This reverts commit bd601b6ada ("bpf: report offload info to user
space"). The ifindex by itself is not sufficient, we should provide
information on which network namespace this ifindex belongs to.
After considering some options we concluded that it's best to just
remove this API for now, and rework it in -next.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
This reverts commit 928631e054 ("bpftool: print program device bound
info"). We will remove this API and redo it right in -next.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
We are currently destroying the device offload state when device
moves to another net namespace. This doesn't break with current
NFP code, because offload state is not used on program removal,
but it's not correct behaviour.
Ignore the device unregister notifications on namespace move.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
bpf_prog_get_type() is identical to bpf_prog_get_type_dev(),
with false passed as attach_drv. Instead of keeping it as
an exported symbol turn it into static inline wrapper.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Currently device-bound programs are not able to run on the host
to save resources (host JIT is not invoked). Don't allow XDP
programs to be attached without the HW_MODE flag. In theory
if program is already translated for device offload the driver
should choose to offload it instead of loading it in the driver.
However, offloading translated program may still fail resulting
in device-bound program being run on the host.
Prevent this by refusing to attach device bound programs if
XDP_FLAGS_HW_MODE is not set.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
With TC shared block changes we can't depend on correct netdev
pointer being available in cls_bpf. Move the device validation
to the driver. Core will only make sure that offloaded programs
are always attached in the driver (or in HW by the driver). We
trust that drivers which implement offload callbacks will perform
necessary checks.
Moving the checks to the driver is generally a useful thing,
in practice the check should be against a switchdev instance,
not a netdev, given that most ASICs will probably allow using
the same program on many ports.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
bpf_target_prog seems long and clunky, rename it to prog_ifindex.
We don't want to call this field just ifindex, because maps
may need a similar field in the future and bpf_attr members for
programs and maps are unnamed.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
We are currently only allowing attachment of device-bound
cls_bpf and XDP programs. Make this restriction explicit in
the BPF offload code. This way we can potentially reuse the
ifindex field in the future.
Since XDP and cls_bpf programs can only be loaded by admin,
we can drop the explicit capability check from offload code.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Offload state may get destroyed either because the device for which
it was constructed is going away, or because the refcount of bpf
program itself has reached 0. In both of those cases we will call
__bpf_prog_offload_destroy() to unlink the offload from the device.
We may in fact call it twice, which works just fine, but we should
make clear this is intended and caution others trying to extend the
function.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
resulted in unexpected data truncation
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Rex Zhu <Rex.Zhu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
Improve the bindings text by doing the following changes:
- Remove the i.MX53 reference, as the RTC on i.MX53 is a different hardware
- Add 'clocks' to the list of required properties
- Explain that the optional security violation irq is the second entry
- Use the real unit address and irq numbers for i.MX25
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Acked-by: Juergen Borleis <jbe@pengutronix.de>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
This patch adds the Spreadtrum RTC driver, which embedded in the
Spreadtrum SC27xx series PMICs.
Signed-off-by: Baolin Wang <baolin.wang@spreadtrum.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
The Dell SMBIOS WMI interface will fail for some more complex calls unless
a WMI hotfix has been included. Most platforms have this fix available in
a maintenance BIOS release. In the case the driver is loaded on a
platform without this fix, disable the userspace interface.
A hotfix indicator is present in the dell-wmi-descriptor that represents
whether or not more complex calls will work properly.
"Simple" calls such as those used by dell-laptop and dell-wmi will continue
to work properly so dell-smbios-wmi should not be blocked from binding and
being used as the dell-smbios dispatcher.
Suggested-by: Girish Prakash <girish.prakash@dell.com>
Signed-off-by: Mario Limonciello <mario.limonciello@dell.com>
Signed-off-by: Darren Hart (VMware) <dvhart@infradead.org>
Implement a '-none' output mode for kernel-doc which will only output
warning messages, and suppresses the warning message about there being
no kernel-doc in the file.
If the build has requested additional warnings, automatically check all
.c files. This patch does not check .h files. Enabling the warning
by default would add about 1300 warnings, so it's default off for now.
People who care can use this to check they didn't break the docs and
maybe we'll get all the warnings fixed and be able to enable this check
by default in the future.
Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This device's bindings are not trivial: Additional properties are
documented in in Documentation/devicetree/bindings/mfd/mc13xxx.txt.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Reviewed-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Rob Herring <robh@kernel.org>
It isn't clear if this function of_node_put()s the 'from'
argument, or the node it searches. Clearly indicate which
variable is touched. Fold in some more fixes from Randy too
because we're in the area.
Cc: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Rob Herring <robh@kernel.org>
Correctly the formatting of several additions to the profile= option
that have been added by using <profiletype> and listing the choices
for it.
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Drop CONFIG_VIDEO_400_HACK info completely.
Drop CONFIG_VIDEO_RETAIN and CONFIG_VIDEO_LOCAL completely.
Drop CONFIG_VIDEO_COMPACT and CONFIG_VIDEO_VESA info completely.
Drop CONFIG_VIDEO_SVGA info since it has been removed.
Drop chapter number & section number references since they are wrong.
Drop (bad) ftp URL for 800x600 Thinkpad XF86Config.
Rename CONFIG_VIDEO_GFX_HACK to VIDEO_GFX_HACK since it is not a
Kconfig symbol. And to match the source code.
Build options are controlled by the kernel kconfig utility.
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Acked-By: Martin Mares <mj@ucw.cz>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit applies an upstream change, commit d92f842bb3
("memory-barriers.txt: Fix typo in pairing example") to the Korean
translation.
Signed-off-by: SeongJae Park <sj38.park@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit applies two upstream change, commit f1ab25a30c
("memory-barriers: Replace uses of "transitive"") and commit 0902b1f44a
("memory-barriers: Rework multicopy-atomicity section") to the Korean
translation. Those two changes are applied with this signle commit
because the second change is improvement of the first one.
Signed-off-by: SeongJae Park <sj38.park@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Sometimes a single patch is the result of multiple authors. As git only
can have one "author" of a patch, it is still good to properly give
credit to the other developers of a commit. To address this, document
the "Co-Developed-by:" tag which can be used to show other authors of
the patch.
Note, these other authors must also provide a Signed-off-by: tag as it
is their work that is being submitted here.
Reported-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Fix child-node lookup during probe, which ended up searching the whole
device tree depth-first starting at the parent rather than just matching
on its children.
To make things worse, the parent mmio node was also prematurely freed.
Fixes: fd52bdae9a ("wcn36xx: Disable 5GHz for wcn3620")
Cc: Loic Poulain <loic.poulain@linaro.org>
Signed-off-by: Johan Hovold <johan@kernel.org>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
Make sure 16-byte mic is removed from the rx data packet
tail when CCMP-256, GCMP and GCMP-256 ciphers are used
in raw decap mode. This fixed rx traffic failures in those
ciphers in raw mode. Split the helper returning crypto
tail length into two, one to get the ICV length and other
to get the mic lengh for the cipher to make it clean.
Fixes: 2ea9f12cef ("ath10k: add new cipher suite support")
Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@qti.qualcomm.com>
Signed-off-by: Kalle Valo <kvalo@qca.qualcomm.com>
When deleting a station or otherwise tearing down all aggregation
sessions, make sure to delete requested but not yet started ones,
to avoid the following scenario:
* session is requested, added to tid_start_tx[]
* ieee80211_ba_session_work() runs, gets past BLOCK_BA check
* ieee80211_sta_tear_down_BA_sessions() runs, locks &sta->ampdu_mlme.mtx,
e.g. while deleting the station - deleting all active sessions
* ieee80211_ba_session_work() continues since tear down flushes it, and
calls ieee80211_tx_ba_session_handle_start() for the new session, arms
the timer for it
* station deletion continues to __cleanup_single_sta() and frees the
session struct, while the timer is armed
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
hwsim_new_radio_nl() now copies the name attribute in order to add a
null-terminator. mac80211_hwsim_new_radio() (indirectly) copies it
again into the net_device structure, so the first copy is not used or
freed later. Free the first copy before returning.
Fixes: ff4dd73dd2 ("mac80211_hwsim: check HWSIM_ATTR_RADIO_NAME length")
Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
When cfg80211 is built as a module, everything is fine, and we
can keep the code as is; in fact, we have to, because there can
only be a single module_init().
