1. 04 May, 2017 7 commits
    • Michal Schmidt's avatar
      rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string · 77ef033b
      Michal Schmidt authored
      IFLA_PHYS_PORT_NAME is a string attribute, so terminate it with \0.
      Otherwise libnl3 fails to validate netlink messages with this attribute.
      "ip -detail a" assumes too that the attribute is NUL-terminated when
      printing it. It often was, due to padding.
      
      I noticed this as libvirtd failing to start on a system with sfc driver
      after upgrading it to Linux 4.11, i.e. when sfc added support for
      phys_port_name.
      Signed-off-by: default avatarMichal Schmidt <mschmidt@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      77ef033b
    • stephen hemminger's avatar
      netvsc: make sure napi enabled before vmbus_open · 2be0f264
      stephen hemminger authored
      This fixes a race where vmbus callback for new packet arriving
      could occur before NAPI is initialized.
      Signed-off-by: default avatarStephen Hemminger <sthemmin@microsoft.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2be0f264
    • Pavel Belous's avatar
      aquantia: Fix driver name reported by ethtool · 5900eca1
      Pavel Belous authored
      V2: using "aquantia" subsystem tag.
      
      The command "ethtool -i ethX" should display driver name (driver: atlantic)
      instead vendor name (driver: aquantia).
      Signed-off-by: default avatarPavel Belous <pavel.belous@aquantia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5900eca1
    • Alexander Potapenko's avatar
      ipv4, ipv6: ensure raw socket message is big enough to hold an IP header · 86f4c90a
      Alexander Potapenko authored
      raw_send_hdrinc() and rawv6_send_hdrinc() expect that the buffer copied
      from the userspace contains the IPv4/IPv6 header, so if too few bytes are
      copied, parts of the header may remain uninitialized.
      
      This bug has been detected with KMSAN.
      
      For the record, the KMSAN report:
      
      ==================================================================
      BUG: KMSAN: use of unitialized memory in nf_ct_frag6_gather+0xf5a/0x44a0
      inter: 0
      CPU: 0 PID: 1036 Comm: probe Not tainted 4.11.0-rc5+ #2455
      Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
      Call Trace:
       __dump_stack lib/dump_stack.c:16
       dump_stack+0x143/0x1b0 lib/dump_stack.c:52
       kmsan_report+0x16b/0x1e0 mm/kmsan/kmsan.c:1078
       __kmsan_warning_32+0x5c/0xa0 mm/kmsan/kmsan_instr.c:510
       nf_ct_frag6_gather+0xf5a/0x44a0 net/ipv6/netfilter/nf_conntrack_reasm.c:577
       ipv6_defrag+0x1d9/0x280 net/ipv6/netfilter/nf_defrag_ipv6_hooks.c:68
       nf_hook_entry_hookfn ./include/linux/netfilter.h:102
       nf_hook_slow+0x13f/0x3c0 net/netfilter/core.c:310
       nf_hook ./include/linux/netfilter.h:212
       NF_HOOK ./include/linux/netfilter.h:255
       rawv6_send_hdrinc net/ipv6/raw.c:673
       rawv6_sendmsg+0x2fcb/0x41a0 net/ipv6/raw.c:919
       inet_sendmsg+0x3f8/0x6d0 net/ipv4/af_inet.c:762
       sock_sendmsg_nosec net/socket.c:633
       sock_sendmsg net/socket.c:643
       SYSC_sendto+0x6a5/0x7c0 net/socket.c:1696
       SyS_sendto+0xbc/0xe0 net/socket.c:1664
       do_syscall_64+0x72/0xa0 arch/x86/entry/common.c:285
       entry_SYSCALL64_slow_path+0x25/0x25 arch/x86/entry/entry_64.S:246
      RIP: 0033:0x436e03
      RSP: 002b:00007ffce48baf38 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
      RAX: ffffffffffffffda RBX: 00000000004002b0 RCX: 0000000000436e03
      RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
      RBP: 00007ffce48baf90 R08: 00007ffce48baf50 R09: 000000000000001c
      R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
      R13: 0000000000401790 R14: 0000000000401820 R15: 0000000000000000
      origin: 00000000d9400053
       save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:59
       kmsan_save_stack_with_flags mm/kmsan/kmsan.c:362
       kmsan_internal_poison_shadow+0xb1/0x1a0 mm/kmsan/kmsan.c:257
       kmsan_poison_shadow+0x6d/0xc0 mm/kmsan/kmsan.c:270
       slab_alloc_node mm/slub.c:2735
       __kmalloc_node_track_caller+0x1f4/0x390 mm/slub.c:4341
       __kmalloc_reserve net/core/skbuff.c:138
       __alloc_skb+0x2cd/0x740 net/core/skbuff.c:231
       alloc_skb ./include/linux/skbuff.h:933
       alloc_skb_with_frags+0x209/0xbc0 net/core/skbuff.c:4678
       sock_alloc_send_pskb+0x9ff/0xe00 net/core/sock.c:1903
       sock_alloc_send_skb+0xe4/0x100 net/core/sock.c:1920
       rawv6_send_hdrinc net/ipv6/raw.c:638
       rawv6_sendmsg+0x2918/0x41a0 net/ipv6/raw.c:919
       inet_sendmsg+0x3f8/0x6d0 net/ipv4/af_inet.c:762
       sock_sendmsg_nosec net/socket.c:633
       sock_sendmsg net/socket.c:643
       SYSC_sendto+0x6a5/0x7c0 net/socket.c:1696
       SyS_sendto+0xbc/0xe0 net/socket.c:1664
       do_syscall_64+0x72/0xa0 arch/x86/entry/common.c:285
       return_from_SYSCALL_64+0x0/0x6a arch/x86/entry/entry_64.S:246
      ==================================================================
      
      , triggered by the following syscalls:
        socket(PF_INET6, SOCK_RAW, IPPROTO_RAW) = 3
        sendto(3, NULL, 0, 0, {sa_family=AF_INET6, sin6_port=htons(0), inet_pton(AF_INET6, "ff00::", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 EPERM
      
      A similar report is triggered in net/ipv4/raw.c if we use a PF_INET socket
      instead of a PF_INET6 one.
      Signed-off-by: default avatarAlexander Potapenko <glider@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      86f4c90a
    • Colin Ian King's avatar
      net/sched: remove redundant null check on head · 985538ee
      Colin Ian King authored
      head is previously null checked and so the 2nd null check on head
      is redundant and therefore can be removed.
      
