- 24 Nov, 2020 9 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fsJakub Kicinski authored
David Howells says: ==================== rxrpc: Prelude to gssapi support Here are some patches that do some reorganisation of the security class handling in rxrpc to allow implementation of the RxGK security class that will allow AF_RXRPC to use GSSAPI-negotiated tokens and better crypto. The RxGK security class is not included in this patchset. It does the following things: (1) Add a keyrings patch to provide the original key description, as provided to add_key(), to the payload preparser so that it can interpret the content on that basis. Unfortunately, the rxrpc_s key type wasn't written to interpret its payload as anything other than a string of bytes comprising a key, but for RxGK, more information is required as multiple Kerberos enctypes are supported. (2) Remove the rxk5 security class key parsing. The rxk5 class never got rolled out in OpenAFS and got replaced with rxgk. (3) Support the creation of rxrpc keys with multiple tokens of different types. If some types are not supported, the ENOPKG error is suppressed if at least one other token's type is supported. (4) Punt the handling of server keys (rxrpc_s type) to the appropriate security class. (5) Organise the security bits in the rxrpc_connection struct into a union to make it easier to override for other classes. (6) Move some bits from core code into rxkad that won't be appropriate to rxgk. * tag 'rxrpc-next-20201123' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: rxrpc: Ask the security class how much space to allow in a packet rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet rxrpc: Organise connection security to use a union rxrpc: Don't reserve security header in Tx DATA skbuff rxrpc: Merge prime_packet_security into init_connection_security rxrpc: Fix example key name in a comment rxrpc: Ignore unknown tokens in key payload unless no known tokens rxrpc: Make the parsing of xdr payloads more coherent rxrpc: Allow security classes to give more info on server keys rxrpc: Don't leak the service-side session key to userspace rxrpc: Hand server key parsing off to the security class rxrpc: Split the server key type (rxrpc_s) into its own file rxrpc: Don't retain the server key in the connection rxrpc: Support keys with multiple authentication tokens rxrpc: List the held token types in the key description in /proc/keys rxrpc: Remove the rxk5 security class as it's now defunct keys: Provide the original description to the key preparser ==================== Link: https://lore.kernel.org/r/160616220405.830164.2239716599743995145.stgit@warthog.procyon.org.ukSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Vincent Whitchurch authored
This driver uses a normal timer for TX coalescing, which means that the with the default tx-usecs of 1000 microseconds the cleanups actually happen 10 ms or more later with HZ=100. This leads to very low througput with TCP when bridged to a slow link such as a 4G modem. Fix this by using an hrtimer instead. On my ARM platform with HZ=100 and the default TX coalescing settings (tx-frames 25 tx-usecs 1000), with "tc qdisc add dev eth0 root netem delay 60ms 40ms rate 50Mbit" run on the server, netperf's TCP_STREAM improves from ~5.5 Mbps to ~100 Mbps. Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com> Link: https://lore.kernel.org/r/20201120150208.6838-1-vincent.whitchurch@axis.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christophe JAILLET authored
s/tranport/transport/ Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Link: https://lore.kernel.org/r/20201122180704.1366636-1-christophe.jaillet@wanadoo.frSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
linux/netdevice.h is included in very many places, touching any of its dependecies causes large incremental builds. Drop the linux/ethtool.h include, linux/netdevice.h just needs a forward declaration of struct ethtool_ops. Fix all the places which made use of this implicit include. Acked-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Shannon Nelson <snelson@pensando.io> Reviewed-by: Jesse Brandeburg <jesse.brandeburg@intel.com> Link: https://lore.kernel.org/r/20201120225052.1427503-1-kuba@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christophe JAILLET authored
Memory allocation are done with 'dma_alloc_coherent()'. Be consistent and use 'dma_free_coherent()' to free the corresponding memory. Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Link: https://lore.kernel.org/r/20201121090330.1332543-1-christophe.jaillet@wanadoo.frSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christophe JAILLET authored
'pci_set_dma_mask()' + 'pci_set_consistent_dma_mask()' can be replaced by an equivalent 'dma_set_mask_and_coherent()' which is much less verbose. Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Link: https://lore.kernel.org/r/20201121090302.1332491-1-christophe.jaillet@wanadoo.frSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
Kurt Kanzenbach says: ==================== net: dsa: hellcreek: Minor cleanups fix two minor issues in the hellcreek driver. ==================== Link: https://lore.kernel.org/r/20201121114455.22422-1-kurt@linutronix.deSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Kurt Kanzenbach authored
