1. 11 Oct, 2013 4 commits
    • Eric Dumazet's avatar
      l2tp: must disable bh before calling l2tp_xmit_skb() · 455cc32b
      Eric Dumazet authored
      François Cachereul made a very nice bug report and suspected
      the bh_lock_sock() / bh_unlok_sock() pair used in l2tp_xmit_skb() from
      process context was not good.
      
      This problem was added by commit 6af88da1
      ("l2tp: Fix locking in l2tp_core.c").
      
      l2tp_eth_dev_xmit() runs from BH context, so we must disable BH
      from other l2tp_xmit_skb() users.
      
      [  452.060011] BUG: soft lockup - CPU#1 stuck for 23s! [accel-pppd:6662]
      [  452.061757] Modules linked in: l2tp_ppp l2tp_netlink l2tp_core pppoe pppox
      ppp_generic slhc ipv6 ext3 mbcache jbd virtio_balloon xfs exportfs dm_mod
      virtio_blk ata_generic virtio_net floppy ata_piix libata virtio_pci virtio_ring virtio [last unloaded: scsi_wait_scan]
      [  452.064012] CPU 1
      [  452.080015] BUG: soft lockup - CPU#2 stuck for 23s! [accel-pppd:6643]
      [  452.080015] CPU 2
      [  452.080015]
      [  452.080015] Pid: 6643, comm: accel-pppd Not tainted 3.2.46.mini #1 Bochs Bochs
      [  452.080015] RIP: 0010:[<ffffffff81059f6c>]  [<ffffffff81059f6c>] do_raw_spin_lock+0x17/0x1f
      [  452.080015] RSP: 0018:ffff88007125fc18  EFLAGS: 00000293
      [  452.080015] RAX: 000000000000aba9 RBX: ffffffff811d0703 RCX: 0000000000000000
      [  452.080015] RDX: 00000000000000ab RSI: ffff8800711f6896 RDI: ffff8800745c8110
      [  452.080015] RBP: ffff88007125fc18 R08: 0000000000000020 R09: 0000000000000000
      [  452.080015] R10: 0000000000000000 R11: 0000000000000280 R12: 0000000000000286
      [  452.080015] R13: 0000000000000020 R14: 0000000000000240 R15: 0000000000000000
      [  452.080015] FS:  00007fdc0cc24700(0000) GS:ffff8800b6f00000(0000) knlGS:0000000000000000
      [  452.080015] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [  452.080015] CR2: 00007fdb054899b8 CR3: 0000000074404000 CR4: 00000000000006a0
      [  452.080015] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      [  452.080015] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      [  452.080015] Process accel-pppd (pid: 6643, threadinfo ffff88007125e000, task ffff8800b27e6dd0)
      [  452.080015] Stack:
      [  452.080015]  ffff88007125fc28 ffffffff81256559 ffff88007125fc98 ffffffffa01b2bd1
      [  452.080015]  ffff88007125fc58 000000000000000c 00000000029490d0 0000009c71dbe25e
      [  452.080015]  000000000000005c 000000080000000e 0000000000000000 ffff880071170600
      [  452.080015] Call Trace:
      [  452.080015]  [<ffffffff81256559>] _raw_spin_lock+0xe/0x10
      [  452.080015]  [<ffffffffa01b2bd1>] l2tp_xmit_skb+0x189/0x4ac [l2tp_core]
      [  452.080015]  [<ffffffffa01c2d36>] pppol2tp_sendmsg+0x15e/0x19c [l2tp_ppp]
      [  452.080015]  [<ffffffff811c7872>] __sock_sendmsg_nosec+0x22/0x24
      [  452.080015]  [<ffffffff811c83bd>] sock_sendmsg+0xa1/0xb6
      [  452.080015]  [<ffffffff81254e88>] ? __schedule+0x5c1/0x616