      Detected by CoverityScan, CID#1399505 ("Logically dead code")
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Acked-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      985538ee
    • Eric Dumazet's avatar
      tcp: do not inherit fastopen_req from parent · 8b485ce6
      Eric Dumazet authored
      Under fuzzer stress, it is possible that a child gets a non NULL
      fastopen_req pointer from its parent at accept() time, when/if parent
      morphs from listener to active session.
      
      We need to make sure this can not happen, by clearing the field after
      socket cloning.
      
      BUG: Double free or freeing an invalid pointer
      Unexpected shadow byte: 0xFB
      CPU: 3 PID: 20933 Comm: syz-executor3 Not tainted 4.11.0+ #306
      Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs
      01/01/2011
      Call Trace:
       <IRQ>
       __dump_stack lib/dump_stack.c:16 [inline]
       dump_stack+0x292/0x395 lib/dump_stack.c:52
       kasan_object_err+0x1c/0x70 mm/kasan/report.c:164
       kasan_report_double_free+0x5c/0x70 mm/kasan/report.c:185
       kasan_slab_free+0x9d/0xc0 mm/kasan/kasan.c:580
       slab_free_hook mm/slub.c:1357 [inline]
       slab_free_freelist_hook mm/slub.c:1379 [inline]
       slab_free mm/slub.c:2961 [inline]
       kfree+0xe8/0x2b0 mm/slub.c:3882
       tcp_free_fastopen_req net/ipv4/tcp.c:1077 [inline]
       tcp_disconnect+0xc15/0x13e0 net/ipv4/tcp.c:2328
       inet_child_forget+0xb8/0x600 net/ipv4/inet_connection_sock.c:898
       inet_csk_reqsk_queue_add+0x1e7/0x250
      net/ipv4/inet_connection_sock.c:928
       tcp_get_cookie_sock+0x21a/0x510 net/ipv4/syncookies.c:217
       cookie_v4_check+0x1a19/0x28b0 net/ipv4/syncookies.c:384
       tcp_v4_cookie_check net/ipv4/tcp_ipv4.c:1384 [inline]
       tcp_v4_do_rcv+0x731/0x940 net/ipv4/tcp_ipv4.c:1421
       tcp_v4_rcv+0x2dc0/0x31c0 net/ipv4/tcp_ipv4.c:1715
       ip_local_deliver_finish+0x4cc/0xc20 net/ipv4/ip_input.c:216
       NF_HOOK include/linux/netfilter.h:257 [inline]
       ip_local_deliver+0x1ce/0x700 net/ipv4/ip_input.c:257
       dst_input include/net/dst.h:492 [inline]
       ip_rcv_finish+0xb1d/0x20b0 net/ipv4/ip_input.c:396
       NF_HOOK include/linux/netfilter.h:257 [inline]
       ip_rcv+0xd8c/0x19c0 net/ipv4/ip_input.c:487
       __netif_receive_skb_core+0x1ad1/0x3400 net/core/dev.c:4210
       __netif_receive_skb+0x2a/0x1a0 net/core/dev.c:4248
       process_backlog+0xe5/0x6c0 net/core/dev.c:4868
       napi_poll net/core/dev.c:5270 [inline]
       net_rx_action+0xe70/0x18e0 net/core/dev.c:5335
       __do_softirq+0x2fb/0xb99 kernel/softirq.c:284
       do_softirq_own_stack+0x1c/0x30 arch/x86/entry/entry_64.S:899
       </IRQ>
       do_softirq.part.17+0x1e8/0x230 kernel/softirq.c:328
       do_softirq kernel/softirq.c:176 [inline]
       __local_bh_enable_ip+0x1cf/0x1e0 kernel/softirq.c:181
       local_bh_enable include/linux/bottom_half.h:31 [inline]
       rcu_read_unlock_bh include/linux/rcupdate.h:931 [inline]
       ip_finish_output2+0x9ab/0x15e0 net/ipv4/ip_output.c:230
       ip_finish_output+0xa35/0xdf0 net/ipv4/ip_output.c:316
       NF_HOOK_COND include/linux/netfilter.h:246 [inline]
       ip_output+0x1f6/0x7b0 net/ipv4/ip_output.c:404
       dst_output include/net/dst.h:486 [inline]
       ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124
       ip_queue_xmit+0x9a8/0x1a10 net/ipv4/ip_output.c:503
       tcp_transmit_skb+0x1ade/0x3470 net/ipv4/tcp_output.c:1057
       tcp_write_xmit+0x79e/0x55b0 net/ipv4/tcp_output.c:2265
       __tcp_push_pending_frames+0xfa/0x3a0 net/ipv4/tcp_output.c:2450
       tcp_push+0x4ee/0x780 net/ipv4/tcp.c:683
       tcp_sendmsg+0x128d/0x39b0 net/ipv4/tcp.c:1342
       inet_sendmsg+0x164/0x5b0 net/ipv4/af_inet.c:762
       sock_sendmsg_nosec net/socket.c:633 [inline]
       sock_sendmsg+0xca/0x110 net/socket.c:643
       SYSC_sendto+0x660/0x810 net/socket.c:1696
       SyS_sendto+0x40/0x50 net/socket.c:1664
       entry_SYSCALL_64_fastpath+0x1f/0xbe
      RIP: 0033:0x446059
      RSP: 002b:00007faa6761fb58 EFLAGS: 00000282 ORIG_RAX: 000000000000002c
      RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 0000000000446059
      RDX: 0000000000000001 RSI: 0000000020ba3fcd RDI: 0000000000000017
      RBP: 00000000006e40a0 R08: 0000000020ba4ff0 R09: 0000000000000010
      R10: 0000000020000000 R11: 0000000000000282 R12: 0000000000708150
      R13: 0000000000000000 R14: 00007faa676209c0 R15: 00007faa67620700
      Object at ffff88003b5bbcb8, in cache kmalloc-64 size: 64
      Allocated:
      PID = 20909
       save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:59
       save_stack+0x43/0xd0 mm/kasan/kasan.c:513
       set_track mm/kasan/kasan.c:525 [inline]
       kasan_kmalloc+0xad/0xe0 mm/kasan/kasan.c:616
       kmem_cache_alloc_trace+0x82/0x270 mm/slub.c:2745
       kmalloc include/linux/slab.h:490 [inline]
       kzalloc include/linux/slab.h:663 [inline]
       tcp_sendmsg_fastopen net/ipv4/tcp.c:1094 [inline]
       tcp_sendmsg+0x221a/0x39b0 net/ipv4/tcp.c:1139
       inet_sendmsg+0x164/0x5b0 net/ipv4/af_inet.c:762
       sock_sendmsg_nosec net/socket.c:633 [inline]
       sock_sendmsg+0xca/0x110 net/socket.c:643
       SYSC_sendto+0x660/0x810 net/socket.c:1696
       SyS_sendto+0x40/0x50 net/socket.c:1664
       entry_SYSCALL_64_fastpath+0x1f/0xbe
      Freed:
      PID = 20909
       save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:59
       save_stack+0x43/0xd0 mm/kasan/kasan.c:513
       set_track mm/kasan/kasan.c:525 [inline]
       kasan_slab_free+0x73/0xc0 mm/kasan/kasan.c:589
       slab_free_hook mm/slub.c:1357 [inline]
       slab_free_freelist_hook mm/slub.c:1379 [inline]
       slab_free mm/slub.c:2961 [inline]
       kfree+0xe8/0x2b0 mm/slub.c:3882
       tcp_free_fastopen_req net/ipv4/tcp.c:1077 [inline]
       tcp_disconnect+0xc15/0x13e0 net/ipv4/tcp.c:2328
       __inet_stream_connect+0x20c/0xf90 net/ipv4/af_inet.c:593
       tcp_sendmsg_fastopen net/ipv4/tcp.c:1111 [inline]
       tcp_sendmsg+0x23a8/0x39b0 net/ipv4/tcp.c:1139
       inet_sendmsg+0x164/0x5b0 net/ipv4/af_inet.c:762
       sock_sendmsg_nosec net/socket.c:633 [inline]
       sock_sendmsg+0xca/0x110 net/socket.c:643
       SYSC_sendto+0x660/0x810 net/socket.c:1696
       SyS_sendto+0x40/0x50 net/socket.c:1664
       entry_SYSCALL_64_fastpath+0x1f/0xbe
      
