Skip to content

L
linux
Switch branch/tag
  1. 14 Feb, 2020 24 commits
  3. 13 Feb, 2020 16 commits
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · b19e8c68
      Linus Torvalds authored 
      Pull arm64 fixes from Will Deacon:
 "Summary below, but it's all reasonably straightforward. There are some
  more fixes on the horizon, but nothing disastrous yet.

  Summary:

   - Fix build when KASLR is enabled but CONFIG_ARCH_RANDOM is not set

   - Fix context-switching of SSBS state on systems that implement it

   - Fix spinlock compiler warning introduced during the merge window

   - Fix incorrect header inclusion (linux/clk-provider.h)

   - Use SYSCTL_{ZERO,ONE} instead of rolling our own static variables

   - Don't scream if optional SMMUv3 PMU irq is missing

   - Remove some unused function prototypes"

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: time: Replace <linux/clk-provider.h> by <linux/of_clk.h>
  arm64: Fix CONFIG_ARCH_RANDOM=n build
  perf/smmuv3: Use platform_get_irq_optional() for wired interrupt
  arm64/spinlock: fix a -Wunused-function warning
  arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
  arm64: use shared sysctl constants
  arm64: Drop do_el0_ia_bp_hardening() & do_sp_pc_abort() declarations
      b19e8c68
    • Linus Torvalds's avatar
      Merge tag 'gpio-v5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio · 1d40890a
      Linus Torvalds authored 
      Pull GPIO fixes from Linus Walleij:

 - Revert two patches to gpio_do_set_config() and implement the proper
   solution that works, also drop an unecessary call in set_config()

 - Fix up the lockdep class for hierarchical IRQ domains.

 - Remove some bridge code for line directions.

 - Fix a register access bug in the Xilinx driver.

* tag 'gpio-v5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
  gpio: sifive: fix static checker warning
  spmi: pmic-arb: Set lockdep class for hierarchical irq domains
  gpio: xilinx: Fix bug where the wrong GPIO register is written to
  gpiolib: remove unnecessary argument from set_config call
  gpio: bd71828: Remove unneeded defines for GPIO_LINE_DIRECTION_IN/OUT
  MAINTAINERS: Sort entries in database for GPIO
  gpiolib: fix gpio_do_set_config()
  Revert "gpiolib: remove set but not used variable 'config'"
  Revert "gpiolib: Remove duplicated function gpio_do_set_config()"
      1d40890a
    • David S. Miller's avatar
      Merge branch 'icmp-account-for-NAT-when-sending-icmps-from-ndo-layer' · 803381f9
      David S. Miller authored 
      Jason A. Donenfeld says:

====================
icmp: account for NAT when sending icmps from ndo layer

The ICMP routines use the source address for two reasons:

1. Rate-limiting ICMP transmissions based on source address, so
   that one source address cannot provoke a flood of replies. If
   the source address is wrong, the rate limiting will be
   incorrectly applied.

2. Choosing the interface and hence new source address of the
   generated ICMP packet. If the original packet source address
   is wrong, ICMP replies will be sent from the wrong source
   address, resulting in either a misdelivery, infoleak, or just
   general network admin confusion.

Most of the time, the icmp_send and icmpv6_send routines can just reach
down into the skb's IP header to determine the saddr. However, if
icmp_send or icmpv6_send is being called from a network device driver --
there are a few in the tree -- then it's possible that by the time
icmp_send or icmpv6_send looks at the packet, the packet's source
address has already been transformed by SNAT or MASQUERADE or some other
transformation that CONNTRACK knows about. In this case, the packet's
source address is most certainly the *wrong* source address to be used
for the purpose of ICMP replies.

Rather, the source address we want to use for ICMP replies is the
original one, from before the transformation occurred.

Fortunately, it's very easy to just ask CONNTRACK if it knows about this
packet, and if so, how to fix it up. The saddr is the only field in the
header we need to fix up, for the purposes of the subsequent processing
in the icmp_send and icmpv6_send functions, so we do the lookup very
early on, so that the rest of the ICMP machinery can progress as usual.

Changes v3->v4:
- Add back the skb_shared checking, since the previous assumption isn't
  actually true [Eric]. This implies dropping the additional patches v3 had
  for removing skb_share_check from various drivers. We can revisit that
  general set of ideas later, but that's probably better suited as a net-next
  patchset rather than this stable one which is geared at fixing bugs. So,
  this implements things in the safe conservative way.

