tree: https://gitee.com/openeuler/kernel.git OLK-5.10
head: 6c3413fbf8c430b89f5d23f465e10e99ea145199
commit: f52063cd675564192638518d0a6d428e330ec7e1 [2566/2566] UNIC: Replace ether interface by ubl interface
config: x86_64-allyesconfig (https://download.01.org/0day-ci/archive/20241215/202412150525.dOfTAcoj-lkp@…)
compiler: clang version 19.1.3 (https://github.com/llvm/llvm-project ab51eccf88f5321e7c60591c5546b254b6afab99)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241215/202412150525.dOfTAcoj-lkp@…)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp(a)intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202412150525.dOfTAcoj-lkp@intel.com/
All warnings (new ones prefixed by >>):
>> drivers/net/ethernet/hisilicon/hns3/hns3_unic.c:53: warning: Function parameter or member 'skb' not described in 'hns3_unic_set_l3_type'
>> drivers/net/ethernet/hisilicon/hns3/hns3_unic.c:53: warning: Function parameter or member 'type_cs_vlan_tso' not described in 'hns3_unic_set_l3_type'
vim +53 drivers/net/ethernet/hisilicon/hns3/hns3_unic.c
44
45 /**
46 * L3T is an element of the TX BD interface for software and hardware
47 * interaction, used to identify the message type. As the message data
48 * given by software to the chip cannot be self-decoded, the driver needs
49 * to actively inform the chip of the message type, which is unrelated
50 * to checksum offloading.
51 */
52 void hns3_unic_set_l3_type(struct sk_buff *skb, u32 *type_cs_vlan_tso)
> 53 {
54 if (skb->protocol == htons(ETH_P_IP))
55 hnae3_set_field(*type_cs_vlan_tso, HNS3_TXD_L3T_M,
56 HNS3_TXD_L3T_S, HNS3_L3T_IPV4);
57 else if (skb->protocol == htons(ETH_P_IPV6))
58 hnae3_set_field(*type_cs_vlan_tso, HNS3_TXD_L3T_M,
59 HNS3_TXD_L3T_S, HNS3_L3T_IPV6);
60 }
61
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
tree: https://gitee.com/openeuler/kernel.git OLK-5.10
head: 6c3413fbf8c430b89f5d23f465e10e99ea145199
commit: 2ac826b258e9aceefd719f7b0c3e3a9e73901ce5 [2579/2579] sched: Introduce task relationship by net and memory
config: arm64-randconfig-004-20241213 (https://download.01.org/0day-ci/archive/20241214/202412141314.NmcppncZ-lkp@…)
compiler: aarch64-linux-gcc (GCC) 14.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241214/202412141314.NmcppncZ-lkp@…)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp(a)intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202412141314.NmcppncZ-lkp@intel.com/
All errors (new ones prefixed by >>):
In file included from include/linux/sched.h:23,
from arch/arm64/include/asm/compat.h:16,
from arch/arm64/include/asm/stat.h:13,
from include/linux/stat.h:6,
from include/linux/module.h:13,
from include/linux/bpf.h:20,
from include/linux/bpf_sched.h:5,
from kernel/sched/relationship.c:19:
kernel/sched/relationship.c: In function 'task_relationship_supported':
>> kernel/sched/relationship.c:46:51: error: 'struct task_struct' has no member named 'mems_allowed'
46 | !nodes_subset(node_online_map, tsk->mems_allowed) ||
| ^~
include/linux/nodemask.h:218:51: note: in definition of macro 'nodes_subset'
218 | __nodes_subset(&(src1), &(src2), MAX_NUMNODES)
| ^~~~
Kconfig warnings: (for reference only)
WARNING: unmet direct dependencies detected for PGP_KEY_PARSER
Depends on [n]: CRYPTO [=y] && ASYMMETRIC_KEY_TYPE [=y] && ASYMMETRIC_PUBLIC_KEY_SUBTYPE [=n]
Selected by [y]:
- PGP_PRELOAD [=y] && CRYPTO [=y] && ASYMMETRIC_KEY_TYPE [=y]
vim +46 kernel/sched/relationship.c
38
39 bool task_relationship_supported(struct task_struct *tsk)
40 {
41 if (!task_relationship_used())
42 return false;
43
44 if (!tsk->rship || !tsk->mm ||
45 !cpumask_subset(cpu_online_mask, tsk->cpus_ptr) ||
> 46 !nodes_subset(node_online_map, tsk->mems_allowed) ||
47 get_task_policy(tsk)->mode == MPOL_BIND ||
48 get_task_policy(tsk)->mode == MPOL_INTERLEAVE)
49 return false;
50
51 return true;
52 }
53
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
From: Jeongjun Park <aha310510(a)gmail.com>
stable inclusion
from stable-v4.19.325
commit 3c20b5948f119ae61ee35ad8584d666020c91581
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IB9NOX
CVE: CVE-2024-53141
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id…
--------------------------------
commit 35f56c554eb1b56b77b3cf197a6b00922d49033d upstream.
