- 28 Nov, 2019 1 commit
-
-
Ganapathi Bhat authored
mwifiex_process_country_ie() function parse elements of bss descriptor in beacon packet. When processing WLAN_EID_COUNTRY element, there is no upper limit check for country_ie_len before calling memcpy. The destination buffer domain_info->triplet is an array of length MWIFIEX_MAX_TRIPLET_802_11D(83). The remote attacker can build a fake AP with the same ssid as real AP, and send malicous beacon packet with long WLAN_EID_COUNTRY elemen (country_ie_len > 83). Attacker can force STA connect to fake AP on a different channel. When the victim STA connects to fake AP, will trigger the heap buffer overflow. Fix this by checking for length and if found invalid, don not connect to the AP. This fix addresses CVE-2019-14895. Reported-by:
huangwen <huangwenabc@gmail.com> Signed-off-by:
Ganapathi Bhat <gbhat@marvell.com> Signed-off-by:
Kalle Valo <kvalo@codeaurora.org>
-
- 24 Nov, 2019 4 commits
-
-
Stephen Hemminger authored
The recording of RSS hash should be controlled by NETIF_F_RXHASH. Fixes: 1fac7ca4 ("hv_netvsc: record hardware hash in skb") Suggested-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
Stephen Hemminger <sthemmin@microsoft.com> Signed-off-by:
Haiyang Zhang <haiyangz@microsoft.com> Reviewed-by:
Michael Kelley <mikelley@microsoft.com> Signed-off-by:
Jakub Kicinski <jakub.kicinski@netronome.com>
-
Tonghao Zhang authored
Use vlan common api to access the vlan_tag info. Signed-off-by:
Tonghao Zhang <xiangxia.m.yue@gmail.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linuxJakub Kicinski authored
Saeed Mahameed says: ==================== mlx5-updates-2019-11-22 1) Misc Cleanups 2) Software steering support for Geneve ==================== Signed-off-by: -
Russell King authored
Rename the mac_link_state() method to mac_pcs_get_state() to make it clear that it should be returning the MACs PCS current state, which is used for inband negotiation rather than just reading back what the MAC has been configured for. Update the documentation to explicitly mention that this is for inband. We drop the return value as well; most of phylink doesn't check the return value and it is not clear what it should do on error - instead arrange for state->link to be false. Signed-off-by:
Russell King <rmk+kernel@armlinux.org.uk> Signed-off-by:
-
- 23 Nov, 2019 23 commits
-
-
Taehee Yoo authored
rhashtable_lookup_fast() internally calls rcu_read_lock() then, calls rhashtable_lookup(). So if rcu_read_lock() is already held, rhashtable_lookup() is enough. Signed-off-by:
Taehee Yoo <ap420073@gmail.com> Signed-off-by:
-
Jakub Kicinski authored
Merge tag 'wireless-drivers-next-2019-11-22' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next Kalle Valo says: ==================== wireless-drivers-next patches for v5.5 Last set of patches for v5.5. Major features here 802.11ax support for qtnfmac and airtime fairness support to mt76. And naturally smaller fixes and improvements all over. Major changes: qtnfmac * add 802.11ax support in AP mode * enable offload bridging support iwlwifi * support TX/RX antennas reporting mt76 * mt7615 smart carrier sense support * aggregation statistics via debugfs * airtime fairness (ATF) support * mt76x0 OF mac address support ==================== Signed-off-by:
-
Jakub Kicinski authored
Robert Schwebel says: ==================== here is v2 of the series converting the NFC documentation from txt to rst. Thanks to Jonathan and Dave for the input. Changes since (implicit) v1: * replace code-block by more compact :: syntax * really add the rst file to the index ==================== Signed-off-by: -
Robert Schwebel authored
Now that the sphinx syntax has been fixed, change the document from txt to rst and add it to the index. Signed-off-by:
Robert Schwebel <r.schwebel@pengutronix.de> Signed-off-by:
-
Robert Schwebel authored
Silence this warning: Documentation/networking/nfc.rst:113: WARNING: Definition list ends without a blank line; unexpected unindent. Signed-off-by:
-
Robert Schwebel authored
Fix this warning: Documentation/networking/nfc.rst:87: WARNING: Bullet list ends without a blank line; unexpected unindent. Signed-off-by:
-
Robert Schwebel authored
Change the block diagram to match the sphinx syntax. This will make it possible to switch this file to rst in the future. Signed-off-by:
-
Robert Schwebel authored
The headlines in this file do are not in the standard kernel docu- mentation headline format. Change it, so this file can be switched to rst in the future. Signed-off-by:
-