      [  452.080015]  [<ffffffff8103c7c6>] ? __dequeue_signal+0xb7/0x10c
      [  452.080015]  [<ffffffff810bbd21>] ? fget_light+0x75/0x89
      [  452.080015]  [<ffffffff811c8444>] ? sockfd_lookup_light+0x20/0x56
      [  452.080015]  [<ffffffff811c9b34>] sys_sendto+0x10c/0x13b
      [  452.080015]  [<ffffffff8125cac2>] system_call_fastpath+0x16/0x1b
      [  452.080015] Code: 81 48 89 e5 72 0c 31 c0 48 81 ff 45 66 25 81 0f 92 c0 5d c3 55 b8 00 01 00 00 48 89 e5 f0 66 0f c1 07 0f b6 d4 38 d0 74 06 f3 90 <8a> 07 eb f6 5d c3 90 90 55 48 89 e5 9c 58 0f 1f 44 00 00 5d c3
      [  452.080015] Call Trace:
      [  452.080015]  [<ffffffff81256559>] _raw_spin_lock+0xe/0x10
      [  452.080015]  [<ffffffffa01b2bd1>] l2tp_xmit_skb+0x189/0x4ac [l2tp_core]
      [  452.080015]  [<ffffffffa01c2d36>] pppol2tp_sendmsg+0x15e/0x19c [l2tp_ppp]
      [  452.080015]  [<ffffffff811c7872>] __sock_sendmsg_nosec+0x22/0x24
      [  452.080015]  [<ffffffff811c83bd>] sock_sendmsg+0xa1/0xb6
      [  452.080015]  [<ffffffff81254e88>] ? __schedule+0x5c1/0x616
      [  452.080015]  [<ffffffff8103c7c6>] ? __dequeue_signal+0xb7/0x10c
      [  452.080015]  [<ffffffff810bbd21>] ? fget_light+0x75/0x89
      [  452.080015]  [<ffffffff811c8444>] ? sockfd_lookup_light+0x20/0x56
      [  452.080015]  [<ffffffff811c9b34>] sys_sendto+0x10c/0x13b
      [  452.080015]  [<ffffffff8125cac2>] system_call_fastpath+0x16/0x1b
      [  452.064012]
      [  452.064012] Pid: 6662, comm: accel-pppd Not tainted 3.2.46.mini #1 Bochs Bochs
      [  452.064012] RIP: 0010:[<ffffffff81059f6e>]  [<ffffffff81059f6e>] do_raw_spin_lock+0x19/0x1f
      [  452.064012] RSP: 0018:ffff8800b6e83ba0  EFLAGS: 00000297
      [  452.064012] RAX: 000000000000aaa9 RBX: ffff8800b6e83b40 RCX: 0000000000000002
      [  452.064012] RDX: 00000000000000aa RSI: 000000000000000a RDI: ffff8800745c8110
      [  452.064012] RBP: ffff8800b6e83ba0 R08: 000000000000c802 R09: 000000000000001c
      [  452.064012] R10: ffff880071096c4e R11: 0000000000000006 R12: ffff8800b6e83b18
      [  452.064012] R13: ffffffff8125d51e R14: ffff8800b6e83ba0 R15: ffff880072a589c0
      [  452.064012] FS:  00007fdc0b81e700(0000) GS:ffff8800b6e80000(0000) knlGS:0000000000000000
      [  452.064012] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [  452.064012] CR2: 0000000000625208 CR3: 0000000074404000 CR4: 00000000000006a0
      [  452.064012] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      [  452.064012] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      [  452.064012] Process accel-pppd (pid: 6662, threadinfo ffff88007129a000, task ffff8800744f7410)
      [  452.064012] Stack:
      [  452.064012]  ffff8800b6e83bb0 ffffffff81256559 ffff8800b6e83bc0 ffffffff8121c64a
      [  452.064012]  ffff8800b6e83bf0 ffffffff8121ec7a ffff880072a589c0 ffff880071096c62
      [  452.064012]  0000000000000011 ffffffff81430024 ffff8800b6e83c80 ffffffff8121f276
      [  452.064012] Call Trace:
      [  452.064012]  <IRQ>
      [  452.064012]  [<ffffffff81256559>] _raw_spin_lock+0xe/0x10
      [  452.064012]  [<ffffffff8121c64a>] spin_lock+0x9/0xb
