Skip to content
Permalink
Branch: landlock-v9
Commits on Jun 25, 2019
  1. landlock: Add user and kernel documentation for Landlock

    l0kod committed Jun 25, 2019
    This documentation can be built with the Sphinx framework.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Jonathan Corbet <corbet@lwn.net>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    ---
    
    Changes since v8:
    * remove documentation related to chaining and tagging according to this
      patch series
    
    Changes since v7:
    * update documentation according to the Landlock revamp
    
    Changes since v6:
    * add a check for ctx->event
    * rename BPF_PROG_TYPE_LANDLOCK to BPF_PROG_TYPE_LANDLOCK_RULE
    * rename Landlock version to ABI to better reflect its purpose and add a
      dedicated changelog section
    * update tables
    * relax no_new_privs recommendations
    * remove ABILITY_WRITE related functions
    * reword rule "appending" to "prepending" and explain it
    * cosmetic fixes
    
    Changes since v5:
    * update the rule hierarchy inheritance explanation
    * briefly explain ctx->arg2
    * add ptrace restrictions
    * explain EPERM
    * update example (subtype)
    * use ":manpage:"
  2. bpf,landlock: Add tests for Landlock

    l0kod committed Jun 25, 2019
    Test basic context access, ptrace protection and filesystem hooks.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    Cc: Shuah Khan <shuah@kernel.org>
    Cc: Will Drewry <wad@chromium.org>
    ---
    
    Changes since v8:
    * update eBPF include path for macros
    * use TEST_GEN_PROGS and use the generic "clean" target
    * add more verbose errors
    * update the bpf/verifier files
    * remove chain tests (from landlock and bpf/verifier)
    * replace the whitelist tests with blacklist tests (because of stateless
      Landlock programs): remove "dotdot" tests and other depth tests
    * sync the landlock Makefile with its bpf sibling directory and use
      bpf_load_program_xattr()
    
    Changes since v7:
    * update tests and add new ones for filesystem hierarchy and Landlock
      chains.
    
    Changes since v6:
    * use the new kselftest_harness.h
    * use const variables
    * replace ASSERT_STEP with ASSERT_*
    * rename BPF_PROG_TYPE_LANDLOCK to BPF_PROG_TYPE_LANDLOCK_RULE
    * force sample library rebuild
    * fix install target
    
    Changes since v5:
    * add subtype test
    * add ptrace tests
    * split and rename files
    * cleanup and rebase
  3. bpf: Add a Landlock sandbox example

    l0kod committed Jun 25, 2019
    Add a basic sandbox tool to launch a command which is denied access to a
    list of files and directories.
    
    Add to the bpf_load library the ability to handle a BPF program subtype.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    ---
    
    Changes since v8:
    * rewrite the landlock1 sample which deny access to a set of files or
      directories (i.e. simple blacklist) to fit with the previous patches
    * add "landlock1" to .gitignore
    * in bpf_load.c, pass the subtype with a call to
      bpf_load_program_xattr()
    
    Changes since v7:
    * rewrite the example using an inode map
    * add to bpf_load the ability to handle subtypes per program type
    
    Changes since v6:
    * check return value of load_and_attach()
    * allow to write on pipes
    * rename BPF_PROG_TYPE_LANDLOCK to BPF_PROG_TYPE_LANDLOCK_RULE
    * rename Landlock version to ABI to better reflect its purpose
    * use const variable (suggested by Kees Cook)
    * remove useless definitions (suggested by Kees Cook)
    * add detailed explanations (suggested by Kees Cook)
    
    Changes since v5:
    * cosmetic fixes
    * rebase
    
    Changes since v4:
    * write Landlock rule in C and compiled it with LLVM
    * remove cgroup handling
    * remove path handling: only handle a read-only environment
    * remove errno return codes
    
    Changes since v3:
    * remove seccomp and origin field: completely free from seccomp programs
    * handle more FS-related hooks
    * handle inode hooks and directory traversal
    * add faked but consistent view thanks to ENOENT
    * add /lib64 in the example
    * fix spelling
    * rename some types and definitions (e.g. SECCOMP_ADD_LANDLOCK_RULE)
    
    Changes since v2:
    * use BPF_PROG_ATTACH for cgroup handling
  4. landlock: Add ptrace restrictions

    l0kod committed Jun 25, 2019
    A landlocked process has less privileges than a non-landlocked process
    and must then be subject to additional restrictions when manipulating
    processes. To be allowed to use ptrace(2) and related syscalls on a
    target process, a landlocked process must have a subset of the target
    process' rules.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    ---
    
    Changes since v6:
    * factor out ptrace check
    * constify pointers
    * cleanup headers
    * use the new security_add_hooks()
  5. landlock: Handle filesystem access control

    l0kod committed Jun 25, 2019
    This add two Landlock hooks: FS_WALK and FS_PICK.
    
    The FS_WALK hook is used to walk through a file path. A program tied to
    this hook will be evaluated for each directory traversal except the last
    one if it is the leaf of the path.  It is important to differentiate
    this hook from FS_PICK to enable more powerful path evaluation in the
    future (cf. Landlock patch v8).
    
    The FS_PICK hook is used to validate a set of actions requested on a
    file. This actions are defined with triggers (e.g. read, write, open,
    append...).
    
