1. 10 Feb, 2020 8 commits
    • Hongbo Yao's avatar
      bpf: Make btf_check_func_type_match() static · 2bf0eb9b
      Hongbo Yao authored
      Fix the following sparse warning:
      
      kernel/bpf/btf.c:4131:5: warning: symbol 'btf_check_func_type_match' was
      not declared. Should it be static?
      Reported-by: default avatarHulk Robot <hulkci@huawei.com>
      Signed-off-by: default avatarHongbo Yao <yaohongbo@huawei.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Link: https://lore.kernel.org/bpf/20200210011441.147102-1-yaohongbo@huawei.com
      2bf0eb9b
    • John Fastabend's avatar
      bpf: Selftests build error in sockmap_basic.c · f2e97dc1
      John Fastabend authored
      Fix following build error. We could push a tcp.h header into one of the
      include paths, but I think its easy enough to simply pull in the three
      defines we need here. If we end up using more of tcp.h at some point
      we can pull it in later.
      
      /home/john/git/bpf/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c: In function ‘connected_socket_v4’:
      /home/john/git/bpf/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c:20:11: error: ‘TCP_REPAIR_ON’ undeclared (first use in this function)
        repair = TCP_REPAIR_ON;
                 ^
      /home/john/git/bpf/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c:20:11: note: each undeclared identifier is reported only once for each function it appears in
      /home/john/git/bpf/tools/testing/selftests/bpf/prog_tests/sockmap_basic.c:29:11: error: ‘TCP_REPAIR_OFF_NO_WP’ undeclared (first use in this function)
        repair = TCP_REPAIR_OFF_NO_WP;
      
      Then with fix,
      
      $ ./test_progs -n 44
      #44/1 sockmap create_update_free:OK
      #44/2 sockhash create_update_free:OK
      #44 sockmap_basic:OK
      
      Fixes: 5d3919a9 ("selftests/bpf: Test freeing sockmap/sockhash with a socket in it")
      Signed-off-by: default avatarJohn Fastabend <john.fastabend@gmail.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Reviewed-by: default avatarJakub Sitnicki <jakub@cloudflare.com>
      Link: https://lore.kernel.org/bpf/158131347731.21414.12120493483848386652.stgit@john-Precision-5820-Tower
      f2e97dc1
    • Bjørn Mork's avatar
      qmi_wwan: unconditionally reject 2 ep interfaces · 00516d13
      Bjørn Mork authored
      We have been using the fact that the QMI and DIAG functions
      usually are the only ones with class/subclass/protocol being
      ff/ff/ff on Quectel modems. This has allowed us to match the
      QMI function without knowing the exact interface number,
      which can vary depending on firmware configuration.
      
      The ability to silently reject the DIAG function, which is
      usually handled by the option driver, is important for this
      method to work.  This is done based on the knowledge that it
      has exactly 2 bulk endpoints.  QMI function control interfaces
      will have either 3 or 1 endpoint. This rule is universal so
      the quirk condition can be removed.
      
      The fixed layouts known from the Gobi1k and Gobi2k modems
      have been gradually replaced by more dynamic layouts, and
      many vendors now use configurable layouts without changing
      device IDs.  Renaming the class/subclass/protocol matching
      macro makes it more obvious that this is now not Quectel
      specific anymore.
      
      Cc: Kristian Evensen <kristian.evensen@gmail.com>
      Cc: Aleksander Morgado <aleksander@aleksander.es>
      Signed-off-by: default avatarBjørn Mork <bjorn@mork.no>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      00516d13
    • Andrew Lunn's avatar
      net: dsa: mv88e6xxx: Prevent truncation of longer interrupt names · 5d1fbdf2
      Andrew Lunn authored
      When adding support for unique interrupt names, after testing on a few
      devices, it was assumed 32 characters would be sufficient. This
      assumption turned out to be incorrect, ZII RDU2 for example uses a
      device base name of mv88e6xxx-30be0000.ethernet-1:0, leaving no space
      for post fixes such as -g1-atu-prob and -watchdog. The names then
      become identical, defeating the point of the patch.
      
      Increase the length of the string to 64 charactoes.
      Reported-by: default avatarChris Healy <Chris.Healy@zii.aero>
      Fixes: 3095383a ("net: dsa: mv88e6xxx: Unique IRQ name")
      Signed-off-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5d1fbdf2
    • Bjørn Mork's avatar
      qmi_wwan: re-add DW5821e pre-production variant · 88bf5460
      Bjørn Mork authored
      Commit f25e1392 removed the support for the pre-production variant
      of the Dell DW5821e to avoid probing another USB interface unnecessarily.
      However, the pre-production samples are found in the wild, and this lack
      of support is causing problems for users of such samples.  It is therefore
      necessary to support both variants.
      
      Matching on both interfaces 0 and 1 is not expected to cause any problem
      with either variant, as only the QMI function will be probed successfully
      on either.  Interface 1 will be rejected based on the HID class for the
      production variant:
      
      T:  Bus=01 Lev=03 Prnt=04 Port=00 Cnt=01 Dev#= 16 Spd=480 MxCh= 0
      D:  Ver= 2.10 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs=  2
      P:  Vendor=413c ProdID=81d7 Rev=03.18
      S:  Manufacturer=DELL
      S:  Product=DW5821e Snapdragon X20 LTE
      S:  SerialNumber=0123456789ABCDEF
      C:  #Ifs= 6 Cfg#= 1 Atr=a0 MxPwr=500mA
      I:  If#= 0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=ff Driver=qmi_wwan
      I:  If#= 1 Alt= 0 #EPs= 1 Cls=03(HID  ) Sub=00 Prot=00 Driver=usbhid
      I:  If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option
      I:  If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option
      I:  If#= 4 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option
      I:  If#= 5 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=option
      
      And interface 0 will be rejected based on too few endpoints for the
      pre-production variant:
      
      T: Bus=01 Lev=02 Prnt=02 Port=03 Cnt=03 Dev#= 7 Spd=480 MxCh= 0
      D: Ver= 2.10 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 2
      P: Vendor=413c ProdID=81d7 Rev= 3.18
      S: Manufacturer=DELL
      S: Product=DW5821e Snapdragon X20 LTE
      S: SerialNumber=0123456789ABCDEF
      C: #Ifs= 5 Cfg#= 1 Atr=a0 MxPwr=500mA
      I: If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=
      I: If#= 1 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=ff Driver=qmi_wwan
      I: If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option
      I: If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option
      I: If#= 4 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option
      
      Fixes: f25e1392 ("qmi_wwan: fix interface number for DW5821e production firmware")
      Link: https://whrl.pl/Rf0vNkReported-by: default avatarLars Melin <larsm17@gmail.com>
      Cc: Aleksander Morgado <aleksander@aleksander.es>
      Signed-off-by: default avatarBjørn Mork <bjorn@mork.no>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      88bf5460
    • Tuong Lien's avatar
      tipc: fix successful connect() but timed out · 5391a877
      Tuong Lien authored
      In commit 9546a0b7 ("tipc: fix wrong connect() return code"), we
      fixed the issue with the 'connect()' that returns zero even though the
      connecting has failed by waiting for the connection to be 'ESTABLISHED'
      really. However, the approach has one drawback in conjunction with our
      'lightweight' connection setup mechanism that the following scenario
      can happen:
      
                (server)                        (client)
      
         +- accept()|                      |             wait_for_conn()
         |          |                      |connect() -------+
         |          |<-------[SYN]---------|                 > sleeping
         |          |                      *CONNECTING       |
         |--------->*ESTABLISHED           |                 |
                    |--------[ACK]-------->*ESTABLISHED      > wakeup()
              send()|--------[DATA]------->|\                > wakeup()
              send()|--------[DATA]------->| |               > wakeup()
                .   .          .           . |-> recvq       .
                .   .          .           . |               .
              send()|--------[DATA]------->|/                > wakeup()
             close()|--------[FIN]-------->*DISCONNECTING    |
                    *DISCONNECTING         |                 |
                    |                      ~~~~~~~~~~~~~~~~~~> schedule()
                                                             | wait again
                                                             .
                                                             .
                                                             | ETIMEDOUT
      
      Upon the receipt of the server 'ACK', the client becomes 'ESTABLISHED'
      and the 'wait_for_conn()' process is woken up but not run. Meanwhile,
      the server starts to send a number of data following by a 'close()'
      shortly without waiting any response from the client, which then forces
      the client socket to be 'DISCONNECTING' immediately. When the wait
      process is switched to be running, it continues to wait until the timer
      expires because of the unexpected socket state. The client 'connect()'
      will finally get ‘-ETIMEDOUT’ and force to release the socket whereas
      there remains the messages in its receive queue.
      
