In the two places is_last_ethertype_ip is being called, the caller will
be looking inside the ip header, to be safe, add ip{4,6} header sanity
check. And return true only on valid ip headers, i.e: the whole header
is contained in the linear part of the skb.
Note: Such situation is very rare and hard to reproduce, since mlx5e
allocates a large enough headroom to contain the largest header one can
imagine.
Fixes: fe1dc06999 ("net/mlx5e: don't set CHECKSUM_COMPLETE on SCTP packets")
Reported-by: Cong Wang <xiyou.wangcong@gmail.com>
Reviewed-by: Tariq Toukan <tariqt@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
When an ethernet frame with ip payload is padded, the padding octets are
not covered by the hardware checksum.
Prior to the cited commit, skb checksum was forced to be CHECKSUM_NONE
when padding is detected. After it, the kernel will try to trim the
padding bytes and subtract their checksum from skb->csum.
In this patch we fixup skb->csum for any ip packet with tail padding of
any size, if any padding found.
FCS case is just one special case of this general purpose patch, hence,
it is removed.
Fixes: 88078d98d1 ("net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends"),
Cc: Eric Dumazet <edumazet@google.com>
Reviewed-by: Tariq Toukan <tariqt@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
XDP programs might change packets data contents which will make the
reported skb checksum (checksum complete) invalid.
When XDP programs are loaded/unloaded set/clear rx RQs
MLX5E_RQ_STATE_NO_CSUM_COMPLETE flag.
Fixes: 86994156c7 ("net/mlx5e: XDP fast RX drop bpf programs support")
Reviewed-by: Tariq Toukan <tariqt@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
When requested to recover from error, the tx reporter might open new
channels and close the existing ones. Use safe channels switch flow in
order to guarantee opened channels at the end of the recover flow.
For this purpose, define mlx5e_safe_reopen_channels function and use it
within those flows.
Fixes: de8650a820 ("net/mlx5e: Add tx reporter support")
Signed-off-by: Eran Ben Elisha <eranbe@mellanox.com>
Reviewed-by: Tariq Toukan <tariqt@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Skip recover operation if interface is in down state as TX objects are
not open. This fixes a bug were the recover flow re-opened TX objects
which were not opened before, leading to a possible memory leak at
driver unload.
Fixes: de8650a820 ("net/mlx5e: Add tx reporter support")
Signed-off-by: Eran Ben Elisha <eranbe@mellanox.com>
Reviewed-by: Tariq Toukan <tariqt@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Flow is kfreed on mlx5_fpga_tls_del_flow but kept in the idr data
structure, this is risky and can cause use-after-free, since the
idr_remove is delayed until tls_send_teardown_cmd completion.
Instead of delaying idr_remove, in this patch we do it on
mlx5_fpga_tls_del_flow, before actually kfree(flow).
Added synchronize_rcu before kfree(flow)
Fixes: ab412e1dd7 ("net/mlx5: Accel, add TLS rx offload routines")
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
To avoid use-after-free, hold the rcu read lock until we are done copying
flow data into the command buffer.
Fixes: ab412e1dd7 ("net/mlx5: Accel, add TLS rx offload routines")
Reported-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
* iTXQ fixes from Felix
* tracing fix - increase message length
* fix SW_CRYPTO_CONTROL enforcement
* WMM rule handling for regdomain intersection
* max_interfaces in hwsim - reported by syzbot
* clear private data in some more commands
* a clang compiler warning fix
I added a patch with two new (unused) macros for
rate-limited printing to simplify getting the users
into the tree.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEH1e1rEeCd0AIMq6MB8qZga/fl8QFAlyshYoACgkQB8qZga/f
l8Q1EQ//YO53GM06uvgdOlQkoF3D3uSLtPbJyxWcZCaJXjJ6jOOZsSrZZBLn7avf
i80UziS34ep0zdRHyVmGe6Q/VqufWUnzd6KBNdINEDdepOw6jFlBe9Ue+7mGwBnl
bqzJJ+rxQj1wVqMKEQMtznqCEX58ULiDKcPUPTG2Szw7moqMoTVaw7u2d3eX5mTS
Ka/rdsA/V9v4VOkBi//JqYmlZjdq83el8r4rshI2YbNdxwljTchK5YDsJreDawzF
X7pDjAou2EAskot2Pahz1qAEew0XUnSliTDRVTsgcsellnUHFsEGXytXQ7sp8Myy
kpGuBdeBqJuPWwKTbHfxiQb1VudpBWuMB2x/rotszgzrqSoVWot5j6/UyDSvMPyC
U/drsGJrN1iF/mYTn6G/r8sKPIaCxN7h02Z75IV7LBokGmz9Yt7srEjrOKt0uuK+
l5nb/YQNcN37lkREa6zLzec0f3wDzoqw1GWL0IuQyb+cFC2+6q5iFQ8dyXnu3FdQ
1cSJGJdnyG3bM0b42WrOcEOFt3EKmhb4UeuusoxkOd4aKuhBXRjVEzM+X6ADqTdR
mWvk7bEfYD0UMsqhtvrYBdBfquPuy3S4QzA0IMzxjk8bhCug233KpOPcLgVFjlzh
g7wCgfahl0TRhH7R1D3hnRUtcdsjifoa75XMAaDnWfnR9PiN6uI=
=2EV9
-----END PGP SIGNATURE-----
Merge tag 'mac80211-for-davem-2019-04-09' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
Johannes Berg says:
====================
Various fixes:
* iTXQ fixes from Felix
* tracing fix - increase message length
* fix SW_CRYPTO_CONTROL enforcement
* WMM rule handling for regdomain intersection
* max_interfaces in hwsim - reported by syzbot
* clear private data in some more commands
* a clang compiler warning fix
I added a patch with two new (unused) macros for
rate-limited printing to simplify getting the users
into the tree.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Restore SW_CRYPTO_CONTROL operation on AP_VLAN interfaces for unicast
keys, the original override was intended to be done for group keys as
those are treated specially by mac80211 and would always have been
rejected.
