1. 07 Oct, 2019 1 commit
  2. 06 Oct, 2019 7 commits
    • Toke Høiland-Jørgensen's avatar
      libbpf: Add cscope and tags targets to Makefile · a9eb048d
      Toke Høiland-Jørgensen authored
      Using cscope and/or TAGS files for navigating the source code is useful.
      Add simple targets to the Makefile to generate the index files for both
      tools.
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@redhat.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Tested-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Acked-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Link: https://lore.kernel.org/bpf/20191004153444.1711278-1-toke@redhat.com
      a9eb048d
    • Alexei Starovoitov's avatar
      Merge branch 'libbpf-api' · b84fbfe2
      Alexei Starovoitov authored
      Andrii Nakryiko says:
      
      ====================
      Add bpf_object__open_file() and bpf_object__open_mem() APIs that use a new
      approach to providing future-proof non-ABI-breaking API changes. It relies on
      APIs accepting optional self-describing "opts" struct, containing its own
      size, filled out and provided by potentially outdated (as well as
      newer-than-libbpf) user application. A set of internal helper macros
      (OPTS_VALID, OPTS_HAS, and OPTS_GET) streamline and simplify a graceful
      handling forward and backward compatibility for user applications dynamically
      linked against different versions of libbpf shared library.
      
      Users of libbpf are provided with convenience macro LIBBPF_OPTS that takes
      care of populating correct structure size and zero-initializes options struct,
      which helps avoid obscure issues of unitialized padding. Uninitialized padding
      in a struct might turn into garbage-populated new fields understood by future
      versions of libbpf.
      
      Patch #1 removes enforcement of kern_version in libbpf and always populates
      correct one on behalf of users.
      Patch #2 defines necessary infrastructure for options and two new open APIs
      relying on it.
      Patch #3 fixes bug in bpf_object__name().
      Patch #4 switches two of test_progs' tests to use new APIs as a validation
      that they work as expected.
      
      v2->v3:
      - fix LIBBPF_OPTS() to ensure zero-initialization of padded bytes;
      - pass through name override and relaxed maps flag for open_file() (Toke);
      - fix bpf_object__name() to actually return object name;
      - don't bother parsing and verifying version section (John);
      
      v1->v2:
      - use better approach for tracking last field in opts struct;
      - convert few tests to new APIs for validation;
      - fix bug with using offsetof(last_field) instead of offsetofend(last_field).
      ====================
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      b84fbfe2
    • Andrii Nakryiko's avatar
      selftests/bpf: switch tests to new bpf_object__open_{file, mem}() APIs · 928ca75e
      Andrii Nakryiko authored
      Verify new bpf_object__open_mem() and bpf_object__open_file() APIs work
      as expected by switching test_attach_probe test to use embedded BPF
      object and bpf_object__open_mem() and test_reference_tracking to
      bpf_object__open_file().
      Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      928ca75e
    • Andrii Nakryiko's avatar
      libbpf: fix bpf_object__name() to actually return object name · c9e4c301
      Andrii Nakryiko authored
      bpf_object__name() was returning file path, not name. Fix this.
      Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      c9e4c301
    • Andrii Nakryiko's avatar
      libbpf: add bpf_object__open_{file, mem} w/ extensible opts · 2ce8450e
      Andrii Nakryiko authored
      Add new set of bpf_object__open APIs using new approach to optional
      parameters extensibility allowing simpler ABI compatibility approach.
      
      This patch demonstrates an approach to implementing libbpf APIs that
      makes it easy to extend existing APIs with extra optional parameters in
      such a way, that ABI compatibility is preserved without having to do
      symbol versioning and generating lots of boilerplate code to handle it.
      To facilitate succinct code for working with options, add OPTS_VALID,
      OPTS_HAS, and OPTS_GET macros that hide all the NULL, size, and zero
      checks.
      
      Additionally, newly added libbpf APIs are encouraged to follow similar
      pattern of having all mandatory parameters as formal function parameters
      and always have optional (NULL-able) xxx_opts struct, which should
      always have real struct size as a first field and the rest would be
      optional parameters added over time, which tune the behavior of existing
      API, if specified by user.
      Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      2ce8450e
    • Andrii Nakryiko's avatar
      libbpf: stop enforcing kern_version, populate it for users · 5e61f270
      Andrii Nakryiko authored
      Kernel version enforcement for kprobes/kretprobes was removed from
      5.0 kernel in 6c4fc209 ("bpf: remove useless version check for prog load").
      Since then, BPF programs were specifying SEC("version") just to please
      libbpf. We should stop enforcing this in libbpf, if even kernel doesn't
      care. Furthermore, libbpf now will pre-populate current kernel version
      of the host system, in case we are still running on old kernel.
      
      This patch also removes __bpf_object__open_xattr from libbpf.h, as
      nothing in libbpf is relying on having it in that header. That function
      was never exported as LIBBPF_API and even name suggests its internal
      version. So this should be safe to remove, as it doesn't break ABI.
      Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      5e61f270
    • Andrii Nakryiko's avatar
      libbpf: Fix BTF-defined map's __type macro handling of arrays · a53ba15d
      Andrii Nakryiko authored
      Due to a quirky C syntax of declaring pointers to array or function
      prototype, existing __type() macro doesn't work with map key/value types
      that are array or function prototype. One has to create a typedef first
      and use it to specify key/value type for a BPF map.  By using typeof(),
      pointer to type is now handled uniformly for all kinds of types. Convert
      one of self-tests as a demonstration.
      Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Link: https://lore.kernel.org/bpf/20191004040211.2434033-1-andriin@fb.com
      a53ba15d
  3. 04 Oct, 2019 2 commits
  4. 03 Oct, 2019 2 commits
    • Ivan Khoronzhuk's avatar
      selftests/bpf: Correct path to include msg + path · c5881463
      Ivan Khoronzhuk authored
      The "path" buf is supposed to contain path + printf msg up to 24 bytes.
      It will be cut anyway, but compiler generates truncation warns like:
      
