- 13 Sep, 2013 15 commits
-
-
David Ertman authored
When copying the MAC RAR registers to PHY there is an error in the calculation of the rar_entry_count, which causes a write of unknown/ undefined register space in the MAC to unknown/undefined register space in the PHY. This patch fixes the overrun with writing to the PHY RAR and also fixes the ethtool offline register tests so that the correctly addressed registers have the appropriate bitmasks for R/W and RO bits for affected parts. Shawn Rader gets credit for finding and fixing the register overrun. Signed-off-by:
Dave Ertman <davidx.m.ertman@intel.com> CC: Shawn Rader <shawn.t.rader@intel.com> Tested-by:
Aaron Brown <aaron.f.brown@intel.com> Signed-off-by:
Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
David Ertman authored
Removing a comparison to the boolean value true where simply interrogating the lvalue will produce the same result. Signed-off-by:
-
Emil Tantilov authored
This patch resolves an issue where the driver will display incorrect info for Q/SFP+ modules that were inserted after the driver has been loaded. This patch adds a call to identify_phy() in ixgbe_get_settings() prior to calling get_link_capabilities() which needs the PHY data in order to determine the correct settings. Signed-off-by:
Emil Tantilov <emil.s.tantilov@intel.com> Tested-by:
Phil Schmitt <phillip.j.schmitt@intel.com> Signed-off-by:
-
Emil Tantilov authored
QSFP+ modules do not support auto negotiation and should advertise only one speed at a time. This patch adds logic in ethtool to allow setting and reporting the advertised speed at either 1Gbps or 10Gbps, but not both. Also limits the speed set in ixgbe_sfp_link_config_subtask() to highest supported. Previously the link was set to whatever the supported speeds were. Signed-off-by:
-
Emil Tantilov authored
This patch disables DCB prior to running the loopback test. When DCB is enabled the frames may be modified on Tx (by adding vlan tag) which will fail the check on Rx. Signed-off-by:
Jack Morgan <jack.morgan@intel.com> Signed-off-by:
-
Jacob Keller authored
This patch modifies the configure_rx path in order to properly disable RSC hardware logic when the user disables it. Previously we only disabled RSC in the queue settings, but this does not fully disable hardware RSC logic which can lead to some unexpected performance issues. Signed-off-by:
Jacob Keller <jacob.e.keller@intel.com> Tested-by:
-
Eugenia Emantayev authored
When the device is down, CQs are freed. We must check the device state to avoid issuing firmware commands on non existing CQs. CC: Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by:
Eugenia Emantayev <eugenia@mellanox.com> Signed-off-by:
Amir Vadai <amirv@mellanox.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
At some point limits were added to forward_delay. However, the limits are only enforced when STP is enabled. This created a scenario where you could have a value outside the allowed range while STP is disabled, which then stuck around even after STP is enabled. This patch fixes this by clamping the value when we enable STP. I had to move the locking around a bit to ensure that there is no window where someone could insert a value outside the range while we're in the middle of enabling STP. Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Cheers, Signed-off-by:
-
Chris Healy authored
This changes the message_age_timer calculation to use the BPDU's max age as opposed to the local bridge's max age. This is in accordance with section 8.6.2.3.2 Step 2 of the 802.1D-1998 sprecification. With the current implementation, when running with very large bridge diameters, convergance will not always occur even if a root bridge is configured to have a longer max age. Tested successfully on bridge diameters of ~200. Signed-off-by:
Chris Healy <cphealy@gmail.com> Signed-off-by:
-
Michael Opdenacker authored
This patch proposes to remove the IRQF_DISABLED flag from drivers/net/ethernet/dec/tulip/de4x5.c It's a NOOP since 2.6.35 and it will be removed one day. Signed-off-by:
Michael Opdenacker <michael.opdenacker@free-electrons.com> Acked-by:
Grant Grundler <grundler@parisc-linux.org> Signed-off-by:
-
Michael Opdenacker authored
This patch proposes to remove the IRQF_DISABLED flag from drivers/net/ethernet/amd/sun3lance.c It's a NOOP since 2.6.35 and it will be removed one day. Signed-off-by:
-
Michael Opdenacker authored
