From 0232f57e1af6580542c0ed1ce1d76c7cd4084613 Mon Sep 17 00:00:00 2001 From: Koen Vandeputte Date: Wed, 15 Apr 2020 14:55:36 +0200 Subject: kernel: bump 4.14 to 4.14.176 Refreshed all patches. Remove upstreamed: - 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch - 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch - 003-ARM-dts-oxnas-Fix-clear-mask-property.patch Fixes: - CVE-2020-8647 - CVE-2020-8648 (potentially) - CVE-2020-8649 Compile-tested on: cns3xxx, octeontx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte --- ...nf-call-ipv6_mc_up-for-non-Ethernet-inter.patch | 71 ---------------------- 1 file changed, 71 deletions(-) delete mode 100644 target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch (limited to 'target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch') diff --git a/target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch b/target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch deleted file mode 100644 index ba0d137096..0000000000 --- a/target/linux/generic/backport-4.14/600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 82afdcd4ec3c8ca6551cbf7c43c09e2fd240487a Mon Sep 17 00:00:00 2001 -From: Hangbin Liu -Date: Tue, 10 Mar 2020 15:27:37 +0800 -Subject: [PATCH] ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Rafał found an issue that for non-Ethernet interface, if we down and up -frequently, the memory will be consumed slowly. - -The reason is we add allnodes/allrouters addressed in multicast list in -ipv6_add_dev(). When link down, we call ipv6_mc_down(), store all multicast -addresses via mld_add_delrec(). But when link up, we don't call ipv6_mc_up() -for non-Ethernet interface to remove the addresses. This makes idev->mc_tomb -getting bigger and bigger. The call stack looks like: - -addrconf_notify(NETDEV_REGISTER) - ipv6_add_dev - ipv6_dev_mc_inc(ff01::1) - ipv6_dev_mc_inc(ff02::1) - ipv6_dev_mc_inc(ff02::2) - -addrconf_notify(NETDEV_UP) - addrconf_dev_config - /* Alas, we support only Ethernet autoconfiguration. */ - return; - -addrconf_notify(NETDEV_DOWN) - addrconf_ifdown - ipv6_mc_down - igmp6_group_dropped(ff02::2) - mld_add_delrec(ff02::2) - igmp6_group_dropped(ff02::1) - igmp6_group_dropped(ff01::1) - -After investigating, I can't found a rule to disable multicast on -non-Ethernet interface. In RFC2460, the link could be Ethernet, PPP, ATM, -tunnels, etc. In IPv4, it doesn't check the dev type when calls ip_mc_up() -in inetdev_event(). Even for IPv6, we don't check the dev type and call -ipv6_add_dev(), ipv6_dev_mc_inc() after register device. - -So I think it's OK to fix this memory consumer by calling ipv6_mc_up() for -non-Ethernet interface. - -v2: Also check IFF_MULTICAST flag to make sure the interface supports - multicast - -Reported-by: Rafał Miłecki -Tested-by: Rafał Miłecki -Fixes: 74235a25c673 ("[IPV6] addrconf: Fix IPv6 on tuntap tunnels") -Fixes: 1666d49e1d41 ("mld: do not remove mld souce list info when set link down") -Signed-off-by: Hangbin Liu -Signed-off-by: David S. Miller ---- - net/ipv6/addrconf.c | 4 ++++ - 1 file changed, 4 insertions(+) - ---- a/net/ipv6/addrconf.c -+++ b/net/ipv6/addrconf.c -@@ -3223,6 +3223,10 @@ static void addrconf_dev_config(struct n - (dev->type != ARPHRD_TUNNEL) && - (dev->type != ARPHRD_NONE)) { - /* Alas, we support only Ethernet autoconfiguration. */ -+ idev = __in6_dev_get(dev); -+ if (!IS_ERR_OR_NULL(idev) && dev->flags & IFF_UP && -+ dev->flags & IFF_MULTICAST) -+ ipv6_mc_up(idev); - return; - } - -- cgit v1.2.3