- 17 Dec, 2016 11 commits
-
-
Tom Herbert authored
inet_csk_get_port is called with port number (snum argument) that may be zero or nonzero. If it is zero, then the intent is to find an available ephemeral port number to bind to. If snum is non-zero then the caller is asking to allocate a specific port number. In the latter case we never want to perform the scan in ephemeral port range. It is conceivable that this can happen if the "goto again" in "tb_found:" is done. This patch adds a check that snum is zero before doing the "goto again". Signed-off-by:
Tom Herbert <tom@herbertland.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Daniel Borkmann authored
Running ./test_verifier as unprivileged lets 1 out of 98 tests fail: [...] #71 unpriv: check that printk is disallowed FAIL Unexpected error message! 0: (7a) *(u64 *)(r10 -8) = 0 1: (bf) r1 = r10 2: (07) r1 += -8 3: (b7) r2 = 8 4: (bf) r3 = r1 5: (85) call bpf_trace_printk#6 unknown func bpf_trace_printk#6 [...] The test case is correct, just that the error outcome changed with ebb676da ("bpf: Print function name in addition to function id"). Same as with e00c7b21 ("bpf: fix multiple issues in selftest suite and samples") issue 2), so just fix up the function name. Fixes: ebb676da ("bpf: Print function name in addition to function id") Signed-off-by:
Daniel Borkmann <daniel@iogearbox.net> Acked-by:
Alexei Starovoitov <ast@kernel.org> Signed-off-by:
-
Daniel Borkmann authored
Commit 57a09bf0 ("bpf: Detect identical PTR_TO_MAP_VALUE_OR_NULL registers") introduced a regression where existing programs stopped loading due to reaching the verifier's maximum complexity limit, whereas prior to this commit they were loading just fine; the affected program has roughly 2k instructions. What was found is that state pruning couldn't be performed effectively anymore due to mismatches of the verifier's register state, in particular in the id tracking. It doesn't mean that 57a09bf0 is incorrect per se, but rather that verifier needs to perform a lot more work for the same program with regards to involved map lookups. Since commit 57a09bf0 is only about tracking registers with type PTR_TO_MAP_VALUE_OR_NULL, the id is only needed to follow registers until they are promoted through pattern matching with a NULL check to either PTR_TO_MAP_VALUE or UNKNOWN_VALUE type. After that point, the id becomes irrelevant for the transitioned types. For UNKNOWN_VALUE, id is already reset to 0 via mark_reg_unknown_value(), but not so for PTR_TO_MAP_VALUE where id is becoming stale. It's even transferred further into other types that don't make use of it. Among others, one example is where UNKNOWN_VALUE is set on function call return with RET_INTEGER return type. states_equal() will then fall through the memcmp() on register state; note that the second memcmp() uses offsetofend(), so the id is part of that since d2a4dd37 ("bpf: fix state equivalence"). But the bisect pointed already to 57a09bf0, where we really reach beyond complexity limit. What I found was that states_equal() often failed in this case due to id mismatches in spilled regs with registers in type PTR_TO_MAP_VALUE. Unlike non-spilled regs, spilled regs just perform a memcmp() on their reg state and don't have any other optimizations in place, therefore also id was relevant in this case for making a pruning decision. We can safely reset id to 0 as well when converting to PTR_TO_MAP_VALUE. For the affected program, it resulted in a ~17 fold reduction of complexity and let the program load fine again. Selftest suite also runs fine. The only other place where env->id_gen is used currently is through direct packet access, but for these cases id is long living, thus a different scenario. Also, the current logic in mark_map_regs() is not fully correct when marking NULL branch with UNKNOWN_VALUE. We need to cache the destination reg's id in any case. Otherwise, once we marked that reg as UNKNOWN_VALUE, it's id is reset and any subsequent registers that hold the original id and are of type PTR_TO_MAP_VALUE_OR_NULL won't be marked UNKNOWN_VALUE anymore, since mark_map_reg() reuses the uncached regs[regno].id that was just overridden. Note, we don't need to cache it outside of mark_map_regs(), since it's called once on this_branch and the other time on other_branch, which are both two independent verifier states. A test case for this is added here, too. Fixes: 57a09bf0 ("bpf: Detect identical PTR_TO_MAP_VALUE_OR_NULL registers") Signed-off-by:
