13 Aug, 2013
3 commits
-
Probably this one is quite unlikely to be triggered, but it's more safe
to do the call_rcu() at the end after we have dropped the reference on
the asoc and freed sctp packet chunks. The reason why is because in
sctp_transport_destroy_rcu() the transport is being kfree()'d, and if
we're unlucky enough we could run into corrupted pointers. Probably
that's more of theoretical nature, but it's safer to have this simple fix.Introduced by commit 8c98653f ("sctp: sctp_close: fix release of bindings
for deferred call_rcu's"). I also did the 8c98653f regression test and
it's fine that way.Signed-off-by: Daniel Borkmann
Acked-by: Vlad Yasevich
Signed-off-by: David S. Miller -
The SCTP Quick failover draft [1] section 5.1, point 5 says that the cwnd
should be 1 MTU. So, instead of 1, set it to 1 MTU.[1] https://tools.ietf.org/html/draft-nishida-tsvwg-sctp-failover-05
Reported-by: Karl Heiss
Signed-off-by: Daniel Borkmann
Cc: Neil Horman
Acked-by: Vlad Yasevich
Acked-by: Neil Horman
Signed-off-by: David S. Miller -
In stmmac_init_rx_buffers():
* add missing handling of dma_map_single() error
* remove superfluous unlikely() optimization while at itAdd stmmac_free_rx_buffers() helper and use it in dma_free_rx_skbufs().
In init_dma_desc_rings():
* add missing handling of kmalloc_array() errors
* fix handling of dma_alloc_coherent() and stmmac_init_rx_buffers() errors
* make function return an error value on error and 0 on successIn stmmac_open():
* add handling of init_dma_desc_rings() return valueSigned-off-by: Bartlomiej Zolnierkiewicz
Signed-off-by: Kyungmin Park
Signed-off-by: David S. Miller
12 Aug, 2013
3 commits
-
We met lockdep warning when enable and disable the bearer for commands such as:
tipc-config -netid=1234 -addr=1.1.3 -be=eth:eth0
tipc-config -netid=1234 -addr=1.1.3 -bd=eth:eth0---------------------------------------------------
[ 327.693595] ======================================================
[ 327.693994] [ INFO: possible circular locking dependency detected ]
[ 327.694519] 3.11.0-rc3-wwd-default #4 Tainted: G O
[ 327.694882] -------------------------------------------------------
[ 327.695385] tipc-config/5825 is trying to acquire lock:
[ 327.695754] (((timer))#2){+.-...}, at: [] del_timer_sync+0x0/0xd0
[ 327.696018]
[ 327.696018] but task is already holding lock:
[ 327.696018] (&(&b_ptr->lock)->rlock){+.-...}, at: [] bearer_disable+ 0xdd/0x120 [tipc]
[ 327.696018]
[ 327.696018] which lock already depends on the new lock.
[ 327.696018]
[ 327.696018]
[ 327.696018] the existing dependency chain (in reverse order) is:
[ 327.696018]
[ 327.696018] -> #1 (&(&b_ptr->lock)->rlock){+.-...}:
[ 327.696018] [] validate_chain+0x6dd/0x870
[ 327.696018] [] __lock_acquire+0x3db/0x670
[ 327.696018] [] lock_acquire+0x103/0x130
[ 327.696018] [] _raw_spin_lock_bh+0x41/0x80
[ 327.696018] [] disc_timeout+0x18/0xd0 [tipc]
[ 327.696018] [] call_timer_fn+0xda/0x1e0
[ 327.696018] [] run_timer_softirq+0x2a7/0x2d0
[ 327.696018] [] __do_softirq+0x16a/0x2e0
[ 327.696018] [] irq_exit+0xd5/0xe0
[ 327.696018] [] smp_apic_timer_interrupt+0x45/0x60
[ 327.696018] [] apic_timer_interrupt+0x6f/0x80
[ 327.696018] [] arch_cpu_idle+0x1e/0x30
[ 327.696018] [] cpu_idle_loop+0x1fd/0x280
[ 327.696018] [] cpu_startup_entry+0x1e/0x20
[ 327.696018] [] start_secondary+0x89/0x90
[ 327.696018]
[ 327.696018] -> #0 (((timer))#2){+.-...}:
[ 327.696018] [] check_prev_add+0x43e/0x4b0
[ 327.696018] [] validate_chain+0x6dd/0x870
[ 327.696018] [] __lock_acquire+0x3db/0x670