When DSA is not loaded when the driver is probed an error message is printed. But, that's not really an error, just a defer. Use dev_err_probe() instead. Signed-off-by: Kurt Kanzenbach <kurt@linutronix.de> Reviewed-by: Florian Fainelli <f.fainelli@gmail.com> Reviewed-by: Vladimir Oltean <olteanv@gmail.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Kurt Kanzenbach authored
Remove unused and add needed includes. No functional change. Suggested-by: Vladimir Oltean <olteanv@gmail.com> Signed-off-by: Kurt Kanzenbach <kurt@linutronix.de> Reviewed-by: Florian Fainelli <f.fainelli@gmail.com> Reviewed-by: Vladimir Oltean <olteanv@gmail.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
- 23 Nov, 2020 23 commits
-
-
Jakub Kicinski authored
Christian Eggers says: ==================== net: ptp: introduce common defines for PTP message types This series introduces commen defines for PTP event messages. Driver internal defines are removed and some uses of magic numbers are replaced by the new defines. ==================== Link: https://lore.kernel.org/r/20201120084106.10046-1-ceggers@arri.deSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christian Eggers authored
Remove driver internal defines for this. Masking msgtype with 0xf is already done within ptp_get_msgtype(). Signed-off-by: Christian Eggers <ceggers@arri.de> Cc: Kurt Kanzenbach <kurt@linutronix.de> Reviewed-by: Vladimir Oltean <olteanv@gmail.com> Reviewed-by: Richard Cochran <richardcochran@gmail.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christian Eggers authored
Remove usage of magic numbers. Signed-off-by: Christian Eggers <ceggers@arri.de> Cc: Ioana Ciornei <ioana.ciornei@nxp.com> Cc: Ioana Radulescu <ruxandra.radulescu@nxp.com> Cc: Yangbo Lu <yangbo.lu@nxp.com> Reviewed-by: Vladimir Oltean <olteanv@gmail.com> Reviewed-by: Richard Cochran <richardcochran@gmail.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Christian Eggers authored
Using PTP wide defines will obsolete different driver internal defines and uses of magic numbers. Signed-off-by: Christian Eggers <ceggers@arri.de> Cc: Kurt Kanzenbach <kurt@linutronix.de> Reviewed-by: Vladimir Oltean <olteanv@gmail.com> Reviewed-by: Richard Cochran <richardcochran@gmail.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
We're about to do reshuffling in networking headers and eliminate some implicit includes. This results in: In file included from ../net/ipv4/netfilter/arp_tables.c:26: include/net/compat.h:60:40: error: unknown type name ‘compat_uptr_t’; did you mean ‘compat_ptr_ioctl’? struct sockaddr __user **save_addr, compat_uptr_t *ptr, ^~~~~~~~~~~~~ compat_ptr_ioctl include/net/compat.h:61:4: error: unknown type name ‘compat_size_t’; did you mean ‘compat_sigset_t’? compat_size_t *len); ^~~~~~~~~~~~~ compat_sigset_t Currently net/compat.h depends on linux/compat.h being included first. After the upcoming changes this would break the 32bit build. Reviewed-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Christoph Hellwig <hch@lst.de> Link: https://lore.kernel.org/r/20201121214844.1488283-1-kuba@kernel.orgSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
David Howells authored
Ask the security class how much header and trailer space to allow for when allocating a packet, given how much data is remaining. This will allow the rxgk security class to stick both a trailer in as well as a header as appropriate in the future. Signed-off-by: David Howells <dhowells@redhat.com>
-
Martin Schiller authored
Call netdev notifiers before and after changing the device type. Signed-off-by: Martin Schiller <ms@dev.tdt.de> Link: https://lore.kernel.org/r/20201118063919.29485-1-ms@dev.tdt.deSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
David Howells authored
In the rxkad security class, don't use pskb_pull() to advance through the contents of the response packet. There's no point, especially as the next and last access to the skbuff still has to allow for the wire header in the offset (which we didn't advance over). Better to just add the displacement to the next offset. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Organise the security information in the rxrpc_connection struct to use a union to allow for different data for different security classes. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Insert the security header into the skbuff representing a DATA packet to be transmitted rather than using skb_reserve() when the packet is allocated. This makes it easier to apply crypto that spans the security header and the data, particularly in the upcoming RxGK class where we have a common encrypt-and-checksum function that is used in a number of circumstances. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Merge the ->prime_packet_security() into the ->init_connection_security() hook as they're always called together. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Fix an example of an rxrpc key name in a comment. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