    The Landlock LSM hook registration is done after other LSM to only run
    actions from user-space, via eBPF programs, if the access was granted by
    major (privileged) LSMs.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    ---
    
    Changes since v8:
    * add a new LSM_ORDER_LAST, cf. commit e2bc445 ("LSM: Introduce
      enum lsm_order")
    * add WARN_ON() for pointer dereferencement
    * remove the FS_GET subtype which rely on program chaining
    * remove the subtype option which was only used for chaining (with the
      "previous" field)
    * remove inode_lookup which depends on the (removed) nameidata security
      blob
    * remove eBPF helpers to get and set Landlock inode tags
    * do not use task LSM credentials (for now)
    
    Changes since v7:
    * major rewrite with clean Landlock hooks able to deal with file paths
    
    Changes since v6:
    * add 3 more sub-events: IOCTL, LOCK, FCNTL
      https://lkml.kernel.org/r/2fbc99a6-f190-f335-bd14-04bdeed35571@digikod.net
    * use the new security_add_hooks()
    * explain the -Werror=unused-function
    * constify pointers
    * cleanup headers
    
    Changes since v5:
    * split hooks.[ch] into hooks.[ch] and hooks_fs.[ch]
    * add more documentation
    * cosmetic fixes
    * rebase (SCALAR_VALUE)
    
    Changes since v4:
    * add LSM hook abstraction called Landlock event
      * use the compiler type checking to verify hooks use by an event
      * handle all filesystem related LSM hooks (e.g. file_permission,
        mmap_file, sb_mount...)
    * register BPF programs for Landlock just after LSM hooks registration
    * move hooks registration after other LSMs
    * add failsafes to check if a hook is not used by the kernel
    * allow partial raw value access form the context (needed for programs
      generated by LLVM)
    
    Changes since v3:
    * split commit
    * add hooks dealing with struct inode and struct path pointers:
      inode_permission and inode_getattr
    * add abstraction over eBPF helper arguments thanks to wrapping structs
  6. bpf,landlock: Add a new map type: inode

    l0kod committed Jun 25, 2019
    This new map store arbitrary 64-bits values referenced by inode keys.
    The map can be updated from user space with file descriptor pointing to
    inodes tied to a file system.  From an eBPF (Landlock) program point of
    view, such a map is read-only and can only be used to retrieved a
    64-bits value tied to a given inode.  This is useful to recognize an
    inode tagged by user space, without access right to this inode (i.e. no
    need to have a write access to this inode).
    
    Add dedicated BPF functions to handle this type of map:
    * bpf_inode_map_update_elem()
    * bpf_inode_map_lookup_elem()
    * bpf_inode_map_delete_elem()
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    Cc: Jann Horn <jann@thejh.net>
    ---
    
    Changes since v8:
    * remove prog chaining and object tagging to ease review
    * use bpf_map_init_from_attr()
    
    Changes since v7:
    * new design with a dedicated map and a BPF function to tie a value to
      an inode
    * add the ability to set or get a tag on an inode from a Landlock
      program
    
    Changes since v6:
    * remove WARN_ON() for missing dentry->d_inode
    * refactor bpf_landlock_func_proto() (suggested by Kees Cook)
    
    Changes since v5:
    * cosmetic fixes and rebase
    
    Changes since v4:
    * use a file abstraction (handle) to wrap inode, dentry, path and file
      structs
    * remove bpf_landlock_cmp_fs_beneath()
    * rename the BPF helper and move it to kernel/bpf/
    * tighten helpers accessible by a Landlock rule
    
    Changes since v3:
    * remove bpf_landlock_cmp_fs_prop() (suggested by Alexei Starovoitov)
    * add hooks dealing with struct inode and struct path pointers:
      inode_permission and inode_getattr
    * add abstraction over eBPF helper arguments thanks to wrapping structs
    * add bpf_landlock_get_fs_mode() helper to check file type and mode
    * merge WARN_ON() (suggested by Kees Cook)
    * fix and update bpf_helpers.h
    * use BPF_CALL_* for eBPF helpers (suggested by Alexei Starovoitov)
    * make handle arraymap safe (RCU) and remove buggy synchronize_rcu()
    * factor out the arraymay walk
    * use size_t to index array (suggested by Jann Horn)
    
    Changes since v2:
    * add MNT_INTERNAL check to only add file handle from user-visible FS
      (e.g. no anonymous inode)
    * replace struct file* with struct path* in map_landlock_handle
    * add BPF protos
    * fix bpf_landlock_cmp_fs_prop_with_struct_file()
  7. seccomp,landlock: Enforce Landlock programs per process hierarchy

    l0kod committed Jun 25, 2019
    The seccomp(2) syscall can be used by a task to apply a Landlock program
    to itself. As a seccomp filter, a Landlock program is enforced for the
    current task and all its future children. A program is immutable and a
    task can only add new restricting programs to itself, forming a list of
    programss.
    
    A Landlock program is tied to a Landlock hook. If the action on a kernel
    object is allowed by the other Linux security mechanisms (e.g. DAC,
    capabilities, other LSM), then a Landlock hook related to this kind of
    object is triggered. The list of programs for this hook is then
    evaluated. Each program return a 32-bit value which can deny the action
    on a kernel object with a non-zero value. If every programs of the list
    return zero, then the action on the object is allowed.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andrew Morton <akpm@linux-foundation.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    Cc: Will Drewry <wad@chromium.org>
    Link: https://lkml.kernel.org/r/c10a503d-5e35-7785-2f3d-25ed8dd63fab@digikod.net
    ---
    
    Changes since v8:
    * Remove the chaining concept from the eBPF program contexts (chain and
      cookie). We need to keep these subtypes this way to be able to make
      them evolve, though.
    
