- 20 May, 2022 3 commits
-
-
Jakub Kicinski authored
Artem points out that skb may try to take over the skb and queue it to its own list. Unlink the skb before calling out. Fixes: b1a2c178 ("tls: rx: clear ctx->recv_pkt earlier") Reported-by: Artem Savkov <asavkov@redhat.com> Tested-by: Artem Savkov <asavkov@redhat.com> Link: https://lore.kernel.org/r/20220518205644.2059468-1-kuba@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Dan Carpenter authored
The netif_receive_skb() function frees "skb" so store skb->len before it is freed. Fixes: fd3040b9 ("net: ethernet: Add driver for Sunplus SP7021") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Link: https://lore.kernel.org/r/YoUuy4iTjFAcSn03@kiliSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
David Ober authored
Lenovo Thunderbolt 4 Dock, and other Lenovo USB Docks are using the original Realtek USB ethernet Vendor and Product IDs If the Network device is Realtek verify that it is on a Lenovo USB hub before enabling the passthru feature This also adds in the device IDs for the Lenovo USB Dongle and one other USB-C dock V2 fix formating of code V3 remove Generic define for Device ID 0x8153 and change it to use value V4 rearrange defines and case statement to put them in better order v5 create helper function to do the testing work as suggested Signed-off-by: David Ober <dober6023@gmail.com> Link: https://lore.kernel.org/r/20220517180539.25839-1-dober6023@gmail.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
- 19 May, 2022 30 commits
-
-
Jakub Kicinski authored
Merge tag 'linux-can-next-for-5.19-20220519' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2022-05-19 Oliver Hartkopp contributes a patch for the ISO-TP CAN protocol to update the validation of address information during bind. The next patch is by Jakub Kicinski and converts the CAN network drivers from netif_napi_add() to the netif_napi_add_weight() function. Another patch by Oliver Hartkopp removes obsolete CAN specific LED support. Vincent Mailhol's patch for the mcp251xfd driver fixes a -Wunaligned-access warning by clang-14. * tag 'linux-can-next-for-5.19-20220519' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: can: mcp251xfd: silence clang's -Wunaligned-access warning can: can-dev: remove obsolete CAN LED support can: can-dev: move to netif_napi_add_weight() can: isotp: isotp_bind(): do not validate unused address information ==================== Link: https://lore.kernel.org/r/20220519202308.1435903-1-mkl@pengutronix.deSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Vincent Mailhol authored
clang emits a -Wunaligned-access warning on union mcp251xfd_tx_ojb_load_buf. The reason is that field hw_tx_obj (not declared as packed) is being packed right after a 16 bits field inside a packed struct: | union mcp251xfd_tx_obj_load_buf { | struct __packed { | struct mcp251xfd_buf_cmd cmd; | /* ^ 16 bits fields */ | struct mcp251xfd_hw_tx_obj_raw hw_tx_obj; | /* ^ not declared as packed */ | } nocrc; | struct __packed { | struct mcp251xfd_buf_cmd_crc cmd; | struct mcp251xfd_hw_tx_obj_raw hw_tx_obj; | __be16 crc; | } crc; | } ____cacheline_aligned; Starting from LLVM 14, having an unpacked struct nested in a packed struct triggers a warning. c.f. [1]. This is a false positive because the field is always being accessed with the relevant put_unaligned_*() function. Adding __packed to the structure declaration silences the warning. [1] https://github.com/llvm/llvm-project/issues/55520 Link: https://lore.kernel.org/all/20220518114357.55452-1-mailhol.vincent@wanadoo.frSigned-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr> Reported-by: kernel test robot <lkp@intel.com> Tested-by: Nathan Chancellor <nathan@kernel.org> # build Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Oliver Hartkopp authored
