Neal reported crashes with this stack trace :
RIP: 0010:[<ffffffff8c57231b>] tcp_v4_send_ack+0x41/0x20f
...
CR2: 0000000000000018 CR3: 000000044005c000 CR4: 00000000001427e0
...
[<ffffffff8c57258e>] tcp_v4_reqsk_send_ack+0xa5/0xb4
[<ffffffff8c1a7caa>] tcp_check_req+0x2ea/0x3e0
[<ffffffff8c19e420>] tcp_rcv_state_process+0x850/0x2500
[<ffffffff8c1a6d21>] tcp_v4_do_rcv+0x141/0x330
[<ffffffff8c56cdb2>] sk_backlog_rcv+0x21/0x30
[<ffffffff8c098bbd>] tcp_recvmsg+0x75d/0xf90
[<ffffffff8c0a8700>] inet_recvmsg+0x80/0xa0
[<ffffffff8c17623e>] sock_aio_read+0xee/0x110
[<ffffffff8c066fcf>] do_sync_read+0x6f/0xa0
[<ffffffff8c0673a1>] SyS_read+0x1e1/0x290
[<ffffffff8c5ca262>] system_call_fastpath+0x16/0x1b
The problem here is the skb we provide to tcp_v4_send_ack() had to
be parked in the backlog of a new TCP fastopen child because this child
was owned by the user at the time an out of window packet arrived.
Before queuing a packet, TCP has to set skb->dev to NULL as the device
could disappear before packet is removed from the queue.
Fix this issue by using the net pointer provided by the socket (being a
timewait or a request socket).
IPv6 is immune to the bug : tcp_v6_send_response() already gets the net
pointer from the socket if provided.
Fixes: 168a8f5805 ("tcp: TCP Fast Open Server - main code path")
Reported-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Jerry Chu <hkchu@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
When configuring checksums on UDP tunnels, the flags are different
for IPv4 vs. IPv6 (and reversed). However, when lightweight tunnels
are enabled the flags used are always the IPv4 versions, which are
ignored in the IPv6 code paths. This uses the correct IPv6 flags, so
checksums can be controlled appropriately.
Fixes: a725e514 ("vxlan: metadata based tunneling for IPv6")
Fixes: abe492b4 ("geneve: UDP checksum configuration via netlink")
Signed-off-by: Jesse Gross <jesse@kernel.org>
Acked-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Florian Fainelli says:
====================
net: phy: Finally fix PHY_IGNORE_INTERRUPTS
This patch series finally fixes how PHY_IGNORE_INTERRUPTS are treated by
avoiding to poll the PHY *and* getting notified from link state changes by the
Ethernet MAC interrupt service routine.
Tested with bcmgenet since this is the HW that I have access to.
Targetting the "net" tree since these are bugfixes, but I would like Woojun and
Andrew to take a look and test that on their respective HW setups as well.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
By the time we execute bcmgenet_mii_probe(), the MDIO bus structure has
long been allocated and registered. Overirring the PHY interrupt using
the MDIO bus structure has no chance to work anymore, because
of_mdiobus_register() has call phy_device_create() for use, which copied
the MDIO bus address's irq for the PHY into the PHY device "irq" member.
Since we do have a proper reference to a PHY device in
bcmgenet_mii_probe(), just assign the desired IRQ value here.
Fixes: aa09677cba ("net: bcmgenet: add MDIO routines")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Commit 5ea94e7686 ("phy: add phy_mac_interrupt()") to use with
PHY_IGNORE_INTERRUPT added a cancel_work_sync() into phy_mac_interrupt()
which is allowed to sleep, whereas phy_mac_interrupt() is expected to be
callable from interrupt context.
Now that we have fixed how the PHY state machine treats
PHY_IGNORE_INTERRUPT with respect to state changes, we can just set the
new link state, and queue the PHY state machine for execution so it is
going to read the new link state.
