __GFP_NOWARN); 1594 1594 if (!ids) 1595 1595 return -ENOMEM; 1596 1596 rcu_read_lock();
+1 -1
kernel/bpf/cpumap.c
··· 334 334 static struct bpf_cpu_map_entry *__cpu_map_entry_alloc(u32 qsize, u32 cpu, 335 335 int map_id) 336 336 { 337 - gfp_t gfp = GFP_ATOMIC|__GFP_NOWARN; 337 + gfp_t gfp = GFP_KERNEL | __GFP_NOWARN; 338 338 struct bpf_cpu_map_entry *rcpu; 339 339 int numa, err; 340 340
+8 -6
kernel/bpf/lpm_trie.c
··· 555 555 struct lpm_trie_node __rcu **slot; 556 556 struct lpm_trie_node *node; 557 557 558 - raw_spin_lock(&trie->lock); 558 + /* Wait for outstanding programs to complete 559 + * update/lookup/delete/get_next_key and free the trie. 560 + */ 561 + synchronize_rcu(); 559 562 560 563 /* Always start at the root and walk down to a node that has no 561 564 * children. Then free that node, nullify its reference in the parent ··· 569 566 slot = &trie->root; 570 567 571 568 for (;;) { 572 - node = rcu_dereference_protected(*slot, 573 - lockdep_is_held(&trie->lock)); 569 + node = rcu_dereference_protected(*slot, 1); 574 570 if (!node) 575 - goto unlock; 571 + goto out; 576 572 577 573 if (rcu_access_pointer(node->child[0])) { 578 574 slot = &node->child[0]; ··· 589 587 } 590 588 } 591 589 592 - unlock: 593 - raw_spin_unlock(&trie->lock); 590 + out: 591 + kfree(trie); 594 592 } 595 593 596 594 static int trie_get_next_key(struct bpf_map *map, void *_key, void *_next_key)
+2 -1
kernel/bpf/sockmap.c
··· 521 521 static struct bpf_map *sock_map_alloc(union bpf_attr *attr) 522 522 { 523 523 struct bpf_stab *stab; 524 - int err = -EINVAL; 525 524 u64 cost; 525 + int err; 526 526 527 527 if (!capable(CAP_NET_ADMIN)) 528 528 return ERR_PTR(-EPERM); ··· 547 547 548 548 /* make sure page count doesn't overflow */ 549 549 cost = (u64) stab->map.max_entries * sizeof(struct sock *); 550 + err = -EINVAL; 550 551 if (cost >= U32_MAX - PAGE_SIZE) 551 552 goto free_stab; 552 553
+2
kernel/trace/bpf_trace.c
··· 872 872 return -EINVAL; 873 873 if (copy_from_user(&query, uquery, sizeof(query))) 874 874 return -EFAULT; 875 + if (query.ids_len > BPF_TRACE_MAX_PROGS) 876 + return -E2BIG; 875 877 876 878 mutex_lock(&bpf_event_mutex); 877 879 ret = bpf_prog_array_copy_info(event->tp_event->prog_array,
+5 -5
net/bridge/netfilter/ebt_among.c
··· 187 187 expected_length += ebt_mac_wormhash_size(wh_src); 188 188 189 189 if (em->match_size != EBT_ALIGN(expected_length)) { 190 - pr_info("wrong size: %d against expected %d, rounded to %zd\n", 191 - em->match_size, expected_length, 192 - EBT_ALIGN(expected_length)); 190 + pr_err_ratelimited("wrong size: %d against expected %d, rounded to %zd\n", 191 + em->match_size, expected_length, 192 + EBT_ALIGN(expected_length)); 193 193 return -EINVAL; 194 194 } 195 195 if (wh_dst && (err = ebt_mac_wormhash_check_integrity(wh_dst))) { 196 - pr_info("dst integrity fail: %x\n", -err); 196 + pr_err_ratelimited("dst integrity fail: %x\n", -err); 197 197 return -EINVAL; 198 198 } 199 199 if (wh_src && (err = ebt_mac_wormhash_check_integrity(wh_src))) { 200 - pr_info("src integrity fail: %x\n", -err); 200 + pr_err_ratelimited("src integrity fail: %x\n", -err); 201 201 return -EINVAL; 202 202 } 203 203 return 0;
+2 -2
net/bridge/netfilter/ebt_limit.c
··· 72 72 /* Check for overflow. */ 73 73 if (info->burst == 0 || 74 74 user2credits(info->avg * info->burst) < user2credits(info->avg)) { 75 - pr_info("overflow, try lower: %u/%u\n", 76 - info->avg, info->burst); 75 + pr_info_ratelimited("overflow, try lower: %u/%u\n", 76 + info->avg, info->burst); 77 77 return -EINVAL; 78 78 } 79 79
+1 -5
net/core/filter.c
··· 3381 3381 struct sock *sk = bpf_sock->sk; 3382 3382 int val = argval & BPF_SOCK_OPS_ALL_CB_FLAGS; 3383 3383 3384 - if (!sk_fullsock(sk)) 3384 + if (!IS_ENABLED(CONFIG_INET) || !sk_fullsock(sk)) 3385 3385 return -EINVAL; 3386 3386 3387 - #ifdef CONFIG_INET 3388 3387 if (val) 3389 3388 tcp_sk(sk)->bpf_sock_ops_cb_flags = val; 3390 3389 3391 3390 return argval & (~BPF_SOCK_OPS_ALL_CB_FLAGS); 3392 - #else 3393 - return -EINVAL; 3394 - #endif 3395 3391 } 3396 3392 3397 3393 static const struct bpf_func_proto bpf_sock_ops_cb_flags_set_proto = {
+1
net/core/gen_estimator.c
··· 66 66 static void est_fetch_counters(struct net_rate_estimator *e, 67 67 struct gnet_stats_basic_packed *b) 68 68 { 69 + memset(b, 0, sizeof(*b)); 69 70 if (e->stats_lock) 70 71 spin_lock(e->stats_lock); 71 72
+1 -6
net/ipv4/ip_sockglue.c
··· 1567 1567 if (get_user(len, optlen)) 1568 1568 return -EFAULT; 1569 1569 1570 - lock_sock(sk); 1571 - err = nf_getsockopt(sk, PF_INET, optname, optval, 1572 - &len); 1573 - release_sock(sk); 1570 + err = nf_getsockopt(sk, PF_INET, optname, optval, &len); 1574 1571 if (err >= 0) 1575 1572 err = put_user(len, optlen); 1576 1573 return err; ··· 1599 1602 if (get_user(len, optlen)) 1600 1603 return -EFAULT; 1601 1604 1602 - lock_sock(sk); 1603 1605 err = compat_nf_getsockopt(sk, PF_INET, optname, optval, &len); 1604 - release_sock(sk); 1605 1606 if (err >= 0) 1606 1607 err = put_user(len, optlen); 1607 1608 return err;
+4
net/ipv4/netfilter/arp_tables.c
··· 252 252 } 253 253 if (table_base + v 254 254 != arpt_next_entry(e)) { 255 + if (unlikely(stackidx >= private->stacksize)) { 256 + verdict = NF_DROP; 257 + break; 258 + } 255 259 jumpstack[stackidx++] = e; 256 260 } 257 261
+6 -1
net/ipv4/netfilter/ip_tables.c
··· 330 330 continue; 331 331 } 332 332 if (table_base + v != ipt_next_entry(e) && 333 - !(e->ip.flags & IPT_F_GOTO)) 333 + !(e->ip.flags & IPT_F_GOTO)) { 334 + if (unlikely(stackidx >= private->stacksize)) { 335 + verdict = NF_DROP; 336 + break; 337 + } 334 338 jumpstack[stackidx++] = e; 339 + } 335 340 336 341 e = get_entry(table_base, v); 337 342 continue;
+12 -8
net/ipv4/netfilter/ipt_CLUSTERIP.c
··· 107 107 108 108 local_bh_disable(); 109 109 if (refcount_dec_and_lock(&c->entries, &cn->lock)) { 110 - list_del_rcu(&c->list); 111 - spin_unlock(&cn->lock); 112 - local_bh_enable(); 113 - 114 - unregister_netdevice_notifier(&c->notifier); 115 - 116 110 /* In case anyone still accesses the file, the open/close 117 111 * functions are also incrementing the refcount on their own, 118 112 * so it's safe to remove the entry even if it's in use. */ ··· 114 120 if (cn->procdir) 115 121 proc_remove(c->pde); 116 122 #endif 123 + list_del_rcu(&c->list); 124 + spin_unlock(&cn->lock); 125 + local_bh_enable(); 126 + 127 + unregister_netdevice_notifier(&c->notifier); 128 + 117 129 return; 118 130 } 119 131 local_bh_enable(); ··· 154 154 #endif 155 155 if (unlikely(!refcount_inc_not_zero(&c->refcount))) 156 156 c = NULL; 157 - else if (entry) 158 - refcount_inc(&c->entries); 157 + else if (entry) { 158 + if (unlikely(!refcount_inc_not_zero(&c->entries))) { 159 + clusterip_config_put(c); 160 + c = NULL; 161 + } 162 + } 159 163 } 160 164 rcu_read_unlock_bh(); 161 165
+5 -7
net/ipv4/netfilter/ipt_ECN.c
··· 98 98 const struct ipt_ECN_info *einfo = par->targinfo; 99 99 const struct ipt_entry *e = par->entryinfo; 100 100 101 - if (einfo->operation & IPT_ECN_OP_MASK) { 102 - pr_info("unsupported ECN operation %x\n", einfo->operation); 101 + if (einfo->operation & IPT_ECN_OP_MASK) 103 102 return -EINVAL; 104 - } 105 - if (einfo->ip_ect & ~IPT_ECN_IP_MASK) { 106 - pr_info("new ECT codepoint %x out of mask\n", einfo->ip_ect); 103 + 104 + if (einfo->ip_ect & ~IPT_ECN_IP_MASK) 107 105 return -EINVAL; 108 - } 106 + 109 107 if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) && 110 108 (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) { 111 - pr_info("cannot use TCP operations on a non-tcp rule\n"); 109 + pr_info_ratelimited("cannot use operation on non-tcp rule\n"); 112 110 return -EINVAL; 113 111 } 114 112 return 0;
+2 -2
net/ipv4/netfilter/ipt_REJECT.c
··· 74 74 const struct ipt_entry *e = par->entryinfo; 75 75 76 76 if (rejinfo->with == IPT_ICMP_ECHOREPLY) { 77 - pr_info("ECHOREPLY no longer supported.\n"); 77 + pr_info_ratelimited("ECHOREPLY no longer supported.\n"); 78 78 return -EINVAL; 79 79 } else if (rejinfo->with == IPT_TCP_RESET) { 80 80 /* Must specify that it's a TCP packet */ 81 81 if (e->ip.proto != IPPROTO_TCP || 82 82 (e->ip.invflags & XT_INV_PROTO)) { 83 - pr_info("TCP_RESET invalid for non-tcp\n"); 83 + pr_info_ratelimited("TCP_RESET invalid for non-tcp\n"); 84 84 return -EINVAL; 85 85 } 86 86 }
+3 -3
net/ipv4/netfilter/ipt_rpfilter.c