      Obviously the issue would not happen if the server had some delay prior
      to its 'close()' (or the number of 'DATA' messages is large enough),
      but any kind of delay would make the connection setup/shutdown "heavy".
      We solve this by simply allowing the 'connect()' returns zero in this
      particular case. The socket is already 'DISCONNECTING', so any further
      write will get '-EPIPE' but the socket is still able to read the
      messages existing in its receive queue.
      
      Note: This solution doesn't break the previous one as it deals with a
      different situation that the socket state is 'DISCONNECTING' but has no
      error (i.e. sk->sk_err = 0).
      
      Fixes: 9546a0b7 ("tipc: fix wrong connect() return code")
      Acked-by: default avatarYing Xue <ying.xue@windriver.com>
      Acked-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Signed-off-by: default avatarTuong Lien <tuong.t.lien@dektech.com.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5391a877
    • Chen Wandun's avatar
      mptcp: make the symbol 'mptcp_sk_clone_lock' static · 5609e2bb
      Chen Wandun authored
      Fix the following sparse warning:
      net/mptcp/protocol.c:646:13: warning: symbol 'mptcp_sk_clone_lock' was not declared. Should it be static?
      
      Fixes: b0519de8 ("mptcp: fix use-after-free for ipv6")
      Signed-off-by: default avatarChen Wandun <chenwandun@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5609e2bb
    • Chen Wandun's avatar
      tipc: make three functions static · 2437fd7b
      Chen Wandun authored
      Fix the following sparse warning:
      
      net/tipc/node.c:281:6: warning: symbol 'tipc_node_free' was not declared. Should it be static?
      net/tipc/node.c:2801:5: warning: symbol '__tipc_nl_node_set_key' was not declared. Should it be static?
      net/tipc/node.c:2878:5: warning: symbol '__tipc_nl_node_flush_key' was not declared. Should it be static?
      
      Fixes: fc1b6d6d ("tipc: introduce TIPC encryption & authentication")
      Fixes: e1f32190 ("tipc: add support for AEAD key setting via netlink")
      Signed-off-by: default avatarChen Wandun <chenwandun@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2437fd7b
  2. 09 Feb, 2020 2 commits
    • Linus Torvalds's avatar
      Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · fdfa3a67
      Linus Torvalds authored
      Pull misc SCSI fixes from James Bottomley:
       "Five small patches, all in drivers or doc, which missed the initial
        pull request.
      
        The qla2xxx and megaraid_sas are actual fixes and the rest are
        spelling and doc changes"
      
      * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: ufs: fix spelling mistake "initilized" -> "initialized"
        scsi: pm80xx: fix spelling mistake "to" -> "too"
        scsi: MAINTAINERS: ufs: remove pedrom.sousa@synopsys.com
        scsi: megaraid_sas: fixup MSIx interrupt setup during resume
        scsi: qla2xxx: Fix unbound NVME response length
      fdfa3a67
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 291abfea
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Unbalanced locking in mwifiex_process_country_ie, from Brian Norris.
      
       2) Fix thermal zone registration in iwlwifi, from Andrei
          Otcheretianski.
      
       3) Fix double free_irq in sgi ioc3 eth, from Thomas Bogendoerfer.
      
       4) Use after free in mptcp, from Florian Westphal.
      
       5) Use after free in wireguard's root_remove_peer_lists, from Eric
          Dumazet.
      
       6) Properly access packets heads in bonding alb code, from Eric
          Dumazet.
      
       7) Fix data race in skb_queue_len(), from Qian Cai.
      
       8) Fix regression in r8169 on some chips, from Heiner Kallweit.
      
       9) Fix XDP program ref counting in hv_netvsc, from Haiyang Zhang.
      
      10) Certain kinds of set link netlink operations can cause a NULL deref
          in the ipv6 addrconf code. Fix from Eric Dumazet.
      
      11) Don't cancel uninitialized work queue in drop monitor, from Ido
          Schimmel.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (84 commits)
        net: thunderx: use proper interface type for RGMII
        mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap
        bpf: Improve bucket_log calculation logic
        selftests/bpf: Test freeing sockmap/sockhash with a socket in it
        bpf, sockhash: Synchronize_rcu before free'ing map
        bpf, sockmap: Don't sleep while holding RCU lock on tear-down
        bpftool: Don't crash on missing xlated program instructions
        bpf, sockmap: Check update requirements after locking
        drop_monitor: Do not cancel uninitialized work item
        mlxsw: spectrum_dpipe: Add missing error path
        mlxsw: core: Add validation of hardware device types for MGPIR register
        mlxsw: spectrum_router: Clear offload indication from IPv6 nexthops on abort
        selftests: mlxsw: Add test cases for local table route replacement
        mlxsw: spectrum_router: Prevent incorrect replacement of local table routes
        net: dsa: microchip: enable module autoprobe
        ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
        dpaa_eth: support all modes with rate adapting PHYs
        net: stmmac: update pci platform data to use phy_interface
        net: stmmac: xgmac: fix missing IFF_MULTICAST checki in dwxgmac2_set_filter
        net: stmmac: fix missing IFF_MULTICAST check in dwmac4_set_filter
        ...
      291abfea
  3. 08 Feb, 2020 24 commits
    • Linus Torvalds's avatar
      Merge tag 'powerpc-5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · d4f309ca
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
      
       - Fix an existing bug in our user access handling, exposed by one of
         the bug fixes we merged this cycle.
      
       - A fix for a boot hang on 32-bit with CONFIG_TRACE_IRQFLAGS and the
         recently added CONFIG_VMAP_STACK.
      
      Thanks to: Christophe Leroy, Guenter Roeck.
      
      * tag 'powerpc-5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc: Fix CONFIG_TRACE_IRQFLAGS with CONFIG_VMAP_STACK
        powerpc/futex: Fix incorrect user access blocking
      d4f309ca
    • Linus Torvalds's avatar
      Fix up remaining devm_ioremap_nocache() in SGI IOC3 8250 UART driver · b0ef7cda
      Linus Torvalds authored
      This is a merge error on my part - the driver was merged into mainline
      by commit c5951e7c ("Merge tag 'mips_5.6' of git://../mips/linux")
      over a week ago, but nobody apparently noticed that it didn't actually
      build due to still having a reference to the devm_ioremap_nocache()
      function, removed a few days earlier through commit 6a1000bd ("Merge
      tag 'ioremap-5.6' of git://../ioremap").
      
      Apparently this didn't get any build testing anywhere.  Not perhaps all
      that surprising: it's restricted to 64-bit MIPS only, and only with the
      new SGI_MFD_IOC3 support enabled.
      
      I only noticed because the ioremap conflicts in the ARM SoC driver
      update made me check there weren't any others hiding, and I found this
      one.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b0ef7cda
    • Linus Torvalds's avatar
      Merge tag 'armsoc-late' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 4ef1a30c
      Linus Torvalds authored
      Pull ARM SoC late updates from Olof Johansson:
       "This is some material that we picked up into our tree late, or that
        had more complex dependencies on more than one topic branch that makes
        sense to keep separately.
      