[ 327.696018] [] lock_acquire+0x103/0x130
[ 327.696018] [] del_timer_sync+0x3d/0xd0
[ 327.696018] [] tipc_disc_delete+0x15/0x30 [tipc]
[ 327.696018] [] bearer_disable+0xef/0x120 [tipc]
[ 327.696018] [] tipc_disable_bearer+0x2f/0x60 [tipc]
[ 327.696018] [] tipc_cfg_do_cmd+0x2e2/0x550 [tipc]
[ 327.696018] [] handle_cmd+0x49/0xe0 [tipc]
[ 327.696018] [] genl_family_rcv_msg+0x268/0x340
[ 327.696018] [] genl_rcv_msg+0x70/0xd0
[ 327.696018] [] netlink_rcv_skb+0x89/0xb0
[ 327.696018] [] genl_rcv+0x27/0x40
[ 327.696018] [] netlink_unicast+0x15e/0x1b0
[ 327.696018] [] netlink_sendmsg+0x22f/0x400
[ 327.696018] [] __sock_sendmsg+0x66/0x80
[ 327.696018] [] sock_aio_write+0x107/0x120
[ 327.696018] [] do_sync_write+0x7d/0xc0
[ 327.696018] [] vfs_write+0x186/0x190
[ 327.696018] [] SyS_write+0x60/0xb0
[ 327.696018] [] system_call_fastpath+0x16/0x1b
[ 327.696018]
[ 327.696018] other info that might help us debug this:
[ 327.696018]
[ 327.696018] Possible unsafe locking scenario:
[ 327.696018]
[ 327.696018] CPU0 CPU1
[ 327.696018] ---- ----
[ 327.696018] lock(&(&b_ptr->lock)->rlock);
[ 327.696018] lock(((timer))#2);
[ 327.696018] lock(&(&b_ptr->lock)->rlock);
[ 327.696018] lock(((timer))#2);
[ 327.696018]
[ 327.696018] *** DEADLOCK ***
[ 327.696018]
[ 327.696018] 5 locks held by tipc-config/5825:
[ 327.696018] #0: (cb_lock){++++++}, at: [] genl_rcv+0x18/0x40
[ 327.696018] #1: (genl_mutex){+.+.+.}, at: [] genl_rcv_msg+0xa6/0xd0
[ 327.696018] #2: (config_mutex){+.+.+.}, at: [] tipc_cfg_do_cmd+0x39/ 0x550 [tipc]
[ 327.696018] #3: (tipc_net_lock){++.-..}, at: [] tipc_disable_bearer+ 0x18/0x60 [tipc]
[ 327.696018] #4: (&(&b_ptr->lock)->rlock){+.-...}, at: [] bearer_disable+0xdd/0x120 [tipc]
[ 327.696018]
[ 327.696018] stack backtrace:
[ 327.696018] CPU: 2 PID: 5825 Comm: tipc-config Tainted: G O 3.11.0-rc3-wwd- default #4
[ 327.696018] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007
[ 327.696018] 00000000ffffffff ffff880037fa77a8 ffffffff814d03dd 0000000000000000
[ 327.696018] ffff880037fa7808 ffff880037fa77e8 ffffffff810b1c4f 0000000037fa77e8
[ 327.696018] ffff880037fa7808 ffff880037e4db40 0000000000000000 ffff880037e4e318
[ 327.696018] Call Trace:
[ 327.696018] [] dump_stack+0x4d/0xa0
[ 327.696018] [] print_circular_bug+0x10f/0x120
[ 327.696018] [] check_prev_add+0x43e/0x4b0
[ 327.696018] [] validate_chain+0x6dd/0x870
[ 327.696018] [] ? sched_clock_cpu+0xd8/0x110
[ 327.696018] [] __lock_acquire+0x3db/0x670
[ 327.696018] [] lock_acquire+0x103/0x130
[ 327.696018] [] ? try_to_del_timer_sync+0x70/0x70
[ 327.696018] [] del_timer_sync+0x3d/0xd0
[ 327.696018] [] ? try_to_del_timer_sync+0x70/0x70
[ 327.696018] [] tipc_disc_delete+0x15/0x30 [tipc]
[ 327.696018] [] bearer_disable+0xef/0x120 [tipc]
[ 327.696018] [] tipc_disable_bearer+0x2f/0x60 [tipc]
[ 327.696018] [] tipc_cfg_do_cmd+0x2e2/0x550 [tipc]
[ 327.696018] [] ? security_capable+0x13/0x20
[ 327.696018] [] handle_cmd+0x49/0xe0 [tipc]
[ 327.696018] [] genl_family_rcv_msg+0x268/0x340
[ 327.696018] [] genl_rcv_msg+0x70/0xd0
[ 327.696018] [] ? genl_lock+0x20/0x20
[ 327.696018] [] netlink_rcv_skb+0x89/0xb0
[ 327.696018] [] ? genl_rcv+0x18/0x40
[ 327.696018] [] genl_rcv+0x27/0x40
[ 327.696018] [] netlink_unicast+0x15e/0x1b0
[ 327.696018] [] ? memcpy_fromiovec+0x6c/0x90
[ 327.696018] [] netlink_sendmsg+0x22f/0x400
[ 327.696018] [] __sock_sendmsg+0x66/0x80
[ 327.696018] [] sock_aio_write+0x107/0x120
[ 327.696018] [] ? release_sock+0x8c/0xa0
[ 327.696018] [] do_sync_write+0x7d/0xc0
[ 327.696018] [] ? rw_verify_area+0x54/0x100
[ 327.696018] [] vfs_write+0x186/0x190
