RFE: add NETFILTER_PKT tests #43
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Test for simplified normalized NETFILTER_PKT audit message. Check for receipt of each nfmarked packet and for correct number of fields. See: linux-audit/audit-kernel#11 Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
Feb 26, 2017
Eliminate flipping in and out of message fields, dropping fields in the process. Sample raw message format IPv4 UDP: type=NETFILTER_PKT msg=audit(1487874761.386:228): mark=0xae8a2732 saddr=127.0.0.1 daddr=127.0.0.1 proto=17^] Sample raw message format IPv6 ICMP6: type=NETFILTER_PKT msg=audit(1487874761.381:227): mark=0x223894b7 saddr=::1 daddr=::1 proto=58^] Issue: linux-audit/audit-kernel#11 Test case: linux-audit/audit-testsuite#43 Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
pcmoore
changed the title
|
Added one comment about checking all the fields, otherwise this looks good. |
Add support for tcp. Add checks for saddr, daddr and proto field verification. Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
pcmoore
pushed a commit
to linux-audit/audit-kernel
that referenced
this pull request
Mar 23, 2017
Eliminate flipping in and out of message fields, dropping fields in the process. Sample raw message format IPv4 UDP: type=NETFILTER_PKT msg=audit(1487874761.386:228): mark=0xae8a2732 saddr=127.0.0.1 daddr=127.0.0.1 proto=17^] Sample raw message format IPv6 ICMP6: type=NETFILTER_PKT msg=audit(1487874761.381:227): mark=0x223894b7 saddr=::1 daddr=::1 proto=58^] Issue: #11 Test case: linux-audit/audit-testsuite#43 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
|
I haven't really reviewed these last changes in depth, but yes, we should add the ICMPv6 test. I'll probably just squash all three commits into one during the merge. |
pcmoore
pushed a commit
to linux-audit/audit-kernel
that referenced
this pull request
Apr 11, 2017
Eliminate flipping in and out of message fields, dropping fields in the process. Sample raw message format IPv4 UDP: type=NETFILTER_PKT msg=audit(1487874761.386:228): mark=0xae8a2732 saddr=127.0.0.1 daddr=127.0.0.1 proto=17^] Sample raw message format IPv6 ICMP6: type=NETFILTER_PKT msg=audit(1487874761.381:227): mark=0x223894b7 saddr=::1 daddr=::1 proto=58^] Issue: #11 Test case: linux-audit/audit-testsuite#43 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
|
When I ran this test just now I noticed that it is a bit noisy and doesn't clean up after itself: My system's iptables configuration before running the tests: ... and after the tests: |
|
I need more information about why it is failing. Can you also list the mangle tables? On my rawhide VM (recent audit-next 4.8 kernel and audit-2.7.3-1.fc26.x86_64) and RHEL7 VM (3.10.0-643.el7.test.x86_64 and audit-2.6.5-3.el7.x86_64) both are clean with no ip*tables evidence left behind. As suggested by Ondrej, I run the test with:
Can you issue |
|
After spending some time on this today it appears to be a kernel issue with the netfilter ICMP type match. @rgbriggs it sounds like you are running an older Rawhide kernel, can you verify this with a newer kernel on your system? Test using the latest pcmoore/kernel-secnext kernel and a rule that specifies an ICMP type:NOTE: similar results were obtained with the vanilla 4.11.0-0.rc7.git3.1.fc27.x86_64 Rawhide kernel. Test using the pcmoore/kernel-secnext kernel and a rule that DOES NOT specify an ICMP type:NOTE: similar results were obtained with the vanilla 4.11.0-0.rc7.git3.1.fc27.x86_64 Rawhide kernel. Test using the latest F25 kernel: |
|
On 2017-04-24 14:48, Paul Moore wrote:
After spending some time on this today it appears to be a kernel issue
with the netfilter ICMP type match. @rgbriggs it sounds like you are
running an older Rawhide kernel, can you verify this with a newer kernel
on your system?
:-P I was running your 4.8 audit-next tree.
#### Test using the latest pcmoore/kernel-secnext kernel and a rule that specifies an ICMP type:
# uname -r
4.11.0-0.rc7.git0.1.1.secnext.fc27.x86_64
# uname -r
4.11.0-rc3-ghak__-unswing-cap-fields+
# rpm -qa iptables
iptables-1.6.1-2.fc26.x86_64
# rpm -qa iptables
iptables-1.6.0-3.fc26.x86_64
# iptables -t mangle -S
-P INPUT ACCEPT
Mine is much more polluted, but the target is there.
# iptables -t mangle -A INPUT -i lo -p icmp --icmp-type 8 -j MARK --set-mark 0xdeadbeef
# iptables -t mangle -S
-P INPUT ACCEPT
-A INPUT -i lo -p icmp -m icmp --icmp-type 8 -j MARK --set-xmark 0xdeadbeef/0xffffffff
I get the same.
# iptables -t mangle -D INPUT -i lo -p icmp --icmp-type 8 -j MARK --set-mark 0xdeadbeef
iptables: No chain/target/match by that name.
I confirm the same on 4.11, but not on 4.8.
#### Test using the pcmoore/kernel-secnext kernel and a rule that DOES NOT specify an ICMP type:
# iptables -t mangle -S
-P INPUT ACCEPT
# iptables -t mangle -A INPUT -i lo -p icmp -j MARK --set-mark 0xdeadbeef
# iptables -t mangle -S
-P INPUT ACCEPT
-A INPUT -i lo -p icmp -j MARK --set-xmark 0xdeadbeef/0xffffffff
# iptables -t mangle -D INPUT -i lo -p icmp -j MARK --set-mark 0xdeadbeef
# iptables -t mangle -S
-P INPUT ACCEPT
#### Test using the latest F25 kernel:
# uname -r
4.10.10-200.fc25.x86_64
# iptables -t mangle -S
-P INPUT ACCEPT
# iptables -t mangle -A INPUT -i lo -p icmp --icmp-type 8 -j MARK --set-mark 0xdeadbeef
# iptables -t mangle -S
-P INPUT ACCEPT
-A INPUT -i lo -p icmp -m icmp --icmp-type 8 -j MARK --set-xmark 0xdeadbeef/0xffffffff
# iptables -t mangle -D INPUT -i lo -p icmp --icmp-type 8 -j MARK --set-mark 0xdeadbeef
# iptables -t mangle -S
-P INPUT ACCEPT
Ok, so this looks like a kernel bug or maybe an API change (which Linus
will declare a bug) in 4.11, since the iptables package hasn't changed.
- RGB
…--
Richard Guy Briggs <rgb@redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
|
Then you must be using an old audit/next branch; the audit/next branch has been based against 4.11-rc3 for several weeks now. Regardless, you saw I was testing with a 4.11-rcX based kernel, I'm surprised you didn't try reproducing that (I first reported problems about a week ago). For reference, the kernel-secnext kernels have the audit/next, audit/stable-<latest>, selinux/next, and selinux/stable-<latest> branches merged on top of the latest Rawhide kernels. This is what I use for my weekly testing, and what your patches/PRs will likely need to pass to get merged.
Good, that is what I expected. My F25 tests were on a 4.10 kernel so I would expect 4.8 to work (not a 100% given, but likely).
Any sane kernel developer is going to declare this a bug, that shouldn't be an issue. Regardless, it does impact this test and I see two paths forward for this test:
... if you want to take option 2, let me know so I can report this bug to netdev. |
|
On 2017-04-25 05:05, Paul Moore wrote:
> :-P I was running your 4.8 audit-next tree.
Then you must be using an old audit/next branch; the audit/next branch
has been based against 4.11-rc3 for several weeks now. Regardless, you
saw I was testing with a 4.11-rcX based kernel, I'm surprised you didn't
try reproducing that (I first reported problems about a week ago).
That patch was upstreamed before you jumped to v4.11-rcX. I simply
re-tested on that. Given the symptoms, I honestly had trouble believing
that it was a very new/recent kernel bug that affected only one option
of an iptables command, and with the initial report, it didn't appear
that there was enough information to track it down yet without more
detailed output.
For reference, the kernel-secnext kernels have the audit/next,
audit/stable-\<latest\>, selinux/next, and selinux/stable-\<latest\>
branches merged on top of the latest Rawhide kernels. This is what I
use for my weekly testing, and what your patches/PRs will likely need to
pass to get merged.
* https://copr.fedorainfracloud.org/coprs/pcmoore/kernel-secnext
* http://www.paul-moore.com/docs/flock-kernel_testing_bleeding_edge-pmoore-072016-r2.pdf
> I confirm the same on 4.11, but not on 4.8.
Good, that is what I expected. My F25 tests were on a 4.10 kernel so
I would expect 4.8 to work (not a 100% given, but likely).
> Ok, so this looks like a kernel bug or maybe an API change (which
> Linus will declare a bug) in 4.11, since the iptables package hasn't
> changed.
Any sane kernel developer is going to declare this a bug, that
shouldn't be an issue. Regardless, it does impact this test and I see
two paths forward for this test: >
1. Debug the kernel issue and submit a fix upstream.
2. Rewrite the test to using something other than ICMP type matching in the netfilter rules.
... if you want to take option 2, let me know so I can report this bug to netdev.
If this test had been merged when the upstream code that depended on it
passing had been merged, then we would have gotten to this stage and
either fixed the bug and submitted a patch upstream or reported it
upstream and not needed to work around it.
I'd still say that ICMP test is valid and needed since I wanted to test
both control and data variants of ipv4 and ipv6 packets.
I'll have a look to see if I can track down this bug. If I end up
spending too much time on it, I'll punt upstream.
- RGB
|
The point remains that I reported problems using a different kernel than you had tested on, which is okay given when you submitted this PR, but instead of trying a more recent kernel you simply kicked it back. It seems like trying to reproduce this on the reported kernel (or at least any v4.11 kernel) would be a very reasonable thing to do, especially since all it would have taken would be a "dnf update". Instead I spent several hours debugging the test only to find that this is easily reproduced. That makes me grumpy. Reporting my findings here and seeing you respond back the way you have makes me even more grumpy. As a FYI, making maintainers grumpy is not a good way to get your code accepted.
The review loop for this PR has been going on during the v4.11 cycle, the kernel code is still in audit/next. If you would prefer I can pull your NETFILTER_PKT patches from audit/next? Perhaps in the future I need to be stricter about the dependencies between the kernel patches and the tests so that the kernel patches only go in once the tests have been given the "ok".
I probably wasn't clear in my previous comments. Yes, I agree, the ICMP tests are valid, however, I'm not going to merge a test with known failures, even if those failures are likely due to unrelated issues/bugs. That is why I suggested reworking the test as one path forward; it isn't my preferred choice, but it is a choice.
Okay, I won't bother reporting this to netdev then, you can share the investigation in this thread/PR with them. |
sudipm-mukherjee
pushed a commit
to sudipm-mukherjee/parport
that referenced
this pull request
May 3, 2017
Eliminate flipping in and out of message fields, dropping fields in the process. Sample raw message format IPv4 UDP: type=NETFILTER_PKT msg=audit(1487874761.386:228): mark=0xae8a2732 saddr=127.0.0.1 daddr=127.0.0.1 proto=17^] Sample raw message format IPv6 ICMP6: type=NETFILTER_PKT msg=audit(1487874761.381:227): mark=0x223894b7 saddr=::1 daddr=::1 proto=58^] Issue: linux-audit/audit-kernel#11 Test case: linux-audit/audit-testsuite#43 Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
May 5, 2017
GIT 46f0537b1ecf672052007c97f102a7e6bf0791e4
commit ec8a09fbbeff252c80daf62c7a78342003dddf9c
Author: Jon Paul Maloy <jon.maloy@ericsson.com>
Date: Tue May 2 18:16:54 2017 +0200
tipc: refactor function tipc_sk_recv_stream()
We try to make this function more readable by improving variable names
and comments, using more stack variables, and doing some smaller changes
to the logics. We also rename the function to make it consistent with
naming conventions used elsewhere in the code.
Reviewed-by: Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan@ericsson.com>
Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e9f8b10101c6da3ab000a2fb17162374c9bd2c69
Author: Jon Paul Maloy <jon.maloy@ericsson.com>
Date: Tue May 2 18:16:53 2017 +0200
tipc: refactor function tipc_sk_recvmsg()
We try to make this function more readable by improving variable names
and comments, plus some minor changes to the logics.
Reviewed-by: Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan@ericsson.com>
Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 773225388dae15e72790d6f573e2e70e96292b6b
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:58 2017 +0530
net: thunderx: Optimize page recycling for XDP
Driver follows a method of taking one extra reference on the
page for recycling which is fine in usual packet path where
each 64KB page is segmented into multiple receive buffers.
But in XDP mode since there is just one receive buffer per
page taking extra page reference itself becomes big bottleneck
consuming ~50% of CPU cycles due to atomic operations.
This patch adds a internal ref count in pgcache for each
page and additional page references are taken in a batch
instead of just one at a time. Internal i.e 'pgcache->ref_count'
and page's i.e 'page->_refcount' counters are compared to check
page's recyclability.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e3d06ff9ec9400b93bacf8fa92f3985c9412e282
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:57 2017 +0530
net: thunderx: Support for XDP header adjustment
When in XDP mode reserve XDP_PACKET_HEADROOM bytes at the start
of receive buffer for XDP program to modify headers and adjust
packet start. Additional code changes done to handle such packets.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 16f2bccda75da48888772c4829a468be620c5d79
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:56 2017 +0530
net: thunderx: Add support for XDP_TX
Adds support for XDP_TX i.e transmits packet out of
the XDP TX queue mapped to the corresponding Rx queue
on which packet is received.
Since SQ for XDP TX will be used only on a single cpu i.e
SQ description creation and freeing, using atomic free count
is not necessary and will become a bottleneck. Hence added
a separate 'xdp_free_cnt' used for SQs designated for XDP
to track descriptor free count.
Changes also include
- A new entry 'xdp_page' is added to save transmitted packet's
page pointer for later cleanup.
- XDP Tx SQ's doorbell is ringed once per NAPI instance.
- Retrieving designated SQ for packets being sent out by stack
via 'nicvf_xmit'.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit c56d91ce38d54c0c0dd8d0e4c6a9e0cfa557152f
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:55 2017 +0530
net: thunderx: Add support for XDP_DROP
Adds support for XDP_DROP.
Also since in XDP mode there is just a single buffer per page,
made changes to recycle DMA mapping info as well along with pages.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 05c773f52b96ef3fbc7d9bfa21caadc6247ef7a8
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:54 2017 +0530
net: thunderx: Add basic XDP support
Adds basic XDP support i.e attaching a BPF program to an
interface. Also takes care of allocating separate Tx queues
for XDP path and for network stack packet transmission.
This patch doesn't support handling of any of the XDP actions,
all are treated as XDP_PASS i.e packets will be handed over to
the network stack.