      "
      samples/bpf/../../tools/testing/selftests/bpf/cgroup_helpers.c: In
      function ‘setup_cgroup_environment’:
      samples/bpf/../../tools/testing/selftests/bpf/cgroup_helpers.c:52:34:
      warning: ‘/cgroup.controllers’ directive output may be truncated
      writing 19 bytes into a region of size between 1 and 4097
      [-Wformat-truncation=]
      snprintf(path, sizeof(path), "%s/cgroup.controllers", cgroup_path);
      				  ^~~~~~~~~~~~~~~~~~~
      samples/bpf/../../tools/testing/selftests/bpf/cgroup_helpers.c:52:2:
      note: ‘snprintf’ output between 20 and 4116 bytes into a destination
      of size 4097
      snprintf(path, sizeof(path), "%s/cgroup.controllers", cgroup_path);
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      samples/bpf/../../tools/testing/selftests/bpf/cgroup_helpers.c:72:34:
      warning: ‘/cgroup.subtree_control’ directive output may be truncated
      writing 23 bytes into a region of size between 1 and 4097
      [-Wformat-truncation=]
      snprintf(path, sizeof(path), "%s/cgroup.subtree_control",
      				  ^~~~~~~~~~~~~~~~~~~~~~~
      cgroup_path);
      samples/bpf/../../tools/testing/selftests/bpf/cgroup_helpers.c:72:2:
      note: ‘snprintf’ output between 24 and 4120 bytes into a destination
      of size 4097
      snprintf(path, sizeof(path), "%s/cgroup.subtree_control",
      cgroup_path);
      "
      
      In order to avoid warns, lets decrease buf size for cgroup workdir on
      24 bytes with assumption to include also "/cgroup.subtree_control" to
      the address. The cut will never happen anyway.
      Signed-off-by: default avatarIvan Khoronzhuk <ivan.khoronzhuk@linaro.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20191002120404.26962-3-ivan.khoronzhuk@linaro.org
      c5881463
    • Ivan Khoronzhuk's avatar
      selftests/bpf: Add static to enable_all_controllers() · fb27dcd2
      Ivan Khoronzhuk authored
      Add static to enable_all_controllers() to get rid from annoying warning
      during samples/bpf build:
      
      samples/bpf/../../tools/testing/selftests/bpf/cgroup_helpers.c:44:5:
      warning: no previous prototype for ‘enable_all_controllers’
      [-Wmissing-prototypes]
       int enable_all_controllers(char *cgroup_path)
      Signed-off-by: default avatarIvan Khoronzhuk <ivan.khoronzhuk@linaro.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20191002120404.26962-2-ivan.khoronzhuk@linaro.org
      fb27dcd2
  5. 01 Oct, 2019 15 commits
    • Andrii Nakryiko's avatar
      libbpf: Bump current version to v0.0.6 · 03bd4773
      Andrii Nakryiko authored
      New release cycle started, let's bump to v0.0.6 proactively.
      Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20190930222503.519782-1-andriin@fb.com
      03bd4773
    • Simon Horman's avatar
      dt-bindings: sh_eth convert bindings to json-schema · 37a2fce0
      Simon Horman authored
      Convert Renesas Electronics SH EtherMAC bindings documentation to
      json-schema.  Also name bindings documentation file according to the compat
      string being documented.
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Reviewed-by: default avatarSergei Shtylyov <sergei.shtylyov@cogentembedded.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      37a2fce0
    • Peter Fink's avatar
      net: usb: ax88179_178a: allow optionally getting mac address from device tree · 9fb137ae
      Peter Fink authored
      Adopt and integrate the feature to pass the MAC address via device tree
      from asix_device.c (03fc5d4f) also to other ax88179 based asix chips.
      E.g. the bootloader fills in local-mac-address and the driver will then
      pick up and use this MAC address.
      Signed-off-by: default avatarPeter Fink <pfink@christ-es.de>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9fb137ae
    • Nicolas Dichtel's avatar
      ipv6: minor code reorg in inet6_fill_ifla6_attrs() · 0d7982ce
      Nicolas Dichtel authored
      Just put related code together to ease code reading: the memcpy() is
      related to the nla_reserve().
      Signed-off-by: default avatarNicolas Dichtel <nicolas.dichtel@6wind.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0d7982ce
    • David S. Miller's avatar
      Merge branch 'netdev-altnames' · 7a56493f
      David S. Miller authored
      Jiri Pirko says:
      
      ====================
      net: introduce alternative names for network interfaces
      
      In the past, there was repeatedly discussed the IFNAMSIZ (16) limit for
      netdevice name length. Now when we have PF and VF representors
      with port names like "pfXvfY", it became quite common to hit this limit:
      0123456789012345
      enp131s0f1npf0vf6
      enp131s0f1npf0vf22
      
      Udev cannot rename these interfaces out-of-the-box and user needs to
      create custom rules to handle them.
      
