1. 09 8月, 2019 1 次提交
  2. 07 8月, 2019 26 次提交
    • V
      net: dsa: sja1105: Really fix panic on unregistering PTP clock · 6cb0abbd
      Vladimir Oltean 提交于
      The IS_ERR_OR_NULL(priv->clock) check inside
      sja1105_ptp_clock_unregister() is preventing cancel_delayed_work_sync
      from actually being run.
      
      Additionally, sja1105_ptp_clock_unregister() does not actually get run,
      when placed in sja1105_remove(). The DSA switch gets torn down, but the
      sja1105 module does not get unregistered. So sja1105_ptp_clock_unregister
      needs to be moved to sja1105_teardown, to be symmetrical with
      sja1105_ptp_clock_register which is called from the DSA sja1105_setup.
      
      It is strange to fix a "fixes" patch, but the probe failure can only be
      seen when the attached PHY does not respond to MDIO (issue which I can't
      pinpoint the reason to) and it goes away after I power-cycle the board.
      This time the patch was validated on a failing board, and the kernel
      panic from the fixed commit's message can no longer be seen.
      
      Fixes: 29dd908d ("net: dsa: sja1105: Cancel PTP delayed work on unregister")
      Signed-off-by: NVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6cb0abbd
    • V
      net: dsa: sja1105: Use the LOCKEDS bit for SJA1105 E/T as well · 4b7da3d8
      Vladimir Oltean 提交于
      It looks like the FDB dump taken from first-generation switches also
      contains information on whether entries are static or not. So use that
      instead of searching through the driver's tables.
      
      Fixes: d7637782 ("net: dsa: sja1105: Implement is_static for FDB entries on E/T")
      Signed-off-by: NVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4b7da3d8
    • V
      net: dsa: sja1105: Fix broken learning with vlan_filtering disabled · 6d7c7d94
      Vladimir Oltean 提交于
      When put under a bridge with vlan_filtering 0, the SJA1105 ports will
      flood all traffic as if learning was broken. This is because learning
      interferes with the rx_vid's configured by dsa_8021q as unique pvid's.
      
      So learning technically still *does* work, it's just that the learnt
      entries never get matched due to their unique VLAN ID.
      
      The setting that saves the day is Shared VLAN Learning, which on this
      switch family works exactly as desired: VLAN tagging still works
      (untagged traffic gets the correct pvid) and FDB entries are still
      populated with the correct contents including VID. Also, a frame cannot
      violate the forwarding domain restrictions enforced by its classified
      VLAN. It is just that the VID is ignored when looking up the FDB for
      taking a forwarding decision (selecting the egress port).
      
      This patch activates SVL, and the result is that frames with a learnt
      DMAC are no longer flooded in the scenario described above.
      
      Now exactly *because* SVL works as desired, we have to revisit some
      earlier patches:
      
      - It is no longer necessary to manipulate the VID of the 'bridge fdb
        {add,del}' command when vlan_filtering is off. This is because now,
        SVL is enabled for that case, so the actual VID does not matter*.
      
      - It is still desirable to hide dsa_8021q VID's in the FDB dump
        callback. But right now the dump callback should no longer hide
        duplicates (one per each front panel port's pvid, plus one for the
        VLAN that the CPU port is going to tag a TX frame with), because there
        shouldn't be any (the switch will match a single FDB entry no matter
        its VID anyway).
      
      * Not really... It's no longer necessary to transform a 'bridge fdb add'
        into 5 fdb add operations, but the user might still add a fdb entry with
        any vid, and all of them would appear as duplicates in 'bridge fdb
        show'. So force a 'bridge fdb add' to insert the VID of 0**, so that we
        can prune the duplicates at insertion time.
      
      ** The VID of 0 is better than 1 because it is always guaranteed to be
         in the ports' hardware filter. DSA also avoids putting the VID inside
         the netlink response message towards the bridge driver when we return
         this particular VID, which makes it suitable for FDB entries learnt
         with vlan_filtering off.
      
      Fixes: 227d07a0 ("net: dsa: sja1105: Add support for traffic through standalone ports")
      Signed-off-by: NVladimir Oltean <olteanv@gmail.com>
      Signed-off-by: NGeorg Waibel <georg.waibel@sensor-technik.de>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6d7c7d94
    • N
      net: dsa: qca8k: Add of_node_put() in qca8k_setup_mdio_bus() · f26e0cca
      Nishka Dasgupta 提交于
      Each iteration of for_each_available_child_of_node() puts the previous
      node, but in the case of a return from the middle of the loop, there
      is no put, thus causing a memory leak. Hence add an of_node_put() before
      the return.
      Additionally, the local variable ports in the function
      qca8k_setup_mdio_bus() takes the return value of of_get_child_by_name(),
      which gets a node but does not put it. If the function returns without
      putting ports, it may cause a memory leak. Hence put ports before the
      mid-loop return statement, and also outside the loop after its last usage
      in this function.
      Issues found with Coccinelle.
      Signed-off-by: NNishka Dasgupta <nishkadg.linux@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f26e0cca
    • J
      nfp: flower: encode mac indexes with pre-tunnel rule check · 2e0bc7f3
      John Hurley 提交于
      When a tunnel packet arrives on the NFP card, its destination MAC is
      looked up and MAC index returned for it. This index can help verify the
      tunnel by, for example, ensuring that the packet arrived on the expected
      port. If the packet is destined for a known MAC that is not connected to a
      given physical port then the mac index can have a global value (e.g. when
      a series of bonded ports shared the same MAC).
      