Since commit 30f3b421 ("can: mark led trigger as broken") the CAN specific LED support was disabled and marked as BROKEN. As the common LED support with CONFIG_LEDS_TRIGGER_NETDEV should do this work now the code can be removed as preparation for a CAN netdevice Kconfig rework. Link: https://lore.kernel.org/all/20220518154527.29046-1-socketcan@hartkopp.netSuggested-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr> Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net> [mkl: remove led.h from MAINTAINERS] Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Jakub Kicinski authored
We want to remove the weight argument from the basic version of the netif_napi_add() call. Move all the callers in drivers/net/can that pass a custom weight (i.e. not NAPI_POLL_WEIGHT or 64) to the netif_napi_add_weight() API. Link: https://lore.kernel.org/all/20220517002345.1812104-1-kuba@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Oliver Hartkopp authored
With commit 2aa39889 ("can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting") the bind() syscall returns -EINVAL when the given CAN ID needed to be sanitized. But in the case of an unconfirmed broadcast mode the rx CAN ID is not needed and may be uninitialized from the caller - which is ok. This patch makes sure the result of an inproper CAN ID format is only provided when the address information is needed. Link: https://lore.kernel.org/all/20220517145653.2556-1-socketcan@hartkopp.netSigned-off-by: Oliver Hartkopp <socketcan@hartkopp.net> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-
Jakub Kicinski authored
Merge tag 'wireless-next-2022-05-19' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next Kalle Valo says: ==================== wireless-next patches for v5.19 Second set of patches for v5.19 and most likely the last one. rtw89 got support for 8852ce devices and mt76 now supports Wireless Ethernet Dispatch. Major changes: cfg80211/mac80211 - support disabling EHT mode rtw89 - add support for Realtek 8852ce devices mt76 - Wireless Ethernet Dispatch support for flow offload - non-standard VHT MCS10-11 support - mt7921 AP mode support - mt7921 ipv6 NS offload support ath11k - enable keepalive during WoWLAN suspend - implement remain-on-channel support * tag 'wireless-next-2022-05-19' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next: (135 commits) iwlwifi: mei: fix potential NULL-ptr deref iwlwifi: mei: clear the sap data header before sending iwlwifi: mvm: remove vif_count iwlwifi: mvm: always tell the firmware to accept MCAST frames in BSS iwlwifi: mvm: add OTP info in case of init failure iwlwifi: mvm: fix assert 1F04 upon reconfig iwlwifi: fw: init SAR GEO table only if data is present iwlwifi: mvm: clean up authorized condition iwlwifi: mvm: use NULL instead of ERR_PTR when parsing wowlan status iwlwifi: pcie: simplify MSI-X cause mapping rtw89: pci: only mask out INT indicator register for disable interrupt v1 rtw89: convert rtw89_band to nl80211_band precisely rtw89: 8852c: update txpwr tables to HALRF_027_00_052 rtw89: cfo: check mac_id to avoid out-of-bounds rtw89: 8852c: set TX antenna path rtw89: add ieee80211::sta_rc_update ops wireless: Fix Makefile to be in alphabetical order mac80211: refactor freeing the next_beacon cfg80211: fix kernel-doc for cfg80211_beacon_data mac80211: minstrel_ht: support ieee80211_rate_status ... ==================== Link: https://lore.kernel.org/r/20220519153334.8D051C385AA@smtp.kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski authored
