1. 05 Mar, 2024 9 commits
    • Ivan Vecera's avatar
      i40e: Fix firmware version comparison function · 36c824ca
      Ivan Vecera authored
      Helper i40e_is_fw_ver_eq() compares incorrectly given firmware version
      as it returns true when the major version of running firmware is
      greater than the given major version that is wrong and results in
      failure during getting of DCB configuration where this helper is used.
      Fix the check and return true only if the running FW version is exactly
      equals to the given version.
      
      Reproducer:
      1. Load i40e driver
      2. Check dmesg output
      
      [root@host ~]# modprobe i40e
      [root@host ~]# dmesg | grep 'i40e.*DCB'
      [   74.750642] i40e 0000:02:00.0: Query for DCB configuration failed, err -EIO aq_err I40E_AQ_RC_EINVAL
      [   74.759770] i40e 0000:02:00.0: DCB init failed -5, disabled
      [   74.966550] i40e 0000:02:00.1: Query for DCB configuration failed, err -EIO aq_err I40E_AQ_RC_EINVAL
      [   74.975683] i40e 0000:02:00.1: DCB init failed -5, disabled
      
      Fixes: cf488e13 ("i40e: Add other helpers to check version of running firmware and AQ API")
      Signed-off-by: default avatarIvan Vecera <ivecera@redhat.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      36c824ca
    • Jesse Brandeburg's avatar
      ice: fix typo in assignment · 6c5b6ca7
      Jesse Brandeburg authored
      Fix an obviously incorrect assignment, created with a typo or cut-n-paste
      error.
      
      Fixes: 5995ef88 ("ice: realloc VSI stats arrays")
      Signed-off-by: default avatarJesse Brandeburg <jesse.brandeburg@intel.com>
      Reviewed-by: default avatarSimon Horman <horms@kernel.org>
      Reviewed-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      6c5b6ca7
    • Michal Schmidt's avatar
      ice: fix uninitialized dplls mutex usage · 9224fc86
      Michal Schmidt authored
      The pf->dplls.lock mutex is initialized too late, after its first use.
      Move it to the top of ice_dpll_init.
      Note that the "err_exit" error path destroys the mutex. And the mutex is
      the last thing destroyed in ice_dpll_deinit.
      This fixes the following warning with CONFIG_DEBUG_MUTEXES:
      
       ice 0000:10:00.0: The DDP package was successfully loaded: ICE OS Default Package version 1.3.36.0
       ice 0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16 link)
       ice 0000:10:00.0: PTP init successful
       ------------[ cut here ]------------
       DEBUG_LOCKS_WARN_ON(lock->magic != lock)
       WARNING: CPU: 0 PID: 410 at kernel/locking/mutex.c:587 __mutex_lock+0x773/0xd40
       Modules linked in: crct10dif_pclmul crc32_pclmul crc32c_intel polyval_clmulni polyval_generic ice(+) nvme nvme_c>
       CPU: 0 PID: 410 Comm: kworker/0:4 Not tainted 6.8.0-rc5+ #3
       Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant DL110 Gen10 Plus, BIOS U56 10/19/2023
       Workqueue: events work_for_cpu_fn
       RIP: 0010:__mutex_lock+0x773/0xd40
       Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d 9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a>
       RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286
       RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000
       RDX: 0000000000000002 RSI: ffffffff85ac2bff RDI: 00000000ffffffff
       RBP: ff7eb1a3417a7b80 R08: 0000000000000000 R09: 00000000ffffbfff
       R10: ff7eb1a3417a7978 R11: ff32b80f7fd2e568 R12: 0000000000000000
       R13: 0000000000000000 R14: 0000000000000000 R15: ff32b7f02c50e0d8
       FS:  0000000000000000(0000) GS:ff32b80efe800000(0000) knlGS:0000000000000000
       CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
       CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4: 0000000000771ef0
       DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
       DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
       PKRU: 55555554
       Call Trace:
        <TASK>
        ? __warn+0x84/0x170
        ? __mutex_lock+0x773/0xd40
        ? report_bug+0x1c7/0x1d0
        ? prb_read_valid+0x1b/0x30
        ? handle_bug+0x42/0x70
        ? exc_invalid_op+0x18/0x70
        ? asm_exc_invalid_op+0x1a/0x20
        ? __mutex_lock+0x773/0xd40
        ? rcu_is_watching+0x11/0x50
        ? __kmalloc_node_track_caller+0x346/0x490
        ? ice_dpll_lock_status_get+0x28/0x50 [ice]
        ? __pfx_ice_dpll_lock_status_get+0x10/0x10 [ice]
        ? ice_dpll_lock_status_get+0x28/0x50 [ice]
        ice_dpll_lock_status_get+0x28/0x50 [ice]
        dpll_device_get_one+0x14f/0x2e0
        dpll_device_event_send+0x7d/0x150
        dpll_device_register+0x124/0x180
        ice_dpll_init_dpll+0x7b/0xd0 [ice]
        ice_dpll_init+0x224/0xa40 [ice]
        ? _dev_info+0x70/0x90
        ice_load+0x468/0x690 [ice]
        ice_probe+0x75b/0xa10 [ice]
        ? _raw_spin_unlock_irqrestore+0x4f/0x80
        ? process_one_work+0x1a3/0x500
        local_pci_probe+0x47/0xa0
        work_for_cpu_fn+0x17/0x30
        process_one_work+0x20d/0x500
        worker_thread+0x1df/0x3e0
        ? __pfx_worker_thread+0x10/0x10
        kthread+0x103/0x140
        ? __pfx_kthread+0x10/0x10
        ret_from_fork+0x31/0x50
        ? __pfx_kthread+0x10/0x10
        ret_from_fork_asm+0x1b/0x30
        </TASK>
       irq event stamp: 125197
       hardirqs last  enabled at (125197): [<ffffffff8416409d>] finish_task_switch.isra.0+0x12d/0x3d0
       hardirqs last disabled at (125196): [<ffffffff85134044>] __schedule+0xea4/0x19f0
       softirqs last  enabled at (105334): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60
       softirqs last disabled at (105332): [<ffffffff84e1e65a>] napi_get_frags_check+0x1a/0x60
       ---[ end trace 0000000000000000 ]---
      
