25 Apr, 2017
40 commits
-
Function nlmsg_new() will return a NULL pointer if there is no enough
memory, and its return value should be checked before it is used.
However, in function tipc_nl_node_get_monitor(), the validation of the
return value of function nlmsg_new() is missed. This patch fixes the
bug.Signed-off-by: Pan Bian
Signed-off-by: David S. Miller -
Function nla_nest_start() may return a NULL pointer on error. However,
in function lwtunnel_fill_encap(), the return value of nla_nest_start()
is not validated before it is used. This patch checks the return value
of nla_nest_start() against NULL.Signed-off-by: Pan Bian
Signed-off-by: David S. Miller -
Jakub Kicinski says:
====================
nfp: DMA flags, adjust head and fixesThis series takes advantage of Alex's DMA_ATTR_SKIP_CPU_SYNC to make
XDP packet modifications "correct" from DMA API point of view. It
also allows us to parse the metadata before we run XDP at no additional
DMA sync cost. That way we can get rid of the metadata memcpy, and
remove the last upstream user of bpf_prog->xdp_adjust_head.David's patch adds a way to read capabilities from the management
firmware.There are also two net-next fixes. Patch 4 which fixes what seems to
be a result of a botched rebase on my part. Patch 5 corrects locking
when state of ethernet ports is being refreshed.v3: move the sync from alloc func to the actual give to hw func
v2: sync rx buffers before giving them to the card (Alex)
====================Signed-off-by: David S. Miller
-
The code refreshing the eth port state was trying to update state
of all ports of the card. Unfortunately to safely walk the port
list we would have to hold the port lock, which we can't due to
lock ordering constraints against rtnl.Make the per-port sync refresh and async refresh of all ports
completely separate routines.Fixes: 172f638c93dd ("nfp: add port state refresh")
Signed-off-by: Jakub Kicinski
Signed-off-by: David S. Miller -
XDP headroom should not be included in free list buffer size.
Fixes: 6fe0c3b43804 ("nfp: add support for xdp_adjust_head()")
Signed-off-by: Jakub Kicinski
Signed-off-by: David S. Miller -
Retrieve identifying information from the NSP. For now it only
contains versions of firmware subcomponents.Signed-off-by: David Brunecz
Signed-off-by: Jakub Kicinski
Signed-off-by: David S. Miller -
Calling memcpy to shift metadata out of the way for XDP to run
seems like an overkill. The most common metadata contents are
8 bytes containing type and flow hash. Simply parse the metadata
before we run XDP.Signed-off-by: Jakub Kicinski
Signed-off-by: David S. Miller -
DMA unmap may destroy changes CPU made to the buffer. To make XDP
run correctly on non-x86 platforms we should use the
DMA_ATTR_SKIP_CPU_SYNC attribute.Thanks to using the attribute we can now push the sync operation to the
common code path from XDP handler.A little bit of variable name reshuffling is required to bring the
code back to readable state.Signed-off-by: Jakub Kicinski
Signed-off-by: David S. Miller -
Benjamin LaHaise says:
====================
flower: add MPLS matching supportThis patch series adds support for parsing MPLS flows in the flow dissector
and the flower classifier. Each of the MPLS TTL, BOS, TC and Label fields
can be used for matching.v2: incorporate style feedback, move #defines to linux/include/mpls.h
Note: this omits Jiri's request to remove tabs between the type and
field names in struct declarations. This would be inconsistent with
numerous other struct definitions.