··· 105 105 const struct xt_rpfilter_info *info = par->matchinfo; 106 106 unsigned int options = ~XT_RPFILTER_OPTION_MASK; 107 107 if (info->flags & options) { 108 - pr_info("unknown options encountered"); 108 + pr_info_ratelimited("unknown options\n"); 109 109 return -EINVAL; 110 110 } 111 111 112 112 if (strcmp(par->table, "mangle") != 0 && 113 113 strcmp(par->table, "raw") != 0) { 114 - pr_info("match only valid in the \'raw\' " 115 - "or \'mangle\' tables, not \'%s\'.\n", par->table); 114 + pr_info_ratelimited("only valid in \'raw\' or \'mangle\' table, not \'%s\'\n", 115 + par->table); 116 116 return -EINVAL; 117 117 } 118 118
+2
net/ipv4/route.c
··· 1826 1826 return skb_get_hash_raw(skb) >> 1; 1827 1827 memset(&hash_keys, 0, sizeof(hash_keys)); 1828 1828 skb_flow_dissect_flow_keys(skb, &keys, flag); 1829 + 1830 + hash_keys.control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS; 1829 1831 hash_keys.addrs.v4addrs.src = keys.addrs.v4addrs.src; 1830 1832 hash_keys.addrs.v4addrs.dst = keys.addrs.v4addrs.dst; 1831 1833 hash_keys.ports.src = keys.ports.src;
+5 -4
net/ipv4/tcp_output.c
··· 1730 1730 */ 1731 1731 segs = max_t(u32, bytes / mss_now, min_tso_segs); 1732 1732 1733 - return min_t(u32, segs, sk->sk_gso_max_segs); 1733 + return segs; 1734 1734 } 1735 1735 EXPORT_SYMBOL(tcp_tso_autosize); 1736 1736 ··· 1742 1742 const struct tcp_congestion_ops *ca_ops = inet_csk(sk)->icsk_ca_ops; 1743 1743 u32 tso_segs = ca_ops->tso_segs_goal ? ca_ops->tso_segs_goal(sk) : 0; 1744 1744 1745 - return tso_segs ? : 1746 - tcp_tso_autosize(sk, mss_now, 1747 - sock_net(sk)->ipv4.sysctl_tcp_min_tso_segs); 1745 + if (!tso_segs) 1746 + tso_segs = tcp_tso_autosize(sk, mss_now, 1747 + sock_net(sk)->ipv4.sysctl_tcp_min_tso_segs); 1748 + return min_t(u32, tso_segs, sk->sk_gso_max_segs); 1748 1749 } 1749 1750 1750 1751 /* Returns the portion of skb which can be sent right away */
+2 -8
net/ipv6/ipv6_sockglue.c
··· 1367 1367 if (get_user(len, optlen)) 1368 1368 return -EFAULT; 1369 1369 1370 - lock_sock(sk); 1371 - err = nf_getsockopt(sk, PF_INET6, optname, optval, 1372 - &len); 1373 - release_sock(sk); 1370 + err = nf_getsockopt(sk, PF_INET6, optname, optval, &len); 1374 1371 if (err >= 0) 1375 1372 err = put_user(len, optlen); 1376 1373 } ··· 1406 1409 if (get_user(len, optlen)) 1407 1410 return -EFAULT; 1408 1411 1409 - lock_sock(sk); 1410 - err = compat_nf_getsockopt(sk, PF_INET6, 1411 - optname, optval, &len); 1412 - release_sock(sk); 1412 + err = compat_nf_getsockopt(sk, PF_INET6, optname, optval, &len); 1413 1413 if (err >= 0) 1414 1414 err = put_user(len, optlen); 1415 1415 }
+4
net/ipv6/netfilter/ip6_tables.c
··· 352 352 } 353 353 if (table_base + v != ip6t_next_entry(e) && 354 354 !(e->ipv6.flags & IP6T_F_GOTO)) { 355 + if (unlikely(stackidx >= private->stacksize)) { 356 + verdict = NF_DROP; 357 + break; 358 + } 355 359 jumpstack[stackidx++] = e; 356 360 } 357 361
+2 -2
net/ipv6/netfilter/ip6t_REJECT.c
··· 85 85 const struct ip6t_entry *e = par->entryinfo; 86 86 87 87 if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) { 88 - pr_info("ECHOREPLY is not supported.\n"); 88 + pr_info_ratelimited("ECHOREPLY is not supported\n"); 89 89 return -EINVAL; 90 90 } else if (rejinfo->with == IP6T_TCP_RESET) { 91 91 /* Must specify that it's a TCP packet */ 92 92 if (!(e->ipv6.flags & IP6T_F_PROTO) || 93 93 e->ipv6.proto != IPPROTO_TCP || 94 94 (e->ipv6.invflags & XT_INV_PROTO)) { 95 - pr_info("TCP_RESET illegal for non-tcp\n"); 95 + pr_info_ratelimited("TCP_RESET illegal for non-tcp\n"); 96 96 return -EINVAL; 97 97 } 98 98 }
+3 -3
net/ipv6/netfilter/ip6t_rpfilter.c
··· 103 103 unsigned int options = ~XT_RPFILTER_OPTION_MASK; 104 104 105 105 if (info->flags & options) { 106 - pr_info("unknown options encountered"); 106 + pr_info_ratelimited("unknown options\n"); 107 107 return -EINVAL; 108 108 } 109 109 110 110 if (strcmp(par->table, "mangle") != 0 && 111 111 strcmp(par->table, "raw") != 0) { 112 - pr_info("match only valid in the \'raw\' " 113 - "or \'mangle\' tables, not \'%s\'.\n", par->table); 112 + pr_info_ratelimited("only valid in \'raw\' or \'mangle\' table, not \'%s\'\n", 113 + par->table); 114 114 return -EINVAL; 115 115 } 116 116
+4 -2
net/ipv6/netfilter/ip6t_srh.c
··· 122 122 const struct ip6t_srh *srhinfo = par->matchinfo; 123 123 124 124 if (srhinfo->mt_flags & ~IP6T_SRH_MASK) { 125 - pr_err("unknown srh match flags %X\n", srhinfo->mt_flags); 125 + pr_info_ratelimited("unknown srh match flags %X\n", 126 + srhinfo->mt_flags); 126 127 return -EINVAL; 127 128 } 128 129 129 130 if (srhinfo->mt_invflags & ~IP6T_SRH_INV_MASK) { 130 - pr_err("unknown srh invflags %X\n", srhinfo->mt_invflags); 131 + pr_info_ratelimited("unknown srh invflags %X\n", 132 + srhinfo->mt_invflags); 131 133 return -EINVAL; 132 134 } 133 135
+1 -1
net/ipv6/sit.c
··· 182 182 #ifdef CONFIG_IPV6_SIT_6RD 183 183 struct ip_tunnel *t = netdev_priv(dev); 184 184 185 - if (t->dev == sitn->fb_tunnel_dev) { 185 + if (dev == sitn->fb_tunnel_dev) { 186 186 ipv6_addr_set(&t->ip6rd.prefix, htonl(0x20020000), 0, 0, 0); 187 187 t->ip6rd.relay_prefix = 0; 188 188 t->ip6rd.prefixlen = 16;
+1 -3
net/mac80211/agg-rx.c
··· 8 8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 9 9 * Copyright 2007-2010, Intel Corporation 10 10 * Copyright(c) 2015-2017 Intel Deutschland GmbH 11 + * Copyright (C) 2018 Intel Corporation 11 12 * 12 13 * This program is free software; you can redistribute it and/or modify 13 14 * it under the terms of the GNU General Public License version 2 as ··· 305 304 * driver so reject the timeout update. 306 305 */ 307 306 status = WLAN_STATUS_REQUEST_DECLINED; 308 - ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, 309 - tid, dialog_token, status, 310 - 1, buf_size, timeout); 311 307 goto end; 312 308 } 313 309
+1 -1
net/mac80211/cfg.c
··· 2892 2892 } 2893 2893 if (beacon->probe_resp_len) { 2894 2894 new_beacon->probe_resp_len = beacon->probe_resp_len; 2895 - beacon->probe_resp = pos; 2895 + new_beacon->probe_resp = pos; 2896 2896 memcpy(pos, beacon->probe_resp, beacon->probe_resp_len); 2897 2897 pos += beacon->probe_resp_len; 2898 2898 }
+1 -1
net/mac80211/ieee80211_i.h
··· 1467 1467 const struct ieee80211_timeout_interval_ie *timeout_int; 1468 1468 const u8 *opmode_notif; 1469 1469 const struct ieee80211_sec_chan_offs_ie *sec_chan_offs; 1470 - const struct ieee80211_mesh_chansw_params_ie *mesh_chansw_params_ie; 1470 + struct ieee80211_mesh_chansw_params_ie *mesh_chansw_params_ie; 1471 1471 const struct ieee80211_bss_max_idle_period_ie *max_idle_period_ie; 1472 1472 1473 1473 /* length of them, respectively */
+6 -11
net/mac80211/mesh.c
··· 1255 1255 } 1256 1256 1257 1257 static int mesh_fwd_csa_frame(struct ieee80211_sub_if_data *sdata, 1258 - struct ieee80211_mgmt *mgmt, size_t len) 1258 + struct ieee80211_mgmt *mgmt, size_t len, 1259 + struct ieee802_11_elems *elems) 1259 1260 { 1260 1261 struct ieee80211_mgmt *mgmt_fwd; 1261 1262 struct sk_buff *skb; 1262 1263 struct ieee80211_local *local = sdata->local; 1263 - u8 *pos = mgmt->u.action.u.chan_switch.variable; 1264 - size_t offset_ttl; 1265 1264 1266 1265 skb = dev_alloc_skb(local->tx_headroom + len); 1267 1266 if (!skb) ··· 1268 1269 skb_reserve(skb, local->tx_headroom); 1269 1270 mgmt_fwd = skb_put(skb, len); 1270 1271 1271 - /* offset_ttl is based on whether the secondary channel 1272 - * offset is available or not. Subtract 1 from the mesh TTL 1273 - * and disable the initiator flag before forwarding. 1274 - */ 1275 - offset_ttl = (len < 42) ? 7 : 10; 1276 - *(pos + offset_ttl) -= 1; 1277 - *(pos + offset_ttl + 1) &= ~WLAN_EID_CHAN_SWITCH_PARAM_INITIATOR; 1272 + elems->mesh_chansw_params_ie->mesh_ttl--; 1273 + elems->mesh_chansw_params_ie->mesh_flags &= 1274 + ~WLAN_EID_CHAN_SWITCH_PARAM_INITIATOR; 1278 1275 1279 1276 memcpy(mgmt_fwd, mgmt, len); 1280 1277 eth_broadcast_addr(mgmt_fwd->da); ··· 1318 1323 1319 1324 /* forward or re-broadcast the CSA frame */ 1320 1325 if (fwd_csa) { 1321 - if (mesh_fwd_csa_frame(sdata, mgmt, len) < 0) 1326 + if (mesh_fwd_csa_frame(sdata, mgmt, len, &elems) < 0) 1322 1327 mcsa_dbg(sdata, "Failed to forward the CSA frame"); 1323 1328 } 1324 1329 }
+3 -4
net/mac80211/spectmgmt.c
··· 8 8 * Copyright 2007, Michael Wu <flamingice@sourmilk.net> 9 9 * Copyright 2007-2008, Intel Corporation 10 10 * Copyright 2008, Johannes Berg <johannes@sipsolutions.net> 11 + * Copyright (C) 2018 Intel Corporation 11 12 * 12 13 * This program is free software; you can redistribute it and/or modify 13 14 * it under the terms of the GNU General Public License version 2 as ··· 28 27 u32 sta_flags, u8 *bssid, 29 28 struct ieee80211_csa_ie *csa_ie) 30 29 { 31 - enum nl80211_band new_band; 30 + enum nl80211_band new_band = current_band; 32 31 int new_freq; 33 32 u8 new_chan_no; 34 33 struct ieee80211_channel *new_chan; ··· 56 55 elems->ext_chansw_ie->new_operating_class, 57 56 &new_band)) { 58 57 sdata_info(sdata, 59 - "cannot understand ECSA IE operating class %d, disconnecting\n", 58 + "cannot understand ECSA IE operating class, %d, ignoring\n", 60 59 elems->ext_chansw_ie->new_operating_class); 61 - return -EINVAL; 62 60 } 63 61 new_chan_no = elems->ext_chansw_ie->new_ch_num; 64 62 csa_ie->count = elems->ext_chansw_ie->count; 65 63 csa_ie->mode = elems->ext_chansw_ie->mode; 66 64 } else if (elems->ch_switch_ie) { 67 - new_band = current_band; 68 65 new_chan_no = elems->ch_switch_ie->new_ch_num; 69 66 csa_ie->count = elems->ch_switch_ie->count; 70 67 csa_ie->mode = elems->ch_switch_ie->mode;
