1. 06 5月, 2016 14 次提交
    • A
      byteswap: try to avoid __builtin_constant_p gcc bug · 7322dd75
      Arnd Bergmann 提交于
      This is another attempt to avoid a regression in wwn_to_u64() after that
      started using get_unaligned_be64(), which in turn ran into a bug on
      gcc-4.9 through 6.1.
      
      The regression got introduced due to the combination of two separate
      workarounds (commits e3bde956: "include/linux/unaligned: force
      inlining of byteswap operations" and ef3fb242: "scsi: fc: use
      get/put_unaligned64 for wwn access") that each try to sidestep distinct
      problems with gcc behavior (code growth and increased stack usage).
      
      Unfortunately after both have been applied, a more serious gcc bug has
      been uncovered, leading to incorrect object code that discards part of a
      function and causes undefined behavior.
      
      As part of this problem is how __builtin_constant_p gets evaluated on an
      argument passed by reference into an inline function, this avoids the
      use of __builtin_constant_p() for all architectures that set
      CONFIG_ARCH_USE_BUILTIN_BSWAP.  Most architectures do not set
      ARCH_SUPPORTS_OPTIMIZED_INLINING, which means they probably do not
      suffer from the problem in the qla2xxx driver, but they might still run
      into it elsewhere.
      
      Both of the original workarounds were only merged in the 4.6 kernel, and
      the bug that is fixed by this patch should only appear if both are
      there, so we probably don't need to backport the fix.  On the other
      hand, it works by simplifying the code path and should not have any
      negative effects.
      
      [arnd@arndb.de: fix older gcc warnings]
        (http://lkml.kernel.org/r/12243652.bxSxEgjgfk@wuerfel)
      Link: https://lkml.org/lkml/headers/2016/4/12/1103
      Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66122
      Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70232
      Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70646
      Fixes: e3bde956 ("include/linux/unaligned: force inlining of byteswap operations")
      Fixes: ef3fb242 ("scsi: fc: use get/put_unaligned64 for wwn access")
      Link: http://lkml.kernel.org/r/1780465.XdtPJpi8Tt@wuerfelSigned-off-by: NArnd Bergmann <arnd@arndb.de>
      Reviewed-by: NJosh Poimboeuf <jpoimboe@redhat.com>
      Tested-by: Josh Poimboeuf <jpoimboe@redhat.com> # on gcc-5.3
      Tested-by: NQuinn Tran <quinn.tran@qlogic.com>
      Cc: Martin Jambor <mjambor@suse.cz>
      Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
      Cc: James Bottomley <James.Bottomley@hansenpartnership.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: Thomas Graf <tgraf@suug.ch>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Himanshu Madhani <himanshu.madhani@qlogic.com>
      Cc: Jan Hubicka <hubicka@ucw.cz>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      7322dd75
    • J
      lib/stackdepot: avoid to return 0 handle · 7c31190b
      Joonsoo Kim 提交于
      Recently, we allow to save the stacktrace whose hashed value is 0.  It
      causes the problem that stackdepot could return 0 even if in success.
      User of stackdepot cannot distinguish whether it is success or not so we
      need to solve this problem.  In this patch, 1 bit are added to handle
      and make valid handle none 0 by setting this bit.  After that, valid
      handle will not be 0 and 0 handle will represent failure correctly.
      
      Fixes: 33334e25 ("lib/stackdepot.c: allow the stack trace hash to be zero")
      Link: http://lkml.kernel.org/r/1462252403-1106-1-git-send-email-iamjoonsoo.kim@lge.comSigned-off-by: NJoonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      7c31190b
    • V
      mm: fix kcompactd hang during memory offlining · 172400c6
      Vlastimil Babka 提交于
      Assume memory47 is the last online block left in node1.  This will hang:
      
        # echo offline > /sys/devices/system/node/node1/memory47/state
      
      After a couple of minutes, the following pops up in dmesg:
      
        INFO: task bash:957 blocked for more than 120 seconds.
               Not tainted 4.6.0-rc6+ #6
        "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
        bash            D ffff8800b7adbaf8     0   957    951 0x00000000
        Call Trace:
          schedule+0x35/0x80
          schedule_timeout+0x1ac/0x270
          wait_for_completion+0xe1/0x120
          kthread_stop+0x4f/0x110
          kcompactd_stop+0x26/0x40
          __offline_pages.constprop.28+0x7e6/0x840
          offline_pages+0x11/0x20
          memory_block_action+0x73/0x1d0
          memory_subsys_offline+0x47/0x60
          device_offline+0x86/0xb0
          store_mem_state+0xda/0xf0
          dev_attr_store+0x18/0x30
          sysfs_kf_write+0x37/0x40
          kernfs_fop_write+0x11d/0x170
          __vfs_write+0x37/0x120
          vfs_write+0xa9/0x1a0
          SyS_write+0x55/0xc0
          entry_SYSCALL_64_fastpath+0x1a/0xa4
      
      kcompactd is waiting for kcompactd_max_order > 0 when it's woken up to
      actually exit.  Check kthread_should_stop() to break out of the wait.
      