    Changes since v7:
    * handle and verify program chains
    * split and rename providers.c to enforce.c and enforce_seccomp.c
    * rename LANDLOCK_SUBTYPE_* to LANDLOCK_*
    
    Changes since v6:
    * rename some functions with more accurate names to reflect that an eBPF
      program for Landlock could be used for something else than a rule
    * reword rule "appending" to "prepending" and explain it
    * remove the superfluous no_new_privs check, only check global
      CAP_SYS_ADMIN when prepending a Landlock rule (needed for containers)
    * create and use {get,put}_seccomp_landlock() (suggested by Kees Cook)
    * replace ifdef with static inlined function (suggested by Kees Cook)
    * use get_user() (suggested by Kees Cook)
    * replace atomic_t with refcount_t (requested by Kees Cook)
    * move struct landlock_{rule,events} from landlock.h to common.h
    * cleanup headers
    
    Changes since v5:
    * remove struct landlock_node and use a similar inheritance mechanisme
      as seccomp-bpf (requested by Andy Lutomirski)
    * rename SECCOMP_ADD_LANDLOCK_RULE to SECCOMP_APPEND_LANDLOCK_RULE
    * rename file manager.c to providers.c
    * add comments
    * typo and cosmetic fixes
    
    Changes since v4:
    * merge manager and seccomp patches
    * return -EFAULT in seccomp(2) when user_bpf_fd is null to easely check
      if Landlock is supported
    * only allow a process with the global CAP_SYS_ADMIN to use Landlock
      (will be lifted in the future)
    * add an early check to exit as soon as possible if the current process
      does not have Landlock rules
    
    Changes since v3:
    * remove the hard link with seccomp (suggested by Andy Lutomirski and
      Kees Cook):
      * remove the cookie which could imply multiple evaluation of Landlock
        rules
      * remove the origin field in struct landlock_data
    * remove documentation fix (merged upstream)
    * rename the new seccomp command to SECCOMP_ADD_LANDLOCK_RULE
    * internal renaming
    * split commit
    * new design to be able to inherit on the fly the parent rules
    
    Changes since v2:
    * Landlock programs can now be run without seccomp filter but for any
      syscall (from the process) or interruption
    * move Landlock related functions and structs into security/landlock/*
      (to manage cgroups as well)
    * fix seccomp filter handling: run Landlock programs for each of their
      legitimate seccomp filter
    * properly clean up all seccomp results
    * cosmetic changes to ease the understanding
    * fix some ifdef
  8. bpf,landlock: Define an eBPF program type for Landlock hooks

    l0kod committed Jun 25, 2019
    Add a new type of eBPF program used by Landlock hooks. This type of
    program can be chained with the same eBPF program type (according to
    subtype rules). A state can be kept with a value available in the
    program's context (e.g. named "cookie" for Landlock programs).
    
    This new BPF program type will be registered with the Landlock LSM
    initialization.
    
    Add an initial Landlock Kconfig and update the MAINTAINERS file.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Andy Lutomirski <luto@amacapital.net>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Cc: James Morris <jmorris@namei.org>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Serge E. Hallyn <serge@hallyn.com>
    ---
    
    Changes since v8:
    * Remove the chaining concept from the eBPF program contexts (chain and
      cookie). We need to keep these subtypes this way to be able to make
      them evolve, though.
    * remove bpf_landlock_put_extra() because there is no more a "previous"
      field to free (for now)
    
    Changes since v7:
    * cosmetic fixes
    * rename LANDLOCK_SUBTYPE_* to LANDLOCK_*
    * cleanup UAPI definitions and move them from bpf.h to landlock.h
      (suggested by Alexei Starovoitov)
    * disable Landlock by default (suggested by Alexei Starovoitov)
    * rename BPF_PROG_TYPE_LANDLOCK_{RULE,HOOK}
    * update the Kconfig
    * update the MAINTAINERS file
    * replace the IOCTL, LOCK and FCNTL events with FS_PICK, FS_WALK and
      FS_GET hook types
    * add the ability to chain programs with an eBPF program file descriptor
      (i.e. the "previous" field in a Landlock subtype) and keep a state
      with a "cookie" value available from the context
    * add a "triggers" subtype bitfield to match specific actions (e.g.
      append, chdir, read...)
    
    Changes since v6:
    * add 3 more sub-events: IOCTL, LOCK, FCNTL
      https://lkml.kernel.org/r/2fbc99a6-f190-f335-bd14-04bdeed35571@digikod.net
    * rename LANDLOCK_VERSION to LANDLOCK_ABI to better reflect its purpose,
      and move it from landlock.h to common.h
    * rename BPF_PROG_TYPE_LANDLOCK to BPF_PROG_TYPE_LANDLOCK_RULE: an eBPF
      program could be used for something else than a rule
    * simplify struct landlock_context by removing the arch and syscall_nr fields
    * remove all eBPF map functions call, remove ABILITY_WRITE
    * refactor bpf_landlock_func_proto() (suggested by Kees Cook)
    * constify pointers
    * fix doc inclusion
    
    Changes since v5:
    * rename file hooks.c to init.c
    * fix spelling
    
    Changes since v4:
    * merge a minimal (not enabled) LSM code and Kconfig in this commit
    
    Changes since v3:
    * split commit
    * revamp the landlock_context:
      * add arch, syscall_nr and syscall_cmd (ioctl, fcntl…) to be able to
        cross-check action with the event type
      * replace args array with dedicated fields to ease the addition of new
        fields
  9. bpf: Add eBPF program subtype and is_valid_subtype() verifier

    l0kod committed Jun 25, 2019
    The goal of the program subtype is to be able to have different static
    fine-grained verifications for a unique program type.
    
