1. 08 Mar, 2022 5 commits
    • Jacob Keller's avatar
      ice: stop disabling VFs due to PF error responses · 79498d5a
      Jacob Keller authored
      The ice_vc_send_msg_to_vf function has logic to detect "failure"
      responses being sent to a VF. If a VF is sent more than
      ICE_DFLT_NUM_INVAL_MSGS_ALLOWED then the VF is marked as disabled.
      Almost identical logic also existed in the i40e driver.
      
      This logic was added to the ice driver in commit 1071a835 ("ice:
      Implement virtchnl commands for AVF support") which itself copied from
      the i40e implementation in commit 5c3c48ac ("i40e: implement virtual
      device interface").
      
      Neither commit provides a proper explanation or justification of the
      check. In fact, later commits to i40e changed the logic to allow
      bypassing the check in some specific instances.
      
      The "logic" for this seems to be that error responses somehow indicate a
      malicious VF. This is not really true. The PF might be sending an error
      for any number of reasons such as lack of resources, etc.
      
      Additionally, this causes the PF to log an info message for every failed
      VF response which may confuse users, and can spam the kernel log.
      
      This behavior is not documented as part of any requirement for our
      products and other operating system drivers such as the FreeBSD
      implementation of our drivers do not include this type of check.
      
      In fact, the change from dev_err to dev_info in i40e commit 18b7af57
      ("i40e: Lower some message levels") explains that these messages
      typically don't actually indicate a real issue. It is quite likely that
      a user who hits this in practice will be very confused as the VF will be
      disabled without an obvious way to recover.
      
      We already have robust malicious driver detection logic using actual
      hardware detection mechanisms that detect and prevent invalid device
      usage. Remove the logic since its not a documented requirement and the
      behavior is not intuitive.
      
      Fixes: 1071a835 ("ice: Implement virtchnl commands for AVF support")
      Signed-off-by: default avatarJacob Keller <jacob.e.keller@intel.com>
      Tested-by: default avatarKonrad Jankowski <konrad0.jankowski@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      79498d5a
    • Jacob Keller's avatar
      i40e: stop disabling VFs due to PF error responses · 5710ab79
      Jacob Keller authored
      The i40e_vc_send_msg_to_vf_ex (and its wrapper i40e_vc_send_msg_to_vf)
      function has logic to detect "failure" responses sent to the VF. If a VF
      is sent more than I40E_DEFAULT_NUM_INVALID_MSGS_ALLOWED, then the VF is
      marked as disabled. In either case, a dev_info message is printed
      stating that a VF opcode failed.
      
      This logic originates from the early implementation of VF support in
      commit 5c3c48ac ("i40e: implement virtual device interface").
      
      That commit did not go far enough. The "logic" for this behavior seems
      to be that error responses somehow indicate a malicious VF. This is not
      really true. The PF might be sending an error for any number of reasons
      such as lacking resources, an unsupported operation, etc. This does not
      indicate a malicious VF. We already have a separate robust malicious VF
      detection which relies on hardware logic to detect and prevent a variety
      of behaviors.
      
      There is no justification for this behavior in the original
      implementation. In fact, a later commit 18b7af57 ("i40e: Lower some
      message levels") reduced the opcode failure message from a dev_err to a
      dev_info. In addition, recent commit 01cbf508 ("i40e: Fix to not
      show opcode msg on unsuccessful VF MAC change") changed the logic to
      allow quieting it for expected failures.
      
      That commit prevented this logic from kicking in for specific
      circumstances. This change did not go far enough. The behavior is not
      documented nor is it part of any requirement for our products. Other
      operating systems such as the FreeBSD implementation of our driver do
      not include this logic.
      
      It is clear this check does not make sense, and causes problems which
      led to ugly workarounds.
      
      Fix this by just removing the entire logic and the need for the
      i40e_vc_send_msg_to_vf_ex function.
      