For that to work properly, we need to update phy_change() not to try to
invoke any interrupt callbacks if we have configured the PHY device for
PHY_IGNORE_INTERRUPT, because that PHY device and its driver are not
required to implement those.
Fixes: 5ea94e7686 ("phy: add phy_mac_interrupt() to use with PHY_IGNORE_INTERRUPT")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Commit 2c7b49212a ("phy: fix the use of PHY_IGNORE_INTERRUPT") changed
a hunk in phy_state_machine() in the PHY_RUNNING case which was not
needed. The change essentially makes the PHY library treat PHY devices
with PHY_IGNORE_INTERRUPT to keep polling for the PHY device, even
though the intent is not to do it.
Fix this by reverting that specific hunk, which makes the PHY state
machine wait for state changes, and stay in the PHY_RUNNING state for as
long as needed.
Fixes: 2c7b49212a ("phy: fix the use of PHY_IGNORE_INTERRUPT")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The defconfig build of blackfin is failing with the error:
arch/blackfin/include/asm/bfin_serial.h:269:0: warning: "port_membase" redefined
drivers/net/irda/bfin_sir.h:85:0: note: this is the location of the previous definition
arch/blackfin/include/asm/bfin_serial.h:382:0: warning: "get_lsr_cache" redefined
drivers/net/irda/bfin_sir.h:86:0: note: this is the location of the previous definition
arch/blackfin/include/asm/bfin_serial.h:383:0: warning: "put_lsr_cache" redefined
drivers/net/irda/bfin_sir.h:87:0: note: this is the location of the previous definition
port_membase, get_lsr_cache, put_lsr_cache are already defined in the
architecture files, no need to define them again in the driver.
Signed-off-by: Sudip Mukherjee <sudip@vectorindia.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Documentation should be kept consistent with the code:
static int tcp_syn_retries_max = MAX_TCP_SYNCNT;
#define MAX_TCP_SYNCNT 127
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
PHY status frames are not reliable, the PHY may not be able to send them
during heavy receive traffic. This overflow condition is signaled by the
PHY in the next status frame, but the driver did not make use of it.
Instead it always reported wrong tx timestamps to user space after an
overflow happened because it assigned newly received tx timestamps to old
packets in the queue.
This commit fixes this issue by clearing the tx timestamp queue every time
an overflow happens, so that no timestamps are delivered for overflow
packets. This way time stamping will continue correctly after an overflow.
Signed-off-by: Manfred Rudigier <manfred.rudigier@omicron.at>
Acked-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lorenzo reported that we could not properly find v4mapped sockets
in inet_diag_find_one_icsk(). This patch fixes the issue.
Reported-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
GRO is currently not aware of tunnel metadata generated by lightweight
tunnels and stored in the dst. This leads to two possible problems:
* Incorrectly merging two frames that have different metadata.
* Leaking of allocated metadata from merged frames.
This avoids those problems by comparing the tunnel information before
merging, similar to how we handle other metadata (such as vlan tags),
and releasing any state when we are done.
Reported-by: John <john.phillips5@hpe.com>
Fixes: 2e15ea39 ("ip_gre: Add support to collect tunnel metadata.")
Signed-off-by: Jesse Gross <jesse@kernel.org>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
When we need to lock all buckets in the connection hashtable we'd attempt to
lock 1024 spinlocks, which is way more preemption levels than supported by
the kernel. Furthermore, this behavior was hidden by checking if lockdep is
enabled, and if it was - use only 8 buckets(!).
Fix this by using a global lock and synchronize all buckets on it when we
need to lock them all. This is pretty heavyweight, but is only done when we
need to resize the hashtable, and that doesn't happen often enough (or at all).
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
vnet_fullcsum() accesses ip_hdr() and transport header to compute
the checksum for IPv4 packets, so these need to be initialized in
skb created in vnet_rx_one().
Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Marc Dionne discovered a NULL pointer dereference when setting
SO_REUSEPORT on a socket after it is bound.
This patch removes the assumption that at least one socket in the
reuseport group is bound with the SO_REUSEPORT option before other
bind calls occur.
Fixes: e32ea7e747 ("soreuseport: fast reuseport UDP socket selection")
Reported-by: Marc Dionne <marc.c.dionne@gmail.com>
Signed-off-by: Craig Gallek <kraig@google.com>
Tested-by: Marc Dionne <marc.dionne@auristor.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Using a combination of connected and un-connected sockets, Dmitry
was able to trigger soft lockups with his fuzzer.
The problem is that sockets in the SO_REUSEPORT array might have
different scores.
Right after sk2=socket(), setsockopt(sk2,...,SO_REUSEPORT, on) and
bind(sk2, ...), but _before_ the connect(sk2) is done, sk2 is added into
the soreuseport array, with a score which is smaller than the score of
first socket sk1 found in hash table (I am speaking of the regular UDP
hash table), if sk1 had the connect() done, giving a +8 to its score.
hash bucket [X] -> sk1 -> sk2 -> NULL
sk1 score = 14 (because it did a connect())
sk2 score = 6
SO_REUSEPORT fast selection is an optimization. If it turns out the
score of the selected socket does not match score of first socket, just
fallback to old SO_REUSEPORT logic instead of trying to be too smart.
Normal SO_REUSEPORT users do not mix different kind of sockets, as this
mechanism is used for load balance traffic.
Fixes: e32ea7e747 ("soreuseport: fast reuseport UDP socket selection")
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Craig Gallek <kraigatgoog@gmail.com>
Acked-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This adds a new kind of barrier, and reworks virtio and xen
to use it.
Plus some fixes here and there.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJWlU2kAAoJECgfDbjSjVRpZ6IH/Ra19ecG8sCQo9zskr4zo22Z
DZXC3u0sJDBYjjBAiw3IY1FKh7wx2Fr1RhUOj1bteBgcFCMCV1zInP5ITiCyzd1H
YYh1w9C2tZaj2T4t9L4hIrAdtIF8fGS+oI2IojXPjOuDLEt6pfFBEjHp/sfl3UJq
ZmZvw4OXviSNej7jBw8Xni3Uv18yfmLGXvMdkvMSPC1/XL29voGDqTVwhqJwxLVz
k/ZLcKFOzIs9N7Nja0Jl1EiZtC2Y9cpItqweicNAzszlpkSL44vQxmCSefB+WyQ4
gt0O3+AxYkLfrxzCBhUA4IpRex3/XPW1b+1e/V1XjfR2n/FlyLe+AIa8uPJElFc=
=ukaV
-----END PGP SIGNATURE-----
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost
Pull virtio barrier rework+fixes from Michael Tsirkin:
"This adds a new kind of barrier, and reworks virtio and xen to use it.
Plus some fixes here and there"
* tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: (44 commits)
checkpatch: add virt barriers
checkpatch: check for __smp outside barrier.h
checkpatch.pl: add missing memory barriers
virtio: make find_vqs() checkpatch.pl-friendly
virtio_balloon: fix race between migration and ballooning
virtio_balloon: fix race by fill and leak
s390: more efficient smp barriers
s390: use generic memory barriers
xen/events: use virt_xxx barriers
xen/io: use virt_xxx barriers
xenbus: use virt_xxx barriers
virtio_ring: use virt_store_mb
sh: move xchg_cmpxchg to a header by itself
sh: support 1 and 2 byte xchg
virtio_ring: update weak barriers to use virt_xxx
Revert "virtio_ring: Update weak barriers to use dma_wmb/rmb"
asm-generic: implement virt_xxx memory barriers
x86: define __smp_xxx
xtensa: define __smp_xxx
tile: define __smp_xxx
...