drivers/net/ethernet/mellanox/mlx5/core/main.c b3388697 ("net/mlx5: Initialize flow steering during driver probe") 40379a00 ("net/mlx5_fpga: Drop INNOVA TLS support") f2b41b32 ("net/mlx5: Remove ipsec_ops function table") https://lore.kernel.org/all/20220519040345.6yrjromcdistu7vh@sx1/ 16d42d31 ("net/mlx5: Drain fw_reset when removing device") 8324a02c ("net/mlx5: Add exit route when waiting for FW") https://lore.kernel.org/all/20220519114119.060ce014@canb.auug.org.au/ tools/testing/selftests/net/mptcp/mptcp_join.sh e274f715 ("selftests: mptcp: add subflow limits test-cases") b6e074e1 ("selftests: mptcp: add infinite map testcase") 5ac1d2d6 ("selftests: mptcp: Add tests for userspace PM type") https://lore.kernel.org/all/20220516111918.366d747f@canb.auug.org.au/ net/mptcp/options.c ba2c89e0 ("mptcp: fix checksum byte order") 1e39e5a3 ("mptcp: infinite mapping sending") ea66758c ("tcp: allow MPTCP to update the announced window") https://lore.kernel.org/all/20220519115146.751c3a37@canb.auug.org.au/ net/mptcp/pm.c 95d68651 ("mptcp: fix subflow accounting on close") 4d25247d ("mptcp: bypass in-kernel PM restrictions for non-kernel PMs") https://lore.kernel.org/all/20220516111435.72f35dca@canb.auug.org.au/ net/mptcp/subflow.c ae66fb2b ("mptcp: Do TCP fallback on early DSS checksum failure") 0348c690 ("mptcp: add the fallback check") f8d4bcac ("mptcp: infinite mapping receiving") https://lore.kernel.org/all/20220519115837.380bb8d4@canb.auug.org.au/Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netLinus Torvalds authored
Pull networking fixes from Paolo Abeni: "Including fixes from can, xfrm and netfilter subtrees. Notably this reverts a recent TCP/DCCP netns-related change to address a possible UaF. Current release - regressions: - tcp: revert "tcp/dccp: get rid of inet_twsk_purge()" - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown Previous releases - regressions: - netfilter: flowtable: fix TCP flow teardown - can: revert "can: m_can: pci: use custom bit timings for Elkhart Lake" - xfrm: check encryption module availability consistency - eth: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() - eth: mlx5: initialize flow steering during driver probe - eth: ice: fix crash when writing timestamp on RX rings Previous releases - always broken: - mptcp: fix checksum byte order - eth: lan966x: fix assignment of the MAC address - eth: mlx5: remove HW-GRO from reported features - eth: ftgmac100: disable hardware checksum on AST2600" * tag 'net-5.18-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (50 commits) net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. ptp: ocp: change sysfs attr group handling selftests: forwarding: fix missing backslash netfilter: nf_tables: disable expression reduction infra netfilter: flowtable: move dst_check to packet path netfilter: flowtable: fix TCP flow teardown net: ftgmac100: Disable hardware checksum on AST2600 igb: skip phy status check where unavailable nfc: pn533: Fix buggy cleanup order mptcp: Do TCP fallback on early DSS checksum failure mptcp: fix checksum byte order net: af_key: check encryption module availability consistency net: af_key: add check for pfkey_broadcast in function pfkey_process net/mlx5: Drain fw_reset when removing device net/mlx5e: CT: Fix setting flow_source for smfs ct tuples net/mlx5e: CT: Fix support for GRE tuples net/mlx5e: Remove HW-GRO from reported features net/mlx5e: Properly block HW GRO when XDP is enabled net/mlx5e: Properly block LRO when XDP is enabled net/mlx5e: Block rx-gro-hw feature in switchdev mode ...