+2 -1
net/mac80211/sta_info.c
··· 314 314 315 315 if (ieee80211_hw_check(hw, USES_RSS)) { 316 316 sta->pcpu_rx_stats = 317 - alloc_percpu(struct ieee80211_sta_rx_stats); 317 + alloc_percpu_gfp(struct ieee80211_sta_rx_stats, gfp); 318 318 if (!sta->pcpu_rx_stats) 319 319 goto free; 320 320 } ··· 433 433 if (sta->sta.txq[0]) 434 434 kfree(to_txq_info(sta->sta.txq[0])); 435 435 free: 436 + free_percpu(sta->pcpu_rx_stats); 436 437 #ifdef CONFIG_MAC80211_MESH 437 438 kfree(sta->mesh); 438 439 #endif
+5 -2
net/netfilter/nf_nat_proto_common.c
··· 41 41 const struct nf_conn *ct, 42 42 u16 *rover) 43 43 { 44 - unsigned int range_size, min, i; 44 + unsigned int range_size, min, max, i; 45 45 __be16 *portptr; 46 46 u_int16_t off; 47 47 ··· 71 71 } 72 72 } else { 73 73 min = ntohs(range->min_proto.all); 74 - range_size = ntohs(range->max_proto.all) - min + 1; 74 + max = ntohs(range->max_proto.all); 75 + if (unlikely(max < min)) 76 + swap(max, min); 77 + range_size = max - min + 1; 75 78 } 76 79 77 80 if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) {
+34 -40
net/netfilter/x_tables.c
··· 434 434 * ebt_among is exempt from centralized matchsize checking 435 435 * because it uses a dynamic-size data set. 436 436 */ 437 - pr_err("%s_tables: %s.%u match: invalid size " 438 - "%u (kernel) != (user) %u\n", 439 - xt_prefix[par->family], par->match->name, 440 - par->match->revision, 441 - XT_ALIGN(par->match->matchsize), size); 437 + pr_err_ratelimited("%s_tables: %s.%u match: invalid size %u (kernel) != (user) %u\n", 438 + xt_prefix[par->family], par->match->name, 439 + par->match->revision, 440 + XT_ALIGN(par->match->matchsize), size); 442 441 return -EINVAL; 443 442 } 444 443 if (par->match->table != NULL && 445 444 strcmp(par->match->table, par->table) != 0) { 446 - pr_err("%s_tables: %s match: only valid in %s table, not %s\n", 447 - xt_prefix[par->family], par->match->name, 448 - par->match->table, par->table); 445 + pr_info_ratelimited("%s_tables: %s match: only valid in %s table, not %s\n", 446 + xt_prefix[par->family], par->match->name, 447 + par->match->table, par->table); 449 448 return -EINVAL; 450 449 } 451 450 if (par->match->hooks && (par->hook_mask & ~par->match->hooks) != 0) { 452 451 char used[64], allow[64]; 453 452 454 - pr_err("%s_tables: %s match: used from hooks %s, but only " 455 - "valid from %s\n", 456 - xt_prefix[par->family], par->match->name, 457 - textify_hooks(used, sizeof(used), par->hook_mask, 458 - par->family), 459 - textify_hooks(allow, sizeof(allow), par->match->hooks, 460 - par->family)); 453 + pr_info_ratelimited("%s_tables: %s match: used from hooks %s, but only valid from %s\n", 454 + xt_prefix[par->family], par->match->name, 455 + textify_hooks(used, sizeof(used), 456 + par->hook_mask, par->family), 457 + textify_hooks(allow, sizeof(allow), 458 + par->match->hooks, 459 + par->family)); 461 460 return -EINVAL; 462 461 } 463 462 if (par->match->proto && (par->match->proto != proto || inv_proto)) { 464 - pr_err("%s_tables: %s match: only valid for protocol %u\n", 465 - xt_prefix[par->family], par->match->name, 466 - par->match->proto); 463 + pr_info_ratelimited("%s_tables: %s match: only valid for protocol %u\n", 464 + xt_prefix[par->family], par->match->name, 465 + par->match->proto); 467 466 return -EINVAL; 468 467 } 469 468 if (par->match->checkentry != NULL) { ··· 813 814 int ret; 814 815 815 816 if (XT_ALIGN(par->target->targetsize) != size) { 816 - pr_err("%s_tables: %s.%u target: invalid size " 817 - "%u (kernel) != (user) %u\n", 818 - xt_prefix[par->family], par->target->name, 819 - par->target->revision, 820 - XT_ALIGN(par->target->targetsize), size); 817 + pr_err_ratelimited("%s_tables: %s.%u target: invalid size %u (kernel) != (user) %u\n", 818 + xt_prefix[par->family], par->target->name, 819 + par->target->revision, 820 + XT_ALIGN(par->target->targetsize), size); 821 821 return -EINVAL; 822 822 } 823 823 if (par->target->table != NULL && 824 824 strcmp(par->target->table, par->table) != 0) { 825 - pr_err("%s_tables: %s target: only valid in %s table, not %s\n", 826 - xt_prefix[par->family], par->target->name, 827 - par->target->table, par->table); 825 + pr_info_ratelimited("%s_tables: %s target: only valid in %s table, not %s\n", 826 + xt_prefix[par->family], par->target->name, 827 + par->target->table, par->table); 828 828 return -EINVAL; 829 829 } 830 830 if (par->target->hooks && (par->hook_mask & ~par->target->hooks) != 0) { 831 831 char used[64], allow[64]; 832 832 833 - pr_err("%s_tables: %s target: used from hooks %s, but only " 834 - "usable from %s\n", 835 - xt_prefix[par->family], par->target->name, 836 - textify_hooks(used, sizeof(used), par->hook_mask, 837 - par->family), 838 - textify_hooks(allow, sizeof(allow), par->target->hooks, 839 - par->family)); 833 + pr_info_ratelimited("%s_tables: %s target: used from hooks %s, but only usable from %s\n", 834 + xt_prefix[par->family], par->target->name, 835 + textify_hooks(used, sizeof(used), 836 + par->hook_mask, par->family), 837 + textify_hooks(allow, sizeof(allow), 838 + par->target->hooks, 839 + par->family)); 840 840 return -EINVAL; 841 841 } 842 842 if (par->target->proto && (par->target->proto != proto || inv_proto)) { 843 - pr_err("%s_tables: %s target: only valid for protocol %u\n", 844 - xt_prefix[par->family], par->target->name, 845 - par->target->proto); 843 + pr_info_ratelimited("%s_tables: %s target: only valid for protocol %u\n", 844 + xt_prefix[par->family], par->target->name, 845 + par->target->proto); 846 846 return -EINVAL; 847 847 } 848 848 if (par->target->checkentry != NULL) { ··· 1000 1002 size_t sz = sizeof(*info) + size; 1001 1003 1002 1004 if (sz < sizeof(*info)) 1003 - return NULL; 1004 - 1005 - /* Pedantry: prevent them from hitting BUG() in vmalloc.c --RR */ 1006 - if ((size >> PAGE_SHIFT) + 2 > totalram_pages) 1007 1005 return NULL; 1008 1006 1009 1007 /* __GFP_NORETRY is not fully supported by kvmalloc but it should
+2 -2
net/netfilter/xt_AUDIT.c
··· 120 120 const struct xt_audit_info *info = par->targinfo; 121 121 122 122 if (info->type > XT_AUDIT_TYPE_MAX) { 123 - pr_info("Audit type out of range (valid range: 0..%hhu)\n", 124 - XT_AUDIT_TYPE_MAX); 123 + pr_info_ratelimited("Audit type out of range (valid range: 0..%hhu)\n", 124 + XT_AUDIT_TYPE_MAX); 125 125 return -ERANGE; 126 126 } 127 127
+4 -4
net/netfilter/xt_CHECKSUM.c
··· 36 36 const struct xt_CHECKSUM_info *einfo = par->targinfo; 37 37 38 38 if (einfo->operation & ~XT_CHECKSUM_OP_FILL) { 39 - pr_info("unsupported CHECKSUM operation %x\n", einfo->operation); 39 + pr_info_ratelimited("unsupported CHECKSUM operation %x\n", 40 + einfo->operation); 40 41 return -EINVAL; 41 42 } 42 - if (!einfo->operation) { 43 - pr_info("no CHECKSUM operation enabled\n"); 43 + if (!einfo->operation) 44 44 return -EINVAL; 45 - } 45 + 46 46 return 0; 47 47 } 48 48
+5 -5
net/netfilter/xt_CONNSECMARK.c
··· 91 91 92 92 if (strcmp(par->table, "mangle") != 0 && 93 93 strcmp(par->table, "security") != 0) { 94 - pr_info("target only valid in the \'mangle\' " 95 - "or \'security\' tables, not \'%s\'.\n", par->table); 94 + pr_info_ratelimited("only valid in \'mangle\' or \'security\' table, not \'%s\'\n", 95 + par->table); 96 96 return -EINVAL; 97 97 } 98 98 ··· 102 102 break; 103 103 104 104 default: 105 - pr_info("invalid mode: %hu\n", info->mode); 105 + pr_info_ratelimited("invalid mode: %hu\n", info->mode); 106 106 return -EINVAL; 107 107 } 108 108 109 109 ret = nf_ct_netns_get(par->net, par->family); 110 110 if (ret < 0) 111 - pr_info("cannot load conntrack support for proto=%u\n", 112 - par->family); 111 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 112 + par->family); 113 113 return ret; 114 114 } 115 115
+13 -12
net/netfilter/xt_CT.c