Pull arch/tile updates from Chris Metcalf:
"This is a grab bag of changes that includes some NOHZ and
context-tracking related changes, some debugging improvements,
JUMP_LABEL support, and some fixes for tilepro allmodconfig support.
We also remove the now-unused node_has_online_mem() definitions both
for tile's asm/topology.h as well as in linux/topology.h itself"
* git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
numa: remove stale node_has_online_mem() define
arch/tile: move user_exit() to early kernel entry sequence
tile: fix bug in setting PT_FLAGS_DISABLE_IRQ on kernel entry
tile: fix tilepro casts for readl, writel, etc
tile: fix a -Wframe-larger-than warning
tile: include the syscall number in the backtrace
MAINTAINERS: add git URL for tile
arch/tile: adopt prepare_exit_to_usermode() model from x86
tile/jump_label: add jump label support for TILE-Gx
tile: define a macro ktext_writable_addr to get writable kernel text address
Pull AVR32 updates from Hans-Christian Noren Egtvedt.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/egtvedt/linux-avr32:
mmc: atmel: get rid of struct mci_dma_data
mmc: atmel-mci: restore dma on AVR32
avr32: wire up missing syscalls
avr32: wire up accept4 syscall
Pull btrfs updates from Chris Mason:
"This has our usual assortment of fixes and cleanups, but the biggest
change included is Omar Sandoval's free space tree. It's not the
default yet, mounting -o space_cache=v2 enables it and sets a readonly
compat bit. The tree can actually be deleted and regenerated if there
are any problems, but it has held up really well in testing so far.
For very large filesystems (30T+) our existing free space caching code
can end up taking a huge amount of time during commits. The new tree
based code is faster and less work overall to update as the commit
progresses.
Omar worked on this during the summer and we'll hammer on it in
production here at FB over the next few months"
* 'for-linus-4.5' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (73 commits)
Btrfs: fix fitrim discarding device area reserved for boot loader's use
Btrfs: Check metadata redundancy on balance
btrfs: statfs: report zero available if metadata are exhausted
btrfs: preallocate path for snapshot creation at ioctl time
btrfs: allocate root item at snapshot ioctl time
btrfs: do an allocation earlier during snapshot creation
btrfs: use smaller type for btrfs_path locks
btrfs: use smaller type for btrfs_path lowest_level
btrfs: use smaller type for btrfs_path reada
btrfs: cleanup, use enum values for btrfs_path reada
btrfs: constify static arrays
btrfs: constify remaining structs with function pointers
btrfs tests: replace whole ops structure for free space tests
btrfs: use list_for_each_entry* in backref.c
btrfs: use list_for_each_entry_safe in free-space-cache.c
btrfs: use list_for_each_entry* in check-integrity.c
Btrfs: use linux/sizes.h to represent constants
btrfs: cleanup, remove stray return statements
btrfs: zero out delayed node upon allocation
btrfs: pass proper enum type to start_transaction()
...
Pull more networking fixes from David Miller:
1) Fix brcmfmac build with older gcc, from Arend van Spriel.
2) IRQ values unintentionally truncated to u8 in mlx5 driver, from
Doron Tsur.
3) Fix build warnings wrt tcp cgroup changes, from Geert Uytterhoeven.
4) Limit deep recursion in ovs stack, from Hannes Frederic Sowa.
5) at803x phy driver bug fixes from, Martin Blumenstingl.
