1. 24 Jun, 2019 3 commits
  2. 23 Jun, 2019 11 commits
    • David S. Miller's avatar
      Merge branch 'ipv6-avoid-taking-refcnt-on-dst-during-route-lookup' · 7d30a7f6
      David S. Miller authored
      Wei Wang says:
      
      ====================
      ipv6: avoid taking refcnt on dst during route lookup
      
      Ipv6 route lookup code always grabs refcnt on the dst for the caller.
      But for certain cases, grabbing refcnt is not always necessary if the
      call path is rcu protected and the caller does not cache the dst.
      Another issue in the route lookup logic is:
      When there are multiple custom rules, we have to do the lookup into
      each table associated to each rule individually. And when we can't
      find the route in one table, we grab and release refcnt on
      net->ipv6.ip6_null_entry before going to the next table.
      This operation is completely redundant, and causes false issue because
      net->ipv6.ip6_null_entry is a shared object.
      
      This patch set introduces a new flag RT6_LOOKUP_F_DST_NOREF for route
      lookup callers to set, to avoid any manipulation on the dst refcnt. And
      it converts the major input and output path to use it.
      
      The performance gain is noticable.
      I ran synflood tests between 2 hosts under the same switch. Both hosts
      have 20G mlx NIC, and 8 tx/rx queues.
      Sender sends pure SYN flood with random src IPs and ports using trafgen.
      Receiver has a simple TCP listener on the target port.
      Both hosts have multiple custom rules:
      - For incoming packets, only local table is traversed.
      - For outgoing packets, 3 tables are traversed to find the route.
      The packet processing rate on the receiver is as follows:
      - Before the fix: 3.78Mpps
      - After the fix:  5.50Mpps
      
      v2->v3:
      - Handled fib6_rule_lookup() when CONFIG_IPV6_MULTIPLE_TABLES is not
        configured in patch 03 (suggested by David Ahern)
      - Removed the renaming of l3mdev_link_scope_lookup() in patch 05
        (suggested by David Ahern)
      - Moved definition of ip6_route_output_flags() from an inline function
        in /net/ipv6/route.c to net/ipv6/route.c in order to address kbuild
        error in patch 05
      
      v1->v2:
      - Added a helper ip6_rt_put_flags() in patch 3 suggested by David Miller
      ====================
      Reviewed-by: default avatarDavid Ahern <dsahern@gmail.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7d30a7f6
    • Wei Wang's avatar
      ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF · 7d9e5f42
      Wei Wang authored
      For tx path, in most cases, we still have to take refcnt on the dst
      cause the caller is caching the dst somewhere. But it still is
      beneficial to make use of RT6_LOOKUP_F_DST_NOREF flag while doing the
      route lookup. It is cause this flag prevents manipulating refcnt on
      net->ipv6.ip6_null_entry when doing fib6_rule_lookup() to traverse each
      routing table. The null_entry is a shared object and constant updates on
      it cause false sharing.
      
      We converted the current major lookup function ip6_route_output_flags()
      to make use of RT6_LOOKUP_F_DST_NOREF.
      
      Together with the change in the rx path, we see noticable performance
      boost:
      I ran synflood tests between 2 hosts under the same switch. Both hosts
      have 20G mlx NIC, and 8 tx/rx queues.
      Sender sends pure SYN flood with random src IPs and ports using trafgen.
      Receiver has a simple TCP listener on the target port.
      Both hosts have multiple custom rules:
      - For incoming packets, only local table is traversed.
      - For outgoing packets, 3 tables are traversed to find the route.
      The packet processing rate on the receiver is as follows:
      - Before the fix: 3.78Mpps
      - After the fix:  5.50Mpps
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7d9e5f42
    • Wei Wang's avatar
      ipv6: convert rx data path to not take refcnt on dst · 67f415dd
      Wei Wang authored
      ip6_route_input() is the key function to do the route lookup in the
      rx data path. All the callers to this function are already holding rcu
      lock. So it is fairly easy to convert it to not take refcnt on the dst:
      We pass in flag RT6_LOOKUP_F_DST_NOREF and do skb_dst_set_noref().
      This saves a few atomic inc or dec operations and should boost
      performance overall.
      This also makes the logic more aligned with v4.
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarMahesh Bandewar <maheshb@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      67f415dd
    • Wei Wang's avatar
      ipv6: honor RT6_LOOKUP_F_DST_NOREF in rule lookup logic · d64a1f57
      Wei Wang authored
      This patch specifically converts the rule lookup logic to honor this
      flag and not release refcnt when traversing each rule and calling
      lookup() on each routing table.
      Similar to previous patch, we also need some special handling of dst
      entries in uncached list because there is always 1 refcnt taken for them
      even if RT6_LOOKUP_F_DST_NOREF flag is set.
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d64a1f57
    • Wei Wang's avatar
      ipv6: initialize rt6->rt6i_uncached in all pre-allocated dst entries · 74109218
      Wei Wang authored
      Initialize rt6->rt6i_uncached on the following pre-allocated dsts:
      net->ipv6.ip6_null_entry
      net->ipv6.ip6_prohibit_entry
      net->ipv6.ip6_blk_hole_entry
      
