1. 22 Oct, 2015 9 commits
    • Joe Stringer's avatar
      openvswitch: Reject ct_state masks for unknown bits · 9e384715
      Joe Stringer authored
      Currently, 0-bits are generated in ct_state where the bit position is
      undefined, and matches are accepted on these bit-positions. If userspace
      requests to match the 0-value for this bit then it may expect only a
      subset of traffic to match this value, whereas currently all packets
      will have this bit set to 0. Fix this by rejecting such masks.
      Signed-off-by: default avatarJoe Stringer <joestringer@nicira.com>
      Acked-by: default avatarPravin B Shelar <pshelar@nicira.com>
      Acked-by: default avatarThomas Graf <tgraf@suug.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9e384715
    • Renato Westphal's avatar
      tcp: remove improper preemption check in tcp_xmit_probe_skb() · e2e8009f
      Renato Westphal authored
      Commit e520af48 introduced the following bug when setting the
      TCP_REPAIR sockoption:
      
      [ 2860.657036] BUG: using __this_cpu_add() in preemptible [00000000] code: daemon/12164
      [ 2860.657045] caller is __this_cpu_preempt_check+0x13/0x20
      [ 2860.657049] CPU: 1 PID: 12164 Comm: daemon Not tainted 4.2.3 #1
      [ 2860.657051] Hardware name: Dell Inc. PowerEdge R210 II/0JP7TR, BIOS 2.0.5 03/13/2012
      [ 2860.657054]  ffffffff81c7f071 ffff880231e9fdf8 ffffffff8185d765 0000000000000002
      [ 2860.657058]  0000000000000001 ffff880231e9fe28 ffffffff8146ed91 ffff880231e9fe18
      [ 2860.657062]  ffffffff81cd1a5d ffff88023534f200 ffff8800b9811000 ffff880231e9fe38
      [ 2860.657065] Call Trace:
      [ 2860.657072]  [<ffffffff8185d765>] dump_stack+0x4f/0x7b
      [ 2860.657075]  [<ffffffff8146ed91>] check_preemption_disabled+0xe1/0xf0
      [ 2860.657078]  [<ffffffff8146edd3>] __this_cpu_preempt_check+0x13/0x20
      [ 2860.657082]  [<ffffffff817e0bc7>] tcp_xmit_probe_skb+0xc7/0x100
      [ 2860.657085]  [<ffffffff817e1e2d>] tcp_send_window_probe+0x2d/0x30
      [ 2860.657089]  [<ffffffff817d1d8c>] do_tcp_setsockopt.isra.29+0x74c/0x830
      [ 2860.657093]  [<ffffffff817d1e9c>] tcp_setsockopt+0x2c/0x30
      [ 2860.657097]  [<ffffffff81767b74>] sock_common_setsockopt+0x14/0x20
      [ 2860.657100]  [<ffffffff817669e1>] SyS_setsockopt+0x71/0xc0
      [ 2860.657104]  [<ffffffff81865172>] entry_SYSCALL_64_fastpath+0x16/0x75
      
      Since tcp_xmit_probe_skb() can be called from process context, use
      NET_INC_STATS() instead of NET_INC_STATS_BH().
      
      Fixes: e520af48 ("tcp: add TCPWinProbe and TCPKeepAlive SNMP counters")
      Signed-off-by: default avatarRenato Westphal <renatow@taghos.com.br>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e2e8009f
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · 36a28b21
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter fixes for net
      
      The following patchset contains four Netfilter fixes for net, they are:
      
      1) Fix Kconfig dependencies of new nf_dup_ipv4 and nf_dup_ipv6.
      
      2) Remove bogus test nh_scope in IPv4 rpfilter match that is breaking
         --accept-local, from Xin Long.
      
      3) Wait for RCU grace period after dropping the pending packets in the
         nfqueue, from Florian Westphal.
      
      4) Fix sleeping allocation while holding spin_lock_bh, from Nikolay Borisov.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      36a28b21
    • Jon Paul Maloy's avatar
      tipc: conditionally expand buffer headroom over udp tunnel · e5356794
      Jon Paul Maloy authored
      In commit d999297c ("tipc: reduce locking scope during packet reception")
      we altered the packet retransmission function. Since then, when
      restransmitting packets, we create a clone of the original buffer
      using __pskb_copy(skb, MIN_H_SIZE), where MIN_H_SIZE is the size of
      the area we want to have copied, but also the smallest possible TIPC
      packet size. The value of MIN_H_SIZE is 24.
      