      Also, udev has multiple schemes of netdev names. From udev code:
       * Type of names:
       *   b<number>                             - BCMA bus core number
       *   c<bus_id>                             - bus id of a grouped CCW or CCW device,
       *                                           with all leading zeros stripped [s390]
       *   o<index>[n<phys_port_name>|d<dev_port>]
       *                                         - on-board device index number
       *   s<slot>[f<function>][n<phys_port_name>|d<dev_port>]
       *                                         - hotplug slot index number
       *   x<MAC>                                - MAC address
       *   [P<domain>]p<bus>s<slot>[f<function>][n<phys_port_name>|d<dev_port>]
       *                                         - PCI geographical location
       *   [P<domain>]p<bus>s<slot>[f<function>][u<port>][..][c<config>][i<interface>]
       *                                         - USB port number chain
       *   v<slot>                               - VIO slot number (IBM PowerVM)
       *   a<vendor><model>i<instance>           - Platform bus ACPI instance id
       *   i<addr>n<phys_port_name>              - Netdevsim bus address and port name
      
      One device can be often renamed by multiple patterns at the
      same time (e.g. pci address/mac).
      
      This patchset introduces alternative names for network interfaces.
      Main goal is to:
      1) Overcome the IFNAMSIZ limitation (altname limitation is 128 bytes)
      2) Allow to have multiple names at the same time (multiple udev patterns)
      3) Allow to use alternative names as handle for commands
      
      The patchset introduces two new commands to add/delete list of properties.
      Currently only alternative names are implemented but the ifrastructure
      could be easily extended later on. This is very similar to the list of vlan
      and tunnels being added/deleted to/from bridge ports.
      
      See following examples.
      
      $ ip link
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
      
      -> Add alternative names for dummy0:
      
      $ ip link prop add dummy0 altname someothername
      $ ip link prop add dummy0 altname someotherveryveryveryverylongname
      $ ip link
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname someothername
          altname someotherveryveryveryverylongname
      $ ip link show someotherveryveryveryverylongname
      2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname someothername
          altname someotherveryveryveryverylongname
      
      -> Add bridge brx, add it's alternative name and use alternative names to
         do enslavement.
      
      $ ip link add name brx type bridge
      $ ip link prop add brx altname mypersonalsuperspecialbridge
      $ ip link set someotherveryveryveryverylongname master mypersonalsuperspecialbridge
      $ ip link
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop master brx state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname someothername
          altname someotherveryveryveryverylongname
      3: brx: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname mypersonalsuperspecialbridge
      
      -> Add ipv4 address to the bridge using alternative name:
      
      $ ip addr add 192.168.0.1/24 dev mypersonalsuperspecialbridge
      $ ip addr show mypersonalsuperspecialbridge
      3: brx: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname mypersonalsuperspecialbridge
          inet 192.168.0.1/24 scope global brx
             valid_lft forever preferred_lft forever
      
      -> Delete one of dummy0 alternative names:
      
      $ ip link prop del dummy0 altname someotherveryveryveryverylongname
      $ ip link
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop master brx state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname someothername
      3: brx: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname mypersonalsuperspecialbridge
      
      -> Add multiple alternative names at once
      
      $ ip link prop add dummy0 altname a altname b altname c altname d
      $ ip link
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop master brx state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname someothername
          altname a
          altname b
          altname c
          altname d
      3: brx: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
          link/ether ae:67:a9:67:46:86 brd ff:ff:ff:ff:ff:ff
          altname mypersonalsuperspecialbridge
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7a56493f
    • Jiri Pirko's avatar
      net: rtnetlink: add possibility to use alternative names as message handle · 76c9ac0e
      Jiri Pirko authored
      Extend the basic rtnetlink commands to use alternative interface names
      as a handle instead of ifindex and ifname.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      76c9ac0e
    • Jiri Pirko's avatar
      net: rtnetlink: introduce helper to get net_device instance by ifname · cc6090e9
      Jiri Pirko authored
      Introduce helper function rtnl_get_dev() that gets net_device structure
      instance pointer according to passed ifname or ifname attribute.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      cc6090e9
    • Jiri Pirko's avatar
      net: rtnetlink: unify the code in __rtnl_newlink get dev with the rest · 7af12cba
      Jiri Pirko authored
      __rtnl_newlink() code flow is a bit different around tb[IFLA_IFNAME]
      processing comparing to the other places. Change that to be unified with
      the rest.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7af12cba
    • Jiri Pirko's avatar
      net: rtnetlink: put alternative names to getlink message · 88f4fb0c
      Jiri Pirko authored
      Extend exiting getlink info message with list of properties. Now the
      only ones are alternative names.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      88f4fb0c
    • Jiri Pirko's avatar
      net: rtnetlink: add linkprop commands to add and delete alternative ifnames · 36fbf1e5
      Jiri Pirko authored
      Add two commands to add and delete list of link properties. Implement
      the first property type along - alternative ifnames.
      Each net device can have multiple alternative names.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      36fbf1e5
    • Jiri Pirko's avatar
      net: introduce name_node struct to be used in hashlist · ff927412
      Jiri Pirko authored
      Introduce name_node structure to hold name of device and put it into
      hashlist instead of putting there struct net_device directly. Add a
      necessary infrastructure to manipulate the hashlist. This prepares
      the code to use the same hashlist for alternative names introduced
      later in this set.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ff927412
    • Jiri Pirko's avatar
      net: procfs: use index hashlist instead of name hashlist · 6958c97a
      Jiri Pirko authored
      Name hashlist is going to be used for more than just dev->name, so use
      rather index hashlist for iteration over net_device instances.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6958c97a
    • Eric Dumazet's avatar
      tcp: add ipv6_addr_v4mapped_loopback() helper · be2644aa
      Eric Dumazet authored
      tcp_twsk_unique() has a hard coded assumption about ipv4 loopback
      being 127/8
      
