Marcelo Ricardo Leitner [Sat, 23 Jul 2016 03:32:48 +0000 (00:32 -0300)]
sctp: fix BH handling on socket backlog
Now that the backlog processing is called with BH enabled, we have to
disable BH before taking the socket lock via bh_lock_sock() otherwise
it may dead lock:
sctp_backlog_rcv()
bh_lock_sock(sk);
if (sock_owned_by_user(sk)) {
if (sk_add_backlog(sk, skb, sk->sk_rcvbuf))
sctp_chunk_free(chunk);
else
backloged = 1;
} else
sctp_inq_push(inqueue, chunk);
bh_unlock_sock(sk);
while sctp_inq_push() was disabling/enabling BH, but enabling BH
triggers pending softirq, which then may try to re-lock the socket in
sctp_rcv().
[ 219.187215] <IRQ>
[ 219.187217] [<
ffffffff817ca3e0>] _raw_spin_lock+0x20/0x30
[ 219.187223] [<
ffffffffa041888c>] sctp_rcv+0x48c/0xba0 [sctp]
[ 219.187225] [<
ffffffff816e7db2>] ? nf_iterate+0x62/0x80
[ 219.187226] [<
ffffffff816f1b14>] ip_local_deliver_finish+0x94/0x1e0
[ 219.187228] [<
ffffffff816f1e1f>] ip_local_deliver+0x6f/0xf0
[ 219.187229] [<
ffffffff816f1a80>] ? ip_rcv_finish+0x3b0/0x3b0
[ 219.187230] [<
ffffffff816f17a8>] ip_rcv_finish+0xd8/0x3b0
[ 219.187232] [<
ffffffff816f2122>] ip_rcv+0x282/0x3a0
[ 219.187233] [<
ffffffff810d8bb6>] ? update_curr+0x66/0x180
[ 219.187235] [<
ffffffff816abac4>] __netif_receive_skb_core+0x524/0xa90
[ 219.187236] [<
ffffffff810d8e00>] ? update_cfs_shares+0x30/0xf0
[ 219.187237] [<
ffffffff810d557c>] ? __enqueue_entity+0x6c/0x70
[ 219.187239] [<
ffffffff810dc454>] ? enqueue_entity+0x204/0xdf0
[ 219.187240] [<
ffffffff816ac048>] __netif_receive_skb+0x18/0x60
[ 219.187242] [<
ffffffff816ad1ce>] process_backlog+0x9e/0x140
[ 219.187243] [<
ffffffff816ac8ec>] net_rx_action+0x22c/0x370
[ 219.187245] [<
ffffffff817cd352>] __do_softirq+0x112/0x2e7
[ 219.187247] [<
ffffffff817cc3bc>] do_softirq_own_stack+0x1c/0x30
[ 219.187247] <EOI>
[ 219.187248] [<
ffffffff810aa1c8>] do_softirq.part.14+0x38/0x40
[ 219.187249] [<
ffffffff810aa24d>] __local_bh_enable_ip+0x7d/0x80
[ 219.187254] [<
ffffffffa0408428>] sctp_inq_push+0x68/0x80 [sctp]
[ 219.187258] [<
ffffffffa04190f1>] sctp_backlog_rcv+0x151/0x1c0 [sctp]
[ 219.187260] [<
ffffffff81692b07>] __release_sock+0x87/0xf0
[ 219.187261] [<
ffffffff81692ba0>] release_sock+0x30/0xa0
[ 219.187265] [<
ffffffffa040e46d>] sctp_accept+0x17d/0x210 [sctp]
[ 219.187266] [<
ffffffff810e7510>] ? prepare_to_wait_event+0xf0/0xf0
[ 219.187268] [<
ffffffff8172d52c>] inet_accept+0x3c/0x130
[ 219.187269] [<
ffffffff8168d7a3>] SYSC_accept4+0x103/0x210
[ 219.187271] [<
ffffffff817ca2ba>] ? _raw_spin_unlock_bh+0x1a/0x20
[ 219.187272] [<
ffffffff81692bfc>] ? release_sock+0x8c/0xa0
[ 219.187276] [<
ffffffffa0413e22>] ? sctp_inet_listen+0x62/0x1b0 [sctp]
[ 219.187277] [<
ffffffff8168f2d0>] SyS_accept+0x10/0x20
Fixes:
860fbbc343bf ("sctp: prepare for socket backlog behavior change")
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Haiyang Zhang [Sat, 23 Jul 2016 01:14:50 +0000 (18:14 -0700)]
hv_netvsc: Fix VF register on bonding devices
Added a condition to avoid bonding devices with same MAC registering
as VF.
Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com>
Reviewed-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Colin Ian King [Fri, 22 Jul 2016 18:04:12 +0000 (19:04 +0100)]
kcm: remove redundant -ve error check and return path
The check for a -ve error is redundant, remove it and just
immediately return the return value from the call to
seq_open_net.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Mike Manning [Fri, 22 Jul 2016 17:32:11 +0000 (18:32 +0100)]
net: ipv6: Always leave anycast and multicast groups on link down
Default kernel behavior is to delete IPv6 addresses on link
down, which entails deletion of the multicast and the
subnet-router anycast addresses. These deletions do not
happen with sysctl setting to keep global IPv6 addresses on
link down, so every link down/up causes an increment of the
anycast and multicast refcounts. These bogus refcounts may
stop these addrs from being removed on subsequent calls to
delete them. The solution is to leave the groups for the
multicast and subnet anycast on link down for the callflow
when global IPv6 addresses are kept.
Fixes:
f1705ec197e7 ("net: ipv6: Make address flushing on ifdown optional")
Signed-off-by: Mike Manning <mmanning@brocade.com>
Acked-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 25 Jul 2016 18:09:19 +0000 (11:09 -0700)]
Merge tag 'wireless-drivers-next-for-davem-2016-07-22' of git://git./linux/kernel/git/kvalo/wireless-drivers-next
Kalle Valo says:
====================
pull-request: wireless-drivers-next 2016-07-22
I'm sick so I have to keep this short, but here's the last pull request
to net-next. This time there's a trivial conflict with mtd tree:
http://lkml.kernel.org/g/
20160720123133.
44dab209@canb.auug.org.au
We concluded with Brian (CCed) that it's best that we ask Linus to fix
this. The patches have been in linux-next for a couple of days. This
time I haven't done any merge tests so I don't know if there are any
other conflicts etc.
Please let me know if there are any problems.
wireless-drivers-next patches for 4.8
Major changes:
wl18xx
* add initial mesh support
bcma
* serial flash support on non-MIPS SoCs
ath10k
* enable support for QCA9888
* disable wake_tx_queue() mac80211 op for older devices to workaround
throughput regression
ath9k
* implement temperature compensation support for AR9003+
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Wei Yongjun [Fri, 22 Jul 2016 14:05:32 +0000 (14:05 +0000)]
libcxgb: remove unused including <linux/version.h>
Remove including <linux/version.h> that don't need it.
Signed-off-by: Wei Yongjun <weiyj.lk@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Xin Long [Fri, 22 Jul 2016 13:25:42 +0000 (21:25 +0800)]
sctp: use inet_recvmsg to support sctp RFS well
Commit
486bdee0134c ("sctp: add support for RPS and RFS")
saves skb->hash into sk->sk_rxhash so that the inet_* can
record it to flow table.
But sctp uses sock_common_recvmsg as .recvmsg instead
of inet_recvmsg, sock_common_recvmsg doesn't invoke
sock_rps_record_flow to record the flow. It may cause
that the receiver has no chances to record the flow if
it doesn't send msg or poll the socket.
So this patch fixes it by using inet_recvmsg as .recvmsg
in sctp.
Fixes:
486bdee0134c ("sctp: add support for RPS and RFS")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 25 Jul 2016 17:55:40 +0000 (10:55 -0700)]
Merge branch 'macsec-icv-fixes'
Davide Caratti says:
====================
macsec: fix configurable ICV length
This series provides a fix for macsec configurable ICV length. The
maximum length of ICV element has been made compliant to IEEE 802.1AE,
and error reporting in case of cipher suite configuration failure has been
improved. Finally, a test has been added to netlink verify() callback in
order to avoid creation of macsec interfaces having user-provided ICV length
values that are not supported by the cipher suite.
====================
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Acked-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Davide Caratti [Fri, 22 Jul 2016 13:07:58 +0000 (15:07 +0200)]
macsec: validate ICV length on link creation
Test the cipher suite initialization in case ICV length has a value
different than its default. If this test fails, creation of a new macsec
link will also fail. This avoids situations where further security
associations can't be added due to failures of crypto_aead_setauthsize(),
caused by unsupported user-provided values of the ICV length.
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Davide Caratti [Fri, 22 Jul 2016 13:07:57 +0000 (15:07 +0200)]
macsec: fix error codes when a SA is created
preserve the return value of AEAD functions that are called when a SA is
created, to avoid inappropriate display of "RTNETLINK answers: Cannot
allocate memory" message.
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Davide Caratti [Fri, 22 Jul 2016 13:07:56 +0000 (15:07 +0200)]
macsec: limit ICV length to 16 octets
IEEE 802.1AE-2006 standard recommends that the ICV element in a MACsec
frame should not exceed 16 octets: add MACSEC_STD_ICV_LEN in uapi
definitions accordingly, and avoid accepting configurations where the ICV
length exceeds the standard value. Leave definition of MACSEC_MAX_ICV_LEN
unchanged for backwards compatibility with userspace programs.
