1. 26 Jul, 2016 26 commits
  2. 25 Jul, 2016 14 commits
    • David S. Miller's avatar
      Merge branch '10GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue · 9bc4a1cc
      David S. Miller authored
      Jeff Kirsher says:
      
      ====================
      10GbE Intel Wired LAN Driver Updates 2016-07-22
      
      This series contains updates to ixgbe and ixgbevf only.
      
      Emil fixes the NACK check in ixgbevf_set_uc_addr_vf() for instances where
      the index is not equal to zero.  Fixes an issue where mac->ops.setup_fc
      can be NULL for backplanes which can cause the driver to crash on load.
      
      Don fixes the second parameter of the LED functions, which is the index to
      the LED we are interested in affecting.  Fixed variable to store register
      reads to unsigned integer.  Adds support for the new x553 hardware into
      ixgbevf.  Fixed a missing rtnl lock around ixgbevf_reinit_locked().
      Fixed an issue where in ixgbevf_reset_subtask() was not verifying that
      the port has been removed.  Cleans up the initial crosstalk fix, since
      the SFP that indicates the presence of a SFP+ module changes between
      hardware types.
      
      Babu Moger fixes typo in freeing IRQ, since the array subscript increments
      after the execution of the statement.
      
      Wei Yongjun adds the missing destroy_workqueue() before returning from
      ixgbe_init_module() in the error handling case.
      
      Tony adds range checking for setting the MTU from the VF, where the PF can
      return a NACK but this was not passed on to the VF, so propagate the
      results from the PF to the VF so errors can be reported.  Consolidates
      mailbox read and write functions, since the recent changes to
      ixgbevf_write_msg_read_ack(), other functions are performing the same
      operations done here.
      
      Colin Ian King removes a redundant check on ret_val, since ret_val has
      not changed since the previous check.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9bc4a1cc
    • Vegard Nossum's avatar
      net/irda: fix NULL pointer dereference on memory allocation failure · d3e6952c
      Vegard Nossum authored
      I ran into this:
      
          kasan: CONFIG_KASAN_INLINE enabled
          kasan: GPF could be caused by NULL-ptr deref or user memory access
          general protection fault: 0000 [#1] PREEMPT SMP KASAN
          CPU: 2 PID: 2012 Comm: trinity-c3 Not tainted 4.7.0-rc7+ #19
          Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
          task: ffff8800b745f2c0 ti: ffff880111740000 task.ti: ffff880111740000
          RIP: 0010:[<ffffffff82bbf066>]  [<ffffffff82bbf066>] irttp_connect_request+0x36/0x710
          RSP: 0018:ffff880111747bb8  EFLAGS: 00010286
          RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000069dd8358
          RDX: 0000000000000009 RSI: 0000000000000027 RDI: 0000000000000048
          RBP: ffff880111747c00 R08: 0000000000000000 R09: 0000000000000000
          R10: 0000000069dd8358 R11: 1ffffffff0759723 R12: 0000000000000000
          R13: ffff88011a7e4780 R14: 0000000000000027 R15: 0000000000000000
          FS:  00007fc738404700(0000) GS:ffff88011af00000(0000) knlGS:0000000000000000
          CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
          CR2: 00007fc737fdfb10 CR3: 0000000118087000 CR4: 00000000000006e0
          Stack:
           0000000000000200 ffff880111747bd8 ffffffff810ee611 ffff880119f1f220
           ffff880119f1f4f8 ffff880119f1f4f0 ffff88011a7e4780 ffff880119f1f232
           ffff880119f1f220 ffff880111747d58 ffffffff82bca542 0000000000000000
          Call Trace:
           [<ffffffff82bca542>] irda_connect+0x562/0x1190
           [<ffffffff825ae582>] SYSC_connect+0x202/0x2a0
           [<ffffffff825b4489>] SyS_connect+0x9/0x10
           [<ffffffff8100334c>] do_syscall_64+0x19c/0x410
           [<ffffffff83295ca5>] entry_SYSCALL64_slow_path+0x25/0x25
          Code: 41 89 ca 48 89 e5 41 57 41 56 41 55 41 54 41 89 d7 53 48 89 fb 48 83 c7 48 48 89 fa 41 89 f6 48 c1 ea 03 48 83 ec 20 4c 8b 65 10 <0f> b6 04 02 84 c0 74 08 84 c0 0f 8e 4c 04 00 00 80 7b 48 00 74
          RIP  [<ffffffff82bbf066>] irttp_connect_request+0x36/0x710
           RSP <ffff880111747bb8>
          ---[ end trace 4cda2588bc055b30 ]---
      