Changes also involve allocating one receive buffer per page in XDP
mode and multiple in normal mode i.e when no BPF program is attached.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 927987f39f116db477fcd74ced2a2aea940e585c
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:53 2017 +0530
net: thunderx: Cleanup receive buffer allocation
Get rid of unnecessary double pointer references and type casting
in receive buffer allocation code.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 0dada88b8cd74569abc3dda50f1b268a5868f6f2
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:52 2017 +0530
net: thunderx: Optimize CQE_TX handling
Optimized CQE handling with below changes
- Feeing descriptors back to SQ in bulk i.e once per NAPI
instance instead for every CQE_TX, this will reduce number
of atomic updates to 'sq->free_cnt'.
- Checking errors in CQE_TX and CQE_RX before calling appropriate
fn()s to update error stats i.e reduce branching.
Also removed debug messages in packet handling path which otherwise
causes issues if DEBUG is enabled.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 5e848e4c5d77438e126c97702ec3bea477f550a9
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:51 2017 +0530
net: thunderx: Optimize RBDR descriptor handling
Receive buffer's physical address or iova will anyway not
go beyond 49bits, since it is the max supported HW address.
As per perf, updating bitfields i.e buf_addr:42 in RBDR
descriptor entry consumes lots of cpu cycles, hence changed
it to a 64bit field with alignment requirements taken care of.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 5836b4429777bf57ca8fc02b154263aa54d97508
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:50 2017 +0530
net: thunderx: Support for page recycling
Adds support for page recycling for allocating receive buffers
to reduce cost of refilling RBDR ring. Also got rid of using
compound pages when pagesize is 4K, only order-0 pages now.
Only page is recycled, DMA mappings still needs to be done for
every receive buffer allocated due to following constraints
- Cannot have just one receive buffer per 64KB page.
- There is just one buffer ring shared across 8 Rx queues, so
buffers of same page can go to any Rx queue.
- HW gives buffer address where packet has been DMA'ed and not
the index into buffer ring.
This makes it not possible to resue DMA mapping info. So unfortunately
have to go through costly mapping route for every buffer.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ee0d8d8482345ff97a75a7d747efc309f13b0d80
Author: Dan Carpenter <dan.carpenter@oracle.com>
Date: Tue May 2 13:58:53 2017 +0300
ipx: call ipxitf_put() in ioctl error path
We should call ipxitf_put() if the copy_to_user() fails.
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 9da3242e6a83b6f315aa9c394c939da8e4ad7774
Author: Jiri Pirko <jiri@mellanox.com>
Date: Tue May 2 10:12:00 2017 +0200
net: sched: add helpers to handle extended actions
Jump is now the only one using value action opcode. This is going to
change soon. So introduce helpers to work with this. Convert TC_ACT_JUMP.
This also fixes the TC_ACT_JUMP check, which is incorrectly done as a
bit check, not a value check.
Fixes: e0ee84ded796 ("net sched actions: Complete the JUMPX opcode")
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 8d3f87d8cd0a16c58ae7e4410938528866c1c0db
Author: sudarsana.kalluru@cavium.com <sudarsana.kalluru@cavium.com>
Date: Tue May 2 01:11:03 2017 -0700
qed*: Fix issues in the ptp filter config implementation.
PTP hardware filter configuration performed by the driver for a given
user requested config is not correct for some of the PTP modes.
Following changes are needed for PTP config-filter implementation.
1. NIG_REG_TX_PTP_EN register - Bits 0/1/2 respectively enables
TimeSync/"V1 frame format support"/"V2 frame format support" on
the TX side. Set the associated bits based on the user request.
2. ptp4l application fails to operate in Peer Delay mode. Following
changes are needed to fix this,
a. Driver should enable (set to 0) DA #1-related bits for IPv4,
IPv6 and MAC destination addresses in these registers:
NIG_REG_TX_LLH_PTP_RULE_MASK
NIG_REG_LLH_PTP_RULE_MASK
b. NIG_REG_LLH_PTP_PARAM_MASK/NIG_REG_TX_LLH_PTP_PARAM_MASK should
be set to 0x0 in all modes.
Signed-off-by: Sudarsana Reddy Kalluru <Sudarsana.Kalluru@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 461eec12012c29b66525c270208d30be8f6da8e7
Author: sudarsana.kalluru@cavium.com <sudarsana.kalluru@cavium.com>
Date: Tue May 2 01:11:02 2017 -0700
qede: Fix concurrency issue in PTP Tx path processing.
PTP Tx timestamping data structures are not protected against the
concurrent access in the Tx paths. Protecting the same using atomic
bit locks.
Signed-off-by: Sudarsana Reddy Kalluru <Sudarsana.Kalluru@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 212c7fd614377fef4415d94856a59e9f484aa439
Author: Jan Kiszka <jan.kiszka@siemens.com>
Date: Tue May 2 09:58:00 2017 +0200
stmmac: Add support for SIMATIC IOT2000 platform
The IOT2000 is industrial controller platform, derived from the Intel
Galileo Gen2 board. The variant IOT2020 comes with one LAN port, the
IOT2040 has two of them. They can be told apart based on the board asset
tag in the DMI table.
Based on patch by Sascha Weisenberger.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Sascha Weisenberger <sascha.weisenberger@siemens.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 412b65d15a7f8a93794653968308fc100f2aa87c
Author: Timmy Li <lixiaoping3@huawei.com>
Date: Tue May 2 10:46:52 2017 +0800
net: hns: fix ethtool_get_strings overflow in hns driver
hns_get_sset_count() returns HNS_NET_STATS_CNT and the data space allocated
is not enough for ethtool_get_strings(), which will cause random memory
corruption.
When SLAB and DEBUG_SLAB are both enabled, memory corruptions like the
the following can be observed without this patch:
[ 43.115200] Slab corruption (Not tainted): Acpi-ParseExt start=ffff801fb0b69030, len=80
[ 43.115206] Redzone: 0x9f911029d006462/0x5f78745f31657070.
[ 43.115208] Last user: [<5f7272655f746b70>](0x5f7272655f746b70)
[ 43.115214] 010: 70 70 65 31 5f 74 78 5f 70 6b 74 00 6b 6b 6b 6b ppe1_tx_pkt.kkkk
[ 43.115217] 030: 70 70 65 31 5f 74 78 5f 70 6b 74 5f 6f 6b 00 6b ppe1_tx_pkt_ok.k
[ 43.115218] Next obj: start=ffff801fb0b69098, len=80
[ 43.115220] Redzone: 0x706d655f6f666966/0x9f911029d74e35b.
[ 43.115229] Last user: [<ffff0000084b11b0>](acpi_os_release_object+0x28/0x38)
[ 43.115231] 000: 74 79 00 6b 6b 6b 6b 6b 70 70 65 31 5f 74 78 5f ty.kkkkkppe1_tx_
[ 43.115232] 010: 70 6b 74 5f 65 72 72 5f 63 73 75 6d 5f 66 61 69 pkt_err_csum_fai
Signed-off-by: Timmy Li <lixiaoping3@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit a9f11f963a546fea9144f6a6d1a307e814a387e7
Author: Eric Dumazet <edumazet@google.com>
Date: Mon May 1 15:29:48 2017 -0700
tcp: fix wraparound issue in tcp_lp
Be careful when comparing tcp_time_stamp to some u32 quantity,
otherwise result can be surprising.
Fixes: 7c106d7e782b ("[TCP]: TCP Low Priority congestion control")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ddc665a4bb4b728b4e6ecec8db1b64efa9184b9c
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Tue May 2 20:34:54 2017 +0200
bpf, arm64: fix jit branch offset related to ldimm64
When the instruction right before the branch destination is
a 64 bit load immediate, we currently calculate the wrong
jump offset in the ctx->offset[] array as we only account
one instruction slot for the 64 bit load immediate although
it uses two BPF instructions. Fix it up by setting the offset
into the right slot after we incremented the index.
Before (ldimm64 test 1):
[...]
00000020: 52800007 mov w7, #0x0 // #0
00000024: d2800060 mov x0, #0x3 // #3
00000028: d2800041 mov x1, #0x2 // #2
0000002c: eb01001f cmp x0, x1
00000030: 54ffff82 b.cs 0x00000020
00000034: d29fffe7 mov x7, #0xffff // #65535
00000038: f2bfffe7 movk x7, #0xffff, lsl #16
0000003c: f2dfffe7 movk x7, #0xffff, lsl #32
00000040: f2ffffe7 movk x7, #0xffff, lsl #48
00000044: d29dddc7 mov x7, #0xeeee // #61166
00000048: f2bdddc7 movk x7, #0xeeee, lsl #16
0000004c: f2ddddc7 movk x7, #0xeeee, lsl #32
00000050: f2fdddc7 movk x7, #0xeeee, lsl #48
[...]
After (ldimm64 test 1):
[...]
00000020: 52800007 mov w7, #0x0 // #0
00000024: d2800060 mov x0, #0x3 // #3
00000028: d2800041 mov x1, #0x2 // #2
0000002c: eb01001f cmp x0, x1
00000030: 540000a2 b.cs 0x00000044
00000034: d29fffe7 mov x7, #0xffff // #65535
00000038: f2bfffe7 movk x7, #0xffff, lsl #16
0000003c: f2dfffe7 movk x7, #0xffff, lsl #32
00000040: f2ffffe7 movk x7, #0xffff, lsl #48
00000044: d29dddc7 mov x7, #0xeeee // #61166
00000048: f2bdddc7 movk x7, #0xeeee, lsl #16
0000004c: f2ddddc7 movk x7, #0xeeee, lsl #32
00000050: f2fdddc7 movk x7, #0xeeee, lsl #48
[...]
Also, add a couple of test cases to make sure JITs pass
this test. Tested on Cavium ThunderX ARMv8. The added
test cases all pass after the fix.
Fixes: 8eee539ddea0 ("arm64: bpf: fix out-of-bounds read in bpf2a64_offset()")
Reported-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Cc: Xi Wang <xi.wang@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 85f68fe89832057584a9e66e1e7e53d53e50faff
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Mon May 1 02:57:20 2017 +0200
bpf, arm64: implement jiting of BPF_XADD
This work adds BPF_XADD for BPF_W/BPF_DW to the arm64 JIT and therefore
completes JITing of all BPF instructions, meaning we can thus also remove
the 'notyet' label and do not need to fall back to the interpreter when
BPF_XADD is used in a program!
This now also brings arm64 JIT in line with x86_64, s390x, ppc64, sparc64,
where all current eBPF features are supported.
BPF_W example from test_bpf:
.u.insns_int = {
BPF_ALU32_IMM(BPF_MOV, R0, 0x12),
BPF_ST_MEM(BPF_W, R10, -40, 0x10),
BPF_STX_XADD(BPF_W, R10, R0, -40),
BPF_LDX_MEM(BPF_W, R0, R10, -40),
BPF_EXIT_INSN(),
},
[...]
00000020: 52800247 mov w7, #0x12 // #18
00000024: 928004eb mov x11, #0xffffffffffffffd8 // #-40
00000028: d280020a mov x10, #0x10 // #16
0000002c: b82b6b2a str w10, [x25,x11]
// start of xadd mapping:
00000030: 928004ea mov x10, #0xffffffffffffffd8 // #-40
00000034: 8b19014a add x10, x10, x25
00000038: f9800151 prfm pstl1strm, [x10]
0000003c: 885f7d4b ldxr w11, [x10]
00000040: 0b07016b add w11, w11, w7
00000044: 880b7d4b stxr w11, w11, [x10]
00000048: 35ffffab cbnz w11, 0x0000003c
// end of xadd mapping:
[...]
BPF_DW example from test_bpf:
.u.insns_int = {
BPF_ALU32_IMM(BPF_MOV, R0, 0x12),
BPF_ST_MEM(BPF_DW, R10, -40, 0x10),
BPF_STX_XADD(BPF_DW, R10, R0, -40),
BPF_LDX_MEM(BPF_DW, R0, R10, -40),
BPF_EXIT_INSN(),
},
[...]
00000020: 52800247 mov w7, #0x12 // #18
00000024: 928004eb mov x11, #0xffffffffffffffd8 // #-40
00000028: d280020a mov x10, #0x10 // #16
0000002c: f82b6b2a str x10, [x25,x11]
// start of xadd mapping:
00000030: 928004ea mov x10, #0xffffffffffffffd8 // #-40
00000034: 8b19014a add x10, x10, x25
00000038: f9800151 prfm pstl1strm, [x10]
0000003c: c85f7d4b ldxr x11, [x10]
00000040: 8b07016b add x11, x11, x7
00000044: c80b7d4b stxr w11, x11, [x10]
00000048: 35ffffab cbnz w11, 0x0000003c
// end of xadd mapping:
[...]
Tested on Cavium ThunderX ARMv8, test suite results after the patch:
No JIT: [ 3751.855362] test_bpf: Summary: 311 PASSED, 0 FAILED, [0/303 JIT'ed]
With JIT: [ 3573.759527] test_bpf: Summary: 311 PASSED, 0 FAILED, [303/303 JIT'ed]
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 586f8525979ad9574bf61637fd58c98d5077f29d
Author: David Miller <davem@davemloft.net>
Date: Tue May 2 11:36:45 2017 -0400
bpf: Align packet data properly in program testing framework.
Make sure we apply NET_IP_ALIGN when reserving headroom for SKB
and XDP test runs, just like a real driver would.
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
commit 78e5227237cae9172dd50c3ebb08d4fb31530676
Author: David Miller <davem@davemloft.net>
Date: Tue May 2 11:36:33 2017 -0400
bpf: Do not dereference user pointer in bpf_test_finish().
Instead, pass the kattr in which has a kernel side copy of this
data structure from userspace already.
Fix based upon a suggestion from Alexei Starovoitov.
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
commit 4e9c3a667135799d50f2778a8a8dae2ca13aafd0
Author: David S. Miller <davem@davemloft.net>
Date: Tue May 2 07:52:01 2017 -0700
selftests: bpf: Use bpf_endian.h in test_xdp.c
This fixes the testcase on big-endian.
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 48d0e023af9799cd7220335baf8e3ba61eeafbeb
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: fix the RCU locking for the auditd_connection structure
Cong Wang correctly pointed out that the RCU read locking of the
auditd_connection struct was wrong, this patch correct this by
adopting a more traditional, and correct RCU locking model.
This patch is heavily based on an earlier prototype by Cong Wang.
Cc: <stable@vger.kernel.org> # 4.11.x-
Reported-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 8cc96382d9a7fe1746286670dd5140c3b12638ae
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: use kmem_cache to manage the audit_buffer cache
The audit subsystem implemented its own buffer cache mechanism which
is a bit silly these days when we could use the kmem_cache construct.
Some credit is due to Florian Westphal for originally proposing that
we remove the audit cache implementation in favor of simple
kmalloc()/kfree() calls, but I would rather have a dedicated slab
cache to ease debugging and future stats/performance work.
