Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'net-6.5-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Pull networking fixes from Jakub Kicinski:
"Including fixes from BPF, netfilter, bluetooth and CAN.
Current release - regressions:
- eth: r8169: multiple fixes for PCIe ASPM-related problems
- vrf: fix RCU lockdep splat in output path
Previous releases - regressions:
- gso: fall back to SW segmenting with GSO_UDP_L4 dodgy bit set
- dsa: mv88e6xxx: do a final check before timing out when polling
- nf_tables: fix sleep in atomic in nft_chain_validate
Previous releases - always broken:
- sched: fix undoing tcf_bind_filter() in multiple classifiers
- bpf, arm64: fix BTI type used for freplace attached functions
- can: gs_usb: fix time stamp counter initialization
- nft_set_pipapo: fix improper element removal (leading to UAF)
Misc:
- net: support STP on bridge in non-root netns, STP prevents packet
loops so not supporting it results in freezing systems of
unsuspecting users, and in turn very upset noises being made
- fix kdoc warnings
- annotate various bits of TCP state to prevent data races"
* tag 'net-6.5-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (95 commits)
net: phy: prevent stale pointer dereference in phy_init()
tcp: annotate data-races around fastopenq.max_qlen
tcp: annotate data-races around icsk->icsk_user_timeout
tcp: annotate data-races around tp->notsent_lowat
tcp: annotate data-races around rskq_defer_accept
tcp: annotate data-races around tp->linger2
tcp: annotate data-races around icsk->icsk_syn_retries
tcp: annotate data-races around tp->keepalive_probes
tcp: annotate data-races around tp->keepalive_intvl
tcp: annotate data-races around tp->keepalive_time
tcp: annotate data-races around tp->tsoffset
tcp: annotate data-races around tp->tcp_tx_delay
Bluetooth: MGMT: Use correct address for memcpy()
Bluetooth: btusb: Fix bluetooth on Intel Macbook 2014
Bluetooth: SCO: fix sco_conn related locking and validity issues
Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link
Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor()
Bluetooth: coredump: fix building with coredump disabled
Bluetooth: ISO: fix iso_conn related locking and validity issues
Bluetooth: hci_event: call disconnect callback before deleting conn
...
+1155
-716
+3
.mailmap
+3
.mailmap
···
241
241
Johan Hovold <johan@kernel.org> <jhovold@gmail.com>
242
242
Johan Hovold <johan@kernel.org> <johan@hovoldconsulting.com>
243
243
John Crispin <john@phrozen.org> <blogic@openwrt.org>
244
+
John Fastabend <john.fastabend@gmail.com> <john.r.fastabend@intel.com>
244
245
John Keeping <john@keeping.me.uk> <john@metanate.com>
245
246
John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
246
247
John Stultz <johnstul@us.ibm.com>
···
455
454
Sedat Dilek <sedat.dilek@gmail.com> <sedat.dilek@credativ.de>
456
455
Seth Forshee <sforshee@kernel.org> <seth.forshee@canonical.com>
457
456
Shannon Nelson <shannon.nelson@amd.com> <snelson@pensando.io>
457
+
Shannon Nelson <shannon.nelson@amd.com> <shannon.nelson@intel.com>
458
+
Shannon Nelson <shannon.nelson@amd.com> <shannon.nelson@oracle.com>
458
459
Shiraz Hashim <shiraz.linux.kernel@gmail.com> <shiraz.hashim@st.com>
459
460
Shuah Khan <shuah@kernel.org> <shuahkhan@gmail.com>
460
461
Shuah Khan <shuah@kernel.org> <shuah.khan@hp.com>
+7
-1
arch/arm64/net/bpf_jit_comp.c
+7
-1
arch/arm64/net/bpf_jit_comp.c
···
322
322
*
323
323
*/
324
324
325
-
emit_bti(A64_BTI_C, ctx);
325
+
/* bpf function may be invoked by 3 instruction types:
326
+
* 1. bl, attached via freplace to bpf prog via short jump
327
+
* 2. br, attached via freplace to bpf prog via long jump
328
+
* 3. blr, working as a function pointer, used by emit_call.
329
+
* So BTI_JC should used here to support both br and blr.
330
+
*/
331
+
emit_bti(A64_BTI_JC, ctx);
326
332
327
333
emit(A64_MOV(1, A64_R(9), A64_LR), ctx);
328
334
emit(A64_NOP, ctx);
+1
drivers/bluetooth/btusb.c
+1
drivers/bluetooth/btusb.c
+8
-2
drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c
+8
-2
drivers/net/can/spi/mcp251xfd/mcp251xfd-core.c
···
227
227
__mcp251xfd_chip_set_mode(const struct mcp251xfd_priv *priv,
228
228
const u8 mode_req, bool nowait)
229
229
{
230
+
const struct can_bittiming *bt = &priv->can.bittiming;
231
+
unsigned long timeout_us = MCP251XFD_POLL_TIMEOUT_US;
230
232
u32 con = 0, con_reqop, osc = 0;
231
233
u8 mode;
232
234
int err;
···
248
246
if (mode_req == MCP251XFD_REG_CON_MODE_SLEEP || nowait)
249
247
return 0;
250
248
249
+
if (bt->bitrate)
250
+
timeout_us = max_t(unsigned long, timeout_us,
251
+
MCP251XFD_FRAME_LEN_MAX_BITS * USEC_PER_SEC /
252
+
bt->bitrate);
253
+
251
254
err = regmap_read_poll_timeout(priv->map_reg, MCP251XFD_REG_CON, con,
252
255
!mcp251xfd_reg_invalid(con) &&
253
256
FIELD_GET(MCP251XFD_REG_CON_OPMOD_MASK,
254
257
con) == mode_req,
255
-
MCP251XFD_POLL_SLEEP_US,
256
-
MCP251XFD_POLL_TIMEOUT_US);
258
+
MCP251XFD_POLL_SLEEP_US, timeout_us);
257
259
if (err != -ETIMEDOUT && err != -EBADMSG)
258
260
return err;
259
261
+1
drivers/net/can/spi/mcp251xfd/mcp251xfd.h
+1
drivers/net/can/spi/mcp251xfd/mcp251xfd.h
···
387
387
#define MCP251XFD_OSC_STAB_TIMEOUT_US (10 * MCP251XFD_OSC_STAB_SLEEP_US)
388
388
#define MCP251XFD_POLL_SLEEP_US (10)
389
389
#define MCP251XFD_POLL_TIMEOUT_US (USEC_PER_MSEC)
390
+
#define MCP251XFD_FRAME_LEN_MAX_BITS (736)
390
391
391
392
/* Misc */
392
393
#define MCP251XFD_NAPI_WEIGHT 32
+74
-56
drivers/net/can/usb/gs_usb.c
+74
-56
drivers/net/can/usb/gs_usb.c
···
303
303
struct can_bittiming_const bt_const, data_bt_const;
304
304
unsigned int channel; /* channel number */
305
305
306
-
/* time counter for hardware timestamps */
307
-
struct cyclecounter cc;
308
-
struct timecounter tc;
309
-
spinlock_t tc_lock; /* spinlock to guard access tc->cycle_last */
310
-
struct delayed_work timestamp;
311
-
312
306
u32 feature;
313
307
unsigned int hf_size_tx;
314
308
···
319
325
struct gs_can *canch[GS_MAX_INTF];
320
326
struct usb_anchor rx_submitted;
321
327
struct usb_device *udev;
328
+
329
+
/* time counter for hardware timestamps */
330
+
struct cyclecounter cc;
331
+
struct timecounter tc;
332
+
spinlock_t tc_lock; /* spinlock to guard access tc->cycle_last */
333
+
struct delayed_work timestamp;
334
+
322
335
unsigned int hf_size_rx;
323
336
u8 active_channels;
324
337
};
···
389
388
GFP_KERNEL);
390
389
}
391
390
392
-
static inline int gs_usb_get_timestamp(const struct gs_can *dev,
391
+
static inline int gs_usb_get_timestamp(const struct gs_usb *parent,
393
392
u32 *timestamp_p)
394
393
{
395
394
__le32 timestamp;
396
395
int rc;
397
396
398
-
rc = usb_control_msg_recv(dev->udev, 0, GS_USB_BREQ_TIMESTAMP,
397
+
rc = usb_control_msg_recv(parent->udev, 0, GS_USB_BREQ_TIMESTAMP,
399
398
USB_DIR_IN | USB_TYPE_VENDOR | USB_RECIP_INTERFACE,
400
-
dev->channel, 0,
399
+
0, 0,
401
400
×tamp, sizeof(timestamp),
402
401
USB_CTRL_GET_TIMEOUT,
403
402
GFP_KERNEL);
···
411
410
412
411
static u64 gs_usb_timestamp_read(const struct cyclecounter *cc) __must_hold(&dev->tc_lock)
413
412
{
414
-
struct gs_can *dev = container_of(cc, struct gs_can, cc);
413
+
struct gs_usb *parent = container_of(cc, struct gs_usb, cc);
415
414
u32 timestamp = 0;
416
415
int err;
417
416
418
-
lockdep_assert_held(&dev->tc_lock);
417
+
lockdep_assert_held(&parent->tc_lock);
419
418
420
419
/* drop lock for synchronous USB transfer */
421
-
spin_unlock_bh(&dev->tc_lock);
422
-
err = gs_usb_get_timestamp(dev, ×tamp);
423
-
spin_lock_bh(&dev->tc_lock);
420
+
spin_unlock_bh(&parent->tc_lock);
421
+
err = gs_usb_get_timestamp(parent, ×tamp);
422
+
spin_lock_bh(&parent->tc_lock);
424
423
if (err)
425
-
netdev_err(dev->netdev,
426
-
"Error %d while reading timestamp. HW timestamps may be inaccurate.",
427
-
err);
424
+
dev_err(&parent->udev->dev,
425
+
"Error %d while reading timestamp. HW timestamps may be inaccurate.",
426
+
err);
428
427
429
428
return timestamp;
430
429
}
···
432
431
static void gs_usb_timestamp_work(struct work_struct *work)
433
432
{
434
433
struct delayed_work *delayed_work = to_delayed_work(work);
435
-
struct gs_can *dev;
434
+
struct gs_usb *parent;
436
435
437
-
dev = container_of(delayed_work, struct gs_can, timestamp);
438
-
spin_lock_bh(&dev->tc_lock);
439
-
timecounter_read(&dev->tc);
440
-
spin_unlock_bh(&dev->tc_lock);
436
+
parent = container_of(delayed_work, struct gs_usb, timestamp);
437
+
spin_lock_bh(&parent->tc_lock);
438
+
timecounter_read(&parent->tc);
439
+
spin_unlock_bh(&parent->tc_lock);
441
440
442
-
schedule_delayed_work(&dev->timestamp,
441
+
schedule_delayed_work(&parent->timestamp,
443
442
GS_USB_TIMESTAMP_WORK_DELAY_SEC * HZ);
444
443
}
445
444
···
447
446
struct sk_buff *skb, u32 timestamp)
448
447
{
449
448
struct skb_shared_hwtstamps *hwtstamps = skb_hwtstamps(skb);
449
+
struct gs_usb *parent = dev->parent;
450
450
u64 ns;
451
451
452
-
spin_lock_bh(&dev->tc_lock);
453
-
ns = timecounter_cyc2time(&dev->tc, timestamp);
454
-
spin_unlock_bh(&dev->tc_lock);
452
+
spin_lock_bh(&parent->tc_lock);
453
+
ns = timecounter_cyc2time(&parent->tc, timestamp);
454
+
spin_unlock_bh(&parent->tc_lock);
455
455
456
456
hwtstamps->hwtstamp = ns_to_ktime(ns);
457
457
}
458
458
459
-
static void gs_usb_timestamp_init(struct gs_can *dev)
459
+
static void gs_usb_timestamp_init(struct gs_usb *parent)
460
460
{
461
-
struct cyclecounter *cc = &dev->cc;
461
+
struct cyclecounter *cc = &parent->cc;
462
462
463
463
cc->read = gs_usb_timestamp_read;
464
464
cc->mask = CYCLECOUNTER_MASK(32);
465
465
cc->shift = 32 - bits_per(NSEC_PER_SEC / GS_USB_TIMESTAMP_TIMER_HZ);
466
466
cc->mult = clocksource_hz2mult(GS_USB_TIMESTAMP_TIMER_HZ, cc->shift);
467
467
468
-
spin_lock_init(&dev->tc_lock);
469
-
spin_lock_bh(&dev->tc_lock);
470
-
timecounter_init(&dev->tc, &dev->cc, ktime_get_real_ns());
471
-
spin_unlock_bh(&dev->tc_lock);
468
+
spin_lock_init(&parent->tc_lock);
469
+
spin_lock_bh(&parent->tc_lock);
470
+
timecounter_init(&parent->tc, &parent->cc, ktime_get_real_ns());
471
+
spin_unlock_bh(&parent->tc_lock);
472
472
473
-
INIT_DELAYED_WORK(&dev->timestamp, gs_usb_timestamp_work);
474
-
schedule_delayed_work(&dev->timestamp,
473
+
INIT_DELAYED_WORK(&parent->timestamp, gs_usb_timestamp_work);
474
+
schedule_delayed_work(&parent->timestamp,
475
475
GS_USB_TIMESTAMP_WORK_DELAY_SEC * HZ);
476
476
}
477
477
478
-
static void gs_usb_timestamp_stop(struct gs_can *dev)
478
+
static void gs_usb_timestamp_stop(struct gs_usb *parent)
479
479
{
480
-
cancel_delayed_work_sync(&dev->timestamp);
480
+
cancel_delayed_work_sync(&parent->timestamp);
481
481
}
482
482
483
483
static void gs_update_state(struct gs_can *dev, struct can_frame *cf)
···
561
559
562
560
if (!netif_device_present(netdev))
563
561
return;
562
+
563
+
if (!netif_running(netdev))
564
+
goto resubmit_urb;
564
565
565
566
if (hf->echo_id == -1) { /* normal rx */
566
567
if (hf->flags & GS_CAN_FLAG_FD) {
···
838
833
.mode = cpu_to_le32(GS_CAN_MODE_START),
839
834
};
840
835
struct gs_host_frame *hf;
836
+
struct urb *urb = NULL;
841
837
u32 ctrlmode;
842
838
u32 flags = 0;
843
839
int rc, i;
···
861
855
}
862
856
863
857
if (!parent->active_channels) {
858
+
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP)
859
+
gs_usb_timestamp_init(parent);
860
+
864
861
for (i = 0; i < GS_MAX_RX_URBS; i++) {
865
-
struct urb *urb;
866
862
u8 *buf;
867
863
868
864
/* alloc rx urb */
869
865
urb = usb_alloc_urb(0, GFP_KERNEL);
870
-
if (!urb)
871
-
return -ENOMEM;
866
+
if (!urb) {
867
+
rc = -ENOMEM;
868
+
goto out_usb_kill_anchored_urbs;
869
+
}
872
870
873
871
/* alloc rx buffer */
874
872
buf = kmalloc(dev->parent->hf_size_rx,
···
880
870
if (!buf) {
881
871
netdev_err(netdev,
882
872
"No memory left for USB buffer\n");
883
-
usb_free_urb(urb);
884
-
return -ENOMEM;
873
+
rc = -ENOMEM;
874
+
goto out_usb_free_urb;
885
875
}
886
876
887
877
/* fill, anchor, and submit rx urb */
···
904
894
netdev_err(netdev,
905
895
"usb_submit failed (err=%d)\n", rc);
906
896
907
-
usb_unanchor_urb(urb);
908
-
usb_free_urb(urb);
909
-
break;
897
+
goto out_usb_unanchor_urb;
910
898
}
911
899
912
900
/* Drop reference,
···
934
926
flags |= GS_CAN_MODE_FD;
935
927
936
928
/* if hardware supports timestamps, enable it */
937
-
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP) {
929
+
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP)
938
930
flags |= GS_CAN_MODE_HW_TIMESTAMP;
939
-
940
-
/* start polling timestamp */
941
-
gs_usb_timestamp_init(dev);
942
-
}
943
931
944
932
/* finally start device */
945
933
dev->can.state = CAN_STATE_ERROR_ACTIVE;
···
946
942
GFP_KERNEL);
947
943
if (rc) {
948
944
netdev_err(netdev, "Couldn't start device (err=%d)\n", rc);
949
-
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP)
950
-
gs_usb_timestamp_stop(dev);
951
945
dev->can.state = CAN_STATE_STOPPED;
952
-
return rc;
946
+
947
+
goto out_usb_kill_anchored_urbs;
953
948
}
954
949
955
950
parent->active_channels++;
···
956
953
netif_start_queue(netdev);
957
954
958
955
return 0;
956
+
957
+
out_usb_unanchor_urb:
958
+
usb_unanchor_urb(urb);
959
+
out_usb_free_urb:
960
+
usb_free_urb(urb);
961
+
out_usb_kill_anchored_urbs:
962
+
if (!parent->active_channels) {
963
+
usb_kill_anchored_urbs(&dev->tx_submitted);
964
+
965
+
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP)
966
+
gs_usb_timestamp_stop(parent);
967
+
}
968
+
969
+
close_candev(netdev);
970
+
971
+
return rc;
959
972
}
960
973
961
974
static int gs_usb_get_state(const struct net_device *netdev,
···
1017
998
1018
999
netif_stop_queue(netdev);
1019
1000
1020
-
/* stop polling timestamp */
1021
-
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP)
1022
-
gs_usb_timestamp_stop(dev);
1023
-
1024
1001
/* Stop polling */
1025
1002
parent->active_channels--;
1026
1003
if (!parent->active_channels) {
1027
1004
usb_kill_anchored_urbs(&parent->rx_submitted);
1005
+
1006
+
if (dev->feature & GS_CAN_FEATURE_HW_TIMESTAMP)
1007
+
gs_usb_timestamp_stop(parent);
1028
1008
}
1029
1009
1030
1010
/* Stop sending URBs */
+7
-1
drivers/net/dsa/microchip/ksz8795.c
+7
-1
drivers/net/dsa/microchip/ksz8795.c
···
506
506
(data_hi & masks[STATIC_MAC_TABLE_FWD_PORTS]) >>
507
507
shifts[STATIC_MAC_FWD_PORTS];
508
508
alu->is_override = (data_hi & masks[STATIC_MAC_TABLE_OVERRIDE]) ? 1 : 0;
509
-
data_hi >>= 1;
509
+
510
+
/* KSZ8795 family switches have STATIC_MAC_TABLE_USE_FID and
511
+
* STATIC_MAC_TABLE_FID definitions off by 1 when doing read on the
512
+
* static MAC table compared to doing write.
