1. 02 Aug, 2014 20 commits
  2. 01 Aug, 2014 7 commits
  3. 31 Jul, 2014 13 commits
    • David S. Miller's avatar
      Merge branch 'stmmac-next' · 8e97b85a
      David S. Miller authored
      Vince Bridgers says:
      
      ====================
      net: stmmac: Improve mcast/ucast filter for snps
      
      This patch series adds Synopsys specific bindings for the Synopsys EMAC
      filter characteristics since those are implementation dependent. The
      multicast and unicast filtering code was improved to handle different
      configuration variations based on device tree settings.
      
      I verified the operation of the multicast and unicast filters through
      Synopsys support as requested during the V1 review, and tested the GMAC
      configuration on an Altera Cyclone 5 SOC (which supports 256 multicast
      bins and 128 Unicast addresses). The 10/100 variant of this driver
      modification was not tested, although it was compile tested. I shared
      the email thread results of the investigation through Synopsys with the
      stmmac maintainer.
      
      V4: Remove patch from series that addressed a sparse issue from a
          down rev'd version of sparse that does not show up in the
          latest version of sparse.
      V3: Break up the patch into interface and functional change patches
          per review comments
      V2: Confirm with Synopsys methods to determine number of Multicast bins
          and Unicast address filter entries per first round review comments.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8e97b85a
    • Vince Bridgers's avatar
      net: stmmac: Support devicetree configs for mcast and ucast filter entries · 3b57de95
      Vince Bridgers authored
      This patch adds and modifies code to support multiple Multicast and Unicast
      Synopsys MAC filter configurations. The default configuration is defined to
      support legacy driver behavior, which is 64 Multicast bins. The Unicast
      filter code previously assumed all controllers support 32 or 16 Unicast
      addresses based on controller version number, but this has been corrected
      to support a default of 1 Unicast address. The filter configuration may
      be specified through the devicetree using a Synopsys specific device tree
      entry. This information was verified with Synopsys through
      Synopsys Support Case #8000684337 and shared with the maintainer.
      Signed-off-by: default avatarVince Bridgers <vbridgers2013@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3b57de95
    • Vince Bridgers's avatar
      ARM: socfpga: Add socfpga Ethernet filter attributes entries · ea6856e3
      Vince Bridgers authored
      This patch adds socfpga Ethernet filter attributes for multicast
      and unicast filters per Synopsys Ethernet IP configuration chosen
      by Altera for the Cyclone 5 and Arria SOC FPGAs.
      Signed-off-by: default avatarVince Bridgers <vbridgers2013@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ea6856e3
    • Vince Bridgers's avatar
      dts: Add bindings for multicast hash bins and perfect filter entries · 94ceaa26
      Vince Bridgers authored
      This change adds bindings for the number of multicast hash bins and perfect
      filter entries supported by the Synopsys EMAC. The Synopsys EMAC core is
      configurable at device creation time, and can be configured for a different
      number of multicast hash bins and a different number of perfect filter
      entries. The device does not provide a way to query these parameters,
      therefore parameters are required. The Altera Cyclone V SOC has support for
      256 multicast hash bins and 128 perfect filter entries, and is different
      than what's currently provided in the stmmac driver.
      Signed-off-by: default avatarVince Bridgers <vbridgers2013@gmail.com>
      Acked-by: default avatarRob Herring <robh@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      94ceaa26
    • Vince Bridgers's avatar
      net: stmmac: Correct set_filter for multicast and unicast cases · aefef4c1
      Vince Bridgers authored
      This patch removes the check for the number of mulitcast addresses
      when using hash based filtering since it's not necessary. If the number
      of multicast addresses in the list exceeds the number of multicast hash
      bins, the bins will "fold" over into one of the bins configured and
      enabled for the particular component instance.
      
      The default number of maximum unicast addresses was changed from 32 to 1
      since this number is not dependent on the component revision. The maximum
      number of multicast and unicast addresses is dependent on the configuration
      of the Synopsys EMAC configured by the SOC architect at the time the
      features were selected and configured for a particular component. Sadly,
      Synopsys does not provide a way to query the precise number supported
      by a particular component, so we must fall back on a devicetree entry.
      This configuration could vary from vendor to vendor (such as STMicro,
      Altera, etc).
      
      The multicast bins are set for every possible filtering case (including
      no entries) - previously the bits were set only if multicast filter entries
      were present.
      Signed-off-by: default avatarVince Bridgers <vbridgers2013@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      aefef4c1
    • Vince Bridgers's avatar
      net: stmmac: Change MAC interface to support multiple filter configurations · 7ed24bbe
      Vince Bridgers authored
      The synopsys EMAC can be configured for different numbers of multicast hash
      bins and perfect filter entries at device creation time and there's no way
      to query this configuration information at runtime. As a result, a devicetree
      parameter is required in order for the driver to program these filters
      correctly for a particular device instance. This patch modifies the
      10/100/1000 MAC software interface such that these configuration parameters
      can be set at initialization time.
      Signed-off-by: default avatarVince Bridgers <vbridgers2013@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ed24bbe
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next · a173e550
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter updates for net-next
      
      The following patchset contains netfilter updates for net-next, they are:
      
      1) Add the reject expression for the nf_tables bridge family, this
         allows us to send explicit reject (TCP RST / ICMP dest unrech) to
         the packets matching a rule.
      
