1. 08 Dec, 2016 4 commits
  2. 07 Dec, 2016 8 commits
  3. 06 Dec, 2016 26 commits
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc · bc3913a5
      Linus Torvalds authored
      Pull sparc fix from David Miller:
       "A use-before-NULL-check from Dan Carpenter"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
        dbri: move dereference after check for NULL
      bc3913a5
    • Dan Carpenter's avatar
      dbri: move dereference after check for NULL · 163117e8
      Dan Carpenter authored
      We accidentally introduced a dereference before the NULL check in
      xmit_descs() as part of silencing a GCC warning.
      
      Fixes: 16f46050 ("dbri: Fix compiler warning")
      Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      163117e8
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · da1b466f
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) When dcbnl_cee_fill() fails to be able to push a new netlink
          attribute, it return 0 instead of an error code. From Pan Bian.
      
       2) Two suffix handling fixes to FIB trie code, from Alexander Duyck.
      
       3) bnxt_hwrm_stat_ctx_alloc() goes through all the trouble of setting
          and maintaining a return code 'rc' but fails to actually return it.
          Also from Pan Bian.
      
       4) ping socket ICMP handler needs to validate ICMP header length, from
          Kees Cook.
      
       5) caif_sktinit_module() has this interesting logic:
      
              int err = sock_register(...);
              if (!err)
                      return err;
              return 0;
      
          Just return sock_register()'s return value directly which is the
          only possible correct thing to do.
      
       6) Two bnx2x driver fixes from Yuval Mintz, return a reasonable
          estimate from get_ringparam() ethtool op when interface is down and
          avoid trying to use UDP port based tunneling on 577xx chips.
      
       7) Fix ep93xx_eth crash on module unload from Florian Fainelli.
      
       8) Missing uapi exports, from Stephen Hemminger.
      
       9) Don't schedule work from sk_destruct(), because the socket will be
          freed upon return from that function. From Herbert Xu.
      
      10) Buggy drivers, of which we know there is at least one, can send a
          huge packet into the TCP stack but forget to set the gso_size in the
          SKB, which causes all kinds of problems.
      
          Correct this when it happens, and emit a one-time warning with the
          device name included so that it can be diagnosed more easily.
      
          From Marcelo Ricardo Leitner.
      
      11) virtio-net does DMA off the stack causes hiccups with VMAP_STACK,
          fix from Andy Lutomirski.
      
      12) Fix fec driver compilation with CONFIG_M5272, from Nikita
          Yushchenko.
      
      13) mlx5 fixes from Kamal Heib, Saeed Mahameed, and Mohamad Haj Yahia.
          (erroneously flushing queues on error, module parameter validation,
          etc)
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (34 commits)
        net/mlx5e: Change the SQ/RQ operational state to positive logic
        net/mlx5e: Don't flush SQ on error
        net/mlx5e: Don't notify HW when filling the edge of ICO SQ
        net/mlx5: Fix query ISSI flow
        net/mlx5: Remove duplicate pci dev name print
        net/mlx5: Verify module parameters
        net: fec: fix compile with CONFIG_M5272
        be2net: Add DEVSEC privilege to SET_HSW_CONFIG command.
        virtio-net: Fix DMA-from-the-stack in virtnet_set_mac_address()
        tcp: warn on bogus MSS and try to amend it
        uapi glibc compat: fix outer guard of net device flags enum
        net: stmmac: clear reset value of snps, wr_osr_lmt/snps, rd_osr_lmt before writing
        netlink: Do not schedule work from sk_destruct
        uapi: export nf_log.h
        uapi: export tc_skbmod.h
        net: ep93xx_eth: Do not crash unloading module
        bnx2x: Prevent tunnel config for 577xx
        bnx2x: Correct ringparam estimate when DOWN
        isdn: hisax: set error code on failure
        net: bnx2x: fix improper return value
        ...
      da1b466f
    • Linus Torvalds's avatar
      shmem: fix shm fallocate() list corruption · 10d20bd2
      Linus Torvalds authored
      The shmem hole punching with fallocate(FALLOC_FL_PUNCH_HOLE) does not
      want to race with generating new pages by faulting them in.
      
