Commit Graph

651582 Commits

Author SHA1 Message Date
David S. Miller
f787d1debf Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-02-19 11:18:46 -05:00
Willem de Bruijn
00ea1ceebe ipv6: release dst on error in ip6_dst_lookup_tail
If ip6_dst_lookup_tail has acquired a dst and fails the IPv4-mapped
check, release the dst before returning an error.

Fixes: ec5e3b0a1d ("ipv6: Inhibit IPv4-mapped src address on the wire.")
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-18 22:55:13 -05:00
Linus Torvalds
2763f92f85 ARM: SoC fixes for v4.10
Two more bugfixes that came in during this week:
 
 - one defconfig change to enable a vital driver used on some Qualcomm
   based phones. This was already queued for 4.11, but the maintainer
   asked to have it in 4.10 after all.
 
 - One regression fix for the reset controller framework, this got
   broken by a typo in the 4.10 merge window.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAWKi+0mCrR//JCVInAQKQeA//T3CvNEB5ubRhYMV3G3rML0iEkjSlLkeS
 QaUEhRAUzjs5X29u2n0Dn/FQsnkE1ZtBVfZfh6Ai8CWkBP7qHR6HRuHCtXlIeT44
 NFihuJx15iIPK9PoPMEQcX+vUmAURJ2+ordRGKcHRO35X/3Z/B587ETtJ5cvSp14
 b7lrG3sWGq8lFQM2yYjaDyOWL6WaVRAkzarPvGxfsBijSC4AbUwkK2z2HQd8CfyL
 0CQ4H/PA/XqbQidL38NQZgV5tgq9CQXdoILDcDrDWQ8GtfoD5kkuOIAYhYrpdrkx
 Tjbwkro9RA+3VlkIKh0r8WzOpBn4nFW6Awluui1I2S4/rgzJYorZagM6AsAJtFGh
 hT7J5Tiahbe1QtEiWpBSB+lXZDjSEoQDxVgCliJcGjIIAnv9CbAYFvYeNYk6bPAg
 LDND8lMZPnXfaV1LIi3Hq5NO2DQjiL0YM5lLcMXU0N9ritVm/GppGnS+HUZf/u2G
 l8erWezCshLaWLvPSOOO4gPSJHzOeNfL596EQ+WeD2nFLVp6xRsKZCwHzj6u3hG8
 2BiK12q4cFBTiSG2uVBajCNbxgF68l03wF3d3FCxQm0V1I746EuLQIfybB3z680s
 YjkUoPf5ApWjTnR912ay5u8o4/aWvPXJvOVoouDAHtDeDYxKfLO+kynd6vs4xvkw
 OluDShz/IC8=
 =M6/8
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Arnd Bergmann:
 "Two more bugfixes that came in during this week:

   - a defconfig change to enable a vital driver used on some Qualcomm
     based phones. This was already queued for 4.11, but the maintainer
     asked to have it in 4.10 after all.

   - a regression fix for the reset controller framework, this got
     broken by a typo in the 4.10 merge window"

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  ARM: multi_v7_defconfig: enable Qualcomm RPMCC
  reset: fix shared reset triggered_count decrement on error
2017-02-18 17:38:09 -08:00
Linus Torvalds
b92ce305fc Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm
Pull ARM fixes from Russell King:
 "A couple of fixes from Kees concerning problems he spotted with our
  user access support"

* 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm:
  ARM: 8658/1: uaccess: fix zeroing of 64-bit get_user()
  ARM: 8657/1: uaccess: consistently check object sizes
2017-02-18 17:36:15 -08:00
Linus Torvalds
17a984bccd Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fix from Thomas Gleixner:
 "Make the build clean by working around yet another GCC stupidity"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/vm86: Fix unused variable warning if THP is disabled
2017-02-18 17:34:56 -08:00
Linus Torvalds
244ff16fb4 Merge branch 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull locking fix from Thomas Gleixner:
 "Move the futex init function to core initcall so user mode helper does
  not run into an uninitialized futex syscall"

* 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  futex: Move futex_init() to core_initcall
2017-02-18 17:33:17 -08:00
Linus Torvalds
e602e70084 Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull timer fixes from Thomas Gleixner:
 "Two small fixes::

   - Prevent deadlock on the tick broadcast lock. Found and fixed by
     Mike.

   - Stop using printk() in the timekeeping debug code to prevent a
     deadlock against the scheduler"

* 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  timekeeping: Use deferred printk() in debug code
  tick/broadcast: Prevent deadlock on tick_broadcast_lock
2017-02-18 17:30:36 -08:00
Linus Torvalds
3dd9c12726 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:

 1) Fix leak in dpaa_eth error paths, from Dan Carpenter.

