Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (22 commits) netlink: bug fix: wrong size was calculated for vfinfo list blob netlink: bug fix: don't overrun skbs on vf_port dump xt_tee: use skb_dst_drop() netdev/fec: fix ifconfig eth0 down hang issue cnic: Fix context memory init. on 5709. drivers/net: Eliminate a NULL pointer dereference drivers/net/hamradio: Eliminate a NULL pointer dereference be2net: Patch removes redundant while statement in loop. ipv6: Add GSO support on forwarding path net: fix __neigh_event_send() vhost: fix the memory leak which will happen when memory_access_ok fails vhost-net: fix to check the return value of copy_to/from_user() correctly vhost: fix to check the return value of copy_to/from_user() correctly vhost: Fix host panic if ioctl called with wrong index net: fix lock_sock_bh/unlock_sock_bh net/iucv: Add missing spin_unlock net: ll_temac: fix checksum offload logic net: ll_temac: fix interrupt bug when interrupt 0 is used sctp: dubious bitfields in sctp_transport ipmr: off by one in __ipmr_fill_mroute() ...

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (22 commits) netlink: bug fix: wrong size was calculated for vfinfo list blob netlink: bug fix: don't overrun skbs on vf_port dump xt_tee: use skb_dst_drop() netdev/fec: fix ifconfig eth0 down hang issue cnic: Fix context memory init. on 5709. drivers/net: Eliminate a NULL pointer dereference drivers/net/hamradio: Eliminate a NULL pointer dereference be2net: Patch removes redundant while statement in loop. ipv6: Add GSO support on forwarding path net: fix __neigh_event_send() vhost: fix the memory leak which will happen when memory_access_ok fails vhost-net: fix to check the return value of copy_to/from_user() correctly vhost: fix to check the return value of copy_to/from_user() correctly vhost: Fix host panic if ioctl called with wrong index net: fix lock_sock_bh/unlock_sock_bh net/iucv: Add missing spin_unlock net: ll_temac: fix checksum offload logic net: ll_temac: fix interrupt bug when interrupt 0 is used sctp: dubious bitfields in sctp_transport ipmr: off by one in __ipmr_fill_mroute() ...
Linus Torvalds
2 parents 8507bb0062 045de01a17
Showing 25 changed files Side-by-side Diff
drivers/net/3c507.c
drivers/net/benet/be_cmds.c
drivers/net/benet/be_main.c
drivers/net/cnic.c
drivers/net/cnic_if.h
drivers/net/fec.c
drivers/net/hamradio/yam.c
drivers/net/ll_temac.h
drivers/net/ll_temac_main.c
drivers/vhost/net.c
drivers/vhost/vhost.c
include/net/cls_cgroup.h
include/net/sctp/structs.h
include/net/sock.h
net/core/datagram.c
net/core/neighbour.c
net/core/rtnetlink.c
net/core/sock.c
net/ipv4/ipmr.c
net/ipv4/udp.c
@@ -551,8 +551,7 @@
 	void __iomem *shmem;
  
 	if (dev == NULL) {
-		pr_err("%s: net_interrupt(): irq %d for unknown device.\n",
-			dev->name, irq);
+		pr_err("net_interrupt(): irq %d for unknown device.\n", irq);
 		return IRQ_NONE;
 	}
  
@@ -294,7 +294,7 @@
 		} else {
 			return 0;
 		}
-	} while (timeout < 20);
+	} while (timeout < 40);
  
 	dev_err(&adapter->pdev->dev, "POST timeout; stage=0x%x\n", stage);
 	return -1;
@@ -1861,7 +1861,7 @@
 				goto if_destroy;
 			}
 			vf++;
-		} while (vf < num_vfs);
+		}
 	} else if (!be_physfn(adapter)) {
 		status = be_cmd_mac_addr_query(adapter, mac,
 			MAC_ADDRESS_TYPE_NETWORK, false, adapter->if_handle);
@@ -3367,13 +3367,9 @@
  
 static void cnic_init_context(struct cnic_dev *dev, u32 cid)
 {
-	struct cnic_local *cp = dev->cnic_priv;
 	u32 cid_addr;
 	int i;
  
-	if (CHIP_NUM(cp) == CHIP_NUM_5709)
-		return;
-
 	cid_addr = GET_CID_ADDR(cid);
  
 	for (i = 0; i < CTX_SIZE; i += 4)
  
@@ -3530,14 +3526,11 @@
  
 	sb_id = cp->status_blk_num;
 	tx_cid = 20;
-	cnic_init_context(dev, tx_cid);
-	cnic_init_context(dev, tx_cid + 1);
 	cp->tx_cons_ptr = &s_blk->status_tx_quick_consumer_index2;
 	if (ethdev->drv_state & CNIC_DRV_STATE_USING_MSIX) {
 		struct status_block_msix *sblk = cp->status_blk.bnx2;
  
 		tx_cid = TX_TSS_CID + sb_id - 1;
-		cnic_init_context(dev, tx_cid);
 		CNIC_WR(dev, BNX2_TSCH_TSS_CFG, (sb_id << 24) |
 			(TX_TSS_CID << 7));
 		cp->tx_cons_ptr = &sblk->status_tx_quick_consumer_index;
@@ -3556,6 +3549,9 @@
 		offset2 = BNX2_L2CTX_TBDR_BHADDR_HI_XI;
 		offset3 = BNX2_L2CTX_TBDR_BHADDR_LO_XI;
 	} else {
+		cnic_init_context(dev, tx_cid);
+		cnic_init_context(dev, tx_cid + 1);
+
 		offset0 = BNX2_L2CTX_TYPE;
 		offset1 = BNX2_L2CTX_CMD_TYPE;
 		offset2 = BNX2_L2CTX_TBDR_BHADDR_HI;
@@ -12,8 +12,8 @@
 #ifndef CNIC_IF_H
 #define CNIC_IF_H
  
-#define CNIC_MODULE_VERSION	"2.1.1"
-#define CNIC_MODULE_RELDATE	"Feb 22, 2010"
+#define CNIC_MODULE_VERSION	"2.1.2"
+#define CNIC_MODULE_RELDATE	"May 26, 2010"
  
 #define CNIC_ULP_RDMA		0
 #define CNIC_ULP_ISCSI		1
@@ -681,6 +681,8 @@
 	struct phy_device *phy_dev = NULL;
 	int phy_addr;
  
