1. 24 Jun, 2019 13 commits
  2. 23 Jun, 2019 11 commits
    • David S. Miller's avatar
      Merge branch 'ipv6-avoid-taking-refcnt-on-dst-during-route-lookup' · 7d30a7f6
      David S. Miller authored
      Wei Wang says:
      
      ====================
      ipv6: avoid taking refcnt on dst during route lookup
      
      Ipv6 route lookup code always grabs refcnt on the dst for the caller.
      But for certain cases, grabbing refcnt is not always necessary if the
      call path is rcu protected and the caller does not cache the dst.
      Another issue in the route lookup logic is:
      When there are multiple custom rules, we have to do the lookup into
      each table associated to each rule individually. And when we can't
      find the route in one table, we grab and release refcnt on
      net->ipv6.ip6_null_entry before going to the next table.
      This operation is completely redundant, and causes false issue because
      net->ipv6.ip6_null_entry is a shared object.
      
      This patch set introduces a new flag RT6_LOOKUP_F_DST_NOREF for route
      lookup callers to set, to avoid any manipulation on the dst refcnt. And
      it converts the major input and output path to use it.
      
      The performance gain is noticable.
      I ran synflood tests between 2 hosts under the same switch. Both hosts
      have 20G mlx NIC, and 8 tx/rx queues.
      Sender sends pure SYN flood with random src IPs and ports using trafgen.
      Receiver has a simple TCP listener on the target port.
      Both hosts have multiple custom rules:
      - For incoming packets, only local table is traversed.
      - For outgoing packets, 3 tables are traversed to find the route.
      The packet processing rate on the receiver is as follows:
      - Before the fix: 3.78Mpps
      - After the fix:  5.50Mpps
      
      v2->v3:
      - Handled fib6_rule_lookup() when CONFIG_IPV6_MULTIPLE_TABLES is not
        configured in patch 03 (suggested by David Ahern)
      - Removed the renaming of l3mdev_link_scope_lookup() in patch 05
        (suggested by David Ahern)
      - Moved definition of ip6_route_output_flags() from an inline function
        in /net/ipv6/route.c to net/ipv6/route.c in order to address kbuild
        error in patch 05
      
      v1->v2:
      - Added a helper ip6_rt_put_flags() in patch 3 suggested by David Miller
      ====================
      Reviewed-by: default avatarDavid Ahern <dsahern@gmail.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7d30a7f6
    • Wei Wang's avatar
      ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF · 7d9e5f42
      Wei Wang authored
      For tx path, in most cases, we still have to take refcnt on the dst
      cause the caller is caching the dst somewhere. But it still is
      beneficial to make use of RT6_LOOKUP_F_DST_NOREF flag while doing the
      route lookup. It is cause this flag prevents manipulating refcnt on
      net->ipv6.ip6_null_entry when doing fib6_rule_lookup() to traverse each
      routing table. The null_entry is a shared object and constant updates on
      it cause false sharing.
      
      We converted the current major lookup function ip6_route_output_flags()
      to make use of RT6_LOOKUP_F_DST_NOREF.
      
      Together with the change in the rx path, we see noticable performance
      boost:
      I ran synflood tests between 2 hosts under the same switch. Both hosts
      have 20G mlx NIC, and 8 tx/rx queues.
      Sender sends pure SYN flood with random src IPs and ports using trafgen.
      Receiver has a simple TCP listener on the target port.
      Both hosts have multiple custom rules:
      - For incoming packets, only local table is traversed.
      - For outgoing packets, 3 tables are traversed to find the route.
      The packet processing rate on the receiver is as follows:
      - Before the fix: 3.78Mpps
      - After the fix:  5.50Mpps
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7d9e5f42
    • Wei Wang's avatar
      ipv6: convert rx data path to not take refcnt on dst · 67f415dd
      Wei Wang authored
      ip6_route_input() is the key function to do the route lookup in the
      rx data path. All the callers to this function are already holding rcu
      lock. So it is fairly easy to convert it to not take refcnt on the dst:
      We pass in flag RT6_LOOKUP_F_DST_NOREF and do skb_dst_set_noref().
      This saves a few atomic inc or dec operations and should boost
      performance overall.
      This also makes the logic more aligned with v4.
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarMahesh Bandewar <maheshb@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      67f415dd
    • Wei Wang's avatar
      ipv6: honor RT6_LOOKUP_F_DST_NOREF in rule lookup logic · d64a1f57
      Wei Wang authored
      This patch specifically converts the rule lookup logic to honor this
      flag and not release refcnt when traversing each rule and calling
      lookup() on each routing table.
      Similar to previous patch, we also need some special handling of dst
      entries in uncached list because there is always 1 refcnt taken for them
      even if RT6_LOOKUP_F_DST_NOREF flag is set.
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d64a1f57
    • Wei Wang's avatar
      ipv6: initialize rt6->rt6i_uncached in all pre-allocated dst entries · 74109218
      Wei Wang authored
      Initialize rt6->rt6i_uncached on the following pre-allocated dsts:
      net->ipv6.ip6_null_entry
      net->ipv6.ip6_prohibit_entry
      net->ipv6.ip6_blk_hole_entry
      