      [  452.064012]  [<ffffffff8121ec7a>] udp_queue_rcv_skb+0x186/0x269
      [  452.064012]  [<ffffffff8121f276>] __udp4_lib_rcv+0x297/0x4ae
      [  452.064012]  [<ffffffff8121c178>] ? raw_rcv+0xe9/0xf0
      [  452.064012]  [<ffffffff8121f4a7>] udp_rcv+0x1a/0x1c
      [  452.064012]  [<ffffffff811fe385>] ip_local_deliver_finish+0x12b/0x1a5
      [  452.064012]  [<ffffffff811fe54e>] ip_local_deliver+0x53/0x84
      [  452.064012]  [<ffffffff811fe1d0>] ip_rcv_finish+0x2bc/0x2f3
      [  452.064012]  [<ffffffff811fe78f>] ip_rcv+0x210/0x269
      [  452.064012]  [<ffffffff8101911e>] ? kvm_clock_get_cycles+0x9/0xb
      [  452.064012]  [<ffffffff811d88cd>] __netif_receive_skb+0x3a5/0x3f7
      [  452.064012]  [<ffffffff811d8eba>] netif_receive_skb+0x57/0x5e
      [  452.064012]  [<ffffffff811cf30f>] ? __netdev_alloc_skb+0x1f/0x3b
      [  452.064012]  [<ffffffffa0049126>] virtnet_poll+0x4ba/0x5a4 [virtio_net]
      [  452.064012]  [<ffffffff811d9417>] net_rx_action+0x73/0x184
      [  452.064012]  [<ffffffffa01b2cc2>] ? l2tp_xmit_skb+0x27a/0x4ac [l2tp_core]
      [  452.064012]  [<ffffffff810343b9>] __do_softirq+0xc3/0x1a8
      [  452.064012]  [<ffffffff81013b56>] ? ack_APIC_irq+0x10/0x12
      [  452.064012]  [<ffffffff81256559>] ? _raw_spin_lock+0xe/0x10
      [  452.064012]  [<ffffffff8125e0ac>] call_softirq+0x1c/0x26
      [  452.064012]  [<ffffffff81003587>] do_softirq+0x45/0x82
      [  452.064012]  [<ffffffff81034667>] irq_exit+0x42/0x9c
      [  452.064012]  [<ffffffff8125e146>] do_IRQ+0x8e/0xa5
      [  452.064012]  [<ffffffff8125676e>] common_interrupt+0x6e/0x6e
      [  452.064012]  <EOI>
      [  452.064012]  [<ffffffff810b82a1>] ? kfree+0x8a/0xa3
      [  452.064012]  [<ffffffffa01b2cc2>] ? l2tp_xmit_skb+0x27a/0x4ac [l2tp_core]
      [  452.064012]  [<ffffffffa01b2c25>] ? l2tp_xmit_skb+0x1dd/0x4ac [l2tp_core]
      [  452.064012]  [<ffffffffa01c2d36>] pppol2tp_sendmsg+0x15e/0x19c [l2tp_ppp]
      [  452.064012]  [<ffffffff811c7872>] __sock_sendmsg_nosec+0x22/0x24
      [  452.064012]  [<ffffffff811c83bd>] sock_sendmsg+0xa1/0xb6
      [  452.064012]  [<ffffffff81254e88>] ? __schedule+0x5c1/0x616
      [  452.064012]  [<ffffffff8103c7c6>] ? __dequeue_signal+0xb7/0x10c
      [  452.064012]  [<ffffffff810bbd21>] ? fget_light+0x75/0x89
      [  452.064012]  [<ffffffff811c8444>] ? sockfd_lookup_light+0x20/0x56
      [  452.064012]  [<ffffffff811c9b34>] sys_sendto+0x10c/0x13b
      [  452.064012]  [<ffffffff8125cac2>] system_call_fastpath+0x16/0x1b
      [  452.064012] Code: 89 e5 72 0c 31 c0 48 81 ff 45 66 25 81 0f 92 c0 5d c3 55 b8 00 01 00 00 48 89 e5 f0 66 0f c1 07 0f b6 d4 38 d0 74 06 f3 90 8a 07 <eb> f6 5d c3 90 90 55 48 89 e5 9c 58 0f 1f 44 00 00 5d c3 55 48
      [  452.064012] Call Trace:
      [  452.064012]  <IRQ>  [<ffffffff81256559>] _raw_spin_lock+0xe/0x10
      [  452.064012]  [<ffffffff8121c64a>] spin_lock+0x9/0xb
      [  452.064012]  [<ffffffff8121ec7a>] udp_queue_rcv_skb+0x186/0x269
      [  452.064012]  [<ffffffff8121f276>] __udp4_lib_rcv+0x297/0x4ae
      [  452.064012]  [<ffffffff8121c178>] ? raw_rcv+0xe9/0xf0