+	fep->phy_dev = NULL;
+
 	/* find the first phy */
 	for (phy_addr = 0; phy_addr < PHY_MAX_ADDR; phy_addr++) {
 		if (fep->mii_bus->phy_map[phy_addr]) {
@@ -711,6 +713,11 @@
 	fep->link = 0;
 	fep->full_duplex = 0;
  
+	printk(KERN_INFO "%s: Freescale FEC PHY driver [%s] "
+		"(mii_bus:phy_addr=%s, irq=%d)\n", dev->name,
+		fep->phy_dev->drv->name, dev_name(&fep->phy_dev->dev),
+		fep->phy_dev->irq);
+
 	return 0;
 }
  
  
@@ -756,13 +763,8 @@
 	if (mdiobus_register(fep->mii_bus))
 		goto err_out_free_mdio_irq;
  
-	if (fec_enet_mii_probe(dev) != 0)
-		goto err_out_unregister_bus;
-
 	return 0;
  
-err_out_unregister_bus:
-	mdiobus_unregister(fep->mii_bus);
 err_out_free_mdio_irq:
 	kfree(fep->mii_bus->irq);
 err_out_free_mdiobus:
@@ -915,7 +917,12 @@
 	if (ret)
 		return ret;
  
-	/* schedule a link state check */
+	/* Probe and connect to PHY when open the interface */
+	ret = fec_enet_mii_probe(dev);
+	if (ret) {
+		fec_enet_free_buffers(dev);
+		return ret;
+	}
 	phy_start(fep->phy_dev);
 	netif_start_queue(dev);
 	fep->opened = 1;
  
@@ -929,10 +936,12 @@
  
 	/* Don't know what to do yet. */
 	fep->opened = 0;
-	phy_stop(fep->phy_dev);
 	netif_stop_queue(dev);
 	fec_stop(dev);
  
+	if (fep->phy_dev)
+		phy_disconnect(fep->phy_dev);
+
         fec_enet_free_buffers(dev);
  
 	return 0;
@@ -1315,11 +1324,6 @@
 	ret = register_netdev(ndev);
 	if (ret)
 		goto failed_register;
-
-	printk(KERN_INFO "%s: Freescale FEC PHY driver [%s] "
-		"(mii_bus:phy_addr=%s, irq=%d)\n", ndev->name,
-		fep->phy_dev->drv->name, dev_name(&fep->phy_dev->dev),
-		fep->phy_dev->irq);
  
 	return 0;
  
@@ -1151,8 +1151,7 @@
 		dev = alloc_netdev(sizeof(struct yam_port), name,
 				   yam_setup);
 		if (!dev) {
-			printk(KERN_ERR "yam: cannot allocate net device %s\n",
-			       dev->name);
+			pr_err("yam: cannot allocate net device\n");
 			err = -ENOMEM;
 			goto error;
 		}
@@ -295,6 +295,10 @@
  
 #define MULTICAST_CAM_TABLE_NUM 4
  
+/* TEMAC Synthesis features */
+#define TEMAC_FEATURE_RX_CSUM  (1 << 0)
+#define TEMAC_FEATURE_TX_CSUM  (1 << 1)
+
 /* TX/RX CURDESC_PTR points to first descriptor */
 /* TX/RX TAILDESC_PTR points to last descriptor in linked list */
  
@@ -353,6 +357,7 @@
 	struct mutex indirect_mutex;
 	u32 options;			/* Current options word */
 	int last_link;
+	unsigned int temac_features;
  
 	/* Buffer descriptors */
 	struct cdmac_bd *tx_bd_v;
@@ -245,7 +245,7 @@
 					  CHNL_CTRL_IRQ_COAL_EN);
 	/* 0x10220483 */
 	/* 0x00100483 */
-	lp->dma_out(lp, RX_CHNL_CTRL, 0xff010000 |
+	lp->dma_out(lp, RX_CHNL_CTRL, 0xff070000 |
 					  CHNL_CTRL_IRQ_EN |
 					  CHNL_CTRL_IRQ_DLY_EN |
 					  CHNL_CTRL_IRQ_COAL_EN |
@@ -574,6 +574,10 @@
 		if (cur_p->app4)
 			dev_kfree_skb_irq((struct sk_buff *)cur_p->app4);
 		cur_p->app0 = 0;
+		cur_p->app1 = 0;
+		cur_p->app2 = 0;
+		cur_p->app3 = 0;
+		cur_p->app4 = 0;
  
 		ndev->stats.tx_packets++;
 		ndev->stats.tx_bytes += cur_p->len;
@@ -589,6 +593,29 @@
 	netif_wake_queue(ndev);
 }
  
+static inline int temac_check_tx_bd_space(struct temac_local *lp, int num_frag)
+{
+	struct cdmac_bd *cur_p;
+	int tail;
+
+	tail = lp->tx_bd_tail;
+	cur_p = &lp->tx_bd_v[tail];
+
+	do {
+		if (cur_p->app0)
+			return NETDEV_TX_BUSY;
+
+		tail++;
+		if (tail >= TX_BD_NUM)
+			tail = 0;
+
+		cur_p = &lp->tx_bd_v[tail];
+		num_frag--;
+	} while (num_frag >= 0);
+
+	return 0;
+}
+
 static int temac_start_xmit(struct sk_buff *skb, struct net_device *ndev)
 {
 	struct temac_local *lp = netdev_priv(ndev);
@@ -603,7 +630,7 @@
 	start_p = lp->tx_bd_p + sizeof(*lp->tx_bd_v) * lp->tx_bd_tail;
 	cur_p = &lp->tx_bd_v[lp->tx_bd_tail];
  
-	if (cur_p->app0 & STS_CTRL_APP0_CMPLT) {
+	if (temac_check_tx_bd_space(lp, num_frag)) {
 		if (!netif_queue_stopped(ndev)) {
 			netif_stop_queue(ndev);
 			return NETDEV_TX_BUSY;
  
  
@@ -613,29 +640,14 @@
  
 	cur_p->app0 = 0;
 	if (skb->ip_summed == CHECKSUM_PARTIAL) {
-		const struct iphdr *ip = ip_hdr(skb);
-		int length = 0, start = 0, insert = 0;
+		unsigned int csum_start_off = skb_transport_offset(skb);
+		unsigned int csum_index_off = csum_start_off + skb->csum_offset;
  