Thomas Graf <tgraf@suug.ch> Acked-by:
-
David Ahern authored
Locally originated traffic in a VRF fails in the presence of a POSTROUTING rule. For example, $ iptables -t nat -A POSTROUTING -s 11.1.1.0/24 -j MASQUERADE $ ping -I red -c1 11.1.1.3 ping: Warning: source address might be selected on device other than red. PING 11.1.1.3 (11.1.1.3) from 11.1.1.2 red: 56(84) bytes of data. ping: sendmsg: Operation not permitted Worse, the above causes random corruption resulting in a panic in random places (I have not seen a consistent backtrace). Call nf_reset to drop the conntrack info following the pass through the VRF device. The nf_reset is needed on Tx but not Rx because of the order in which NF_HOOK's are hit: on Rx the VRF device is after the real ingress device and on Tx it is is before the real egress device. Connection tracking should be tied to the real egress device and not the VRF device. Fixes: 8f58336d ("net: Add ethernet header for pass through VRF device") Fixes: 35402e31 ("net: Add IPv6 support to VRF device") Signed-off-by:David Ahern <dsa@cumulusnetworks.com> Signed-off-by:
-
David Ahern authored
Connection tracking with VRF is broken because the pass through the VRF device drops the connection tracking info. Removing the call to nf_reset allows DNAT and MASQUERADE to work across interfaces within a VRF. Fixes: 73e20b76 ("net: vrf: Add support for PREROUTING rules on vrf device") Signed-off-by:
-
David S. Miller authored
Paul Blakey says: ==================== net/sched: cls_flower: Fix mask handling The series fix how the mask is being handled. ==================== Signed-off-by: -
Paul Blakey authored
Zero bits on the mask signify a "don't care" on the corresponding bits in key. Some HWs require those bits on the key to be zero. Since these bits are masked anyway, it's okay to provide the masked key to all drivers. Fixes: 5b33f488 ('net/flower: Introduce hardware offload support') Signed-off-by:
Paul Blakey <paulb@mellanox.com> Reviewed-by:
Roi Dayan <roid@mellanox.com> Acked-by:
Jiri Pirko <jiri@mellanox.com> Signed-off-by:
-
Paul Blakey authored
When addr_type is set, mask should also be set. Fixes: 66530bdf ('sched,cls_flower: set key address type when present') Fixes: bc3103f1 ('net/sched: cls_flower: Classify packet in ip tunnels') Signed-off-by:
-
Bartosz Folta authored
There are hardware PCI implementations of Cadence GEM network controller. This patch will allow to use such hardware with reuse of existing Platform Driver. Signed-off-by:
Bartosz Folta <bfolta@cadence.com> Signed-off-by:
-
Thomas Falcon authored
Include calculations to compute the number of segments that comprise an aggregated large packet. Signed-off-by:
Thomas Falcon <tlfalcon@linux.vnet.ibm.com> Reviewed-by:
Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Reviewed-by:
Jonathan Maxwell <jmaxwell37@gmail.com> Signed-off-by:
-
Timur Tabi authored
On ACPI systems, clocks are not available to drivers directly. They are handled exclusively by ACPI and/or firmware, so there is no clock driver. Calls to clk_get() always fail, so we should not even attempt to claim any clocks on ACPI systems. Signed-off-by:
Timur Tabi <timur@codeaurora.org> Reviewed-by:
Florian Fainelli <f.fainelli@gmail.com> Signed-off-by:
-
- 16 Dec, 2016 7 commits
-
-
Jeroen De Wachter authored
Signed-off-by:
Jeroen De Wachter <jeroen.de_wachter.ext@nokia.com> Signed-off-by:
-
Jeroen De Wachter authored