      If the packet is to be detunneled at a bridge device or internal port like
      an Open vSwitch VLAN port, then it should first match a 'pre-tunnel' rule
      to direct it to that internal port.
      
      Use the MAC index to indicate if a packet should match a pre-tunnel rule
      before decap is allowed. Do this by tracking the number of internal ports
      associated with a MAC address and, if the number if >0, set a bit in the
      mac_index to forward the packet to the pre-tunnel table before continuing
      with decap.
      Signed-off-by: NJohn Hurley <john.hurley@netronome.com>
      Reviewed-by: NSimon Horman <simon.horman@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2e0bc7f3
    • J
      nfp: flower: remove offloaded MACs when reprs are applied to OvS bridges · 09aa811b
      John Hurley 提交于
      MAC addresses along with an identifying index are offloaded to firmware to
      allow tunnel decapsulation. If a tunnel packet arrives with a matching
      destination MAC address and a verified index, it can continue on the
      decapsulation process. This replicates the MAC verifications carried out
      in the kernel network stack.
      
      When a netdev is added to a bridge (e.g. OvS) then packets arriving on
      that dev are directed through the bridge datapath instead of passing
      through the network stack. Therefore, tunnelled packets matching the MAC
      of that dev will not be decapped here.
      
      Replicate this behaviour on firmware by removing offloaded MAC addresses
      when a MAC representer is added to an OvS bridge. This can prevent any
      false positive tunnel decaps.
      Signed-off-by: NJohn Hurley <john.hurley@netronome.com>
      Reviewed-by: NSimon Horman <simon.horman@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      09aa811b
    • J
      nfp: flower: offload pre-tunnel rules · f12725d9
      John Hurley 提交于
      Pre-tunnel rules are TC flower and OvS rules that forward a packet to the
      tunnel end point where it can then pass through the network stack and be
      decapsulated. These are required if the tunnel end point is, say, an OvS
      internal port.
      
      Currently, firmware determines that a packet is in a tunnel and decaps it
      if it has a known destination IP and MAC address. However, this bypasses
      the flower pre-tunnel rule and so does not update the stats. Further to
      this it ignores VLANs that may exist outside of the tunnel header.
      
      Offload pre-tunnel rules to the NFP. This embeds the pre-tunnel rule into
      the tunnel decap process based on (firmware) mac index and VLAN. This
      means that decap can be carried out correctly with VLANs and that stats
      can be updated for all kernel rules correctly.
      Signed-off-by: NJohn Hurley <john.hurley@netronome.com>
      Reviewed-by: NSimon Horman <simon.horman@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f12725d9
    • J
      nfp: flower: verify pre-tunnel rules · 120ffd84
      John Hurley 提交于
      Pre-tunnel rules must direct packets to an internal port based on L2
      information. Rules that egress to an internal port are already indicated
      by a non-NULL device in its nfp_fl_payload struct. Verfiy the rest of the
      match fields indicate that the rule is a pre-tunnel rule. This requires a
      full match on the destination MAC address, an option VLAN field, and no
      specific matches on other lower layer fields (with the exception of L4
      proto and flags).
      
      If a rule is identified as a pre-tunnel rule then mark it for offload to
      the pre-tunnel table. Similarly, remove it from the pre-tunnel table on
      rule deletion. The actual offloading of these commands is left to a
      following patch.
      Signed-off-by: NJohn Hurley <john.hurley@netronome.com>
      Reviewed-by: NSimon Horman <simon.horman@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      120ffd84
    • J
      nfp: flower: detect potential pre-tunnel rules · f5c977ee
      John Hurley 提交于
      Pre-tunnel rules are used when the tunnel end-point is on an 'internal
      port'. These rules are used to direct the tunnelled packets (based on outer
      header fields) to the internal port where they can be detunnelled. The
      rule must send the packet to ingress the internal port at the TC layer.
      
      Currently FW does not support an action to send to ingress so cannot
      offload such rules. However, in preparation for populating the pre-tunnel
      table to represent such rules, check for rules that send to the ingress of
      an internal port and mark them as such. Further validation of such rules
      is left to subsequent patches.
      Signed-off-by: NJohn Hurley <john.hurley@netronome.com>
      Reviewed-by: NSimon Horman <simon.horman@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f5c977ee
    • J
      nfp: flower: push vlan after tunnel in merge · 4b10c53d
      John Hurley 提交于
      NFP allows the merging of 2 flows together into a single offloaded flow.
      In the kernel datapath the packet must match 1 flow, impliment its
      actions, recirculate, match the 2nd flow and also impliment its actions.
      Merging creates a single flow with all actions from the 2 original flows.
      
      Firmware impliments a tunnel header push as the packet is about to egress
      the card. Therefore, if the first merge rule candiate pushes a tunnel,
      then the second rule can only have an egress action for a valid merge to
      occur (or else the action ordering will be incorrect). This prevents the
      pushing of a tunnel header followed by the pushing of a vlan header.
      
      In order to support this behaviour, firmware allows VLAN information to
      be encoded in the tunnel push action. If this is non zero then the fw will
      push a VLAN after the tunnel header push meaning that 2 such flows with
      these actions can be merged (with action order being maintained).
      