      This is a preparation patch for later commits to be able to distinguish
      dst entries in uncached list by doing:
      !list_empty(rt6->rt6i_uncached)
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarMahesh Bandewar <maheshb@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      74109218
    • Wei Wang's avatar
      ipv6: introduce RT6_LOOKUP_F_DST_NOREF flag in ip6_pol_route() · 0e09edcc
      Wei Wang authored
      This new flag is to instruct the route lookup function to not take
      refcnt on the dst entry. The user which does route lookup with this flag
      must properly use rcu protection.
      ip6_pol_route() is the major route lookup function for both tx and rx
      path.
      In this function:
      Do not take refcnt on dst if RT6_LOOKUP_F_DST_NOREF flag is set, and
      directly return the route entry. The caller should be holding rcu lock
      when using this flag, and decide whether to take refcnt or not.
      
      One note on the dst cache in the uncached_list:
      As uncached_list does not consume refcnt, one refcnt is always returned
      back to the caller even if RT6_LOOKUP_F_DST_NOREF flag is set.
      Uncached dst is only possible in the output path. So in such call path,
      caller MUST check if the dst is in the uncached_list before assuming
      that there is no refcnt taken on the returned dst.
      Signed-off-by: default avatarWei Wang <weiwan@google.com>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarMahesh Bandewar <maheshb@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0e09edcc
    • Russell King's avatar
      doc: phy: document some PHY_INTERFACE_MODE_xxx settings · 8c25c0cb
      Russell King authored
      There seems to be some confusion surrounding three PHY interface modes,
      specifically 1000BASE-X, 2500BASE-X and SGMII.  Add some documentation
      to phylib detailing precisely what these interface modes refer to.
      Signed-off-by: default avatarRussell King <rmk+kernel@armlinux.org.uk>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8c25c0cb
    • Qian Cai's avatar
      inet: fix compilation warnings in fqdir_pre_exit() · 08003d0b
      Qian Cai authored
      The linux-next commit "inet: fix various use-after-free in defrags
      units" [1] introduced compilation warnings,
      
      ./include/net/inet_frag.h:117:1: warning: 'inline' is not at beginning
      of declaration [-Wold-style-declaration]
       static void inline fqdir_pre_exit(struct fqdir *fqdir)
       ^~~~~~
      In file included from ./include/net/netns/ipv4.h:10,
                       from ./include/net/net_namespace.h:20,
                       from ./include/linux/netdevice.h:38,
                       from ./include/linux/icmpv6.h:13,
                       from ./include/linux/ipv6.h:86,
                       from ./include/net/ipv6.h:12,
                       from ./include/rdma/ib_verbs.h:51,
                       from ./include/linux/mlx5/device.h:37,
                       from ./include/linux/mlx5/driver.h:51,
                       from
      drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c:37:
      
      [1] https://lore.kernel.org/netdev/20190618180900.88939-3-edumazet@google.com/Signed-off-by: default avatarQian Cai <cai@lca.pw>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      08003d0b
    • Rasmus Villemoes's avatar
      net: dsa: mv88e6xxx: introduce helpers for handling chip->reg_lock · c9acece0
      Rasmus Villemoes authored
      This is a no-op that simply moves all locking and unlocking of
      ->reg_lock into trivial helpers. I did that to be able to easily add
      some ad hoc instrumentation to those helpers to get some information
      on contention and hold times of the mutex. Perhaps others want to do
      something similar at some point, so this frees them from doing the
      'sed -i' yoga, and have a much smaller 'git diff' while fiddling.
      Signed-off-by: default avatarRasmus Villemoes <rasmus.villemoes@prevas.dk>
      Reviewed-by: default avatarVivien Didelot <vivien.didelot@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c9acece0
    • Sameeh Jubran's avatar
      net: ena: Fix bug where ring allocation backoff stopped too late · 3e5bfb18
      Sameeh Jubran authored
      The current code of create_queues_with_size_backoff() allows the ring size
      to become as small as ENA_MIN_RING_SIZE/2. This is a bug since we don't
      want the queue ring to be smaller than ENA_MIN_RING_SIZE
      
