1. 07 5月, 2020 29 次提交
    • M
      net: remove spurious declaration of tcp_default_init_rwnd() · 64082b67
      Maciej Żenczykowski 提交于
      it doesn't actually exist...
      
      Test: builds and 'git grep tcp_default_init_rwnd' comes up empty
      Signed-off-by: NMaciej Żenczykowski <maze@google.com>
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      64082b67
    • M
      virtio_net: fix lockdep warning on 32 bit · 01c32598
      Michael S. Tsirkin 提交于
      When we fill up a receive VQ, try_fill_recv currently tries to count
      kicks using a 64 bit stats counter. Turns out, on a 32 bit kernel that
      uses a seqcount. sequence counts are "lock" constructs where you need to
      make sure that writers are serialized.
      
      In turn, this means that we mustn't run two try_fill_recv concurrently.
      Which of course we don't. We do run try_fill_recv sometimes from a
      softirq napi context, and sometimes from a fully preemptible context,
      but the later always runs with napi disabled.
      
      However, when it comes to the seqcount, lockdep is trying to enforce the
      rule that the same lock isn't accessed from preemptible and softirq
      context - it doesn't know about napi being enabled/disabled. This causes
      a false-positive warning:
      
      WARNING: inconsistent lock state
      ...
      inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
      
      As a work around, shut down the warning by switching
      to u64_stats_update_begin_irqsave - that works by disabling
      interrupts on 32 bit only, is a NOP on 64 bit.
      Reported-by: NThomas Gleixner <tglx@linutronix.de>
      Suggested-by: NEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      01c32598
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · a811c1fa
      Linus Torvalds 提交于
      Pull networking fixes from David Miller:
      
       1) Fix reference count leaks in various parts of batman-adv, from Xiyu
          Yang.
      
       2) Update NAT checksum even when it is zero, from Guillaume Nault.
      
       3) sk_psock reference count leak in tls code, also from Xiyu Yang.
      
       4) Sanity check TCA_FQ_CODEL_DROP_BATCH_SIZE netlink attribute in
          fq_codel, from Eric Dumazet.
      
       5) Fix panic in choke_reset(), also from Eric Dumazet.
      
       6) Fix VLAN accel handling in bnxt_fix_features(), from Michael Chan.
      
       7) Disallow out of range quantum values in sch_sfq, from Eric Dumazet.
      
       8) Fix crash in x25_disconnect(), from Yue Haibing.
      
       9) Don't pass pointer to local variable back to the caller in
          nf_osf_hdr_ctx_init(), from Arnd Bergmann.
      
      10) Wireguard should use the ECN decap helper functions, from Toke
          Høiland-Jørgensen.
      
      11) Fix command entry leak in mlx5 driver, from Moshe Shemesh.
      
      12) Fix uninitialized variable access in mptcp's
          subflow_syn_recv_sock(), from Paolo Abeni.
      
      13) Fix unnecessary out-of-order ingress frame ordering in macsec, from
          Scott Dial.
      
      14) IPv6 needs to use a global serial number for dst validation just
          like ipv4, from David Ahern.
      
      15) Fix up PTP_1588_CLOCK deps, from Clay McClure.
      
      16) Missing NLM_F_MULTI flag in gtp driver netlink messages, from
          Yoshiyuki Kurauchi.
      
      17) Fix a regression in that dsa user port errors should not be fatal,
          from Florian Fainelli.
      
      18) Fix iomap leak in enetc driver, from Dejin Zheng.
      
      19) Fix use after free in lec_arp_clear_vccs(), from Cong Wang.
      
      20) Initialize protocol value earlier in neigh code paths when
          generating events, from Roman Mashak.
      
      21) netdev_update_features() must be called with RTNL mutex in macsec
          driver, from Antoine Tenart.
      
      22) Validate untrusted GSO packets even more strictly, from Willem de
          Bruijn.
      