      Fixes: 698b1b30 ("mm, compaction: introduce kcompactd").
      Reported-by: NReza Arbab <arbab@linux.vnet.ibm.com>
      Tested-by: NReza Arbab <arbab@linux.vnet.ibm.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: Johannes Weiner <hannes@cmpxchg.org>
      Cc: Hugh Dickins <hughd@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      172400c6
    • P
      modpost: fix module autoloading for OF devices with generic compatible property · acbef7b7
      Philipp Zabel 提交于
      Since the wildcard at the end of OF module aliases is gone, autoloading
      of modules that don't match a device's last (most generic) compatible
      value fails.
      
      For example the CODA960 VPU on i.MX6Q has the SoC specific compatible
      "fsl,imx6q-vpu" and the generic compatible "cnm,coda960".  Since the
      driver currently only works with knowledge about the SoC specific
      integration, it doesn't list "cnm,cod960" in the module device table.
      
      This results in the device compatible
      "of:NvpuT<NULL>Cfsl,imx6q-vpuCcnm,coda960" not matching the module alias
      "of:N*T*Cfsl,imx6q-vpu" anymore, whereas before commit 2f632369
      ("modpost: don't add a trailing wildcard for OF module aliases") it
      matched the module alias "of:N*T*Cfsl,imx6q-vpu*".
      
      This patch adds two module aliases for each compatible, one without the
      wildcard and one with "C*" appended.
      
        $ modinfo coda | grep imx6q
        alias:          of:N*T*Cfsl,imx6q-vpuC*
        alias:          of:N*T*Cfsl,imx6q-vpu
      
      Fixes: 2f632369 ("modpost: don't add a trailing wildcard for OF module aliases")
      Link: http://lkml.kernel.org/r/1462203339-15340-1-git-send-email-p.zabel@pengutronix.deSigned-off-by: NPhilipp Zabel <p.zabel@pengutronix.de>
      Cc: Javier Martinez Canillas <javier@osg.samsung.com>
      Cc: Brian Norris <computersforpeace@gmail.com>
      Cc: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: <stable@vger.kernel.org>	[4.5+]
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      acbef7b7
    • M
      proc: prevent accessing /proc/<PID>/environ until it's ready · 8148a73c
      Mathias Krause 提交于
      If /proc/<PID>/environ gets read before the envp[] array is fully set up
      in create_{aout,elf,elf_fdpic,flat}_tables(), we might end up trying to
      read more bytes than are actually written, as env_start will already be
      set but env_end will still be zero, making the range calculation
      underflow, allowing to read beyond the end of what has been written.
      
      Fix this as it is done for /proc/<PID>/cmdline by testing env_end for
      zero.  It is, apparently, intentionally set last in create_*_tables().
      
      This bug was found by the PaX size_overflow plugin that detected the
      arithmetic underflow of 'this_len = env_end - (env_start + src)' when
      env_end is still zero.
      
      The expected consequence is that userland trying to access
      /proc/<PID>/environ of a not yet fully set up process may get
      inconsistent data as we're in the middle of copying in the environment
      variables.
      
      Fixes: https://forums.grsecurity.net/viewtopic.php?f=3&t=4363
      Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=116461Signed-off-by: NMathias Krause <minipli@googlemail.com>
      Cc: Emese Revfy <re.emese@gmail.com>
      Cc: Pax Team <pageexec@freemail.hu>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Mateusz Guzik <mguzik@redhat.com>
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: Cyrill Gorcunov <gorcunov@openvz.org>
      Cc: Jarod Wilson <jarod@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8148a73c
    • D
      mm/zswap: provide unique zpool name · 32a4e169
      Dan Streetman 提交于
      Instead of using "zswap" as the name for all zpools created, add an
      atomic counter and use "zswap%x" with the counter number for each zpool
      created, to provide a unique name for each new zpool.
      
      As zsmalloc, one of the zpool implementations, requires/expects a unique
      name for each pool created, zswap should provide a unique name.  The
      zsmalloc pool creation does not fail if a new pool with a conflicting
      name is created, unless CONFIG_ZSMALLOC_STAT is enabled; in that case,
      zsmalloc pool creation fails with -ENOMEM.  Then zswap will be unable to
      change its compressor parameter if its zpool is zsmalloc; it also will
      be unable to change its zpool parameter back to zsmalloc, if it has any
      existing old zpool using zsmalloc with page(s) in it.  Attempts to
      change the parameters will result in failure to create the zpool.  This
      changes zswap to provide a unique name for each zpool creation.
      
      Fixes: f1c54846 ("zswap: dynamic pool creation")
      Signed-off-by: NDan Streetman <ddstreet@ieee.org>
      Reported-by: NSergey Senozhatsky <sergey.senozhatsky@gmail.com>
      Reviewed-by: NSergey Senozhatsky <sergey.senozhatsky@gmail.com>
      Cc: Dan Streetman <dan.streetman@canonical.com>
      Cc: Minchan Kim <minchan@kernel.org>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      32a4e169
    • A
      mm: thp: kvm: fix memory corruption in KVM with THP enabled · 127393fb
      Andrea Arcangeli 提交于
      After the THP refcounting change, obtaining a compound pages from
      get_user_pages() no longer allows us to assume the entire compound page
      is immediately mappable from a secondary MMU.
      
      A secondary MMU doesn't want to call get_user_pages() more than once for
      each compound page, in order to know if it can map the whole compound
      page.  So a secondary MMU needs to know from a single get_user_pages()
      invocation when it can map immediately the entire compound page to avoid
      a flood of unnecessary secondary MMU faults and spurious
      atomic_inc()/atomic_dec() (pages don't have to be pinned by MMU notifier
      users).
      