Before, encx24j600_rx_packets did not update encx24j600_priv's next_packet member when an error occurred during packet handling (either because the packet's RSV header indicates an error or because the encx24j600_receive_packet method can't allocate an sk_buff). If the next_packet member is not updated, the ERXTAIL register will be set to the same value it had before, which means the bad packet remains in the component's memory and its RSV header will be read again when a new packet arrives. If the RSV header indicates a bad packet or if sk_buff allocation continues to fail, new packets will be stored in the component's memory until that memory is full, after which packets will be dropped. The SETPKTDEC command is always executed though, so the encx24j600 hardware has an incorrect count of the packets in its memory. To prevent this, the next_packet member should always be updated, allowing the packet to be skipped (either because it's bad, as indicated in its RSV header, or because allocating an sk_buff failed). In the allocation failure case, this does mean dropping a valid packet, but dropping the oldest packet to keep as much memory as possible available for new packets seems preferable to keeping old (but valid) packets around while dropping new ones. Signed-off-by:
-
David S. Miller authored
Dongpo Li says: ==================== net: ethernet: hisilicon: set dev->dev.parent before PHY connect This patch series builds atop: ec988ad7 ("phy: Don't increment MDIO bus refcount unless it's a different owner") I have checked all the hisilicon ethernet driver and found only two drivers need to be fixed to make sure set dev->dev.parent before PHY connect. ==================== Signed-off-by:
-
Dongpo Li authored
The hip04 driver calls into PHYLIB which now checks for net_device->dev.parent, so make sure we do set it before calling into any MDIO/PHYLIB related function. Fixes: ec988ad7 ("phy: Don't increment MDIO bus refcount unless it's a different owner") Signed-off-by:
Dongpo Li <lidongpo@hisilicon.com> Reviewed-by:
-
Dongpo Li authored
The hisi_femac driver calls into PHYLIB which now checks for net_device->dev.parent, so make sure we do set it before calling into any MDIO/PHYLIB related function. Fixes: ec988ad7 ("phy: Don't increment MDIO bus refcount unless it's a different owner") Signed-off-by:
-
Andrew Lunn authored
A port is not necessarily assigned to a netdev. And a port does not need to be a member of a bridge. So when iterating over all ports, check before using the netdev and bridge_dev for a port. Otherwise we dereference a NULL pointer. Fixes: da9c359e ("net: dsa: mv88e6xxx: check hardware VLAN in use") Signed-off-by:
Andrew Lunn <andrew@lunn.ch> Reviewed-by:
Vivien Didelot <vivien.didelot@savoirfairelinux.com> Signed-off-by:
-
Thomas Gleixner authored
The timer handling in this driver is broken in several ways: - corkscrew_open() initializes and arms a timer before requesting the device interrupt. If the request fails the timer stays armed. A second call to corkscrew_open will unconditionally reinitialize the quued timer and arm it again. Also a immediate device removal will leave the timer queued because close() is not called (open() failed) and therefore nothing issues del_timer(). The reinitialization corrupts the link chain in the timer wheel hash bucket and causes a NULL pointer dereference when the timer wheel tries to operate on that hash bucket. Immediate device removal lets the link chain poke into freed and possibly reused memory. Solution: Arm the timer after the successful irq request. - corkscrew_close() uses del_timer() On close the timer is disarmed with del_timer() which lets the following code race against a concurrent timer expiry function. Solution: Use del_timer_sync() instead - corkscrew_close() calls del_timer() unconditionally del_timer() is invoked even if the timer was never initialized. This works by chance because the struct containing the timer is zeroed at allocation time. Solution: Move the setup of the timer into corkscrew_setup(). Reported-by:
Matthew Whitehead <tedheadster@gmail.com> Signed-off-by:
Thomas Gleixner <tglx@linutronix.de> Cc: Andy Lutomirski <luto@kernel.org> Cc: netdev@vger.kernel.org Signed-off-by:
-
- 13 Dec, 2016 2 commits
-
-
Alexey Dobriyan authored
Commit 4f7df337 "netlink: 2-clause nla_ok()" is BROKEN. First clause tests if "->nla_len" could even be accessed at all, it can not possibly be omitted. Signed-off-by:
Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
-
Jason Wang authored
Commit 44900010 ("virtio-net: enable multiqueue by default") blindly set the affinity instead of queues during probe which can cause a mismatch of #queues between guest and host. This patch fixes it by setting queues. Reported-by:
Theodore Ts'o <tytso@mit.edu> Tested-by:
Jason Wang <jasowang@redhat.com> Acked-by:
Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
-
- 12 Dec, 2016 20 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/jesper/crisLinus Torvalds authored
Pull CRIS updates from Jesper Nilsson: "Three patches for minor issues" * tag 'cris-for-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/jesper/cris: cris: No need to append -O2 and $(LINUXINCLUDE) tty: serial: make crisv10 explicitly non-modular cris: Only build flash rescue image if CONFIG_ETRAX_AXISFLASHMAP is selected
-
git://github.com/openrisc/linuxLinus Torvalds authored
Pull Openrisc updates from Stafford Horne: - changes to MAINTAINER for openrisc - probably biggest actual change is the move to memblock from bootmem - ... plus several bug and build fixes * tag 'openrisc-for-linus' of git://github.com/openrisc/linux: openrisc: prevent VGA console, fix builds openrisc: include l.swa in check for write data pagefault openrisc: Updates after openrisc.net has been lost openrisc: Consolidate setup to use memblock instead of bootmem openrisc: remove the redundant of_platform_populate openrisc: add NR_CPUS Kconfig default value openrisc: Support both old (or32) and new (or1k) toolchain openrisc: Add thread-local storage (TLS) support openrisc: restore all regs on rt_sigreturn openrisc: fix PTRS_PER_PGD define
-
git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68kLinus Torvalds authored
Pull m68k updates from Geert Uytterhoeven: "Use seq_puts() for fixed strings" * tag 'm68k-for-v4.10-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k: m68k/atari: Use seq_puts() in atari_get_hardware_list() m68k/amiga: Use seq_puts() in amiga_get_hardware_list()
-
git://git.kernel.org/pub/scm/linux/kernel/git/egtvedt/linux-avr32Linus Torvalds authored
Pull AVR32 updates from Hans-Christian Noren Egtvedt. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/egtvedt/linux-avr32: avr32: wire up pkey syscalls AVR32-pio: Replace two seq_printf() calls by seq_puts() in pio_bank_show() AVR32-pio: Use seq_putc() in pio_bank_show() AVR32-clock: Combine nine seq_printf() calls into one call in clk_show() AVR32-clock: Use seq_putc() in two functions
-
git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommuLinus Torvalds authored
Pull m68knommu updates from Greg Ungerer: "There are two sets of changes in this pull. The largest is the addition of the ColdFire platform side i2c support (the IO addressing, setup and clock definitions). The i2c hardware module itself is driven by the kernels existing iMX i2c driver. The other change is the addition of support for the Amcore board" * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu: m68knommu: AMCORE board, add iMX i2c support m68k: add Sysam AMCORE open board support m68knommu: platform support for i2c devices on ColdFire SoC
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparcLinus Torvalds authored
Pull sparc updates from David Miller: "Just a bunch of small cleanups and fixes here, and support for user probes from Allen Pais" * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sparc: fix a building error reported by kbuild sparc64: fix typo in pgd_clear() sparc64: restore irq in error paths in iommu sparc: leon: Fix a retry loop in leon_init_timers() sparc64: make string buffers large enough sparc64: move dereference after check for NULL sparc: kernel: use builtin_platform_driver sparc64:Support User Probes for sparc