Fixes:
dece8d2b78d1 ("uapi: add MACsec bits")
Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ido Schimmel [Fri, 22 Jul 2016 11:56:20 +0000 (14:56 +0300)]
bridge: Fix incorrect re-injection of LLDP packets
Commit
8626c56c8279 ("bridge: fix potential use-after-free when hook
returns QUEUE or STOLEN verdict") caused LLDP packets arriving through a
bridge port to be re-injected to the Rx path with skb->dev set to the
bridge device, but this breaks the lldpad daemon.
The lldpad daemon opens a packet socket with protocol set to ETH_P_LLDP
for any valid device on the system, which doesn't not include soft
devices such as bridge and VLAN.
Since packet sockets (ptype_base) are processed in the Rx path after the
Rx handler, LLDP packets with skb->dev set to the bridge device never
reach the lldpad daemon.
Fix this by making the bridge's Rx handler re-inject LLDP packets with
RX_HANDLER_PASS, which effectively restores the behaviour prior to the
mentioned commit.
This means netfilter will never receive LLDP packets coming through a
bridge port, as I don't see a way in which we can have okfn() consume
the packet without breaking existing behaviour. I've already carried out
a similar fix for STP packets in commit
56fae404fb2c ("bridge: Fix
incorrect re-injection of STP packets").
Fixes:
8626c56c8279 ("bridge: fix potential use-after-free when hook returns QUEUE or STOLEN verdict")
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Cc: Florian Westphal <fw@strlen.de>
Cc: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Xin Long [Fri, 22 Jul 2016 09:38:51 +0000 (17:38 +0800)]
sctp: support ipv6 nonlocal bind
This patch makes sctp support ipv6 nonlocal bind by adding
sp->inet.freebind and net->ipv6.sysctl.ip_nonlocal_bind
check in sctp_v6_available as what sctp did to support
ipv4 nonlocal bind (commit
cdac4e077489).
Reported-by: Shijoe George <spanjikk@redhat.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 25 Jul 2016 17:43:07 +0000 (10:43 -0700)]
Merge branch '40GbE' of git://git./linux/kernel/git/jkirsher/next-queue
Conflicts:
drivers/net/ethernet/intel/i40e/i40e_main.c
Jeff Kirsher says:
====================
40GbE Intel Wired LAN Driver Updates 2016-07-22
This series contains updates to i40e and i40evf.
Heinrich Schuchardt found a possible null pointer being dereferenced in
i40e_debug_aq(), fixed the issue by doing the variable assignment after
we are sure the pointer is not null.
Avinash fixed an issue when link was down, we were not showing the
correct advertised link modes.
Mitch cleans up a useless initializer since the variable is assigned
right away. Refactors the receive filter handling to properly track
filter adds and deletes so the driver will not lose filters during a
reset and up/down cycles. Also added a tracking mechanism so that the
driver knows when to enter and leave promiscuous mode.
Catherine removes a device id which is not needed (or used). Moves
a mutex lock since we need to lock the client list around the
i40e_client_release() call to prevent the release from interrupting
the client instances while they are being added.
Joshua adds Hyper-V specific VF device ids.
Amitoj Kaur Chawla cleans up a redundant memset() call before a memcpy().
Stefan Assmann adds the missing link advertise for some x710 NICs.
Tushar Dave fixes and issue found on SPARC, where a PF reset clears MAC
filters and if a platform-specific MAC address is used, the driver has
to explicitly write default MAC address to MAC filters otherwise all
incoming traffic destined to the default MAC address will be dropped
after reset.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Thu, 21 Jul 2016 23:19:42 +0000 (01:19 +0200)]
bpf, events: fix offset in skb copy handler
This patch fixes the __output_custom() routine we currently use with
bpf_skb_copy(). I missed that when len is larger than the size of the
current handle, we can issue multiple invocations of copy_func, and
__output_custom() advances destination but also source buffer by the
written amount of bytes. When we have __output_custom(), this is actually
wrong since in that case the source buffer points to a non-linear object,
in our case an skb, which the copy_func helper is supposed to walk.
Therefore, since this is non-linear we thus need to pass the offset into
the helper, so that copy_func can use it for extracting the data from
the source object.
Therefore, adjust the callback signatures properly and pass offset
into the skb_header_pointer() invoked from bpf_skb_copy() callback. The
__DEFINE_OUTPUT_COPY_BODY() is adjusted to accommodate for two things:
i) to pass in whether we should advance source buffer or not; this is
a compile-time constant condition, ii) to pass in the offset for
__output_custom(), which we do with help of __VA_ARGS__, so everything
can stay inlined as is currently. Both changes allow for adapting the
__output_* fast-path helpers w/o extra overhead.
Fixes:
555c8a8623a3 ("bpf: avoid stack copy and use skb ctx for event output")
Fixes:
7e3f977edd0b ("perf, events: add non-linear data support for raw records")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Arnd Bergmann [Thu, 21 Jul 2016 19:28:34 +0000 (21:28 +0200)]
net/ncsi: avoid maybe-uninitialized warning
gcc-4.9 and higher warn about the newly added NSCI code:
net/ncsi/ncsi-manage.c: In function 'ncsi_process_next_channel':
net/ncsi/ncsi-manage.c:1003:2: error: 'old_state' may be used uninitialized in this function [-Werror=maybe-uninitialized]
The warning is a false positive and therefore harmless, but it would be good to
avoid it anyway. I have determined that the barrier in the spin_unlock_irqsave()
is what confuses gcc to the point that it cannot track whether the variable
was unused or not.
This rearranges the code in a way that makes it obvious to gcc that old_state
is always initialized at the time of use, functionally this should not
change anything.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 25 Jul 2016 17:31:09 +0000 (10:31 -0700)]
Merge branch 'libcxgb'
Varun Prakash says:
====================
common library for Chelsio drivers.
This patch series adds common library module(libcxgb.ko)
for Chelsio drivers to remove duplicate code.
This series moves common iSCSI DDP Page Pod manager
code from cxgb4.ko to libcxgb.ko, earlier this code
was used by only cxgbit.ko now it is used by
three Chelsio iSCSI drivers cxgb3i, cxgb4i, cxgbit.
In future this module will have common connection
management and hardware specific code that can
be shared by multiple Chelsio drivers(cxgb4,
csiostor, iw_cxgb4, cxgb4i, cxgbit).
Please review.
Thanks
-v3
- removed unused module init and exit functions.
-v2
- updated CONFIG_CHELSIO_LIB to an invisible option
- changed libcxgb.ko module license from GPL to Dual BSD/GPL
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Varun Prakash [Thu, 21 Jul 2016 17:27:19 +0000 (22:57 +0530)]
cxgb3i, cxgb4i: fix symbol not declared sparse warning
Fix following sparse warnings
warning: symbol 'cxgb3i_ofld_init' was not declared. Should it be static?
warning: symbol 'cxgb4i_cplhandlers' was not declared. Should it be static?
warning: symbol 'cxgb4i_ofld_init' was not declared. Should it be static?
Signed-off-by: Varun Prakash <varun@chelsio.com>
Reviewed-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Varun Prakash [Thu, 21 Jul 2016 17:27:18 +0000 (22:57 +0530)]
libcxgb: export ppm release and tagmask set api
Export cxgbi_ppm_release() to release
ppod manager and cxgbi_tagmask_set() to
set tag mask, they are used by cxgb3i, cxgb4i
and cxgbit.
Signed-off-by: Varun Prakash <varun@chelsio.com>
Reviewed-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Varun Prakash [Thu, 21 Jul 2016 17:27:17 +0000 (22:57 +0530)]
cxgb3i: add iSCSI DDP support
Add iSCSI DDP support in cxgb3i driver
using common iSCSI DDP Page Pod Manager.
Signed-off-by: Varun Prakash <varun@chelsio.com>
Reviewed-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Varun Prakash [Thu, 21 Jul 2016 17:27:16 +0000 (22:57 +0530)]
cxgb4i,libcxgbi: add iSCSI DDP support
Add iSCSI DDP support in cxgb4i driver
using common iSCSI DDP Page Pod Manager.
Signed-off-by: Varun Prakash <varun@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Varun Prakash [Thu, 21 Jul 2016 17:27:15 +0000 (22:57 +0530)]
cxgb3i,cxgb4i,libcxgbi: remove iSCSI DDP support
Remove old ddp code from cxgb3i,cxgb4i,libcxgbi.
Next two commits adds DDP support using
common iSCSI DDP Page Pod Manager.
Signed-off-by: Varun Prakash <varun@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Varun Prakash [Thu, 21 Jul 2016 17:27:14 +0000 (22:57 +0530)]
libcxgb: add library module for Chelsio drivers
Add common library module(libcxgb.ko) for
Chelsio drivers to remove duplicate code.
Code for iSCSI DDP Page Pod Manager is moved
from cxgb4.ko to libcxgb.ko. Earlier only cxgbit.ko
was using this code, now cxgb3i and cxgb4i will
also use common Page Pod manager code.
In future this module will have common connection
management and hardware specific code that can be
shared by multiple Chelsio drivers.