513
+
*/
514
+
if (ksz_is_ksz87xx(dev))
515
+
data_hi >>= 1;
510
516
alu->is_static = true;
511
517
alu->is_use_fid = (data_hi & masks[STATIC_MAC_TABLE_USE_FID]) ? 1 : 0;
512
518
alu->fid = (data_hi & masks[STATIC_MAC_TABLE_FID]) >>
+4
-4
drivers/net/dsa/microchip/ksz_common.c
+4
-4
drivers/net/dsa/microchip/ksz_common.c
···
331
331
[STATIC_MAC_TABLE_VALID] = BIT(21),
332
332
[STATIC_MAC_TABLE_USE_FID] = BIT(23),
333
333
[STATIC_MAC_TABLE_FID] = GENMASK(30, 24),
334
-
[STATIC_MAC_TABLE_OVERRIDE] = BIT(26),
335
-
[STATIC_MAC_TABLE_FWD_PORTS] = GENMASK(24, 20),
334
+
[STATIC_MAC_TABLE_OVERRIDE] = BIT(22),
335
+
[STATIC_MAC_TABLE_FWD_PORTS] = GENMASK(20, 16),
336
336
[DYNAMIC_MAC_TABLE_ENTRIES_H] = GENMASK(6, 0),
337
-
[DYNAMIC_MAC_TABLE_MAC_EMPTY] = BIT(8),
337
+
[DYNAMIC_MAC_TABLE_MAC_EMPTY] = BIT(7),
338
338
[DYNAMIC_MAC_TABLE_NOT_READY] = BIT(7),
339
339
[DYNAMIC_MAC_TABLE_ENTRIES] = GENMASK(31, 29),
340
-
[DYNAMIC_MAC_TABLE_FID] = GENMASK(26, 20),
340
+
[DYNAMIC_MAC_TABLE_FID] = GENMASK(22, 16),
341
341
[DYNAMIC_MAC_TABLE_SRC_PORT] = GENMASK(26, 24),
342
342
[DYNAMIC_MAC_TABLE_TIMESTAMP] = GENMASK(28, 27),
343
343
[P_MII_TX_FLOW_CTRL] = BIT(5),
+7
drivers/net/dsa/microchip/ksz_common.h
+7
drivers/net/dsa/microchip/ksz_common.h
···
601
601
mutex_unlock(mtx);
602
602
}
603
603
604
+
static inline bool ksz_is_ksz87xx(struct ksz_device *dev)
605
+
{
606
+
return dev->chip_id == KSZ8795_CHIP_ID ||
607
+
dev->chip_id == KSZ8794_CHIP_ID ||
608
+
dev->chip_id == KSZ8765_CHIP_ID;
609
+
}
610
+
604
611
static inline bool ksz_is_ksz88x3(struct ksz_device *dev)
605
612
{
606
613
return dev->chip_id == KSZ8830_CHIP_ID;
+7
drivers/net/dsa/mv88e6xxx/chip.c
+7
drivers/net/dsa/mv88e6xxx/chip.c
···
109
109
usleep_range(1000, 2000);
110
110
}
111
111
112
+
err = mv88e6xxx_read(chip, addr, reg, &data);
113
+
if (err)
114
+
return err;
115
+
116
+
if ((data & mask) == val)
117
+
return 0;
118
+
112
119
dev_err(chip->dev, "Timeout while waiting for switch\n");
113
120
return -ETIMEDOUT;
114
121
}
+2
-2
drivers/net/dsa/qca/ar9331.c
+2
-2
drivers/net/dsa/qca/ar9331.c
···
1002
1002
.val_bits = 32,
1003
1003
.reg_stride = 4,
1004
1004
.max_register = AR9331_SW_REG_PAGE,
1005
+
.use_single_read = true,
1006
+
.use_single_write = true,
1005
1007
1006
1008
.ranges = ar9331_regmap_range,
1007
1009
.num_ranges = ARRAY_SIZE(ar9331_regmap_range),
···
1020
1018
.val_format_endian_default = REGMAP_ENDIAN_NATIVE,
1021
1019
.read = ar9331_mdio_read,
1022
1020
.write = ar9331_sw_bus_write,
1023
-
.max_raw_read = 4,
1024
-
.max_raw_write = 4,
1025
1021
};
1026
1022
1027
1023
static int ar9331_sw_probe(struct mdio_device *mdiodev)
-5
drivers/net/ethernet/brocade/bna/bnad_debugfs.c
-5
drivers/net/ethernet/brocade/bna/bnad_debugfs.c
···
512
512
if (!bnad->port_debugfs_root) {
513
513
bnad->port_debugfs_root =
514
514
debugfs_create_dir(name, bna_debugfs_root);
515
-
if (!bnad->port_debugfs_root) {
516
-
netdev_warn(bnad->netdev,
517
-
"debugfs root dir creation failed\n");
518
-
return;
519
-
}
520
515
521
516
atomic_inc(&bna_debugfs_port_count);
522
517
+5
-1
drivers/net/ethernet/intel/iavf/iavf.h
+5
-1
drivers/net/ethernet/intel/iavf/iavf.h
···
255
255
struct workqueue_struct *wq;
256
256
struct work_struct reset_task;
257
257
struct work_struct adminq_task;
258
+
struct work_struct finish_config;
258
259
struct delayed_work client_task;
259
260
wait_queue_head_t down_waitqueue;
261
+
wait_queue_head_t reset_waitqueue;
260
262
wait_queue_head_t vc_waitqueue;
261
263
struct iavf_q_vector *q_vectors;
262
264
struct list_head vlan_filter_list;
···
520
518
void iavf_down(struct iavf_adapter *adapter);
521
519
int iavf_process_config(struct iavf_adapter *adapter);
522
520
int iavf_parse_vf_resource_msg(struct iavf_adapter *adapter);
523
-
void iavf_schedule_reset(struct iavf_adapter *adapter);
521
+
void iavf_schedule_reset(struct iavf_adapter *adapter, u64 flags);
524
522
void iavf_schedule_request_stats(struct iavf_adapter *adapter);
523
+
void iavf_schedule_finish_config(struct iavf_adapter *adapter);
525
524
void iavf_reset(struct iavf_adapter *adapter);
526
525
void iavf_set_ethtool_ops(struct net_device *netdev);
527
526
void iavf_update_stats(struct iavf_adapter *adapter);
···
585
582
void iavf_del_adv_rss_cfg(struct iavf_adapter *adapter);
586
583
struct iavf_mac_filter *iavf_add_filter(struct iavf_adapter *adapter,
587
584
const u8 *macaddr);
585
+
int iavf_wait_for_reset(struct iavf_adapter *adapter);
588
586
#endif /* _IAVF_H_ */
+18
-21
drivers/net/ethernet/intel/iavf/iavf_ethtool.c
+18
-21
drivers/net/ethernet/intel/iavf/iavf_ethtool.c
···
484
484
{
485
485
struct iavf_adapter *adapter = netdev_priv(netdev);
486
486
u32 orig_flags, new_flags, changed_flags;
487
+
int ret = 0;
487
488
u32 i;
488
489
489
490
orig_flags = READ_ONCE(adapter->flags);
···
532
531
/* issue a reset to force legacy-rx change to take effect */
533
532
if (changed_flags & IAVF_FLAG_LEGACY_RX) {
534
533
if (netif_running(netdev)) {
535
-
adapter->flags |= IAVF_FLAG_RESET_NEEDED;
536
-
queue_work(adapter->wq, &adapter->reset_task);
534
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_NEEDED);
535
+
ret = iavf_wait_for_reset(adapter);
536
+
if (ret)
537
+
netdev_warn(netdev, "Changing private flags timeout or interrupted waiting for reset");
537
538
}
538
539
}
539
540
540
-
return 0;
541
+
return ret;
541
542
}
542
543
543
544
/**
···
630
627
{
631
628
struct iavf_adapter *adapter = netdev_priv(netdev);
632
629
u32 new_rx_count, new_tx_count;
630
+
int ret = 0;
633
631
634
632
if ((ring->rx_mini_pending) || (ring->rx_jumbo_pending))
635
633
return -EINVAL;
···
675
671
}
676
672
677
673
if (netif_running(netdev)) {
678
-
adapter->flags |= IAVF_FLAG_RESET_NEEDED;
679
-
queue_work(adapter->wq, &adapter->reset_task);
674
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_NEEDED);
675
+
ret = iavf_wait_for_reset(adapter);
676
+
if (ret)
677
+
netdev_warn(netdev, "Changing ring parameters timeout or interrupted waiting for reset");
680
678
}
681
679
682
-
return 0;
680
+
return ret;
683
681
}
684
682
685
683
/**
···
1836
1830
{
1837
1831
struct iavf_adapter *adapter = netdev_priv(netdev);
1838
1832
u32 num_req = ch->combined_count;
1839
-
int i;
1833
+
int ret = 0;
1840
1834
1841
1835
if ((adapter->vf_res->vf_cap_flags & VIRTCHNL_VF_OFFLOAD_ADQ) &&
1842
1836
adapter->num_tc) {
···
1858
1852
1859
1853
adapter->num_req_queues = num_req;
1860
1854
adapter->flags |= IAVF_FLAG_REINIT_ITR_NEEDED;
1861
-
iavf_schedule_reset(adapter);
1855
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_NEEDED);
1862
1856
1863
-
/* wait for the reset is done */
1864
-
for (i = 0; i < IAVF_RESET_WAIT_COMPLETE_COUNT; i++) {
1865
-
msleep(IAVF_RESET_WAIT_MS);
1866
-
if (adapter->flags & IAVF_FLAG_RESET_PENDING)
1867
-
continue;
1868
-
break;
1869
-
}
1870
-
if (i == IAVF_RESET_WAIT_COMPLETE_COUNT) {
1871
-
adapter->flags &= ~IAVF_FLAG_REINIT_ITR_NEEDED;
1872
-
adapter->num_active_queues = num_req;
1873
-
return -EOPNOTSUPP;
1874
-
}
1857
+
ret = iavf_wait_for_reset(adapter);
1858
+
if (ret)
1859
+
netdev_warn(netdev, "Changing channel count timeout or interrupted waiting for reset");
1875
1860
1876
-
return 0;
1861
+
return ret;
1877
1862
}
1878
1863
1879
1864
/**
+150
-87
drivers/net/ethernet/intel/iavf/iavf_main.c
+150
-87
drivers/net/ethernet/intel/iavf/iavf_main.c
···
167
167
}
168
168
169
169
/**
170
+
* iavf_is_reset_in_progress - Check if a reset is in progress
171
+
* @adapter: board private structure
172
+
*/
173
+
static bool iavf_is_reset_in_progress(struct iavf_adapter *adapter)
174
+
{
175
+
if (adapter->state == __IAVF_RESETTING ||
176
+
adapter->flags & (IAVF_FLAG_RESET_PENDING |
177
+
IAVF_FLAG_RESET_NEEDED))
178
+
return true;
179
+
180
+
return false;
181
+
}
182
+
183
+
/**
184
+
* iavf_wait_for_reset - Wait for reset to finish.
185
+
* @adapter: board private structure
186
+
*
187
+
* Returns 0 if reset finished successfully, negative on timeout or interrupt.
188
+
*/
189
+
int iavf_wait_for_reset(struct iavf_adapter *adapter)
190
+
{
191
+
int ret = wait_event_interruptible_timeout(adapter->reset_waitqueue,
192
+
!iavf_is_reset_in_progress(adapter),
193
+
msecs_to_jiffies(5000));
194
+
195
+
/* If ret < 0 then it means wait was interrupted.
196
+
* If ret == 0 then it means we got a timeout while waiting
197
+
* for reset to finish.
198
+
* If ret > 0 it means reset has finished.
