1. 25 Jul, 2016 13 commits
    • Mark Bloch's avatar
      net/bonding: Enforce active-backup policy for IPoIB bonds · 1533e773
      Mark Bloch authored
      When using an IPoIB bond currently only active-backup mode is a valid
      use case and this commit strengthens it.
      
      Since commit 2ab82852 ("net/bonding: Enable bonding to enslave
      netdevices not supporting set_mac_address()") was introduced till
      4.7-rc1, IPoIB didn't support the set_mac_address ndo, and hence the
      fail over mac policy always applied to IPoIB bonds.
      
      With the introduction of commit 492a7e67 ("IB/IPoIB: Allow setting
      the device address"), that doesn't hold and practically IPoIB bonds are
      broken as of that. To fix it, lets go to fail over mac if the device
      doesn't support the ndo OR this is IPoIB device.
      
      As a by-product, this commit also prevents a stack corruption which
      occurred when trying to copy 20 bytes (IPoIB) device address
      to a sockaddr struct that has only 16 bytes of storage.
      Signed-off-by: default avatarMark Bloch <markb@mellanox.com>
      Signed-off-by: default avatarOr Gerlitz <ogerlitz@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Acked-by: default avatarAndy Gospodarek <gospo@cumulusnetworks.com>
      Signed-off-by: default avatarJay Vosburgh <jay.vosburgh@canonical.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1533e773
    • David S. Miller's avatar
      Merge branch 'mlxsw-port-mirroring' · bc0c419e
      David S. Miller authored
      Jiri Pirko says:
      
      ====================
      mlxsw: implement port mirroring offload
      
      This patchset introduces tc matchall classifier and its offload
      to Spectrum hardware. In combination with mirred action, defined port mirroring
      setup is offloaded by mlxsw/spectrum driver.
      
      The commands used for creating mirror ports:
      
      tc qdisc  add dev eth25 handle ffff: ingress
      tc filter add dev eth25 parent ffff:            \
              matchall skip_sw                        \
              action mirred egress mirror             \
              dev eth27
      
      tc qdisc add dev eth25 handle 1: root prio
      tc filter add dev eth25 parent 1:               \
              matchall skip_sw                        \
              action mirred egress mirror             \
              dev eth27
      
      These patches contain:
       - Resource query implementation
       - Hardware port mirorring support for spectrum.
       - Definition of the matchall traffic classifier.
       - General support for hw-offloading for that classifier.
       - Specific spectrum implementaion for matchall offloading.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bc0c419e
    • Yotam Gigi's avatar
      mlxsw: spectrum: Add support in matchall mirror TC offloading · 763b4b70
      Yotam Gigi authored
      This patch offloads port mirroring directives to hw using the matchall TC
      with action mirror. It includes both the implementation of the
      ndo_setup_tc function for the spectrum driver and the spectrum hardware
      offload configuration code.
      
      The hardware offload code is basically two new functions which are capable
      of adding and removing a new mirror ports pair. It is done using the MPAT,
      MPAR and SBIB registers:
       - A new Switch-Port Analyzer (SPAN) entry is added using MPAT to the 'to'
         port.
       - The 'to' port is bound to the SPAN entry using MPAR register.
       - In case of egress SPAN, the 'to' port gets a new internal shared
         buffer using SBIB register.
      
      In addition, a new database was added to the mlxsw_sp struct to store all
      the SPAN entries and their bound ports list. The number of supported SPAN
      entries is determined by resource query.
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Reviewed-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      763b4b70
    • Yotam Gigi's avatar
      net/sched: act_mirred: Add helper inlines to access tcf_mirred info. · 56a20680
      Yotam Gigi authored
      The helper function is_tcf_mirred_mirror helps finding whether an action
      struct is of type mirred and is configured to be of type mirror.
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      56a20680
    • Yotam Gigi's avatar
      mlxsw: reg: Add the Monitoring Port Analyzer register · 23019054
      Yotam Gigi authored
      The MPAR register is used to bind ports to a SPAN entry (which was
      created using MPAT register) and thus mirror their traffic (ingress /
      egress) to a different port.
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Reviewed-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      23019054
    • Yotam Gigi's avatar
      mlxsw: reg: Add Monitoring Port Analyzer Table register · 43a46856
      Yotam Gigi authored
      The MPAT register is used to query and configure the Switch Port Analyzer
      (SPAN) table. This register is used to configure a port as a mirror output
      port, while after that a mirrored input port can be bound using MPAR
      register.
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Reviewed-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      43a46856
    • Yotam Gigi's avatar
      mlxsw: reg: Add Shared Buffer Internal Buffer register · 51ae8cc6
      Yotam Gigi authored
      The SBIB register configures per port buffer for internal use. This
      register is used to configure an egress mirror buffer on the egress port
      which does the mirroring.
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Reviewed-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      51ae8cc6
    • Yotam Gigi's avatar
      net/sched: Add match-all classifier hw offloading. · b87f7936
      Yotam Gigi authored
      Following the work that have been done on offloading classifiers like u32
      and flower, now the match-all classifier hw offloading is possible. if
      the interface supports tc offloading.
      