      Ideally instead of the page->_mapcount < 1 check, get_user_pages()
      should return the granularity of the "page" mapping in the "mm" passed
      to get_user_pages().  However it's non trivial change to pass the "pmd"
      status belonging to the "mm" walked by get_user_pages up the stack (up
      to the caller of get_user_pages).  So the fix just checks if there is
      not a single pte mapping on the page returned by get_user_pages, and in
      turn if the caller can assume that the whole compound page is mapped in
      the current "mm" (in a pmd_trans_huge()).  In such case the entire
      compound page is safe to map into the secondary MMU without additional
      get_user_pages() calls on the surrounding tail/head pages.  In addition
      of being faster, not having to run other get_user_pages() calls also
      reduces the memory footprint of the secondary MMU fault in case the pmd
      split happened as result of memory pressure.
      
      Without this fix after a MADV_DONTNEED (like invoked by QEMU during
      postcopy live migration or balloning) or after generic swapping (with a
      failure in split_huge_page() that would only result in pmd splitting and
      not a physical page split), KVM would map the whole compound page into
      the shadow pagetables, despite regular faults or userfaults (like
      UFFDIO_COPY) may map regular pages into the primary MMU as result of the
      pte faults, leading to the guest mode and userland mode going out of
      sync and not working on the same memory at all times.
      
      Any other secondary MMU notifier manager (KVM is just one of the many
      MMU notifier users) will need the same information if it doesn't want to
      run a flood of get_user_pages_fast and it can support multiple
      granularity in the secondary MMU mappings, so I think it is justified to
      be exposed not just to KVM.
      
      The other option would be to move transparent_hugepage_adjust to
      mm/huge_memory.c but that currently has all kind of KVM data structures
      in it, so it's definitely not a cut-and-paste work, so I couldn't do a
      fix as cleaner as this one for 4.6.
      Signed-off-by: NAndrea Arcangeli <aarcange@redhat.com>
      Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
      Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
      Cc: "Li, Liang Z" <liang.z.li@intel.com>
      Cc: Amit Shah <amit.shah@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      127393fb
    • E
      MAINTAINERS: fix Rajendra Nayak's address · ff2de822
      Eric Engestrom 提交于
      Signed-off-by: NEric Engestrom <eric.engestrom@imgtec.com>
      Cc: Rajendra Nayak <rnayak@codeaurora.org>
      Cc: Afzal Mohammed <afzal.mohd.ma@gmail.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      ff2de822
    • H
      mm, cma: prevent nr_isolated_* counters from going negative · 14af4a5e
      Hugh Dickins 提交于
      /proc/sys/vm/stat_refresh warns nr_isolated_anon and nr_isolated_file go
      increasingly negative under compaction: which would add delay when
      should be none, or no delay when should delay.  The bug in compaction
      was due to a recent mmotm patch, but much older instance of the bug was
      also noticed in isolate_migratepages_range() which is used for CMA and
      gigantic hugepage allocations.
      
      The bug is caused by putback_movable_pages() in an error path
      decrementing the isolated counters without them being previously
      incremented by acct_isolated().  Fix isolate_migratepages_range() by
      removing the error-path putback, thus reaching acct_isolated() with
      migratepages still isolated, and leaving putback to caller like most
      other places do.
      
      Fixes: edc2ca61 ("mm, compaction: move pageblock checks up from isolate_migratepages_range()")
      [vbabka@suse.cz: expanded the changelog]
      Signed-off-by: NHugh Dickins <hughd@google.com>
      Signed-off-by: NVlastimil Babka <vbabka@suse.cz>
      Acked-by: NJoonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Michal Hocko <mhocko@kernel.org>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      14af4a5e
    • J
      mm: update min_free_kbytes from khugepaged after core initialization · bc22af74
      Jason Baron 提交于
      Khugepaged attempts to raise min_free_kbytes if its set too low.
      However, on boot khugepaged sets min_free_kbytes first from
      subsys_initcall(), and then the mm 'core' over-rides min_free_kbytes
      after from init_per_zone_wmark_min(), via a module_init() call.
      
      Khugepaged used to use a late_initcall() to set min_free_kbytes (such
      that it occurred after the core initialization), however this was
      removed when the initialization of min_free_kbytes was integrated into
      the starting of the khugepaged thread.
      
      The fix here is simply to invoke the core initialization using a
      core_initcall() instead of module_init(), such that the previous
      initialization ordering is restored.  I didn't restore the
      late_initcall() since start_stop_khugepaged() already sets
      min_free_kbytes via set_recommended_min_free_kbytes().
      
      This was noticed when we had a number of page allocation failures when
      moving a workload to a kernel with this new initialization ordering.  On
      an 8GB system this restores min_free_kbytes back to 67584 from 11365
      when CONFIG_TRANSPARENT_HUGEPAGE=y is set and either
      CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y or
      CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y.
      
      Fixes: 79553da2 ("thp: cleanup khugepaged startup")
      Signed-off-by: NJason Baron <jbaron@akamai.com>
      Acked-by: NKirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Acked-by: NDavid Rientjes <rientjes@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      bc22af74
    • H
      huge pagecache: mmap_sem is unlocked when truncation splits pmd · 68428398
      Hugh Dickins 提交于
      zap_pmd_range()'s CONFIG_DEBUG_VM !rwsem_is_locked(&mmap_sem) BUG() will
      be invalid with huge pagecache, in whatever way it is implemented:
      truncation of a hugely-mapped file to an unhugely-aligned size would
      easily hit it.
      