      However, the wait-queue used to delay the page faulting has a serious
      problem: the wait queue head (in shmem_fallocate()) is allocated on the
      stack, and the code expects that "wake_up_all()" will make sure that all
      the queue entries are gone before the stack frame is de-allocated.
      
      And that is not at all necessarily the case.
      
      Yes, a normal wake-up sequence will remove the wait-queue entry that
      caused the wakeup (see "autoremove_wake_function()"), but the key
      wording there is "that caused the wakeup".  When there are multiple
      possible wakeup sources, the wait queue entry may well stay around.
      
      And _particularly_ in a page fault path, we may be faulting in new pages
      from user space while we also have other things going on, and there may
      well be other pending wakeups.
      
      So despite the "wake_up_all()", it's not at all guaranteed that all list
      entries are removed from the wait queue head on the stack.
      
      Fix this by introducing a new wakeup function that removes the list
      entry unconditionally, even if the target process had already woken up
      for other reasons.  Use that "synchronous" function to set up the
      waiters in shmem_fault().
      
      This problem has never been seen in the wild afaik, but Dave Jones has
      reported it on and off while running trinity.  We thought we fixed the
      stack corruption with the blk-mq rq_list locking fix (commit
      7fe31130: "blk-mq: update hardware and software queues for sleeping
      alloc"), but it turns out there was _another_ stack corruptor hiding
      in the trinity runs.
      
      Vegard Nossum (also running trinity) was able to trigger this one fairly
      consistently, and made us look once again at the shmem code due to the
      faults often being in that area.
      
      Reported-and-tested-by: Vegard Nossum <vegard.nossum@oracle.com>.
      Reported-by: default avatarDave Jones <davej@codemonkey.org.uk>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      10d20bd2
    • David S. Miller's avatar
      Merge branch 'mlx5-fixes' · 32f16e14
      David S. Miller authored
      Saeed Mahameed says:
      
      ====================
      Mellanox 100G mlx5 fixes 2016-12-04
      
      Some bug fixes for mlx5 core and mlx5e driver.
      
      v1->v2:
       - replace "uint" with "unsigned int"
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      32f16e14
    • Mohamad Haj Yahia's avatar
      net/mlx5e: Change the SQ/RQ operational state to positive logic · c0f1147d
      Mohamad Haj Yahia authored
      When using the negative logic (i.e. FLUSH state), after the RQ/SQ reopen
      we will have a time interval that the RQ/SQ is not really ready and the
      state indicates that its not in FLUSH state because the initial SQ/RQ struct
      memory starts as zeros.
      Now we changed the state to indicate if the SQ/RQ is opened and we will
      set the READY state after finishing preparing all the SQ/RQ resources.
      
      Fixes: 6e8dd6d6 ("net/mlx5e: Don't wait for SQ completions on close")
      Fixes: f2fde18c ("net/mlx5e: Don't wait for RQ completions on close")
      Signed-off-by: default avatarMohamad Haj Yahia <mohamad@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c0f1147d
    • Saeed Mahameed's avatar
      net/mlx5e: Don't flush SQ on error · 3c8591d5
      Saeed Mahameed authored
      We are doing SQ descriptors cleanup in driver.
      
      Fixes: 6e8dd6d6 ("net/mlx5e: Don't wait for SQ completions on close")
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3c8591d5
    • Saeed Mahameed's avatar
      net/mlx5e: Don't notify HW when filling the edge of ICO SQ · b8335d91
      Saeed Mahameed authored
      We are going to do this a couple of steps ahead anyway.
      