         - TI support for secure accelerators and hwrng on OMAP4/5
      
         - TI camera changes for dra7 and am437x and SGX improvement due to
           better reset control support on am335x, am437x and dra7
      
         - Davinci moves to proper clocksource on DM365, and regulator/audio
           improvements for DM365 and DM644x eval boards"
      
      * tag 'armsoc-late' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (32 commits)
        ARM: dts: omap4-droid4: Enable hdq for droid4 ds250x 1-wire battery nvmem
        ARM: dts: motorola-cpcap-mapphone: Configure calibration interrupt
        ARM: dts: Configure interconnect target module for am437x sgx
        ARM: dts: Configure sgx for dra7
        ARM: dts: Configure rstctrl reset for am335x SGX
        ARM: dts: dra7: Add ti-sysc node for VPE
        ARM: dts: dra7: add vpe clkctrl node
        ARM: dts: am43x-epos-evm: Add VPFE and OV2659 entries
        ARM: dts: am437x-sk-evm: Add VPFE and OV2659 entries
        ARM: dts: am43xx: add support for clkout1 clock
        arm: dts: dra76-evm: Add CAL and OV5640 nodes
        arm: dtsi: dra76x: Add CAL dtsi node
        arm: dts: dra72-evm-common: Add entries for the CSI2 cameras
        ARM: dts: DRA72: Add CAL dtsi node
        ARM: dts: dra7-l4: Add ti-sysc node for CAM
        ARM: OMAP: DRA7xx: Make CAM clock domain SWSUP only
        ARM: dts: dra7: add cam clkctrl node
        ARM: OMAP2+: Drop legacy platform data for omap4 des
        ARM: OMAP2+: Drop legacy platform data for omap4 sham
        ARM: OMAP2+: Drop legacy platform data for omap4 aes
        ...
      4ef1a30c
    • Linus Torvalds's avatar
      Merge tag 'armsoc-defconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 5939224c
      Linus Torvalds authored
      Pull ARM SoC defconfig updates from Olof Johansson:
       "We keep this in a separate branch to avoid cross-branch conflicts, but
        most of the material here is fairly boring -- some new drivers turned
        on for hardware since they were merged, and some refreshed files due
        to time having moved a lot of entries around"
      
      * tag 'armsoc-defconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (38 commits)
        ARM: configs: at91: enable MMC_SDHCI_OF_AT91 and MICROCHIP_PIT64B
        arm64: defconfig: Enable Broadcom's GENET Ethernet controller
        ARM: multi_v7_defconfig: Enable devfreq thermal integration
        ARM: exynos_defconfig: Enable devfreq thermal integration
        ARM: multi_v7_defconfig: Enable NFS v4.1 and v4.2
        ARM: exynos_defconfig: Enable NFS v4.1 and v4.2
        arm64: defconfig: Enable Actions Semi specific drivers
        arm64: defconfig: Enable Broadcom's STB PCIe controller
        arm64: defconfig: Enable CONFIG_CLK_IMX8MP by default
        ARM: configs: at91: enable config flags for sam9x60 SoC
        ARM: configs: at91: use savedefconfig
        arm64: defconfig: Enable tegra XUDC support
        ARM: defconfig: gemini: Update defconfig
        arm64: defconfig: enable CONFIG_ARM_QCOM_CPUFREQ_NVMEM
        arm64: defconfig: enable CONFIG_QCOM_CPR
        arm64: defconfig: Enable HFPLL
        arm64: defconfig: Enable CRYPTO_DEV_FSL_CAAM
        ARM: imx_v6_v7_defconfig: Select the TFP410 driver
        ARM: imx_v6_v7_defconfig: Enable NFS_V4_1 and NFS_V4_2 support
        arm64: defconfig: Enable ATH10K_SNOC
        ...
      5939224c
    • Linus Torvalds's avatar
      Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · eab35405
      Linus Torvalds authored
      Pull ARM SoC-related driver updates from Olof Johansson:
       "Various driver updates for platforms:
      
         - Nvidia: Fuse support for Tegra194, continued memory controller
           pieces for Tegra30
      
         - NXP/FSL: Refactorings of QuickEngine drivers to support
           ARM/ARM64/PPC
      
         - NXP/FSL: i.MX8MP SoC driver pieces
      
         - TI Keystone: ring accelerator driver
      
         - Qualcomm: SCM driver cleanup/refactoring + support for new SoCs.
      
         - Xilinx ZynqMP: feature checking interface for firmware. Mailbox
           communication for power management
      
         - Overall support patch set for cpuidle on more complex hierarchies
           (PSCI-based)
      
        and misc cleanups, refactorings of Marvell, TI, other platforms"
      
      * tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (166 commits)
        drivers: soc: xilinx: Use mailbox IPI callback
        dt-bindings: power: reset: xilinx: Add bindings for ipi mailbox
        drivers: soc: ti: knav_qmss_queue: Pass lockdep expression to RCU lists
        MAINTAINERS: Add brcmstb PCIe controller entry
        soc/tegra: fuse: Unmap registers once they are not needed anymore
        soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
        soc/tegra: fuse: Warn if straps are not ready
        soc/tegra: fuse: Cache values of straps and Chip ID registers
        memory: tegra30-emc: Correct error message for timed out auto calibration
        memory: tegra30-emc: Firm up hardware programming sequence
        memory: tegra30-emc: Firm up suspend/resume sequence
        soc/tegra: regulators: Do nothing if voltage is unchanged
        memory: tegra: Correct reset value of xusb_hostr
        soc/tegra: fuse: Add APB DMA dependency for Tegra20
        bus: tegra-aconnect: Remove PM_CLK dependency
        dt-bindings: mediatek: add MT6765 power dt-bindings
        soc: mediatek: cmdq: delete not used define
        memory: tegra: Add support for the Tegra194 memory controller
        memory: tegra: Only include support for enabled SoCs
        memory: tegra: Support DVFS on Tegra186 and later
        ...
      eab35405
    • Linus Torvalds's avatar
      Merge tag 'armsoc-dt' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 1afa9c3b
      Linus Torvalds authored
      Pull ARM Device-tree updates from Olof Johansson:
       "New SoCs:
      
         - Atmel/Microchip SAM9X60 (ARM926 SoC)
      
         - OMAP 37xx gets split into AM3703/AM3715/DM3725, who are all
           variants of it with different GPU/media IP configurations.
      
         - ST stm32mp15 SoCs (1-2 Cortex-A7, CAN, GPU depending on SKU)
      
         - ST Ericsson ab8505 (variant of ab8500) and db8520 (variant of
           db8500)
      
         - Unisoc SC9863A SoC (8x Cortex-A55 mobile chipset w/ GPU, modem)
      
         - Qualcomm SC7180 (8-core 64bit SoC, unnamed CPU class)
      
        New boards:
      
         - Allwinner:
            + Emlid Neutis SoM (H3 variant)
            + Libre Computer ALL-H3-IT
            + PineH64 Model B
      
         - Amlogic:
            + Libretech Amlogic GX PC (s905d and s912-based variants)
      
         - Atmel/Microchip:
            + Kizboxmini, sam9x60 EK, sama5d27 Wireless SOM (wlsom1)
      
         - Marvell:
            + Armada 385-based SolidRun Clearfog GTR
      
         - NXP:
            + Gateworks GW59xx boards based on i.MX6/6Q/6QDL
            + Tolino Shine 3 eBook reader (i.MX6sl)
            + Embedded Artists COM (i.MX7ULP)
            + SolidRun CLearfog CX/ITX and HoneyComb (LX2160A-based systems)
            + Google Coral Edge TPU (i.MX8MQ)
      
