From 184cacf6ad5b90b4d214f4900474f8aee5241d7c Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 18 May 2020 14:44:36 +0200 Subject: [PATCH] 4.14-stable patches added patches: hinic-fix-a-bug-of-ndo_stop.patch net-dsa-loop-add-module-soft-dependency.patch net-fix-a-potential-recursive-netdev_feat_change.patch net-ipv4-really-enforce-backoff-for-redirects.patch net-phy-fix-aneg-restart-in-phy_ethtool_set_eee.patch net-tcp-fix-rx-timestamp-behavior-for-tcp_recvmsg.patch netlabel-cope-with-null-catmap.patch netprio_cgroup-fix-unlimited-memory-leak-of-v2-cgroups.patch revert-ipv6-add-mtu-lock-check-in-__ip6_rt_update_pmtu.patch --- queue-4.14/hinic-fix-a-bug-of-ndo_stop.patch | 119 ++++++++++++++++++ ...-dsa-loop-add-module-soft-dependency.patch | 32 +++++ ...tential-recursive-netdev_feat_change.patch | 66 ++++++++++ ...really-enforce-backoff-for-redirects.patch | 48 +++++++ ...-aneg-restart-in-phy_ethtool_set_eee.patch | 39 ++++++ ...x-timestamp-behavior-for-tcp_recvmsg.patch | 51 ++++++++ .../netlabel-cope-with-null-catmap.patch | 84 +++++++++++++ ...-unlimited-memory-leak-of-v2-cgroups.patch | 50 ++++++++ ...u-lock-check-in-__ip6_rt_update_pmtu.patch | 63 ++++++++++ queue-4.14/series | 9 ++ 10 files changed, 561 insertions(+) create mode 100644 queue-4.14/hinic-fix-a-bug-of-ndo_stop.patch create mode 100644 queue-4.14/net-dsa-loop-add-module-soft-dependency.patch create mode 100644 queue-4.14/net-fix-a-potential-recursive-netdev_feat_change.patch create mode 100644 queue-4.14/net-ipv4-really-enforce-backoff-for-redirects.patch create mode 100644 queue-4.14/net-phy-fix-aneg-restart-in-phy_ethtool_set_eee.patch create mode 100644 queue-4.14/net-tcp-fix-rx-timestamp-behavior-for-tcp_recvmsg.patch create mode 100644 queue-4.14/netlabel-cope-with-null-catmap.patch create mode 100644 queue-4.14/netprio_cgroup-fix-unlimited-memory-leak-of-v2-cgroups.patch create mode 100644 queue-4.14/revert-ipv6-add-mtu-lock-check-in-__ip6_rt_update_pmtu.patch diff --git a/queue-4.14/hinic-fix-a-bug-of-ndo_stop.patch b/queue-4.14/hinic-fix-a-bug-of-ndo_stop.patch new file mode 100644 index 00000000000..51b94a47f5f --- /dev/null +++ b/queue-4.14/hinic-fix-a-bug-of-ndo_stop.patch @@ -0,0 +1,119 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Luo bin +Date: Sun, 10 May 2020 19:01:08 +0000 +Subject: hinic: fix a bug of ndo_stop + +From: Luo bin + +[ Upstream commit e8a1b0efd632d1c9db7d4e93da66377c7b524862 ] + +if some function in ndo_stop interface returns failure because of +hardware fault, must go on excuting rest steps rather than return +failure directly, otherwise will cause memory leak.And bump the +timeout for SET_FUNC_STATE to ensure that cmd won't return failure +when hw is busy. Otherwise hw may stomp host memory if we free +memory regardless of the return value of SET_FUNC_STATE. + +Fixes: 51ba902a16e6 ("net-next/hinic: Initialize hw interface") +Signed-off-by: Luo bin +Signed-off-by: Jakub Kicinski +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/ethernet/huawei/hinic/hinic_hw_mgmt.c | 16 ++++++++++++---- + drivers/net/ethernet/huawei/hinic/hinic_main.c | 18 +++--------------- + 2 files changed, 15 insertions(+), 19 deletions(-) + +--- a/drivers/net/ethernet/huawei/hinic/hinic_hw_mgmt.c ++++ b/drivers/net/ethernet/huawei/hinic/hinic_hw_mgmt.c +@@ -54,6 +54,8 @@ + + #define MGMT_MSG_TIMEOUT 5000 + ++#define SET_FUNC_PORT_MGMT_TIMEOUT 25000 ++ + #define mgmt_to_pfhwdev(pf_mgmt) \ + container_of(pf_mgmt, struct hinic_pfhwdev, pf_to_mgmt) + +@@ -247,12 +249,13 @@ static int msg_to_mgmt_sync(struct hinic + u8 *buf_in, u16 in_size, + u8 *buf_out, u16 *out_size, + enum mgmt_direction_type direction, +- u16 resp_msg_id) ++ u16 resp_msg_id, u32 timeout) + { + struct hinic_hwif *hwif = pf_to_mgmt->hwif; + struct pci_dev *pdev = hwif->pdev; + struct hinic_recv_msg *recv_msg; + struct completion *recv_done; ++ unsigned long timeo; + u16 msg_id; + int err; + +@@ -276,8 +279,9 @@ static int msg_to_mgmt_sync(struct hinic + goto unlock_sync_msg; + } + +- if (!wait_for_completion_timeout(recv_done, +- msecs_to_jiffies(MGMT_MSG_TIMEOUT))) { ++ timeo = msecs_to_jiffies(timeout ? timeout : MGMT_MSG_TIMEOUT); ++ ++ if (!wait_for_completion_timeout(recv_done, timeo)) { + dev_err(&pdev->dev, "MGMT timeout, MSG id = %d\n", msg_id); + err = -ETIMEDOUT; + goto unlock_sync_msg; +@@ -351,6 +355,7 @@ int hinic_msg_to_mgmt(struct hinic_pf_to + { + struct hinic_hwif *hwif = pf_to_mgmt->hwif; + struct pci_dev *pdev = hwif->pdev; ++ u32 timeout = 0; + + if (sync != HINIC_MGMT_MSG_SYNC) { + dev_err(&pdev->dev, "Invalid MGMT msg type\n"); +@@ -362,9 +367,12 @@ int hinic_msg_to_mgmt(struct hinic_pf_to + return -EINVAL; + } + ++ if (cmd == HINIC_PORT_CMD_SET_FUNC_STATE) ++ timeout = SET_FUNC_PORT_MGMT_TIMEOUT; ++ + return msg_to_mgmt_sync(pf_to_mgmt, mod, cmd, buf_in, in_size, + buf_out, out_size, MGMT_DIRECT_SEND, +- MSG_NOT_RESP); ++ MSG_NOT_RESP, timeout); + } + + /** +--- a/drivers/net/ethernet/huawei/hinic/hinic_main.c ++++ b/drivers/net/ethernet/huawei/hinic/hinic_main.c +@@ -473,7 +473,6 @@ static int hinic_close(struct net_device + { + struct hinic_dev *nic_dev = netdev_priv(netdev); + unsigned int flags; +- int err; + + down(&nic_dev->mgmt_lock); + +@@ -487,20 +486,9 @@ static int hinic_close(struct net_device + + up(&nic_dev->mgmt_lock); + +- err = hinic_port_set_func_state(nic_dev, HINIC_FUNC_PORT_DISABLE); +- if (err) { +- netif_err(nic_dev, drv, netdev, +- "Failed to set func port state\n"); +- nic_dev->flags |= (flags & HINIC_INTF_UP); +- return err; +- } +- +- err = hinic_port_set_state(nic_dev, HINIC_PORT_DISABLE); +- if (err) { +- netif_err(nic_dev, drv, netdev, "Failed to set port state\n"); +- nic_dev->flags |= (flags & HINIC_INTF_UP); +- return err; +- } ++ hinic_port_set_state(nic_dev, HINIC_PORT_DISABLE); ++ ++ hinic_port_set_func_state(nic_dev, HINIC_FUNC_PORT_DISABLE); + + free_rxqs(nic_dev); + free_txqs(nic_dev); diff --git a/queue-4.14/net-dsa-loop-add-module-soft-dependency.patch b/queue-4.14/net-dsa-loop-add-module-soft-dependency.patch new file mode 100644 index 00000000000..59c064510d1 --- /dev/null +++ b/queue-4.14/net-dsa-loop-add-module-soft-dependency.patch @@ -0,0 +1,32 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Florian Fainelli +Date: Sat, 9 May 2020 16:45:44 -0700 +Subject: net: dsa: loop: Add module soft dependency + +From: Florian Fainelli + +[ Upstream commit 3047211ca11bf77b3ecbce045c0aa544d934b945 ] + +There is a soft dependency against dsa_loop_bdinfo.ko which sets up the +MDIO device registration, since there are no symbols referenced by +dsa_loop.ko, there is no automatic loading of dsa_loop_bdinfo.ko which +is needed. + +Fixes: 98cd1552ea27 ("net: dsa: Mock-up driver") +Signed-off-by: Florian Fainelli +Signed-off-by: Jakub Kicinski +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/dsa/dsa_loop.