-		switch (ip->protocol) {
-		case IPPROTO_TCP:
-			start = sizeof(struct iphdr) + ETH_HLEN;
-			insert = sizeof(struct iphdr) + ETH_HLEN + 16;
-			length = ip->tot_len - sizeof(struct iphdr);
-			break;
-		case IPPROTO_UDP:
-			start = sizeof(struct iphdr) + ETH_HLEN;
-			insert = sizeof(struct iphdr) + ETH_HLEN + 6;
-			length = ip->tot_len - sizeof(struct iphdr);
-			break;
-		default:
-			break;
-		}
-		cur_p->app1 = ((start << 16) | insert);
-		cur_p->app2 = csum_tcpudp_magic(ip->saddr, ip->daddr,
-						length, ip->protocol, 0);
-		skb->data[insert] = 0;
-		skb->data[insert + 1] = 0;
+		cur_p->app0 |= 1; /* TX Checksum Enabled */
+		cur_p->app1 = (csum_start_off << 16) | csum_index_off;
+		cur_p->app2 = 0;  /* initial checksum seed */
 	}
+
 	cur_p->app0 |= STS_CTRL_APP0_SOP;
 	cur_p->len = skb_headlen(skb);
 	cur_p->phys = dma_map_single(ndev->dev.parent, skb->data, skb->len,
@@ -699,6 +711,15 @@
 		skb->protocol = eth_type_trans(skb, ndev);
 		skb->ip_summed = CHECKSUM_NONE;
  
+		/* if we're doing rx csum offload, set it up */
+		if (((lp->temac_features & TEMAC_FEATURE_RX_CSUM) != 0) &&
+			(skb->protocol == __constant_htons(ETH_P_IP)) &&
+			(skb->len > 64)) {
+
+			skb->csum = cur_p->app3 & 0xFFFF;
+			skb->ip_summed = CHECKSUM_COMPLETE;
+		}
+
 		netif_rx(skb);
  
 		ndev->stats.rx_packets++;
@@ -883,6 +904,7 @@
 	struct temac_local *lp;
 	struct net_device *ndev;
 	const void *addr;
+	__be32 *p;
 	int size, rc = 0;
  
 	/* Init network device structure */
@@ -926,6 +948,18 @@
 		goto nodev;
 	}
  
+	/* Setup checksum offload, but default to off if not specified */
+	lp->temac_features = 0;
+	p = (__be32 *)of_get_property(op->dev.of_node, "xlnx,txcsum", NULL);
+	if (p && be32_to_cpu(*p)) {
+		lp->temac_features |= TEMAC_FEATURE_TX_CSUM;
+		/* Can checksum TCP/UDP over IPv4. */
+		ndev->features |= NETIF_F_IP_CSUM;
+	}
+	p = (__be32 *)of_get_property(op->dev.of_node, "xlnx,rxcsum", NULL);
+	if (p && be32_to_cpu(*p))
+		lp->temac_features |= TEMAC_FEATURE_RX_CSUM;
+
 	/* Find the DMA node, map the DMA registers, and decode the DMA IRQs */
 	np = of_parse_phandle(op->dev.of_node, "llink-connected", 0);
 	if (!np) {
@@ -950,7 +984,7 @@
  
 	lp->rx_irq = irq_of_parse_and_map(np, 0);
 	lp->tx_irq = irq_of_parse_and_map(np, 1);
-	if (!lp->rx_irq || !lp->tx_irq) {
+	if ((lp->rx_irq == NO_IRQ) || (lp->tx_irq == NO_IRQ)) {
 		dev_err(&op->dev, "could not determine irqs\n");
 		rc = -ENOMEM;
 		goto nodev;
@@ -593,17 +593,17 @@
 	int r;
 	switch (ioctl) {
 	case VHOST_NET_SET_BACKEND:
-		r = copy_from_user(&backend, argp, sizeof backend);
-		if (r < 0)
-			return r;
+		if (copy_from_user(&backend, argp, sizeof backend))
+			return -EFAULT;
 		return vhost_net_set_backend(n, backend.index, backend.fd);
 	case VHOST_GET_FEATURES:
 		features = VHOST_FEATURES;
-		return copy_to_user(featurep, &features, sizeof features);
+		if (copy_to_user(featurep, &features, sizeof features))
+			return -EFAULT;
+		return 0;
 	case VHOST_SET_FEATURES:
-		r = copy_from_user(&features, featurep, sizeof features);
-		if (r < 0)
-			return r;
+		if (copy_from_user(&features, featurep, sizeof features))
+			return -EFAULT;
 		if (features & ~VHOST_FEATURES)
 			return -EOPNOTSUPP;
 		return vhost_net_set_features(n, features);
@@ -320,10 +320,8 @@
 {
 	struct vhost_memory mem, *newmem, *oldmem;
 	unsigned long size = offsetof(struct vhost_memory, regions);
-	long r;
-	r = copy_from_user(&mem, m, size);
-	if (r)
-		return r;
+	if (copy_from_user(&mem, m, size))
+		return -EFAULT;
 	if (mem.padding)
 		return -EOPNOTSUPP;
 	if (mem.nregions > VHOST_MEMORY_MAX_NREGIONS)
  
  
  
@@ -333,15 +331,16 @@
 		return -ENOMEM;
  
 	memcpy(newmem, &mem, size);
-	r = copy_from_user(newmem->regions, m->regions,
-			   mem.nregions * sizeof *m->regions);
-	if (r) {
+	if (copy_from_user(newmem->regions, m->regions,
+			   mem.nregions * sizeof *m->regions)) {
 		kfree(newmem);
-		return r;
+		return -EFAULT;
 	}
  
-	if (!memory_access_ok(d, newmem, vhost_has_feature(d, VHOST_F_LOG_ALL)))
+	if (!memory_access_ok(d, newmem, vhost_has_feature(d, VHOST_F_LOG_ALL))) {
+		kfree(newmem);
 		return -EFAULT;
+	}
 	oldmem = d->memory;
 	rcu_assign_pointer(d->memory, newmem);
 	synchronize_rcu();
@@ -374,7 +373,7 @@
 	r = get_user(idx, idxp);
 	if (r < 0)
 		return r;
-	if (idx > d->nvqs)
+	if (idx >= d->nvqs)
 		return -ENOBUFS;
  
 	vq = d->vqs + idx;
  