         - Rockchip:
            + Radxa Dalang Carrier (supports rk3288 and rk3399 SOMs)
            + Radxa Rock Pi N10 (RK3399Pro-based)
            + VMARC RK3399Pro SOM
      
         - ST:
            + Reference boards for stm32mp15
      
         - ST Ericsson:
            + Samsung Galaxy S III mini (GT-I8190)
            + HREF520 reference board for DB8520
      
         - TI OMAP:
            + Gen1 Amazon Echo (OMAP3630-based)
      
         - Qualcomm:
            + Inforce 6640 Single Board Computer (msm8996-based)
            + SC7180 IDP (SC7180-based)"
      
      * tag 'armsoc-dt' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (623 commits)
        dt-bindings: fix compilation error of the example in marvell,mmp3-hsic-phy.yaml
        arm64: dts: ti: k3-am654-base-board: Add CSI2 OV5640 camera
        arm64: dts: ti: k3-am65-main Add CAL node
        arm64: dts: ti: k3-j721e-main: Add McASP nodes
        arm64: dts: ti: k3-am654-main: Add McASP nodes
        arm64: dts: ti: k3-j721e: DMA support
        arm64: dts: ti: k3-j721e-main: Move secure proxy and smmu under main_navss
        arm64: dts: ti: k3-j721e-main: Correct main NAVSS representation
        arm64: dts: ti: k3-j721e: Correct the address for MAIN NAVSS
        arm64: dts: ti: k3-am65: DMA support
        arm64: dts: ti: k3-am65-main: Move secure proxy under cbass_main_navss
        arm64: dts: ti: k3-am65-main: Correct main NAVSS representation
        ARM: dts: aspeed: rainier: Add UCD90320 power sequencer
        ARM: dts: aspeed: rainier: Switch PSUs to unknown version
        arm64: dts: rockchip: Kill off "simple-panel" compatibles
        ARM: dts: rockchip: Kill off "simple-panel" compatibles
        arm64: dts: rockchip: rename dwmmc node names to mmc
        ARM: dts: rockchip: rename dwmmc node names to mmc
        arm64: dts: exynos: Rename Samsung and Exynos to lowercase
        arm64: dts: uniphier: add reset-names to NAND controller node
        ...
      1afa9c3b
    • Linus Torvalds's avatar
      Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 469030d4
      Linus Torvalds authored
      Pull ARM SoC platform updates from Olof Johansson:
       "Most of these are smaller fixes that have accrued, and some continued
        cleanup of OMAP platforms towards shared frameworks.
      
        One new SoC from Atmel/Microchip: sam9x60"
      
      * tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (35 commits)
        ARM: OMAP2+: Fix undefined reference to omap_secure_init
        ARM: s3c64xx: Drop unneeded select of TIMER_OF
        ARM: exynos: Drop unneeded select of MIGHT_HAVE_CACHE_L2X0
        ARM: s3c24xx: Switch to atomic pwm API in rx1950
        ARM: OMAP2+: sleep43xx: Call secure suspend/resume handlers
        ARM: OMAP2+: Use ARM SMC Calling Convention when OP-TEE is available
        ARM: OMAP2+: Introduce check for OP-TEE in omap_secure_init()
        ARM: OMAP2+: Add omap_secure_init callback hook for secure initialization
        ARM: at91: Documentation: add sam9x60 product and datasheet
        ARM: at91: pm: use of_device_id array to find the proper shdwc node
        ARM: at91: pm: use SAM9X60 PMC's compatible
        ARM: imx: only select ARM_ERRATA_814220 for ARMv7-A
        ARM: zynq: use physical cpuid in zynq_slcr_cpu_stop/start
        ARM: tegra: Use clk_m CPU on Tegra124 LP1 resume
        ARM: tegra: Modify reshift divider during LP1
        ARM: tegra: Enable PLLP bypass during Tegra124 LP1
        ARM: samsung: Rename Samsung and Exynos to lowercase
        ARM: exynos: Correct the help text for platform Kconfig option
        ARM: bcm: Select ARM_AMBA for ARCH_BRCMSTB
        ARM: brcmstb: Add debug UART entry for 7216
        ...
      469030d4
    • Linus Torvalds's avatar
      Merge tag 'compat-ioctl-fix' of git://git.kernel.org:/pub/scm/linux/kernel/git/arnd/playground · b85080c1
      Linus Torvalds authored
      Pull compat-ioctl fix from Arnd Bergmann:
       "One patch in the compat-ioctl series broke 32-bit rootfs for multiple
        people testing on 64-bit kernels. Let's fix it in -rc1 before others
        run into the same issue"
      
      * tag 'compat-ioctl-fix' of git://git.kernel.org:/pub/scm/linux/kernel/git/arnd/playground:
        compat_ioctl: fix FIONREAD on devices
      b85080c1
    • Linus Torvalds's avatar
      Merge branch 'merge.nfs-fs_parse.1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · c9d35ee0
      Linus Torvalds authored
      Pull vfs file system parameter updates from Al Viro:
       "Saner fs_parser.c guts and data structures. The system-wide registry
        of syntax types (string/enum/int32/oct32/.../etc.) is gone and so is
        the horror switch() in fs_parse() that would have to grow another case
        every time something got added to that system-wide registry.
      
        New syntax types can be added by filesystems easily now, and their
        namespace is that of functions - not of system-wide enum members. IOW,
        they can be shared or kept private and if some turn out to be widely
        useful, we can make them common library helpers, etc., without having
        to do anything whatsoever to fs_parse() itself.
      
        And we already get that kind of requests - the thing that finally
        pushed me into doing that was "oh, and let's add one for timeouts -
        things like 15s or 2h". If some filesystem really wants that, let them
        do it. Without somebody having to play gatekeeper for the variants
        blessed by direct support in fs_parse(), TYVM.
      
        Quite a bit of boilerplate is gone. And IMO the data structures make a
        lot more sense now. -200LoC, while we are at it"
      
      * 'merge.nfs-fs_parse.1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (25 commits)
        tmpfs: switch to use of invalfc()
        cgroup1: switch to use of errorfc() et.al.
        procfs: switch to use of invalfc()
        hugetlbfs: switch to use of invalfc()
        cramfs: switch to use of errofc() et.al.
        gfs2: switch to use of errorfc() et.al.
        fuse: switch to use errorfc() et.al.
        ceph: use errorfc() and friends instead of spelling the prefix out
        prefix-handling analogues of errorf() and friends
        turn fs_param_is_... into functions
        fs_parse: handle optional arguments sanely
        fs_parse: fold fs_parameter_desc/fs_parameter_spec
        fs_parser: remove fs_parameter_description name field
        add prefix to fs_context->log
        ceph_parse_param(), ceph_parse_mon_ips(): switch to passing fc_log
        new primitive: __fs_parse()
        switch rbd and libceph to p_log-based primitives
        struct p_log, variants of warnf() et.al. taking that one instead
        teach logfc() to handle prefices, give it saner calling conventions
        get rid of cg_invalf()
        ...
      c9d35ee0
    • Linus Torvalds's avatar
      Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 236f4532
      Linus Torvalds authored
      Pull misc vfs updates from Al Viro:
      
       - bmap series from cmaiolino
      
       - getting rid of convolutions in copy_mount_options() (use a couple of
         copy_from_user() instead of the __get_user() crap)
      
      * 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        saner copy_mount_options()
        fibmap: Reject negative block numbers
        fibmap: Use bmap instead of ->bmap method in ioctl_fibmap
        ecryptfs: drop direct calls to ->bmap
        cachefiles: drop direct usage of ->bmap method.
        fs: Enable bmap() function to properly return errors
      236f4532
    • Linus Torvalds's avatar
      Merge branch 'pipe-exclusive-wakeup' · 99593330
      Linus Torvalds authored
      Merge thundering herd avoidance on pipe IO.
      