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/net/dsa/dsa_loop.c ++++ b/drivers/net/dsa/dsa_loop.c +@@ -357,6 +357,7 @@ static void __exit dsa_loop_exit(void) + } + module_exit(dsa_loop_exit); + ++MODULE_SOFTDEP("pre: dsa_loop_bdinfo"); + MODULE_LICENSE("GPL"); + MODULE_AUTHOR("Florian Fainelli"); + MODULE_DESCRIPTION("DSA loopback driver"); diff --git a/queue-4.14/net-fix-a-potential-recursive-netdev_feat_change.patch b/queue-4.14/net-fix-a-potential-recursive-netdev_feat_change.patch new file mode 100644 index 00000000000..ce4455b4564 --- /dev/null +++ b/queue-4.14/net-fix-a-potential-recursive-netdev_feat_change.patch @@ -0,0 +1,66 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Cong Wang +Date: Thu, 7 May 2020 12:19:03 -0700 +Subject: net: fix a potential recursive NETDEV_FEAT_CHANGE + +From: Cong Wang + +[ Upstream commit dd912306ff008891c82cd9f63e8181e47a9cb2fb ] + +syzbot managed to trigger a recursive NETDEV_FEAT_CHANGE event +between bonding master and slave. I managed to find a reproducer +for this: + + ip li set bond0 up + ifenslave bond0 eth0 + brctl addbr br0 + ethtool -K eth0 lro off + brctl addif br0 bond0 + ip li set br0 up + +When a NETDEV_FEAT_CHANGE event is triggered on a bonding slave, +it captures this and calls bond_compute_features() to fixup its +master's and other slaves' features. However, when syncing with +its lower devices by netdev_sync_lower_features() this event is +triggered again on slaves when the LRO feature fails to change, +so it goes back and forth recursively until the kernel stack is +exhausted. + +Commit 17b85d29e82c intentionally lets __netdev_update_features() +return -1 for such a failure case, so we have to just rely on +the existing check inside netdev_sync_lower_features() and skip +NETDEV_FEAT_CHANGE event only for this specific failure case. + +Fixes: fd867d51f889 ("net/core: generic support for disabling netdev features down stack") +Reported-by: syzbot+e73ceacfd8560cc8a3ca@syzkaller.appspotmail.com +Reported-by: syzbot+c2fb6f9ddcea95ba49b5@syzkaller.appspotmail.com +Cc: Jarod Wilson +Cc: Nikolay Aleksandrov +Cc: Josh Poimboeuf +Cc: Jann Horn +Reviewed-by: Jay Vosburgh +Signed-off-by: Cong Wang +Acked-by: Nikolay Aleksandrov +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/core/dev.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/net/core/dev.c ++++ b/net/core/dev.c +@@ -7282,11 +7282,13 @@ static void netdev_sync_lower_features(s + netdev_dbg(upper, "Disabling feature %pNF on lower dev %s.\n", + &feature, lower->name); + lower->wanted_features &= ~feature; +- netdev_update_features(lower); ++ __netdev_update_features(lower); + + if (unlikely(lower->features & feature)) + netdev_WARN(upper, "failed to disable %pNF on %s!