      To control the offloading, two tc flags have been introduced: skip_sw and
      skip_hw. Typical usage:
      
      tc filter add dev eth25 parent ffff: 	\
      	matchall skip_sw		\
      	action mirred egress mirror	\
      	dev eth27
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b87f7936
    • Jiri Pirko's avatar
      net/sched: introduce Match-all classifier · bf3994d2
      Jiri Pirko authored
      The matchall classifier matches every packet and allows the user to apply
      actions on it. This filter is very useful in usecases where every packet
      should be matched, for example, packet mirroring (SPAN) can be setup very
      easily using that filter.
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarYotam Gigi <yotamg@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bf3994d2
    • Nogah Frankel's avatar
      mlxsw: pci: Add max span resources to resources query · ded821c8
      Nogah Frankel authored
      Add max span resources to resources query.
      Signed-off-by: default avatarNogah Frankel <nogahf@mellanox.com>
      Reviewed-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ded821c8
    • Nogah Frankel's avatar
      mlxsw: pci: Add resources query implementation. · 57d316ba
      Nogah Frankel authored
      Add resources query implementation. If exists, query the HW for its
      builtin resources instead of having them as consts in the code.
      Signed-off-by: default avatarNogah Frankel <nogahf@mellanox.com>
      Reviewed-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      57d316ba
    • Kristian Evensen's avatar
      cdc_ether: Improve ZTE MF823/831/910 handling · bfe9b9d2
      Kristian Evensen authored
      The firmware in several ZTE devices (at least the MF823/831/910
      modems/mifis) use OS fingerprinting to determine which type of device to
      export. In addition, these devices export a REST API which can be used to
      control the type of device. So far, on Linux, the devices have been seen as
      RNDIS or CDC Ether.
      
      When CDC Ether is used, devices of the same type are, as with RNDIS,
      exported with the same, bogus random MAC address. In addition, the devices
      (at least on all firmware revisions I have found) use the bogus MAC when
      sending traffic routed from external networks. And as a final feature, the
      devices sometimes export the link state incorrectly. There are also
      references online to several other ZTE devices displaying this behavior,
      with several different PIDs and MAC addresses.
      
      This patch tries to improve the handling of ZTE devices by doing the
      following:
      
      * Create a new driver_info-struct that is used by ZTE devices that do not
      have an explicit entry in the product table. This struct is the same as the
      default cdc_ether driver info, but a new bind- and an rx_fixup-function
      have been added.
      
      * In the new bind function, we check if we have read a random MAC from the
      device. If we have, then we generate a new random MAC address. This will
      ensure that all devices get a unique MAC.
      
      * The rx_fixup-function replaces the destination MAC address in the skb
      with that of the device. I have not seen a revision of these devices that
      behaves correctly (i.e., sets the right destination MAC), so I chose not to
      do any comparison with for example the known, bogus addresses.
      
      * The MF823/MF832/MF910 sometimes export cdc carrier on twice on connect
      (the correct behavior is off then on). Work around this by manually setting
      carrier to off if an on-notification is received and the NOCARRIER-bit is
      not set.
      
      This change will affect all devices, but it should take care of similar
      mistakes made by other manufacturers. I tried to think of/look/test for
      problems/regressions that could be introduced by this behavior, but could
      not find any. However, my familiarity with this code path is not that
      great, so there could be something I have overlooked.
      
      I have tested this patch with multiple revisions of all three devices, and
      they behave as expected. In other words, they all got a valid, random MAC,
      the correct operational state and I can receive/sent traffic without
      problems. I also tested with some other cdc_ether devices I have and did
      not find any problems/regressions caused by the two general changes.
      
      v3->v4:
      * Forgot to remove unused variables, sorry about that (thanks David
      Miller).
      
      v2->v3:
      * I had forgot to remove the random MAC generation from usbnet_cdc_bind()
      (thanks Oliver).
      * Rework logic in the ZTE bind-function a bit.
      
      v1->v2:
      * Only generate random MAC for ZTE devices (thanks Oliver Neukum).
      * Set random MAC and do RX fixup for all ZTE devices that do not have a
      product-entry, as the bogus MAC have been seen on devices with several
      different PIDs/MAC addresses. In other words, it seems to be the default
      behavior of ZTE CDC Ether devices (thanks Lars Melin).
      Signed-off-by: default avatarKristian Evensen <kristian.evensen@gmail.com>
      Acked-by: default avatarOliver Neukum <oneukum@suse.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bfe9b9d2
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next · c42d7121
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter/IPVS updates for net-next
      
      The following patchset contains Netfilter/IPVS updates for net-next,
      they are:
      
      1) Count pre-established connections as active in "least connection"
         schedulers such that pre-established connections to avoid overloading
         backend servers on peak demands, from Michal Kubecek via Simon Horman.
      