      The problem is that irda_open_tsap() can fail and leave self->tsap = NULL,
      and then irttp_connect_request() almost immediately dereferences it.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarVegard Nossum <vegard.nossum@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d3e6952c
    • Marcelo Ricardo Leitner's avatar
      sctp: also point GSO head_skb to the sk when it's available · 52253db9
      Marcelo Ricardo Leitner authored
      The head skb for GSO packets won't travel through the inner depths of
      SCTP stack as it doesn't contain any chunks on it. That means skb->sk
      doesn't get set and then when sctp_recvmsg() calls
      sctp_inet6_skb_msgname() on the head_skb it panics, as this last needs
      to check flags at the socket (sp->v4mapped).
      
      The fix is to initialize skb->sk for th head skb once we are able to do
      it. That is, when the first chunk is processed.
      Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      52253db9
    • Marcelo Ricardo Leitner's avatar
      sctp: fix BH handling on socket backlog · eefc1b1d
      Marcelo Ricardo Leitner authored
      Now that the backlog processing is called with BH enabled, we have to
      disable BH before taking the socket lock via bh_lock_sock() otherwise
      it may dead lock:
      
      sctp_backlog_rcv()
                      bh_lock_sock(sk);
      
                      if (sock_owned_by_user(sk)) {
                              if (sk_add_backlog(sk, skb, sk->sk_rcvbuf))
                                      sctp_chunk_free(chunk);
                              else
                                      backloged = 1;
                      } else
                              sctp_inq_push(inqueue, chunk);
      
                      bh_unlock_sock(sk);
      
      while sctp_inq_push() was disabling/enabling BH, but enabling BH
      triggers pending softirq, which then may try to re-lock the socket in
      sctp_rcv().
      