      Fixes: d7999f5e ("ice: implement dpll interface to control cgu")
      Signed-off-by: default avatarMichal Schmidt <mschmidt@redhat.com>
      Reviewed-by: default avatarMaciej Fijalkowski <maciej.fijalkowski@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      9224fc86
    • Rand Deeb's avatar
      net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() · 06e456a0
      Rand Deeb authored
      The function ice_bridge_setlink() may encounter a NULL pointer dereference
      if nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently
      in nla_for_each_nested(). To address this issue, add a check to ensure that
      br_spec is not NULL before proceeding with the nested attribute iteration.
      
      Fixes: b1edc14a ("ice: Implement ice_bridge_getlink and ice_bridge_setlink")
      Signed-off-by: default avatarRand Deeb <rand.sec96@gmail.com>
      Reviewed-by: default avatarSimon Horman <horms@kernel.org>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      06e456a0
    • Jacob Keller's avatar
      ice: virtchnl: stop pretending to support RSS over AQ or registers · 2652b99e
      Jacob Keller authored
      The E800 series hardware uses the same iAVF driver as older devices,
      including the virtchnl negotiation scheme.
      
      This negotiation scheme includes a mechanism to determine what type of RSS
      should be supported, including RSS over PF virtchnl messages, RSS over
      firmware AdminQ messages, and RSS via direct register access.
      
      The PF driver will always prefer VIRTCHNL_VF_OFFLOAD_RSS_PF if its
      supported by the VF driver. However, if an older VF driver is loaded, it
      may request only VIRTCHNL_VF_OFFLOAD_RSS_REG or VIRTCHNL_VF_OFFLOAD_RSS_AQ.
      
      The ice driver happily agrees to support these methods. Unfortunately, the
      underlying hardware does not support these mechanisms. The E800 series VFs
      don't have the appropriate registers for RSS_REG. The mailbox queue used by
      VFs for VF to PF communication blocks messages which do not have the
      VF-to-PF opcode.
      
      Stop lying to the VF that it could support RSS over AdminQ or registers, as
      these interfaces do not work when the hardware is operating on an E800
      series device.
      
      In practice this is unlikely to be hit by any normal user. The iAVF driver
      has supported RSS over PF virtchnl commands since 2016, and always defaults
      to using RSS_PF if possible.
      
      In principle, nothing actually stops the existing VF from attempting to
      access the registers or send an AQ command. However a properly coded VF
      will check the capability flags and will report a more useful error if it
      detects a case where the driver does not support the RSS offloads that it
      does.
      
