- 11 Oct, 2017 12 commits
-
-
Egil Hjelmeland authored
When both user ports are joined to the same bridge, the normal HW MAC learning is enabled. This means that unicast traffic is forwarded in HW. If one of the user ports leave the bridge, the ports goes back to the initial separated operation. Port separation relies on disabled HW MAC learning. Hence the condition that both ports must join same bridge. Add brigde methods port_bridge_join, port_bridge_leave and port_stp_state_set. Signed-off-by:
Egil Hjelmeland <privat@egil-hjelmeland.no> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Egil Hjelmeland authored
Prepare for next patch: Move tag setup from lan9303_separate_ports() to new function lan9303_setup_tagging() Signed-off-by:
-
Eric Dumazet authored
Yury reported crash with this signature : [ 554.034021] [<ffff80003ccd5a58>] 0xffff80003ccd5a58 [ 554.034156] [<ffff00000888fd34>] skb_release_all+0x14/0x30 [ 554.034288] [<ffff00000888fd64>] __kfree_skb+0x14/0x28 [ 554.034409] [<ffff0000088ece6c>] tcp_sendmsg_locked+0x4dc/0xcc8 [ 554.034541] [<ffff0000088ed68c>] tcp_sendmsg+0x34/0x58 [ 554.034659] [<ffff000008919fd4>] inet_sendmsg+0x2c/0xf8 [ 554.034783] [<ffff0000088842e8>] sock_sendmsg+0x18/0x30 [ 554.034928] [<ffff0000088861fc>] SyS_sendto+0x84/0xf8 Problem is that skb->destructor contains garbage, and this is because I accidentally removed tcp_skb_tsorted_anchor_cleanup() from tcp_unlink_write_queue() This would trigger with a write(fd, <invalid_memory>, len) attempt, and we will add to packetdrill this capability to avoid future regressions. Fixes: 75c119af ("tcp: implement rb-tree based retransmit queue") Reported-by:
Yury Norov <ynorov@caviumnetworks.com> Tested-by:
Eric Dumazet <edumazet@google.com> Signed-off-by:
-
David S. Miller authored
Merge tag 'mac80211-next-for-davem-2017-10-11' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next Johannes Berg says: ==================== Work continues in various areas: * port authorized event for 4-way-HS offload (Avi) * enable MFP optional for such devices (Emmanuel) * Kees's timer setup patch for mac80211 mesh (the part that isn't trivially scripted) * improve VLAN vs. TXQ handling (myself) * load regulatory database as firmware file (myself) * with various other small improvements and cleanups I merged net-next once in the meantime to allow Kees's timer setup patch to go in. ==================== Signed-off-by:
-
Johannes Berg authored
Currently CRDA implements the signature checking, and the previous commits added the ability to load the whole regulatory database into the kernel. However, we really can't lose the signature checking, so implement it in the kernel by loading a detached signature (regulatory.db.p7s) and check it against built-in keys. Signed-off-by:Johannes Berg <johannes.berg@intel.com>
-
Johannes Berg authored
Parsing and building C structures from a regdb is no longer needed since the "firmware" file (regulatory.db) can be linked into the kernel image to achieve the same effect. Signed-off-by: -
Johannes Berg authored
If the regulatory database is loaded, and then updated, it may be necessary to reload it. Add an nl80211 command to do this. Note that this just reloads the database, it doesn't re-apply the rules from it immediately. Signed-off-by: -
Johannes Berg authored
As the current regulatory database is only about 4k big, and already difficult to extend, we decided that overall it would be better to get rid of the complications with CRDA and load the database into the kernel directly, but in a new format that is extensible. The new file format can be extended since it carries a length field on all the structs that need to be extensible. In order to be able to request firmware when the module initializes, move cfg80211 from subsys_initcall() to the later fs_initcall(); the firmware loader is at the same level but linked earlier, so it can be called from there. Otherwise, when both the firmware loader and cfg80211 are built-in, the request will crash the kernel. We also need to be before device_initcall() so that cfg80211 is available for devices when they initialize. Signed-off-by: -
Johannes Berg authored
When removing an AP VLAN interface, mac80211 currently purges the entire TXQ for the AP interface. Fix this by using the FQ API introduced in the previous patch to filter frames. Signed-off-by:
Toke Høiland-Jørgensen <toke@toke.dk> Signed-off-by:
-
Johannes Berg authored
Add to the FQ API a way to filter a given tin, in order to remove frames that fulfil certain criteria according to a filter function. This will be used by mac80211 to remove frames belonging to an AP VLAN interface that's being removed. Signed-off-by:
-
Xiang Gao authored