      Support tunnel in VLAN pushes by encoding VLAN information in the tunnel
      push action of any merge flow requiring this.
      Signed-off-by: NJohn Hurley <john.hurley@netronome.com>
      Reviewed-by: NSimon Horman <simon.horman@netronome.com>
      Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4b10c53d
    • H
      r8169: sync PCIe PHY init with vendor driver 8.047.01 · a7a92cf8
      Heiner Kallweit 提交于
      Synchronize PCIe PHY initialization with vendor driver version 8.047.01.
      Signed-off-by: NHeiner Kallweit <hkallweit1@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a7a92cf8
    • H
      r8169: add helper r8168_mac_ocp_modify · ef712ede
      Heiner Kallweit 提交于
      Add a helper for MAC OCP read-modify-write operations.
      Signed-off-by: NHeiner Kallweit <hkallweit1@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ef712ede
    • H
      r8169: remove access to legacy register MultiIntr · a14cc4d2
      Heiner Kallweit 提交于
      This code piece was inherited from RTL8139 code, the register at
      address 0x5c however has a different meaning on RTL8169 and is unused.
      So we can remove this.
      Signed-off-by: NHeiner Kallweit <hkallweit1@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a14cc4d2
    • J
      net: hisilicon: Fix dma_map_single failed on arm64 · 96a50c0d
      Jiangfeng Xiao 提交于
      On the arm64 platform, executing "ifconfig eth0 up" will fail,
      returning "ifconfig: SIOCSIFFLAGS: Input/output error."
      
      ndev->dev is not initialized, dma_map_single->get_dma_ops->
      dummy_dma_ops->__dummy_map_page will return DMA_ERROR_CODE
      directly, so when we use dma_map_single, the first parameter
      is to use the device of platform_device.
      Signed-off-by: NJiangfeng Xiao <xiaojiangfeng@huawei.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      96a50c0d
    • J
      net: hisilicon: fix hip04-xmit never return TX_BUSY · f2243b82
      Jiangfeng Xiao 提交于
      TX_DESC_NUM is 256, in tx_count, the maximum value of
      mod(TX_DESC_NUM - 1) is 254, the variable "count" in
      the hip04_mac_start_xmit function is never equal to
      (TX_DESC_NUM - 1), so hip04_mac_start_xmit never
      return NETDEV_TX_BUSY.
      
      tx_count is modified to mod(TX_DESC_NUM) so that
      the maximum value of tx_count can reach
      (TX_DESC_NUM - 1), then hip04_mac_start_xmit can reurn
      NETDEV_TX_BUSY.
      Signed-off-by: NJiangfeng Xiao <xiaojiangfeng@huawei.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f2243b82
    • J
      net: hisilicon: make hip04_tx_reclaim non-reentrant · 1a2c070a
      Jiangfeng Xiao 提交于
      If hip04_tx_reclaim is interrupted while it is running
      and then __napi_schedule continues to execute
      hip04_rx_poll->hip04_tx_reclaim, reentrancy occurs
      and oops is generated. So you need to mask the interrupt
      during the hip04_tx_reclaim run.
      
      The kernel oops exception stack is as follows:
      
      Unable to handle kernel NULL pointer dereference
      at virtual address 00000050
      pgd = c0003000
      [00000050] *pgd=80000000a04003, *pmd=00000000
      Internal error: Oops: 206 [#1] SMP ARM
      Modules linked in: hip04_eth mtdblock mtd_blkdevs mtd
      ohci_platform ehci_platform ohci_hcd ehci_hcd
      vfat fat sd_mod usb_storage scsi_mod usbcore usb_common
      CPU: 0 PID: 0 Comm: swapper/0 Tainted: G           O    4.4.185 #1
      Hardware name: Hisilicon A15
      task: c0a250e0 task.stack: c0a00000
      PC is at hip04_tx_reclaim+0xe0/0x17c [hip04_eth]
      LR is at hip04_tx_reclaim+0x30/0x17c [hip04_eth]
      pc : [<bf30c3a4>]    lr : [<bf30c2f4>]    psr: 600e0313
      sp : c0a01d88  ip : 00000000  fp : c0601f9c
      r10: 00000000  r9 : c3482380  r8 : 00000001
      r7 : 00000000  r6 : 000000e1  r5 : c3482000  r4 : 0000000c
      r3 : f2209800  r2 : 00000000  r1 : 00000000  r0 : 00000000
      Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment kernel
      Control: 32c5387d  Table: 03d28c80  DAC: 55555555
      Process swapper/0 (pid: 0, stack limit = 0xc0a00190)
      Stack: (0xc0a01d88 to 0xc0a02000)
      [<bf30c3a4>] (hip04_tx_reclaim [hip04_eth]) from [<bf30d2e0>]
                                                      (hip04_rx_poll+0x88/0x368 [hip04_eth])
      [<bf30d2e0>] (hip04_rx_poll [hip04_eth]) from [<c04c2d9c>] (net_rx_action+0x114/0x34c)
      [<c04c2d9c>] (net_rx_action) from [<c021eed8>] (__do_softirq+0x218/0x318)
      [<c021eed8>] (__do_softirq) from [<c021f284>] (irq_exit+0x88/0xac)
      [<c021f284>] (irq_exit) from [<c0240090>] (msa_irq_exit+0x11c/0x1d4)
      [<c0240090>] (msa_irq_exit) from [<c02677e0>] (__handle_domain_irq+0x110/0x148)
      [<c02677e0>] (__handle_domain_irq) from [<c0201588>] (gic_handle_irq+0xd4/0x118)
      [<c0201588>] (gic_handle_irq) from [<c0551700>] (__irq_svc+0x40/0x58)
      Exception stack(0xc0a01f30 to 0xc0a01f78)
      1f20:                                     c0ae8b40 00000000 00000000 00000000
      1f40: 00000002 ffffe000 c0601f9c 00000000 ffffffff c0a2257c c0a22440 c0831a38
      1f60: c0a01ec4 c0a01f80 c0203714 c0203718 600e0213 ffffffff
      [<c0551700>] (__irq_svc) from [<c0203718>] (arch_cpu_idle+0x20/0x3c)
      [<c0203718>] (arch_cpu_idle) from [<c025bfd8>] (cpu_startup_entry+0x244/0x29c)
      [<c025bfd8>] (cpu_startup_entry) from [<c054b0d8>] (rest_init+0xc8/0x10c)
      [<c054b0d8>] (rest_init) from [<c0800c58>] (start_kernel+0x468/0x514)
      Code: a40599e5 016086e2 018088e2 7660efe6 (503090e5)
      ---[ end trace 1db21d6d09c49d74 ]---
      Kernel panic - not syncing: Fatal exception in interrupt
      CPU3: stopping
      CPU: 3 PID: 0 Comm: swapper/3 Tainted: G      D    O    4.4.185 #1
      Signed-off-by: NJiangfeng Xiao <xiaojiangfeng@huawei.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1a2c070a
    • N
      net: mdio-octeon: Fix Kconfig warnings and build errors · b8fb6406
      Nathan Chancellor 提交于
      After commit 171a9bae ("staging/octeon: Allow test build on
      !MIPS"), the following combination of configs cause a few Kconfig
      warnings and build errors (distilled from arm allyesconfig and Randy's
      randconfig builds):
      