      Fixes: 01cbf508 ("i40e: Fix to not show opcode msg on unsuccessful VF MAC change")
      Fixes: 5c3c48ac ("i40e: implement virtual device interface")
      Signed-off-by: default avatarJacob Keller <jacob.e.keller@intel.com>
      Tested-by: default avatarKonrad Jankowski <konrad0.jankowski@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      5710ab79
    • Michal Maloszewski's avatar
      iavf: Fix adopting new combined setting · 57d03f56
      Michal Maloszewski authored
      In some cases overloaded flag IAVF_FLAG_REINIT_ITR_NEEDED
      which should indicate that interrupts need to be completely
      reinitialized during reset leads to RTNL deadlocks using ethtool -C
      while a reset is in progress.
      To fix, it was added a new flag IAVF_FLAG_REINIT_MSIX_NEEDED
      used to trigger MSI-X reinit.
      New combined setting is fixed adopt after VF reset.
      This has been implemented by call reinit interrupt scheme
      during VF reset.
      Without this fix new combined setting has never been adopted.
      
      Fixes: 209f2f9c ("iavf: Add support for VIRTCHNL_VF_OFFLOAD_VLAN_V2 negotiation")
      Signed-off-by: default avatarGrzegorz Szczurek <grzegorzx.szczurek@intel.com>
      Signed-off-by: default avatarMitch Williams <mitch.a.williams@intel.com>
      Signed-off-by: default avatarMichal Maloszewski <michal.maloszewski@intel.com>
      Tested-by: default avatarKonrad Jankowski <konrad0.jankowski@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      57d03f56
    • Michal Maloszewski's avatar
      iavf: Fix handling of vlan strip virtual channel messages · 2cf29e55
      Michal Maloszewski authored
      Modify netdev->features for vlan stripping based on virtual
      channel messages received from the PF. Change is needed
      to synchronize vlan strip status between PF sysfs and iavf ethtool.
      
      Fixes: 5951a2b9 ("iavf: Fix VLAN feature flags after VFR")
      Signed-off-by: default avatarNorbert Ciosek <norbertx.ciosek@intel.com>
      Signed-off-by: default avatarMichal Maloszewski <michal.maloszewski@intel.com>
      Tested-by: default avatarKonrad Jankowski <konrad0.jankowski@intel.com>
      Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      2cf29e55
    • Russell King (Oracle)'s avatar
      net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate() · e5417cbf
      Russell King (Oracle) authored
      Discussing one of the tests in mt753x_phylink_validate() with Landen
      Chao confirms that the "||" should be "&&". Fix this.
      
      Fixes: c288575f ("net: dsa: mt7530: Add the support of MT7531 switch")
      Signed-off-by: default avatarRussell King (Oracle) <rmk+kernel@armlinux.org.uk>
      Link: https://lore.kernel.org/r/E1nRCF0-00CiXD-7q@rmk-PC.armlinux.org.ukSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      e5417cbf
  2. 07 Mar, 2022 6 commits
  3. 06 Mar, 2022 1 commit
  4. 05 Mar, 2022 2 commits
  5. 04 Mar, 2022 3 commits
    • Tung Nguyen's avatar
      tipc: fix kernel panic when enabling bearer · be4977b8
      Tung Nguyen authored
      When enabling a bearer on a node, a kernel panic is observed:
      
      [    4.498085] RIP: 0010:tipc_mon_prep+0x4e/0x130 [tipc]
      ...
      [    4.520030] Call Trace:
      [    4.520689]  <IRQ>
      [    4.521236]  tipc_link_build_proto_msg+0x375/0x750 [tipc]
      [    4.522654]  tipc_link_build_state_msg+0x48/0xc0 [tipc]
      [    4.524034]  __tipc_node_link_up+0xd7/0x290 [tipc]
      [    4.525292]  tipc_rcv+0x5da/0x730 [tipc]
      [    4.526346]  ? __netif_receive_skb_core+0xb7/0xfc0
      [    4.527601]  tipc_l2_rcv_msg+0x5e/0x90 [tipc]
      [    4.528737]  __netif_receive_skb_list_core+0x20b/0x260
      [    4.530068]  netif_receive_skb_list_internal+0x1bf/0x2e0
      [    4.531450]  ? dev_gro_receive+0x4c2/0x680
      [    4.532512]  napi_complete_done+0x6f/0x180
      [    4.533570]  virtnet_poll+0x29c/0x42e [virtio_net]
      ...
      
