aboutsummaryrefslogtreecommitdiff
path: root/SOURCES/patch-6.0-redhat.patch
diff options
context:
space:
mode:
Diffstat (limited to 'SOURCES/patch-6.0-redhat.patch')
-rw-r--r--SOURCES/patch-6.0-redhat.patch208
1 files changed, 84 insertions, 124 deletions
diff --git a/SOURCES/patch-6.0-redhat.patch b/SOURCES/patch-6.0-redhat.patch
index 4860def..97752a2 100644
--- a/SOURCES/patch-6.0-redhat.patch
+++ b/SOURCES/patch-6.0-redhat.patch
@@ -35,11 +35,11 @@
include/linux/pci.h | 3 +
include/linux/rmi.h | 1 +
include/linux/security.h | 5 +
- include/net/neighbour.h | 2 +-
+ include/net/sock.h | 2 +-
init/Kconfig | 2 +-
kernel/module/signing.c | 9 +-
- net/core/neighbour.c | 58 ++--
net/ipv4/fib_semantics.c | 8 +-
+ net/l2tp/l2tp_core.c | 19 +-
scripts/pahole-flags.sh | 3 +
scripts/tags.sh | 2 +
security/integrity/platform_certs/load_uefi.c | 6 +-
@@ -47,10 +47,10 @@
security/lockdown/lockdown.c | 1 +
security/security.c | 6 +
tools/testing/selftests/net/fib_nexthops.sh | 5 +
- 49 files changed, 793 insertions(+), 391 deletions(-)
+ 49 files changed, 776 insertions(+), 369 deletions(-)
diff --git a/Makefile b/Makefile
-index 4f7da26fef78..ce8f093a79f1 100644
+index 9fecb094c28a..43753e41fb51 100644
--- a/Makefile
+++ b/Makefile
@@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
@@ -1090,7 +1090,7 @@ index 3a808146b50f..c1a3f3057921 100644
* Changes the default domain of an iommu group that has *only* one device
*
diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c
-index ed47c256dbd2..2af613f7353f 100644
+index 01c36284e542..2a5fd205863b 100644
--- a/drivers/nvme/host/core.c
+++ b/drivers/nvme/host/core.c
@@ -250,6 +250,9 @@ static void nvme_delete_ctrl_sync(struct nvme_ctrl *ctrl)
@@ -1946,21 +1946,21 @@ index 7bd0c490703d..7779eaf1ffa1 100644
#endif /* CONFIG_SECURITY */
#if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE)
-diff --git a/include/net/neighbour.h b/include/net/neighbour.h
-index 3827a6b395fd..bce6b228cf56 100644
---- a/include/net/neighbour.h
-+++ b/include/net/neighbour.h
-@@ -83,7 +83,7 @@ struct neigh_parms {
- struct rcu_head rcu_head;
-
- int reachable_time;
-- int qlen;
-+ u32 qlen;
- int data[NEIGH_VAR_DATA_MAX];
- DECLARE_BITMAP(data_state, NEIGH_VAR_DATA_MAX);
- };
+diff --git a/include/net/sock.h b/include/net/sock.h
+index f6e6838c82df..03a4ebe3ccc8 100644
+--- a/include/net/sock.h
++++ b/include/net/sock.h
+@@ -323,7 +323,7 @@ struct sk_filter;
+ * @sk_tskey: counter to disambiguate concurrent tstamp requests
+ * @sk_zckey: counter to order MSG_ZEROCOPY notifications
+ * @sk_socket: Identd and reporting IO signals
+- * @sk_user_data: RPC layer private data
++ * @sk_user_data: RPC layer private data. Write-protected by @sk_callback_lock.
+ * @sk_frag: cached page frag
+ * @sk_peek_off: current peek_offset value
+ * @sk_send_head: front of stuff to transmit
diff --git a/init/Kconfig b/init/Kconfig
-index 532362fcfe31..30d547537ea0 100644
+index d1d779d6ba43..b3d83b0eb539 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1678,7 +1678,7 @@ config AIO
@@ -1995,111 +1995,6 @@ index a2ff4242e623..f0d2be1ee4f1 100644
}
int module_sig_check(struct load_info *info, int flags)
-diff --git a/net/core/neighbour.c b/net/core/neighbour.c
-index 84755db81e9d..35f5a3125808 100644
---- a/net/core/neighbour.c
-+++ b/net/core/neighbour.c
-@@ -307,7 +307,31 @@ static int neigh_del_timer(struct neighbour *n)
- return 0;
- }
-
--static void pneigh_queue_purge(struct sk_buff_head *list, struct net *net)
-+static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
-+ int family)
-+{
-+ switch (family) {
-+ case AF_INET:
-+ return __in_dev_arp_parms_get_rcu(dev);
-+ case AF_INET6:
-+ return __in6_dev_nd_parms_get_rcu(dev);
-+ }
-+ return NULL;
-+}
-+
-+static void neigh_parms_qlen_dec(struct net_device *dev, int family)
-+{
-+ struct neigh_parms *p;
-+
-+ rcu_read_lock();
-+ p = neigh_get_dev_parms_rcu(dev, family);
-+ if (p)
-+ p->qlen--;
-+ rcu_read_unlock();
-+}
-+
-+static void pneigh_queue_purge(struct sk_buff_head *list, struct net *net,
-+ int family)
- {
- struct sk_buff_head tmp;
- unsigned long flags;
-@@ -321,13 +345,7 @@ static void pneigh_queue_purge(struct sk_buff_head *list, struct net *net)