====================Signed-off-by: David S. Miller
-
Add support to the tc flower classifier to match based on fields in MPLS
labels (TTL, Bottom of Stack, TC field, Label).Signed-off-by: Benjamin LaHaise
Signed-off-by: Benjamin LaHaise
Reviewed-by: Jakub Kicinski
Cc: "David S. Miller"
Cc: Simon Horman
Cc: Jamal Hadi Salim
Cc: Cong Wang
Cc: Jiri Pirko
Cc: Eric Dumazet
Cc: Hadar Hen Zion
Cc: Gao Feng
Acked-by: Jiri Pirko
Signed-off-by: David S. Miller -
Add support for parsing MPLS flows to the flow dissector in preparation for
adding MPLS match support to cls_flower.Signed-off-by: Benjamin LaHaise
Signed-off-by: Benjamin LaHaise
Reviewed-by: Jakub Kicinski
Cc: "David S. Miller"
Cc: Simon Horman
Cc: Jamal Hadi Salim
Cc: Cong Wang
Cc: Jiri Pirko
Cc: Eric Dumazet
Cc: Hadar Hen Zion
Cc: Gao Feng
Acked-by: Jiri Pirko
Signed-off-by: David S. Miller -
Wei Wang says:
====================
net/tcp_fastopen: Fix for various TFO firewall issuesCurrently there are still some firewall issues in the middlebox
which make the middlebox drop packets silently for TFO sockets.
This kind of issue is hard to be detected by the end client.This patch series tries to detect such issues in the kernel and disable
TFO temporarily.
More details about the issues and the fixes are included in the following
patches.
====================Signed-off-by: David S. Miller
-
Christoph Paasch from Apple found another firewall issue for TFO:
After successful 3WHS using TFO, server and client starts to exchange
data. Afterwards, a 10s idle time occurs on this connection. After that,
firewall starts to drop every packet on this connection.The fix for this issue is to extend existing firewall blackhole detection
logic in tcp_write_timeout() by removing the mss check.Signed-off-by: Wei Wang
Acked-by: Yuchung Cheng
Acked-by: Neal Cardwell
Signed-off-by: David S. Miller -
This counter records the number of times the firewall blackhole issue is
detected and active TFO is disabled.Signed-off-by: Wei Wang
Acked-by: Yuchung Cheng
Acked-by: Neal Cardwell
Signed-off-by: David S. Miller -
Middlebox firewall issues can potentially cause server's data being
blackholed after a successful 3WHS using TFO. Following are the related
reports from Apple:
https://www.nanog.org/sites/default/files/Paasch_Network_Support.pdf
Slide 31 identifies an issue where the client ACK to the server's data
sent during a TFO'd handshake is dropped.
C ---> syn-data ---> S
C X S
[retry and timeout]https://www.ietf.org/proceedings/94/slides/slides-94-tcpm-13.pdf
Slide 5 shows a similar situation that the server's data gets dropped
after 3WHS.
C ---- syn-data ---> S
C S
S (accept & write)
C? X
Acked-by: Yuchung Cheng
Acked-by: Neal Cardwell
Signed-off-by: David S. Miller -
Saeed Mahameed says:
====================
mlx5-updates-2017-04-22Sparse and compiler warnings fixes from Stephen Hemminger.
From Roi Dayan and Or Gerlitz, Add devlink and mlx5 support for controlling
E-Switch encapsulation mode, this knob will enable HW support for applying
encapsulation/decapsulation to VF traffic as part of SRIOV e-switch offloading.
====================Signed-off-by: David S. Miller
-
systemd-sysctl is triggering a suspicious RCU usage message when
net.ipv4.tcp_early_demux or net.ipv4.udp_early_demux is changed via
a sysctl config file:[ 33.896184] ===============================
[ 33.899558] [ ERR: suspicious RCU usage. ]
[ 33.900624] 4.11.0-rc7+ #104 Not tainted
[ 33.901698] -------------------------------
[ 33.903059] /home/dsa/kernel-2.git/net/ipv4/sysctl_net_ipv4.c:305 suspicious rcu_dereference_check() usage!