      This is a preparation patch for later commits to be able to distinguish
      dst entries in uncached list by doing:
      !list_empty(rt6->rt6i_uncached)
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarMahesh Bandewar <maheshb@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      74109218
    • Wei Wang's avatar
      ipv6: introduce RT6_LOOKUP_F_DST_NOREF flag in ip6_pol_route() · 0e09edcc
      Wei Wang authored
      This new flag is to instruct the route lookup function to not take
      refcnt on the dst entry. The user which does route lookup with this flag
      must properly use rcu protection.
      ip6_pol_route() is the major route lookup function for both tx and rx
      path.
      In this function:
      Do not take refcnt on dst if RT6_LOOKUP_F_DST_NOREF flag is set, and
      directly return the route entry. The caller should be holding rcu lock
      when using this flag, and decide whether to take refcnt or not.
      
      One note on the dst cache in the uncached_list:
      As uncached_list does not consume refcnt, one refcnt is always returned
      back to the caller even if RT6_LOOKUP_F_DST_NOREF flag is set.
      Uncached dst is only possible in the output path. So in such call path,
      caller MUST check if the dst is in the uncached_list before assuming
      that there is no refcnt taken on the returned dst.
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarMahesh Bandewar <maheshb@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0e09edcc
    • Russell King's avatar
      doc: phy: document some PHY_INTERFACE_MODE_xxx settings · 8c25c0cb
      Russell King authored
      There seems to be some confusion surrounding three PHY interface modes,
      specifically 1000BASE-X, 2500BASE-X and SGMII.  Add some documentation
      to phylib detailing precisely what these interface modes refer to.
      Signed-off-by: default avatarRussell King <rmk+kernel@armlinux.org.uk>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8c25c0cb
    • Qian Cai's avatar
      inet: fix compilation warnings in fqdir_pre_exit() · 08003d0b
      Qian Cai authored
      The linux-next commit "inet: fix various use-after-free in defrags
      units" [1] introduced compilation warnings,
      
      ./include/net/inet_frag.h:117:1: warning: 'inline' is not at beginning
      of declaration [-Wold-style-declaration]
       static void inline fqdir_pre_exit(struct fqdir *fqdir)
       ^~~~~~
      In file included from ./include/net/netns/ipv4.h:10,
                       from ./include/net/net_namespace.h:20,
                       from ./include/linux/netdevice.h:38,
                       from ./include/linux/icmpv6.h:13,
                       from ./include/linux/ipv6.h:86,
                       from ./include/net/ipv6.h:12,
                       from ./include/rdma/ib_verbs.h:51,
                       from ./include/linux/mlx5/device.h:37,
                       from ./include/linux/mlx5/driver.h:51,
                       from
      drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c:37:
      
      [1] https://lore.kernel.org/netdev/20190618180900.88939-3-edumazet@google.com/Signed-off-by: default avatarQian Cai <cai@lca.pw>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      08003d0b
    • Rasmus Villemoes's avatar
      net: dsa: mv88e6xxx: introduce helpers for handling chip->reg_lock · c9acece0
      Rasmus Villemoes authored
      This is a no-op that simply moves all locking and unlocking of
      ->reg_lock into trivial helpers. I did that to be able to easily add
      some ad hoc instrumentation to those helpers to get some information
      on contention and hold times of the mutex. Perhaps others want to do
      something similar at some point, so this frees them from doing the
      'sed -i' yoga, and have a much smaller 'git diff' while fiddling.
      Signed-off-by: default avatarRasmus Villemoes <rasmus.villemoes@prevas.dk>
      Reviewed-by: default avatarVivien Didelot <vivien.didelot@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c9acece0
    • Sameeh Jubran's avatar
      net: ena: Fix bug where ring allocation backoff stopped too late · 3e5bfb18
      Sameeh Jubran authored
      The current code of create_queues_with_size_backoff() allows the ring size
      to become as small as ENA_MIN_RING_SIZE/2. This is a bug since we don't
      want the queue ring to be smaller than ENA_MIN_RING_SIZE
      
      In this commit we change the loop's termination condition to look at the
      queue size of the next iteration instead of that of the current one,
      so that the minimal queue size again becomes ENA_MIN_RING_SIZE.
      