Cc: Florian Westphal <fw@strlen.de>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 2115bb250f260089743e26decfb5f271ba71ca37
Author: Deepa Dinamani <deepa.kernel@gmail.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: Use timespec64 to represent audit timestamps
struct timespec is not y2038 safe.
Audit timestamps are recorded in string format into
an audit buffer for a given context.
These mark the entry timestamps for the syscalls.
Use y2038 safe struct timespec64 to represent the times.
The log strings can handle this transition as strings can
hold upto 1024 characters.
Signed-off-by: Deepa Dinamani <deepa.kernel@gmail.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b6c7c115c2ce679ac536f0adf0ff518fcd939196
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: store the auditd PID as a pid struct instead of pid_t
This is arguably the right thing to do, and will make it easier when
we start supporting multiple audit daemons in different namespaces.
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 45a0642b4d021a2f50d5db9c191b5bfe60bfa1c7
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: kernel generated netlink traffic should have a portid of 0
We were setting the portid incorrectly in the netlink message headers,
fix that to always be 0 (nlmsg_pid = 0).
Signed-off-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
commit a9d1620877748375cf60b43ef3fa5f61ab6d9f24
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: combine audit_receive() and audit_receive_skb()
There is no reason to have both of these functions, combine the two.
Signed-off-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
commit bd120ded6a6af61ad342a8a95b36b64bd1e2f9e6
Author: Elena Reshetova <elena.reshetova@intel.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: convert audit_watch.count from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
[PM: fix subject line, add #include]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 9d2378f8c8f1a3fcfab681fd90c139d90dca7b69
Author: Elena Reshetova <elena.reshetova@intel.com>
Date: Tue May 2 10:16:04 2017 -0400
audit: convert audit_tree.count from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
[PM: fix subject line, add #include]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 2173c519d5e912a6e2934bb04255fcd36c1591c8
Author: Richard Guy Briggs <rgb@redhat.com>
Date: Tue May 2 10:16:04 2017 -0400
audit: normalize NETFILTER_PKT
Eliminate flipping in and out of message fields, dropping fields in the
process.
Sample raw message format IPv4 UDP:
type=NETFILTER_PKT msg=audit(1487874761.386:228): mark=0xae8a2732 saddr=127.0.0.1 daddr=127.0.0.1 proto=17^]
Sample raw message format IPv6 ICMP6:
type=NETFILTER_PKT msg=audit(1487874761.381:227): mark=0x223894b7 saddr=::1 daddr=::1 proto=58^]
Issue: https://github.com/linux-audit/audit-kernel/issues/11
Test case: https://github.com/linux-audit/audit-testsuite/issues/43
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 0cb88b6ff054ccfa30e0fd7f7b42ee9f088db432
Author: Richard Guy Briggs <rgb@redhat.com>
Date: Tue May 2 10:16:04 2017 -0400
netfilter: use consistent ipv4 network offset in xt_AUDIT
Even though the skb->data pointer has been moved from the link layer
header to the network layer header, use the same method to calculate the
offset in ipv4 and ipv6 routines.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
[PM: munged subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit f6276ac95bde4312251535904af32b1de9d54949
Author: Richard Guy Briggs <rgb@redhat.com>
Date: Tue May 2 10:16:04 2017 -0400
audit: log module name on delete_module
When a sysadmin wishes to monitor module unloading with a syscall rule such as:
-a always,exit -F arch=x86_64 -S delete_module -F key=mod-unload
the SYSCALL record doesn't tell us what module was requested for unloading.
Use the new KERN_MODULE auxiliary record to record it.
The SYSCALL record result code will list the return code.
See: https://github.com/linux-audit/audit-kernel/issues/37
https://github.com/linux-audit/audit-kernel/issues/7
https://github.com/linux-audit/audit-kernel/wiki/RFE-Module-Load-Record-Format
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Acked-by: Jessica Yu <jeyu@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 9aab4f4ea7a4ca80ec3e0269ce2eb71a24f6fef9
Author: Nicholas Mc Guire <der.herr@hofr.at>
Date: Tue May 2 10:16:04 2017 -0400
audit: remove unnecessary semicolon in audit_watch_handle_event()
The excess ; after the closing parenthesis is just code-noise it has no
and can be removed.
Signed-off-by: Nicholas Mc Guire <der.herr@hofr.at>
[PM: tweaked subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b5239fba69949a44290d4af517fc1c2eff3e36f6
Author: Nicholas Mc Guire <der.herr@hofr.at>
Date: Tue May 2 10:16:04 2017 -0400
audit: remove unnecessary semicolon in audit_mark_handle_event()
The excess ; after the closing parenthesis is just code-noise it has no
and can be removed.
Signed-off-by: Nicholas Mc Guire <der.herr@hofr.at>
[PM: tweaked subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b7a84deaf8d1b0e62b437a290a40d6380975f126
Author: Nicholas Mc Guire <der.herr@hofr.at>
Date: Tue May 2 10:16:03 2017 -0400
audit: remove unnecessary semicolon in audit_field_valid()
The excess ; after the closing parenthesis is just code-noise it has no
and can be removed.
Signed-off-by: Nicholas Mc Guire <der.herr@hofr.at>
[PM: tweak subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b5d60989c6f7501af72cb65893c02621dd16fd84
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Mon May 1 15:53:43 2017 -0700
xdp: fix parameter kdoc for extack
Fix kdoc parameter spelling from extact to extack.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit eb6211d3606971a957fea28f7532687f9d0f93f2
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Tue May 2 00:47:09 2017 +0200
bpf, samples: fix build warning in cookie_uid_helper_example
Fix the following warnings triggered by 51570a5ab2b7 ("A Sample of
using socket cookie and uid for traffic monitoring"):
In file included from /home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:54:0:
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c: In function 'prog_load':
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:119:27: warning: overflow in implicit constant conversion [-Woverflow]
-32 + offsetof(struct stats, uid)),
^
/home/foo/net-next/samples/bpf/libbpf.h:135:12: note: in definition of macro 'BPF_STX_MEM'
.off = OFF, \
^
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:121:27: warning: overflow in implicit constant conversion [-Woverflow]
-32 + offsetof(struct stats, packets), 1),
^
/home/foo/net-next/samples/bpf/libbpf.h:155:12: note: in definition of macro 'BPF_ST_MEM'
.off = OFF, \
^
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:129:27: warning: overflow in implicit constant conversion [-Woverflow]
-32 + offsetof(struct stats, bytes)),
^
/home/foo/net-next/samples/bpf/libbpf.h:135:12: note: in definition of macro 'BPF_STX_MEM'
.off = OFF, \
^
HOSTLD /home/foo/net-next/samples/bpf/per_socket_stats_example
Fixes: 51570a5ab2b7 ("A Sample of using socket cookie and uid for traffic monitoring")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e3bf4c61da801c7967d0efff0c3f6b22d2c0e544
Author: David S. Miller <davem@davemloft.net>
Date: Mon May 1 20:26:02 2017 -0700
sparc64: Fix BPF JIT wrt. branches and ldimm64 instructions.
Like other JITs, sparc64 maintains an array of instruction offsets but
stores the entries off by one. This is done because jumps to the
exit block are indexed to one past the last BPF instruction.
So if we size the array by the program length, we need to record
the previous instruction in order to stay within the array bounds.
This is explained in ARM JIT commit 8eee539ddea0 ("arm64: bpf: fix
out-of-bounds read in bpf2a64_offset()").
But this scheme requires a little bit of careful handling when
the instruction before the branch destination is a 64-bit load
immediate. It takes up 2 BPF instruction slots.
Therefore, we have to fill in the array entry for the second
half of the 64-bit load immediate instruction rather than for
the one for the beginning of that instruction.
Fixes: 7a12b5031c6b ("sparc64: Add eBPF JIT.")
Signed-off-by: David S. Miller <davem@davemloft.net>
commit a25fb8508c1b80dce742dbeaa4d75a1e9f2c5617
Author: Sergei Trofimovich <slyfox@gentoo.org>
Date: Mon May 1 11:51:55 2017 -0700
ia64: fix module loading for gcc-5.4
Starting from gcc-5.4+ gcc generates MLX instructions in more cases to
refer local symbols:
https://gcc.gnu.org/PR60465
That caused ia64 module loader to choke on such instructions:
fuse: invalid slot number 1 for IMM64
The Linux kernel used to handle only case where relocation pointed to
slot=2 instruction in the bundle. That limitation was fixed in linux by
commit 9c184a073bfd ("[IA64] Fix 2.6 kernel for the new ia64 assembler")
See
http://sources.redhat.com/bugzilla/show_bug.cgi?id=1433
This change lifts the slot=2 restriction from the kernel module loader.
Tested on 'fuse' and 'btrfs' kernel modules.
Cc: Markus Elfring <elfring@users.sourceforge.net>
Cc: H J Lu <hjl.tools@gmail.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Bug: https://bugs.gentoo.org/601014
Tested-by: Émeric MASCHINO <emeric.maschino@gmail.com>
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
commit 48e75b430670ebdbb00ba008e1d3690f61ab9824
Author: Florian Westphal <fw@strlen.de>
Date: Mon May 1 22:18:01 2017 +0200
rhashtable: compact struct rhashtable_params
By using smaller datatypes this (rather large) struct shrinks considerably
(80 -> 48 bytes on x86_64).
As this is embedded in other structs, this also rerduces size of several
others, e.g. cls_fl_head or nft_hash.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e06422c43968916dc945018fd9220f60866470b1
Author: David S. Miller <davem@davemloft.net>
Date: Mon May 1 12:58:21 2017 -0700
bpf: Include bpf_endian.h in test_progs.c too.
Signed-off-by: David S. Miller <davem@davemloft.net>
commit bc1bafbbe9b3558d7789ff151ef4f185b6ad21f3
Author: David S. Miller <davem@davemloft.net>
Date: Mon May 1 12:43:49 2017 -0700
bpf: Move endianness BPF helpers out of bpf_util.h
We do not want to include things like stdio.h and friends into
eBPF program builds. bpf_util.h is for host compiled programs,
so eBPF C-code helpers don't really belong there.
Add a new bpf_endian.h as a quick fix for this for now.
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 310b4816a5d8082416b4ab83e5a7b3cb92883a4d
Author: Tejun Heo <tj@kernel.org>
Date: Mon May 1 15:24:14 2017 -0400
cgroup: mark cgroup_get() with __maybe_unused
a590b90d472f ("cgroup: fix spurious warnings on cgroup_is_dead() from
cgroup_sk_alloc()") converted most cgroup_get() usages to
cgroup_get_live() leaving cgroup_sk_alloc() the sole user of
cgroup_get(). When !CONFIG_SOCK_CGROUP_DATA, this ends up triggering
unused warning for cgroup_get().
Silence the warning by adding __maybe_unused to cgroup_get().
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Link: http://lkml.kernel.org/r/20170501145340.17e8ef86@canb.auug.org.au
Signed-off-by: Tejun Heo <tj@kernel.org>
commit 5b8481fa42ac58484d633b558579e302aead64c1
Author: David S. Miller <davem@davemloft.net>
Date: Mon May 1 15:10:20 2017 -0400
ipv6: Need to export ipv6_push_frag_opts for tunneling now.
Since that change also made the nfrag function not necessary
for exports, remove it.
Fixes: 89a23c8b528b ("ip6_tunnel: Fix missing tunnel encapsulation limit option")
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 931d18223998c5360b960d1ce247579f6152ad8f
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:27 2017 -0400
net: dsa: mv88e6xxx: add VTU support for 88E6390
The 6390 family of chips use only 2 of the 3 VTU Data registers to pack
the MemberTag and PortState VLAN data. This means that they must be
written or read before or after each VTU/STU operations.
Implement this variant to add support for VTU with such chips. These
chips have a 13th bit for the VID thus set their max_vid to 8191.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 1ac758648b574d3d01a648fc7018fc8b0bb7454a
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:26 2017 -0400
net: dsa: mv88e6xxx: support the VTU Page bit
Newer chips such as the 88E6390 have a VTU Page bit in the VTU VID
register to specify a 13th bit for the VID. This can be used to support
8K VLANs.
When dumping the whole VTU, all VID bits must be set to one, including
this VTU Page bit. Add support for VID greater than 4095.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 567aa59a8b055bb5853bc7e5d5f8ac191216c9c7
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:25 2017 -0400
net: dsa: mv88e6xxx: simplify VTU entry getter
Make the code which fetches or initializes a new VTU entry more concise.
This allows us the get rid of the old underscore prefix naming.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit bf7d71c0451776143cdbd9a42a5bcbd6478da3c8
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:24 2017 -0400
net: dsa: mv88e6xxx: make VTU helpers static
Now that we have chip operations for VTU accesses, mark all helpers from
global1_vtu.c as static. Only the various implementations of the
GetNext, LoadPurge and Flush operations need to be exposed.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 0ad5daf6ba80af4a8d72b4284079357c4e3b9e4a
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:23 2017 -0400
net: dsa: mv88e6xxx: add VTU Load/Purge operation
Add a new vtu_loadpurge operation to the chip info structure to differ
the various implementations of the VTU accesses.
Now that the STU handling is abstracted behind VTU operations, kill the
obsolete MV88E6XXX_FLAG_STU flag.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit f1394b78a602bae124a9b8473465ba48f4a5d5b2
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:22 2017 -0400
net: dsa: mv88e6xxx: add VTU GetNext operation
Add a new vtu_getnext operation to the chip info structure to differ the
various implementations of the VTU accesses.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 021e64ff7676ad5183c1845d4b316df20175702a
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:21 2017 -0400
net: dsa: mv88e6xxx: load STU entry with VTU entry
Now that the code writes both VTU and STU data when loading a VTU entry,
load the corresponding STU entry at the same time.
This allows us to get rid of the STU management in the
_mv88e6xxx_vtu_new helper and thus remove the separate implementations
of STU Load/Purge and STU GetNext, as well as the unused family checks.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ef6fcea37f014ec54a0a9f7eaecc78cdb6ffc71e
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:20 2017 -0400
net: dsa: mv88e6xxx: get STU entry on VTU GetNext
Now that the code reads both VTU and STU data on VTU GetNext operation,
fetch the STU entry data of a VTU entry at the same time.
The STU data bits are masked with the VTU data bits and they are now all
read at the same time a VTU GetNext operation is issued.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 66a8e1f93319b8e3f5b6e81c06a2534c1491157c
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:19 2017 -0400
net: dsa: mv88e6xxx: move STU GetNext operation
Extract the generic portion of code to issue an STU GetNext operation,
which will be used in other implementations.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit c499a64f349d063d8cdb40c0b96e84c35bbc414c
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:18 2017 -0400
net: dsa: mv88e6xxx: move VTU Data accessors
The code to access the VTU Data registers currently only supports the
88E6185 family and alike: 2-bit membership adjacent to 2-bit port state.
Even though the 88E6352 family introduced an indirect table to program
the VLAN Spanning Tree states, the usage of the VTU Data registers
remains the same regardless the VTU or STU operation.