@@ -389,9 +388,10 @@
 			r = -EBUSY;
 			break;
 		}
-		r = copy_from_user(&s, argp, sizeof s);
-		if (r < 0)
+		if (copy_from_user(&s, argp, sizeof s)) {
+			r = -EFAULT;
 			break;
+		}
 		if (!s.num || s.num > 0xffff || (s.num & (s.num - 1))) {
 			r = -EINVAL;
 			break;
  
@@ -405,9 +405,10 @@
 			r = -EBUSY;
 			break;
 		}
-		r = copy_from_user(&s, argp, sizeof s);
-		if (r < 0)
+		if (copy_from_user(&s, argp, sizeof s)) {
+			r = -EFAULT;
 			break;
+		}
 		if (s.num > 0xffff) {
 			r = -EINVAL;
 			break;
  
  
@@ -419,12 +420,14 @@
 	case VHOST_GET_VRING_BASE:
 		s.index = idx;
 		s.num = vq->last_avail_idx;
-		r = copy_to_user(argp, &s, sizeof s);
+		if (copy_to_user(argp, &s, sizeof s))
+			r = -EFAULT;
 		break;
 	case VHOST_SET_VRING_ADDR:
-		r = copy_from_user(&a, argp, sizeof a);
-		if (r < 0)
+		if (copy_from_user(&a, argp, sizeof a)) {
+			r = -EFAULT;
 			break;
+		}
 		if (a.flags & ~(0x1 << VHOST_VRING_F_LOG)) {
 			r = -EOPNOTSUPP;
 			break;
  
@@ -477,9 +480,10 @@
 		vq->used = (void __user *)(unsigned long)a.used_user_addr;
 		break;
 	case VHOST_SET_VRING_KICK:
-		r = copy_from_user(&f, argp, sizeof f);
-		if (r < 0)
+		if (copy_from_user(&f, argp, sizeof f)) {
+			r = -EFAULT;
 			break;
+		}
 		eventfp = f.fd == -1 ? NULL : eventfd_fget(f.fd);
 		if (IS_ERR(eventfp)) {
 			r = PTR_ERR(eventfp);
  
@@ -492,9 +496,10 @@
 			filep = eventfp;
 		break;
 	case VHOST_SET_VRING_CALL:
-		r = copy_from_user(&f, argp, sizeof f);
-		if (r < 0)
+		if (copy_from_user(&f, argp, sizeof f)) {
+			r = -EFAULT;
 			break;
+		}
 		eventfp = f.fd == -1 ? NULL : eventfd_fget(f.fd);
 		if (IS_ERR(eventfp)) {
 			r = PTR_ERR(eventfp);
  
@@ -510,9 +515,10 @@
 			filep = eventfp;
 		break;
 	case VHOST_SET_VRING_ERR:
-		r = copy_from_user(&f, argp, sizeof f);
-		if (r < 0)
+		if (copy_from_user(&f, argp, sizeof f)) {
+			r = -EFAULT;
 			break;
+		}
 		eventfp = f.fd == -1 ? NULL : eventfd_fget(f.fd);
 		if (IS_ERR(eventfp)) {
 			r = PTR_ERR(eventfp);
  
@@ -575,9 +581,10 @@
 		r = vhost_set_memory(d, argp);
 		break;
 	case VHOST_SET_LOG_BASE:
-		r = copy_from_user(&p, argp, sizeof p);
-		if (r < 0)
+		if (copy_from_user(&p, argp, sizeof p)) {
+			r = -EFAULT;
 			break;
+		}
 		if ((u64)(unsigned long)p != p) {
 			r = -EFAULT;
 			break;
@@ -39,7 +39,7 @@
 static inline u32 task_cls_classid(struct task_struct *p)
 {
 	int id;
-	u32 classid;
+	u32 classid = 0;
  
 	if (in_interrupt())
 		return 0;
@@ -876,7 +876,7 @@
  
 	/* Reference counting. */
 	atomic_t refcnt;
-	int	 dead:1,
+	__u32	 dead:1,
 		/* RTO-Pending : A flag used to track if one of the DATA
 		 *		chunks sent to this address is currently being
 		 *		used to compute a RTT. If this flag is 0,
@@ -1026,15 +1026,23 @@
 				SINGLE_DEPTH_NESTING)
 #define bh_unlock_sock(__sk)	spin_unlock(&((__sk)->sk_lock.slock))
  
-static inline void lock_sock_bh(struct sock *sk)
+extern bool lock_sock_fast(struct sock *sk);
+/**
+ * unlock_sock_fast - complement of lock_sock_fast
+ * @sk: socket
+ * @slow: slow mode
+ *
+ * fast unlock socket for user context.
+ * If slow mode is on, we call regular release_sock()
+ */
+static inline void unlock_sock_fast(struct sock *sk, bool slow)
 {
-	spin_lock_bh(&sk->sk_lock.slock);
+	if (slow)
+		release_sock(sk);
+	else
+		spin_unlock_bh(&sk->sk_lock.slock);
 }
  
-static inline void unlock_sock_bh(struct sock *sk)
-{
-	spin_unlock_bh(&sk->sk_lock.slock);
-}
  
 extern struct sock		*sk_alloc(struct net *net, int family,
 					  gfp_t priority,
@@ -229,15 +229,17 @@
  
 void skb_free_datagram_locked(struct sock *sk, struct sk_buff *skb)
 {
+	bool slow;
+
 	if (likely(atomic_read(&skb->users) == 1))
 		smp_rmb();
 	else if (likely(!atomic_dec_and_test(&skb->users)))
 		return;
  
-	lock_sock_bh(sk);
+	slow = lock_sock_fast(sk);
 	skb_orphan(skb);
 	sk_mem_reclaim_partial(sk);
-	unlock_sock_bh(sk);
+	unlock_sock_fast(sk, slow);
  