      Fixes: d3c9bc27 ("net/mlx5e: Added ICO SQs")
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b8335d91
    • Kamal Heib's avatar
      net/mlx5: Fix query ISSI flow · f9c14e46
      Kamal Heib authored
      In old FWs query ISSI command is not supported and for some of those FWs
      it might fail with status other than "MLX5_CMD_STAT_BAD_OP_ERR".
      
      In such case instead of failing the driver load, we will treat any FW
      status other than 0 for Query ISSI FW command as ISSI not supported and
      assume ISSI=0 (most basic driver/FW interface).
      
      In case of driver syndrom (query ISSI failure by driver) we will fail
      driver load.
      
      Fixes: f62b8bb8 ('net/mlx5: Extend mlx5_core to support ConnectX-4
      Ethernet functionality')
      Signed-off-by: default avatarKamal Heib <kamalh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f9c14e46
    • Kamal Heib's avatar
      net/mlx5: Remove duplicate pci dev name print · 9e5b2fc1
      Kamal Heib authored
      Remove duplicate pci dev name printing from mlx5_core_warn/dbg.
      
      Fixes: 5a788398 ('net/mlx5_core: Improve mlx5 messages')
      Signed-off-by: default avatarKamal Heib <kamalh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9e5b2fc1
    • Kamal Heib's avatar
      net/mlx5: Verify module parameters · f663ad98
      Kamal Heib authored
      Verify the mlx5_core module parameters by making sure that they are in
      the expected range and if they aren't restore them to their default
      values.
      
      Fixes: 9603b61d ('mlx5: Move pci device handling from mlx5_ib to mlx5_core')
      Signed-off-by: default avatarKamal Heib <kamalh@mellanox.com>
      Signed-off-by: default avatarSaeed Mahameed <saeedm@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f663ad98
    • Nikita Yushchenko's avatar
      net: fec: fix compile with CONFIG_M5272 · f85de666
      Nikita Yushchenko authored
      Commit 80cca775 ("net: fec: cache statistics while device is down")
      introduced unconditional statistics-related actions.
      
      However, when driver is compiled with CONFIG_M5272, staticsics-related
      definitions do not exist, which results into build errors.
      
      Fix that by adding explicit handling of !defined(CONFIG_M5272) case.
      
      Fixes: 80cca775 ("net: fec: cache statistics while device is down")
      Signed-off-by: default avatarNikita Yushchenko <nikita.yoush@cogentembedded.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f85de666
    • Venkat Duvvuru's avatar
      be2net: Add DEVSEC privilege to SET_HSW_CONFIG command. · d14584d9
      Venkat Duvvuru authored
      OPCODE_COMMON_GET_FN_PRIVILEGES is returning only DEVSEC
      privilege (Unrestricted Administrative Privilege) for Lancer NIC functions.
      So, driver is failing SET_HSW_CONFIG command, as DEVSEC privilege was not
      set in the privilege bitmap. This patch fixes the problem by setting DEVSEC
      privilege in SET_HSW_CONFIG’s privilege bitmap.
      Signed-off-by: default avatarVenkat Duvvuru <venkatkumar.duvvuru@broadcom.com>
      Signed-off-by: default avatarSuresh Reddy <suresh.reddy@broadcom.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d14584d9
    • Andy Lutomirski's avatar
      virtio-net: Fix DMA-from-the-stack in virtnet_set_mac_address() · e37e2ff3
      Andy Lutomirski authored
      With CONFIG_VMAP_STACK=y, virtnet_set_mac_address() can be passed a
      pointer to the stack and it will OOPS.  Copy the address to the heap
      to prevent the crash.
      
      Cc: Michael S. Tsirkin <mst@redhat.com>
      Cc: Jason Wang <jasowang@redhat.com>
      Cc: Laura Abbott <labbott@redhat.com>
      Reported-by: zbyszek@in.waw.pl
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Acked-by: default avatarJason Wang <jasowang@redhat.com>
      Acked-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e37e2ff3
    • Marcelo Ricardo Leitner's avatar
      tcp: warn on bogus MSS and try to amend it · dcb17d22
      Marcelo Ricardo Leitner authored
      There have been some reports lately about TCP connection stalls caused
      by NIC drivers that aren't setting gso_size on aggregated packets on rx
      path. This causes TCP to assume that the MSS is actually the size of the
      aggregated packet, which is invalid.
      