      This would have been applied for 5.5 already, but got delayed because of
      a user-space race condition in the GNU make jobserver code.  Now that
      there's a new GNU make 4.3 release, and most distributions seem to have
      at least applied the (almost three year old) fix for the problem, let's
      see if people notice.
      
      And it might have been just bad random timing luck on my machine.
      
      If you do hit the race condition, things will still work, but the
      symptom is that you don't get nearly the expected parallelism when using
      "make -j<N>".
      
      The jobserver bug can definitely happen without this patch too, but
      seems to be easier to trigger when we no longer wake up pipe waiters
      unnecessarily.
      
      * pipe-exclusive-wakeup:
        pipe: use exclusive waits when reading or writing
      99593330
    • Linus Torvalds's avatar
      pipe: use exclusive waits when reading or writing · 0ddad21d
      Linus Torvalds authored
      This makes the pipe code use separate wait-queues and exclusive waiting
      for readers and writers, avoiding a nasty thundering herd problem when
      there are lots of readers waiting for data on a pipe (or, less commonly,
      lots of writers waiting for a pipe to have space).
      
      While this isn't a common occurrence in the traditional "use a pipe as a
      data transport" case, where you typically only have a single reader and
      a single writer process, there is one common special case: using a pipe
      as a source of "locking tokens" rather than for data communication.
      
      In particular, the GNU make jobserver code ends up using a pipe as a way
      to limit parallelism, where each job consumes a token by reading a byte
      from the jobserver pipe, and releases the token by writing a byte back
      to the pipe.
      
      This pattern is fairly traditional on Unix, and works very well, but
      will waste a lot of time waking up a lot of processes when only a single
      reader needs to be woken up when a writer releases a new token.
      
      A simplified test-case of just this pipe interaction is to create 64
      processes, and then pass a single token around between them (this
      test-case also intentionally passes another token that gets ignored to
      test the "wake up next" logic too, in case anybody wonders about it):
      
          #include <unistd.h>
      
          int main(int argc, char **argv)
          {
              int fd[2], counters[2];
      
              pipe(fd);
              counters[0] = 0;
              counters[1] = -1;
              write(fd[1], counters, sizeof(counters));
      
              /* 64 processes */
              fork(); fork(); fork(); fork(); fork(); fork();
      
              do {
                      int i;
                      read(fd[0], &i, sizeof(i));
                      if (i < 0)
                              continue;
                      counters[0] = i+1;
                      write(fd[1], counters, (1+(i & 1)) *sizeof(int));
              } while (counters[0] < 1000000);
              return 0;
          }
      
      and in a perfect world, passing that token around should only cause one
      context switch per transfer, when the writer of a token causes a
      directed wakeup of just a single reader.
      
      But with the "writer wakes all readers" model we traditionally had, on
      my test box the above case causes more than an order of magnitude more
      scheduling: instead of the expected ~1M context switches, "perf stat"
      shows
      
              231,852.37 msec task-clock                #   15.857 CPUs utilized
              11,250,961      context-switches          #    0.049 M/sec
                 616,304      cpu-migrations            #    0.003 M/sec
                   1,648      page-faults               #    0.007 K/sec
       1,097,903,998,514      cycles                    #    4.735 GHz
         120,781,778,352      instructions              #    0.11  insn per cycle
          27,997,056,043      branches                  #  120.754 M/sec
             283,581,233      branch-misses             #    1.01% of all branches
      
            14.621273891 seconds time elapsed
      
             0.018243000 seconds user
             3.611468000 seconds sys
      
      before this commit.
      
      After this commit, I get
      
                5,229.55 msec task-clock                #    3.072 CPUs utilized
               1,212,233      context-switches          #    0.232 M/sec
                 103,951      cpu-migrations            #    0.020 M/sec
                   1,328      page-faults               #    0.254 K/sec
          21,307,456,166      cycles                    #    4.074 GHz
          12,947,819,999      instructions              #    0.61  insn per cycle
           2,881,985,678      branches                  #  551.096 M/sec
              64,267,015      branch-misses             #    2.23% of all branches
      
             1.702148350 seconds time elapsed
      
             0.004868000 seconds user
             0.110786000 seconds sys
      
      instead. Much better.
      
      [ Note! This kernel improvement seems to be very good at triggering a
        race condition in the make jobserver (in GNU make 4.2.1) for me. It's
        a long known bug that was fixed back in June 2017 by GNU make commit
        b552b0525198 ("[SV 51159] Use a non-blocking read with pselect to
        avoid hangs.").
      
        But there wasn't a new release of GNU make until 4.3 on Jan 19 2020,
        so a number of distributions may still have the buggy version. Some
        have backported the fix to their 4.2.1 release, though, and even
        without the fix it's quite timing-dependent whether the bug actually
        is hit. ]
      
      Josh Triplett says:
       "I've been hammering on your pipe fix patch (switching to exclusive
        wait queues) for a month or so, on several different systems, and I've
        run into no issues with it. The patch *substantially* improves
        parallel build times on large (~100 CPU) systems, both with parallel
        make and with other things that use make's pipe-based jobserver.
      
        All current distributions (including stable and long-term stable
        distributions) have versions of GNU make that no longer have the
        jobserver bug"
      Tested-by: default avatarJosh Triplett <josh@joshtriplett.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      0ddad21d
    • Arnd Bergmann's avatar
      compat_ioctl: fix FIONREAD on devices · 0a061743
      Arnd Bergmann authored
      My final cleanup patch for sys_compat_ioctl() introduced a regression on
      the FIONREAD ioctl command, which is used for both regular and special
      files, but only works on regular files after my patch, as I had missed
      the warning that Al Viro put into a comment right above it.
      
      Change it back so it can work on any file again by moving the implementation
      to do_vfs_ioctl() instead.
      
      Fixes: 77b90401 ("compat_ioctl: simplify the implementation")
      Reported-and-tested-by: default avatarChristian Zigotzky <chzigotzky@xenosoft.de>
      Reported-and-tested-by: default avataryouling257 <youling257@gmail.com>
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      0a061743
    • Tim Harvey's avatar
      net: thunderx: use proper interface type for RGMII · 29ca3b31
      Tim Harvey authored
      The configuration of the OCTEONTX XCV_DLL_CTL register via
      xcv_init_hw() is such that the RGMII RX delay is bypassed
      leaving the RGMII TX delay enabled in the MAC:
      
      	/* Configure DLL - enable or bypass
      	 * TX no bypass, RX bypass
      	 */
      	cfg = readq_relaxed(xcv->reg_base + XCV_DLL_CTL);
      	cfg &= ~0xFF03;
      	cfg |= CLKRX_BYP;
      	writeq_relaxed(cfg, xcv->reg_base + XCV_DLL_CTL);
      
      This would coorespond to a interface type of PHY_INTERFACE_MODE_RGMII_RXID
      and not PHY_INTERFACE_MODE_RGMII.
      
