1. 30 Jan, 2016 22 commits
    • David S. Miller's avatar
      Merge branch 'arnd-net-driver-fixes' · ae9d723e
      David S. Miller authored
      Arnd Bergmann says:
      
      ====================
      network driver fixes
      
      This is an updated series of fixes for the network device drivers
      that showed warnings in ARM randconfig.
      
      Changes since v1 are:
      
      dropped "net: macb: avoid uninitialized variables", already fixed in net-next
      
      dropped "net: fddi/defxx: avoid warning about uninitialized variable
      	use", already fixed in net-next
      
      added missing barriers in "net: moxart: use correct accessors for
      	DMA memory"
      
      clarified "net: bgmac: clarify CONFIG_BCMA dependency" changelog
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ae9d723e
    • Arnd Bergmann's avatar
      net: tg3: avoid uninitialized variable warning · e434e041
      Arnd Bergmann authored
      The tg3_set_eeprom() function correctly initializes the 'start' variable,
      but gcc generates a false warning:
      
      drivers/net/ethernet/broadcom/tg3.c: In function 'tg3_set_eeprom':
      drivers/net/ethernet/broadcom/tg3.c:12057:4: warning: 'start' may be used uninitialized in this function [-Wmaybe-uninitialized]
      
      I have not come up with a way to restructure the code in a way that
      avoids the warning without making it less readable, so this adds an
      initialization for the declaration to shut up that warning.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e434e041
    • Arnd Bergmann's avatar
      net: nb8800: avoid uninitialized variable warning · 8bdb2908
      Arnd Bergmann authored
      The nb8800_poll() function initializes the 'next' variable in the
      loop looking for new input data. We know this will be called at
      least once because 'budget' is a guaranteed to be a positive number
      when we enter the function, but the compiler doesn't know that
      and warns when the variable is used later:
      
      drivers/net/ethernet/aurora/nb8800.c: In function 'nb8800_poll':
      drivers/net/ethernet/aurora/nb8800.c:350:21: warning: 'next' may be used uninitialized in this function [-Wmaybe-uninitialized]
      
      Changing the 'while() {}' loop to 'do {} while()' makes it obvious
      to the compiler what is going on so it no longer warns.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Acked-by: default avatarMans Rullgard <mans@mansr.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8bdb2908
    • Arnd Bergmann's avatar
      net: vxge: avoid unused function warnings · 57e7c8ce
      Arnd Bergmann authored
      When CONFIG_PCI_MSI is disabled, we get warnings about unused functions
      in the vxge driver:
      
      drivers/net/ethernet/neterion/vxge/vxge-main.c:2121:13: warning: 'adaptive_coalesce_tx_interrupts' defined but not used [-Wunused-function]
      drivers/net/ethernet/neterion/vxge/vxge-main.c:2149:13: warning: 'adaptive_coalesce_rx_interrupts' defined but not used [-Wunused-function]
      
      We could add another #ifdef here, but it's nicer to avoid those warnings
      for good by converting the existing #ifdef to if(IS_ENABLED()), which has
      the same effect but provides better compile-time coverage in general,
      and lets the compiler understand better when the function is intentionally
      unused.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      57e7c8ce
    • Arnd Bergmann's avatar
      net: bgmac: clarify CONFIG_BCMA dependency · 1f820f53
      Arnd Bergmann authored
      The bgmac driver depends on BCMA_HOST_SOC, which is only used
      when CONFIG_BCMA is enabled. However, it is a bool option and can
      be set when CONFIG_BCMA=m, and then bgmac can be built-in, leading
      to an obvious link error:
      
      drivers/built-in.o: In function `bgmac_init':
      :(.init.text+0x7f2c): undefined reference to `__bcma_driver_register'
      drivers/built-in.o: In function `bgmac_exit':
      :(.exit.text+0x110a): undefined reference to `bcma_driver_unregister'
      
      To avoid this case, we need to depend on both BCMA and BCMA_SOC,
      as this patch does. I'm also trying to make the dependency more
      readable by splitting it into three lines, and adding a COMPILE_TEST
      alternative so we can test-build it in all configurations that
      support BCMA.
      