-
Boris Pismenny authored
TLS device offload copies sendfile data to a bounce buffer before transmitting. It allows to maintain the valid MAC on TLS records when the file contents change and a part of TLS record has to be retransmitted on TCP level. In many common use cases (like serving static files over HTTPS) the file contents are not changed on the fly. In many use cases breaking the connection is totally acceptable if the file is changed during transmission, because it would be received corrupted in any case. This commit allows to optimize performance for such use cases to providing a new optional mode of TLS sendfile(), in which the extra copy is skipped. Removing this copy improves performance significantly, as TLS and TCP sendfile perform the same operations, and the only overhead is TLS header/trailer insertion. The new mode can only be enabled with the new socket option named TLS_TX_ZEROCOPY_SENDFILE on per-socket basis. It preserves backwards compatibility with existing applications that rely on the copying behavior. The new mode is safe, meaning that unsolicited modifications of the file being sent can't break integrity of the kernel. The worst thing that can happen is sending a corrupted TLS record, which is in any case not forbidden when using regular TCP sockets. Sockets other than TLS device offload are not affected by the new socket option. The actual status of zerocopy sendfile can be queried with sock_diag. Performance numbers in a single-core test with 24 HTTPS streams on nginx, under 100% CPU load: * non-zerocopy: 33.6 Gbit/s * zerocopy: 79.92 Gbit/s CPU: Intel(R) Xeon(R) Platinum 8380 CPU @ 2.30GHz Signed-off-by: Boris Pismenny <borisp@nvidia.com> Signed-off-by: Tariq Toukan <tariqt@nvidia.com> Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com> Reviewed-by: Jakub Kicinski <kuba@kernel.org> Link: https://lore.kernel.org/r/20220518092731.1243494-1-maximmi@nvidia.comSigned-off-by: Paolo Abeni <pabeni@redhat.com>
-
Yinjun Zhang authored
Current implementation of ct merging doesn't support the case that the fields mangling in pre_ct rules are matched in post_ct rules. This change is to support merging when mangling mac address, ip address, tos, ttl and l4 port. VLAN and MPLS mangling is not involved yet. Signed-off-by: Yinjun Zhang <yinjun.zhang@corigine.com> Signed-off-by: Louis Peens <louis.peens@corigine.com> Signed-off-by: Simon Horman <simon.horman@corigine.com> Link: https://lore.kernel.org/r/20220518075055.130649-1-simon.horman@corigine.comSigned-off-by: Paolo Abeni <pabeni@redhat.com>
-
Michael Trimarchi authored
Make ndo_open less sensitive to memory pressure. Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com> Reviewed-by: Jakub Kicinski <kuba@kernel.org> Link: https://lore.kernel.org/r/20220518062007.10056-1-michael@amarulasolutions.comSigned-off-by: Paolo Abeni <pabeni@redhat.com>
-
Andrew Lunn authored
It is possible to stack bridges on top of each other. Consider the following which makes use of an Ethernet switch: br1 / \ / \ / \ br0.11 wlan0 | br0 / | \ p1 p2 p3 br0 is offloaded to the switch. Above br0 is a vlan interface, for vlan 11. This vlan interface is then a slave of br1. br1 also has a wireless interface as a slave. This setup trunks wireless lan traffic over the copper network inside a VLAN. A frame received on p1 which is passed up to the bridge has the skb->offload_fwd_mark flag set to true, indicating that the switch has dealt with forwarding the frame out ports p2 and p3 as needed. This flag instructs the software bridge it does not need to pass the frame back down again. However, the flag is not getting reset when the frame is passed upwards. As a result br1 sees the flag, wrongly interprets it, and fails to forward the frame to wlan0. When passing a frame upwards, clear the flag. This is the Rx equivalent of br_switchdev_frame_unmark() in br_dev_xmit(). Fixes: f1c2eddf ("bridge: switchdev: Use an helper to clear forward mark") Signed-off-by: Andrew Lunn <andrew@lunn.ch> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Acked-by: Nikolay Aleksandrov <razor@blackwall.org> Link: https://lore.kernel.org/r/20220518005840.771575-1-andrew@lunn.chSigned-off-by: Paolo Abeni <pabeni@redhat.com>
-
Jonathan Lemon authored