Now that the mv88e6xxx_vtu_entry structure contains both port membership
and states data, factorize the code to access them in global1_vtu.c.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit f169e5ee5f29f81c1c8d647fa6fb5387ee793131
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:17 2017 -0400
net: dsa: mv88e6xxx: move generic VTU GetNext
Even though every switch model has a different way to access the VTU
Data bits, the base implementation of the VTU GetNext operation remains
the same: wait, write the first VID to iterate from, start the
operation, and read the next VID.
Move this generic implementation into global1_vtu.c and abstract the
handling of the start VID (similarly to the ATU GetNext implementation),
before introducing a new chip operation for specific chips.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 3afb4bde6fe8f2d43b2153cc2672d07477729cca
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:16 2017 -0400
net: dsa: mv88e6xxx: move VTU VID accessors
Add helpers to access the VTU VID register in the global1_vtu.c file.
At the same time, move mv88e6xxx_g1_vtu_vid_write at the beginning of
_mv88e6xxx_vtu_loadpurge, which adds no functional changes but makes
future patches simpler.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit d2ca1ea18db6a90475b983e65e8435632fe3d57e
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:15 2017 -0400
net: dsa: mv88e6xxx: move VTU SID accessors
Add helpers to access the VTU SID register in the global1_vtu.c file.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 8ee51f6b4f0819fd3d6a4143222be796779cf501
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:14 2017 -0400
net: dsa: mv88e6xxx: move VTU FID accessors
Add helpers to access the VTU FID register in the global1_vtu.c file.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit b486d7c95cc8336aa91813a156f9385439bde2fc
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:13 2017 -0400
net: dsa: mv88e6xxx: move VTU flush
Move the VTU flush operation to global1_vtu.c and call it from a
mv88e6xxx_vtu_setup helper, similarly to the ATU and PVT setup.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 332aa5ccc82005de9441c1b65ca546488c7f8730
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:12 2017 -0400
net: dsa: mv88e6xxx: move VTU Operation accessors
Move the helper functions to access the Global 1 VTU Operation register
to a new global1_vtu.c file, and get rid of the old underscore prefix
naming convention. This file will be extended will all VTU/STU related
code.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit bd00e053ae29d3215a9085b5c0add7298bbc417c
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:11 2017 -0400
net: dsa: mv88e6xxx: split VTU entry data member
VLAN aware Marvell chips can program 802.1Q VLAN membership as well as
802.1s per VLAN Spanning Tree state using the same 3 VTU Data registers.
Some chips such as 88E6185 use different Data registers offsets for
ports state and membership, and program them in a single operation.
Other chips such as 88E6352 use the same register layout but program
them in distinct operations (an indirect table is used for 802.1s.)
Newer chips such as 88E6390 use the same offsets for both state and
membership in distinct operations, thus require multiple data accesses.
To correctly abstract this, split the "data" structure member of
mv88e6xxx_vtu_entry in two "state" and "member" members, before adding
VTU support for newer chips.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 3cf3c8469f70d18f8bbcdf8361e62812ebc571cd
Author: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Date: Mon May 1 14:05:10 2017 -0400
net: dsa: mv88e6xxx: add max VID to info
Some chips don't have a VLAN Table Unit, most of them do have a 4K
table, some others as the 88E6390 family has a 13th bit for the VID.
Add a new max_vid member to the info structure, used to check the
presence of a VTU as well as the value used to iterate from in VTU
GetNext operations.
This makes the MV88E6XXX_FLAG_VTU obsolete, thus remove it.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 152afb9b45a8af4a93699a15925c392a28182a26
Author: Ilan Tayari <ilant@mellanox.com>
Date: Sun Apr 30 16:51:19 2017 +0300
xfrm: Indicate xfrm_state offload errors
Current code silently ignores driver errors when configuring
IPSec offload xfrm_state, and falls back to host-based crypto.
Fail the xfrm_state creation if the driver has an error, because
the NIC offloading was explicitly requested by the user program.
This will communicate back to the user that there was an error.
Fixes: d77e38e612a0 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: Ilan Tayari <ilant@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 67d349ed603d5ce4a6f1722b1736e2bcef0e8690
Author: Ilan Tayari <ilant@mellanox.com>
Date: Sun Apr 30 16:34:38 2017 +0300
net/esp4: Fix invalid esph pointer crash
Both esp_output and esp_xmit take a pointer to the ESP header
and place it in esp_info struct prior to calling esp_output_head.
Inside esp_output_head, the call to esp_output_udp_encap
makes sure to update the pointer if it gets invalid.
However, if esp_output_head itself calls skb_cow_data, the
pointer is not updated and stays invalid, causing a crash
after esp_output_head returns.
Update the pointer if it becomes invalid in esp_output_head
Fixes: fca11ebde3f0 ("esp4: Reorganize esp_output")
Signed-off-by: Ilan Tayari <ilant@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 89a23c8b528bd2c89f3981573d6cd7d23840c8a6
Author: Craig Gallek <cgallek@google.com>
Date: Wed Apr 26 14:37:45 2017 -0400
ip6_tunnel: Fix missing tunnel encapsulation limit option
The IPv6 tunneling code tries to insert IPV6_TLV_TNL_ENCAP_LIMIT and
IPV6_TLV_PADN options when an encapsulation limit is defined (the
default is a limit of 4). An MTU adjustment is done to account for
these options as well. However, the options are never present in the
generated packets.
The issue appears to be a subtlety between IPV6_DSTOPTS and
IPV6_RTHDRDSTOPTS defined in RFC 3542. When the IPIP tunnel driver was
written, the encap limit options were included as IPV6_RTHDRDSTOPTS in
dst0opt of struct ipv6_txoptions. Later, ipv6_push_nfrags_opts was
(correctly) updated to require IPV6_RTHDR options when IPV6_RTHDRDSTOPTS
are to be used. This caused the options to no longer be included in v6
encapsulated packets.
The fix is to use IPV6_DSTOPTS (in dst1opt of struct ipv6_txoptions)
instead. IPV6_DSTOPTS do not have the additional IPV6_RTHDR requirement.
Fixes: 1df64a8569c7: ("[IPV6]: Add ip6ip6 tunnel driver.")
Fixes: 333fad5364d6: ("[IPV6]: Support several new sockopt / ancillary data in Advanced API (RFC3542)")
Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit a6a5993243550b09f620941dea741b7421fdf79c
Author: Ding Tianhong <dingtianhong@huawei.com>
Date: Sat Apr 29 10:38:48 2017 +0800
iov_iter: don't revert iov buffer if csum error
The patch 327868212381 (make skb_copy_datagram_msg() et.al. preserve
->msg_iter on error) will revert the iov buffer if copy to iter
failed, but it didn't copy any datagram if the skb_checksum_complete
error, so no need to revert any data at this place.
v2: Sabrina notice that return -EFAULT when checksum error is not correct
here, it would confuse the caller about the return value, so fix it.
Fixes: 327868212381 ("make skb_copy_datagram_msg() et.al. preserve->msg_iter on error")
Cc: stable@vger.kernel.org # v4.11
Signed-off-by: Ding Tianhong <dingtianhong@huawei.com>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
commit d5066c467ee3b8eb8716e776584b3953a0bb218a
Author: Liam Beguin <lbeguin@tycoint.com>
Date: Mon May 1 11:02:01 2017 -0400
switchdev: documentation: fix whitespace issues
Figure 1 is full of whitespaces; fix it
Signed-off-by: Liam Beguin <lbeguin@tycoint.com>
Signed-off-by: Sylvain Lemieux <slemieux@tycoint.com>
Acked-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit b1e455260c9187b16dd4ebc428b817ebac322043
Author: Ido Schimmel <idosch@mellanox.com>
Date: Sun Apr 30 19:47:14 2017 +0300
mlxsw: spectrum_router: Simplify VRF enslavement
When a netdev is enslaved to a VRF master, its router interface (RIF)
needs to be destroyed (if exists) and a new one created using the
corresponding virtual router (VR).
>From the driver's perspective, the above is equivalent to an inetaddr
event sent for this netdev. Therefore, when a port netdev (or its
uppers) are enslaved to a VRF master, call the same function that
would've been called had a NETDEV_UP was sent for this netdev in the
inetaddr notification chain.
This patch also fixes a bug when a LAG netdev with an existing RIF is
enslaved to a VRF. Before this patch, each LAG port would drop the
reference on the RIF, but would re-join the same one (in the wrong VR)
soon after. With this patch, the corresponding RIF is first destroyed
and a new one is created using the correct VR.
Fixes: 7179eb5acd59 ("mlxsw: spectrum_router: Add support for VRFs")
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 07ff2ed03bb874a5bb97361a5a07ee28f1afa574
Author: Mintz, Yuval <Yuval.Mintz@cavium.com>
Date: Sun Apr 30 12:14:44 2017 +0300
qed: Prevent warning without CONFIG_RFS_ACCEL
After removing the PTP related initialization from slowpath start,
the remaining PTT entry is required only in case CONFIG_RFS_ACCEL is set.
Otherwise, it leads to a warning due to it being unused.
Fixes: d179bd1699fc ("qed: Acquire/release ptt_ptp lock when enabling/disabling PTP")
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 20b1bd96e9f4feeffc9206284df3c6a4438e9ca8
Author: Ram Amrani <Ram.Amrani@cavium.com>
Date: Sun Apr 30 11:49:10 2017 +0300
qed: output the DPM status and WID count
Output to the RDMA driver whether DPM mode is enabled or disabled in
the HW and if so what is the number of WIDs it supports
Signed-off-by: Ram Amrani <Ram.Amrani@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 107392b75ffc96a2418d5382e52b08c598575e1b
Author: Ram Amrani <Ram.Amrani@cavium.com>
Date: Sun Apr 30 11:49:09 2017 +0300
qed: align DPI configuration to HW requirements
When calculating doorbell BAR partitioning round up the number of
CPUs to the nearest power of 2 so the size of the DPI (per user
section) configured in the hardware will be stored properly and
not truncated.
Signed-off-by: Ram Amrani <Ram.Amrani@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e015d58b44a93a3fd89ed910d68659dfdc57237c
Author: Ram Amrani <Ram.Amrani@cavium.com>
Date: Sun Apr 30 11:49:08 2017 +0300
qed: verify RoCE resource bitmaps are released
Add mechanism to verify RoCE resources are released prior to freeing the
bitmaps. If this is not the case, print what resources were not released.
Signed-off-by: Ram Amrani <Ram.Amrani@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 105361943d3036f00f70a6621983b98673839591
Author: Ram Amrani <Ram.Amrani@cavium.com>
Date: Sun Apr 30 11:49:07 2017 +0300
qed: add error handling flow to TID deregistratin posting failure
If the posting of the ramrod for the purpose of TID deregistration
fails, abort the deregistration operation without using the FW's
return code.
Signed-off-by: Ram Amrani <Ram.Amrani@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ba0154e96449a5be3360d3a07bc4b6d476e2667e
Author: Ram Amrani <Ram.Amrani@cavium.com>
Date: Sun Apr 30 11:49:06 2017 +0300
qed: remove unused SQ error state
The internal RoCE SQE QP state isn't being used. Instead we mark the
QP as in regular error state.
Signed-off-by: Ram Amrani <Ram.Amrani@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 793ea8a9c7b4b4383348a717cb5c86c1bbdba30a
Author: Ram Amrani <Ram.Amrani@cavium.com>
Date: Sun Apr 30 11:49:05 2017 +0300
qed: configure the RoCE max message size
Signed-off-by: Ram Amrani <Ram.Amrani@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 332270fdc8b6fba07d059a9ad44df9e1a2ad4529
Author: Yonghong Song <yhs@fb.com>
Date: Sat Apr 29 22:52:42 2017 -0700
bpf: enhance verifier to understand stack pointer arithmetic
llvm 4.0 and above generates the code like below:
....
440: (b7) r1 = 15
441: (05) goto pc+73
515: (79) r6 = *(u64 *)(r10 -152)
516: (bf) r7 = r10
517: (07) r7 += -112
518: (bf) r2 = r7
519: (0f) r2 += r1
520: (71) r1 = *(u8 *)(r8 +0)
521: (73) *(u8 *)(r2 +45) = r1
....
and the verifier complains "R2 invalid mem access 'inv'" for insn #521.
This is because verifier marks register r2 as unknown value after #519
where r2 is a stack pointer and r1 holds a constant value.
Teach verifier to recognize "stack_ptr + imm" and
"stack_ptr + reg with const val" as valid stack_ptr with new offset.
Signed-off-by: Yonghong Song <yhs@fb.com>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 2faf26575350e49c1e242b7a464e9302f78b9b15
Author: Karim Eshapa <karim.eshapa@gmail.com>
Date: Mon May 1 15:58:08 2017 +0200
benet: Use time_before_eq for time comparison
Use time_before_eq for time comparison more safe and dealing
with timer wrapping to be future-proof.
Signed-off-by: Karim Eshapa <karim.eshapa@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 1a7fca63cd405fc77a9c9ce9291792f2a7d222a4
Author: Benjamin LaHaise <benjamin.lahaise@netronome.com>
Date: Mon May 1 09:58:40 2017 -0400
flower: check unused bits in MPLS fields
Since several of the the netlink attributes used to configure the flower
classifier's MPLS TC, BOS and Label fields have additional bits which are
unused, check those bits to ensure that they are actually 0 as suggested
by Jamal.
Signed-off-by: Benjamin LaHaise <benjamin.lahaise@netronome.com>
Cc: David Miller <davem@davemloft.net>
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Simon Horman <simon.horman@netronome.com>
Cc: Jakub Kicinski <kubakici@wp.pl>
Cc: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit f76254a845a661ccdb9fa246ee72197f90a8d3dd
Author: Jesper Dangaard Brouer <brouer@redhat.com>
Date: Mon May 1 11:26:20 2017 +0200
samples/bpf: fix XDP_FLAGS_SKB_MODE detach for xdp_tx_iptunnel
The xdp_tx_iptunnel program can be terminated in two ways, after
N-seconds or via Ctrl-C SIGINT. The SIGINT code path does not
handle detatching the correct XDP program, in-case the program
was attached with XDP_FLAGS_SKB_MODE.
Fix this by storing the XDP flags as a global variable, which is
available for the SIGINT handler function.
Fixes: 3993f2cb983b ("samples/bpf: Add support for SKB_MODE to xdp1 and xdp_tx_iptunnel")
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Andy Gospodarek <andy@greyhouse.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 6387d0111ca4740b69a082a92fc373185af11133
Author: Jesper Dangaard Brouer <brouer@redhat.com>
Date: Mon May 1 11:26:15 2017 +0200
samples/bpf: fix SKB_MODE flag to be a 32-bit unsigned int
The kernel side of XDP_FLAGS_SKB_MODE is unsigned, and the rtnetlink
IFLA_XDP_FLAGS is defined as NLA_U32. Thus, userspace programs under
samples/bpf/ should use the correct type.