 2) Use after free when using IPV6_RECVPKTINFO, from Andrey Konovalov.

 3) fanout_release() cannot be invoked from atomic contexts, from Anoob
    Soman.

 4) Fix bogus attempt at lockdep annotation in IRDA.

 5) dev_fill_metadata_dst() can OOP on a NULL dst cache pointer, from
    Paolo Abeni.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
  irda: Fix lockdep annotations in hashbin_delete().
  vxlan: fix oops in dev_fill_metadata_dst
  dccp: fix freeing skb too early for IPV6_RECVPKTINFO
  dpaa_eth: small leak on error
  packet: Do not call fanout_release from atomic contexts
2017-02-18 17:29:00 -08:00
Sergey Senozhatsky
fc98c3c8c9 printk: use rcuidle console tracepoint
Use rcuidle console tracepoint because, apparently, it may be issued
from an idle CPU:

  hw-breakpoint: Failed to enable monitor mode on CPU 0.
  hw-breakpoint: CPU 0 failed to disable vector catch

  ===============================
  [ ERR: suspicious RCU usage.  ]
  4.10.0-rc8-next-20170215+ #119 Not tainted
  -------------------------------
  ./include/trace/events/printk.h:32 suspicious rcu_dereference_check() usage!

  other info that might help us debug this:

  RCU used illegally from idle CPU!
  rcu_scheduler_active = 2, debug_locks = 0
  RCU used illegally from extended quiescent state!
  2 locks held by swapper/0/0:
   #0:  (cpu_pm_notifier_lock){......}, at: [<c0237e2c>] cpu_pm_exit+0x10/0x54
   #1:  (console_lock){+.+.+.}, at: [<c01ab350>] vprintk_emit+0x264/0x474

  stack backtrace:
  CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.10.0-rc8-next-20170215+ #119
  Hardware name: Generic OMAP4 (Flattened Device Tree)
    console_unlock
    vprintk_emit
    vprintk_default
    printk
    reset_ctrl_regs
    dbg_cpu_pm_notify
    notifier_call_chain
    cpu_pm_exit
    omap_enter_idle_coupled
    cpuidle_enter_state
    cpuidle_enter_state_coupled
    do_idle
    cpu_startup_entry
    start_kernel

This RCU warning, however, is suppressed by lockdep_off() in printk().
lockdep_off() increments the ->lockdep_recursion counter and thus
disables RCU_LOCKDEP_WARN() and debug_lockdep_rcu_enabled(), which want
lockdep to be enabled "current->lockdep_recursion == 0".

Link: http://lkml.kernel.org/r/20170217015932.11898-1-sergey.senozhatsky@gmail.com
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Reported-by: Tony Lindgren <tony@atomide.com>
Tested-by: Tony Lindgren <tony@atomide.com>
Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Petr Mladek <pmladek@suse.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Lindgren <tony@atomide.com>
Cc: Russell King <rmk@armlinux.org.uk>
Cc: <stable@vger.kernel.org> [3.4+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-02-18 17:27:00 -08:00
Andy Gross
69e05170ef ARM: multi_v7_defconfig: enable Qualcomm RPMCC
This patch enables the Qualcomm RPM based Clock Controller present on
A-family boards.

Signed-off-by: Andy Gross <andy.gross@linaro.org>
Acked-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2017-02-18 22:34:52 +01:00
David S. Miller
4c03b862b1 irda: Fix lockdep annotations in hashbin_delete().
A nested lock depth was added to the hasbin_delete() code but it
doesn't actually work some well and results in tons of lockdep splats.

Fix the code instead to properly drop the lock around the operation
and just keep peeking the head of the hashbin queue.

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Tested-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 16:19:39 -05:00
Linus Torvalds
6dc39c50e4 Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull block layer fix from Jens Axboe:
 "A single fix for a lockdep splat reported by Thomas and Gabriel"

* 'for-linus' of git://git.kernel.dk/linux-block:
  cfq-iosched: don't call wbt_disable_default() with IRQs disabled
2017-02-17 13:01:58 -08:00
Paolo Abeni
22f0708a71 vxlan: fix oops in dev_fill_metadata_dst
Since the commit 0c1d70af92 ("net: use dst_cache for vxlan device")
vxlan_fill_metadata_dst() calls vxlan_get_route() passing a NULL
dst_cache pointer, so the latter should explicitly check for
valid dst_cache ptr. Unfortunately the commit d71785ffc7 ("net: add
dst_cache to ovs vxlan lwtunnel") removed said check.