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds authored
Pull networking updates from David Miller: 1) Platform regulatory domain support for ath10k, from Bartosz Markowski. 2) Centralize min/max MTU checking, thus removing tons of duplicated code all of the the various drivers. From Jarod Wilson. 3) Support ingress actions in act_mirred, from Shmulik Ladkani. 4) Improve device adjacency tracking, from David Ahern. 5) Add support for LED triggers on PHY link state changes, from Zach Brown. 6) Improve UDP socket memory accounting, from Paolo Abeni. 7) Set SK_MEM_QUANTUM to a fixed size of 4096, instead of PAGE_SIZE. From Eric Dumazet. 8) Collapse TCP SKBs at retransmit time even if the right side SKB has frags. Also from Eric Dumazet. 9) Add IP_RECVFRAGSIZE and IPV6_RECVFRAGSIZE cmsgs, from Willem de Bruijn. 10) Support routing by UID, from Lorenzo Colitti. 11) Handle L3 domain binding (ie. VRF) for RAW sockets, from David Ahern. 12) tcp_get_info() can run lockless, from Eric Dumazet. 13) 4-tuple UDP hashing in SFC driver, from Edward Cree. 14) Avoid reorders in GRO code, from Eric Dumazet. 15) IPV6 Segment Routing support, from David Lebrun. 16) Support MPLS push and pop for L3 packets in openvswitch, from Jiri Benc. 17) Add LRU datastructure support for BPF, Martin KaFai Lau. 18) VF support in liquidio driver, from Raghu Vatsavayi. 19) Multiqueue support in alx driver, from Tobias Regnery. 20) Networking cgroup BPF support, from Daniel Mack. 21) TCP chronograph measurements, from Francis Yan. 22) XDP support for qed driver, from Yuval Mintz. 23) BPF based lwtunnels, from Thomas Graf. 24) Consistent FIB dumping to offloading drivers, from Ido Schimmel. 25) Many optimizations for UDP under high load, from Eric Dumazet. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1522 commits) netfilter: nft_counter: rework atomic dump and reset e1000: use disable_hardirq() for e1000_netpoll() i40e: don't truncate match_method assignment net: ethernet: ti: netcp: add support of cpts net: phy: phy drivers should not set SUPPORTED_[Asym_]Pause net: l2tp: ppp: change PPPOL2TP_MSG_* => L2TP_MSG_* net: l2tp: deprecate PPPOL2TP_MSG_* in favour of L2TP_MSG_* net: l2tp: export debug flags to UAPI net: ethernet: stmmac: remove private tx queue lock net: ethernet: sxgbe: remove private tx queue lock net: bridge: shorten ageing time on topology change net: bridge: add helper to set topology change net: bridge: add helper to offload ageing time net: nicvf: use new api ethtool_{get|set}_link_ksettings net: ethernet: ti: cpsw: sync rates for channels in dual emac mode net: ethernet: ti: cpsw: re-split res only when speed is changed net: ethernet: ti: cpsw: combine budget and weight split and check net: ethernet: ti: cpsw: don't start queue twice net: ethernet: ti: cpsw: use same macros to get active slave net: mvneta: select GENERIC_ALLOCATOR ... -
Randy Dunlap authored
OpenRISC does not support VGA console, so prevent that kconfig symbol from being enabled for OpenRISC, thus fixing these build errors: drivers/built-in.o: In function `vgacon_save_screen': vgacon.c:(.text+0x20e0): undefined reference to `screen_info' vgacon.c:(.text+0x20e8): undefined reference to `screen_info' drivers/built-in.o: In function `vgacon_init': vgacon.c:(.text+0x284c): undefined reference to `screen_info' vgacon.c:(.text+0x2850): undefined reference to `screen_info' drivers/built-in.o: In function `vgacon_startup': vgacon.c:(.text+0x28d8): undefined reference to `screen_info' drivers/built-in.o:vgacon.c:(.text+0x28f0): more undefined references to `screen_info' follow Signed-off-by:
Randy Dunlap <rdunlap@infradead.org> Reported-by:
kbuild test robot <fengguang.wu@intel.com> Cc: Chen Gang <gang.chen@asianux.com> Cc: Jonas Bonn <jonas@southpole.se> Signed-off-by:
Stafford Horne <shorne@gmail.com>
-
Stefan Kristiansson authored