      [  219.187215]  <IRQ>
      [  219.187217]  [<ffffffff817ca3e0>] _raw_spin_lock+0x20/0x30
      [  219.187223]  [<ffffffffa041888c>] sctp_rcv+0x48c/0xba0 [sctp]
      [  219.187225]  [<ffffffff816e7db2>] ? nf_iterate+0x62/0x80
      [  219.187226]  [<ffffffff816f1b14>] ip_local_deliver_finish+0x94/0x1e0
      [  219.187228]  [<ffffffff816f1e1f>] ip_local_deliver+0x6f/0xf0
      [  219.187229]  [<ffffffff816f1a80>] ? ip_rcv_finish+0x3b0/0x3b0
      [  219.187230]  [<ffffffff816f17a8>] ip_rcv_finish+0xd8/0x3b0
      [  219.187232]  [<ffffffff816f2122>] ip_rcv+0x282/0x3a0
      [  219.187233]  [<ffffffff810d8bb6>] ? update_curr+0x66/0x180
      [  219.187235]  [<ffffffff816abac4>] __netif_receive_skb_core+0x524/0xa90
      [  219.187236]  [<ffffffff810d8e00>] ? update_cfs_shares+0x30/0xf0
      [  219.187237]  [<ffffffff810d557c>] ? __enqueue_entity+0x6c/0x70
      [  219.187239]  [<ffffffff810dc454>] ? enqueue_entity+0x204/0xdf0
      [  219.187240]  [<ffffffff816ac048>] __netif_receive_skb+0x18/0x60
      [  219.187242]  [<ffffffff816ad1ce>] process_backlog+0x9e/0x140
      [  219.187243]  [<ffffffff816ac8ec>] net_rx_action+0x22c/0x370
      [  219.187245]  [<ffffffff817cd352>] __do_softirq+0x112/0x2e7
      [  219.187247]  [<ffffffff817cc3bc>] do_softirq_own_stack+0x1c/0x30
      [  219.187247]  <EOI>
      [  219.187248]  [<ffffffff810aa1c8>] do_softirq.part.14+0x38/0x40
      [  219.187249]  [<ffffffff810aa24d>] __local_bh_enable_ip+0x7d/0x80
      [  219.187254]  [<ffffffffa0408428>] sctp_inq_push+0x68/0x80 [sctp]
      [  219.187258]  [<ffffffffa04190f1>] sctp_backlog_rcv+0x151/0x1c0 [sctp]
      [  219.187260]  [<ffffffff81692b07>] __release_sock+0x87/0xf0
      [  219.187261]  [<ffffffff81692ba0>] release_sock+0x30/0xa0
      [  219.187265]  [<ffffffffa040e46d>] sctp_accept+0x17d/0x210 [sctp]
      [  219.187266]  [<ffffffff810e7510>] ? prepare_to_wait_event+0xf0/0xf0
      [  219.187268]  [<ffffffff8172d52c>] inet_accept+0x3c/0x130
      [  219.187269]  [<ffffffff8168d7a3>] SYSC_accept4+0x103/0x210
      [  219.187271]  [<ffffffff817ca2ba>] ? _raw_spin_unlock_bh+0x1a/0x20
      [  219.187272]  [<ffffffff81692bfc>] ? release_sock+0x8c/0xa0
      [  219.187276]  [<ffffffffa0413e22>] ? sctp_inet_listen+0x62/0x1b0 [sctp]
      [  219.187277]  [<ffffffff8168f2d0>] SyS_accept+0x10/0x20
      
      Fixes: 860fbbc3 ("sctp: prepare for socket backlog behavior change")
      Cc: Eric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      eefc1b1d
    • Haiyang Zhang's avatar
      hv_netvsc: Fix VF register on bonding devices · e2b9f1f7
      Haiyang Zhang authored
      Added a condition to avoid bonding devices with same MAC registering
      as VF.
      Signed-off-by: default avatarHaiyang Zhang <haiyangz@microsoft.com>
      Reviewed-by: default avatarK. Y. Srinivasan <kys@microsoft.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e2b9f1f7
    • Colin Ian King's avatar
      kcm: remove redundant -ve error check and return path · 0a58f474
      Colin Ian King authored
      The check for a -ve error is redundant, remove it and just
      immediately return the return value from the call to
      seq_open_net.
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0a58f474
    • Mike Manning's avatar
      net: ipv6: Always leave anycast and multicast groups on link down · ea06f717
      Mike Manning authored
      Default kernel behavior is to delete IPv6 addresses on link
      down, which entails deletion of the multicast and the
      subnet-router anycast addresses. These deletions do not
      happen with sysctl setting to keep global IPv6 addresses on
      link down, so every link down/up causes an increment of the
      anycast and multicast refcounts. These bogus refcounts may
      stop these addrs from being removed on subsequent calls to
      delete them. The solution is to leave the groups for the
      multicast and subnet anycast on link down for the callflow
      when global IPv6 addresses are kept.
      
      Fixes: f1705ec1 ("net: ipv6: Make address flushing on ifdown optional")
      Signed-off-by: default avatarMike Manning <mmanning@brocade.com>
      Acked-by: default avatarDavid Ahern <dsa@cumulusnetworks.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ea06f717
    • David S. Miller's avatar
      Merge tag 'wireless-drivers-next-for-davem-2016-07-22' of... · d5b160d3
      David S. Miller authored
      Merge tag 'wireless-drivers-next-for-davem-2016-07-22' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next
      
      Kalle Valo says:
      
      ====================
      pull-request: wireless-drivers-next 2016-07-22
      
      I'm sick so I have to keep this short, but here's the last pull request
      to net-next. This time there's a trivial conflict with mtd tree:
      
      http://lkml.kernel.org/g/20160720123133.44dab209@canb.auug.org.au
      
      We concluded with Brian (CCed) that it's best that we ask Linus to fix
      this. The patches have been in linux-next for a couple of days. This
      time I haven't done any merge tests so I don't know if there are any
      other conflicts etc.
      