      In this commit we change the loop's termination condition to look at the
      queue size of the next iteration instead of that of the current one,
      so that the minimal queue size again becomes ENA_MIN_RING_SIZE.
      
      Fixes: eece4d2a ("net: ena: add ethtool function for changing io queue sizes")
      Signed-off-by: default avatarArthur Kiyanovski <akiyano@amazon.com>
      Signed-off-by: default avatarSameeh Jubran <sameehj@amazon.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3e5bfb18
    • Colin Ian King's avatar
      hinic: fix dereference of pointer hwdev before it is null checked · 137e4e1a
      Colin Ian King authored
      Currently pointer hwdev is dereferenced when assigning hwif before
      hwdev is null checked.  Fix this by only derefencing hwdev after the
      null check.
      
      Addresses-Coverity: ("Dereference before null check")
      Fixes: 4fdc51bb ("hinic: add support for rss parameters with ethtool")
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      137e4e1a
  3. 22 Jun, 2019 13 commits
    • David S. Miller's avatar
      Merge branch 'net-mediatek-Add-MT7621-TRGMII-mode-support' · 969b15b0
      David S. Miller authored
      René van Dorst says:
      
      ====================
      net: mediatek: Add MT7621 TRGMII mode support
      
      Like many other mediatek SOCs, the MT7621 SOC and the internal MT7530
      switch both supports TRGMII mode. MT7621 TRGMII speed is fix 1200MBit.
      
      v1->v2:
       - Fix breakage on non MT7621 SOC
       - Support 25MHz and 40MHz XTAL as MT7530 clocksource
      ====================
      Tested-by: default avatar"Frank Wunderlich" <frank-w@public-files.de>
      Acked-by: default avatarSean Wang <sean.wang@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      969b15b0
    • René van Dorst's avatar
      net: dsa: mt7530: Add MT7621 TRGMII mode support · 7ef6f6f8
      René van Dorst authored
      This patch add support TRGMII mode for MT7621 internal MT7530 switch.
      MT7621 TRGMII has only one fix speed mode of 1200MBit.
      
      Also adding support for mt7530 25MHz and 40MHz crystal clocksource.
      Values are based on Banana Pi R2 bsp [1].
      
      Don't change MT7623 registers on a MT7621 device.
      
      [1] https://github.com/BPI-SINOVOIP/BPI-R2-bsp/blob/master/linux-mt/drivers/net/ethernet/mediatek/gsw_mt7623.c#L769Signed-off-by: default avatarRené van Dorst <opensource@vdorst.com>
      Tested-by: default avatarFrank Wunderlich <frank-w@public-files.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ef6f6f8
    • René van Dorst's avatar
      net: ethernet: mediatek: Add MT7621 TRGMII mode support · 8efaa653
      René van Dorst authored
      MT7621 SOC also supports TRGMII.
      TRGMII speed is 1200MBit.
      Signed-off-by: default avatarRené van Dorst <opensource@vdorst.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8efaa653
    • Li RongQing's avatar
      netns: restore ops before calling ops_exit_list · b272a0ad
      Li RongQing authored
      ops has been iterated to first element when call pre_exit, and
      it needs to restore from save_ops, not save ops to save_ops
      
      Fixes: d7d99872 ("netns: add pre_exit method to struct pernet_operations")
      Signed-off-by: default avatarLi RongQing <lirongqing@baidu.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b272a0ad
    • Ido Schimmel's avatar
      ipv6: Error when route does not have any valid nexthops · 9eee3b49
      Ido Schimmel authored
      When user space sends invalid information in RTA_MULTIPATH, the nexthop
      list in ip6_route_multipath_add() is empty and 'rt_notif' is set to
      NULL.
      
      The code that emits the in-kernel notifications does not check for this
      condition, which results in a NULL pointer dereference [1].
      