      2) Address a race condition when resizing the conntrack table by caching
         the bucket size when fulling iterating over the hashtable in these
         three possible scenarios: 1) dump via /proc/net/nf_conntrack,
         2) unlinking userspace helper and 3) unlinking custom conntrack timeout.
         From Liping Zhang.
      
      3) Revisit early_drop() path to perform lockless traversal on conntrack
         eviction under stress, use del_timer() as synchronization point to
         avoid two CPUs evicting the same entry, from Florian Westphal.
      
      4) Move NAT hlist_head to nf_conn object, this simplifies the existing
         NAT extension and it doesn't increase size since recent patches to
         align nf_conn, from Florian.
      
      5) Use rhashtable for the by-source NAT hashtable, also from Florian.
      
      6) Don't allow --physdev-is-out from OUTPUT chain, just like
         --physdev-out is not either, from Hangbin Liu.
      
      7) Automagically set on nf_conntrack counters if the user tries to
         match ct bytes/packets from nftables, from Liping Zhang.
      
      8) Remove possible_net_t fields in nf_tables set objects since we just
         simply pass the net pointer to the backend set type implementations.
      
      9) Fix possible off-by-one in h323, from Toby DiPasquale.
      
      10) early_drop() may be called from ctnetlink patch, so we must hold
          rcu read size lock from them too, this amends Florian's patch #3
          coming in this batch, from Liping Zhang.
      
      11) Use binary search to validate jump offset in x_tables, this
          addresses the O(n!) validation that was introduced recently
          resolve security issues with unpriviledge namespaces, from Florian.
      
      12) Fix reference leak to connlabel in error path of nft_ct, from Zhang.
      
      13) Three updates for nft_log: Fix log prefix leak in error path. Bail
          out on loglevel larger than debug in nft_log and set on the new
          NF_LOG_F_COPY_LEN flag when snaplen is specified. Again from Zhang.
      
      14) Allow to filter rule dumps in nf_tables based on table and chain
          names.
      
      15) Simplify connlabel to always use 128 bits to store labels and
          get rid of unused function in xt_connlabel, from Florian.
      
      16) Replace set_expect_timeout() by mod_timer() from the h323 conntrack
          helper, by Gao Feng.
      
      17) Put back x_tables module reference in nft_compat on error, from
          Liping Zhang.
      
      18) Add a reference count to the x_tables extensions cache in
          nft_compat, so we can remove them when unused and avoid a crash
          if the extensions are rmmod, again from Zhang.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c42d7121
  2. 24 Jul, 2016 1 commit
  3. 23 Jul, 2016 25 commits
    • Liping Zhang's avatar
      netfilter: nft_compat: fix crash when related match/target module is removed · 4b512e1c
      Liping Zhang authored
      We "cache" the loaded match/target modules and reuse them, but when the
      modules are removed, we still point to them. Then we may end up with
      invalid memory references when using iptables-compat to add rules later.
      
      Input the following commands will reproduce the kernel crash:
        # iptables-compat -A INPUT -j LOG
        # iptables-compat -D INPUT -j LOG
        # rmmod xt_LOG
        # iptables-compat -A INPUT -j LOG
        BUG: unable to handle kernel paging request at ffffffffa05a9010
        IP: [<ffffffff813f783e>] strcmp+0xe/0x30
        Call Trace:
        [<ffffffffa05acc43>] nft_target_select_ops+0x83/0x1f0 [nft_compat]
        [<ffffffffa058a177>] nf_tables_expr_parse+0x147/0x1f0 [nf_tables]
        [<ffffffffa058e541>] nf_tables_newrule+0x301/0x810 [nf_tables]
        [<ffffffff8141ca00>] ? nla_parse+0x20/0x100
        [<ffffffffa057fa8f>] nfnetlink_rcv+0x33f/0x53d [nfnetlink]
        [<ffffffffa057f94b>] ? nfnetlink_rcv+0x1fb/0x53d [nfnetlink]
        [<ffffffff817116b8>] netlink_unicast+0x178/0x220
        [<ffffffff81711a5b>] netlink_sendmsg+0x2fb/0x3a0
        [<ffffffff816b7fc8>] sock_sendmsg+0x38/0x50
        [<ffffffff816b8a7e>] ___sys_sendmsg+0x28e/0x2a0
        [<ffffffff816bcb7e>] ? release_sock+0x1e/0xb0
        [<ffffffff81804ac5>] ? _raw_spin_unlock_bh+0x35/0x40
        [<ffffffff816bcbe2>] ? release_sock+0x82/0xb0
        [<ffffffff816b93d4>] __sys_sendmsg+0x54/0x90
        [<ffffffff816b9422>] SyS_sendmsg+0x12/0x20
        [<ffffffff81805172>] entry_SYSCALL_64_fastpath+0x1a/0xa9
      