      [  452.064012]  [<ffffffff8121f4a7>] udp_rcv+0x1a/0x1c
      [  452.064012]  [<ffffffff811fe385>] ip_local_deliver_finish+0x12b/0x1a5
      [  452.064012]  [<ffffffff811fe54e>] ip_local_deliver+0x53/0x84
      [  452.064012]  [<ffffffff811fe1d0>] ip_rcv_finish+0x2bc/0x2f3
      [  452.064012]  [<ffffffff811fe78f>] ip_rcv+0x210/0x269
      [  452.064012]  [<ffffffff8101911e>] ? kvm_clock_get_cycles+0x9/0xb
      [  452.064012]  [<ffffffff811d88cd>] __netif_receive_skb+0x3a5/0x3f7
      [  452.064012]  [<ffffffff811d8eba>] netif_receive_skb+0x57/0x5e
      [  452.064012]  [<ffffffff811cf30f>] ? __netdev_alloc_skb+0x1f/0x3b
      [  452.064012]  [<ffffffffa0049126>] virtnet_poll+0x4ba/0x5a4 [virtio_net]
      [  452.064012]  [<ffffffff811d9417>] net_rx_action+0x73/0x184
      [  452.064012]  [<ffffffffa01b2cc2>] ? l2tp_xmit_skb+0x27a/0x4ac [l2tp_core]
      [  452.064012]  [<ffffffff810343b9>] __do_softirq+0xc3/0x1a8
      [  452.064012]  [<ffffffff81013b56>] ? ack_APIC_irq+0x10/0x12
      [  452.064012]  [<ffffffff81256559>] ? _raw_spin_lock+0xe/0x10
      [  452.064012]  [<ffffffff8125e0ac>] call_softirq+0x1c/0x26
      [  452.064012]  [<ffffffff81003587>] do_softirq+0x45/0x82
      [  452.064012]  [<ffffffff81034667>] irq_exit+0x42/0x9c
      [  452.064012]  [<ffffffff8125e146>] do_IRQ+0x8e/0xa5
      [  452.064012]  [<ffffffff8125676e>] common_interrupt+0x6e/0x6e
      [  452.064012]  <EOI>  [<ffffffff810b82a1>] ? kfree+0x8a/0xa3
      [  452.064012]  [<ffffffffa01b2cc2>] ? l2tp_xmit_skb+0x27a/0x4ac [l2tp_core]
      [  452.064012]  [<ffffffffa01b2c25>] ? l2tp_xmit_skb+0x1dd/0x4ac [l2tp_core]
      [  452.064012]  [<ffffffffa01c2d36>] pppol2tp_sendmsg+0x15e/0x19c [l2tp_ppp]
      [  452.064012]  [<ffffffff811c7872>] __sock_sendmsg_nosec+0x22/0x24
      [  452.064012]  [<ffffffff811c83bd>] sock_sendmsg+0xa1/0xb6
      [  452.064012]  [<ffffffff81254e88>] ? __schedule+0x5c1/0x616
      [  452.064012]  [<ffffffff8103c7c6>] ? __dequeue_signal+0xb7/0x10c
      [  452.064012]  [<ffffffff810bbd21>] ? fget_light+0x75/0x89
      [  452.064012]  [<ffffffff811c8444>] ? sockfd_lookup_light+0x20/0x56
      [  452.064012]  [<ffffffff811c9b34>] sys_sendto+0x10c/0x13b
      [  452.064012]  [<ffffffff8125cac2>] system_call_fastpath+0x16/0x1b
      Reported-by: default avatarFrançois Cachereul <f.cachereul@alphalink.fr>
      Tested-by: default avatarFrançois Cachereul <f.cachereul@alphalink.fr>
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: James Chapman <jchapman@katalix.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      455cc32b
    • Simon Horman's avatar
      net: sh_eth: Correct fix for RX packet errors on R8A7740 · cc23528d
      Simon Horman authored
      Nguyen Hong Ky posted a patch to correct RX packet errors on R8A7740 which
      was applied as 2c6221e4 ("net: sh_eth: Fix RX packets errors on
      R8A7740"). Unfortunately sh_eth.c contains many similar instances
      of struct sh_eth_cpu_data and the patch was miss-applied, updating
      sh7734_data instead of r8a7740_data.
      