Now the situation is that AP_VLAN support must be enabled by the driver
if it can support it (meaning it can support software crypto GTK TX).
Thus, also simplify the code - if we get here with AP_VLAN and non-
pairwise key, software crypto must be used (driver doesn't know about
the interface) and can be used (driver must've advertised AP_VLAN if
it also uses SW_CRYPTO_CONTROL).
Fixes: db3bdcb9c3 ("mac80211: allow AP_VLAN operation on crypto controlled devices")
Signed-off-by: Alexander Wetzel <alexander@wetzel-home.de>
[rewrite commit message]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Pull networking fixes from David Miller:
1) Off by one and bounds checking fixes in NFC, from Dan Carpenter.
2) There have been many weird regressions in r8169 since we turned ASPM
support on, some are still not understood nor completely resolved.
Let's turn this back off for now. From Heiner Kallweit.
3) Signess fixes for ethtool speed value handling, from Michael
Zhivich.
4) Handle timestamps properly in macb driver, from Paul Thomas.
5) Two erspan fixes, it's the usual "skb ->data potentially reallocated
and we're holding a stale protocol header pointer". From Lorenzo
Bianconi.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
bnxt_en: Reset device on RX buffer errors.
bnxt_en: Improve RX consumer index validity check.
net: macb driver, check for SKBTX_HW_TSTAMP
qlogic: qlcnic: fix use of SPEED_UNKNOWN ethtool constant
broadcom: tg3: fix use of SPEED_UNKNOWN ethtool constant
ethtool: avoid signed-unsigned comparison in ethtool_validate_speed()
net: ip6_gre: fix possible use-after-free in ip6erspan_rcv
net: ip_gre: fix possible use-after-free in erspan_rcv
r8169: disable ASPM again
MAINTAINERS: ieee802154: update documentation file pattern
net: vrf: Fix ping failed when vrf mtu is set to 0
selftests: add a tc matchall test case
nfc: nci: Potential off by one in ->pipes[] array
NFC: nci: Add some bounds checking in nci_hci_cmd_received()
Pull TPM fixes from James Morris:
"From Jarkko: These are critical fixes for v5.1. Contains also couple
of new selftests for v5.1 features (partial reads in /dev/tpm0)"
* 'fixes-v5.1' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
selftests/tpm2: Open tpm dev in unbuffered mode
selftests/tpm2: Extend tests to cover partial reads
KEYS: trusted: fix -Wvarags warning
tpm: Fix the type of the return value in calc_tpm2_event_size()
KEYS: trusted: allow trusted.ko to initialize w/o a TPM
tpm: fix an invalid condition in tpm_common_poll
tpm: turn on TPM on suspend for TPM 1.x
- fix syscall number passed to trace_sys_exit;
- fix syscall number initialization in start_thread;
- fix level interpretation in the return_address;
- fix format string warning in init_pmd.
-----BEGIN PGP SIGNATURE-----
iQJHBAABCAAxFiEEK2eFS5jlMn3N6xfYUfnMkfg/oEQFAlyri4kTHGpjbXZia2Jj
QGdtYWlsLmNvbQAKCRBR+cyR+D+gRN+KEACJ2ZDrcvZeoG5boAj9GqochCL8jmx6
MrZLqqSlW1f8VQHHitSa1QtdoCpjzle5ABjAh4Zr3xsbzUTTSZ3KLRUOrtSQ9iqE
eojuv2DmD9cTReZ7yqJJyxN0PhJXMhrTp1T0FHoGKOXcTSj5LLhh18GK7psCt/8u
Y2FRw3Vhq1d5BN4EvUx49Md0kfJo4Jy/1jESR+iaK9LBUib1rLDTuXUzSZP9d+W8
HkOBvZ+7PPaVacXMpciDz1b7xL2o2pw6vEH5OJi5IbYBOqSKvwQ7EOImB76ymXYK
PynY35t5mzpwlZghd9jvKU5YD2WsJOSEOjBul7wdb0tx91wtY+6aCs4g8l1B+LNu
8OCsPLmLf6d5fPW34XCjVqIMqWat8KssbAz+1/4S+JKRVT1b5aScPz9AXCHAmpbs
IQ/akYfC+G++9JfJxt7XAlYOQerFvnwQvsK7l9rWNEcDtuEA4cC56ky0ff3WPO8f
IFyWHpLlHMJn572vMzDFC2zouT/HQvYz8M42hs7W63HIPWP/vkbRnx1w9vpqbC4Q
WIEnnvNWMDiv/Hmh9lFs2K7o1Ze0hAoGcJgSP2DKvIPLiVjy4T1tBGZYUPDQKKQ1
tyjbo8UxQZ0jiLe2w6fByYN79wt2MLT6jx5I++2nsbsEEm179XJ635SRTEt+lkdy
mlg1tO3uQkZTrg==
=EzVN
-----END PGP SIGNATURE-----
Merge tag 'xtensa-20190408' of git://github.com/jcmvbkbc/linux-xtensa
Pull xtensa fixes from Max Filippov:
- fix syscall number passed to trace_sys_exit
- fix syscall number initialization in start_thread
- fix level interpretation in the return_address
- fix format string warning in init_pmd
* tag 'xtensa-20190408' of git://github.com/jcmvbkbc/linux-xtensa:
xtensa: fix format string warning in init_pmd
xtensa: fix return_address
xtensa: fix initialization of pt_regs::syscall in start_thread
xtensa: use actual syscall number in do_syscall_trace_leave
Michael Chan says:
====================
bnxt_en: 2 bug fixes.