Currently, the aes_ccm.c and aes_gcm.c are almost line by line copy of each other. This patch reduce code redundancy by moving the code in these two files to crypto/aead_api.c to make it a higher level aead api. The file aes_ccm.c and aes_gcm.c are removed and all the functions there are now implemented in their headers using the newly added aead api. Signed-off-by:
Xiang Gao <qasdfgtyuiop@gmail.com> Signed-off-by:
-
Johannes Berg authored
Update my MAINTAINERS file entries to list all the right files. Since I'm also the de-facto wireless extensions maintainer, there's little point in excluding those. Signed-off-by:
-
- 10 Oct, 2017 28 commits
-
-
Eric Garver authored
This adds a ct_clear action for clearing conntrack state. ct_clear is currently implemented in OVS userspace, but is not backed by an action in the kernel datapath. This is useful for flows that may modify a packet tuple after a ct lookup has already occurred. Signed-off-by:
Eric Garver <e@erig.me> Acked-by:
Pravin B Shelar <pshelar@ovn.org> Signed-off-by:
-
Jakub Kicinski authored
If CONFIG_DST_CACHE is not selected cpu variable will be unused and we will see a compilation warning. Move it under the ifdef. Reported-by:
kbuild test robot <fengguang.wu@intel.com> Fixes: d66f2b91 ("bpf: don't rely on the verifier lock for metadata_dst allocation") Signed-off-by:
Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queueDavid S. Miller authored
Jeff Kirsher says: ==================== 1GbE Intel Wired LAN Driver Updates 2017-10-10 This series contains updates to e1000e and igb. Benjamin Poirier provides several fixes for e1000e, starting with a correction to the return status which was always returning success even if it was not successful. Fixed code comments to reflect the actual code behavior. Fixed the conditional test for the correct return value. Fixed a potential race condition reported by Lennart Sorensen, where the single flag get_link_status is used to signal two different states. Sasha fixes a buffer overrun for i219 devices, where the chipset had reduced the round-trip latency for the LAN controller DMA accesses which in some high performance cases caused a buffer overrun while processing the DMA transactions. Willem de Bruijn changes the default behavior of e1000e to use the burst mode settings by default unless the user specifies the receive interrupt delay (RxIntDelay). Florian Fainelli updates the driver to differentiate between when e1000e_put_txbuf() is called from normal reclamation or when a DMA mapping failure to make the driver more "drop monitor friendly". Christophe JAILLET fixes a potential NULL pointer dereference by properly returning -ENOMEM on memory allocation failures. ==================== Signed-off-by: -
Florian Westphal authored
We can now piggyback error strings to userspace via extended acks rather than using printk. Before: bridge fdb add 01:02:03:04:05:06 dev br0 vlan 4095 RTNETLINK answers: Invalid argument After: bridge fdb add 01:02:03:04:05:06 dev br0 vlan 4095 Error: invalid vlan id. v3: drop 'RTM_' prefixes, suggested by David Ahern, they are not useful, the add/del in bridge command line is enough. Also reword error in response to malformed/bad vlan id attribute size. Cc: David Ahern <dsahern@gmail.com> Signed-off-by:
Florian Westphal <fw@strlen.de> Reviewed-by:
David Ahern <dsahern@gmail.com> Signed-off-by:
-
Florian Westphal authored
exercise RTM_GETNETCONF call path for unspec, inet and inet6 families, they are DOIT_UNLOCKED candidates. Signed-off-by:
-
David S. Miller authored
Tariq Toukan says: ==================== mlx4_en num of rings This patchset from Inbar contains changes to rings control to the mlx4 Eth driver. Patches 1 and 2 limit the number of rings to the number of CPUs. Patch 3 removes a limitation in logic of default number of RX rings. Series generated against net-next commit: 812b5ca7 Add a driver for Renesas uPD60620 and uPD60620A PHYs ==================== Signed-off-by:
-
Inbar Karmy authored
Remove limitation of netif_get_num_default_rss_queues() from logic of RX rings default number. Signed-off-by:
Inbar Karmy <inbark@mellanox.com> Signed-off-by:
Tariq Toukan <tariqt@mellanox.com> Signed-off-by:
-
Inbar Karmy authored
Limit the number of RX rings by the number of cores in the system. Signed-off-by:
-
Inbar Karmy authored
Limit the number of TX rings per UP by the number of cores in the system. Signed-off-by:
-
David S. Miller authored
Lipeng says: ==================== Support set_ringparam and {set|get}_rxnfc ethtool commands 1, Patch [1/5,2/5] add support for ethtool ops set_ringparam (ethtool -G) and fix related bug. 2, Patch [3/5,4/5, 5/5] add support for ethtool ops set_rxnfc/get_rxnfc (-n/-N) and fix related bug. ==================== Signed-off-by: -
Lipeng authored
This patch fix the ring count for ETHTOOL_GRXRINGS. Ring count not TC size should be return for command "ethtool -n ethx". Signed-off-by:
Lipeng <lipeng321@huawei.com> Signed-off-by:
-
Lipeng authored
This patch add support for ethtool's ETHTOOL_GRXFH in hns3_get_rxnfc(). Signed-off-by:
-
Lipeng authored
This patch supports the ethtool's set_rxnfc(). Signed-off-by:
-
Lipeng authored
This patch supports the ethtool's set_ringparam(). Signed-off-by:
-
Lipeng authored
This patch fixes the ring index in hns3_fini_ring. Signed-off-by:
-
Ganesh Goudar authored
Add 0x50aa and 0x50ab T5 device id's. Signed-off-by:
Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by:
-
Ganesh Goudar authored
Add support for new flash parts identification, and also cleanup the flash Part identifying and decoding code. Based on the original work of Casey Leedom <leedom@chelsio.com> Signed-off-by:
-
Tim Hansen authored
Fix BUG() calls to use BUG_ON(conditional) macros. This was found using make coccicheck M=net/core on linux next tag next-2017092 Signed-off-by:
Tim Hansen <devtimhansen@gmail.com> Signed-off-by:
-
David S. Miller authored
Jakub Kicinski says: ==================== bpf: get rid of global verifier state and reuse instruction printer This set started off as simple extraction of eBPF verifier's instruction printer into a separate file but evolved into removal of global state. The purpose of moving instruction printing code is to be able to reuse it from the bpftool. As far as the global verifier lock goes, this set removes the global variables relating to the log buffer, makes the one-time init done by bpf_get_skb_set_tunnel_proto() not depend on any external locking, and performs verifier log writeback as data is produced removing the need for allocating a potentially large temporary buffer. The final step of actually removing the verifier lock is left to someone more competent and self-confident :) Note that struct bpf_verifier_env is just 40B under two pages now, we should probably switch to vzalloc() when it's expanded again... v2: - add a selftest; - use env buffer and flush on every print (Alexei); - handle kernel log allocation failures (Daniel); - put the env log members into a struct (Daniel). ==================== Signed-off-by: -
Jakub Kicinski authored
Verifier log buffer can be quite large (up to 16MB currently). As Eric Dumazet points out if we allow multiple verification requests to proceed simultaneously, malicious user may use the verifier as a way of allocating large amounts of unswappable memory to OOM the host. Switch to a strategy of allocating a smaller buffer (1024B) and writing it out into the user buffer after every print. While at it remove the old BUG_ON(). This is in preparation of the global verifier lock removal. Signed-off-by:
Simon Horman <simon.horman@netronome.com> Acked-by:
Alexei Starovoitov <ast@kernel.org> Acked-by:
Daniel Borkmann <daniel@iogearbox.net> Signed-off-by:
-
Jakub Kicinski authored
bpf_skb_set_tunnel_*() functions require allocation of per-cpu metadata_dst. The allocation happens upon verification of the first program using those helpers. In preparation for removing the verifier lock, use cmpxchg() to make sure we only allocate the metadata_dsts once. Signed-off-by:
-
Jakub Kicinski authored
Compile the instruction printer from kernel/bpf and use it for disassembling "translated" eBPF code. Signed-off-by:
-
Jakub Kicinski authored
Separate the instruction printing into a standalone source file. This way sneaky code from tools/ can compile it in directly. Signed-off-by:
-
Jakub Kicinski authored
The biggest piece of global state protected by the verifier lock is the verifier_log. Move that log to struct bpf_verifier_env. struct bpf_verifier_env has to be passed now to all invocations of verbose(). Signed-off-by:
-
Jakub Kicinski authored
Put the loose log_* variables into a structure. This will make it simpler to remove the global verifier state in following patches. Signed-off-by:
-
Jakub Kicinski authored
Add a test for verifier log handling. Check bad attr combinations but focus on cases when log is truncated. Signed-off-by:
-
Colin Ian King authored
The use of the | operator always leads to true which looks rather suspect to me. Fix this by using & instead to just check the RTF_CACHE entry bit. Detected by CoverityScan, CID#1457734, #1457747 ("Wrong operator used") Fixes: 35732d01 ("ipv6: introduce a hash table to store dst cache") Signed-off-by:Colin Ian King <colin.king@canonical.com> Acked-by:
Wei Wang <weiwan@google.com> Acked-by:
Martin KaFai Lau <kafai@fb.com> Signed-off-by:
-
Colin Ian King authored
Currently rt6_ex is being dereferenced before it is null checked hence there is a possible null dereference bug. Fix this by only dereferencing rt6_ex after it has been null checked. Detected by CoverityScan, CID#1457749 ("Dereference before null check") Fixes: 81eb8447 ("ipv6: take care of rt6_stats") Signed-off-by:
-