[ 33.905724]
other info that might help us debug this:[ 33.907656]
rcu_scheduler_active = 2, debug_locks = 0
[ 33.909288] 1 lock held by systemd-sysctl/143:
[ 33.910373] #0: (sb_writers#5){.+.+.+}, at: [] file_start_write+0x45/0x48
[ 33.912407]
stack backtrace:
[ 33.914018] CPU: 0 PID: 143 Comm: systemd-sysctl Not tainted 4.11.0-rc7+ #104
[ 33.915631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_083030-gandalf 04/01/2014
[ 33.917870] Call Trace:
[ 33.918431] dump_stack+0x81/0xb6
[ 33.919241] lockdep_rcu_suspicious+0x10f/0x118
[ 33.920263] proc_configure_early_demux+0x65/0x10a
[ 33.921391] proc_udp_early_demux+0x3a/0x41add rcu locking to proc_configure_early_demux.
Fixes: dddb64bcb3461 ("net: Add sysctl to toggle early demux for tcp and udp")
Signed-off-by: David Ahern
Signed-off-by: David S. Miller -
…etooth/bluetooth-next
Johan Hedberg says:
====================
pull request: bluetooth-next 2017-04-22Here are some more Bluetooth patches (and one 802.15.4 patch) in the
bluetooth-next tree targeting the 4.12 kernel. Most of them are pure
fixes.Please let me know if there are any issues pulling. Thanks.
====================Signed-off-by: David S. Miller <davem@davemloft.net>
-
Trivial fix to spelling mistake in dev_err message and rejoin
line.Signed-off-by: Colin Ian King
Signed-off-by: David S. Miller -
Use offset_in_page() macro instead of open-coding.
Signed-off-by: Geliang Tang
Signed-off-by: David S. Miller -
Michael Chan says:
====================
bnxt_en: Updates for net-next.Miscellaneous updates include passing DCBX RoCE VLAN priority to firmware,
checking one more new firmware flag before allowing DCBX to run on the host,
adding 100Gbps speed support, adding check to disallow speed settings on
Multi-host NICs, and a minor fix for reporting VF attributes.
====================Signed-off-by: David S. Miller
-
This change restricts the PF in multi-host mode from setting any port
level PHY configuration. The settings are controlled by firmware in
Multi-Host mode.Signed-off-by: Deepak Khungar
Signed-off-by: Michael Chan
Signed-off-by: David S. Miller -
Check the additional flag in bnxt_hwrm_func_qcfg() before allowing
DCBX to be done in host mode.Signed-off-by: Michael Chan
Signed-off-by: David S. Miller -
Added support for 100G link speed reporting for Broadcom BCM57454
ASIC in ethtool command.Signed-off-by: Deepak Khungar
Signed-off-by: Ray Jui
Signed-off-by: Michael Chan
Signed-off-by: David S. Miller -
The .ndo_get_vf_config() is returning the wrong qos attribute. Fix
the code that checks and reports the qos and spoofchk attributes. The
BNXT_VF_QOS and BNXT_VF_LINK_UP flags should not be set by default
during init. time.Signed-off-by: Michael Chan
Signed-off-by: David S. Miller -
When the driver gets the RoCE app priority set/delete call through DCBNL,
the driver will send the information to the firmware to set up the
priority VLAN tag for RDMA traffic.[ New version using the common ETH_P_IBOE constant in if_ether.h ]
Signed-off-by: Michael Chan
Signed-off-by: David S. Miller -
Add a new optional conntrack action attribute OVS_CT_ATTR_EVENTMASK,
which can be used in conjunction with the commit flag
(OVS_CT_ATTR_COMMIT) to set the mask of bits specifying which
conntrack events (IPCT_*) should be delivered via the Netfilter
netlink multicast groups. Default behavior depends on the system
configuration, but typically a lot of events are delivered. This can be
very chatty for the NFNLGRP_CONNTRACK_UPDATE group, even if only some
types of events are of interest.Netfilter core init_conntrack() adds the event cache extension, so we
only need to set the ctmask value. However, if the system is
configured without support for events, the setting will be skipped due
to extension not being found.Signed-off-by: Jarno Rajahalme
Reviewed-by: Greg Rose
Acked-by: Joe Stringer
Signed-off-by: David S. Miller -
Fix typo in a comment.