6) Fix TSO handling in hns driver, from Daode Huang
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (22 commits)
ovs: limit ovs recursions in ovs_execute_actions to not corrupt stack
team: Replace rcu_read_lock with a mutex in team_vlan_rx_kill_vid
net: hns: bug fix about hisilicon TSO BD mode
brcmfmac: fix BRCMF_FW_NVRAM_DEF macro for older gcc compilers
net: phy: at803x: Add the interrupt register bit definitions
net: phy: at803x: Clean up duplicate register definitions
net: phy: at803x: Allow specifying the RGMII RX clock delay via phy mode
net: phy: at803x: Don't set gbit features for the AR8030 phy
arm64: bpf: add extra pass to handle faulty codegen
arm64: insn: remove BUG_ON from codegen
sctp: the temp asoc's transports should not be hashed/unhashed
net/mlx5_core: Fix trimming down IRQ number
tcp_memcontrol: Forward declare cgroup_subsys and mem_cgroup stucts
batman-adv: Drop immediate orig_node free function
batman-adv: Drop immediate batadv_hard_iface free function
batman-adv: Drop immediate neigh_ifinfo free function
batman-adv: Drop immediate batadv_hardif_neigh_node free function
batman-adv: Drop immediate batadv_neigh_node free function
batman-adv: Drop immediate batadv_orig_ifinfo free function
batman-adv: Avoid recursive call_rcu for batadv_nc_node
...
Pull IDE updates from David Miller:
"Just a few small changes this merge window, marking ops const, printf
string type fixes, etc"
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/ide:
drivers/ide: make ide-scan-pci.c driver explicitly non-modular
ide: constify ide_dma_ops structures
ide: silence some underflow warnings
* pxafb: device-tree support
* An unsafe kernel parameter 'lockless_register_fb' for debugging problems
happening while inside the console lock
* Small miscellaneous fixes & cleanups
* omapdss: add writeback support functions
* Separation of omapfb and omapdrm (see below)
About the separation of omapfb and omapdrm, see
http://permalink.gmane.org/gmane.comp.video.dri.devel/143151 for longer story.
The short version:
omapfb and omapdrm have shared low level drivers (omapdss and panel drivers),
making further development of omapdrm difficult. After these patches omapfb and
omapdrm have their own versions of the drivers, which are more or less
direct copies for now but will diverge soon.
This also means that omapfb (everything under drivers/video/fbdev/omap2/) is
now in maintenance mode, and all new development will be done for omapdrm
(drivers/gpu/drm/omapdrm/).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJWnKg1AAoJEPo9qoy8lh71lrsP/RwwG8FDMl2tgwcsKVa/VlbF
oez/CaNeZ9Jz0qd5RbIzIS9QdbL0AZugg4twwl76UbHWT477Z3EbUmpw++78kasr
RFKDWYqMbxw3kshRDyALinGQmxPOPjNnc5mt9CYKzK4x0pJSLBmZc8qaNK3L4a5a
eLJ3h6UhQDY61D04qr+LuTCETAxNR78x+NNIG7vYa9oS0ZDDrhlDyVPw4akPDMS6
6Y5NgtRL1h2mq2hLBgTDCrwx3p7yZbnkSRKbpFnw/yddiXilND1d75JoW+0F6vKW
U8DiRKxYtHNBdry4HlpRwufT52wkmtA/2puCW5Smw8araQ7R+s+wOt/1HAYQM72g
8UCmNFMbhBpk8x8pT24ja4wyTLM9gaZqG9MWHLPEPbE6WicxSbqEAvIX9sakXLv6
dDaf1SHZ+DFpq0jOwC8Rcnx1JFeeNNDf5cJb2pZI2Zka5jayQRTdbxeZGGnpFzu1
1ZMiNQ24U+n9hgjV9QMiCW24TEBXFhFTf0Nlne3VP7qUbmvLqMUdGxGwM+b25/El
SW/peryWglxsn5EBA7XybK+RTYxbjDtD5a8SOjD2YTNqVVVFHgf7z05SfSmYO5yi
H67eDqdt0YsEGG87I8hv3eKM7FSRlYAywTC2mPfSOJ3+/G+18OU/voepcJHZ15x7
SO3e/TFTrtglJzjVzX8j
=Nrji
-----END PGP SIGNATURE-----
Merge tag 'fbdev-4.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux
Pull fbdev updates from Tomi Valkeinen:
"Summary:
- pxafb: device-tree support
- An unsafe kernel parameter 'lockless_register_fb' for debugging
problems happening while inside the console lock
- Small miscellaneous fixes & cleanups
- omapdss: add writeback support functions
- Separation of omapfb and omapdrm (see below)
About the separation of omapfb and omapdrm, see
http://permalink.gmane.org/gmane.comp.video.dri.devel/143151
for longer story. The short version:
omapfb and omapdrm have shared low level drivers (omapdss and panel
drivers), making further development of omapdrm difficult. After
these patches omapfb and omapdrm have their own versions of the
drivers, which are more or less direct copies for now but will diverge
soon.