      Unfortunately, __pskb_copy() also has the effect that the headroom
      of the cloned buffer takes the size MIN_H_SIZE. This is too small
      for carrying the packet over the UDP tunnel bearer, which requires
      a minimum headroom of 28 bytes. A change to just use pskb_copy()
      lets the clone inherit the original headroom of 80 bytes, but also
      assumes that the copied data area is of at least that size, something
      that is not always the case. So that is not a viable solution.
      
      We now fix this by adding a check for sufficient headroom in the
      transmit function of udp_media.c, and expanding it when necessary.
      
      Fixes: commit d999297c ("tipc: reduce locking scope during packet reception")
      Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e5356794
    • Andreas Schwab's avatar
      net: cavium: change NET_VENDOR_CAVIUM to bool · 7a4264a9
      Andreas Schwab authored
      CONFIG_NET_VENDOR_CAVIUM is only used to hide/show config options and to
      include subdirectories in the build, so it doesn't make sense to make it
      tristate.
      Signed-off-by: default avatarAndreas Schwab <schwab@suse.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7a4264a9
    • Jon Paul Maloy's avatar
      tipc: allow non-linear first fragment buffer · 45c8b7b1
      Jon Paul Maloy authored
      The current code for message reassembly is erroneously assuming that
      the the first arriving fragment buffer always is linear, and then goes
      ahead resetting the fragment list of that buffer in anticipation of
      more arriving fragments.
      
      However, if the buffer already happens to be non-linear, we will
      inadvertently drop the already attached fragment list, and later
      on trig a BUG() in __pskb_pull_tail().
      
      We see this happen when running fragmented TIPC multicast across UDP,
      something made possible since
      commit d0f91938 ("tipc: add ip/udp media type")
      
      We fix this by not resetting the fragment list when the buffer is non-
      linear, and by initiatlizing our private fragment list tail pointer to
      the tail of the existing fragment list.
      
      Fixes: commit d0f91938 ("tipc: add ip/udp media type")
      Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      45c8b7b1
    • James Morse's avatar
      openvswitch: Allocate memory for ovs internal device stats. · 1241365f
      James Morse authored
      "openvswitch: Remove vport stats" removed the per-vport statistics, in
      order to use the netdev's statistics fields.
      "openvswitch: Fix ovs_vport_get_stats()" fixed the export of these stats
      to user-space, by using the provided netdev_ops to collate them - but ovs
      internal devices still use an unallocated dev->tstats field to count
      packets, which are no longer exported by this api.
      
      Allocate the dev->tstats field for ovs internal devices, and wire up
      ndo_get_stats64 with the original implementation of
      ovs_vport_get_stats().
      
      On its own, "openvswitch: Fix ovs_vport_get_stats()" fixes the OOPs,
      unmasking a full-on panic on arm64:
      
      =============%<==============
      [<ffffffbffc00ce4c>] internal_dev_recv+0xa8/0x170 [openvswitch]
      [<ffffffbffc0008b4>] do_output.isra.31+0x60/0x19c [openvswitch]
      [<ffffffbffc000bf8>] do_execute_actions+0x208/0x11c0 [openvswitch]
      [<ffffffbffc001c78>] ovs_execute_actions+0xc8/0x238 [openvswitch]
      [<ffffffbffc003dfc>] ovs_packet_cmd_execute+0x21c/0x288 [openvswitch]
      [<ffffffc0005e8c5c>] genl_family_rcv_msg+0x1b0/0x310
      [<ffffffc0005e8e60>] genl_rcv_msg+0xa4/0xe4
      [<ffffffc0005e7ddc>] netlink_rcv_skb+0xb0/0xdc
      [<ffffffc0005e8a94>] genl_rcv+0x38/0x50
      [<ffffffc0005e76c0>] netlink_unicast+0x164/0x210
      [<ffffffc0005e7b70>] netlink_sendmsg+0x304/0x368
      [<ffffffc0005a21c0>] sock_sendmsg+0x30/0x4c
      [SNIP]
      Kernel panic - not syncing: Fatal exception in interrupt
      =============%<==============
      
      Fixes: 8c876639 ("openvswitch: Remove vport stats.")
      Signed-off-by: default avatarJames Morse <james.morse@arm.com>
      Acked-by: default avatarPravin B Shelar <pshelar@nicira.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1241365f
    • David Ahern's avatar
      net: Really fix vti6 with oif in dst lookups · f1900fb5
      David Ahern authored
      6e28b000 ("net: Fix vti use case with oif in dst lookups for IPv6")
      is missing the checks on FLOWI_FLAG_SKIP_NH_OIF. Add them.
      