    The struct bpf_verifier_ops gets a new optional function:
    is_valid_subtype(). This new verifier is called at the beginning of the
    eBPF program verification to check if the (optional) program subtype is
    valid.
    
    The new helper bpf_load_program_xattr() enables to verify a program with
    subtypes.
    
    For now, only Landlock eBPF programs are using a program subtype (see
    next commits) but this could be used by other program types in the
    future.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexei Starovoitov <ast@kernel.org>
    Cc: Daniel Borkmann <daniel@iogearbox.net>
    Cc: David S. Miller <davem@davemloft.net>
    Link: https://lkml.kernel.org/r/20160827205559.GA43880@ast-mbp.thefacebook.com
    ---
    
    Changes since v8:
    * use bpf_load_program_xattr() instead of bpf_load_program() and add
      bpf_verify_program_xattr() to deal with subtypes
    * remove put_extra() since there is no more "previous" field (for now)
    
    Changes since v7:
    * rename LANDLOCK_SUBTYPE_* to LANDLOCK_*
    * move subtype in bpf_prog_aux and use only one bit for has_subtype
      (suggested by Alexei Starovoitov)
    * wrap the prog_subtype with a prog_extra to be able to reference kernel
      pointers:
      * add an optional put_extra() function to struct bpf_prog_ops to be
        able to free the pointed data
      * replace all the prog_subtype with prog_extra in the struct
        bpf_verifier_ops functions
    * remove the ABI field (requested by Alexei Starovoitov)
    * rename subtype fields
    
    Changes since v6:
    * rename Landlock version to ABI to better reflect its purpose
    * fix unsigned integer checks
    * fix pointer cast
    * constify pointers
    * rebase
    
    Changes since v5:
    * use a prog_subtype pointer and make it future-proof
    * add subtype test
    * constify bpf_load_program()'s subtype argument
    * cleanup subtype initialization
    * rebase
    
    Changes since v4:
    * replace the "status" field with "version" (more generic)
    * replace the "access" field with "ability" (less confusing)
    
    Changes since v3:
    * remove the "origin" field
    * add an "option" field
    * cleanup comments
  10. fs,security: Add a new file access type: MAY_CHROOT

    l0kod committed Jun 25, 2019
    For compatibility reason, MAY_CHROOT is always set with MAY_CHDIR.
    However, this new flag enable to differentiate a chdir form a chroot.
    
    This is needed for the Landlock LSM to be able to evaluate a new root
    directory.
    
    Signed-off-by: Mickaël Salaün <mic@digikod.net>
    Cc: Alexander Viro <viro@zeniv.linux.org.uk>
    Cc: Casey Schaufler <casey@schaufler-ca.com>
    Cc: James Morris <jmorris@namei.org>
    Cc: John Johansen <john.johansen@canonical.com>
    Cc: Kees Cook <keescook@chromium.org>
    Cc: Paul Moore <paul@paul-moore.com>
    Cc: "Serge E. Hallyn" <serge@hallyn.com>
    Cc: Stephen Smalley <sds@tycho.nsa.gov>
    Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
    Cc: linux-fsdevel@vger.kernel.org
  11. selftests, bpf: Add test for veth native XDP

    tmakita authored and Alexei Starovoitov committed Jun 20, 2019
    Add a test case for veth native XDP. It checks if XDP_PASS, XDP_TX and
    XDP_REDIRECT work properly.
    
      $ cd tools/testing/selftests/bpf
      $ make \
      	TEST_CUSTOM_PROGS= \
      	TEST_GEN_PROGS= \
      	TEST_GEN_PROGS_EXTENDED= \
      	TEST_PROGS_EXTENDED= \
      	TEST_PROGS="test_xdp_veth.sh" \
      	run_tests
      TAP version 13
      1..1
      # selftests: bpf: test_xdp_veth.sh
      # PING 10.1.1.33 (10.1.1.33) 56(84) bytes of data.
      # 64 bytes from 10.1.1.33: icmp_seq=1 ttl=64 time=0.073 ms
      #
      # --- 10.1.1.33 ping statistics ---
      # 1 packets transmitted, 1 received, 0% packet loss, time 0ms
      # rtt min/avg/max/mdev = 0.073/0.073/0.073/0.000 ms
      # selftests: xdp_veth [PASS]
      ok 1 selftests: bpf: test_xdp_veth.sh
    
    Signed-off-by: Toshiaki Makita <toshiaki.makita1@gmail.com>
    Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: Alexei Starovoitov <ast@kernel.org>
  12. xsk: sample kernel code is now in libbpf

    regit authored and Alexei Starovoitov committed Jun 21, 2019
    Fix documentation that mention xdpsock_kern.c which has been
    replaced by code embedded in libbpf.
    
    Signed-off-by: Eric Leblond <eric@regit.org>
    Acked-by: Björn Töpel <bjorn.topel@intel.com>
    Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: Alexei Starovoitov <ast@kernel.org>
  13. libbpf: fix spelling mistake "conflictling" -> "conflicting"

    ColinIanKing authored and Alexei Starovoitov committed Jun 19, 2019
    There are several spelling mistakes in pr_warning messages. Fix these.
    