The first patch prevents possible driver crash if we get a bad RX index
from the hardware. The second patch resets the device when the hardware
reports buffer error to recover from the error.
Please queue these for -stable also. Thanks.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
If the RX completion indicates RX buffers errors, the RX ring will be
disabled by firmware and no packets will be received on that ring from
that point on. Recover by resetting the device.
Fixes: c0c050c58d ("bnxt_en: New Broadcom ethernet driver.")
Signed-off-by: Michael Chan <michael.chan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
There is logic to check that the RX/TPA consumer index is the expected
index to work around a hardware problem. However, the potentially bad
consumer index is first used to index into an array to reference an entry.
This can potentially crash if the bad consumer index is beyond legal
range. Improve the logic to use the consumer index for dereferencing
after the validity check and log an error message.
Fixes: fa7e28127a ("bnxt_en: Add workaround to detect bad opaque in rx completion (part 2)")
Signed-off-by: Michael Chan <michael.chan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Make sure SKBTX_HW_TSTAMP (i.e. SOF_TIMESTAMPING_TX_HARDWARE) has been
enabled for this skb. It does fix the issue where normal socks that
aren't expecting a timestamp will not wake up on select, but when a
user does want a SOF_TIMESTAMPING_TX_HARDWARE it does work.
Signed-off-by: Paul Thomas <pthomas8589@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michael Zhivich says:
====================
ethtool: fix use of SPEED_UNKNOWN constant
This patch series addresses 2 related issues:
1. ethtool_validate_speed() triggers a "signed-unsigned comparison"
warning due to type difference of SPEED_UNKNOWN constant (int)
and argument to ethtool_validate_speed (__u32).
2. some drivers use u16 storage for SPEED_UNKNOWN constant,
resulting in value truncation and thus failure to test against
SPEED_UNKNOWN correctly.
This revised series addresses several feedback comments:
- split up the patch in to series
- do not unnecessarily change drivers that use "int" storage
for speed values
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
qlcnic driver uses u16 to store SPEED_UKNOWN ethtool constant,
which is defined as -1, resulting in value truncation and
thus incorrect test results against SPEED_UNKNOWN.
For example, the following test will print "False":
u16 speed = SPEED_UNKNOWN;
if (speed == SPEED_UNKNOWN)
printf("True");
else
printf("False");
Change storage of speed to use u32 to avoid this issue.
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
tg3 driver uses u16 to store SPEED_UKNOWN ethtool constant,
which is defined as -1, resulting in value truncation and
thus incorrect test results against SPEED_UNKNOWN.
For example, the following test will print "False":
u16 speed = SPEED_UNKNOWN;
if (speed == SPEED_UNKNOWN)
printf("True");
else
printf("False");
Change storage of speed to use u32 to avoid this issue.
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
When building C++ userspace code that includes ethtool.h
with "-Werror -Wall", g++ complains about signed-unsigned comparison in
ethtool_validate_speed() due to definition of SPEED_UNKNOWN as -1.
Explicitly cast SPEED_UNKNOWN to __u32 to match type of
ethtool_validate_speed() argument.