In the detach path, the driver calls sysfs_remove_group() for the groups it believes has been registered. However, if the group was never previously registered, then this causes a splat. Instead, compute the groups that should be registered in advance, and then call sysfs_create_groups(), which registers them all at once. Update the error handling appropriately. Fixes: c205d53c ("ptp: ocp: Add firmware capability bits for feature gating") Reported-by: Zheyu Ma <zheyuma97@gmail.com> Signed-off-by: Jonathan Lemon <jonathan.lemon@gmail.com> Link: https://lore.kernel.org/r/20220517214600.10606-1-jonathan.lemon@gmail.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
static inline is needed in the header. Fixes: 94db3317 ("net/mlx5: Support multiport eswitch mode") Acked-by: Saeed Mahameed <saeedm@nvidia.com> Link: https://lore.kernel.org/r/20220518183022.2034373-1-kuba@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Joachim Wiberg authored
Fix missing backslash, introduced in f62c5acc. Causes all tests to not be installed. Fixes: f62c5acc ("selftests/net/forwarding: add missing tests to Makefile") Signed-off-by: Joachim Wiberg <troglobit@gmail.com> Acked-by: Hangbin Liu <liuhangbin@gmail.com> Link: https://lore.kernel.org/r/20220518151630.2747773-1-troglobit@gmail.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Saeed Mahameed authored
Both sfc/efx_channels.h and sfc/siena/efx_channels.h used the same wrapper #ifndef EFX_CHANNELS_H, this patch changes the siena define to be EFX_SIENA_CHANNELS_H to avoid build system confusion. This fixes the following build break: drivers/net/ethernet/sfc/ptp.c:2191:28: error: ‘efx_copy_channel’ undeclared here (not in a function); did you mean ‘efx_ptp_channel’? 2191 | .copy = efx_copy_channel, Fixes: 6e173d3b ("sfc: Copy shared files needed for Siena (part 1)") Signed-off-by: Saeed Mahameed <saeedm@nvidia.com> Cc: Edward Cree <ecree.xilinx@gmail.com> Acked-by: Martin Habets <habetsm.xilinx@gmail.com> Link: https://lore.kernel.org/r/20220518065820.131611-1-saeed@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
Christophe says: ==================== octeon_ep: Fix the error handling path of octep_request_irqs() I send a small serie to ease review and because I'm sighly less confident with the 2nd patch. ==================== Link: https://lore.kernel.org/r/cover.1652819974.git.christophe.jaillet@wanadoo.frSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christophe JAILLET authored
When taken, the error handling path does not undo correctly what has already been allocated. Introduce a new loop index, 'j', in order to simplify the error handling path and rewrite part of it. It is now written with the same logic and intermediate variables used when resources are allocated. This is much more straightforward. Fixes: 37d79d05 ("octeon_ep: add Tx/Rx processing and interrupt support") Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christophe JAILLET authored
'oct->non_ioq_irq_names' is not freed in the error handling path of octep_request_irqs(). Add the missing kfree(). Fixes: 37d79d05 ("octeon_ep: add Tx/Rx processing and interrupt support") Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Acked-by: Veerasenareddy Burru <vburru@marvell.com> Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
Josua Mayer says: ==================== adin: add support for clock output This patch series adds support for configuring the two clock outputs of adin 1200 and 1300 PHYs. Certain network controllers require an external reference clock which can be provided by the PHY. One of the replies to v1 was asking why the common clock framework isn't used. Currently no PHY driver has implemented providing a clock to the network controller. Instead they rely on vendor extensions to make the appropriate configuration. For example ar8035 uses qca,clk-out-frequency - this patchset aimed to replicate the same functionality. Finally the 125MHz free-running clock is enabled in the device-tree for SolidRun i.MX6 SoMs, to support revisions 1.9 and later, where the original phy has been replaced with an adin 1300. To avoid introducing new warning messages during boot for SoMs before rev 1.9, the status field of the new phy node is disabled by default, and will be enabled by U-Boot on demand. ==================== Link: https://lore.kernel.org/r/20220517085143.3749-1-josua@solid-run.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Josua Mayer authored
