1. 24 1月, 2013 2 次提交
  2. 28 12月, 2012 4 次提交
    • S
      libceph: fix protocol feature mismatch failure path · 0fa6ebc6
      Sage Weil 提交于
      We should not set con->state to CLOSED here; that happens in
      ceph_fault() in the caller, where it first asserts that the state
      is not yet CLOSED.  Avoids a BUG when the features don't match.
      
      Since the fail_protocol() has become a trivial wrapper, replace
      calls to it with direct calls to reset_connection().
      Signed-off-by: NSage Weil <sage@inktank.com>
      Reviewed-by: NAlex Elder <elder@inktank.com>
      0fa6ebc6
    • A
      libceph: WARN, don't BUG on unexpected connection states · 122070a2
      Alex Elder 提交于
      A number of assertions in the ceph messenger are implemented with
      BUG_ON(), killing the system if connection's state doesn't match
      what's expected.  At this point our state model is (evidently) not
      well understood enough for these assertions to trigger a BUG().
      Convert all BUG_ON(con->state...) calls to be WARN_ON(con->state...)
      so we learn about these issues without killing the machine.
      
      We now recognize that a connection fault can occur due to a socket
      closure at any time, regardless of the state of the connection.  So
      there is really nothing we can assert about the state of the
      connection at that point so eliminate that assertion.
      Reported-by: NUgis <ugis22@gmail.com>
      Tested-by: NUgis <ugis22@gmail.com>
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NSage Weil <sage@inktank.com>
      122070a2
    • A
      libceph: always reset osds when kicking · e6d50f67
      Alex Elder 提交于
      When ceph_osdc_handle_map() is called to process a new osd map,
      kick_requests() is called to ensure all affected requests are
      updated if necessary to reflect changes in the osd map.  This
      happens in two cases:  whenever an incremental map update is
      processed; and when a full map update (or the last one if there is
      more than one) gets processed.
      
      In the former case, the kick_requests() call is followed immediately
      by a call to reset_changed_osds() to ensure any connections to osds
      affected by the map change are reset.  But for full map updates
      this isn't done.
      
      Both cases should be doing this osd reset.
      
      Rather than duplicating the reset_changed_osds() call, move it into
      the end of kick_requests().
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NSage Weil <sage@inktank.com>
      e6d50f67
    • A
      libceph: move linger requests sooner in kick_requests() · ab60b16d
      Alex Elder 提交于
      The kick_requests() function is called by ceph_osdc_handle_map()
      when an osd map change has been indicated.  Its purpose is to
      re-queue any request whose target osd is different from what it
      was when it was originally sent.
      
      It is structured as two loops, one for incomplete but registered
      requests, and a second for handling completed linger requests.
      As a special case, in the first loop if a request marked to linger
      has not yet completed, it is moved from the request list to the
      linger list.  This is as a quick and dirty way to have the second
      loop handle sending the request along with all the other linger
      requests.
      
      Because of the way it's done now, however, this quick and dirty
      solution can result in these incomplete linger requests never
      getting re-sent as desired.  The problem lies in the fact that
      the second loop only arranges for a linger request to be sent
      if it appears its target osd has changed.  This is the proper
      handling for *completed* linger requests (it avoids issuing
      the same linger request twice to the same osd).
      
      But although the linger requests added to the list in the first loop
      may have been sent, they have not yet completed, so they need to be
      re-sent regardless of whether their target osd has changed.
      
      The first required fix is we need to avoid calling __map_request()
      on any incomplete linger request.  Otherwise the subsequent
      __map_request() call in the second loop will find the target osd
      has not changed and will therefore not re-send the request.
      
      Second, we need to be sure that a sent but incomplete linger request
      gets re-sent.  If the target osd is the same with the new osd map as
      it was when the request was originally sent, this won't happen.
      This can be fixed through careful handling when we move these
      requests from the request list to the linger list, by unregistering
      the request *before* it is registered as a linger request.  This
      works because a side-effect of unregistering the request is to make
      the request's r_osd pointer be NULL, and *that* will ensure the
      second loop actually re-sends the linger request.
      
      Processing of such a request is done at that point, so continue with
      the next one once it's been moved.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NSage Weil <sage@inktank.com>
      ab60b16d
  3. 27 12月, 2012 6 次提交
  4. 25 12月, 2012 1 次提交
  5. 22 12月, 2012 7 次提交
    • S
      net: sched: integer overflow fix · d2fe85da
      Stefan Hasko 提交于
      Fixed integer overflow in function htb_dequeue
      Signed-off-by: NStefan Hasko <hasko.stevo@gmail.com>
      Acked-by: NEric Dumazet <edumazet@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d2fe85da
    • G
      CONFIG_HOTPLUG removal from networking core · 8baf82b3
      Greg KH 提交于
      CONFIG_HOTPLUG is always enabled now, so remove the unused code that was
      trying to be compiled out when this option was disabled, in the
      networking core.
      