Signed-off-by: Michael Zhivich <mzhivich@akamai.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lorenzo Bianconi says:
====================
fix possible use-after-free in erspan_v{4,6}
Similar to what I did in commit bb9bd814eb ("ipv6: sit: reset ip
header pointer in ipip6_rcv"), fix possible use-after-free in
erspan_rcv and ip6erspan_rcv extracting tunnel metadata since the
packet can be 'uncloned' running __iptunnel_pull_header
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
erspan_v6 tunnels run __iptunnel_pull_header on received skbs to remove
erspan header. This can determine a possible use-after-free accessing
pkt_md pointer in ip6erspan_rcv since the packet will be 'uncloned'
running pskb_expand_head if it is a cloned gso skb (e.g if the packet has
been sent though a veth device). Fix it resetting pkt_md pointer after
__iptunnel_pull_header
Fixes: 1d7e2ed22f ("net: erspan: refactor existing erspan code")
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
erspan tunnels run __iptunnel_pull_header on received skbs to remove
gre and erspan headers. This can determine a possible use-after-free
accessing pkt_md pointer in erspan_rcv since the packet will be 'uncloned'
running pskb_expand_head if it is a cloned gso skb (e.g if the packet has
been sent though a veth device). Fix it resetting pkt_md pointer after
__iptunnel_pull_header
Fixes: 1d7e2ed22f ("net: erspan: refactor existing erspan code")
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
In order to have control over how many bytes are read or written
the device needs to be opened in unbuffered mode.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Three new tests added:
1. Send get random cmd, read header in 1st read, read the rest in second
read - expect success
2. Send get random cmd, read only part of the response, send another
get random command, read the response - expect success
3. Send get random cmd followed by another get random cmd, without
reading the first response - expect the second cmd to fail with -EBUSY
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Fixes the warning reported by Clang:
security/keys/trusted.c:146:17: warning: passing an object that
undergoes default
argument promotion to 'va_start' has undefined behavior [-Wvarargs]
va_start(argp, h3);
^
security/keys/trusted.c:126:37: note: parameter of type 'unsigned
char' is declared here
unsigned char *h2, unsigned char h3, ...)
^
Specifically, it seems that both the C90 (4.8.1.1) and C11 (7.16.1.4)
standards explicitly call this out as undefined behavior:
The parameter parmN is the identifier of the rightmost parameter in
the variable parameter list in the function definition (the one just
before the ...). If the parameter parmN is declared with ... or with a
type that is not compatible with the type that results after
application of the default argument promotions, the behavior is
undefined.
Link: https://github.com/ClangBuiltLinux/linux/issues/41
Link: https://www.eskimo.com/~scs/cclass/int/sx11c.html
Suggested-by: David Laight <David.Laight@aculab.com>
Suggested-by: Denis Kenzior <denkenz@gmail.com>
Suggested-by: James Bottomley <jejb@linux.vnet.ibm.com>
Suggested-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
calc_tpm2_event_size() has an invalid signature because
it returns a 'size_t' where as its signature says that
it returns 'int'.
Cc: <stable@vger.kernel.org>
Fixes: 4d23cc323c ("tpm: add securityfs support for TPM 2.0 firmware event log")
Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Yue Haibing <yuehaibing@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Allow trusted.ko to initialize w/o a TPM. This commit also adds checks
to the exported functions to fail when a TPM is not available.
Fixes: 240730437d ("KEYS: trusted: explicitly use tpm_chip structure...")
Cc: James Morris <jmorris@namei.org>
Reported-by: Dan Williams <dan.j.williams@intel.com>
Tested-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
The poll condition should only check response_length,
because reads should only be issued if there is data to read.
The response_read flag only prevents double writes.
The problem was that the write set the response_read to false,
enqued a tpm job, and returned. Then application called poll
which checked the response_read flag and returned EPOLLIN.
Then the application called read, but got nothing.
After all that the async_work kicked in.
Added also mutex_lock around the poll check to prevent
other possible race conditions.
Fixes: 9488585b21 ("tpm: add support for partial reads")
Reported-by: Mantas Mikulėnas <grawity@gmail.com>
Tested-by: Mantas Mikulėnas <grawity@gmail.com>
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
tpm_chip_start/stop() should be also called for TPM 1.x devices on
suspend. Add that functionality back. Do not lock the chip because
it is unnecessary as there are no multiple threads using it when
doing the suspend.
Fixes: a3fbfae82b ("tpm: take TPM chip power gating out of tpm_transmit()")
Reported-by: Paul Zimmerman <pauldzim@gmail.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Domenico Andreoli <domenico.andreoli@linux.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
There's a significant number of reports that re-enabling ASPM causes
different issues, ranging from decreased performance to system not
booting at all. This affects only a minority of users, but the number
of affected users is big enough that we better switch off ASPM again.
This will hurt notebook users who are not affected by the issues, they
may see decreased battery runtime w/o ASPM. With the PCI core folks is
being discussed to add generic sysfs attributes to control ASPM.
Once this is in place brave enough users can re-enable ASPM on their
system.
Fixes: a99790bf5c ("r8169: Reinstate ASPM Support")
Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
When moving the documentation for the ieee802154 subsystem from
plain text to rst the file pattern in the MAINTAINERS file got wrong.
Updating it here to fix scripts using this file.
Reported-by: Joe Perches <joe@perches.com>
Signed-off-by: Stefan Schmidt <stefan@datenfreihafen.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Currently there is no way for the driver to signal to mac80211 that it should
schedule a TXQ even if there are no packets on the mac80211 part of that queue.
This is problematic if the driver has an internal retry queue to deal with
software A-MPDU retry.
This patch changes the behavior of ieee80211_schedule_txq to always schedule
the queue, as its only user (ath9k) seems to expect such behavior already:
it calls this function on tx status and on powersave wakeup whenever its
internal retry queue is not empty.
Also add an extra argument to ieee80211_return_txq to get the same behavior.
This fixes an issue on ath9k where tx queues with packets to retry (and no
new packets in mac80211) would not get serviced.
Fixes: 89cea7493a ("ath9k: Switch to mac80211 TXQ scheduling and airtime APIs")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Acked-by: Toke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
If we just set this to 2048, and have multiple limits you
can select from, the total number might run over and cause
a warning in cfg80211. This doesn't make sense, so we just
calculate the total max_interfaces now.