      2) Simplify and consolidate the nf_tables set dumping logic. This uses
         netlink control->data to filter out depending on the request.
      
      3) Perform garbage collection in xt_hashlimit using a workqueue instead
         of a timer, which is problematic when many entries are in place in
         the tables, from Eric Dumazet.
      
      4) Remove leftover code from the removed ulog target support, from
         Paul Bolle.
      
      5) Dump unmodified flags in the netfilter packet accounting when resetting
         counters, so userspace knows that a counter was in overquota situation,
         from Alexey Perevalov.
      
      6) Fix wrong usage of the bitwise functions in nfnetlink_acct, also from
         Alexey.
      
      7) Fix a crash when adding new set element with an empty NFTA_SET_ELEM_LIST
         attribute.
      
      This patchset also includes a couple of cleanups for xt_LED from
      Duan Jiong and for nf_conntrack_ipv4 (using coccinelle) from
      Himangi Saraogi.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a173e550
    • Banerjee, Debabrata's avatar
      tcp: don't require root to read tcp_metrics · 388070fa
      Banerjee, Debabrata authored
      commit d23ff701 (tcp: add generic netlink support for tcp_metrics) introduced
      netlink support for the new tcp_metrics, however it restricted getting of
      tcp_metrics to root user only. This is a change from how these values could
      have been fetched when in the old route cache. Unless there's a legitimate
      reason to restrict the reading of these values it would be better if normal
      users could fetch them.
      
      Cc: Julian Anastasov <ja@ssi.bg>
      Cc: linux-kernel@vger.kernel.org
      Signed-off-by: default avatarDebabrata Banerjee <dbanerje@akamai.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      388070fa
    • Daniel Borkmann's avatar
      team: fix releasing uninitialized pointer to BPF prog · 2b391ee2
      Daniel Borkmann authored
      Commit 34c5bd66 introduced the possibility that an
      uninitialized pointer on the stack (orig_fp) can call into
      sk_unattached_filter_destroy() when its value is non NULL.
      
      Before that commit orig_fp was only destroyed in the same
      block where it was assigned a valid BPF prog before. Fix it
      up by initializing it to NULL.
      
      Fixes: 34c5bd66 ("net: filter: don't release unattached filter through call_rcu()")
      Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Cc: Pablo Neira <pablo@netfilter.org>
      Cc: Alexei Starovoitov <ast@plumgrid.com>
      Cc: Jiri Pirko <jiri@resnulli.us>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2b391ee2
    • Pablo Neira Ayuso's avatar
      netfilter: nf_tables: check for unset NFTA_SET_ELEM_LIST_ELEMENTS attribute · 7d5570ca
      Pablo Neira Ayuso authored
      Otherwise, the kernel oopses in nla_for_each_nested when iterating over
      the unset attribute NFTA_SET_ELEM_LIST_ELEMENTS in the
      nf_tables_{new,del}setelem() path.
      
      netlink: 65524 bytes leftover after parsing attributes in process `nft'.
      [...]
      Oops: 0000 [#1] SMP
      [...]
      CPU: 2 PID: 6287 Comm: nft Not tainted 3.16.0-rc2+ #169
      RIP: 0010:[<ffffffffa0526e61>]  [<ffffffffa0526e61>] nf_tables_newsetelem+0x82/0xec [nf_tables]
      [...]
      Call Trace:
       [<ffffffffa05178c4>] nfnetlink_rcv+0x2e7/0x3d7 [nfnetlink]
       [<ffffffffa0517939>] ? nfnetlink_rcv+0x35c/0x3d7 [nfnetlink]
       [<ffffffff8137d300>] netlink_unicast+0xf8/0x17a
       [<ffffffff8137d6a5>] netlink_sendmsg+0x323/0x351
      [...]
      
      Fix this by returning -EINVAL if this attribute is not set, which
      doesn't make sense at all since those commands are there to add and to
      delete elements from the set.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      7d5570ca
    • Alexey Perevalov's avatar
      netfilter: nfnetlink_acct: avoid using NFACCT_F_OVERQUOTA with bit helper functions · b6d04688
      Alexey Perevalov authored
      Bit helper functions were used for manipulation with NFACCT_F_OVERQUOTA,
      but they are accepting pit position, but not a bit mask. As a result
      not a third bit for NFACCT_F_OVERQUOTA was set, but forth. Such
      behaviour was dangarous and could lead to unexpected overquota report
      result.
      Signed-off-by: default avatarAlexey Perevalov <a.perevalov@samsung.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      b6d04688
    • David S. Miller's avatar
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next · ccda4a77
      David S. Miller authored
      Steffen Klassert says:
      
      ====================
      pull request (net-next): ipsec-next 2014-07-30
      
      This is the last pull request for ipsec-next before I'll be
      off for two weeks starting on friday. David, can you please
      take urgent ipsec patches directly into net/net-next during
      this time?
      
      1) Error handling simplifications for vti and vti6.
         From Mathias Krause.
      
      2) Remove a duplicate semicolon after a return statement.
         From Christoph Paasch.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ccda4a77
    • Brian Norris's avatar
      net: bcmgenet: correct spelling · 7fc527f9
      Brian Norris authored
      Signed-off-by: default avatarBrian Norris <computersforpeace@gmail.com>
      Cc: Florian Fainelli <f.fainelli@gmail.com>
      Cc: David S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7fc527f9