Skip to content
  1. Jan 02, 2019
    • yupeng's avatar
      add document for TCP OFO, PAWS and skip ACK counters · 2b965472
      yupeng authored 
      

add document and examples for below counters:
TcpExtTCPOFOQueue
TcpExtTCPOFODrop
TcpExtTCPOFOMerge
TcpExtPAWSActive
TcpExtPAWSEstab
TcpExtTCPACKSkippedSynRecv
TcpExtTCPACKSkippedPAWS
TcpExtTCPACKSkippedSeq
TcpExtTCPACKSkippedFinWait2
TcpExtTCPACKSkippedTimeWait
TcpExtTCPACKSkippedChallenge

Signed-off-by: default avataryupeng <yupeng0921@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2b965472
    • Deepa Dinamani's avatar
      sock: Make sock->sk_stamp thread-safe · 3a0ed3e9
      Deepa Dinamani authored 
      

Al Viro mentioned (Message-ID
<20170626041334.GZ10672@ZenIV.linux.org.uk>)
that there is probably a race condition
lurking in accesses of sk_stamp on 32-bit machines.

sock->sk_stamp is of type ktime_t which is always an s64.
On a 32 bit architecture, we might run into situations of
unsafe access as the access to the field becomes non atomic.

Use seqlocks for synchronization.
This allows us to avoid using spinlocks for readers as
readers do not need mutual exclusion.

Another approach to solve this is to require sk_lock for all
modifications of the timestamps. The current approach allows
for timestamps to have their own lock: sk_stamp_lock.
This allows for the patch to not compete with already
existing critical sections, and side effects are limited
to the paths in the patch.

The addition of the new field maintains the data locality
optimizations from
commit 9115e8cd ("net: reorganize struct sock for better data
locality")

Note that all the instances of the sk_stamp accesses
are either through the ioctl or the syscall recvmsg.

Signed-off-by: default avatarDeepa Dinamani <deepa.kernel@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3a0ed3e9
  3. Jan 01, 2019
    • Tyrel Datwyler's avatar
      ibmveth: fix DMA unmap error in ibmveth_xmit_start error path · 756af9c6
      Tyrel Datwyler authored 
      

Commit 33a48ab1 ("ibmveth: Fix DMA unmap error") fixed an issue in the
normal code path of ibmveth_xmit_start() that was originally introduced by
Commit 6e8ab30e ("ibmveth: Add scatter-gather support"). This original
fix missed the error path where dma_unmap_page is wrongly called on the
header portion in descs[0] which was mapped with dma_map_single. As a
result a failure to DMA map any of the frags results in a dmesg warning
when CONFIG_DMA_API_DEBUG is enabled.

------------[ cut here ]------------
DMA-API: ibmveth 30000002: device driver frees DMA memory with wrong function
  [device address=0x000000000a430000] [size=172 bytes] [mapped as page] [unmapped as single]
WARNING: CPU: 1 PID: 8426 at kernel/dma/debug.c:1085 check_unmap+0x4fc/0xe10
...
<snip>
...
DMA-API: Mapped at:
ibmveth_start_xmit+0x30c/0xb60
dev_hard_start_xmit+0x100/0x450
sch_direct_xmit+0x224/0x490
__qdisc_run+0x20c/0x980
__dev_queue_xmit+0x1bc/0xf20

This fixes the API misuse by unampping descs[0] with dma_unmap_single.

Fixes: 6e8ab30e ("ibmveth: Add scatter-gather support")
Signed-off-by: default avatarTyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      756af9c6
  5. Dec 31, 2018
  7. Dec 30, 2018
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · f7d18ef6
      David S. Miller authored 
      

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for net, specifically
fixes for the nf_conncount infrastructure which is causing troubles
since 5c789e13 ("netfilter: nf_conncount: Add list lock and gc
worker, and RCU for init tree search"). Patches aim to simplify this
infrastructure while fixing up the problems:

1) Use fixed size CONNCOUNT_SLOTS in nf_conncount, from Shawn Bohrer.

2) Incorrect signedness in age calculation from find_or_evict(),
   from Florian Westphal.

3) Proper locking for the garbage collector workqueue callback,
   first make a patch to count how many nodes can be collected
   without holding locks, then grab lock and release them. Also
   from Florian.