Reported-by: syzbot+8f91bd563bbff230d0ee@syzkaller.appspotmail.com
Fixes: 99e3a44bac ("mac80211_hwsim: allow setting iftype support")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
wiphy_{err,warn}_ratelimited will be used by rt2x00
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Pull crypto fix from Herbert Xu:
"This fixes a bug in the implementation of xcbc and cmac in caam"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: caam - fix copy of next buffer for xcbc and cmac
When the mtu of a vrf device is set to 0, it would cause ping
failed. So I think we should limit vrf mtu in a reasonable range
to solve this problem. I set dev->min_mtu to IPV6_MIN_MTU, so it
will works for both ipv4 and ipv6. And if dev->max_mtu still be 0
can be confusing, so I set dev->max_mtu to ETH_MAX_MTU.
Here is the reproduce step:
1.Config vrf interface and set mtu to 0:
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
master vrf1 state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:9e:dd:c1 brd ff:ff:ff:ff:ff:ff
2.Ping peer:
3: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
master vrf1 state UP group default qlen 1000
link/ether 52:54:00:9e:dd:c1 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/16 scope global enp4s0
valid_lft forever preferred_lft forever
connect: Network is unreachable
3.Set mtu to default value, ping works:
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=1.88 ms
Fixes: ad49bc6361 ("net: vrf: remove MTU limits for vrf device")
Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The commit 510ded33e0 ("slab: implement slab_root_caches list")
changes the name of the list node within "struct kmem_cache" from "list"
to "root_caches_node", but leaks_show() still use the "list" which
causes a crash when reading /proc/slab_allocators.
You need to have CONFIG_SLAB=y and CONFIG_MEMCG=y to see the problem,
because without MEMCG all slab caches are root caches, and the "list"
node happens to be the right one.
Fixes: 510ded33e0 ("slab: implement slab_root_caches list")
Signed-off-by: Qian Cai <cai@lca.pw>
Reviewed-by: Tobin C. Harding <tobin@kernel.org>
Cc: Tejun Heo <tj@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This is a follow up of the commit 0db6f8befc ("net/sched: fix ->get
helper of the matchall cls").
To test it:
$ cd tools/testing/selftests/tc-testing
$ ln -s ../plugin-lib/nsPlugin.py plugins/20-nsPlugin.py
$ ./tdc.py -n -e 2638
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
A collection of fixes from the last few weeks. Most of them are smaller
tweaks and fixes to DT and hardware descriptions for boards. Some of the
more significant ones are:
- eMMC and RGMII stability tweaks for rk3288
- DDC fixes for Rock PI 4
- Audio fixes for two TI am335x eval boards
- D_CAN clock fix for am335x
- Compilation fixes for clang
- !SMP compilation fix for one of the new platforms this release (milbeaut)
- A revert of a gpio fix for nomadik that instead was fixed in the gpio
subsystem
- Whitespace fix for the DT JSON schema (no tabs allowed)
-----BEGIN PGP SIGNATURE-----
iQJDBAABCAAtFiEElf+HevZ4QCAJmMQ+jBrnPN6EHHcFAlyqfiYPHG9sb2ZAbGl4
b20ubmV0AAoJEIwa5zzehBx3kksP/1qgJroBZDHlBl8VLnfhsBoT9AQrDtA/aek2
AEwzRyp6Iapo5Wg+8UvXBzfAR5lC9kQo+NX66iHwTgG8S62evM2ptwkpaADquZSL
KB1qOV5be30nDn6j5FBcCL2Er27VgDMKcsA/W2tPnQhYtkRetdsM6/rpCfFIbVAG
hYqCNC6uw13g08cb5xsvwYxIBGWvzoBmh+h6RFUdoyIL3sX2tNL+31kshBV6BCkA
zLURCcaY9ZypCuuBgNpJIbiFR5hv07NUTdvKa65OxcJhr98dNsmSrNq856wWsbB1
jdnZTH+cDBSvOMtonWZoMu8sRDLPfyfMzb+WAzbjNwvXToFUU6337l3HsDOwxjk3
yphhMt5Yzc3b51aOvBfYRISiys7unrP3KLRg6A8N5CFakbi8vtLRCRhsf8iYJYyY
h6gNdQ2C9456Sy43B6Bq90U5YK2aT65Tjh8sSUsQSgUiZ3/yUisvdt+7EapTQCTP
S/wia74mexYgfD405ejMUu9G5OaXcs8P/M1+k1z5HqcFdt7QuMkPj0UfLV8v3eMT
/R8h1FVMjTgcCwEgkNZyvVih1Ke7fn6Vb4J+z5GPHuJFtfq+mdPVdvHnMIW/vrKg
ckJSwyzW1ZUDeQVPnWZ1wG1N4aqhe+Ihlr01pMFG+tcN4UAF4fhKGJxV+sDM+tEi
vDTol7/u
=Vxr8
-----END PGP SIGNATURE-----
Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
Pull ARM SoC fixes from Olof Johansson:
"A collection of fixes from the last few weeks. Most of them are
smaller tweaks and fixes to DT and hardware descriptions for boards.