When cfg80211 is built-in, however, it needs to initialize
before drivers (device_initcall/module_init), and thus used to
be at subsys_initcall(). I'd moved it to fs_initcall() earlier,
where it can remain. However, this is still too early because at
that point the key infrastructure hasn't been initialized yet,
so X.509 certificates can't be parsed yet.
To work around this problem, load the regdb keys only later in
a late_initcall(), at which point the necessary infrastructure
has been initialized.
Fixes: 90a53e4432 ("cfg80211: implement regdb signature checking")
Reported-by: Xiaolong Ye <xiaolong.ye@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.
This removes the tid mapping array and expands the tid structures to
add a pointer back to the station, along with the tid index itself.
Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
[switch tid variables to u8, the valid range is 0-15 at most,
initialize tid_tx->sta/tid properly]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
For mesh, this is simply wrong - there's no SSID, only the
mesh ID, so don't expose it at all.
For (P2P) client, it's wrong, because it exposes an internal
value that's only used when certain APIs are used.
For AP, it's actually the only correct case, so leave that.
All other interface types shouldn't be setting this anyway,
so there it won't change anything.
Fixes: b84e7a05f6 ("nl80211: send the NL80211_ATTR_SSID in nl80211_send_iface()")
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.
Cc: Johannes Berg <johannes@sipsolutions.net>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: linux-wireless@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* Support new FW API version of scan cmd (used in FW version 34);
* Add a bunch of PCI IDs and fix configuration structs for A000
devices;
* Fix the exported firmware name strings for 9000 and A000 devices;
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEF3LNfgb2BPWm68smoUecoho8xfoFAloRRxcACgkQoUecoho8
xfpeMhAAjzEShlwj9LHaPSmP+uFCONsbdrOtM9ObCKWtwXAJLRT0A9cOKl8s2R6a
cSfLRW58qW2Zx/2xpLJZVe220tAmfZi2iR7dW+wglRnBKkKDwn9xV6MllO1kXOrt
Rm6WpC0TJH7ye2EJ7NSnHnreINKEISXJdZQD+7YI/LmeiFKfOEkqkIG1STtYyhr2
DUK7wcFxV90huRGOKmORdXJCK5nLqyhO4mc17y18DAfs9lnZxEzahZUPeJK3IVD7
77rj+AcRExwS4Otr+qEdd/YqD/poWxqWmYyEsFQwcFOe+rV1uHg6plfdYQokGaEV
kVA4sDIFf6X6BD/xNyd9XgJeqFCzYnnN5rAZ+jckqsK0XhlAvCQsTvZOSbZ7gFL1
kbZ3K6rD5XmKauRoxQXeuJ9wf4JwwEdyBNI035E4m1Rw+uzSY8SFDbGDzUZ3s/Hg
7ekKEkcv8FDARIOTZQRkqyBCrLLaM/kHe8jp9zRGcfQfK4BUY9jGF6WeqDkgp4gp
U88VWHBfLBGLvcsf/kUckDSddDxFy9EvSRfTj//YXRHCnQxY7kebI/GsI16b67rh
Ryfy0ln3xeAPxts0r7o9kiLHVajAFFPKEY+9f9De2cpFd+Hx/2M4szkemBM6n8fj
1Y2evaPlXtg/1ao2woBl33+ItmCnipSLQKVUVyXuJJdz0Olw3OM=
=JPn9
-----END PGP SIGNATURE-----
Merge tag 'iwlwifi-for-kalle-2017-11-19' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/iwlwifi-fixes
iwlwifi: first set of fixes for 4.15
* Support new FW API version of scan cmd (used in FW version 34);
* Add a bunch of PCI IDs and fix configuration structs for A000
devices;
* Fix the exported firmware name strings for 9000 and A000 devices;
This patch removes DRM_TILCDC_SLAVE_COMPAT option for supporting the
obsolete "ti,tilcdc,slave" device tree binding. The new of_graph based
binding - that is widely used in other drm driver too - has been
supported since Linux v4.2. Maintaining the the backwards dts
conversion code in the DRM_TILCDC_SLAVE_COMPAT has become a nuisance
for the device/of development so the we decided to drop it after Linux
v4.14, the 2017 LTS.