··· 82 82 83 83 proto = xt_ct_find_proto(par); 84 84 if (!proto) { 85 - pr_info("You must specify a L4 protocol, and not use " 86 - "inversions on it.\n"); 85 + pr_info_ratelimited("You must specify a L4 protocol and not use inversions on it\n"); 87 86 return -ENOENT; 88 87 } 89 88 90 89 helper = nf_conntrack_helper_try_module_get(helper_name, par->family, 91 90 proto); 92 91 if (helper == NULL) { 93 - pr_info("No such helper \"%s\"\n", helper_name); 92 + pr_info_ratelimited("No such helper \"%s\"\n", helper_name); 94 93 return -ENOENT; 95 94 } 96 95 ··· 123 124 const struct nf_conntrack_l4proto *l4proto; 124 125 struct ctnl_timeout *timeout; 125 126 struct nf_conn_timeout *timeout_ext; 127 + const char *errmsg = NULL; 126 128 int ret = 0; 127 129 u8 proto; 128 130 ··· 131 131 timeout_find_get = rcu_dereference(nf_ct_timeout_find_get_hook); 132 132 if (timeout_find_get == NULL) { 133 133 ret = -ENOENT; 134 - pr_info("Timeout policy base is empty\n"); 134 + errmsg = "Timeout policy base is empty"; 135 135 goto out; 136 136 } 137 137 138 138 proto = xt_ct_find_proto(par); 139 139 if (!proto) { 140 140 ret = -EINVAL; 141 - pr_info("You must specify a L4 protocol, and not use " 142 - "inversions on it.\n"); 141 + errmsg = "You must specify a L4 protocol and not use inversions on it"; 143 142 goto out; 144 143 } 145 144 146 145 timeout = timeout_find_get(par->net, timeout_name); 147 146 if (timeout == NULL) { 148 147 ret = -ENOENT; 149 - pr_info("No such timeout policy \"%s\"\n", timeout_name); 148 + pr_info_ratelimited("No such timeout policy \"%s\"\n", 149 + timeout_name); 150 150 goto out; 151 151 } 152 152 153 153 if (timeout->l3num != par->family) { 154 154 ret = -EINVAL; 155 - pr_info("Timeout policy `%s' can only be used by L3 protocol " 156 - "number %d\n", timeout_name, timeout->l3num); 155 + pr_info_ratelimited("Timeout policy `%s' can only be used by L%d protocol number %d\n", 156 + timeout_name, 3, timeout->l3num); 157 157 goto err_put_timeout; 158 158 } 159 159 /* Make sure the timeout policy matches any existing protocol tracker, ··· 162 162 l4proto = __nf_ct_l4proto_find(par->family, proto); 163 163 if (timeout->l4proto->l4proto != l4proto->l4proto) { 164 164 ret = -EINVAL; 165 - pr_info("Timeout policy `%s' can only be used by L4 protocol " 166 - "number %d\n", 167 - timeout_name, timeout->l4proto->l4proto); 165 + pr_info_ratelimited("Timeout policy `%s' can only be used by L%d protocol number %d\n", 166 + timeout_name, 4, timeout->l4proto->l4proto); 168 167 goto err_put_timeout; 169 168 } 170 169 timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC); ··· 179 180 __xt_ct_tg_timeout_put(timeout); 180 181 out: 181 182 rcu_read_unlock(); 183 + if (errmsg) 184 + pr_info_ratelimited("%s\n", errmsg); 182 185 return ret; 183 186 #else 184 187 return -EOPNOTSUPP;
+1 -3
net/netfilter/xt_DSCP.c
··· 66 66 { 67 67 const struct xt_DSCP_info *info = par->targinfo; 68 68 69 - if (info->dscp > XT_DSCP_MAX) { 70 - pr_info("dscp %x out of range\n", info->dscp); 69 + if (info->dscp > XT_DSCP_MAX) 71 70 return -EDOM; 72 - } 73 71 return 0; 74 72 } 75 73
+3 -10
net/netfilter/xt_HL.c
··· 105 105 { 106 106 const struct ipt_TTL_info *info = par->targinfo; 107 107 108 - if (info->mode > IPT_TTL_MAXMODE) { 109 - pr_info("TTL: invalid or unknown mode %u\n", info->mode); 108 + if (info->mode > IPT_TTL_MAXMODE) 110 109 return -EINVAL; 111 - } 112 110 if (info->mode != IPT_TTL_SET && info->ttl == 0) 113 111 return -EINVAL; 114 112 return 0; ··· 116 118 { 117 119 const struct ip6t_HL_info *info = par->targinfo; 118 120 119 - if (info->mode > IP6T_HL_MAXMODE) { 120 - pr_info("invalid or unknown mode %u\n", info->mode); 121 + if (info->mode > IP6T_HL_MAXMODE) 121 122 return -EINVAL; 122 - } 123 - if (info->mode != IP6T_HL_SET && info->hop_limit == 0) { 124 - pr_info("increment/decrement does not " 125 - "make sense with value 0\n"); 123 + if (info->mode != IP6T_HL_SET && info->hop_limit == 0) 126 124 return -EINVAL; 127 - } 128 125 return 0; 129 126 } 130 127
+15 -12
net/netfilter/xt_HMARK.c
··· 9 9 * the Free Software Foundation. 10 10 */ 11 11 12 + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 + 12 14 #include <linux/module.h> 13 15 #include <linux/skbuff.h> 14 16 #include <linux/icmp.h> ··· 314 312 static int hmark_tg_check(const struct xt_tgchk_param *par) 315 313 { 316 314 const struct xt_hmark_info *info = par->targinfo; 315 + const char *errmsg = "proto mask must be zero with L3 mode"; 317 316 318 - if (!info->hmodulus) { 319 - pr_info("xt_HMARK: hash modulus can't be zero\n"); 317 + if (!info->hmodulus) 320 318 return -EINVAL; 321 - } 319 + 322 320 if (info->proto_mask && 323 - (info->flags & XT_HMARK_FLAG(XT_HMARK_METHOD_L3))) { 324 - pr_info("xt_HMARK: proto mask must be zero with L3 mode\n"); 325 - return -EINVAL; 326 - } 321 + (info->flags & XT_HMARK_FLAG(XT_HMARK_METHOD_L3))) 322 + goto err; 323 + 327 324 if (info->flags & XT_HMARK_FLAG(XT_HMARK_SPI_MASK) && 328 325 (info->flags & (XT_HMARK_FLAG(XT_HMARK_SPORT_MASK) | 329 - XT_HMARK_FLAG(XT_HMARK_DPORT_MASK)))) { 330 - pr_info("xt_HMARK: spi-mask and port-mask can't be combined\n"); 326 + XT_HMARK_FLAG(XT_HMARK_DPORT_MASK)))) 331 327 return -EINVAL; 332 - } 328 + 333 329 if (info->flags & XT_HMARK_FLAG(XT_HMARK_SPI) && 334 330 (info->flags & (XT_HMARK_FLAG(XT_HMARK_SPORT) | 335 331 XT_HMARK_FLAG(XT_HMARK_DPORT)))) { 336 - pr_info("xt_HMARK: spi-set and port-set can't be combined\n"); 337 - return -EINVAL; 332 + errmsg = "spi-set and port-set can't be combined"; 333 + goto err; 338 334 } 339 335 return 0; 336 + err: 337 + pr_info_ratelimited("%s\n", errmsg); 338 + return -EINVAL; 340 339 } 341 340 342 341 static struct xt_target hmark_tg_reg[] __read_mostly = {
+6 -3
net/netfilter/xt_IDLETIMER.c
··· 146 146 timer_setup(&info->timer->timer, idletimer_tg_expired, 0); 147 147 info->timer->refcnt = 1; 148 148 149 + INIT_WORK(&info->timer->work, idletimer_tg_work); 150 + 149 151 mod_timer(&info->timer->timer, 150 152 msecs_to_jiffies(info->timeout * 1000) + jiffies); 151 - 152 - INIT_WORK(&info->timer->work, idletimer_tg_work); 153 153 154 154 return 0; 155 155 ··· 191 191 pr_debug("timeout value is zero\n"); 192 192 return -EINVAL; 193 193 } 194 - 194 + if (info->timeout >= INT_MAX / 1000) { 195 + pr_debug("timeout value is too big\n"); 196 + return -EINVAL; 197 + } 195 198 if (info->label[0] == '\0' || 196 199 strnlen(info->label, 197 200 MAX_IDLETIMER_LABEL_SIZE) == MAX_IDLETIMER_LABEL_SIZE) {
+7 -9
net/netfilter/xt_LED.c
··· 111 111 struct xt_led_info_internal *ledinternal; 112 112 int err; 113 113 114 - if (ledinfo->id[0] == '\0') { 115 - pr_info("No 'id' parameter given.\n"); 114 + if (ledinfo->id[0] == '\0') 116 115 return -EINVAL; 117 - } 118 116 119 117 mutex_lock(&xt_led_mutex); 120 118 ··· 136 138 137 139 err = led_trigger_register(&ledinternal->netfilter_led_trigger); 138 140 if (err) { 139 - pr_err("Trigger name is already in use.\n"); 141 + pr_info_ratelimited("Trigger name is already in use.\n"); 140 142 goto exit_alloc; 141 143 } 142 144 143 - /* See if we need to set up a timer */ 144 - if (ledinfo->delay > 0) 145 - timer_setup(&ledinternal->timer, led_timeout_callback, 0); 145 + /* Since the letinternal timer can be shared between multiple targets, 146 + * always set it up, even if the current target does not need it 147 + */ 148 + timer_setup(&ledinternal->timer, led_timeout_callback, 0); 146 149 147 150 list_add_tail(&ledinternal->list, &xt_led_triggers); 148 151 ··· 180 181 181 182 list_del(&ledinternal->list); 182 183 183 - if (ledinfo->delay > 0) 184 - del_timer_sync(&ledinternal->timer); 184 + del_timer_sync(&ledinternal->timer); 185 185 186 186 led_trigger_unregister(&ledinternal->netfilter_led_trigger); 187 187
+5 -3
net/netfilter/xt_NFQUEUE.c
··· 8 8 * 9 9 */ 10 10 11 + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 + 11 13 #include <linux/module.h> 12 14 #include <linux/skbuff.h> 13 15 ··· 69 67 init_hashrandom(&jhash_initval); 70 68 71 69 if (info->queues_total == 0) { 72 - pr_err("NFQUEUE: number of total queues is 0\n"); 70 + pr_info_ratelimited("number of total queues is 0\n"); 73 71 return -EINVAL; 74 72 } 75 73 maxid = info->queues_total - 1 + info->queuenum; 76 74 if (maxid > 0xffff) { 77 - pr_err("NFQUEUE: number of queues (%u) out of range (got %u)\n", 78 - info->queues_total, maxid); 75 + pr_info_ratelimited("number of queues (%u) out of range (got %u)\n", 76 + info->queues_total, maxid); 79 77 return -ERANGE; 80 78 } 81 79 if (par->target->revision == 2 && info->flags > 1)
+10 -8
net/netfilter/xt_SECMARK.c