      Cc: Bill Pemberton <wfp5p@virginia.edu>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8baf82b3
    • G
      bridge: call br_netpoll_disable in br_add_if · 9b1536c4
      Gao feng 提交于
      When netdev_set_master faild in br_add_if, we should
      call br_netpoll_disable to do some cleanup jobs,such
      as free the memory of struct netpoll which allocated
      in br_netpoll_enable.
      Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com>
      Acked-by: NCong Wang <amwang@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9b1536c4
    • E
      ipv4: arp: fix a lockdep splat in arp_solicit() · 9650388b
      Eric Dumazet 提交于
      Yan Burman reported following lockdep warning :
      
      =============================================
      [ INFO: possible recursive locking detected ]
      3.7.0+ #24 Not tainted
      ---------------------------------------------
      swapper/1/0 is trying to acquire lock:
        (&n->lock){++--..}, at: [<ffffffff8139f56e>] __neigh_event_send
      +0x2e/0x2f0
      
      but task is already holding lock:
        (&n->lock){++--..}, at: [<ffffffff813f63f4>] arp_solicit+0x1d4/0x280
      
      other info that might help us debug this:
        Possible unsafe locking scenario:
      
              CPU0
              ----
         lock(&n->lock);
         lock(&n->lock);
      
        *** DEADLOCK ***
      
        May be due to missing lock nesting notation
      
      4 locks held by swapper/1/0:
        #0:  (((&n->timer))){+.-...}, at: [<ffffffff8104b350>]
      call_timer_fn+0x0/0x1c0
        #1:  (&n->lock){++--..}, at: [<ffffffff813f63f4>] arp_solicit
      +0x1d4/0x280
        #2:  (rcu_read_lock_bh){.+....}, at: [<ffffffff81395400>]
      dev_queue_xmit+0x0/0x5d0
        #3:  (rcu_read_lock_bh){.+....}, at: [<ffffffff813cb41e>]
      ip_finish_output+0x13e/0x640
      
      stack backtrace:
      Pid: 0, comm: swapper/1 Not tainted 3.7.0+ #24
      Call Trace:
        <IRQ>  [<ffffffff8108c7ac>] validate_chain+0xdcc/0x11f0
        [<ffffffff8108d570>] ? __lock_acquire+0x440/0xc30
        [<ffffffff81120565>] ? kmem_cache_free+0xe5/0x1c0
        [<ffffffff8108d570>] __lock_acquire+0x440/0xc30
        [<ffffffff813c3570>] ? inet_getpeer+0x40/0x600
        [<ffffffff8108d570>] ? __lock_acquire+0x440/0xc30
        [<ffffffff8139f56e>] ? __neigh_event_send+0x2e/0x2f0
        [<ffffffff8108ddf5>] lock_acquire+0x95/0x140
        [<ffffffff8139f56e>] ? __neigh_event_send+0x2e/0x2f0
        [<ffffffff8108d570>] ? __lock_acquire+0x440/0xc30
        [<ffffffff81448d4b>] _raw_write_lock_bh+0x3b/0x50
        [<ffffffff8139f56e>] ? __neigh_event_send+0x2e/0x2f0
        [<ffffffff8139f56e>] __neigh_event_send+0x2e/0x2f0
        [<ffffffff8139f99b>] neigh_resolve_output+0x16b/0x270
        [<ffffffff813cb62d>] ip_finish_output+0x34d/0x640
        [<ffffffff813cb41e>] ? ip_finish_output+0x13e/0x640
        [<ffffffffa046f146>] ? vxlan_xmit+0x556/0xbec [vxlan]
        [<ffffffff813cb9a0>] ip_output+0x80/0xf0
        [<ffffffff813ca368>] ip_local_out+0x28/0x80
        [<ffffffffa046f25a>] vxlan_xmit+0x66a/0xbec [vxlan]
        [<ffffffffa046f146>] ? vxlan_xmit+0x556/0xbec [vxlan]
        [<ffffffff81394a50>] ? skb_gso_segment+0x2b0/0x2b0
        [<ffffffff81449355>] ? _raw_spin_unlock_irqrestore+0x65/0x80
        [<ffffffff81394c57>] ? dev_queue_xmit_nit+0x207/0x270
        [<ffffffff813950c8>] dev_hard_start_xmit+0x298/0x5d0
        [<ffffffff813956f3>] dev_queue_xmit+0x2f3/0x5d0
        [<ffffffff81395400>] ? dev_hard_start_xmit+0x5d0/0x5d0
        [<ffffffff813f5788>] arp_xmit+0x58/0x60
        [<ffffffff813f59db>] arp_send+0x3b/0x40
        [<ffffffff813f6424>] arp_solicit+0x204/0x280
        [<ffffffff813a1a70>] ? neigh_add+0x310/0x310
        [<ffffffff8139f515>] neigh_probe+0x45/0x70
        [<ffffffff813a1c10>] neigh_timer_handler+0x1a0/0x2a0
        [<ffffffff8104b3cf>] call_timer_fn+0x7f/0x1c0
        [<ffffffff8104b350>] ? detach_if_pending+0x120/0x120
        [<ffffffff8104b748>] run_timer_softirq+0x238/0x2b0
        [<ffffffff813a1a70>] ? neigh_add+0x310/0x310
        [<ffffffff81043e51>] __do_softirq+0x101/0x280
        [<ffffffff814518cc>] call_softirq+0x1c/0x30
        [<ffffffff81003b65>] do_softirq+0x85/0xc0
        [<ffffffff81043a7e>] irq_exit+0x9e/0xc0
        [<ffffffff810264f8>] smp_apic_timer_interrupt+0x68/0xa0
        [<ffffffff8145122f>] apic_timer_interrupt+0x6f/0x80
        <EOI>  [<ffffffff8100a054>] ? mwait_idle+0xa4/0x1c0
        [<ffffffff8100a04b>] ? mwait_idle+0x9b/0x1c0
        [<ffffffff8100a6a9>] cpu_idle+0x89/0xe0
        [<ffffffff81441127>] start_secondary+0x1b2/0x1b6
      