      The node in question is receiving activate messages in another
      thread after changing bearer status to allow message sending/
      receiving in current thread:
      
               thread 1           |              thread 2
               --------           |              --------
                                  |
      tipc_enable_bearer()        |
        test_and_set_bit_lock()   |
          tipc_bearer_xmit_skb()  |
                                  | tipc_l2_rcv_msg()
                                  |   tipc_rcv()
                                  |     __tipc_node_link_up()
                                  |       tipc_link_build_state_msg()
                                  |         tipc_link_build_proto_msg()
                                  |           tipc_mon_prep()
                                  |           {
                                  |             ...
                                  |             // null-pointer dereference
                                  |             u16 gen = mon->dom_gen;
                                  |             ...
                                  |           }
        // Not being executed yet |
        tipc_mon_create()         |
        {                         |
          ...                     |
          // allocate             |
          mon = kzalloc();        |
          ...                     |
        }                         |
      
      Monitoring pointer in thread 2 is dereferenced before monitoring data
      is allocated in thread 1. This causes kernel panic.
      
      This commit fixes it by allocating the monitoring data before enabling
      the bearer to receive messages.
      
      Fixes: 35c55c98 ("tipc: add neighbor monitoring framework")
      Reported-by: default avatarShuang Li <shuali@redhat.com>
      Acked-by: default avatarJon Maloy <jmaloy@redhat.com>
      Signed-off-by: default avatarTung Nguyen <tung.q.nguyen@dektech.com.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      be4977b8
    • Robert Hancock's avatar
      net: macb: Fix lost RX packet wakeup race in NAPI receive · 0bf476fc
      Robert Hancock authored
      There is an oddity in the way the RSR register flags propagate to the
      ISR register (and the actual interrupt output) on this hardware: it
      appears that RSR register bits only result in ISR being asserted if the
      interrupt was actually enabled at the time, so enabling interrupts with
      RSR bits already set doesn't trigger an interrupt to be raised. There
      was already a partial fix for this race in the macb_poll function where
      it checked for RSR bits being set and re-triggered NAPI receive.
      However, there was a still a race window between checking RSR and
      actually enabling interrupts, where a lost wakeup could happen. It's
      necessary to check again after enabling interrupts to see if RSR was set
      just prior to the interrupt being enabled, and re-trigger receive in that
      case.
      
      This issue was noticed in a point-to-point UDP request-response protocol
      which periodically saw timeouts or abnormally high response times due to
      received packets not being processed in a timely fashion. In many
      applications, more packets arriving, including TCP retransmissions, would
      cause the original packet to be processed, thus masking the issue.
      
      Fixes: 02f7a34f ("net: macb: Re-enable RX interrupt only when RX is done")
      Cc: stable@vger.kernel.org
      Co-developed-by: default avatarScott McNutt <scott.mcnutt@siriusxm.com>
      Signed-off-by: default avatarScott McNutt <scott.mcnutt@siriusxm.com>
      Signed-off-by: default avatarRobert Hancock <robert.hancock@calian.com>
      Tested-by: default avatarClaudiu Beznea <claudiu.beznea@microchip.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0bf476fc
    • Jakub Kicinski's avatar
      Merge tag 'for-net-2022-03-03' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth · 9f3956d6
      Jakub Kicinski authored
      Luiz Augusto von Dentz says:
      
      ====================
      bluetooth pull request for net:
      
       - Fix regression with processing of MGMT commands
       - Fix unbalanced unlock in Set Device Flags
      
      * tag 'for-net-2022-03-03' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth:
        Bluetooth: hci_sync: Fix not processing all entries on cmd_sync_work
        Bluetooth: hci_core: Fix unbalanced unlock in set_device_flags()
      ====================
      
      Link: https://lore.kernel.org/r/20220303210743.314679-1-luiz.dentz@gmail.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      9f3956d6
  6. 03 Mar, 2022 23 commits