1. 01 Apr, 2015 8 commits
    • Hariprasad Shenai's avatar
      cxgb4: Firmware macro changes for fw verison 1.13.32.0 · 7ef65a42
      Hariprasad Shenai authored
      Adds new macro and few macro changes for fw version 1.13.32.0 also
      changes version string in driver to match 1.13.32.0
      Signed-off-by: default avatarHariprasad Shenai <hariprasad@chelsio.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ef65a42
    • David S. Miller's avatar
      Merge tag 'mac80211-for-davem-2015-04-01' of... · af3e09e6
      David S. Miller authored
      Merge tag 'mac80211-for-davem-2015-04-01' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
      
      Johannes Berg says:
      
      ====================
      This contains just a single fix for a crash I happened to randomly
      run into today during testing. It's clearly been around for a while,
      but is pretty hard to trigger, even when I tried explicitly (and
      modified the code to make it more likely) it rarely did.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      af3e09e6
    • David S. Miller's avatar
      Merge branch 'bnx2' · 9c026424
      David S. Miller authored
      Yuval Mintz says:
      
      ====================
      bnx2x: kdump related fixes
      
      This patch series aims to fix bnx2x driver issues when loading in kdump kernel.
      Both issues fixed here would be fatal to the device, requiring full reset of
      the system in order to recover, preventing the device from serving its purpose
      in the kdump environment.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9c026424
    • Yuval Mintz's avatar
      bnx2x: Fix kdump when iommu=on · da254fbc
      Yuval Mintz authored
      When IOMM-vtd is active, once main kernel crashes unfinished DMAE transactions
      will be blocked, putting the HW in an error state which will cause further
      transactions to timeout.
      
      Current employed logic uses wrong macros, causing the first function to be the
      only function that cleanups that error state during its probe/load.
      
      This patch allows all the functions to successfully re-load in kdump kernel.
      Signed-off-by: default avatarYuval Mintz <Yuval.Mintz@qlogic.com>
      Signed-off-by: default avatarAriel Elior <Ariel.Elior@qlogic.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      da254fbc
    • Yuval Mintz's avatar
      bnx2x: Fix kdump on 4-port device · 3d6b7253
      Yuval Mintz authored
      When running in a kdump kernel, it's very likely that due to sync. loss with
      management firmware the first PCI function to probe and reach the previous
      unload flow would decide it can reset the chip and continue onward. While doing
      so, it will only close its own Rx port.
      
      On a 4-port device where 2nd port on engine is a 1g-port, the 2nd port would
      allow ingress traffic after the chip is reset [assuming it was active on the
      first kernel]. This would later cause a HW attention.
      
      This changes driver flow to close both ports' 1g capabilities during the
      previous driver unload flow prior to the chip reset.
      Signed-off-by: default avatarYuval Mintz <Yuval.Mintz@qlogic.com>
      Signed-off-by: default avatarAriel Elior <Ariel.Elior@qlogic.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3d6b7253
    • Johannes Berg's avatar
      mac80211: fix RX A-MPDU session reorder timer deletion · 788211d8
      Johannes Berg authored
      There's an issue with the way the RX A-MPDU reorder timer is
      deleted that can cause a kernel crash like this:
      
       * tid_rx is removed - call_rcu(ieee80211_free_tid_rx)
       * station is destroyed
       * reorder timer fires before ieee80211_free_tid_rx() runs,
         accessing the station, thus potentially crashing due to
         the use-after-free
      
      The station deletion is protected by synchronize_net(), but
      that isn't enough -- ieee80211_free_tid_rx() need not have
      run when that returns (it deletes the timer.) We could use
      rcu_barrier() instead of synchronize_net(), but that's much
      more expensive.
      
      Instead, to fix this, add a field tracking that the session
      is being deleted. In this case, the only re-arming of the
      timer happens with the reorder spinlock held, so make that
      code not rearm it if the session is being deleted and also
      delete the timer after setting that field. This ensures the
      timer cannot fire after ___ieee80211_stop_rx_ba_session()
      returns, which fixes the problem.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      788211d8
    • Jeff Kirsher's avatar
      MAINTAINERS: Update Intel Wired Ethernet Driver info · 2f302324
      Jeff Kirsher authored
      Update the git tree info with a recent change in tree names.  Also
      add our new mailing list created solely for Linux kernel patches
      and kernel development, as well as the new patchwork project for
      tracking patches.  Lastly update the list of "reviewers" since a
      couple of developers have moved on to different projects.
      