      This patch corrects this problem by.
      1. Reverting the change to sh7734_data and;
      2. Applying the change to r8a7740_data.
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      cc23528d
    • Christophe Gouault's avatar
      vti: get rid of nf mark rule in prerouting · 7263a518
      Christophe Gouault authored
      This patch fixes and improves the use of vti interfaces (while
      lightly changing the way of configuring them).
      
      Currently:
      
      - it is necessary to identify and mark inbound IPsec
        packets destined to each vti interface, via netfilter rules in
        the mangle table at prerouting hook.
      
      - the vti module cannot retrieve the right tunnel in input since
        commit b9959fd3: vti tunnels all have an i_key, but the tunnel lookup
        is done with flag TUNNEL_NO_KEY, so there no chance to retrieve them.
      
      - the i_key is used by the outbound processing as a mark to lookup
        for the right SP and SA bundle.
      
      This patch uses the o_key to store the vti mark (instead of i_key) and
      enables:
      
      - to avoid the need for previously marking the inbound skbuffs via a
        netfilter rule.
      - to properly retrieve the right tunnel in input, only based on the IPsec
        packet outer addresses.
      - to properly perform an inbound policy check (using the tunnel o_key
        as a mark).
      - to properly perform an outbound SPD and SAD lookup (using the tunnel
        o_key as a mark).
      - to keep the current mark of the skbuff. The skbuff mark is neither
        used nor changed by the vti interface. Only the vti interface o_key
        is used.
      
      SAs have a wildcard mark.
      SPs have a mark equal to the vti interface o_key.
      
      The vti interface must be created as follows (i_key = 0, o_key = mark):
      
         ip link add vti1 mode vti local 1.1.1.1 remote 2.2.2.2 okey 1
      
      The SPs attached to vti1 must be created as follows (mark = vti1 o_key):
      
         ip xfrm policy add dir out mark 1 tmpl src 1.1.1.1 dst 2.2.2.2 \
            proto esp mode tunnel
         ip xfrm policy add dir in  mark 1 tmpl src 2.2.2.2 dst 1.1.1.1 \
            proto esp mode tunnel
      
      The SAs are created with the default wildcard mark. There is no
      distinction between global vs. vti SAs. Just their addresses will
      possibly link them to a vti interface:
      
         ip xfrm state add src 1.1.1.1 dst 2.2.2.2 proto esp spi 1000 mode tunnel \
                       enc "cbc(aes)" "azertyuiopqsdfgh"
      
         ip xfrm state add src 2.2.2.2 dst 1.1.1.1 proto esp spi 2000 mode tunnel \
                       enc "cbc(aes)" "sqbdhgqsdjqjsdfh"
      
      To avoid matching "global" (not vti) SPs in vti interfaces, global SPs
      should no use the default wildcard mark, but explicitly match mark 0.
      
      To avoid a double SPD lookup in input and output (in global and vti SPDs),
      the NOPOLICY and NOXFRM options should be set on the vti interfaces:
      
         echo 1 > /proc/sys/net/ipv4/conf/vti1/disable_policy
         echo 1 > /proc/sys/net/ipv4/conf/vti1/disable_xfrm
      
      The outgoing traffic is steered to vti1 by a route via the vti interface:
      
         ip route add 192.168.0.0/16 dev vti1
      
      The incoming IPsec traffic is steered to vti1 because its outer addresses
      match the vti1 tunnel configuration.
      Signed-off-by: default avatarChristophe Gouault <christophe.gouault@6wind.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7263a518
    • Vlad Yasevich's avatar
      bridge: update mdb expiration timer upon reports. · f144febd
      Vlad Yasevich authored
      commit 9f00b2e7
      	bridge: only expire the mdb entry when query is received
      changed the mdb expiration timer to be armed only when QUERY is
      received.  Howerver, this causes issues in an environment where
      the multicast server socket comes and goes very fast while a client
      is trying to send traffic to it.
      