      23) Wireguard decrypt worker needs a cond_resched(), from Jason
          Donenfeld.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (111 commits)
        net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE
        MAINTAINERS: put DYNAMIC INTERRUPT MODERATION in proper order
        wireguard: send/receive: use explicit unlikely branch instead of implicit coalescing
        wireguard: selftests: initalize ipv6 members to NULL to squelch clang warning
        wireguard: send/receive: cond_resched() when processing worker ringbuffers
        wireguard: socket: remove errant restriction on looping to self
        wireguard: selftests: use normal kernel stack size on ppc64
        net: ethernet: ti: am65-cpsw-nuss: fix irqs type
        ionic: Use debugfs_create_bool() to export bool
        net: dsa: Do not leave DSA master with NULL netdev_ops
        net: dsa: remove duplicate assignment in dsa_slave_add_cls_matchall_mirred
        net: stricter validation of untrusted gso packets
        seg6: fix SRH processing to comply with RFC8754
        net: mscc: ocelot: ANA_AUTOAGE_AGE_PERIOD holds a value in seconds, not ms
        net: dsa: ocelot: the MAC table on Felix is twice as large
        net: dsa: sja1105: the PTP_CLK extts input reacts on both edges
        selftests: net: tcp_mmap: fix SO_RCVLOWAT setting
        net: hsr: fix incorrect type usage for protocol variable
        net: macsec: fix rtnl locking issue
        net: mvpp2: cls: Prevent buffer overflow in mvpp2_ethtool_cls_rule_del()
        ...
      a811c1fa
    • P
      net: flow_offload: skip hw stats check for FLOW_ACTION_HW_STATS_DONT_CARE · 16f80360
      Pablo Neira Ayuso 提交于
      This patch adds FLOW_ACTION_HW_STATS_DONT_CARE which tells the driver
      that the frontend does not need counters, this hw stats type request
      never fails. The FLOW_ACTION_HW_STATS_DISABLED type explicitly requests
      the driver to disable the stats, however, if the driver cannot disable
      counters, it bails out.
      
      TCA_ACT_HW_STATS_* maintains the 1:1 mapping with FLOW_ACTION_HW_STATS_*
      except by disabled which is mapped to FLOW_ACTION_HW_STATS_DISABLED
      (this is 0 in tc). Add tc_act_hw_stats() to perform the mapping between
      TCA_ACT_HW_STATS_* and FLOW_ACTION_HW_STATS_*.
      
      Fixes: 319a1d19 ("flow_offload: check for basic action hw stats type")
      Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      16f80360
    • L
      MAINTAINERS: put DYNAMIC INTERRUPT MODERATION in proper order · b0956956
      Lukas Bulwahn 提交于
      Commit 9b038086 ("docs: networking: convert DIM to RST") added a new
      file entry to DYNAMIC INTERRUPT MODERATION to the end, and not following
      alphabetical order.
      
      So, ./scripts/checkpatch.pl -f MAINTAINERS complains:
      
        WARNING: Misordered MAINTAINERS entry - list file patterns in alphabetic
        order
        #5966: FILE: MAINTAINERS:5966:
        +F:      lib/dim/
        +F:      Documentation/networking/net_dim.rst
      
      Reorder the file entries to keep MAINTAINERS nicely ordered.
      Signed-off-by: NLukas Bulwahn <lukas.bulwahn@gmail.com>
      Acked-by: NJakub Kicinski <kuba@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b0956956
    • D
      Merge branch 'wireguard-fixes' · d3f3e6ac
      David S. Miller 提交于
      Jason A. Donenfeld says:
      
      ====================
      wireguard fixes for 5.7-rc5
      
      With Ubuntu and Debian having backported this into their kernels, we're
      finally seeing testing from places we hadn't seen prior, which is nice.
      With that comes more fixes:
      
      1) The CI for PPC64 was running with extremely small stacks for 64-bit,
         causing spurious crashes in surprising places.
      
      2) There's was an old leftover routing loop restriction, which no longer
         makes sense given the queueing architecture, and was causing problems
         for people who really did want nested routing.
      
      3) Not yielding our kthread on CONFIG_PREEMPT_VOLUNTARY systems caused
         RCU stalls and other issues, reported by Wang Jian, with the fix
         suggested by Sultan Alsawaf.
      
      4) Clang spewed warnings in a selftest for CONFIG_IPV6=n, reported by
         Arnd Bergmann.
      
      5) A complicated if statement was simplified to an assignment while also
         making the likely/unlikely hinting more correct and simple, and
         increasing readability, suggested by Sultan.
      