      Lets instead use the standard ipv4_is_loopback() method,
      in a new ipv6_addr_v4mapped_loopback() helper.
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      be2644aa
    • Julio Faracco's avatar
      net: core: dev: replace state xoff flag comparison by netif_xmit_stopped method · 5be5515a
      Julio Faracco authored
      Function netif_schedule_queue() has a hardcoded comparison between queue
      state and any xoff flag. This comparison does the same thing as method
      netif_xmit_stopped(). In terms of code clarity, it is better. See other
      methods like: generic_xdp_tx() and dev_direct_xmit().
      Signed-off-by: default avatarJulio Faracco <jcfaracco@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5be5515a
    • Prashant Malani's avatar
      r8152: Factor out OOB link list waits · 5f71c840
      Prashant Malani authored
      The same for-loop check for the LINK_LIST_READY bit of an OOB_CTRL
      register is used in several places. Factor these out into a single
      function to reduce the lines of code.
      
      Change-Id: I20e8f327045a72acc0a83e2d145ae2993ab62915
      Signed-off-by: default avatarPrashant Malani <pmalani@chromium.org>
      Reviewed-by: default avatarGrant Grundler <grundler@chromium.org>
      Acked-by: default avatarHayes Wang <hayeswang@realtek.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5f71c840
  6. 29 Sep, 2019 1 commit
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 02dc96ef
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Sanity check URB networking device parameters to avoid divide by
          zero, from Oliver Neukum.
      
       2) Disable global multicast filter in NCSI, otherwise LLDP and IPV6
          don't work properly. Longer term this needs a better fix tho. From
          Vijay Khemka.
      
       3) Small fixes to selftests (use ping when ping6 is not present, etc.)
          from David Ahern.
      
       4) Bring back rt_uses_gateway member of struct rtable, it's semantics
          were not well understood and trying to remove it broke things. From
          David Ahern.
      
       5) Move usbnet snaity checking, ignore endpoints with invalid
          wMaxPacketSize. From Bjørn Mork.
      
       6) Missing Kconfig deps for sja1105 driver, from Mao Wenan.
      
       7) Various small fixes to the mlx5 DR steering code, from Alaa Hleihel,
          Alex Vesker, and Yevgeny Kliteynik
      
       8) Missing CAP_NET_RAW checks in various places, from Ori Nimron.
      
       9) Fix crash when removing sch_cbs entry while offloading is enabled,
          from Vinicius Costa Gomes.
      
      10) Signedness bug fixes, generally in looking at the result given by
          of_get_phy_mode() and friends. From Dan Crapenter.
      
      11) Disable preemption around BPF_PROG_RUN() calls, from Eric Dumazet.
      
      12) Don't create VRF ipv6 rules if ipv6 is disabled, from David Ahern.
      
      13) Fix quantization code in tcp_bbr, from Kevin Yang.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (127 commits)
        net: tap: clean up an indentation issue
        nfp: abm: fix memory leak in nfp_abm_u32_knode_replace
        tcp: better handle TCP_USER_TIMEOUT in SYN_SENT state
        sk_buff: drop all skb extensions on free and skb scrubbing
        tcp_bbr: fix quantization code to not raise cwnd if not probing bandwidth
        mlxsw: spectrum_flower: Fail in case user specifies multiple mirror actions
        Documentation: Clarify trap's description
        mlxsw: spectrum: Clear VLAN filters during port initialization
        net: ena: clean up indentation issue
        NFC: st95hf: clean up indentation issue
        net: phy: micrel: add Asym Pause workaround for KSZ9021
        net: socionext: ave: Avoid using netdev_err() before calling register_netdev()
        ptp: correctly disable flags on old ioctls
        lib: dimlib: fix help text typos
        net: dsa: microchip: Always set regmap stride to 1
        nfp: flower: fix memory leak in nfp_flower_spawn_vnic_reprs
        nfp: flower: prevent memory leak in nfp_flower_spawn_phy_reprs
        net/sched: Set default of CONFIG_NET_TC_SKB_EXT to N
        vrf: Do not attempt to create IPv6 mcast rule if IPv6 is disabled
        net: sched: sch_sfb: don't call qdisc_put() while holding tree lock
        ...
      02dc96ef
  7. 28 Sep, 2019 11 commits
    • Linus Torvalds's avatar
      Merge branch 'hugepage-fallbacks' (hugepatch patches from David Rientjes) · edf445ad
      Linus Torvalds authored
      Merge hugepage allocation updates from David Rientjes:
       "We (mostly Linus, Andrea, and myself) have been discussing offlist how
        to implement a sane default allocation strategy for hugepages on NUMA
        platforms.
      
        With these reverts in place, the page allocator will happily allocate
        a remote hugepage immediately rather than try to make a local hugepage
        available. This incurs a substantial performance degradation when
        memory compaction would have otherwise made a local hugepage
        available.
      
        This series reverts those reverts and attempts to propose a more sane
        default allocation strategy specifically for hugepages. Andrea
        acknowledges this is likely to fix the swap storms that he originally
        reported that resulted in the patches that removed __GFP_THISNODE from
        hugepage allocations.
      
        The immediate goal is to return 5.3 to the behavior the kernel has
        implemented over the past several years so that remote hugepages are
        not immediately allocated when local hugepages could have been made
        available because the increased access latency is untenable.
      
        The next goal is to introduce a sane default allocation strategy for
        hugepages allocations in general regardless of the configuration of
        the system so that we prevent thrashing of local memory when
        compaction is unlikely to succeed and can prefer remote hugepages over
        remote native pages when the local node is low on memory."
      