    Signed-off-by: Colin Ian King <colin.king@canonical.com>
    Acked-by: Andrii Nakryiko <andriin@fb.com>
    Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: Alexei Starovoitov <ast@kernel.org>
  14. samples: bpf: Remove bpf_debug macro in favor of bpf_printk

    mrostecki authored and Alexei Starovoitov committed Jun 18, 2019
    ibumad example was implementing the bpf_debug macro which is exactly the
    same as the bpf_printk macro available in bpf_helpers.h. This change
    makes use of bpf_printk instead of bpf_debug.
    
    Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
    Acked-by: Andrii Nakryiko <andriin@fb.com>
    Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Commits on Jun 23, 2019
  1. Merge branch 'ipv6-avoid-taking-refcnt-on-dst-during-route-lookup'

    davem330 committed Jun 23, 2019
    Wei Wang says:
    
    ====================
    ipv6: avoid taking refcnt on dst during route lookup
    
    Ipv6 route lookup code always grabs refcnt on the dst for the caller.
    But for certain cases, grabbing refcnt is not always necessary if the
    call path is rcu protected and the caller does not cache the dst.
    Another issue in the route lookup logic is:
    When there are multiple custom rules, we have to do the lookup into
    each table associated to each rule individually. And when we can't
    find the route in one table, we grab and release refcnt on
    net->ipv6.ip6_null_entry before going to the next table.
    This operation is completely redundant, and causes false issue because
    net->ipv6.ip6_null_entry is a shared object.
    
    This patch set introduces a new flag RT6_LOOKUP_F_DST_NOREF for route
    lookup callers to set, to avoid any manipulation on the dst refcnt. And
    it converts the major input and output path to use it.
    
    The performance gain is noticable.
    I ran synflood tests between 2 hosts under the same switch. Both hosts
    have 20G mlx NIC, and 8 tx/rx queues.
    Sender sends pure SYN flood with random src IPs and ports using trafgen.
    Receiver has a simple TCP listener on the target port.
    Both hosts have multiple custom rules:
    - For incoming packets, only local table is traversed.
    - For outgoing packets, 3 tables are traversed to find the route.
    The packet processing rate on the receiver is as follows:
    - Before the fix: 3.78Mpps
    - After the fix:  5.50Mpps
    
    v2->v3:
    - Handled fib6_rule_lookup() when CONFIG_IPV6_MULTIPLE_TABLES is not
      configured in patch 03 (suggested by David Ahern)
    - Removed the renaming of l3mdev_link_scope_lookup() in patch 05
      (suggested by David Ahern)
    - Moved definition of ip6_route_output_flags() from an inline function
      in /net/ipv6/route.c to net/ipv6/route.c in order to address kbuild
      error in patch 05
    
    v1->v2:
    - Added a helper ip6_rt_put_flags() in patch 3 suggested by David Miller
    ====================
    
    Reviewed-by: David Ahern <dsahern@gmail.com>
    Reviewed-by: Eric Dumazet <edumazet@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  2. ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF

    Wei Wang authored and davem330 committed Jun 21, 2019
    For tx path, in most cases, we still have to take refcnt on the dst
    cause the caller is caching the dst somewhere. But it still is
    beneficial to make use of RT6_LOOKUP_F_DST_NOREF flag while doing the
    route lookup. It is cause this flag prevents manipulating refcnt on
    net->ipv6.ip6_null_entry when doing fib6_rule_lookup() to traverse each
    routing table. The null_entry is a shared object and constant updates on
    it cause false sharing.
    
    We converted the current major lookup function ip6_route_output_flags()
    to make use of RT6_LOOKUP_F_DST_NOREF.
    
    Together with the change in the rx path, we see noticable performance
    boost:
    I ran synflood tests between 2 hosts under the same switch. Both hosts
    have 20G mlx NIC, and 8 tx/rx queues.
    Sender sends pure SYN flood with random src IPs and ports using trafgen.
    Receiver has a simple TCP listener on the target port.
    Both hosts have multiple custom rules:
    - For incoming packets, only local table is traversed.
    - For outgoing packets, 3 tables are traversed to find the route.
    The packet processing rate on the receiver is as follows:
    - Before the fix: 3.78Mpps
    - After the fix:  5.50Mpps
    
    Signed-off-by: Wei Wang <weiwan@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  3. ipv6: convert rx data path to not take refcnt on dst

    Wei Wang authored and davem330 committed Jun 21, 2019
    ip6_route_input() is the key function to do the route lookup in the
    rx data path. All the callers to this function are already holding rcu
    lock. So it is fairly easy to convert it to not take refcnt on the dst:
    We pass in flag RT6_LOOKUP_F_DST_NOREF and do skb_dst_set_noref().
    This saves a few atomic inc or dec operations and should boost
    performance overall.
    This also makes the logic more aligned with v4.
    
    Signed-off-by: Wei Wang <weiwan@google.com>
    Acked-by: Eric Dumazet <edumazet@google.com>
    Acked-by: Mahesh Bandewar <maheshb@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  4. ipv6: honor RT6_LOOKUP_F_DST_NOREF in rule lookup logic

    Wei Wang authored and davem330 committed Jun 21, 2019
    This patch specifically converts the rule lookup logic to honor this
    flag and not release refcnt when traversing each rule and calling
    lookup() on each routing table.
    Similar to previous patch, we also need some special handling of dst
    entries in uncached list because there is always 1 refcnt taken for them
    even if RT6_LOOKUP_F_DST_NOREF flag is set.
    