Some of the more significant ones are:
- eMMC and RGMII stability tweaks for rk3288
- DDC fixes for Rock PI 4
- Audio fixes for two TI am335x eval boards
- D_CAN clock fix for am335x
- Compilation fixes for clang
- !HOTPLUG_CPU compilation fix for one of the new platforms this
release (milbeaut)
- A revert of a gpio fix for nomadik that instead was fixed in the
gpio subsystem
- Whitespace fix for the DT JSON schema (no tabs allowed)"
* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (25 commits)
ARM: milbeaut: fix build with !CONFIG_HOTPLUG_CPU
ARM: iop: don't use using 64-bit DMA masks
ARM: orion: don't use using 64-bit DMA masks
Revert "ARM: dts: nomadik: Fix polarity of SPI CS"
dt-bindings: cpu: Fix JSON schema
arm/mach-at91/pm : fix possible object reference leak
ARM: dts: at91: Fix typo in ISC_D0 on PC9
ARM: dts: Fix dcan clkctrl clock for am3
reset: meson-audio-arb: Fix missing .owner setting of reset_controller_dev
dt-bindings: reset: meson-g12a: Add missing USB2 PHY resets
ARM: dts: rockchip: Remove #address/#size-cells from rk3288-veyron gpio-keys
ARM: dts: rockchip: Remove #address/#size-cells from rk3288 mipi_dsi
ARM: dts: rockchip: Fix gpu opp node names for rk3288
ARM: dts: am335x-evmsk: Correct the regulators for the audio codec
ARM: dts: am335x-evm: Correct the regulators for the audio codec
ARM: OMAP2+: add missing of_node_put after of_device_is_available
ARM: OMAP1: ams-delta: Fix broken GPIO ID allocation
arm64: dts: stratix10: add the sysmgr-syscon property from the gmac's
arm64: dts: rockchip: fix rk3328 sdmmc0 write errors
arm64: dts: rockchip: fix rk3328 rgmii high tx error rate
...
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAlyqUMgQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgpjOSEACCRDhrbXsfVdMFAuRzmXjVqELuJ0Sk3zfC
0OR9EcNpr4s5Wp5ztX6xxcddvnvB8LZhAzs1R9JuiYG4EIHGP7CMBZ0JJlcygJkx
nVM1p7bSl7H/zDVKF8KMj/J7rjwXfY9FMKAopiFVSkS0cA1oz+PK96cDR8m2xeuV
l0b6zgorjmNpn3TukEbFjvAjqskKhm8Xtjn5/wBGeWUnqZE9AZeI9OovuK5BOSBm
qAs7lVB+MACtpbSjv4yWGcfwtqYUt9PbnsTog95uXXQDR1BPnv/btjeGdzpVtNH1
iiueCXR3bNqnoBo6MLgzWpnvA6UHcygXOTmRy17BoNg7uqtWiFxZn0HKxMOUYD6F
RU4RP7AVwpZeziMO8I7VkdfasgiKGetDzm8vCJ4QtKly/+3iwMVVKHPnU7nV/cCm
EmoqM5BLAT6hHuSxGaNBVVNavvr/CFcqjk+29UEnK8ZQ4c/Mkgwgc6gPbq59lTLN
Kn0AeB2kDeOvpJ5LWOjVmy7vfVQ3um65ohNl9KvtZZJsX3xQoIaH+i70YE+zpOHT
czKZ9ZC7HPIJuanPoEbGz/c+Js5un4/Rn+Ry9fa/3k3IFcd9N2bOc/AIm5LiAm3I
FmSonn+SWgLGlwhiZZBHB45za0Wwq6AGGyTQpyT/ijjX9ouHBzb94iRWOH9htZuF
JZDjpyRqEw==
=8et7
-----END PGP SIGNATURE-----
Merge tag 'for-linus-20190407' of git://git.kernel.dk/linux-block
Pull block fixes from Jens Axboe:
- Fixups for the pf/pcd queue handling (YueHaibing)
- Revert of the three direct issue changes as they have been proven to
cause an issue with dm-mpath (Bart)
- Plug rq_count reset fix (Dongli)
- io_uring double free in fileset registration error handling (me)
- Make null_blk handle bad numa node passed in (John)
- BFQ ifdef fix (Konstantin)
- Flush queue leak fix (Shenghui)
- Plug trace fix (Yufen)
* tag 'for-linus-20190407' of git://git.kernel.dk/linux-block:
xsysace: Fix error handling in ace_setup
null_blk: prevent crash from bad home_node value
block: Revert v5.0 blk_mq_request_issue_directly() changes
paride/pcd: Fix potential NULL pointer dereference and mem leak
blk-mq: do not reset plug->rq_count before the list is sorted
paride/pf: Fix potential NULL pointer dereference
io_uring: fix double free in case of fileset regitration failure
blk-mq: add trace block plug and unplug for multiple queues
block: use blk_free_flush_queue() to free hctx->fq in blk_mq_init_hctx
block/bfq: fix ifdef for CONFIG_BFQ_GROUP_IOSCHED=y
When HOTPLUG_CPU is disabled, some fields in the smp operations
are not available or needed:
arch/arm/mach-milbeaut/platsmp.c:90:3: error: field designator 'cpu_die' does not refer to any field in type
'struct smp_operations'
.cpu_die = m10v_cpu_die,
^
arch/arm/mach-milbeaut/platsmp.c:91:3: error: field designator 'cpu_kill' does not refer to any field in type
'struct smp_operations'
.cpu_kill = m10v_cpu_kill,
^
Hide them in an #ifdef like the other platforms do.