[ 327.696018] [] SyS_write+0x60/0xb0
[ 327.696018] [] system_call_fastpath+0x16/0x1b-----------------------------------------------------------------------
The problem is that the tipc_link_delete() will cancel the timer disc_timeout() when
the b_ptr->lock is hold, but the disc_timeout() still call b_ptr->lock to finish the
work, so the dead lock occurs.We should unlock the b_ptr->lock when del the disc_timeout().
Remove link_timeout() still met the same problem, the patch:
http://article.gmane.org/gmane.network.tipc.general/4380
fix the problem, so no need to send patch for fix link_timeout() deadlock warming.
Signed-off-by: Wang Weidong
Signed-off-by: Ding Tianhong
Acked-by: Ying Xue
Signed-off-by: David S. Miller -
Fix possibly wrong memcpy() bytes length since some CAN records received from
PCAN-USB could define a DLC field in range [9..15].
In that case, the real DLC value MUST be used to move forward the record pointer
but, only 8 bytes max. MUST be copied into the data field of the struct
can_frame object of the skb given to the network core.Cc: linux-stable
Signed-off-by: Stephane Grosjean
Signed-off-by: Marc Kleine-Budde
Signed-off-by: David S. Miller -
Since commit ac4e4af1e59e1 ("macvtap: Consistently use rcu functions"),
Thomas gets two different warnings :BUG: using smp_processor_id() in preemptible [00000000] code: vhost-45891/45892
caller is macvtap_do_read+0x45c/0x600 [macvtap]
CPU: 1 PID: 45892 Comm: vhost-45891 Not tainted 3.11.0-bisecttest #13
Call Trace:
([] show_trace+0x126/0x144)
[] show_stack+0xc6/0xd4
[] dump_stack+0x74/0xd8
[] debug_smp_processor_id+0xf6/0x114
[] macvtap_do_read+0x45c/0x600 [macvtap]
[] macvtap_recvmsg+0x60/0x88 [macvtap]
[] handle_rx+0x5b2/0x800 [vhost_net]
[] vhost_worker+0x15c/0x1c4 [vhost]
[] kthread+0xd8/0xe4
[] kernel_thread_starter+0x6/0xc
[] kernel_thread_starter+0x0/0xcAnd
BUG: using smp_processor_id() in preemptible [00000000] code: vhost-45897/45898
caller is macvlan_start_xmit+0x10a/0x1b4 [macvlan]
CPU: 1 PID: 45898 Comm: vhost-45897 Not tainted 3.11.0-bisecttest #16
Call Trace:
([] show_trace+0x126/0x144)
[] show_stack+0xc6/0xd4
[] dump_stack+0x74/0xd4
[] debug_smp_processor_id+0xf6/0x114
[] macvlan_start_xmit+0x10a/0x1b4 [macvlan]
[] macvtap_get_user+0x982/0xbc4 [macvtap]
[] macvtap_sendmsg+0x4e/0x60 [macvtap]
[] handle_tx+0x494/0x5ec [vhost_net]
[] vhost_worker+0x15c/0x1c4 [vhost]
[] kthread+0xd8/0xe4
[] kernel_thread_starter+0x6/0xc
[] kernel_thread_starter+0x0/0xc
2 locks held by vhost-45897/45898:
#0: (&vq->mutex){+.+.+.}, at: [] handle_tx+0x54/0x5ec [vhost_net]
#1: (rcu_read_lock){.+.+..}, at: [] macvtap_get_user+0x824/0xbc4 [macvtap]In the first case, macvtap_put_user() calls macvlan_count_rx()
in a preempt-able context, and this is not allowed.In the second case, macvtap_get_user() calls
macvlan_start_xmit() with BH enabled, and this is not allowed.Reported-by: Thomas Huth
Bisected-by: Thomas Huth
Signed-off-by: Eric Dumazet
Tested-by: Thomas Huth
Cc: Vlad Yasevich
Signed-off-by: David S. Miller
11 Aug, 2013
4 commits
-
Included change:
- reassign pointers to data after skb reallocation to avoid kernel paging errorsSigned-off-by: David S. Miller
-
There are several functions which might reallocate skb data. Currently
some places keep reusing their old ethhdr pointer regardless of whether
they became invalid after such a reallocation or not. This potentially
leads to kernel paging errors.This patch fixes these by refetching the ethdr pointer after the
potential reallocations.Signed-off-by: Linus Lüssing