Since SoM revision 1.9 the PHY has been replaced with an ADIN1300, add an entry for it next to the original. As Russell King pointed out, additional phy nodes cause warnings like: mdio_bus 2188000.ethernet-1: MDIO device at address 1 is missing To avoid this the new node has its status set to disabled. U-Boot will be modified to enable the appropriate phy node after probing. The existing ar8035 nodes have to stay enabled by default to avoid breaking existing systems when they update Linux only. Co-developed-by: Alvaro Karsz <alvaro.karsz@solid-run.com> Signed-off-by: Alvaro Karsz <alvaro.karsz@solid-run.com> Signed-off-by: Josua Mayer <josua@solid-run.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Josua Mayer authored
The ADIN1300 supports generating certain clocks on its GP_CLK pin, as well as providing the reference clock on CLK25_REF. Add support for selecting the clock via device-tree properties. Technically the phy also supports a recovered 125MHz clock for synchronous ethernet. SyncE should be configured dynamically at runtime, however Linux does not currently have a toggle for this, so support is explicitly omitted. Co-developed-by: Alvaro Karsz <alvaro.karsz@solid-run.com> Signed-off-by: Alvaro Karsz <alvaro.karsz@solid-run.com> Signed-off-by: Josua Mayer<josua@solid-run.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Josua Mayer authored
The ADIN1300 supports generating certain clocks on its GP_CLK pin, as well as providing the reference clock on CLK25_REF. Add DT properties to configure both pins. Technically the phy also supports a recovered 125MHz clock for synchronous ethernet. However SyncE should be configured dynamically at runtime, so it is explicitly omitted in this binding. Signed-off-by: Josua Mayer <josua@solid-run.com> Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nfJakub Kicinski authored
Pablo Neira Ayuso says: ==================== Netfilter fixes for net 1) Reduce number of hardware offload retries from flowtable datapath which might hog system with retries, from Felix Fietkau. 2) Skip neighbour lookup for PPPoE device, fill_forward_path() already provides this and set on destination address from fill_forward_path for PPPoE device, also from Felix. 4) When combining PPPoE on top of a VLAN device, set info->outdev to the PPPoE device so software offload works, from Felix. 5) Fix TCP teardown flowtable state, races with conntrack gc might result in resetting the state to ESTABLISHED and the time to one day. Joint work with Oz Shlomo and Sven Auhagen. 6) Call dst_check() from flowtable datapath to check if dst is stale instead of doing it from garbage collector path. 7) Disable register tracking infrastructure, either user-space or kernel need to pre-fetch keys inconditionally, otherwise register tracking assumes data is already available in register that might not well be there, leading to incorrect reductions. * git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: disable expression reduction infra netfilter: flowtable: move dst_check to packet path netfilter: flowtable: fix TCP flow teardown netfilter: nft_flow_offload: fix offload with pppoe + vlan net: fix dev_fill_forward_path with pppoe + bridge netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices netfilter: flowtable: fix excessive hw offload attempts after failure ==================== Link: https://lore.kernel.org/r/20220518213841.359653-1-pablo@netfilter.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
git://git.kernel.dk/linux-blockLinus Torvalds authored
Pull block fix from Jens Axboe: "Just a small fix for a missing fifo time assigment for the head insertion case in mq-deadline" * tag 'block-5.18-2022-05-18' of git://git.kernel.dk/linux-block: block/mq-deadline: Set the fifo_time member also if inserting at head
-
git://git.kernel.dk/linux-blockLinus Torvalds authored
Pull io_uring fixes from Jens Axboe: "Two small changes fixing issues from the 5.18 merge window: - Fix wrong ordering of a tracepoint (Dylan) - Fix MSG_RING on IOPOLL rings (me)" * tag 'io_uring-5.18-2022-05-18' of git://git.kernel.dk/linux-block: io_uring: don't attempt to IOPOLL for MSG_RING requests io_uring: fix ordering of args in io_uring_queue_async_work
-
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/auditLinus Torvalds authored