      Fixes: 42a7b32b ("xfrm: Add oif to dst lookups")
      Cc: Steffen Klassert <steffen.klassert@secunet.com>
      Signed-off-by: default avatarDavid Ahern <dsa@cumulusnetworks.com>
      Acked-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f1900fb5
    • Jon Paul Maloy's avatar
      tipc: extend broadcast link window size · 53387c4e
      Jon Paul Maloy authored
      The default fix broadcast window size is currently set to 20 packets.
      This is a very low value, set at a time when we were still testing on
      10 Mb/s hubs, and a change to it is long overdue.
      
      Commit 7845989c ("net: tipc: fix stall during bclink wakeup procedure")
      revealed a problem with this low value. For messages of importance LOW,
      the backlog queue limit will be  calculated to 30 packets, while a
      single, maximum sized message of 66000 bytes, carried across a 1500 MTU
      network consists of 46 packets.
      
      This leads to the following scenario (among others leading to the same
      situation):
      
      1: Msg 1 of 46 packets is sent. 20 packets go to the transmit queue, 26
         packets to the backlog queue.
      2: Msg 2 of 46 packets is attempted sent, but rejected because there is
         no more space in the backlog queue at this level. The sender is added
         to the wakeup queue with a "pending packets chain size" number of 46.
      3: Some packets in the transmit queue are acked and released. We try to
         wake up the sender, but the pending size of 46 is bigger than the LOW
         wakeup limit of 30, so this doesn't happen.
      5: Subsequent acks releases all the remaining buffers. Each time we test
         for the wakeup criteria and find that 46 still is larger than 30,
         even after both the transmit and the backlog queues are empty.
      6: The sender is never woken up and given a chance to send its message.
         He is stuck.
      
      We could now loosen the wakeup criteria (used by link_prepare_wakeup())
      to become equal to the send criteria (used by tipc_link_xmit()), i.e.,
      by ignoring the "pending packets chain size" value altogether, or we can
      just increase the queue limits so that the criteria can be satisfied
      anyway. There are good reasons (potentially multiple waiting senders) to
      not opt for the former solution, so we choose the latter one.
      
      This commit fixes the problem by giving the broadcast link window a
      default value of 50 packets. We also introduce a new minimum link
      window size BCLINK_MIN_WIN of 32, which is enough to always avoid the
      described situation. Finally, in order to not break any existing users
      which may set the window explicitly, we enforce that the window is set
      to the new minimum value in case the user is trying to set it to
      anything lower.
      
      Fixes: 7845989c ("net: tipc: fix stall during bclink wakeup procedure")
      Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
      Reviewed-by: default avatarYing Xue <ying.xue@windriver.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      53387c4e
  2. 21 Oct, 2015 10 commits
  3. 19 Oct, 2015 9 commits
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 1099f860
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) Account for extra headroom in ath9k driver, from Felix Fietkau.
      
       2) Fix OOPS in pppoe driver due to incorrect socket state transition,
          from Guillaume Nault.
      
       3) Kill memory leak in amd-xgbe debugfx, from Geliang Tang.
      
       4) Power management fixes for iwlwifi, from Johannes Berg.
      
       5) Fix races in reqsk_queue_unlink(), from Eric Dumazet.
      
       6) Fix dst_entry usage in ARP replies, from Jiri Benc.
      
       7) Cure OOPSes with SO_GET_FILTER, from Daniel Borkmann.
      
       8) Missing allocation failure check in amd-xgbe, from Tom Lendacky.
      
       9) Various resource allocation/freeing cures in DSA< from Neil
          Armstrong.
      
      10) A series of bug fixes in the openvswitch conntrack support, from
          Joe Stringer.
      
      11) Fix two cases (BPF and act_mirred) where we have to clean the sender
          cpu stored in the SKB before transmitting.  From WANG Cong and
          Alexei Starovoitov.
      
      12) Disable VLAN filtering in promiscuous mode in mlx5 driver, from
          Achiad Shochat.
      