As a result is possible to trigger a null pointer access calling
vxlan_fill_metadata_dst(), e.g. with:

ovs-vsctl add-br ovs-br0
ovs-vsctl add-port ovs-br0 vxlan0 -- set interface vxlan0 \
	type=vxlan options:remote_ip=192.168.1.1 \
	options:key=1234 options:dst_port=4789 ofport_request=10
ip address add dev ovs-br0 172.16.1.2/24
ovs-vsctl set Bridge ovs-br0 ipfix=@i -- --id=@i create IPFIX \
	targets=\"172.16.1.1:1234\" sampling=1
iperf -c 172.16.1.1 -u -l 1000 -b 10M -t 1 -p 1234

This commit addresses the issue passing to vxlan_get_route() the
dst_cache already available into the lwt info processed by
vxlan_fill_metadata_dst().

Fixes: d71785ffc7 ("net: add dst_cache to ovs vxlan lwtunnel")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:32:06 -05:00
Eric Dumazet
4e33e34625 tcp: use page_ref_inc() in tcp_sendmsg()
sk_page_frag_refill() allocates either a compound page or an order-0
page. We can use page_ref_inc() which is slightly faster than get_page()

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:31:06 -05:00
Cui, Cheng
a4ecb15a24 tcp: accommodate sequence number to a peer's shrunk receive window caused by precision loss in window scaling
Prevent sending out a left-shifted sequence number from a Linux sender in
response to a peer's shrunk receive-window caused by losing least significant
bits in window-scaling.

Cc: "David S. Miller" <davem@davemloft.net>
Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Cc: James Morris <jmorris@namei.org>
Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
Cc: Patrick McHardy <kaber@trash.net>
Signed-off-by: Cheng Cui <Cheng.Cui@netapp.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:30:33 -05:00
David S. Miller
e606519ec3 Merge branch 'sfc-misc-fixes'
Edward Cree says:

====================
sfc: misc. fixes

Three largely unrelated fixes to increase robustness in rare edge cases.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:29:40 -05:00
Peter Dunning
9c568fd884 sfc: do not device_attach if a reset is pending
efx_start_all can return without initialising queues as a reset is pending.
 This means that when netif_device_attach is called, the kernel can start
 sending traffic without having an initialised TX queue to send to.
This patch avoids this by not calling netif_device_attach if there is a
 pending reset.

Fixes: e283546c04 ("sfc:On MCDI timeout, issue an FLR (and mark MCDI to fail-fast)")
Signed-off-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:29:40 -05:00
Bert Kenward
105eac6c35 sfc: forget filters from sw table if hw replies ENOENT on removing them
If the hw doesn't think they exist, we should defer to its authority.

Signed-off-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:29:39 -05:00
Jon Cooper
0ccb998bf4 sfc: fix filter_id misinterpretation in edge case
On EF10, hardware filter IDs are 13 bits, but in some places we store
 32-bit "full filter IDs" in which higher order bits encode the filter
 match-priority.  This could cause a filter to have a full filter ID of
 0xffff, which is also the value EFX_EF10_FILTER_ID_INVALID which we use
 in 16-bit "short" filter IDs (without match-priority bits).  This would
 occur if the hardware filter ID was 0x1fff and the match-priority was 7.
Unfortunately, some code that checks for EFX_EF10_FILTER_ID_INVALID can
 be called on full filter IDs, and will WARN_ON if this ever happens.
So, since we have plenty of spare bits in the full filter ID, this patch
 shifts the priority bits left one bit when constructing the full filter
 IDs, ensuring that the 0x2000 bit of a full filter ID will always be 0
 and thus no full filter ID can ever equal EFX_EF10_FILTER_ID_INVALID.

This patch also replaces open-coded full<->short filter ID conversions
 with calls to functions, thus keeping the definition of the full filter
 ID format in one place.

Signed-off-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:29:39 -05:00
Arnd Bergmann
fbdf0e28d0 vmxnet3: prevent building with 64K pages
I got a warning about broken code on ARM64 with 64K pages:

drivers/net/vmxnet3/vmxnet3_drv.c: In function 'vmxnet3_rq_init':
drivers/net/vmxnet3/vmxnet3_drv.c:1679:29: error: large integer implicitly truncated to unsigned type [-Werror=overflow]
    rq->buf_info[0][i].len = PAGE_SIZE;

'len' here is a 16-bit integer, so this clearly won't work. I don't think
this driver is used much on anything other than x86, so there is no need
to fix this properly and we can work around it with a Kconfig dependency
to forbid known-broken configurations. qemu in theory supports it on
other architectures too, but presumably only for compatibility with x86
guests that also run on vmware.

CONFIG_PAGE_SIZE_64KB is used on hexagon, mips, sh and tile, the other
symbols are architecture-specific names for the same thing.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:25:49 -05:00
Valentin Longchamp
74179d44b6 net/wan: add MODULE_LICENSE for fsl_ucc_hdlc
It is required to build it as a module.