Fixes: 3993f2cb983b ("samples/bpf: Add support for SKB_MODE to xdp1 and xdp_tx_iptunnel")
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Andy Gospodarek <andy@greyhouse.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 9861ce039c2a4ff3e50eb7c679dadc15a8469e3f
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Sun Apr 30 21:46:48 2017 -0700
virtio_net: make use of extended ack message reporting
Try to carry error messages to the user via the netlink extended
ack message attribute.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit d957c0f711aaeaac6bbffd82098737ac10b7985d
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Sun Apr 30 21:46:47 2017 -0700
nfp: make use of extended ack message reporting
Try to carry error messages to the user via the netlink extended
ack message attribute.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ddf9f970764f4390aba767e77fddaaced4a6760d
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Sun Apr 30 21:46:46 2017 -0700
xdp: propagate extended ack to XDP setup
Drivers usually have a number of restrictions for running XDP
- most common being buffer sizes, LRO and number of rings.
Even though some drivers try to be helpful and print error
messages experience shows that users don't often consult
kernel logs on netlink errors. Try to use the new extended
ack mechanism to carry the message back to user space.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 45d9b378e85f1b00ac047626827c68589168936c
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Sun Apr 30 21:46:45 2017 -0700
netlink: add NULL-friendly helper for setting extended ACK message
As we propagate extended ack reporting throughout various paths in
the kernel it may be that the same function is called with the
extended ack parameter passed as NULL. One place where that happens
is in drivers which have a centralized reconfiguration function
called both from ndos and from ethtool_ops. Add a new helper for
setting the error message in such conditions.
Existing helper is left as is to encourage propagating the ext act
fully wherever possible. It also makes it clear in the code which
messages may be lost due to ext ack being NULL.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 8eeef2350453aa012d846457eb6ecd012a35d99b
Author: Liping Zhang <zlpnobody@gmail.com>
Date: Sat Apr 29 21:59:49 2017 +0800
netfilter: nf_ct_ext: invoke destroy even when ext is not attached
For NF_NAT_MANIP_SRC, we will insert the ct to the nat_bysource_table,
then remove it from the nat_bysource_table via nat_extend->destroy.
But now, the nat extension is attached on demand, so if the nat extension
is not attached, we will not be notified when the ct is destroyed, i.e.
we may fail to remove ct from the nat_bysource_table.
So just keep it simple, even if the extension is not attached, we will
still invoke the related ext->destroy. And this will also preserve the
flexibility for the future extension.
Fixes: 9a08ecfe74d7 ("netfilter: don't attach a nat extension by default")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
commit 0e72f55f3510e722e725c54678800e99853faa3b
Author: Florian Westphal <fw@strlen.de>
Date: Thu Apr 27 16:39:43 2017 +0200
netfilter: snmp: avoid stack size warning
net/ipv4/netfilter/nf_nat_snmp_basic.c:1158:1: warning: the frame size
of 1160 bytes is larger than 1024 bytes
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
commit 039b40ee5854dc733cf786fee4a88e240a012115
Author: Florian Westphal <fw@strlen.de>
Date: Mon Apr 24 15:37:41 2017 +0200
netfilter: nf_queue: only call synchronize_net twice if nf_queue is active
nf_unregister_net_hook(s) can avoid a second call to synchronize_net,
provided there is no nfqueue active in that net namespace (which is
the common case).
This also gets rid of the extra arg to nf_queue_nf_hook_drop(), normally
this gets called during netns cleanup so no packets should be queued.
For the rare case of base chain being u…
fengguang
pushed a commit
to 0day-ci/linux
that referenced
this pull request
May 5, 2017
GIT d979d0dd9ff332bf1106a60e3841430fc2cbd9ef
commit 3a158a62da0673db918b53ac1440845a5b64fd90
Author: James Hogan <james.hogan@imgtec.com>
Date: Tue May 2 19:41:06 2017 +0100
metag/uaccess: Check access_ok in strncpy_from_user
The metag implementation of strncpy_from_user() doesn't validate the src
pointer, which could allow reading of arbitrary kernel memory. Add a
short access_ok() check to prevent that.
Its still possible for it to read across the user/kernel boundary, but
it will invariably reach a NUL character after only 9 bytes, leaking
only a static kernel address being loaded into D0Re0 at the beginning of
__start, which is acceptable for the immediate fix.
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: linux-metag@vger.kernel.org
Cc: stable@vger.kernel.org
commit ec8a09fbbeff252c80daf62c7a78342003dddf9c
Author: Jon Paul Maloy <jon.maloy@ericsson.com>
Date: Tue May 2 18:16:54 2017 +0200
tipc: refactor function tipc_sk_recv_stream()
We try to make this function more readable by improving variable names
and comments, using more stack variables, and doing some smaller changes
to the logics. We also rename the function to make it consistent with
naming conventions used elsewhere in the code.
Reviewed-by: Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan@ericsson.com>
Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e9f8b10101c6da3ab000a2fb17162374c9bd2c69
Author: Jon Paul Maloy <jon.maloy@ericsson.com>
Date: Tue May 2 18:16:53 2017 +0200
tipc: refactor function tipc_sk_recvmsg()
We try to make this function more readable by improving variable names
and comments, plus some minor changes to the logics.
Reviewed-by: Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan@ericsson.com>
Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 2da711ac3f6dfa379ccac427a435a558284eab1d
Author: Marcel Holtmann <marcel@holtmann.org>
Date: Tue May 2 12:43:31 2017 -0700
Bluetooth: Skip vendor diagnostic configuration for HCI User Channel
When the HCI User Channel access is requested, then do not try to
undermine it with vendor diagnostic configuration. The exclusive user
is required to configure its own vendor diagnostic in that case and
can not rely on the host stack support.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
commit 773225388dae15e72790d6f573e2e70e96292b6b
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:58 2017 +0530
net: thunderx: Optimize page recycling for XDP
Driver follows a method of taking one extra reference on the
page for recycling which is fine in usual packet path where
each 64KB page is segmented into multiple receive buffers.
But in XDP mode since there is just one receive buffer per
page taking extra page reference itself becomes big bottleneck
consuming ~50% of CPU cycles due to atomic operations.
This patch adds a internal ref count in pgcache for each
page and additional page references are taken in a batch
instead of just one at a time. Internal i.e 'pgcache->ref_count'
and page's i.e 'page->_refcount' counters are compared to check
page's recyclability.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit e3d06ff9ec9400b93bacf8fa92f3985c9412e282
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:57 2017 +0530
net: thunderx: Support for XDP header adjustment
When in XDP mode reserve XDP_PACKET_HEADROOM bytes at the start
of receive buffer for XDP program to modify headers and adjust
packet start. Additional code changes done to handle such packets.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 16f2bccda75da48888772c4829a468be620c5d79
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:56 2017 +0530
net: thunderx: Add support for XDP_TX
Adds support for XDP_TX i.e transmits packet out of
the XDP TX queue mapped to the corresponding Rx queue
on which packet is received.
Since SQ for XDP TX will be used only on a single cpu i.e
SQ description creation and freeing, using atomic free count
is not necessary and will become a bottleneck. Hence added
a separate 'xdp_free_cnt' used for SQs designated for XDP
to track descriptor free count.
Changes also include
- A new entry 'xdp_page' is added to save transmitted packet's
page pointer for later cleanup.
- XDP Tx SQ's doorbell is ringed once per NAPI instance.
- Retrieving designated SQ for packets being sent out by stack
via 'nicvf_xmit'.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit c56d91ce38d54c0c0dd8d0e4c6a9e0cfa557152f
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:55 2017 +0530
net: thunderx: Add support for XDP_DROP
Adds support for XDP_DROP.
Also since in XDP mode there is just a single buffer per page,
made changes to recycle DMA mapping info as well along with pages.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 05c773f52b96ef3fbc7d9bfa21caadc6247ef7a8
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:54 2017 +0530
net: thunderx: Add basic XDP support
Adds basic XDP support i.e attaching a BPF program to an
interface. Also takes care of allocating separate Tx queues
for XDP path and for network stack packet transmission.
This patch doesn't support handling of any of the XDP actions,
all are treated as XDP_PASS i.e packets will be handed over to
the network stack.
Changes also involve allocating one receive buffer per page in XDP
mode and multiple in normal mode i.e when no BPF program is attached.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 927987f39f116db477fcd74ced2a2aea940e585c
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:53 2017 +0530
net: thunderx: Cleanup receive buffer allocation
Get rid of unnecessary double pointer references and type casting
in receive buffer allocation code.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 0dada88b8cd74569abc3dda50f1b268a5868f6f2
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:52 2017 +0530
net: thunderx: Optimize CQE_TX handling
Optimized CQE handling with below changes
- Feeing descriptors back to SQ in bulk i.e once per NAPI
instance instead for every CQE_TX, this will reduce number
of atomic updates to 'sq->free_cnt'.
- Checking errors in CQE_TX and CQE_RX before calling appropriate
fn()s to update error stats i.e reduce branching.
Also removed debug messages in packet handling path which otherwise
causes issues if DEBUG is enabled.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 5e848e4c5d77438e126c97702ec3bea477f550a9
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:51 2017 +0530
net: thunderx: Optimize RBDR descriptor handling
Receive buffer's physical address or iova will anyway not
go beyond 49bits, since it is the max supported HW address.
As per perf, updating bitfields i.e buf_addr:42 in RBDR
descriptor entry consumes lots of cpu cycles, hence changed
it to a 64bit field with alignment requirements taken care of.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 5836b4429777bf57ca8fc02b154263aa54d97508
Author: Sunil Goutham <sgoutham@cavium.com>
Date: Tue May 2 18:36:50 2017 +0530
net: thunderx: Support for page recycling
Adds support for page recycling for allocating receive buffers
to reduce cost of refilling RBDR ring. Also got rid of using
compound pages when pagesize is 4K, only order-0 pages now.
Only page is recycled, DMA mappings still needs to be done for
every receive buffer allocated due to following constraints
- Cannot have just one receive buffer per 64KB page.
- There is just one buffer ring shared across 8 Rx queues, so
buffers of same page can go to any Rx queue.
- HW gives buffer address where packet has been DMA'ed and not
the index into buffer ring.
This makes it not possible to resue DMA mapping info. So unfortunately
have to go through costly mapping route for every buffer.
Signed-off-by: Sunil Goutham <sgoutham@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ee0d8d8482345ff97a75a7d747efc309f13b0d80
Author: Dan Carpenter <dan.carpenter@oracle.com>
Date: Tue May 2 13:58:53 2017 +0300
ipx: call ipxitf_put() in ioctl error path
We should call ipxitf_put() if the copy_to_user() fails.
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 9da3242e6a83b6f315aa9c394c939da8e4ad7774
Author: Jiri Pirko <jiri@mellanox.com>
Date: Tue May 2 10:12:00 2017 +0200
net: sched: add helpers to handle extended actions
Jump is now the only one using value action opcode. This is going to
change soon. So introduce helpers to work with this. Convert TC_ACT_JUMP.
This also fixes the TC_ACT_JUMP check, which is incorrectly done as a
bit check, not a value check.
Fixes: e0ee84ded796 ("net sched actions: Complete the JUMPX opcode")
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 8d3f87d8cd0a16c58ae7e4410938528866c1c0db
Author: sudarsana.kalluru@cavium.com <sudarsana.kalluru@cavium.com>
Date: Tue May 2 01:11:03 2017 -0700
qed*: Fix issues in the ptp filter config implementation.
PTP hardware filter configuration performed by the driver for a given
user requested config is not correct for some of the PTP modes.
Following changes are needed for PTP config-filter implementation.
1. NIG_REG_TX_PTP_EN register - Bits 0/1/2 respectively enables
TimeSync/"V1 frame format support"/"V2 frame format support" on
the TX side. Set the associated bits based on the user request.
2. ptp4l application fails to operate in Peer Delay mode. Following
changes are needed to fix this,
a. Driver should enable (set to 0) DA #1-related bits for IPv4,
IPv6 and MAC destination addresses in these registers:
NIG_REG_TX_LLH_PTP_RULE_MASK
NIG_REG_LLH_PTP_RULE_MASK
b. NIG_REG_LLH_PTP_PARAM_MASK/NIG_REG_TX_LLH_PTP_PARAM_MASK should
be set to 0x0 in all modes.
Signed-off-by: Sudarsana Reddy Kalluru <Sudarsana.Kalluru@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 461eec12012c29b66525c270208d30be8f6da8e7
Author: sudarsana.kalluru@cavium.com <sudarsana.kalluru@cavium.com>
Date: Tue May 2 01:11:02 2017 -0700
qede: Fix concurrency issue in PTP Tx path processing.
PTP Tx timestamping data structures are not protected against the
concurrent access in the Tx paths. Protecting the same using atomic
bit locks.
Signed-off-by: Sudarsana Reddy Kalluru <Sudarsana.Kalluru@cavium.com>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 212c7fd614377fef4415d94856a59e9f484aa439
Author: Jan Kiszka <jan.kiszka@siemens.com>
Date: Tue May 2 09:58:00 2017 +0200
stmmac: Add support for SIMATIC IOT2000 platform
The IOT2000 is industrial controller platform, derived from the Intel
Galileo Gen2 board. The variant IOT2020 comes with one LAN port, the
IOT2040 has two of them. They can be told apart based on the board asset
tag in the DMI table.
Based on patch by Sascha Weisenberger.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Sascha Weisenberger <sascha.weisenberger@siemens.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 412b65d15a7f8a93794653968308fc100f2aa87c
Author: Timmy Li <lixiaoping3@huawei.com>
Date: Tue May 2 10:46:52 2017 +0800
net: hns: fix ethtool_get_strings overflow in hns driver
hns_get_sset_count() returns HNS_NET_STATS_CNT and the data space allocated
is not enough for ethtool_get_strings(), which will cause random memory
corruption.
When SLAB and DEBUG_SLAB are both enabled, memory corruptions like the
the following can be observed without this patch:
[ 43.115200] Slab corruption (Not tainted): Acpi-ParseExt start=ffff801fb0b69030, len=80
[ 43.115206] Redzone: 0x9f911029d006462/0x5f78745f31657070.
[ 43.115208] Last user: [<5f7272655f746b70>](0x5f7272655f746b70)
[ 43.115214] 010: 70 70 65 31 5f 74 78 5f 70 6b 74 00 6b 6b 6b 6b ppe1_tx_pkt.kkkk
[ 43.115217] 030: 70 70 65 31 5f 74 78 5f 70 6b 74 5f 6f 6b 00 6b ppe1_tx_pkt_ok.k
[ 43.115218] Next obj: start=ffff801fb0b69098, len=80
[ 43.115220] Redzone: 0x706d655f6f666966/0x9f911029d74e35b.