\n", + &feature, lower->name); ++ else ++ netdev_features_change(lower); + } + } + } diff --git a/queue-4.14/net-ipv4-really-enforce-backoff-for-redirects.patch b/queue-4.14/net-ipv4-really-enforce-backoff-for-redirects.patch new file mode 100644 index 00000000000..313d97eb229 --- /dev/null +++ b/queue-4.14/net-ipv4-really-enforce-backoff-for-redirects.patch @@ -0,0 +1,48 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Paolo Abeni +Date: Fri, 8 May 2020 19:28:34 +0200 +Subject: net: ipv4: really enforce backoff for redirects + +From: Paolo Abeni + +[ Upstream commit 57644431a6c2faac5d754ebd35780cf43a531b1a ] + +In commit b406472b5ad7 ("net: ipv4: avoid mixed n_redirects and +rate_tokens usage") I missed the fact that a 0 'rate_tokens' will +bypass the backoff algorithm. + +Since rate_tokens is cleared after a redirect silence, and never +incremented on redirects, if the host keeps receiving packets +requiring redirect it will reply ignoring the backoff. + +Additionally, the 'rate_last' field will be updated with the +cadence of the ingress packet requiring redirect. If that rate is +high enough, that will prevent the host from generating any +other kind of ICMP messages + +The check for a zero 'rate_tokens' value was likely a shortcut +to avoid the more complex backoff algorithm after a redirect +silence period. Address the issue checking for 'n_redirects' +instead, which is incremented on successful redirect, and +does not interfere with other ICMP replies. + +Fixes: b406472b5ad7 ("net: ipv4: avoid mixed n_redirects and rate_tokens usage") +Reported-and-tested-by: Colin Walters +Signed-off-by: Paolo Abeni +Signed-off-by: Jakub Kicinski +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv4/route.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/ipv4/route.c ++++ b/net/ipv4/route.c +@@ -921,7 +921,7 @@ void ip_rt_send_redirect(struct sk_buff + /* Check for load limit; set rate_last to the latest sent + * redirect. + */ +- if (peer->rate_tokens == 0 || ++ if (peer->n_redirects == 0 || + time_after(jiffies, + (peer->rate_last + + (ip_rt_redirect_load << peer->n_redirects)))) { diff --git a/queue-4.14/net-phy-fix-aneg-restart-in-phy_ethtool_set_eee.patch b/queue-4.14/net-phy-fix-aneg-restart-in-phy_ethtool_set_eee.patch new file mode 100644 index 00000000000..2a3d240d5b3 --- /dev/null +++ b/queue-4.14/net-phy-fix-aneg-restart-in-phy_ethtool_set_eee.patch @@ -0,0 +1,39 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Heiner Kallweit +Date: Tue, 12 May 2020 21:45:53 +0200 +Subject: net: phy: fix aneg restart in phy_ethtool_set_eee + +From: Heiner Kallweit + +[ Upstream commit 9de5d235b60a7cdfcdd5461e70c5663e713fde87 ] + +phy_restart_aneg() enables aneg in the PHY. That's not what we want +if phydev->autoneg is disabled. In this case still update EEE +advertisement register, but don't enable aneg and don't trigger an +aneg restart. + +Fixes: f75abeb8338e ("net: phy: restart phy autonegotiation after EEE advertisment change") +Signed-off-by: Heiner Kallweit +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/phy/phy.