      Note on timing: this reverts the hugepage VM behavior changes that got
      introduced fairly late in the 5.3 cycle, and that fixed a huge
      performance regression for certain loads that had been around since
      4.18.
      
      Andrea had this note:
      
       "The regression of 4.18 was that it was taking hours to start a VM
        where 3.10 was only taking a few seconds, I reported all the details
        on lkml when it was finally tracked down in August 2018.
      
           https://lore.kernel.org/linux-mm/20180820032640.9896-2-aarcange@redhat.com/
      
        __GFP_THISNODE in MADV_HUGEPAGE made the above enterprise vfio
        workload degrade like in the "current upstream" above. And it still
        would have been that bad as above until 5.3-rc5"
      
      where the bad behavior ends up happening as you fill up a local node,
      and without that change, you'd get into the nasty swap storm behavior
      due to compaction working overtime to make room for more memory on the
      nodes.
      
      As a result 5.3 got the two performance fix reverts in rc5.
      
      However, David Rientjes then noted that those performance fixes in turn
      regressed performance for other loads - although not quite to the same
      degree.  He suggested reverting the reverts and instead replacing them
      with two small changes to how hugepage allocations are done (patch
      descriptions rephrased by me):
      
       - "avoid expensive reclaim when compaction may not succeed": just admit
         that the allocation failed when you're trying to allocate a huge-page
         and compaction wasn't successful.
      
       - "allow hugepage fallback to remote nodes when madvised": when that
         node-local huge-page allocation failed, retry without forcing the
         local node.
      
      but by then I judged it too late to replace the fixes for a 5.3 release.
      So 5.3 was released with behavior that harked back to the pre-4.18 logic.
      
      But now we're in the merge window for 5.4, and we can see if this
      alternate model fixes not just the horrendous swap storm behavior, but
      also restores the performance regression that the late reverts caused.
      
      Fingers crossed.
      
      * emailed patches from David Rientjes <rientjes@google.com>:
        mm, page_alloc: allow hugepage fallback to remote nodes when madvised
        mm, page_alloc: avoid expensive reclaim when compaction may not succeed
        Revert "Revert "Revert "mm, thp: consolidate THP gfp handling into alloc_hugepage_direct_gfpmask""
        Revert "Revert "mm, thp: restore node-local hugepage allocations""
      edf445ad
    • David Rientjes's avatar
      mm, page_alloc: allow hugepage fallback to remote nodes when madvised · 76e654cc
      David Rientjes authored
      For systems configured to always try hard to allocate transparent
      hugepages (thp defrag setting of "always") or for memory that has been
      explicitly madvised to MADV_HUGEPAGE, it is often better to fallback to
      remote memory to allocate the hugepage if the local allocation fails
      first.
      
      The point is to allow the initial call to __alloc_pages_node() to attempt
      to defragment local memory to make a hugepage available, if possible,
      rather than immediately fallback to remote memory.  Local hugepages will
      always have a better access latency than remote (huge)pages, so an attempt
      to make a hugepage available locally is always preferred.
      
      If memory compaction cannot be successful locally, however, it is likely
      better to fallback to remote memory.  This could take on two forms: either
      allow immediate fallback to remote memory or do per-zone watermark checks.
      It would be possible to fallback only when per-zone watermarks fail for
      order-0 memory, since that would require local reclaim for all subsequent
      faults so remote huge allocation is likely better than thrashing the local
      zone for large workloads.
      
      In this case, it is assumed that because the system is configured to try
      hard to allocate hugepages or the vma is advised to explicitly want to try
      hard for hugepages that remote allocation is better when local allocation
      and memory compaction have both failed.
      Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: Mel Gorman <mgorman@suse.de>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Stefan Priebe - Profihost AG <s.priebe@profihost.ag>
      Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      76e654cc
    • David Rientjes's avatar
      mm, page_alloc: avoid expensive reclaim when compaction may not succeed · b39d0ee2
      David Rientjes authored
      Memory compaction has a couple significant drawbacks as the allocation
      order increases, specifically:
      
       - isolate_freepages() is responsible for finding free pages to use as
         migration targets and is implemented as a linear scan of memory
         starting at the end of a zone,
      
       - failing order-0 watermark checks in memory compaction does not account
         for how far below the watermarks the zone actually is: to enable
         migration, there must be *some* free memory available.  Per the above,
         watermarks are not always suffficient if isolate_freepages() cannot
         find the free memory but it could require hundreds of MBs of reclaim to
         even reach this threshold (read: potentially very expensive reclaim with
         no indication compaction can be successful), and
      
       - if compaction at this order has failed recently so that it does not even
         run as a result of deferred compaction, looping through reclaim can often
         be pointless.
      
      For hugepage allocations, these are quite substantial drawbacks because
      these are very high order allocations (order-9 on x86) and falling back to
      doing reclaim can potentially be *very* expensive without any indication
      that compaction would even be successful.
      
      Reclaim itself is unlikely to free entire pageblocks and certainly no
      reliance should be put on it to do so in isolation (recall lumpy reclaim).
      This means we should avoid reclaim and simply fail hugepage allocation if
      compaction is deferred.
      
      It is also not helpful to thrash a zone by doing excessive reclaim if
      compaction may not be able to access that memory.  If order-0 watermarks
      fail and the allocation order is sufficiently large, it is likely better
      to fail the allocation rather than thrashing the zone.
      Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: Mel Gorman <mgorman@suse.de>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Stefan Priebe - Profihost AG <s.priebe@profihost.ag>
      Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b39d0ee2
    • David Rientjes's avatar
      Revert "Revert "Revert "mm, thp: consolidate THP gfp handling into alloc_hugepage_direct_gfpmask"" · 19deb769
      David Rientjes authored
      This reverts commit 92717d42.
      