      (Although anon THP could in principle apply khugepaged to private file
      mappings, which are not excluded by the MADV_HUGEPAGE restrictions, in
      practice there's a vm_ops check which excludes them, so it never hits
      this BUG() - there's no interface to "truncate" an anonymous mapping.)
      
      We could complicate the test, to check i_mmap_rwsem also when there's a
      vm_file; but my inclination was to make zap_pmd_range() more readable by
      simply deleting this check.  A search has shown no report of the issue
      in the years since commit e0897d75 ("mm, thp: print useful
      information when mmap_sem is unlocked in zap_pmd_range") expanded it
      from VM_BUG_ON() - though I cannot point to what commit I would say then
      fixed the issue.
      
      But there are a couple of other patches now floating around, neither yet
      in the tree: let's agree to retain the check as a VM_BUG_ON_VMA(), as
      Matthew Wilcox has done; but subject to a vma_is_anonymous() check, as
      Kirill Shutemov has done.  And let's get this in, without waiting for
      any particular huge pagecache implementation to reach the tree.
      
      Matthew said "We can reproduce this BUG() in the current Linus tree with
      DAX PMDs".
      Signed-off-by: NHugh Dickins <hughd@google.com>
      Tested-by: NMatthew Wilcox <willy@linux.intel.com>
      Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: Andres Lagar-Cavilla <andreslc@google.com>
      Cc: Yang Shi <yang.shi@linaro.org>
      Cc: Ning Qu <quning@gmail.com>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Cc: Andres Lagar-Cavilla <andreslc@google.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      68428398
    • A
      rapidio/mport_cdev: fix uapi type definitions · 4e1016da
      Alexandre Bounine 提交于
      Fix problems in uapi definitions reported by Gabriel Laskar: (see
      https://lkml.org/lkml/2016/4/5/205 for details)
      
       - move public header file rio_mport_cdev.h to include/uapi/linux directory
       - change types in data structures passed as IOCTL parameters
       - improve parameter checking in some IOCTL service routines
      Signed-off-by: NAlexandre Bounine <alexandre.bounine@idt.com>
      Reported-by: NGabriel Laskar <gabriel@lse.epita.fr>
      Tested-by: NBarry Wood <barry.wood@idt.com>
      Cc: Gabriel Laskar <gabriel@lse.epita.fr>
      Cc: Matt Porter <mporter@kernel.crashing.org>
      Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
      Cc: Andre van Herk <andre.van.herk@prodrive-technologies.com>
      Cc: Barry Wood <barry.wood@idt.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      4e1016da
    • J
      mm: memcontrol: let v2 cgroups follow changes in system swappiness · 4550c4e1
      Johannes Weiner 提交于
      Cgroup2 currently doesn't have a per-cgroup swappiness setting.  We
      might want to add one later - that's a different discussion - but until
      we do, the cgroups should always follow the system setting.  Otherwise
      it will be unchangeably set to whatever the ancestor inherited from the
      system setting at the time of cgroup creation.
      Signed-off-by: NJohannes Weiner <hannes@cmpxchg.org>
      Acked-by: NMichal Hocko <mhocko@suse.com>
      Acked-by: NVladimir Davydov <vdavydov@virtuozzo.com>
      Cc: <stable@vger.kernel.org>	[4.5]
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      4550c4e1
    • Y
      mm: thp: correct split_huge_pages file permission · 145bdaa1
      Yang Shi 提交于
      split_huge_pages doesn't support get method at all, so the read
      permission sounds confusing, change the permission to write only.
      
      And, add "\n" to the output of set method to make it more readable.
      Signed-off-by: NYang Shi <yang.shi@linaro.org>
      Acked-by: NKirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Cc: Hugh Dickins <hughd@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      145bdaa1
  2. 05 5月, 2016 6 次提交
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace · c5e0666c
      Linus Torvalds 提交于
      Pull userns fix from Eric Biederman:
       "This contains just a single fix for a nasty oops"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
        propogate_mnt: Handle the first propogated copy being a slave
      c5e0666c
    • L
      Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost · 3cedbec3
      Linus Torvalds 提交于
      Pull virtio/qemu fixes from Michael Tsirkin:
       "A couple of fixes for virtio and for the new QEMU fw cfg driver"
      
      * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost:
        virtio: Silence uninitialized variable warning
        firmware: qemu_fw_cfg.c: potential unintialized variable
      3cedbec3
    • E
      propogate_mnt: Handle the first propogated copy being a slave · 5ec0811d
      Eric W. Biederman 提交于
      When the first propgated copy was a slave the following oops would result:
      > BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
      > IP: [<ffffffff811fba4e>] propagate_one+0xbe/0x1c0
      > PGD bacd4067 PUD bac66067 PMD 0
      > Oops: 0000 [#1] SMP
      > Modules linked in:
      > CPU: 1 PID: 824 Comm: mount Not tainted 4.6.0-rc5userns+ #1523
      > Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007
      > task: ffff8800bb0a8000 ti: ffff8800bac3c000 task.ti: ffff8800bac3c000
      > RIP: 0010:[<ffffffff811fba4e>]  [<ffffffff811fba4e>] propagate_one+0xbe/0x1c0
      > RSP: 0018:ffff8800bac3fd38  EFLAGS: 00010283
      > RAX: 0000000000000000 RBX: ffff8800bb77ec00 RCX: 0000000000000010
      > RDX: 0000000000000000 RSI: ffff8800bb58c000 RDI: ffff8800bb58c480
      > RBP: ffff8800bac3fd48 R08: 0000000000000001 R09: 0000000000000000
      > R10: 0000000000001ca1 R11: 0000000000001c9d R12: 0000000000000000
      > R13: ffff8800ba713800 R14: ffff8800bac3fda0 R15: ffff8800bb77ec00
      > FS:  00007f3c0cd9b7e0(0000) GS:ffff8800bfb00000(0000) knlGS:0000000000000000
      > CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      > CR2: 0000000000000010 CR3: 00000000bb79d000 CR4: 00000000000006e0
      > Stack:
      >  ffff8800bb77ec00 0000000000000000 ffff8800bac3fd88 ffffffff811fbf85
      >  ffff8800bac3fd98 ffff8800bb77f080 ffff8800ba713800 ffff8800bb262b40
      >  0000000000000000 0000000000000000 ffff8800bac3fdd8 ffffffff811f1da0
      > Call Trace:
      >  [<ffffffff811fbf85>] propagate_mnt+0x105/0x140
      >  [<ffffffff811f1da0>] attach_recursive_mnt+0x120/0x1e0
      >  [<ffffffff811f1ec3>] graft_tree+0x63/0x70
      >  [<ffffffff811f1f6b>] do_add_mount+0x9b/0x100
      >  [<ffffffff811f2c1a>] do_mount+0x2aa/0xdf0
      >  [<ffffffff8117efbe>] ? strndup_user+0x4e/0x70
      >  [<ffffffff811f3a45>] SyS_mount+0x75/0xc0
      >  [<ffffffff8100242b>] do_syscall_64+0x4b/0xa0
      >  [<ffffffff81988f3c>] entry_SYSCALL64_slow_path+0x25/0x25
      > Code: 00 00 75 ec 48 89 0d 02 22 22 01 8b 89 10 01 00 00 48 89 05 fd 21 22 01 39 8e 10 01 00 00 0f 84 e0 00 00 00 48 8b 80 d8 00 00 00 <48> 8b 50 10 48 89 05 df 21 22 01 48 89 15 d0 21 22 01 8b 53 30
      > RIP  [<ffffffff811fba4e>] propagate_one+0xbe/0x1c0
      >  RSP <ffff8800bac3fd38>
      > CR2: 0000000000000010
      > ---[ end trace 2725ecd95164f217 ]---
      
      This oops happens with the namespace_sem held and can be triggered by
      non-root users.  An all around not pleasant experience.
      
      To avoid this scenario when finding the appropriate source mount to
      copy stop the walk up the mnt_master chain when the first source mount
      is encountered.
      
      Further rewrite the walk up the last_source mnt_master chain so that
      it is clear what is going on.
      
      The reason why the first source mount is special is that it it's
      mnt_parent is not a mount in the dest_mnt propagation tree, and as
      such termination conditions based up on the dest_mnt mount propgation
      tree do not make sense.
      
      To avoid other kinds of confusion last_dest is not changed when
      computing last_source.  last_dest is only used once in propagate_one
      and that is above the point of the code being modified, so changing
      the global variable is meaningless and confusing.
      
      Cc: stable@vger.kernel.org
      fixes: f2ebb3a9 ("smarter propagate_mnt()")
      Reported-by: NTycho Andersen <tycho.andersen@canonical.com>
      Reviewed-by: NSeth Forshee <seth.forshee@canonical.com>
      Tested-by: NSeth Forshee <seth.forshee@canonical.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      5ec0811d
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input · 21a9703d
      Linus Torvalds 提交于
      Pull input fixes from Dmitry Torokhov.
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
        Input: atmel_mxt_ts - use mxt_acquire_irq in mxt_soft_reset
        Input: zforce_ts - fix dual touch recognition
        Input: twl6040-vibra - fix atomic schedule panic
      21a9703d
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 4810d968
      Linus Torvalds 提交于
      Pull IMA fix from James Morris.
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        ima: fix the string representation of the LSM/IMA hook enumeration ordering
      4810d968
    • L
      Merge tag 'for-linus-4.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip · 41143b77
      Linus Torvalds 提交于
      Pull xen regression fixes from David Vrabel:
      
       - Fix two regressions causing crashes in 32-bit PV guests
      
       - Fix a regression in the evtchn driver
      
      * tag 'for-linus-4.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
        xen/evtchn: fix ring resize when binding new events
        xen/balloon: Fix crash when ballooning on x86 32 bit PAE
        xen: Fix page <-> pfn conversion on 32 bit systems
      41143b77
  3. 04 5月, 2016 20 次提交
    • J
      xen/evtchn: fix ring resize when binding new events · 27e0e638
      Jan Beulich 提交于
      The copying of ring data was wrong for two cases: For a full ring
      nothing got copied at all (as in that case the canonicalized producer
      and consumer indexes are identical). And in case one or both of the
      canonicalized (after the resize) indexes would point into the second
      half of the buffer, the copied data ended up in the wrong (free) part
      of the new buffer. In both cases uninitialized data would get passed
      back to the caller.
      