      Fix this by bailing earlier in the function if the parsed nexthop list
      is empty. This is consistent with the corresponding IPv4 code.
      
      v2:
      * Check if parsed nexthop list is empty and bail with extack set
      
      [1]
      kasan: CONFIG_KASAN_INLINE enabled
      kasan: GPF could be caused by NULL-ptr deref or user memory access
      general protection fault: 0000 [#1] PREEMPT SMP KASAN
      CPU: 0 PID: 9190 Comm: syz-executor149 Not tainted 5.2.0-rc5+ #38
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
      Google 01/01/2011
      RIP: 0010:call_fib6_multipath_entry_notifiers+0xd1/0x1a0
      net/ipv6/ip6_fib.c:396
      Code: 8b b5 30 ff ff ff 48 c7 85 68 ff ff ff 00 00 00 00 48 c7 85 70 ff ff
      ff 00 00 00 00 89 45 88 4c 89 e0 48 c1 e8 03 4c 89 65 80 <42> 80 3c 28 00
      0f 85 9a 00 00 00 48 b8 00 00 00 00 00 fc ff df 4d
      RSP: 0018:ffff88809788f2c0 EFLAGS: 00010246
      RAX: 0000000000000000 RBX: 1ffff11012f11e59 RCX: 00000000ffffffff
      RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
      RBP: ffff88809788f390 R08: ffff88809788f8c0 R09: 000000000000000c
      R10: ffff88809788f5d8 R11: ffff88809788f527 R12: 0000000000000000
      R13: dffffc0000000000 R14: ffff88809788f8c0 R15: ffffffff89541d80
      FS:  000055555632c880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 0000000020000080 CR3: 000000009ba7c000 CR4: 00000000001406f0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
      Call Trace:
        ip6_route_multipath_add+0xc55/0x1490 net/ipv6/route.c:5094
        inet6_rtm_newroute+0xed/0x180 net/ipv6/route.c:5208
        rtnetlink_rcv_msg+0x463/0xb00 net/core/rtnetlink.c:5219
        netlink_rcv_skb+0x177/0x450 net/netlink/af_netlink.c:2477
        rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5237
        netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
        netlink_unicast+0x531/0x710 net/netlink/af_netlink.c:1328
        netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1917
        sock_sendmsg_nosec net/socket.c:646 [inline]
        sock_sendmsg+0xd7/0x130 net/socket.c:665
        ___sys_sendmsg+0x803/0x920 net/socket.c:2286
        __sys_sendmsg+0x105/0x1d0 net/socket.c:2324
        __do_sys_sendmsg net/socket.c:2333 [inline]
        __se_sys_sendmsg net/socket.c:2331 [inline]
        __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2331
        do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301
        entry_SYSCALL_64_after_hwframe+0x49/0xbe
      RIP: 0033:0x4401f9
      Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7
      48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
      ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
      RSP: 002b:00007ffc09fd0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
      RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
      RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
      RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
      R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
      R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
      
      Reported-by: syzbot+382566d339d52cd1a204@syzkaller.appspotmail.com
      Fixes: ebee3cad ("ipv6: Add IPv6 multipath notifications for add / replace")
      Signed-off-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Reviewed-by: default avatarJiri Pirko <jiri@mellanox.com>
      Reviewed-by: default avatarDavid Ahern <dsahern@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9eee3b49
    • Greg Kroah-Hartman's avatar
      fjes: no need to check return value of debugfs_create functions · de467c11
      Greg Kroah-Hartman authored
      When calling debugfs functions, there is no need to ever check the
      return value.  The function can work or not, but the code logic should
      never do something different based on this.
      
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Yangtao Li <tiny.windzz@gmail.com>
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      de467c11
    • Ard Biesheuvel's avatar
      net: fastopen: robustness and endianness fixes for SipHash · 438ac880
      Ard Biesheuvel authored
      Some changes to the TCP fastopen code to make it more robust
      against future changes in the choice of key/cookie size, etc.
      
      - Instead of keeping the SipHash key in an untyped u8[] buffer
        and casting it to the right type upon use, use the correct
        type directly. This ensures that the key will appear at the
        correct alignment if we ever change the way these data
        structures are allocated. (Currently, they are only allocated
        via kmalloc so they always appear at the correct alignment)
      
      - Use DIV_ROUND_UP when sizing the u64[] array to hold the
        cookie, so it is always of sufficient size, even if
        TCP_FASTOPEN_COOKIE_MAX is no longer a multiple of 8.
      