      Since commit a8282608 ("Revert "mm, thp: restore node-local hugepage
      allocations"") is reverted in this series, it is better to restore the
      previous 5.2 behavior between the thp allocation and the page allocator
      rather than to attempt any consolidation or cleanup for a policy that is
      now reverted.  It's less risky during an rc cycle and subsequent patches
      in this series further modify the same policy that the pre-5.3 behavior
      implements.
      
      Consolidation and cleanup can be done subsequent to a sane default page
      allocation strategy, so this patch reverts a cleanup done on a strategy
      that is now reverted and thus is the least risky option.
      Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: Mel Gorman <mgorman@suse.de>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Stefan Priebe - Profihost AG <s.priebe@profihost.ag>
      Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      19deb769
    • David Rientjes's avatar
      Revert "Revert "mm, thp: restore node-local hugepage allocations"" · ac79f78d
      David Rientjes authored
      This reverts commit a8282608.
      
      The commit references the original intended semantic for MADV_HUGEPAGE
      which has subsequently taken on three unique purposes:
      
       - enables or disables thp for a range of memory depending on the system's
         config (is thp "enabled" set to "always" or "madvise"),
      
       - determines the synchronous compaction behavior for thp allocations at
         fault (is thp "defrag" set to "always", "defer+madvise", or "madvise"),
         and
      
       - reverts a previous MADV_NOHUGEPAGE (there is no madvise mode to only
         clear previous hugepage advice).
      
      These are the three purposes that currently exist in 5.2 and over the
      past several years that userspace has been written around.  Adding a
      NUMA locality preference adds a fourth dimension to an already conflated
      advice mode.
      
      Based on the semantic that MADV_HUGEPAGE has provided over the past
      several years, there exist workloads that use the tunable based on these
      principles: specifically that the allocation should attempt to
      defragment a local node before falling back.  It is agreed that remote
      hugepages typically (but not always) have a better access latency than
      remote native pages, although on Naples this is at parity for
      intersocket.
      
      The revert commit that this patch reverts allows hugepage allocation to
      immediately allocate remotely when local memory is fragmented.  This is
      contrary to the semantic of MADV_HUGEPAGE over the past several years:
      that is, memory compaction should be attempted locally before falling
      back.
      
      The performance degradation of remote hugepages over local hugepages on
      Rome, for example, is 53.5% increased access latency.  For this reason,
      the goal is to revert back to the 5.2 and previous behavior that would
      attempt local defragmentation before falling back.  With the patch that
      is reverted by this patch, we see performance degradations at the tail
      because the allocator happily allocates the remote hugepage rather than
      even attempting to make a local hugepage available.
      
      zone_reclaim_mode is not a solution to this problem since it does not
      only impact hugepage allocations but rather changes the memory
      allocation strategy for *all* page allocations.
      Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: Mel Gorman <mgorman@suse.de>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Stefan Priebe - Profihost AG <s.priebe@profihost.ag>
      Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ac79f78d
    • Linus Torvalds's avatar
      Merge tag 'powerpc-5.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · a2953204
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
       "An assortment of fixes that were either missed by me, or didn't arrive
        quite in time for the first v5.4 pull.
      
         - Most notable is a fix for an issue with tlbie (broadcast TLB
           invalidation) on Power9, when using the Radix MMU. The tlbie can
           race with an mtpid (move to PID register, essentially MMU context
           switch) on another thread of the core, which can cause stores to
           continue to go to a page after it's unmapped.
      
         - A fix in our KVM code to add a missing barrier, the lack of which
           has been observed to cause missed IPIs and subsequently stuck CPUs
           in the host.
      
         - A change to the way we initialise PCR (Processor Compatibility
           Register) to make it forward compatible with future CPUs.
      
         - On some older PowerVM systems our H_BLOCK_REMOVE support could
           oops, fix it to detect such systems and fallback to the old
           invalidation method.
      
         - A fix for an oops seen on some machines when using KASAN on 32-bit.
      
         - A handful of other minor fixes, and two new selftests.
      
        Thanks to: Alistair Popple, Aneesh Kumar K.V, Christophe Leroy,
        Gustavo Romero, Joel Stanley, Jordan Niethe, Laurent Dufour, Michael
        Roth, Oliver O'Halloran"
      
      * tag 'powerpc-5.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/eeh: Fix eeh eeh_debugfs_break_device() with SRIOV devices
        powerpc/nvdimm: use H_SCM_QUERY hcall on H_OVERLAP error
        powerpc/nvdimm: Use HCALL error as the return value
        selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
        powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9
        powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag
        powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions
        powerpc/pseries: Call H_BLOCK_REMOVE when supported
        powerpc/pseries: Read TLB Block Invalidate Characteristics
        KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag
        powerpc/mm: Fix an Oops in kasan_mmu_init()
        powerpc/mm: Add a helper to select PAGE_KERNEL_RO or PAGE_READONLY
        powerpc/64s: Set reserved PCR bits
        powerpc: Fix definition of PCR bits to work with old binutils
        powerpc/book3s64/radix: Remove WARN_ON in destroy_context()
        powerpc/tm: Add tm-poison test
      a2953204
    • Linus Torvalds's avatar
      Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · f19e00ee
      Linus Torvalds authored
      Pull x86 fix from Ingo Molnar:
       "A kexec fix for the case when GCC_PLUGIN_STACKLEAK=y is enabled"
      
      * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/purgatory: Disable the stackleak GCC plugin for the purgatory
      f19e00ee
    • Linus Torvalds's avatar
      Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 9c5efe9a
      Linus Torvalds authored
      Pull scheduler fixes from Ingo Molnar:
      
       - Apply a number of membarrier related fixes and cleanups, which fixes
         a use-after-free race in the membarrier code
      
       - Introduce proper RCU protection for tasks on the runqueue - to get
         rid of the subtle task_rcu_dereference() interface that was easy to
         get wrong
      
       - Misc fixes, but also an EAS speedup
      
      * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        sched/fair: Avoid redundant EAS calculation
        sched/core: Remove double update_max_interval() call on CPU startup
        sched/core: Fix preempt_schedule() interrupt return comment
        sched/fair: Fix -Wunused-but-set-variable warnings
        sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr()
        sched/membarrier: Return -ENOMEM to userspace on memory allocation failure
        sched/membarrier: Skip IPIs when mm->mm_users == 1
        selftests, sched/membarrier: Add multi-threaded test
        sched/membarrier: Fix p->mm->membarrier_state racy load
        sched/membarrier: Call sync_core only before usermode for same mm
        sched/membarrier: Remove redundant check
        sched/membarrier: Fix private expedited registration check
        tasks, sched/core: RCUify the assignment of rq->curr
        tasks, sched/core: With a grace period after finish_task_switch(), remove unnecessary code
        tasks, sched/core: Ensure tasks are available for a grace period after leaving the runqueue
        tasks: Add a count of task RCU users
        sched/core: Convert vcpu_is_preempted() from macro to an inline function
        sched/fair: Remove unused cfs_rq_clock_task() function
      9c5efe9a
    • Linus Torvalds's avatar
      Merge branch 'next-lockdown' of... · aefcf2f4
      Linus Torvalds authored
      Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
      
      Pull kernel lockdown mode from James Morris:
       "This is the latest iteration of the kernel lockdown patchset, from
        Matthew Garrett, David Howells and others.
      
        From the original description:
      
          This patchset introduces an optional kernel lockdown feature,
          intended to strengthen the boundary between UID 0 and the kernel.
          When enabled, various pieces of kernel functionality are restricted.
          Applications that rely on low-level access to either hardware or the
          kernel may cease working as a result - therefore this should not be
          enabled without appropriate evaluation beforehand.
      
          The majority of mainstream distributions have been carrying variants
          of this patchset for many years now, so there's value in providing a
          doesn't meet every distribution requirement, but gets us much closer
          to not requiring external patches.
      
        There are two major changes since this was last proposed for mainline:
      
         - Separating lockdown from EFI secure boot. Background discussion is
           covered here: https://lwn.net/Articles/751061/
      
         -  Implementation as an LSM, with a default stackable lockdown LSM
            module. This allows the lockdown feature to be policy-driven,
            rather than encoding an implicit policy within the mechanism.
      
        The new locked_down LSM hook is provided to allow LSMs to make a
        policy decision around whether kernel functionality that would allow
        tampering with or examining the runtime state of the kernel should be
        permitted.
      
        The included lockdown LSM provides an implementation with a simple
        policy intended for general purpose use. This policy provides a coarse
        level of granularity, controllable via the kernel command line:
      
          lockdown={integrity|confidentiality}
      
        Enable the kernel lockdown feature. If set to integrity, kernel features
        that allow userland to modify the running kernel are disabled. If set to
        confidentiality, kernel features that allow userland to extract
        confidential information from the kernel are also disabled.
      
        This may also be controlled via /sys/kernel/security/lockdown and
        overriden by kernel configuration.
      
        New or existing LSMs may implement finer-grained controls of the
        lockdown features. Refer to the lockdown_reason documentation in
        include/linux/security.h for details.
      
        The lockdown feature has had signficant design feedback and review
        across many subsystems. This code has been in linux-next for some
        weeks, with a few fixes applied along the way.
      
        Stephen Rothwell noted that commit 9d1f8be5 ("bpf: Restrict bpf
        when kernel lockdown is in confidentiality mode") is missing a
        Signed-off-by from its author. Matthew responded that he is providing
        this under category (c) of the DCO"
      
      * 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (31 commits)
        kexec: Fix file verification on S390
        security: constify some arrays in lockdown LSM
        lockdown: Print current->comm in restriction messages
        efi: Restrict efivar_ssdt_load when the kernel is locked down
        tracefs: Restrict tracefs when the kernel is locked down
        debugfs: Restrict debugfs when the kernel is locked down
        kexec: Allow kexec_file() with appropriate IMA policy when locked down
        lockdown: Lock down perf when in confidentiality mode
        bpf: Restrict bpf when kernel lockdown is in confidentiality mode
        lockdown: Lock down tracing and perf kprobes when in confidentiality mode
        lockdown: Lock down /proc/kcore
        x86/mmiotrace: Lock down the testmmiotrace module
        lockdown: Lock down module params that specify hardware parameters (eg. ioport)
        lockdown: Lock down TIOCSSERIAL
        lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
        acpi: Disable ACPI table override if the kernel is locked down
        acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
        ACPI: Limit access to custom_method when the kernel is locked down
        x86/msr: Restrict MSR access when the kernel is locked down
        x86: Lock down IO port access when the kernel is locked down
        ...
      aefcf2f4
    • Linus Torvalds's avatar
      Merge branch 'next-integrity' of... · f1f2f614
      Linus Torvalds authored
      Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
      
      Pull integrity updates from Mimi Zohar:
       "The major feature in this time is IMA support for measuring and
        appraising appended file signatures. In addition are a couple of bug
        fixes and code cleanup to use struct_size().
      