      The root cause is a race where a sequence of LEAVE followed by REPORT
      messages can race against QUERY messages generated in response to LEAVE.
      The QUERY ends up starting the expiration timer, and that timer can
      potentially expire after the new REPORT message has been received signaling
      the new join operation.  This leads to a significant drop in multicast
      traffic and possible complete stall.
      
      The solution is to have REPORT messages update the expiration timer
      on entries that already exist.
      
      CC: Cong Wang <xiyou.wangcong@gmail.com>
      CC: Herbert Xu <herbert@gondor.apana.org.au>
      CC: Stephen Hemminger <stephen@networkplumber.org>
      Signed-off-by: default avatarVlad Yasevich <vyasevic@redhat.com>
      Acked-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f144febd
  2. 09 Oct, 2013 13 commits
    • Marc Kleine-Budde's avatar
      can: at91-can: fix device to driver data mapping for platform devices · 5abbeea5
      Marc Kleine-Budde authored
      In commit:
      
          3078cde7 can: at91_can: add dt support
      
      device tree support was added to the at91_can driver. In this commit the
      mapping of device to driver data was mixed up. This results in the sam9x5
      parameters being used for the sam9263 and the workaround for the broken mailbox
      0 on the sam9263 not being activated.
      
      This patch fixes the broken platform_device_id table.
      
      Cc: linux-stable <stable@vger.kernel.org>
      Cc: Ludovic Desroches <ludovic.desroches@atmel.com>
      Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      5abbeea5
    • Marc Kleine-Budde's avatar
      can: flexcan: fix mx28 detection by rearanging OF match table · e3587842
      Marc Kleine-Budde authored
      The current implemetation of of_match_device() relies that the of_device_id
      table in the driver is sorted from most specific to least specific compatible.
      
      Without this patch the mx28 is detected as the less specific p1010. This leads
      to a p1010 specific workaround is activated on the mx28, which is not needed.
      
      Cc: linux-stable <stable@vger.kernel.org>
      Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      e3587842
    • Marc Kleine-Budde's avatar
      can: flexcan: flexcan_chip_start: fix regression, mark one MB for TX and abort pending TX · d5a7b406
      Marc Kleine-Budde authored
      In patch
      
          0d1862ea can: flexcan: fix flexcan_chip_start() on imx6
      
      the loop in flexcan_chip_start() that iterates over all mailboxes after the
      soft reset of the CAN core was removed. This loop put all mailboxes (even the
      ones marked as reserved 1...7) into EMPTY/INACTIVE mode. On mailboxes 8...63,
      this aborts any pending TX messages.
      
      After a cold boot there is random garbage in the mailboxes, which leads to
      spontaneous transmit of CAN frames during first activation. Further if the
      interface was disabled with a pending message (usually due to an error
      condition on the CAN bus), this message is retransmitted after enabling the
      interface again.
      
      This patch fixes the regression by:
      1) Limiting the maximum number of used mailboxes to 8, 0...7 are used by the RX
      FIFO, 8 is used by TX.
      2) Marking the TX mailbox as EMPTY/INACTIVE, so that any pending TX of that
      mailbox is aborted.
      
      Cc: linux-stable <stable@vger.kernel.org>
      Cc: Lothar Waßmann <LW@KARO-electronics.de>
      Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      d5a7b406
    • David S. Miller's avatar
      Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless · 87b0a0b5
      David S. Miller authored
      John W. Linville says:
      
      ===================
      Please pull this batch of fixes intended for 3.12...
      
      Most of the bits are for iwlwifi -- Johannes says:
      
      "I have a fix for WoWLAN/D3, a PCIe device fix, we're removing a
      warning, there's a fix for RF-kill while scanning (which goes together
      with a mac80211 fix) and last but not least we have many new PCI IDs."
      
      Also for iwlwifi is a patch from Johannes to correct some merge damage
      that crept into the tree before the last merge window.
      