This patch proposes to remove the IRQF_DISABLED flag from drivers/net/ethernet/ibm/ehea/ehea_main.c It's a NOOP since 2.6.35 and it will be removed one day. Signed-off-by:
Thadeu Lima de Souza Cascardo <cascardo@linux.vnet.ibm.com> Signed-off-by:
-
Michael Opdenacker authored
This patch proposes to remove the IRQF_DISABLED flag from drivers/net/ethernet/adi/bfin_mac.c. It's a NOOP since 2.6.35 and it will be removed one day. Signed-off-by:
Jingoo Han <jg1.han@samsung.com> Signed-off-by:
-
David Vrabel authored
When a VM is providing an iSCSI target and the LUN is used by the backend domain, the generated skbs for direct I/O writes to the disk have large, multi-page skb->data but no frags. With some lengths and starting offsets, xen_netbk_count_skb_slots() would be one short because the simple calculation of DIV_ROUND_UP(skb_headlen(), PAGE_SIZE) was not accounting for the decisions made by start_new_rx_buffer() which does not guarantee responses are fully packed. For example, a skb with length < 2 pages but which spans 3 pages would be counted as requiring 2 slots but would actually use 3 slots. skb->data: | 1111|222222222222|3333 | Fully packed, this would need 2 slots: |111122222222|22223333 | But because the 2nd page wholy fits into a slot it is not split across slots and goes into a slot of its own: |1111 |222222222222|3333 | Miscounting the number of slots means netback may push more responses than the number of available requests. This will cause the frontend to get very confused and report "Too many frags/slots". The frontend never recovers and will eventually BUG. Fix this by counting the number of required slots more carefully. In xen_netbk_count_skb_slots(), more closely follow the algorithm used by xen_netbk_gop_skb() by introducing xen_netbk_count_frag_slots() which is the dry-run equivalent of netbk_gop_frag_copy(). Signed-off-by:David Vrabel <david.vrabel@citrix.com> Acked-by:
Ian Campbell <ian.campbell@citrix.com> Signed-off-by:
-
Nithin Sujir authored
Commit 989038e2 ("tg3: Don't turn off led on 5719 serdes port 0") added code to skip turning led off on port 0 of the 5719 since it powered down other ports. This workaround needs to be enabled on the 5720 as well. Cc: stable@vger.kernel.org Signed-off-by:
Nithin Nayak Sujir <nsujir@broadcom.com> Signed-off-by:
Michael Chan <mchan@broadcom.com> Signed-off-by:
-
- 12 Sep, 2013 12 commits
-
-
Daniel Borkmann authored
Alan Chester reported an issue with IPv6 on SCTP that IPsec traffic is not being encrypted, whereas on IPv4 it is. Setting up an AH + ESP transport does not seem to have the desired effect: SCTP + IPv4: 22:14:20.809645 IP (tos 0x2,ECT(0), ttl 64, id 0, offset 0, flags [DF], proto AH (51), length 116) 192.168.0.2 > 192.168.0.5: AH(spi=0x00000042,sumlen=16,seq=0x1): ESP(spi=0x00000044,seq=0x1), length 72 22:14:20.813270 IP (tos 0x2,ECT(0), ttl 64, id 0, offset 0, flags [DF], proto AH (51), length 340) 192.168.0.5 > 192.168.0.2: AH(spi=0x00000043,sumlen=16,seq=0x1): SCTP + IPv6: 22:31:19.215029 IP6 (class 0x02, hlim 64, next-header SCTP (132) payload length: 364) fe80::222:15ff:fe87:7fc.3333 > fe80::92e6:baff:fe0d:5a54.36767: sctp 1) [INIT ACK] [init tag: 747759530] [rwnd: 62464] [OS: 10] [MIS: 10] Moreover, Alan says: This problem was seen with both Racoon and Racoon2. Other people have seen this with OpenSwan. When IPsec is configured to encrypt all upper layer protocols the SCTP connection does not initialize. After using Wireshark to follow packets, this is because the SCTP packet leaves Box A unencrypted and Box B believes all upper layer protocols are to be encrypted so it drops this packet, causing the SCTP connection to fail to initialize. When IPsec is configured to encrypt just SCTP, the SCTP packets are observed unencrypted. In fact, using `socat sctp6-listen:3333 -` on one end and transferring "plaintext" string on the other end, results in cleartext on the wire where SCTP eventually does not report any errors, thus in the latter case that Alan reports, the non-paranoid user might think he's communicating over an encrypted transport on SCTP although he's not (tcpdump ... -X): ... 0x0030: 5d70 8e1a 0003 001a 177d eb6c 0000 0000 ]p.......