      The added dependency on FIXED_PHY addresses a related issue where
      we cannot call fixed_phy_register() when CONFIG_FIXED_PHY=m and
      CONFIG_BGMAC=y.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1f820f53
    • Arnd Bergmann's avatar
      net: hp100: remove unnecessary #ifdefs · 747a1127
      Arnd Bergmann authored
      Building the hp100 ethernet driver causes warnings when both the PCI
      and EISA drivers are disabled:
      
      ethernet/hp/hp100.c: In function 'hp100_module_init':
      ethernet/hp/hp100.c:3047:2: warning: label 'out3' defined but not used [-Wunused-label]
      ethernet/hp/hp100.c: At top level:
      ethernet/hp/hp100.c:2828:13: warning: 'cleanup_dev' defined but not used [-Wunused-function]
      
      We can easily avoid the warnings and make the driver look slightly
      nicer by removing the #ifdefs that check for the CONFIG_PCI and
      CONFIG_EISA, as all the registration functions are designed to
      have no effect when the buses are disabled.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      747a1127
    • Arnd Bergmann's avatar
      net: davinci_cpdma: use dma_addr_t for DMA address · 84092996
      Arnd Bergmann authored
      The davinci_cpdma mixes up physical addresses as seen from the CPU
      and DMA addresses as seen from a DMA master, since it can operate
      on both normal memory or an on-chip buffer. If dma_addr_t is
      different from phys_addr_t, this means we get a compile-time warning
      about the type mismatch:
      
      ethernet/ti/davinci_cpdma.c: In function 'cpdma_desc_pool_create':
      ethernet/ti/davinci_cpdma.c:182:48: error: passing argument 3 of 'dma_alloc_coherent' from incompatible pointer type [-Werror=incompatible-pointer-types]
         pool->cpumap = dma_alloc_coherent(dev, size, &pool->phys,
      In file included from ethernet/ti/davinci_cpdma.c:21:0:
      dma-mapping.h:398:21: note: expected 'dma_addr_t * {aka long long unsigned int *}' but argument is of type 'phys_addr_t * {aka unsigned int *}'
       static inline void *dma_alloc_coherent(struct device *dev, size_t size,
      
      This slightly restructures the code so the address we use for
      mapping RAM into a DMA address is always a dma_addr_t, avoiding
      the warning. The code is correct even if both types are 32-bit
      because the DMA master in this device only supports 32-bit addressing
      anyway, independent of the types that are used.
      
      We still assign this value to pool->phys, and that is wrong if
      the driver is ever used with an IOMMU, but that value appears to
      be never used, so there is no problem really. I've added a couple
      of comments about where we do things that are slightly violating
      the API.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      84092996
    • David S. Miller's avatar
      Merge branch 'ipv6-sticky-pktinfo' · 84922d8c
      David S. Miller authored
      Paolo Abeni says:
      
      ====================
      ipv6: fix sticky pktinfo behaviour
      
      Currently:
      
      ip addr add dev eth0 2001:0010::1/64
      ip addr add dev eth1 2001:0020::1/64
      ping6 -I eth0 2001:0020::2
      
      do not lead to the expected results, i.e. eth1 is used as the
      egress interface.
      
      This is due to two related issues in handling sticky pktinfo,
      used by ping6 to enforce the device binding:
      
      - ip6_dst_lookup_flow()/ip6_dst_lookup_tail() do not really enforce
      flowi6_oif match
      - ipv6 udp connect() just ignore flowi6_oif
      
      These patches address each issue individually.
      