      Fix this by simply copying the old ring contents twice: Once to the
      low half of the new buffer, and a second time to the high half.
      
      This addresses the inability to boot a HVM guest with 64 or more
      vCPUs.  This regression was caused by 86200154 (xen/evtchn:
      dynamically grow pending event channel ring).
      Reported-by: NKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Signed-off-by: NJan Beulich <jbeulich@suse.com>
      Cc: <stable@vger.kernel.org> # 4.4+
      Signed-off-by: NDavid Vrabel <david.vrabel@citrix.com>
      27e0e638
    • M
      ima: fix the string representation of the LSM/IMA hook enumeration ordering · cf90ea93
      Mimi Zohar 提交于
      This patch fixes the string representation of the LSM/IMA hook enumeration
      ordering used for displaying the IMA policy.
      
      Fixes: d9ddf077 ("ima: support for kexec image and initramfs")
      Signed-off-by: NMimi Zohar <zohar@linux.vnet.ibm.com>
      Tested-by: NEric Richter <erichte@linux.vnet.ibm.com>
      Signed-off-by: NJames Morris <james.l.morris@oracle.com>
      cf90ea93
    • L
      Merge tag 'trace-fixes-v4.6-rc6' of... · 83858a70
      Linus Torvalds 提交于
      Merge tag 'trace-fixes-v4.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
      
      Pull tracing fix from Steven Rostedt:
       "Chunyu Hu noticed that if one writes into the trigger files within the
        ftrace subsystem of events that it can cause an oops.  This file is
        only writable by root, but still is a bug that needs to be fixed"
      
      * tag 'trace-fixes-v4.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        tracing: Don't display trigger file for events that can't be enabled
      83858a70
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 7391daf2
      Linus Torvalds 提交于
      Pull networking fixes from David Miller:
       "Some straggler bug fixes:
      
         1) Batman-adv DAT must consider VLAN IDs when choosing candidate
            nodes, from Antonio Quartulli.
      
         2) Fix botched reference counting of vlan objects and neigh nodes in
            batman-adv, from Sven Eckelmann.
      
         3) netem can crash when it sees GSO packets, the fix is to segment
            then upon ->enqueue.  Fix from Neil Horman with help from Eric
            Dumazet.
      
         4) Fix VXLAN dependencies in mlx5 driver Kconfig, from Matthew
            Finlay.
      
         5) Handle VXLAN ops outside of rcu lock, via a workqueue, in mlx5,
            since it can sleep.  Fix also from Matthew Finlay.
      
         6) Check mdiobus_scan() return values properly in pxa168_eth and macb
            drivers.  From Sergei Shtylyov.
      
         7) If the netdevice doesn't support checksumming, disable
            segmentation.  From Alexandery Duyck.
      
         8) Fix races between RDS tcp accept and sending, from Sowmini
            Varadhan.
      
         9) In macb driver, probe MDIO bus before we register the netdev,
            otherwise we can try to open the device before it is really ready
            for that.  Fix from Florian Fainelli.
      
        10) Netlink attribute size for ILA "tunnels" not calculated properly,
            fix from Nicolas Dichtel"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
        ipv6/ila: fix nlsize calculation for lwtunnel
        net: macb: Probe MDIO bus before registering netdev
        RDS: TCP: Synchronize accept() and connect() paths on t_conn_lock.
        RDS:TCP: Synchronize rds_tcp_accept_one with rds_send_xmit when resetting t_sock
        vxlan: Add checksum check to the features check function
        net: Disable segmentation if checksumming is not supported
        net: mvneta: Remove superfluous SMP function call
        macb: fix mdiobus_scan() error check
        pxa168_eth: fix mdiobus_scan() error check
        net/mlx5e: Use workqueue for vxlan ops
        net/mlx5e: Implement a mlx5e workqueue
        net/mlx5: Kconfig: Fix MLX5_EN/VXLAN build issue
        net/mlx5: Unmap only the relevant IO memory mapping
        netem: Segment GSO packets on enqueue
        batman-adv: Fix reference counting of hardif_neigh_node object for neigh_node
        batman-adv: Fix reference counting of vlan object for tt_local_entry
        batman-adv: B.A.T.M.A.N V - make sure iface is reactivated upon NETDEV_UP event
        batman-adv: fix DAT candidate selection (must use vid)
      7391daf2
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse · 610603a5
      Linus Torvalds 提交于
      Pull fuse fixes from Miklos Szeredi:
       "Fix a regression and update the MAINTAINERS entry for fuse"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
        fuse: update mailing list in MAINTAINERS
        fuse: Fix return value from fuse_get_user_pages()
      610603a5
    • N
      ipv6/ila: fix nlsize calculation for lwtunnel · 79e8dc8b
      Nicolas Dichtel 提交于
      The handler 'ila_fill_encap_info' adds one attribute: ILA_ATTR_LOCATOR.
      
      Fixes: 65d7ab8d ("net: Identifier Locator Addressing module")
      CC: Tom Herbert <tom@herbertland.com>
      Signed-off-by: NNicolas Dichtel <nicolas.dichtel@6wind.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      79e8dc8b
    • F
      net: macb: Probe MDIO bus before registering netdev · cf669660
      Florian Fainelli 提交于
      The current sequence makes us register for a network device prior to
      registering and probing the MDIO bus which could lead to some unwanted
      consequences, like a thread of execution calling into ndo_open before
      register_netdev() returns, while the MDIO bus is not ready yet.
      