199
+
*/
200
+
if (ret > 0)
201
+
return 0;
202
+
else if (ret < 0)
203
+
return -EINTR;
204
+
else
205
+
return -EBUSY;
206
+
}
207
+
208
+
/**
170
209
* iavf_allocate_dma_mem_d - OS specific memory alloc for shared code
171
210
* @hw: pointer to the HW structure
172
211
* @mem: ptr to mem struct to fill out
···
301
262
/**
302
263
* iavf_schedule_reset - Set the flags and schedule a reset event
303
264
* @adapter: board private structure
265
+
* @flags: IAVF_FLAG_RESET_PENDING or IAVF_FLAG_RESET_NEEDED
304
266
**/
305
-
void iavf_schedule_reset(struct iavf_adapter *adapter)
267
+
void iavf_schedule_reset(struct iavf_adapter *adapter, u64 flags)
306
268
{
307
-
if (!(adapter->flags &
308
-
(IAVF_FLAG_RESET_PENDING | IAVF_FLAG_RESET_NEEDED))) {
309
-
adapter->flags |= IAVF_FLAG_RESET_NEEDED;
269
+
if (!test_bit(__IAVF_IN_REMOVE_TASK, &adapter->crit_section) &&
270
+
!(adapter->flags &
271
+
(IAVF_FLAG_RESET_PENDING | IAVF_FLAG_RESET_NEEDED))) {
272
+
adapter->flags |= flags;
310
273
queue_work(adapter->wq, &adapter->reset_task);
311
274
}
312
275
}
···
336
295
struct iavf_adapter *adapter = netdev_priv(netdev);
337
296
338
297
adapter->tx_timeout_count++;
339
-
iavf_schedule_reset(adapter);
298
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_NEEDED);
340
299
}
341
300
342
301
/**
···
1692
1651
adapter->msix_entries[vector].entry = vector;
1693
1652
1694
1653
err = iavf_acquire_msix_vectors(adapter, v_budget);
1654
+
if (!err)
1655
+
iavf_schedule_finish_config(adapter);
1695
1656
1696
1657
out:
1697
-
netif_set_real_num_rx_queues(adapter->netdev, pairs);
1698
-
netif_set_real_num_tx_queues(adapter->netdev, pairs);
1699
1658
return err;
1700
1659
}
1701
1660
···
1869
1828
static void iavf_free_q_vectors(struct iavf_adapter *adapter)
1870
1829
{
1871
1830
int q_idx, num_q_vectors;
1872
-
int napi_vectors;
1873
1831
1874
1832
if (!adapter->q_vectors)
1875
1833
return;
1876
1834
1877
1835
num_q_vectors = adapter->num_msix_vectors - NONQ_VECS;
1878
-
napi_vectors = adapter->num_active_queues;
1879
1836
1880
1837
for (q_idx = 0; q_idx < num_q_vectors; q_idx++) {
1881
1838
struct iavf_q_vector *q_vector = &adapter->q_vectors[q_idx];
1882
1839
1883
-
if (q_idx < napi_vectors)
1884
-
netif_napi_del(&q_vector->napi);
1840
+
netif_napi_del(&q_vector->napi);
1885
1841
}
1886
1842
kfree(adapter->q_vectors);
1887
1843
adapter->q_vectors = NULL;
···
1915
1877
goto err_alloc_queues;
1916
1878
}
1917
1879
1918
-
rtnl_lock();
1919
1880
err = iavf_set_interrupt_capability(adapter);
1920
-
rtnl_unlock();
1921
1881
if (err) {
1922
1882
dev_err(&adapter->pdev->dev,
1923
1883
"Unable to setup interrupt capabilities\n");
···
1968
1932
/**
1969
1933
* iavf_reinit_interrupt_scheme - Reallocate queues and vectors
1970
1934
* @adapter: board private structure
1935
+
* @running: true if adapter->state == __IAVF_RUNNING
1971
1936
*
1972
1937
* Returns 0 on success, negative on failure
1973
1938
**/
1974
-
static int iavf_reinit_interrupt_scheme(struct iavf_adapter *adapter)
1939
+
static int iavf_reinit_interrupt_scheme(struct iavf_adapter *adapter, bool running)
1975
1940
{
1976
1941
struct net_device *netdev = adapter->netdev;
1977
1942
int err;
1978
1943
1979
-
if (netif_running(netdev))
1944
+
if (running)
1980
1945
iavf_free_traffic_irqs(adapter);
1981
1946
iavf_free_misc_irq(adapter);
1982
1947
iavf_reset_interrupt_capability(adapter);
···
1999
1962
iavf_map_rings_to_vectors(adapter);
2000
1963
err:
2001
1964
return err;
1965
+
}
1966
+
1967
+
/**
1968
+
* iavf_finish_config - do all netdev work that needs RTNL
1969
+
* @work: our work_struct
1970
+
*
1971
+
* Do work that needs both RTNL and crit_lock.
1972
+
**/
1973
+
static void iavf_finish_config(struct work_struct *work)
1974
+
{
1975
+
struct iavf_adapter *adapter;
1976
+
int pairs, err;
1977
+
1978
+
adapter = container_of(work, struct iavf_adapter, finish_config);
1979
+
1980
+
/* Always take RTNL first to prevent circular lock dependency */
1981
+
rtnl_lock();
1982
+
mutex_lock(&adapter->crit_lock);
1983
+
1984
+
if ((adapter->flags & IAVF_FLAG_SETUP_NETDEV_FEATURES) &&
1985
+
adapter->netdev_registered &&
1986
+
!test_bit(__IAVF_IN_REMOVE_TASK, &adapter->crit_section)) {
1987
+
netdev_update_features(adapter->netdev);
1988
+
adapter->flags &= ~IAVF_FLAG_SETUP_NETDEV_FEATURES;
1989
+
}
1990
+
1991
+
switch (adapter->state) {
1992
+
case __IAVF_DOWN:
1993
+
if (!adapter->netdev_registered) {
1994
+
err = register_netdevice(adapter->netdev);
1995
+
if (err) {
1996
+
dev_err(&adapter->pdev->dev, "Unable to register netdev (%d)\n",
1997
+
err);
1998
+
1999
+
/* go back and try again.*/
2000
+
iavf_free_rss(adapter);
2001
+
iavf_free_misc_irq(adapter);
2002
+
iavf_reset_interrupt_capability(adapter);
2003
+
iavf_change_state(adapter,
2004
+
__IAVF_INIT_CONFIG_ADAPTER);
2005
+
goto out;
2006
+
}
2007
+
adapter->netdev_registered = true;
2008
+
}
2009
+
2010
+
/* Set the real number of queues when reset occurs while
2011
+
* state == __IAVF_DOWN
2012
+
*/
2013
+
fallthrough;
2014
+
case __IAVF_RUNNING:
2015
+
pairs = adapter->num_active_queues;
2016
+
netif_set_real_num_rx_queues(adapter->netdev, pairs);
2017
+
netif_set_real_num_tx_queues(adapter->netdev, pairs);
2018
+
break;
2019
+
2020
+
default:
2021
+
break;
2022
+
}
2023
+
2024
+
out:
2025
+
mutex_unlock(&adapter->crit_lock);
2026
+
rtnl_unlock();
2027
+
}
2028
+
2029
+
/**
2030
+
* iavf_schedule_finish_config - Set the flags and schedule a reset event
2031
+
* @adapter: board private structure
2032
+
**/
2033
+
void iavf_schedule_finish_config(struct iavf_adapter *adapter)
2034
+
{
2035
+
if (!test_bit(__IAVF_IN_REMOVE_TASK, &adapter->crit_section))
2036
+
queue_work(adapter->wq, &adapter->finish_config);
2002
2037
}
2003
2038
2004
2039
/**
···
2480
2371
adapter->vsi_res->num_queue_pairs);
2481
2372
adapter->flags |= IAVF_FLAG_REINIT_MSIX_NEEDED;
2482
2373
adapter->num_req_queues = adapter->vsi_res->num_queue_pairs;
2483
-
iavf_schedule_reset(adapter);
2374
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_NEEDED);
2484
2375
2485
2376
return -EAGAIN;
2486
2377
}
···
2710
2601
2711
2602
netif_carrier_off(netdev);
2712
2603
adapter->link_up = false;
2713
-
2714
-
/* set the semaphore to prevent any callbacks after device registration
2715
-
* up to time when state of driver will be set to __IAVF_DOWN
2716
-
*/
2717
-
rtnl_lock();
2718
-
if (!adapter->netdev_registered) {
2719
-
err = register_netdevice(netdev);
2720
-
if (err) {
2721
-
rtnl_unlock();
2722
-
goto err_register;
2723
-
}
2724
-
}
2725
-
2726
-
adapter->netdev_registered = true;
2727
-
2728
2604
netif_tx_stop_all_queues(netdev);
2605
+
2729
2606
if (CLIENT_ALLOWED(adapter)) {
2730
2607
err = iavf_lan_add_device(adapter);
2731
2608
if (err)
···
2724
2629
2725
2630
iavf_change_state(adapter, __IAVF_DOWN);
2726
2631
set_bit(__IAVF_VSI_DOWN, adapter->vsi.state);
2727
-
rtnl_unlock();
2728
2632
2729
2633
iavf_misc_irq_enable(adapter);
2730
2634
wake_up(&adapter->down_waitqueue);
···
2743
2649
/* request initial VLAN offload settings */
2744
2650
iavf_set_vlan_offload_features(adapter, 0, netdev->features);
2745
2651
2652
+
iavf_schedule_finish_config(adapter);
2746
2653
return;
2654
+
2747
2655
err_mem:
2748
2656
iavf_free_rss(adapter);
2749
-
err_register:
2750
2657
iavf_free_misc_irq(adapter);
2751
2658
err_sw_init:
2752
2659
iavf_reset_interrupt_capability(adapter);
···
2774
2679
goto restart_watchdog;
2775
2680
}
2776
2681
2777
-
if ((adapter->flags & IAVF_FLAG_SETUP_NETDEV_FEATURES) &&
2778
-
adapter->netdev_registered &&
2779
-
!test_bit(__IAVF_IN_REMOVE_TASK, &adapter->crit_section) &&
2780
-
rtnl_trylock()) {
2781
-
netdev_update_features(adapter->netdev);
2782
-
rtnl_unlock();
2783
-
adapter->flags &= ~IAVF_FLAG_SETUP_NETDEV_FEATURES;
2784
-
}
2785
-
2786
2682
if (adapter->flags & IAVF_FLAG_PF_COMMS_FAILED)
2787
2683
iavf_change_state(adapter, __IAVF_COMM_FAILED);
2788
-
2789
-
if (adapter->flags & IAVF_FLAG_RESET_NEEDED) {
2790
-
adapter->aq_required = 0;
2791
-
adapter->current_op = VIRTCHNL_OP_UNKNOWN;
2792
-
mutex_unlock(&adapter->crit_lock);
2793
-
queue_work(adapter->wq, &adapter->reset_task);
2794
-
return;
2795
-
}
2796
2684
2797
2685
switch (adapter->state) {
2798
2686
case __IAVF_STARTUP:
···
2904
2826
/* check for hw reset */
2905
2827
reg_val = rd32(hw, IAVF_VF_ARQLEN1) & IAVF_VF_ARQLEN1_ARQENABLE_MASK;
2906
2828
if (!reg_val) {
2907
-
adapter->flags |= IAVF_FLAG_RESET_PENDING;
2908
2829
adapter->aq_required = 0;
2909
2830
adapter->current_op = VIRTCHNL_OP_UNKNOWN;
2910
2831
dev_err(&adapter->pdev->dev, "Hardware reset detected\n");
2911
-
queue_work(adapter->wq, &adapter->reset_task);
2832
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_PENDING);
2912
2833
mutex_unlock(&adapter->crit_lock);
2913
2834
queue_delayed_work(adapter->wq,
2914
2835
&adapter->watchdog_task, HZ * 2);
···
3017
2940
int i = 0, err;
3018
2941
bool running;
3019
2942
3020
-
/* Detach interface to avoid subsequent NDO callbacks */
3021
-
rtnl_lock();
3022
-
netif_device_detach(netdev);
3023
-
rtnl_unlock();
3024
-
3025
2943
/* When device is being removed it doesn't make sense to run the reset
3026
2944
* task, just return in such a case.
3027
2945
*/
···
3024
2952
if (adapter->state != __IAVF_REMOVE)
3025
2953
queue_work(adapter->wq, &adapter->reset_task);
3026
2954
3027
-
goto reset_finish;
2955
+
return;
3028
2956
}
3029
2957
3030
2958
while (!mutex_trylock(&adapter->client_lock))
···
3082
3010
iavf_disable_vf(adapter);
3083
3011
mutex_unlock(&adapter->client_lock);
3084
3012
mutex_unlock(&adapter->crit_lock);
3085
-
if (netif_running(netdev)) {
3086
-
rtnl_lock();
3087
-
dev_close(netdev);
3088
-
rtnl_unlock();
3089
-
}
3090
3013
return; /* Do not attempt to reinit. It's dead, Jim. */
3091
3014
}
3092
3015
···
3123
3056
3124
3057
if ((adapter->flags & IAVF_FLAG_REINIT_MSIX_NEEDED) ||
3125
3058
(adapter->flags & IAVF_FLAG_REINIT_ITR_NEEDED)) {
3126
-
err = iavf_reinit_interrupt_scheme(adapter);
3059
+
err = iavf_reinit_interrupt_scheme(adapter, running);
3127
3060
if (err)
3128
3061
goto reset_err;
3129
3062
}
···
3218
3151
3219
3152
adapter->flags &= ~IAVF_FLAG_REINIT_ITR_NEEDED;
3220
3153
3154
+
wake_up(&adapter->reset_waitqueue);
3221
3155
mutex_unlock(&adapter->client_lock);
3222
3156
mutex_unlock(&adapter->crit_lock);
3223
3157
3224
-
goto reset_finish;
3158
+
return;
3225
3159
reset_err:
3226
3160
if (running) {
3227
3161
set_bit(__IAVF_VSI_DOWN, adapter->vsi.state);
···
3232
3164
3233
3165
mutex_unlock(&adapter->client_lock);
3234
3166
mutex_unlock(&adapter->crit_lock);
3235
-
3236
-
if (netif_running(netdev)) {
3237
-
/* Close device to ensure that Tx queues will not be started
3238
-
* during netif_device_attach() at the end of the reset task.