Pull audit fix from Paul Moore: "A single audit patch to fix a problem where a task's audit_context was not being properly reset with io_uring" * tag 'audit-pr-20220518' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: audit,io_uring,io-wq: call __audit_uring_exit for dummy contexts
-
git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinuxLinus Torvalds authored
Pull selinux fix from Paul Moore: "A single SELinux patch to fix an error path that was doing the wrong thing with respect to freeing memory" * tag 'selinux-pr-20220518' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: fix bad cleanup on error in hashtab_duplicate()
-
git://git.kernel.org/pub/scm/linux/kernel/git/soc/socLinus Torvalds authored
Pull ARM SoC fixes from Arnd Bergmann: "The SoC bug fixes have calmed down sufficiently, there is one minor update for the MAINTAINERS file, and few bug fixes for dts descriptions: - Updates to the BananaPi R2-Pro (rk3568) dts to match production hardware rather than the prototype version. - Qualcomm sm8250 soundwire gets disabled on some machines to avoid crashes - A number of aspeed SoC specific fixes, addressing incorrect pin cotrol settings, some values in the romed8hm board, and a revert for an accidental removal of a DT node" * 'arm/fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: MAINTAINERS: omap: remove me as a maintainer ARM: dts: aspeed: Add video engine to g6 ARM: dts: aspeed: romed8hm3: Fix GPIOB0 name ARM: dts: aspeed: romed8hm3: Add lm25066 sense resistor values ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group ARM: dts: aspeed-g6: add FWQSPI group in pinctrl dtsi dt-bindings: pinctrl: aspeed-g6: add FWQSPI function/group pinctrl: pinctrl-aspeed-g6: add FWQSPI function-group dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi arm64: dts: qcom: sm8250: don't enable rx/tx macro by default arm64: dts: rockchip: Add gmac1 and change network settings of bpi-r2-pro arm64: dts: rockchip: Change io-domains of bpi-r2-pro
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds authored
Pull misc fixes from Al Viro: "vhost race fix and a percpu_ref_init-caused cgroup double-free fix. The latter had manifested as buggered struct mount refcounting - those are also using percpu data structures, but anything that does percpu allocations could be hit" * 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: Fix double fget() in vhost_net_set_backend() percpu_ref_init(): clean ->percpu_count_ref on failure
-
- 18 May, 2022 7 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhostLinus Torvalds authored
Pull mlx5 fix from Michael Tsirkin: "One last minute fixup The patch has been on list for a while but as it was posted as part of a thread it was missed" * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: vdpa/mlx5: Use consistent RQT size
-
Al Viro authored
Descriptor table is a shared resource; two fget() on the same descriptor may return different struct file references. get_tap_ptr_ring() is called after we'd found (and pinned) the socket we'll be using and it tries to find the private tun/tap data structures associated with it. Redoing the lookup by the same file descriptor we'd used to get the socket is racy - we need to same struct file. Thanks to Jason for spotting a braino in the original variant of patch - I'd missed the use of fd == -1 for disabling backend, and in that case we can end up with sock == NULL and sock != oldsock. Cc: stable@kernel.org Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Eli Cohen authored
The current code evaluates RQT size based on the configured number of virtqueues. This can raise an issue in the following scenario: Assume MQ was negotiated. 1. mlx5_vdpa_set_map() gets called. 2. handle_ctrl_mq() is called setting cur_num_vqs to some value, lower than the configured max VQs. 3. A second set_map gets called, but now a smaller number of VQs is used to evaluate the size of the RQT. 4. handle_ctrl_mq() is called with a value larger than what the RQT can hold. This will emit errors and the driver state is compromised. To fix this, we use a new field in struct mlx5_vdpa_net to hold the required number of entries in the RQT. This value is evaluated in mlx5_vdpa_set_driver_features() where we have the negotiated features all set up. In addition to that, we take into consideration the max capability of RQT entries early when the device is added so we don't need to take consider it when creating the RQT. Last, we remove the use of mlx5_vdpa_max_qps() which just returns the max_vas / 2 and make the code clearer. Fixes: 52893733 ("vdpa/mlx5: Add multiqueue support") Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Eli Cohen <elic@nvidia.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/soundLinus Torvalds authored