When parsing a payload for an rxrpc-type key, ignore any tokens that are not of a known type and don't give an error for them - unless there are no tokens of a known type. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Make the parsing of xdr-encoded payloads, as passed to add_key, more coherent. Shuttling back and forth between various variables was a bit hard to follow. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Allow a security class to give more information on an rxrpc_s-type key when it is viewed in /proc/keys. This will allow the upcoming RxGK security class to show the enctype name here. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Don't let someone reading a service-side rxrpc-type key get access to the session key that was exchanged with the client. The server application will, at some point, need to be able to read the information in the ticket, but this probably shouldn't include the key material. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Hand responsibility for parsing a server key off to the security class. We can determine which class from the description. This is necessary as rxgk server keys have different lookup requirements and different content requirements (dependent on crypto type) to those of rxkad server keys. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Split the server private key type (rxrpc_s) out into its own file rather than mingling it with the authentication/client key type (rxrpc) since they don't really bear any relation. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Don't retain a pointer to the server key in the connection, but rather get it on demand when the server has to deal with a response packet. This is necessary to implement RxGK (GSSAPI-mediated transport class), where we can't know which key we'll need until we've challenged the client and got back the response. This also means that we don't need to do a key search in the accept path in softirq mode. Also, whilst we're at it, allow the security class to ask for a kvno and encoding-type variant of a server key as RxGK needs different keys for different encoding types. Keys of this type have an extra bit in the description: "<service-id>:<security-index>:<kvno>:<enctype>" Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
rxrpc-type keys can have multiple tokens attached for different security classes. Currently, rxrpc always picks the first one, whether or not the security class it indicates is supported. Add preliminary support for choosing which security class will be used (this will need to be directed from a higher layer) and go through the tokens to find one that's supported. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
When viewing an rxrpc-type key through /proc/keys, display a list of held token types. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Remove the rxrpc rxk5 security class as it's now defunct and nothing uses it anymore. Signed-off-by: David Howells <dhowells@redhat.com>
-
David Howells authored
Provide the proposed description (add key) or the original description (update/instantiate key) when preparsing a key so that the key type can validate it against the data. This is important for rxrpc server keys as we need to check that they have the right amount of key material present - and it's better to do that when the key is loaded rather than deep in trying to process a response packet. Signed-off-by: David Howells <dhowells@redhat.com> cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> cc: keyrings@vger.kernel.org
-
- 22 Nov, 2020 1 commit
-
-
George Cherian authored
Add support to choose RSS flow key algorithm with IPv4 transport protocol field included in hashing input data. This will be enabled by default. There-by enabling 3/5 tuple hash Signed-off-by: Sunil Kovvuri Goutham <sgoutham@marvell.com> Signed-off-by: George Cherian <george.cherian@marvell.com> Link: https://lore.kernel.org/r/20201120093906.2873616-1-george.cherian@marvell.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
- 21 Nov, 2020 7 commits
-
-
Jakub Kicinski authored
Merge tag 'linux-can-next-for-5.11-20201120' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2020-11-20 The first patch is by Yegor Yefremov and he improves the j1939 documentaton by adding tables for the CAN identifier and its fields. Then there are 8 patches by Oliver Hartkopp targeting the CAN driver infrastructure and drivers. These add support for optional DLC element to the Classical CAN frame structure. See patch ea780056 ("can: add optional DLC element to Classical CAN frame structure") for details. Oliver's last patch adds len8_dlc support to several drivers. Stefan Mätje provides a patch to add len8_dlc support to the esd_usb2 driver. The next patch is by Oliver Hartkopp, too and adds support for modification of Classical CAN DLCs to CAN GW sockets. The next 3 patches target the nxp,flexcan DT bindings. One patch by my adds the missing uint32 reference to the clock-frequency property. Joakim Zhang's patches fix the fsl,clk-source property and add the IMX_SC_R_CAN() macro to the imx firmware header file, which will be used in the flexcan driver later. Another patch by Joakim Zhang prepares the flexcan driver for SCU based