Signed-off-by: Valentin Longchamp <valentin.longchamp@keymile.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:20:43 -05:00
Zhu Yanjun
d2c58294f5 rds:Remove unnecessary ib_ring unalloc
In the function rds_ib_xmit_atomic, ib_ring is not allocated
successfully. As such, it is not necessary to unalloc it.

Cc: Joe Jin <joe.jin@oracle.com>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Signed-off-by: Zhu Yanjun <yanjun.zhu@oracle.com>
Acked-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:19:51 -05:00
Simon Horman
3b4735281f nfp: Use PCI_DEVICE_ID_NETRONOME_NFP* defines
Use PCI_DEVICE_ID_NETRONOME_NFP*, defined in linux/pci_ids.h,
rather than replicating the same values in the NFP driver.

Signed-off-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:11:34 -05:00
Gao Feng
806a837650 pkt_sched: Remove useless qdisc_stab_lock
The qdisc_stab_lock is used in qdisc_get_stab and qdisc_put_stab.
These two functions are invoked in qdisc_create, qdisc_change, and
qdisc_destroy which run fully under RTNL.

So it already makes sure only one could access the qdisc_stab_list at
the same time. Then it is unnecessary to use qdisc_stab_lock now.

Signed-off-by: Gao Feng <fgao@ikuai8.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:10:18 -05:00
David Howells
88c4845d7d rxrpc: Change module filename to rxrpc.ko
Change module filename from af-rxrpc.ko to rxrpc.ko so as to be consistent
with the other protocol drivers.

Also adjust the documentation to reflect this.

Further, there is no longer a standalone rxkad module, as it has been
merged into the rxrpc core, so get rid of references to that.

Reported-by: Marc Dionne <marc.dionne@auristor.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:09:19 -05:00
Simon Xiao
b5124720ed netvsc: fix typo on statistics
Return the correct tx_errors stats in netvsc.

Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: Simon Xiao <sixiao@microsoft.com>
Signed-off-by: Stephen Hemminger <sthemmin@microsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 15:06:52 -05:00
Daniel Borkmann
025331df34 rtnl: don't account unused struct ifla_port_vsi in rtnl_port_size
When allocating rtnl dump messages, struct ifla_port_vsi is never dumped,
so we can save header plus payload in rtnl_port_size(). Infact, attribute
IFLA_PORT_VSI_TYPE and struct ifla_port_vsi are not used anywhere in
the kernel. We only need to keep the nla policy should applications in
user space be filling this out. Same NLA_BINARY issue exists as was fixed
in 364d5716a7 ("rtnetlink: ifla_vf_policy: fix misuses of NLA_BINARY")
and others, but then again IFLA_PORT_VSI_TYPE is not used anywhere, so
just add a comment that it's unused.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 14:56:11 -05:00
Philippe Reynes
99f18f1d2f net: qlogic: netxen: use new api ethtool_{get|set}_link_ksettings
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

As I don't have the hardware, I'd be very pleased if
someone may test this patch.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 14:06:41 -05:00
Philippe Reynes
336f8a71aa net: hamachi: use new api ethtool_{get|set}_link_ksettings
The ethtool api {get|set}_settings is deprecated.
We move this driver to new api {get|set}_link_ksettings.

As I don't have the hardware, I'd be very pleased if
someone may test this patch.

Signed-off-by: Philippe Reynes <tremyfr@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 14:06:41 -05:00
Roopa Prabhu
eda7a5e88d bridge: don't indicate expiry on NTF_EXT_LEARNED fdb entries
added_by_external_learn fdb entries are added and expired by
external entities like switchdev driver or external controllers.
ageing is already disabled for such entries. Hence, don't
indicate expiry for such fdb entries.

CC: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
CC: Jiri Pirko <jiri@resnulli.us>
CC: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Tested-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:56:56 -05:00
David S. Miller
a2b4eb55ca Merge branch 'bpf-misc'
Daniel Borkmann says:

====================
Misc BPF improvements

This last series for this window adds various misc
improvements to BPF, one is to mark registered map and
prog types as __ro_after_init, another one for removing
cBPF stubs in eBPF JITs and moving the stub to the core
and last also improving JITs is to make generated images
visible to the kernel and kallsyms, so they can be
seen in traces. For details, please have a look at the
individual patches.