Signed-off-by: Jarno Rajahalme
Acked-by: Greg Rose
Signed-off-by: David S. Miller -
Nathan Fontenot says:
====================
ibmvnic: Additional updates and bug fixesThis set of patches is an additional set of updates and bug fixes to
the ibmvnic driver which applies on top of the previous set of updates
sent out on 4/19.
====================Signed-off-by: David S. Miller
-
When an error is encountered during transmit we need to free the
skb instead of returning TX_BUSY.Signed-off-by: Thomas Falcon
Signed-off-by: David S. Miller -
Validate that the napi structs exist before trying to disable them
at driver close.Signed-off-by: Nathan Fontenot
Signed-off-by: David S. Miller -
Create a common routine for setting the link state for the vnic adapter.
This update moves the sending of the crq and waiting for the link state
response to a common place. The new routine also adds handling of
resending the crq in cases of getting a partial success response.Signed-off-by: Nathan Fontenot
Signed-off-by: David S. Miller -
We should be initializing the stats token in the same place we
initialize the other resources for the driver.Signed-off-by: Nathan Fontenot
Signed-off-by: David S. Miller -
When handling a fatal error in the driver, there can be additional
error information provided by the vios. This information is not
always present, so only retrieve the additional error information
when present.Signed-off-by: Nathan Fontenot
Signed-off-by: David S. Miller -
This patch addresses a modification in the PAPR+ specification which now
defines a previously reserved value for vNIC capabilities. It indicates
whether the system firmware performs a VLAN header stripping on all VLAN
tagged received frames, in case it does, the behavior expected is for
the ibmvnic driver to be responsible for inserting the VLAN header.Reported-by: Manvanthara B. Puttashankar
Signed-off-by: Murilo Fossa Vicentini
Signed-off-by: David S. Miller -
Along with 5 TX queues, 5 RX queues are allocated at the beginning of
device probe. However, only the real number of TX queues is set. Configure
the real number of RX queues as well.Signed-off-by: Thomas Falcon
Signed-off-by: David S. Miller -
Mike Maloney says:
====================
packet: Add option to create new fanout group with unique id.Fanout uses a per net global namespace. A process that intends to create a
new fanout group can accidentally join an existing group. It is
not possible to detect this.Add a socket option to specify on the first call to
setsockopt(..., PACKET_FANOUT, ...) to ensure that a new group is created.
Also add tests.
====================Signed-off-by: David S. Miller
-
Create two groups with PACKET_FANOUT_FLAG_UNIQUEID, add a socket to one.
Ensure that the groups can only be joined if all options are consistent
with the original except for this flag.Signed-off-by: Mike Maloney
Acked-by: Willem de Bruijn
Signed-off-by: David S. Miller -
Fanout uses a per net global namespace. A process that intends to create
a new fanout group can accidentally join an existing group. It is not
possible to detect this.Add socket option PACKET_FANOUT_FLAG_UNIQUEID. When specified the
supplied fanout group id must be set to 0, and the kernel chooses an id
that is not already in use. This is an ephemeral flag so that
other sockets can be added to this group using setsockopt, but NOT
specifying this flag. The current getsockopt(..., PACKET_FANOUT, ...)
can be used to retrieve the new group id.We assume that there are not a lot of fanout groups and that this is not
a high frequency call.The method assigns ids starting at zero and increases until it finds an
unused id. It keeps track of the last assigned id, and uses it as a
starting point to find new ids.Signed-off-by: Mike Maloney
Acked-by: Willem de Bruijn
Signed-off-by: David S. Miller -
sock_fanout_open no longer sets the size of packet_socket ring, so stop
passing the parameter.Signed-off-by: Mike Maloney
Acked-by: Willem de Bruijn
Signed-off-by: David S. Miller