}.l.... 0x0040: 0000 0000 706c 6169 6e74 6578 740a 0000 ....plaintext... Only in /proc/net/xfrm_stat we can see XfrmInTmplMismatch increasing on the receiver side. Initial follow-up analysis from Alan's bug report was done by Alexey Dobriyan. Also thanks to Vlad Yasevich for feedback on this. SCTP has its own implementation of sctp_v6_xmit() not calling inet6_csk_xmit(). This has the implication that it probably never really got updated along with changes in inet6_csk_xmit() and therefore does not seem to invoke xfrm handlers. SCTP's IPv4 xmit however, properly calls ip_queue_xmit() to do the work. Since a call to inet6_csk_xmit() would solve this problem, but result in unecessary route lookups, let us just use the cached flowi6 instead that we got through sctp_v6_get_dst(). Since all SCTP packets are being sent through sctp_packet_transmit(), we do the route lookup / flow caching in sctp_transport_route(), hold it in tp->dst and skb_dst_set() right after that. If we would alter fl6->daddr in sctp_v6_xmit() to np->opt->srcrt, we possibly could run into the same effect of not having xfrm layer pick it up, hence, use fl6_update_dst() in sctp_v6_get_dst() instead to get the correct source routed dst entry, which we assign to the skb. Also source address routing example from 62503411 ("sctp: fix sctp to work with ipv6 source address routing") still works with this patch! Nevertheless, in RFC5095 it is actually 'recommended' to not use that anyway due to traffic amplification [1]. So it seems we're not supposed to do that anyway in sctp_v6_xmit(). Moreover, if we overwrite the flow destination here, the lower IPv6 layer will be unable to put the correct destination address into IP header, as routing header is added in ipv6_push_nfrag_opts() but then probably with wrong final destination. Things aside, result of this patch is that we do not have any XfrmInTmplMismatch increase plus on the wire with this patch it now looks like: SCTP + IPv6: 08:17:47.074080 IP6 2620:52:0:102f:7a2b:cbff:fe27:1b0a > 2620:52:0:102f:213:72ff:fe32:7eba: AH(spi=0x00005fb4,seq=0x1): ESP(spi=0x00005fb5,seq=0x1), length 72 08:17:47.074264 IP6 2620:52:0:102f:213:72ff:fe32:7eba > 2620:52:0:102f:7a2b:cbff:fe27:1b0a: AH(spi=0x00003d54,seq=0x1): ESP(spi=0x00003d55,seq=0x1), length 296 This fixes Kernel Bugzilla 24412. This security issue seems to be present since 2.6.18 kernels. Lets just hope some big passive adversary in the wild didn't have its fun with that. lksctp-tools IPv6 regression test suite passes as well with this patch. [1] http://www.secdev.org/conf/IPv6_RH_security-csw07.pdfReported-by:Alan Chester <alan.chester@tekelec.com> Reported-by:
Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
Daniel Borkmann <dborkman@redhat.com> Cc: Steffen Klassert <steffen.klassert@secunet.com> Cc: Hannes Frederic Sowa <hannes@stressinduktion.org> Acked-by:
Vlad Yasevich <vyasevich@gmail.com> Signed-off-by:
-
Jason Wang authored
Commit c8d68e6b (tuntap: multiqueue support) only call free_netdev() on error in tun_set_iff(). This causes several issues: - memory of tun security were leaked - use after free since the flow gc timer was not deleted and the tfile were not detached This patch solves the above issues. Reported-by:
Wannes Rombouts <wannes.rombouts@epitech.eu> Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
Jason Wang <jasowang@redhat.com> Acked-by:
Michael S. Tsirkin <mst@redhat.com> Signed-off-by:
-
Kees Cook authored
This makes sure a format string cannot accidentally leak into the kthread_run() call. Signed-off-by:
Kees Cook <keescook@chromium.org> Acked-by:
-
Sonic Zhang authored
The received ARP request type in the Ethernet packet head is ETH_P_ARP other than ETH_P_IP. [ Bug introduced by commit b7394d24 ("netpoll: prepare for ipv6") ] Signed-off-by:
Sonic Zhang <sonic.zhang@analog.com> Signed-off-by:
-
Fujinaka, Todd authored
Flow control is defined in the four EEPROM sections but the driver only reads from section 0. Signed-off-by:
Todd Fujinaka <todd.fujinaka@intel.com> Tested-by:
-
Carolyn Wyborny authored
This patch fixes a problem where some ports can fail to initialize on a cold boot. This patch adds an additional call to read the PHY id for i354 devices in order workaround the hardware problem. Signed-off-by:
Carolyn Wyborny <carolyn.wyborny@intel.com> Tested-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wirelessDavid S. Miller authored