Thanks a lot!
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:40:06 -05:00
Daniel Borkmann
74451e66d5 bpf: make jited programs visible in traces
Long standing issue with JITed programs is that stack traces from
function tracing check whether a given address is kernel code
through {__,}kernel_text_address(), which checks for code in core
kernel, modules and dynamically allocated ftrace trampolines. But
what is still missing is BPF JITed programs (interpreted programs
are not an issue as __bpf_prog_run() will be attributed to them),
thus when a stack trace is triggered, the code walking the stack
won't see any of the JITed ones. The same for address correlation
done from user space via reading /proc/kallsyms. This is read by
tools like perf, but the latter is also useful for permanent live
tracing with eBPF itself in combination with stack maps when other
eBPF types are part of the callchain. See offwaketime example on
dumping stack from a map.

This work tries to tackle that issue by making the addresses and
symbols known to the kernel. The lookup from *kernel_text_address()
is implemented through a latched RB tree that can be read under
RCU in fast-path that is also shared for symbol/size/offset lookup
for a specific given address in kallsyms. The slow-path iteration
through all symbols in the seq file done via RCU list, which holds
a tiny fraction of all exported ksyms, usually below 0.1 percent.
Function symbols are exported as bpf_prog_<tag>, in order to aide
debugging and attribution. This facility is currently enabled for
root-only when bpf_jit_kallsyms is set to 1, and disabled if hardening
is active in any mode. The rationale behind this is that still a lot
of systems ship with world read permissions on kallsyms thus addresses
should not get suddenly exposed for them. If that situation gets
much better in future, we always have the option to change the
default on this. Likewise, unprivileged programs are not allowed
to add entries there either, but that is less of a concern as most
such programs types relevant in this context are for root-only anyway.
If enabled, call graphs and stack traces will then show a correct
attribution; one example is illustrated below, where the trace is
now visible in tooling such as perf script --kallsyms=/proc/kallsyms
and friends.

Before:

  7fff8166889d bpf_clone_redirect+0x80007f0020ed (/lib/modules/4.9.0-rc8+/build/vmlinux)
         f5d80 __sendmsg_nocancel+0xffff006451f1a007 (/usr/lib64/libc-2.18.so)

After:

  7fff816688b7 bpf_clone_redirect+0x80007f002107 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fffa0575728 bpf_prog_33c45a467c9e061a+0x8000600020fb (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fffa07ef1fc cls_bpf_classify+0x8000600020dc (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff81678b68 tc_classify+0x80007f002078 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8164d40b __netif_receive_skb_core+0x80007f0025fb (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8164d718 __netif_receive_skb+0x80007f002018 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8164e565 process_backlog+0x80007f002095 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8164dc71 net_rx_action+0x80007f002231 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff81767461 __softirqentry_text_start+0x80007f0020d1 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff817658ac do_softirq_own_stack+0x80007f00201c (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff810a2c20 do_softirq+0x80007f002050 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff810a2cb5 __local_bh_enable_ip+0x80007f002085 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8168d452 ip_finish_output2+0x80007f002152 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8168ea3d ip_finish_output+0x80007f00217d (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff8168f2af ip_output+0x80007f00203f (/lib/modules/4.9.0-rc8+/build/vmlinux)
  [...]
  7fff81005854 do_syscall_64+0x80007f002054 (/lib/modules/4.9.0-rc8+/build/vmlinux)
  7fff817649eb return_from_SYSCALL_64+0x80007f002000 (/lib/modules/4.9.0-rc8+/build/vmlinux)
         f5d80 __sendmsg_nocancel+0xffff01c484812007 (/usr/lib64/libc-2.18.so)

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:40:05 -05:00
Daniel Borkmann
9383191da4 bpf: remove stubs for cBPF from arch code
Remove the dummy bpf_jit_compile() stubs for eBPF JITs and make
that a single __weak function in the core that can be overridden
similarly to the eBPF one. Also remove stale pr_err() mentions
of bpf_jit_compile.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:40:04 -05:00
Daniel Borkmann
c78f8bdfa1 bpf: mark all registered map/prog types as __ro_after_init
All map types and prog types are registered to the BPF core through
bpf_register_map_type() and bpf_register_prog_type() during init and
remain unchanged thereafter. As by design we don't (and never will)
have any pluggable code that can register to that at any later point
in time, lets mark all the existing bpf_{map,prog}_type_list objects
in the tree as __ro_after_init, so they can be moved to read-only
section from then onwards.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:40:04 -05:00
Andrey Konovalov
5edabca9d4 dccp: fix freeing skb too early for IPV6_RECVPKTINFO
In the current DCCP implementation an skb for a DCCP_PKT_REQUEST packet
is forcibly freed via __kfree_skb in dccp_rcv_state_process if
dccp_v6_conn_request successfully returns.

However, if IPV6_RECVPKTINFO is set on a socket, the address of the skb
is saved to ireq->pktopts and the ref count for skb is incremented in
dccp_v6_conn_request, so skb is still in use. Nevertheless, it gets freed
in dccp_rcv_state_process.