      Fixes: eece4d2a ("net: ena: add ethtool function for changing io queue sizes")
      Signed-off-by: default avatarArthur Kiyanovski <akiyano@amazon.com>
      Signed-off-by: default avatarSameeh Jubran <sameehj@amazon.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3e5bfb18
    • Colin Ian King's avatar
      hinic: fix dereference of pointer hwdev before it is null checked · 137e4e1a
      Colin Ian King authored
      Currently pointer hwdev is dereferenced when assigning hwif before
      hwdev is null checked.  Fix this by only derefencing hwdev after the
      null check.
      
      Addresses-Coverity: ("Dereference before null check")
      Fixes: 4fdc51bb ("hinic: add support for rss parameters with ethtool")
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      137e4e1a
  3. 22 Jun, 2019 13 commits
    • David S. Miller's avatar
      Merge branch 'net-mediatek-Add-MT7621-TRGMII-mode-support' · 969b15b0
      David S. Miller authored
      René van Dorst says:
      
      ====================
      net: mediatek: Add MT7621 TRGMII mode support
      
      Like many other mediatek SOCs, the MT7621 SOC and the internal MT7530
      switch both supports TRGMII mode. MT7621 TRGMII speed is fix 1200MBit.
      
      v1->v2:
       - Fix breakage on non MT7621 SOC
       - Support 25MHz and 40MHz XTAL as MT7530 clocksource
      ====================
      Tested-by: default avatar"Frank Wunderlich" <frank-w@public-files.de>
      Acked-by: default avatarSean Wang <sean.wang@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      969b15b0
    • René van Dorst's avatar
      net: dsa: mt7530: Add MT7621 TRGMII mode support · 7ef6f6f8
      René van Dorst authored
      This patch add support TRGMII mode for MT7621 internal MT7530 switch.
      MT7621 TRGMII has only one fix speed mode of 1200MBit.
      
      Also adding support for mt7530 25MHz and 40MHz crystal clocksource.
      Values are based on Banana Pi R2 bsp [1].
      
      Don't change MT7623 registers on a MT7621 device.
      
      [1] https://github.com/BPI-SINOVOIP/BPI-R2-bsp/blob/master/linux-mt/drivers/net/ethernet/mediatek/gsw_mt7623.c#L769Signed-off-by: default avatarRené van Dorst <opensource@vdorst.com>
      Tested-by: default avatarFrank Wunderlich <frank-w@public-files.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ef6f6f8
    • René van Dorst's avatar
      net: ethernet: mediatek: Add MT7621 TRGMII mode support · 8efaa653
      René van Dorst authored
      MT7621 SOC also supports TRGMII.
      TRGMII speed is 1200MBit.
      Signed-off-by: default avatarRené van Dorst <opensource@vdorst.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8efaa653
    • Li RongQing's avatar
      netns: restore ops before calling ops_exit_list · b272a0ad
      Li RongQing authored
      ops has been iterated to first element when call pre_exit, and
      it needs to restore from save_ops, not save ops to save_ops
      
      Fixes: d7d99872 ("netns: add pre_exit method to struct pernet_operations")
      Signed-off-by: default avatarLi RongQing <lirongqing@baidu.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b272a0ad
    • Ido Schimmel's avatar
      ipv6: Error when route does not have any valid nexthops · 9eee3b49
      Ido Schimmel authored
      When user space sends invalid information in RTA_MULTIPATH, the nexthop
      list in ip6_route_multipath_add() is empty and 'rt_notif' is set to
      NULL.
      
      The code that emits the in-kernel notifications does not check for this
      condition, which results in a NULL pointer dereference [1].
      