Signed-off-by: Varun Prakash <varun@chelsio.com>
Reviewed-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Thu, 21 Jul 2016 16:42:19 +0000 (12:42 -0400)]
net: bridge: br_set_ageing_time takes a clock_t
Change the ageing_time type in br_set_ageing_time() from u32 to what it
is expected to be, i.e. a clock_t.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Thu, 21 Jul 2016 16:42:10 +0000 (12:42 -0400)]
net: bridge: fix br_stp_enable_bridge comment
br_stp_enable_bridge() does take the br->lock spinlock. Fix its wrongly
pasted comment and use the same as br_stp_disable_bridge().
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ganesh Goudar [Thu, 21 Jul 2016 14:49:18 +0000 (20:19 +0530)]
cxgb4/cxgb4vf: Add link mode mask API to cxgb4 and cxgb4vf
Based on original work by Casey Leedom <leedom@chelsio.com>
Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Mark Bloch [Thu, 21 Jul 2016 08:52:55 +0000 (11:52 +0300)]
net/bonding: Enforce active-backup policy for IPoIB bonds
When using an IPoIB bond currently only active-backup mode is a valid
use case and this commit strengthens it.
Since commit
2ab82852a270 ("net/bonding: Enable bonding to enslave
netdevices not supporting set_mac_address()") was introduced till
4.7-rc1, IPoIB didn't support the set_mac_address ndo, and hence the
fail over mac policy always applied to IPoIB bonds.
With the introduction of commit
492a7e67ff83 ("IB/IPoIB: Allow setting
the device address"), that doesn't hold and practically IPoIB bonds are
broken as of that. To fix it, lets go to fail over mac if the device
doesn't support the ndo OR this is IPoIB device.
As a by-product, this commit also prevents a stack corruption which
occurred when trying to copy 20 bytes (IPoIB) device address
to a sockaddr struct that has only 16 bytes of storage.
Signed-off-by: Mark Bloch <markb@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Acked-by: Andy Gospodarek <gospo@cumulusnetworks.com>
Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 25 Jul 2016 06:12:00 +0000 (23:12 -0700)]
Merge branch 'mlxsw-port-mirroring'
Jiri Pirko says:
====================
mlxsw: implement port mirroring offload
This patchset introduces tc matchall classifier and its offload
to Spectrum hardware. In combination with mirred action, defined port mirroring
setup is offloaded by mlxsw/spectrum driver.
The commands used for creating mirror ports:
tc qdisc add dev eth25 handle ffff: ingress
tc filter add dev eth25 parent ffff: \
matchall skip_sw \
action mirred egress mirror \
dev eth27
tc qdisc add dev eth25 handle 1: root prio
tc filter add dev eth25 parent 1: \
matchall skip_sw \
action mirred egress mirror \
dev eth27
These patches contain:
- Resource query implementation
- Hardware port mirorring support for spectrum.
- Definition of the matchall traffic classifier.
- General support for hw-offloading for that classifier.
- Specific spectrum implementaion for matchall offloading.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Yotam Gigi [Thu, 21 Jul 2016 10:03:17 +0000 (12:03 +0200)]
mlxsw: spectrum: Add support in matchall mirror TC offloading
This patch offloads port mirroring directives to hw using the matchall TC
with action mirror. It includes both the implementation of the
ndo_setup_tc function for the spectrum driver and the spectrum hardware
offload configuration code.
The hardware offload code is basically two new functions which are capable
of adding and removing a new mirror ports pair. It is done using the MPAT,
MPAR and SBIB registers:
- A new Switch-Port Analyzer (SPAN) entry is added using MPAT to the 'to'
port.
- The 'to' port is bound to the SPAN entry using MPAR register.
- In case of egress SPAN, the 'to' port gets a new internal shared
buffer using SBIB register.
In addition, a new database was added to the mlxsw_sp struct to store all
the SPAN entries and their bound ports list. The number of supported SPAN
entries is determined by resource query.
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yotam Gigi [Thu, 21 Jul 2016 10:03:16 +0000 (12:03 +0200)]
net/sched: act_mirred: Add helper inlines to access tcf_mirred info.
The helper function is_tcf_mirred_mirror helps finding whether an action
struct is of type mirred and is configured to be of type mirror.
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yotam Gigi [Thu, 21 Jul 2016 10:03:15 +0000 (12:03 +0200)]
mlxsw: reg: Add the Monitoring Port Analyzer register
The MPAR register is used to bind ports to a SPAN entry (which was
created using MPAT register) and thus mirror their traffic (ingress /
egress) to a different port.
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yotam Gigi [Thu, 21 Jul 2016 10:03:14 +0000 (12:03 +0200)]
mlxsw: reg: Add Monitoring Port Analyzer Table register
The MPAT register is used to query and configure the Switch Port Analyzer
(SPAN) table. This register is used to configure a port as a mirror output
port, while after that a mirrored input port can be bound using MPAR
register.
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yotam Gigi [Thu, 21 Jul 2016 10:03:13 +0000 (12:03 +0200)]
mlxsw: reg: Add Shared Buffer Internal Buffer register
The SBIB register configures per port buffer for internal use. This
register is used to configure an egress mirror buffer on the egress port
which does the mirroring.
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yotam Gigi [Thu, 21 Jul 2016 10:03:12 +0000 (12:03 +0200)]
net/sched: Add match-all classifier hw offloading.
Following the work that have been done on offloading classifiers like u32
and flower, now the match-all classifier hw offloading is possible. if
the interface supports tc offloading.
To control the offloading, two tc flags have been introduced: skip_sw and
skip_hw. Typical usage:
tc filter add dev eth25 parent ffff: \
matchall skip_sw \
action mirred egress mirror \
dev eth27
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jiri Pirko [Thu, 21 Jul 2016 10:03:11 +0000 (12:03 +0200)]
net/sched: introduce Match-all classifier
The matchall classifier matches every packet and allows the user to apply
actions on it. This filter is very useful in usecases where every packet
should be matched, for example, packet mirroring (SPAN) can be setup very
easily using that filter.
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Yotam Gigi <yotamg@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Nogah Frankel [Thu, 21 Jul 2016 10:03:10 +0000 (12:03 +0200)]
mlxsw: pci: Add max span resources to resources query
Add max span resources to resources query.
Signed-off-by: Nogah Frankel <nogahf@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Nogah Frankel [Thu, 21 Jul 2016 10:03:09 +0000 (12:03 +0200)]
mlxsw: pci: Add resources query implementation.
Add resources query implementation. If exists, query the HW for its
builtin resources instead of having them as consts in the code.
Signed-off-by: Nogah Frankel <nogahf@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Kristian Evensen [Thu, 21 Jul 2016 09:10:06 +0000 (11:10 +0200)]
cdc_ether: Improve ZTE MF823/831/910 handling
The firmware in several ZTE devices (at least the MF823/831/910
modems/mifis) use OS fingerprinting to determine which type of device to
export. In addition, these devices export a REST API which can be used to
control the type of device. So far, on Linux, the devices have been seen as
RNDIS or CDC Ether.
When CDC Ether is used, devices of the same type are, as with RNDIS,
exported with the same, bogus random MAC address. In addition, the devices
(at least on all firmware revisions I have found) use the bogus MAC when
sending traffic routed from external networks. And as a final feature, the
devices sometimes export the link state incorrectly. There are also
references online to several other ZTE devices displaying this behavior,
with several different PIDs and MAC addresses.
This patch tries to improve the handling of ZTE devices by doing the
following:
* Create a new driver_info-struct that is used by ZTE devices that do not
have an explicit entry in the product table. This struct is the same as the
default cdc_ether driver info, but a new bind- and an rx_fixup-function
have been added.
* In the new bind function, we check if we have read a random MAC from the
device. If we have, then we generate a new random MAC address. This will
ensure that all devices get a unique MAC.
* The rx_fixup-function replaces the destination MAC address in the skb
with that of the device. I have not seen a revision of these devices that
behaves correctly (i.e., sets the right destination MAC), so I chose not to
do any comparison with for example the known, bogus addresses.
* The MF823/MF832/MF910 sometimes export cdc carrier on twice on connect
(the correct behavior is off then on). Work around this by manually setting
carrier to off if an on-notification is received and the NOCARRIER-bit is
not set.
This change will affect all devices, but it should take care of similar
mistakes made by other manufacturers. I tried to think of/look/test for
problems/regressions that could be introduced by this behavior, but could
not find any. However, my familiarity with this code path is not that
great, so there could be something I have overlooked.
I have tested this patch with multiple revisions of all three devices, and
they behave as expected. In other words, they all got a valid, random MAC,
the correct operational state and I can receive/sent traffic without
problems. I also tested with some other cdc_ether devices I have and did
not find any problems/regressions caused by the two general changes.
v3->v4:
* Forgot to remove unused variables, sorry about that (thanks David
Miller).
v2->v3:
* I had forgot to remove the random MAC generation from usbnet_cdc_bind()
(thanks Oliver).
* Rework logic in the ZTE bind-function a bit.
v1->v2:
* Only generate random MAC for ZTE devices (thanks Oliver Neukum).
* Set random MAC and do RX fixup for all ZTE devices that do not have a
product-entry, as the bogus MAC have been seen on devices with several
different PIDs/MAC addresses. In other words, it seems to be the default
behavior of ZTE CDC Ether devices (thanks Lars Melin).