4) Restart node lookup from the insertion path, after releasing nodes
   via packet path garbage collection. Shawn Bohrer described a scenario
   that may result in inserting a connection in an already dead list
   node. Patch from Florian.

5) Merge lookup and add function to avoid a hold release and re-grab.
   From Florian.

6) Be safe and iterate over the node lists under the spinlock.

7) Speculative list nodes removal via garbage collection, check if
   list node got a connection while it was scheduled for deletion
   via gc.

8) Accidental argument swap in find_next_bit() that leads to more
   frequent scheduling of the workqueue. From Florian Westphal.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f7d18ef6
  9. Dec 29, 2018
  11. Dec 28, 2018
    • Robert P. J. Day's avatar
      include/linux/phy/phy.h: fix minor kerneldoc errors · a3c9311f
      Robert P. J. Day authored 
      

Correct two minor kerneldoc errors:

 1) missing reference to @mode in struct phy_ops
 2) obsolete reference to @init_data in struct_phy_attrs,
    removed in dbc98635

Signed-off-by: default avatarRobert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a3c9311f
    • Robert P. J. Day's avatar
      phy.h: fix obvious errors in doc and kerneldoc content · d8de01b7
      Robert P. J. Day authored 
      

1) note that gianfar_phy.c was removed years ago
 2) fix obvious copy and paste error in regular doc
 3) change regular doc into kerneldoc for phy_modes()

Signed-off-by: default avatarRobert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d8de01b7
    • Wen Yang's avatar
      net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe() · 40752b3e
      Wen Yang authored 
      

This patch fixes potential double frees if register_hdlc_device() fails.

Signed-off-by: default avatarWen Yang <wen.yang99@zte.com.cn>
Reviewed-by: default avatarPeng Hao <peng.hao2@zte.com.cn>
CC: Zhao Qiang <qiang.zhao@nxp.com>
CC: "David S. Miller" <davem@davemloft.net>
CC: netdev@vger.kernel.org
CC: linuxppc-dev@lists.ozlabs.org
CC: linux-kernel@vger.kernel.org
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      40752b3e
    • Kangjie Lu's avatar
      net: marvell: fix a missing check of acpi_match_device · 92ee77d1
      Kangjie Lu authored 
      

When acpi_match_device fails, its return value is NULL. Directly using
the return value without a check may result in a NULL-pointer
dereference. The fix checks if acpi_match_device fails, and if so,
returns -EINVAL.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      92ee77d1
    • Kangjie Lu's avatar
      tipc: fix a missing check of genlmsg_put · 46273cf7
      Kangjie Lu authored 
      

genlmsg_put could fail. The fix inserts a check of its return value, and
if it fails, returns -EMSGSIZE.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      46273cf7
    • Kangjie Lu's avatar
      atl1e: checking the status of atl1e_write_phy_reg · ff07d48d
      Kangjie Lu authored 
      

atl1e_write_phy_reg() could fail. The fix issues an error message when
it fails.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ff07d48d
    • Kangjie Lu's avatar
      net: dsa: bcm_sf2: Propagate error value from mdio_write · e49505f7
      Kangjie Lu authored 
      

Both bcm_sf2_sw_indir_rw and mdiobus_write_nested could fail, so let's
return their error codes upstream.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e49505f7
    • Kangjie Lu's avatar
      net: stmicro: fix a missing check of clk_prepare · f86a3b83
      Kangjie Lu authored 
      

clk_prepare() could fail, so let's check its status, and if it fails,
return its error code upstream.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f86a3b83
    • Kangjie Lu's avatar
      net: (cpts) fix a missing check of clk_prepare · 2d822f2d
      Kangjie Lu authored 
      

clk_prepare() could fail, so let's check its status, and if it fails,
return its error code upstream.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2d822f2d
    • Kangjie Lu's avatar
      niu: fix missing checks of niu_pci_eeprom_read · 26fd962b
      Kangjie Lu authored 
      

niu_pci_eeprom_read() may fail, so we should check its return value
before using the read data.