      On top of that, Felix Fietkau sends an ath9k patch to avoid a Tx
      scheduling hang when changing channels to do a scan.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      87b0a0b5
    • David S. Miller's avatar
      Merge branch 'gianfar' · 9ed8111d
      David S. Miller authored
      Merge in gianfar driver bug fixes from Claudiu Manoil.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9ed8111d
    • Claudiu Manoil's avatar
      gianfar: Enable eTSEC-20 erratum w/a for P2020 Rev1 · 53fad773
      Claudiu Manoil authored
      Enable workaround for P2020/P2010 erratum eTSEC 20,
      "Excess delays when transmitting TOE=1 large frames".
      The impact is that frames lager than 2500-bytes for which
      TOE (i.e. TCP/IP hw accelerations like Tx csum) is enabled
      may see excess delay before start of transmission.
      This erratum was fixed in Rev 2.0.
      Signed-off-by: default avatarClaudiu Manoil <claudiu.manoil@freescale.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      53fad773
    • Claudiu Manoil's avatar
      gianfar: Use mpc85xx support for errata detection · 2969b1f7
      Claudiu Manoil authored
      Use the macros and defines from mpc85xx.h to simplify
      and prevent errors in identifying a mpc85xx based SoC
      for errata detection.
      This should help enabling (and identifying) workarounds
      for various mpc85xx based chips and revisions.
      For instance, express MPC8548 Rev.2 as:
      (SVR_SOC_VER(svr) == SVR_8548) && (SVR_REV(svr) == 0x20)
      instead of:
      (pvr == 0x80210020 && mod == 0x8030 && rev == 0x0020)
      Signed-off-by: default avatarClaudiu Manoil <claudiu.manoil@freescale.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2969b1f7
    • Claudiu Manoil's avatar
      gianfar: Enable eTSEC-A002 erratum w/a for all parts · ad3660c2
      Claudiu Manoil authored
      A002 is still in "no plans to fix" state, and applies to all
      the current P1/P2 parts as well, so it's resonable to enable
      its workaround by default, for all the soc's with etsec.
      The impact of not enabling this workaround for affected parts
      is that under certain conditons (runt frames or even frames
      with RX error detected at PHY level) during controller reset,
      the controller might fail to indicate Rx reset (GRS) completion.
      Signed-off-by: default avatarClaudiu Manoil <claudiu.manoil@freescale.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ad3660c2
    • David S. Miller's avatar
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec · f6063850
      David S. Miller authored
      Steffen Klassert says:
      
      ====================
      1) We used the wrong netlink attribute to verify the
         lenght of the replay window on async events. Fix this by
         using the right netlink attribute.
      
      2) Policy lookups can not match the output interface on forwarding.
         Add the needed informations to the flow informations.
      
      3) We update the pmtu when we receive a ICMPV6_DEST_UNREACH message
         on IPsec with ipv6. This is wrong and leads to strange fragmented
         packets, only ICMPV6_PKT_TOOBIG messages should update the pmtu.
         Fix this by removing the ICMPV6_DEST_UNREACH check from the IPsec
         protocol error handlers.
      
      4) The legacy IPsec anti replay mechanism supports anti replay
         windows up to 32 packets. If a user requests for a bigger
         anti replay window, we use 32 packets but pretend that we use
         the requested window size. Fix from Fan Du.
      
      5) If asynchronous events are enabled and replay_maxdiff is set to
         zero, we generate an async event for every received packet instead
         of checking whether a timeout occurred. Fix from Thomas Egerer.
      
      6) Policies need a refcount when the state resolution timer is armed.
         Otherwise the timer can fire after the policy is deleted.
      
      7) We might dreference a NULL pointer if the hold_queue is empty,
         add a check to avoid this.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f6063850
    • Fabio Estevam's avatar
      net: secure_seq: Fix warning when CONFIG_IPV6 and CONFIG_INET are not selected · cb03db9d
      Fabio Estevam authored
      net_secret() is only used when CONFIG_IPV6 or CONFIG_INET are selected.
      