    Signed-off-by: Wei Wang <weiwan@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  5. ipv6: initialize rt6->rt6i_uncached in all pre-allocated dst entries

    Wei Wang authored and davem330 committed Jun 21, 2019
    Initialize rt6->rt6i_uncached on the following pre-allocated dsts:
    net->ipv6.ip6_null_entry
    net->ipv6.ip6_prohibit_entry
    net->ipv6.ip6_blk_hole_entry
    
    This is a preparation patch for later commits to be able to distinguish
    dst entries in uncached list by doing:
    !list_empty(rt6->rt6i_uncached)
    
    Signed-off-by: Wei Wang <weiwan@google.com>
    Acked-by: Eric Dumazet <edumazet@google.com>
    Acked-by: Mahesh Bandewar <maheshb@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  6. ipv6: introduce RT6_LOOKUP_F_DST_NOREF flag in ip6_pol_route()

    Wei Wang authored and davem330 committed Jun 21, 2019
    This new flag is to instruct the route lookup function to not take
    refcnt on the dst entry. The user which does route lookup with this flag
    must properly use rcu protection.
    ip6_pol_route() is the major route lookup function for both tx and rx
    path.
    In this function:
    Do not take refcnt on dst if RT6_LOOKUP_F_DST_NOREF flag is set, and
    directly return the route entry. The caller should be holding rcu lock
    when using this flag, and decide whether to take refcnt or not.
    
    One note on the dst cache in the uncached_list:
    As uncached_list does not consume refcnt, one refcnt is always returned
    back to the caller even if RT6_LOOKUP_F_DST_NOREF flag is set.
    Uncached dst is only possible in the output path. So in such call path,
    caller MUST check if the dst is in the uncached_list before assuming
    that there is no refcnt taken on the returned dst.
    
    Signed-off-by: Wei Wang <weiwan@google.com>
    Acked-by: Eric Dumazet <edumazet@google.com>
    Acked-by: Mahesh Bandewar <maheshb@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  7. doc: phy: document some PHY_INTERFACE_MODE_xxx settings

    Russell King authored and davem330 committed Jun 21, 2019
    There seems to be some confusion surrounding three PHY interface modes,
    specifically 1000BASE-X, 2500BASE-X and SGMII.  Add some documentation
    to phylib detailing precisely what these interface modes refer to.
    
    Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
    Reviewed-by: Andrew Lunn <andrew@lunn.ch>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  8. inet: fix compilation warnings in fqdir_pre_exit()

    cailca authored and davem330 committed Jun 20, 2019
    The linux-next commit "inet: fix various use-after-free in defrags
    units" [1] introduced compilation warnings,
    
    ./include/net/inet_frag.h:117:1: warning: 'inline' is not at beginning
    of declaration [-Wold-style-declaration]
     static void inline fqdir_pre_exit(struct fqdir *fqdir)
     ^~~~~~
    In file included from ./include/net/netns/ipv4.h:10,
                     from ./include/net/net_namespace.h:20,
                     from ./include/linux/netdevice.h:38,
                     from ./include/linux/icmpv6.h:13,
                     from ./include/linux/ipv6.h:86,
                     from ./include/net/ipv6.h:12,
                     from ./include/rdma/ib_verbs.h:51,
                     from ./include/linux/mlx5/device.h:37,
                     from ./include/linux/mlx5/driver.h:51,
                     from
    drivers/net/ethernet/mellanox/mlx5/core/pagealloc.c:37:
    
    [1] https://lore.kernel.org/netdev/20190618180900.88939-3-edumazet@google.com/
    
    Signed-off-by: Qian Cai <cai@lca.pw>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  9. net: dsa: mv88e6xxx: introduce helpers for handling chip->reg_lock

    Rasmus Villemoes authored and davem330 committed Jun 20, 2019
    This is a no-op that simply moves all locking and unlocking of
    ->reg_lock into trivial helpers. I did that to be able to easily add
    some ad hoc instrumentation to those helpers to get some information
    on contention and hold times of the mutex. Perhaps others want to do
    something similar at some point, so this frees them from doing the
    'sed -i' yoga, and have a much smaller 'git diff' while fiddling.
    
    Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
    Reviewed-by: Vivien Didelot <vivien.didelot@gmail.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  10. net: ena: Fix bug where ring allocation backoff stopped too late

    sameehj authored and davem330 committed Jun 23, 2019
    The current code of create_queues_with_size_backoff() allows the ring size
    to become as small as ENA_MIN_RING_SIZE/2. This is a bug since we don't
    want the queue ring to be smaller than ENA_MIN_RING_SIZE
    
    In this commit we change the loop's termination condition to look at the
    queue size of the next iteration instead of that of the current one,
    so that the minimal queue size again becomes ENA_MIN_RING_SIZE.
    
    Fixes: eece4d2 ("net: ena: add ethtool function for changing io queue sizes")
    
    Signed-off-by: Arthur Kiyanovski <akiyano@amazon.com>
    Signed-off-by: Sameeh Jubran <sameehj@amazon.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  11. hinic: fix dereference of pointer hwdev before it is null checked

    ColinIanKing authored and davem330 committed Jun 20, 2019
    Currently pointer hwdev is dereferenced when assigning hwif before
    hwdev is null checked.  Fix this by only derefencing hwdev after the
    null check.
    