Signed-off-by: default avatarKangjie Lu <kjlu@umn.edu>
Acked-by: default avatarShannon Nelson <shannon.lee.nelson@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      26fd962b
    • Aditya Pakki's avatar
      net: chelsio: Add a missing check on cudg_get_buffer · ca19fcb6
      Aditya Pakki authored 
      

cudbg_collect_hw_sched() could fail when the function cudg_get_buffer()
returns an error. The fix adds a check to the latter function returning
error on failure

Signed-off-by: default avatarAditya Pakki <pakki001@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ca19fcb6
    • Aditya Pakki's avatar
      ipv6/route: Add a missing check on proc_dointvec · f0fb9b28
      Aditya Pakki authored 
      

While flushing the cache via  ipv6_sysctl_rtcache_flush(), the call
to proc_dointvec() may fail. The fix adds a check that returns the
error, on failure.

Signed-off-by: default avatarAditya Pakki <pakki001@umn.edu>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f0fb9b28
    • Cong Wang's avatar
      tipc: fix a double free in tipc_enable_bearer() · dc4501ff
      Cong Wang authored 
      

bearer_disable() already calls kfree_rcu() to free struct tipc_bearer,
we don't need to call kfree() again.

Fixes: cb30a633 ("tipc: refactor function tipc_enable_bearer()")
Reported-by: default avatar <syzbot+b981acf1fb240c0c128b@syzkaller.appspotmail.com>
Cc: Ying Xue <ying.xue@windriver.com>
Cc: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      dc4501ff
    • Linus Torvalds's avatar
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · b71acb0e
      Linus Torvalds authored 
      Pull crypto updates from Herbert Xu:
 "API:
   - Add 1472-byte test to tcrypt for IPsec
   - Reintroduced crypto stats interface with numerous changes
   - Support incremental algorithm dumps

  Algorithms:
   - Add xchacha12/20
   - Add nhpoly1305
   - Add adiantum
   - Add streebog hash
   - Mark cts(cbc(aes)) as FIPS allowed

  Drivers:
   - Improve performance of arm64/chacha20
   - Improve performance of x86/chacha20
   - Add NEON-accelerated nhpoly1305
   - Add SSE2 accelerated nhpoly1305
   - Add AVX2 accelerated nhpoly1305
   - Add support for 192/256-bit keys in gcmaes AVX
   - Add SG support in gcmaes AVX
   - ESN for inline IPsec tx in chcr
   - Add support for CryptoCell 703 in ccree
   - Add support for CryptoCell 713 in ccree
   - Add SM4 support in ccree
   - Add SM3 support in ccree
   - Add support for chacha20 in caam/qi2
   - Add support for chacha20 + poly1305 in caam/jr
   - Add support for chacha20 + poly1305 in caam/qi2
   - Add AEAD cipher support in cavium/nitrox"

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (130 commits)
  crypto: skcipher - remove remnants of internal IV generators
  crypto: cavium/nitrox - Fix build with !CONFIG_DEBUG_FS
  crypto: salsa20-generic - don't unnecessarily use atomic walk
  crypto: skcipher - add might_sleep() to skcipher_walk_virt()
  crypto: x86/chacha - avoid sleeping under kernel_fpu_begin()
  crypto: cavium/nitrox - Added AEAD cipher support
  crypto: mxc-scc - fix build warnings on ARM64
  crypto: api - document missing stats member
  crypto: user - remove unused dump functions
  crypto: chelsio - Fix wrong error counter increments
  crypto: chelsio - Reset counters on cxgb4 Detach
  crypto: chelsio - Handle PCI shutdown event
  crypto: chelsio - cleanup:send addr as value in function argument
  crypto: chelsio - Use same value for both channel in single WR
  crypto: chelsio - Swap location of AAD and IV sent in WR
  crypto: chelsio - remove set but not used variable 'kctx_len'
  crypto: ux500 - Use proper enum in hash_set_dma_transfer
  crypto: ux500 - Use proper enum in cryp_set_dma_transfer
  crypto: aesni - Add scatter/gather avx stubs, and use them in C
  crypto: aesni - Introduce partial block macro
  ..
      b71acb0e
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next · e0c38a4d
      Linus Torvalds authored 
      Pull networking updates from David Miller:

 1) New ipset extensions for matching on destination MAC addresses, from
    Stefano Brivio.

 2) Add ipv4 ttl and tos, plus ipv6 flow label and hop limit offloads to
    nfp driver. From Stefano Brivio.

 3) Implement GRO for plain UDP sockets, from Paolo Abeni.