This also means that omapfb (everything under drivers/video/fbdev/omap2/)
is now in maintenance mode, and all new development will be done for
omapdrm (drivers/gpu/drm/omapdrm/)"
* tag 'fbdev-4.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux: (49 commits)
video: fbdev: pxafb: fix out of memory error path
drm/omap: make omapdrm select OMAP2_DSS
drm/omap: move omapdss & displays under omapdrm
omapfb: move vrfb into omapfb
omapfb: take omapfb's private omapdss into use
omapfb/displays: change CONFIG_DISPLAY_* to CONFIG_FB_OMAP2_*
omapfb/dss: change CONFIG_OMAP* to CONFIG_FB_OMAP*
omapdss: remove CONFIG_OMAP2_DSS_VENC from omapdss.h
omapfb: copy omapdss & displays for omapfb
omapfb: allow compilation only if DRM_OMAP is disabled
fbdev: omap2: panel-dpi: simplify gpio setting
fbdev: omap2: panel-dpi: in .disable first disable backlight then display
OMAPDSS: DSS: fix a warning message
video: omapdss: delete unneeded of_node_put
OMAPDSS: DISPC: Remove boolean comparisons
OMAPDSS: DSI: cleanup DSI_IRQ_ERROR_MASK define
OMAPDSS: remove extra out == NULL checks
OMAPDSS: change internal dispc functions to static
OMAPDSS: make a two dss feat funcs internal to omapdss
OMAPDSS: remove extra EXPORT_SYMBOLs
...
This isn't used anywhere, so delete it.
Looks like the last usage (in x86-specific code) was removed by Tejun
in 2011 in commit bd6709a91a ("x86, NUMA: Make 32bit use common NUMA
init path").
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
This ensures that we always notify context tracking that we
have exited from user space no matter how we enter the kernel.
It is similar to how arm64 handles context tracking, for example.
This allows the removal of all the exception_enter() calls that
were added in commit 49e4e15619 ("tile: support CONTEXT_TRACKING and
thus NOHZ_FULL").
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
This flag value is saved in ptregs and used to decide whether
to disable irqs when returning from the kernel. Commit 1168df528fe4
("tile: don't assume user privilege is zero") performed a bad
merge from some KVM-enabled code that had not yet been upstreamed.
The only issue with the old code is that we will read the interrupt
mask in more conditions than we need to (e.g., coming from user
space when user space has the Interrupt Critical Section bit set, or
coming from a guest kernel), which is a slow multi-cycle operation.
This change saves those few cycles in the common case.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
Missing parentheses could cause an argument of the form
"integer + pointer" to get cast to "(long)integer + pointer"
and remain a pointer type, causing compiler warnings.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
The warning occurs in setup.c, where it is known that it can't be
a problem, but it's still a good idea to silence the warning.
The onstack array is converted from an s32 to a u8, which still
is plenty of range for the values being managed there.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
This information is easily available in the backtrace data and can
be helpful when trying to figure out the backtrace, particularly
if we're early in kernel entry or late in kernel exit.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
This change is a prerequisite change for TASK_ISOLATION but also
stands on its own for readability and maintainability. The existing
tile do_work_pending() was called in a loop from assembly on
the slow path; this change moves the loop into C code as well.