[ 43.115229] Last user: [<ffff0000084b11b0>](acpi_os_release_object+0x28/0x38)
[ 43.115231] 000: 74 79 00 6b 6b 6b 6b 6b 70 70 65 31 5f 74 78 5f ty.kkkkkppe1_tx_
[ 43.115232] 010: 70 6b 74 5f 65 72 72 5f 63 73 75 6d 5f 66 61 69 pkt_err_csum_fai
Signed-off-by: Timmy Li <lixiaoping3@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit a9f11f963a546fea9144f6a6d1a307e814a387e7
Author: Eric Dumazet <edumazet@google.com>
Date: Mon May 1 15:29:48 2017 -0700
tcp: fix wraparound issue in tcp_lp
Be careful when comparing tcp_time_stamp to some u32 quantity,
otherwise result can be surprising.
Fixes: 7c106d7e782b ("[TCP]: TCP Low Priority congestion control")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit ddc665a4bb4b728b4e6ecec8db1b64efa9184b9c
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Tue May 2 20:34:54 2017 +0200
bpf, arm64: fix jit branch offset related to ldimm64
When the instruction right before the branch destination is
a 64 bit load immediate, we currently calculate the wrong
jump offset in the ctx->offset[] array as we only account
one instruction slot for the 64 bit load immediate although
it uses two BPF instructions. Fix it up by setting the offset
into the right slot after we incremented the index.
Before (ldimm64 test 1):
[...]
00000020: 52800007 mov w7, #0x0 // #0
00000024: d2800060 mov x0, #0x3 // #3
00000028: d2800041 mov x1, #0x2 // #2
0000002c: eb01001f cmp x0, x1
00000030: 54ffff82 b.cs 0x00000020
00000034: d29fffe7 mov x7, #0xffff // #65535
00000038: f2bfffe7 movk x7, #0xffff, lsl #16
0000003c: f2dfffe7 movk x7, #0xffff, lsl #32
00000040: f2ffffe7 movk x7, #0xffff, lsl #48
00000044: d29dddc7 mov x7, #0xeeee // #61166
00000048: f2bdddc7 movk x7, #0xeeee, lsl #16
0000004c: f2ddddc7 movk x7, #0xeeee, lsl #32
00000050: f2fdddc7 movk x7, #0xeeee, lsl #48
[...]
After (ldimm64 test 1):
[...]
00000020: 52800007 mov w7, #0x0 // #0
00000024: d2800060 mov x0, #0x3 // #3
00000028: d2800041 mov x1, #0x2 // #2
0000002c: eb01001f cmp x0, x1
00000030: 540000a2 b.cs 0x00000044
00000034: d29fffe7 mov x7, #0xffff // #65535
00000038: f2bfffe7 movk x7, #0xffff, lsl #16
0000003c: f2dfffe7 movk x7, #0xffff, lsl #32
00000040: f2ffffe7 movk x7, #0xffff, lsl #48
00000044: d29dddc7 mov x7, #0xeeee // #61166
00000048: f2bdddc7 movk x7, #0xeeee, lsl #16
0000004c: f2ddddc7 movk x7, #0xeeee, lsl #32
00000050: f2fdddc7 movk x7, #0xeeee, lsl #48
[...]
Also, add a couple of test cases to make sure JITs pass
this test. Tested on Cavium ThunderX ARMv8. The added
test cases all pass after the fix.
Fixes: 8eee539ddea0 ("arm64: bpf: fix out-of-bounds read in bpf2a64_offset()")
Reported-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Cc: Xi Wang <xi.wang@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 85f68fe89832057584a9e66e1e7e53d53e50faff
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Mon May 1 02:57:20 2017 +0200
bpf, arm64: implement jiting of BPF_XADD
This work adds BPF_XADD for BPF_W/BPF_DW to the arm64 JIT and therefore
completes JITing of all BPF instructions, meaning we can thus also remove
the 'notyet' label and do not need to fall back to the interpreter when
BPF_XADD is used in a program!
This now also brings arm64 JIT in line with x86_64, s390x, ppc64, sparc64,
where all current eBPF features are supported.
BPF_W example from test_bpf:
.u.insns_int = {
BPF_ALU32_IMM(BPF_MOV, R0, 0x12),
BPF_ST_MEM(BPF_W, R10, -40, 0x10),
BPF_STX_XADD(BPF_W, R10, R0, -40),
BPF_LDX_MEM(BPF_W, R0, R10, -40),
BPF_EXIT_INSN(),
},
[...]
00000020: 52800247 mov w7, #0x12 // #18
00000024: 928004eb mov x11, #0xffffffffffffffd8 // #-40
00000028: d280020a mov x10, #0x10 // #16
0000002c: b82b6b2a str w10, [x25,x11]
// start of xadd mapping:
00000030: 928004ea mov x10, #0xffffffffffffffd8 // #-40
00000034: 8b19014a add x10, x10, x25
00000038: f9800151 prfm pstl1strm, [x10]
0000003c: 885f7d4b ldxr w11, [x10]
00000040: 0b07016b add w11, w11, w7
00000044: 880b7d4b stxr w11, w11, [x10]
00000048: 35ffffab cbnz w11, 0x0000003c
// end of xadd mapping:
[...]
BPF_DW example from test_bpf:
.u.insns_int = {
BPF_ALU32_IMM(BPF_MOV, R0, 0x12),
BPF_ST_MEM(BPF_DW, R10, -40, 0x10),
BPF_STX_XADD(BPF_DW, R10, R0, -40),
BPF_LDX_MEM(BPF_DW, R0, R10, -40),
BPF_EXIT_INSN(),
},
[...]
00000020: 52800247 mov w7, #0x12 // #18
00000024: 928004eb mov x11, #0xffffffffffffffd8 // #-40
00000028: d280020a mov x10, #0x10 // #16
0000002c: f82b6b2a str x10, [x25,x11]
// start of xadd mapping:
00000030: 928004ea mov x10, #0xffffffffffffffd8 // #-40
00000034: 8b19014a add x10, x10, x25
00000038: f9800151 prfm pstl1strm, [x10]
0000003c: c85f7d4b ldxr x11, [x10]
00000040: 8b07016b add x11, x11, x7
00000044: c80b7d4b stxr w11, x11, [x10]
00000048: 35ffffab cbnz w11, 0x0000003c
// end of xadd mapping:
[...]
Tested on Cavium ThunderX ARMv8, test suite results after the patch:
No JIT: [ 3751.855362] test_bpf: Summary: 311 PASSED, 0 FAILED, [0/303 JIT'ed]
With JIT: [ 3573.759527] test_bpf: Summary: 311 PASSED, 0 FAILED, [303/303 JIT'ed]
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 59b5c13899989e3d8f68a3d19c68044cce8254c0
Author: Tobias Regnery <tobias.regnery@gmail.com>
Date: Tue May 2 15:15:01 2017 +0200
Bluetooth: hci_uart: fix kconfig dependency
We see the following link error with CONFIG_BT_HCIUART=y,
CONFIG_BT_HCIUART_LL=y and CONFIG_SERIAL_DEV_BUS=m:
drivers/built-in.o: In function 'll_close':
supp.c:(.text+0x55add4): undefined reference to 'serdev_device_close'
supp.c:(.text+0x55add4): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol 'serdev_device_close'
drivers/built-in.o: In function 'll_open':
supp.c:(.text+0x55aed0): undefined reference to 'serdev_device_open'
supp.c:(.text+0x55aed0): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol 'serdev_device_open'
drivers/built-in.o: In function `hci_ti_probe':
supp.c:(.text+0x55b00c): undefined reference to 'hci_uart_register_device'
supp.c:(.text+0x55b00c): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol 'hci_uart_register_device'
drivers/built-in.o: In function `ll_setup':
supp.c:(.text+0x55b08c): undefined reference to 'serdev_device_set_flow_control'
supp.c:(.text+0x55b08c): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol 'serdev_device_set_flow_control'
supp.c:(.text+0x55b324): undefined reference to 'serdev_device_set_baudrate'
supp.c:(.text+0x55b324): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol 'serdev_device_set_baudrate'
drivers/built-in.o: In function 'll_init':
supp.c:(.init.text+0x1b508): undefined reference to '__serdev_device_driver_register'
supp.c:(.init.text+0x1b508): relocation truncated to fit: R_AARCH64_CALL26 against undefined symbol '__serdev_device_driver_register'
Fix this by dependig BT_HCIUART_LL on the BT_HCIUART_SERDEV symbol.
This implies a dependency on BT_HCIUART and hci_ll.c is only compiled in
if SERIAl_DEV_BUS is built in or SERIAL_DEV_BUS and BT_HCIUART are
modules.
Fixes: 371805522f87 ("bluetooth: hci_uart: add LL protocol serdev driver support")
Signed-off-by: Tobias Regnery <tobias.regnery@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
commit 8a8b56638bcac4e64cccc88bf95a0f9f4b19a2fb
Author: James Hogan <james.hogan@imgtec.com>
Date: Fri Apr 28 10:50:26 2017 +0100
metag/uaccess: Fix access_ok()
The __user_bad() macro used by access_ok() has a few corner cases
noticed by Al Viro where it doesn't behave correctly:
- The kernel range check has off by 1 errors which permit access to the
first and last byte of the kernel mapped range.
- The kernel range check ends at LINCORE_BASE rather than
META_MEMORY_LIMIT, which is ineffective when the kernel is in global
space (an extremely uncommon configuration).
There are a couple of other shortcomings here too:
- Access to the whole of the other address space is permitted (i.e. the
global half of the address space when the kernel is in local space).
This isn't ideal as it could theoretically still contain privileged
mappings set up by the bootloader.
- The size argument is unused, permitting user copies which start on
valid pages at the end of the user address range and cross the
boundary into the kernel address space (e.g. addr = 0x3ffffff0, size
> 0x10).
It isn't very convenient to add size checks when disallowing certain
regions, and it seems far safer to be sure and explicit about what
userland is able to access, so invert the logic to allow certain regions
instead, and fix the off by 1 errors and missing size checks. This also
allows the get_fs() == KERNEL_DS check to be more easily optimised into
the user address range case.
We now have 3 such allowed regions:
- The user address range (incorporating the get_fs() == KERNEL_DS
check).
- NULL (some kernel code expects this to work, and we'll always catch
the fault anyway).
- The core code memory region.
Fixes: 373cd784d0fc ("metag: Memory handling")
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: linux-metag@vger.kernel.org
Cc: stable@vger.kernel.org
commit a3a8e90a11e7d5245fc985c2e920b196b388022e
Author: Javier Martinez Canillas <javier@dowhile0.org>
Date: Fri Apr 28 00:22:15 2017 -0400
MAINTAINERS: Remove myself as reviewer for Exynos
I left Samsung and lost access to most Exynos hardware and documentation.
Also, I likely won't be able to keep an eye on the platform anymore in the
short term so remove myself as a reviewer for Exynos.
Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
commit 1dbdcc810928a2c1acdd0bbfce9495f63610a0d1
Author: Timur Tabi <timur@codeaurora.org>
Date: Mon May 1 14:23:04 2017 -0500
selftests: watchdog: accept multiple params on command line
Watchdog drivers are not required to retain programming information,
such as timeouts, after the watchdog device is closed. Therefore,
the watchdog test should be able to perform multiple actions after
opening the watchdog device.
For example, to set the timeout to 10s and ping every 5s:
watchdog-test -t 10 -p 5 -e
Also, display the periodic decimal point only if the keep-alive call
succeeds.
Signed-off-by: Timur Tabi <timur@codeaurora.org>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com>
commit 933dfbd7c437bbbf65caae785dfa105fbfaa8485
Author: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Date: Tue May 2 08:48:33 2017 -0700
rcu: Open-code the rcu_cblist_n_lazy_cbs() function
Because the rcu_cblist_n_lazy_cbs() just samples the ->len_lazy counter,
and because the rcu_cblist structure is quite straightforward, it makes
sense to open-code rcu_cblist_n_lazy_cbs(p) as p->len_lazy, cutting out
a level of indirection. This commit makes this change.
Reported-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
commit 4b27f20b40a23f03df682eb1f69e9dc3da7d3b93
Author: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Date: Tue May 2 08:45:25 2017 -0700
rcu: Open-code the rcu_cblist_n_cbs() function
Because the rcu_cblist_n_cbs() just samples the ->len counter, and
because the rcu_cblist structure is quite straightforward, it makes
sense to open-code rcu_cblist_n_cbs(p) as p->len, cutting out a level
of indirection. This commit makes this change.
Reported-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
commit 586f8525979ad9574bf61637fd58c98d5077f29d
Author: David Miller <davem@davemloft.net>
Date: Tue May 2 11:36:45 2017 -0400
bpf: Align packet data properly in program testing framework.
Make sure we apply NET_IP_ALIGN when reserving headroom for SKB
and XDP test runs, just like a real driver would.
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
commit 78e5227237cae9172dd50c3ebb08d4fb31530676
Author: David Miller <davem@davemloft.net>
Date: Tue May 2 11:36:33 2017 -0400
bpf: Do not dereference user pointer in bpf_test_finish().
Instead, pass the kattr in which has a kernel side copy of this
data structure from userspace already.
Fix based upon a suggestion from Alexei Starovoitov.
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
commit 8ef0f37efb7863a04b1e4102d42b7c0b1a59d40f
Author: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Date: Tue May 2 08:18:40 2017 -0700
rcu: Open-code the rcu_cblist_empty() function
Because the rcu_cblist_empty() just samples the ->head pointer, and
because the rcu_cblist structure is quite straightforward, it makes
sense to open-code rcu_cblist_empty(p) as !p->head, cutting out a
level of indirection. This commit makes this change.
Reported-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
commit 4e9c3a667135799d50f2778a8a8dae2ca13aafd0
Author: David S. Miller <davem@davemloft.net>
Date: Tue May 2 07:52:01 2017 -0700
selftests: bpf: Use bpf_endian.h in test_xdp.c
This fixes the testcase on big-endian.
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 24b43c99647bf9be4995e6a6c9c3a923c147770a
Author: Paolo Abeni <pabeni@redhat.com>
Date: Tue May 2 16:03:58 2017 +0200
infiniband: avoid dereferencing uninitialized dst on error path
With commit eea40b8f624f ("infiniband: call ipv6 route lookup
via the stub interface"), if the route lookup fails due to
ipv6 being disabled, the dst variable is left untouched, and
the following dst_release() may access uninitialized memory.
Since ipv6_dst_lookup() always sets dst to NULL in case of
lookup failure with ipv6 enabled, fix the above just
returning the error code if the lookup fails.
Fixes: eea40b8f624 ("infiniband: call ipv6 route lookup via the stub interface")
Reported-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Doug Ledford <dledford@redhat.com>
commit 98059b98619d093366462ff0a4e1258e946accb9
Author: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Date: Tue May 2 06:30:12 2017 -0700
rcu: Separately compile large rcu_segcblist functions
This commit creates a new kernel/rcu/rcu_segcblist.c file that
contains non-trivial segcblist functions. Trivial functions
remain as static inline functions in kernel/rcu/rcu_segcblist.h
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
commit 534c01ecdc458bf67e33b3815f1445025ab43719
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: the fix RCU locking for the auditd_connection structure
Cong Wang correctly pointed out that the RCU read locking of the
auditd_connection struct was wrong, this patch correct this by
adopting a more traditional, and correct RCU locking model.