      The kernel has never enforced the egress interface specified
      via the sticky pktinfo, except briefly between the commits
      741a11d9 ("net: ipv6: Add RT6_LOOKUP_F_IFACE flag if oif is set")
      and
      d46a9d67 ("net: ipv6: Dont add RT6_LOOKUP_F_IFACE flag if saddr set"),
      but the ping6 tools was unaffected up to iputils-20100214,
      since before it used SO_BINDTODEVICE to enforce the egress
      interface.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      84922d8c
    • Paolo Abeni's avatar
      ipv6/udp: use sticky pktinfo egress ifindex on connect() · 1cdda918
      Paolo Abeni authored
      Currently, the egress interface index specified via IPV6_PKTINFO
      is ignored by __ip6_datagram_connect(), so that RFC 3542 section 6.7
      can be subverted when the user space application calls connect()
      before sendmsg().
      Fix it by initializing properly flowi6_oif in connect() before
      performing the route lookup.
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Acked-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1cdda918
    • Paolo Abeni's avatar
      ipv6: enforce flowi6_oif usage in ip6_dst_lookup_tail() · 6f21c96a
      Paolo Abeni authored
      The current implementation of ip6_dst_lookup_tail basically
      ignore the egress ifindex match: if the saddr is set,
      ip6_route_output() purposefully ignores flowi6_oif, due
      to the commit d46a9d67 ("net: ipv6: Dont add RT6_LOOKUP_F_IFACE
      flag if saddr set"), if the saddr is 'any' the first route lookup
      in ip6_dst_lookup_tail fails, but upon failure a second lookup will
      be performed with saddr set, thus ignoring the ifindex constraint.
      
      This commit adds an output route lookup function variant, which
      allows the caller to specify lookup flags, and modify
      ip6_dst_lookup_tail() to enforce the ifindex match on the second
      lookup via said helper.
      
      ip6_route_output() becames now a static inline function build on
      top of ip6_route_output_flags(); as a side effect, out-of-tree
      modules need now a GPL license to access the output route lookup
      functionality.
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Acked-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
      Acked-by: default avatarDavid Ahern <dsa@cumulusnetworks.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6f21c96a
    • David S. Miller's avatar
      Merge tag 'wireless-drivers-for-davem-2016-01-29' of... · 39a4867a
      David S. Miller authored
      Merge tag 'wireless-drivers-for-davem-2016-01-29' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers
      
      Kalle Valo says:
      
      ====================
      iwlwifi
      
      * Fix support for 3168 device:
        * NVM version
        * firmware file name
        * device IDs
      * Fix a compilation warning in dvm calibration code
      * Fix the TPC (reduced Tx Power) code. This fixes performance issues
      * Add device IDs for 8265
      
      rtx2x00
      
      * fix monitor mode regression dating back to 4.1
      
      brcmfmac
      
      * fix sdio initialisation related crash
      
      rtlwifi
      
      * rtl8821ae: Fix 5G failure when EEPROM is incorrectly encoded
      
      ath9k
      
      * ignore eeprom magic mismatch on flash based devices
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      39a4867a
    • Ken-ichirou MATSUZAWA's avatar
      netlink: not trim skb for mmaped socket when dump · aa3a0220
      Ken-ichirou MATSUZAWA authored
      We should not trim skb for mmaped socket since its buf size is fixed
      and userspace will read as frame which data equals head. mmaped
      socket will not call recvmsg, means max_recvmsg_len is 0,
      skb_reserve was not called before commit: db65a3aa.
      
      Fixes: db65a3aa (netlink: Trim skb to alloc size to avoid MSG_TRUNC)
      Signed-off-by: default avatarKen-ichirou MATSUZAWA <chamas@h4.dion.ne.jp>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      aa3a0220
    • Li RongQing's avatar
      vxlan: fix a out of bounds access in __vxlan_find_mac · 7256eac1
      Li RongQing authored
      The size of all_zeros_mac is 6 byte, but eth_hash() will access the
      8 byte, and KASan reported the below bug:
      
