1. 23 Jan, 2023 1 commit
    • Pablo Neira Ayuso's avatar
      netfilter: nft_set_rbtree: Switch to node list walk for overlap detection · c9e6978e
      Pablo Neira Ayuso authored
      ...instead of a tree descent, which became overly complicated in an
      attempt to cover cases where expired or inactive elements would affect
      comparisons with the new element being inserted.
      
      Further, it turned out that it's probably impossible to cover all those
      cases, as inactive nodes might entirely hide subtrees consisting of a
      complete interval plus a node that makes the current insertion not
      overlap.
      
      To speed up the overlap check, descent the tree to find a greater
      element that is closer to the key value to insert. Then walk down the
      node list for overlap detection. Starting the overlap check from
      rb_first() unconditionally is slow, it takes 10 times longer due to the
      full linear traversal of the list.
      
      Moreover, perform garbage collection of expired elements when walking
      down the node list to avoid bogus overlap reports.
      
      For the insertion operation itself, this essentially reverts back to the
      implementation before commit 7c84d414 ("netfilter: nft_set_rbtree:
      Detect partial overlaps on insertion"), except that cases of complete
      overlap are already handled in the overlap detection phase itself, which
      slightly simplifies the loop to find the insertion point.
      
      Based on initial patch from Stefano Brivio, including text from the
      original patch description too.
      
      Fixes: 7c84d414 ("netfilter: nft_set_rbtree: Detect partial overlaps on insertion")
      Reviewed-by: default avatarStefano Brivio <sbrivio@redhat.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      c9e6978e
  2. 21 Jan, 2023 4 commits
  3. 20 Jan, 2023 13 commits
    • Linus Torvalds's avatar
      Merge tag 'net-6.2-rc5-2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 5deaa985
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Including fixes from wireless, bluetooth, bpf and netfilter.
      
        Current release - regressions:
      
         - Revert "net: team: use IFF_NO_ADDRCONF flag to prevent ipv6
           addrconf", fix nsna_ping mode of team
      
         - wifi: mt76: fix bugs in Rx queue handling and DMA mapping
      
         - eth: mlx5:
            - add missing mutex_unlock in error reporter
            - protect global IPsec ASO with a lock
      
        Current release - new code bugs:
      
         - rxrpc: fix wrong error return in rxrpc_connect_call()
      
        Previous releases - regressions:
      
         - bluetooth: hci_sync: fix use of HCI_OP_LE_READ_BUFFER_SIZE_V2
      
         - wifi:
            - mac80211: fix crashes on Rx due to incorrect initialization of
              rx->link and rx->link_sta
            - mac80211: fix bugs in iTXQ conversion - Tx stalls, incorrect
              aggregation handling, crashes
            - brcmfmac: fix regression for Broadcom PCIe wifi devices
            - rndis_wlan: prevent buffer overflow in rndis_query_oid
      
         - netfilter: conntrack: handle tcp challenge acks during connection
           reuse
      
         - sched: avoid grafting on htb_destroy_class_offload when destroying
      
         - virtio-net: correctly enable callback during start_xmit, fix stalls
      
         - tcp: avoid the lookup process failing to get sk in ehash table
      
         - ipa: disable ipa interrupt during suspend
      
         - eth: stmmac: enable all safety features by default
      
        Previous releases - always broken:
      
         - bpf:
            - fix pointer-leak due to insufficient speculative store bypass
              mitigation (Spectre v4)
            - skip task with pid=1 in send_signal_common() to avoid a splat
            - fix BPF program ID information in BPF_AUDIT_UNLOAD as well as
              PERF_BPF_EVENT_PROG_UNLOAD events
            - fix potential deadlock in htab_lock_bucket from same bucket
              index but different map_locked index
      
         - bluetooth:
            - fix a buffer overflow in mgmt_mesh_add()
            - hci_qca: fix driver shutdown on closed serdev
            - ISO: fix possible circular locking dependency
            - CIS: hci_event: fix invalid wait context
      