      Patches (2) and (3) have Fixes: lines and are probably good candidates
      for stable.
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d3f3e6ac
    • J
      wireguard: send/receive: use explicit unlikely branch instead of implicit coalescing · 243f2148
      Jason A. Donenfeld 提交于
      It's very unlikely that send will become true. It's nearly always false
      between 0 and 120 seconds of a session, and in most cases becomes true
      only between 120 and 121 seconds before becoming false again. So,
      unlikely(send) is clearly the right option here.
      
      What happened before was that we had this complex boolean expression
      with multiple likely and unlikely clauses nested. Since this is
      evaluated left-to-right anyway, the whole thing got converted to
      unlikely. So, we can clean this up to better represent what's going on.
      
      The generated code is the same.
      Suggested-by: NSultan Alsawaf <sultan@kerneltoast.com>
      Signed-off-by: NJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      243f2148
    • J
      wireguard: selftests: initalize ipv6 members to NULL to squelch clang warning · 4fed818e
      Jason A. Donenfeld 提交于
      Without setting these to NULL, clang complains in certain
      configurations that have CONFIG_IPV6=n:
      
      In file included from drivers/net/wireguard/ratelimiter.c:223:
      drivers/net/wireguard/selftest/ratelimiter.c:173:34: error: variable 'skb6' is uninitialized when used here [-Werror,-Wuninitialized]
                      ret = timings_test(skb4, hdr4, skb6, hdr6, &test_count);
                                                     ^~~~
      drivers/net/wireguard/selftest/ratelimiter.c:123:29: note: initialize the variable 'skb6' to silence this warning
              struct sk_buff *skb4, *skb6;
                                         ^
                                          = NULL
      drivers/net/wireguard/selftest/ratelimiter.c:173:40: error: variable 'hdr6' is uninitialized when used here [-Werror,-Wuninitialized]
                      ret = timings_test(skb4, hdr4, skb6, hdr6, &test_count);
                                                           ^~~~
      drivers/net/wireguard/selftest/ratelimiter.c:125:22: note: initialize the variable 'hdr6' to silence this warning
              struct ipv6hdr *hdr6;
                                  ^
      
      We silence this warning by setting the variables to NULL as the warning
      suggests.
      Reported-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4fed818e
    • J
      wireguard: send/receive: cond_resched() when processing worker ringbuffers · 4005f5c3
      Jason A. Donenfeld 提交于
      Users with pathological hardware reported CPU stalls on CONFIG_
      PREEMPT_VOLUNTARY=y, because the ringbuffers would stay full, meaning
      these workers would never terminate. That turned out not to be okay on
      systems without forced preemption, which Sultan observed. This commit
      adds a cond_resched() to the bottom of each loop iteration, so that
      these workers don't hog the core. Note that we don't need this on the
      napi poll worker, since that terminates after its budget is expended.
      Suggested-by: NSultan Alsawaf <sultan@kerneltoast.com>
      Reported-by: NWang Jian <larkwang@gmail.com>
      Fixes: e7096c13 ("net: WireGuard secure network tunnel")
      Signed-off-by: NJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4005f5c3
    • J
      wireguard: socket: remove errant restriction on looping to self · b673e24a
      Jason A. Donenfeld 提交于
      It's already possible to create two different interfaces and loop
      packets between them. This has always been possible with tunnels in the
      kernel, and isn't specific to wireguard. Therefore, the networking stack
      already needs to deal with that. At the very least, the packet winds up
      exceeding the MTU and is discarded at that point. So, since this is
      already something that happens, there's no need to forbid the not very
      exceptional case of routing a packet back to the same interface; this
      loop is no different than others, and we shouldn't special case it, but
      rather rely on generic handling of loops in general. This also makes it
      easier to do interesting things with wireguard such as onion routing.
      
      At the same time, we add a selftest for this, ensuring that both onion
      routing works and infinite routing loops do not crash the kernel. We
      also add a test case for wireguard interfaces nesting packets and
      sending traffic between each other, as well as the loop in this case
      too. We make sure to send some throughput-heavy traffic for this use
      case, to stress out any possible recursion issues with the locks around
      workqueues.
      