 4) Lots of work from Michał Mirosław to eliminate the VLAN_TAG_PRESENT
    bit so that we could support the entire vlan_tci value.

 5) Rework the IPSEC policy lookups to better optimize more usecases,
    from Florian Westphal.

 6) Infrastructure changes eliminating direct manipulation of SKB lists
    wherever possible, and to always use the appropriate SKB list
    helpers. This work is still ongoing...

 7) Lots of PHY driver and state machine improvements and
    simplifications, from Heiner Kallweit.

 8) Various TSO deferral refinements, from Eric Dumazet.

 9) Add ntuple filter support to aquantia driver, from Dmitry Bogdanov.

10) Batch dropping of XDP packets in tuntap, from Jason Wang.

11) Lots of cleanups and improvements to the r8169 driver from Heiner
    Kallweit, including support for ->xmit_more. This driver has been
    getting some much needed love since he started working on it.

12) Lots of new forwarding selftests from Petr Machata.

13) Enable VXLAN learning in mlxsw driver, from Ido Schimmel.

14) Packed ring support for virtio, from Tiwei Bie.

15) Add new Aquantia AQtion USB driver, from Dmitry Bezrukov.

16) Add XDP support to dpaa2-eth driver, from Ioana Ciocoi Radulescu.

17) Implement coalescing on TCP backlog queue, from Eric Dumazet.

18) Implement carrier change in tun driver, from Nicolas Dichtel.

19) Support msg_zerocopy in UDP, from Willem de Bruijn.

20) Significantly improve garbage collection of neighbor objects when
    the table has many PERMANENT entries, from David Ahern.

21) Remove egdev usage from nfp and mlx5, and remove the facility
    completely from the tree as it no longer has any users. From Oz
    Shlomo and others.

22) Add a NETDEV_PRE_CHANGEADDR so that drivers can veto the change and
    therefore abort the operation before the commit phase (which is the
    NETDEV_CHANGEADDR event). From Petr Machata.

23) Add indirect call wrappers to avoid retpoline overhead, and use them
    in the GRO code paths. From Paolo Abeni.

24) Add support for netlink FDB get operations, from Roopa Prabhu.

25) Support bloom filter in mlxsw driver, from Nir Dotan.

26) Add SKB extension infrastructure. This consolidates the handling of
    the auxiliary SKB data used by IPSEC and bridge netfilter, and is
    designed to support the needs to MPTCP which could be integrated in
    the future.

27) Lots of XDP TX optimizations in mlx5 from Tariq Toukan.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1845 commits)
  net: dccp: fix kernel crash on module load
  drivers/net: appletalk/cops: remove redundant if statement and mask
  bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw
  net/net_namespace: Check the return value of register_pernet_subsys()
  net/netlink_compat: Fix a missing check of nla_parse_nested
  ieee802154: lowpan_header_create check must check daddr
  net/mlx4_core: drop useless LIST_HEAD
  mlxsw: spectrum: drop useless LIST_HEAD
  net/mlx5e: drop useless LIST_HEAD
  iptunnel: Set tun_flags in the iptunnel_metadata_reply from src
  net/mlx5e: fix semicolon.cocci warnings
  staging: octeon: fix build failure with XFRM enabled
  net: Revert recent Spectre-v1 patches.
  can: af_can: Fix Spectre v1 vulnerability
  packet: validate address length if non-zero
  nfc: af_nfc: Fix Spectre v1 vulnerability
  phonet: af_phonet: Fix Spectre v1 vulnerability
  net: core: Fix Spectre v1 vulnerability
  net: minor cleanup in skb_ext_add()
  net: drop the unused helper skb_ext_get()
  ...
      e0c38a4d
    • Linus Torvalds's avatar
      Merge tag 'modules-for-v4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux · 7f9f852c
      Linus Torvalds authored 
      Pull modules updates from Jessica Yu:

 - Some modules-related kallsyms cleanups and a kallsyms fix for ARM.

 - Include keys from the secondary keyring in module signature
   verification.

* tag 'modules-for-v4.21' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
  ARM: module: Fix function kallsyms on Thumb-2
  module: Overwrite st_size instead of st_info
  module: make it clearer when we're handling kallsyms symbols vs exported symbols
  modsign: use all trusted keys to verify module signature
      7f9f852c