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
Acked-by: Oliver Neukum <oneukum@suse.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 25 Jul 2016 05:02:36 +0000 (22:02 -0700)]
Merge git://git./linux/kernel/git/pablo/nf-next
Pablo Neira Ayuso says:
====================
Netfilter/IPVS updates for net-next
The following patchset contains Netfilter/IPVS updates for net-next,
they are:
1) Count pre-established connections as active in "least connection"
schedulers such that pre-established connections to avoid overloading
backend servers on peak demands, from Michal Kubecek via Simon Horman.
2) Address a race condition when resizing the conntrack table by caching
the bucket size when fulling iterating over the hashtable in these
three possible scenarios: 1) dump via /proc/net/nf_conntrack,
2) unlinking userspace helper and 3) unlinking custom conntrack timeout.
From Liping Zhang.
3) Revisit early_drop() path to perform lockless traversal on conntrack
eviction under stress, use del_timer() as synchronization point to
avoid two CPUs evicting the same entry, from Florian Westphal.
4) Move NAT hlist_head to nf_conn object, this simplifies the existing
NAT extension and it doesn't increase size since recent patches to
align nf_conn, from Florian.
5) Use rhashtable for the by-source NAT hashtable, also from Florian.
6) Don't allow --physdev-is-out from OUTPUT chain, just like
--physdev-out is not either, from Hangbin Liu.
7) Automagically set on nf_conntrack counters if the user tries to
match ct bytes/packets from nftables, from Liping Zhang.
8) Remove possible_net_t fields in nf_tables set objects since we just
simply pass the net pointer to the backend set type implementations.
9) Fix possible off-by-one in h323, from Toby DiPasquale.
10) early_drop() may be called from ctnetlink patch, so we must hold
rcu read size lock from them too, this amends Florian's patch #3
coming in this batch, from Liping Zhang.
11) Use binary search to validate jump offset in x_tables, this
addresses the O(n!) validation that was introduced recently
resolve security issues with unpriviledge namespaces, from Florian.
12) Fix reference leak to connlabel in error path of nft_ct, from Zhang.
13) Three updates for nft_log: Fix log prefix leak in error path. Bail
out on loglevel larger than debug in nft_log and set on the new
NF_LOG_F_COPY_LEN flag when snaplen is specified. Again from Zhang.
14) Allow to filter rule dumps in nf_tables based on table and chain
names.
15) Simplify connlabel to always use 128 bits to store labels and
get rid of unused function in xt_connlabel, from Florian.
16) Replace set_expect_timeout() by mod_timer() from the h323 conntrack
helper, by Gao Feng.
17) Put back x_tables module reference in nft_compat on error, from
Liping Zhang.
18) Add a reference count to the x_tables extensions cache in
nft_compat, so we can remove them when unused and avoid a crash
if the extensions are rmmod, again from Zhang.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Sat, 23 Jul 2016 23:31:37 +0000 (19:31 -0400)]
Merge git://git./linux/kernel/git/davem/net
Just several instances of overlapping changes.
Signed-off-by: David S. Miller <davem@davemloft.net>
Liping Zhang [Sat, 23 Jul 2016 08:00:32 +0000 (16:00 +0800)]
netfilter: nft_compat: fix crash when related match/target module is removed
We "cache" the loaded match/target modules and reuse them, but when the
modules are removed, we still point to them. Then we may end up with
invalid memory references when using iptables-compat to add rules later.
Input the following commands will reproduce the kernel crash:
# iptables-compat -A INPUT -j LOG
# iptables-compat -D INPUT -j LOG
# rmmod xt_LOG
# iptables-compat -A INPUT -j LOG
BUG: unable to handle kernel paging request at
ffffffffa05a9010
IP: [<
ffffffff813f783e>] strcmp+0xe/0x30
Call Trace:
[<
ffffffffa05acc43>] nft_target_select_ops+0x83/0x1f0 [nft_compat]
[<
ffffffffa058a177>] nf_tables_expr_parse+0x147/0x1f0 [nf_tables]
[<
ffffffffa058e541>] nf_tables_newrule+0x301/0x810 [nf_tables]
[<
ffffffff8141ca00>] ? nla_parse+0x20/0x100
[<
ffffffffa057fa8f>] nfnetlink_rcv+0x33f/0x53d [nfnetlink]
[<
ffffffffa057f94b>] ? nfnetlink_rcv+0x1fb/0x53d [nfnetlink]
[<
ffffffff817116b8>] netlink_unicast+0x178/0x220
[<
ffffffff81711a5b>] netlink_sendmsg+0x2fb/0x3a0
[<
ffffffff816b7fc8>] sock_sendmsg+0x38/0x50
[<
ffffffff816b8a7e>] ___sys_sendmsg+0x28e/0x2a0
[<
ffffffff816bcb7e>] ? release_sock+0x1e/0xb0
[<
ffffffff81804ac5>] ? _raw_spin_unlock_bh+0x35/0x40
[<
ffffffff816bcbe2>] ? release_sock+0x82/0xb0
[<
ffffffff816b93d4>] __sys_sendmsg+0x54/0x90
[<
ffffffff816b9422>] SyS_sendmsg+0x12/0x20
[<
ffffffff81805172>] entry_SYSCALL_64_fastpath+0x1a/0xa9
So when nobody use the related match/target module, there's no need to
"cache" it. And nft_[match|target]_release are useless anymore, remove
them.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Liping Zhang [Sat, 23 Jul 2016 08:00:31 +0000 (16:00 +0800)]
netfilter: nft_compat: put back match/target module if init fail
If the user specify the invalid NFTA_MATCH_INFO/NFTA_TARGET_INFO attr
or memory alloc fail, we should call module_put to the related match
or target. Otherwise, we cannot remove the module even nobody use it.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Gao Feng [Fri, 22 Jul 2016 04:59:15 +0000 (12:59 +0800)]
netfilter: h323: Use mod_timer instead of set_expect_timeout
Simplify the code without any side effect. The set_expect_timeout is
used to modify the timer expired time. It tries to delete timer, and
add it again. So we could use mod_timer directly.
Signed-off-by: Gao Feng <fgao@ikuai8.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Linus Torvalds [Sat, 23 Jul 2016 06:44:31 +0000 (15:44 +0900)]
Merge git://git./linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) Fix memory leak in nftables, from Liping Zhang.
2) Need to check result of vlan_insert_tag() in batman-adv otherwise we
risk NULL skb derefs, from Sven Eckelmann.
3) Check for dev_alloc_skb() failures in cfg80211, from Gregory
Greenman.
4) Handle properly when we have ppp_unregister_channel() happening in
parallel with ppp_connect_channel(), from WANG Cong.
5) Fix DCCP deadlock, from Eric Dumazet.
6) Bail out properly in UDP if sk_filter() truncates the packet to be
smaller than even the space that the protocol headers need. From
Michal Kubecek.
7) Similarly for rose, dccp, and sctp, from Willem de Bruijn.
8) Make TCP challenge ACKs less predictable, from Eric Dumazet.
9) Fix infinite loop in bgmac_dma_tx_add() from Florian Fainelli.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (65 commits)
packet: propagate sock_cmsg_send() error
net/mlx5e: Fix del vxlan port command buffer memset
packet: fix second argument of sock_tx_timestamp()
net: switchdev: change ageing_time type to clock_t
Update maintainer for EHEA driver.
net/mlx4_en: Add resilience in low memory systems
net/mlx4_en: Move filters cleanup to a proper location
sctp: load transport header after sk_filter
net/sched/sch_htb: clamp xstats tokens to fit into 32-bit int
net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata
net: nb8800: Fix SKB leak in nb8800_receive()
et131x: Fix logical vs bitwise check in et131x_tx_timeout()
vlan: use a valid default mtu value for vlan over macsec
net: bgmac: Fix infinite loop in bgmac_dma_tx_add()
mlxsw: spectrum: Prevent invalid ingress buffer mapping
mlxsw: spectrum: Prevent overwrite of DCB capability fields
mlxsw: spectrum: Don't emit errors when PFC is disabled
mlxsw: spectrum: Indicate support for autonegotiation
mlxsw: spectrum: Force link training according to admin state
r8152: add MODULE_VERSION
...
Linus Torvalds [Sat, 23 Jul 2016 05:25:02 +0000 (14:25 +0900)]
Merge branch 'overlayfs-linus' of git://git./linux/kernel/git/mszeredi/vfs
Pull overlayfs fixes from Miklos Szeredi:
"This contains a fix for a potential crash/corruption issue and another
where the suid/sgid bits weren't cleared on write"
* 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: verify upper dentry in ovl_remove_and_whiteout()
ovl: Copy up underlying inode's ->i_mode to overlay inode
ovl: handle ATTR_KILL*
Linus Torvalds [Sat, 23 Jul 2016 03:54:20 +0000 (12:54 +0900)]
Merge branch 'akpm' (patches from Andrew)
Merge misc fixes from Andrew Morton:
"Five fixes"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
pps: do not crash when failed to register
tools/vm/slabinfo: fix an unintentional printf
testing/radix-tree: fix a macro expansion bug
radix-tree: fix radix_tree_iter_retry() for tagged iterators.
mm: memcontrol: fix cgroup creation failure after many small jobs
Linus Torvalds [Sat, 23 Jul 2016 03:51:52 +0000 (12:51 +0900)]
Merge tag 'drm-fixes-for-v4.7-rc8-intel-kbl' of git://people.freedesktop.org/~airlied/linux
Pull intel kabylake drm fixes from Dave Airlie:
"As mentioned Intel has gathered all the Kabylake fixes from -next,
which we've enabled in 4.7 for the first time, these are pretty much
limited in scope to only affects kabylake, which is hw that isn't
shipping yet. So I'm mostly okay with it going in now.