      Fixes: e7096c13 ("net: WireGuard secure network tunnel")
      Signed-off-by: NJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b673e24a
    • J
      wireguard: selftests: use normal kernel stack size on ppc64 · a0fd7cc8
      Jason A. Donenfeld 提交于
      While at some point it might have made sense to be running these tests
      on ppc64 with 4k stacks, the kernel hasn't actually used 4k stacks on
      64-bit powerpc in a long time, and more interesting things that we test
      don't really work when we deviate from the default (16k). So, we stop
      pushing our luck in this commit, and return to the default instead of
      the minimum.
      Signed-off-by: NJason A. Donenfeld <Jason@zx2c4.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a0fd7cc8
    • G
      net: ethernet: ti: am65-cpsw-nuss: fix irqs type · 6f5c27f9
      Grygorii Strashko 提交于
      The K3 INTA driver, which is source TX/RX IRQs for CPSW NUSS, defines IRQs
      triggering type as EDGE by default, but triggering type for CPSW NUSS TX/RX
      IRQs has to be LEVEL as the EDGE triggering type may cause unnecessary IRQs
      triggering and NAPI scheduling for empty queues. It was discovered with
      RT-kernel.
      
      Fix it by explicitly specifying CPSW NUSS TX/RX IRQ type as
      IRQF_TRIGGER_HIGH.
      
      Fixes: 93a76530 ("net: ethernet: ti: introduce am65x/j721e gigabit eth subsystem driver")
      Signed-off-by: NGrygorii Strashko <grygorii.strashko@ti.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6f5c27f9
    • G
      ionic: Use debugfs_create_bool() to export bool · 0735ccc9
      Geert Uytterhoeven 提交于
      Currently bool ionic_cq.done_color is exported using
      debugfs_create_u8(), which requires a cast, preventing further compiler
      checks.
      
      Fix this by switching to debugfs_create_bool(), and dropping the cast.
      Signed-off-by: NGeert Uytterhoeven <geert+renesas@glider.be>
      Acked-by: NShannon Nelson <snelson@pensando.io>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0735ccc9
    • F
      net: dsa: Do not leave DSA master with NULL netdev_ops · 050569fc
      Florian Fainelli 提交于
      When ndo_get_phys_port_name() for the CPU port was added we introduced
      an early check for when the DSA master network device in
      dsa_master_ndo_setup() already implements ndo_get_phys_port_name(). When
      we perform the teardown operation in dsa_master_ndo_teardown() we would
      not be checking that cpu_dp->orig_ndo_ops was successfully allocated and
      non-NULL initialized.
      
      With network device drivers such as virtio_net, this leads to a NPD as
      soon as the DSA switch hanging off of it gets torn down because we are
      now assigning the virtio_net device's netdev_ops a NULL pointer.
      
      Fixes: da7b9e9b ("net: dsa: Add ndo_get_phys_port_name() for CPU port")
      Reported-by: NAllen Pais <allen.pais@oracle.com>
      Signed-off-by: NFlorian Fainelli <f.fainelli@gmail.com>
      Tested-by: NAllen Pais <allen.pais@oracle.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      050569fc
    • V
      net: dsa: remove duplicate assignment in dsa_slave_add_cls_matchall_mirred · 65722159
      Vladimir Oltean 提交于
      This was caused by a poor merge conflict resolution on my side. The
      "act = &cls->rule->action.entries[0];" assignment was already present in
      the code prior to the patch mentioned below.
      
      Fixes: e13c2075 ("net: dsa: refactor matchall mirred action to separate function")
      Signed-off-by: NVladimir Oltean <vladimir.oltean@nxp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      65722159
    • W
      net: stricter validation of untrusted gso packets · 9274124f
      Willem de Bruijn 提交于
      Syzkaller again found a path to a kernel crash through bad gso input:
      a packet with transport header extending beyond skb_headlen(skb).
      
      Tighten validation at kernel entry:
      
      - Verify that the transport header lies within the linear section.
      
          To avoid pulling linux/tcp.h, verify just sizeof tcphdr.
          tcp_gso_segment will call pskb_may_pull (th->doff * 4) before use.
      
      - Match the gso_type against the ip_proto found by the flow dissector.
      
      Fixes: bfd5f4a3 ("packet: Add GSO/csum offload support.")
      Reported-by: Nsyzbot <syzkaller@googlegroups.com>
      Signed-off-by: NWillem de Bruijn <willemb@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9274124f
    • A
      seg6: fix SRH processing to comply with RFC8754 · 0cb7498f
      Ahmed Abdelsalam 提交于
      The Segment Routing Header (SRH) which defines the SRv6 dataplane is defined
      in RFC8754.
      
