- 17 7月, 2021 18 次提交
-
-
由 Zhang Tianxing 提交于
hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I409K9 CVE: NA ----------------------------------------------------------------- Expected error message `ima: Unable to open file:` can be overwritten when the uploaded path contains control characters like `\r` or `\b`. Therefore, When an invalid path (which contains control characters) is uploaded through SecurityFS, unexpected logs can be printed to dmesg. This patch rejects policy paths with control characters. Signed-off-by: NZhang Tianxing <zhangtianxing3@huawei.com> Reviewed-by: NRoberto Sassu <roberto.sassu@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Zhang Tianxing 提交于
hulk inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I409K9 CVE: NA ----------------------------------------------------------------- This patch sets max size for IMA digest database to prevent OOM. A __ro_after_init global variable ima_digest_db_max_size is used to set the maximum data uploaded to digest database. Another global variable ima_digest_db_size records the data uploaded to kernel digest database and increments when uploading digest lists. Signed-off-by: NZhang Tianxing <zhangtianxing3@huawei.com> Reviewed-by: NRoberto Sassu <roberto.sassu@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit b9046e88 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b9046e88f6be56f420052822a3a7ac80e3c4d98a ---------------------------------------------------------------------- Commit fa821170 ("net: add inline function skb_csum_is_sctp") missed replacing skb->csum_not_inet check in hns3. This patch is to replace it with skb_csum_is_sctp(). Reported-by: NJakub Kicinski <kuba@kernel.org> Signed-off-by: NXin Long <lucien.xin@gmail.com> Link: https://lore.kernel.org/r/3ad3c22c08beb0947f5978e790bd98d2aa063df9.1611307861.git.lucien.xin@gmail.comSigned-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit fc186d0a category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc186d0a4ef8cc493a04895e620c7d55052a9d93 ---------------------------------------------------------------------- Using skb_csum_is_sctp is a easier way to validate it's a SCTP CRC checksum offload packet, and yet it also makes ixgbevf support SCTP CRC checksum offload for UDP and GRE encapped packets, just as it does in igb driver. Signed-off-by: NXin Long <lucien.xin@gmail.com> Reviewed-by: NAlexander Duyck <alexanderduyck@fb.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit f8c4b01d category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f8c4b01d3a680de2144dd274df03ffaf69cfb881 ---------------------------------------------------------------------- Using skb_csum_is_sctp is a easier way to validate it's a SCTP CRC checksum offload packet, and yet it also makes ixgbe support SCTP CRC checksum offload for UDP and GRE encapped packets, just as it does in igb driver. Signed-off-by: NXin Long <lucien.xin@gmail.com> Reviewed-by: NAlexander Duyck <alexanderduyck@fb.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit 609d29a9 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=609d29a9d2429a840a2f1f44e77b71d58e3e9a33 ---------------------------------------------------------------------- Using skb_csum_is_sctp is a easier way to validate it's a SCTP CRC checksum offload packet, and yet it also makes igc support SCTP CRC checksum offload for UDP and GRE encapped packets, just as it does in igb driver. Signed-off-by: NXin Long <lucien.xin@gmail.com> Reviewed-by: NAlexander Duyck <alexanderduyck@fb.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit d2de4444 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d2de44443cafa16f6c8c6e724632d57097991f55 ---------------------------------------------------------------------- Using skb_csum_is_sctp is a easier way to validate it's a SCTP CRC checksum offload packet, and yet it also makes igbvf support SCTP CRC checksum offload for UDP and GRE encapped packets, just as it does in igb driver. Signed-off-by: NXin Long <lucien.xin@gmail.com> Reviewed-by: NAlexander Duyck <alexanderduyck@fb.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit 8bcf0203 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8bcf02035bd5ab5f22110d16a1aaee1794aa8d3c ---------------------------------------------------------------------- Using skb_csum_is_sctp is a easier way to validate it's a SCTP CRC checksum offload packet, and there is no need to parse the packet to check its proto field, especially when it's a UDP or GRE encapped packet. So this patch also makes igb support SCTP CRC checksum offload for UDP and GRE encapped packets. Signed-off-by: NXin Long <lucien.xin@gmail.com> Reviewed-by: NAlexander Duyck <alexanderduyck@fb.