      So when nobody use the related match/target module, there's no need to
      "cache" it. And nft_[match|target]_release are useless anymore, remove
      them.
      Signed-off-by: default avatarLiping Zhang <liping.zhang@spreadtrum.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      4b512e1c
    • Liping Zhang's avatar
      netfilter: nft_compat: put back match/target module if init fail · 2bf4fade
      Liping Zhang authored
      If the user specify the invalid NFTA_MATCH_INFO/NFTA_TARGET_INFO attr
      or memory alloc fail, we should call module_put to the related match
      or target. Otherwise, we cannot remove the module even nobody use it.
      Signed-off-by: default avatarLiping Zhang <liping.zhang@spreadtrum.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      2bf4fade
    • Gao Feng's avatar
      netfilter: h323: Use mod_timer instead of set_expect_timeout · 96d1327a
      Gao Feng authored
      Simplify the code without any side effect. The set_expect_timeout is
      used to modify the timer expired time.  It tries to delete timer, and
      add it again.  So we could use mod_timer directly.
      Signed-off-by: default avatarGao Feng <fgao@ikuai8.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      96d1327a
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 107df032
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Fix memory leak in nftables, from Liping Zhang.
      
       2) Need to check result of vlan_insert_tag() in batman-adv otherwise we
          risk NULL skb derefs, from Sven Eckelmann.
      
       3) Check for dev_alloc_skb() failures in cfg80211, from Gregory
          Greenman.
      
       4) Handle properly when we have ppp_unregister_channel() happening in
          parallel with ppp_connect_channel(), from WANG Cong.
      
       5) Fix DCCP deadlock, from Eric Dumazet.
      
       6) Bail out properly in UDP if sk_filter() truncates the packet to be
          smaller than even the space that the protocol headers need.  From
          Michal Kubecek.
      
       7) Similarly for rose, dccp, and sctp, from Willem de Bruijn.
      
       8) Make TCP challenge ACKs less predictable, from Eric Dumazet.
      
       9) Fix infinite loop in bgmac_dma_tx_add() from Florian Fainelli.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (65 commits)
        packet: propagate sock_cmsg_send() error
        net/mlx5e: Fix del vxlan port command buffer memset
        packet: fix second argument of sock_tx_timestamp()
        net: switchdev: change ageing_time type to clock_t
        Update maintainer for EHEA driver.
        net/mlx4_en: Add resilience in low memory systems
        net/mlx4_en: Move filters cleanup to a proper location
        sctp: load transport header after sk_filter
        net/sched/sch_htb: clamp xstats tokens to fit into 32-bit int
        net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata
        net: nb8800: Fix SKB leak in nb8800_receive()
        et131x: Fix logical vs bitwise check in et131x_tx_timeout()
        vlan: use a valid default mtu value for vlan over macsec
        net: bgmac: Fix infinite loop in bgmac_dma_tx_add()
        mlxsw: spectrum: Prevent invalid ingress buffer mapping
        mlxsw: spectrum: Prevent overwrite of DCB capability fields
        mlxsw: spectrum: Don't emit errors when PFC is disabled
        mlxsw: spectrum: Indicate support for autonegotiation
        mlxsw: spectrum: Force link training according to admin state
        r8152: add MODULE_VERSION
        ...
      107df032
    • Linus Torvalds's avatar
      Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs · 88083e98
      Linus Torvalds authored
      Pull overlayfs fixes from Miklos Szeredi:
       "This contains a fix for a potential crash/corruption issue and another
        where the suid/sgid bits weren't cleared on write"
      
      * 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
        ovl: verify upper dentry in ovl_remove_and_whiteout()
        ovl: Copy up underlying inode's ->i_mode to overlay inode
        ovl: handle ATTR_KILL*
      88083e98
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew) · b1386ced
      Linus Torvalds authored
      Merge misc fixes from Andrew Morton:
       "Five fixes"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        pps: do not crash when failed to register
        tools/vm/slabinfo: fix an unintentional printf
        testing/radix-tree: fix a macro expansion bug
        radix-tree: fix radix_tree_iter_retry() for tagged iterators.
        mm: memcontrol: fix cgroup creation failure after many small jobs
      b1386ced
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-for-v4.7-rc8-intel-kbl' of git://people.freedesktop.org/~airlied/linux · d15ae814
      Linus Torvalds authored
      Pull intel kabylake drm fixes from Dave Airlie:
       "As mentioned Intel has gathered all the Kabylake fixes from -next,
        which we've enabled in 4.7 for the first time, these are pretty much
        limited in scope to only affects kabylake, which is hw that isn't
        shipping yet.  So I'm mostly okay with it going in now.
      