 	/* skb is now orphaned, can be freed outside of locked section */
 	__kfree_skb(skb);
@@ -934,6 +934,7 @@
 				kfree_skb(buff);
 				NEIGH_CACHE_STAT_INC(neigh->tbl, unres_discards);
 			}
+			skb_dst_force(skb);
 			__skb_queue_tail(&neigh->arp_queue, skb);
 		}
 		rc = 1;
@@ -650,11 +650,12 @@
 	if (dev->dev.parent && dev_is_pci(dev->dev.parent)) {
  
 		int num_vfs = dev_num_vf(dev->dev.parent);
-		size_t size = nlmsg_total_size(sizeof(struct nlattr));
-		size += nlmsg_total_size(num_vfs * sizeof(struct nlattr));
-		size += num_vfs * (sizeof(struct ifla_vf_mac) +
-				  sizeof(struct ifla_vf_vlan) +
-				  sizeof(struct ifla_vf_tx_rate));
+		size_t size = nla_total_size(sizeof(struct nlattr));
+		size += nla_total_size(num_vfs * sizeof(struct nlattr));
+		size += num_vfs *
+			(nla_total_size(sizeof(struct ifla_vf_mac)) +
+			 nla_total_size(sizeof(struct ifla_vf_vlan)) +
+			 nla_total_size(sizeof(struct ifla_vf_tx_rate)));
 		return size;
 	} else
 		return 0;
  
  
@@ -722,14 +723,13 @@
  
 	for (vf = 0; vf < dev_num_vf(dev->dev.parent); vf++) {
 		vf_port = nla_nest_start(skb, IFLA_VF_PORT);
-		if (!vf_port) {
-			nla_nest_cancel(skb, vf_ports);
-			return -EMSGSIZE;
-		}
+		if (!vf_port)
+			goto nla_put_failure;
 		NLA_PUT_U32(skb, IFLA_PORT_VF, vf);
 		err = dev->netdev_ops->ndo_get_vf_port(dev, vf, skb);
+		if (err == -EMSGSIZE)
+			goto nla_put_failure;
 		if (err) {
-nla_put_failure:
 			nla_nest_cancel(skb, vf_port);
 			continue;
 		}
@@ -739,6 +739,10 @@
 	nla_nest_end(skb, vf_ports);
  
 	return 0;
+
+nla_put_failure:
+	nla_nest_cancel(skb, vf_ports);
+	return -EMSGSIZE;
 }
  
 static int rtnl_port_self_fill(struct sk_buff *skb, struct net_device *dev)
@@ -753,7 +757,7 @@
 	err = dev->netdev_ops->ndo_get_vf_port(dev, PORT_SELF_VF, skb);
 	if (err) {
 		nla_nest_cancel(skb, port_self);
-		return err;
+		return (err == -EMSGSIZE) ? err : 0;
 	}
  
 	nla_nest_end(skb, port_self);
@@ -2007,6 +2007,39 @@
 }
 EXPORT_SYMBOL(release_sock);
  
+/**
+ * lock_sock_fast - fast version of lock_sock
+ * @sk: socket
+ *
+ * This version should be used for very small section, where process wont block
+ * return false if fast path is taken
+ *   sk_lock.slock locked, owned = 0, BH disabled
+ * return true if slow path is taken
+ *   sk_lock.slock unlocked, owned = 1, BH enabled
+ */
+bool lock_sock_fast(struct sock *sk)
+{
+	might_sleep();
+	spin_lock_bh(&sk->sk_lock.slock);
+
+	if (!sk->sk_lock.owned)
+		/*
+		 * Note : We must disable BH
+		 */
+		return false;
+
+	__lock_sock(sk);
+	sk->sk_lock.owned = 1;
+	spin_unlock(&sk->sk_lock.slock);
+	/*
+	 * The sk_lock has mutex_lock() semantics here:
+	 */
+	mutex_acquire(&sk->sk_lock.dep_map, 0, 0, _RET_IP_);
+	local_bh_enable();
+	return true;
+}
+EXPORT_SYMBOL(lock_sock_fast);
+
 int sock_get_timestamp(struct sock *sk, struct timeval __user *userstamp)
 {
 	struct timeval tv;
@@ -1911,7 +1911,7 @@
 	struct rtattr *mp_head;
  
 	/* If cache is unresolved, don't try to parse IIF and OIF */
-	if (c->mfc_parent > MAXVIFS)
+	if (c->mfc_parent >= MAXVIFS)
 		return -ENOENT;
  
 	if (VIF_EXISTS(mrt, c->mfc_parent))
@@ -1063,10 +1063,11 @@
 	spin_unlock_bh(&rcvq->lock);
  
 	if (!skb_queue_empty(&list_kill)) {
-		lock_sock_bh(sk);
+		bool slow = lock_sock_fast(sk);
+
 		__skb_queue_purge(&list_kill);
 		sk_mem_reclaim_partial(sk);
-		unlock_sock_bh(sk);
+		unlock_sock_fast(sk, slow);
 	}
 	return res;
 }
@@ -1123,6 +1124,7 @@
 	int peeked;
 	int err;
 	int is_udplite = IS_UDPLITE(sk);
+	bool slow;
  
 	/*
 	 *	Check any passed addresses
  
@@ -1197,10 +1199,10 @@
 	return err;
  
 csum_copy_err:
-	lock_sock_bh(sk);
+	slow = lock_sock_fast(sk);
 	if (!skb_kill_datagram(sk, skb, flags))
 		UDP_INC_STATS_USER(sock_net(sk), UDP_MIB_INERRORS, is_udplite);
-	unlock_sock_bh(sk);
+	unlock_sock_fast(sk, slow);
  
 	if (noblock)
 		return -EAGAIN;
  
@@ -1625,9 +1627,9 @@
  
 void udp_destroy_sock(struct sock *sk)
 {
-	lock_sock_bh(sk);
+	bool slow = lock_sock_fast(sk);
 	udp_flush_pending_frames(sk);
-	unlock_sock_bh(sk);
+	unlock_sock_fast(sk, slow);
 }
  
 /*
@@ -507,7 +507,7 @@
 	if (mtu < IPV6_MIN_MTU)
 		mtu = IPV6_MIN_MTU;
  
-	if (skb->len > mtu) {
+	if (skb->len > mtu && !skb_is_gso(skb)) {
 		/* Again, force OUTPUT device used as source address */
 		skb->dev = dst->dev;
 		icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
@@ -2017,7 +2017,7 @@
 	struct rtattr *mp_head;
  