Fix by calling consume_skb instead of doing goto discard and therefore
calling __kfree_skb.

Similar fixes for TCP:

fb7e2399ec [TCP]: skb is unexpectedly freed.
0aea76d35c tcp: SYN packets are now
simply consumed

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:36:25 -05:00
Roopa Prabhu
afcb50ba7f bridge: vlan_tunnel: explicitly reset metadata attrs to NULL on failure
Fixes: efa5356b0d ("bridge: per vlan dst_metadata netlink support")
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:33:41 -05:00
Tobias Klauser
6850f8b509 net: bgmac: store MAC address directly in netdev->dev_addr
After commit 34a5102c32 ("net: bgmac: allocate struct bgmac just once
& don't copy it") the mac_addr member of struct bgmac is no longer
necessary to pass the MAC address to bgmac_enet_probe(). Instead it can
directly be stored in netdev->dev_addr.

Also use eth_hw_addr_random() instead of eth_random_addr() in case a
random MAC is nedded. This will make sure netdev->addr_assign_type will
be properly set.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Jon Mason <jon.mason@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:03:39 -05:00
David S. Miller
3105dfb2a9 wireless-drivers-next patches for 4.11
Mostly small fixes, not really any new features.
 
 Major changes:
 
 ath10k
 
 * when trying older firmware versions don't confuse user with error messages
 
 ath9k
 
 * fix crash in AP mode (regression)
 * fix relayfs crash (regression)
 * fix initialisation with AR9340 and AR9550
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJYpamYAAoJEG4XJFUm622b7FAIAKLgTCq5S3mNFGsuA+r+2v8L
 HwDSmIF1bd/L74h2i08rHuEycU3h92RXPCYFZT8bR1fbU58BZlO4YLc0Ey9ug5v7
 1uc2lB00j2CJJ97XuW5HK3ZGA9jv/V5P+N8GM0Z1UdxG7J12h++MSVu7lKyDrPus
 tPrA4C+/iANbPiSJpqgS+Zeyd6qUHa+udTNTnL8XxuztKLrAH5DDiHdxiGIpDmKt
 HhyAeK0A+vJYdcGCIzD2RXpw/VXUvmF/p7WiR6/3LYRXNNpZoC+U/MdLKh5LBj1C
 hpdlNBmqV+Wf7g7W3CrM3ZVZm8s+3ad8+2rIiW9lqE/UEivVmAZ70iuSppqC/nE=
 =WwLM
 -----END PGP SIGNATURE-----

Merge tag 'wireless-drivers-next-for-davem-2017-02-16' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next

Kalle Valo says:

====================
wireless-drivers-next patches for 4.11

Mostly small fixes, not really any new features.

Major changes:

ath10k

* when trying older firmware versions don't confuse user with error messages

ath9k

* fix crash in AP mode (regression)
* fix relayfs crash (regression)
* fix initialisation with AR9340 and AR9550
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 13:00:45 -05:00
Linus Torvalds
2fe1e8a7b2 powerpc fixes for 4.10 #5
One fix from Paul, we can not use the radix MMU under a hypervisor for now.
 Although the current code checks if the processor supports radix, that is not
 sufficient.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJYpukgAAoJEFHr6jzI4aWA17UP/jKOZX9G7GcjNAM5VUkL1MZK
 pAwZ4heCGeXDT3BhM6UPhwOXPJ/HTpoo9r1hAwAcRAHjvLEbY4WIdwr89s7kGiSD
 uO3AfORSpvVNXzJkiD3vyllavkeg0diB+M5G6BktTuV473Ssn3lq3HjS4fjKEWt3
 Rfnn4uGx7/KTsAsjEa20bau9lbz48M9csIfvIRs5osYi+PlpEN/3ES0cKWshkgOo
 E5doX5jnNxGcySXIFEDhmBQu3jBjVUGIgEambpZExAKHZkIODrhUS3WBKCbTO4U6
 kqgP662F8N2Q5jchYWtqbTiJHQJ3dKCcsSzluTrW2BkEE955XSzLxG7+jXQjA2OV
 2bIFi/tswKFXDrTbfkHWe8gO4VGeTjmBIFOyfutFrum/F88cxw3eRcgm/n77J8BN
 APicI6RVEEXi9s/PbWPOBtw/nPUvsrITDQBz2sC6bUZ+ruk+WgTpo6uSNaqudmFy
 3s47M6unX8j9JHHt1xtqPDE6wKYQSum5xQiC1J3xSTGugfakqmuXaMtikm63GK7V
 sv9EFX9NZ4pdS8E/mxfnaVVqLNSwpxgpmU1Hxu38IOvTwrKceMpUpRK3R4Z5uqss
 XVePIhOllpufZo7yE1WsdVSWd0xViSplrKqlvY6XHjCNeiEdBeCoYpMG3ECJtoKC
 qiBro6VMAIfA1BP0vLu+
 =Q1P7
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-4.10-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fix from Michael Ellerman:
 "One fix from Paul: we can not use the radix MMU under a hypervisor for
  now.