        If we don't land this, it might be a good idea to disable kabylake
        support in 4.7 before we ship"
      
      * tag 'drm-fixes-for-v4.7-rc8-intel-kbl' of git://people.freedesktop.org/~airlied/linux: (28 commits)
        drm/i915/kbl: Introduce the first official DMC for Kabylake.
        drm/i915: Introduce Kabypoint PCH for Kabylake H/DT.
        drm/i915/gen9: implement WaConextSwitchWithConcurrentTLBInvalidate
        drm/i915/gen9: Add WaFbcHighMemBwCorruptionAvoidance
        drm/i195/fbc: Add WaFbcNukeOnHostModify
        drm/i915/gen9: Add WaFbcWakeMemOn
        drm/i915/gen9: Add WaFbcTurnOffFbcWatermark
        drm/i915/kbl: Add WaClearSlmSpaceAtContextSwitch
        drm/i915/gen9: Add WaEnableChickenDCPR
        drm/i915/kbl: Add WaDisableSbeCacheDispatchPortSharing
        drm/i915/kbl: Add WaDisableGafsUnitClkGating
        drm/i915/kbl: Add WaForGAMHang
        drm/i915: Add WaInsertDummyPushConstP for bxt and kbl
        drm/i915/kbl: Add WaDisableDynamicCreditSharing
        drm/i915/kbl: Add WaDisableGamClockGating
        drm/i915/gen9: Enable must set chicken bits in config0 reg
        drm/i915/kbl: Add WaDisableLSQCROPERFforOCL
        drm/i915/kbl: Add WaDisableSDEUnitClockGating
        drm/i915/kbl: Add WaDisableFenceDestinationToSLM for A0
        drm/i915/kbl: Add WaEnableGapsTsvCreditFix
        ...
      d15ae814
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-for-v4.7-rc8-intel' of git://people.freedesktop.org/~airlied/linux · 3f2625d7
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "Two i915 regression fixes.
      
        Intel have submitted some Kabylake fixes I'll send separately, since
        this is the first kernel with kabylake support and they don't go much
        outside that area I think they should be fine"
      
      * tag 'drm-fixes-for-v4.7-rc8-intel' of git://people.freedesktop.org/~airlied/linux:
        drm/i915: add missing condition for committing planes on crtc
        drm/i915: Treat eDP as always connected, again
      3f2625d7
    • Linus Torvalds's avatar
      Merge tag 'm68k-for-v4.8-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k · 23218843
      Linus Torvalds authored
      Pull m68k upddates from Geert Uytterhoeven:
       - assorted spelling fixes
       - defconfig updates
      
      * tag 'm68k-for-v4.8-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
        m68k/defconfig: Update defconfigs for v4.7-rc2
        m68k: Assorted spelling fixes
      23218843
    • Linus Torvalds's avatar
      Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc · 7825e0c4
      Linus Torvalds authored
      Pull ARM SoC fixes from Olof Johansson:
       "A handful of fixes before final release:
      
        Marvell Armada:
         - One to fix a typo in the devicetree specifying memory ranges for
           the crypto engine
         - Two to deal with marking PCI and device-memory as strongly ordered
           to avoid hardware deadlocks, in particular when enabling above
           crypto driver.
         - Compile fix for PM
      
        Allwinner:
         - DT clock fixes to deal with u-boot-enabled framebuffer (simplefb).
         - Make R8 (C.H.I.P. SoC) inherit system compatibility from A13 to
           make clocks register proper.
      
        Tegra:
         - Fix SD card voltage setting on the Tegra3 Beaver dev board
      
        Misc:
         - Two maintainers updates for STM32 and STi platforms"
      
      * tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
        ARM: tegra: beaver: Allow SD card voltage to be changed
        MAINTAINERS: update STi maintainer list
        MAINTAINERS: update STM32 maintainers list
        ARM: mvebu: compile pm code conditionally
        ARM: dts: sun7i: Fix pll3x2 and pll7x2 not having a parent clock
        ARM: dts: sunxi: Add pll3 to simplefb nodes clocks lists
        ARM: dts: armada-38x: fix MBUS_ID for crypto SRAM on Armada 385 Linksys
        ARM: mvebu: map PCI I/O regions strongly ordered
        ARM: mvebu: fix HW I/O coherency related deadlocks
        ARM: sunxi/dt: make the CHIP inherit from allwinner,sun5i-a13
      7825e0c4
    • Linus Torvalds's avatar
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 48d4ca56
      Linus Torvalds authored
      Pull crypto fixes from Herbert Xu:
       "This fixes a sporadic build failure in the qat driver as well as a
        memory corruption bug in rsa-pkcs1pad"
      
      * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
        crypto: rsa-pkcs1pad - fix rsa-pkcs1pad request struct
        crypto: qat - make qat_asym_algs.o depend on asn1 headers
      48d4ca56
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 897473fc
      Linus Torvalds authored
      Pull key handling fixes from James Morris:
       "Quoting David Howells:
      
        Here are three miscellaneous fixes:
      
        (1) Fix a panic in some debugging code in PKCS#7.  This can only
            happen by explicitly inserting a #define DEBUG into the code.
      