      Fixing this allows RGMII PHY drivers to do the right thing (enable
      RX delay in the PHY) instead of erroneously enabling both delays in the
      PHY.
      Signed-off-by: default avatarTim Harvey <tharvey@gateworks.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      29ca3b31
    • David S. Miller's avatar
      Merge tag 'wireless-drivers-2020-02-08' of... · c76b305c
      David S. Miller authored
      Merge tag 'wireless-drivers-2020-02-08' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers
      
      Kalle Valo says:
      
      ====================
      wireless-drivers fixes for v5.6
      
      First set of fixes for v5.6. Buffer overflow fixes to mwifiex, quite a
      few functionality fixes to iwlwifi and smaller fixes to other drivers.
      
      mwifiex
      
      * fix an unlock from a previous security fix
      
      * fix two buffer overflows
      
      libertas
      
      * fix two bugs from previous security fixes
      
      iwlwifi
      
      * fix module removal with multiple NICs
      
      * don't treat IGTK removal failure as an error
      
      * avoid FW crashes due to DTS measurement races
      
      * fix a potential use after free in FTM code
      
      * prevent a NULL pointer dereference in iwl_mvm_cfg_he_sta()
      
      * fix TDLS discovery
      
      * check all CPUs when trying to detect an error during resume
      
      rtw88
      
      * fix clang warning
      
      mt76
      
      * fix reading of max_nss value from a register
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c76b305c
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf · 2696e114
      David S. Miller authored
      Daniel Borkmann says:
      
      ====================
      pull-request: bpf 2020-02-07
      
      The following pull-request contains BPF updates for your *net* tree.
      
      We've added 15 non-merge commits during the last 10 day(s) which contain
      a total of 12 files changed, 114 insertions(+), 31 deletions(-).
      
      The main changes are:
      
      1) Various BPF sockmap fixes related to RCU handling in the map's tear-
         down code, from Jakub Sitnicki.
      
      2) Fix macro state explosion in BPF sk_storage map when calculating its
         bucket_log on allocation, from Martin KaFai Lau.
      
      3) Fix potential BPF sockmap update race by rechecking socket's established
         state under lock, from Lorenz Bauer.
      
      4) Fix crash in bpftool on missing xlated instructions when kptr_restrict
         sysctl is set, from Toke Høiland-Jørgensen.
      
      5) Fix i40e's XSK wakeup code to return proper error in busy state and
         various misc fixes in xdpsock BPF sample code, from Maciej Fijalkowski.
      
      6) Fix the way modifiers are skipped in BTF in the verifier while walking
         pointers to avoid program rejection, from Alexei Starovoitov.
      
      7) Fix Makefile for runqslower BPF tool to i) rebuild on libbpf changes and
         ii) to fix undefined reference linker errors for older gcc version due to
         order of passed gcc parameters, from Yulia Kartseva and Song Liu.
      
      8) Fix a trampoline_count BPF kselftest warning about missing braces around
         initializer, from Andrii Nakryiko.
      
      9) Fix up redundant "HAVE" prefix from large INSN limit kernel probe in
         bpftool, from Michal Rostecki.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2696e114
    • Christophe Leroy's avatar
      powerpc: Fix CONFIG_TRACE_IRQFLAGS with CONFIG_VMAP_STACK · d4bf9053
      Christophe Leroy authored
      When CONFIG_PROVE_LOCKING is selected together with (now default)
      CONFIG_VMAP_STACK, kernel enter deadlock during boot.
      
      At the point of checking whether interrupts are enabled or not, the
      value of MSR saved on stack is read using the physical address of the
      stack. But at this point, when using VMAP stack the DATA MMU
      translation has already been re-enabled, leading to deadlock.
      
      Don't use the physical address of the stack when
      CONFIG_VMAP_STACK is set.
      Signed-off-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
      Reported-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Fixes: 02847487 ("powerpc/32: prepare for CONFIG_VMAP_STACK")
      Tested-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Link: https://lore.kernel.org/r/daeacdc0dec0416d1c587cc9f9e7191ad3068dc0.1581095957.git.christophe.leroy@c-s.fr
      d4bf9053
    • Michael Ellerman's avatar
      powerpc/futex: Fix incorrect user access blocking · 9dc086f1
      Michael Ellerman authored
      The early versions of our kernel user access prevention (KUAP) were
      written by Russell and Christophe, and didn't have separate
      read/write access.
      
      At some point I picked up the series and added the read/write access,
      but I failed to update the usages in futex.h to correctly allow read
      and write.
      
      However we didn't notice because of another bug which was causing the
      low-level code to always enable read and write. That bug was fixed
      recently in commit 1d8f739b ("powerpc/kuap: Fix set direction in
      allow/prevent_user_access()").
      
      futex_atomic_cmpxchg_inatomic() is passed the user address as %3 and
      does:
      
        1:     lwarx   %1,  0, %3
               cmpw    0,  %1, %4
               bne-    3f
        2:     stwcx.  %5,  0, %3
      
      Which clearly loads and stores from/to %3. The logic in
      arch_futex_atomic_op_inuser() is similar, so fix both of them to use
      allow_read_write_user().
      
      Without this fix, and with PPC_KUAP_DEBUG=y, we see eg:
      
        Bug: Read fault blocked by AMR!
        WARNING: CPU: 94 PID: 149215 at arch/powerpc/include/asm/book3s/64/kup-radix.h:126 __do_page_fault+0x600/0xf30
        CPU: 94 PID: 149215 Comm: futex_requeue_p Tainted: G        W         5.5.0-rc7-gcc9x-g4c25df56 #1
        ...
        NIP [c000000000070680] __do_page_fault+0x600/0xf30
        LR [c00000000007067c] __do_page_fault+0x5fc/0xf30
        Call Trace:
        [c00020138e5637e0] [c00000000007067c] __do_page_fault+0x5fc/0xf30 (unreliable)
        [c00020138e5638c0] [c00000000000ada8] handle_page_fault+0x10/0x30
        --- interrupt: 301 at cmpxchg_futex_value_locked+0x68/0xd0
            LR = futex_lock_pi_atomic+0xe0/0x1f0
        [c00020138e563bc0] [c000000000217b50] futex_lock_pi_atomic+0x80/0x1f0 (unreliable)
        [c00020138e563c30] [c00000000021b668] futex_requeue+0x438/0xb60
        [c00020138e563d60] [c00000000021c6cc] do_futex+0x1ec/0x2b0
        [c00020138e563d90] [c00000000021c8b8] sys_futex+0x128/0x200
        [c00020138e563e20] [c00000000000b7ac] system_call+0x5c/0x68
      
      Fixes: de78a9c4 ("powerpc: Add a framework for Kernel Userspace Access Protection")
      Cc: stable@vger.kernel.org # v5.2+
      Reported-by: syzbot+e808452bad7c375cbee6@syzkaller-ppc64.appspotmail.com
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      Reviewed-by: default avatarChristophe Leroy <christophe.leroy@c-s.fr>
      Link: https://lore.kernel.org/r/20200207122145.11928-1-mpe@ellerman.id.au
      9dc086f1
    • Lorenzo Bianconi's avatar
      mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap · d08f3010
      Lorenzo Bianconi authored
      Fix u8 cast reading max_nss from MT_TOP_STRAP_STA register in
      mt7615_eeprom_parse_hw_cap routine
      
      Fixes: acf5457f ("mt76: mt7615: read {tx,rx} mask from eeprom")
      Signed-off-by: default avatarLorenzo Bianconi <lorenzo@kernel.org>
      Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
      d08f3010
    • Linus Torvalds's avatar
      Merge tag 'fuse-fixes-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse · f7571657
      Linus Torvalds authored
      Pull fuse fixes from Miklos Szeredi:
      
       - Fix a regression introduced in v5.1 that triggers WARNINGs for some
         fuse filesystems
      
       - Fix an xfstest failure
      
       - Allow overlayfs to be used on top of fuse/virtiofs
      
       - Code and documentation cleanups
      
      * tag 'fuse-fixes-5.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
        fuse: use true,false for bool variable
        Documentation: filesystems: convert fuse to RST
        fuse: Support RENAME_WHITEOUT flag
        fuse: don't overflow LLONG_MAX with end offset
        fix up iter on short count in fuse_direct_io()
      f7571657
    • Linus Torvalds's avatar
      Merge tag 'gfs2-for-5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 · 175787e0
      Linus Torvalds authored
      Pull gfs2 fixes from Andreas Gruenbacher:
      
       - Fix a bug in Abhi Das's journal head lookup improvements that can
         cause a valid journal to be rejected.
      