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +--- a/drivers/net/phy/phy.c ++++ b/drivers/net/phy/phy.c +@@ -1257,9 +1257,11 @@ int phy_ethtool_set_eee(struct phy_devic + /* Restart autonegotiation so the new modes get sent to the + * link partner. + */ +- ret = phy_restart_aneg(phydev); +- if (ret < 0) +- return ret; ++ if (phydev->autoneg == AUTONEG_ENABLE) { ++ ret = phy_restart_aneg(phydev); ++ if (ret < 0) ++ return ret; ++ } + } + + return 0; diff --git a/queue-4.14/net-tcp-fix-rx-timestamp-behavior-for-tcp_recvmsg.patch b/queue-4.14/net-tcp-fix-rx-timestamp-behavior-for-tcp_recvmsg.patch new file mode 100644 index 00000000000..8d338f4ceea --- /dev/null +++ b/queue-4.14/net-tcp-fix-rx-timestamp-behavior-for-tcp_recvmsg.patch @@ -0,0 +1,51 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Kelly Littlepage +Date: Fri, 8 May 2020 19:58:46 +0000 +Subject: net: tcp: fix rx timestamp behavior for tcp_recvmsg + +From: Kelly Littlepage + +[ Upstream commit cc4de047b33be247f9c8150d3e496743a49642b8 ] + +The stated intent of the original commit is to is to "return the timestamp +corresponding to the highest sequence number data returned." The current +implementation returns the timestamp for the last byte of the last fully +read skb, which is not necessarily the last byte in the recv buffer. This +patch converts behavior to the original definition, and to the behavior of +the previous draft versions of commit 98aaa913b4ed ("tcp: Extend +SOF_TIMESTAMPING_RX_SOFTWARE to TCP recvmsg") which also match this +behavior. + +Fixes: 98aaa913b4ed ("tcp: Extend SOF_TIMESTAMPING_RX_SOFTWARE to TCP recvmsg") +Co-developed-by: Iris Liu +Signed-off-by: Iris Liu +Signed-off-by: Kelly Littlepage +Signed-off-by: Eric Dumazet +Acked-by: Soheil Hassas Yeganeh +Acked-by: Willem de Bruijn +Signed-off-by: Jakub Kicinski +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv4/tcp.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +--- a/net/ipv4/tcp.c ++++ b/net/ipv4/tcp.c +@@ -1977,13 +1977,15 @@ skip_copy: + tp->urg_data = 0; + tcp_fast_path_check(sk); + } +- if (used + offset < skb->len) +- continue; + + if (TCP_SKB_CB(skb)->has_rxtstamp) { + tcp_update_recv_tstamps(skb, &tss); + has_tss = true; + } ++ ++ if (used + offset < skb->len) ++ continue; ++ + if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN) + goto found_fin_ok; + if (!(flags & MSG_PEEK)) diff --git a/queue-4.14/netlabel-cope-with-null-catmap.patch b/queue-4.14/netlabel-cope-with-null-catmap.patch new file mode 100644 index 00000000000..b3146358453 --- /dev/null +++ b/queue-4.14/netlabel-cope-with-null-catmap.patch @@ -0,0 +1,84 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Paolo Abeni +Date: Tue, 12 May 2020 14:43:14 +0200 +Subject: netlabel: cope with NULL catmap + +From: Paolo Abeni + +[ Upstream commit eead1c2ea2509fd754c6da893a94f0e69e83ebe4 ] + +The cipso and calipso code can set the MLS_CAT attribute on +successful parsing, even if the corresponding catmap has +not been allocated, as per current configuration and external +input. + +Later, selinux code tries to access the catmap if the MLS_CAT flag +is present via netlbl_catmap_getlong(). That may cause null ptr +dereference while processing incoming network traffic. + +Address the issue setting the MLS_CAT flag only if the catmap is +really allocated. Additionally let netlbl_catmap_getlong() cope +with NULL catmap. + +Reported-by: Matthew Sheets +Fixes: 4b8feff251da ("netlabel: fix the horribly broken catmap functions") +Fixes: ceba1832b1b2 ("calipso: Set the calipso socket label to match the secattr.") +Signed-off-by: Paolo Abeni +Acked-by: Paul Moore +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv4/cipso_ipv4.c | 6 ++++-- + net/ipv6/calipso.c | 3 ++- + net/netlabel/netlabel_kapi.c | 6 ++++++ + 3 files changed, 12 insertions(+), 3 deletions(-) + +--- a/net/ipv4/cipso_ipv4.c ++++ b/net/ipv4/cipso_ipv4.c +@@ -1272,7 +1272,8 @@ static int cipso_v4_parsetag_rbm(const s + return ret_val; + } + +- secattr->flags |= NETLBL_SECATTR_MLS_CAT; ++ if (secattr->attr.mls.cat) ++ secattr->flags |= NETLBL_SECATTR_MLS_CAT; + } + + return 0; +@@ -1453,7 +1454,8 @@ static int cipso_v4_parsetag_rng(const s + return ret_val; + } + +- secattr->flags |= NETLBL_SECATTR_MLS_CAT; ++ if (secattr->attr.mls.cat) ++ secattr->flags |= NETLBL_SECATTR_MLS_CAT; + } + + return 0; +--- a/net/ipv6/calipso.c ++++ b/net/ipv6/calipso.c +@@ -1061,7 +1061,8 @@ static int calipso_opt_getattr(const uns + goto getattr_return; + } + +- secattr->flags |= NETLBL_SECATTR_MLS_CAT; ++ if (secattr->attr.mls.cat) ++ secattr->flags |= NETLBL_SECATTR_MLS_CAT; + } + + secattr->type = NETLBL_NLTYPE_CALIPSO; +--- a/net/netlabel/netlabel_kapi.c ++++ b/net/netlabel/netlabel_kapi.c +@@ -748,6 +748,12 @@ int netlbl_catmap_getlong(struct netlbl_ + if ((off & (BITS_PER_LONG - 1)) != 0) + return -EINVAL; + ++ /* a null catmap is equivalent to an empty one */ ++ if (!catmap) { ++ *offset = (u32)-1; ++ return 0; ++ } ++ + if (off < catmap->startbit) { + off = catmap->startbit; + *offset = off; diff --git a/queue-4.14/netprio_cgroup-fix-unlimited-memory-leak-of-v2-cgroups.patch b/queue-4.14/netprio_cgroup-fix-unlimited-memory-leak-of-v2-cgroups.patch new file mode 100644 index 00000000000..e04fc15a2a5 --- /dev/null +++ b/queue-4.14/netprio_cgroup-fix-unlimited-memory-leak-of-v2-cgroups.patch @@ -0,0 +1,50 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: Zefan Li +Date: Sat, 9 May 2020 11:32:10 +0800 +Subject: netprio_cgroup: Fix unlimited memory leak of v2 cgroups + +From: Zefan Li + +[ Upstream commit 090e28b229af92dc5b40786ca673999d59e73056 ] + +If systemd is configured to use hybrid mode which enables the use of +both cgroup v1 and v2, systemd will create new cgroup on both the default +root (v2) and netprio_cgroup hierarchy (v1) for a new session and attach +task to the two cgroups. If the task does some network thing then the v2 +cgroup can never be freed after the session exited. + +One of our machines ran into OOM due to this memory leak. + +In the scenario described above when sk_alloc() is called +cgroup_sk_alloc() thought it's in v2 mode, so it stores +the cgroup pointer in sk->sk_cgrp_data and increments +the cgroup refcnt, but then sock_update_netprioidx() +thought it's in v1 mode, so it stores netprioidx value +in sk->sk_cgrp_data, so the cgroup refcnt will never be freed. + +Currently we do the mode switch when someone writes to the ifpriomap +cgroup control file. The easiest fix is to also do the switch when +a task is attached to a new cgroup. + +Fixes: bd1060a1d671 ("sock, cgroup: add sock->sk_cgroup") +Reported-by: Yang Yingliang +Tested-by: Yang Yingliang +Signed-off-by: Zefan Li +Acked-by: Tejun Heo +Signed-off-by: Jakub Kicinski +Signed-off-by: Greg Kroah-Hartman +--- + net/core/netprio_cgroup.