      Made an update to the section header so that it is more manageable
      going forward as we add new drivers.
      Signed-off-by: default avatarJeff Kirsher <jeffrey.t.kirsher@intel.com>
      2f302324
    • Ying Xue's avatar
      tipc: fix a slab object leak · 7e436905
      Ying Xue authored
      When remove TIPC module, there is a warning to remind us that a slab
      object is leaked like:
      
      root@localhost:~# rmmod tipc
      [   19.056226] =============================================================================
      [   19.057549] BUG TIPC (Not tainted): Objects remaining in TIPC on kmem_cache_close()
      [   19.058736] -----------------------------------------------------------------------------
      [   19.058736]
      [   19.060287] INFO: Slab 0xffffea0000519a00 objects=23 used=1 fp=0xffff880014668b00 flags=0x100000000004080
      [   19.061915] INFO: Object 0xffff880014668000 @offset=0
      [   19.062717] kmem_cache_destroy TIPC: Slab cache still has objects
      
      This is because the listening socket of TIPC topology server is not
      closed before TIPC proto handler is unregistered with proto_unregister().
      However, as the socket is closed in tipc_exit_net() which is called by
      unregister_pernet_subsys() during unregistering TIPC namespace operation,
      the warning can be eliminated if calling unregister_pernet_subsys() is
      moved before calling proto_unregister().
      
      Fixes: e05b31f4 ("tipc: make tipc socket support net namespace")
      Reviewed-by: default avatarErik Hugne <erik.hugne@ericsson.com>
      Signed-off-by: default avatarYing Xue <ying.xue@windriver.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7e436905
  2. 31 Mar, 2015 10 commits
  3. 29 Mar, 2015 10 commits
  4. 25 Mar, 2015 2 commits
  5. 24 Mar, 2015 10 commits
    • Cliff Clark's avatar
      ucc_geth: Intialize link state to down before register_netdev · 1452db76
      Cliff Clark authored
      ucc_geth was indicating link up after a port is administratively enabled even
      when nothing is plugged in.  This causes user-space tools to see a spurious link
      up the first time after boot.
      Signed-off-by: default avatarCliff Clark <cliff_clark@selinc.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1452db76
    • David S. Miller's avatar
      Merge branch 'mlx4' · 8ad48372
      David S. Miller authored
      Or Gerlitz says:
      
      ====================
      mlx4 driver RC fixes
      
      Ido's patch should go to -stable of >= 3.14 too, the issue is older but it
      hits us with VXLAN for which driver support dates there.
      
      As for Jack's fix, for the time being, picking it to 4.0 is OK.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8ad48372
    • Jack Morgenstein's avatar
      net/mlx4_core: Fix GEN_EQE accessing uninitialixed mutex · bffb023a
      Jack Morgenstein authored
      We occasionally see in procedure mlx4_GEN_EQE that the driver tries
      to grab an uninitialized mutex.
      
      This can occur in only one of two ways:
      1. We are trying to generate an async event on an uninitialized slave.
      2. We are trying to generate an async event on an illegal slave number
         ( < 0 or > persist->num_vfs) or an inactive slave.
      
      To deal with #1: move the mutex initialization from specific slave init
      sequence in procedure mlx_master_do_cmd to mlx4_multi_func_init() (so that
      the mutex is always initialized for all slaves).
      
      To deal with #2: check in procedure mlx4_GEN_EQE that the slave number
      provided is in the proper range and that the slave is active.
      Signed-off-by: default avatarJack Morgenstein <jackm@dev.mellanox.co.il>
      Signed-off-by: default avatarOr Gerlitz <ogerlitz@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bffb023a
    • Ido Shamay's avatar
      net/mlx4_en: Call register_netdevice in the proper location · e5eda89d
      Ido Shamay authored
      Netdevice registration should be performed a the end of the driver
      initialization flow. If we don't do that, after calling register_netdevice,
      device callbacks may be issued by higher layers of the stack before
      final configuration of the device is done.
      
      For example (VXLAN configuration race), mlx4_SET_PORT_VXLAN was issued
      after the register_netdev command. System network scripts may configure
      the interface (UP) right after the registration, which also attach
      unicast VXLAN steering rule, before mlx4_SET_PORT_VXLAN was called,
      causing the firmware to fail the rule attachment.
      
      Fixes: 837052d0 ("net/mlx4_en: Add netdev support for TCP/IP offloads of vxlan tunneling")
      Signed-off-by: default avatarIdo Shamay <idos@mellanox.com>
      Signed-off-by: default avatarOr Gerlitz <ogerlitz@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e5eda89d
    • David S. Miller's avatar
      Merge tag 'wireless-drivers-for-davem-2015-03-24' of... · e43e5052
      David S. Miller authored
      Merge tag 'wireless-drivers-for-davem-2015-03-24' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers
      
      iwlwifi:
      
      * avoid panic with lots of IBSS stations
      * Fix dvm's behavior after suspend resume
      * Allow to keep connection after CSA failure
      * Remove a noisy by harmless WARN_ON
      * New device IDs
      
      rtlwifi:
      
      * fix IOMMU mapping leak in AP mode
      
      brcmfmac:
      
      * disable MBSS feature for BCM43362 to get AP mode working again
      
      ath9k:
      
      * disable Transmit Power Control (TPC) again due to regressions
      
      * fix beaconing issue with AP+STA setup
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e43e5052
    • Simon Horman's avatar
      rocker: handle non-bridge master change · a6e95cc7
      Simon Horman authored
      Master change notifications may occur other than when joining or
      leaving a bridge, for example when being added to or removed from
      a bond or Open vSwitch.
      