If we don't land this, it might be a good idea to disable kabylake
support in 4.7 before we ship"
* tag 'drm-fixes-for-v4.7-rc8-intel-kbl' of git://people.freedesktop.org/~airlied/linux: (28 commits)
drm/i915/kbl: Introduce the first official DMC for Kabylake.
drm/i915: Introduce Kabypoint PCH for Kabylake H/DT.
drm/i915/gen9: implement WaConextSwitchWithConcurrentTLBInvalidate
drm/i915/gen9: Add WaFbcHighMemBwCorruptionAvoidance
drm/i195/fbc: Add WaFbcNukeOnHostModify
drm/i915/gen9: Add WaFbcWakeMemOn
drm/i915/gen9: Add WaFbcTurnOffFbcWatermark
drm/i915/kbl: Add WaClearSlmSpaceAtContextSwitch
drm/i915/gen9: Add WaEnableChickenDCPR
drm/i915/kbl: Add WaDisableSbeCacheDispatchPortSharing
drm/i915/kbl: Add WaDisableGafsUnitClkGating
drm/i915/kbl: Add WaForGAMHang
drm/i915: Add WaInsertDummyPushConstP for bxt and kbl
drm/i915/kbl: Add WaDisableDynamicCreditSharing
drm/i915/kbl: Add WaDisableGamClockGating
drm/i915/gen9: Enable must set chicken bits in config0 reg
drm/i915/kbl: Add WaDisableLSQCROPERFforOCL
drm/i915/kbl: Add WaDisableSDEUnitClockGating
drm/i915/kbl: Add WaDisableFenceDestinationToSLM for A0
drm/i915/kbl: Add WaEnableGapsTsvCreditFix
...
Linus Torvalds [Sat, 23 Jul 2016 03:46:42 +0000 (12:46 +0900)]
Merge tag 'drm-fixes-for-v4.7-rc8-intel' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
"Two i915 regression fixes.
Intel have submitted some Kabylake fixes I'll send separately, since
this is the first kernel with kabylake support and they don't go much
outside that area I think they should be fine"
* tag 'drm-fixes-for-v4.7-rc8-intel' of git://people.freedesktop.org/~airlied/linux:
drm/i915: add missing condition for committing planes on crtc
drm/i915: Treat eDP as always connected, again
Linus Torvalds [Sat, 23 Jul 2016 03:39:08 +0000 (12:39 +0900)]
Merge tag 'm68k-for-v4.8-tag1' of git://git./linux/kernel/git/geert/linux-m68k
Pull m68k upddates from Geert Uytterhoeven:
- assorted spelling fixes
- defconfig updates
* tag 'm68k-for-v4.8-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
m68k/defconfig: Update defconfigs for v4.7-rc2
m68k: Assorted spelling fixes
Linus Torvalds [Sat, 23 Jul 2016 03:32:50 +0000 (12:32 +0900)]
Merge tag 'armsoc-fixes' of git://git./linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes from Olof Johansson:
"A handful of fixes before final release:
Marvell Armada:
- One to fix a typo in the devicetree specifying memory ranges for
the crypto engine
- Two to deal with marking PCI and device-memory as strongly ordered
to avoid hardware deadlocks, in particular when enabling above
crypto driver.
- Compile fix for PM
Allwinner:
- DT clock fixes to deal with u-boot-enabled framebuffer (simplefb).
- Make R8 (C.H.I.P. SoC) inherit system compatibility from A13 to
make clocks register proper.
Tegra:
- Fix SD card voltage setting on the Tegra3 Beaver dev board
Misc:
- Two maintainers updates for STM32 and STi platforms"
* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
ARM: tegra: beaver: Allow SD card voltage to be changed
MAINTAINERS: update STi maintainer list
MAINTAINERS: update STM32 maintainers list
ARM: mvebu: compile pm code conditionally
ARM: dts: sun7i: Fix pll3x2 and pll7x2 not having a parent clock
ARM: dts: sunxi: Add pll3 to simplefb nodes clocks lists
ARM: dts: armada-38x: fix MBUS_ID for crypto SRAM on Armada 385 Linksys
ARM: mvebu: map PCI I/O regions strongly ordered
ARM: mvebu: fix HW I/O coherency related deadlocks
ARM: sunxi/dt: make the CHIP inherit from allwinner,sun5i-a13
Linus Torvalds [Sat, 23 Jul 2016 03:20:55 +0000 (12:20 +0900)]
Merge branch 'linus' of git://git./linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
"This fixes a sporadic build failure in the qat driver as well as a
memory corruption bug in rsa-pkcs1pad"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct
crypto: qat - make qat_asym_algs.o depend on asn1 headers
Linus Torvalds [Sat, 23 Jul 2016 03:15:48 +0000 (12:15 +0900)]
Merge branch 'for-linus' of git://git./linux/kernel/git/jmorris/linux-security
Pull key handling fixes from James Morris:
"Quoting David Howells:
Here are three miscellaneous fixes:
(1) Fix a panic in some debugging code in PKCS#7. This can only
happen by explicitly inserting a #define DEBUG into the code.
(2) Fix the calculation of the digest length in the PE file parser.
This causes a failure where there should be a success.
(3) Fix the case where an X.509 cert can be added as an asymmetric key
to a trusted keyring with no trust restriction if no AKID is
supplied.
Bugs (1) and (2) aren't particularly problematic, but (3) allows a
security check to be bypassed. Happily, this is a recent regression
and never made it into a released kernel"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
KEYS: Fix for erroneous trust of incorrectly signed X.509 certs
pefile: Fix the failure of calculation for digest
PKCS#7: Fix panic when referring to the empty AKID when DEBUG defined
Linus Torvalds [Sat, 23 Jul 2016 03:10:48 +0000 (12:10 +0900)]
Merge branch 'for-linus' of git://git./linux/kernel/git/dtor/input
Pull input fixes from Dmitry Torokhov:
"A few more fixes for the input subsystem:
- restore naming for tsc2005 touchscreens as some userspace match on it
- fix out of bound access in legacy keyboard driver
- fixup in RMI4 driver
Everything is tagged for stable as well"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
Input: tsc200x - report proper input_dev name
tty/vt/keyboard: fix OOB access in do_compute_shiftstate()
Input: synaptics-rmi4 - fix maximum size check for F12 control register 8
Linus Torvalds [Sat, 23 Jul 2016 03:07:37 +0000 (12:07 +0900)]
Merge branch 'libnvdimm-fixes' of git://git./linux/kernel/git/nvdimm/nvdimm
Pull libnvdimm fix from Dan Williams:
"This contains a regression fix for a problem that was introduced in
v4.7-rc6.
In 4.7-rc1 we introduced auto-probing for the ACPI DSM (device-
specific-method) format that the platform firmware implements for
nvdimm devices. We initially fixed a regression in probing the QEMU
DSM implementation by making acpi_check_dsm() tolerant of the way QEMU
reports the "0 DSMs supported" condition.
However, that broke HPE platforms since that tolerance caused the
driver to mistakenly match the 1-zero-byte response those platforms
give to "unknown" commands. Instead, we simply make the driver
tolerant of not finding any supported DSMs. This has been tested to
work with both QEMU and HPE platforms.
This commit has appeared in a -next release with no reported issues"
* 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
nfit: make DIMM DSMs optional
Linus Torvalds [Sat, 23 Jul 2016 03:03:21 +0000 (12:03 +0900)]
Merge tag 'gpio-v4.7-6' of git://git./linux/kernel/git/linusw/linux-gpio
Pull GPIO fix from Linus Walleij:
"Compile problem fix for Tegra,
Sorry to send this in the last minute but Ingo says this build failure
is very prominent so I'm not going to wait for v4.7 before sending it.
It is a case of COMPILE_TEST causing more problems than it solves and
I'm already swearing about me shooting myself in the foot with that
gun :("
* tag 'gpio-v4.7-6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
gpio: tegra: don't auto-enable for COMPILE_TEST
Linus Torvalds [Sat, 23 Jul 2016 02:55:20 +0000 (11:55 +0900)]
Merge tag 'clk-fixes-for-linus' of git://git./linux/kernel/git/clk/linux
Pull clk fixes from Michael Turquette:
"Fix a bug in the at91 clk driver, two compile time warnings in sunxi
clk drivers, and one bug in a sunxi clk driver introduced in the 4.7
merge window"
* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
clk: at91: fix clk_programmable_set_parent()
clk: sunxi: remove unused variable
clk: sunxi: display: Add per-clock flags
clk: sunxi: tcon-ch1: Do not return a negative error in get_parent
Linus Torvalds [Sat, 23 Jul 2016 02:46:59 +0000 (11:46 +0900)]
Merge branch 'for-4.7-fixes' of git://git./linux/kernel/git/tj/libata
Pull libata fix from Tejun Heo:
"Another fallout from max_sectors bump a couple years ago. The lite-on
optical drive times out on large requests"
* 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata:
libata: LITE-ON CX1-JB256-HP needs lower max_sectors
Linus Torvalds [Sat, 23 Jul 2016 02:43:17 +0000 (11:43 +0900)]
Merge tag 'mmc-v4.7-rc7' of git://git.linaro.org/people/ulf.hansson/mmc
Pull MMC fixes from Ulf Hansson:
"Here are a few late mmc fixes intended for v4.7 final.