      - Drop the 'len' parameter from the tcp_fastopen_reset_cipher()
        function, which is no longer used.
      
      - Add endian swabbing when setting the keys and calculating the hash,
        to ensure that cookie values are the same for a given key and
        source/destination address pair regardless of the endianness of
        the server.
      
      Note that none of these are functional changes wrt the current
      state of the code, with the exception of the swabbing, which only
      affects big endian systems.
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      438ac880
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 92ad6325
      David S. Miller authored
      Minor SPDX change conflict.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      92ad6325
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · c356dc4b
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Fix leak of unqueued fragments in ipv6 nf_defrag, from Guillaume
          Nault.
      
       2) Don't access the DDM interface unless the transceiver implements it
          in bnx2x, from Mauro S. M. Rodrigues.
      
       3) Don't double fetch 'len' from userspace in sock_getsockopt(), from
          JingYi Hou.
      
       4) Sign extension overflow in lio_core, from Colin Ian King.
      
       5) Various netem bug fixes wrt. corrupted packets from Jakub Kicinski.
      
       6) Fix epollout hang in hvsock, from Sunil Muthuswamy.
      
       7) Fix regression in default fib6_type, from David Ahern.
      
       8) Handle memory limits in tcp_fragment more appropriately, from Eric
          Dumazet.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (24 commits)
        tcp: refine memory limit test in tcp_fragment()
        inet: clear num_timeout reqsk_alloc()
        net: mvpp2: debugfs: Add pmap to fs dump
        ipv6: Default fib6_type to RTN_UNICAST when not set
        net: hns3: Fix inconsistent indenting
        net/af_iucv: always register net_device notifier
        net/af_iucv: build proper skbs for HiperTransport
        net/af_iucv: remove GFP_DMA restriction for HiperTransport
        net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
        hvsock: fix epollout hang from race condition
        net/udp_gso: Allow TX timestamp with UDP GSO
        net: netem: fix use after free and double free with packet corruption
        net: netem: fix backlog accounting for corrupted GSO frames
        net: lio_core: fix potential sign-extension overflow on large shift
        tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
        ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
        ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
        tun: wake up waitqueues after IFF_UP is set
        net: remove duplicate fetch in sock_getsockopt
        tipc: fix issues with early FAILOVER_MSG from peer
        ...
      c356dc4b
    • David S. Miller's avatar
      Merge branch 'PCI-let-pci_disable_link_state-propagate-errors' · e0effb5f
      David S. Miller authored
      Heiner Kallweit says:
      
      ====================
      PCI: let pci_disable_link_state propagate errors
      
      Drivers like r8169 rely on pci_disable_link_state() having disabled
      certain ASPM link states. If OS can't control ASPM then
      pci_disable_link_state() turns into a no-op w/o informing the caller.
      The driver therefore may falsely assume the respective ASPM link
      states are disabled. Let pci_disable_link_state() propagate errors
      to the caller, enabling the caller to react accordingly.
      
      I'd propose to let this series go through the netdev tree if the PCI
      core extension is acked by the PCI people.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e0effb5f
    • Heiner Kallweit's avatar
      r8169: don't activate ASPM in chip if OS can't control ASPM · 62b1b3b3
      Heiner Kallweit authored
      Certain chip version / board combinations have massive problems if
      ASPM is active. If BIOS enables ASPM and doesn't let OS control it,
      then we may have a problem with the current code. Therefore check the
      return code of pci_disable_link_state() and don't enable ASPM in the
      network chip if OS can't control ASPM.
      Signed-off-by: default avatarHeiner Kallweit <hkallweit1@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      62b1b3b3
    • Heiner Kallweit's avatar
      PCI: let pci_disable_link_state propagate errors · 4cfd2188
      Heiner Kallweit authored
      Drivers may rely on pci_disable_link_state() having disabled certain
      ASPM link states. If OS can't control ASPM then pci_disable_link_state()
      turns into a no-op w/o informing the caller. The driver therefore may
      falsely assume the respective ASPM link states are disabled.
      Let pci_disable_link_state() propagate errors to the caller, enabling
      the caller to react accordingly.
      Signed-off-by: default avatarHeiner Kallweit <hkallweit1@gmail.com>
      Acked-by: default avatarBjorn Helgaas <bhelgaas@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4cfd2188
    • Eric Dumazet's avatar
      tcp: refine memory limit test in tcp_fragment() · b6653b36
      Eric Dumazet authored
      tcp_fragment() might be called for skbs in the write queue.
      