Signed-off-by: Marek Lindner
Signed-off-by: Antonio Quartulli -
Pablo Neira Ayuso says:
====================
The following patchset contains four netfilter fixes, they are:* Fix possible invalid access and mangling of the TCPMSS option in
xt_TCPMSS. This was spotted by Julian Anastasov.* Fix possible off by one access and mangling of the TCP packet in
xt_TCPOPTSTRIP, also spotted by Julian Anastasov.* Fix possible information leak due to missing initialization of one
padding field of several structures that are included in nfqueue and
nflog netlink messages, from Dan Carpenter.* Fix TCP window tracking with Fast Open, from Yuchung Cheng.
====================Signed-off-by: David S. Miller
-
Currently the conntrack checks if the ending sequence of a packet
falls within the observed receive window. However it does so even
if it has not observe any packet from the remote yet and uses an
uninitialized receive window (td_maxwin).If a connection uses Fast Open to send a SYN-data packet which is
dropped afterward in the network. The subsequent SYNs retransmits
will all fail this check and be discarded, leading to a connection
timeout. This is because the SYN retransmit does not contain data
payload soend == initial sequence number (isn) + 1
sender->td_end == isn + syn_data_len
receiver->td_maxwin == 0The fix is to only apply this check after td_maxwin is initialized.
Reported-by: Michael Chan
Signed-off-by: Yuchung Cheng
Acked-by: Eric Dumazet
Acked-by: Jozsef Kadlecsik
Signed-off-by: Pablo Neira Ayuso
10 Aug, 2013
8 commits
-
Fix inverted check when deleting an fdb entry.
Signed-off-by: Sridhar Samudrala
Signed-off-by: David S. Miller -
This patch fixed the condition of extend_desc for jumbo frame.
There is no check routine for extend_desc in the stmmac_jumbo_frm function.
Even though extend_desc is set if dma_tx is used instead of dma_etx.
It causes kernel panic.Signed-off-by: Byungho An
Signed-off-by: David S. Miller -
This is a regression introduced by:
commit fe5c3561e6f0ac7c9546209f01351113c1b77ec8
Author: stephen hemminger
Date: Sat Jul 13 10:18:18 2013 -0700vxlan: add necessary locking on device removal
The problem is that vxlan_dellink(), which is called with RTNL lock
held, tries to flush the workqueue synchronously, but apparently
igmp_join and igmp_leave work need to hold RTNL lock too, therefore we
have a soft lockup!As suggested by Stephen, probably the flush_workqueue can just be
removed and let the normal refcounting work. The workqueue has a
reference to device and socket, therefore the cleanups should work
correctly.Suggested-by: Stephen Hemminger
Cc: Stephen Hemminger
Cc: David S. Miller
Tested-by: Cong Wang
Signed-off-by: Cong Wang
Acked-by: Stephen Hemminger
Signed-off-by: David S. Miller -
This is a regression introduced by:
commit 3fc2de2faba387218bdf9dbc6b13f513ac3b060a
Author: stephen hemminger
Date: Thu Jul 18 08:40:15 2013 -0700vxlan: fix igmp races
Before this commit, the old code was:
if (vxlan_group_used(vn, vxlan->default_dst.remote_ip))
ip_mc_join_group(sk, &mreq);
else
ip_mc_leave_group(sk, &mreq);therefore we shoud check vxlan_group_used(), not its opposite,
for igmp_join.Cc: Stephen Hemminger
Cc: David S. Miller
Signed-off-by: Cong Wang
Signed-off-by: David S. Miller -
Rename mib counter from "low latency" to "busy poll"
v1 also moved the counter to the ip MIB (suggested by Shawn Bohrer)
Eric Dumazet suggested that the current location is better.So v2 just renames the counter to fit the new naming convention.