For the x86 version see commit c5c46f59e4 ("x86/entry: Add new,
comprehensible entry and exit handlers written in C").
This change exposes a pre-existing bug on the older tilepro platform;
the singlestep processing is done last, but on tilepro (unlike tilegx)
we enable interrupts while doing that processing, so we could in
theory miss a signal or other asynchronous event. A future change
could fix this by breaking the singlestep work into a "prepare"
step done in the main loop, and a "trigger" step done after exiting
the loop. Since this change is intended as purely a restructuring
change, we call out the bug explicitly now, but don't yet fix it.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
The Kconfig for this support is currently:
config IDEPCI_PCIBUS_ORDER
bool "Probe IDE PCI devices in the PCI bus order (DEPRECATED)"
...meaning that it currently is not being built as a module by anyone.
Lets change the initcall to be the equivalent device_initcall, so that
when reading the driver code, there is no doubt it is builtin-only.
Unlike other similar changes, we leave the module.h header to be
included since this code interacts with other drivers and needs to
know what a struct module is.
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-ide@vger.kernel.org
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The ide_dma_ops structures are never modified, so declare these as const,
as is already done for the others.
Done with the help of Coccinelle.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
Back in the day we used to just say this code was root only so it was
ok that the bounds checking was sloppy. These days it annoys static
checkers so we fix it.
In the original code "c > INT_MAX" was never true since "c" was an int.
I am not sure what was intended so I left it alone. But because I made
"c" unsigned it means we don't have a warning any more.
The second warning is that we cap "i" but allow negatives leading to an
underflow of the ide_disks_chs[] array. The third set of warnings is
because these values come from the user and we cap most of the upper
bounds but allow negative values. Negative cylinders doesn't make
sense.
drivers/ide/ide.c:262 ide_set_disk_chs() warn: impossible condition '(c > ((~0 >> 1))) => (s32min-s32max > s32max)'
drivers/ide/ide.c:270 ide_set_disk_chs() warn: check 'ide_disks_chs[i]' for negative offsets 'i' = s32min. extra = 's32min-19'
drivers/ide/ide.c:271 ide_set_disk_chs() warn: no lower bound on 'h'
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
It was seen that defective configurations of openvswitch could overwrite
the STACK_END_MAGIC and cause a hard crash of the kernel because of too
many recursions within ovs.
This problem arises due to the high stack usage of openvswitch. The rest
of the kernel is fine with the current limit of 10 (RECURSION_LIMIT).
We use the already existing recursion counter in ovs_execute_actions to
implement an upper bound of 5 recursions.
Cc: Pravin Shelar <pshelar@ovn.org>
Cc: Simon Horman <simon.horman@netronome.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
We can't be within an RCU read-side critical section when deleting
VLANs, as underlying drivers might sleep during the hardware operation.
Therefore, replace the RCU critical section with a mutex. This is
consistent with team_vlan_rx_add_vid.
Fixes: 3d249d4ca7 ("net: introduce ethernet teaming device")
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The current upstreaming code fails to set the tso_mode register
when initilizes, when processes large size packets, the default 4 bd is
not enough, so this patch initilizes it and set the default value to 8 bds
Signed-off-by: Daode Huang <huangdaode@hisilicon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
With gcc < 4.3 __UNIQUE_ID does not create unique ids with the macro
BRCMF_FW_NVRAM_DEF. Fix this by removing the MODULE_FIRMWARE instance
for the nvram file. This file is not in linux-firmware repo so it may
not be needed anyway. Otherwise consider this as a temporary fix.
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Arend van Spriel <aspriel@gmail.com>
Acked-by: Kalle Valo <kvalo@codeaurora.org>
Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Unregister the chain type and return error, otherwise this leaks the
subscription to the netdevice notifier call chain.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
In case MSS option is added in TCP options, skb length increases by 4.