      Memory limits might have been exceeded because tcp_sendmsg() only
      checks limits at full skb (64KB) boundaries.
      
      Therefore, we need to make sure tcp_fragment() wont punish applications
      that might have setup very low SO_SNDBUF values.
      
      Fixes: f070ef2a ("tcp: tcp_fragment() should apply sane memory limits")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarChristoph Paasch <cpaasch@apple.com>
      Tested-by: default avatarChristoph Paasch <cpaasch@apple.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b6653b36
  4. 21 Jun, 2019 13 commits
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma · 121bddf3
      Linus Torvalds authored
      Pull rdma fixes from Doug Ledford:
       "This is probably our last -rc pull request. We don't have anything
        else outstanding at the moment anyway, and with the summer months on
        us and people taking trips, I expect the next weeks leading up to the
        merge window to be pretty calm and sedate.
      
        This has two simple, no brainer fixes for the EFA driver.
      
        Then it has ten not quite so simple fixes for the hfi1 driver. The
        problem with them is that they aren't simply one liner typo fixes.
        They're still fixes, but they're more complex issues like livelock
        under heavy load where the answer was to change work queue usage and
        spinlock usage to resolve the problem, or issues with orphaned
        requests during certain types of failures like link down which
        required some more complex work to fix too. They all look like
        legitimate fixes to me, they just aren't small like I wish they were.
      
        Summary:
      
         - 2 minor EFA fixes
      
         - 10 hfi1 fixes related to scaling issues"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
        RDMA/efa: Handle mmap insertions overflow
        RDMA/efa: Fix success return value in case of error
        IB/hfi1: Handle port down properly in pio
        IB/hfi1: Handle wakeup of orphaned QPs for pio
        IB/hfi1: Wakeup QPs orphaned on wait list after flush
        IB/hfi1: Use aborts to trigger RC throttling
        IB/hfi1: Create inline to get extended headers
        IB/hfi1: Silence txreq allocation warnings
        IB/hfi1: Avoid hardlockup with flushlist_lock
        IB/hfi1: Correct tid qp rcd to match verbs context
        IB/hfi1: Close PSM sdma_progress sleep window
        IB/hfi1: Validate fault injection opcode user input
      121bddf3
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-5.2-3' of git://git.linux-nfs.org/projects/anna/linux-nfs · c036f7da
      Linus Torvalds authored
      Pull more NFS client fixes from Anna Schumaker:
       "These are mostly refcounting issues that people have found recently.
        The revert fixes a suspend recovery performance issue.
      
         - SUNRPC: Fix a credential refcount leak
      
         - Revert "SUNRPC: Declare RPC timers as TIMER_DEFERRABLE"
      
         - SUNRPC: Fix xps refcount imbalance on the error path
      
         - NFS4: Only set creation opendata if O_CREAT"
      
      * tag 'nfs-for-5.2-3' of git://git.linux-nfs.org/projects/anna/linux-nfs:
        SUNRPC: Fix a credential refcount leak
        Revert "SUNRPC: Declare RPC timers as TIMER_DEFERRABLE"
        net :sunrpc :clnt :Fix xps refcount imbalance on the error path
        NFS4: Only set creation opendata if O_CREAT
      c036f7da
    • Andy Lutomirski's avatar
      x86/vdso: Prevent segfaults due to hoisted vclock reads · ff17bbe0
      Andy Lutomirski authored
      GCC 5.5.0 sometimes cleverly hoists reads of the pvclock and/or hvclock
      pages before the vclock mode checks.  This creates a path through
      vclock_gettime() in which no vclock is enabled at all (due to disabled
      TSC on old CPUs, for example) but the pvclock or hvclock page
      nevertheless read.  This will segfault on bare metal.
      
      This fixes commit 459e3a21 ("gcc-9: properly declare the
      {pv,hv}clock_page storage") in the sense that, before that commit, GCC
      didn't seem to generate the offending code.  There was nothing wrong
      with that commit per se, and -stable maintainers should backport this to
      all supported kernels regardless of whether the offending commit was
      present, since the same crash could just as easily be triggered by the
      phase of the moon.
      
      On GCC 9.1.1, this doesn't seem to affect the generated code at all, so
      I'm not too concerned about performance regressions from this fix.
      