      Fixes: e994b2f0 ("tcp: do not lock listener to process SYN packets")
      Fixes: 7db92362 ("tcp: fix potential double free issue for fastopen_req")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Acked-by: default avatarWei Wang <weiwan@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8b485ce6
    • Zhu Yanjun's avatar
      forcedeth: remove unnecessary carrier status check · 5d826b7b
      Zhu Yanjun authored
      Since netif_carrier_on() will do nothing if device's
      carrier is already on, so it's unnecessary to do
      carrier status check.
      
      It's the same for netif_carrier_off().
      Signed-off-by: default avatarZhu Yanjun <yanjun.zhu@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5d826b7b
  2. 03 May, 2017 33 commits
    • David S. Miller's avatar
      Merge branch 'ibmvnic-Updated-reset-handler-andcode-fixes' · f411af68
      David S. Miller authored
      Nathan Fontenot says:
      
      ====================
      ibmvnic: Updated reset handler and code fixes
      
      This set of patches multiple code fixes and a new rest handler
      for the ibmvnic driver. In order to implement the new reset handler
      for the ibmvnic driver resource initialization needed to be moved to
      its own routine, a state variable is introduced to replace the
      various is_* flags in the driver, and a new routine to handle the
      assorted reasons the driver can be reset.
      
      v4 updates:
      
      Patch 3/11: Corrected trailing whitespace
      Patch 7/11: Corrected trailing whitespace
      
      v3 updates:
      
      Patch 10/11: Correct patch subject line to be a description of the patch.
      
      v2 updates:
      
      Patch 11/11: Use __netif_subqueue_stopped() instead of
      netif_subqueue_stopped() to avoid possible use of an un-initialized
      skb variable.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f411af68
    • Nathan Fontenot's avatar
      ibmvnic: Move queue restarting in ibmvnic_tx_complete · 7c3e7de3
      Nathan Fontenot authored
      Restart of the subqueue should occur outside of the loop processing
      any tx buffers instead of doing this in the middle of the loop.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7c3e7de3
    • Thomas Falcon's avatar
      ibmvnic: Record SKB RX queue during poll · 94ca305f
      Thomas Falcon authored
      Map each RX SKB to the RX queue associated with the driver's RX SCRQ.
      This should improve the RX CPU load balancing issues seen by the
      performance team.
      Signed-off-by: default avatarThomas Falcon <tlfalcon@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      94ca305f
    • Nathan Fontenot's avatar
      ibmvnic: Continue skb processing after skb completion error · ca05e316
      Nathan Fontenot authored
      There is not a need to stop processing skbs if we encounter a
      skb that has a receive completion error.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ca05e316
    • Nathan Fontenot's avatar
      ibmvnic: Check for driver reset first in ibmvnic_xmit · 161b8a81
      Nathan Fontenot authored
      Move the check for the driver resetting to the first thing
      in ibmvnic_xmit().
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      161b8a81
    • Nathan Fontenot's avatar
      ibmvnic: Wait for any pending scrqs entries at driver close · 46293b94
      Nathan Fontenot authored
      When closing the ibmvnic driver we need to wait for any pending
      sub crq entries to ensure they are handled.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      46293b94
    • Nathan Fontenot's avatar
      ibmvnic: Clean up tx pools when closing · b41b83e9
      Nathan Fontenot authored
      When closing the ibmvnic driver, most notably during the reset
      path, the tx pools need to be cleaned to ensure there are no
      hanging skbs that need to be free'ed.
      