      Although the proper fix is to be done at each driver, it's often hard
      and cumbersome for one to debug, come to such root cause and report/fix
      it.
      
      This patch amends this situation in two ways. First, it adds a warning
      on when this situation occurs, so it gives a hint to those trying to
      debug this. It also limit the maximum probed MSS to the adverised MSS,
      as it should never be any higher than that.
      
      The result is that the connection may not have the best performance ever
      but it shouldn't stall, and the admin will have a hint on what to look
      for.
      
      Tested with virtio by forcing gso_size to 0.
      
      v2: updated msg per David's suggestion
      v3: use skb_iif to find the interface and also log its name, per Eric
          Dumazet's suggestion. As the skb may be backlogged and the interface
          gone by then, we need to check if the number still has a meaning.
      v4: use helper tcp_gro_dev_warn() and avoid pr_warn_once inside __once, per
          David's suggestion
      
      Cc: Jonathan Maxwell <jmaxwell37@gmail.com>
      Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      dcb17d22
    • Jonas Gorski's avatar
      uapi glibc compat: fix outer guard of net device flags enum · efc45154
      Jonas Gorski authored
      Fix a wrong condition preventing the higher net device flags
      IFF_LOWER_UP etc to be defined if net/if.h is included before
      linux/if.h.
      
      The comment makes it clear the intention was to allow partial
      definition with either parts.
      
      This fixes compilation of userspace programs trying to use
      IFF_LOWER_UP, IFF_DORMANT or IFF_ECHO.
      
      Fixes: 4a91cb61 ("uapi glibc compat: fix compile errors when glibc net/if.h included before linux/if.h")
      Signed-off-by: default avatarJonas Gorski <jonas.gorski@gmail.com>
      Reviewed-by: default avatarMikko Rapeli <mikko.rapeli@iki.fi>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      efc45154
    • Niklas Cassel's avatar
      net: stmmac: clear reset value of snps, wr_osr_lmt/snps, rd_osr_lmt before writing · 6b3374cb
      Niklas Cassel authored
      WR_OSR_LMT and RD_OSR_LMT have a reset value of 1.
      Since the reset value wasn't cleared before writing, the value in the
      register would be incorrect if specifying an uneven value for
      snps,wr_osr_lmt/snps,rd_osr_lmt.
      
      Zero is a valid value for the properties, since the databook specifies:
      maximum outstanding requests = WR_OSR_LMT + 1.
      
      We do not want to change the behavior for existing users when the
      property is missing. Therefore, default to 1 if the property is missing,
      since that is the same as the reset value.
      Signed-off-by: default avatarNiklas Cassel <niklas.cassel@axis.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6b3374cb
    • Miklos Szeredi's avatar
      fuse: fix clearing suid, sgid for chown() · c01638f5
      Miklos Szeredi authored
      Basically, the pjdfstests set the ownership of a file to 06555, and then
      chowns it (as root) to a new uid/gid. Prior to commit a09f99ed ("fuse:
      fix killing s[ug]id in setattr"), fuse would send down a setattr with both
      the uid/gid change and a new mode.  Now, it just sends down the uid/gid
      change.
      
      Technically this is NOTABUG, since POSIX doesn't _require_ that we clear
      these bits for a privileged process, but Linux (wisely) has done that and I
      think we don't want to change that behavior here.
      
      This is caused by the use of should_remove_suid(), which will always return
      0 when the process has CAP_FSETID.
      
      In fact we really don't need to be calling should_remove_suid() at all,
      since we've already been indicated that we should remove the suid, we just
      don't want to use a (very) stale mode for that.
      
      This patch should fix the above as well as simplify the logic.
      