      Cc: stable@vger.kernel.org
      Cc: x86@kernel.org
      Cc: Borislav Petkov <bp@alien8.de>
      Reported-by: default avatarDuncan Roe <duncan_roe@optusnet.com.au>
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ff17bbe0
    • Trond Myklebust's avatar
      SUNRPC: Fix a credential refcount leak · 19d55046
      Trond Myklebust authored
      All callers of __rpc_clone_client() pass in a value for args->cred,
      meaning that the credential gets assigned and referenced in
      the call to rpc_new_client().
      Reported-by: default avatarIdo Schimmel <idosch@idosch.org>
      Fixes: 79caa5fa ("SUNRPC: Cache cred of process creating the rpc_client")
      Signed-off-by: default avatarTrond Myklebust <trond.myklebust@hammerspace.com>
      Tested-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarAnna Schumaker <Anna.Schumaker@Netapp.com>
      19d55046
    • Anna Schumaker's avatar
      Revert "SUNRPC: Declare RPC timers as TIMER_DEFERRABLE" · 502980e8
      Anna Schumaker authored
      Jon Hunter reports:
        "I have been noticing intermittent failures with a system suspend test on
         some of our machines that have a NFS mounted root file-system. Bisecting
         this issue points to your commit 43123581 ("SUNRPC: Declare RPC
         timers as TIMER_DEFERRABLE") and reverting this on top of v5.2-rc3 does
         appear to resolve the problem.
      
         The cause of the suspend failure appears to be a long delay observed
         sometimes when resuming from suspend, and this is causing our test to
         timeout."
      
      This reverts commit 43123581.
      Reported-by: default avatarJon Hunter <jonathanh@nvidia.com>
      Signed-off-by: default avatarAnna Schumaker <Anna.Schumaker@Netapp.com>
      502980e8
    • Lin Yi's avatar
      net :sunrpc :clnt :Fix xps refcount imbalance on the error path · b9622614
      Lin Yi authored
      rpc_clnt_add_xprt take a reference to struct rpc_xprt_switch, but forget
      to release it before return, may lead to a memory leak.
      Signed-off-by: default avatarLin Yi <teroincn@163.com>
      Signed-off-by: default avatarAnna Schumaker <Anna.Schumaker@Netapp.com>
      b9622614
    • Benjamin Coddington's avatar
      NFS4: Only set creation opendata if O_CREAT · 90910519
      Benjamin Coddington authored
      We can end up in nfs4_opendata_alloc during task exit, in which case
      current->fs has already been cleaned up.  This leads to a crash in
      current_umask().
      
      Fix this by only setting creation opendata if we are actually doing an open
      with O_CREAT.  We can drop the check for NULL nfs4_open_createattrs, since
      O_CREAT will never be set for the recovery path.
      Suggested-by: default avatarTrond Myklebust <trondmy@hammerspace.com>
      Signed-off-by: default avatarBenjamin Coddington <bcodding@redhat.com>
      Signed-off-by: default avatarAnna Schumaker <Anna.Schumaker@Netapp.com>
      90910519
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm · a4c33bbb
      Linus Torvalds authored
      Pull ARM fix from Russell King:
       "Just one ARM fix this time around for Jason Donenfeld, fixing a
        problem with the VDSO generation on big endian"
      
      * tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
        ARM: 8867/1: vdso: pass --be8 to linker if necessary
      a4c33bbb
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-2019-06-21' of git://anongit.freedesktop.org/drm/drm · 0728f6c3
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "Just catching up on the week since back from holidays, everything
        seems quite sane.
      
        core:
         - copy_to_user fix for really legacy codepaths.
      
        vmwgfx:
         - two dma fixes
         - one virt hw interaction fix
      
        i915:
         - modesetting fix
         - gvt fix
      
        panfrost:
         - BO unmapping fix
      
        imx:
         - image converter fixes"
      
      * tag 'drm-fixes-2019-06-21' of git://anongit.freedesktop.org/drm/drm:
        drm/i915: Don't clobber M/N values during fastset check
        drm: return -EFAULT if copy_to_user() fails
        drm/panfrost: Make sure a BO is only unmapped when appropriate
        drm/i915/gvt: ignore unexpected pvinfo write
        gpu: ipu-v3: image-convert: Fix image downsize coefficients
        gpu: ipu-v3: image-convert: Fix input bytesperline for packed formats
        gpu: ipu-v3: image-convert: Fix input bytesperline width/height align
        drm/vmwgfx: fix a warning due to missing dma_parms
        drm/vmwgfx: Honor the sg list segment size limitation
        drm/vmwgfx: Use the backdoor port if the HB port is not available
      0728f6c3
    • Linus Torvalds's avatar
      Merge tag 'staging-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · db54615e
      Linus Torvalds authored
      Pull staging/IIO/counter fixes from Greg KH:
       "Here are some small driver bugfixes for some staging/iio/counter
        drivers.
      