 	/* If cache is unresolved, don't try to parse IIF and OIF */
-	if (c->mf6c_parent > MAXMIFS)
+	if (c->mf6c_parent >= MAXMIFS)
 		return -ENOENT;
  
 	if (MIF_EXISTS(mrt, c->mf6c_parent))
@@ -328,6 +328,7 @@
 	int err;
 	int is_udplite = IS_UDPLITE(sk);
 	int is_udp4;
+	bool slow;
  
 	if (addr_len)
 		*addr_len=sizeof(struct sockaddr_in6);
@@ -424,7 +425,7 @@
 	return err;
  
 csum_copy_err:
-	lock_sock_bh(sk);
+	slow = lock_sock_fast(sk);
 	if (!skb_kill_datagram(sk, skb, flags)) {
 		if (is_udp4)
 			UDP_INC_STATS_USER(sock_net(sk),
@@ -433,7 +434,7 @@
 			UDP6_INC_STATS_USER(sock_net(sk),
 					UDP_MIB_INERRORS, is_udplite);
 	}
-	unlock_sock_bh(sk);
+	unlock_sock_fast(sk, slow);
  
 	if (flags & MSG_DONTWAIT)
 		return -EAGAIN;
@@ -1619,7 +1619,7 @@
 save_message:
 	save_msg = kzalloc(sizeof(struct sock_msg_q), GFP_ATOMIC | GFP_DMA);
 	if (!save_msg)
-		return;
+		goto out_unlock;
 	save_msg->path = path;
 	save_msg->msg = *msg;
  
@@ -76,7 +76,7 @@
 	if (ip_route_output_key(net, &rt, &fl) != 0)
 		return false;
  
-	dst_release(skb_dst(skb));
+	skb_dst_drop(skb);
 	skb_dst_set(skb, &rt->u.dst);
 	skb->dev      = rt->u.dst.dev;
 	skb->protocol = htons(ETH_P_IP);
@@ -157,7 +157,7 @@
 	if (dst == NULL)
 		return false;
  