      RFC8754 (section 4.1) defines the SR source node behavior which encapsulates
      packets into an outer IPv6 header and SRH. The SR source node encodes the
      full list of Segments that defines the packet path in the SRH. Then, the
      first segment from list of Segments is copied into the Destination address
      of the outer IPv6 header and the packet is sent to the first hop in its path
      towards the destination.
      
      If the Segment list has only one segment, the SR source node can omit the SRH
      as he only segment is added in the destination address.
      
      RFC8754 (section 4.1.1) defines the Reduced SRH, when a source does not
      require the entire SID list to be preserved in the SRH. A reduced SRH does
      not contain the first segment of the related SR Policy (the first segment is
      the one already in the DA of the IPv6 header), and the Last Entry field is
      set to n-2, where n is the number of elements in the SR Policy.
      
      RFC8754 (section 4.3.1.1) defines the SRH processing and the logic to
      validate the SRH (S09, S10, S11) which works for both reduced and
      non-reduced behaviors.
      
      This patch updates seg6_validate_srh() to validate the SRH as per RFC8754.
      Signed-off-by: NAhmed Abdelsalam <ahabdels@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0cb7498f
    • D
      Merge branch 'FDB-fixes-for-Felix-and-Ocelot-switches' · 6e0ddb65
      David S. Miller 提交于
      Vladimir Oltean says:
      
      ====================
      FDB fixes for Felix and Ocelot switches
      
      This series fixes the following problems:
      - Dynamically learnt addresses never expiring (neither for Ocelot nor
        for Felix)
      - Half of the FDB not visible in 'bridge fdb show' (for Felix only)
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6e0ddb65
    • V
      net: mscc: ocelot: ANA_AUTOAGE_AGE_PERIOD holds a value in seconds, not ms · c0d7eccb
      Vladimir Oltean 提交于
      One may notice that automatically-learnt entries 'never' expire, even
      though the bridge configures the address age period at 300 seconds.
      
      Actually the value written to hardware corresponds to a time interval
      1000 times higher than intended, i.e. 83 hours.
      
      Fixes: a556c76a ("net: mscc: Add initial Ocelot switch support")
      Signed-off-by: NVladimir Oltean <vladimir.oltean@nxp.com>
      Reviewed-by: NFlorian Faineli <f.fainelli@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      c0d7eccb
    • V
      net: dsa: ocelot: the MAC table on Felix is twice as large · 21ce7f3e
      Vladimir Oltean 提交于
      When running 'bridge fdb dump' on Felix, sometimes learnt and static MAC
      addresses would appear, sometimes they wouldn't.
      
      Turns out, the MAC table has 4096 entries on VSC7514 (Ocelot) and 8192
      entries on VSC9959 (Felix), so the existing code from the Ocelot common
      library only dumped half of Felix's MAC table. They are both organized
      as a 4-way set-associative TCAM, so we just need a single variable
      indicating the correct number of rows.
      
      Fixes: 56051948 ("net: dsa: ocelot: add driver for Felix switch family")
      Signed-off-by: NVladimir Oltean <vladimir.oltean@nxp.com>
      Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      21ce7f3e
    • L
      Merge tag 'tag-chrome-platform-fixes-for-v5.7-rc5' of... · b9388959
      Linus Torvalds 提交于
      Merge tag 'tag-chrome-platform-fixes-for-v5.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux
      
      Pull chrome platform fix from Benson Leung:
       "Fix a resource allocation issue in cros_ec_sensorhub.c"
      
      * tag 'tag-chrome-platform-fixes-for-v5.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux:
        platform/chrome: cros_ec_sensorhub: Allocate sensorhub resource before claiming sensors
      b9388959
    • V
      net: dsa: sja1105: the PTP_CLK extts input reacts on both edges · 0ba83aa0
      Vladimir Oltean 提交于
      It looks like the sja1105 external timestamping input is not as generic
      as we thought. When fed a signal with 50% duty cycle, it will timestamp
      both the rising and the falling edge. When fed a short pulse signal,
      only the timestamp of the falling edge will be seen in the PTPSYNCTS
      register, because that of the rising edge had been overwritten. So the
      moral is: don't feed it short pulse inputs.
      