Pull sound fixes from Takashi Iwai: "A collection of last-minute HD- an USB-audio quirks in addition to a fix for the legacy ISA wavefront driver. All look small and easy" * tag 'sound-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ALSA: usb-audio: Restore Rane SL-1 quirk ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine ALSA: hda/realtek: Add quirk for TongFang devices with pop noise ALSA: hda/realtek: Add quirk for the Framework Laptop ALSA: wavefront: Proper check of get_user() error ALSA: hda/realtek: Add quirk for Dell Latitude 7520 ALSA: hda - fix unused Realtek function when PM is not enabled ALSA: usb-audio: Don't get sample rate for MCT Trigger 5 USB-to-HDMI
-
Pablo Neira Ayuso authored
Either userspace or kernelspace need to pre-fetch keys inconditionally before comparisons for this to work. Otherwise, register tracking data is misleading and it might result in reducing expressions which are not yet registers. First expression is also guaranteed to be evaluated always, however, certain expressions break before writing data to registers, before comparing the data, leaving the register in undetermined state. This patch disables this infrastructure by now. Fixes: b2d30654 ("netfilter: nf_tables: do not reduce read-only expressions") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Ritaro Takenaka authored
Fixes sporadic IPv6 packet loss when flow offloading is enabled. IPv6 route GC and flowtable GC are not synchronized. When dst_cache becomes stale and a packet passes through the flow before the flowtable GC teardowns it, the packet can be dropped. So, it is necessary to check dst every time in packet path. Fixes: 227e1e4d ("netfilter: nf_flowtable: skip device lookup from interface index") Signed-off-by: Ritaro Takenaka <ritarot634@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
This patch addresses three possible problems: 1. ct gc may race to undo the timeout adjustment of the packet path, leaving the conntrack entry in place with the internal offload timeout (one day). 2. ct gc removes the ct because the IPS_OFFLOAD_BIT is not set and the CLOSE timeout is reached before the flow offload del. 3. tcp ct is always set to ESTABLISHED with a very long timeout in flow offload teardown/delete even though the state might be already CLOSED. Also as a remark we cannot assume that the FIN or RST packet is hitting flow table teardown as the packet might get bumped to the slow path in nftables. This patch resets IPS_OFFLOAD_BIT from flow_offload_teardown(), so conntrack handles the tcp rst/fin packet which triggers the CLOSE/FIN state transition. Moreover, teturn the connection's ownership to conntrack upon teardown by clearing the offload flag and fixing the established timeout value. The flow table GC thread will asynchonrnously free the flow table and hardware offload entries. Before this patch, the IPS_OFFLOAD_BIT remained set for expired flows on which is also misleading since the flow is back to classic conntrack path. If nf_ct_delete() removes the entry from the conntrack table, then it calls nf_ct_put() which decrements the refcnt. This is not a problem because the flowtable holds a reference to the conntrack object from flow_offload_alloc() path which is released via flow_offload_free(). This patch also updates nft_flow_offload to skip packets in SYN_RECV state. Since we might miss or bump packets to slow path, we do not know what will happen there while we are still in SYN_RECV, this patch postpones offload up to the next packet which also aligns to the existing behaviour in tc-ct. flow_offload_teardown() does not reset the existing tcp state from flow_offload_fixup_tcp() to ESTABLISHED anymore, packets bump to slow path might have already update the state to CLOSE/FIN. Joint work with Oz and Sven. Fixes: 1e5b2471 ("netfilter: nf_flow_table: teardown flow timeout race") Signed-off-by: Oz Shlomo <ozsh@nvidia.com> Signed-off-by: Sven Auhagen <sven.auhagen@voleatech.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-