··· 60 60 &info->secid); 61 61 if (err) { 62 62 if (err == -EINVAL) 63 - pr_info("invalid security context \'%s\'\n", info->secctx); 63 + pr_info_ratelimited("invalid security context \'%s\'\n", 64 + info->secctx); 64 65 return err; 65 66 } 66 67 67 68 if (!info->secid) { 68 - pr_info("unable to map security context \'%s\'\n", info->secctx); 69 + pr_info_ratelimited("unable to map security context \'%s\'\n", 70 + info->secctx); 69 71 return -ENOENT; 70 72 } 71 73 72 74 err = security_secmark_relabel_packet(info->secid); 73 75 if (err) { 74 - pr_info("unable to obtain relabeling permission\n"); 76 + pr_info_ratelimited("unable to obtain relabeling permission\n"); 75 77 return err; 76 78 } 77 79 ··· 88 86 89 87 if (strcmp(par->table, "mangle") != 0 && 90 88 strcmp(par->table, "security") != 0) { 91 - pr_info("target only valid in the \'mangle\' " 92 - "or \'security\' tables, not \'%s\'.\n", par->table); 89 + pr_info_ratelimited("only valid in \'mangle\' or \'security\' table, not \'%s\'\n", 90 + par->table); 93 91 return -EINVAL; 94 92 } 95 93 96 94 if (mode && mode != info->mode) { 97 - pr_info("mode already set to %hu cannot mix with " 98 - "rules for mode %hu\n", mode, info->mode); 95 + pr_info_ratelimited("mode already set to %hu cannot mix with rules for mode %hu\n", 96 + mode, info->mode); 99 97 return -EINVAL; 100 98 } 101 99 ··· 103 101 case SECMARK_MODE_SEL: 104 102 break; 105 103 default: 106 - pr_info("invalid mode: %hu\n", info->mode); 104 + pr_info_ratelimited("invalid mode: %hu\n", info->mode); 107 105 return -EINVAL; 108 106 } 109 107
+4 -6
net/netfilter/xt_TCPMSS.c
··· 273 273 (par->hook_mask & ~((1 << NF_INET_FORWARD) | 274 274 (1 << NF_INET_LOCAL_OUT) | 275 275 (1 << NF_INET_POST_ROUTING))) != 0) { 276 - pr_info("path-MTU clamping only supported in " 277 - "FORWARD, OUTPUT and POSTROUTING hooks\n"); 276 + pr_info_ratelimited("path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks\n"); 278 277 return -EINVAL; 279 278 } 280 279 if (par->nft_compat) ··· 282 283 xt_ematch_foreach(ematch, e) 283 284 if (find_syn_match(ematch)) 284 285 return 0; 285 - pr_info("Only works on TCP SYN packets\n"); 286 + pr_info_ratelimited("Only works on TCP SYN packets\n"); 286 287 return -EINVAL; 287 288 } 288 289 ··· 297 298 (par->hook_mask & ~((1 << NF_INET_FORWARD) | 298 299 (1 << NF_INET_LOCAL_OUT) | 299 300 (1 << NF_INET_POST_ROUTING))) != 0) { 300 - pr_info("path-MTU clamping only supported in " 301 - "FORWARD, OUTPUT and POSTROUTING hooks\n"); 301 + pr_info_ratelimited("path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks\n"); 302 302 return -EINVAL; 303 303 } 304 304 if (par->nft_compat) ··· 306 308 xt_ematch_foreach(ematch, e) 307 309 if (find_syn_match(ematch)) 308 310 return 0; 309 - pr_info("Only works on TCP SYN packets\n"); 311 + pr_info_ratelimited("Only works on TCP SYN packets\n"); 310 312 return -EINVAL; 311 313 } 312 314 #endif
+2 -4
net/netfilter/xt_TPROXY.c
··· 540 540 !(i->invflags & IP6T_INV_PROTO)) 541 541 return 0; 542 542 543 - pr_info("Can be used only in combination with " 544 - "either -p tcp or -p udp\n"); 543 + pr_info_ratelimited("Can be used only with -p tcp or -p udp\n"); 545 544 return -EINVAL; 546 545 } 547 546 #endif ··· 558 559 && !(i->invflags & IPT_INV_PROTO)) 559 560 return 0; 560 561 561 - pr_info("Can be used only in combination with " 562 - "either -p tcp or -p udp\n"); 562 + pr_info_ratelimited("Can be used only with -p tcp or -p udp\n"); 563 563 return -EINVAL; 564 564 } 565 565
+16 -17
net/netfilter/xt_addrtype.c
··· 164 164 165 165 static int addrtype_mt_checkentry_v1(const struct xt_mtchk_param *par) 166 166 { 167 + const char *errmsg = "both incoming and outgoing interface limitation cannot be selected"; 167 168 struct xt_addrtype_info_v1 *info = par->matchinfo; 168 169 169 170 if (info->flags & XT_ADDRTYPE_LIMIT_IFACE_IN && 170 - info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT) { 171 - pr_info("both incoming and outgoing " 172 - "interface limitation cannot be selected\n"); 173 - return -EINVAL; 174 - } 171 + info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT) 172 + goto err; 175 173 176 174 if (par->hook_mask & ((1 << NF_INET_PRE_ROUTING) | 177 175 (1 << NF_INET_LOCAL_IN)) && 178 176 info->flags & XT_ADDRTYPE_LIMIT_IFACE_OUT) { 179 - pr_info("output interface limitation " 180 - "not valid in PREROUTING and INPUT\n"); 181 - return -EINVAL; 177 + errmsg = "output interface limitation not valid in PREROUTING and INPUT"; 178 + goto err; 182 179 } 183 180 184 181 if (par->hook_mask & ((1 << NF_INET_POST_ROUTING) | 185 182 (1 << NF_INET_LOCAL_OUT)) && 186 183 info->flags & XT_ADDRTYPE_LIMIT_IFACE_IN) { 187 - pr_info("input interface limitation " 188 - "not valid in POSTROUTING and OUTPUT\n"); 189 - return -EINVAL; 184 + errmsg = "input interface limitation not valid in POSTROUTING and OUTPUT"; 185 + goto err; 190 186 } 191 187 192 188 #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) 193 189 if (par->family == NFPROTO_IPV6) { 194 190 if ((info->source | info->dest) & XT_ADDRTYPE_BLACKHOLE) { 195 - pr_err("ipv6 BLACKHOLE matching not supported\n"); 196 - return -EINVAL; 191 + errmsg = "ipv6 BLACKHOLE matching not supported"; 192 + goto err; 197 193 } 198 194 if ((info->source | info->dest) >= XT_ADDRTYPE_PROHIBIT) { 199 - pr_err("ipv6 PROHIBIT (THROW, NAT ..) matching not supported\n"); 200 - return -EINVAL; 195 + errmsg = "ipv6 PROHIBIT (THROW, NAT ..) matching not supported"; 196 + goto err; 201 197 } 202 198 if ((info->source | info->dest) & XT_ADDRTYPE_BROADCAST) { 203 - pr_err("ipv6 does not support BROADCAST matching\n"); 204 - return -EINVAL; 199 + errmsg = "ipv6 does not support BROADCAST matching"; 200 + goto err; 205 201 } 206 202 } 207 203 #endif 208 204 return 0; 205 + err: 206 + pr_info_ratelimited("%s\n", errmsg); 207 + return -EINVAL; 209 208 } 210 209 211 210 static struct xt_match addrtype_mt_reg[] __read_mostly = {
+3 -1
net/netfilter/xt_bpf.c
··· 7 7 * published by the Free Software Foundation. 8 8 */ 9 9 10 + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 11 + 10 12 #include <linux/module.h> 11 13 #include <linux/syscalls.h> 12 14 #include <linux/skbuff.h> ··· 36 34 program.filter = insns; 37 35 38 36 if (bpf_prog_create(ret, &program)) { 39 - pr_info("bpf: check failed: parse error\n"); 37 + pr_info_ratelimited("check failed: parse error\n"); 40 38 return -EINVAL; 41 39 } 42 40
+5 -3
net/netfilter/xt_cgroup.c
··· 12 12 * published by the Free Software Foundation. 13 13 */ 14 14 15 + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 16 + 15 17 #include <linux/skbuff.h> 16 18 #include <linux/module.h> 17 19 #include <linux/netfilter/x_tables.h> ··· 50 48 } 51 49 52 50 if (info->has_path && info->has_classid) { 53 - pr_info("xt_cgroup: both path and classid specified\n"); 51 + pr_info_ratelimited("path and classid specified\n"); 54 52 return -EINVAL; 55 53 } 56 54 ··· 58 56 if (info->has_path) { 59 57 cgrp = cgroup_get_from_path(info->path); 60 58 if (IS_ERR(cgrp)) { 61 - pr_info("xt_cgroup: invalid path, errno=%ld\n", 62 - PTR_ERR(cgrp)); 59 + pr_info_ratelimited("invalid path, errno=%ld\n", 60 + PTR_ERR(cgrp)); 63 61 return -EINVAL; 64 62 } 65 63 info->priv = cgrp;
+3 -5
net/netfilter/xt_cluster.c
··· 135 135 struct xt_cluster_match_info *info = par->matchinfo; 136 136 137 137 if (info->total_nodes > XT_CLUSTER_NODES_MAX) { 138 - pr_info("you have exceeded the maximum " 139 - "number of cluster nodes (%u > %u)\n", 140 - info->total_nodes, XT_CLUSTER_NODES_MAX); 138 + pr_info_ratelimited("you have exceeded the maximum number of cluster nodes (%u > %u)\n", 139 + info->total_nodes, XT_CLUSTER_NODES_MAX); 141 140 return -EINVAL; 142 141 } 143 142 if (info->node_mask >= (1ULL << info->total_nodes)) { 144 - pr_info("this node mask cannot be " 145 - "higher than the total number of nodes\n"); 143 + pr_info_ratelimited("node mask cannot exceed total number of nodes\n"); 146 144 return -EDOM; 147 145 } 148 146 return 0;
+2 -2
net/netfilter/xt_connbytes.c
··· 112 112 113 113 ret = nf_ct_netns_get(par->net, par->family); 114 114 if (ret < 0) 115 - pr_info("cannot load conntrack support for proto=%u\n", 116 - par->family); 115 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 116 + par->family); 117 117 118 118 /* 119 119 * This filter cannot function correctly unless connection tracking
+4 -3
net/netfilter/xt_connlabel.c
··· 57 57 int ret; 58 58 59 59 if (info->options & ~options) { 60 - pr_err("Unknown options in mask %x\n", info->options); 60 + pr_info_ratelimited("Unknown options in mask %x\n", 61 + info->options); 61 62 return -EINVAL; 62 63 } 63 64 64 65 ret = nf_ct_netns_get(par->net, par->family); 65 66 if (ret < 0) { 66 - pr_info("cannot load conntrack support for proto=%u\n", 67 - par->family); 67 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 68 + par->family); 68 69 return ret; 69 70 } 70 71
+4 -4
net/netfilter/xt_connmark.c