      Previously in those cases rocker_port_bridge_leave() was called
      which results in a null-pointer dereference as rocker_port->bridge_dev
      is NULL because there is no bridge device.
      
      This patch makes provision for doing nothing in such cases.
      
      Fixes: 6c707945 ("rocker: implement L2 bridge offloading")
      Acked-by: default avatarJiri Pirko <jiri@resnulli.us>
      Acked-by: default avatarScott Feldman <sfeldma@gmail.com>
      Signed-off-by: default avatarSimon Horman <simon.horman@netronome.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a6e95cc7
    • WANG Cong's avatar
      net: use for_each_netdev_safe() in rtnl_group_changelink() · d079535d
      WANG Cong authored
      In case we move the whole dev group to another netns,
      we should call for_each_netdev_safe(), otherwise we get
      a soft lockup:
      
       NMI watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [ip:798]
       irq event stamp: 255424
       hardirqs last  enabled at (255423): [<ffffffff81a2aa95>] restore_args+0x0/0x30
       hardirqs last disabled at (255424): [<ffffffff81a2ad5a>] apic_timer_interrupt+0x6a/0x80
       softirqs last  enabled at (255422): [<ffffffff81079ebc>] __do_softirq+0x2c1/0x3a9
       softirqs last disabled at (255417): [<ffffffff8107a190>] irq_exit+0x41/0x95
       CPU: 0 PID: 798 Comm: ip Not tainted 4.0.0-rc4+ #881
       Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
       task: ffff8800d1b88000 ti: ffff880119530000 task.ti: ffff880119530000
       RIP: 0010:[<ffffffff810cad11>]  [<ffffffff810cad11>] debug_lockdep_rcu_enabled+0x28/0x30
       RSP: 0018:ffff880119533778  EFLAGS: 00000246
       RAX: ffff8800d1b88000 RBX: 0000000000000002 RCX: 0000000000000038
       RDX: 0000000000000000 RSI: ffff8800d1b888c8 RDI: ffff8800d1b888c8
       RBP: ffff880119533778 R08: 0000000000000000 R09: 0000000000000000
       R10: 0000000000000000 R11: 000000000000b5c2 R12: 0000000000000246
       R13: ffff880119533708 R14: 00000000001d5a40 R15: ffff88011a7d5a40
       FS:  00007fc01315f740(0000) GS:ffff88011a600000(0000) knlGS:0000000000000000
       CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
       CR2: 00007f367a120988 CR3: 000000011849c000 CR4: 00000000000007f0
       Stack:
        ffff880119533798 ffffffff811ac868 ffffffff811ac831 ffffffff811ac828
        ffff8801195337c8 ffffffff811ac8c9 ffff8801195339b0 ffff8801197633e0
        0000000000000000 ffff8801195339b0 ffff8801195337d8 ffffffff811ad2d7
       Call Trace:
        [<ffffffff811ac868>] rcu_read_lock+0x37/0x6e
        [<ffffffff811ac831>] ? rcu_read_unlock+0x5f/0x5f
        [<ffffffff811ac828>] ? rcu_read_unlock+0x56/0x5f
        [<ffffffff811ac8c9>] __fget+0x2a/0x7a
        [<ffffffff811ad2d7>] fget+0x13/0x15
        [<ffffffff811be732>] proc_ns_fget+0xe/0x38
        [<ffffffff817c7714>] get_net_ns_by_fd+0x11/0x59
        [<ffffffff817df359>] rtnl_link_get_net+0x33/0x3e
        [<ffffffff817df3d7>] do_setlink+0x73/0x87b
        [<ffffffff810b28ce>] ? trace_hardirqs_off+0xd/0xf
        [<ffffffff81a2aa95>] ? retint_restore_args+0xe/0xe
        [<ffffffff817e0301>] rtnl_newlink+0x40c/0x699
        [<ffffffff817dffe0>] ? rtnl_newlink+0xeb/0x699
        [<ffffffff81a29246>] ? _raw_spin_unlock+0x28/0x33
        [<ffffffff8143ed1e>] ? security_capable+0x18/0x1a
        [<ffffffff8107da51>] ? ns_capable+0x4d/0x65
        [<ffffffff817de5ce>] rtnetlink_rcv_msg+0x181/0x194
        [<ffffffff817de407>] ? rtnl_lock+0x17/0x19
        [<ffffffff817de407>] ? rtnl_lock+0x17/0x19
        [<ffffffff817de44d>] ? __rtnl_unlock+0x17/0x17
        [<ffffffff818327c6>] netlink_rcv_skb+0x4d/0x93
        [<ffffffff817de42f>] rtnetlink_rcv+0x26/0x2d
        [<ffffffff81830f18>] netlink_unicast+0xcb/0x150
        [<ffffffff8183198e>] netlink_sendmsg+0x501/0x523
        [<ffffffff8115cba9>] ? might_fault+0x59/0xa9
        [<ffffffff817b5398>] ? copy_from_user+0x2a/0x2c
        [<ffffffff817b7b74>] sock_sendmsg+0x34/0x3c
        [<ffffffff817b7f6d>] ___sys_sendmsg+0x1b8/0x255
        [<ffffffff8115c5eb>] ? handle_pte_fault+0xbd5/0xd4a
        [<ffffffff8100a2b0>] ? native_sched_clock+0x35/0x37
        [<ffffffff8109e94b>] ? sched_clock_local+0x12/0x72
        [<ffffffff8109eb9c>] ? sched_clock_cpu+0x9e/0xb7
        [<ffffffff810cadbf>] ? rcu_read_lock_held+0x3b/0x3d
        [<ffffffff811ac1d8>] ? __fcheck_files+0x4c/0x58
        [<ffffffff811ac946>] ? __fget_light+0x2d/0x52
        [<ffffffff817b8adc>] __sys_sendmsg+0x42/0x60
        [<ffffffff817b8b0c>] SyS_sendmsg+0x12/0x1c
        [<ffffffff81a29e32>] system_call_fastpath+0x12/0x17
      