stop-mode, by giving the existing, GPR based stop-mode, a _GPR postfix. The next 5 patches are by me, target the flexcan driver, and clean up the .ndo_open and .ndo_stop callbacks. These patches try to fix a sporadically hanging flexcan_close() during simultanious ifdown, sending of CAN messages and probably open CAN bus. I was never able to reproduce, but these seem to fix the problem at the reporting user. As these changes are rather big, I'd like to mainline them via net-next/master. The next patches are by Jimmy Assarsson and Christer Beskow, they add support for new USB devices to the existing kvaser_usb driver. The last patch is by Kaixu Xia and simplifies the return in the mcp251xfd_chip_softreset() function in the mcp251xfd driver. * tag 'linux-can-next-for-5.11-20201120' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: (25 commits) can: mcp251xfd: remove useless code in mcp251xfd_chip_softreset can: kvaser_usb: Add new Kvaser hydra devices can: kvaser_usb: kvaser_usb_hydra: Add support for new device variant can: kvaser_usb: Add new Kvaser Leaf v2 devices can: kvaser_usb: Add USB_{LEAF,HYDRA}_PRODUCT_ID_END defines can: flexcan: flexcan_close(): change order if commands to properly shut down the controller can: flexcan: flexcan_open(): completely initialize controller before requesting IRQ can: flexcan: flexcan_rx_offload_setup(): factor out mailbox and rx-offload setup into separate function can: flexcan: move enabling/disabling of interrupts from flexcan_chip_{start,stop}() to callers can: flexcan: factor out enabling and disabling of interrupts into separate function can: flexcan: rename macro FLEXCAN_QUIRK_SETUP_STOP_MODE -> FLEXCAN_QUIRK_SETUP_STOP_MODE_GPR dt-bindings: firmware: add IMX_SC_R_CAN(x) macro for CAN dt-bindings: can: fsl,flexcan: fix fsl,clk-source property dt-bindings: can: fsl,flexcan: add uint32 reference to clock-frequency property can: gw: support modification of Classical CAN DLCs can: drivers: add len8_dlc support for esd_usb2 CAN adapter can: drivers: add len8_dlc support for various CAN adapters can: drivers: introduce helpers to access Classical CAN DLC values can: update documentation for DLC usage in Classical CAN can: rename CAN FD related can_len2dlc and can_dlc2len helpers ... ==================== Link: https://lore.kernel.org/r/20201120133318.3428231-1-mkl@pengutronix.deSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Heiner Kallweit authored
Use netdev->tstats instead of a member of net_bridge for storing a pointer to the per-cpu counters. This allows us to use core functionality for statistics handling. Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com> Link: https://lore.kernel.org/r/9bad2be2-fd84-7c6e-912f-cee433787018@gmail.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Jakub Kicinski authored
Huazhong Tan says: ==================== net: hns3: misc updates for -next This series includes some misc updates for the HNS3 ethernet driver. #1 adds support for 1280 queues #2 adds mapping for BAR45 which is needed by RoCE client. #3 extend the interrupt resources. #4 add support to query firmware's calculated shaping parameters. ==================== Link: https://lore.kernel.org/r/1605863783-36995-1-git-send-email-tanhuazhong@huawei.comSigned-off-by: Jakub Kicinski <kuba@kernel.org>
-
Yonglong Liu authored
Adds debugfs to dump new shaping parameters: rate and flag. Signed-off-by: Yonglong Liu <liuyonglong@huawei.com> Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Yonglong Liu authored
Since the calculation of the driver is fixed, if the number of queue or clock changed, the calculated result may be inaccurate. So for compatible and maintainable, add a new flag to tell the firmware to calculate the shaping parameters with the specified rate. Signed-off-by: Yonglong Liu <liuyonglong@huawei.com> Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Yufeng Mo authored
For HNAE3_DEVICE_VERSION_V3, a maximum of 1281 interrupt resources are supported. To utilize these new resources, extend the corresponding field or variable to 16bit type, and remove the restriction of NIC client that only use a maximum of 65 interrupt vectors. In addition, the I/O address of the extended interrupt resources are different, so an extra handler is needed. Currently, the total number of interrupts is the sum of RoCE's number and RoCE's offset (RoCE is in front of NIC), since the number of both NIC and RoCE are same. For readability, rewrite the corresponding field of the command, rename the RoCE's offset field as the number of NIC interrupts, then the total number of interrupts is sum of the number of RoCE and NIC, and replace vport->back with hdev in hclge_init_roce_base_info() for simplifying the code. Signed-off-by: Yufeng Mo <moyufeng@huawei.com> Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-
Huazhong Tan authored
For device who has device memory accessed through the PCI BAR4, IO descriptor push of NIC and direct WQE(Work Queue Element) of RoCE will use this device memory, so add support for mapping this device memory, and add this info to the RoCE client whose new feature needs. Signed-off-by: Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
-