          CONFIG_NETDEVICES=y
          CONFIG_STAGING=y
          CONFIG_COMPILE_TEST=y
      
      and CONFIG_OCTEON_ETHERNET as either a module or built-in.
      
      WARNING: unmet direct dependencies detected for MDIO_OCTEON
        Depends on [n]: NETDEVICES [=y] && MDIO_DEVICE [=y] && MDIO_BUS [=y]
      && 64BIT [=n] && HAS_IOMEM [=y] && OF_MDIO [=n]
        Selected by [y]:
        - OCTEON_ETHERNET [=y] && STAGING [=y] && (CAVIUM_OCTEON_SOC ||
      COMPILE_TEST [=y]) && NETDEVICES [=y]
      
      In file included from ../drivers/net/phy/mdio-octeon.c:14:
      ../drivers/net/phy/mdio-cavium.h:111:36: error: implicit declaration of
      function ‘writeq’; did you mean ‘writel’?
      [-Werror=implicit-function-declaration]
        111 | #define oct_mdio_writeq(val, addr) writeq(val, (void *)addr)
            |                                    ^~~~~~
      
      CONFIG_64BIT is not strictly necessary if the proper readq/writeq
      definitions are included from io-64-nonatomic-lo-hi.h.
      
      CONFIG_OF_MDIO is not needed when CONFIG_COMPILE_TEST is enabled because
      of commit f9dc9ac5 ("of/mdio: Add dummy functions in of_mdio.h.").
      
      Fixes: 171a9bae ("staging/octeon: Allow test build on !MIPS")
      Reported-by: Nkbuild test robot <lkp@intel.com>
      Reported-by: NMark Brown <broonie@kernel.org>
      Reported-by: NRandy Dunlap <rdunlap@infradead.org>
      Signed-off-by: NNathan Chancellor <natechancellor@gmail.com>
      Acked-by: Randy Dunlap <rdunlap@infradead.org> # build-tested
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b8fb6406
    • J
      net: stmmac: tc: Do not return a fragment entry · 4a6a1385
      Jose Abreu 提交于
      Do not try to return a fragment entry from TC list. Otherwise we may not
      clean properly allocated entries.
      Signed-off-by: NJose Abreu <joabreu@synopsys.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4a6a1385
    • J
      net: stmmac: Fix issues when number of Queues >= 4 · e8df7e8c
      Jose Abreu 提交于
      When queues >= 4 we use different registers but we were not subtracting
      the offset of 4. Fix this.
      
      Found out by Coverity.
      Signed-off-by: NJose Abreu <joabreu@synopsys.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e8df7e8c
    • J
      net: stmmac: xgmac: Fix XGMAC selftests · 0efedbf1
      Jose Abreu 提交于
      Fixup the XGMAC selftests by correctly finishing the implementation of
      set_filter callback.
      
      Result:
      $ ethtool -t enp4s0
      The test result is PASS
      The test extra info:
       1. MAC Loopback         	 0
       2. PHY Loopback         	 -95
       3. MMC Counters         	 -95
       4. EEE                  	 -95
       5. Hash Filter MC       	 0
       6. Perfect Filter UC    	 0
       7. MC Filter            	 0
       8. UC Filter            	 0
       9. Flow Control         	 0
      Signed-off-by: NJose Abreu <joabreu@synopsys.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0efedbf1
    • M
      net: dsa: ksz: Drop NET_DSA_TAG_KSZ9477 · 267df70f
      Marek Vasut 提交于
      This Kconfig option is unused, drop it.
      Signed-off-by: NMarek Vasut <marex@denx.de>
      Cc: Andrew Lunn <andrew@lunn.ch>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Florian Fainelli <f.fainelli@gmail.com>
      Cc: Tristram Ha <Tristram.Ha@microchip.com>
      Cc: Vivien Didelot <vivien.didelot@gmail.com>
      Cc: Woojung Huh <woojung.huh@microchip.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      267df70f
    • M
      net: dsa: ksz: Merge ksz_priv.h into ksz_common.h · 6a7abc61
      Marek Vasut 提交于
      Merge the two headers into one, no functional change.
      Signed-off-by: NMarek Vasut <marex@denx.de>
      Cc: Andrew Lunn <andrew@lunn.ch>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Florian Fainelli <f.fainelli@gmail.com>
      Cc: Tristram Ha <Tristram.Ha@microchip.com>
      Cc: Vivien Didelot <vivien.didelot@gmail.com>
      Cc: Woojung Huh <woojung.huh@microchip.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6a7abc61
    • M
      net: dsa: ksz: Remove dead code and fix warnings · ffc60b55
      Marek Vasut 提交于
      Remove ksz_port_cleanup(), which is unused. Add missing include
      "ksz_common.h", which fixes the following warning when built with
      make ... W=1
      