Signed-off-by: Eliezer Tamir
Signed-off-by: David S. Miller -
Introduced in cf3c4c03060b688cbc389ebc5065ebcce5653e96
("8139cp: Add dma_mapping_error checking")Signed-off-by: Dave Jones
Signed-off-by: David S. Miller -
Same behavior than 802.1q : finds the encapsulated protocol and
skip 32bit header.Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller -
Fix ipgre_header() (header_ops->create) to return the correct
amount of bytes pushed. Most callers of dev_hard_header() seem
to care only if it was success, but af_packet.c uses it as
offset to the skb to copy from userspace only once. In practice
this fixes packet socket sendto()/sendmsg() to gre tunnels.Regression introduced in c54419321455631079c7d6e60bc732dd0c5914c5
("GRE: Refactor GRE tunneling code.")Cc: Pravin B Shelar
Signed-off-by: Timo Teräs
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller
09 Aug, 2013
2 commits
-
John W. Linville says:
====================
This is a batch of fixes intended for the 3.11 queue...Regarding the mac80211 (and related) bits, Johannes says:
"I have a fix from Chris for an infinite loop along with fixes from
myself to prevent it entering the loop to start with (continue using
disabled channels, many thanks to Chris for his debug/test help) and a
workaround for broken APs that advertise a bad HT primary channel in
their beacons. Additionally, a fix for another attrbuf race in mac80211
and a fix to clean up properly while P2P GO interfaces go down."Along with that...
Solomon Peachy corrects a range check in cw1200 that would lead to
a BUG_ON when starting AP mode.Stanislaw Gruszka provides an iwl4965 patch to power-up the device
earlier (avoiding microcode errors), and another iwl4965 fix that
resets the firmware after turning rfkill off (resolving a bug in the
Red Hat Bugzilla).Please let me know if there are problems!
====================Signed-off-by: David S. Miller
-
…wireless into for-davem
08 Aug, 2013
4 commits
-
In case a subtree did not match we currently stop backtracking and return
NULL (root table from fib_lookup). This could yield in invalid routing
table lookups when using subtrees.Instead continue to backtrack until a valid subtree or node is found
and return this match.Also remove unneeded NULL check.
Reported-by: Teco Boot
Cc: YOSHIFUJI Hideaki
Cc: David Lamparter
Cc:
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
While investigating about strange increase of retransmit rates
on hosts ~24 days after boot, Van found hystart was disabled
if ca->epoch_start was 0, as following condition is true
when tcp_time_stamp high order bit is set.(s32)(tcp_time_stamp - ca->epoch_start) < HZ
Quoting Van :
At initialization & after every loss ca->epoch_start is set to zero so
I believe that the above line will turn off hystart as soon as the 2^31
bit is set in tcp_time_stamp & hystart will stay off for 24 days.
I think we've observed that cubic's restart is too aggressive without
hystart so this might account for the higher drop rate we observe.Diagnosed-by: Van Jacobson
Signed-off-by: Eric Dumazet
Cc: Neal Cardwell
Cc: Yuchung Cheng
Acked-by: Neal Cardwell
Signed-off-by: David S. Miller -
br_sysfs_if.c is for sysfs attributes of bridge ports, while br_sysfs_br.c
is for sysfs attributes of bridge itself. Correct the comment here.Signed-off-by: Wang Sheng-Hui
Signed-off-by: David S. Miller -
commit 17a6e9f1aa9 ("tcp_cubic: fix clock dependency") added an
overflow error in bictcp_update() in following code :/* change the unit from HZ to bictcp_HZ */
t = ((tcp_time_stamp + msecs_to_jiffies(ca->delay_min>>3) -
ca->epoch_start) << BICTCP_HZ) / HZ;Because msecs_to_jiffies() being unsigned long, compiler does
implicit type promotion.We really want to constrain (tcp_time_stamp - ca->epoch_start)
to a signed 32bit value, or else 't' has unexpected high values.This bugs triggers an increase of retransmit rates ~24 days after
boot [1], as the high order bit of tcp_time_stamp flips.[1] for hosts with HZ=1000
Big thanks to Van Jacobson for spotting this problem.