      Reported-by: Jeff Layton <jlayton@redhat.com> 
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Fixes: a09f99ed ("fuse: fix killing s[ug]id in setattr")
      Cc: <stable@vger.kernel.org>
      Reviewed-by: default avatarJeff Layton <jlayton@redhat.com>
      c01638f5
    • Dmitry Vyukov's avatar
      lockdep: Fix report formatting · f943fe0f
      Dmitry Vyukov authored
      Since commit:
      
        4bcc595c ("printk: reinstate KERN_CONT for printing continuation lines")
      
      printk() requires KERN_CONT to continue log messages. Lots of printk()
      in lockdep.c and print_ip_sym() don't have it. As the result lockdep
      reports are completely messed up.
      
      Add missing KERN_CONT and inline print_ip_sym() where necessary.
      
      Example of a messed up report:
      
        0-rc5+ #41 Not tainted
        -------------------------------------------------------
        syz-executor0/5036 is trying to acquire lock:
         (
        rtnl_mutex
        ){+.+.+.}
        , at:
        [<ffffffff86b3d6ac>] rtnl_lock+0x1c/0x20
        but task is already holding lock:
         (
        &net->packet.sklist_lock
        ){+.+...}
        , at:
        [<ffffffff873541a6>] packet_diag_dump+0x1a6/0x1920
        which lock already depends on the new lock.
        the existing dependency chain (in reverse order) is:
        -> #3
         (
        &net->packet.sklist_lock
        +.+...}
        ...
      
      Without this patch all scripts that parse kernel bug reports are broken.
      Signed-off-by: default avatarDmitry Vyukov <dvyukov@google.com>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: andreyknvl@google.com
      Cc: aryabinin@virtuozzo.com
      Cc: joe@perches.com
      Cc: syzkaller@googlegroups.com
      Link: http://lkml.kernel.org/r/1480343083-48731-1-git-send-email-dvyukov@google.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      f943fe0f
    • David Carrillo-Cisneros's avatar
      perf/core: Remove invalid warning from list_update_cgroup_even()t · 8fc31ce8
      David Carrillo-Cisneros authored
      The warning introduced in commit:
      
        864c2357 ("perf/core: Do not set cpuctx->cgrp for unscheduled cgroups")
      
      assumed that a cgroup switch always precedes list_del_event. This is
      not the case. Remove warning.
      
      Make sure that cpuctx->cgrp is NULL until a cgroup event is sched in
      or ctx->nr_cgroups == 0.
      Signed-off-by: default avatarDavid Carrillo-Cisneros <davidcc@google.com>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Kan Liang <kan.liang@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Marcelo Tosatti <mtosatti@redhat.com>
      Cc: Nilay Vaish <nilayvaish@gmail.com>
      Cc: Paul Turner <pjt@google.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Ravi V Shankar <ravi.v.shankar@intel.com>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vegard Nossum <vegard.nossum@gmail.com>
      Cc: Vikas Shivappa <vikas.shivappa@linux.intel.com>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Link: http://lkml.kernel.org/r/1480841177-27299-1-git-send-email-davidcc@google.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      8fc31ce8
    • Peter Zijlstra (Intel)'s avatar
      perf/x86: Fix full width counter, counter overflow · 7f612a7f
      Peter Zijlstra (Intel) authored
      Lukasz reported that perf stat counters overflow handling is broken on KNL/SLM.
      
      Both these parts have full_width_write set, and that does indeed have
      a problem. In order to deal with counter wrap, we must sample the
      counter at at least half the counter period (see also the sampling
      theorem) such that we can unambiguously reconstruct the count.
      
      However commit:
      
        069e0c3c ("perf/x86/intel: Support full width counting")
      
      sets the sampling interval to the full period, not half.
      
      Fixing that exposes another issue, in that we must not sign extend the
      delta value when we shift it right; the counter cannot have
      decremented after all.
      