      [ 8596.479031] BUG: KASan: out of bounds access in __vxlan_find_mac+0x24/0x100 at addr ffffffff841514c0
      [ 8596.487647] Read of size 8 by task ip/52820
      [ 8596.490818] Address belongs to variable all_zeros_mac+0x0/0x40
      [ 8596.496051] CPU: 0 PID: 52820 Comm: ip Tainted: G WC 4.1.15 #1
      [ 8596.503520] Hardware name: HP ProLiant DL380p Gen8, BIOS P70 02/10/2014
      [ 8596.509365] ffffffff841514c0 ffff88007450f0b8 ffffffff822fa5e1 0000000000000032
      [ 8596.516112] ffff88007450f150 ffff88007450f138 ffffffff812dd58c ffff88007450f1d8
      [ 8596.522856] ffffffff81113b80 0000000000000282 0000000000000001 ffffffff8101ee4d
      [ 8596.529599] Call Trace:
      [ 8596.530858] [<ffffffff822fa5e1>] dump_stack+0x4f/0x7b
      [ 8596.535080] [<ffffffff812dd58c>] kasan_report_error+0x3bc/0x3f0
      [ 8596.540258] [<ffffffff81113b80>] ? __lock_acquire+0x90/0x2140
      [ 8596.545245] [<ffffffff8101ee4d>] ? save_stack_trace+0x2d/0x80
      [ 8596.550234] [<ffffffff812dda70>] kasan_report+0x40/0x50
      [ 8596.554647] [<ffffffff81b211e4>] ? __vxlan_find_mac+0x24/0x100
      [ 8596.559729] [<ffffffff812dc399>] __asan_load8+0x69/0xa0
      [ 8596.564141] [<ffffffff81b211e4>] __vxlan_find_mac+0x24/0x100
      [ 8596.569033] [<ffffffff81b2683d>] vxlan_fdb_create+0x9d/0x570
      
      it can be fixed by enlarging the all_zeros_mac to 8 byte, although it is
      harmless; eth_hash() will be called in other place with the memory which
      is larger and equal to 8 byte.
      Signed-off-by: default avatarLi RongQing <roy.qing.li@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7256eac1
    • Vivien Didelot's avatar
      net: dsa: mv88e6xxx: fix port VLAN maps · be1faa92
      Vivien Didelot authored
      Currently the port based VLAN maps should be configured to allow every
      port to egress frames on all other ports, except themselves.
      
      The debugfs interface shows that they are misconfigured. For instance, a
      7-port switch has the following content in the related register 0x06:
      
             GLOBAL GLOBAL2 SERDES   0    1    2    3    4    5    6
          ...
          6:  1fa4    1f0f       4   7f   7e   7d   7c   7b   7a   79
          ...
      
      This means that port 3 is allowed to talk to port 2-6, but cannot talk
      to ports 0 and 1. With this fix, port 3 can correctly talk to all ports
      except 3 itself:
      
             GLOBAL GLOBAL2 SERDES   0    1    2    3    4    5    6
          ...
          6:  1fa4    1f0f       4   7e   7d   7b   77   6f   5f   3f
          ...
      
      Fixes: ede8098d ("net: dsa: mv88e6xxx: bridges do not need an FID")
      Reported-by: default avatarKevin Smith <kevin.smith@elecsyscorp.com>
      Signed-off-by: default avatarVivien Didelot <vivien.didelot@savoirfairelinux.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Tested-by: default avatarKevin Smith <kevin.smith@elecsyscorp.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      be1faa92
    • Alexander Duyck's avatar
      fib_trie: Fix shift by 32 in fib_table_lookup · a5829f53
      Alexander Duyck authored
      The fib_table_lookup function had a shift by 32 that triggered a UBSAN
      warning.  This was due to the fact that I had placed the shift first and
      then followed it with the check for the suffix length to ignore the
      undefined behavior.  If we reorder this so that we verify the suffix is
      less than 32 before shifting the value we can avoid the issue.
      Reported-by: default avatarToralf Förster <toralf.foerster@gmx.de>
      Signed-off-by: default avatarAlexander Duyck <aduyck@mirantis.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a5829f53
    • Arnd Bergmann's avatar
      net: moxart: use correct accessors for DMA memory · 59a557be
      Arnd Bergmann authored
      The moxart ethernet driver confuses coherent DMA buffers with
      MMIO registers.
      