      Fixes: 1071a835 ("ice: Implement virtchnl commands for AVF support")
      Signed-off-by: default avatarJacob Keller <jacob.e.keller@intel.com>
      Reviewed-by: default avatarAlan Brady <alan.brady@intel.com>
      Tested-by: default avatarRafal Romanowski <rafal.romanowski@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      2652b99e
    • Emil Tantilov's avatar
      idpf: disable local BH when scheduling napi for marker packets · 33006858
      Emil Tantilov authored
      Fix softirq's not being handled during napi_schedule() call when
      receiving marker packets for queue disable by disabling local bottom
      half.
      
      The issue can be seen on ifdown:
      NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
      
      Using ftrace to catch the failing scenario:
      ifconfig   [003] d.... 22739.830624: softirq_raise: vec=3 [action=NET_RX]
      <idle>-0   [003] ..s.. 22739.831357: softirq_entry: vec=3 [action=NET_RX]
      
      No interrupt and CPU is idle.
      
      After the patch when disabling local BH before calling napi_schedule:
      ifconfig   [003] d.... 22993.928336: softirq_raise: vec=3 [action=NET_RX]
      ifconfig   [003] ..s1. 22993.928337: softirq_entry: vec=3 [action=NET_RX]
      
      Fixes: c2d548ca ("idpf: add TX splitq napi poll support")
      Reviewed-by: default avatarJesse Brandeburg <jesse.brandeburg@intel.com>
      Reviewed-by: default avatarPrzemek Kitszel <przemyslaw.kitszel@intel.com>
      Signed-off-by: default avatarEmil Tantilov <emil.s.tantilov@intel.com>
      Signed-off-by: default avatarAlan Brady <alan.brady@intel.com>
      Reviewed-by: default avatarSimon Horman <horms@kernel.org>
      Tested-by: default avatarKrishneil Singh <krishneil.k.singh@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      33006858
    • Jakub Kicinski's avatar
      Merge tag 'mlx5-fixes-2024-03-01' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux · 4daa8731
      Jakub Kicinski authored
      Saeed Mahameed says:
      
      ====================
      mlx5 fixes 2024-03-01
      
      This series provides bug fixes to mlx5 driver.
      Please pull and let me know if there is any problem.
      
      * tag 'mlx5-fixes-2024-03-01' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux:
        net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context
        net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map
        net/mlx5e: Fix MACsec state loss upon state update in offload path
        net/mlx5e: Change the warning when ignore_flow_level is not supported
        net/mlx5: Check capability for fw_reset
        net/mlx5: Fix fw reporter diagnose output
        net/mlx5: E-switch, Change flow rule destination checking
        Revert "net/mlx5e: Check the number of elements before walk TC rhashtable"
        Revert "net/mlx5: Block entering switchdev mode with ns inconsistency"
      ====================
      
      Link: https://lore.kernel.org/r/20240302070318.62997-1-saeed@kernel.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      4daa8731
    • Jakub Kicinski's avatar
      Merge branch '10GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue · 47fe2fc1
      Jakub Kicinski authored
      Tony Nguyen says:
      
      ====================
      Intel Wired LAN Driver Updates 2024-03-01 (ixgbe, i40e, ice)
      
      This series contains updates to ixgbe, i40e, and ice drivers.
      
      Maciej corrects disable flow for ixgbe, i40e, and ice drivers which could
      cause non-functional interface with AF_XDP.
      
      Michal restores host configuration when changing MSI-X count for VFs on
      ice driver.
      
      * '10GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue:
        ice: reconfig host after changing MSI-X on VF
        ice: reorder disabling IRQ and NAPI in ice_qp_dis
        i40e: disable NAPI right after disabling irqs when handling xsk_pool
        ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
      ====================
      
      Link: https://lore.kernel.org/r/20240301192549.2993798-1-anthony.l.nguyen@intel.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      47fe2fc1
    • Horatiu Vultur's avatar
      net: sparx5: Fix use after free inside sparx5_del_mact_entry · 89d72d41
      Horatiu Vultur authored
      Based on the static analyzis of the code it looks like when an entry
      from the MAC table was removed, the entry was still used after being
      freed. More precise the vid of the mac_entry was used after calling
      devm_kfree on the mac_entry.
      The fix consists in first using the vid of the mac_entry to delete the
      entry from the HW and after that to free it.
      