      Rework the sequence to register for the MDIO bus, and therefore attach
      to a PHY prior to calling register_netdev(), which implies reworking the
      error path a bit.
      Signed-off-by: NFlorian Fainelli <f.fainelli@gmail.com>
      Acked-by: NNicolas Ferre <nicolas.ferre@atmel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      cf669660
    • D
      Merge branch 'rds-fixes' · b365d955
      David S. Miller 提交于
      Sowmini Varadhan says:
      
      ====================
      RDS: TCP: sychronization during connection startup
      
      This patch series ensures that the passive (accept) side of the
      TCP connection used for RDS-TCP is correctly synchronized with
      any concurrent active (connect) attempts for a given pair of peers.
      
      Patch 1 in the series makes sure that the t_sock in struct
      rds_tcp_connection is only reset after any threads in rds_tcp_xmit
      have completed (otherwise a null-ptr deref may be encountered).
      Patch 2 synchronizes rds_tcp_accept_one() with the rds_tcp*connect()
      path.
      
      v2: review comments from Santosh Shilimkar, other spelling corrections
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b365d955
    • S
      RDS: TCP: Synchronize accept() and connect() paths on t_conn_lock. · bd7c5f98
      Sowmini Varadhan 提交于
      An arbitration scheme for duelling SYNs is implemented as part of
      commit 241b2719 ("RDS-TCP: Reset tcp callbacks if re-using an
      outgoing socket in rds_tcp_accept_one()") which ensures that both nodes
      involved will arrive at the same arbitration decision. However, this
      needs to be synchronized with an outgoing SYN to be generated by
      rds_tcp_conn_connect(). This commit achieves the synchronization
      through the t_conn_lock mutex in struct rds_tcp_connection.
      
      The rds_conn_state is checked in rds_tcp_conn_connect() after acquiring
      the t_conn_lock mutex.  A SYN is sent out only if the RDS connection is
      not already UP (an UP would indicate that rds_tcp_accept_one() has
      completed 3WH, so no SYN needs to be generated).
      
      Similarly, the rds_conn_state is checked in rds_tcp_accept_one() after
      acquiring the t_conn_lock mutex. The only acceptable states (to
      allow continuation of the arbitration logic) are UP (i.e., outgoing SYN
      was SYN-ACKed by peer after it sent us the SYN) or CONNECTING (we sent
      outgoing SYN before we saw incoming SYN).
      Signed-off-by: NSowmini Varadhan <sowmini.varadhan@oracle.com>
      Acked-by: NSantosh Shilimkar <santosh.shilimkar@oracle.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      bd7c5f98
    • S
      RDS:TCP: Synchronize rds_tcp_accept_one with rds_send_xmit when resetting t_sock · eb192840
      Sowmini Varadhan 提交于
      There is a race condition between rds_send_xmit -> rds_tcp_xmit
      and the code that deals with resolution of duelling syns added
      by commit 241b2719 ("RDS-TCP: Reset tcp callbacks if re-using an
      outgoing socket in rds_tcp_accept_one()").
      
      Specifically, we may end up derefencing a null pointer in rds_send_xmit
      if we have the interleaving sequence:
                 rds_tcp_accept_one                  rds_send_xmit
      
                                                   conn is RDS_CONN_UP, so
          					 invoke rds_tcp_xmit
      
                                                   tc = conn->c_transport_data
              rds_tcp_restore_callbacks
                  /* reset t_sock */
          					 null ptr deref from tc->t_sock
      
      The race condition can be avoided without adding the overhead of
      additional locking in the xmit path: have rds_tcp_accept_one wait
      for rds_tcp_xmit threads to complete before resetting callbacks.
      The synchronization can be done in the same manner as rds_conn_shutdown().
      First set the rds_conn_state to something other than RDS_CONN_UP
      (so that new threads cannot get into rds_tcp_xmit()), then wait for
      RDS_IN_XMIT to be cleared in the conn->c_flags indicating that any
      threads in rds_tcp_xmit are done.
      
      Fixes: 241b2719 ("RDS-TCP: Reset tcp callbacks if re-using an
      outgoing socket in rds_tcp_accept_one()")
      Signed-off-by: NSowmini Varadhan <sowmini.varadhan@oracle.com>
      Acked-by: NSantosh Shilimkar <santosh.shilimkar@oracle.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      eb192840
    • D
      Merge branch 'tunnel-csum-and-sg-offloads' · 42c8819b
      David S. Miller 提交于
      Alexander Duyck says:
      
      ====================
      Fixes for tunnel checksum and segmentation offloads
      
      This patch series is a subset of patches I had submitted for net-next.  I
      plan to drop these two patches from the v3 of "Fix Tunnel features and
      enable GSO partial for several drivers" and I am instead submitting them
      for net since these are truly fixes and likely will need to be backported
      to stable branches.
      