··· 79 79 80 80 ret = nf_ct_netns_get(par->net, par->family); 81 81 if (ret < 0) 82 - pr_info("cannot load conntrack support for proto=%u\n", 83 - par->family); 82 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 83 + par->family); 84 84 return ret; 85 85 } 86 86 ··· 109 109 110 110 ret = nf_ct_netns_get(par->net, par->family); 111 111 if (ret < 0) 112 - pr_info("cannot load conntrack support for proto=%u\n", 113 - par->family); 112 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 113 + par->family); 114 114 return ret; 115 115 } 116 116
+2 -2
net/netfilter/xt_conntrack.c
··· 272 272 273 273 ret = nf_ct_netns_get(par->net, par->family); 274 274 if (ret < 0) 275 - pr_info("cannot load conntrack support for proto=%u\n", 276 - par->family); 275 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 276 + par->family); 277 277 return ret; 278 278 } 279 279
+1 -3
net/netfilter/xt_dscp.c
··· 46 46 { 47 47 const struct xt_dscp_info *info = par->matchinfo; 48 48 49 - if (info->dscp > XT_DSCP_MAX) { 50 - pr_info("dscp %x out of range\n", info->dscp); 49 + if (info->dscp > XT_DSCP_MAX) 51 50 return -EDOM; 52 - } 53 51 54 52 return 0; 55 53 }
+2 -2
net/netfilter/xt_ecn.c
··· 97 97 98 98 if (info->operation & (XT_ECN_OP_MATCH_ECE | XT_ECN_OP_MATCH_CWR) && 99 99 (ip->proto != IPPROTO_TCP || ip->invflags & IPT_INV_PROTO)) { 100 - pr_info("cannot match TCP bits in rule for non-tcp packets\n"); 100 + pr_info_ratelimited("cannot match TCP bits for non-tcp packets\n"); 101 101 return -EINVAL; 102 102 } 103 103 ··· 139 139 140 140 if (info->operation & (XT_ECN_OP_MATCH_ECE | XT_ECN_OP_MATCH_CWR) && 141 141 (ip->proto != IPPROTO_TCP || ip->invflags & IP6T_INV_PROTO)) { 142 - pr_info("cannot match TCP bits in rule for non-tcp packets\n"); 142 + pr_info_ratelimited("cannot match TCP bits for non-tcp packets\n"); 143 143 return -EINVAL; 144 144 } 145 145
+14 -12
net/netfilter/xt_hashlimit.c
··· 523 523 if (user != 0) { 524 524 return div64_u64(XT_HASHLIMIT_SCALE_v2, user); 525 525 } else { 526 - pr_warn("invalid rate from userspace: %llu\n", user); 526 + pr_info_ratelimited("invalid rate from userspace: %llu\n", 527 + user); 527 528 return 0; 528 529 } 529 530 } ··· 775 774 if (!dh->rateinfo.prev_window && 776 775 (dh->rateinfo.current_rate <= dh->rateinfo.burst)) { 777 776 spin_unlock(&dh->lock); 778 - rcu_read_unlock_bh(); 777 + local_bh_enable(); 779 778 return !(cfg->mode & XT_HASHLIMIT_INVERT); 780 779 } else { 781 780 goto overlimit; ··· 866 865 } 867 866 868 867 if (cfg->mode & ~XT_HASHLIMIT_ALL) { 869 - pr_info("Unknown mode mask %X, kernel too old?\n", 870 - cfg->mode); 868 + pr_info_ratelimited("Unknown mode mask %X, kernel too old?\n", 869 + cfg->mode); 871 870 return -EINVAL; 872 871 } 873 872 874 873 /* Check for overflow. */ 875 874 if (revision >= 3 && cfg->mode & XT_HASHLIMIT_RATE_MATCH) { 876 875 if (cfg->avg == 0 || cfg->avg > U32_MAX) { 877 - pr_info("hashlimit invalid rate\n"); 876 + pr_info_ratelimited("invalid rate\n"); 878 877 return -ERANGE; 879 878 } 880 879 881 880 if (cfg->interval == 0) { 882 - pr_info("hashlimit invalid interval\n"); 881 + pr_info_ratelimited("invalid interval\n"); 883 882 return -EINVAL; 884 883 } 885 884 } else if (cfg->mode & XT_HASHLIMIT_BYTES) { 886 885 if (user2credits_byte(cfg->avg) == 0) { 887 - pr_info("overflow, rate too high: %llu\n", cfg->avg); 886 + pr_info_ratelimited("overflow, rate too high: %llu\n", 887 + cfg->avg); 888 888 return -EINVAL; 889 889 } 890 890 } else if (cfg->burst == 0 || 891 - user2credits(cfg->avg * cfg->burst, revision) < 892 - user2credits(cfg->avg, revision)) { 893 - pr_info("overflow, try lower: %llu/%llu\n", 894 - cfg->avg, cfg->burst); 895 - return -ERANGE; 891 + user2credits(cfg->avg * cfg->burst, revision) < 892 + user2credits(cfg->avg, revision)) { 893 + pr_info_ratelimited("overflow, try lower: %llu/%llu\n", 894 + cfg->avg, cfg->burst); 895 + return -ERANGE; 896 896 } 897 897 898 898 mutex_lock(&hashlimit_mutex);
+2 -2
net/netfilter/xt_helper.c
··· 61 61 62 62 ret = nf_ct_netns_get(par->net, par->family); 63 63 if (ret < 0) { 64 - pr_info("cannot load conntrack support for proto=%u\n", 65 - par->family); 64 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 65 + par->family); 66 66 return ret; 67 67 } 68 68 info->name[sizeof(info->name) - 1] = '\0';
+1 -1
net/netfilter/xt_ipcomp.c
··· 72 72 73 73 /* Must specify no unknown invflags */ 74 74 if (compinfo->invflags & ~XT_IPCOMP_INV_MASK) { 75 - pr_err("unknown flags %X\n", compinfo->invflags); 75 + pr_info_ratelimited("unknown flags %X\n", compinfo->invflags); 76 76 return -EINVAL; 77 77 } 78 78 return 0;
+2 -1
net/netfilter/xt_ipvs.c
··· 158 158 && par->family != NFPROTO_IPV6 159 159 #endif 160 160 ) { 161 - pr_info("protocol family %u not supported\n", par->family); 161 + pr_info_ratelimited("protocol family %u not supported\n", 162 + par->family); 162 163 return -EINVAL; 163 164 } 164 165
+13 -9
net/netfilter/xt_l2tp.c
··· 216 216 /* Check for invalid flags */ 217 217 if (info->flags & ~(XT_L2TP_TID | XT_L2TP_SID | XT_L2TP_VERSION | 218 218 XT_L2TP_TYPE)) { 219 - pr_info("unknown flags: %x\n", info->flags); 219 + pr_info_ratelimited("unknown flags: %x\n", info->flags); 220 220 return -EINVAL; 221 221 } 222 222 ··· 225 225 (!(info->flags & XT_L2TP_SID)) && 226 226 ((!(info->flags & XT_L2TP_TYPE)) || 227 227 (info->type != XT_L2TP_TYPE_CONTROL))) { 228 - pr_info("invalid flags combination: %x\n", info->flags); 228 + pr_info_ratelimited("invalid flags combination: %x\n", 229 + info->flags); 229 230 return -EINVAL; 230 231 } 231 232 ··· 235 234 */ 236 235 if (info->flags & XT_L2TP_VERSION) { 237 236 if ((info->version < 2) || (info->version > 3)) { 238 - pr_info("wrong L2TP version: %u\n", info->version); 237 + pr_info_ratelimited("wrong L2TP version: %u\n", 238 + info->version); 239 239 return -EINVAL; 240 240 } 241 241 242 242 if (info->version == 2) { 243 243 if ((info->flags & XT_L2TP_TID) && 244 244 (info->tid > 0xffff)) { 245 - pr_info("v2 tid > 0xffff: %u\n", info->tid); 245 + pr_info_ratelimited("v2 tid > 0xffff: %u\n", 246 + info->tid); 246 247 return -EINVAL; 247 248 } 248 249 if ((info->flags & XT_L2TP_SID) && 249 250 (info->sid > 0xffff)) { 250 - pr_info("v2 sid > 0xffff: %u\n", info->sid); 251 + pr_info_ratelimited("v2 sid > 0xffff: %u\n", 252 + info->sid); 251 253 return -EINVAL; 252 254 } 253 255 } ··· 272 268 273 269 if ((ip->proto != IPPROTO_UDP) && 274 270 (ip->proto != IPPROTO_L2TP)) { 275 - pr_info("missing protocol rule (udp|l2tpip)\n"); 271 + pr_info_ratelimited("missing protocol rule (udp|l2tpip)\n"); 276 272 return -EINVAL; 277 273 } 278 274 279 275 if ((ip->proto == IPPROTO_L2TP) && 280 276 (info->version == 2)) { 281 - pr_info("v2 doesn't support IP mode\n"); 277 + pr_info_ratelimited("v2 doesn't support IP mode\n"); 282 278 return -EINVAL; 283 279 } 284 280 ··· 299 295 300 296 if ((ip->proto != IPPROTO_UDP) && 301 297 (ip->proto != IPPROTO_L2TP)) { 302 - pr_info("missing protocol rule (udp|l2tpip)\n"); 298 + pr_info_ratelimited("missing protocol rule (udp|l2tpip)\n"); 303 299 return -EINVAL; 304 300 } 305 301 306 302 if ((ip->proto == IPPROTO_L2TP) && 307 303 (info->version == 2)) { 308 - pr_info("v2 doesn't support IP mode\n"); 304 + pr_info_ratelimited("v2 doesn't support IP mode\n"); 309 305 return -EINVAL; 310 306 } 311 307
+2 -2
net/netfilter/xt_limit.c
··· 106 106 /* Check for overflow. */ 107 107 if (r->burst == 0 108 108 || user2credits(r->avg * r->burst) < user2credits(r->avg)) { 109 - pr_info("Overflow, try lower: %u/%u\n", 110 - r->avg, r->burst); 109 + pr_info_ratelimited("Overflow, try lower: %u/%u\n", 110 + r->avg, r->burst); 111 111 return -ERANGE; 112 112 } 113 113
+3 -2
net/netfilter/xt_nat.c
··· 8 8 * published by the Free Software Foundation. 9 9 */ 10 10 11 + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 12 + 11 13 #include <linux/module.h> 12 14 #include <linux/skbuff.h> 13 15 #include <linux/netfilter.h> ··· 21 19 const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo; 22 20 23 21 if (mr->rangesize != 1) { 24 - pr_info("%s: multiple ranges no longer supported\n", 25 - par->target->name); 22 + pr_info_ratelimited("multiple ranges no longer supported\n"); 26 23 return -EINVAL; 27 24 } 28 25 return nf_ct_netns_get(par->net, par->family);
+4 -2
net/netfilter/xt_nfacct.c
··· 6 6 * it under the terms of the GNU General Public License version 2 (or any 7 7 * later at your option) as published by the Free Software Foundation. 8 8 */ 9 + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 10 + 9 11 #include <linux/module.h> 10 12 #include <linux/skbuff.h> 11 13 ··· 41 39 42 40 nfacct = nfnl_acct_find_get(par->net, info->name); 43 41 if (nfacct == NULL) { 44 - pr_info("xt_nfacct: accounting object with name `%s' " 45 - "does not exists\n", info->name); 42 + pr_info_ratelimited("accounting object `%s' does not exists\n", 43 + info->name); 46 44 return -ENOENT; 47 45 } 48 46 info->nfacct = nfacct;