      Fixes: b37a1bae ("net: sparx5: add mactable support")
      Signed-off-by: default avatarHoratiu Vultur <horatiu.vultur@microchip.com>
      Reviewed-by: default avatarSimon Horman <horms@kernel.org>
      Link: https://lore.kernel.org/r/20240301080608.3053468-1-horatiu.vultur@microchip.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      89d72d41
  2. 04 Mar, 2024 6 commits
    • David S. Miller's avatar
      Merge branch 'mptcp-test-fixes' · 948abb59
      David S. Miller authored
      Matthieu Baerts says:
      
      ====================
      selftests: mptcp: fixes for diag.sh
      
      Here are two patches fixing issues in MPTCP diag.sh kselftest:
      
      - Patch 1 makes sure the exit code is '1' in case of error, and not the
        test ID, not to return an exit code that would be wrongly interpreted
        by the ksefltests framework, e.g. '4' means 'skip'.
      
      - Patch 2 avoids waiting for unnecessary conditions, which can cause
        timeouts in some very slow environments.
      ====================
      Signed-off-by: default avatarMatthieu Baerts (NGI0) <matttbe@kernel.org>
      948abb59
    • Matthieu Baerts (NGI0)'s avatar
      selftests: mptcp: diag: avoid extra waiting · f05d2283
      Matthieu Baerts (NGI0) authored
      When creating a lot of listener sockets, it is enough to wait only for
      the last one, like we are doing before in diag.sh for other subtests.
      
      If we do a check for each listener sockets, each time listing all
      available sockets, it can take a very long time in very slow
      environments, at the point we can reach some timeout.
      
      When using the debug kconfig, the waiting time switches from more than
      8 sec to 0.1 sec on my side. In slow/busy environments, and with a poll
      timeout set to 30 ms, the waiting time could go up to ~100 sec because
      the listener socket would timeout and stop, while the script would still
      be checking one by one if all sockets are ready. The result is that
      after having waited for everything to be ready, all sockets have been
      stopped due to a timeout, and it is too late for the script to check how
      many there were.
      
      While at it, also removed ss options we don't need: we only need the
      filtering options, to count how many listener sockets have been created.
      We don't need to ask ss to display internal TCP information, and the
      memory if the output is dropped by the 'wc -l' command anyway.
      
      Fixes: b4b51d36 ("selftests: mptcp: explicitly trigger the listener diag code-path")
      Reported-by: default avatarJakub Kicinski <kuba@kernel.org>
      Closes: https://lore.kernel.org/r/20240301063754.2ecefecf@kernel.orgSigned-off-by: default avatarMatthieu Baerts (NGI0) <matttbe@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f05d2283
    • Geliang Tang's avatar
      selftests: mptcp: diag: return KSFT_FAIL not test_cnt · 45bcc034
      Geliang Tang authored
      The test counter 'test_cnt' should not be returned in diag.sh, e.g. what
      if only the 4th test fail? Will do 'exit 4' which is 'exit ${KSFT_SKIP}',
      the whole test will be marked as skipped instead of 'failed'!
      
      So we should do ret=${KSFT_FAIL} instead.
      
      Fixes: df62f2ec ("selftests/mptcp: add diag interface tests")
      Cc: stable@vger.kernel.org
      Fixes: 42fb6cdd ("selftests: mptcp: more stable diag tests")
      Signed-off-by: default avatarGeliang Tang <tanggeliang@kylinos.cn>
      Reviewed-by: default avatarMatthieu Baerts (NGI0) <matttbe@kernel.org>
      Signed-off-by: default avatarMatthieu Baerts (NGI0) <matttbe@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      45bcc034
    • Jakub Kicinski's avatar
      page_pool: fix netlink dump stop/resume · 429679dc
      Jakub Kicinski authored
      If message fills up we need to stop writing. 'break' will
      only get us out of the iteration over pools of a single
      netdev, we need to also stop walking netdevs.
      
      This results in either infinite dump, or missing pools,
      depending on whether message full happens on the last
      netdev (infinite dump) or non-last (missing pools).
      
      Fixes: 950ab53b ("net: page_pool: implement GET in the netlink API")
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      429679dc
    • Eric Dumazet's avatar
      geneve: make sure to pull inner header in geneve_rx() · 1ca1ba46
      Eric Dumazet authored
      syzbot triggered a bug in geneve_rx() [1]
      
      Issue is similar to the one I fixed in commit 8d975c15
      ("ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()")
      
      We have to save skb->network_header in a temporary variable
      in order to be able to recompute the network_header pointer
      after a pskb_inet_may_pull() call.
      
      pskb_inet_may_pull() makes sure the needed headers are in skb->head.
      