      The need for this was found during debugging a loss of network
      traffic after handling a driver reset. The underlying cause was
      some skbs in the tx pool that were never free'ed. As a
      result the upper network layers never tried a re-send since it
      believed the driver still had the skb.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b41b83e9
    • Nathan Fontenot's avatar
    • Nathan Fontenot's avatar
      ibmvnic: Delete napi's when releasing driver resources · c7bac00b
      Nathan Fontenot authored
      The napi structs allocated at drivier initializatio need to be
      free'ed when releasing the drivers resources.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c7bac00b
    • Nathan Fontenot's avatar
      ibmvnic: Updated reset handling · ed651a10
      Nathan Fontenot authored
      The ibmvnic driver has multiple handlers for resetting the driver
      depending on the reason the reset is needed (failover, lpm,
      fatal erors,...). All of the reset handlers do essentially the same
      thing, this patch moves this work to a common reset handler.
      
      By doing this we also allow the driver to better handle situations
      where we can get a reset while handling a reset.
      
      The updated reset handling works by adding a reset work item to the
      list of resets and then scheduling work to perform the reset. This
      step is necessary because we can receive a reset in interrupt context
      and we want to handle the reset out of interrupt context.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ed651a10
    • Nathan Fontenot's avatar
      ibmvnic: Replace is_closed with state field · 90c8014c
      Nathan Fontenot authored
      Replace the is_closed flag in the ibmvnic adapter strcut with a
      more comprehensive state field that tracks the current state of
      the driver.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      90c8014c
    • Nathan Fontenot's avatar
      ibmvnic: Move resource initialization to its own routine · bfc32f29
      Nathan Fontenot authored
      Move all of the calls to initialize resources for the driver to
      a separate routine.
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bfc32f29
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · 4d89ac2d
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter/IPVS/OVS fixes for net
      
      The following patchset contains a rather large batch of Netfilter, IPVS
      and OVS fixes for your net tree. This includes fixes for ctnetlink, the
      userspace conntrack helper infrastructure, conntrack OVS support,
      ebtables DNAT target, several leaks in error path among other. More
      specifically, they are:
      
      1) Fix reference count leak in the CT target error path, from Gao Feng.
      
      2) Remove conntrack entry clashing with a matching expectation, patch
         from Jarno Rajahalme.
      
      3) Fix bogus EEXIST when registering two different userspace helpers,
         from Liping Zhang.
      
      4) Don't leak dummy elements in the new bitmap set type in nf_tables,
         from Liping Zhang.
      
      5) Get rid of module autoload from conntrack update path in ctnetlink,
         we don't need autoload at this late stage and it is happening with
         rcu read lock held which is not good. From Liping Zhang.
      
      6) Fix deadlock due to double-acquire of the expect_lock from conntrack
         update path, this fixes a bug that was introduced when the central
         spinlock got removed. Again from Liping Zhang.
      
      7) Safe ct->status update from ctnetlink path, from Liping. The expect_lock
         protection that was selected when the central spinlock was removed was
         not really protecting anything at all.
      
      8) Protect sequence adjustment under ct->lock.
      
      9) Missing socket match with IPv6, from Peter Tirsek.
      
      10) Adjust skb->pkt_type of DNAT'ed frames from ebtables, from
          Linus Luessing.
      
      11) Don't give up on evaluating the expression on new entries added via
          dynset expression in nf_tables, from Liping Zhang.
      
      12) Use skb_checksum() when mangling icmpv6 in IPv6 NAT as this deals
          with non-linear skbuffs.
      
      13) Don't allow IPv6 service in IPVS if no IPv6 support is available,
          from Paolo Abeni.
      
      14) Missing mutex release in error path of xt_find_table_lock(), from
          Dan Carpenter.
      
      15) Update maintainers files, Netfilter section. Add Florian to the
          file, refer to nftables.org and change project status from Supported
          to Maintained.
      
      16) Bail out on mismatching extensions in element updates in nf_tables.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4d89ac2d
    • Geert Uytterhoeven's avatar
      netfilter: conntrack: Force inlining of build check to prevent build failure · ab71632c
      Geert Uytterhoeven authored
      If gcc (e.g. 4.1.2) decides not to inline total_extension_size(), the
      build will fail with:
      
          net/built-in.o: In function `nf_conntrack_init_start':
          (.text+0x9baf6): undefined reference to `__compiletime_assert_1893'
      
      or
      
          ERROR: "__compiletime_assert_1893" [net/netfilter/nf_conntrack.ko] undefined!
      
      Fix this by forcing inlining of total_extension_size().
      
      Fixes: b3a5db10 ("netfilter: conntrack: use u8 for extension sizes again")
      Signed-off-by: default avatarGeert Uytterhoeven <geert@linux-m68k.org>
      Acked-by: default avatarArnd Bergmann <arnd@arndb.de>
      Acked-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ab71632c
    • Geert Uytterhoeven's avatar
      test_bpf: Use ULL suffix for 64-bit constants · 86f8e247
      Geert Uytterhoeven authored
      On 32-bit:
      
          lib/test_bpf.c:4772: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4772: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4773: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4773: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4787: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4787: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4801: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4801: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4802: warning: integer constant is too large for ‘unsigned long’ type
          lib/test_bpf.c:4802: warning: integer constant is too large for ‘unsigned long’ type
      
      On 32-bit systems, "long" is only 32-bit.
      Replace the "UL" suffix by "ULL" to fix this.
      