      Fix this by bailing earlier in the function if the parsed nexthop list
      is empty. This is consistent with the corresponding IPv4 code.
      
      v2:
      * Check if parsed nexthop list is empty and bail with extack set
      
      [1]
      kasan: CONFIG_KASAN_INLINE enabled
      kasan: GPF could be caused by NULL-ptr deref or user memory access
      general protection fault: 0000 [#1] PREEMPT SMP KASAN
      CPU: 0 PID: 9190 Comm: syz-executor149 Not tainted 5.2.0-rc5+ #38
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
      Google 01/01/2011
      RIP: 0010:call_fib6_multipath_entry_notifiers+0xd1/0x1a0
      net/ipv6/ip6_fib.c:396
      Code: 8b b5 30 ff ff ff 48 c7 85 68 ff ff ff 00 00 00 00 48 c7 85 70 ff ff
      ff 00 00 00 00 89 45 88 4c 89 e0 48 c1 e8 03 4c 89 65 80 <42> 80 3c 28 00
      0f 85 9a 00 00 00 48 b8 00 00 00 00 00 fc ff df 4d
      RSP: 0018:ffff88809788f2c0 EFLAGS: 00010246
      RAX: 0000000000000000 RBX: 1ffff11012f11e59 RCX: 00000000ffffffff
      RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
      RBP: ffff88809788f390 R08: ffff88809788f8c0 R09: 000000000000000c
      R10: ffff88809788f5d8 R11: ffff88809788f527 R12: 0000000000000000
      R13: dffffc0000000000 R14: ffff88809788f8c0 R15: ffffffff89541d80
      FS:  000055555632c880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 0000000020000080 CR3: 000000009ba7c000 CR4: 00000000001406f0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
      Call Trace:
        ip6_route_multipath_add+0xc55/0x1490 net/ipv6/route.c:5094
        inet6_rtm_newroute+0xed/0x180 net/ipv6/route.c:5208
        rtnetlink_rcv_msg+0x463/0xb00 net/core/rtnetlink.c:5219
        netlink_rcv_skb+0x177/0x450 net/netlink/af_netlink.c:2477
        rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5237
        netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
        netlink_unicast+0x531/0x710 net/netlink/af_netlink.c:1328
        netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1917
        sock_sendmsg_nosec net/socket.c:646 [inline]
        sock_sendmsg+0xd7/0x130 net/socket.c:665
        ___sys_sendmsg+0x803/0x920 net/socket.c:2286
        __sys_sendmsg+0x105/0x1d0 net/socket.c:2324
        __do_sys_sendmsg net/socket.c:2333 [inline]
        __se_sys_sendmsg net/socket.c:2331 [inline]
        __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2331
        do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301
        entry_SYSCALL_64_after_hwframe+0x49/0xbe
      RIP: 0033:0x4401f9
      Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7
      48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
      ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
      RSP: 002b:00007ffc09fd0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
      RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
      RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
      RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
      R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
      R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
      
      Reported-by: syzbot+382566d339d52cd1a204@syzkaller.appspotmail.com
      Fixes: ebee3cad ("ipv6: Add IPv6 multipath notifications for add / replace")
      Signed-off-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Reviewed-by: default avatarJiri Pirko <jiri@mellanox.com>
      Reviewed-by: default avatarDavid Ahern <dsahern@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9eee3b49
    • Greg Kroah-Hartman's avatar
      fjes: no need to check return value of debugfs_create functions · de467c11
      Greg Kroah-Hartman authored
      When calling debugfs functions, there is no need to ever check the
      return value.  The function can work or not, but the code logic should
      never do something different based on this.
      
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Yangtao Li <tiny.windzz@gmail.com>
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      de467c11
    • Ard Biesheuvel's avatar
      net: fastopen: robustness and endianness fixes for SipHash · 438ac880
      Ard Biesheuvel authored
      Some changes to the TCP fastopen code to make it more robust
      against future changes in the choice of key/cookie size, etc.
      
      - Instead of keeping the SipHash key in an untyped u8[] buffer
        and casting it to the right type upon use, use the correct
        type directly. This ensures that the key will appear at the
        correct alignment if we ever change the way these data
        structures are allocated. (Currently, they are only allocated
        via kmalloc so they always appear at the correct alignment)
      
      - Use DIV_ROUND_UP when sizing the u64[] array to hold the
        cookie, so it is always of sufficient size, even if
        TCP_FASTOPEN_COOKIE_MAX is no longer a multiple of 8.
      
      - Drop the 'len' parameter from the tcp_fastopen_reset_cipher()
        function, which is no longer used.
      