Signed-off-by: Jyri Sarha <jsarha@ti.com>
Acked-by: Rob Herring <robh@kernel.org>
The current implementation of the pad clock isn't quite correct. This
has the side-effect of being incompatible with the implementation for
Tegra186 (provided by the BPMP) and therefore would require a massive
change to the driver to cope with the differences. Instead, simply do
what Tegra186 does and add some code to fallback to the old behaviour
for existing device trees.
Signed-off-by: Thierry Reding <treding@nvidia.com>
While computing slice mask for the free area we need make sure we only
search in the addr limit applicable for this mmap. We update the
slb_addr_limit after we request for a mmap above 128TB. But the
following mmap request with hint addr below 128TB should still limit
its search to below 128TB. ie. we should not use slb_addr_limit to
compute slice mask in this case. Instead, we should derive high addr
limit based on the mmap hint addr value.
Fixes: f4ea6dcb08 ("powerpc/mm: Enable mappings above 128TB")
Cc: stable@vger.kernel.org # v4.12+
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Users have been using knob "model=dell-headset-multi" on Intel Skull
Canyon for a while.
Add the equivalent quirk, ALC269_FIXUP_DELL1_MIC_NO_PRESENCE for Skull
Canyon.
BugLink: https://bugs.launchpad.net/bugs/1732034
Signed-off-by: Kai-Heng Feng <kai.heng.feng@canonical.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
bug fixes.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJaEObnAAoJEG5mS6x6i9IjJD0P/jaJixjXVVPsA6pK31iykVad
7GIe0GHWDo/f9kHgR9sJQ27RvX/xLmr4IgQwZCWMT3YM2WPKk1i6eUwGycLRzgIq
E4S3ehtqqryD/p1tvYXc8JXjaO2E99BjA9BtIT2TzXV8clUjl64K8D6XW0F2ilzM
x1Ctmgf+c7z4In+gf/lazQOSIPE0qTAEVcQRwASg3GSQIuI6T3Iy40j3kCEys5IX
MVdHTidUK92YUSyp7tCmAzj2Ffts60+b7gZhzv92eBtrZof8BZ/58UIJOR2CMcAp
M4b/DxJLHGwvAajX+RyIHSJhXocMf2Wc1EuctVFOmBZt2lZuo4Y0ddVhggQKAOjc
g26Lou4pPlZrAvcslzK1y2mzWpKRWB6HkUS9j8Tar1mj5oWyokCNSPYsZQhuUDJx
nFIIbQsbVqkhZ5tAdBz/Fs4afkA0EWDLepXdBNT0Z4BnhFI/vWNDwsKksHV++T4W
fg+H/xcKtqbzpxPdu75/rcXjnzhDtGvyFAp+2Z7CFTBK8Di/cB4y+FewGVfqa8wm
GPN/cTEOP6siJawow5sviE4fEbWHGHxHvji07QsYHZa1BEH78cPi4svGmJLmpHgA
UcCB3UqwudOOCALNbXz1nHlzwgBarXLeHZuHiRhOEaYRZUbLkJ9K56dn7RCxV1Ws
/EntY8CCBNRAKl79y1kJ
=svG8
-----END PGP SIGNATURE-----
Merge tag 'ntb-4.15' of git://github.com/jonmason/ntb
Pull ntb updates from Jon Mason:
"Support for the switchtec ntb and related changes. Also, a couple of
bug fixes"
[ The timing isn't great. I had asked people to send me pull requests
before my family vacation, and this code has not even been in
linux-next as far as I can tell. But Logan Gunthorpe pleaded for its
inclusion because the Switchtec driver has apparently been around for
a while, just never in linux-next - Linus ]
* tag 'ntb-4.15' of git://github.com/jonmason/ntb:
ntb: intel: remove b2b memory window workaround for Skylake NTB
NTB: make idt_89hpes_cfg const
NTB: switchtec_ntb: Update switchtec documentation with notes for NTB
NTB: switchtec_ntb: Add memory window support
NTB: switchtec_ntb: Implement scratchpad registers
NTB: switchtec_ntb: Implement doorbell registers
NTB: switchtec_ntb: Add link management
NTB: switchtec_ntb: Add skeleton NTB driver
NTB: switchtec_ntb: Initialize hardware for doorbells and messages
NTB: switchtec_ntb: Initialize hardware for memory windows
NTB: switchtec_ntb: Introduce initial NTB driver
NTB: Add check and comment for link up to mw_count() and mw_get_align()
NTB: Ensure ntb_mw_get_align() is only called when the link is up
NTB: switchtec: Add link event notifier callback
NTB: switchtec: Add NTB hardware register definitions
NTB: switchtec: Export class symbol for use in upper layer driver
NTB: switchtec: Move structure definitions into a common header
ntb: update maintainer list for Intel NTB driver
Some statements are not enough or too much indented.