    Addresses-Coverity: ("Dereference before null check")
    Fixes: 4fdc51b ("hinic: add support for rss parameters with ethtool")
    Signed-off-by: Colin Ian King <colin.king@canonical.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
Commits on Jun 22, 2019
  1. Merge branch 'net-mediatek-Add-MT7621-TRGMII-mode-support'

    davem330 committed Jun 22, 2019
    René van Dorst says:
    
    ====================
    net: mediatek: Add MT7621 TRGMII mode support
    
    Like many other mediatek SOCs, the MT7621 SOC and the internal MT7530
    switch both supports TRGMII mode. MT7621 TRGMII speed is fix 1200MBit.
    
    v1->v2:
     - Fix breakage on non MT7621 SOC
     - Support 25MHz and 40MHz XTAL as MT7530 clocksource
    ====================
    
    Tested-by: "Frank Wunderlich" <frank-w@public-files.de>
    Acked-by: Sean Wang <sean.wang@kernel.org>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  2. net: dsa: mt7530: Add MT7621 TRGMII mode support

    vDorst authored and davem330 committed Jun 20, 2019
    This patch add support TRGMII mode for MT7621 internal MT7530 switch.
    MT7621 TRGMII has only one fix speed mode of 1200MBit.
    
    Also adding support for mt7530 25MHz and 40MHz crystal clocksource.
    Values are based on Banana Pi R2 bsp [1].
    
    Don't change MT7623 registers on a MT7621 device.
    
    [1] https://github.com/BPI-SINOVOIP/BPI-R2-bsp/blob/master/linux-mt/drivers/net/ethernet/mediatek/gsw_mt7623.c#L769
    
    Signed-off-by: René van Dorst <opensource@vdorst.com>
    Tested-by: Frank Wunderlich <frank-w@public-files.de>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  3. net: ethernet: mediatek: Add MT7621 TRGMII mode support

    vDorst authored and davem330 committed Jun 20, 2019
    MT7621 SOC also supports TRGMII.
    TRGMII speed is 1200MBit.
    
    Signed-off-by: René van Dorst <opensource@vdorst.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  4. netns: restore ops before calling ops_exit_list

    Li RongQing authored and davem330 committed Jun 20, 2019
    ops has been iterated to first element when call pre_exit, and
    it needs to restore from save_ops, not save ops to save_ops
    
    Fixes: d7d9987 ("netns: add pre_exit method to struct pernet_operations")
    Signed-off-by: Li RongQing <lirongqing@baidu.com>
    Reviewed-by: Eric Dumazet <edumazet@google.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  5. ipv6: Error when route does not have any valid nexthops

    idosch authored and davem330 committed Jun 20, 2019
    When user space sends invalid information in RTA_MULTIPATH, the nexthop
    list in ip6_route_multipath_add() is empty and 'rt_notif' is set to
    NULL.
    
    The code that emits the in-kernel notifications does not check for this
    condition, which results in a NULL pointer dereference [1].
    
    Fix this by bailing earlier in the function if the parsed nexthop list
    is empty. This is consistent with the corresponding IPv4 code.
    
    v2:
    * Check if parsed nexthop list is empty and bail with extack set
    
    [1]
    kasan: CONFIG_KASAN_INLINE enabled
    kasan: GPF could be caused by NULL-ptr deref or user memory access
    general protection fault: 0000 [#1] PREEMPT SMP KASAN
    CPU: 0 PID: 9190 Comm: syz-executor149 Not tainted 5.2.0-rc5+ torvalds#38
    Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
    Google 01/01/2011
    RIP: 0010:call_fib6_multipath_entry_notifiers+0xd1/0x1a0
    net/ipv6/ip6_fib.c:396
    Code: 8b b5 30 ff ff ff 48 c7 85 68 ff ff ff 00 00 00 00 48 c7 85 70 ff ff
    ff 00 00 00 00 89 45 88 4c 89 e0 48 c1 e8 03 4c 89 65 80 <42> 80 3c 28 00
    0f 85 9a 00 00 00 48 b8 00 00 00 00 00 fc ff df 4d
    RSP: 0018:ffff88809788f2c0 EFLAGS: 00010246
    RAX: 0000000000000000 RBX: 1ffff11012f11e59 RCX: 00000000ffffffff
    RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
    RBP: ffff88809788f390 R08: ffff88809788f8c0 R09: 000000000000000c
    R10: ffff88809788f5d8 R11: ffff88809788f527 R12: 0000000000000000
    R13: dffffc0000000000 R14: ffff88809788f8c0 R15: ffffffff89541d80
    FS:  000055555632c880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
    CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
    CR2: 0000000020000080 CR3: 000000009ba7c000 CR4: 00000000001406f0
    DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
    DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
    Call Trace:
      ip6_route_multipath_add+0xc55/0x1490 net/ipv6/route.c:5094
      inet6_rtm_newroute+0xed/0x180 net/ipv6/route.c:5208
      rtnetlink_rcv_msg+0x463/0xb00 net/core/rtnetlink.c:5219
      netlink_rcv_skb+0x177/0x450 net/netlink/af_netlink.c:2477
      rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:5237
      netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
      netlink_unicast+0x531/0x710 net/netlink/af_netlink.c:1328
      netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1917
      sock_sendmsg_nosec net/socket.c:646 [inline]
      sock_sendmsg+0xd7/0x130 net/socket.c:665
      ___sys_sendmsg+0x803/0x920 net/socket.c:2286
      __sys_sendmsg+0x105/0x1d0 net/socket.c:2324
      __do_sys_sendmsg net/socket.c:2333 [inline]
      __se_sys_sendmsg net/socket.c:2331 [inline]
      __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2331
      do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301
      entry_SYSCALL_64_after_hwframe+0x49/0xbe
    RIP: 0033:0x4401f9
    Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7
    48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
    ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
    RSP: 002b:00007ffc09fd0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
    RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401f9
    RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
    RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
    R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a80
    R13: 0000000000401b10 R14: 0000000000000000 R15: 0000000000000000
    