Fixes: 9fb29c734f ("ARM: milbeaut: Add basic support for Milbeaut m10v SoC")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Olof Johansson <olof@lixom.net>
clang warns about statically defined DMA masks from the DMA_BIT_MASK
macro with length 64:
arch/arm/mach-iop13xx/setup.c:303:35: error: shift count >= width of type [-Werror,-Wshift-count-overflow]
static u64 iop13xx_adma_dmamask = DMA_BIT_MASK(64);
^~~~~~~~~~~~~~~~
include/linux/dma-mapping.h:141:54: note: expanded from macro 'DMA_BIT_MASK'
#define DMA_BIT_MASK(n) (((n) == 64) ? ~0ULL : ((1ULL<<(n))-1))
^ ~~~
The ones in iop shouldn't really be 64 bit masks, so changing them
to what the driver can support avoids the warning.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Olof Johansson <olof@lixom.net>
clang warns about statically defined DMA masks from the DMA_BIT_MASK
macro with length 64:
arch/arm/plat-orion/common.c:625:29: error: shift count >= width of type [-Werror,-Wshift-count-overflow]
.coherent_dma_mask = DMA_BIT_MASK(64),
^~~~~~~~~~~~~~~~
include/linux/dma-mapping.h:141:54: note: expanded from macro 'DMA_BIT_MASK'
#define DMA_BIT_MASK(n) (((n) == 64) ? ~0ULL : ((1ULL<<(n))-1))
The ones in orion shouldn't really be 64 bit masks, so changing them
to what the driver can support avoids the warning.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Olof Johansson <olof@lixom.net>
This reverts commit fa9463564e.
Per Linus Walleij:
Dear ARM SoC maintainers,
can you please revert this patch. It was the wrong solution to the
wrong problem, and I must have acted in stress. Andrey fixed the
real bug in a proper way in these commits:
commit e5545c94e4
"gpio: of: Check propname before applying "cs-gpios" quirks"
commit 7ce40277bf
"gpio: of: Check for "spi-cs-high" in child instead of parent node"
Signed-off-by: Olof Johansson <olof@lixom.net>
Few small fixes for omap variants:
- Fix ams-delta gpio IDs
- Add missing of_node_put for omapdss platform init code
- Fix unconfigured audio regulators for two am335x boards
- Fix use of wrong offset for am335x d_can clocks
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEEkgNvrZJU/QSQYIcQG9Q+yVyrpXMFAlymfJcRHHRvbnlAYXRv
bWlkZS5jb20ACgkQG9Q+yVyrpXOpAQ//dVHZ2V7/lHr+UoYm/FJiYOdjMiSF+oMm
+x/oh39rJm9K0R96ZQG1LJZPmt6bCRgi2tOAPsQuDdJhhQL58Wf5KkRcMiGHr40b
hm6ji83UbUqRUZ2jALX2yRJ9D6RFYrXRcgBNZdZsXprQvbk88jiBGSMdkNChuFP2
I16o0sj/nK+aikPKd6UJnCLNYFyppP+0fTMdvxrwRix8AQczsOU67C8zfzCDsiZ8
dY/l212pr/jYmGm4L+ynTtdOxdxLu39xisRml6LLsY0LCQmWnciif1tIi6GwfEwu
95PyRFrScg9TWn7z8ss4Fwkqkak+TlHQ5eE3DssRYX4ww5IhUdT1YzfmCbP97Jhc
GNdHhDR4yBs7cX9HIOQH3Zjhfqlx19D1pYBy55iNmsDGO5/bQU/h+bLZxxYuGRCs
WOiCnCdeVTjlMcFBTXzQ8NTC0rzg3vOj78Ai4DNarS56CNcw+zucgV0gcLIr0/ms
D7yeHDvPbUQTT7beFmKW8KNSbtvrcKpnlBWHSpXPWo+gXCZ8GrpSSa7qpdtA7nEg
RqYMiQmha075/7YTQ1qt/pm35q34STMcV7Y0zx3v0aVS0+1aM91oH+jArfTTJ7Hr
5Z5oUECutwECc5GM95vbUSMqYJ0lG094N0y5APvLDkF5YGh1UP7mb99w6xMvAvsg
3GgdTGkm7Xg=
=P4SD
-----END PGP SIGNATURE-----
Merge tag 'omap-for-v5.1/fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into arm/fixes
Fixes for omaps for v5.1-rc cycle
Few small fixes for omap variants:
- Fix ams-delta gpio IDs
- Add missing of_node_put for omapdss platform init code
- Fix unconfigured audio regulators for two am335x boards
- Fix use of wrong offset for am335x d_can clocks
* tag 'omap-for-v5.1/fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
ARM: dts: Fix dcan clkctrl clock for am3