3239
-
*/
3240
-
rtnl_lock();
3241
-
dev_close(netdev);
3242
-
rtnl_unlock();
3243
-
}
3244
-
3245
3167
dev_err(&adapter->pdev->dev, "failed to allocate resources during reinit\n");
3246
-
reset_finish:
3247
-
rtnl_lock();
3248
-
netif_device_attach(netdev);
3249
-
rtnl_unlock();
3250
3168
}
3251
3169
3252
3170
/**
···
3281
3227
} while (pending);
3282
3228
mutex_unlock(&adapter->crit_lock);
3283
3229
3284
-
if ((adapter->flags &
3285
-
(IAVF_FLAG_RESET_PENDING | IAVF_FLAG_RESET_NEEDED)) ||
3286
-
adapter->state == __IAVF_RESETTING)
3230
+
if (iavf_is_reset_in_progress(adapter))
3287
3231
goto freedom;
3288
3232
3289
3233
/* check for error indications */
···
4367
4315
static int iavf_change_mtu(struct net_device *netdev, int new_mtu)
4368
4316
{
4369
4317
struct iavf_adapter *adapter = netdev_priv(netdev);
4318
+
int ret = 0;
4370
4319
4371
4320
netdev_dbg(netdev, "changing MTU from %d to %d\n",
4372
4321
netdev->mtu, new_mtu);
···
4378
4325
}
4379
4326
4380
4327
if (netif_running(netdev)) {
4381
-
adapter->flags |= IAVF_FLAG_RESET_NEEDED;
4382
-
queue_work(adapter->wq, &adapter->reset_task);
4328
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_NEEDED);
4329
+
ret = iavf_wait_for_reset(adapter);
4330
+
if (ret < 0)
4331
+
netdev_warn(netdev, "MTU change interrupted waiting for reset");
4332
+
else if (ret)
4333
+
netdev_warn(netdev, "MTU change timed out waiting for reset");
4383
4334
}
4384
4335
4385
-
return 0;
4336
+
return ret;
4386
4337
}
4387
4338
4388
4339
#define NETIF_VLAN_OFFLOAD_FEATURES (NETIF_F_HW_VLAN_CTAG_RX | \
···
4979
4922
4980
4923
INIT_WORK(&adapter->reset_task, iavf_reset_task);
4981
4924
INIT_WORK(&adapter->adminq_task, iavf_adminq_task);
4925
+
INIT_WORK(&adapter->finish_config, iavf_finish_config);
4982
4926
INIT_DELAYED_WORK(&adapter->watchdog_task, iavf_watchdog_task);
4983
4927
INIT_DELAYED_WORK(&adapter->client_task, iavf_client_task);
4984
4928
queue_delayed_work(adapter->wq, &adapter->watchdog_task,
···
4987
4929
4988
4930
/* Setup the wait queue for indicating transition to down status */
4989
4931
init_waitqueue_head(&adapter->down_waitqueue);
4932
+
4933
+
/* Setup the wait queue for indicating transition to running state */
4934
+
init_waitqueue_head(&adapter->reset_waitqueue);
4990
4935
4991
4936
/* Setup the wait queue for indicating virtchannel events */
4992
4937
init_waitqueue_head(&adapter->vc_waitqueue);
···
5122
5061
usleep_range(500, 1000);
5123
5062
}
5124
5063
cancel_delayed_work_sync(&adapter->watchdog_task);
5064
+
cancel_work_sync(&adapter->finish_config);
5125
5065
5066
+
rtnl_lock();
5126
5067
if (adapter->netdev_registered) {
5127
-
rtnl_lock();
5128
5068
unregister_netdevice(netdev);
5129
5069
adapter->netdev_registered = false;
5130
-
rtnl_unlock();
5131
5070
}
5071
+
rtnl_unlock();
5072
+
5132
5073
if (CLIENT_ALLOWED(adapter)) {
5133
5074
err = iavf_lan_del_device(adapter);
5134
5075
if (err)
+3
-2
drivers/net/ethernet/intel/iavf/iavf_virtchnl.c
+3
-2
drivers/net/ethernet/intel/iavf/iavf_virtchnl.c
···
1961
1961
case VIRTCHNL_EVENT_RESET_IMPENDING:
1962
1962
dev_info(&adapter->pdev->dev, "Reset indication received from the PF\n");
1963
1963
if (!(adapter->flags & IAVF_FLAG_RESET_PENDING)) {
1964
-
adapter->flags |= IAVF_FLAG_RESET_PENDING;
1965
1964
dev_info(&adapter->pdev->dev, "Scheduling reset task\n");
1966
-
queue_work(adapter->wq, &adapter->reset_task);
1965
+
iavf_schedule_reset(adapter, IAVF_FLAG_RESET_PENDING);
1967
1966
}
1968
1967
break;
1969
1968
default:
···
2236
2237
2237
2238
iavf_process_config(adapter);
2238
2239
adapter->flags |= IAVF_FLAG_SETUP_NETDEV_FEATURES;
2240
+
iavf_schedule_finish_config(adapter);
2239
2241
2240
2242
iavf_set_queue_vlan_tag_loc(adapter);
2241
2243
···
2285
2285
case VIRTCHNL_OP_ENABLE_QUEUES:
2286
2286
/* enable transmits */
2287
2287
iavf_irq_enable(adapter, true);
2288
+
wake_up(&adapter->reset_waitqueue);
2288
2289
adapter->flags &= ~IAVF_FLAG_QUEUES_DISABLED;
2289
2290
break;
2290
2291
case VIRTCHNL_OP_DISABLE_QUEUES:
+2
drivers/net/ethernet/intel/ice/ice_base.c
+2
drivers/net/ethernet/intel/ice/ice_base.c
+11
-2
drivers/net/ethernet/intel/ice/ice_ethtool.c
+11
-2
drivers/net/ethernet/intel/ice/ice_ethtool.c
···
2681
2681
2682
2682
ring->rx_max_pending = ICE_MAX_NUM_DESC;
2683
2683
ring->tx_max_pending = ICE_MAX_NUM_DESC;
2684
-
ring->rx_pending = vsi->rx_rings[0]->count;
2685
-
ring->tx_pending = vsi->tx_rings[0]->count;
2684
+
if (vsi->tx_rings && vsi->rx_rings) {
2685
+
ring->rx_pending = vsi->rx_rings[0]->count;
2686
+
ring->tx_pending = vsi->tx_rings[0]->count;
2687
+
} else {
2688
+
ring->rx_pending = 0;
2689
+
ring->tx_pending = 0;
2690
+
}
2686
2691
2687
2692
/* Rx mini and jumbo rings are not supported */
2688
2693
ring->rx_mini_max_pending = 0;
···
2720
2715
ICE_REQ_DESC_MULTIPLE);
2721
2716
return -EINVAL;
2722
2717
}
2718
+
2719
+
/* Return if there is no rings (device is reloading) */
2720
+
if (!vsi->tx_rings || !vsi->rx_rings)
2721
+
return -EBUSY;
2723
2722
2724
2723
new_tx_cnt = ALIGN(ring->tx_pending, ICE_REQ_DESC_MULTIPLE);
2725
2724
if (new_tx_cnt != ring->tx_pending)
-27
drivers/net/ethernet/intel/ice/ice_lib.c
-27
drivers/net/ethernet/intel/ice/ice_lib.c
···
2972
2972
return -ENODEV;
2973
2973
pf = vsi->back;
2974
2974
2975
-
/* do not unregister while driver is in the reset recovery pending
2976
-
* state. Since reset/rebuild happens through PF service task workqueue,
2977
-
* it's not a good idea to unregister netdev that is associated to the
2978
-
* PF that is running the work queue items currently. This is done to
2979
-
* avoid check_flush_dependency() warning on this wq
2980
-
*/
2981
-
if (vsi->netdev && !ice_is_reset_in_progress(pf->state) &&
2982
-
(test_bit(ICE_VSI_NETDEV_REGISTERED, vsi->state))) {
2983
-
unregister_netdev(vsi->netdev);
2984
-
clear_bit(ICE_VSI_NETDEV_REGISTERED, vsi->state);
2985
-
}
2986
-
2987
-
if (vsi->type == ICE_VSI_PF)
2988
-
ice_devlink_destroy_pf_port(pf);
2989
-
2990
2975
if (test_bit(ICE_FLAG_RSS_ENA, pf->flags))
2991
2976
ice_rss_clean(vsi);
2992
2977
2993
2978
ice_vsi_close(vsi);
2994
2979
ice_vsi_decfg(vsi);
2995
-
2996
-
if (vsi->netdev) {
2997
-
if (test_bit(ICE_VSI_NETDEV_REGISTERED, vsi->state)) {
2998
-
unregister_netdev(vsi->netdev);
2999
-
clear_bit(ICE_VSI_NETDEV_REGISTERED, vsi->state);
3000
-
}
3001
-
if (test_bit(ICE_VSI_NETDEV_ALLOCD, vsi->state)) {
3002
-
free_netdev(vsi->netdev);
3003
-
vsi->netdev = NULL;
3004
-
clear_bit(ICE_VSI_NETDEV_ALLOCD, vsi->state);
3005
-
}
3006
-
}
3007
2980
3008
2981
/* retain SW VSI data structure since it is needed to unregister and
3009
2982
* free VSI netdev when PF is not in reset recovery pending state,\
+8
-2
drivers/net/ethernet/intel/ice/ice_main.c
+8
-2
drivers/net/ethernet/intel/ice/ice_main.c
···
4430
4430
if (err)
4431
4431
return err;
4432
4432
4433
-
rtnl_lock();
4434
4433
err = ice_vsi_open(vsi);
4435
-
rtnl_unlock();
4434
+
if (err)
4435
+
ice_fltr_remove_all(vsi);
4436
4436
4437
4437
return err;
4438
4438
}
···
4895
4895
params = ice_vsi_to_params(vsi);
4896
4896
params.flags = ICE_VSI_FLAG_INIT;
4897
4897
4898
+
rtnl_lock();
4898
4899
err = ice_vsi_cfg(vsi, ¶ms);
4899
4900
if (err)
4900
4901
goto err_vsi_cfg;
···
4903
4902
err = ice_start_eth(ice_get_main_vsi(pf));
4904
4903
if (err)
4905
4904
goto err_start_eth;
4905
+
rtnl_unlock();
4906
4906
4907
4907
err = ice_init_rdma(pf);
4908
4908
if (err)
···
4918
4916
4919
4917
err_init_rdma:
4920
4918
ice_vsi_close(ice_get_main_vsi(pf));
4919
+
rtnl_lock();
4921
4920
err_start_eth:
4922
4921
ice_vsi_decfg(ice_get_main_vsi(pf));
4923
4922
err_vsi_cfg:
4923
+
rtnl_unlock();
4924
4924
ice_deinit_dev(pf);
4925
4925
return err;
4926
4926
}
···
4935
4931
{
4936
4932
ice_deinit_features(pf);
4937
4933
ice_deinit_rdma(pf);
4934
+
rtnl_lock();
4938
4935
ice_stop_eth(ice_get_main_vsi(pf));
4939
4936
ice_vsi_decfg(ice_get_main_vsi(pf));
4937
+
rtnl_unlock();
4940
4938
ice_deinit_dev(pf);
4941
4939
}
4942
4940
+2
-2
drivers/net/ethernet/intel/igc/igc_main.c
+2
-2
drivers/net/ethernet/intel/igc/igc_main.c
···
2828
2828
struct netdev_queue *nq = txring_txq(ring);
2829
2829
union igc_adv_tx_desc *tx_desc = NULL;
2830
2830
int cpu = smp_processor_id();
2831
-
u16 ntu = ring->next_to_use;
2832
2831
struct xdp_desc xdp_desc;
2833
-
u16 budget;
2832
+
u16 budget, ntu;
2834
2833
2835
2834
if (!netif_carrier_ok(ring->netdev))
2836
2835
return;
···
2839
2840
/* Avoid transmit queue timeout since we share it with the slow path */
2840
2841
txq_trans_cond_update(nq);
2841
2842
2843
+
ntu = ring->next_to_use;
2842
2844
budget = igc_desc_unused(ring);
2843
2845
2844
2846
while (xsk_tx_peek_desc(pool, &xdp_desc) && budget--) {
+100
-37
drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c
+100
-37
drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c
···
4
4
* Copyright (C) 2022 Marvell.
