Eric Lee / smarc-fsl-linux-kernel

09 Dec, 2019

1 commit

19 Jun, 2019

1 commit

  • d2912cb15   treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 ... Browse Code »

    Based on 2 normalized pattern(s):

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public license version 2 as
    published by the free software foundation

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public license version 2 as
    published by the free software foundation #

    extracted by the scancode license scanner the SPDX license identifier

    GPL-2.0-only

    has been chosen to replace the boilerplate/reference in 4122 file(s).

    Signed-off-by: Thomas Gleixner
    Reviewed-by: Enrico Weigelt
    Reviewed-by: Kate Stewart
    Reviewed-by: Allison Randal
    Cc: linux-spdx@vger.kernel.org
    Link: https://lkml.kernel.org/r/20190604081206.933168790@linutronix.de
    Signed-off-by: Greg Kroah-Hartman

    Thomas Gleixner
     

18 Jan, 2019

1 commit

  • 10870dd89   netfilter: nf_tables: add direct calls for all builtin expressions ... Browse Code »

    With CONFIG_RETPOLINE its faster to add an if (ptr == &foo_func)
    check and and use direct calls for all the built-in expressions.

    ~15% improvement in pathological cases.

    checkpatch doesn't like the X macro due to the embedded return statement,
    but the macro has a very limited scope so I don't think its a problem.

    I would like to avoid bugs of the form
    If (e->ops->eval == (unsigned long)nft_foo_eval)
    nft_bar_eval();

    and open-coded if ()/else if()/else cascade, thus the macro.

    Signed-off-by: Florian Westphal
    Signed-off-by: Pablo Neira Ayuso

    Florian Westphal
     

15 May, 2017

1 commit

  • 591054469   netfilter: nf_tables: revisit chain/object refcounting from elements ... Browse Code »

    Andreas reports that the following incremental update using our commit
    protocol doesn't work.

    # nft -f incremental-update.nft
    delete element ip filter client_to_any { 10.180.86.22 : goto CIn_1 }
    delete chain ip filter CIn_1
    ... Error: Could not process rule: Device or resource busy

    The existing code is not well-integrated into the commit phase protocol,
    since element deletions do not result in refcount decrement from the
    preparation phase. This results in bogus EBUSY errors like the one
    above.

    Two new functions come with this patch:

    * nft_set_elem_activate() function is used from the abort path, to
    restore the set element refcounting on objects that occurred from
    the preparation phase.

    * nft_set_elem_deactivate() that is called from nft_del_setelem() to
    decrement set element refcounting on objects from the preparation
    phase in the commit protocol.

    The nft_data_uninit() has been renamed to nft_data_release() since this
    function does not uninitialize any data store in the data register,
    instead just releases the references to objects. Moreover, a new
    function nft_data_hold() has been introduced to be used from
    nft_set_elem_activate().

    Reported-by: Andreas Schultz
    Signed-off-by: Pablo Neira Ayuso

    Pablo Neira Ayuso
     

04 Dec, 2016

1 commit

  • 2745529ac   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net ... Browse Code »

    Couple conflicts resolved here:

    1) In the MACB driver, a bug fix to properly initialize the
    RX tail pointer properly overlapped with some changes
    to support variable sized rings.

    2) In XGBE we had a "CONFIG_PM" --> "CONFIG_PM_SLEEP" fix
    overlapping with a reorganization of the driver to support
    ACPI, OF, as well as PCI variants of the chip.

    3) In 'net' we had several probe error path bug fixes to the
    stmmac driver, meanwhile a lot of this code was cleaned up
    and reorganized in 'net-next'.

    4) The cls_flower classifier obtained a helper function in
    'net-next' called __fl_delete() and this overlapped with
    Daniel Borkamann's bug fix to use RCU for object destruction
    in 'net'. It also overlapped with Jiri's change to guard
    the rhashtable_remove_fast() call with a check against
    tc_skip_sw().

    5) In mlx4, a revert bug fix in 'net' overlapped with some
    unrelated changes in 'net-next'.

    6) In geneve, a stale header pointer after pskb_expand_head()
    bug fix in 'net' overlapped with a large reorganization of
    the same code in 'net-next'. Since the 'net-next' code no
    longer had the bug in question, there was nothing to do
    other than to simply take the 'net-next' hunks.

    Signed-off-by: David S. Miller

    David S. Miller
     

24 Nov, 2016

1 commit

10 Nov, 2016

1 commit

  • 4e24877e6   netfilter: nf_tables: simplify the basic expressions' init routine ... Browse Code »

    Some basic expressions are built into nf_tables.ko, such as nft_cmp,
    nft_lookup, nft_range and so on. But these basic expressions' init
    routine is a little ugly, too many goto errX labels, and we forget
    to call nft_range_module_exit in the exit routine, although it is
    harmless.

    Acctually, the init and exit routines of these basic expressions
    are same, i.e. do nft_register_expr in the init routine and do
    nft_unregister_expr in the exit routine.

    So it's better to arrange them into an array and deal with them
    together.

    Signed-off-by: Liping Zhang
    Signed-off-by: Pablo Neira Ayuso

    Liping Zhang
     

18 Oct, 2016

2 commits

  • d2e4d5935   netfilter: nf_tables: avoid uninitialized variable warning ... Browse Code »

    The newly added nft_range_eval() function handles the two possible
    nft range operations, but as the compiler warning points out,
    any unexpected value would lead to the 'mismatch' variable being
    used without being initialized:

    net/netfilter/nft_range.c: In function 'nft_range_eval':
    net/netfilter/nft_range.c:45:5: error: 'mismatch' may be used uninitialized in this function [-Werror=maybe-uninitialized]

    This removes the variable in question and instead moves the
    condition into the switch itself, which is potentially more
    efficient than adding a bogus 'default' clause as in my
    first approach, and is nicer than using the 'uninitialized_var'
    macro.

    Fixes: 0f3cd9b36977 ("netfilter: nf_tables: add range expression")
    Link: http://patchwork.ozlabs.org/patch/677114/
    Signed-off-by: Arnd Bergmann
    Signed-off-by: Pablo Neira Ayuso

    Arnd Bergmann
     
  • ccca6607c   netfilter: nft_range: validate operation netlink attribute ... Browse Code »

    Use nft_parse_u32_check() to make sure we don't get a value over the
    unsigned 8-bit integer. Moreover, make sure this value doesn't go over
    the two supported range comparison modes.

    Fixes: 9286c2eb1fda ("netfilter: nft_range: validate operation netlink attribute")
    Signed-off-by: Pablo Neira Ayuso

    Pablo Neira Ayuso
     

26 Sep, 2016

1 commit

  • 0f3cd9b36   netfilter: nf_tables: add range expression ... Browse Code »

    Inverse ranges != [a,b] are not currently possible because rules are
    composites of && operations, and we need to express this:

    data < a || data > b

    This patch adds a new range expression. Positive ranges can be already
    through two cmp expressions:

    cmp(sreg, data, >=)
    cmp(sreg, data,

    Pablo Neira Ayuso