MMC core:
- Fix eMMC packed command header endianness
- Fix free of uninitialized buffer for mmc ioctl
MMC host:
- pxamci: Fix potential oops in ->probe()"
* tag 'mmc-v4.7-rc7' of git://git.linaro.org/people/ulf.hansson/mmc:
mmc: pxamci: fix potential oops
mmc: block: fix packed command header endianness
mmc: block: fix free of uninitialized 'idata->buf'
Linus Torvalds [Sat, 23 Jul 2016 02:28:06 +0000 (11:28 +0900)]
Merge tag 'sound-4.7-fix2' of git://git./linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"No surprise, just a few small fixes: a couple of changes are seen in
the core part, and both of them are rather for unusual error paths.
The rest are the regular HD-audio fixes and one USB-audio regression
fix"
* tag 'sound-4.7-fix2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA: usb-audio: Fix quirks code is not called
ALSA: hda: add AMD Stoney PCI ID with proper driver caps
ALSA: hda - fix use-after-free after module unload
ALSA: pcm: Free chmap at PCM free callback, too
ALSA: ctl: Stop notification after disconnection
ALSA: hda/realtek - add new pin definition in alc225 pin quirk table
Linus Torvalds [Sat, 23 Jul 2016 02:22:37 +0000 (11:22 +0900)]
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull NVMe fix from Jens Axboe:
"Late addition here, it's basically a revert of a patch that was added
in this merge window, but has proven to cause problems.
This is swapping out the RCU based namespace protection with a good
old mutex instead"
* 'for-linus' of git://git.kernel.dk/linux-block:
nvme: Remove RCU namespace protection
Jiri Slaby [Wed, 20 Jul 2016 22:45:08 +0000 (15:45 -0700)]
pps: do not crash when failed to register
With this command sequence:
modprobe plip
modprobe pps_parport
rmmod pps_parport
the partport_pps modules causes this crash:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: parport_detach+0x1d/0x60 [pps_parport]
Oops: 0000 [#1] SMP
...
Call Trace:
parport_unregister_driver+0x65/0xc0 [parport]
SyS_delete_module+0x187/0x210
The sequence that builds up to this is:
1) plip is loaded and takes the parport device for exclusive use:
plip0: Parallel port at 0x378, using IRQ 7.
2) pps_parport then fails to grab the device:
pps_parport: parallel port PPS client
parport0: cannot grant exclusive access for device pps_parport
pps_parport: couldn't register with parport0
3) rmmod of pps_parport is then killed because it tries to access
pardev->name, but pardev (taken from port->cad) is NULL.
So add a check for NULL in the test there too.
Link: http://lkml.kernel.org/r/20160714115245.12651-1-jslaby@suse.cz
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Acked-by: Rodolfo Giometti <giometti@enneenne.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Dan Carpenter [Wed, 20 Jul 2016 22:45:05 +0000 (15:45 -0700)]
tools/vm/slabinfo: fix an unintentional printf
The curly braces are missing here so we print stuff unintentionally.
Fixes:
9da4714a2d44 ('slub: slabinfo update for cmpxchg handling')
Link: http://lkml.kernel.org/r/20160715211243.GE19522@mwanda
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Christoph Lameter <cl@linux.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Cc: Colin Ian King <colin.king@canonical.com>
Cc: Laura Abbott <labbott@fedoraproject.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Dan Carpenter [Wed, 20 Jul 2016 22:45:03 +0000 (15:45 -0700)]
testing/radix-tree: fix a macro expansion bug
There are no parentheses around this macro and it causes a problem when
we do:
index = rand() % THRASH_SIZE;
Link: http://lkml.kernel.org/r/20160715210953.GC19522@mwanda
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Andrey Ryabinin [Wed, 20 Jul 2016 22:45:00 +0000 (15:45 -0700)]
radix-tree: fix radix_tree_iter_retry() for tagged iterators.
radix_tree_iter_retry() resets slot to NULL, but it doesn't reset tags.
Then NULL slot and non-zero iter.tags passed to radix_tree_next_slot()
leading to crash:
RIP: radix_tree_next_slot include/linux/radix-tree.h:473
find_get_pages_tag+0x334/0x930 mm/filemap.c:1452
....
Call Trace:
pagevec_lookup_tag+0x3a/0x80 mm/swap.c:960
mpage_prepare_extent_to_map+0x321/0xa90 fs/ext4/inode.c:2516
ext4_writepages+0x10be/0x2b20 fs/ext4/inode.c:2736
do_writepages+0x97/0x100 mm/page-writeback.c:2364
__filemap_fdatawrite_range+0x248/0x2e0 mm/filemap.c:300
filemap_write_and_wait_range+0x121/0x1b0 mm/filemap.c:490
ext4_sync_file+0x34d/0xdb0 fs/ext4/fsync.c:115
vfs_fsync_range+0x10a/0x250 fs/sync.c:195
vfs_fsync fs/sync.c:209
do_fsync+0x42/0x70 fs/sync.c:219
SYSC_fdatasync fs/sync.c:232
SyS_fdatasync+0x19/0x20 fs/sync.c:230
entry_SYSCALL_64_fastpath+0x23/0xc1 arch/x86/entry/entry_64.S:207
We must reset iterator's tags to bail out from radix_tree_next_slot()
and go to the slow-path in radix_tree_next_chunk().
Fixes:
46437f9a554f ("radix-tree: fix race in gang lookup")
Link: http://lkml.kernel.org/r/1468495196-10604-1-git-send-email-aryabinin@virtuozzo.com
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Acked-by: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Johannes Weiner [Wed, 20 Jul 2016 22:44:57 +0000 (15:44 -0700)]
mm: memcontrol: fix cgroup creation failure after many small jobs
The memory controller has quite a bit of state that usually outlives the
cgroup and pins its CSS until said state disappears. At the same time
it imposes a 16-bit limit on the CSS ID space to economically store IDs
in the wild. Consequently, when we use cgroups to contain frequent but
small and short-lived jobs that leave behind some page cache, we quickly
run into the 64k limitations of outstanding CSSs. Creating a new cgroup
fails with -ENOSPC while there are only a few, or even no user-visible
cgroups in existence.
Although pinning CSSs past cgroup removal is common, there are only two
instances that actually need an ID after a cgroup is deleted: cache
shadow entries and swapout records.
Cache shadow entries reference the ID weakly and can deal with the CSS
having disappeared when it's looked up later. They pose no hurdle.
Swap-out records do need to pin the css to hierarchically attribute
swapins after the cgroup has been deleted; though the only pages that
remain swapped out after offlining are tmpfs/shmem pages. And those
references are under the user's control, so they are manageable.
This patch introduces a private 16-bit memcg ID and switches swap and
cache shadow entries over to using that. This ID can then be recycled
after offlining when the CSS remains pinned only by objects that don't
specifically need it.
This script demonstrates the problem by faulting one cache page in a new
cgroup and deleting it again:
set -e
mkdir -p pages
for x in `seq 128000`; do
[ $((x % 1000)) -eq 0 ] && echo $x
mkdir /cgroup/foo
echo $$ >/cgroup/foo/cgroup.procs
echo trex >pages/$x
echo $$ >/cgroup/cgroup.procs
rmdir /cgroup/foo
done
When run on an unpatched kernel, we eventually run out of possible IDs
even though there are no visible cgroups:
[root@ham ~]# ./cssidstress.sh
[...]
65000
mkdir: cannot create directory '/cgroup/foo': No space left on device
After this patch, the IDs get released upon cgroup destruction and the
cache and css objects get released once memory reclaim kicks in.
[hannes@cmpxchg.org: init the IDR]
Link: http://lkml.kernel.org/r/20160621154601.GA22431@cmpxchg.org
Fixes:
b2052564e66d ("mm: memcontrol: continue cache reclaim from offlined groups")
Link: http://lkml.kernel.org/r/20160617162516.GD19084@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Reported-by: John Garcia <john.garcia@mesosphere.io>
Reviewed-by: Vladimir Davydov <vdavydov@virtuozzo.com>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: Nikolay Borisov <kernel@kyup.com>
Cc: <stable@vger.kernel.org> [3.19+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Florian Westphal [Thu, 21 Jul 2016 10:51:17 +0000 (12:51 +0200)]
netfilter: connlabels: move set helper to xt_connlabel
xt_connlabel is the only user so move it.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Westphal [Thu, 21 Jul 2016 10:51:16 +0000 (12:51 +0200)]
netfilter: conntrack: support a fixed size of 128 distinct labels
The conntrack label extension is currently variable-sized, e.g. if
only 2 labels are used by iptables rules then the labels->bits[] array
will only contain one element.
We track size of each label storage area in the 'words' member.
But in nftables and openvswitch we always have to ask for worst-case
since we don't know what bit will be used at configuration time.