      Luckily this is not a complete deal breaker, as we can still work with
      1 Hz square waves. But the problem is that the extts polling period was
      not dimensioned enough for this input signal. If we leave the period at
      half a second, we risk losing timestamps due to jitter in the measuring
      process. So we need to increase it to 4 times per second.
      
      Also, the very least we can do to inform the user is to deny any other
      flags combination than with PTP_RISING_EDGE and PTP_FALLING_EDGE both
      set.
      
      Fixes: 747e5eb3 ("net: dsa: sja1105: configure the PTP_CLK pin as EXT_TS or PER_OUT")
      Signed-off-by: NVladimir Oltean <vladimir.oltean@nxp.com>
      Acked-by: NRichard Cochran <richardcochran@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0ba83aa0
    • E
      selftests: net: tcp_mmap: fix SO_RCVLOWAT setting · a8472417
      Eric Dumazet 提交于
      Since chunk_size is no longer an integer, we can not
      use it directly as an argument of setsockopt().
      
      This patch should fix tcp_mmap for Big Endian kernels.
      
      Fixes: 597b01ed ("selftests: net: avoid ptl lock contention in tcp_mmap")
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Soheil Hassas Yeganeh <soheil@google.com>
      Cc: Arjun Roy <arjunroy@google.com>
      Acked-by: NSoheil Hassas Yeganeh <soheil@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a8472417
    • M
      net: hsr: fix incorrect type usage for protocol variable · f5dda315
      Murali Karicheri 提交于
      Fix following sparse checker warning:-
      
      net/hsr/hsr_slave.c:38:18: warning: incorrect type in assignment (different base types)
      net/hsr/hsr_slave.c:38:18:    expected unsigned short [unsigned] [usertype] protocol
      net/hsr/hsr_slave.c:38:18:    got restricted __be16 [usertype] h_proto
      net/hsr/hsr_slave.c:39:25: warning: restricted __be16 degrades to integer
      net/hsr/hsr_slave.c:39:57: warning: restricted __be16 degrades to integer
      Signed-off-by: NMurali Karicheri <m-karicheri2@ti.com>
      Acked-by: NVinicius Costa Gomes <vinicius.gomes@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f5dda315
    • A
      net: macsec: fix rtnl locking issue · 29ca3cdf
      Antoine Tenart 提交于
      netdev_update_features() must be called with the rtnl lock taken. Not
      doing so triggers a warning, as ASSERT_RTNL() is used in
      __netdev_update_features(), the first function called by
      netdev_update_features(). Fix this.
      
      Fixes: c850240b ("net: macsec: report real_dev features when HW offloading is enabled")
      Signed-off-by: NAntoine Tenart <antoine.tenart@bootlin.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      29ca3cdf
    • D
      net: mvpp2: cls: Prevent buffer overflow in mvpp2_ethtool_cls_rule_del() · 722c0f00
      Dan Carpenter 提交于
      The "info->fs.location" is a u32 that comes from the user via the
      ethtool_set_rxnfc() function.  We need to check for invalid values to
      prevent a buffer overflow.
      
      I copy and pasted this check from the mvpp2_ethtool_cls_rule_ins()
      function.
      
      Fixes: 90b509b3 ("net: mvpp2: cls: Add Classification offload support")
      Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      722c0f00
    • D
      net: mvpp2: prevent buffer overflow in mvpp22_rss_ctx() · 39bd16df
      Dan Carpenter 提交于
      The "rss_context" variable comes from the user via  ethtool_get_rxfh().
      It can be any u32 value except zero.  Eventually it gets passed to
      mvpp22_rss_ctx() and if it is over MVPP22_N_RSS_TABLES (8) then it
      results in an array overflow.
      
      Fixes: 895586d5 ("net: mvpp2: cls: Use RSS contexts to handle RSS tables")
      Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      39bd16df
    • E
      selftests: net: tcp_mmap: clear whole tcp_zerocopy_receive struct · bf5525f3
      Eric Dumazet 提交于
      We added fields in tcp_zerocopy_receive structure,
      so make sure to clear all fields to not pass garbage to the kernel.
      
      We were lucky because recent additions added 'out' parameters,
      still we need to clean our reference implementation, before folks
      copy/paste it.
      