-	dst_release(skb_dst(skb));
+	skb_dst_drop(skb);
 	skb_dst_set(skb, dst);
 	skb->dev      = dst->dev;
 	skb->protocol = htons(ETH_P_IPV6);
...	...	@@ -551,8 +551,7 @@
551	551	void __iomem *shmem;
552	552
553	553	if (dev == NULL) {
554		- pr_err("%s: net_interrupt(): irq %d for unknown device.\n",
555		- dev->name, irq);
	554	+ pr_err("net_interrupt(): irq %d for unknown device.\n", irq);
556	555	return IRQ_NONE;
557	556	}
558	557
...	...	@@ -294,7 +294,7 @@
294	294	} else {
295	295	return 0;
296	296	}
297		- } while (timeout < 20);
	297	+ } while (timeout < 40);
298	298
299	299	dev_err(&adapter->pdev->dev, "POST timeout; stage=0x%x\n", stage);
300	300	return -1;
...	...	@@ -1861,7 +1861,7 @@
1861	1861	goto if_destroy;
1862	1862	}
1863	1863	vf++;
1864		- } while (vf < num_vfs);
	1864	+ }
1865	1865	} else if (!be_physfn(adapter)) {
1866	1866	status = be_cmd_mac_addr_query(adapter, mac,
1867	1867	MAC_ADDRESS_TYPE_NETWORK, false, adapter->if_handle);
...	...	@@ -3367,13 +3367,9 @@
3367	3367
3368	3368	static void cnic_init_context(struct cnic_dev *dev, u32 cid)
3369	3369	{
3370		- struct cnic_local *cp = dev->cnic_priv;
3371	3370	u32 cid_addr;
3372	3371	int i;
3373	3372
3374		- if (CHIP_NUM(cp) == CHIP_NUM_5709)
3375		- return;
3376		-
3377	3373	cid_addr = GET_CID_ADDR(cid);
3378	3374
3379	3375	for (i = 0; i < CTX_SIZE; i += 4)
3380	3376
...	...	@@ -3530,14 +3526,11 @@
3530	3526
3531	3527	sb_id = cp->status_blk_num;
3532	3528	tx_cid = 20;
3533		- cnic_init_context(dev, tx_cid);
3534		- cnic_init_context(dev, tx_cid + 1);
3535	3529	cp->tx_cons_ptr = &s_blk->status_tx_quick_consumer_index2;
3536	3530	if (ethdev->drv_state & CNIC_DRV_STATE_USING_MSIX) {
3537	3531	struct status_block_msix *sblk = cp->status_blk.bnx2;
3538	3532
3539	3533	tx_cid = TX_TSS_CID + sb_id - 1;
3540		- cnic_init_context(dev, tx_cid);
3541	3534	CNIC_WR(dev, BNX2_TSCH_TSS_CFG, (sb_id << 24) \|
3542	3535	(TX_TSS_CID << 7));
3543	3536	cp->tx_cons_ptr = &sblk->status_tx_quick_consumer_index;
...	...	@@ -3556,6 +3549,9 @@
3556	3549	offset2 = BNX2_L2CTX_TBDR_BHADDR_HI_XI;
3557	3550	offset3 = BNX2_L2CTX_TBDR_BHADDR_LO_XI;
3558	3551	} else {
	3552	+ cnic_init_context(dev, tx_cid);
	3553	+ cnic_init_context(dev, tx_cid + 1);
	3554	+
3559	3555	offset0 = BNX2_L2CTX_TYPE;
3560	3556	offset1 = BNX2_L2CTX_CMD_TYPE;
3561	3557	offset2 = BNX2_L2CTX_TBDR_BHADDR_HI;
...	...	@@ -12,8 +12,8 @@
12	12	#ifndef CNIC_IF_H
13	13	#define CNIC_IF_H
14	14
15		-#define CNIC_MODULE_VERSION "2.1.1"
16		-#define CNIC_MODULE_RELDATE "Feb 22, 2010"
	15	+#define CNIC_MODULE_VERSION "2.1.2"
	16	+#define CNIC_MODULE_RELDATE "May 26, 2010"
17	17
18	18	#define CNIC_ULP_RDMA 0
19	19	#define CNIC_ULP_ISCSI 1
...	...	@@ -681,6 +681,8 @@
681	681	struct phy_device *phy_dev = NULL;
682	682	int phy_addr;
683	683
	684	+ fep->phy_dev = NULL;
	685	+
684	686	/* find the first phy */
685	687	for (phy_addr = 0; phy_addr < PHY_MAX_ADDR; phy_addr++) {
686	688	if (fep->mii_bus->phy_map[phy_addr]) {
...	...	@@ -711,6 +713,11 @@
711	713	fep->link = 0;
712	714	fep->full_duplex = 0;
713	715
	716	+ printk(KERN_INFO "%s: Freescale FEC PHY driver [%s] "
	717	+ "(mii_bus:phy_addr=%s, irq=%d)\n", dev->name,
	718	+ fep->phy_dev->drv->name, dev_name(&fep->phy_dev->dev),
	719	+ fep->phy_dev->irq);
	720	+
714	721	return 0;
715	722	}
716	723
717	724
...	...	@@ -756,13 +763,8 @@
756	763	if (mdiobus_register(fep->mii_bus))
757	764	goto err_out_free_mdio_irq;
758	765
759		- if (fec_enet_mii_probe(dev) != 0)
760		- goto err_out_unregister_bus;
761		-
762	766	return 0;
763	767
764		-err_out_unregister_bus:
765		- mdiobus_unregister(fep->mii_bus);
766	768	err_out_free_mdio_irq:
767	769	kfree(fep->mii_bus->irq);
768	770	err_out_free_mdiobus:
...	...	@@ -915,7 +917,12 @@
915	917	if (ret)
916	918	return ret;
917	919
918		- /* schedule a link state check */
	920	+ /* Probe and connect to PHY when open the interface */
	921	+ ret = fec_enet_mii_probe(dev);
	922	+ if (ret) {
	923	+ fec_enet_free_buffers(dev);
	924	+ return ret;
	925	+ }
919	926	phy_start(fep->phy_dev);
920	927	netif_start_queue(dev);
921	928	fep->opened = 1;
922	929
...	...	@@ -929,10 +936,12 @@
929	936
930	937	/* Don't know what to do yet. */
931	938	fep->opened = 0;
932		- phy_stop(fep->phy_dev);
933	939	netif_stop_queue(dev);
934	940	fec_stop(dev);
935	941
	942	+ if (fep->phy_dev)
	943	+ phy_disconnect(fep->phy_dev);
	944	+
936	945	fec_enet_free_buffers(dev);
937	946
938	947	return 0;
...	...	@@ -1315,11 +1324,6 @@
1315	1324	ret = register_netdev(ndev);
1316	1325	if (ret)
1317	1326	goto failed_register;
1318		-
1319		- printk(KERN_INFO "%s: Freescale FEC PHY driver [%s] "
1320		- "(mii_bus:phy_addr=%s, irq=%d)\n", ndev->name,
1321		- fep->phy_dev->drv->name, dev_name(&fep->phy_dev->dev),
1322		- fep->phy_dev->irq);
1323	1327
1324	1328	return 0;
1325	1329
...	...	@@ -1151,8 +1151,7 @@
1151	1151	dev = alloc_netdev(sizeof(struct yam_port), name,
1152	1152	yam_setup);
1153	1153	if (!dev) {
1154		- printk(KERN_ERR "yam: cannot allocate net device %s\n",
1155		- dev->name);
	1154	+ pr_err("yam: cannot allocate net device\n");
1156	1155	err = -ENOMEM;
1157	1156	goto error;
1158	1157	}
...	...	@@ -295,6 +295,10 @@
295	295
296	296	#define MULTICAST_CAM_TABLE_NUM 4
297	297
	298	+/* TEMAC Synthesis features */
	299	+#define TEMAC_FEATURE_RX_CSUM (1 << 0)
	300	+#define TEMAC_FEATURE_TX_CSUM (1 << 1)
	301	+
298	302	/* TX/RX CURDESC_PTR points to first descriptor */
299	303	/* TX/RX TAILDESC_PTR points to last descriptor in linked list */
300	304
...	...	@@ -353,6 +357,7 @@
353	357	struct mutex indirect_mutex;
354	358	u32 options; /* Current options word */
355	359	int last_link;
	360	+ unsigned int temac_features;
356	361
357	362	/* Buffer descriptors */
358	363	struct cdmac_bd *tx_bd_v;
...	...	@@ -245,7 +245,7 @@