      This series addresses 2 specific issues.  The first is that we could
      request TSO on a v4 inner header while not supporting checksum offload of
      the outer IPv6 header.  The second is that we could request an IPv6 inner
      checksum offload without validating that we could actually support an inner
      IPv6 checksum offload.
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      42c8819b
    • A
      vxlan: Add checksum check to the features check function · af67eb9e
      Alexander Duyck 提交于
      We need to perform an additional check on the inner headers to determine if
      we can offload the checksum for them.  Previously this check didn't occur
      so we would generate an invalid frame in the case of an IPv6 header
      encapsulated inside of an IPv4 tunnel.  To fix this I added a secondary
      check to vxlan_features_check so that we can verify that we can offload the
      inner checksum.
      Signed-off-by: NAlexander Duyck <aduyck@mirantis.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      af67eb9e
    • A
      net: Disable segmentation if checksumming is not supported · 996e8021
      Alexander Duyck 提交于
      In the case of the mlx4 and mlx5 driver they do not support IPv6 checksum
      offload for tunnels.  With this being the case we should disable GSO in
      addition to the checksum offload features when we find that a device cannot
      perform a checksum on a given packet type.
      Signed-off-by: NAlexander Duyck <aduyck@mirantis.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      996e8021
    • A
      net: mvneta: Remove superfluous SMP function call · 0e28bf93
      Anna-Maria Gleixner 提交于
      Since commit 3b9d6da6 ("cpu/hotplug: Fix rollback during error-out
      in __cpu_disable()") it is ensured that callbacks of CPU_ONLINE and
      CPU_DOWN_PREPARE are processed on the hotplugged CPU. Due to this SMP
      function calls are no longer required.
      
      Replace smp_call_function_single() with a direct call to
      mvneta_percpu_enable() or mvneta_percpu_disable(). The functions do
      not require to be called with interrupts disabled, therefore the
      smp_call_function_single() calling convention is not preserved.
      
      Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
      Cc: netdev@vger.kernel.org
      Signed-off-by: NAnna-Maria Gleixner <anna-maria@linutronix.de>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0e28bf93
    • S
      macb: fix mdiobus_scan() error check · ce24c2b8
      Sergei Shtylyov 提交于
      Now mdiobus_scan() returns ERR_PTR(-ENODEV) instead of NULL if the PHY
      device ID was read as all ones. As this was not  an error before, this
      value  should be filtered out now in this driver.
      
      Fixes: b74766a0 ("phylib: don't return NULL from get_phy_device()")
      Signed-off-by: NSergei Shtylyov <sergei.shtylyov@cogentembedded.com>
      Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com>
      Acked-by: NNicolas Ferre <nicolas.ferre@atmel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ce24c2b8
    • S
      pxa168_eth: fix mdiobus_scan() error check · 6dd74542
      Sergei Shtylyov 提交于
      Since mdiobus_scan() returns either an error code or NULL on error, the
      driver should check  for both,  not only for NULL, otherwise a crash is
      imminent...
      Reported-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NSergei Shtylyov <sergei.shtylyov@cogentembedded.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6dd74542
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid · 1248ded6
      Linus Torvalds 提交于
      Pull HID fixes from Jiri Kosina:
       "Fixes for the HID subsystem:
      
         - regression fix for Wacom driver; commit introduced in 4.6-rc1
           mistakenly removed line that should be kept.  Fix by Ping Cheng
      
         - two device-specific quirks, by Ping Cheng and Nazar Mokrynskyi"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
        HID: wacom: add missed stylus_in_proximity line back
        HID: Fix boot delay for Creative SB Omni Surround 5.1 with quirk
        HID: wacom: Add support for DTK-1651
      1248ded6
    • L
      Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux · 1f6211a4
      Linus Torvalds 提交于
      Pull clk fix from Stephen Boyd:
       "One small bug fix for the imx6qp CAN clk definition that was causing
        failures and division by zeros in the kernel on those devices"
      
      * tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
        clk: imx6q: fix typo in CAN clock definition
      1f6211a4
    • D
      Merge branch 'mlx5-fixes' · 3df8f4c6
      David S. Miller 提交于
      Saeed Mahameed says:
      
      ====================
      Mellanox 100G mlx5 fixes for 4.6-rc
      
      This small series provides some bug fixes for mlx5 driver.
      
      A small bug fix for iounmap of a null pointer, which dumps a warning on some archs.
      
      One patch to fix the VXLAN/MLX5_EN dependency issue reported by Arnd.
      
      Two patches to fix the scheduling while atomic issue for ndo_add/del_vxlan_port
      NDOs.  The first will add an internal mlx5e workqueue and the second will
      delegate vxlan ports add/del requests to that workqueue.
      
      Note: ('net/mlx5: Kconfig: Fix MLX5_EN/VXLAN build issue') is only needed for net
      and not net-next as the issue was globally fixed for all device drivers by:
      b7aade15 ('vxlan: break dependency with netdev drivers') in net-next.
      
      Applied on top: f27337e1 ('ip_tunnel: fix preempt warning in ip tunnel creation/updating')
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      3df8f4c6
    • M
      net/mlx5e: Use workqueue for vxlan ops · d8cf2dda
      Matthew Finlay 提交于
      The vxlan add/delete port NDOs are called under rcu lock.
      The current mlx5e implementation can potentially block in these
      calls, which is not allowed.  Move to using the mlx5e workqueue
      to handle these NDOs.
      
      Fixes: b3f63c3d ('net/mlx5e: Add netdev support for VXLAN tunneling')
      Signed-off-by: NMatthew Finlay <matt@mellanox.com>
      Signed-off-by: NSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d8cf2dda