         - wifi: brcmfmac: fixes for survey dump handling
      
         - mptcp: explicitly specify sock family at subflow creation time
      
         - netfilter: nft_payload: incorrect arithmetics when fetching VLAN
           header bits
      
         - tcp: fix rate_app_limited to default to 1
      
         - l2tp: close all race conditions in l2tp_tunnel_register()
      
         - eth: mlx5: fixes for QoS config and eswitch configuration
      
         - eth: enetc: avoid deadlock in enetc_tx_onestep_tstamp()
      
         - eth: stmmac: fix invalid call to mdiobus_get_phy()
      
        Misc:
      
         - ethtool: add netlink attr in rss get reply only if the value is not
           empty"
      
      * tag 'net-6.2-rc5-2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (88 commits)
        Revert "Merge branch 'octeontx2-af-CPT'"
        tcp: fix rate_app_limited to default to 1
        bnxt: Do not read past the end of test names
        net: stmmac: enable all safety features by default
        octeontx2-af: add mbox to return CPT_AF_FLT_INT info
        octeontx2-af: update cpt lf alloc mailbox
        octeontx2-af: restore rxc conf after teardown sequence
        octeontx2-af: optimize cpt pf identification
        octeontx2-af: modify FLR sequence for CPT
        octeontx2-af: add mbox for CPT LF reset
        octeontx2-af: recover CPT engine when it gets fault
        net: dsa: microchip: ksz9477: port map correction in ALU table entry register
        selftests/net: toeplitz: fix race on tpacket_v3 block close
        net/ulp: use consistent error code when blocking ULP
        octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt
        tcp: avoid the lookup process failing to get sk in ehash table
        Revert "net: team: use IFF_NO_ADDRCONF flag to prevent ipv6 addrconf"
        MAINTAINERS: add networking entries for Willem
        net: sched: gred: prevent races when adding offloads to stats
        l2tp: prevent lockdep issue in l2tp_tunnel_register()
        ...
      5deaa985
    • Jakub Kicinski's avatar
      Revert "Merge branch 'octeontx2-af-CPT'" · 45a919bb
      Jakub Kicinski authored
      This reverts commit b4fbf0b2, reversing
      changes made to 6c977c5c.
      
      This seems like net-next material.
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      45a919bb
    • David Morley's avatar
      tcp: fix rate_app_limited to default to 1 · 300b655d
      David Morley authored
      The initial default value of 0 for tp->rate_app_limited was incorrect,
      since a flow is indeed application-limited until it first sends
      data. Fixing the default to be 1 is generally correct but also
      specifically will help user-space applications avoid using the initial
      tcpi_delivery_rate value of 0 that persists until the connection has
      some non-zero bandwidth sample.
      
      Fixes: eb8329e0 ("tcp: export data delivery rate")
      Suggested-by: default avatarYuchung Cheng <ycheng@google.com>
      Signed-off-by: default avatarDavid Morley <morleyd@google.com>
      Signed-off-by: default avatarNeal Cardwell <ncardwell@google.com>
      Tested-by: default avatarDavid Morley <morleyd@google.com>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      300b655d
    • Kees Cook's avatar
      bnxt: Do not read past the end of test names · d3e599c0
      Kees Cook authored
      Test names were being concatenated based on a offset beyond the end of
      the first name, which tripped the buffer overflow detection logic:
      
       detected buffer overflow in strnlen
       [...]
       Call Trace:
       bnxt_ethtool_init.cold+0x18/0x18
      