      Fixes: 85f68fe8 ("bpf, arm64: implement jiting of BPF_XADD")
      Signed-off-by: default avatarGeert Uytterhoeven <geert@linux-m68k.org>
      Acked-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      86f8e247
    • Daniele Palmas's avatar
      net: usb: qmi_wwan: add Telit ME910 support · 4c54dc02
      Daniele Palmas authored
      This patch adds support for Telit ME910 PID 0x1100.
      Signed-off-by: default avatarDaniele Palmas <dnlplm@gmail.com>
      Acked-by: default avatarBjørn Mork <bjorn@mork.no>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4c54dc02
    • YueHaibing's avatar
      tg3: don't clear stats while tg3_close · 37a7fdf2
      YueHaibing authored
      Now tg3 NIC's stats will be cleared after ifdown/ifup. bond_get_stats traverse
      its salves to get statistics,cumulative the increment.If a tg3 NIC is added to
      bonding as a slave,ifdown/ifup will cause bonding's stats become tremendous value
      (ex.1638.3 PiB) because of negative increment.
      
      Fixes: 92feeabf ("tg3: Save stats across chip resets")
      Signed-off-by: default avatarYueHaibing <yuehaibing@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      37a7fdf2
    • Alexei Starovoitov's avatar
      selftests/bpf: get rid of -D__x86_64__ · 1c2dd16a
      Alexei Starovoitov authored
      -D__x86_64__ workaround was used to make /usr/include/features.h
      to follow expected path through the system include headers.
      This is not portable.
      Instead define dummy stubs.h which is used by 'clang -target bpf'
      
      Fixes: 6882804c ("selftests/bpf: add a test for overlapping packet range checks")
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1c2dd16a
    • Yonghong Song's avatar
      selftests/bpf: add a test case to check verifier pointer arithmetic · 6ead18fb
      Yonghong Song authored
      With clang/llvm 4.0+, the test case is able to generate
      the following pattern:
      ....
      440: (b7) r1 = 15
      441: (05) goto pc+73
      515: (79) r6 = *(u64 *)(r10 -152)
      516: (bf) r7 = r10
      517: (07) r7 += -112
      518: (bf) r2 = r7
      519: (0f) r2 += r1
      520: (71) r1 = *(u8 *)(r8 +0)
      521: (73) *(u8 *)(r2 +45) = r1
      ....
      
      commit 332270fd ("bpf: enhance verifier to understand stack
      pointer arithmetic") improved verifier to handle such a pattern.
      This patch adds a C test case to actually generate such a pattern.
      A dummy tracepoint interface is used to load the program
      into the kernel.
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      Acked-by: default avatarMartin KaFai Lau <kafai@fb.com>
      Acked-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6ead18fb
    • Daniel Borkmann's avatar
      xdp: use common helper for netlink extended ack reporting · 4d463c4d
      Daniel Borkmann authored
      Small follow-up to d74a32ac ("xdp: use netlink extended ACK reporting")
      in order to let drivers all use the same NL_SET_ERR_MSG_MOD() helper macro
      for reporting. This also ensures that we consistently add the driver's
      prefix for dumping the report in user space to indicate that the error
      message is driver specific and not coming from core code. Furthermore,
      NL_SET_ERR_MSG_MOD() now reuses NL_SET_ERR_MSG() and thus makes all macros
      check the pointer as suggested.
      
      References: https://www.spinics.net/lists/netdev/msg433267.htmlSigned-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
      Reviewed-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4d463c4d
    • David Ahern's avatar
      net: ipv6: Do not duplicate DAD on link up · 6d717134
      David Ahern authored
      Andrey reported a warning triggered by the rcu code:
      
      ------------[ cut here ]------------
      WARNING: CPU: 1 PID: 5911 at lib/debugobjects.c:289
      debug_print_object+0x175/0x210
      ODEBUG: activate active (active state 1) object type: rcu_head hint:
              (null)
      Modules linked in:
      CPU: 1 PID: 5911 Comm: a.out Not tainted 4.11.0-rc8+ #271
      Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
      Call Trace:
       __dump_stack lib/dump_stack.c:16
       dump_stack+0x192/0x22d lib/dump_stack.c:52
       __warn+0x19f/0x1e0 kernel/panic.c:549
       warn_slowpath_fmt+0xe0/0x120 kernel/panic.c:564
       debug_print_object+0x175/0x210 lib/debugobjects.c:286
       debug_object_activate+0x574/0x7e0 lib/debugobjects.c:442
       debug_rcu_head_queue kernel/rcu/rcu.h:75
       __call_rcu.constprop.76+0xff/0x9c0 kernel/rcu/tree.c:3229
       call_rcu_sched+0x12/0x20 kernel/rcu/tree.c:3288
       rt6_rcu_free net/ipv6/ip6_fib.c:158
       rt6_release+0x1ea/0x290 net/ipv6/ip6_fib.c:188
       fib6_del_route net/ipv6/ip6_fib.c:1461
       fib6_del+0xa42/0xdc0 net/ipv6/ip6_fib.c:1500
       __ip6_del_rt+0x100/0x160 net/ipv6/route.c:2174
       ip6_del_rt+0x140/0x1b0 net/ipv6/route.c:2187
       __ipv6_ifa_notify+0x269/0x780 net/ipv6/addrconf.c:5520
       addrconf_ifdown+0xe60/0x1a20 net/ipv6/addrconf.c:3672
      ...
      
      Andrey's reproducer program runs in a very tight loop, calling
      'unshare -n' and then spawning 2 sets of 14 threads running random ioctl
      calls. The relevant networking sequence:
      
      1. New network namespace created via unshare -n
      - ip6tnl0 device is created in down state
      
      2. address added to ip6tnl0
      - equivalent to ip -6 addr add dev ip6tnl0 fd00::bb/1
      - DAD is started on the address and when it completes the host
        route is inserted into the FIB
      
      3. ip6tnl0 is brought up
      - the new fixup_permanent_addr function restarts DAD on the address
      
      4. exit namespace
      - teardown / cleanup sequence starts
      - once in a blue moon, lo teardown appears to happen BEFORE teardown
        of ip6tunl0
        + down on 'lo' removes the host route from the FIB since the dst->dev
          for the route is loobback
        + host route added to rcu callback list
          * rcu callback has not run yet, so rt is NOT on the gc list so it has
            NOT been marked obsolete
      
      5. in parallel to 4. worker_thread runs addrconf_dad_completed
      - DAD on the address on ip6tnl0 completes
      - calls ipv6_ifa_notify which inserts the host route
      
      All of that happens very quickly. The result is that a host route that
      has been deleted from the IPv6 FIB and added to the RCU list is re-inserted
      into the FIB.
      