John W. Linville says: ==================== This is a pull request for a few early fixes for the 3.12 stream. Alexey Khoroshilov corrects a use-after-free issue on rtl8187 found by the Linux Driver Verification project. Arend van Spriel provides a brcmfmac patch to fix a build issue reported by Randy Dunlap. Hauke Mehrtens offers a bcma fix to properly account for the storage width of error code values before checking them. Solomon Peachy brings a pair of cw1200 fixes to avoid hangs in that driver with SPI devices. One avoids transfers in interrupt context, the other fixes a locking issue. Stanislaw Gruszka changes the initialization of the rt2800 driver to avoid a freeze, addressing a bug in the Red Hat bugzilla. ==================== Signed-off-by: -
françois romieu authored
Same narrative as eb2dc35d ("r8169: RxConfig hack for the 8168evl.") regarding AMD IOMMU errors. RTL_GIGA_MAC_VER_36 - 8168f as well - has not been reported to behave the same. Tested-by:
David R <david@unsolicited.net> Tested-by:
Frédéric Leroy <fredo@starox.org> Cc: Hayes Wang <hayeswang@realtek.com> Signed-off-by:
Francois Romieu <romieu@fr.zoreil.com> Signed-off-by:
-
Linus Torvalds authored
This reverts the Linux for Workgroups thing. And no, before somebody asks, we're not doing Linux95. Not for a few years, at least. Sure, the flag added some color to the logo, and could have remained as a testament to my leet gimp skills. But no. And I'll do this early, to avoid the chance of forgetting when I'm doing the actual rc1 release on the road. Signed-off-by:Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
Merge tag 'ecryptfs-3.12-rc1-crypt-ctx' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs Pull eCryptfs fixes from Tyler Hicks: "Two small fixes to the code that initializes the per-file crypto contexts" * tag 'ecryptfs-3.12-rc1-crypt-ctx' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs: ecryptfs: avoid ctx initialization race ecryptfs: remove check for if an array is NULL
-
git://git.linaro.org/people/mszyprowski/linux-dma-mappingLinus Torvalds authored
Pull DMA-mapping fix from Marek Szyprowski: "A build bugfix for the device tree support for reserved memory regions. Due to superfluous include the common code failed to build on ARM64 and MIPS architectures. The patch that caused the build break has lived at linux-next for about two weeks and noone noticed the issue, what convinced me that everything was ok" * 'for-v3.12-fix' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping: drivers: of: fix build break if asm/dma-contiguous.h is missing
-
git://git.linaro.org/people/sumitsemwal/linux-dma-bufLinus Torvalds authored
Pull dma-buf updates from Sumit Semwal: "Yet another small one - dma-buf framework now supports size discovery of the buffer via llseek" * tag 'for-3.12' of git://git.linaro.org/people/sumitsemwal/linux-dma-buf: dma-buf: Expose buffer size to userspace (v2) dma-buf: Check return value of anon_inode_getfile
-
- 11 Sep, 2013 13 commits
-
-
Linus Torvalds authored
Merge first patch-bomb from Andrew Morton: - Some pidns/fork/exec tweaks - OCFS2 updates - Most of MM - there remain quite a few memcg parts which depend on pending core cgroups changes. Which might have been already merged - I'll check tomorrow... - Various misc stuff all over the place - A few block bits which I never got around to sending to Jens - relatively minor things. - MAINTAINERS maintenance - A small number of lib/ updates - checkpatch updates - epoll - firmware/dmi-scan - Some kprobes work for S390 - drivers/rtc updates - hfsplus feature work - vmcore feature work - rbtree upgrades - AOE updates - pktcdvd cleanups - PPS - memstick - w1 - New "inittmpfs" feature, which does the obvious - More IPC work from Davidlohr. * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (303 commits) lz4: fix compression/decompression signedness mismatch ipc: drop ipc_lock_check ipc, shm: drop shm_lock_check ipc: drop ipc_lock_by_ptr ipc, shm: guard against non-existant vma in shmdt(2) ipc: document general ipc locking scheme ipc,msg: drop msg_unlock ipc: rename ids->rw_mutex ipc,shm: shorten critical region for shmat ipc,shm: cleanup do_shmat pasta ipc,shm: shorten critical region for shmctl ipc,shm: make shmctl_nolock lockless ipc,shm: introduce shmctl_nolock ipc: drop ipcctl_pre_down ipc,shm: shorten critical region in shmctl_down ipc,shm: introduce lockless functions to obtain the ipc object initmpfs: use initramfs if rootfstype= or root= specified initmpfs: make rootfs use tmpfs when CONFIG_TMPFS enabled initmpfs: move rootfs code from fs/ramfs/ to init/ initmpfs: move bdi setup from init_rootfs to init_ramfs ...