      Refactor struct hwrm_selftest_qlist_output to use an actual array,
      and adjust the concatenation to use snprintf() rather than a series of
      strncat() calls.
      Reported-by: default avatarNiklas Cassel <Niklas.Cassel@wdc.com>
      Link: https://lore.kernel.org/lkml/Y8F%2F1w1AZTvLglFX@x1-carbon/Tested-by: default avatarNiklas Cassel <Niklas.Cassel@wdc.com>
      Fixes: eb513658 ("bnxt_en: Add basic ethtool -t selftest support.")
      Cc: Michael Chan <michael.chan@broadcom.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Jakub Kicinski <kuba@kernel.org>
      Cc: Paolo Abeni <pabeni@redhat.com>
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Reviewed-by: default avatarMichael Chan <michael.chan@broadcom.com>
      Reviewed-by: default avatarNiklas Cassel <niklas.cassel@wdc.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d3e599c0
    • Andrew Halaney's avatar
      net: stmmac: enable all safety features by default · fdfc76a1
      Andrew Halaney authored
      In the original implementation of dwmac5
      commit 8bf993a5 ("net: stmmac: Add support for DWMAC5 and implement Safety Features")
      all safety features were enabled by default.
      
      Later it seems some implementations didn't have support for all the
      features, so in
      commit 5ac712dc ("net: stmmac: enable platform specific safety features")
      the safety_feat_cfg structure was added to the callback and defined for
      some platforms to selectively enable these safety features.
      
      The problem is that only certain platforms were given that software
      support. If the automotive safety package bit is set in the hardware
      features register the safety feature callback is called for the platform,
      and for platforms that didn't get a safety_feat_cfg defined this results
      in the following NULL pointer dereference:
      
      [    7.933303] Call trace:
      [    7.935812]  dwmac5_safety_feat_config+0x20/0x170 [stmmac]
      [    7.941455]  __stmmac_open+0x16c/0x474 [stmmac]
      [    7.946117]  stmmac_open+0x38/0x70 [stmmac]
      [    7.950414]  __dev_open+0x100/0x1dc
      [    7.954006]  __dev_change_flags+0x18c/0x204
      [    7.958297]  dev_change_flags+0x24/0x6c
      [    7.962237]  do_setlink+0x2b8/0xfa4
      [    7.965827]  __rtnl_newlink+0x4ec/0x840
      [    7.969766]  rtnl_newlink+0x50/0x80
      [    7.973353]  rtnetlink_rcv_msg+0x12c/0x374
      [    7.977557]  netlink_rcv_skb+0x5c/0x130
      [    7.981500]  rtnetlink_rcv+0x18/0x2c
      [    7.985172]  netlink_unicast+0x2e8/0x340
      [    7.989197]  netlink_sendmsg+0x1a8/0x420
      [    7.993222]  ____sys_sendmsg+0x218/0x280
      [    7.997249]  ___sys_sendmsg+0xac/0x100
      [    8.001103]  __sys_sendmsg+0x84/0xe0
      [    8.004776]  __arm64_sys_sendmsg+0x24/0x30
      [    8.008983]  invoke_syscall+0x48/0x114
      [    8.012840]  el0_svc_common.constprop.0+0xcc/0xec
      [    8.017665]  do_el0_svc+0x38/0xb0
      [    8.021071]  el0_svc+0x2c/0x84
      [    8.024212]  el0t_64_sync_handler+0xf4/0x120
      [    8.028598]  el0t_64_sync+0x190/0x194
      
      Go back to the original behavior, if the automotive safety package
      is found to be supported in hardware enable all the features unless
      safety_feat_cfg is passed in saying this particular platform only
      supports a subset of the features.
      
      Fixes: 5ac712dc ("net: stmmac: enable platform specific safety features")
      Reported-by: default avatarNing Cai <ncai@quicinc.com>
      Signed-off-by: default avatarAndrew Halaney <ahalaney@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fdfc76a1
    • David S. Miller's avatar
      Merge branch 'octeontx2-af-CPT' · b4fbf0b2
      David S. Miller authored
      Srujana Challa says:
      
      ====================
      octeontx2-af: Miscellaneous changes for CPT
      
      This patchset consists of miscellaneous changes for CPT.
      - Adds a new mailbox to reset the requested CPT LF.
      - Modify FLR sequence as per HW team suggested.
      - Adds support to recover CPT engines when they gets fault.
      - Updates CPT inbound inline IPsec configuration mailbox,
        as per new generation of the OcteonTX2 chips.
      - Adds a new mailbox to return CPT FLT Interrupt info.
      