  Although the code checked if the processor supports radix, that is not
  sufficient"

* tag 'powerpc-4.10-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/64: Disable use of radix under a hypervisor
2017-02-17 09:58:32 -08:00
Linus Torvalds
a0d5ef4573 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Pull input fix from Dmitry Torokhov:
 "Just a single change to Elan touchpad driver to recognize a new ACPI
  ID"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
  Input: elan_i2c - add ELAN0605 to the ACPI table
2017-02-17 09:56:34 -08:00
Linus Torvalds
444a034d39 Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
Pull i2c fix from Wolfram Sang:
 "I2C has a revert to fix a regression"

* 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
  Revert "i2c: designware: detect when dynamic tar update is possible"
2017-02-17 09:53:59 -08:00
Linus Torvalds
6adfd6aceb MMC core:
- Fix multi-bit bus width without high-speed mode for MMC
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJYpqcNAAoJEP4mhCVzWIwpt98QAKVyJv11pmVl7d8ctlMO5YW8
 DKpr3JkOz4FVPoQKWPoWaXmz3y+9PG14BI7yVdy+4y9I/VI0nMGw7RvegjGehPPs
 tk8CuJV03Lj1ltQf1FNSJvjAph5K1nJHTU6fiVZy6mhbbPcoMBEhJdE0naWBx7xz
 Pd5NexQaNpU4mXBdvbCdanCpappEs0x2cP57DLlxcbZ/AeZzbpRqSXYd2yZ4XYqS
 mCjetbhaJ/R2y8GklAJJOA0pSXoHvFCoZ1NmbbFg0fe75Dq32dqjxO9DfBJlhUU/
 eBXea4y20TpXIs68AWblpSzvCkZYQ0aNzdAdwRzVKEC2OeYy5ITwKi2zLiSxa5d0
 qQyCiVkjtBnbEtCSfkrS6puteuJvWIossuSz7NWK2AzlbhYpi/OIkzh1hasGeIiB
 Ues3x2j+waxPfuCDepg0FhLaVK5+gC7RZ1dUTeNCcsyNgaagCARRFu8/X8pso30o
 jUWW9fdVRhpPI+XINUTzJuqUtQb/ALJCY4OL//cvG+zb/NjwcuFFroIr4+DLmNO1
 sjMmGTkbwaHgijTrdy4LRw/+4uelIVF9l8denqsJAHFEOpRT3J16YYJQ4xLuRa5Y
 ehkja74HqprDg2T6/bx0qrvKNAu0Wm0MuCFvaqf/FagHJs1+QiKDOIc65nzumD9g
 E9JTMHLw+8VquY/11B2S
 =579k
 -----END PGP SIGNATURE-----

Merge tag 'mmc-v4.10-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc

Pull MMC fix from Ulf Hansson:
 "Fix multi-bit bus width without high-speed mode for MMC"

* tag 'mmc-v4.10-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
  mmc: core: fix multi-bit bus width without high-speed mode
2017-02-17 09:52:33 -08:00
Linus Torvalds
7ed1b12559 NTB bug fixes to address a crash when unloading the ntb module, a DMA
engine unmap leak, allowing the proper queue choice, and clearing the
 SKX irq bit.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJYpnm1AAoJEG5mS6x6i9Ij0tQP/0JKQr5pi7vUew9oq05mneTU
 rS8cqlOd0skVHwJgpmouLqxPMrjq0un1llldrBkG+HivSm7oHw2GAFETZ4lKg2g7
 ljxvKz1t+UlKIQKQX/cJtLa8CaXSYMeB5ucrGW/1ECsP6T29RruSnZAQrHFFKK0A
 7zvCFf3shiTJUvJ0LjOpSbaR555LdzkZt/eg1kjVxa/cFTW1863zJeNplgf3Bc8T
 jcvTu/VFOqki4ztZZ6dhFKO+gKX92vb85Zv7URwmYMmETn1RRNhMtv3x7hKstUaG
 etJfBwwEgWm7V78tQjAwSgj366Tg57TMjXx9bvNZrZloNDrd1K+WL0MQgjBKLV3J
 xaAO482XGoeGmnFDFqEp1A5zkAnU7b3ekE/Pfl5vlWzP9tvRZJhardYSLcst8gLs
 KwlezYl6PKgz5swjqmg/AyOjvDGKA4GsjnWJp/g+LYokJr67fP5vduAW2yB1W+0j
 HO8SBJtDtdrwJqLo90sfbmE/OPr9WQPG9kxm5wOK6GJOLzH5J+JghRvRVst/y3r1
 flsIhrHjjMAoYESb+or2Tyy5nNugJTDyZLha4RfnOR3HPqnwLFMYpb9QxyTQNKZt
 1PbUpFbfg9ZRxSCYhXOmRp0xw9MWfsHZHQ6Lh8dKFTClVFHnNTncGKingMUeZMGO
 lq+gRC19pSDR25VnKEpE
 =H1cE
 -----END PGP SIGNATURE-----