      13) Older bnx2x chips cannot do 4-tuple UDP hashing, so prevent this
          configuration via ethtool.  From Yuval Mintz.
      
      14) Don't call rt6_uncached_list_flush_dev() from rt6_ifdown() when
          'dev' is NULL, from Eric Biederman.
      
      15) Prevent stalled link synchronization in tipc, from Jon Paul Maloy.
      
      16) kcalloc() gstrings ethtool buffer before having driver fill it in,
          in order to prevent kernel memory leaking.  From Joe Perches.
      
      17) Fix mixxing rt6_info initialization for blackhole routes, from
          Martin KaFai Lau.
      
      18) Kill VLAN regression in via-rhine, from Andrej Ota.
      
      19) Missing pfmemalloc check in sk_add_backlog(), from Eric Dumazet.
      
      20) Fix spurious MSG_TRUNC signalling in netlink dumps, from Ronen Arad.
      
      21) Scrube SKBs when pushing them between namespaces in openvswitch,
          from Joe Stringer.
      
      22) bcmgenet enables link interrupts too early, fix from Florian
          Fainelli.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (92 commits)
        net: bcmgenet: Fix early link interrupt enabling
        tunnels: Don't require remote endpoint or ID during creation.
        openvswitch: Scrub skb between namespaces
        xen-netback: correctly check failed allocation
        net: asix: add support for the Billionton GUSB2AM-1G-B USB adapter
        netlink: Trim skb to alloc size to avoid MSG_TRUNC
        net: add pfmemalloc check in sk_add_backlog()
        via-rhine: fix VLAN receive handling regression.
        ipv6: Initialize rt6_info properly in ip6_blackhole_route()
        ipv6: Move common init code for rt6_info to a new function rt6_info_init()
        Bluetooth: Fix initializing conn_params in scan phase
        Bluetooth: Fix conn_params list update in hci_connect_le_scan_cleanup
        Bluetooth: Fix remove_device behavior for explicit connects
        Bluetooth: Fix LE reconnection logic
        Bluetooth: Fix reference counting for LE-scan based connections
        Bluetooth: Fix double scan updates
        mlxsw: core: Fix race condition in __mlxsw_emad_transmit
        tipc: move fragment importance field to new header position
        ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings
        tipc: eliminate risk of stalled link synchronization
        ...
      1099f860
    • Florian Fainelli's avatar
      net: bcmgenet: Fix early link interrupt enabling · 37850e37
      Florian Fainelli authored
      Link interrupts are enabled in init_umac(), which is too early for us to
      process them since we do not yet have a valid PHY device pointer. On
      BCM7425 chips for instance, we will crash calling phy_mac_interrupt()
      because phydev is NULL.
      
      Fix this by moving the link interrupts enabling in
      bcmgenet_netif_start(), under a specific function:
      bcmgenet_link_intr_enable() and while at it, update the comments
      surrounding the code.
      
      Fixes: 6cc8e6d4 ("net: bcmgenet: Delay PHY initialization to bcmgenet_open()")
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      37850e37
    • David S. Miller's avatar
      Merge tag 'wireless-drivers-for-davem-2015-10-17' of... · afc050dd
      David S. Miller authored
      Merge tag 'wireless-drivers-for-davem-2015-10-17' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers
      
      Kalle Valo says:
      
      ====================
      iwlwifi:
      
      * mvm: flush fw_dump_wk when mvm fails to start
      * mvm: init card correctly on ctkill exit check
      * pci: add a few more PCI subvendor IDs for the 7265 series
      * fix firmware filename for 3160
      * mvm: clear csa countdown when AP is stopped
      * mvm: fix D3 firmware PN programming
      * dvm: fix D3 firmware PN programming
      * mvm: fix D3 CCMP TX PN assignment
      
      rtlwifi:
      
      * rtl8821ae: Fix system lockups on boot
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      afc050dd
    • Jesse Gross's avatar
      tunnels: Don't require remote endpoint or ID during creation. · e277de5f
      Jesse Gross authored
      Before lightweight tunnels existed, it really didn't make sense to
      create a tunnel that was not fully specified, such as without a
      destination IP address - the resulting packets would go nowhere.
      However, with lightweight tunnels, the opposite is true - it doesn't
      make sense to require this information when it will be provided later
      on by the route. This loosens the requirements for this information.
      