Changes v2->v3:
- Add selftest to ensure this actually does what we want and never regresses.
- Check the size of the skb header before operating on it.
- Use skb_ensure_writable to ensure we can modify the cloned skb [Florian].
- Conditionalize this on IPS_SRC_NAT so we don't do anything unnecessarily
  [Florian].
- It turns out that since we're calling these from the xmit path,
  skb_share_check isn't required, so remove that [Florian]. This simplifes the
  code a bit too. **The supposition here is that skbs passed to ndo_start_xmit
  are _never_ shared. If this is not correct NOW IS THE TIME TO PIPE UP, for
  doom awaits us later.**
- While investigating the shared skb business, several drivers appeared to be
  calling it incorrectly in the xmit path, so this series also removes those
  unnecessary calls, based on the supposition mentioned in the previous point.

Changes v1->v2:
- icmpv6 takes subtly different types than icmpv4, like u32 instead of be32,
  u8 instead of int.
- Since we're technically writing to the skb, we need to make sure it's not
  a shared one [Dave, 2017].
- Restore the original skb data after icmp_send returns. All current users
  are freeing the packet right after, so it doesn't matter, but future users
  might not.
- Remove superfluous route lookup in sunvnet [Dave].
- Use NF_NAT instead of NF_CONNTRACK for condition [Florian].
- Include this cover letter [Dave].
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      803381f9
    • Jason A. Donenfeld's avatar
      xfrm: interface: use icmp_ndo_send helper · 45942ba8
      Jason A. Donenfeld authored 
      Because xfrmi is calling icmp from network device context, it should use
the ndo helper so that the rate limiting applies correctly.
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Cc: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      45942ba8
    • Jason A. Donenfeld's avatar
      wireguard: device: use icmp_ndo_send helper · a12d7f3c
      Jason A. Donenfeld authored 
      Because wireguard is calling icmp from network device context, it should
use the ndo helper so that the rate limiting applies correctly.  This
commit adds a small test to the wireguard test suite to ensure that the
new functions continue doing the right thing in the context of
wireguard. It does this by setting up a condition that will definately
evoke an icmp error message from the driver, but along a nat'd path.
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a12d7f3c
    • Jason A. Donenfeld's avatar
      sunvnet: use icmp_ndo_send helper · 67c9a7e1
      Jason A. Donenfeld authored 
      Because sunvnet is calling icmp from network device context, it should use
the ndo helper so that the rate limiting applies correctly. While we're
at it, doing the additional route lookup before calling icmp_ndo_send is
superfluous, since this is the job of the icmp code in the first place.
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Cc: Shannon Nelson <shannon.nelson@oracle.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      67c9a7e1
    • Jason A. Donenfeld's avatar
      gtp: use icmp_ndo_send helper · e0fce6f9
      Jason A. Donenfeld authored 
      Because gtp is calling icmp from network device context, it should use
the ndo helper so that the rate limiting applies correctly.
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Cc: Harald Welte <laforge@gnumonks.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e0fce6f9
    • Jason A. Donenfeld's avatar
      icmp: introduce helper for nat'd source address in network device context · 0b41713b
      Jason A. Donenfeld authored 
      This introduces a helper function to be called only by network drivers
that wraps calls to icmp[v6]_send in a conntrack transformation, in case
NAT has been used. We don't want to pollute the non-driver path, though,
so we introduce this as a helper to be called by places that actually
make use of this, as suggested by Florian.
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
Cc: Florian Westphal <fw@strlen.de>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0b41713b
    • Linus Torvalds's avatar
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 64ae1342
      Linus Torvalds authored 
      Pull crypto fix from Herbert Xu:
 "This fixes a Kconfig anomaly when lib/crypto is enabled without Crypto
  API"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: Kconfig - allow tests to be disabled when manager is disabled
      64ae1342
    • David S. Miller's avatar
      Merge branch 'skip_sw-skip_hw-validation' · 07134cf6
      David S. Miller authored 
      Davide Caratti says:

====================
add missing validation of 'skip_hw/skip_sw'

ensure that all classifiers currently supporting HW offload
validate the 'flags' parameter provided by user:

- patch 1/2 fixes cls_matchall
- patch 2/2 fixes cls_flower
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      07134cf6
    • Davide Caratti's avatar
      net/sched: flower: add missing validation of TCA_FLOWER_FLAGS · e2debf08
      Davide Caratti authored 
      unlike other classifiers that can be offloaded (i.e. users can set flags
like 'skip_hw' and 'skip_sw'), 'cls_flower' doesn't validate the size of
netlink attribute 'TCA_FLOWER_FLAGS' provided by user: add a proper entry
to fl_policy.

Fixes: 5b33f488 ("net/flower: Introduce hardware offload support")
Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
Acked-by: default avatarJiri Pirko <jiri@mellanox.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e2debf08
    • Davide Caratti's avatar
      net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS · 1afa3cc9
      Davide Caratti authored 
      unlike other classifiers that can be offloaded (i.e. users can set flags
like 'skip_hw' and 'skip_sw'), 'cls_matchall' doesn't validate the size
of netlink attribute 'TCA_MATCHALL_FLAGS' provided by user: add a proper
entry to mall_policy.