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Xin Long 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit fa821170 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa82117010430aff2ce86400f7328f55a31b48a6 ---------------------------------------------------------------------- This patch is to define a inline function skb_csum_is_sctp(), and also replace all places where it checks if it's a SCTP CSUM skb. This function would be used later in many networking drivers in the following patches. Suggested-by: NAlexander Duyck <alexander.duyck@gmail.com> Signed-off-by: NXin Long <lucien.xin@gmail.com> Reviewed-by: NAlexander Duyck <alexanderduyck@fb.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Colin Ian King 提交于
mainline inclusion from mainline-v5.11-rc1 commit efd5a158 category: bugfix bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=efd5a1584537698220578227e6467638307c2a0b ---------------------------------------------------------------------- The || condition in hdev->fd_active_type != HCLGE_FD_ARFS_ACTIVE || hdev->fd_active_type != HCLGE_FD_RULE_NONE will always be true because hdev->fd_active_type cannot be equal to two different values at the same time. The expression is always true which is not correct. Fix this by replacing || with && to correct the logic in the expression. Addresses-Coverity: ("Constant expression result") Fixes: 0205ec04 ("net: hns3: add support for hw tc offload of tc flower") Signed-off-by: NColin Ian King <colin.king@canonical.com> Reviewed-by: NHuazhong Tan <tanhuazhong@huawei.com> Link: https://lore.kernel.org/r/20201215000033.85383-1-colin.king@canonical.comSigned-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Guojia Liao 提交于
mainline inclusion from mainline-v5.11-rc1 commit cdab7c97 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cdab7c9779709755de90b9d017df2682f797e2bb ---------------------------------------------------------------------- For the max rss size of PF may be up to 512, the max queue number of single tc may be up to 512 too. For the total queue numbers may be up to 1280, so the queue offset of each tc may be more than 1024. So adjust the rss tc mode configuration command, including extend tc size field from 10 bits to 11 bits, and extend tc size field from 3 bits to 4 bits. Signed-off-by: NGuojia Liao <liaoguojia@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Guojia Liao 提交于
mainline inclusion from mainline-v5.11-rc1 commit 8eeb1f4b category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8eeb1f4bce68e91dea52d1832b89fed3a984cb58 ---------------------------------------------------------------------- For the max rss size of PF may be up to 512, so adjust the command of configuring rss indirection table to support queue id larger than 255. The width of queue id is extended from 8 bits to 10 bits. The high 2 bits are stored in filed rss_qid_h when the queue id is larger than 255. Signed-off-by: NGuojia Liao <liaoguojia@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Guojia Liao 提交于
mainline inclusion from mainline-v5.11-rc1 commit f1c2e66d category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f1c2e66d7f38cb1e919bd594af4ad4a9ae8344cc ---------------------------------------------------------------------- Currently, the driver gets the max rss size from configuration file when initialization. Both the PF and VF share the same max rss size, and no more than 128. For DEVICE_VERSION_V3, the max rss size for PF can be up to 512, so there is a new field in configuration file to store it, the old filed is used for VF. To be compatible with boards using old configure file, the PF will use the old filed if the one is zero. For the rss size may be larger than 256, so the type of rss_indirection_tbl of struct hclge_vport should be changed to u16 as well. Signed-off-by: NGuojia Liao <liaoguojia@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jian Shen 提交于
mainline inclusion from mainline-v5.11-rc1 commit 0205ec04 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0205ec041ec61838f80f092e4232a8e5de4ee55f ---------------------------------------------------------------------- Some new device supports forwarding packet to queues of specified TC when flow director rule hit. So add support to configure flow director rule by tc flower. To avoid rule conflict, add a new flow director mode HCLGE_FD_TC_FLOWER_ACTIVE, and only one mode can be active at the same time. Signed-off-by: NJian Shen <shenjian15@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jian Shen 提交于