      Bug is from arp_solicit(), releasing the neigh lock after arp_send()
      In case of vxlan, we eventually need to write lock a neigh lock later.
      
      Its a false positive, but we can get rid of it without lockdep
      annotations.
      
      We can instead use neigh_ha_snapshot() helper.
      Reported-by: NYan Burman <yanb@mellanox.com>
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Acked-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9650388b
    • E
      net: devnet_rename_seq should be a seqcount · 30e6c9fa
      Eric Dumazet 提交于
      Using a seqlock for devnet_rename_seq is not a good idea,
      as device_rename() can sleep.
      
      As we hold RTNL, we dont need a protection for writers,
      and only need a seqcount so that readers can catch a change done
      by a writer.
      
      Bug added in commit c91f6df2 (sockopt: Change getsockopt() of
      SO_BINDTODEVICE to return an interface name)
      Reported-by: NDave Jones <davej@redhat.com>
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Brian Haley <brian.haley@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      30e6c9fa
    • E
      ip_gre: fix possible use after free · f7e75ba1
      Eric Dumazet 提交于
      Once skb_realloc_headroom() is called, tiph might point to freed memory.
      
      Cache tiph->ttl value before the reallocation, to avoid unexpected
      behavior.
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Isaku Yamahata <yamahata@valinux.co.jp>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f7e75ba1
    • I
      ip_gre: make ipgre_tunnel_xmit() not parse network header as IP unconditionally · 412ed947
      Isaku Yamahata 提交于
      ipgre_tunnel_xmit() parses network header as IP unconditionally.
      But transmitting packets are not always IP packet. For example such packet
      can be sent by packet socket with sockaddr_ll.sll_protocol set.
      So make the function check if skb->protocol is IP.
      Signed-off-by: NIsaku Yamahata <yamahata@valinux.co.jp>
      Acked-by: NEric Dumazet <edumazet@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      412ed947
  6. 21 12月, 2012 5 次提交
  7. 20 12月, 2012 3 次提交
  8. 18 12月, 2012 8 次提交
  9. 17 12月, 2012 3 次提交
    • A
      libceph: avoid using freed osd in __kick_osd_requests() · 685a7555
      Alex Elder 提交于
      If an osd has no requests and no linger requests, __reset_osd()
      will just remove it with a call to __remove_osd().  That drops
      a reference to the osd, and therefore the osd may have been free
      by the time __reset_osd() returns.  That function offers no
      indication this may have occurred, and as a result the osd will
      continue to be used even when it's no longer valid.
      
      Change__reset_osd() so it returns an error (ENODEV) when it
      deletes the osd being reset.  And change __kick_osd_requests() so it
      returns immediately (before referencing osd again) if __reset_osd()
      returns *any* error.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NSage Weil <sage@inktank.com>
      685a7555
    • A
      ceph: don't reference req after put · 7d5f2481
      Alex Elder 提交于
      In __unregister_request(), there is a call to list_del_init()
      referencing a request that was the subject of a call to
      ceph_osdc_put_request() on the previous line.  This is not
      safe, because the request structure could have been freed
      by the time we reach the list_del_init().
      
      Fix this by reversing the order of these lines.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-off-by: NSage Weil <sage@inktank.com>
      7d5f2481
    • S
      ipv6: Fix Makefile offload objects · df484191
      Simon Arlott 提交于
      The following commit breaks IPv6 TCP transmission for me:
      	Commit 75fe83c3
      	Author: Vlad Yasevich <vyasevic@redhat.com>
      	Date:   Fri Nov 16 09:41:21 2012 +0000
      	ipv6: Preserve ipv6 functionality needed by NET
      
      This patch fixes the typo "ipv6_offload" which should be
      "ipv6-offload".
      
      I don't know why not including the offload modules should
      break TCP. Disabling all offload options on the NIC didn't
      help. Outgoing pulseaudio traffic kept stalling.
      Signed-off-by: NSimon Arlott <simon@fire.lp0.eu>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      df484191
  10. 16 12月, 2012 1 次提交