Merge tag 'ntb-4.10-bugfixes' of git://github.com/jonmason/ntb

Pull NTB bugfixes frfom Jon Mason:
 "NTB bug fixes to address a crash when unloading the ntb module, a DMA
  engine unmap leak, allowing the proper queue choice, and clearing the
  SKX irq bit"

* tag 'ntb-4.10-bugfixes' of git://github.com/jonmason/ntb:
  ntb: ntb_hw_intel: link_poll isn't clearing the pending status properly
  ntb_transport: Pick an unused queue
  ntb: ntb_perf missing dmaengine_unmap_put
  NTB: ntb_transport: fix debugfs_remove_recursive
2017-02-17 09:51:05 -08:00
Tobias Klauser
6d6a505a1e net: ethoc: Use eth_hw_addr_random()
Use eth_hw_addr_random() to set a random dev_addr and update
addr_assign_type instead of open-coding it.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:42:24 -05:00
David S. Miller
e1c151a479 Merge branch 'rhashtable-allocation-failure-during-insertion'
Herbert Xu says:

====================
rhashtable: Handle table allocation failure during insertion

v2 -

Added Ack to patch 2.
Fixed RCU annotation in code path executed by rehasher by using
rht_dereference_bucket.

v1 -

This series tackles the problem of table allocation failures during
insertion.  The issue is that we cannot vmalloc during insertion.
This series deals with this by introducing nested tables.

The first two patches removes manual hash table walks which cannot
work on a nested table.

The final patch introduces nested tables.

I've tested this with test_rhashtable and it appears to work.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:28:44 -05:00
Herbert Xu
da20420f83 rhashtable: Add nested tables
This patch adds code that handles GFP_ATOMIC kmalloc failure on
insertion.  As we cannot use vmalloc, we solve it by making our
hash table nested.  That is, we allocate single pages at each level
and reach our desired table size by nesting them.

When a nested table is created, only a single page is allocated
at the top-level.  Lower levels are allocated on demand during
insertion.  Therefore for each insertion to succeed, only two
(non-consecutive) pages are needed.

After a nested table is created, a rehash will be scheduled in
order to switch to a vmalloced table as soon as possible.  Also,
the rehash code will never rehash into a nested table.  If we
detect a nested table during a rehash, the rehash will be aborted
and a new rehash will be scheduled.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:28:35 -05:00
Herbert Xu
40f9f43970 tipc: Fix tipc_sk_reinit race conditions
There are two problems with the function tipc_sk_reinit.  Firstly
it's doing a manual walk over an rhashtable.  This is broken as
an rhashtable can be resized and if you manually walk over it
during a resize then you may miss entries.

Secondly it's missing memory barriers as previously the code used
spinlocks which provide the barriers implicitly.

This patch fixes both problems.

Fixes: 07f6c4bc04 ("tipc: convert tipc reference table to...")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Ying Xue <ying.xue@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:28:35 -05:00
Herbert Xu
98687f426b gfs2: Use rhashtable walk interface in glock_hash_walk
The function glock_hash_walk walks the rhashtable by hand.  This
is broken because if it catches the hash table in the middle of
a rehash, then it will miss entries.

This patch replaces the manual walk by using the rhashtable walk
interface.

Fixes: 88ffbf3e03 ("GFS2: Use resizable hash table for glocks")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:28:22 -05:00
Dan Carpenter
785f35775d dpaa_eth: small leak on error
This should be >= instead of > here.  It means that we don't increment
the free count enough so it becomes off by one.

Fixes: 9ad1a37493 ("dpaa_eth: add support for DPAA Ethernet")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:18:43 -05:00
Jisheng Zhang
4581be42fc net: mvneta: make mvneta_eth_tool_ops static
The mvneta_eth_tool_ops is only used internally in mvneta driver, so
make it static.

Signed-off-by: Jisheng Zhang <jszhang@marvell.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-02-17 12:16:29 -05:00