    Reported-by: syzbot+382566d339d52cd1a204@syzkaller.appspotmail.com
    Fixes: ebee3ca ("ipv6: Add IPv6 multipath notifications for add / replace")
    Signed-off-by: Ido Schimmel <idosch@mellanox.com>
    Reviewed-by: Jiri Pirko <jiri@mellanox.com>
    Reviewed-by: David Ahern <dsahern@gmail.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  6. fjes: no need to check return value of debugfs_create functions

    gregkh authored and davem330 committed Jun 20, 2019
    When calling debugfs functions, there is no need to ever check the
    return value.  The function can work or not, but the code logic should
    never do something different based on this.
    
    Cc: "David S. Miller" <davem@davemloft.net>
    Cc: Yangtao Li <tiny.windzz@gmail.com>
    Cc: netdev@vger.kernel.org
    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  7. net: fastopen: robustness and endianness fixes for SipHash

    ardbiesheuvel authored and davem330 committed Jun 19, 2019
    Some changes to the TCP fastopen code to make it more robust
    against future changes in the choice of key/cookie size, etc.
    
    - Instead of keeping the SipHash key in an untyped u8[] buffer
      and casting it to the right type upon use, use the correct
      type directly. This ensures that the key will appear at the
      correct alignment if we ever change the way these data
      structures are allocated. (Currently, they are only allocated
      via kmalloc so they always appear at the correct alignment)
    
    - Use DIV_ROUND_UP when sizing the u64[] array to hold the
      cookie, so it is always of sufficient size, even if
      TCP_FASTOPEN_COOKIE_MAX is no longer a multiple of 8.
    
    - Drop the 'len' parameter from the tcp_fastopen_reset_cipher()
      function, which is no longer used.
    
    - Add endian swabbing when setting the keys and calculating the hash,
      to ensure that cookie values are the same for a given key and
      source/destination address pair regardless of the endianness of
      the server.
    
    Note that none of these are functional changes wrt the current
    state of the code, with the exception of the swabbing, which only
    affects big endian systems.
    
    Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
    Signed-off-by: David S. Miller <davem@davemloft.net>
  8. Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

    davem330 committed Jun 22, 2019
    Minor SPDX change conflict.
    
    Signed-off-by: David S. Miller <davem@davemloft.net>
  9. Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

    torvalds committed Jun 22, 2019
    Pull networking fixes from David Miller:
    
     1) Fix leak of unqueued fragments in ipv6 nf_defrag, from Guillaume
        Nault.
    
     2) Don't access the DDM interface unless the transceiver implements it
        in bnx2x, from Mauro S. M. Rodrigues.
    
     3) Don't double fetch 'len' from userspace in sock_getsockopt(), from
        JingYi Hou.
    
     4) Sign extension overflow in lio_core, from Colin Ian King.
    
     5) Various netem bug fixes wrt. corrupted packets from Jakub Kicinski.
    
     6) Fix epollout hang in hvsock, from Sunil Muthuswamy.
    
     7) Fix regression in default fib6_type, from David Ahern.
    
     8) Handle memory limits in tcp_fragment more appropriately, from Eric
        Dumazet.
    
    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (24 commits)
      tcp: refine memory limit test in tcp_fragment()
      inet: clear num_timeout reqsk_alloc()
      net: mvpp2: debugfs: Add pmap to fs dump
      ipv6: Default fib6_type to RTN_UNICAST when not set
      net: hns3: Fix inconsistent indenting
      net/af_iucv: always register net_device notifier
      net/af_iucv: build proper skbs for HiperTransport
      net/af_iucv: remove GFP_DMA restriction for HiperTransport
      net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
      hvsock: fix epollout hang from race condition
      net/udp_gso: Allow TX timestamp with UDP GSO
      net: netem: fix use after free and double free with packet corruption
      net: netem: fix backlog accounting for corrupted GSO frames
      net: lio_core: fix potential sign-extension overflow on large shift
      tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
      ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
      ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
      tun: wake up waitqueues after IFF_UP is set
      net: remove duplicate fetch in sock_getsockopt
      tipc: fix issues with early FAILOVER_MSG from peer
      ...
  10. Merge branch 'PCI-let-pci_disable_link_state-propagate-errors'

    davem330 committed Jun 22, 2019
    Heiner Kallweit says:
    
    ====================
    PCI: let pci_disable_link_state propagate errors
    
    Drivers like r8169 rely on pci_disable_link_state() having disabled
    certain ASPM link states. If OS can't control ASPM then
    pci_disable_link_state() turns into a no-op w/o informing the caller.
    The driver therefore may falsely assume the respective ASPM link
    states are disabled. Let pci_disable_link_state() propagate errors
    to the caller, enabling the caller to react accordingly.
    
    I'd propose to let this series go through the netdev tree if the PCI
    core extension is acked by the PCI people.
    ====================
    
    Signed-off-by: David S. Miller <davem@davemloft.net>
Older
You can’t perform that action at this time.