From dc90d18130214e236cea2dd3a8c044216cf00068 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Sat, 18 Apr 2020 11:39:11 +0200 Subject: [PATCH] 4.9-stable patches added patches: hsr-check-protocol-version-in-hsr_newlink.patch net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch net-qrtr-send-msgs-from-local-of-same-id-as-broadcast.patch --- ...heck-protocol-version-in-hsr_newlink.patch | 52 +++++++++ ...n-add-del-multicast-ip-with-autojoin.patch | 100 ++++++++++++++++++ ...a-gateways-for-anycast-address-check.patch | 66 ++++++++++++ ...s-from-local-of-same-id-as-broadcast.patch | 52 +++++++++ queue-4.9/series | 4 + 5 files changed, 274 insertions(+) create mode 100644 queue-4.9/hsr-check-protocol-version-in-hsr_newlink.patch create mode 100644 queue-4.9/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch create mode 100644 queue-4.9/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch create mode 100644 queue-4.9/net-qrtr-send-msgs-from-local-of-same-id-as-broadcast.patch diff --git a/queue-4.9/hsr-check-protocol-version-in-hsr_newlink.patch b/queue-4.9/hsr-check-protocol-version-in-hsr_newlink.patch new file mode 100644 index 00000000000..5c4b077acad --- /dev/null +++ b/queue-4.9/hsr-check-protocol-version-in-hsr_newlink.patch @@ -0,0 +1,52 @@ +From foo@baz Sat 18 Apr 2020 11:34:19 AM CEST +From: Taehee Yoo +Date: Tue, 7 Apr 2020 13:23:21 +0000 +Subject: hsr: check protocol version in hsr_newlink() + +From: Taehee Yoo + +[ Upstream commit 4faab8c446def7667adf1f722456c2f4c304069c ] + +In the current hsr code, only 0 and 1 protocol versions are valid. +But current hsr code doesn't check the version, which is received by +userspace. + +Test commands: + ip link add dummy0 type dummy + ip link add dummy1 type dummy + ip link add hsr0 type hsr slave1 dummy0 slave2 dummy1 version 4 + +In the test commands, version 4 is invalid. +So, the command should be failed. + +After this patch, following error will occur. +"Error: hsr: Only versions 0..1 are supported." + +Fixes: ee1c27977284 ("net/hsr: Added support for HSR v1") +Signed-off-by: Taehee Yoo +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/hsr/hsr_netlink.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +--- a/net/hsr/hsr_netlink.c ++++ b/net/hsr/hsr_netlink.c +@@ -63,10 +63,15 @@ static int hsr_newlink(struct net *src_n + else + multicast_spec = nla_get_u8(data[IFLA_HSR_MULTICAST_SPEC]); + +- if (!data[IFLA_HSR_VERSION]) ++ if (!data[IFLA_HSR_VERSION]) { + hsr_version = 0; +- else ++ } else { + hsr_version = nla_get_u8(data[IFLA_HSR_VERSION]); ++ if (hsr_version > 1) { ++ netdev_info(dev, "Only versions 0..1 are supported"); ++ return -EINVAL; ++ } ++ } + + return hsr_dev_finalize(dev, link, multicast_spec, hsr_version); + } diff --git a/queue-4.9/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch b/queue-4.9/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch new file mode 100644 index 00000000000..99e43951a4a --- /dev/null +++ b/queue-4.9/net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch @@ -0,0 +1,100 @@ +From foo@baz Sat 18 Apr 2020 11:34:19 AM CEST +From: Taras Chornyi +Date: Thu, 9 Apr 2020 20:25:24 +0300 +Subject: net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin + +From: Taras Chornyi + +[ Upstream commit 690cc86321eb9bcee371710252742fb16fe96824 ] + +When CONFIG_IP_MULTICAST is not set and multicast ip is added to the device +with autojoin flag or when multicast ip is deleted kernel will crash. + +steps to reproduce: + +ip addr add 224.0.0.0/32 dev eth0 +ip addr del 224.0.0.0/32 dev eth0 + +or + +ip addr add 224.0.0.0/32 dev eth0 autojoin + +Unable to handle kernel NULL pointer dereference at virtual address 0000000000000088 + pc : _raw_write_lock_irqsave+0x1e0/0x2ac + lr : lock_sock_nested+0x1c/0x60 + Call trace: + _raw_write_lock_irqsave+0x1e0/0x2ac + lock_sock_nested+0x1c/0x60 + ip_mc_config.isra.28+0x50/0xe0 + inet_rtm_deladdr+0x1a8/0x1f0 + rtnetlink_rcv_msg+0x120/0x350 + netlink_rcv_skb+0x58/0x120 + rtnetlink_rcv+0x14/0x20 + netlink_unicast+0x1b8/0x270 + netlink_sendmsg+0x1a0/0x3b0 + ____sys_sendmsg+0x248/0x290 + ___sys_sendmsg+0x80/0xc0 + __sys_sendmsg+0x68/0xc0 + __arm64_sys_sendmsg+0x20/0x30 + el0_svc_common.constprop.2+0x88/0x150 + do_el0_svc+0x20/0x80 + el0_sync_handler+0x118/0x190 + el0_sync+0x140/0x180 + +Fixes: 93a714d6b53d ("multicast: Extend ip address command to enable multicast group join/leave on") +Signed-off-by: Taras Chornyi +Signed-off-by: Vadym Kochan +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/ipv4/devinet.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +--- a/net/ipv4/devinet.c ++++ b/net/ipv4/devinet.c +@@ -560,12 +560,15 @@ struct in_ifaddr *inet_ifa_byprefix(stru + return NULL; + } + +-static int ip_mc_config(struct sock *sk, bool join, const struct in_ifaddr *ifa) ++static int ip_mc_autojoin_config(struct net *net, bool join, ++ const struct in_ifaddr *ifa) + { ++#if defined(CONFIG_IP_MULTICAST) + struct ip_mreqn mreq = { + .imr_multiaddr.s_addr = ifa->ifa_address, + .imr_ifindex = ifa->ifa_dev->dev->ifindex, + }; ++ struct sock *sk = net->ipv4.mc_autojoin_sk; + int ret; + + ASSERT_RTNL(); +@@ -578,6 +581,9 @@ static int ip_mc_config(struct sock *sk, + release_sock(sk); + + return ret; ++#else ++ return -EOPNOTSUPP; ++#endif + } + + static int inet_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh) +@@ -617,7 +623,7 @@ static int inet_rtm_deladdr(struct sk_bu + continue; + + if (ipv4_is_multicast(ifa->ifa_address)) +- ip_mc_config(net->ipv4.mc_autojoin_sk, false, ifa); ++ ip_mc_autojoin_config(net, false, ifa); + __inet_del_ifa(in_dev, ifap, 1, nlh, NETLINK_CB(skb).portid); + return 0; + } +@@ -873,8 +879,7 @@ static int inet_rtm_newaddr(struct sk_bu + */ + set_ifa_lifetime(ifa, valid_lft, prefered_lft); + if (ifa->ifa_flags & IFA_F_MCAUTOJOIN) { +- int ret = ip_mc_config(net->ipv4.mc_autojoin_sk, +- true, ifa); ++ int ret = ip_mc_autojoin_config(net, true, ifa); + + if (ret < 0) { + inet_free_ifa(ifa); diff --git a/queue-4.9/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch b/queue-4.9/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch new file mode 100644 index 00000000000..513442c0a8c --- /dev/null +++ b/queue-4.9/net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch @@ -0,0 +1,66 @@ +From foo@baz Sat 18 Apr 2020 11:34:19 AM CEST +From: Tim Stallard +Date: Fri, 3 Apr 2020 21:26:21 +0100 +Subject: net: ipv6: do not consider routes via gateways for anycast address check + +From: Tim Stallard + +[ Upstream commit 03e2a984b6165621f287fadf5f4b5cd8b58dcaba ] + +The behaviour for what is considered an anycast address changed in +commit 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after +encountering pmtu exception"). This now considers the first +address in a subnet where there is a route via a gateway +to be an anycast address. + +This breaks path MTU discovery and traceroutes when a host in a +remote network uses the address at the start of a prefix +(eg 2600:: advertised as 2600::/48 in the DFZ) as ICMP errors +will not be sent to anycast addresses. + +This patch excludes any routes with a gateway, or via point to +point links, like the behaviour previously from +rt6_is_gw_or_nonexthop in net/ipv6/route.c. + +This can be tested with: +ip link add v1 type veth peer name v2 +ip netns add test +ip netns exec test ip link set lo up +ip link set v2 netns test +ip link set v1 up +ip netns exec test ip link set v2 up +ip addr add 2001:db8::1/64 dev v1 