During page fault handling we check the last instruction to understand if the fault was for a read or for a write. By default we fall back to read. New instructions were added to the openrisc 1.1 spec for an atomic load/store pair (l.lwa/l.swa). This patch adds the opcode for l.swa (0x33) allowing it to be treated as a write operation. Signed-off-by:
Stefan Kristiansson <stefan.kristiansson@saunalahti.fi> [shorne@gmail.com: expanded a bit on the comment] Signed-off-by:
-
Stafford Horne authored
The openrisc.net domain expired and was taken over by squatters. These updates point documentation to the new domain, mailing lists and git repos. Also, Jonas is not the main maintainer anylonger, he reviews changes but does not maintain a repo or sent pull requests. Updating this to add Stafford and Stefan who are the active maintainers. Acked-by:
Olof Kindgren <olof.kindgren@gmail.com> Signed-off-by:
-
Stafford Horne authored
Clearing out one todo item. Use the memblock boot time memory which is the current standard. Tested-by:
Guenter Roeck <linux@roeck-us.net> Acked-by:
Jonas <jonas@southpole.se> Signed-off-by:
-
Rob Herring authored
The of_platform_populate call in the openrisc arch code is now redundant as the DT core provides a default call. Openrisc has a NULL match table which means only top level nodes with compatible strings will have devices creates. The default version will also descend nodes in the match table such as "simple-bus" which should be fine as openrisc doesn't have any of these (though it is preferred that memory-mapped peripherals be grouped under a bus node(s)). Signed-off-by:
Rob Herring <robh@kernel.org> Cc: Jonas Bonn <jonas@southpole.se> Tested-by:
-
Stafford Horne authored
The build system now expects that NR_CPUS is defined. Follow 4cbbbb43 ("microblaze: Fix missing NR_CPUS in menuconfig") Signed-off-by:
-
Guenter Roeck authored
The output file format for or1k has changed from "elf32-or32" to "elf32-or1k". Select the correct output format automatically to be able to compile the kernel with both toolchain variants. Signed-off-by:
-
Christian Svensson authored
Historically OpenRISC GCC has reserved r10 which we now use to hold the thread pointer for thread-local storage (TLS). Signed-off-by:
Christian Svensson <blue@cmd.nu> Signed-off-by:
-
Jonas Bonn authored
Fix signal handling for when signals are handled as the result of timers or exceptions, previous code assumed syscalls. This was noticeable with X crashing where it uses SIGALRM. This patch restores all regs before returning to userspace via _resume_userspace instead of via syscall return path. The rt_sigreturn syscall is more like a context switch than a function call; it entails a return from one context (the signal handler) to another (the process in question). For a context switch like this there are effectively no call-saved regs that remain constant across the transition. Reported-by:
Sebastian Macke <sebastian@macke.de> Signed-off-by:
-
Stefan Kristiansson authored
On OpenRISC, with its 8k pages, PAGE_SHIFT is defined to be 13. That makes the expression (1UL << (PAGE_SHIFT-2)) evaluate to 2048. The correct value for PTRS_PER_PGD should be 256. Correcting the PTRS_PER_PGD define unveiled a bug in map_ram(), where PTRS_PER_PGD was used when the intent was to iterate over a set of page table entries. This patch corrects that issue as well. Signed-off-by:
-
Hans-Christian Noren Egtvedt authored
This patch wires up the new pkey_mprotect, pkey_alloc and pkey_free syscalls on AVR32.
-
Markus Elfring authored
Strings which did not contain data format specifications should be put into a sequence. Thus use the corresponding function "seq_puts". This issue was detected by using the Coccinelle software. Signed-off-by:Markus Elfring <elfring@users.sourceforge.net>
-
Markus Elfring authored
A single character (line break) should be put into a sequence. Thus use the corresponding function "seq_putc". This issue was detected by using the Coccinelle software. Signed-off-by:
-