mainline inclusion from mainline-v5.11-rc1 commit 0f993fe2 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f993fe2b89db2342833856cc0597a309f278e55 ---------------------------------------------------------------------- For some new device, it supports forwarding packet to queues of specified TC when flow director rule hit. So extend the command handle to support it. Signed-off-by: NJian Shen <shenjian15@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jian Shen 提交于
mainline inclusion from mainline-v5.11-rc1 commit 5a5c9091 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5a5c9091746749d9e16ff807035a940ca0ae4941 ---------------------------------------------------------------------- Currently, the HNS3 driver only supports offload for tc number and prio_tc. This patch adds support for other qopts, including queues count and offset for each tc. When enable tc mqprio offload, it's not allowed to change queue numbers by ethtool. For hardware limitation, the queue number of each tc should be power of 2. For the queues is not assigned to each tc by average, so it's should return vport->alloc_tqps for hclge_get_max_channels(). Signed-off-by: NJian Shen <shenjian15@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jian Shen 提交于
mainline inclusion from mainline-v5.11-rc1 commit 35244430 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35244430d62422e96b4c9c9b4c00c0ebece91d73 ---------------------------------------------------------------------- Currently, there are multiple members related to tc information in struct hnae3_knic_private_info. Merge them into a new struct hnae3_tc_info. Signed-off-by: NJian Shen <shenjian15@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Zheng Yongjun 提交于
mainline inclusion from mainline-v5.11-rc1 commit 474d8fef category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=474d8feffb31b7f798be0eeab2f5d95557bd79d7 ---------------------------------------------------------------------- Replace a comma between expression statements by a semicolon. Signed-off-by: NZheng Yongjun <zhengyongjun3@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
- 16 7月, 2021 22 次提交
-
-
由 Alexander Lobakin 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit a79afa78 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a79afa78e625e4dbe0e07c70929d477ba3386e45 ---------------------------------------------------------------------- Now we can remove a bunch of identical functions from the drivers and make them use common dev_page_is_reusable(). All {,un}likely() checks are omitted since it's already present in this helper. Also update some comments near the call sites. Suggested-by: NDavid Rientjes <rientjes@google.com> Suggested-by: NJakub Kicinski <kuba@kernel.org> Cc: John Hubbard <jhubbard@nvidia.com> Signed-off-by: NAlexander Lobakin <alobakin@pm.me> Reviewed-by: NJesse Brandeburg <jesse.brandeburg@intel.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Alexander Lobakin 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit bc38f30f category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc38f30f8dbce0afb8af05d917bee084b1329418 ---------------------------------------------------------------------- A bunch of drivers test the page before reusing/recycling for two common conditions: - if a page was allocated under memory pressure (pfmemalloc page); - if a page was allocated at a distant memory node (to exclude slowdowns). Introduce a new common inline for doing this, with likely() already folded inside to make driver code a bit simpler. Suggested-by: NDavid Rientjes <rientjes@google.com> Suggested-by: NJakub Kicinski <kuba@kernel.org> Cc: John Hubbard <jhubbard@nvidia.com> Signed-off-by: NAlexander Lobakin <alobakin@pm.me> Reviewed-by: NJesse Brandeburg <jesse.brandeburg@intel.com> Acked-by: NDavid Rientjes <rientjes@google.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Alexander Lobakin 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit 48f971c9 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48f971c9c80a728646fc03367a28df747f20d0f4 ---------------------------------------------------------------------- The function doesn't write anything to the page struct itself, so this argument can be const. Misc: align second argument to the brace while at it. Signed-off-by: NAlexander Lobakin <alobakin@pm.me> Reviewed-by: NJesse Brandeburg <jesse.brandeburg@intel.com> Acked-by: NDavid Rientjes <rientjes@google.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Alexander Lobakin 提交于
mainline inclusion from mainline-v5.12-rc1-dontuse commit 1d7bab6a category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d7bab6a94458e959f3f55788fd50ddc7d97403b ---------------------------------------------------------------------- The function only tests for page->index, so its argument should be const. Signed-off-by: NAlexander Lobakin <alobakin@pm.me> Reviewed-by: NJesse Brandeburg <jesse.brandeburg@intel.com> Acked-by: NDavid Rientjes <rientjes@google.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Guojia Liao 提交于