-
Sergey Senozhatsky authored
LZ4 compression and decompression functions require different in signedness input/output parameters: unsigned char for compression and signed char for decompression. Change decompression API to require "(const) unsigned char *". Signed-off-by:
Sergey Senozhatsky <sergey.senozhatsky@gmail.com> Cc: Kyungsik Lee <kyungsik.lee@lge.com> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Yann Collet <yann.collet.73@gmail.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Davidlohr Bueso authored
No remaining users, we now use ipc_obtain_object_check(). Signed-off-by:
Davidlohr Bueso <davidlohr.bueso@hp.com> Cc: Sedat Dilek <sedat.dilek@gmail.com> Cc: Rik van Riel <riel@redhat.com> Cc: Manfred Spraul <manfred@colorfullife.com> Signed-off-by:
-
Davidlohr Bueso authored
This function was replaced by a the lockless shm_obtain_object_check(), and no longer has any users. Signed-off-by:
-
Davidlohr Bueso authored
After previous cleanups and optimizations, this function is no longer heavily used and we don't have a good reason to keep it. Update the few remaining callers and get rid of it. Signed-off-by:
-
Davidlohr Bueso authored
When !CONFIG_MMU there's a chance we can derefence a NULL pointer when the VM area isn't found - check the return value of find_vma(). Also, remove the redundant -EINVAL return: retval is set to the proper return code and *only* changed to 0, when we actually unmap the segments. Signed-off-by:
-
Davidlohr Bueso authored
As suggested by Andrew, add a generic initial locking scheme used throughout all sysv ipc mechanisms. Documenting the ids rwsem, how rcu can be enough to do the initial checks and when to actually acquire the kern_ipc_perm.lock spinlock. I found that adding it to util.c was generic enough. Signed-off-by:
Sedat Dilek <sedat.dilek@gmail.com> Cc: Rik van Riel <riel@redhat.com> Cc: Manfred Spraul <manfred@colorfullife.com> Signed-off-by:
-
Davidlohr Bueso authored
There is only one user left, drop this function and just call ipc_unlock_object() and rcu_read_unlock(). Signed-off-by:
-
Davidlohr Bueso authored
Since in some situations the lock can be shared for readers, we shouldn't be calling it a mutex, rename it to rwsem. Signed-off-by:
-
Davidlohr Bueso authored
Similar to other system calls, acquire the kern_ipc_perm lock after doing the initial permission and security checks. [sasha.levin@oracle.com: dont leave do_shmat with rcu lock held] Signed-off-by:
Sasha Levin <sasha.levin@oracle.com> Signed-off-by:
-
Davidlohr Bueso authored
Clean up some of the messy do_shmat() spaghetti code, getting rid of out_free and out_put_dentry labels. This makes shortening the critical region of this function in the next patch a little easier to do and read. Signed-off-by:
-
Davidlohr Bueso authored
With the *_INFO, *_STAT, IPC_RMID and IPC_SET commands already optimized, deal with the remaining SHM_LOCK and SHM_UNLOCK commands. Take the shm_perm lock after doing the initial auditing and security checks. The rest of the logic remains unchanged. Signed-off-by:
-
Davidlohr Bueso authored
While the INFO cmd doesn't take the ipc lock, the STAT commands do acquire it unnecessarily. We can do the permissions and security checks only holding the rcu lock. [akpm@linux-foundation.org: coding-style fixes] Signed-off-by:
-