Russell King authored
When a phydev is created, the speed and duplex are set to zero and -1 respectively, rather than using the predefined SPEED_UNKNOWN and DUPLEX_UNKNOWN constants. There is a window at initialisation time where we may report link down using the 0/-1 values. Tidy this up and use the predefined constants, so debug doesn't complain with: "Unsupported (update phy-core.c)/Unsupported (update phy-core.c)" when the speed and duplex settings are printed. Signed-off-by:
-
Russell King authored
There are no users of phy_ethtool_sset() in the kernel anymore, and as of commit 3c1bcc86 ("net: ethernet: Convert phydev advertize and supported from u32 to link mode"), the implementation is slightly buggy - it doesn't correctly check the masked advertising mask as it used to. Remove it, and update the phy documentation to refer to its replacement function. Signed-off-by:
Andrew Lunn <andrew@lunn.ch> Signed-off-by:
-
Jakub Kicinski authored
This commit reverts commit 91e6015b ("bpf: Emit audit messages upon successful prog load and unload") and its follow up commit 7599a896 ("audit: Move audit_log_task declaration under CONFIG_AUDITSYSCALL") as requested by Paul Moore. The change needs close review on linux-audit, tests etc. Signed-off-by:
-
Jakub Kicinski authored
Edward Cree says: ==================== A series of changes to how we check filters for expiry, manage how much of that work to do & when, etc. Prompted by some pathological behaviour under heavy load, which was Reported-by:
David Ahern <dahern@digitalocean.com> ==================== Signed-off-by:
-
Edward Cree authored
If there's no traffic on a channel, its ARFS expiry work will never get scheduled by efx_poll() as that isn't being run. So make efx_filter_rfs_expire() reschedule itself to run after 30 seconds. Signed-off-by:
Edward Cree <ecree@solarflare.com> Signed-off-by:
-
Edward Cree authored
Report the number of successful and failed insertions, and also the current count of filters, to aid in tuning e.g. rps_flow_cnt. Signed-off-by:
-
Edward Cree authored
In high connection count usage, the NIC's filter table may be filled with sufficiently many ARFS filters that further insertions fail. As this does not represent a correctness issue, do not log the resulting MCDI errors. Add a debug-level message under the (by default disabled) rx_status category instead; and take the opportunity to do a little extra expiry work. Since there are now multiple workitems able to call __efx_filter_rfs_expire on a given channel, it is possible for them to race and thus pass quotas which, combined, exceed rfs_filter_count. Thus, don't WARN_ON if we loop all the way around the table with quota left over. Signed-off-by:
-
Edward Cree authored
The old rfs_filters_added method for determining the quota could potentially allow the NIC to become filled with old filters, which never get tested for expiry. Instead, explicitly make expiry check work depend on the number of filters installed, and don't count checking slots without filters in as doing work. This guarantees that each filter will be checked for expiry at least once every thirty seconds (assuming the channel to which it belongs is NAPI polling actively) regardless of fill level. Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queueJakub Kicinski authored
Jeff Kirsher says: ==================== This series contains updates to the ice driver only. Bruce updates the driver to store the number of functions the device has so that it won't have to compute it when setting safe mode capabilities. Adds a check to adjust the reporting of capabilities for devices with more than 4 ports, which differ for devices with less than 4 ports. Brett adds a helper function to determine if the VF is allowed to do VLAN operations based on the host's VF configuration. Also adds a new function that initializes VLAN stripping (enabled/disabled) for the VF based on the device supported capabilities. Adds a check if the vector index is valid with the respect to the number of transmit and receive queues configured when we set coalesce settings for DCB. Adds a check if the promisc_mask contains ICE_PROMISC_VLAN_RX or ICE_PROMISC_VLAN_TX so that VLAN 0 promiscuous rules to be removed. Add a helper macro for a commonly used de-reference of a pointer to &pf->dev->pdev. Jesse fixes an issue where if an invalid virtchnl request from the VF, the driver would return uninitialized data to the VF from the PF stack, so ensure the stack variable is initialized earlier. Add helpers to the virtchnl