- struct net_device *dev = skb->dev;
-
- if (net == NULL || net_eq(dev_net(dev), net)) {
-- struct in_device *in_dev;
--
-- rcu_read_lock();
-- in_dev = __in_dev_get_rcu(dev);
-- if (in_dev)
-- in_dev->arp_parms->qlen--;
-- rcu_read_unlock();
-+ neigh_parms_qlen_dec(dev, family);
- __skb_unlink(skb, list);
- __skb_queue_tail(&tmp, skb);
- }
-@@ -409,7 +427,8 @@ static int __neigh_ifdown(struct neigh_table *tbl, struct net_device *dev,
- write_lock_bh(&tbl->lock);
- neigh_flush_dev(tbl, dev, skip_perm);
- pneigh_ifdown_and_unlock(tbl, dev);
-- pneigh_queue_purge(&tbl->proxy_queue, dev ? dev_net(dev) : NULL);
-+ pneigh_queue_purge(&tbl->proxy_queue, dev ? dev_net(dev) : NULL,
-+ tbl->family);
- if (skb_queue_empty_lockless(&tbl->proxy_queue))
- del_timer_sync(&tbl->proxy_timer);
- return 0;
-@@ -1621,13 +1640,8 @@ static void neigh_proxy_process(struct timer_list *t)
-
- if (tdif <= 0) {
- struct net_device *dev = skb->dev;
-- struct in_device *in_dev;
-
-- rcu_read_lock();
-- in_dev = __in_dev_get_rcu(dev);
-- if (in_dev)
-- in_dev->arp_parms->qlen--;
-- rcu_read_unlock();
-+ neigh_parms_qlen_dec(dev, tbl->family);
- __skb_unlink(skb, &tbl->proxy_queue);
-
- if (tbl->proxy_redo && netif_running(dev)) {
-@@ -1821,7 +1835,7 @@ int neigh_table_clear(int index, struct neigh_table *tbl)
- cancel_delayed_work_sync(&tbl->managed_work);
- cancel_delayed_work_sync(&tbl->gc_work);
- del_timer_sync(&tbl->proxy_timer);
-- pneigh_queue_purge(&tbl->proxy_queue, NULL);
-+ pneigh_queue_purge(&tbl->proxy_queue, NULL, tbl->family);
- neigh_ifdown(tbl, NULL);
- if (atomic_read(&tbl->entries))
- pr_crit("neighbour leakage\n");
-@@ -3542,18 +3556,6 @@ static int proc_unres_qlen(struct ctl_table *ctl, int write,
- return ret;
- }
-
--static struct neigh_parms *neigh_get_dev_parms_rcu(struct net_device *dev,
-- int family)
--{
-- switch (family) {
-- case AF_INET:
-- return __in_dev_arp_parms_get_rcu(dev);
-- case AF_INET6:
-- return __in6_dev_nd_parms_get_rcu(dev);
-- }
-- return NULL;
--}
--
- static void neigh_copy_dflt_parms(struct net *net, struct neigh_parms *p,
- int index)
- {
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c
index 2dc97583d279..e9a7f70a54df 100644
--- a/net/ipv4/fib_semantics.c
@@ -2122,6 +2017,71 @@ index 2dc97583d279..e9a7f70a54df 100644
nh = fib_info_nh(fi, 0);
if (cfg->fc_encap) {
if (fib_encap_match(net, cfg->fc_encap_type,
+diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
+index 7499c51b1850..754fdda8a5f5 100644
+--- a/net/l2tp/l2tp_core.c
++++ b/net/l2tp/l2tp_core.c
+@@ -1150,8 +1150,10 @@ static void l2tp_tunnel_destruct(struct sock *sk)
+ }
+
+ /* Remove hooks into tunnel socket */
++ write_lock_bh(&sk->sk_callback_lock);
+ sk->sk_destruct = tunnel->old_sk_destruct;
+ sk->sk_user_data = NULL;
++ write_unlock_bh(&sk->sk_callback_lock);
+
+ /* Call the original destructor */
+ if (sk->sk_destruct)
+@@ -1469,16 +1471,18 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
+ sock = sockfd_lookup(tunnel->fd, &ret);
+ if (!sock)
+ goto err;
+-
+- ret = l2tp_validate_socket(sock->sk, net, tunnel->encap);
+- if (ret < 0)
+- goto err_sock;
+ }
+
++ sk = sock->sk;
++ write_lock(&sk->sk_callback_lock);
++
++ ret = l2tp_validate_socket(sk, net, tunnel->encap);
++ if (ret < 0)
++ goto err_sock;
++
+ tunnel->l2tp_net = net;
+ pn = l2tp_pernet(net);
+
+- sk = sock->sk;
+ sock_hold(sk);
+ tunnel->sock = sk;
+
+@@ -1504,7 +1508,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
+
+ setup_udp_tunnel_sock(net, sock, &udp_cfg);
+ } else {
+- sk->sk_user_data = tunnel;
++ rcu_assign_sk_user_data(sk, tunnel);
+ }
+
+ tunnel->old_sk_destruct = sk->sk_destruct;
+@@ -1518,6 +1522,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
+ if (tunnel->fd >= 0)
+ sockfd_put(sock);
+
++ write_unlock(&sk->sk_callback_lock);
+ return 0;
+
+ err_sock:
+@@ -1525,6 +1530,8 @@ int l2tp_tunnel_register(struct l2tp_tunnel *tunnel, struct net *net,
+ sock_release(sock);
+ else
+ sockfd_put(sock);
++
++ write_unlock(&sk->sk_callback_lock);
+ err:
+ return ret;
+ }
diff --git a/scripts/pahole-flags.sh b/scripts/pahole-flags.sh
index 0d99ef17e4a5..81c8e082ec57 100755
--- a/scripts/pahole-flags.sh