      With both these issues fixed, counter overflow functions correctly
      again.
      Reported-by: default avatarLukasz Odzioba <lukasz.odzioba@intel.com>
      Tested-by: default avatarLiang, Kan <kan.liang@intel.com>
      Tested-by: default avatarOdzioba, Lukasz <lukasz.odzioba@intel.com>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Cc: stable@vger.kernel.org
      Fixes: 069e0c3c ("perf/x86/intel: Support full width counting")
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      7f612a7f
    • Piotr Luc's avatar
      perf/x86/intel: Enable C-state residency events for Knights Mill · 1dba23b1
      Piotr Luc authored
      The Knights Mill is enough close to Knights Landing so the path reuses
      C-state residency support of the latter.
      Signed-off-by: default avatarPiotr Luc <piotr.luc@intel.com>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Link: http://lkml.kernel.org/r/20161201000853.18260-1-piotr.luc@intel.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      1dba23b1
    • Jiri Slaby's avatar
      objtool: Fix bytes check of lea's rex_prefix · 69042bf2
      Jiri Slaby authored
      For the "lea %(rsp), %rbp" case, we check if there is a rex_prefix.
      But we check 'bytes' which is insn_byte_t[4] in rex_prefix (insn_field
      structure). Therefore, the check is always true.
      
      Instead, check 'nbytes' which is the right one.
      Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
      Acked-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/20161205105551.25917-1-jslaby@suse.czSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      69042bf2
    • Herbert Xu's avatar
      netlink: Do not schedule work from sk_destruct · ed5d7788
      Herbert Xu authored
      It is wrong to schedule a work from sk_destruct using the socket
      as the memory reserve because the socket will be freed immediately
      after the return from sk_destruct.
      
      Instead we should do the deferral prior to sk_free.
      
      This patch does just that.
      
      Fixes: 707693c8 ("netlink: Call cb->done from a worker thread")
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Tested-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ed5d7788
    • stephen hemminger's avatar
      uapi: export nf_log.h · ffe3bb85
      stephen hemminger authored
      File is in uapi directory but not being copied on
       make install_headers
      
      Fixes commit 4ec9c8fbbc22 ("netfilter: nft_log: complete
      NFTA_LOG_FLAGS attr support").
      Signed-off-by: default avatarStephen Hemminger <sthemmin@microsoft.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ffe3bb85
    • stephen hemminger's avatar
      uapi: export tc_skbmod.h · ad558858
      stephen hemminger authored
      Fixes commit 735cffe5d800 ("net_sched: Introduce skbmod action")
      Not used by iproute2 but maybe in future.
      Signed-off-by: default avatarStephen Hemminger <sthemmin@microsoft.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ad558858
  4. 05 Dec, 2016 2 commits
    • Florian Fainelli's avatar
      net: ep93xx_eth: Do not crash unloading module · c823abac
      Florian Fainelli authored
      When we unload the ep93xx_eth, whether we have opened the network
      interface or not, we will either hit a kernel paging request error, or a
      simple NULL pointer de-reference because:
      
      - if ep93xx_open has been called, we have created a valid DMA mapping
        for ep->descs, when we call ep93xx_stop, we also call
        ep93xx_free_buffers, ep->descs now has a stale value
      
      - if ep93xx_open has not been called, we have a NULL pointer for
        ep->descs, so performing any operation against that address just won't
        work
      
      Fix this by adding a NULL pointer check for ep->descs which means that
      ep93xx_free_buffers() was able to successfully tear down the descriptors
      and free the DMA cookie as well.
      
      Fixes: 1d22e05d ("[PATCH] Cirrus Logic ep93xx ethernet driver")
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c823abac
    • David S. Miller's avatar
      Merge branch 'bnx2x-fixes' · 34e0f2c2
      David S. Miller authored
      Yuval Mintz says:
      
      ====================
      bnx2x: fixes series
      
      Two unrelated fixes for bnx2x - the first one is nice-to-have,
      while the other fixes fatal behaviour in older adapters.
      
      Please consider applying them to `net'.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      34e0f2c2