As most arches are 64bit we need to allocate 24 bytes in this case:
struct nf_conn_labels {
u8 words; /* 0 1 */
/* XXX 7 bytes hole, try to pack */
long unsigned bits[2]; /* 8 24 */
Make bits a fixed size and drop the words member, it simplifies
the code and only increases memory requirements on x86 when
less than 64bit labels are required.
We still only allocate the extension if its needed.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Arnd Bergmann [Wed, 6 Jul 2016 12:54:03 +0000 (14:54 +0200)]
gpio: tegra: don't auto-enable for COMPILE_TEST
I stumbled over a build error with COMPILE_TEST and CONFIG_OF
disabled:
drivers/gpio/gpio-tegra.c: In function 'tegra_gpio_probe':
drivers/gpio/gpio-tegra.c:603:9: error: 'struct gpio_chip' has no member named 'of_node'
The problem is that the newly added GPIO_TEGRA Kconfig symbol
does not have a dependency on CONFIG_OF. However, there is another
problem here as the driver gets enabled unconditionally whenever
COMPILE_TEST is set.
This fixes both problems, by making the symbol user-visible
when COMPILE_TEST is set and default-enabled for ARCH_TEGRA=y.
As a side-effect, it is now possible to compile-test a Tegra
kernel with GPIO support disabled, which is harmless.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes:
4dd4dd1d2120 ("gpio: tegra: Allow compile test")
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Herbert Xu [Fri, 22 Jul 2016 09:58:21 +0000 (17:58 +0800)]
crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct
To allow for child request context the struct akcipher_request child_req
needs to be at the end of the structure.
Cc: stable@vger.kernel.org
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Maxim Patlasov [Fri, 22 Jul 2016 01:24:26 +0000 (18:24 -0700)]
ovl: verify upper dentry in ovl_remove_and_whiteout()
The upper dentry may become stale before we call ovl_lock_rename_workdir.
For example, someone could (mistakenly or maliciously) manually unlink(2)
it directly from upperdir.
To ensure it is not stale, let's lookup it after ovl_lock_rename_workdir
and and check if it matches the upper dentry.
Essentially, it is the same problem and similar solution as in
commit
11f3710417d0 ("ovl: verify upper dentry before unlink and rename").
Signed-off-by: Maxim Patlasov <mpatlasov@virtuozzo.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Cc: <stable@vger.kernel.org>
Tushar Dave [Fri, 1 Jul 2016 17:11:20 +0000 (10:11 -0700)]
i40e: Explicitly write platform-specific mac address after PF reset
i40e PF reset clears mac filters. If platform-specific mac address
is used, driver has to explicitly write default mac address to mac
filters otherwise all incoming traffic destined to default mac
address will be dropped after reset.
This issue was found on SPARC while toggling i40e ntuple via ethtool.
Signed-off-by: Tushar Dave <tushar.n.dave@oracle.com>
Acked-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Stefan Assmann [Mon, 27 Jun 2016 13:03:43 +0000 (15:03 +0200)]
i40e: add missing link advertise setting
Adding the missing link advertise for some X710 NICs.
This can be observed by simply calling ethtool on the interface.
root@rhel7:~ # ethtool eth0
Settings for eth0:
Supported ports: [ FIBRE ]
Supported link modes: 10000baseT/Full
Supported pause frame use: Symmetric
Supports auto-negotiation: No
Advertised link modes: Not reported
[...]
With fix applied.
root@rhel7:~ # ethtool eth0
Settings for eth0:
Supported ports: [ FIBRE ]
Supported link modes: 10000baseT/Full
Supported pause frame use: Symmetric
Supports auto-negotiation: No
Advertised link modes: 10000baseT/Full
[...]
Signed-off-by: Stefan Assmann <sassmann@kpanic.de>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Catherine Sullivan [Thu, 23 Jun 2016 21:08:46 +0000 (14:08 -0700)]
i40e: Move the mutex lock in i40e_client_unregister
We need to lock the client list around the i40e_client_release call to
prevent the release from interrupting the client instances while they are
being added.
Change-Id: I99993f20179aaf8730207833e7d0869d2ccffa1d
Signed-off-by: Catherine Sullivan <catherine.sullivan@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Amitoj Kaur Chawla [Thu, 23 Jun 2016 05:00:55 +0000 (10:30 +0530)]
i40e: Remove redundant memset
Remove redundant call to memset before a call to memcpy.
The Coccinelle semantic patch used to make this change is as follows:
@@
expression e1,e2,e3,e4;
@@
- memset(e1,e2,e3);
memcpy(e1,e4,e3);
Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Bimmy Pujari [Mon, 20 Jun 2016 16:10:39 +0000 (09:10 -0700)]
i40e/i40evf-bump version to 1.6.11
Signed-off-by: Bimmy Pujari <bimmy.pujari@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Mitch Williams [Mon, 20 Jun 2016 16:10:38 +0000 (09:10 -0700)]
i40e: refactor Rx filter handling
Properly track filter adds and deletes so the driver doesn't lose filters
during resets and up/down cycles. Add a tracking mechanism so that the
driver knows when to enter and leave promiscuous mode.
Implement a simple state machine so the driver can track the status of
each filter throughout its lifecycle. Properly manage the overflow promiscuous
state for the each VSI, and provide a way for the driver to detect when to exit
overflow promiscuous mode.
Remove all possible default MAC filters that the firmware may have set up so
that the driver can manage these correctly, particularly when VLANs come into
play. Remove the LAA flag for filters; instead just send whatever we get through
set_mac to the firmware as the LAA for wakeup purposes.
Finally, add the state of each filter to debugfs output so we can see what's
going on inside the driver's pointy little head.
Change-ID: I97c5e366fac2254fa01eaff4f65c0af61dcf2e1f
Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Joshua Hay [Mon, 20 Jun 2016 16:10:37 +0000 (09:10 -0700)]
i40evf: add hyperv dev ids
This patch adds the Hyper-V specific VF device ids.
Change-ID: I9c4fe6d8dfd34f7f68ebc9fdae225c8768439c89
Signed-off-by: Joshua Hay <joshua.a.hay@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Catherine Sullivan [Mon, 20 Jun 2016 16:10:36 +0000 (09:10 -0700)]
i40e: Remove device ID 0x37D4
This device ID is not needed, so take it out.
Change-ID: I148d29f68a1f58b03980ecd83047a1b440f4f74d
Signed-off-by: Catherine Sullivan <catherine.sullivan@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Mitch Williams [Mon, 20 Jun 2016 16:10:35 +0000 (09:10 -0700)]
i40e/i40evf: remove useless initializer
This initializer isn't needed because the variable is assigned right
away.
Change-ID: I6ce3edb3f4e0364db248a7a0bcc62ca95c01d941
Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Avinash Dayanand [Mon, 20 Jun 2016 16:10:33 +0000 (09:10 -0700)]
i40e: Fix to show correct Advertised Link Modes when link is down
When link is down, Advertised Link Modes was wrongly displaying full
supported link modes instead of Advertised link mode. Added conditional
checks in order to make sure correct Advertised link modes are
displayed when the link is down.
Change-ID: I8a61413f9ee174149c7a33157b5f0b0a8da9842d
Signed-off-by: Avinash Dayanand <avinash.dayanand@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Heinrich Schuchardt [Tue, 17 May 2016 20:41:33 +0000 (22:41 +0200)]
i40e: avoid null pointer dereference
In function i40e_debug_aq parameter desc is assumed to be
possibly NULL. Do not dereference it before checking the
value.
Fixes:
f905dd62be88 ("i40e/i40evf: add max buf len to aq debug print helper")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Soheil Hassas Yeganeh [Wed, 20 Jul 2016 22:01:18 +0000 (18:01 -0400)]
packet: propagate sock_cmsg_send() error
sock_cmsg_send() can return different error codes and not only
-EINVAL, and we should properly propagate them.
Fixes:
c14ac9451c34 ("sock: enable timestamping using control messages")
Signed-off-by: Soheil Hassas Yeganeh <soheil@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 22 Jul 2016 04:50:49 +0000 (00:50 -0400)]
Merge branch 'macsec-gro'
Paolo Abeni says:
====================
macsec: enable s/w offloads
This patches leverage gro_cells infrastructure to enable both GRO and RPS
on macsec devices.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Paolo Abeni [Wed, 20 Jul 2016 16:11:32 +0000 (18:11 +0200)]
macsec: enable GRO and RPS on macsec devices
Use gro_gells to trigger GRO and allow RPS on macsec traffic
after decryption.
Also, be sure to avoid clearing software offload features in
macsec_fix_features().
Overall this increase TCP tput by 30% on recent h/w.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Paolo Abeni [Wed, 20 Jul 2016 16:11:31 +0000 (18:11 +0200)]
gro_cells: gro_cells_receive now return error code
so that the caller can update stats accordingly, if needed
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 21 Jul 2016 06:39:36 +0000 (23:39 -0700)]
Merge tag 'nfc-next-4.8-1' of git://git./linux/kernel/git/sameo/nfc-next
Samuel Ortiz says:
====================
NFC 4.8 pull request
This is the first NFC pull request for 4.8. We have:
- A fairly large NFC digital stack patchset:
* RTOX fixes.
* Proper DEP RWT support.
* ACK and NACK PDUs handling fixes, in both initiator
and target modes.