      Fixes: e7ed828f ("netlink: support setting devgroup parameters")
      Signed-off-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d079535d
    • Michal Kubeček's avatar
      tcp: prevent fetching dst twice in early demux code · d0c294c5
      Michal Kubeček authored
      On s390x, gcc 4.8 compiles this part of tcp_v6_early_demux()
      
              struct dst_entry *dst = sk->sk_rx_dst;
      
              if (dst)
                      dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
      
      to code reading sk->sk_rx_dst twice, once for the test and once for
      the argument of ip6_dst_check() (dst_check() is inline). This allows
      ip6_dst_check() to be called with null first argument, causing a crash.
      
      Protect sk->sk_rx_dst access by READ_ONCE() both in IPv4 and IPv6
      TCP early demux code.
      
      Fixes: 41063e9d ("ipv4: Early TCP socket demux.")
      Fixes: c7109986 ("ipv6: Early TCP socket demux")
      Signed-off-by: default avatarMichal Kubecek <mkubecek@suse.cz>
      Acked-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d0c294c5
    • Yuval Mintz's avatar
      bnx2x: Fix statistics locking scheme · dff173de
      Yuval Mintz authored
      Statistics' state-machine in bnx2x driver must be synced with various driver
      flows, but its current locking scheme manages to be wasteful [using 2 locks +
      additional local variable] and prone to race-conditions at the same time,
      as the state-machine and 'action' are being accessed under different locks.
      
      In addition, current 'safe exec' isn't in fact safe, since the only guarantee
      it gives is that DMA transactions are over, but ramrods might still be running.
      
      This patch cleans up said logic, leaving us with a single lock for the entire
      flow and removing the possible races.
      
      Changes from v2:
      	- Switched into mutex locking from semaphore locking.
      	- Release locks on error flows.
      
      Changes from v1:
      	Failure to acquire lock fails flow instead of printing a warning and
      	allowing access to the critical section.
      Signed-off-by: default avatarYuval Mintz <Yuval.Mintz@qlogic.com>
      Signed-off-by: default avatarAriel Elior <Ariel.Elior@qlogic.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      dff173de
    • David S. Miller's avatar
      Merge tag 'linux-can-fixes-for-4.0-20150322' of... · 7ef70aab
      David S. Miller authored
      Merge tag 'linux-can-fixes-for-4.0-20150322' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can
      
      Marc Kleine-Budde says:
      
      ====================
      pull-request: can 2015-03-22
      
      this is a pull-request of 7 patches for net/master.
      
      Ahmed S. Darwish fixes another two problems in the kvaser_usb driver. A patch
      by Colin Ian King for the gs_usb driver adds a missing check for kzalloc
      allocation failures. Two patches by Stephane Grosjean for the peak_usb driver
      add missing support for ISO / non-ISO mode switching. Andri Yngvason
      contributes a patch to fix the state handling in the flexcan driver. The last
      patch by Andreas Werner for the flexcan driver add missing EPROBE_DEFER
      handling for the transceiver regulator.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ef70aab