      - Add endian swabbing when setting the keys and calculating the hash,
        to ensure that cookie values are the same for a given key and
        source/destination address pair regardless of the endianness of
        the server.
      
      Note that none of these are functional changes wrt the current
      state of the code, with the exception of the swabbing, which only
      affects big endian systems.
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      438ac880
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 92ad6325
      David S. Miller authored
      Minor SPDX change conflict.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      92ad6325
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · c356dc4b
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Fix leak of unqueued fragments in ipv6 nf_defrag, from Guillaume
          Nault.
      
       2) Don't access the DDM interface unless the transceiver implements it
          in bnx2x, from Mauro S. M. Rodrigues.
      
       3) Don't double fetch 'len' from userspace in sock_getsockopt(), from
          JingYi Hou.
      
       4) Sign extension overflow in lio_core, from Colin Ian King.
      
       5) Various netem bug fixes wrt. corrupted packets from Jakub Kicinski.
      
       6) Fix epollout hang in hvsock, from Sunil Muthuswamy.
      
       7) Fix regression in default fib6_type, from David Ahern.
      
       8) Handle memory limits in tcp_fragment more appropriately, from Eric
          Dumazet.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (24 commits)
        tcp: refine memory limit test in tcp_fragment()
        inet: clear num_timeout reqsk_alloc()
        net: mvpp2: debugfs: Add pmap to fs dump
        ipv6: Default fib6_type to RTN_UNICAST when not set
        net: hns3: Fix inconsistent indenting
        net/af_iucv: always register net_device notifier
        net/af_iucv: build proper skbs for HiperTransport
        net/af_iucv: remove GFP_DMA restriction for HiperTransport
        net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
        hvsock: fix epollout hang from race condition
        net/udp_gso: Allow TX timestamp with UDP GSO
        net: netem: fix use after free and double free with packet corruption
        net: netem: fix backlog accounting for corrupted GSO frames
        net: lio_core: fix potential sign-extension overflow on large shift
        tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
        ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
        ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
        tun: wake up waitqueues after IFF_UP is set
        net: remove duplicate fetch in sock_getsockopt
        tipc: fix issues with early FAILOVER_MSG from peer
        ...
      c356dc4b
    • David S. Miller's avatar
      Merge branch 'PCI-let-pci_disable_link_state-propagate-errors' · e0effb5f
      David S. Miller authored
      Heiner Kallweit says:
      
      ====================
      PCI: let pci_disable_link_state propagate errors
      
      Drivers like r8169 rely on pci_disable_link_state() having disabled
      certain ASPM link states. If OS can't control ASPM then
      pci_disable_link_state() turns into a no-op w/o informing the caller.
      The driver therefore may falsely assume the respective ASPM link
      states are disabled. Let pci_disable_link_state() propagate errors
      to the caller, enabling the caller to react accordingly.
      
      I'd propose to let this series go through the netdev tree if the PCI
      core extension is acked by the PCI people.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e0effb5f
    • Heiner Kallweit's avatar
      r8169: don't activate ASPM in chip if OS can't control ASPM · 62b1b3b3
      Heiner Kallweit authored
      Certain chip version / board combinations have massive problems if
      ASPM is active. If BIOS enables ASPM and doesn't let OS control it,
      then we may have a problem with the current code. Therefore check the
      return code of pci_disable_link_state() and don't enable ASPM in the
      network chip if OS can't control ASPM.
      Signed-off-by: default avatarHeiner Kallweit <hkallweit1@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      62b1b3b3
    • Heiner Kallweit's avatar
      PCI: let pci_disable_link_state propagate errors · 4cfd2188
      Heiner Kallweit authored
      Drivers may rely on pci_disable_link_state() having disabled certain
      ASPM link states. If OS can't control ASPM then pci_disable_link_state()
      turns into a no-op w/o informing the caller. The driver therefore may
      falsely assume the respective ASPM link states are disabled.
      Let pci_disable_link_state() propagate errors to the caller, enabling
      the caller to react accordingly.
      Signed-off-by: default avatarHeiner Kallweit <hkallweit1@gmail.com>
      Acked-by: default avatarBjorn Helgaas <bhelgaas@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4cfd2188
    • Eric Dumazet's avatar
      tcp: refine memory limit test in tcp_fragment() · b6653b36
      Eric Dumazet authored
      tcp_fragment() might be called for skbs in the write queue.
      
      Memory limits might have been exceeded because tcp_sendmsg() only
      checks limits at full skb (64KB) boundaries.
      