Diagnosed-by: Van Jacobson
Signed-off-by: Eric Dumazet
Cc: Neal Cardwell
Cc: Yuchung Cheng
Cc: Stephen Hemminger
Acked-by: Neal Cardwell
Signed-off-by: David S. Miller
06 Aug, 2013
11 commits
-
Currently we are reading an uninitialized value for the max_delay
variable when snooping an MLD query message of invalid length and would
update our timers with that.Fixing this by simply ignoring such broken MLD queries (just like we do
for IGMP already).This is a regression introduced by:
"bridge: disable snooping if there is no querier" (b00589af3b04)Reported-by: Paul Bolle
Signed-off-by: Linus Lüssing
Signed-off-by: David S. Miller -
AddressSanitizer [1] dynamic checker pointed a potential
out of bound access in leaf_walk_rcu()We could allocate one more slot in tnode_new() to leave the prefetch()
in-place but it looks not worth the pain.Bug added in commit 82cfbb008572b ("[IPV4] fib_trie: iterator recode")
[1] :
https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernelReported-by: Andrey Konovalov
Signed-off-by: Eric Dumazet
Cc: Dmitry Vyukov
Signed-off-by: David S. Miller -
Otherwise, on neighbour creation, bond_neigh_init() will be called with a
foreign netdev.Signed-off-by: Veaceslav Falico
Signed-off-by: David S. Miller -
dev->ndo_neigh_setup() might need some of the values of neigh_parms, so
populate them before calling it.Signed-off-by: Veaceslav Falico
Signed-off-by: David S. Miller -
Commit 91657eafb ("xfrm: take net hdr len into account for esp payload
size calculation") introduced a possible interger overflow in
esp{4,6}_get_mtu() handlers in case of x->props.mode equals
XFRM_MODE_TUNNEL. Thus, the following expression will overflowunsigned int net_adj;
...
net_adj = 0;
...
return ((mtu - x->props.header_len - crypto_aead_authsize(esp->aead) -
net_adj) & ~(align - 1)) + (net_adj - 2);where (net_adj - 2) would be evaluated as + (0 - 2) in an unsigned
context. Fix it by simply removing brackets as those operations here
do not need to have special precedence.Signed-off-by: Daniel Borkmann
Cc: Benjamin Poirier
Cc: Steffen Klassert
Acked-by: Benjamin Poirier
Signed-off-by: David S. Miller -
Vlan devices are LLTX and don't update their own trans_start, so if
dev_trans_start has to be called with a vlan device then 0 or a stale
value will be returned. Currently the bonding is the only such user, and
it's needed for proper arp monitoring when the slaves are vlans.
Fix this by extracting the vlan's real device trans_start.Suggested-by: David Miller
Signed-off-by: Nikolay Aleksandrov
Acked-by: Veaceslav Falico
Signed-off-by: David S. Miller -
Sometimes we might have stacked vlans on top of each other, and we're
interested in the first non-vlan real device on the path, so transform
vlan_dev_real_dev to go over the stacked vlans and extract the first
non-vlan device.Signed-off-by: Nikolay Aleksandrov
Signed-off-by: Veaceslav Falico
Signed-off-by: David S. Miller -
There's an underlying race condition with the unjoin_work() call that is
sometimes triggered depending on scheduling order and the phase of the
moon. This doesn't fix the race condition, but it does remove the
ill-advised BUG_ON() call in an easily-recoverable situation.Signed-off-by: Solomon Peachy
Signed-off-by: John W. Linville -
Drop the semicolon at the end of the list_for_each_entry loop header.
Signed-off-by: Julia Lawall
Signed-off-by: David S. Miller -
Remove this code, per Dave Miller's request, since it is not being used
anywhere in the kernel.Signed-off-by: Eli Cohen
Signed-off-by: David S. Miller -
commit df8ef8f3aaa6692970a436204c4429210addb23a
macvlan: add FDB bridge ops and macvlan flags
added a flags field to macvlan, which can be
controlled from userspace.