Fix it to improve readalbility.
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
In rare cases, ena driver would reset and re-start the device,
for example, in case of misbehaving application that causes
transmit timeout
The first step in the reset procedure is to stop the Tx traffic by
calling ena_carrier_off().
After the driver have just started the device reset procedure, device
happens to send an asynchronous notification (via AENQ) to the driver
than there was a link change (to link-up state).
This link change is mapped to a call to netif_carrier_on() which
re-activates the Tx queues, violating the assumption of no tx traffic
until device reset is completed, as the reset task might still be in
the process of queues initialization, leading to an access to
uninitialized memory.
Signed-off-by: Netanel Belgazal <netanel@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Since commit c4fac91004 ("9p: Implement show_options"), the mount
options of 9p filesystems are printed out with some missing commas
between the individual options:
p9-scratch on /mnt/scratch type 9p (rw,dirsync,loose,access=clienttrans=virtio)
Add them back.
Cc: stable@vger.kernel.org # 4.13+
Fixes: c4fac91004 ("9p: Implement show_options")
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Commit b65a9cfc2c ("Untangling ima mess, part 2: deal with counters")
moved the call of ima_file_check() from may_open() to do_filp_open() at a
point where the file descriptor is already opened.
This breaks the assumption made by IMA that file descriptors being closed
belong to files whose access was granted by ima_file_check(). The
consequence is that security.ima and security.evm are updated with good
values, regardless of the current appraisal status.
For example, if a file does not have security.ima, IMA will create it after
opening the file for writing, even if access is denied. Access to the file
will be allowed afterwards.
Avoid this issue by checking the appraisal status before updating
security.ima.
Cc: stable@vger.kernel.org
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Some cleanup/fixes, some noticed during testing of Noralf Trønnes
rework of the suspend/resume helper. He will rebase the patchset
ontop of this.
* tag 'drm-fsl-dcu-fixes-for-v4.15' of http://git.agner.ch/git/linux-drm-fsl-dcu:
drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume()
drm/fsl-dcu: avoid disabling pixel clock twice on suspend
drm/fsl-dcu: Don't set connector DPMS property
Misc fixes for 4.15.
* 'drm-next-4.15' of git://people.freedesktop.org/~agd5f/linux:
drm/amd/pp: fix dpm randomly failed on Vega10
drm/amdgpu: set f_mapping on exported DMA-bufs
drm/amdgpu: Properly allocate VM invalidate eng v2
drm/amd/amdgpu: if visible VRAM allocation fail, fall back to invisible try again
drm/amd/amdgpu: Fix wave mask in amdgpu_debugfs_wave_read() (v2)
drm/amdgpu: make AMDGPU_VA_RESERVED_SIZE 64bit
drm/amdgpu/gfx9: implement wave VGPR reading
drm/amdgpu: Add common golden settings for GFX9
drm/amd/powerplay: fix copy-n-paste error on vddci_buf index
drm/amdgpu: Fix null pointer issue in amdgpu_cs_wait_any_fence
drm/amdgpu: Remove check which is not valid for certain VBIOS
Adjust the code to use the same green settings as in the latest
vendor driver.
Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Name of functions rtl_w0w1_eri and rtl_w0w1_phy is somewhat misleading
regarding order of arguments. One could assume that w0w1 means
argument with bits to be reset comes before argument with bits to set.