5
5
*/
6
6
7
+
#include <crypto/skcipher.h>
7
8
#include <linux/rtnetlink.h>
8
9
#include <linux/bitfield.h>
9
10
#include "otx2_common.h"
···
42
41
#define MCS_TCI_SCB 0x10 /* epon */
43
42
#define MCS_TCI_E 0x08 /* encryption */
44
43
#define MCS_TCI_C 0x04 /* changed text */
44
+
45
+
#define CN10K_MAX_HASH_LEN 16
46
+
#define CN10K_MAX_SAK_LEN 32
47
+
48
+
static int cn10k_ecb_aes_encrypt(struct otx2_nic *pfvf, u8 *sak,
49
+
u16 sak_len, u8 *hash)
50
+
{
51
+
u8 data[CN10K_MAX_HASH_LEN] = { 0 };
52
+
struct skcipher_request *req = NULL;
53
+
struct scatterlist sg_src, sg_dst;
54
+
struct crypto_skcipher *tfm;
55
+
DECLARE_CRYPTO_WAIT(wait);
56
+
int err;
57
+
58
+
tfm = crypto_alloc_skcipher("ecb(aes)", 0, 0);
59
+
if (IS_ERR(tfm)) {
60
+
dev_err(pfvf->dev, "failed to allocate transform for ecb-aes\n");
61
+
return PTR_ERR(tfm);
62
+
}
63
+
64
+
req = skcipher_request_alloc(tfm, GFP_KERNEL);
65
+
if (!req) {
66
+
dev_err(pfvf->dev, "failed to allocate request for skcipher\n");
67
+
err = -ENOMEM;
68
+
goto free_tfm;
69
+
}
70
+
71
+
err = crypto_skcipher_setkey(tfm, sak, sak_len);
72
+
if (err) {
73
+
dev_err(pfvf->dev, "failed to set key for skcipher\n");
74
+
goto free_req;
75
+
}
76
+
77
+
/* build sg list */
78
+
sg_init_one(&sg_src, data, CN10K_MAX_HASH_LEN);
79
+
sg_init_one(&sg_dst, hash, CN10K_MAX_HASH_LEN);
80
+
81
+
skcipher_request_set_callback(req, 0, crypto_req_done, &wait);
82
+
skcipher_request_set_crypt(req, &sg_src, &sg_dst,
83
+
CN10K_MAX_HASH_LEN, NULL);
84
+
85
+
err = crypto_skcipher_encrypt(req);
86
+
err = crypto_wait_req(err, &wait);
87
+
88
+
free_req:
89
+
skcipher_request_free(req);
90
+
free_tfm:
91
+
crypto_free_skcipher(tfm);
92
+
return err;
93
+
}
45
94
46
95
static struct cn10k_mcs_txsc *cn10k_mcs_get_txsc(struct cn10k_mcs_cfg *cfg,
47
96
struct macsec_secy *secy)
···
381
330
return ret;
382
331
}
383
332
333
+
static int cn10k_mcs_write_keys(struct otx2_nic *pfvf,
334
+
struct macsec_secy *secy,
335
+
struct mcs_sa_plcy_write_req *req,
336
+
u8 *sak, u8 *salt, ssci_t ssci)
337
+
{
338
+
u8 hash_rev[CN10K_MAX_HASH_LEN];
339
+
u8 sak_rev[CN10K_MAX_SAK_LEN];
340
+
u8 salt_rev[MACSEC_SALT_LEN];
341
+
u8 hash[CN10K_MAX_HASH_LEN];
342
+
u32 ssci_63_32;
343
+
int err, i;
344
+
345
+
err = cn10k_ecb_aes_encrypt(pfvf, sak, secy->key_len, hash);
346
+
if (err) {
347
+
dev_err(pfvf->dev, "Generating hash using ECB(AES) failed\n");
348
+
return err;
349
+
}
350
+
351
+
for (i = 0; i < secy->key_len; i++)
352
+
sak_rev[i] = sak[secy->key_len - 1 - i];
353
+
354
+
for (i = 0; i < CN10K_MAX_HASH_LEN; i++)
355
+
hash_rev[i] = hash[CN10K_MAX_HASH_LEN - 1 - i];
356
+
357
+
for (i = 0; i < MACSEC_SALT_LEN; i++)
358
+
salt_rev[i] = salt[MACSEC_SALT_LEN - 1 - i];
359
+
360
+
ssci_63_32 = (__force u32)cpu_to_be32((__force u32)ssci);
361
+
362
+
memcpy(&req->plcy[0][0], sak_rev, secy->key_len);
363
+
memcpy(&req->plcy[0][4], hash_rev, CN10K_MAX_HASH_LEN);
364
+
memcpy(&req->plcy[0][6], salt_rev, MACSEC_SALT_LEN);
365
+
req->plcy[0][7] |= (u64)ssci_63_32 << 32;
366
+
367
+
return 0;
368
+
}
369
+
384
370
static int cn10k_mcs_write_rx_sa_plcy(struct otx2_nic *pfvf,
385
371
struct macsec_secy *secy,
386
372
struct cn10k_mcs_rxsc *rxsc,
387
373
u8 assoc_num, bool sa_in_use)
388
374
{
389
-
unsigned char *src = rxsc->sa_key[assoc_num];
390
375
struct mcs_sa_plcy_write_req *plcy_req;
391
-
u8 *salt_p = rxsc->salt[assoc_num];
376
+
u8 *sak = rxsc->sa_key[assoc_num];
377
+
u8 *salt = rxsc->salt[assoc_num];
392
378
struct mcs_rx_sc_sa_map *map_req;
393
379
struct mbox *mbox = &pfvf->mbox;
394
-
u64 ssci_salt_95_64 = 0;
395
-
u8 reg, key_len;
396
-
u64 salt_63_0;
397
380
int ret;
398
381
399
382
mutex_lock(&mbox->lock);
···
445
360
goto fail;
446
361
}
447
362
448
-
for (reg = 0, key_len = 0; key_len < secy->key_len; key_len += 8) {
449
-
memcpy((u8 *)&plcy_req->plcy[0][reg],
450
-
(src + reg * 8), 8);
451
-
reg++;
452
-
}
453
-
454
-
if (secy->xpn) {
455
-
memcpy((u8 *)&salt_63_0, salt_p, 8);
456
-
memcpy((u8 *)&ssci_salt_95_64, salt_p + 8, 4);
457
-
ssci_salt_95_64 |= (__force u64)rxsc->ssci[assoc_num] << 32;
458
-
459
-
plcy_req->plcy[0][6] = salt_63_0;
460
-
plcy_req->plcy[0][7] = ssci_salt_95_64;
461
-
}
363
+
ret = cn10k_mcs_write_keys(pfvf, secy, plcy_req, sak,
364
+
salt, rxsc->ssci[assoc_num]);
365
+
if (ret)
366
+
goto fail;
462
367
463
368
plcy_req->sa_index[0] = rxsc->hw_sa_id[assoc_num];
464
369
plcy_req->sa_cnt = 1;
···
661
586
struct cn10k_mcs_txsc *txsc,
662
587
u8 assoc_num)
663
588
{
664
-
unsigned char *src = txsc->sa_key[assoc_num];
665
589
struct mcs_sa_plcy_write_req *plcy_req;
666
-
u8 *salt_p = txsc->salt[assoc_num];
590
+
u8 *sak = txsc->sa_key[assoc_num];
591
+
u8 *salt = txsc->salt[assoc_num];
667
592
struct mbox *mbox = &pfvf->mbox;
668
-
u64 ssci_salt_95_64 = 0;
669
-
u8 reg, key_len;
670
-
u64 salt_63_0;
671
593
int ret;
672
594
673
595
mutex_lock(&mbox->lock);
···
675
603
goto fail;
676
604
}
677
605
678
-
for (reg = 0, key_len = 0; key_len < secy->key_len; key_len += 8) {
679
-
memcpy((u8 *)&plcy_req->plcy[0][reg], (src + reg * 8), 8);
680
-
reg++;
681
-
}
682
-
683
-
if (secy->xpn) {
684
-
memcpy((u8 *)&salt_63_0, salt_p, 8);
685
-
memcpy((u8 *)&ssci_salt_95_64, salt_p + 8, 4);
686
-
ssci_salt_95_64 |= (__force u64)txsc->ssci[assoc_num] << 32;
687
-
688
-
plcy_req->plcy[0][6] = salt_63_0;
689
-
plcy_req->plcy[0][7] = ssci_salt_95_64;
690
-
}
606
+
ret = cn10k_mcs_write_keys(pfvf, secy, plcy_req, sak,
607
+
salt, txsc->ssci[assoc_num]);
608
+
if (ret)
609
+
goto fail;
691
610
692
611
plcy_req->plcy[0][8] = assoc_num;
693
612
plcy_req->sa_index[0] = txsc->hw_sa_id[assoc_num];
+3
-2
drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c
+3
-2
drivers/net/ethernet/marvell/octeontx2/nic/otx2_pf.c
···
1454
1454
if (err)
1455
1455
goto err_free_npa_lf;
1456
1456
1457
-
/* Enable backpressure */
1458
-
otx2_nix_config_bp(pf, true);
1457
+
/* Enable backpressure for CGX mapped PF/VFs */
1458
+
if (!is_otx2_lbkvf(pf->pdev))
1459
+
otx2_nix_config_bp(pf, true);
1459
1460
1460
1461
/* Init Auras and pools used by NIX RQ, for free buffer ptrs */
1461
1462
err = otx2_rq_aura_pool_init(pf);
+11
-18
drivers/net/ethernet/mediatek/mtk_eth_soc.c
+11
-18
drivers/net/ethernet/mediatek/mtk_eth_soc.c
···
3846
3846
return 0;
3847
3847
}
3848
3848
3849
-
static int __init mtk_init(struct net_device *dev)
3850
-
{
3851
-
struct mtk_mac *mac = netdev_priv(dev);
3852
-
struct mtk_eth *eth = mac->hw;
3853
-
int ret;
3854
-
3855
-
ret = of_get_ethdev_address(mac->of_node, dev);
3856
-
if (ret) {
3857
-
/* If the mac address is invalid, use random mac address */
3858
-
eth_hw_addr_random(dev);
3859
-
dev_err(eth->dev, "generated random MAC address %pM\n",
3860
-
dev->dev_addr);
3861
-
}
3862
-
3863
-
return 0;
3864
-
}
3865
-
3866
3849
static void mtk_uninit(struct net_device *dev)
3867
3850
{
3868
3851
struct mtk_mac *mac = netdev_priv(dev);
···
4261
4278
};
4262
4279
4263
4280
static const struct net_device_ops mtk_netdev_ops = {
4264
-
.ndo_init = mtk_init,
4265
4281
.ndo_uninit = mtk_uninit,
4266
4282
.ndo_open = mtk_open,
4267
4283
.ndo_stop = mtk_stop,
···
4321
4339
mac->id = id;
4322
4340
mac->hw = eth;
4323
4341
mac->of_node = np;
4342
+
4343
+
err = of_get_ethdev_address(mac->of_node, eth->netdev[id]);
4344
+
if (err == -EPROBE_DEFER)
4345
+
return err;
4346
+
4347
+
if (err) {
4348
+
/* If the mac address is invalid, use random mac address */
4349
+
eth_hw_addr_random(eth->netdev[id]);
4350
+
dev_err(eth->dev, "generated random MAC address %pM\n",
4351
+
eth->netdev[id]->dev_addr);
4352
+
}
4324
4353
4325
4354
memset(mac->hwlro_ip, 0, sizeof(mac->hwlro_ip));
4326
4355
mac->hwlro_ip_cnt = 0;
+1
-1
drivers/net/ethernet/mediatek/mtk_ppe_debugfs.c
+1
-1
drivers/net/ethernet/mediatek/mtk_ppe_debugfs.c
···
98
98
99
99
acct = mtk_foe_entry_get_mib(ppe, i, NULL);
100
100
101
-
type = FIELD_GET(MTK_FOE_IB1_PACKET_TYPE, entry->ib1);
101
+
type = mtk_get_ib1_pkt_type(ppe->eth, entry->ib1);
102
102
seq_printf(m, "%05x %s %7s", i,
103
103
mtk_foe_entry_state_str(state),
104
104
mtk_foe_pkt_type_str(type));
+2
-1
drivers/net/ethernet/mscc/ocelot_fdma.c
+2
-1
drivers/net/ethernet/mscc/ocelot_fdma.c
+5
-2
drivers/net/ethernet/qualcomm/emac/emac-mac.c
+5
-2
drivers/net/ethernet/qualcomm/emac/emac-mac.c
···
1260
1260
if (skb->protocol == htons(ETH_P_IP)) {
1261
1261
u32 pkt_len = ((unsigned char *)ip_hdr(skb) - skb->data)
1262
1262
+ ntohs(ip_hdr(skb)->tot_len);
1263
-
if (skb->len > pkt_len)
1264
-
pskb_trim(skb, pkt_len);
1263
+
if (skb->len > pkt_len) {
1264
+
ret = pskb_trim(skb, pkt_len);
1265
+
if (unlikely(ret))
1266
+
return ret;
1267
+
}
1265
1268
}
1266
1269
1267
1270
hdr_len = skb_tcp_all_headers(skb);
+34
-11
drivers/net/ethernet/realtek/r8169_main.c
+34
-11
drivers/net/ethernet/realtek/r8169_main.c
···
623
623
int cfg9346_usage_count;
624
624
625
625
unsigned supports_gmii:1;
626
+
unsigned aspm_manageable:1;
626
627
dma_addr_t counters_phys_addr;
627
628
struct rtl8169_counters *counters;
628
629
struct rtl8169_tc_offsets tc_offset;
···
2747
2746
if (tp->mac_version < RTL_GIGA_MAC_VER_32)
2748
2747
return;
2749
2748
2750
-
if (enable) {
2749
+
/* Don't enable ASPM in the chip if OS can't control ASPM */
2750
+
if (enable && tp->aspm_manageable) {
2751
+
/* On these chip versions ASPM can even harm
2752
+
* bus communication of other PCI devices.
2753
+
*/
2754
+
if (tp->mac_version == RTL_GIGA_MAC_VER_42 ||
2755
+
tp->mac_version == RTL_GIGA_MAC_VER_43)
2756
+
return;
2757
+
2751
2758
rtl_mod_config5(tp, 0, ASPM_en);
2752
2759
rtl_mod_config2(tp, 0, ClkReqEn);
2753
2760
···
4523
4514
}
4524
4515
4525
4516
if (napi_schedule_prep(&tp->napi)) {
4526
-
rtl_unlock_config_regs(tp);
4527
-
rtl_hw_aspm_clkreq_enable(tp, false);
4528
-
rtl_lock_config_regs(tp);
4529
-
4530
4517
rtl_irq_disable(tp);
4531
4518
__napi_schedule(&tp->napi);
4532
4519
}
···
4582
4577
4583
4578
work_done = rtl_rx(dev, tp, budget);
4584
4579
4585
-
if (work_done < budget && napi_complete_done(napi, work_done)) {
4580
+
if (work_done < budget && napi_complete_done(napi, work_done))
4586
4581
rtl_irq_enable(tp);
4587
-
4588
-
rtl_unlock_config_regs(tp);
4589
-
rtl_hw_aspm_clkreq_enable(tp, true);
4590
-
rtl_lock_config_regs(tp);
4591
-
}
4592
4582
4593
4583
return work_done;
4594
4584
}
···
5158
5158
rtl_rar_set(tp, mac_addr);
5159
5159
}
5160
5160
5161
+
/* register is set if system vendor successfully tested ASPM 1.2 */
5162
+
static bool rtl_aspm_is_safe(struct rtl8169_private *tp)
5163
+
{
5164
+
if (tp->mac_version >= RTL_GIGA_MAC_VER_61 &&
5165
+
r8168_mac_ocp_read(tp, 0xc0b2) & 0xf)
5166
+
return true;
5167
+
5168
+
return false;
5169
+
}
5170
+
5161
5171
static int rtl_init_one(struct pci_dev *pdev, const struct pci_device_id *ent)
5162
5172
{
5163
5173
struct rtl8169_private *tp;
···
5236
5226
"unknown chip XID %03x, contact r8169 maintainers (see MAINTAINERS file)\n",
5237
5227
xid);
5238
5228
tp->mac_version = chipset;
5229
+
5230
+
/* Disable ASPM L1 as that cause random device stop working
5231
+
* problems as well as full system hangs for some PCIe devices users.
5232
+
* Chips from RTL8168h partially have issues with L1.2, but seem
5233
+
* to work fine with L1 and L1.1.