       - Fix an O_SYNC write handling bug reported by Christoph Hellwig.
      
      * tag 'gfs2-for-5.6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2:
        gfs2: fix O_SYNC write handling
        gfs2: move setting current->backing_dev_info
        gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0
      175787e0
    • Linus Torvalds's avatar
      Merge tag 'for-linus-5.6-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux · 60ea27e9
      Linus Torvalds authored
      Pull orangefs fix from Mike Marshall:
       "Debugfs fix for orangefs.
      
        Vasliy Averin noticed that 'if seq_file .next function does not change
        position index, read after some lseek can generate unexpected output'
        and sent in this fix"
      
      * tag 'for-linus-5.6-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux:
        help_next should increase position index
      60ea27e9
    • Linus Torvalds's avatar
      Merge tag 'nfsd-5.6' of git://linux-nfs.org/~bfields/linux · 08dffcc7
      Linus Torvalds authored
      Pull nfsd updates from Bruce Fields:
       "Highlights:
      
         - Server-to-server copy code from Olga.
      
           To use it, client and both servers must have support, the target
           server must be able to access the source server over NFSv4.2, and
           the target server must have the inter_copy_offload_enable module
           parameter set.
      
         - Improvements and bugfixes for the new filehandle cache, especially
           in the container case, from Trond
      
         - Also from Trond, better reporting of write errors.
      
         - Y2038 work from Arnd"
      
      * tag 'nfsd-5.6' of git://linux-nfs.org/~bfields/linux: (55 commits)
        sunrpc: expiry_time should be seconds not timeval
        nfsd: make nfsd_filecache_wq variable static
        nfsd4: fix double free in nfsd4_do_async_copy()
        nfsd: convert file cache to use over/underflow safe refcount
        nfsd: Define the file access mode enum for tracing
        nfsd: Fix a perf warning
        nfsd: Ensure sampling of the write verifier is atomic with the write
        nfsd: Ensure sampling of the commit verifier is atomic with the commit
        sunrpc: clean up cache entry add/remove from hashtable
        sunrpc: Fix potential leaks in sunrpc_cache_unhash()
        nfsd: Ensure exclusion between CLONE and WRITE errors
        nfsd: Pass the nfsd_file as arguments to nfsd4_clone_file_range()
        nfsd: Update the boot verifier on stable writes too.
        nfsd: Fix stable writes
        nfsd: Allow nfsd_vfs_write() to take the nfsd_file as an argument
        nfsd: Fix a soft lockup race in nfsd_file_mark_find_or_create()
        nfsd: Reduce the number of calls to nfsd_file_gc()
        nfsd: Schedule the laundrette regularly irrespective of file errors
        nfsd: Remove unused constant NFSD_FILE_LRU_RESCAN
        nfsd: Containerise filecache laundrette
        ...
      08dffcc7
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-5.6-1' of git://git.linux-nfs.org/projects/anna/linux-nfs · f43574d0
      Linus Torvalds authored
      Puyll NFS client updates from Anna Schumaker:
       "Stable bugfixes:
         - Fix memory leaks and corruption in readdir # v2.6.37+
         - Directory page cache needs to be locked when read # v2.6.37+
      
        New features:
         - Convert NFS to use the new mount API
         - Add "softreval" mount option to let clients use cache if server goes down
         - Add a config option to compile without UDP support
         - Limit the number of inactive delegations the client can cache at once
         - Improved readdir concurrency using iterate_shared()
      
        Other bugfixes and cleanups:
         - More 64-bit time conversions
         - Add additional diagnostic tracepoints
         - Check for holes in swapfiles, and add dependency on CONFIG_SWAP
         - Various xprtrdma cleanups to prepare for 5.7's changes
         - Several fixes for NFS writeback and commit handling
         - Fix acls over krb5i/krb5p mounts
         - Recover from premature loss of openstateids
         - Fix NFS v3 chacl and chmod bug
         - Compare creds using cred_fscmp()
         - Use kmemdup_nul() in more places
         - Optimize readdir cache page invalidation
         - Lease renewal and recovery fixes"
      
      * tag 'nfs-for-5.6-1' of git://git.linux-nfs.org/projects/anna/linux-nfs: (93 commits)
        NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals
        NFSv4: try lease recovery on NFS4ERR_EXPIRED
        NFS: Fix memory leaks
        nfs: optimise readdir cache page invalidation
        NFS: Switch readdir to using iterate_shared()
        NFS: Use kmemdup_nul() in nfs_readdir_make_qstr()
        NFS: Directory page cache pages need to be locked when read
        NFS: Fix memory leaks and corruption in readdir
        SUNRPC: Use kmemdup_nul() in rpc_parse_scope_id()
        NFS: Replace various occurrences of kstrndup() with kmemdup_nul()
        NFSv4: Limit the total number of cached delegations
        NFSv4: Add accounting for the number of active delegations held
        NFSv4: Try to return the delegation immediately when marked for return on close
        NFS: Clear NFS_DELEGATION_RETURN_IF_CLOSED when the delegation is returned
        NFSv4: nfs_inode_evict_delegation() should set NFS_DELEGATION_RETURNING
        NFS: nfs_find_open_context() should use cred_fscmp()
        NFS: nfs_access_get_cached_rcu() should use cred_fscmp()
        NFSv4: pnfs_roc() must use cred_fscmp() to compare creds
        NFS: remove unused macros
        nfs: Return EINVAL rather than ERANGE for mount parse errors
        ...
      f43574d0
  4. 07 Feb, 2020 6 commits
    • Martin KaFai Lau's avatar
      bpf: Improve bucket_log calculation logic · 88d6f130
      Martin KaFai Lau authored
      It was reported that the max_t, ilog2, and roundup_pow_of_two macros have
      exponential effects on the number of states in the sparse checker.
      
      This patch breaks them up by calculating the "nbuckets" first so that the
      "bucket_log" only needs to take ilog2().
      
      In addition, Linus mentioned:
      
        Patch looks good, but I'd like to point out that it's not just sparse.
      
        You can see it with a simple
      
          make net/core/bpf_sk_storage.i
          grep 'smap->bucket_log = ' net/core/bpf_sk_storage.i | wc
      
        and see the end result:
      
            1  365071 2686974
      
        That's one line (the assignment line) that is 2,686,974 characters in
        length.
      
        Now, sparse does happen to react particularly badly to that (I didn't
        look to why, but I suspect it's just that evaluating all the types
        that don't actually ever end up getting used ends up being much more
        expensive than it should be), but I bet it's not good for gcc either.
      
      Fixes: 6ac99e8f ("bpf: Introduce bpf sk local storage")
      Reported-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Reported-by: default avatarLuc Van Oostenryck <luc.vanoostenryck@gmail.com>
      Suggested-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarMartin KaFai Lau <kafai@fb.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Reviewed-by: default avatarLuc Van Oostenryck <luc.vanoostenryck@gmail.com>
      Link: https://lore.kernel.org/bpf/20200207081810.3918919-1-kafai@fb.com
      88d6f130
    • Jakub Sitnicki's avatar
      selftests/bpf: Test freeing sockmap/sockhash with a socket in it · 5d3919a9
      Jakub Sitnicki authored
      Commit 7e81a353 ("bpf: Sockmap, ensure sock lock held during tear
      down") introduced sleeping issues inside RCU critical sections and while
      holding a spinlock on sockmap/sockhash tear-down. There has to be at least
      one socket in the map for the problem to surface.
      
      This adds a test that triggers the warnings for broken locking rules. Not a
      fix per se, but rather tooling to verify the accompanying fixes. Run on a
      VM with 1 vCPU to reproduce the warnings.
      