When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,
the values of ip and ip_to are slightly swapped. Therefore, the range check
for ip should be done later, but this part is missing and it seems that the
vulnerability occurs.
So we should add missing range checks and remove unnecessary range checks.
Cc: <stable(a)vger.kernel.org>
Reported-by: syzbot+58c872f7790a4d2ac951(a)syzkaller.appspotmail.com
Fixes: 72205fc68bd1 ("netfilter: ipset: bitmap:ip set type support")
Signed-off-by: Jeongjun Park <aha310510(a)gmail.com>
Acked-by: Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com>
---
net/netfilter/ipset/ip_set_bitmap_ip.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/net/netfilter/ipset/ip_set_bitmap_ip.c b/net/netfilter/ipset/ip_set_bitmap_ip.c
index e3257077158f..49a6eec6f12f 100644
--- a/net/netfilter/ipset/ip_set_bitmap_ip.c
+++ b/net/netfilter/ipset/ip_set_bitmap_ip.c
@@ -166,11 +166,8 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *tb[],
ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to);
if (ret)
return ret;
- if (ip > ip_to) {
+ if (ip > ip_to)
swap(ip, ip_to);
- if (ip < map->first_ip)
- return -IPSET_ERR_BITMAP_RANGE;
- }
} else if (tb[IPSET_ATTR_CIDR]) {
u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
@@ -181,7 +178,7 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *tb[],
ip_to = ip;
}
- if (ip_to > map->last_ip)
+ if (ip < map->first_ip || ip_to > map->last_ip)
return -IPSET_ERR_BITMAP_RANGE;
for (; !before(ip_to, ip); ip += map->hosts) {
--
2.25.1
mainline inclusion
from mainline-v6.13-rc2
commit c44daa7e3c73229f7ac74985acb8c7fb909c4e0a
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IB515T
CVE: NA
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?…
--------------------------------
arp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:
WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
RIP: 0010:ip_rt_bug+0x14/0x20
Call Trace:
<IRQ>
ip_send_skb+0x14/0x40
__icmp_send+0x42d/0x6a0
ipv4_link_failure+0xe2/0x1d0
arp_error_report+0x3c/0x50
neigh_invalidate+0x8d/0x100
neigh_timer_handler+0x2e1/0x330
call_timer_fn+0x21/0x120
__run_timer_base.part.0+0x1c9/0x270
run_timer_softirq+0x4c/0x80
handle_softirqs+0xac/0x280
irq_exit_rcu+0x62/0x80
sysvec_apic_timer_interrupt+0x77/0x90
The script below reproduces this scenario:
ip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \
dir out priority 0 ptype main flag localok icmp
ip l a veth1 type veth
ip a a 192.168.141.111/24 dev veth0
ip l s veth0 up
ping 192.168.141.155 -c 1
icmp_route_lookup() create input routes for locally generated packets
while xfrm relookup ICMP traffic.Then it will set input route
(dst->out = ip_rt_bug) to skb for DESTUNREACH.
For ICMP err triggered by locally generated packets, dst->dev of output
route is loopback. Generally, xfrm relookup verification is not required
on loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).
Skip icmp relookup for locally generated packets to fix it.
Fixes: 8b7817f3a959 ("[IPSEC]: Add ICMP host relookup support")
Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com>
Reviewed-by: David Ahern <dsahern(a)kernel.org>
Reviewed-by: Eric Dumazet <edumazet(a)google.com>
Link: https://patch.msgid.link/20241127040850.1513135-1-dongchenchen2@huawei.com
Signed-off-by: Jakub Kicinski <kuba(a)kernel.org>
Conflicts:
net/ipv4/icmp.c
[commit 913c83a610bb("ipv4: Convert icmp_route_lookup() to dscp_t") wasnt
merged, which lead to context conflicts]
Signed-off-by: Dong Chenchen <dongchenchen2(a)huawei.com>
---
net/ipv4/icmp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
index 4cbc1bb85ac0..e03003a9c6b0 100644
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -525,6 +525,9 @@ static struct rtable *icmp_route_lookup(struct net *net,
if (!IS_ERR(rt)) {
if (rt != rt2)
return rt;
+ if (inet_addr_type_dev_table(net, route_lookup_dev,
+ fl4->daddr) == RTN_LOCAL)
+ return rt;
} else if (PTR_ERR(rt) == -EPERM) {
rt = NULL;
} else
--
2.25.1