mainline inclusion from mainline-v5.11-rc1 commit 592b0179 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=592b0179cd498641ae45b9ad4276f5038230f7aa ---------------------------------------------------------------------- For DEVICE_VERSION_V2, the hardware only supports max two layer VLAN tags, including port based tag inserted by hardware, tag in tx buffer descriptor(get from skb->tci) and tag in packet. For transmit packet: If port based VLAN disabled, and vf driver gets a VLAN tag from skb, the VLAN tag must be filled to the Outer_VLAN_TAG field (tag near to DMAC) of tx buffer descriptor, otherwise it may be inserted after the tag in packet. If port based VLAN enabled, and vf driver gets a VLAN tag from skb, the VLAN tag must be filled to the VLAN_TAG field (tag far to DMAC) of tx buffer descriptor, otherwise it may be conflicted with port based VLAN, and raise a hardware error. For receive packet: The hardware will strip the VLAN tags and fill them in the rx buffer descriptor, no matter port based VLAN enable or not. Because port based VLAN tag is useless for stack, so vf driver needs to discard the port based VLAN tag get from rx buffer descriptor when port based VLAN enabled. So vf must know about the port based VLAN state. For DEVICE_VERSION_V3, the hardware provides some new configuration to improve it. For transmit packet: When enable tag shift mode, hardware will handle the VLAN tag in outer_VLAN_TAG field as VLAN_TAG, so it won't conflict with port based VLAN. And hardware also make sure the tag before the tag in packet. So vf driver doesn't need to specify the tag position according to the port based VLAN state anymore. For receive packet: When enable discard mode, hardware will strip and discard the port based VLAN tag, so vf driver doesn't need to identify it from rx buffer descriptor. So modify the port based VLAN configuration, simplify the process for vf handling the VLAN tag. Signed-off-by: NGuojia Liao <liaoguojia@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jian Shen 提交于
mainline inclusion from mainline-v5.11-rc1 commit 5e7414cd category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5e7414cdf1abea7e2fc19a3190aa7b0d0b1e629d ---------------------------------------------------------------------- Currently, the tx unicast promisc is always enabled when promisc mode on. If tx unicast promisc on, a function will receive all unicast packet from other functions belong to the same port. Add a ethtool private flag to control whether enable tx unicast promisc. Then the function is able to filter the unknown unicast packets from other function. Signed-off-by: NJian Shen <shenjian15@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Guojia Liao 提交于
mainline inclusion from mainline-v5.11-rc1 commit c43abe1a category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c43abe1a5f83d3afe39f9aea99edfd594add705c ---------------------------------------------------------------------- For DEVICE_VERSION_V2, the hardware supports enable tx and rx promiscuous separately. But tx or rx promiscuous is active for unicast, multicast and broadcast promiscuous simultaneously. To support traffics between functions belong to the same port, we always enable tx promiscuous for broadcast promiscuous, so tx promiscuous for unicast and multicast promiscuous is also enabled. For DEVICE_VERSION_V3, the hardware decouples the above relationship. Tx unicast promiscuous, rx unicast promiscuous, tx multicast promiscuous, rx multicast promiscuous, tx broadcast promiscuous and rx broadcast promiscuous can be enabled separately. So add support for the new promiscuous command. Signed-off-by: NGuojia Liao <liaoguojia@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: NYongxin Li <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Shenming Lu 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZSU3 CVE: NA --------------------------- Before GICv4.1, we don't have direct access to the VLPI state. So we simply let it fail early when encountering any VLPI in saving. But now we don't have to return -EACCES directly if on GICv4.1. Let’s change the hard code and give a chance to save the VLPI state (and preserve the UAPI). Signed-off-by: NShenming Lu <lushenming@huawei.com> Signed-off-by: NMarc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210322060158.1584-7-lushenming@huawei.comReviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Zenghui Yu 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZSU3 CVE: NA --------------------------- When setting