      An alternative would be to allow the relaxed version only when
      COLLECT_METADATA is enabled. However, since there are several
      variations on this theme (such as NBMA tunnels in GRE), just dropping
      the restrictions seems the most consistent across tunnels and with
      the existing configuration.
      
      CC: John Linville <linville@tuxdriver.com>
      Signed-off-by: default avatarJesse Gross <jesse@nicira.com>
      Signed-off-by: default avatarThomas Graf <tgraf@suug.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e277de5f
    • Joe Stringer's avatar
      openvswitch: Scrub skb between namespaces · 740dbc28
      Joe Stringer authored
      If OVS receives a packet from another namespace, then the packet should
      be scrubbed. However, people have already begun to rely on the behaviour
      that skb->mark is preserved across namespaces, so retain this one field.
      
      This is mainly to address information leakage between namespaces when
      using OVS internal ports, but by placing it in ovs_vport_receive() it is
      more generally applicable, meaning it should not be overlooked if other
      port types are allowed to be moved into namespaces in future.
      Signed-off-by: default avatarJoe Stringer <joestringer@nicira.com>
      Acked-by: default avatarPravin B Shelar <pshelar@nicira.com>
      Acked-by: default avatarThomas Graf <tgraf@suug.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      740dbc28
    • David S. Miller's avatar
      Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth · a5d6f7dd
      David S. Miller authored
      Johan Hedberg says:
      
      ====================
      pull request: bluetooth 2015-10-16
      
      First of all, sorry for the late set of patches for the 4.3 cycle. We
      just finished an intensive week of testing at the Bluetooth UnPlugFest
      and discovered (and fixed) issues there. Unfortunately a few issues
      affect 4.3-rc5 in a way that they break existing Bluetooth LE mouse and
      keyboard support.
      
      The regressions result from supporting LE privacy in conjunction with
      scanning for Resolvable Private Addresses before connecting. A feature
      that has been tested heavily (including automated unit tests), but sadly
      some regressions slipped in. The UnPlugFest with its multitude of test
      platforms is a good battle testing ground for uncovering every corner
      case.
      
      The patches in this pull request focus only on fixing the regressions in
      4.3-rc5. The patches look a bit larger since we also added comments in
      the critical sections of the fixes to improve clarity.
      
      I would appreciate if we can get these regression fixes to Linus
      quickly. Please let me know if there are any issues pulling. Thanks.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a5d6f7dd
    • Insu Yun's avatar
      xen-netback: correctly check failed allocation · 833b8f18
      Insu Yun authored
      Since vzalloc can be failed in memory pressure,
      writes -ENOMEM to xenstore to indicate error.
      Signed-off-by: default avatarInsu Yun <wuninsu@gmail.com>
      Acked-by: default avatarWei Liu <wei.liu2@citrix.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      833b8f18
    • Chia-Sheng Chang's avatar
      net: asix: add support for the Billionton GUSB2AM-1G-B USB adapter · 80083a3c
      Chia-Sheng Chang authored
      Just another AX88178-based 10/100/1000 USB-to-Ethernet dongle. This one
      shows up in lsusb as: "ID 08dd:0114 Billionton Systems, Inc".
      Signed-off-by: default avatarChia-Sheng Chang <changchias@gmail.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Luca Ceresoli <luca@lucaceresoli.net>
      Cc: Christoph Jaeger <cj@linux.com>
      Cc: "Woojung.Huh@microchip.com" <Woojung.Huh@microchip.com>
      Cc: Matthew Garrett <mjg59@srcf.ucam.org>
      Cc: Markus Elfring <elfring@users.sourceforge.net>
      Cc: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
      Cc: netdev@vger.kernel.org
      Cc: linux-usb@vger.kernel.org
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      80083a3c
    • Arad, Ronen's avatar
      netlink: Trim skb to alloc size to avoid MSG_TRUNC · db65a3aa
      Arad, Ronen authored
      netlink_dump() allocates skb based on the calculated min_dump_alloc or
      a per socket max_recvmsg_len.
      min_alloc_size is maximum space required for any single netdev
      attributes as calculated by rtnl_calcit().
      max_recvmsg_len tracks the user provided buffer to netlink_recvmsg.
      It is capped at 16KiB.
      The intention is to avoid small allocations and to minimize the number
      of calls required to obtain dump information for all net devices.
      
      netlink_dump packs as many small messages as could fit within an skb
      that was sized for the largest single netdev information. The actual
      space available within an skb is larger than what is requested. It could
      be much larger and up to near 2x with align to next power of 2 approach.
      