        (2) Fix the calculation of the digest length in the PE file parser.
            This causes a failure where there should be a success.
      
        (3) Fix the case where an X.509 cert can be added as an asymmetric key
            to a trusted keyring with no trust restriction if no AKID is
            supplied.
      
        Bugs (1) and (2) aren't particularly problematic, but (3) allows a
        security check to be bypassed.  Happily, this is a recent regression
        and never made it into a released kernel"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        KEYS: Fix for erroneous trust of incorrectly signed X.509 certs
        pefile: Fix the failure of calculation for digest
        PKCS#7: Fix panic when referring to the empty AKID when DEBUG defined
      897473fc
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input · 3aa536d9
      Linus Torvalds authored
      Pull input fixes from Dmitry Torokhov:
       "A few more fixes for the input subsystem:
      
         - restore naming for tsc2005 touchscreens as some userspace match on it
         - fix out of bound access in legacy keyboard driver
         - fixup in RMI4 driver
      
        Everything is tagged for stable as well"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
        Input: tsc200x - report proper input_dev name
        tty/vt/keyboard: fix OOB access in do_compute_shiftstate()
        Input: synaptics-rmi4 - fix maximum size check for F12 control register 8
      3aa536d9
    • Linus Torvalds's avatar
      Merge branch 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm · f1894d83
      Linus Torvalds authored
      Pull libnvdimm fix from Dan Williams:
       "This contains a regression fix for a problem that was introduced in
        v4.7-rc6.
      
        In 4.7-rc1 we introduced auto-probing for the ACPI DSM (device-
        specific-method) format that the platform firmware implements for
        nvdimm devices.  We initially fixed a regression in probing the QEMU
        DSM implementation by making acpi_check_dsm() tolerant of the way QEMU
        reports the "0 DSMs supported" condition.
      
        However, that broke HPE platforms since that tolerance caused the
        driver to mistakenly match the 1-zero-byte response those platforms
        give to "unknown" commands.  Instead, we simply make the driver
        tolerant of not finding any supported DSMs.  This has been tested to
        work with both QEMU and HPE platforms.
      
        This commit has appeared in a -next release with no reported issues"
      
      * 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
        nfit: make DIMM DSMs optional
      f1894d83
    • Linus Torvalds's avatar
      Merge tag 'gpio-v4.7-6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio · ee62f09b
      Linus Torvalds authored
      Pull GPIO fix from Linus Walleij:
       "Compile problem fix for Tegra,
      
        Sorry to send this in the last minute but Ingo says this build failure
        is very prominent so I'm not going to wait for v4.7 before sending it.
      
        It is a case of COMPILE_TEST causing more problems than it solves and
        I'm already swearing about me shooting myself in the foot with that
        gun :("
      
      * tag 'gpio-v4.7-6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
        gpio: tegra: don't auto-enable for COMPILE_TEST
      ee62f09b
    • Linus Torvalds's avatar
      Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux · 62cd69d5
      Linus Torvalds authored
      Pull clk fixes from Michael Turquette:
       "Fix a bug in the at91 clk driver, two compile time warnings in sunxi
        clk drivers, and one bug in a sunxi clk driver introduced in the 4.7
        merge window"
      
      * tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
        clk: at91: fix clk_programmable_set_parent()
        clk: sunxi: remove unused variable
        clk: sunxi: display: Add per-clock flags
        clk: sunxi: tcon-ch1: Do not return a negative error in get_parent
      62cd69d5
    • Linus Torvalds's avatar
      Merge branch 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata · a933f80d
      Linus Torvalds authored
      Pull libata fix from Tejun Heo:
       "Another fallout from max_sectors bump a couple years ago.  The lite-on
        optical drive times out on large requests"
      
      * 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata:
        libata: LITE-ON CX1-JB256-HP needs lower max_sectors
      a933f80d
    • Linus Torvalds's avatar
      Merge tag 'mmc-v4.7-rc7' of git://git.linaro.org/people/ulf.hansson/mmc · ea4b3cfa
      Linus Torvalds authored
      Pull MMC fixes from Ulf Hansson:
       "Here are a few late mmc fixes intended for v4.7 final.
      