interface make the reporting of strings consistent and help reduce stack space. Implements VF statistics gathering via the kernel ndo_get_vf_stats(). Akeem ensures we disable the state flag for each VF when its resources are returned to the device. Tony does additional cleanup in the driver to ensure the when we allocate and free memory within the same function, we should not be using devm_* variants; use regular alloc and free functions. Henry implements code to query and set the number of channels on the primary VSI for a PF via ethtool. Jake cleans up needless NULL checks in ice_sched_cleanup_all(). Kevin updates the firmware API version to align with current NVM images. v2: Added "Fixes:" tag to patch 5 commit description and added the use of netif_is_rxfh_configured() in patch 13 to see if RSS has been configured by the user, if so do not overwrite that configuration. ==================== Signed-off-by: -
Maciej Żenczykowski authored
Cc: Eric Dumazet <edumazet@google.com> Signed-off-by:
Maciej Żenczykowski <maze@google.com> Signed-off-by:
-
Jakub Kicinski authored
Rahul Lakkireddy says: ==================== This series of patches add UDP Segmentation Offload (USO) supported by Chelsio T5/T6 NICs. Patch 1 updates the current Scatter Gather List (SGL) DMA unmap logic for USO requests. Patch 2 adds USO support for NIC and MQPRIO QoS offload Tx path. Patch 3 adds missing stats for MQPRIO QoS offload Tx path. ==================== Signed-off-by: -
Rahul Lakkireddy authored
Export necessary stats for traffic flowing through MQPRIO QoS offload Tx path. v2: - No change. Signed-off-by:
Rahul Lakkireddy <rahul.lakkireddy@chelsio.com> Signed-off-by:
-
Rahul Lakkireddy authored
Implement and export UDP segmentation offload (USO) support for both NIC and MQPRIO QoS offload Tx path. Update appropriate logic in Tx to parse GSO info in skb and configure FW_ETH_TX_EO_WR request needed to perform USO. v2: - Remove inline keyword from write_eo_udp_wr() in sge.c. Let the compiler decide. Signed-off-by:
-
Rahul Lakkireddy authored
The FW_ETH_TX_EO_WR used for sending UDP Segmentation Offload (USO) requests expects the headers to be part of the descriptor and the payload to be part of the SGL containing the DMA mapped addresses. Hence, the DMA address in the first entry of the SGL can start after the packet headers. Currently, unmap_sgl() tries to unmap from this wrong offset, instead of the originally mapped DMA address. So, use existing unmap_skb() instead, which takes originally saved DMA addresses as input. Update all necessary Tx paths to save the original DMA addresses, so that unmap_skb() can unmap them properly. v2: - No change. Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski authored
Minor conflict in drivers/s390/net/qeth_l2_main.c, kept the lock from commit c8183f54 ("s390/qeth: fix potential deadlock on workqueue flush"), removed the code which was removed by commit 9897d583 ("s390/qeth: consolidate some duplicated HW cmd code"). Signed-off-by:
-
- 22 Nov, 2019 12 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netLinus Torvalds authored
Pull networking fixes from David Miller: 1) Validate tunnel options length in act_tunnel_key, from Xin Long. 2) Fix DMA sync bug in gve driver, from Adi Suresh. 3) TSO kills performance on some r8169 chips due to HW issues, disable by default in that case, from Corinna Vinschen. 4) Fix clock disable mismatch in fec driver, from Chubong Yuan. 5) Fix interrupt status bits define in hns3 driver, from Huazhong Tan. 6) Fix workqueue deadlocks in qeth driver, from Julian Wiedmann. 7) Don't napi_disable() twice in r8152 driver, from Hayes Wang. 8) Fix SKB extension memory leak, from Florian Westphal. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (54 commits) r8152: avoid to call napi_disable twice MAINTAINERS: Add myself as maintainer of virtio-vsock udp: drop skb extensions before marking skb stateless net: rtnetlink: prevent underflows in do_setvfinfo() can: m_can_platform: remove unnecessary m_can_class_resume() call can: m_can_platform: set net_device structure as driver data hv_netvsc: Fix send_table offset in case of a host bug hv_netvsc: Fix offset usage in netvsc_send_table() net-ipv6: IPV6_TRANSPARENT - check NET_RAW prior to NET_ADMIN sfc: Only cancel the PPS workqueue if it exists nfc: port100: handle command failure cleanly net-sysfs: fix netdev_queue_add_kobject() breakage r8152: Re-order napi_disable in rtl8152_close net: qca_spi: Move reset_count to struct qcaspi net: qca_spi: fix receive buffer size check net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode Revert "net/ibmvnic: Fix EOI when running in XIVE mode" net/mlxfw: Verify FSM error code translation doesn't exceed array size net/mlx5: Update the list of the PCI supported devices net/mlx5: Fix auto group size calculation ... -