      Allowing netlink_dump to use all the space available within the
      allocated skb increases the buffer size a user has to provide to avoid
      truncaion (i.e. MSG_TRUNG flag set).
      
      It was observed that with many VLANs configured on at least one netdev,
      a larger buffer of near 64KiB was necessary to avoid "Message truncated"
      error in "ip link" or "bridge [-c[ompressvlans]] vlan show" when
      min_alloc_size was only little over 32KiB.
      
      This patch trims skb to allocated size in order to allow the user to
      avoid truncation with more reasonable buffer size.
      Signed-off-by: default avatarRonen Arad <ronen.arad@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      db65a3aa
  4. 18 Oct, 2015 3 commits
    • Linus Torvalds's avatar
      Linux 4.3-rc6 · 7379047d
      Linus Torvalds authored
      7379047d
    • Linus Torvalds's avatar
      Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · c44b3255
      Linus Torvalds authored
      Pull i2c fixes from Wolfram Sang:
       "Here are some bugfixes for the I2C subsystem.
      
        Kieran found a flaw in the recently renewed wake irq handling.  Mika
        handled a user bug report where the ACPI info turned out to be
        unusable.  I updated MAINTAINERS so that such bug reports will sooner
        get to the right people.  Geert pointed me to a problem of some i2c
        drivers regarding PM which I fixed"
      
      * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: designware: Do not use parameters from ACPI on Dell Inspiron 7348
        MAINTAINERS: add maintainers for Synopsis Designware I2C drivers
        i2c: designware-platdrv: enable RuntimePM before registering to the core
        i2c: s3c2410: enable RuntimePM before registering to the core
        i2c: rcar: enable RuntimePM before registering to the core
        i2c: return probe deferred status on dev_pm_domain_attach
      c44b3255
    • Mika Westerberg's avatar
      i2c: designware: Do not use parameters from ACPI on Dell Inspiron 7348 · 56d4b8a2
      Mika Westerberg authored
      ACPI SSCN/FMCN methods were originally added because then the platform can
      provide the most accurate HCNT/LCNT values to the driver. However, this
      seems not to be true for Dell Inspiron 7348 where using these causes the
      touchpad to fail in boot:
      
        i2c_hid i2c-DLL0675:00: failed to retrieve report from device.
        i2c_designware INT3433:00: i2c_dw_handle_tx_abort: lost arbitration
        i2c_hid i2c-DLL0675:00: failed to retrieve report from device.
        i2c_designware INT3433:00: controller timed out
      
      The values received from ACPI are (in fast mode):
      
        HCNT: 72
        LCNT: 160
      
      this translates to following timings (input clock is 100MHz on Broadwell):
      
        tHIGH: 720 ns (spec min 600 ns)
        tLOW: 1600 ns (spec min 1300 ns)
        Bus period: 2920 ns (assuming 300 ns tf and tr)
        Bus speed: 342.5 kHz
      
      Both tHIGH and tLOW are within the I2C specification.
      
      The calculated values when ACPI parameters are not used are (in fast mode):
      
        HCNT: 87
        LCNT: 159
      
      which translates to:
      
        tHIGH: 870 ns (spec min 600 ns)
        tLOW: 1590 ns (spec min 1300 ns)
        Bus period 3060 ns (assuming 300 ns tf and tr)
        Bus speed 326.8 kHz
      
      These values are also within the I2C specification.
      
      Since both ACPI and calculated values meet the I2C specification timing
      requirements it is hard to say why the touchpad does not function properly
      with the ACPI values except that the bus speed is higher in this case (but
      still well below the max 400kHz).
      
      Solve this by adding DMI quirk to the driver that disables using ACPI
      parameters on this particulare machine.
      Reported-by: default avatarPavel Roskin <plroskin@gmail.com>
      Signed-off-by: default avatarMika Westerberg <mika.westerberg@linux.intel.com>
      Tested-by: default avatarPavel Roskin <plroskin@gmail.com>
      Signed-off-by: default avatarWolfram Sang <wsa@the-dreams.de>
      Cc: stable@kernel.org
      56d4b8a2
  5. 17 Oct, 2015 5 commits
  6. 16 Oct, 2015 4 commits