the forwarding path of a VLPI (switch to the HW mode), we can also transfer the pending state from irq->pending_latch to VPT (especially in migration, the pending states of VLPIs are restored into kvm’s vgic first). And we currently send "INT+VSYNC" to trigger a VLPI to pending. Signed-off-by: NZenghui Yu <yuzenghui@huawei.com> Signed-off-by: NShenming Lu <lushenming@huawei.com> Signed-off-by: NMarc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210322060158.1584-6-lushenming@huawei.comReviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Shenming Lu 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZSU3 CVE: NA --------------------------- After pausing all vCPUs and devices capable of interrupting, in order to save the states of all interrupts, besides flushing the states in kvm’s vgic, we also try to flush the states of VLPIs in the virtual pending tables into guest RAM, but we need to have GICv4.1 and safely unmap the vPEs first. As for the saving of VSGIs, which needs the vPEs to be mapped and might conflict with the saving of VLPIs, but since we will map the vPEs back at the end of save_pending_tables and both savings require the kvm->lock to be held (thus only happen serially), it will work fine. Signed-off-by: NShenming Lu <lushenming@huawei.com> Signed-off-by: NMarc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210322060158.1584-5-lushenming@huawei.comReviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Shenming Lu 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZSU3 CVE: NA --------------------------- With GICv4.1 and the vPE unmapped, which indicates the invalidation of any VPT caches associated with the vPE, we can get the VLPI state by peeking at the VPT. So we add a function for this. Signed-off-by: NShenming Lu <lushenming@huawei.com> Signed-off-by: NMarc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210322060158.1584-4-lushenming@huawei.comReviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Shenming Lu 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZSU3 CVE: NA --------------------------- GICv4.1 gives a way to get the VLPI state, which needs to map the vPE first, and after the state read, we may remap the vPE back while the VPT is not empty. So we can't assume that the VPT is empty at the first map. Besides, the optimization of PTZ is probably limited since the HW should be fairly efficient to parse the empty VPT. Let's drop the setting of PTZ altogether. Signed-off-by: NShenming Lu <lushenming@huawei.com> Signed-off-by: NMarc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210322060158.1584-3-lushenming@huawei.comReviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Marc Zyngier 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZSU3 CVE: NA --------------------------- In order to be able to manipulate the VPT once a vPE has been unmapped, perform the required CMO to invalidate the CPU view of the VPT. Signed-off-by: NMarc Zyngier <maz@kernel.org> Signed-off-by: NShenming Lu <lushenming@huawei.com> Link: https://lore.kernel.org/r/20210322060158.1584-2-lushenming@huawei.comReviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Yonglong Liu 提交于
mainline inclusion from mainline-v5.11-rc1 commit d78e5b6a category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d78e5b6a6764cb6e83668806b63d74566db36399 ---------------------------------------------------------------------- Bellow HNAE3_DEVICE_VERSION_V3, MAC pause mode just support one TC, when enabled multiple TCs, force enable PFC mode. HNAE3_DEVICE_VERSION_V3 can support MAC pause mode on multiple TCs, so when enable multiple TCs, just keep MAC pause mode, and enable PFC mode just according to the user settings. Signed-off-by: NYonglong Liu <liuyonglong@huawei.com> Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Huazhong Tan 提交于
mainline inclusion from mainline-v5.11-rc1 commit ade36cce category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ade36ccef1d7d830a17bbe7eba3a6223e81cdc80 ---------------------------------------------------------------------- For the device whose version is above V3(include V3), the hardware can do checksum offload for the non-tunnel udp packet, who has a dest port as the IANA assigned. So add a check for devcie's verion in hns3_tunnel_csum_bug(). Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Huazhong Tan 提交于
mainline inclusion from mainline-v5.11-rc1 commit b1533ada category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b1533ada7480237be6ffac86092495450f3de3a4 ---------------------------------------------------------------------- Since TX hardware checksum and RX completion checksum have been supported now, so add related information in hns3_dbg_bd_info(). Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Huazhong Tan 提交于