      drivers/net/dsa/microchip/ksz_common.c:23:6: warning: no previous prototype for ‘...’ [-Wmissing-prototypes]
      
      Note that the order of the headers cannot be swapped, as that would
      trigger missing forward declaration errors, which would indicate the
      way forward is to merge the two headers into one.
      Signed-off-by: NMarek Vasut <marex@denx.de>
      Cc: Andrew Lunn <andrew@lunn.ch>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Florian Fainelli <f.fainelli@gmail.com>
      Cc: Tristram Ha <Tristram.Ha@microchip.com>
      Cc: Vivien Didelot <vivien.didelot@gmail.com>
      Cc: Woojung Huh <woojung.huh@microchip.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ffc60b55
    • D
      be2net: disable bh with spin_lock in be_process_mcc · d0d006a4
      Denis Kirjanov 提交于
      be_process_mcc() is invoked in 3 different places and
      always with BHs disabled except the be_poll function
      but since it's invoked from softirq with BHs
      disabled it won't hurt.
      
      v1->v2: added explanation to the patch
      v2->v3: add a missing call from be_cmds.c
      Signed-off-by: NDenis Kirjanov <kda@linux-powerpc.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d0d006a4
    • C
      net: cxgb3_main: Fix a resource leak in a error path in 'init_one()' · debea2cd
      Christophe JAILLET 提交于
      A call to 'kfree_skb()' is missing in the error handling path of
      'init_one()'.
      This is already present in 'remove_one()' but is missing here.
      Signed-off-by: NChristophe JAILLET <christophe.jaillet@wanadoo.fr>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      debea2cd
    • C
      net: ethernet: sun4i-emac: Support phy-handle property for finding PHYs · 5c4e2e1a
      Chen-Yu Tsai 提交于
      The sun4i-emac uses the "phy" property to find the PHY it's supposed to
      use. This property was deprecated in favor of "phy-handle" in commit
      8c5b0944 ("dt-bindings: net: sun4i-emac: Convert the binding to a
      schemas").
      
      Add support for this new property name, and fall back to the old one in
      case the device tree hasn't been updated.
      Signed-off-by: NChen-Yu Tsai <wens@csie.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5c4e2e1a
  3. 06 8月, 2019 13 次提交
    • R
      HID: sony: Fix race condition between rumble and device remove. · e0f6974a
      Roderick Colenbrander 提交于
      Valve reported a kernel crash on Ubuntu 18.04 when disconnecting a DS4
      gamepad while rumble is enabled. This issue is reproducible with a
      frequency of 1 in 3 times in the game Borderlands 2 when using an
      automatic weapon, which triggers many rumble operations.
      
      We found the issue to be a race condition between sony_remove and the
      final device destruction by the HID / input system. The problem was
      that sony_remove didn't clean some of its work_item state in
      "struct sony_sc". After sony_remove work, the corresponding evdev
      node was around for sufficient time for applications to still queue
      rumble work after "sony_remove".
      
      On pre-4.19 kernels the race condition caused a kernel crash due to a
      NULL-pointer dereference as "sc->output_report_dmabuf" got freed during
      sony_remove. On newer kernels this crash doesn't happen due the buffer
      now being allocated using devm_kzalloc. However we can still queue work,
      while the driver is an undefined state.
      
      This patch fixes the described problem, by guarding the work_item
      "state_worker" with an initialized variable, which we are setting back
      to 0 on cleanup.
      Signed-off-by: NRoderick Colenbrander <roderick.colenbrander@sony.com>
      CC: stable@vger.kernel.org
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      e0f6974a
    • H
      HID: hiddev: do cleanup in failure of opening a device · 6d4472d7
      Hillf Danton 提交于
      Undo what we did for opening before releasing the memory slice.
      Reported-by: Nsyzbot <syzbot+62a1e04fd3ec2abf099e@syzkaller.appspotmail.com>
      Cc: Andrey Konovalov <andreyknvl@google.com>
      Signed-off-by: NHillf Danton <hdanton@sina.com>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      6d4472d7
    • H
      HID: hiddev: avoid opening a disconnected device · 9c09b214
      Hillf Danton 提交于
      syzbot found the following crash on:
      
      HEAD commit:    e96407b4 usb-fuzzer: main usb gadget fuzzer driver
      git tree:       https://github.com/google/kasan.git usb-fuzzer
      console output: https://syzkaller.appspot.com/x/log.txt?x=147ac20c600000
      kernel config:  https://syzkaller.appspot.com/x/.config?x=792eb47789f57810
      dashboard link: https://syzkaller.appspot.com/bug?extid=62a1e04fd3ec2abf099e
      compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
      