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/net/core/netprio_cgroup.c ++++ b/net/core/netprio_cgroup.c +@@ -241,6 +241,8 @@ static void net_prio_attach(struct cgrou + struct task_struct *p; + struct cgroup_subsys_state *css; + ++ cgroup_sk_alloc_disable(); ++ + cgroup_taskset_for_each(p, css, tset) { + void *v = (void *)(unsigned long)css->cgroup->id; + diff --git a/queue-4.14/revert-ipv6-add-mtu-lock-check-in-__ip6_rt_update_pmtu.patch b/queue-4.14/revert-ipv6-add-mtu-lock-check-in-__ip6_rt_update_pmtu.patch new file mode 100644 index 00000000000..937916edc42 --- /dev/null +++ b/queue-4.14/revert-ipv6-add-mtu-lock-check-in-__ip6_rt_update_pmtu.patch @@ -0,0 +1,63 @@ +From foo@baz Mon 18 May 2020 12:14:47 PM CEST +From: "Maciej Żenczykowski" +Date: Tue, 5 May 2020 11:57:23 -0700 +Subject: Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" + +From: "Maciej Żenczykowski" + +[ Upstream commit 09454fd0a4ce23cb3d8af65066c91a1bf27120dd ] + +This reverts commit 19bda36c4299ce3d7e5bce10bebe01764a655a6d: + +| ipv6: add mtu lock check in __ip6_rt_update_pmtu +| +| Prior to this patch, ipv6 didn't do mtu lock check in ip6_update_pmtu. +| It leaded to that mtu lock doesn't really work when receiving the pkt +| of ICMPV6_PKT_TOOBIG. +| +| This patch is to add mtu lock check in __ip6_rt_update_pmtu just as ipv4 +| did in __ip_rt_update_pmtu. + +The above reasoning is incorrect. IPv6 *requires* icmp based pmtu to work. +There's already a comment to this effect elsewhere in the kernel: + + $ git grep -p -B1 -A3 'RTAX_MTU lock' + net/ipv6/route.c=4813= + + static int rt6_mtu_change_route(struct fib6_info *f6i, void *p_arg) + ... + /* In IPv6 pmtu discovery is not optional, + so that RTAX_MTU lock cannot disable it. + We still use this lock to block changes + caused by addrconf/ndisc. + */ + +This reverts to the pre-4.9 behaviour. + +Cc: Eric Dumazet +Cc: Willem de Bruijn +Cc: Xin Long +Cc: Hannes Frederic Sowa +Signed-off-by: Maciej Żenczykowski +Fixes: 19bda36c4299 ("ipv6: add mtu lock check in __ip6_rt_update_pmtu") +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv6/route.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +--- a/net/ipv6/route.c ++++ b/net/ipv6/route.c +@@ -1479,8 +1479,10 @@ static void __ip6_rt_update_pmtu(struct + const struct in6_addr *daddr, *saddr; + struct rt6_info *rt6 = (struct rt6_info *)dst; + +- if (dst_metric_locked(dst, RTAX_MTU)) +- return; ++ /* Note: do *NOT* check dst_metric_locked(dst, RTAX_MTU) ++ * IPv6 pmtu discovery isn't optional, so 'mtu lock' cannot disable it. ++ * [see also comment in rt6_mtu_change_route()] ++ */ + + if (iph) { + daddr = &iph->daddr; diff --git a/queue-4.14/series b/queue-4.14/series index 2b906e153a1..5443b1ac16d 100644 --- a/queue-4.14/series +++ b/queue-4.14/series @@ -78,3 +78,12 @@ gcc-10-disable-restrict-warning-for-now.patch gcc-10-avoid-shadowing-standard-library-free-in-crypto.patch x86-asm-add-instruction-suffixes-to-bitops.patch net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch +net-fix-a-potential-recursive-netdev_feat_change.patch +netlabel-cope-with-null-catmap.patch +net-phy-fix-aneg-restart-in-phy_ethtool_set_eee.patch +revert-ipv6-add-mtu-lock-check-in-__ip6_rt_update_pmtu.patch +hinic-fix-a-bug-of-ndo_stop.patch +net-dsa-loop-add-module-soft-dependency.patch +net-ipv4-really-enforce-backoff-for-redirects.patch +netprio_cgroup-fix-unlimited-memory-leak-of-v2-cgroups.patch +net-tcp-fix-rx-timestamp-behavior-for-tcp_recvmsg.patch -- 2.47.3