mainline inclusion from mainline-v5.11-rc1 commit 3e281621 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e2816219d7ccae4ab4b5ed480566e05aef9cf1a ---------------------------------------------------------------------- For the device who has the capability to handle udp tunnel checksum segmentation, add support for it. Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Huazhong Tan 提交于
mainline inclusion from mainline-v5.11-rc1 commit 57e72c12 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=57e72c121c7fab33d643f97b617a2c2bb83ea533 ---------------------------------------------------------------------- Currently, device V1 and V2 do not support segmentation offload for UDP based tunnel packet who needs outer UDP checksum offload, so there is a workaround in the driver to set the checksum of the outer UDP checksum as zero. This is not what the user wants, so remove this feature for device V1 and V2, add support for it later(when the device has the ability to do that). Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Huazhong Tan 提交于
mainline inclusion from mainline-v5.11-rc1 commit 66d52f3b category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d52f3bf385c8d969e9ca6b281ddf773c9691d7 ---------------------------------------------------------------------- For the device that supports TX hardware checksum, the hardware can calculate the checksum from the start and fill the checksum to the offset position, which reduces the operations of calculating the type and header length of L3/L4. So add this feature for the HNS3 ethernet driver. The previous simple BD description is unsuitable, rename it as HW TX CSUM. Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Huazhong Tan 提交于
mainline inclusion from mainline-v5.11-rc1 commit 4b2fe769 category: feature bugzilla: 173966 CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4b2fe769aad9736624147882e566eeeb8dd4c187 ---------------------------------------------------------------------- In some cases (for example ip fragment), hardware will calculate the checksum of whole packet in RX, and setup the HNS3_RXD_L2_CSUM_B flag in the descriptor, so add support to utilize this checksum. Signed-off-by: NHuazhong Tan <tanhuazhong@huawei.com> Signed-off-by: NJakub Kicinski <kuba@kernel.org> Reviewed-by: Nli yongxin <liyongxin1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Kunkun Jiang 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZUKK CVE: NA ------------------------------ In the past, we clear dirty log immediately after sync dirty log to userspace. This may cause redundant dirty handling if userspace handles dirty log iteratively: After vfio clears dirty log, new dirty log starts to generate. These new dirty log will be reported to userspace even if they are generated before userspace handles the same dirty page. That's to say, we should minimize the time gap of dirty log clearing and dirty log handling. This adds two user interfaces. Note that user should clear dirty log before handle corresponding dirty pages. 1. GET_BITMAP_NOCLEAR: get dirty log without clear. 2. CLEAR_BITMAP: manually clear dirty log. Co-developed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NKunkun Jiang <jiangkunkun@huawei.com> Reviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Kunkun Jiang 提交于
virt inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I3ZUKK CVE: NA ------------------------------ In the past if vfio_iommu is not of pinned_page_dirty_scope and vfio_dma is iommu_mapped, we populate full dirty bitmap for this vfio_dma. Now we can try to get dirty log from iommu before make the lousy decision. The new dirty bitmap population policy: In detail, if all vfio_group are of pinned_page_dirty_scope, the dirty bitmap population is not affected. If there are vfio_groups not of pinned_page_dirty_scope and all domains support HWDBM, we can try to get dirty log from IOMMU. Otherwise, lead to full dirty bitmap. Consider DMA and group hotplug: Start dirty log for newly added DMA range, and stop dirty log for DMA range going to remove. If a domain don't support HWDBM at start, but can support it after hotplug some groups (attach a first group with HWDBM or detach all groups without HWDBM). If a domain support HWDBM at start, but do not support it after hotplug some groups (attach a group without HWDBM or detach all groups without HWDBM). So our policy is that switch dirty log for domains dynamically. Co-developed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NKunkun Jiang <jiangkunkun@huawei.com> Reviewed-by: NKeqian Zhu <zhukeqian1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-