      Therefore, we need to make sure tcp_fragment() wont punish applications
      that might have setup very low SO_SNDBUF values.
      
      Fixes: f070ef2a ("tcp: tcp_fragment() should apply sane memory limits")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarChristoph Paasch <cpaasch@apple.com>
      Tested-by: default avatarChristoph Paasch <cpaasch@apple.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b6653b36
  4. 21 Jun, 2019 3 commits
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma · 121bddf3
      Linus Torvalds authored
      Pull rdma fixes from Doug Ledford:
       "This is probably our last -rc pull request. We don't have anything
        else outstanding at the moment anyway, and with the summer months on
        us and people taking trips, I expect the next weeks leading up to the
        merge window to be pretty calm and sedate.
      
        This has two simple, no brainer fixes for the EFA driver.
      
        Then it has ten not quite so simple fixes for the hfi1 driver. The
        problem with them is that they aren't simply one liner typo fixes.
        They're still fixes, but they're more complex issues like livelock
        under heavy load where the answer was to change work queue usage and
        spinlock usage to resolve the problem, or issues with orphaned
        requests during certain types of failures like link down which
        required some more complex work to fix too. They all look like
        legitimate fixes to me, they just aren't small like I wish they were.
      
        Summary:
      
         - 2 minor EFA fixes
      
         - 10 hfi1 fixes related to scaling issues"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
        RDMA/efa: Handle mmap insertions overflow
        RDMA/efa: Fix success return value in case of error
        IB/hfi1: Handle port down properly in pio
        IB/hfi1: Handle wakeup of orphaned QPs for pio
        IB/hfi1: Wakeup QPs orphaned on wait list after flush
        IB/hfi1: Use aborts to trigger RC throttling
        IB/hfi1: Create inline to get extended headers
        IB/hfi1: Silence txreq allocation warnings
        IB/hfi1: Avoid hardlockup with flushlist_lock
        IB/hfi1: Correct tid qp rcd to match verbs context
        IB/hfi1: Close PSM sdma_progress sleep window
        IB/hfi1: Validate fault injection opcode user input
      121bddf3
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-5.2-3' of git://git.linux-nfs.org/projects/anna/linux-nfs · c036f7da
      Linus Torvalds authored
      Pull more NFS client fixes from Anna Schumaker:
       "These are mostly refcounting issues that people have found recently.
        The revert fixes a suspend recovery performance issue.
      
         - SUNRPC: Fix a credential refcount leak
      
         - Revert "SUNRPC: Declare RPC timers as TIMER_DEFERRABLE"
      
         - SUNRPC: Fix xps refcount imbalance on the error path
      
         - NFS4: Only set creation opendata if O_CREAT"
      
      * tag 'nfs-for-5.2-3' of git://git.linux-nfs.org/projects/anna/linux-nfs:
        SUNRPC: Fix a credential refcount leak
        Revert "SUNRPC: Declare RPC timers as TIMER_DEFERRABLE"
        net :sunrpc :clnt :Fix xps refcount imbalance on the error path
        NFS4: Only set creation opendata if O_CREAT
      c036f7da
    • Andy Lutomirski's avatar
      x86/vdso: Prevent segfaults due to hoisted vclock reads · ff17bbe0
      Andy Lutomirski authored
      GCC 5.5.0 sometimes cleverly hoists reads of the pvclock and/or hvclock
      pages before the vclock mode checks.  This creates a path through
      vclock_gettime() in which no vclock is enabled at all (due to disabled
      TSC on old CPUs, for example) but the pvclock or hvclock page
      nevertheless read.  This will segfault on bare metal.
      
      This fixes commit 459e3a21 ("gcc-9: properly declare the
      {pv,hv}clock_page storage") in the sense that, before that commit, GCC
      didn't seem to generate the offending code.  There was nothing wrong
      with that commit per se, and -stable maintainers should backport this to
      all supported kernels regardless of whether the offending commit was
      present, since the same crash could just as easily be triggered by the
      phase of the moon.
      
      On GCC 9.1.1, this doesn't seem to affect the generated code at all, so
      I'm not too concerned about performance regressions from this fix.
      
      Cc: stable@vger.kernel.org
      Cc: x86@kernel.org
      Cc: Borislav Petkov <bp@alien8.de>
      Reported-by: default avatarDuncan Roe <duncan_roe@optusnet.com.au>
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ff17bbe0