This patch is heavily based on an earlier prototype by Cong Wang.
Cc: <stable@vger.kernel.org> # 4.11.x-
Reported-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 8cc96382d9a7fe1746286670dd5140c3b12638ae
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: use kmem_cache to manage the audit_buffer cache
The audit subsystem implemented its own buffer cache mechanism which
is a bit silly these days when we could use the kmem_cache construct.
Some credit is due to Florian Westphal for originally proposing that
we remove the audit cache implementation in favor of simple
kmalloc()/kfree() calls, but I would rather have a dedicated slab
cache to ease debugging and future stats/performance work.
Cc: Florian Westphal <fw@strlen.de>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 2115bb250f260089743e26decfb5f271ba71ca37
Author: Deepa Dinamani <deepa.kernel@gmail.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: Use timespec64 to represent audit timestamps
struct timespec is not y2038 safe.
Audit timestamps are recorded in string format into
an audit buffer for a given context.
These mark the entry timestamps for the syscalls.
Use y2038 safe struct timespec64 to represent the times.
The log strings can handle this transition as strings can
hold upto 1024 characters.
Signed-off-by: Deepa Dinamani <deepa.kernel@gmail.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b6c7c115c2ce679ac536f0adf0ff518fcd939196
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: store the auditd PID as a pid struct instead of pid_t
This is arguably the right thing to do, and will make it easier when
we start supporting multiple audit daemons in different namespaces.
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 45a0642b4d021a2f50d5db9c191b5bfe60bfa1c7
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: kernel generated netlink traffic should have a portid of 0
We were setting the portid incorrectly in the netlink message headers,
fix that to always be 0 (nlmsg_pid = 0).
Signed-off-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
commit a9d1620877748375cf60b43ef3fa5f61ab6d9f24
Author: Paul Moore <paul@paul-moore.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: combine audit_receive() and audit_receive_skb()
There is no reason to have both of these functions, combine the two.
Signed-off-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
commit bd120ded6a6af61ad342a8a95b36b64bd1e2f9e6
Author: Elena Reshetova <elena.reshetova@intel.com>
Date: Tue May 2 10:16:05 2017 -0400
audit: convert audit_watch.count from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
[PM: fix subject line, add #include]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 9d2378f8c8f1a3fcfab681fd90c139d90dca7b69
Author: Elena Reshetova <elena.reshetova@intel.com>
Date: Tue May 2 10:16:04 2017 -0400
audit: convert audit_tree.count from atomic_t to refcount_t
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
[PM: fix subject line, add #include]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 2173c519d5e912a6e2934bb04255fcd36c1591c8
Author: Richard Guy Briggs <rgb@redhat.com>
Date: Tue May 2 10:16:04 2017 -0400
audit: normalize NETFILTER_PKT
Eliminate flipping in and out of message fields, dropping fields in the
process.
Sample raw message format IPv4 UDP:
type=NETFILTER_PKT msg=audit(1487874761.386:228): mark=0xae8a2732 saddr=127.0.0.1 daddr=127.0.0.1 proto=17^]
Sample raw message format IPv6 ICMP6:
type=NETFILTER_PKT msg=audit(1487874761.381:227): mark=0x223894b7 saddr=::1 daddr=::1 proto=58^]
Issue: https://github.com/linux-audit/audit-kernel/issues/11
Test case: https://github.com/linux-audit/audit-testsuite/issues/43
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 0cb88b6ff054ccfa30e0fd7f7b42ee9f088db432
Author: Richard Guy Briggs <rgb@redhat.com>
Date: Tue May 2 10:16:04 2017 -0400
netfilter: use consistent ipv4 network offset in xt_AUDIT
Even though the skb->data pointer has been moved from the link layer
header to the network layer header, use the same method to calculate the
offset in ipv4 and ipv6 routines.
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
[PM: munged subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit f6276ac95bde4312251535904af32b1de9d54949
Author: Richard Guy Briggs <rgb@redhat.com>
Date: Tue May 2 10:16:04 2017 -0400
audit: log module name on delete_module
When a sysadmin wishes to monitor module unloading with a syscall rule such as:
-a always,exit -F arch=x86_64 -S delete_module -F key=mod-unload
the SYSCALL record doesn't tell us what module was requested for unloading.
Use the new KERN_MODULE auxiliary record to record it.
The SYSCALL record result code will list the return code.
See: https://github.com/linux-audit/audit-kernel/issues/37
https://github.com/linux-audit/audit-kernel/issues/7
https://github.com/linux-audit/audit-kernel/wiki/RFE-Module-Load-Record-Format
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Acked-by: Jessica Yu <jeyu@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit 9aab4f4ea7a4ca80ec3e0269ce2eb71a24f6fef9
Author: Nicholas Mc Guire <der.herr@hofr.at>
Date: Tue May 2 10:16:04 2017 -0400
audit: remove unnecessary semicolon in audit_watch_handle_event()
The excess ; after the closing parenthesis is just code-noise it has no
and can be removed.
Signed-off-by: Nicholas Mc Guire <der.herr@hofr.at>
[PM: tweaked subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b5239fba69949a44290d4af517fc1c2eff3e36f6
Author: Nicholas Mc Guire <der.herr@hofr.at>
Date: Tue May 2 10:16:04 2017 -0400
audit: remove unnecessary semicolon in audit_mark_handle_event()
The excess ; after the closing parenthesis is just code-noise it has no
and can be removed.
Signed-off-by: Nicholas Mc Guire <der.herr@hofr.at>
[PM: tweaked subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b7a84deaf8d1b0e62b437a290a40d6380975f126
Author: Nicholas Mc Guire <der.herr@hofr.at>
Date: Tue May 2 10:16:03 2017 -0400
audit: remove unnecessary semicolon in audit_field_valid()
The excess ; after the closing parenthesis is just code-noise it has no
and can be removed.
Signed-off-by: Nicholas Mc Guire <der.herr@hofr.at>
[PM: tweak subject line]
Signed-off-by: Paul Moore <paul@paul-moore.com>
commit b5d60989c6f7501af72cb65893c02621dd16fd84
Author: Jakub Kicinski <jakub.kicinski@netronome.com>
Date: Mon May 1 15:53:43 2017 -0700
xdp: fix parameter kdoc for extack
Fix kdoc parameter spelling from extact to extack.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit eb6211d3606971a957fea28f7532687f9d0f93f2
Author: Daniel Borkmann <daniel@iogearbox.net>
Date: Tue May 2 00:47:09 2017 +0200
bpf, samples: fix build warning in cookie_uid_helper_example
Fix the following warnings triggered by 51570a5ab2b7 ("A Sample of
using socket cookie and uid for traffic monitoring"):
In file included from /home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:54:0:
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c: In function 'prog_load':
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:119:27: warning: overflow in implicit constant conversion [-Woverflow]
-32 + offsetof(struct stats, uid)),
^
/home/foo/net-next/samples/bpf/libbpf.h:135:12: note: in definition of macro 'BPF_STX_MEM'
.off = OFF, \
^
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:121:27: warning: overflow in implicit constant conversion [-Woverflow]
-32 + offsetof(struct stats, packets), 1),
^
/home/foo/net-next/samples/bpf/libbpf.h:155:12: note: in definition of macro 'BPF_ST_MEM'
.off = OFF, \
^
/home/foo/net-next/samples/bpf/cookie_uid_helper_example.c:129:27: warning: overflow in implicit constant conversion [-Woverflow]
-32 + offsetof(struct stats, bytes)),
^
/home/foo/net-next/samples/bpf/libbpf.h:135:12: note: in definition of macro 'BPF_STX_MEM'
.off = OFF, \
^
HOSTLD /home/foo/net-next/samples/bpf/per_socket_stats_example
Fixes: 51570a5ab2b7 ("A Sample of using socket cookie and uid for traffic monitoring")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit 45753c5f315749711b935a2506ee5c10eef5c23d
Author: Ingo Molnar <mingo@kernel.org>
Date: Tue May 2 10:31:18 2017 +0200
srcu: Debloat the <linux/rcu_segcblist.h> header
Linus noticed that the <linux/rcu_segcblist.h> has huge inline functions
which should not be inline at all.
As a first step in cleaning this up, move them all to kernel/rcu/ and
only keep an absolute minimum of data type defines in the header:
before: -rw-r--r-- 1 mingo mingo 22284 May 2 10:25 include/linux/rcu_segcblist.h
after: -rw-r--r-- 1 mingo mingo 3180 May 2 10:22 include/linux/rcu_segcblist.h
More can be done, such as uninlining the large functions, which inlining
is unjustified even if it's an RCU internal matter.
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
commit 5c9cfda13dc503f4b25b486a57974e0414adb6f1
Author: Karim Eshapa <karim.eshapa@gmail.com>
Date: Tue May 2 13:47:54 2017 +0200
drivers/video/fbdev/omap/lcd_mipid.c: Use time comparison kernel macros
Use time_before_eq time comparison defind kernel macro
that has safety check.
Signed-off-by: Karim Eshapa <karim.eshapa@gmail.com>
Cc: Tomi Valkeinen <tomi.valkeinen@ti.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
commit dc85e9a87420613b3129d5cc5ecd79c58351c546
Author: Alexey Khoroshilov <khoroshilov@ispras.ru>
Date: Tue May 2 13:47:53 2017 +0200
sm501fb: don't return zero on failure path in sm501fb_start()
If fbmem iomemory mapping failed, sm501fb_start() breaks off
initialization, deallocates resources, but returns zero.
As a result, double deallocation can happen in sm501fb_stop().
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Cc: Tomi Valkeinen <tomi.valkeinen@ti.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
commit 45f580c42e5c125d55dbd8099750a1998de3d917
Author: Maksim Salau <maksim.salau@gmail.com>
Date: Tue May 2 13:47:53 2017 +0200
video: fbdev: udlfb: Fix buffer on stack
Allocate buffers on HEAP instead of STACK for local array
that is to be sent using usb_control_msg().
Signed-off-by: Maksim Salau <maksim.salau@gmail.com>
Cc: Bernie Thompson <bernie@plugable.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
commit 2f9d31b67ed3342e7297878716196bcb5e88ab64
Author: Marcel Holtmann <marcel@holtmann.org>
Date: Mon May 1 23:54:19 2017 -0700
Bluetooth: Set LE Default PHY preferences
If the LE Set Default PHY command is supported, the indicate to the
controller that the host has no preferences for transmitter PHY or
receiver PHY selection.
Issuing this command gives the controller a clear indication that other
PHY can be selected if available.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
commit d284f54e7ab1598b23dff8593401c3c497672ec9
Author: Marcel Holtmann <marcel@holtmann.org>
Date: Mon May 1 23:54:18 2017 -0700
Bluetooth: Enable LE PHY Update Complete event
If either LE Set Default PHY command or LE Set PHY commands is
supported, then enable the LE PHY Update Complete event.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
commit 606f8eefacb58d3754a89d453744f78b0714f0b4
Author: Marcel Holtmann <marcel@holtmann.org>
Date: Mon May 1 23:54:17 2017 -0700
Bluetooth: Enable LE Channel Selection Algorithm event
If the Channel Selection Algorithm #2 feature is supported, then enable
the new LE Channel Selection Algorithm event.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
commit e371fd7607999fabbd955b4d22c8e912594a7997
Author: Julien Grall <julien.grall@arm.com>
Date: Mon Apr 24 18:58:39 2017 +0100
xen: Implement EFI reset_system callback
When rebooting DOM0 with ACPI on ARM64, the kernel is crashing with the stack
trace [1].
This is happening because when EFI runtimes are enabled, the reset code
(see machine_restart) will first try to use EFI restart method.
However, the EFI restart code is expecting the reset_system callback to
be always set. This is not the case for Xen and will lead to crash.
The EFI restart helper is used in multiple places and some of them don't
not have fallback (see machine_power_off). So implement reset_system
callback as a call to xen_reboot when using EFI Xen.