+1 -3
net/netfilter/xt_physdev.c
··· 107 107 info->invert & XT_PHYSDEV_OP_BRIDGED) && 108 108 par->hook_mask & ((1 << NF_INET_LOCAL_OUT) | 109 109 (1 << NF_INET_FORWARD) | (1 << NF_INET_POST_ROUTING))) { 110 - pr_info("using --physdev-out and --physdev-is-out are only " 111 - "supported in the FORWARD and POSTROUTING chains with " 112 - "bridged traffic.\n"); 110 + pr_info_ratelimited("--physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic\n"); 113 111 if (par->hook_mask & (1 << NF_INET_LOCAL_OUT)) 114 112 return -EINVAL; 115 113 }
+13 -10
net/netfilter/xt_policy.c
··· 132 132 static int policy_mt_check(const struct xt_mtchk_param *par) 133 133 { 134 134 const struct xt_policy_info *info = par->matchinfo; 135 + const char *errmsg = "neither incoming nor outgoing policy selected"; 135 136 136 - if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) { 137 - pr_info("neither incoming nor outgoing policy selected\n"); 138 - return -EINVAL; 139 - } 137 + if (!(info->flags & (XT_POLICY_MATCH_IN|XT_POLICY_MATCH_OUT))) 138 + goto err; 139 + 140 140 if (par->hook_mask & ((1 << NF_INET_PRE_ROUTING) | 141 141 (1 << NF_INET_LOCAL_IN)) && info->flags & XT_POLICY_MATCH_OUT) { 142 - pr_info("output policy not valid in PREROUTING and INPUT\n"); 143 - return -EINVAL; 142 + errmsg = "output policy not valid in PREROUTING and INPUT"; 143 + goto err; 144 144 } 145 145 if (par->hook_mask & ((1 << NF_INET_POST_ROUTING) | 146 146 (1 << NF_INET_LOCAL_OUT)) && info->flags & XT_POLICY_MATCH_IN) { 147 - pr_info("input policy not valid in POSTROUTING and OUTPUT\n"); 148 - return -EINVAL; 147 + errmsg = "input policy not valid in POSTROUTING and OUTPUT"; 148 + goto err; 149 149 } 150 150 if (info->len > XT_POLICY_MAX_ELEM) { 151 - pr_info("too many policy elements\n"); 152 - return -EINVAL; 151 + errmsg = "too many policy elements"; 152 + goto err; 153 153 } 154 154 return 0; 155 + err: 156 + pr_info_ratelimited("%s\n", errmsg); 157 + return -EINVAL; 155 158 } 156 159 157 160 static struct xt_match policy_mt_reg[] __read_mostly = {
+6 -8
net/netfilter/xt_recent.c
··· 342 342 net_get_random_once(&hash_rnd, sizeof(hash_rnd)); 343 343 344 344 if (info->check_set & ~XT_RECENT_VALID_FLAGS) { 345 - pr_info("Unsupported user space flags (%08x)\n", 346 - info->check_set); 345 + pr_info_ratelimited("Unsupported userspace flags (%08x)\n", 346 + info->check_set); 347 347 return -EINVAL; 348 348 } 349 349 if (hweight8(info->check_set & ··· 357 357 if ((info->check_set & XT_RECENT_REAP) && !info->seconds) 358 358 return -EINVAL; 359 359 if (info->hit_count >= XT_RECENT_MAX_NSTAMPS) { 360 - pr_info("hitcount (%u) is larger than allowed maximum (%u)\n", 361 - info->hit_count, XT_RECENT_MAX_NSTAMPS - 1); 360 + pr_info_ratelimited("hitcount (%u) is larger than allowed maximum (%u)\n", 361 + info->hit_count, XT_RECENT_MAX_NSTAMPS - 1); 362 362 return -EINVAL; 363 363 } 364 364 if (info->name[0] == '\0' || ··· 587 587 add = true; 588 588 break; 589 589 default: 590 - pr_info("Need \"+ip\", \"-ip\" or \"/\"\n"); 590 + pr_info_ratelimited("Need \"+ip\", \"-ip\" or \"/\"\n"); 591 591 return -EINVAL; 592 592 } 593 593 ··· 601 601 succ = in4_pton(c, size, (void *)&addr, '\n', NULL); 602 602 } 603 603 604 - if (!succ) { 605 - pr_info("illegal address written to procfs\n"); 604 + if (!succ) 606 605 return -EINVAL; 607 - } 608 606 609 607 spin_lock_bh(&recent_lock); 610 608 e = recent_entry_lookup(t, &addr, family, 0);
+25 -25
net/netfilter/xt_set.c
··· 92 92 index = ip_set_nfnl_get_byindex(par->net, info->match_set.index); 93 93 94 94 if (index == IPSET_INVALID_ID) { 95 - pr_warn("Cannot find set identified by id %u to match\n", 96 - info->match_set.index); 95 + pr_info_ratelimited("Cannot find set identified by id %u to match\n", 96 + info->match_set.index); 97 97 return -ENOENT; 98 98 } 99 99 if (info->match_set.u.flags[IPSET_DIM_MAX - 1] != 0) { 100 - pr_warn("Protocol error: set match dimension is over the limit!\n"); 100 + pr_info_ratelimited("set match dimension is over the limit!\n"); 101 101 ip_set_nfnl_put(par->net, info->match_set.index); 102 102 return -ERANGE; 103 103 } ··· 143 143 index = ip_set_nfnl_get_byindex(par->net, info->match_set.index); 144 144 145 145 if (index == IPSET_INVALID_ID) { 146 - pr_warn("Cannot find set identified by id %u to match\n", 147 - info->match_set.index); 146 + pr_info_ratelimited("Cannot find set identified by id %u to match\n", 147 + info->match_set.index); 148 148 return -ENOENT; 149 149 } 150 150 if (info->match_set.dim > IPSET_DIM_MAX) { 151 - pr_warn("Protocol error: set match dimension is over the limit!\n"); 151 + pr_info_ratelimited("set match dimension is over the limit!\n"); 152 152 ip_set_nfnl_put(par->net, info->match_set.index); 153 153 return -ERANGE; 154 154 } ··· 241 241 if (info->add_set.index != IPSET_INVALID_ID) { 242 242 index = ip_set_nfnl_get_byindex(par->net, info->add_set.index); 243 243 if (index == IPSET_INVALID_ID) { 244 - pr_warn("Cannot find add_set index %u as target\n", 245 - info->add_set.index); 244 + pr_info_ratelimited("Cannot find add_set index %u as target\n", 245 + info->add_set.index); 246 246 return -ENOENT; 247 247 } 248 248 } ··· 250 250 if (info->del_set.index != IPSET_INVALID_ID) { 251 251 index = ip_set_nfnl_get_byindex(par->net, info->del_set.index); 252 252 if (index == IPSET_INVALID_ID) { 253 - pr_warn("Cannot find del_set index %u as target\n", 254 - info->del_set.index); 253 + pr_info_ratelimited("Cannot find del_set index %u as target\n", 254 + info->del_set.index); 255 255 if (info->add_set.index != IPSET_INVALID_ID) 256 256 ip_set_nfnl_put(par->net, info->add_set.index); 257 257 return -ENOENT; ··· 259 259 } 260 260 if (info->add_set.u.flags[IPSET_DIM_MAX - 1] != 0 || 261 261 info->del_set.u.flags[IPSET_DIM_MAX - 1] != 0) { 262 - pr_warn("Protocol error: SET target dimension is over the limit!\n"); 262 + pr_info_ratelimited("SET target dimension over the limit!\n"); 263 263 if (info->add_set.index != IPSET_INVALID_ID) 264 264 ip_set_nfnl_put(par->net, info->add_set.index); 265 265 if (info->del_set.index != IPSET_INVALID_ID) ··· 316 316 if (info->add_set.index != IPSET_INVALID_ID) { 317 317 index = ip_set_nfnl_get_byindex(par->net, info->add_set.index); 318 318 if (index == IPSET_INVALID_ID) { 319 - pr_warn("Cannot find add_set index %u as target\n", 320 - info->add_set.index); 319 + pr_info_ratelimited("Cannot find add_set index %u as target\n", 320 + info->add_set.index); 321 321 return -ENOENT; 322 322 } 323 323 } ··· 325 325 if (info->del_set.index != IPSET_INVALID_ID) { 326 326 index = ip_set_nfnl_get_byindex(par->net, info->del_set.index); 327 327 if (index == IPSET_INVALID_ID) { 328 - pr_warn("Cannot find del_set index %u as target\n", 329 - info->del_set.index); 328 + pr_info_ratelimited("Cannot find del_set index %u as target\n", 329 + info->del_set.index); 330 330 if (info->add_set.index != IPSET_INVALID_ID) 331 331 ip_set_nfnl_put(par->net, info->add_set.index); 332 332 return -ENOENT; ··· 334 334 } 335 335 if (info->add_set.dim > IPSET_DIM_MAX || 336 336 info->del_set.dim > IPSET_DIM_MAX) { 337 - pr_warn("Protocol error: SET target dimension is over the limit!\n"); 337 + pr_info_ratelimited("SET target dimension over the limit!\n"); 338 338 if (info->add_set.index != IPSET_INVALID_ID) 339 339 ip_set_nfnl_put(par->net, info->add_set.index); 340 340 if (info->del_set.index != IPSET_INVALID_ID) ··· 444 444 index = ip_set_nfnl_get_byindex(par->net, 445 445 info->add_set.index); 446 446 if (index == IPSET_INVALID_ID) { 447 - pr_warn("Cannot find add_set index %u as target\n", 448 - info->add_set.index); 447 + pr_info_ratelimited("Cannot find add_set index %u as target\n", 448 + info->add_set.index); 449 449 return -ENOENT; 450 450 } 451 451 } ··· 454 454 index = ip_set_nfnl_get_byindex(par->net, 455 455 info->del_set.index); 456 456 if (index == IPSET_INVALID_ID) { 457 - pr_warn("Cannot find del_set index %u as target\n", 458 - info->del_set.index); 457 + pr_info_ratelimited("Cannot find del_set index %u as target\n", 458 + info->del_set.index); 459 459 if (info->add_set.index != IPSET_INVALID_ID) 460 460 ip_set_nfnl_put(par->net, 461 461 info->add_set.index); ··· 465 465 466 466 if (info->map_set.index != IPSET_INVALID_ID) { 467 467 if (strncmp(par->table, "mangle", 7)) { 468 - pr_warn("--map-set only usable from mangle table\n"); 468 + pr_info_ratelimited("--map-set only usable from mangle table\n"); 469 469 return -EINVAL; 470 470 } 471 471 if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) | ··· 473 473 !