5234
+
*/
5235
+
if (rtl_aspm_is_safe(tp))
5236
+
rc = 0;
5237
+
else if (tp->mac_version >= RTL_GIGA_MAC_VER_46)
5238
+
rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1_2);
5239
+
else
5240
+
rc = pci_disable_link_state(pdev, PCIE_LINK_STATE_L1);
5241
+
tp->aspm_manageable = !rc;
5239
5242
5240
5243
tp->dash_type = rtl_check_dash(tp);
5241
5244
+19
-5
drivers/net/ethernet/ti/cpsw_ale.c
+19
-5
drivers/net/ethernet/ti/cpsw_ale.c
···
106
106
107
107
static inline int cpsw_ale_get_field(u32 *ale_entry, u32 start, u32 bits)
108
108
{
109
-
int idx;
109
+
int idx, idx2;
110
+
u32 hi_val = 0;
110
111
111
112
idx = start / 32;
113
+
idx2 = (start + bits - 1) / 32;
114
+
/* Check if bits to be fetched exceed a word */
115
+
if (idx != idx2) {
116
+
idx2 = 2 - idx2; /* flip */
117
+
hi_val = ale_entry[idx2] << ((idx2 * 32) - start);
118
+
}
112
119
start -= idx * 32;
113
120
idx = 2 - idx; /* flip */
114
-
return (ale_entry[idx] >> start) & BITMASK(bits);
121
+
return (hi_val + (ale_entry[idx] >> start)) & BITMASK(bits);
115
122
}
116
123
117
124
static inline void cpsw_ale_set_field(u32 *ale_entry, u32 start, u32 bits,
118
125
u32 value)
119
126
{
120
-
int idx;
127
+
int idx, idx2;
121
128
122
129
value &= BITMASK(bits);
123
-
idx = start / 32;
130
+
idx = start / 32;
131
+
idx2 = (start + bits - 1) / 32;
132
+
/* Check if bits to be set exceed a word */
133
+
if (idx != idx2) {
134
+
idx2 = 2 - idx2; /* flip */
135
+
ale_entry[idx2] &= ~(BITMASK(bits + start - (idx2 * 32)));
136
+
ale_entry[idx2] |= (value >> ((idx2 * 32) - start));
137
+
}
124
138
start -= idx * 32;
125
-
idx = 2 - idx; /* flip */
139
+
idx = 2 - idx; /* flip */
126
140
ale_entry[idx] &= ~(BITMASK(bits) << start);
127
141
ale_entry[idx] |= (value << start);
128
142
}
-1
drivers/net/ethernet/wangxun/libwx/wx_hw.c
-1
drivers/net/ethernet/wangxun/libwx/wx_hw.c
+14
-7
drivers/net/phy/phy_device.c
+14
-7
drivers/net/phy/phy_device.c
···
3451
3451
{
3452
3452
int rc;
3453
3453
3454
+
ethtool_set_ethtool_phy_ops(&phy_ethtool_phy_ops);
3455
+
3454
3456
rc = mdio_bus_init();
3455
3457
if (rc)
3456
-
return rc;
3458
+
goto err_ethtool_phy_ops;
3457
3459
3458
-
ethtool_set_ethtool_phy_ops(&phy_ethtool_phy_ops);
3459
3460
features_init();
3460
3461
3461
3462
rc = phy_driver_register(&genphy_c45_driver, THIS_MODULE);
3462
3463
if (rc)
3463
-
goto err_c45;
3464
+
goto err_mdio_bus;
3464
3465
3465
3466
rc = phy_driver_register(&genphy_driver, THIS_MODULE);
3466
-
if (rc) {
3467
-
phy_driver_unregister(&genphy_c45_driver);
3467
+
if (rc)
3468
+
goto err_c45;
3469
+
3470
+
return 0;
3471
+
3468
3472
err_c45:
3469
-
mdio_bus_exit();
3470
-
}
3473
+
phy_driver_unregister(&genphy_c45_driver);
3474
+
err_mdio_bus:
3475
+
mdio_bus_exit();
3476
+
err_ethtool_phy_ops:
3477
+
ethtool_set_ethtool_phy_ops(NULL);
3471
3478
3472
3479
return rc;
3473
3480
}
+6
drivers/net/usb/usbnet.c
+6
drivers/net/usb/usbnet.c
···
1775
1775
} else if (!info->in || !info->out)
1776
1776
status = usbnet_get_endpoints (dev, udev);
1777
1777
else {
1778
+
u8 ep_addrs[3] = {
1779
+
info->in + USB_DIR_IN, info->out + USB_DIR_OUT, 0
1780
+
};
1781
+
1778
1782
dev->in = usb_rcvbulkpipe (xdev, info->in);
1779
1783
dev->out = usb_sndbulkpipe (xdev, info->out);
1780
1784
if (!(info->flags & FLAG_NO_SETINT))
···
1788
1784
else
1789
1785
status = 0;
1790
1786
1787
+
if (status == 0 && !usb_check_bulk_endpoints(udev, ep_addrs))
1788
+
status = -EINVAL;
1791
1789
}
1792
1790
if (status >= 0 && dev->status)
1793
1791
status = init_status (dev, udev);
+6
-6
drivers/net/vrf.c
+6
-6
drivers/net/vrf.c
···
664
664
skb->protocol = htons(ETH_P_IPV6);
665
665
skb->dev = dev;
666
666
667
-
rcu_read_lock_bh();
667
+
rcu_read_lock();
668
668
nexthop = rt6_nexthop((struct rt6_info *)dst, &ipv6_hdr(skb)->daddr);
669
669
neigh = __ipv6_neigh_lookup_noref(dst->dev, nexthop);
670
670
if (unlikely(!neigh))
···
672
672
if (!IS_ERR(neigh)) {
673
673
sock_confirm_neigh(skb, neigh);
674
674
ret = neigh_output(neigh, skb, false);
675
-
rcu_read_unlock_bh();
675
+
rcu_read_unlock();
676
676
return ret;
677
677
}
678
-
rcu_read_unlock_bh();
678
+
rcu_read_unlock();
679
679
680
680
IP6_INC_STATS(dev_net(dst->dev),
681
681
ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
···
889
889
}
890
890
}
891
891
892
-
rcu_read_lock_bh();
892
+
rcu_read_lock();
893
893
894
894
neigh = ip_neigh_for_gw(rt, skb, &is_v6gw);
895
895
if (!IS_ERR(neigh)) {
···
898
898
sock_confirm_neigh(skb, neigh);
899
899
/* if crossing protocols, can not use the cached header */
900
900
ret = neigh_output(neigh, skb, is_v6gw);
901
-
rcu_read_unlock_bh();
901
+
rcu_read_unlock();
902
902
return ret;
903
903
}
904
904
905
-
rcu_read_unlock_bh();
905
+
rcu_read_unlock();
906
906
vrf_tx_error(skb->dev, skb);
907
907
return -EINVAL;
908
908
}
+1
-1
include/linux/tcp.h
+1
-1
include/linux/tcp.h
···
513
513
struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue;
514
514
int somaxconn = READ_ONCE(sock_net(sk)->core.sysctl_somaxconn);
515
515
516
-
queue->fastopenq.max_qlen = min_t(unsigned int, backlog, somaxconn);
516
+
WRITE_ONCE(queue->fastopenq.max_qlen, min_t(unsigned int, backlog, somaxconn));
517
517
}
518
518
519
519
static inline void tcp_move_syn(struct tcp_sock *tp,
+5
-2
include/net/bluetooth/hci_core.h
+5
-2
include/net/bluetooth/hci_core.h
···
593
593
const char *fw_info;
594
594
struct dentry *debugfs;
595
595
596
-
#ifdef CONFIG_DEV_COREDUMP
597
596
struct hci_devcoredump dump;
598
-
#endif
599
597
600
598
struct device dev;
601
599
···
820
822
821
823
struct hci_conn *conn;
822
824
bool explicit_connect;
825
+
/* Accessed without hdev->lock: */
823
826
hci_conn_flags_t flags;
824
827
u8 privacy_mode;
825
828
};
···
1572
1573
bdaddr_t *addr, u8 addr_type);
1573
1574
void hci_conn_params_del(struct hci_dev *hdev, bdaddr_t *addr, u8 addr_type);
1574
1575
void hci_conn_params_clear_disabled(struct hci_dev *hdev);
1576
+
void hci_conn_params_free(struct hci_conn_params *param);
1575
1577
1578
+
void hci_pend_le_list_del_init(struct hci_conn_params *param);
1579
+
void hci_pend_le_list_add(struct hci_conn_params *param,
1580
+
struct list_head *list);
1576
1581
struct hci_conn_params *hci_pend_le_action_lookup(struct list_head *list,
1577
1582
bdaddr_t *addr,
1578
1583
u8 addr_type);
+1
-1
include/net/bonding.h
+1
-1
include/net/bonding.h
+2
-1
include/net/cfg802154.h
+2
-1
include/net/cfg802154.h
···
170
170
}
171
171
172
172
/**
173
-
* @WPAN_PHY_FLAG_TRANSMIT_POWER: Indicates that transceiver will support
173
+
* enum wpan_phy_flags - WPAN PHY state flags
174
+
* @WPAN_PHY_FLAG_TXPOWER: Indicates that transceiver will support
174
175
* transmit power setting.
175
176
* @WPAN_PHY_FLAG_CCA_ED_LEVEL: Indicates that transceiver will support cca ed
176
177
* level setting.
+2
-2
include/net/codel.h
+2
-2
include/net/codel.h
···
145
145
* @maxpacket: largest packet we've seen so far
146
146
* @drop_count: temp count of dropped packets in dequeue()
147
147
* @drop_len: bytes of dropped packets in dequeue()
148
-
* ecn_mark: number of packets we ECN marked instead of dropping
149
-
* ce_mark: number of packets CE marked because sojourn time was above ce_threshold
148
+
* @ecn_mark: number of packets we ECN marked instead of dropping
149
+
* @ce_mark: number of packets CE marked because sojourn time was above ce_threshold
150
150
*/
151
151
struct codel_stats {
152
152
u32 maxpacket;
+16
-12
include/net/devlink.h
+16
-12
include/net/devlink.h
···
221
221
/**
222
222
* struct devlink_dpipe_header - dpipe header object
223
223
* @name: header name
224
-
* @id: index, global/local detrmined by global bit
224
+
* @id: index, global/local determined by global bit
225
225
* @fields: fields
226
226
* @fields_count: number of fields
227
227
* @global: indicates if header is shared like most protocol header
···
241
241
* @header_index: header index (packets can have several headers of same
242
242
* type like in case of tunnels)
243
243
* @header: header
244
-
* @fieled_id: field index
244
+
* @field_id: field index
245
245
*/
246
246
struct devlink_dpipe_match {
247
247
enum devlink_dpipe_match_type type;
···
256
256
* @header_index: header index (packets can have several headers of same
257
257
* type like in case of tunnels)
258
258
* @header: header
259
-
* @fieled_id: field index
259
+
* @field_id: field index
260
260
*/
261
261
struct devlink_dpipe_action {
262
262
enum devlink_dpipe_action_type type;
···
292
292
* struct devlink_dpipe_entry - table entry object
293
293
* @index: index of the entry in the table
294
294
* @match_values: match values
295
-
* @matche_values_count: count of matches tuples
295
+
* @match_values_count: count of matches tuples
296
296
* @action_values: actions values
297
297
* @action_values_count: count of actions values
298
298
* @counter: value of counter
···
342
342
*/
343
343
struct devlink_dpipe_table {
344
344
void *priv;
345
+
/* private: */
345
346
struct list_head list;
347
+
/* public: */
346
348
const char *name;
347
349
bool counters_enabled;
348
350
bool counter_control_extern;
···
357
355
358
356
/**
359
357
* struct devlink_dpipe_table_ops - dpipe_table ops
360
-
* @actions_dump - dumps all tables actions
361
-
* @matches_dump - dumps all tables matches
362
-
* @entries_dump - dumps all active entries in the table
363
-
* @counters_set_update - when changing the counter status hardware sync
358
+
* @actions_dump: dumps all tables actions
359
+
* @matches_dump: dumps all tables matches
360
+
* @entries_dump: dumps all active entries in the table
361
+
* @counters_set_update: when changing the counter status hardware sync
364
362
* maybe needed to allocate/free counter related
365
363
* resources
366
-
* @size_get - get size
364
+
* @size_get: get size
367
365
*/
368
366
struct devlink_dpipe_table_ops {
369
367
int (*actions_dump)(void *priv, struct sk_buff *skb);
···
376
374
377
375
/**
378
376
* struct devlink_dpipe_headers - dpipe headers
379
-
* @headers - header array can be shared (global bit) or driver specific
380
-
* @headers_count - count of headers
377
+
* @headers: header array can be shared (global bit) or driver specific
378
+
* @headers_count: count of headers
381
379
*/
382
380
struct devlink_dpipe_headers {
383
381
struct devlink_dpipe_header **headers;
···
389
387
* @size_min: minimum size which can be set
390
388
* @size_max: maximum size which can be set
391
389
* @size_granularity: size granularity
392
-
* @size_unit: resource's basic unit
390
+
* @unit: resource's basic unit
393
391
*/
394
392
struct devlink_resource_size_params {
395
393
u64 size_min;
···
459
457
460
458
/**
461
459
* struct devlink_param - devlink configuration parameter data
460
+
* @id: devlink parameter id number
462
461
* @name: name of the parameter
463
462
* @generic: indicates if the parameter is generic or driver specific
464
463
* @type: parameter type
···
635
632
* struct devlink_flash_update_params - Flash Update parameters
636
633
* @fw: pointer to the firmware data to update from
637
634
* @component: the flash component to update
635
+
* @overwrite_mask: which types of flash update are supported (may be %0)
638
636
*
639
637
* With the exception of fw, drivers must opt-in to parameters by
640
638
* setting the appropriate bit in the supported_flash_update_params field in
+1
-1
include/net/inet_frag.h
+1
-1
include/net/inet_frag.h
+1
-1
include/net/llc_conn.h
+1
-1
include/net/llc_conn.h
···
111
111
void llc_conn_resend_i_pdu_as_rsp(struct sock *sk, u8 nr, u8 first_f_bit);
112
112
int llc_conn_remove_acked_pdus(struct sock *conn, u8 nr, u16 *how_many_unacked);
113
113
struct sock *llc_lookup_established(struct llc_sap *sap, struct llc_addr *daddr,
114
-
struct llc_addr *laddr);
114
+
struct llc_addr *laddr, const struct net *net);
115
115
void llc_sap_add_socket(struct llc_sap *sap, struct sock *sk);
116
116
void llc_sap_remove_socket(struct llc_sap *sap, struct sock *sk);
117
117
+4
-2
include/net/llc_pdu.h
+4
-2
include/net/llc_pdu.h
···
269
269
/**
270
270
* llc_pdu_decode_da - extracts dest address of input frame
271
271
* @skb: input skb that destination address must be extracted from it
272
-
* @sa: pointer to destination address (6 byte array).
272
+
* @da: pointer to destination address (6 byte array).
273
273
*
274
274
* This function extracts destination address(MAC) of input frame.
275
275
*/
···
321
321
322
322
/**
323
323
* llc_pdu_init_as_test_cmd - sets PDU as TEST
324
-
* @skb - Address of the skb to build
324
+
* @skb: Address of the skb to build
325
325
*
326
326
* Sets a PDU as TEST
327
327
*/
···
369
369
/**
370
370
* llc_pdu_init_as_xid_cmd - sets bytes 3, 4 & 5 of LLC header as XID
371
371
* @skb: input skb that header must be set into it.
372
+
* @svcs_supported: The class of the LLC (I or II)
373
+
* @rx_window: The size of the receive window of the LLC
372
374
*
373
375
* This function sets third,fourth,fifth and sixth bytes of LLC header as
374
376
* a XID PDU.
+1
-1
include/net/nsh.h
+1
-1
include/net/nsh.h
+1
-1
include/net/pie.h
+1
-1
include/net/pie.h
···
17
17
/**
18
18
* struct pie_params - contains pie parameters
19
19
* @target: target delay in pschedtime
20
-
* @tudpate: interval at which drop probability is calculated
20
+
* @tupdate: interval at which drop probability is calculated
21
21
* @limit: total number of packets that can be in the queue
22
22
* @alpha: parameter to control drop probability
23
23
* @beta: parameter to control drop probability
+1
-1
include/net/rsi_91x.h
+1
-1
include/net/rsi_91x.h
+24
-7
include/net/tcp.h
+24
-7
include/net/tcp.h
···
1509
1509
static inline int keepalive_intvl_when(const struct tcp_sock *tp)
1510
1510
{
1511
1511
struct net *net = sock_net((struct sock *)tp);
1512
+
int val;
1512
1513
1513
-
return tp->keepalive_intvl ? :
1514
-
READ_ONCE(net->ipv4.sysctl_tcp_keepalive_intvl);
1514
+
/* Paired with WRITE_ONCE() in tcp_sock_set_keepintvl()
1515
+
* and do_tcp_setsockopt().