      The exit namespace eventually gets to cleaning up ip6tnl0 which removes the
      host route from the FIB again, calls the rcu function for cleanup -- and
      triggers the double rcu trace.
      
      The root cause is duplicate DAD on the address -- steps 2 and 3. Arguably,
      DAD should not be started in step 2. The interface is in the down state,
      so it can not really send out requests for the address which makes starting
      DAD pointless.
      
      Since the second DAD was introduced by a recent change, seems appropriate
      to use it for the Fixes tag and have the fixup function only start DAD for
      addresses in the PREDAD state which occurs in addrconf_ifdown if the
      address is retained.
      
      Big thanks to Andrey for isolating a reliable reproducer for this problem.
      Fixes: f1705ec1 ("net: ipv6: Make address flushing on ifdown optional")
      Reported-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Signed-off-by: default avatarDavid Ahern <dsahern@gmail.com>
      Tested-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6d717134
    • David Cai's avatar
      smsc911x: Adding support for Micochip LAN9250 Ethernet controller · f6fec61e
      David Cai authored
      Adding support for Microchip LAN9250 Ethernet controller.
      Signed-off-by: default avatarDavid Cai <david.cai@microchip.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f6fec61e
    • David S. Miller's avatar
      Merge branch 'sample-bpf-loader-fixes' · 8b8e3ad0
      David S. Miller authored
      Jesper Dangaard Brouer says:
      
      ====================
      Improve bpf ELF-loader under samples/bpf
      
      This series improves and fixes bpf ELF loader and programs under
      samples/bpf.  The bpf_load.c created some hard to debug issues when
      the struct (bpf_map_def) used in the ELF maps section format changed
      in commit fb30d4b7 ("bpf: Add tests for map-in-map").
      
      This was hotfixed in commit 409526bea3c3 ("samples/bpf: bpf_load.c
      detect and abort if ELF maps section size is wrong") by detecting the
      issue and aborting the program.
      
      In most situations the bpf-loader should be able to handle these kind
      of changes to the struct size.  This patch series aim to do proper
      backward and forward compabilility handling when loading ELF files.
      
      This series also adjust the callback that was introduced in commit
      9fd63d05 ("bpf: Allow bpf sample programs (*_user.c) to change
      bpf_map_def") to use the new bpf_map_data structure, before more users
      start to use this callback.
      
      Hoping these changes can make the merge window, as above mentioned
      commits have not been merged yet, and it would be good to avoid users
      hitting these issues.
      ====================
      Acked-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8b8e3ad0
    • Jesper Dangaard Brouer's avatar
      samples/bpf: export map_data[] for more info on maps · 9178b4c1
      Jesper Dangaard Brouer authored
      Giving *_user.c side tools access to map_data[] provides easier
      access to information on the maps being loaded.  Still provide
      the guarantee that the order maps are being defined in inside the
      _kern.c file corresponds with the order in the array.  Now user
      tools are not blind, but can inspect and verify the maps that got
      loaded from the ELF binary.
      Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9178b4c1
    • Jesper Dangaard Brouer's avatar
      samples/bpf: load_bpf.c make callback fixup more flexible · 6979bcc7
      Jesper Dangaard Brouer authored
      Do this change before others start to use this callback.
      Change map_perf_test_user.c which seems to be the only user.
      
      This patch extends capabilities of commit 9fd63d05 ("bpf:
      Allow bpf sample programs (*_user.c) to change bpf_map_def").
      
      Give fixup callback access to struct bpf_map_data, instead of
      only stuct bpf_map_def.  This add flexibility to allow userspace
      to reassign the map file descriptor.  This is very useful when
      wanting to share maps between several bpf programs.
      Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      6979bcc7
    • Jesper Dangaard Brouer's avatar
      samples/bpf: make bpf_load.c code compatible with ELF maps section changes · 156450d9
      Jesper Dangaard Brouer authored
      This patch does proper parsing of the ELF "maps" section, in-order to
      be both backwards and forwards compatible with changes to the map
      definition struct bpf_map_def, which gets compiled into the ELF file.
      
      The assumption is that new features with value zero, means that they
      are not in-use.  For backward compatibility where loading an ELF file
      with a smaller struct bpf_map_def, only copy objects ELF size, leaving
      rest of loaders struct zero.  For forward compatibility where ELF file
      have a larger struct bpf_map_def, only copy loaders own struct size
      and verify that rest of the larger struct is zero, assuming this means
      the newer feature was not activated, thus it should be safe for this
      older loader to load this newer ELF file.
      
      Fixes: fb30d4b7 ("bpf: Add tests for map-in-map")
      Fixes: 409526bea3c3 ("samples/bpf: bpf_load.c detect and abort if ELF maps section size is wrong")
      Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      156450d9
    • Jesper Dangaard Brouer's avatar
      samples/bpf: adjust rlimit RLIMIT_MEMLOCK for traceex2, tracex3 and tracex4 · 55de1703
      Jesper Dangaard Brouer authored
      Needed to adjust max locked memory RLIMIT_MEMLOCK for testing these bpf samples
      as these are using more and larger maps than can fit in distro default 64Kbytes limit.
      Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      55de1703
    • Pablo Neira Ayuso's avatar
      netfilter: nf_tables: check if same extensions are set when adding elements · 9744a6fc
      Pablo Neira Ayuso authored
      If no NLM_F_EXCL is set and the element already exists in the set, make
      sure that both elements have the same extensions.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      9744a6fc
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial · 89c9fea3
      Linus Torvalds authored
      Pull trivial tree updates from Jiri Kosina.
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial:
        tty: fix comment for __tty_alloc_driver()
        init/main: properly align the multi-line comment
        init/main: Fix double "the" in comment
        Fix dead URLs to ftp.kernel.org
        drivers: Clean up duplicated email address
        treewide: Fix typo in xml/driver-api/basics.xml
        tools/testing/selftests/powerpc: remove redundant CFLAGS in Makefile: "-Wall -O2 -Wall" -> "-O2 -Wall"
        selftests/timers: Spelling s/privledges/privileges/
        HID: picoLCD: Spelling s/REPORT_WRTIE_MEMORY/REPORT_WRITE_MEMORY/
        net: phy: dp83848: Fix Typo
        UBI: Fix typos
        Documentation: ftrace.txt: Correct nice value of 120 priority
        net: fec: Fix typo in error msg and comment
        treewide: Fix typos in printk
      89c9fea3
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching · 76f1948a
      Linus Torvalds authored
      Pull livepatch updates from Jiri Kosina:
      
       - a per-task consistency model is being added for architectures that
         support reliable stack dumping (extending this, currently rather
         trivial set, is currently in the works).
      