      Building a defconfig with both of these symbols unselected (Using the ARM
      at91sam9rl_defconfig, for example) leads to the following build warning:
      
      $ make at91sam9rl_defconfig
      #
      # configuration written to .config
      #
      
      $ make net/core/secure_seq.o
      scripts/kconfig/conf --silentoldconfig Kconfig
        CHK     include/config/kernel.release
        CHK     include/generated/uapi/linux/version.h
        CHK     include/generated/utsrelease.h
      make[1]: `include/generated/mach-types.h' is up to date.
        CALL    scripts/checksyscalls.sh
        CC      net/core/secure_seq.o
      net/core/secure_seq.c:17:13: warning: 'net_secret_init' defined but not used [-Wunused-function]
      
      Fix this warning by protecting the definition of net_secret() with these
      symbols.
      Reported-by: default avatarOlof Johansson <olof@lixom.net>
      Signed-off-by: default avatarFabio Estevam <fabio.estevam@freescale.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      cb03db9d
    • John W. Linville's avatar
      Merge branch 'master' of... · b26082b9
      John W. Linville authored
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem
      b26082b9
    • David S. Miller's avatar
      Merge branch 'sfc-3.12' of git://git.kernel.org/pub/scm/linux/kernel/git/bwh/sfc · 9684d7b0
      David S. Miller authored
      Ben Hutchings says:
      
      ====================
      Some more fixes for EF10 support; hopefully the last lot:
      
      1. Fixes for reading statistics, from Edward Cree and Jon Cooper.
      2. Addition of ethtool statistics for packets dropped by the hardware
      before they were associated with a specific function, from Edward Cree.
      3. Only bind to functions that are in control of their associated port,
      as the driver currently assumes this is the case.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9684d7b0
    • Eric Dumazet's avatar
      pkt_sched: fq: fix non TCP flows pacing · 7eec4174
      Eric Dumazet authored
      Steinar reported FQ pacing was not working for UDP flows.
      
      It looks like the initial sk->sk_pacing_rate value of 0 was
      a wrong choice. We should init it to ~0U (unlimited)
      
      Then, TCA_FQ_FLOW_DEFAULT_RATE should be removed because it makes
      no real sense. The default rate is really unlimited, and we
      need to avoid a zero divide.
      Reported-by: default avatarSteinar H. Gunderson <sesse@google.com>
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7eec4174
  3. 08 Oct, 2013 21 commits
  4. 07 Oct, 2013 2 commits
    • Eric W. Biederman's avatar
      net: Update the sysctl permissions handler to test effective uid/gid · 88ba09df
      Eric W. Biederman authored
      On Tue, 20 Aug 2013 11:40:04 -0500 Eric Sandeen <sandeen@redhat.com> wrote:
      > This was brought up in a Red Hat bug (which may be marked private, I'm sorry):
      >
      > Bug 987055 - open O_WRONLY succeeds on some root owned files in /proc for process running with unprivileged EUID
      >
      > "On RHEL7 some of the files in /proc can be opened for writing by an unprivileged EUID."
      >
      > The flaw existed upstream as well last I checked.
      >
      > This commit in kernel v3.8 caused the regression:
      >
      > commit cff10976
      > Author: Eric W. Biederman <ebiederm@xmission.com>
      > Date:   Fri Nov 16 03:03:01 2012 +0000
      >
      >     net: Update the per network namespace sysctls to be available to the network namespace owner
      >
      >     - Allow anyone with CAP_NET_ADMIN rights in the user namespace of the
      >       the netowrk namespace to change sysctls.
      >     - Allow anyone the uid of the user namespace root the same
      >       permissions over the network namespace sysctls as the global root.
      >     - Allow anyone with gid of the user namespace root group the same
      >       permissions over the network namespace sysctl as the global root group.
      >
      >     Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
      >     Signed-off-by: David S. Miller <davem@davemloft.net>
      >
      > because it changed /sys/net's special permission handler to test current_uid, not
      > current_euid; same for current_gid/current_egid.
      >
      > So in this case, root cannot drop privs via set[ug]id, and retains all privs
      > in this codepath.
      
      Modify the code to use current_euid(), and in_egroup_p, as in done
      in fs/proc/proc_sysctl.c:test_perm()
      
      Cc: stable@vger.kernel.org
      Reviewed-by: default avatarEric Sandeen <sandeen@redhat.com>
      Reported-by: default avatarEric Sandeen <sandeen@redhat.com>
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      88ba09df
    • Marc Kleine-Budde's avatar
      can: dev: fix nlmsg size calculation in can_get_size() · fe119a05
      Marc Kleine-Budde authored
      This patch fixes the calculation of the nlmsg size, by adding the missing
      nla_total_size().
      Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fe119a05