1516
+
*/
1517
+
val = READ_ONCE(tp->keepalive_intvl);
1518
+
1519
+
return val ? : READ_ONCE(net->ipv4.sysctl_tcp_keepalive_intvl);
1515
1520
}
1516
1521
1517
1522
static inline int keepalive_time_when(const struct tcp_sock *tp)
1518
1523
{
1519
1524
struct net *net = sock_net((struct sock *)tp);
1525
+
int val;
1520
1526
1521
-
return tp->keepalive_time ? :
1522
-
READ_ONCE(net->ipv4.sysctl_tcp_keepalive_time);
1527
+
/* Paired with WRITE_ONCE() in tcp_sock_set_keepidle_locked() */
1528
+
val = READ_ONCE(tp->keepalive_time);
1529
+
1530
+
return val ? : READ_ONCE(net->ipv4.sysctl_tcp_keepalive_time);
1523
1531
}
1524
1532
1525
1533
static inline int keepalive_probes(const struct tcp_sock *tp)
1526
1534
{
1527
1535
struct net *net = sock_net((struct sock *)tp);
1536
+
int val;
1528
1537
1529
-
return tp->keepalive_probes ? :
1530
-
READ_ONCE(net->ipv4.sysctl_tcp_keepalive_probes);
1538
+
/* Paired with WRITE_ONCE() in tcp_sock_set_keepcnt()
1539
+
* and do_tcp_setsockopt().
1540
+
*/
1541
+
val = READ_ONCE(tp->keepalive_probes);
1542
+
1543
+
return val ? : READ_ONCE(net->ipv4.sysctl_tcp_keepalive_probes);
1531
1544
}
1532
1545
1533
1546
static inline u32 keepalive_time_elapsed(const struct tcp_sock *tp)
···
2061
2048
static inline u32 tcp_notsent_lowat(const struct tcp_sock *tp)
2062
2049
{
2063
2050
struct net *net = sock_net((struct sock *)tp);
2064
-
return tp->notsent_lowat ?: READ_ONCE(net->ipv4.sysctl_tcp_notsent_lowat);
2051
+
u32 val;
2052
+
2053
+
val = READ_ONCE(tp->notsent_lowat);
2054
+
2055
+
return val ?: READ_ONCE(net->ipv4.sysctl_tcp_notsent_lowat);
2065
2056
}
2066
2057
2067
2058
bool tcp_stream_memory_free(const struct sock *sk, int wake);
+25
-7
kernel/bpf/verifier.c
+25
-7
kernel/bpf/verifier.c
···
5573
5573
* Since recursion is prevented by check_cfg() this algorithm
5574
5574
* only needs a local stack of MAX_CALL_FRAMES to remember callsites
5575
5575
*/
5576
-
static int check_max_stack_depth(struct bpf_verifier_env *env)
5576
+
static int check_max_stack_depth_subprog(struct bpf_verifier_env *env, int idx)
5577
5577
{
5578
-
int depth = 0, frame = 0, idx = 0, i = 0, subprog_end;
5579
5578
struct bpf_subprog_info *subprog = env->subprog_info;
5580
5579
struct bpf_insn *insn = env->prog->insnsi;
5580
+
int depth = 0, frame = 0, i, subprog_end;
5581
5581
bool tail_call_reachable = false;
5582
5582
int ret_insn[MAX_CALL_FRAMES];
5583
5583
int ret_prog[MAX_CALL_FRAMES];
5584
5584
int j;
5585
5585
5586
+
i = subprog[idx].start;
5586
5587
process_func:
5587
5588
/* protect against potential stack overflow that might happen when
5588
5589
* bpf2bpf calls get combined with tailcalls. Limit the caller's stack
···
5622
5621
continue_func:
5623
5622
subprog_end = subprog[idx + 1].start;
5624
5623
for (; i < subprog_end; i++) {
5625
-
int next_insn;
5624
+
int next_insn, sidx;
5626
5625
5627
5626
if (!bpf_pseudo_call(insn + i) && !bpf_pseudo_func(insn + i))
5628
5627
continue;
···
5632
5631
5633
5632
/* find the callee */
5634
5633
next_insn = i + insn[i].imm + 1;
5635
-
idx = find_subprog(env, next_insn);
5636
-
if (idx < 0) {
5634
+
sidx = find_subprog(env, next_insn);
5635
+
if (sidx < 0) {
5637
5636
WARN_ONCE(1, "verifier bug. No program starts at insn %d\n",
5638
5637
next_insn);
5639
5638
return -EFAULT;
5640
5639
}
5641
-
if (subprog[idx].is_async_cb) {
5642
-
if (subprog[idx].has_tail_call) {
5640
+
if (subprog[sidx].is_async_cb) {
5641
+
if (subprog[sidx].has_tail_call) {
5643
5642
verbose(env, "verifier bug. subprog has tail_call and async cb\n");
5644
5643
return -EFAULT;
5645
5644
}
···
5648
5647
continue;
5649
5648
}
5650
5649
i = next_insn;
5650
+
idx = sidx;
5651
5651
5652
5652
if (subprog[idx].has_tail_call)
5653
5653
tail_call_reachable = true;
···
5682
5680
i = ret_insn[frame];
5683
5681
idx = ret_prog[frame];
5684
5682
goto continue_func;
5683
+
}
5684
+
5685
+
static int check_max_stack_depth(struct bpf_verifier_env *env)
5686
+
{
5687
+
struct bpf_subprog_info *si = env->subprog_info;
5688
+
int ret;
5689
+
5690
+
for (int i = 0; i < env->subprog_cnt; i++) {
5691
+
if (!i || si[i].is_async_cb) {
5692
+
ret = check_max_stack_depth_subprog(env, i);
5693
+
if (ret < 0)
5694
+
return ret;
5695
+
}
5696
+
continue;
5697
+
}
5698
+
return 0;
5685
5699
}
5686
5700
5687
5701
#ifndef CONFIG_BPF_JIT_ALWAYS_ON
+7
-7
net/bluetooth/hci_conn.c
+7
-7
net/bluetooth/hci_conn.c
···
118
118
*/
119
119
params->explicit_connect = false;
120
120
121
-
list_del_init(¶ms->action);
121
+
hci_pend_le_list_del_init(params);
122
122
123
123
switch (params->auto_connect) {
124
124
case HCI_AUTO_CONN_EXPLICIT:
···
127
127
return;
128
128
case HCI_AUTO_CONN_DIRECT:
129
129
case HCI_AUTO_CONN_ALWAYS:
130
-
list_add(¶ms->action, &hdev->pend_le_conns);
130
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
131
131
break;
132
132
case HCI_AUTO_CONN_REPORT:
133
-
list_add(¶ms->action, &hdev->pend_le_reports);
133
+
hci_pend_le_list_add(params, &hdev->pend_le_reports);
134
134
break;
135
135
default:
136
136
break;
···
1426
1426
if (params->auto_connect == HCI_AUTO_CONN_DISABLED ||
1427
1427
params->auto_connect == HCI_AUTO_CONN_REPORT ||
1428
1428
params->auto_connect == HCI_AUTO_CONN_EXPLICIT) {
1429
-
list_del_init(¶ms->action);
1430
-
list_add(¶ms->action, &hdev->pend_le_conns);
1429
+
hci_pend_le_list_del_init(params);
1430
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
1431
1431
}
1432
1432
1433
1433
params->explicit_connect = true;
···
1684
1684
if (!link) {
1685
1685
hci_conn_drop(acl);
1686
1686
hci_conn_drop(sco);
1687
-
return NULL;
1687
+
return ERR_PTR(-ENOLINK);
1688
1688
}
1689
1689
1690
1690
sco->setting = setting;
···
2254
2254
if (!link) {
2255
2255
hci_conn_drop(le);
2256
2256
hci_conn_drop(cis);
2257
-
return NULL;
2257
+
return ERR_PTR(-ENOLINK);
2258
2258
}
2259
2259
2260
2260
/* If LE is already connected and CIS handle is already set proceed to
+34
-8
net/bluetooth/hci_core.c
+34
-8
net/bluetooth/hci_core.c
···
1972
1972
struct adv_monitor *monitor)
1973
1973
{
1974
1974
int status = 0;
1975
+
int handle;
1975
1976
1976
1977
switch (hci_get_adv_monitor_offload_ext(hdev)) {
1977
1978
case HCI_ADV_MONITOR_EXT_NONE: /* also goes here when powered off */
···
1981
1980
goto free_monitor;
1982
1981
1983
1982
case HCI_ADV_MONITOR_EXT_MSFT:
1983
+
handle = monitor->handle;
1984
1984
status = msft_remove_monitor(hdev, monitor);
1985
1985
bt_dev_dbg(hdev, "%s remove monitor %d msft status %d",
1986
-
hdev->name, monitor->handle, status);
1986
+
hdev->name, handle, status);
1987
1987
break;
1988
1988
}
1989
1989
···
2251
2249
return NULL;
2252
2250
}
2253
2251
2254
-
/* This function requires the caller holds hdev->lock */
2252
+
/* This function requires the caller holds hdev->lock or rcu_read_lock */
2255
2253
struct hci_conn_params *hci_pend_le_action_lookup(struct list_head *list,
2256
2254
bdaddr_t *addr, u8 addr_type)
2257
2255
{
2258
2256
struct hci_conn_params *param;
2259
2257
2260
-
list_for_each_entry(param, list, action) {
2258
+
rcu_read_lock();
2259
+
2260
+
list_for_each_entry_rcu(param, list, action) {
2261
2261
if (bacmp(¶m->addr, addr) == 0 &&
2262
-
param->addr_type == addr_type)
2262
+
param->addr_type == addr_type) {
2263
+
rcu_read_unlock();
2263
2264
return param;
2265
+
}
2264
2266
}
2265
2267
2268
+
rcu_read_unlock();
2269
+
2266
2270
return NULL;
2271
+
}
2272
+
2273
+
/* This function requires the caller holds hdev->lock */
2274
+
void hci_pend_le_list_del_init(struct hci_conn_params *param)
2275
+
{
2276
+
if (list_empty(¶m->action))
2277
+
return;
2278
+
2279
+
list_del_rcu(¶m->action);
2280
+
synchronize_rcu();
2281
+
INIT_LIST_HEAD(¶m->action);
2282
+
}
2283
+
2284
+
/* This function requires the caller holds hdev->lock */
2285
+
void hci_pend_le_list_add(struct hci_conn_params *param,
2286
+
struct list_head *list)
2287
+
{
2288
+
list_add_rcu(¶m->action, list);
2267
2289
}
2268
2290
2269
2291
/* This function requires the caller holds hdev->lock */
···
2323
2297
return params;
2324
2298
}
2325
2299
2326
-
static void hci_conn_params_free(struct hci_conn_params *params)
2300
+
void hci_conn_params_free(struct hci_conn_params *params)
2327
2301
{
2302
+
hci_pend_le_list_del_init(params);
2303
+
2328
2304
if (params->conn) {
2329
2305
hci_conn_drop(params->conn);
2330
2306
hci_conn_put(params->conn);
2331
2307
}
2332
2308
2333
-
list_del(¶ms->action);
2334
2309
list_del(¶ms->list);
2335
2310
kfree(params);
2336
2311
}
···
2369
2342
continue;
2370
2343
}
2371
2344
2372
-
list_del(¶ms->list);
2373
-
kfree(params);
2345
+
hci_conn_params_free(params);
2374
2346
}
2375
2347
2376
2348
BT_DBG("All LE disabled connection parameters were removed");
+9
-6
net/bluetooth/hci_event.c
+9
-6
net/bluetooth/hci_event.c
···
1564
1564
1565
1565
params = hci_conn_params_lookup(hdev, &cp->bdaddr, cp->bdaddr_type);
1566
1566
if (params)
1567
-
params->privacy_mode = cp->mode;
1567
+
WRITE_ONCE(params->privacy_mode, cp->mode);
1568
1568
1569
1569
hci_dev_unlock(hdev);
1570
1570
···
2784
2784
hci_enable_advertising(hdev);
2785
2785
}
2786
2786
2787
+
/* Inform sockets conn is gone before we delete it */
2788
+
hci_disconn_cfm(conn, HCI_ERROR_UNSPECIFIED);
2789
+
2787
2790
goto done;
2788
2791
}
2789
2792
···
2807
2804
2808
2805
case HCI_AUTO_CONN_DIRECT:
2809
2806
case HCI_AUTO_CONN_ALWAYS:
2810
-
list_del_init(¶ms->action);
2811
-
list_add(¶ms->action, &hdev->pend_le_conns);
2807
+
hci_pend_le_list_del_init(params);
2808
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
2812
2809
break;
2813
2810
2814
2811
default:
···
3426
3423
3427
3424
case HCI_AUTO_CONN_DIRECT:
3428
3425
case HCI_AUTO_CONN_ALWAYS:
3429
-
list_del_init(¶ms->action);
3430
-
list_add(¶ms->action, &hdev->pend_le_conns);
3426
+
hci_pend_le_list_del_init(params);
3427
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
3431
3428
hci_update_passive_scan(hdev);
3432
3429
break;
3433
3430
···
5965
5962
params = hci_pend_le_action_lookup(&hdev->pend_le_conns, &conn->dst,
5966
5963
conn->dst_type);
5967
5964
if (params) {
5968
-
list_del_init(¶ms->action);
5965
+
hci_pend_le_list_del_init(params);
5969
5966
if (params->conn) {
5970
5967
hci_conn_drop(params->conn);
5971
5968
hci_conn_put(params->conn);
+108
-13
net/bluetooth/hci_sync.c
+108
-13
net/bluetooth/hci_sync.c
···
2160
2160
return 0;
2161
2161
}
2162
2162
2163
+
struct conn_params {
2164
+
bdaddr_t addr;
2165
+
u8 addr_type;
2166
+
hci_conn_flags_t flags;
2167
+
u8 privacy_mode;
2168
+
};
2169
+
2163
2170
/* Adds connection to resolve list if needed.
2164
2171
* Setting params to NULL programs local hdev->irk
2165
2172
*/
2166
2173
static int hci_le_add_resolve_list_sync(struct hci_dev *hdev,
2167
-
struct hci_conn_params *params)
2174
+
struct conn_params *params)
2168
2175
{
2169
2176
struct hci_cp_le_add_to_resolv_list cp;
2170
2177
struct smp_irk *irk;
2171
2178
struct bdaddr_list_with_irk *entry;
2179
+
struct hci_conn_params *p;
2172
2180
2173
2181
if (!use_ll_privacy(hdev))
2174
2182
return 0;
···
2211
2203
/* Default privacy mode is always Network */
2212
2204
params->privacy_mode = HCI_NETWORK_PRIVACY;
2213
2205
2206
+
rcu_read_lock();
2207
+
p = hci_pend_le_action_lookup(&hdev->pend_le_conns,
2208
+
¶ms->addr, params->addr_type);
2209
+
if (!p)
2210
+
p = hci_pend_le_action_lookup(&hdev->pend_le_reports,
2211
+
¶ms->addr, params->addr_type);
2212
+
if (p)
2213
+
WRITE_ONCE(p->privacy_mode, HCI_NETWORK_PRIVACY);
2214
+
rcu_read_unlock();
2215
+
2214
2216
done:
2215
2217
if (hci_dev_test_flag(hdev, HCI_PRIVACY))
2216
2218
memcpy(cp.local_irk, hdev->irk, 16);
···
2233
2215
2234
2216
/* Set Device Privacy Mode. */
2235
2217
static int hci_le_set_privacy_mode_sync(struct hci_dev *hdev,
2236
-
struct hci_conn_params *params)
2218
+
struct conn_params *params)
2237
2219
{
2238
2220
struct hci_cp_le_set_privacy_mode cp;
2239
2221
struct smp_irk *irk;
···
2258
2240
bacpy(&cp.bdaddr, &irk->bdaddr);
2259
2241
cp.mode = HCI_DEVICE_PRIVACY;
2260
2242
2243
+
/* Note: params->privacy_mode is not updated since it is a copy */
2244
+
2261
2245
return __hci_cmd_sync_status(hdev, HCI_OP_LE_SET_PRIVACY_MODE,
2262
2246
sizeof(cp), &cp, HCI_CMD_TIMEOUT);
2263
2247
}
···
2269
2249
* properly set the privacy mode.