      Please let me know if there are any problems.
      
      wireless-drivers-next patches for 4.8
      
      Major changes:
      
      wl18xx
      
      * add initial mesh support
      
      bcma
      
      * serial flash support on non-MIPS SoCs
      
      ath10k
      
      * enable support for QCA9888
      * disable wake_tx_queue() mac80211 op for older devices to workaround
        throughput regression
      
      ath9k
      
      * implement temperature compensation support for AR9003+
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d5b160d3
    • Wei Yongjun's avatar
      libcxgb: remove unused including <linux/version.h> · 15657841
      Wei Yongjun authored
      Remove including <linux/version.h> that don't need it.
      Signed-off-by: default avatarWei Yongjun <weiyj.lk@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      15657841
    • Xin Long's avatar
      sctp: use inet_recvmsg to support sctp RFS well · fd2d180a
      Xin Long authored
      Commit 486bdee0 ("sctp: add support for RPS and RFS")
      saves skb->hash into sk->sk_rxhash so that the inet_* can
      record it to flow table.
      
      But sctp uses sock_common_recvmsg as .recvmsg instead
      of inet_recvmsg, sock_common_recvmsg doesn't invoke
      sock_rps_record_flow to record the flow. It may cause
      that the receiver has no chances to record the flow if
      it doesn't send msg or poll the socket.
      
      So this patch fixes it by using inet_recvmsg as .recvmsg
      in sctp.
      
      Fixes: 486bdee0 ("sctp: add support for RPS and RFS")
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fd2d180a
    • David S. Miller's avatar
      Merge branch 'macsec-icv-fixes' · 07a01697
      David S. Miller authored
      Davide Caratti says:
      
      ====================
      macsec: fix configurable ICV length
      
      This series provides a fix for macsec configurable ICV length. The
      maximum length of ICV element has been made compliant to IEEE 802.1AE,
      and error reporting in case of cipher suite configuration failure has been
      improved. Finally, a test has been added to netlink verify() callback in
      order to avoid creation of macsec interfaces having user-provided ICV length
      values that are not supported by the cipher suite.
      ====================
      Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
      Acked-by: default avatarSabrina Dubroca <sd@queasysnail.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      07a01697
    • Davide Caratti's avatar
      macsec: validate ICV length on link creation · f04c392d
      Davide Caratti authored
      Test the cipher suite initialization in case ICV length has a value
      different than its default. If this test fails, creation of a new macsec
      link will also fail. This avoids situations where further security
      associations can't be added due to failures of crypto_aead_setauthsize(),
      caused by unsupported user-provided values of the ICV length.
      Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f04c392d
    • Davide Caratti's avatar
      macsec: fix error codes when a SA is created · 34aedfee
      Davide Caratti authored
      preserve the return value of AEAD functions that are called when a SA is
      created, to avoid inappropriate display of "RTNETLINK answers: Cannot
      allocate memory" message.
      Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      34aedfee
    • Davide Caratti's avatar
      macsec: limit ICV length to 16 octets · 2ccbe2cb
      Davide Caratti authored
      IEEE 802.1AE-2006 standard recommends that the ICV element in a MACsec
      frame should not exceed 16 octets: add MACSEC_STD_ICV_LEN in uapi
      definitions accordingly, and avoid accepting configurations where the ICV
      length exceeds the standard value. Leave definition of MACSEC_MAX_ICV_LEN
      unchanged for backwards compatibility with userspace programs.
      
      Fixes: dece8d2b ("uapi: add MACsec bits")
      Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2ccbe2cb