        In addition to the PE/COFF and IMA xattr signatures, the kexec kernel
        image may be signed with an appended signature, using the same
        scripts/sign-file tool that is used to sign kernel modules.
      
        Similarly, the initramfs may contain an appended signature.
      
        This contained a lot of refactoring of the existing appended signature
        verification code, so that IMA could retain the existing framework of
        calculating the file hash once, storing it in the IMA measurement list
        and extending the TPM, verifying the file's integrity based on a file
        hash or signature (eg. xattrs), and adding an audit record containing
        the file hash, all based on policy. (The IMA support for appended
        signatures patch set was posted and reviewed 11 times.)
      
        The support for appended signature paves the way for adding other
        signature verification methods, such as fs-verity, based on a single
        system-wide policy. The file hash used for verifying the signature and
        the signature, itself, can be included in the IMA measurement list"
      
      * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
        ima: ima_api: Use struct_size() in kzalloc()
        ima: use struct_size() in kzalloc()
        sefltest/ima: support appended signatures (modsig)
        ima: Fix use after free in ima_read_modsig()
        MODSIGN: make new include file self contained
        ima: fix freeing ongoing ahash_request
        ima: always return negative code for error
        ima: Store the measurement again when appraising a modsig
        ima: Define ima-modsig template
        ima: Collect modsig
        ima: Implement support for module-style appended signatures
        ima: Factor xattr_verify() out of ima_appraise_measurement()
        ima: Add modsig appraise_type option for module-style appended signatures
        integrity: Select CONFIG_KEYS instead of depending on it
        PKCS#7: Introduce pkcs7_get_digest()
        PKCS#7: Refactor verify_pkcs7_signature()
        MODSIGN: Export module signature definitions
        ima: initialize the "template" field with the default template
      f1f2f614
    • Linus Torvalds's avatar
      Merge tag 'nfsd-5.4' of git://linux-nfs.org/~bfields/linux · 298fb76a
      Linus Torvalds authored
      Pull nfsd updates from Bruce Fields:
       "Highlights:
      
         - Add a new knfsd file cache, so that we don't have to open and close
           on each (NFSv2/v3) READ or WRITE. This can speed up read and write
           in some cases. It also replaces our readahead cache.
      
         - Prevent silent data loss on write errors, by treating write errors
           like server reboots for the purposes of write caching, thus forcing
           clients to resend their writes.
      
         - Tweak the code that allocates sessions to be more forgiving, so
           that NFSv4.1 mounts are less likely to hang when a server already
           has a lot of clients.
      
         - Eliminate an arbitrary limit on NFSv4 ACL sizes; they should now be
           limited only by the backend filesystem and the maximum RPC size.
      
         - Allow the server to enforce use of the correct kerberos credentials
           when a client reclaims state after a reboot.
      
        And some miscellaneous smaller bugfixes and cleanup"
      
      * tag 'nfsd-5.4' of git://linux-nfs.org/~bfields/linux: (34 commits)
        sunrpc: clean up indentation issue
        nfsd: fix nfs read eof detection
        nfsd: Make nfsd_reset_boot_verifier_locked static
        nfsd: degraded slot-count more gracefully as allocation nears exhaustion.
        nfsd: handle drc over-allocation gracefully.
        nfsd: add support for upcall version 2
        nfsd: add a "GetVersion" upcall for nfsdcld
        nfsd: Reset the boot verifier on all write I/O errors
        nfsd: Don't garbage collect files that might contain write errors
        nfsd: Support the server resetting the boot verifier
        nfsd: nfsd_file cache entries should be per net namespace
        nfsd: eliminate an unnecessary acl size limit
        Deprecate nfsd fault injection
        nfsd: remove duplicated include from filecache.c
        nfsd: Fix the documentation for svcxdr_tmpalloc()
        nfsd: Fix up some unused variable warnings
        nfsd: close cached files prior to a REMOVE or RENAME that would replace target
        nfsd: rip out the raparms cache
        nfsd: have nfsd_test_lock use the nfsd_file cache
        nfsd: hook up nfs4_preprocess_stateid_op to the nfsd_file cache
        ...
      298fb76a
  8. 27 Sep, 2019 1 commit
    • Linus Torvalds's avatar
      Merge tag 'virtio-fs-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse · 8f744bde
      Linus Torvalds authored
      Pull fuse virtio-fs support from Miklos Szeredi:
       "Virtio-fs allows exporting directory trees on the host and mounting
        them in guest(s).
      
        This isn't actually a new filesystem, but a glue layer between the
        fuse filesystem and a virtio based back-end.
      
        It's similar in functionality to the existing virtio-9p solution, but
        significantly faster in benchmarks and has better POSIX compliance.
        Further permformance improvements can be achieved by sharing the page
        cache between host and guest, allowing for faster I/O and reduced
        memory use.
      
        Kata Containers have been including the out-of-tree virtio-fs (with
        the shared page cache patches as well) since version 1.7 as an
        experimental feature. They have been active in development and plan to
        switch from virtio-9p to virtio-fs as their default solution. There
        has been interest from other sources as well.
      
        The userspace infrastructure is slated to be merged into qemu once the
        kernel part hits mainline.
      
        This was developed by Vivek Goyal, Dave Gilbert and Stefan Hajnoczi"
      
      * tag 'virtio-fs-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
        virtio-fs: add virtiofs filesystem
        virtio-fs: add Documentation/filesystems/virtiofs.rst
        fuse: reserve values for mapping protocol
      8f744bde