         This extends the nature of the types of patches that can be applied
         by live patching infrastructure. The code stems from the design
         proposal made [1] back in November 2014. It's a hybrid of SUSE's
         kGraft and RH's kpatch, combining advantages of both: it uses
         kGraft's per-task consistency and syscall barrier switching combined
         with kpatch's stack trace switching. There are also a number of
         fallback options which make it quite flexible.
      
         Most of the heavy lifting done by Josh Poimboeuf with help from
         Miroslav Benes and Petr Mladek
      
         [1] https://lkml.kernel.org/r/20141107140458.GA21774@suse.cz
      
       - module load time patch optimization from Zhou Chengming
      
       - a few assorted small fixes
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching:
        livepatch: add missing printk newlines
        livepatch: Cancel transition a safe way for immediate patches
        livepatch: Reduce the time of finding module symbols
        livepatch: make klp_mutex proper part of API
        livepatch: allow removal of a disabled patch
        livepatch: add /proc/<pid>/patch_state
        livepatch: change to a per-task consistency model
        livepatch: store function sizes
        livepatch: use kstrtobool() in enabled_store()
        livepatch: move patching functions into patch.c
        livepatch: remove unnecessary object loaded check
        livepatch: separate enabled and patched states
        livepatch/s390: add TIF_PATCH_PENDING thread flag
        livepatch/s390: reorganize TIF thread flag bits
        livepatch/powerpc: add TIF_PATCH_PENDING thread flag
        livepatch/x86: add TIF_PATCH_PENDING thread flag
        livepatch: create temporary klp_update_patch_state() stub
        x86/entry: define _TIF_ALLWORK_MASK flags explicitly
        stacktrace/x86: add function for detecting reliable stack traces
      76f1948a
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid · 7af4c727
      Linus Torvalds authored
      Pull HID subsystem updates from Jiri Kosina:
      
       - The need for HID_QUIRK_NO_INIT_REPORTS per-device quirk has been
         growing dramatically during past years, so the time has come to
         switch over the default, and perform the pro-active reading only in
         cases where it's really needed (multitouch, wacom).
      
         The only place where this behavior is (in some form) preserved is
         hiddev so that we don't introduce userspace-visible change of
         behavior.
      
         From Benjamin Tissoires
      
       - HID++ support for power_supply / baterry reporting.
      
         From Benjamin Tissoires and Bastien Nocera
      
       - Vast improvements / rework of DS3 and DS4 in Sony driver.
      
         From Roderick Colenbrander
      
       - Improvment (in terms of getting closer to the Microsoft's
         interpretation of slightly ambiguous specification) of logical range
         interpretation in case null-state is set in the rdesc.
      
         From Valtteri Heikkilä and Tomasz Kramkowski
      
       - A lot of newly supported device IDs and small assorted fixes
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: (71 commits)
        HID: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch
        HID: asus: support backlight on USB keyboards
        HID: wacom: Move wacom_remote_irq and wacom_remote_status_irq
        HID: wacom: generic: sync pad events only for actual packets
        HID: sony: remove redundant check for -ve err
        HID: sony: Make sure to unregister sensors on failure
        HID: sony: Make DS4 bt poll interval adjustable
        HID: sony: Set proper bit flags on DS4 output report
        HID: sony: DS4 use brighter LED colors
        HID: sony: Improve navigation controller axis/button mapping
        HID: sony: Use DS3 MAC address as unique identifier on USB
        HID: logitech-hidpp: add a sysfs file to tell we support power_supply
        HID: logitech-hidpp: enable HID++ 1.0 battery reporting
        HID: logitech-hidpp: add support for battery status for the K750
        HID: logitech-hidpp: battery: provide CAPACITY_LEVEL
        HID: logitech-hidpp: rename battery level into capacity
        HID: logitech-hidpp: battery: provide ONLINE property
        HID: logitech-hidpp: notify battery on connect
        HID: logitech-hidpp: return an error if the queried feature is not present
        HID: logitech-hidpp: create the battery for all types of HID++ devices
        ...
      7af4c727
    • Linus Torvalds's avatar
      Merge tag 'pinctrl-v4.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl · 68fed41e
      Linus Torvalds authored
      Pull pin control updates from Linus Walleij:
       "This is the bulk of pin control changes for the v4.12 cycle.
      
        The extra week before the merge window actually resulted in some of
        the type of fixes that usually arrive after the merge window already
        starting to trickle in from eager developers using -next, I'm
        impressed.
      
        I have recruited a Samsung subsubsystem maintainer (Krzysztof) to deal
        with the onset of Samsung patches. It works great.
      
        Apart from that it is a boring round, just incremental updates and
        fixes all over the place, no serious core changes or anything exciting
        like that. The most pleasing to see is Julia Cartwrights work to audit
        the irqchip-providing drivers for realtime locking compliance. It's
        one of those "I should really get around to looking into that" things
        that have been on my TODO list since forever.
      
        Summary:
      
        Core changes:
      
         - add bi-directional and output-enable pin configurations to the
           generic bindings and generic pin controlling core.
      
        New drivers or subdrivers:
      
         - Armada 37xx SoC pin controller and GPIO support.
      
         - Axis ARTPEC-6 SoC pin controller support.
      