245	245	CHNL_CTRL_IRQ_COAL_EN);
246	246	/* 0x10220483 */
247	247	/* 0x00100483 */
248		- lp->dma_out(lp, RX_CHNL_CTRL, 0xff010000 \|
	248	+ lp->dma_out(lp, RX_CHNL_CTRL, 0xff070000 \|
249	249	CHNL_CTRL_IRQ_EN \|
250	250	CHNL_CTRL_IRQ_DLY_EN \|
251	251	CHNL_CTRL_IRQ_COAL_EN \|
...	...	@@ -574,6 +574,10 @@
574	574	if (cur_p->app4)
575	575	dev_kfree_skb_irq((struct sk_buff *)cur_p->app4);
576	576	cur_p->app0 = 0;
	577	+ cur_p->app1 = 0;
	578	+ cur_p->app2 = 0;
	579	+ cur_p->app3 = 0;
	580	+ cur_p->app4 = 0;
577	581
578	582	ndev->stats.tx_packets++;
579	583	ndev->stats.tx_bytes += cur_p->len;
...	...	@@ -589,6 +593,29 @@
589	593	netif_wake_queue(ndev);
590	594	}
591	595
	596	+static inline int temac_check_tx_bd_space(struct temac_local *lp, int num_frag)
	597	+{
	598	+ struct cdmac_bd *cur_p;
	599	+ int tail;
	600	+
	601	+ tail = lp->tx_bd_tail;
	602	+ cur_p = &lp->tx_bd_v[tail];
	603	+
	604	+ do {
	605	+ if (cur_p->app0)
	606	+ return NETDEV_TX_BUSY;
	607	+
	608	+ tail++;
	609	+ if (tail >= TX_BD_NUM)
	610	+ tail = 0;
	611	+
	612	+ cur_p = &lp->tx_bd_v[tail];
	613	+ num_frag--;
	614	+ } while (num_frag >= 0);
	615	+
	616	+ return 0;
	617	+}
	618	+
592	619	static int temac_start_xmit(struct sk_buff skb, struct net_device ndev)
593	620	{
594	621	struct temac_local *lp = netdev_priv(ndev);
...	...	@@ -603,7 +630,7 @@
603	630	start_p = lp->tx_bd_p + sizeof(lp->tx_bd_v) lp->tx_bd_tail;
604	631	cur_p = &lp->tx_bd_v[lp->tx_bd_tail];
605	632
606		- if (cur_p->app0 & STS_CTRL_APP0_CMPLT) {
	633	+ if (temac_check_tx_bd_space(lp, num_frag)) {
607	634	if (!netif_queue_stopped(ndev)) {
608	635	netif_stop_queue(ndev);
609	636	return NETDEV_TX_BUSY;
610	637
611	638
...	...	@@ -613,29 +640,14 @@
613	640
614	641	cur_p->app0 = 0;
615	642	if (skb->ip_summed == CHECKSUM_PARTIAL) {
616		- const struct iphdr *ip = ip_hdr(skb);
617		- int length = 0, start = 0, insert = 0;
	643	+ unsigned int csum_start_off = skb_transport_offset(skb);
	644	+ unsigned int csum_index_off = csum_start_off + skb->csum_offset;
618	645
619		- switch (ip->protocol) {
620		- case IPPROTO_TCP:
621		- start = sizeof(struct iphdr) + ETH_HLEN;
622		- insert = sizeof(struct iphdr) + ETH_HLEN + 16;
623		- length = ip->tot_len - sizeof(struct iphdr);
624		- break;
625		- case IPPROTO_UDP:
626		- start = sizeof(struct iphdr) + ETH_HLEN;
627		- insert = sizeof(struct iphdr) + ETH_HLEN + 6;
628		- length = ip->tot_len - sizeof(struct iphdr);
629		- break;
630		- default:
631		- break;
632		- }
633		- cur_p->app1 = ((start << 16) \| insert);
634		- cur_p->app2 = csum_tcpudp_magic(ip->saddr, ip->daddr,
635		- length, ip->protocol, 0);
636		- skb->data[insert] = 0;
637		- skb->data[insert + 1] = 0;
	646	+ cur_p->app0 \|= 1; /* TX Checksum Enabled */
	647	+ cur_p->app1 = (csum_start_off << 16) \| csum_index_off;
	648	+ cur_p->app2 = 0; /* initial checksum seed */
638	649	}
	650	+
639	651	cur_p->app0 \|= STS_CTRL_APP0_SOP;
640	652	cur_p->len = skb_headlen(skb);
641	653	cur_p->phys = dma_map_single(ndev->dev.parent, skb->data, skb->len,
...	...	@@ -699,6 +711,15 @@
699	711	skb->protocol = eth_type_trans(skb, ndev);
700	712	skb->ip_summed = CHECKSUM_NONE;
701	713
	714	+ /* if we're doing rx csum offload, set it up */
	715	+ if (((lp->temac_features & TEMAC_FEATURE_RX_CSUM) != 0) &&
	716	+ (skb->protocol == __constant_htons(ETH_P_IP)) &&
	717	+ (skb->len > 64)) {
	718	+
	719	+ skb->csum = cur_p->app3 & 0xFFFF;
	720	+ skb->ip_summed = CHECKSUM_COMPLETE;
	721	+ }
	722	+
702	723	netif_rx(skb);
703	724
704	725	ndev->stats.rx_packets++;
...	...	@@ -883,6 +904,7 @@
883	904	struct temac_local *lp;
884	905	struct net_device *ndev;
885	906	const void *addr;
	907	+ __be32 *p;
886	908	int size, rc = 0;
887	909
888	910	/* Init network device structure */
...	...	@@ -926,6 +948,18 @@
926	948	goto nodev;
927	949	}
928	950
	951	+ /* Setup checksum offload, but default to off if not specified */
	952	+ lp->temac_features = 0;
	953	+ p = (__be32 *)of_get_property(op->dev.of_node, "xlnx,txcsum", NULL);
	954	+ if (p && be32_to_cpu(*p)) {
	955	+ lp->temac_features \|= TEMAC_FEATURE_TX_CSUM;
	956	+ /* Can checksum TCP/UDP over IPv4. */
	957	+ ndev->features \|= NETIF_F_IP_CSUM;
	958	+ }
	959	+ p = (__be32 *)of_get_property(op->dev.of_node, "xlnx,rxcsum", NULL);
	960	+ if (p && be32_to_cpu(*p))
	961	+ lp->temac_features \|= TEMAC_FEATURE_RX_CSUM;
	962	+
929	963	/* Find the DMA node, map the DMA registers, and decode the DMA IRQs */
930	964	np = of_parse_phandle(op->dev.of_node, "llink-connected", 0);
931	965	if (!np) {
...	...	@@ -950,7 +984,7 @@
950	984
951	985	lp->rx_irq = irq_of_parse_and_map(np, 0);
952	986	lp->tx_irq = irq_of_parse_and_map(np, 1);
953		- if (!lp->rx_irq \|\| !lp->tx_irq) {
	987	+ if ((lp->rx_irq == NO_IRQ) \|\| (lp->tx_irq == NO_IRQ)) {
954	988	dev_err(&op->dev, "could not determine irqs\n");
955	989	rc = -ENOMEM;
956	990	goto nodev;
...	...	@@ -593,17 +593,17 @@
593	593	int r;
594	594	switch (ioctl) {
595	595	case VHOST_NET_SET_BACKEND:
596		- r = copy_from_user(&backend, argp, sizeof backend);
597		- if (r < 0)
598		- return r;
	596	+ if (copy_from_user(&backend, argp, sizeof backend))
	597	+ return -EFAULT;
599	598	return vhost_net_set_backend(n, backend.index, backend.fd);
600	599	case VHOST_GET_FEATURES:
601	600	features = VHOST_FEATURES;
602		- return copy_to_user(featurep, &features, sizeof features);
	601	+ if (copy_to_user(featurep, &features, sizeof features))
	602	+ return -EFAULT;
	603	+ return 0;
603	604	case VHOST_SET_FEATURES:
604		- r = copy_from_user(&features, featurep, sizeof features);
605		- if (r < 0)
606		- return r;
	605	+ if (copy_from_user(&features, featurep, sizeof features))
	606	+ return -EFAULT;
607	607	if (features & ~VHOST_FEATURES)
608	608	return -EOPNOTSUPP;
609	609	return vhost_net_set_features(n, features);