        Staging and IIO have been lumped together for a while, as those
        subsystems cross the areas a log, and counter is used by IIO, so
        that's why they are all in one pull request here.
      
        These are small fixes for reported issues in some iio drivers, the
        erofs filesystem, and a build issue for counter code.
      
        All have been in linux-next with no reported issues"
      
      * tag 'staging-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        staging: erofs: add requirements field in superblock
        counter/ftm-quaddec: Add missing dependencies in Kconfig
        staging: iio: adt7316: Fix build errors when GPIOLIB is not set
        iio: temperature: mlx90632 Relax the compatibility check
        iio: imu: st_lsm6dsx: fix PM support for st_lsm6dsx i2c controller
        staging:iio:ad7150: fix threshold mode config bit
      db54615e
    • Linus Torvalds's avatar
      Merge tag 'char-misc-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc · b7b8a44f
      Linus Torvalds authored
      Pull char/misc driver fixes from Greg KH:
       "Here are a number of small driver fixes for 5.2-rc6
      
        Nothing major, just fixes for reported issues:
         - soundwire fixes
         - thunderbolt fixes
         - MAINTAINERS update for fpga maintainer change
         - binder bugfix
         - habanalabs 64bit pointer fix
         - documentation updates
      
        All of these have been in linux-next with no reported issues"
      
      * tag 'char-misc-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
        habanalabs: use u64_to_user_ptr() for reading user pointers
        doc: fix documentation about UIO_MEM_LOGICAL using
        MAINTAINERS / Documentation: Thorsten Scherer is the successor of Gavin Schenk
        docs: fb: Add TER16x32 to the available font names
        MAINTAINERS: fpga: hand off maintainership to Moritz
        thunderbolt: Implement CIO reset correctly for Titan Ridge
        binder: fix possible UAF when freeing buffer
        thunderbolt: Make sure device runtime resume completes before taking domain lock
        soundwire: intel: set dai min and max channels correctly
        soundwire: stream: fix bad unlock balance
        soundwire: stream: fix out of boundary access on port properties
      b7b8a44f
    • Linus Torvalds's avatar
      Merge tag 'usb-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · cf242421
      Linus Torvalds authored
      Pull USB fixes from Greg KH:
       "Here are four small USB fixes for 5.2-rc6.
      
        They include two xhci bugfixes, a chipidea fix, and a small dwc2 fix.
        Nothing major, just nice things to get resolved for reported issues.
      
        All have been in linux-next with no reported issues"
      
      * tag 'usb-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        xhci: detect USB 3.2 capable host controllers correctly
        usb: xhci: Don't try to recover an endpoint if port is in error state.
        usb: dwc2: Use generic PHY width in params setup
        usb: chipidea: udc: workaround for endpoint conflict issue
      cf242421
    • Linus Torvalds's avatar
      Merge tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx · c884d8ac
      Linus Torvalds authored
      Pull still more SPDX updates from Greg KH:
       "Another round of SPDX updates for 5.2-rc6
      
        Here is what I am guessing is going to be the last "big" SPDX update
        for 5.2. It contains all of the remaining GPLv2 and GPLv2+ updates
        that were "easy" to determine by pattern matching. The ones after this
        are going to be a bit more difficult and the people on the spdx list
        will be discussing them on a case-by-case basis now.
      
        Another 5000+ files are fixed up, so our overall totals are:
      	Files checked:            64545
      	Files with SPDX:          45529
      
        Compared to the 5.1 kernel which was:
      	Files checked:            63848
      	Files with SPDX:          22576
      
        This is a huge improvement.
      
        Also, we deleted another 20000 lines of boilerplate license crud,
        always nice to see in a diffstat"
      
      * tag 'spdx-5.2-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx: (65 commits)
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 507
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 506
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 505
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 504
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 503
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 502
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 501
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 499
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 498
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 496
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 495
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 491
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 490
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 489
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 488
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 487
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 486
        treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 485
        ...
      c884d8ac