         - AllWinner A64 R_PIO controller support, and opening up the
           AllWinner sunxi driver for ARM64 use.
      
         - Rockchip RK3328 support.
      
         - Renesas R-Car H3 ES2.0 support.
      
         - STM32F469 support in the STM32 driver.
      
         - Aspeed G4 and G5 pin controller support.
      
        Improvements:
      
         - a whole slew of realtime improvements to drivers implementing
           irqchips: BCM, AMD, SiRF, sunxi, rockchip.
      
         - switch meson driver to get the GPIO ranges from the device tree.
      
         - input schmitt trigger support on the Rockchip driver.
      
         - enable the sunxi (AllWinner) driver to also be used on ARM64
           silicon.
      
         - name the Qualcomm QDF2xxx GPIO lines.
      
         - support GMMR GPIO regions on the Intel Cherryview. This fixes a
           serialization problem on these platforms.
      
         - pad retention support for the Samsung Exynos 5433.
      
         - handle suspend-to-ram in the AT91-pio4 driver.
      
         - pin configuration support in the Aspeed driver.
      
        Cleanups:
      
         - the final name of Rockchip RK1108 was RV1108 so rename the driver
           and variables to stay consistent"
      
      * tag 'pinctrl-v4.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: (80 commits)
        pinctrl: mediatek: Add missing pinctrl bindings for mt7623
        pinctrl: artpec6: Fix return value check in artpec6_pmx_probe()
        pinctrl: artpec6: Remove .owner field for driver
        pinctrl: tegra: xusb: Silence sparse warnings
        ARM: at91/at91-pinctrl documentation: fix spelling mistake: "contoller" -> "controller"
        pinctrl: make artpec6 explicitly non-modular
        pinctrl: aspeed: g5: Add pinconf support
        pinctrl: aspeed: g4: Add pinconf support
        pinctrl: aspeed: Add core pinconf support
        pinctrl: aspeed: Document pinconf in devicetree bindings
        pinctrl: Add st,stm32f469-pinctrl compatible to stm32-pinctrl
        pinctrl: stm32: Add STM32F469 MCU support
        Documentation: dt: Remove ngpios from stm32-pinctrl binding
        pinctrl: stm32: replace device_initcall() with arch_initcall()
        pinctrl: stm32: add possibility to use gpio-ranges to declare bank range
        pinctrl: armada-37xx: Add gpio support
        pinctrl: armada-37xx: Add pin controller support for Armada 37xx
        pinctrl: dt-bindings: Add documentation for Armada 37xx pin controllers
        pinctrl: core: Make pinctrl_init_controller() static
        pinctrl: generic: Add bi-directional and output-enable
        ...
      68fed41e
    • Linus Torvalds's avatar
      Merge tag 'mmc-v4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc · be580e75
      Linus Torvalds authored
      Pull MMC updates from Ulf Hansson:
       "MMC core:
         - Continue to re-factor code to prepare for eMMC CMDQ and blkmq support
         - Introduce queue semantics to prepare for eMMC CMDQ and blkmq support
         - Add helper functions to manage temporary enable/disable of eMMC CMDQ
         - Improve wait-busy detection for SDIO
      
        MMC host:
         - cavium: Add driver to support Cavium controllers
         - cavium: Extend Cavium driver to support Octeon and ThunderX SOCs
         - bcm2835: Add new driver for Broadcom BCM2835 controller
         - sdhci-xenon: Add driver to support Marvell Xenon SDHCI controller
         - sdhci-tegra: Add support for the Tegra186 variant
         - sdhci-of-esdhc: Support for UHS-I SD cards
         - sdhci-of-esdhc: Support for eMMC HS200 cards
         - sdhci-cadence: Add eMMC HS400 enhanced strobe support
         - sdhci-esdhc-imx: Reset tuning circuit when needed
         - sdhci-pci: Modernize and clean-up some PM related code
         - sdhci-pci: Avoid re-tuning at runtime PM for some Intel devices
         - sdhci-pci|acpi: Use aggressive PM for some Intel BYT controllers
         - sdhci: Re-factoring and modernizations
         - sdhci: Optimize delay loops
         - sdhci: Improve register dump print format
         - sdhci: Add support for the Command Queue Engine
         - meson-gx: Various improvements and clean-ups
         - meson-gx: Add support for CMD23
         - meson-gx: Basic tuning support to avoid CRC errors
         - s3cmci: Enable probing via DT
         - mediatek: Improve tuning support for eMMC HS200 and HS400 mode
         - tmio: Improve DMA support
         - tmio: Use correct response for CMD12
         - dw_mmc: Minor improvements and clean-ups"
      
      * tag 'mmc-v4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: (148 commits)
        mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a
        mmc: sdhci-of-esdhc: poll ESDHC_CLOCK_STABLE bit with udelay
        mmc: sdhci-xenon: Fix default value of LOGIC_TIMING_ADJUST for eMMC5.0 PHY
        mmc: sdhci-xenon: Fix the work flow in xenon_remove().
        MIPS: Octeon: cavium_octeon_defconfig: Enable Octeon MMC
        mmc: sdhci-xenon: Remove redundant dev_err call in get_dt_pad_ctrl_data()
        mmc: cavium: Use module_pci_driver to simplify the code
        mmc: cavium: Add MMC support for Octeon SOCs.
        mmc: cavium: Fix detection of block or byte addressing.
        mmc: core: Export API to allow hosts to get the card address
        mmc: sdio: Fix sdio wait busy implement limitation
        mmc: sdhci-esdhc-imx: reset tuning circuit when power on mmc card
        clk: apn806: fix spelling mistake: "mising" -> "missing"
        mmc: sdhci-of-esdhc: add delay between tuning cycles
        mmc: sdhci: Control the delay between tuning commands
        mmc: sdhci-of-esdhc: add tuning support
        mmc: sdhci-of-esdhc: add support for signal voltage switch
        mmc: sdhci-of-esdhc: add peripheral clock support
        mmc: sdhci-pci: Allow for 3 bytes from Intel DSM
        mmc: cavium: Fix a shift wrapping bug
        ...
      be580e75