Fixes: b87f7936 ("net/sched: Add match-all classifier hw offloading.")
Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
Acked-by: default avatarJiri Pirko <jiri@mellanox.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1afa3cc9
    • Hangbin Liu's avatar
      net/flow_dissector: remove unexist field description · 6ee2deb6
      Hangbin Liu authored 
      @thoff has moved to struct flow_dissector_key_control.

Fixes: 42aecaa9 ("net: Get skb hash over flow_keys structure")
Signed-off-by: default avatarHangbin Liu <liuhangbin@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6ee2deb6
    • Li RongQing's avatar
      page_pool: refill page when alloc.count of pool is zero · 304db6cb
      Li RongQing authored 
      "do {} while" in page_pool_refill_alloc_cache will always
refill page once whether refill is true or false, and whether
alloc.count of pool is less than PP_ALLOC_CACHE_REFILL or not
this is wrong, and will cause overflow of pool->alloc.cache

the caller of __page_pool_get_cached should provide guarantee
that pool->alloc.cache is safe to access, so in_serving_softirq
should be removed as suggested by Jesper Dangaard Brouer in
https://patchwork.ozlabs.org/patch/1233713/

so fix this issue by calling page_pool_refill_alloc_cache()
only when pool->alloc.count is zero

Fixes: 44768dec ("page_pool: handle page recycle for NUMA_NO_NODE condition")
Signed-off-by: default avatarLi RongQing <lirongqing@baidu.com>
Suggested-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
Acked-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
Acked-by: default avatarIlias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      304db6cb
    • David S. Miller's avatar
      Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/net-queue · 89e960b5
      David S. Miller authored 
      Jeff Kirsher says:

====================
Intel Wired LAN Driver Updates 2020-02-12

This series contains fixes to only the ice driver.

Dave fixes logic flaws in the DCB rebuild function which is used after a
reset.  Also fixed a configuration issue when switching between firmware
and software LLDP mode where the number of TLV's configured was getting
out of sync with what lldpad thinks is configured.

Paul fixes how the driver displayed all the supported and advertised
link modes by basing it on the PHY capabilities, and in the process
cleaned up a lot of code.

Brett fixes duplicate receive tail bumps by comparing the value we are
writing to tail with the previously written tail value.  Also cleaned up
workarounds that are no longer needed with the latest NVM images.

Anirudh cleaned up unnecessary CONFIG_PCI_IOV wrappers.  Updated the
driver to use ice_pf_to_dev() instead of &pf->pdev->dev or
&vsi->back->pdev->dev.  Cleaned up the string format in print function
calls to remove newlines where applicable.

Akeem updates the link message logging to include "Full Duplex" and
"Negotiated", to help distinguish from "Requested" for FEC.

Bruce fixes and consolidates the logging of firmware/NVM information
during driver load, since the information is duplicate of what is
available via ethtool.  Fixed the checking of the Unit Load Status bits
after reset to ensure they are 0x7FF before continuing, by updating the
mask.  Cleanup up possible NULL dereferences that were created by a
previous commit.

Ben fixes the driver to use the correct netif_msg_tx/rx_error() to
determine whether to print the MDD event type.

Tony provides several trivial fixes, which include whitespace, typos,
function header comments, reverse Christmas tree issues.
====================
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      89e960b5
    • Takashi Iwai's avatar
      ALSA: pcm: Fix double hw_free calls · 0fbb027b
      Takashi Iwai authored 
      The commit 66f2d19f ("ALSA: pcm: Fix memory leak at closing a
stream without hw_free") tried to fix the regression wrt the missing
hw_free call at closing without SNDRV_PCM_IOCTL_HW_FREE ioctl.
However, the code change dropped mistakenly the state check, resulting
in calling hw_free twice when SNDRV_PCM_IOCTL_HW_FRE got called
beforehand.  For most drivers, this is almost harmless, but the
drivers like SOF show another regression now.

This patch adds the state condition check before calling do_hw_free()
at releasing the stream for avoiding the double hw_free calls.

Fixes: 66f2d19f ("ALSA: pcm: Fix memory leak at closing a stream without hw_free")
Reported-by: default avatarBard Liao <yung-chuan.liao@linux.intel.com>
Reported-by: default avatarPierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Tested-by: default avatarPierre-Louis Bossart <pierre-louis.bossart@linux.intel.com>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/s5hd0ajyprg.wl-tiwai@suse.deSigned-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      0fbb027b
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7