      moxart_ether.c: In function 'moxart_mac_setup_desc_ring':
      moxart_ether.c:146:428: error: passing argument 1 of '__fswab32' makes integer from pointer without a cast [-Werror=int-conversion]
      moxart_ether.c:74:39: warning: incorrect type in argument 3 (different address spaces)
      moxart_ether.c:74:39:    expected void *cpu_addr
      moxart_ether.c:74:39:    got void [noderef] <asn:2>*tx_desc_base
      
      This leaves the basic logic alone and uses normal pointers for
      the virtual address of the descriptor. As we cannot use readl/writel
      to access them, we also introduce our own moxart_desc_read
      moxart_desc_write helpers that perform the same endianess swap
      as the original code, but without the address space conversion.
      
      The barriers are made explicit here where needed: Even in the worst-case
      scenario, we just have to use a rmb() after checking ownership so
      we don't read any input data before we are sure it is value, and we
      use wmb() before transferring ownership back to the device.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      59a557be
    • Arnd Bergmann's avatar
      ipv4: ipconfig: avoid unused ic_proto_used symbol · 52b79e2b
      Arnd Bergmann authored
      When CONFIG_PROC_FS, CONFIG_IP_PNP_BOOTP, CONFIG_IP_PNP_DHCP and
      CONFIG_IP_PNP_RARP are all disabled, we get a warning about the
      ic_proto_used variable being unused:
      
      net/ipv4/ipconfig.c:146:12: error: 'ic_proto_used' defined but not used [-Werror=unused-variable]
      
      This avoids the warning, by making the definition conditional on
      whether a dynamic IP configuration protocol is configured. If not,
      we know that the value is always zero, so we can optimize away the
      variable and all code that depends on it.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      52b79e2b
    • David S. Miller's avatar
      Merge branch 'bnxt_en-fixes' · 0260a2f4
      David S. Miller authored
      Michael Chan says:
      
      ====================
      bnxt_en: Bug fixes.
      
      3 small bug fix patches for net.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0260a2f4
    • Michael Chan's avatar
      bnxt_en: Fix crash in bnxt_free_tx_skbs() during tx timeout. · d612a579
      Michael Chan authored
      The ring index j is not wrapped properly at the end of the ring, causing
      it to reference pointers past the end of the ring.  For proper loop
      termination and to access the ring properly, we need to increment j and
      mask it before referencing the ring entry.
      Signed-off-by: default avatarMichael Chan <mchan@broadcom.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d612a579
    • Michael Chan's avatar
      bnxt_en: Exclude rx_drop_pkts hw counter from the stack's rx_dropped counter. · 8a4d4c8d
      Michael Chan authored
      This hardware counter is misleading as it counts dropped packets that
      don't match the hardware filters for unicast/broadcast/multicast.  We
      will still report this counter in ethtool -S for diagnostics purposes.
      Signed-off-by: default avatarMichael Chan <mchan@broadcom.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8a4d4c8d
    • Prashant Sreedharan's avatar
      bnxt_en: Ring free response from close path should use completion ring · 74608fc9
      Prashant Sreedharan authored
      Use completion ring for ring free response from firmware.  The response
      will be the last entry in the ring and we can free the ring after getting
      the response.  This will guarantee no spurious DMA to freed memory.
      Signed-off-by: default avatarPrashant Sreedharan <prashant@broadcom.com>
      Signed-off-by: default avatarMichael Chan <mchan@broadcom.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      74608fc9
    • Bernie Harris's avatar
      net_sched: drr: check for NULL pointer in drr_dequeue · df3eb6cd
      Bernie Harris authored
      There are cases where qdisc_dequeue_peeked can return NULL, and the result
      is dereferenced later on in the function.
      
      Similarly to the other qdisc dequeue functions, check whether the skb
      pointer is NULL and if it is, goto out.
      Signed-off-by: default avatarBernie Harris <bernie.harris@alliedtelesis.co.nz>
      Reviewed-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      df3eb6cd
  2. 29 Jan, 2016 18 commits