(par->hook_mask & (1 << NF_INET_FORWARD | 474 474 1 << NF_INET_LOCAL_OUT | 475 475 1 << NF_INET_POST_ROUTING))) { 476 - pr_warn("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n"); 476 + pr_info_ratelimited("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n"); 477 477 return -EINVAL; 478 478 } 479 479 index = ip_set_nfnl_get_byindex(par->net, 480 480 info->map_set.index); 481 481 if (index == IPSET_INVALID_ID) { 482 - pr_warn("Cannot find map_set index %u as target\n", 483 - info->map_set.index); 482 + pr_info_ratelimited("Cannot find map_set index %u as target\n", 483 + info->map_set.index); 484 484 if (info->add_set.index != IPSET_INVALID_ID) 485 485 ip_set_nfnl_put(par->net, 486 486 info->add_set.index); ··· 494 494 if (info->add_set.dim > IPSET_DIM_MAX || 495 495 info->del_set.dim > IPSET_DIM_MAX || 496 496 info->map_set.dim > IPSET_DIM_MAX) { 497 - pr_warn("Protocol error: SET target dimension is over the limit!\n"); 497 + pr_info_ratelimited("SET target dimension over the limit!\n"); 498 498 if (info->add_set.index != IPSET_INVALID_ID) 499 499 ip_set_nfnl_put(par->net, info->add_set.index); 500 500 if (info->del_set.index != IPSET_INVALID_ID)
+6 -4
net/netfilter/xt_socket.c
··· 171 171 return err; 172 172 173 173 if (info->flags & ~XT_SOCKET_FLAGS_V1) { 174 - pr_info("unknown flags 0x%x\n", info->flags & ~XT_SOCKET_FLAGS_V1); 174 + pr_info_ratelimited("unknown flags 0x%x\n", 175 + info->flags & ~XT_SOCKET_FLAGS_V1); 175 176 return -EINVAL; 176 177 } 177 178 return 0; ··· 188 187 return err; 189 188 190 189 if (info->flags & ~XT_SOCKET_FLAGS_V2) { 191 - pr_info("unknown flags 0x%x\n", info->flags & ~XT_SOCKET_FLAGS_V2); 190 + pr_info_ratelimited("unknown flags 0x%x\n", 191 + info->flags & ~XT_SOCKET_FLAGS_V2); 192 192 return -EINVAL; 193 193 } 194 194 return 0; ··· 205 203 if (err) 206 204 return err; 207 205 if (info->flags & ~XT_SOCKET_FLAGS_V3) { 208 - pr_info("unknown flags 0x%x\n", 209 - info->flags & ~XT_SOCKET_FLAGS_V3); 206 + pr_info_ratelimited("unknown flags 0x%x\n", 207 + info->flags & ~XT_SOCKET_FLAGS_V3); 210 208 return -EINVAL; 211 209 } 212 210 return 0;
+2 -2
net/netfilter/xt_state.c
··· 44 44 45 45 ret = nf_ct_netns_get(par->net, par->family); 46 46 if (ret < 0) 47 - pr_info("cannot load conntrack support for proto=%u\n", 48 - par->family); 47 + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", 48 + par->family); 49 49 return ret; 50 50 } 51 51
+3 -3
net/netfilter/xt_time.c
··· 235 235 236 236 if (info->daytime_start > XT_TIME_MAX_DAYTIME || 237 237 info->daytime_stop > XT_TIME_MAX_DAYTIME) { 238 - pr_info("invalid argument - start or " 239 - "stop time greater than 23:59:59\n"); 238 + pr_info_ratelimited("invalid argument - start or stop time greater than 23:59:59\n"); 240 239 return -EDOM; 241 240 } 242 241 243 242 if (info->flags & ~XT_TIME_ALL_FLAGS) { 244 - pr_info("unknown flags 0x%x\n", info->flags & ~XT_TIME_ALL_FLAGS); 243 + pr_info_ratelimited("unknown flags 0x%x\n", 244 + info->flags & ~XT_TIME_ALL_FLAGS); 245 245 return -EINVAL; 246 246 } 247 247
+3 -1
net/netlink/af_netlink.c
··· 2308 2308 if (cb->start) { 2309 2309 ret = cb->start(cb); 2310 2310 if (ret) 2311 - goto error_unlock; 2311 + goto error_put; 2312 2312 } 2313 2313 2314 2314 nlk->cb_running = true; ··· 2328 2328 */ 2329 2329 return -EINTR; 2330 2330 2331 + error_put: 2332 + module_put(control->module); 2331 2333 error_unlock: 2332 2334 sock_put(sk); 2333 2335 mutex_unlock(nlk->cb_mutex);
+1 -1
net/rxrpc/output.c
··· 445 445 (char *)&opt, sizeof(opt)); 446 446 if (ret == 0) { 447 447 ret = kernel_sendmsg(conn->params.local->socket, &msg, 448 - iov, 1, iov[0].iov_len); 448 + iov, 2, len); 449 449 450 450 opt = IPV6_PMTUDISC_DO; 451 451 kernel_setsockopt(conn->params.local->socket,
+6 -1
net/sched/cls_api.c
··· 1397 1397 nla_get_u32(tca[TCA_CHAIN]) != chain->index) 1398 1398 continue; 1399 1399 if (!tcf_chain_dump(chain, q, parent, skb, cb, 1400 - index_start, &index)) 1400 + index_start, &index)) { 1401 + err = -EMSGSIZE; 1401 1402 break; 1403 + } 1402 1404 } 1403 1405 1404 1406 cb->args[0] = index; 1405 1407 1406 1408 out: 1409 + /* If we did no progress, the error (EMSGSIZE) is real */ 1410 + if (skb->len == 0 && err) 1411 + return err; 1407 1412 return skb->len; 1408 1413 } 1409 1414
+22 -3
net/wireless/mesh.c
··· 170 170 enum nl80211_bss_scan_width scan_width; 171 171 struct ieee80211_supported_band *sband = 172 172 rdev->wiphy.bands[setup->chandef.chan->band]; 173 - scan_width = cfg80211_chandef_to_scan_width(&setup->chandef); 174 - setup->basic_rates = ieee80211_mandatory_rates(sband, 175 - scan_width); 173 + 174 + if (setup->chandef.chan->band == NL80211_BAND_2GHZ) { 175 + int i; 176 + 177 + /* 178 + * Older versions selected the mandatory rates for 179 + * 2.4 GHz as well, but were broken in that only 180 + * 1 Mbps was regarded as a mandatory rate. Keep 181 + * using just 1 Mbps as the default basic rate for 182 + * mesh to be interoperable with older versions. 183 + */ 184 + for (i = 0; i < sband->n_bitrates; i++) { 185 + if (sband->bitrates[i].bitrate == 10) { 186 + setup->basic_rates = BIT(i); 187 + break; 188 + } 189 + } 190 + } else { 191 + scan_width = cfg80211_chandef_to_scan_width(&setup->chandef); 192 + setup->basic_rates = ieee80211_mandatory_rates(sband, 193 + scan_width); 194 + } 176 195 } 177 196 178 197 err = cfg80211_chandef_dfs_required(&rdev->wiphy,
+2
net/wireless/sme.c
··· 1032 1032 wdev->current_bss = NULL; 1033 1033 wdev->ssid_len = 0; 1034 1034 wdev->conn_owner_nlportid = 0; 1035 + kzfree(wdev->connect_keys); 1036 + wdev->connect_keys = NULL; 1035 1037 1036 1038 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap); 1037 1039
+1 -1
tools/bpf/bpftool/main.c
··· 244 244 } 245 245 246 246 if (errno && errno != ENOENT) { 247 - perror("reading batch file failed"); 247 + p_err("reading batch file failed: %s", strerror(errno)); 248 248 err = -1; 249 249 } else { 250 250 p_info("processed %d lines", lines);
+3
tools/bpf/bpftool/prog.c
··· 774 774 n < 0 ? strerror(errno) : "short write"); 775 775 goto err_free; 776 776 } 777 + 778 + if (json_output) 779 + jsonw_null(json_wtr); 777 780 } else { 778 781 if (member_len == &info.jited_prog_len) { 779 782 const char *name = NULL;
+3 -2
tools/lib/bpf/libbpf.c
··· 1060 1060 prog->insns = new_insn; 1061 1061 prog->main_prog_cnt = prog->insns_cnt; 1062 1062 prog->insns_cnt = new_cnt; 1063 + pr_debug("added %zd insn from %s to prog %s\n", 1064 + text->insns_cnt, text->section_name, 1065 + prog->section_name); 1063 1066 } 1064 1067 insn = &prog->insns[relo->insn_idx]; 1065 1068 insn->imm += prog->main_prog_cnt - relo->insn_idx; 1066 - pr_debug("added %zd insn from %s to prog %s\n", 1067 - text->insns_cnt, text->section_name, prog->section_name); 1068 1069 return 0; 1069 1070 } 1070 1071
+1
tools/testing/selftests/bpf/.gitignore
··· 11 11 test_tcpbpf_user 12 12 test_verifier_log 13 13 feature 14 + test_libbpf_open
+2
tools/testing/selftests/bpf/test_maps.c
··· 126 126 fd = bpf_create_map(BPF_MAP_TYPE_HASH, i, j, 127 127 2, map_flags); 128 128 if (fd < 0) { 129 + if (errno == ENOMEM) 130 + return; 129 131 printf("Failed to create hashmap key=%d value=%d '%s'\n", 130 132 i, j, strerror(errno)); 131 133 exit(1);
-1
tools/testing/selftests/bpf/test_tcpbpf_kern.c
··· 5 5 #include <linux/if_ether.h> 6 6 #include <linux/if_packet.h> 7 7 #include <linux/ip.h> 8 - #include <linux/in6.h> 9 8 #include <linux/types.h> 10 9 #include <linux/socket.h> 11 10 #include <linux/tcp.h>
+26
tools/testing/selftests/bpf/test_verifier.c
··· 2587 2587 .result = ACCEPT, 2588 2588 }, 2589 2589 { 2590 + "runtime/jit: pass negative index to tail_call", 2591 + .insns = { 2592 + BPF_MOV64_IMM(BPF_REG_3, -1), 2593 + BPF_LD_MAP_FD(BPF_REG_2, 0), 2594 + BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, 2595 + BPF_FUNC_tail_call), 2596 + BPF_MOV64_IMM(BPF_REG_0, 0), 2597 + BPF_EXIT_INSN(), 2598 + }, 2599 + .fixup_prog = { 1 }, 2600 + .result = ACCEPT, 2601 + }, 2602 + { 2603 + "runtime/jit: pass > 32bit index to tail_call", 2604 + .insns = { 2605 + BPF_LD_IMM64(BPF_REG_3, 0x100000000ULL), 2606 + BPF_LD_MAP_FD(BPF_REG_2, 0), 2607 + BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, 2608 + BPF_FUNC_tail_call), 2609 + BPF_MOV64_IMM(BPF_REG_0, 0), 2610 + BPF_EXIT_INSN(), 2611 + }, 2612 + .fixup_prog = { 2 }, 2613 + .result = ACCEPT, 2614 + }, 2615 + { 2590 2616 "stack pointer arithmetic", 2591 2617 .insns = { 2592 2618 BPF_MOV64_IMM(BPF_REG_1, 4),