IPv6 needs to update skb->csum if skb has CHECKSUM_COMPLETE,
otherwise kernel complains loudly in netdev_rx_csum_fault() with a
stack dump.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
As seen by Julia, the initial allocation memory is not checked anymore
after commit "video: fbdev: pxafb: initial devicetree conversion".
Introduce back the removed test.
Reported-by: Julia Lawall <julia.lawall@lip6.fr>
Signed-off-by: Robert Jarzmik <robert.jarzmik@free.fr>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Pull security subsystem updates from James Morris:
- EVM gains support for loading an x509 cert from the kernel
(EVM_LOAD_X509), into the EVM trusted kernel keyring.
- Smack implements 'file receive' process-based permission checking for
sockets, rather than just depending on inode checks.
- Misc enhancments for TPM & TPM2.
- Cleanups and bugfixes for SELinux, Keys, and IMA.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (41 commits)
selinux: Inode label revalidation performance fix
KEYS: refcount bug fix
ima: ima_write_policy() limit locking
IMA: policy can be updated zero times
selinux: rate-limit netlink message warnings in selinux_nlmsg_perm()
selinux: export validatetrans decisions
gfs2: Invalid security labels of inodes when they go invalid
selinux: Revalidate invalid inode security labels
security: Add hook to invalidate inode security labels
selinux: Add accessor functions for inode->i_security
security: Make inode argument of inode_getsecid non-const
security: Make inode argument of inode_getsecurity non-const
selinux: Remove unused variable in selinux_inode_init_security
keys, trusted: seal with a TPM2 authorization policy
keys, trusted: select hash algorithm for TPM2 chips
keys, trusted: fix: *do not* allow duplicate key options
tpm_ibmvtpm: properly handle interrupted packet receptions
tpm_tis: Tighten IRQ auto-probing
tpm_tis: Refactor the interrupt setup
tpm_tis: Get rid of the duplicate IRQ probing code
...
Pull audit updates from Paul Moore:
"Seven audit patches for 4.5, all very minor despite the diffstat.
The diffstat churn for linux/audit.h can be attributed to needing to
reshuffle the linux/audit.h header to fix the seccomp auditing issue
(see the commit description for details).
Besides the seccomp/audit fix, most of the fixes are around trying to
improve the connection with the audit daemon and a Kconfig
simplification. Nothing crazy, and everything passes our little
audit-testsuite"
* 'upstream' of git://git.infradead.org/users/pcmoore/audit:
audit: always enable syscall auditing when supported and audit is enabled
audit: force seccomp event logging to honor the audit_enabled flag
audit: Delete unnecessary checks before two function calls
audit: wake up threads if queue switched from limited to unlimited
audit: include auditd's threads in audit_log_start() wait exception
audit: remove audit_backlog_wait_overflow
audit: don't needlessly reset valid wait time
Commit b8d3c4c300 ("mm/huge_memory.c: don't split THP page when
MADV_FREE syscall is called") introduced this new function, but got the
error handling for when pmd_trans_huge_lock() fails wrong. In the
failure case, the lock has not been taken, and we should not unlock on
the way out.
Cc: Minchan Kim <minchan@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This just fixes a warning on 64-bit builds:
drivers/gpu/drm/vc4/vc4_validate.c: In function ‘validate_gl_shader_rec’:
drivers/gpu/drm/vc4/vc4_validate.c:864:12: warning: format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘size_t {aka long unsigned int}’ [-Wformat=]
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Also use them instead of a magic value when enabling the interrupts.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
at803x currently automatically enables the RGMII TX clock delay when the
phy interface mode is PHY_INTERFACE_MODE_RGMII_TXID. The same should be
done when PHY_INTERFACE_MODE_RGMII_ID is specified.
Use a similar logic to enable the RGMII RX clock delay as well.
at803x_context_{save,restore} were not touched because these are only
used on AR8030 which is a RMII phy (RGMII clock delays are irrelevant).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>