      Fixes: c8856c05 ("tcp-zerocopy: Return inq along with tcp receive zerocopy.")
      Fixes: 33946518 ("tcp-zerocopy: Return sk_err (if set) along with tcp receive zerocopy.")
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Arjun Roy <arjunroy@google.com>
      Cc: Soheil Hassas Yeganeh <soheil@google.com>
      Acked-by: NSoheil Hassas Yeganeh <soheil@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      bf5525f3
    • L
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 3c40cdb0
      Linus Torvalds 提交于
      Pull crypto fixes from Herbert Xu:
       "This fixes a potential scheduling latency problem for the algorithms
        used by WireGuard"
      
      * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
        crypto: arch/nhpoly1305 - process in explicit 4k chunks
        crypto: arch/lib - limit simd usage to 4k chunks
      3c40cdb0
  2. 06 5月, 2020 3 次提交
  3. 05 5月, 2020 8 次提交
    • X
      platform/x86: thinkpad_acpi: Remove always false 'value < 0' statement · f8a31eca
      Xiongfeng Wang 提交于
      Since 'value' is declared as unsigned long, the following statement is
      always false.
      	value < 0
      
      So let's remove it.
      Reported-by: NHulk Robot <hulkci@huawei.com>
      Signed-off-by: NXiongfeng Wang <wangxiongfeng2@huawei.com>
      Signed-off-by: NAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      f8a31eca
    • A
      platform/x86: intel_pmc_core: avoid unused-function warnings · 01f259f3
      Arnd Bergmann 提交于
      When both CONFIG_DEBUG_FS and CONFIG_PM_SLEEP are disabled, the
      functions that got moved out of the #ifdef section now cause
      a warning:
      
      drivers/platform/x86/intel_pmc_core.c:654:13: error: 'pmc_core_lpm_display' defined but not used [-Werror=unused-function]
        654 | static void pmc_core_lpm_display(struct pmc_dev *pmcdev, struct device *dev,
            |             ^~~~~~~~~~~~~~~~~~~~
      drivers/platform/x86/intel_pmc_core.c:617:13: error: 'pmc_core_slps0_display' defined but not used [-Werror=unused-function]
        617 | static void pmc_core_slps0_display(struct pmc_dev *pmcdev, struct device *dev,
            |             ^~~~~~~~~~~~~~~~~~~~~~
      
      Rather than add even more #ifdefs here, remove them entirely and
      let the compiler work it out, it can actually get rid of all the
      debugfs calls without problems as long as the struct member is
      there.
      
      The two PM functions just need a __maybe_unused annotations to avoid
      another warning instead of the #ifdef.
      
      Fixes: aae43c2b ("platform/x86: intel_pmc_core: Relocate pmc_core_*_display() to outside of CONFIG_DEBUG_FS")
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      01f259f3
    • H
      platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA · 3bd12da7
      Hans de Goede 提交于
      asus-nb-wmi does not add any extra functionality on these Asus
      Transformer books. They have detachable keyboards, so the hotkeys are
      send through a HID device (and handled by the hid-asus driver) and also
      the rfkill functionality is not used on these devices.
      
      Besides not adding any extra functionality, initializing the WMI interface
      on these devices actually has a negative side-effect. For some reason
      the \_SB.ATKD.INIT() function which asus_wmi_platform_init() calls drives
      GPO2 (INT33FC:02) pin 8, which is connected to the front facing webcam LED,
      high and there is no (WMI or other) interface to drive this low again
      causing the LED to be permanently on, even during suspend.
      
      This commit adds a blacklist of DMI system_ids on which not to load the
      asus-nb-wmi and adds these Transformer books to this list. This fixes
      the webcam LED being permanently on under Linux.
      Signed-off-by: NHans de Goede <hdegoede@redhat.com>
      Signed-off-by: NAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      3bd12da7
    • A
      platform/x86: intel_pmc_core: Change Jasper Lake S0ix debug reg map back to ICL · e87fa339
      Archana Patni 提交于
      Jasper Lake uses Icelake PCH IPs and the S0ix debug interfaces are same as
      Icelake. It uses SLP_S0_DBG register latch/read interface from Icelake
      generation. It doesn't use Tiger Lake LPM debug registers. Change the
      Jasper Lake S0ix debug interface to use the ICL reg map.
      