      ==================================================================
      BUG: KASAN: use-after-free in __lock_acquire+0x302a/0x3b50
      kernel/locking/lockdep.c:3753
      Read of size 8 at addr ffff8881cf591a08 by task syz-executor.1/26260
      
      CPU: 1 PID: 26260 Comm: syz-executor.1 Not tainted 5.3.0-rc2+ #24
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
      Google 01/01/2011
      Call Trace:
        __dump_stack lib/dump_stack.c:77 [inline]
        dump_stack+0xca/0x13e lib/dump_stack.c:113
        print_address_description+0x6a/0x32c mm/kasan/report.c:351
        __kasan_report.cold+0x1a/0x33 mm/kasan/report.c:482
        kasan_report+0xe/0x12 mm/kasan/common.c:612
        __lock_acquire+0x302a/0x3b50 kernel/locking/lockdep.c:3753
        lock_acquire+0x127/0x320 kernel/locking/lockdep.c:4412
        __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
        _raw_spin_lock_irqsave+0x32/0x50 kernel/locking/spinlock.c:159
        hiddev_release+0x82/0x520 drivers/hid/usbhid/hiddev.c:221
        __fput+0x2d7/0x840 fs/file_table.c:280
        task_work_run+0x13f/0x1c0 kernel/task_work.c:113
        exit_task_work include/linux/task_work.h:22 [inline]
        do_exit+0x8ef/0x2c50 kernel/exit.c:878
        do_group_exit+0x125/0x340 kernel/exit.c:982
        get_signal+0x466/0x23d0 kernel/signal.c:2728
        do_signal+0x88/0x14e0 arch/x86/kernel/signal.c:815
        exit_to_usermode_loop+0x1a2/0x200 arch/x86/entry/common.c:159
        prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline]
        syscall_return_slowpath arch/x86/entry/common.c:274 [inline]
        do_syscall_64+0x45f/0x580 arch/x86/entry/common.c:299
        entry_SYSCALL_64_after_hwframe+0x49/0xbe
      RIP: 0033:0x459829
      Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7
      48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
      ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
      RSP: 002b:00007f75b2a6ccf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
      RAX: fffffffffffffe00 RBX: 000000000075c078 RCX: 0000000000459829
      RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000075c078
      RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
      R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075c07c
      R13: 00007ffcdfe1023f R14: 00007f75b2a6d9c0 R15: 000000000075c07c
      
      Allocated by task 104:
        save_stack+0x1b/0x80 mm/kasan/common.c:69
        set_track mm/kasan/common.c:77 [inline]
        __kasan_kmalloc mm/kasan/common.c:487 [inline]
        __kasan_kmalloc.constprop.0+0xbf/0xd0 mm/kasan/common.c:460
        kmalloc include/linux/slab.h:552 [inline]
        kzalloc include/linux/slab.h:748 [inline]
        hiddev_connect+0x242/0x5b0 drivers/hid/usbhid/hiddev.c:900
        hid_connect+0x239/0xbb0 drivers/hid/hid-core.c:1882
        hid_hw_start drivers/hid/hid-core.c:1981 [inline]
        hid_hw_start+0xa2/0x130 drivers/hid/hid-core.c:1972
        appleir_probe+0x13e/0x1a0 drivers/hid/hid-appleir.c:308
        hid_device_probe+0x2be/0x3f0 drivers/hid/hid-core.c:2209
        really_probe+0x281/0x650 drivers/base/dd.c:548
        driver_probe_device+0x101/0x1b0 drivers/base/dd.c:709
        __device_attach_driver+0x1c2/0x220 drivers/base/dd.c:816
        bus_for_each_drv+0x15c/0x1e0 drivers/base/bus.c:454
        __device_attach+0x217/0x360 drivers/base/dd.c:882
        bus_probe_device+0x1e4/0x290 drivers/base/bus.c:514
        device_add+0xae6/0x16f0 drivers/base/core.c:2114
        hid_add_device+0x33c/0x990 drivers/hid/hid-core.c:2365
        usbhid_probe+0xa81/0xfa0 drivers/hid/usbhid/hid-core.c:1386
        usb_probe_interface+0x305/0x7a0 drivers/usb/core/driver.c:361
        really_probe+0x281/0x650 drivers/base/dd.c:548
        driver_probe_device+0x101/0x1b0 drivers/base/dd.c:709
        __device_attach_driver+0x1c2/0x220 drivers/base/dd.c:816
        bus_for_each_drv+0x15c/0x1e0 drivers/base/bus.c:454
        __device_attach+0x217/0x360 drivers/base/dd.c:882
        bus_probe_device+0x1e4/0x290 drivers/base/bus.c:514
        device_add+0xae6/0x16f0 drivers/base/core.c:2114
        usb_set_configuration+0xdf6/0x1670 drivers/usb/core/message.c:2023
        generic_probe+0x9d/0xd5 drivers/usb/core/generic.c:210
        usb_probe_device+0x99/0x100 drivers/usb/core/driver.c:266
        really_probe+0x281/0x650 drivers/base/dd.c:548
        driver_probe_device+0x101/0x1b0 drivers/base/dd.c:709
        __device_attach_driver+0x1c2/0x220 drivers/base/dd.c:816
        bus_for_each_drv+0x15c/0x1e0 drivers/base/bus.c:454
        __device_attach+0x217/0x360 drivers/base/dd.c:882
        bus_probe_device+0x1e4/0x290 drivers/base/bus.c:514
        device_add+0xae6/0x16f0 drivers/base/core.c:2114
        usb_new_device.cold+0x6a4/0xe79 drivers/usb/core/hub.c:2536
        hub_port_connect drivers/usb/core/hub.c:5098 [inline]
        hub_port_connect_change drivers/usb/core/hub.c:5213 [inline]
        port_event drivers/usb/core/hub.c:5359 [inline]
        hub_event+0x1b5c/0x3640 drivers/usb/core/hub.c:5441
        process_one_work+0x92b/0x1530 kernel/workqueue.c:2269
        worker_thread+0x96/0xe20 kernel/workqueue.c:2415
        kthread+0x318/0x420 kernel/kthread.c:255
        ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
      