      Fixes: 7e81a353 ("bpf: Sockmap, ensure sock lock held during tear down")
      Signed-off-by: default avatarJakub Sitnicki <jakub@cloudflare.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarJohn Fastabend <john.fastabend@gmail.com>
      Link: https://lore.kernel.org/bpf/20200206111652.694507-4-jakub@cloudflare.com
      5d3919a9
    • Jakub Sitnicki's avatar
      bpf, sockhash: Synchronize_rcu before free'ing map · 0b2dc839
      Jakub Sitnicki authored
      We need to have a synchronize_rcu before free'ing the sockhash because any
      outstanding psock references will have a pointer to the map and when they
      use it, this could trigger a use after free.
      
      This is a sister fix for sockhash, following commit 2bb90e5c ("bpf:
      sockmap, synchronize_rcu before free'ing map") which addressed sockmap,
      which comes from a manual audit.
      
      Fixes: 604326b4 ("bpf, sockmap: convert to generic sk_msg interface")
      Signed-off-by: default avatarJakub Sitnicki <jakub@cloudflare.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarJohn Fastabend <john.fastabend@gmail.com>
      Link: https://lore.kernel.org/bpf/20200206111652.694507-3-jakub@cloudflare.com
      0b2dc839
    • Jakub Sitnicki's avatar
      bpf, sockmap: Don't sleep while holding RCU lock on tear-down · db6a5018
      Jakub Sitnicki authored
      rcu_read_lock is needed to protect access to psock inside sock_map_unref
      when tearing down the map. However, we can't afford to sleep in lock_sock
      while in RCU read-side critical section. Grab the RCU lock only after we
      have locked the socket.
      
      This fixes RCU warnings triggerable on a VM with 1 vCPU when free'ing a
      sockmap/sockhash that contains at least one socket:
      
      | =============================
      | WARNING: suspicious RCU usage
      | 5.5.0-04005-g8fc91b97 #450 Not tainted
      | -----------------------------
      | include/linux/rcupdate.h:272 Illegal context switch in RCU read-side critical section!
      |
      | other info that might help us debug this:
      |
      |
      | rcu_scheduler_active = 2, debug_locks = 1
      | 4 locks held by kworker/0:1/62:
      |  #0: ffff88813b019748 ((wq_completion)events){+.+.}, at: process_one_work+0x1d7/0x5e0
      |  #1: ffffc900000abe50 ((work_completion)(&map->work)){+.+.}, at: process_one_work+0x1d7/0x5e0
      |  #2: ffffffff82065d20 (rcu_read_lock){....}, at: sock_map_free+0x5/0x170
      |  #3: ffff8881368c5df8 (&stab->lock){+...}, at: sock_map_free+0x64/0x170
      |
      | stack backtrace:
      | CPU: 0 PID: 62 Comm: kworker/0:1 Not tainted 5.5.0-04005-g8fc91b97 #450
      | Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014
      | Workqueue: events bpf_map_free_deferred
      | Call Trace:
      |  dump_stack+0x71/0xa0
      |  ___might_sleep+0x105/0x190
      |  lock_sock_nested+0x28/0x90
      |  sock_map_free+0x95/0x170
      |  bpf_map_free_deferred+0x58/0x80
      |  process_one_work+0x260/0x5e0
      |  worker_thread+0x4d/0x3e0
      |  kthread+0x108/0x140
      |  ? process_one_work+0x5e0/0x5e0
      |  ? kthread_park+0x90/0x90
      |  ret_from_fork+0x3a/0x50
      
      | =============================
      | WARNING: suspicious RCU usage
      | 5.5.0-04005-g8fc91b97-dirty #452 Not tainted
      | -----------------------------
      | include/linux/rcupdate.h:272 Illegal context switch in RCU read-side critical section!
      |
      | other info that might help us debug this:
      |
      |
      | rcu_scheduler_active = 2, debug_locks = 1
      | 4 locks held by kworker/0:1/62:
      |  #0: ffff88813b019748 ((wq_completion)events){+.+.}, at: process_one_work+0x1d7/0x5e0
      |  #1: ffffc900000abe50 ((work_completion)(&map->work)){+.+.}, at: process_one_work+0x1d7/0x5e0
      |  #2: ffffffff82065d20 (rcu_read_lock){....}, at: sock_hash_free+0x5/0x1d0
      |  #3: ffff888139966e00 (&htab->buckets[i].lock){+...}, at: sock_hash_free+0x92/0x1d0
      |
      | stack backtrace:
      | CPU: 0 PID: 62 Comm: kworker/0:1 Not tainted 5.5.0-04005-g8fc91b97-dirty #452
      | Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014
      | Workqueue: events bpf_map_free_deferred
      | Call Trace:
      |  dump_stack+0x71/0xa0
      |  ___might_sleep+0x105/0x190
      |  lock_sock_nested+0x28/0x90
      |  sock_hash_free+0xec/0x1d0
      |  bpf_map_free_deferred+0x58/0x80
      |  process_one_work+0x260/0x5e0
      |  worker_thread+0x4d/0x3e0
      |  kthread+0x108/0x140
      |  ? process_one_work+0x5e0/0x5e0
      |  ? kthread_park+0x90/0x90
      |  ret_from_fork+0x3a/0x50
      
      Fixes: 7e81a353 ("bpf: Sockmap, ensure sock lock held during tear down")
      Signed-off-by: default avatarJakub Sitnicki <jakub@cloudflare.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarJohn Fastabend <john.fastabend@gmail.com>
      Link: https://lore.kernel.org/bpf/20200206111652.694507-2-jakub@cloudflare.com
      db6a5018
    • Toke Høiland-Jørgensen's avatar
      bpftool: Don't crash on missing xlated program instructions · d95f1e8b
      Toke Høiland-Jørgensen authored
      Turns out the xlated program instructions can also be missing if
      kptr_restrict sysctl is set. This means that the previous fix to check the
      jited_prog_insns pointer was insufficient; add another check of the
      xlated_prog_insns pointer as well.
      
      Fixes: 5b79bcdf ("bpftool: Don't crash on missing jited insns or ksyms")
      Fixes: cae73f23 ("bpftool: use bpf_program__get_prog_info_linear() in prog.c:do_dump()")
      Signed-off-by: default avatarToke Høiland-Jørgensen <toke@redhat.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Reviewed-by: default avatarQuentin Monnet <quentin@isovalent.com>
      Link: https://lore.kernel.org/bpf/20200206102906.112551-1-toke@redhat.com
      d95f1e8b
    • Lorenz Bauer's avatar
      bpf, sockmap: Check update requirements after locking · 85b8ac01
      Lorenz Bauer authored
      It's currently possible to insert sockets in unexpected states into
      a sockmap, due to a TOCTTOU when updating the map from a syscall.
      sock_map_update_elem checks that sk->sk_state == TCP_ESTABLISHED,
      locks the socket and then calls sock_map_update_common. At this
      point, the socket may have transitioned into another state, and
      the earlier assumptions don't hold anymore. Crucially, it's
      conceivable (though very unlikely) that a socket has become unhashed.
      This breaks the sockmap's assumption that it will get a callback
      via sk->sk_prot->unhash.
      
      Fix this by checking the (fixed) sk_type and sk_protocol without the
      lock, followed by a locked check of sk_state.
      
      Unfortunately it's not possible to push the check down into
      sock_(map|hash)_update_common, since BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB
      run before the socket has transitioned from TCP_SYN_RECV into
      TCP_ESTABLISHED.
      
      Fixes: 604326b4 ("bpf, sockmap: convert to generic sk_msg interface")
      Signed-off-by: default avatarLorenz Bauer <lmb@cloudflare.com>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Reviewed-by: default avatarJakub Sitnicki <jakub@cloudflare.com>
      Link: https://lore.kernel.org/bpf/20200207103713.28175-1-lmb@cloudflare.com
      85b8ac01