The idea is to make the interface future-proof
so we can add flags and not new fields.However, flags value isn't validated, as a result,
userspace can't detect which flags are supported.Cc: "David S. Miller"
Cc: John Fastabend
Signed-off-by: Michael S. Tsirkin
Signed-off-by: David S. Miller
05 Aug, 2013
4 commits
-
These structs have a "_pad" member. Also the "phw" structs have an 8
byte "hw_addr[]" array but sometimes only the first 6 bytes are
initialized.Signed-off-by: Dan Carpenter
Signed-off-by: Pablo Neira Ayuso -
The following is needed as well to fix warning/error about shifting a 32 bit
value 32 bits which occurs if building on 32 bit platform caused by conversion
to using dma_addr_tSigned-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
When renaming ll_poll to busy poll, I introduced a typo
in the name of the do-nothing placeholder for sk_busy_loop
and called it sk_busy_poll.
This broke compile when busy poll was not configured.
Cong Wang submitted a patch to fixed that.
This patch removes the now redundant, misspelled placeholder.Signed-off-by: Eliezer Tamir
Signed-off-by: David S. Miller -
This old driver never checked for DMA mapping errors.
Causing splats with the new DMA mapping checks:
WARNING: at lib/dma-debug.c:937 check_unmap+0x47b/0x930()
skge 0000:01:09.0: DMA-API: device driver failed to check mapAdd checks and unwind code.
Reported-by: poma
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller
04 Aug, 2013
1 commit
-
Pull networking fixes from David Miller:
1) Don't ignore user initiated wireless regulatory settings on cards
with custom regulatory domains, from Arik Nemtsov.2) Fix length check of bluetooth information responses, from Jaganath
Kanakkassery.3) Fix misuse of PTR_ERR in btusb, from Adam Lee.
4) Handle rfkill properly while iwlwifi devices are offline, from
Emmanuel Grumbach.5) Fix r815x devices DMA'ing to stack buffers, from Hayes Wang.
6) Kernel info leak in ATM packet scheduler, from Dan Carpenter.
7) 8139cp doesn't check for DMA mapping errors, from Neil Horman.
8) Fix bridge multicast code to not snoop when no querier exists,
otherwise mutlicast traffic is lost. From Linus Lüssing.9) Avoid soft lockups in fib6_run_gc(), from Michal Kubecek.
10) Fix races in automatic address asignment on ipv6, which can result
in incorrect lifetime assignments. From Jiri Benc.11) Cure build bustage when CONFIG_NET_LL_RX_POLL is not set and rename
it CONFIG_NET_RX_BUSY_POLL to eliminate the last reference to the
original naming of this feature. From Cong Wang.12) Fix crash in TIPC when server socket creation fails, from Ying Xue.
13) macvlan_changelink() silently succeeds when it shouldn't, from
Michael S Tsirkin.14) HTB packet scheduler can crash due to sign extension, fix from
Stephen Hemminger.15) With the cable unplugged, r8169 prints out a message every 10
seconds, make it netif_dbg() instead of netif_warn(). From Peter
Wu.16) Fix memory leak in rtm_to_ifaddr(), from Daniel Borkmann.
17) sis900 gets spurious TX queue timeouts due to mismanagement of link
carrier state, from Denis Kirjanov.18) Validate somaxconn sysctl to make sure it fits inside of a u16.
From Roman Gushchin.19) Fix MAC address filtering on qlcnic, from Shahed Shaikh.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (68 commits)
qlcnic: Fix for flash update failure on 83xx adapter
qlcnic: Fix link speed and duplex display for 83xx adapter
qlcnic: Fix link speed display for 82xx adapter
qlcnic: Fix external loopback test.
qlcnic: Removed adapter series name from warning messages.
qlcnic: Free up memory in error path.
qlcnic: Fix ingress MAC learning
qlcnic: Fix MAC address filter issue on 82xx adapter
net: ethernet: davinci_emac: drop IRQF_DISABLED
netlabel: use domain based selectors when address based selectors are not available
net: check net.core.somaxconn sysctl values
sis900: Fix the tx queue timeout issue
net: rtm_to_ifaddr: free ifa if ifa_cacheinfo processing fails
r8169: remove "PHY reset until link up" log spam
net: ethernet: cpsw: drop IRQF_DISABLED
htb: fix sign extension bug
macvlan: handle set_promiscuity failures
macvlan: better mode validation
tipc: fix oops when creating server socket fails
net: rename CONFIG_NET_LL_RX_POLL to CONFIG_NET_RX_BUSY_POLL
...