      [1]
      BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]
       BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]
       BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391
        IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]
        geneve_rx drivers/net/geneve.c:279 [inline]
        geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391
        udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108
        udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186
        udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346
        __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422
        udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604
        ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205
        ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233
        NF_HOOK include/linux/netfilter.h:314 [inline]
        ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254
        dst_input include/net/dst.h:461 [inline]
        ip_rcv_finish net/ipv4/ip_input.c:449 [inline]
        NF_HOOK include/linux/netfilter.h:314 [inline]
        ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569
        __netif_receive_skb_one_core net/core/dev.c:5534 [inline]
        __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648
        process_backlog+0x480/0x8b0 net/core/dev.c:5976
        __napi_poll+0xe3/0x980 net/core/dev.c:6576
        napi_poll net/core/dev.c:6645 [inline]
        net_rx_action+0x8b8/0x1870 net/core/dev.c:6778
        __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553
        do_softirq+0x9a/0xf0 kernel/softirq.c:454
        __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381
        local_bh_enable include/linux/bottom_half.h:33 [inline]
        rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]
        __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378
        dev_queue_xmit include/linux/netdevice.h:3171 [inline]
        packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276
        packet_snd net/packet/af_packet.c:3081 [inline]
        packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113
        sock_sendmsg_nosec net/socket.c:730 [inline]
        __sock_sendmsg net/socket.c:745 [inline]
        __sys_sendto+0x735/0xa10 net/socket.c:2191
        __do_sys_sendto net/socket.c:2203 [inline]
        __se_sys_sendto net/socket.c:2199 [inline]
        __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199
        do_syscall_x64 arch/x86/entry/common.c:52 [inline]
        do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
       entry_SYSCALL_64_after_hwframe+0x63/0x6b
      
      Uninit was created at:
        slab_post_alloc_hook mm/slub.c:3819 [inline]
        slab_alloc_node mm/slub.c:3860 [inline]
        kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903
        kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560
        __alloc_skb+0x352/0x790 net/core/skbuff.c:651
        alloc_skb include/linux/skbuff.h:1296 [inline]
        alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394
        sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783
        packet_alloc_skb net/packet/af_packet.c:2930 [inline]
        packet_snd net/packet/af_packet.c:3024 [inline]
        packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113
        sock_sendmsg_nosec net/socket.c:730 [inline]
        __sock_sendmsg net/socket.c:745 [inline]
        __sys_sendto+0x735/0xa10 net/socket.c:2191
        __do_sys_sendto net/socket.c:2203 [inline]
        __se_sys_sendto net/socket.c:2199 [inline]
        __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199
        do_syscall_x64 arch/x86/entry/common.c:52 [inline]
        do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
       entry_SYSCALL_64_after_hwframe+0x63/0x6b
      
      Fixes: 2d07dc79 ("geneve: add initial netdev driver for GENEVE tunnels")
      Reported-and-tested-by: syzbot+6a1423ff3f97159aae64@syzkaller.appspotmail.com
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reviewed-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1ca1ba46
    • Steven Rostedt (Google)'s avatar
      tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string · 51270d57
      Steven Rostedt (Google) authored
      I'm updating __assign_str() and will be removing the second parameter. To
      make sure that it does not break anything, I make sure that it matches the
      __string() field, as that is where the string is actually going to be
      saved in. To make sure there's nothing that breaks, I added a WARN_ON() to
      make sure that what was used in __string() is the same that is used in
      __assign_str().
      
      In doing this change, an error was triggered as __assign_str() now expects
      the string passed in to be a char * value. I instead had the following
      warning:
      
      include/trace/events/qdisc.h: In function ‘trace_event_raw_event_qdisc_reset’:
      include/trace/events/qdisc.h:91:35: error: passing argument 1 of 'strcmp' from incompatible pointer type [-Werror=incompatible-pointer-types]
         91 |                 __assign_str(dev, qdisc_dev(q));
      
      That's because the qdisc_enqueue() and qdisc_reset() pass in qdisc_dev(q)
      to __assign_str() and to __string(). But that function returns a pointer
      to struct net_device and not a string.
      
      It appears that these events are just saving the pointer as a string and
      then reading it as a string as well.
      
      Use qdisc_dev(q)->name to save the device instead.
      
      Fixes: a34dac0b ("net_sched: add tracepoints for qdisc_reset() and qdisc_destroy()")
      Signed-off-by: default avatarSteven Rostedt (Google) <rostedt@goodmis.org>
      Reviewed-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      51270d57
  3. 02 Mar, 2024 9 commits
  4. 01 Mar, 2024 8 commits
  5. 29 Feb, 2024 8 commits