      Freed by task 104:
        save_stack+0x1b/0x80 mm/kasan/common.c:69
        set_track mm/kasan/common.c:77 [inline]
        __kasan_slab_free+0x130/0x180 mm/kasan/common.c:449
        slab_free_hook mm/slub.c:1423 [inline]
        slab_free_freelist_hook mm/slub.c:1470 [inline]
        slab_free mm/slub.c:3012 [inline]
        kfree+0xe4/0x2f0 mm/slub.c:3953
        hiddev_connect.cold+0x45/0x5c drivers/hid/usbhid/hiddev.c:914
        hid_connect+0x239/0xbb0 drivers/hid/hid-core.c:1882
        hid_hw_start drivers/hid/hid-core.c:1981 [inline]
        hid_hw_start+0xa2/0x130 drivers/hid/hid-core.c:1972
        appleir_probe+0x13e/0x1a0 drivers/hid/hid-appleir.c:308
        hid_device_probe+0x2be/0x3f0 drivers/hid/hid-core.c:2209
        really_probe+0x281/0x650 drivers/base/dd.c:548
        driver_probe_device+0x101/0x1b0 drivers/base/dd.c:709
        __device_attach_driver+0x1c2/0x220 drivers/base/dd.c:816
        bus_for_each_drv+0x15c/0x1e0 drivers/base/bus.c:454
        __device_attach+0x217/0x360 drivers/base/dd.c:882
        bus_probe_device+0x1e4/0x290 drivers/base/bus.c:514
        device_add+0xae6/0x16f0 drivers/base/core.c:2114
        hid_add_device+0x33c/0x990 drivers/hid/hid-core.c:2365
        usbhid_probe+0xa81/0xfa0 drivers/hid/usbhid/hid-core.c:1386
        usb_probe_interface+0x305/0x7a0 drivers/usb/core/driver.c:361
        really_probe+0x281/0x650 drivers/base/dd.c:548
        driver_probe_device+0x101/0x1b0 drivers/base/dd.c:709
        __device_attach_driver+0x1c2/0x220 drivers/base/dd.c:816
        bus_for_each_drv+0x15c/0x1e0 drivers/base/bus.c:454
        __device_attach+0x217/0x360 drivers/base/dd.c:882
        bus_probe_device+0x1e4/0x290 drivers/base/bus.c:514
        device_add+0xae6/0x16f0 drivers/base/core.c:2114
        usb_set_configuration+0xdf6/0x1670 drivers/usb/core/message.c:2023
        generic_probe+0x9d/0xd5 drivers/usb/core/generic.c:210
        usb_probe_device+0x99/0x100 drivers/usb/core/driver.c:266
        really_probe+0x281/0x650 drivers/base/dd.c:548
        driver_probe_device+0x101/0x1b0 drivers/base/dd.c:709
        __device_attach_driver+0x1c2/0x220 drivers/base/dd.c:816
        bus_for_each_drv+0x15c/0x1e0 drivers/base/bus.c:454
        __device_attach+0x217/0x360 drivers/base/dd.c:882
        bus_probe_device+0x1e4/0x290 drivers/base/bus.c:514
        device_add+0xae6/0x16f0 drivers/base/core.c:2114
        usb_new_device.cold+0x6a4/0xe79 drivers/usb/core/hub.c:2536
        hub_port_connect drivers/usb/core/hub.c:5098 [inline]
        hub_port_connect_change drivers/usb/core/hub.c:5213 [inline]
        port_event drivers/usb/core/hub.c:5359 [inline]
        hub_event+0x1b5c/0x3640 drivers/usb/core/hub.c:5441
        process_one_work+0x92b/0x1530 kernel/workqueue.c:2269
        worker_thread+0x96/0xe20 kernel/workqueue.c:2415
        kthread+0x318/0x420 kernel/kthread.c:255
        ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
      
      The buggy address belongs to the object at ffff8881cf591900
        which belongs to the cache kmalloc-512 of size 512
      The buggy address is located 264 bytes inside of
        512-byte region [ffff8881cf591900, ffff8881cf591b00)
      The buggy address belongs to the page:
      page:ffffea00073d6400 refcount:1 mapcount:0 mapping:ffff8881da002500
      index:0x0 compound_mapcount: 0
      flags: 0x200000000010200(slab|head)
      raw: 0200000000010200 0000000000000000 0000000100000001 ffff8881da002500
      raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
      page dumped because: kasan: bad access detected
      
      Memory state around the buggy address:
        ffff8881cf591900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
        ffff8881cf591980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
      > ffff8881cf591a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                             ^
        ffff8881cf591a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
        ffff8881cf591b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
      ==================================================================
      
      In order to avoid opening a disconnected device, we need to check exist
      again after acquiring the existance lock, and bail out if necessary.
      Reported-by: Nsyzbot <syzbot+62a1e04fd3ec2abf099e@syzkaller.appspotmail.com>
      Cc: Andrey Konovalov <andreyknvl@google.com>
      Signed-off-by: NHillf Danton <hdanton@sina.com>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      9c09b214
    • A
      drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case · d934423a
      Arnaud Patard (Rtp) 提交于
      Orion5.x systems are still using machine files and not device-tree.
      Commit 96cb4342 ("net: mvmdio: allow up to three clocks to be
      specified for orion-mdio") has replaced devm_clk_get() with of_clk_get(),
      leading to a oops at boot and not working network, as reported in
      https://lists.debian.org/debian-arm/2019/07/msg00088.html and possibly in
      https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908712.
      