        MMC core:
         - Fix eMMC packed command header endianness
         - Fix free of uninitialized buffer for mmc ioctl
      
        MMC host:
         - pxamci: Fix potential oops in ->probe()"
      
      * tag 'mmc-v4.7-rc7' of git://git.linaro.org/people/ulf.hansson/mmc:
        mmc: pxamci: fix potential oops
        mmc: block: fix packed command header endianness
        mmc: block: fix free of uninitialized 'idata->buf'
      ea4b3cfa
    • Linus Torvalds's avatar
      Merge tag 'sound-4.7-fix2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · b6cbecae
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "No surprise, just a few small fixes: a couple of changes are seen in
        the core part, and both of them are rather for unusual error paths.
      
        The rest are the regular HD-audio fixes and one USB-audio regression
        fix"
      
      * tag 'sound-4.7-fix2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: usb-audio: Fix quirks code is not called
        ALSA: hda: add AMD Stoney PCI ID with proper driver caps
        ALSA: hda - fix use-after-free after module unload
        ALSA: pcm: Free chmap at PCM free callback, too
        ALSA: ctl: Stop notification after disconnection
        ALSA: hda/realtek - add new pin definition in alc225 pin quirk table
      b6cbecae
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.dk/linux-block · ff8d6fac
      Linus Torvalds authored
      Pull NVMe fix from Jens Axboe:
       "Late addition here, it's basically a revert of a patch that was added
        in this merge window, but has proven to cause problems.
      
        This is swapping out the RCU based namespace protection with a good
        old mutex instead"
      
      * 'for-linus' of git://git.kernel.dk/linux-block:
        nvme: Remove RCU namespace protection
      ff8d6fac
    • Jiri Slaby's avatar
      pps: do not crash when failed to register · 368301f2
      Jiri Slaby authored
      With this command sequence:
      
        modprobe plip
        modprobe pps_parport
        rmmod pps_parport
      
      the partport_pps modules causes this crash:
      
        BUG: unable to handle kernel NULL pointer dereference at (null)
        IP: parport_detach+0x1d/0x60 [pps_parport]
        Oops: 0000 [#1] SMP
        ...
        Call Trace:
          parport_unregister_driver+0x65/0xc0 [parport]
          SyS_delete_module+0x187/0x210
      
      The sequence that builds up to this is:
      
       1) plip is loaded and takes the parport device for exclusive use:
      
          plip0: Parallel port at 0x378, using IRQ 7.
      
       2) pps_parport then fails to grab the device:
      
          pps_parport: parallel port PPS client
          parport0: cannot grant exclusive access for device pps_parport
          pps_parport: couldn't register with parport0
      
       3) rmmod of pps_parport is then killed because it tries to access
          pardev->name, but pardev (taken from port->cad) is NULL.
      
      So add a check for NULL in the test there too.
      
      Link: http://lkml.kernel.org/r/20160714115245.12651-1-jslaby@suse.czSigned-off-by: default avatarJiri Slaby <jslaby@suse.cz>
      Acked-by: default avatarRodolfo Giometti <giometti@enneenne.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      368301f2
    • Dan Carpenter's avatar
      tools/vm/slabinfo: fix an unintentional printf · 2d6a4d64
      Dan Carpenter authored
      The curly braces are missing here so we print stuff unintentionally.
      
      Fixes: 9da4714a ('slub: slabinfo update for cmpxchg handling')
      Link: http://lkml.kernel.org/r/20160715211243.GE19522@mwandaSigned-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Acked-by: default avatarChristoph Lameter <cl@linux.com>
      Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
      Cc: Colin Ian King <colin.king@canonical.com>
      Cc: Laura Abbott <labbott@fedoraproject.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      2d6a4d64
    • Dan Carpenter's avatar
      testing/radix-tree: fix a macro expansion bug · b301aac5
      Dan Carpenter authored
      There are no parentheses around this macro and it causes a problem when
      we do:
      
      	index = rand() % THRASH_SIZE;
      
      Link: http://lkml.kernel.org/r/20160715210953.GC19522@mwandaSigned-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Acked-by: default avatarRoss Zwisler <ross.zwisler@linux.intel.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b301aac5
    • Andrey Ryabinin's avatar
      radix-tree: fix radix_tree_iter_retry() for tagged iterators. · 3cb9185c
      Andrey Ryabinin authored
      radix_tree_iter_retry() resets slot to NULL, but it doesn't reset tags.
      Then NULL slot and non-zero iter.tags passed to radix_tree_next_slot()
      leading to crash:
      