Marc Dionne authored
By default s_maxbytes is set to MAX_NON_LFS, which limits the usable file size to 2GB, enforced by the vfs. Commit b9b1f8d5 ("AFS: write support fixes") added support for the 64-bit fetch and store server operations, but did not change this value. As a result, attempts to write past the 2G mark result in EFBIG errors: $ dd if=/dev/zero of=foo bs=1M count=1 seek=2048 dd: error writing 'foo': File too large Set s_maxbytes to MAX_LFS_FILESIZE. Fixes: b9b1f8d5 ("AFS: write support fixes") Signed-off-by:
Marc Dionne <marc.dionne@auristor.com> Signed-off-by:
David Howells <dhowells@redhat.com> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Marc Dionne authored
Servers sending callback breaks to the YFS_CM_SERVICE service may send up to YFSCBMAX (1024) fids in a single RPC. Anything over AFSCBMAX (50) will cause the assert in afs_break_callbacks to trigger. Remove the assert, as the count has already been checked against the appropriate max values in afs_deliver_cb_callback and afs_deliver_yfs_cb_callback. Fixes: 35dbfba3 ("afs: Implement the YFS cache manager service") Signed-off-by:
-
Kevin Scott authored
Update FW API minor version to align to current value advertised by FW in new NVM images. Signed-off-by:
Kevin Scott <kevin.c.scott@intel.com> Signed-off-by:
Tony Nguyen <anthony.l.nguyen@intel.com> Tested-by:
Andrew Bowers <andrewx.bowers@intel.com> Signed-off-by:
Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Jacob Keller authored
The code in ice_sched_cleanup_all checks whether the port info is NULL prior to calling ice_sched_clear_port. However, ice_sched_clear_port already checks whether port info is non-NULL. More importantly, it also checks whether the port structure has been initialized by checking its port_state field as well. Signed-off-by:
Jacob Keller <jacob.e.keller@intel.com> Tested-by:
-
Henry Tieman authored
Add code to query and set the number of channels on the primary VSI for a PF. This is accessed from the 'ethtool -l' and 'ethtool -L' commands, respectively. Though the ice driver supports asymmetric queues report an IRQ vector that has both Rx and Tx queues attached and is counted as a 'combined' channel. Signed-off-by:
Henry Tieman <henry.w.tieman@intel.com> Co-developed-by:
Maciej Fijalkowski <maciej.fijalkowski@intel.com> Signed-off-by:
-
Eli Cohen authored
When code reaches the "out" label, n is guaranteed to be valid so we can unconditionally call neigh_release. Also change the label to release_neigh to better reflect the fact that we unconditionally free the neighbour and also match other labels convention. Signed-off-by:
Eli Cohen <eli@mellanox.com> Reviewed-by:
Roi Dayan <roid@mellanox.com> Signed-off-by:
Saeed Mahameed <saeedm@mellanox.com>
-
Saeed Mahameed authored
Improve mlx5e_route_lookup_ipv6 function structure by avoiding #ifdef then return -EOPNOTSUPP in the middle of the function code. To do so, we stub out mlx5e_tc_tun_create_header_ipv6 which is the only caller of this helper function to avoid calling it altogether when ipv6 is compiled out, which should also cleanup some compiler warnings of unused variables. Signed-off-by:
-
Yevgeny Kliteynik authored
Add support for SW steering matching on Geneve header fields: - VNI - OAM - protocol type - options length Signed-off-by:
Yevgeny Kliteynik <kliteyn@mellanox.com> Reviewed-by:
Alex Vesker <valex@mellanox.com> Signed-off-by:
-
Yevgeny Kliteynik authored
Add definition for flex parser tunneling header for Geneve. Signed-off-by:
-
Yevgeny Kliteynik authored
Refactor flex parser tunnel code: - Add definition for flex parser tunneling header for VXLAN-GPE - Use macros for VXLAN-GPE SW steering when building STE - Refactor the code to reflect that this is a VXLAN GPE only code and not a general flex parser code. This also significantly simplifies addition of more flex parser protocols, such as Geneve. Signed-off-by:
-
Leon Romanovsky authored
The MODIFY_HCA_VPORT_CONTEXT uses field_selector to mask fields needed to be written, other fields are required to be zero according to the HW specification. The supported fields are controlled by bitfield and limited to vport state, node and port GUIDs. Signed-off-by:
Leon Romanovsky <leonro@mellanox.com> Signed-off-by:
-