[ 36.999270] reboot: Restarting system
[ 37.002921] Internal error: Attempting to execute userspace memory: 86000004 [#1] PREEMPT SMP
[ 37.011460] Modules linked in:
[ 37.014598] CPU: 0 PID: 1 Comm: systemd-shutdow Not tainted 4.11.0-rc1-00003-g1e248b60a39b-dirty #506
[ 37.023903] Hardware name: (null) (DT)
[ 37.027734] task: ffff800902068000 task.stack: ffff800902064000
[ 37.033739] PC is at 0x0
[ 37.036359] LR is at efi_reboot+0x94/0xd0
[ 37.040438] pc : [<0000000000000000>] lr : [<ffff00000880f2c4>] pstate: 404001c5
[ 37.047920] sp : ffff800902067cf0
[ 37.051314] x29: ffff800902067cf0 x28: ffff800902068000
[ 37.056709] x27: ffff000008992000 x26: 000000000000008e
[ 37.062104] x25: 0000000000000123 x24: 0000000000000015
[ 37.067499] x23: 0000000000000000 x22: ffff000008e6e250
[ 37.072894] x21: ffff000008e6e000 x20: 0000000000000000
[ 37.078289] x19: ffff000008e5d4c8 x18: 0000000000000010
[ 37.083684] x17: 0000ffffa7c27470 x16: 00000000deadbeef
[ 37.089079] x15: 0000000000000006 x14: ffff000088f42bef
[ 37.094474] x13: ffff000008f42bfd x12: ffff000008e706c0
[ 37.099870] x11: ffff000008e70000 x10: 0000000005f5e0ff
[ 37.105265] x9 : ffff800902067a50 x8 : 6974726174736552
[ 37.110660] x7 : ffff000008cc6fb8 x6 : ffff000008cc6fb0
[ 37.116055] x5 : ffff000008c97dd8 x4 : 0000000000000000
[ 37.121453] x3 : 0000000000000000 x2 : 0000000000000000
[ 37.126845] x1 : 0000000000000000 x0 : 0000000000000000
[ 37.132239]
[ 37.133808] Process systemd-shutdow (pid: 1, stack limit = 0xffff800902064000)
[ 37.141118] Stack: (0xffff800902067cf0 to 0xffff800902068000)
[ 37.146949] 7ce0: ffff800902067d40 ffff000008085334
[ 37.154869] 7d00: 0000000000000000 ffff000008f3b000 ffff800902067d40 ffff0000080852e0
[ 37.162787] 7d20: ffff000008cc6fb0 ffff000008cc6fb8 ffff000008c7f580 ffff000008c97dd8
[ 37.170706] 7d40: ffff800902067d60 ffff0000080e2c2c 0000000000000000 0000000001234567
[ 37.178624] 7d60: ffff800902067d80 ffff0000080e2ee8 0000000000000000 ffff0000080e2df4
[ 37.186544] 7d80: 0000000000000000 ffff0000080830f0 0000000000000000 00008008ff1c1000
[ 37.194462] 7da0: ffffffffffffffff 0000ffffa7c4b1cc 0000000000000000 0000000000000024
[ 37.202380] 7dc0: ffff800902067dd0 0000000000000005 0000fffff24743c8 0000000000000004
[ 37.210299] 7de0: 0000fffff2475f03 0000000000000010 0000fffff2474418 0000000000000005
[ 37.218218] 7e00: 0000fffff2474578 000000000000000a 0000aaaad6b722c0 0000000000000001
[ 37.226136] 7e20: 0000000000000123 0000000000000038 ffff800902067e50 ffff0000081e7294
[ 37.234055] 7e40: ffff800902067e60 ffff0000081e935c ffff800902067e60 ffff0000081e9388
[ 37.241973] 7e60: ffff800902067eb0 ffff0000081ea388 0000000000000000 00008008ff1c1000
[ 37.249892] 7e80: ffffffffffffffff 0000ffffa7c4a79c 0000000000000000 ffff000000020000
[ 37.257810] 7ea0: 0000010000000004 0000000000000000 0000000000000000 ffff0000080830f0
[ 37.265729] 7ec0: fffffffffee1dead 0000000028121969 0000000001234567 0000000000000000
[ 37.273651] 7ee0: ffffffffffffffff 8080000000800000 0000800000008080 feffa9a9d4ff2d66
[ 37.281567] 7f00: 000000000000008e feffa9a9d5b60e0f 7f7fffffffff7f7f 0101010101010101
[ 37.289485] 7f20: 0000000000000010 0000000000000008 000000000000003a 0000ffffa7ccf588
[ 37.297404] 7f40: 0000aaaad6b87d00 0000ffffa7c4b1b0 0000fffff2474be0 0000aaaad6b88000
[ 37.305326] 7f60: 0000fffff2474fb0 0000000001234567 0000000000000000 0000000000000000
[ 37.313240] 7f80: 0000000000000000 0000000000000001 0000aaaad6b70d4d 0000000000000000
[ 37.321159] 7fa0: 0000000000000001 0000fffff2474ea0 0000aaaad6b5e2e0 0000fffff2474e80
[ 37.329078] 7fc0: 0000ffffa7c4b1cc 0000000000000000 fffffffffee1dead 000000000000008e
[ 37.336997] 7fe0: 0000000000000000 0000000000000000 9ce839cffee77eab fafdbf9f7ed57f2f
[ 37.344911] Call trace:
[ 37.347437] Exception stack(0xffff800902067b20 to 0xffff800902067c50)
[ 37.353970] 7b20: ffff000008e5d4c8 0001000000000000 0000000080f82000 0000000000000000
[ 37.361883] 7b40: ffff800902067b60 ffff000008e17000 ffff000008f44c68 00000001081081b4
[ 37.369802] 7b60: ffff800902067bf0 ffff000008108478 0000000000000000 ffff000008c235b0
[ 37.377721] 7b80: ffff800902067ce0 0000000000000000 0000000000000000 0000000000000015
[ 37.385643] 7ba0: 0000000000000123 000000000000008e ffff000008992000 ffff800902068000
[ 37.393557] 7bc0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[ 37.401477] 7be0: 0000000000000000 ffff000008c97dd8 ffff000008cc6fb0 ffff000008cc6fb8
[ 37.409396] 7c00: 6974726174736552 ffff800902067a50 0000000005f5e0ff ffff000008e70000
[ 37.417318] 7c20: ffff000008e706c0 ffff000008f42bfd ffff000088f42bef 0000000000000006
[ 37.425234] 7c40: 00000000deadbeef 0000ffffa7c27470
[ 37.430190] [< (null)>] (null)
[ 37.434982] [<ffff000008085334>] machine_restart+0x6c/0x70
[ 37.440550] [<ffff0000080e2c2c>] kernel_restart+0x6c/0x78
[ 37.446030] [<ffff0000080e2ee8>] SyS_reboot+0x130/0x228
[ 37.451337] [<ffff0000080830f0>] el0_svc_naked+0x24/0x28
[ 37.456737] Code: bad PC value
[ 37.459891] ---[ end trace 76e2fc17e050aecd ]---
Signed-off-by: Julien Grall <julien.grall@arm.com>
--
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
The x86 code has theoritically a similar issue, altought EFI does not
seem to be the preferred method. I have only built test it on x86.
This should also probably be fixed in stable tree.
Changes in v2:
- Implement xen_efi_reset_system using xen_reboot
- Move xen_efi_reset_system in drivers/xen/efi.c
Signed-off-by: Juergen Gross <jgross@suse.com>
commit fa12a870a9d594ba458242a04a4d17a76fc816a4
Author: Julien Grall <julien.grall@arm.com>
Date: Mon Apr 24 18:58:38 2017 +0100
arm/xen: Consolidate calls to shutdown hypercall in a single helper
Signed-off-by: Julien Grall <julien.grall@arm.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 5d9404e1185de8d508cd042761306495f727d7eb
Author: Julien Grall <julien.grall@arm.com>
Date: Mon Apr 24 18:58:37 2017 +0100
xen: Export xen_reboot
The helper xen_reboot will be called by the EFI code in a later patch.
Note that the ARM version does not yet exist and will be added in a
later patch too.
Signed-off-by: Julien Grall <julien.grall@arm.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit f31b969217b42df605b2e0e64aa6b3e03e781a4f
Author: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Date: Wed Apr 26 09:42:48 2017 -0400
xen/x86: Call xen_smp_intr_init_pv() on BSP
Recent code rework that split handling ov PV, HVM and PVH guests into
separate files missed calling xen_smp_intr_init_pv() on CPU0.
Add this call.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reported-by: Sander Eikelenboom <linux@eikelenboom.it>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 84d582d236dc1f9085e741affc72e9ba061a67c2
Author: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Date: Mon Apr 24 15:04:53 2017 -0400
xen: Revert commits da72ff5bfcb0 and 72a9b186292d
Recent discussion (http://marc.info/?l=xen-devel&m=149192184523741)
established that commit 72a9b186292d ("xen: Remove event channel
notification through Xen PCI platform device") (and thus commit
da72ff5bfcb0 ("partially revert "xen: Remove event channel
notification through Xen PCI platform device"")) are unnecessary and,
in fact, prevent HVM guests from booting on Xen releases prior to 4.0
Therefore we revert both of those commits.
The summary of that discussion is below:
Here is the brief summary of the current situation:
Before the offending commit (72a9b186292):
1) INTx does not work because of the reset_watches path.
2) The reset_watches path is only taken if you have Xen > 4.0
3) The Linux Kernel by default will use vector inject if the hypervisor
support. So even INTx does not work no body running the kernel with
Xen > 4.0 would notice. Unless he explicitly disabled this feature
either in the kernel or in Xen (and this can only be disabled by
modifying the code, not user-supported way to do it).
After the offending commit (+ partial revert):
1) INTx is no longer support for HVM (only for PV guests).
2) Any HVM guest The kernel will not boot on Xen < 4.0 which does
not have vector injection support. Since the only other mode
supported is INTx which.
So based on this summary, I think before commit (72a9b186292) we were
in much better position from a user point of view.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 5f6a1614fab801834e32b420b60acdc27acfcdec
Author: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Date: Fri Apr 21 11:13:14 2017 -0400
xen/pvh: Do not fill kernel's e820 map in init_pvh_bootparams()
e820 map is updated with information from the zeropage (i.e. pvh_bootparams)
by default_machine_specific_memory_setup(). With the way things are done
now, we end up with a duplicated e820 map.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 6483e3135a693548874429db901c0544d3a9b4cd
Author: Geliang Tang <geliangtang@gmail.com>
Date: Sat Apr 22 09:21:13 2017 +0800
xen/scsifront: use offset_in_page() macro
Use offset_in_page() macro instead of open-coding.
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit d5ff5061c35448525fcb38950f06af6b9ae12c04
Author: Stefano Stabellini <sstabellini@kernel.org>
Date: Thu Apr 13 14:04:22 2017 -0700
xen/arm,arm64: rename __generic_dma_ops to xen_get_dma_ops
Now that __generic_dma_ops is a xen specific function, rename it to
xen_get_dma_ops. Change all the call sites appropriately.
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
CC: linux@armlinux.org.uk
CC: catalin.marinas@arm.com
CC: will.deacon@arm.com
CC: boris.ostrovsky@oracle.com
CC: jgross@suse.com
CC: Julien Grall <julien.grall@arm.com>
commit e058632670b709145730a134acc3f83f392f7aa7
Author: Stefano Stabellini <sstabellini@kernel.org>
Date: Thu Apr 13 14:04:21 2017 -0700
xen/arm,arm64: fix xen_dma_ops after 815dd18 "Consolidate get_dma_ops..."
The following commit:
commit 815dd18788fe0d41899f51b91d0560279cf16b0d
Author: Bart Van Assche <bart.vanassche@sandisk.com>
Date: Fri Jan 20 13:04:04 2017 -0800
treewide: Consolidate get_dma_ops() implementations
rearranges get_dma_ops in a way that xen_dma_ops are not returned when
running on Xen anymore, dev->dma_ops is returned instead (see
arch/arm/include/asm/dma-mapping.h:get_arch_dma_ops and
include/linux/dma-mapping.h:get_dma_ops).
Fix the problem by storing dev->dma_ops in dev_archdata, and setting
dev->dma_ops to xen_dma_ops. This way, xen_dma_ops is returned naturally
by get_dma_ops. The Xen code can retrieve the original dev->dma_ops from
dev_archdata when needed. It also allows us to remove __generic_dma_ops
from common headers.
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Tested-by: Julien Grall <julien.grall@arm.com>
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: <stable@vger.kernel.org> [4.11+]
CC: linux@armlinux.org.uk
CC: catalin.marinas@arm.com
CC: will.deacon@arm.com
CC: boris.ostrovsky@oracle.com
CC: jgross@suse.com
CC: Julien Grall <julien.grall@arm.com>
commit 4a806016223c6df131280c82f1ed69c820b6a9ff
Author: Arnd Bergmann <arnd@arndb.de>
Date: Wed Apr 19 19:06:39 2017 +0200
xen/9pfs: select CONFIG_XEN_XENBUS_FRONTEND
All Xen frontends need to select this symbol to avoid a link error:
net/built-in.o: In function `p9_trans_xen_init':
:(.text+0x149e9c): undefined reference to `__xenbus_register_frontend'
Fixes: d4b40a02f837 ("xen/9pfs: build 9pfs Xen transport driver")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
commit 65f9d65443b5512f74248a3eb56731fbb0b337b8
Author: Juergen Gross <jgross@suse.com>
Date: Thu Apr 13 09:42:03 2017 +0200
x86/cpu: remove hypervisor specific set_cpu_features
There is no user of x86_hyper->set_cpu_features() any more. Remove it.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit d40342a2ac035444897e5952ea72a50440a2a028
Author: Juergen Gross <jgross@suse.com>
Date: Thu Apr 13 09:37:20 2017 +0200
vmware: set cpu capabilities during platform initialization
There is no need to set the same capabilities for each cpu
individually. This can be done for all cpus in platform initialization.
Cc: Alok Kataria <akataria@vmware.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
Cc: virtualization@lists.linux-foundation.org
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Acked-by: Alok Kataria <akataria@vmware.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 6807cf65f5ba6f2902ab64355d71506b9c14a9dd
Author: Juergen Gross <jgross@suse.com>
Date: Wed Apr 12 15:12:09 2017 +0200
x86/xen: use capabilities instead of fake cpuid values for xsave
When running as pv domain xen_cpuid() is being used instead of
native_cpuid(). In xen_cpuid() the xsave feature availability is
indicated by special casing the related cpuid leaf.
Instead of delivering fake cpuid values set or clear the cpu
capability bits for xsave instead.
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit e657fccb799b970bd1f152e22e13f20e0de7adb5
Author: Juergen Gross <jgross@suse.com>
Date: Wed Apr 12 12:45:57 2017 +0200
x86/xen: use capabilities instead of fake cpuid values for x2apic
When running as pv domain xen_cpuid() is being used instead of
native_cpuid(). In xen_cpuid() the x2apic feature is indicated as not
being present by special casing the related cpuid leaf.
Instead of delivering fake cpuid values clear the cpu capability bit
for x2apic instead.
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit ea01598b4bc453ed513e9d482a43c14557042ec9
Author: Juergen Gross <jgross@suse.com>
Date: Wed Apr 12 12:37:00 2017 +0200
x86/xen: use capabilities instead of fake cpuid values for mwait
When running as pv domain xen_cpuid() is being used instead of
native_cpuid(). In xen_cpuid() the mwait feature is indicated to be
present or not by special casing the related cpuid leaf.
Instead of delivering fake cpuid values use the cpu capability bit
for mwait instead.
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit b778d6bf63e0a07ceb2258ce9bd996dbaaa11bfa
Author: Juergen Gross <jgross@suse.com>
Date: Wed Apr 12 09:27:47 2017 +0200
x86/xen: use capabilities instead of fake cpuid values for acpi
When running as pv domain xen_cpuid() is being used instead of
native_cpuid(). In xen_cpuid() the acpi feature is indicated as not
being present by special casing the related cpuid leaf in case we
are not the initial domain.
Instead of delivering fake cpuid values clear the cpu capability bit
for acpi instead.
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit aa1071562937d1b66b07db48e3dbafe136027f01
Author: Juergen Gross <jgross@suse.com>
Date: Wed Apr 12 09:24:01 2017 +0200
x86/xen: use capabilities instead of fake cpuid values for acc
When running as pv domain xen_cpuid() is being used instead of
native_cpuid(). In xen_cpuid() the acc feature (thermal monitoring)
is indicated as not being present by special casing the related
cpuid leaf.
Instead of delivering fake cpuid values clear the cpu capability bit
for acc instead.
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
commit 88f3256f21d958d0773bf93523ad12d2ddaf3006
Author: Juergen Gross <jgross@suse.com>
Date: Wed Apr 12 09:21:05 2017 +0200
x86/xen: use capabilities instead of fake cpuid values for mtrr
When running as pv domain xen_cpuid() is being used instead of
native_cpuid(). In xen_cpuid() the mtrr feature is indicated as not
being present by special casing the related cpuid leaf.
Instead of delivering fake cpuid values clear the cpu capability bit
for mtrr instead.
Signed-off-by: Juergen Gross <jgro…
|
Upstream fix: https://marc.info/?t=149436126600003&r=1&w=2 |
|
The upstream fix is now in Linus' tree so merged via 82e6551 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Test for simplified normalized NETFILTER_PKT audit message.
Check for receipt of each nfmarked packet and for correct number of fields.
See: linux-audit/audit-kernel#11
Signed-off-by: Richard Guy Briggs rgb@redhat.com