nodad +ip addr add 2001:db8:100:: dev lo nodad +ip netns exec test ip addr add 2001:db8::2/64 dev v2 nodad +ip netns exec test ip route add unreachable 2001:db8:1::1 +ip netns exec test ip route add 2001:db8:100::/64 via 2001:db8::1 +ip netns exec test sysctl net.ipv6.conf.all.forwarding=1 +ip route add 2001:db8:1::1 via 2001:db8::2 +ping -I 2001:db8::1 2001:db8:1::1 -c1 +ping -I 2001:db8:100:: 2001:db8:1::1 -c1 +ip addr delete 2001:db8:100:: dev lo +ip netns delete test + +Currently the first ping will get back a destination unreachable ICMP +error, but the second will never get a response, with "icmp6_send: +acast source" logged. After this patch, both get destination +unreachable ICMP replies. + +Fixes: 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after encountering pmtu exception") +Signed-off-by: Tim Stallard +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + include/net/ip6_route.h | 1 + + 1 file changed, 1 insertion(+) + +--- a/include/net/ip6_route.h ++++ b/include/net/ip6_route.h +@@ -195,6 +195,7 @@ static inline bool ipv6_anycast_destinat + + return rt->rt6i_flags & RTF_ANYCAST || + (rt->rt6i_dst.plen != 128 && ++ !(rt->rt6i_flags & (RTF_GATEWAY | RTF_NONEXTHOP)) && + ipv6_addr_equal(&rt->rt6i_dst.addr, daddr)); + } + diff --git a/queue-4.9/net-qrtr-send-msgs-from-local-of-same-id-as-broadcast.patch b/queue-4.9/net-qrtr-send-msgs-from-local-of-same-id-as-broadcast.patch new file mode 100644 index 00000000000..39d2d715d0d --- /dev/null +++ b/queue-4.9/net-qrtr-send-msgs-from-local-of-same-id-as-broadcast.patch @@ -0,0 +1,52 @@ +From foo@baz Sat 18 Apr 2020 11:34:19 AM CEST +From: Wang Wenhu +Date: Wed, 8 Apr 2020 19:53:53 -0700 +Subject: net: qrtr: send msgs from local of same id as broadcast + +From: Wang Wenhu + +[ Upstream commit 6dbf02acef69b0742c238574583b3068afbd227c ] + +If the local node id(qrtr_local_nid) is not modified after its +initialization, it equals to the broadcast node id(QRTR_NODE_BCAST). +So the messages from local node should not be taken as broadcast +and keep the process going to send them out anyway. + +The definitions are as follow: +static unsigned int qrtr_local_nid = NUMA_NO_NODE; + +Fixes: fdf5fd397566 ("net: qrtr: Broadcast messages only from control port") +Signed-off-by: Wang Wenhu +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + net/qrtr/qrtr.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +--- a/net/qrtr/qrtr.c ++++ b/net/qrtr/qrtr.c +@@ -621,20 +621,21 @@ static int qrtr_sendmsg(struct socket *s + + node = NULL; + if (addr->sq_node == QRTR_NODE_BCAST) { +- enqueue_fn = qrtr_bcast_enqueue; +- if (addr->sq_port != QRTR_PORT_CTRL) { ++ if (addr->sq_port != QRTR_PORT_CTRL && ++ qrtr_local_nid != QRTR_NODE_BCAST) { + release_sock(sk); + return -ENOTCONN; + } ++ enqueue_fn = qrtr_bcast_enqueue; + } else if (addr->sq_node == ipc->us.sq_node) { + enqueue_fn = qrtr_local_enqueue; + } else { +- enqueue_fn = qrtr_node_enqueue; + node = qrtr_node_lookup(addr->sq_node); + if (!node) { + release_sock(sk); + return -ECONNRESET; + } ++ enqueue_fn = qrtr_node_enqueue; + } + + plen = (len + 3) & ~3; diff --git a/queue-4.9/series b/queue-4.9/series index 34fff025eca..363f295c4c1 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -63,3 +63,7 @@ ipmi-fix-hung-processes-in-__get_guid.patch powerpc-fsl_booke-avoid-creating-duplicate-tlb1-entr.patch misc-echo-remove-unnecessary-parentheses-and-simplif.patch mfd-dln2-fix-sanity-checking-for-endpoints.patch +hsr-check-protocol-version-in-hsr_newlink.patch +net-ipv4-devinet-fix-crash-when-add-del-multicast-ip-with-autojoin.patch +net-qrtr-send-msgs-from-local-of-same-id-as-broadcast.patch +net-ipv6-do-not-consider-routes-via-gateways-for-anycast-address-check.patch -- 2.47.3