However this is not the case.
So fix the order of arguments in several statements.
In addition fix EEE advertisement. The current code resets the bits
for 100BaseT and 1000BaseT EEE advertisement what is not what we want.
I have a little of a hard time to find a proper "Fixes" line as the
issue seems to have been there forever (at least it existed already
when the driver was moved to the current place in 2011).
The patch was tested on a Zotac Mini-PC with a RTL8111E-VL chip.
Before the patch EEE was disabled, now it's properly advertised and
works fine.
Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
rcu_read_lock in tun_build_skb is used to rcu_dereference tun->xdp_prog
safely, rcu_read_unlock should be done in every return path.
Now I could see one place missing it, where it returns NULL in switch-case
XDP_REDIRECT, another palce using rcu_read_lock wrongly, where it returns
NULL in if (xdp_xmit) chunk.
So fix both in this patch.
Fixes: 761876c857 ("tap: XDP support")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Fix the TLP scheduling logic so that when scheduling a TLP probe, we
ensure that the estimated time at which an RTO would fire accounts for
the fact that ACKs indicating forward progress should push back RTO
times.
After the following fix:
df92c8394e ("tcp: fix xmit timer to only be reset if data ACKed/SACKed")
we had an unintentional behavior change in the following kind of
scenario: suppose the RTT variance has been very low recently. Then
suppose we send out a flight of N packets and our RTT is 100ms:
t=0: send a flight of N packets
t=100ms: receive an ACK for N-1 packets
The response before df92c8394e that was:
-> schedule a TLP for now + RTO_interval
The response after df92c8394e is:
-> schedule a TLP for t=0 + RTO_interval
Since RTO_interval = srtt + RTT_variance, this means that we have
scheduled a TLP timer at a point in the future that only accounts for
RTT_variance. If the RTT_variance term is small, this means that the
timer fires soon.
Before df92c8394e this would not happen, because in that code, when
we receive an ACK for a prefix of flight, we did:
1) Near the top of tcp_ack(), switch from TLP timer to RTO
at write_queue_head->paket_tx_time + RTO_interval:
if (icsk->icsk_pending == ICSK_TIME_LOSS_PROBE)
tcp_rearm_rto(sk);
2) In tcp_clean_rtx_queue(), update the RTO to now + RTO_interval:
if (flag & FLAG_ACKED) {
tcp_rearm_rto(sk);
3) In tcp_ack() after tcp_fastretrans_alert() switch from RTO
to TLP at now + RTO_interval:
if (icsk->icsk_pending == ICSK_TIME_RETRANS)
tcp_schedule_loss_probe(sk);
In df92c8394e we removed that 3-phase dance, and instead directly
set the TLP timer once: we set the TLP timer in cases like this to
write_queue_head->packet_tx_time + RTO_interval. So if the RTT
variance is small, then this means that this is setting the TLP timer
to fire quite soon. This means if the ACK for the tail of the flight
takes longer than an RTT to arrive (often due to delayed ACKs), then
the TLP timer fires too quickly.
Fixes: df92c8394e ("tcp: fix xmit timer to only be reset if data ACKed/SACKed")
Signed-off-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
_dev_ is being dereferenced before it is null checked, hence there
is a potential null pointer dereference.
Fix this by moving the pointer dereference after _dev_ has been null
checked.
Addresses-Coverity-ID: 1462020
Fixes: bb1b40c7cb ("usbnet: ipheth: prevent TX queue timeouts when device not ready")
Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
After commit 308edfdf15 ("gre6: Cleanup GREv6 receive path, call
common GRE functions") it's not used anywhere in the module, but
previously was used in ip6gre_rcv().
Fixes: 308edfdf15 ("gre6: Cleanup GREv6 receive path, call common GRE functions")
Signed-off-by: Alexey Kodanev <alexey.kodanev@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The workaround code is never used because Skylake NTB does not need it.
Reported-by: Allen Hubbe <allen.hubbe@dell.com>
Signed-off-by: Dave Jiang <dave.jiang@intel.com>
Signed-off-by: Jon Mason <jdmason@kudzu.us>
Jakub Kicinski