ARM: dts: am335x-evmsk: Correct the regulators for the audio codec
ARM: dts: am335x-evm: Correct the regulators for the audio codec
ARM: OMAP2+: add missing of_node_put after of_device_is_available
ARM: OMAP1: ams-delta: Fix broken GPIO ID allocation
Signed-off-by: Olof Johansson <olof@lixom.net>
- fix a typo in sama5d2 pinmuxing which concerns the ISC data 0 signal
- fix a kobject reference leak
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEADBLyYlprFuNbTVNPjnmE/d7ZC0FAlyl/rIACgkQPjnmE/d7
ZC1RAw/+NgVazhR8QkZKA396pFhCC10CyulMIGXRBVV6W/4/PReObU7px8F27bX5
ahusOi19+xJ0sbM3GnChCugPTlMcCDXhAIZVS7+GPfbsFJoIUX0gv/F9OvV/hd3x
zxjVGbquqW7H7ArJWSraIpLvfeUgyiQIrqEhHBZLdZx+sPHokYNVeUvnNuecePkv
uj9De10D+5mHl6H5XhNqCe42Czgoe/6LW9NEtHllSiUOAdZIbzIvl8L836mPNmrl
s2telHNR3Kl2optkJuTXQHXHSQBXYcrme1YyP2dzY+n66JFMu5scKlQNrEFnwzAK
WkN1ydcHizAGjAVsvGdfxh1gv7zs9pqt2D4aGDvR5R0jN2VhgrE6n+JVWNYdZYG+
WEzsmnXliqRvOIGytNp/cRSbtB8RkkQ4oDnhSk6+1+ZS3BaJlILLUuLDs0vE4P9U
q4sVuOwMd5E8aacZ8C6b7LJ+kB43CCafbB07VNVHgreVdQDpMriu5OtMYZkm4Pbr
mlkhJnKgv3/SLuC/ZgUHhgz723s09My854zs/fbKcrcGiCizgdnYtq01oE11J3H4
CbL623zFJNfpcGCTTuLcaz0aIXmfQZ+UsazhMK3r15GXyWSwOa3fTLnzJjesBo+y
w+Wmi+FrW2xoHZWyoOK5cC2wnqVxy1GDTVys/kWceCiHu04wJwY=
=kRr0
-----END PGP SIGNATURE-----
Merge tag 'at91-5.1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/at91/linux into arm/fixes
AT91 fixes for 5.1
- fix a typo in sama5d2 pinmuxing which concerns the ISC data 0 signal
- fix a kobject reference leak
* tag 'at91-5.1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/at91/linux:
arm/mach-at91/pm : fix possible object reference leak
ARM: dts: at91: Fix typo in ISC_D0 on PC9
Signed-off-by: Olof Johansson <olof@lixom.net>
sd-card related fixes on both rk3328 ans rk3288-tinker and a
regulator fix on rock64 and making ddc actually work on the
Rock PI 4 due to missing the ddc bus.
-----BEGIN PGP SIGNATURE-----
iQFEBAABCAAuFiEE7v+35S2Q1vLNA3Lx86Z5yZzRHYEFAlyhSTcQHGhlaWtvQHNu
dGVjaC5kZQAKCRDzpnnJnNEdgZJDB/9YqOy1Xzf7URHsOHMecGkt1dMSQom+Ln6Y
pc4Fxu93W3jsELPcVi01iRTYVg8W90RKjVLer+mM3LuFJpAh2hIxIcMZu7zqEZWg
6HNJA6GbcW0ZqUdBdV0GID0VIdHdkopq6b4qtbhuLUCaSzRocKgxStPPcEmeV4Yt
HDZOzkuks+BgUfsCfYmEiyoEIVUFLMFsD/MLo1az1mGNQ0bpi4DYN8XCY8lKDtmT
PHfLQuyWdmRAojD+xymvFShFGoyLAbHMK0v6ckaJ0tSy+3VQ8QgzCxhUPF+fR8vg
8kfgPGkjV5t7IS/DrcFYEp0vH2RRTMhOhx5PkFocypHK0J0UBzSs
=KU2f
-----END PGP SIGNATURE-----
Merge tag 'v5.1-rockchip-dtfixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into arm/fixes
Fixes for dtc warnings, fixes for ethernet transfers on rk3328,
sd-card related fixes on both rk3328 ans rk3288-tinker and a
regulator fix on rock64 and making ddc actually work on the
Rock PI 4 due to missing the ddc bus.
* tag 'v5.1-rockchip-dtfixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip:
ARM: dts: rockchip: Remove #address/#size-cells from rk3288-veyron gpio-keys
ARM: dts: rockchip: Remove #address/#size-cells from rk3288 mipi_dsi
ARM: dts: rockchip: Fix gpu opp node names for rk3288
arm64: dts: rockchip: fix rk3328 sdmmc0 write errors
arm64: dts: rockchip: fix rk3328 rgmii high tx error rate
ARM: dts: rockchip: Fix SD card detection on rk3288-tinker
arm64: dts: rockchip: Fix vcc_host1_5v GPIO polarity on rk3328-rock64
ARM: dts: rockchip: fix rk3288 cpu opp node reference
arm64: dts: rockchip: add DDC bus on Rock Pi 4
arm64: dts: rockchip: fix rk3328-roc-cc gmac2io tx/rx_delay
Signed-off-by: Olof Johansson <olof@lixom.net>
Saeed Mahameed