      ---
      v2:
      - Addressed a review comment.
      v1:
      - Dropped patch "octeontx2-af: Fix interrupt name strings completely"
        to submit to net.
      ---
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b4fbf0b2
    • Srujana Challa's avatar
      octeontx2-af: add mbox to return CPT_AF_FLT_INT info · 8299ffe3
      Srujana Challa authored
      CPT HW would trigger the CPT AF FLT interrupt when CPT engines
      hits some uncorrectable errors and AF is the one which receives
      the interrupt and recovers the engines.
      This patch adds a mailbox for CPT VFs to request for CPT faulted
      and recovered engines info.
      Signed-off-by: default avatarSrujana Challa <schalla@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8299ffe3
    • Srujana Challa's avatar
      octeontx2-af: update cpt lf alloc mailbox · c0688ec0
      Srujana Challa authored
      The CN10K CPT coprocessor contains a context processor
      to accelerate updates to the IPsec security association
      contexts. The context processor contains a context cache.
      This patch updates CPT LF ALLOC mailbox to config ctx_ilen
      requested by VFs. CPT_LF_ALLOC:ctx_ilen is the size of
      initial context fetch.
      Signed-off-by: default avatarSrujana Challa <schalla@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c0688ec0
    • Nithin Dabilpuram's avatar
      octeontx2-af: restore rxc conf after teardown sequence · d5b2e0a2
      Nithin Dabilpuram authored
      CN10K CPT coprocessor includes a component named RXC which
      is responsible for reassembly of inner IP packets. RXC has
      the feature to evict oldest entries based on age/threshold.
      The age/threshold is being set to minimum values to evict
      all entries at the time of teardown.
      This patch adds code to restore timeout and threshold config
      after teardown sequence is complete as it is global config.
      Signed-off-by: default avatarNithin Dabilpuram <ndabilpuram@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d5b2e0a2
    • Srujana Challa's avatar
      octeontx2-af: optimize cpt pf identification · 9adb04ff
      Srujana Challa authored
      Optimize CPT PF identification in mbox handling for faster
      mbox response by doing it at AF driver probe instead of
      every mbox message.
      Signed-off-by: default avatarSrujana Challa <schalla@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9adb04ff
    • Srujana Challa's avatar
      octeontx2-af: modify FLR sequence for CPT · 1286c50a
      Srujana Challa authored
      On OcteonTX2 platform CPT instruction enqueue is only
      possible via LMTST operations.
      The existing FLR sequence mentioned in HRM requires
      a dummy LMTST to CPT but LMTST can't be submitted from
      AF driver. So, HW team provided a new sequence to avoid
      dummy LMTST. This patch adds code for the same.
      Signed-off-by: default avatarSrujana Challa <schalla@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1286c50a
    • Srujana Challa's avatar
      octeontx2-af: add mbox for CPT LF reset · f58cf765
      Srujana Challa authored
      On OcteonTX2 SoC, the admin function (AF) is the only one with all
      priviliges to configure HW and alloc resources, PFs and it's VFs
      have to request AF via mailbox for all their needs.
      This patch adds a new mailbox for CPT VFs to request for CPT LF
      reset.
      Signed-off-by: default avatarSrujana Challa <schalla@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f58cf765
    • Srujana Challa's avatar
      octeontx2-af: recover CPT engine when it gets fault · 07ea567d
      Srujana Challa authored
      When CPT engine has uncorrectable errors, it will get halted and
      must be disabled and re-enabled. This patch adds code for the same.
      Signed-off-by: default avatarSrujana Challa <schalla@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      07ea567d
  4. 19 Jan, 2023 16 commits
  5. 18 Jan, 2023 6 commits