      Link: https://lists.debian.org/debian-arm/2019/07/msg00088.html
      Fixes: 96cb4342 ("net: mvmdio: allow up to three clocks to be specified for orion-mdio")
      Signed-off-by: NArnaud Patard <arnaud.patard@rtp-net.org>
      Reviewed-by: NAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d934423a
    • M
      cnic: Explicitly initialize all reference counts to 0. · 0dfa0bed
      Michael Chan 提交于
      The driver is relying on zero'ed allocated memory and does not
      explicitly call atomic_set() to initialize the ref counts to 0.  Add
      these atomic_set() calls so that it will be more straight forward
      to convert atomic ref counts to refcount_t.
      Reported-by: NChuhong Yuan <hslester96@gmail.com>
      Cc: Rasesh Mody <rmody@marvell.com>
      Cc: <GR-Linux-NIC-Dev@marvell.com>
      Signed-off-by: NMichael Chan <michael.chan@broadcom.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0dfa0bed
    • C
      gve: Fix case where desc_cnt and data_cnt can get out of sync · 438b43bd
      Catherine Sullivan 提交于
      desc_cnt and data_cnt should always be equal. In the case of a dropped
      packet desc_cnt was still getting updated (correctly), data_cnt
      was not. To eliminate this bug and prevent it from recurring this
      patch combines them into one ring level cnt.
      Signed-off-by: NCatherine Sullivan <csully@google.com>
      Reviewed-by: NSagi Shahar <sagis@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      438b43bd
    • C
      i40e: Remove unicast log when VF is leaving multicast mode. · 558e93c9
      Czeslaw Zagorski 提交于
      This patch removes unicast log when VF is leaving multicast mode.
      Added check of vf->vf_states &
      I40E_VF_STATE_MC_PROMISC/I40E_VF_STATE_UC_PROMISC.
      Without this commit, leaving multicast mode logs "unset unicast"
      in dmsg.
      Signed-off-by: NCzeslaw Zagorski <czeslawx.zagorski@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      558e93c9
    • J
      i40e: verify string count matches even on early return · b2722359
      Jacob Keller 提交于
      Similar to i40e_get_ethtool_stats, add a goto to verify that the data
      pointer for the strings lines up with the expected stats count. This
      helps ensure that bugs are not introduced when adding stats.
      Signed-off-by: NJacob Keller <jacob.e.keller@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      b2722359
    • C
      i40e: Log info when PF is entering and leaving Allmulti mode. · b603f9dc
      Czeslaw Zagorski 提交于
      Add log when PF is entering and leaving allmulti mode. The
      change of PF state is visible in dmesg now. Without this commit,
      entering and leaving allmulti mode is not logged in dmesg.
      Signed-off-by: NCzeslaw Zagorski <czeslawx.zagorski@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      b603f9dc
    • C
      i40e: Update visual effect for advertised FEC mode. · 0969402f
      Czeslaw Zagorski 提交于
      Updates visual effect for advertised mode after setting desired mode.
      The mode appears in advertised FEC mode correctly, when ethtool
      interface command is called. Without this commit advertised FEC
      is displayed regardless of the settings as "None BaseR RS".
      Signed-off-by: NCzeslaw Zagorski <czeslawx.zagorski@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      0969402f
    • J
      i40e: fix code comments · 6db60322
      Jeff Kirsher 提交于
      Found a code comment that needed TLC to correct their formatting.
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      6db60322
    • J
      i40e: don't report link up for a VF who hasn't enabled queues · 2ad1274f
      Jacob Keller 提交于
      Commit d3d657a9 ("i40e: update VFs of link state after
      GET_VF_RESOURCES") modified the PF driver to notify a VF of
      its link status immediately after it requests resources.
      
      This was intended to fix reporting on VF drivers, so that they would
      properly report link status.
      
      However, some older VF drivers do not respond well to receiving a link
      up notification before queues are enabled. This can cause their state
      machine to think that it is safe to send traffic. This results in a Tx
      hang on the VF.
      
      More recent versions of the old i40evf and all versions of iavf are
      resilient to these early link status messages. However, if a VM happens
      to run an older version of the VF driver, this can be problematic.
      
      Record whether the PF has actually enabled queues for the VF. When
      reporting link status, always report link down if the queues aren't
      enabled. In this way, the VF driver will never receive a link up
      notification until after its queues are enabled.
      Signed-off-by: NJacob Keller <jacob.e.keller@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      2ad1274f
    • S
      i40e: Log disable-fw-lldp flag change by ethtool · d9f78ceb
      Slawomir Laba 提交于
      Add logging for disable-fw-lldp flag by ethtool. Added check
      for I40E_FLAG_DISABLE_FW_LLDP and logging state in dmesg.
      Without this commit there was no clear statement in dmesg
      about FW LLDP state in dmesg.
      Signed-off-by: NSlawomir Laba <slawomirx.laba@intel.com>
      Tested-by: NAndrew Bowers <andrewx.bowers@intel.com>
      Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
      d9f78ceb