      Fixes: 16292bed ("platform/x86: intel_pmc_core: Add Atom based Jasper Lake (JSL) platform support")
      Signed-off-by: NArchana Patni <archana.patni@intel.com>
      Acked-by: NDavid E. Box <david.e.box@intel.com>
      Tested-by: NDivagar Mohandass <divagar.mohandass@intel.com>
      Signed-off-by: NAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      e87fa339
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid · 47cf1b42
      Linus Torvalds 提交于
      Pull HID fixes from Jiri Kosina:
      
       - Wacom driver functional and regression fixes from Jason Gerecke
      
       - race condition fix in usbhid, found by syzbot and fixed by Alan Stern
      
       - a few device-specific quirks and ID additions
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid:
        HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock
        HID: mcp2221: add gpiolib dependency
        HID: i2c-hid: reset Synaptics SYNA2393 on resume
        HID: wacom: Report 2nd-gen Intuos Pro S center button status over BT
        HID: usbhid: Fix race between usbhid_close() and usbhid_stop()
        Revert "HID: wacom: generic: read the number of expected touches on a per collection basis"
        HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead
        HID: alps: Add AUI1657 device ID
        HID: logitech: Add support for Logitech G11 extra keys
        HID: multitouch: add eGalaxTouch P80H84 support
        HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices
      47cf1b42
    • Q
      nfp: abm: fix a memory leak bug · bd4af432
      Qiushi Wu 提交于
      In function nfp_abm_vnic_set_mac, pointer nsp is allocated by nfp_nsp_open.
      But when nfp_nsp_has_hwinfo_lookup fail, the pointer is not released,
      which can lead to a memory leak bug. Fix this issue by adding
      nfp_nsp_close(nsp) in the error path.
      
      Fixes: f6e71efd ("nfp: abm: look up MAC addresses via management FW")
      Signed-off-by: NQiushi Wu <wu000273@umn.edu>
      Acked-by: NJakub Kicinski <kuba@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      bd4af432
    • C
      atm: fix a memory leak of vcc->user_back · 8d9f73c0
      Cong Wang 提交于
      In lec_arp_clear_vccs() only entry->vcc is freed, but vcc
      could be installed on entry->recv_vcc too in lec_vcc_added().
      
      This fixes the following memory leak:
      
      unreferenced object 0xffff8880d9266b90 (size 16):
        comm "atm2", pid 425, jiffies 4294907980 (age 23.488s)
        hex dump (first 16 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 6b 6b 6b a5  ............kkk.
        backtrace:
          [<(____ptrval____)>] kmem_cache_alloc_trace+0x10e/0x151
          [<(____ptrval____)>] lane_ioctl+0x4b3/0x569
          [<(____ptrval____)>] do_vcc_ioctl+0x1ea/0x236
          [<(____ptrval____)>] svc_ioctl+0x17d/0x198
          [<(____ptrval____)>] sock_do_ioctl+0x47/0x12f
          [<(____ptrval____)>] sock_ioctl+0x2f9/0x322
          [<(____ptrval____)>] vfs_ioctl+0x1e/0x2b
          [<(____ptrval____)>] ksys_ioctl+0x61/0x80
          [<(____ptrval____)>] __x64_sys_ioctl+0x16/0x19
          [<(____ptrval____)>] do_syscall_64+0x57/0x65
          [<(____ptrval____)>] entry_SYSCALL_64_after_hwframe+0x49/0xb3
      
      Cc: Gengming Liu <l.dmxcsnsbh@gmail.com>
      Signed-off-by: NCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8d9f73c0
    • C
      atm: fix a UAF in lec_arp_clear_vccs() · 93a2014a
      Cong Wang 提交于
      Gengming reported a UAF in lec_arp_clear_vccs(),
      where we add a vcc socket to an entry in a per-device
      list but free the socket without removing it from the
      list when vcc->dev is NULL.
      
      We need to call lec_vcc_close() to search and remove
      those entries contain the vcc being destroyed. This can
      be done by calling vcc->push(vcc, NULL) unconditionally
      in vcc_destroy_socket().
      
      Another issue discovered by Gengming's reproducer is
      the vcc->dev may point to the static device lecatm_dev,
      for which we don't need to register/unregister device,
      so we can just check for vcc->dev->ops->owner.
      Reported-by: NGengming Liu <l.dmxcsnsbh@gmail.com>
      Signed-off-by: NCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      93a2014a