* A few memory leak fixes.
- A conversion of the nfcsim driver to use the digital stack.
The driver supports the DEP protocol in both NFC-A and NFC-F.
- Error injection through debugfs for the nfcsim driver.
- Improvements to the port100 driver for the Sony USB chipset, in
particular to the command abort and cancellation code paths.
- A few minor fixes for the pn533, trf7970a and fdp drivers.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Martin KaFai Lau [Wed, 20 Jul 2016 22:48:43 +0000 (15:48 -0700)]
samples: Add an IPv6 '-6' option to the pktgen scripts
Add a '-6' option to the sample pktgen scripts for sending out
IPv6 packets.
[root@kerneldev010.prn1 ~/pktgen]# ./pktgen_sample03_burst_single_flow.sh -i eth0 -s 64 -d fe80::f652:14ff:fec2:a14c -m f4:52:14:c2:a1:4c -b 32 -6
[root@kerneldev011.prn1 ~]# tcpdump -i eth0 -nn -c3 port 9
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
14:38:51.815297 IP6 fe80::f652:14ff:fec2:2ad2.9 > fe80::f652:14ff:fec2:a14c.9: UDP, length 16
14:38:51.815311 IP6 fe80::f652:14ff:fec2:2ad2.9 > fe80::f652:14ff:fec2:a14c.9: UDP, length 16
14:38:51.815313 IP6 fe80::f652:14ff:fec2:2ad2.9 > fe80::f652:14ff:fec2:a14c.9: UDP, length 16
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 21 Jul 2016 05:07:24 +0000 (22:07 -0700)]
Merge branch 'xdp-cleanups'
Brenden Blanco says:
====================
misc cleanups for xdp
This addresses several of the non-blocking comments left over from the
xdp patch set. See individual patches for details.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Brenden Blanco [Thu, 21 Jul 2016 00:22:35 +0000 (17:22 -0700)]
bpf: make xdp sample variable names more meaningful
The naming choice of index is not terribly descriptive, and dropcnt is
in fact incorrect for xdp2. Pick better names for these: ipproto and
rxcnt.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Brenden Blanco [Thu, 21 Jul 2016 00:22:34 +0000 (17:22 -0700)]
rtnl: protect do_setlink from IFLA_XDP_ATTACHED
The IFLA_XDP_ATTACHED nested attribute is meant for read-only, and while
do_setlink properly ignores it, it should be more paranoid and reject
commands that try to set it.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Brenden Blanco [Thu, 21 Jul 2016 00:22:33 +0000 (17:22 -0700)]
net/mlx4_en: use READ_ONCE when freeing xdp_prog
For consistency, and in order to hint at the synchronous nature of the
xdp_prog field, use READ_ONCE in the destroy path of the ring. All
occurrences should now use either READ_ONCE or xchg.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 21 Jul 2016 04:36:55 +0000 (21:36 -0700)]
Merge branch '100GbE' of git://git./linux/kernel/git/jkirsher/next-queue
Jeff Kirsher says:
====================
100GbE Intel Wired LAN Driver Updates 2016-07-20
This series contains updates to fm10k only.
Ngai-Mint provides a fix to clear PCIE_GMBX bits to ensure the proper
functioning of the mailbox global interrupt after a data path reset.
Jake provides most of the patches in the series, starting with a early
return from fm10k_down() if we are already down to prevent conflict with
other threads. Fixed an issue where fm10k_update_stats() could cause
a null pointer dereference, specifically if it is called when we are going
down and the rings have been removed. Cleans up and fixes the data path
reset flow, Tx hang routine and stop_hw(). Re-worked the fm10k_reinit()
to be more maintainable and fixed several inconsistencies with the work
flow. Implemented fm10k_prepare_suspend() and fm10k_handle_resume()
which abstract around the now existing fm10k_prepare_for_reset and
fm10k_handle_reset. The new functions also handle stopping the service
task, which is something that the original re-init flow does not need.
Fixed an issue where if an FLR occurs, VF devices will be knocked out of
bus master mode, and the driver will be unable to recover from the reset
properly, so ensure bus master is enabled after every reset. Fixed an
issue where a reset will occur as if for no reason, regularly every few
minutes until the switch manager software is loaded, which is caused
by continuously requesting the lport map so only do the request after
we have verified the switch mailbox is tx_ready.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Jan Stancek [Thu, 30 Jun 2016 10:23:51 +0000 (12:23 +0200)]
crypto: qat - make qat_asym_algs.o depend on asn1 headers
Parallel build can sporadically fail because asn1 headers may
not be built yet by the time qat_asym_algs.o is compiled:
drivers/crypto/qat/qat_common/qat_asym_algs.c:55:32: fatal error: qat_rsapubkey-asn1.h: No such file or directory
#include "qat_rsapubkey-asn1.h"
Cc: stable@vger.kernel.org
Signed-off-by: Jan Stancek <jstancek@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
David S. Miller [Thu, 21 Jul 2016 04:10:55 +0000 (21:10 -0700)]
Merge branch 'mv88r6xxx-eeprom-rework'
Vivien Didelot says:
====================
net: dsa: mv88e6xxx: rework EEPROM code
Some switches can access an optional external EEPROM via its registers.
The
88E6352 family of switches have 8-bit address / 16-bit data access.
The new
88E6390 family has 16-bit address / 8-bit data access.
This patchset cleans up the EEPROM code with 16-suffixed Global2 helpers
and makes it easy to add future support for 8-bit data EEPROM access.
It also removes unnecessary mutexes and a few locked access functions.
Changes in v2:
- add missing Signed-off-by tag
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Wed, 20 Jul 2016 22:18:36 +0000 (18:18 -0400)]
net: dsa: mv88e6xxx: kill last locked reg_read
Get rid of the last usage of the locked mv88e6xxx_reg_read function with
a new mv88e6xxx_port_read helper, useful later for chips with different
port registers base address.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Wed, 20 Jul 2016 22:18:35 +0000 (18:18 -0400)]
net: dsa: mv88e6xxx: rework EEPROM access
The 6352 family of switches and compatibles provide a 8-bit address and
16-bit data access to an optional EEPROM.
Newer chip such as the 6390 family slightly changed the access to 16-bit
address and 8-bit data.
This commit cleans up the EEPROM access code for 16-bit access and makes
it easy to eventually introduce future support for 8-bit access.
Here's a list of notable changes brought by this patch:
- provide Global2 unlocked helpers for EEPROM commands
- remove eeprom_mutex, only reg_lock is necessary for driver functions
- eeprom_len is 0 for chip without EEPROM, so return it directly
- the Running bit must be 0 before r/w, so wait for Busy *and* Running
- remove now unused mv88e6xxx_wait and mv88e6xxx_reg_write
- other than that, the logic (in _{get,set}_eeprom16) didn't change
Chips with an 8-bit EEPROM access will require to implement the
8-suffixed variant of G2 helpers and the related flag:
#define MV88E6XXX_FLAGS_EEPROM8 \
(MV88E6XXX_FLAG_G2_EEPROM_CMD | \
MV88E6XXX_FLAG_G2_EEPROM_ADDR)
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Wed, 20 Jul 2016 22:18:34 +0000 (18:18 -0400)]
net: dsa: mv88e6xxx: remove unused phy_mutex
Only reg_lock is necessary now and phy_mutex is dead. Remove it.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Gavin Shan [Thu, 21 Jul 2016 01:42:54 +0000 (11:42 +1000)]
net/faraday: Disallow using reversed MAC address from hardware
The initial MAC address is retrieved from hardware if it's not
provided by device-tree. The reserved MAC address from hardware
will be used if non-reserved MAC address is invalid. It will
cause mismatched MAC address seen by hardware and software.
This disallows using the reserved hardware MAC address to avoid
the mismatched MAC address seen by hardware and software.
Fixes:
113ce107afe9 ("net/faraday: Read MAC address from chip")
Suggested-by: David Laight <David.Laight@ACULAB.COM>
Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Gavin Shan <gwshan@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michael Welling [Wed, 20 Jul 2016 17:02:07 +0000 (10:02 -0700)]
Input: tsc200x - report proper input_dev name
Passes input_id struct to the common probe function for the tsc200x drivers
instead of just the bustype.
This allows for the use of the product variable to set the input_dev->name
variable according to the type of touchscreen used. Note that when we
introduced support for TSC2004 we started calling everything TSC200X, so
let's keep this quirk.
Signed-off-by: Michael Welling <mwelling@ieee.org>
Cc: stable@vger.kernel.org
Acked-by: Pavel Machek <pavel@ucw.cz>
Acked-by: Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Dmitry Torokhov [Mon, 27 Jun 2016 21:12:34 +0000 (14:12 -0700)]
tty/vt/keyboard: fix OOB access in do_compute_shiftstate()
The size of individual keymap in drivers/tty/vt/keyboard.c is NR_KEYS,
which is currently 256, whereas number of keys/buttons in input device (and
therefor in key_down) is much larger - KEY_CNT - 768, and that can cause
out-of-bound access when we do
sym = U(key_maps[0][k]);
with large 'k'.
To fix it we should not attempt iterating beyond smaller of NR_KEYS and
KEY_CNT.
Also while at it let's switch to for_each_set_bit() instead of open-coding
it.
Reported-by: Sasha Levin <sasha.levin@oracle.com>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>