        RIP: radix_tree_next_slot include/linux/radix-tree.h:473
          find_get_pages_tag+0x334/0x930 mm/filemap.c:1452
        ....
        Call Trace:
          pagevec_lookup_tag+0x3a/0x80 mm/swap.c:960
          mpage_prepare_extent_to_map+0x321/0xa90 fs/ext4/inode.c:2516
          ext4_writepages+0x10be/0x2b20 fs/ext4/inode.c:2736
          do_writepages+0x97/0x100 mm/page-writeback.c:2364
          __filemap_fdatawrite_range+0x248/0x2e0 mm/filemap.c:300
          filemap_write_and_wait_range+0x121/0x1b0 mm/filemap.c:490
          ext4_sync_file+0x34d/0xdb0 fs/ext4/fsync.c:115
          vfs_fsync_range+0x10a/0x250 fs/sync.c:195
          vfs_fsync fs/sync.c:209
          do_fsync+0x42/0x70 fs/sync.c:219
          SYSC_fdatasync fs/sync.c:232
          SyS_fdatasync+0x19/0x20 fs/sync.c:230
          entry_SYSCALL_64_fastpath+0x23/0xc1 arch/x86/entry/entry_64.S:207
      
      We must reset iterator's tags to bail out from radix_tree_next_slot()
      and go to the slow-path in radix_tree_next_chunk().
      
      Fixes: 46437f9a ("radix-tree: fix race in gang lookup")
      Link: http://lkml.kernel.org/r/1468495196-10604-1-git-send-email-aryabinin@virtuozzo.comSigned-off-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
      Reported-by: default avatarDmitry Vyukov <dvyukov@google.com>
      Acked-by: default avatarKonstantin Khlebnikov <koct9i@gmail.com>
      Cc: Matthew Wilcox <willy@linux.intel.com>
      Cc: Hugh Dickins <hughd@google.com>
      Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3cb9185c
    • Johannes Weiner's avatar
      mm: memcontrol: fix cgroup creation failure after many small jobs · 73f576c0
      Johannes Weiner authored
      The memory controller has quite a bit of state that usually outlives the
      cgroup and pins its CSS until said state disappears.  At the same time
      it imposes a 16-bit limit on the CSS ID space to economically store IDs
      in the wild.  Consequently, when we use cgroups to contain frequent but
      small and short-lived jobs that leave behind some page cache, we quickly
      run into the 64k limitations of outstanding CSSs.  Creating a new cgroup
      fails with -ENOSPC while there are only a few, or even no user-visible
      cgroups in existence.
      
      Although pinning CSSs past cgroup removal is common, there are only two
      instances that actually need an ID after a cgroup is deleted: cache
      shadow entries and swapout records.
      
      Cache shadow entries reference the ID weakly and can deal with the CSS
      having disappeared when it's looked up later.  They pose no hurdle.
      
      Swap-out records do need to pin the css to hierarchically attribute
      swapins after the cgroup has been deleted; though the only pages that
      remain swapped out after offlining are tmpfs/shmem pages.  And those
      references are under the user's control, so they are manageable.
      
      This patch introduces a private 16-bit memcg ID and switches swap and
      cache shadow entries over to using that.  This ID can then be recycled
      after offlining when the CSS remains pinned only by objects that don't
      specifically need it.
      
      This script demonstrates the problem by faulting one cache page in a new
      cgroup and deleting it again:
      
        set -e
        mkdir -p pages
        for x in `seq 128000`; do
          [ $((x % 1000)) -eq 0 ] && echo $x
          mkdir /cgroup/foo
          echo $$ >/cgroup/foo/cgroup.procs
          echo trex >pages/$x
          echo $$ >/cgroup/cgroup.procs
          rmdir /cgroup/foo
        done
      
      When run on an unpatched kernel, we eventually run out of possible IDs
      even though there are no visible cgroups:
      
        [root@ham ~]# ./cssidstress.sh
        [...]
        65000
        mkdir: cannot create directory '/cgroup/foo': No space left on device
      
      After this patch, the IDs get released upon cgroup destruction and the
      cache and css objects get released once memory reclaim kicks in.
      
      [hannes@cmpxchg.org: init the IDR]
        Link: http://lkml.kernel.org/r/20160621154601.GA22431@cmpxchg.org
      Fixes: b2052564 ("mm: memcontrol: continue cache reclaim from offlined groups")
      Link: http://lkml.kernel.org/r/20160617162516.GD19084@cmpxchg.orgSigned-off-by: default avatarJohannes Weiner <hannes@cmpxchg.org>
      Reported-by: default avatarJohn Garcia <john.garcia@mesosphere.io>
      Reviewed-by: default avatarVladimir Davydov <vdavydov@virtuozzo.com>
      Acked-by: default avatarTejun Heo <tj@kernel.org>
      Cc: Nikolay Borisov <kernel@kyup.com>
      Cc: <stable@vger.kernel.org>	[3.19+]
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      73f576c0
  4. 22 Jul, 2016 1 commit