2270
2250
*/
2271
2251
static int hci_le_add_accept_list_sync(struct hci_dev *hdev,
2272
-
struct hci_conn_params *params,
2252
+
struct conn_params *params,
2273
2253
u8 *num_entries)
2274
2254
{
2275
2255
struct hci_cp_le_add_to_accept_list cp;
···
2467
2447
return __hci_cmd_sync_sk(hdev, opcode, 0, NULL, 0, HCI_CMD_TIMEOUT, sk);
2468
2448
}
2469
2449
2450
+
static struct conn_params *conn_params_copy(struct list_head *list, size_t *n)
2451
+
{
2452
+
struct hci_conn_params *params;
2453
+
struct conn_params *p;
2454
+
size_t i;
2455
+
2456
+
rcu_read_lock();
2457
+
2458
+
i = 0;
2459
+
list_for_each_entry_rcu(params, list, action)
2460
+
++i;
2461
+
*n = i;
2462
+
2463
+
rcu_read_unlock();
2464
+
2465
+
p = kvcalloc(*n, sizeof(struct conn_params), GFP_KERNEL);
2466
+
if (!p)
2467
+
return NULL;
2468
+
2469
+
rcu_read_lock();
2470
+
2471
+
i = 0;
2472
+
list_for_each_entry_rcu(params, list, action) {
2473
+
/* Racing adds are handled in next scan update */
2474
+
if (i >= *n)
2475
+
break;
2476
+
2477
+
/* No hdev->lock, but: addr, addr_type are immutable.
2478
+
* privacy_mode is only written by us or in
2479
+
* hci_cc_le_set_privacy_mode that we wait for.
2480
+
* We should be idempotent so MGMT updating flags
2481
+
* while we are processing is OK.
2482
+
*/
2483
+
bacpy(&p[i].addr, ¶ms->addr);
2484
+
p[i].addr_type = params->addr_type;
2485
+
p[i].flags = READ_ONCE(params->flags);
2486
+
p[i].privacy_mode = READ_ONCE(params->privacy_mode);
2487
+
++i;
2488
+
}
2489
+
2490
+
rcu_read_unlock();
2491
+
2492
+
*n = i;
2493
+
return p;
2494
+
}
2495
+
2470
2496
/* Device must not be scanning when updating the accept list.
2471
2497
*
2472
2498
* Update is done using the following sequence:
···
2532
2466
*/
2533
2467
static u8 hci_update_accept_list_sync(struct hci_dev *hdev)
2534
2468
{
2535
-
struct hci_conn_params *params;
2469
+
struct conn_params *params;
2536
2470
struct bdaddr_list *b, *t;
2537
2471
u8 num_entries = 0;
2538
2472
bool pend_conn, pend_report;
2539
2473
u8 filter_policy;
2474
+
size_t i, n;
2540
2475
int err;
2541
2476
2542
2477
/* Pause advertising if resolving list can be used as controllers
···
2571
2504
if (hci_conn_hash_lookup_le(hdev, &b->bdaddr, b->bdaddr_type))
2572
2505
continue;
2573
2506
2507
+
/* Pointers not dereferenced, no locks needed */
2574
2508
pend_conn = hci_pend_le_action_lookup(&hdev->pend_le_conns,
2575
2509
&b->bdaddr,
2576
2510
b->bdaddr_type);
···
2600
2532
* available accept list entries in the controller, then
2601
2533
* just abort and return filer policy value to not use the
2602
2534
* accept list.
2535
+
*
2536
+
* The list and params may be mutated while we wait for events,
2537
+
* so make a copy and iterate it.
2603
2538
*/
2604
-
list_for_each_entry(params, &hdev->pend_le_conns, action) {
2605
-
err = hci_le_add_accept_list_sync(hdev, params, &num_entries);
2606
-
if (err)
2607
-
goto done;
2539
+
2540
+
params = conn_params_copy(&hdev->pend_le_conns, &n);
2541
+
if (!params) {
2542
+
err = -ENOMEM;
2543
+
goto done;
2608
2544
}
2545
+
2546
+
for (i = 0; i < n; ++i) {
2547
+
err = hci_le_add_accept_list_sync(hdev, ¶ms[i],
2548
+
&num_entries);
2549
+
if (err) {
2550
+
kvfree(params);
2551
+
goto done;
2552
+
}
2553
+
}
2554
+
2555
+
kvfree(params);
2609
2556
2610
2557
/* After adding all new pending connections, walk through
2611
2558
* the list of pending reports and also add these to the
2612
2559
* accept list if there is still space. Abort if space runs out.
2613
2560
*/
2614
-
list_for_each_entry(params, &hdev->pend_le_reports, action) {
2615
-
err = hci_le_add_accept_list_sync(hdev, params, &num_entries);
2616
-
if (err)
2617
-
goto done;
2561
+
2562
+
params = conn_params_copy(&hdev->pend_le_reports, &n);
2563
+
if (!params) {
2564
+
err = -ENOMEM;
2565
+
goto done;
2618
2566
}
2567
+
2568
+
for (i = 0; i < n; ++i) {
2569
+
err = hci_le_add_accept_list_sync(hdev, ¶ms[i],
2570
+
&num_entries);
2571
+
if (err) {
2572
+
kvfree(params);
2573
+
goto done;
2574
+
}
2575
+
}
2576
+
2577
+
kvfree(params);
2619
2578
2620
2579
/* Use the allowlist unless the following conditions are all true:
2621
2580
* - We are not currently suspending
···
4932
4837
struct hci_conn_params *p;
4933
4838
4934
4839
list_for_each_entry(p, &hdev->le_conn_params, list) {
4840
+
hci_pend_le_list_del_init(p);
4935
4841
if (p->conn) {
4936
4842
hci_conn_drop(p->conn);
4937
4843
hci_conn_put(p->conn);
4938
4844
p->conn = NULL;
4939
4845
}
4940
-
list_del_init(&p->action);
4941
4846
}
4942
4847
4943
4848
BT_DBG("All LE pending actions cleared");
+32
-23
net/bluetooth/iso.c
+32
-23
net/bluetooth/iso.c
···
123
123
{
124
124
struct iso_conn *conn = hcon->iso_data;
125
125
126
-
if (conn)
126
+
if (conn) {
127
+
if (!conn->hcon)
128
+
conn->hcon = hcon;
127
129
return conn;
130
+
}
128
131
129
132
conn = kzalloc(sizeof(*conn), GFP_KERNEL);
130
133
if (!conn)
···
303
300
goto unlock;
304
301
}
305
302
306
-
hci_dev_unlock(hdev);
307
-
hci_dev_put(hdev);
303
+
lock_sock(sk);
308
304
309
305
err = iso_chan_add(conn, sk, NULL);
310
-
if (err)
311
-
return err;
312
-
313
-
lock_sock(sk);
306
+
if (err) {
307
+
release_sock(sk);
308
+
goto unlock;
309
+
}
314
310
315
311
/* Update source addr of the socket */
316
312
bacpy(&iso_pi(sk)->src, &hcon->src);
···
323
321
}
324
322
325
323
release_sock(sk);
326
-
return err;
327
324
328
325
unlock:
329
326
hci_dev_unlock(hdev);
···
390
389
goto unlock;
391
390
}
392
391
393
-
hci_dev_unlock(hdev);
394
-
hci_dev_put(hdev);
392
+
lock_sock(sk);
395
393
396
394
err = iso_chan_add(conn, sk, NULL);
397
-
if (err)
398
-
return err;
399
-
400
-
lock_sock(sk);
395
+
if (err) {
396
+
release_sock(sk);
397
+
goto unlock;
398
+
}
401
399
402
400
/* Update source addr of the socket */
403
401
bacpy(&iso_pi(sk)->src, &hcon->src);
···
413
413
}
414
414
415
415
release_sock(sk);
416
-
return err;
417
416
418
417
unlock:
419
418
hci_dev_unlock(hdev);
···
1071
1072
size_t len)
1072
1073
{
1073
1074
struct sock *sk = sock->sk;
1074
-
struct iso_conn *conn = iso_pi(sk)->conn;
1075
1075
struct sk_buff *skb, **frag;
1076
+
size_t mtu;
1076
1077
int err;
1077
1078
1078
1079
BT_DBG("sock %p, sk %p", sock, sk);
···
1084
1085
if (msg->msg_flags & MSG_OOB)
1085
1086
return -EOPNOTSUPP;
1086
1087
1087
-
if (sk->sk_state != BT_CONNECTED)
1088
-
return -ENOTCONN;
1088
+
lock_sock(sk);
1089
1089
1090
-
skb = bt_skb_sendmsg(sk, msg, len, conn->hcon->hdev->iso_mtu,
1091
-
HCI_ISO_DATA_HDR_SIZE, 0);
1090
+
if (sk->sk_state != BT_CONNECTED) {
1091
+
release_sock(sk);
1092
+
return -ENOTCONN;
1093
+
}
1094
+
1095
+
mtu = iso_pi(sk)->conn->hcon->hdev->iso_mtu;
1096
+
1097
+
release_sock(sk);
1098
+
1099
+
skb = bt_skb_sendmsg(sk, msg, len, mtu, HCI_ISO_DATA_HDR_SIZE, 0);
1092
1100
if (IS_ERR(skb))
1093
1101
return PTR_ERR(skb);
1094
1102
···
1108
1102
while (len) {
1109
1103
struct sk_buff *tmp;
1110
1104
1111
-
tmp = bt_skb_sendmsg(sk, msg, len, conn->hcon->hdev->iso_mtu,
1112
-
0, 0);
1105
+
tmp = bt_skb_sendmsg(sk, msg, len, mtu, 0, 0);
1113
1106
if (IS_ERR(tmp)) {
1114
1107
kfree_skb(skb);
1115
1108
return PTR_ERR(tmp);
···
1163
1158
BT_DBG("sk %p", sk);
1164
1159
1165
1160
if (test_and_clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
1161
+
lock_sock(sk);
1166
1162
switch (sk->sk_state) {
1167
1163
case BT_CONNECT2:
1168
-
lock_sock(sk);
1169
1164
iso_conn_defer_accept(pi->conn->hcon);
1170
1165
sk->sk_state = BT_CONFIG;
1171
1166
release_sock(sk);
1172
1167
return 0;
1173
1168
case BT_CONNECT:
1169
+
release_sock(sk);
1174
1170
return iso_connect_cis(sk);
1171
+
default:
1172
+
release_sock(sk);
1173
+
break;
1175
1174
}
1176
1175
}
1177
1176
+12
-16
net/bluetooth/mgmt.c
+12
-16
net/bluetooth/mgmt.c
···
1297
1297
/* Needed for AUTO_OFF case where might not "really"
1298
1298
* have been powered off.
1299
1299
*/
1300
-
list_del_init(&p->action);
1300
+
hci_pend_le_list_del_init(p);
1301
1301
1302
1302
switch (p->auto_connect) {
1303
1303
case HCI_AUTO_CONN_DIRECT:
1304
1304
case HCI_AUTO_CONN_ALWAYS:
1305
-
list_add(&p->action, &hdev->pend_le_conns);
1305
+
hci_pend_le_list_add(p, &hdev->pend_le_conns);
1306
1306
break;
1307
1307
case HCI_AUTO_CONN_REPORT:
1308
-
list_add(&p->action, &hdev->pend_le_reports);
1308
+
hci_pend_le_list_add(p, &hdev->pend_le_reports);
1309
1309
break;
1310
1310
default:
1311
1311
break;
···
5169
5169
goto unlock;
5170
5170
}
5171
5171
5172
-
params->flags = current_flags;
5172
+
WRITE_ONCE(params->flags, current_flags);
5173
5173
status = MGMT_STATUS_SUCCESS;
5174
5174
5175
5175
/* Update passive scan if HCI_CONN_FLAG_DEVICE_PRIVACY
···
7285
7285
7286
7286
bt_dev_dbg(hdev, "err %d", err);
7287
7287
7288
-
memcpy(&rp.addr, &cp->addr.bdaddr, sizeof(rp.addr));
7288
+
memcpy(&rp.addr, &cp->addr, sizeof(rp.addr));
7289
7289
7290
7290
status = mgmt_status(err);
7291
7291
if (status == MGMT_STATUS_SUCCESS) {
···
7580
7580
if (params->auto_connect == auto_connect)
7581
7581
return 0;
7582
7582
7583
-
list_del_init(¶ms->action);
7583
+
hci_pend_le_list_del_init(params);
7584
7584
7585
7585
switch (auto_connect) {
7586
7586
case HCI_AUTO_CONN_DISABLED:
···
7589
7589
* connect to device, keep connecting.
7590
7590
*/
7591
7591
if (params->explicit_connect)
7592
-
list_add(¶ms->action, &hdev->pend_le_conns);
7592
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
7593
7593
break;
7594
7594
case HCI_AUTO_CONN_REPORT:
7595
7595
if (params->explicit_connect)
7596
-
list_add(¶ms->action, &hdev->pend_le_conns);
7596
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
7597
7597
else
7598
-
list_add(¶ms->action, &hdev->pend_le_reports);
7598
+
hci_pend_le_list_add(params, &hdev->pend_le_reports);
7599
7599
break;
7600
7600
case HCI_AUTO_CONN_DIRECT:
7601
7601
case HCI_AUTO_CONN_ALWAYS:
7602
7602
if (!is_connected(hdev, addr, addr_type))
7603
-
list_add(¶ms->action, &hdev->pend_le_conns);
7603
+
hci_pend_le_list_add(params, &hdev->pend_le_conns);
7604
7604
break;
7605
7605
}
7606
7606
···
7823
7823
goto unlock;
7824
7824
}
7825
7825
7826
-
list_del(¶ms->action);
7827
-
list_del(¶ms->list);
7828
-
kfree(params);
7826
+
hci_conn_params_free(params);
7829
7827
7830
7828
device_removed(sk, hdev, &cp->addr.bdaddr, cp->addr.type);
7831
7829
} else {
···
7854
7856
p->auto_connect = HCI_AUTO_CONN_EXPLICIT;
7855
7857
continue;
7856
7858
}
7857
-
list_del(&p->action);
7858
-
list_del(&p->list);
7859
-
kfree(p);
7859
+
hci_conn_params_free(p);
7860
7860
}
7861
7861
7862
7862
bt_dev_dbg(hdev, "All LE connection parameters were removed");
+12
-11
net/bluetooth/sco.c
+12
-11
net/bluetooth/sco.c
···
126
126
struct hci_dev *hdev = hcon->hdev;
127
127
struct sco_conn *conn = hcon->sco_data;
128
128
129
-
if (conn)
129
+
if (conn) {
130
+
if (!conn->hcon)
131
+
conn->hcon = hcon;
130
132
return conn;
133
+
}
131
134
132
135
conn = kzalloc(sizeof(struct sco_conn), GFP_KERNEL);
133
136
if (!conn)
···
271
268
goto unlock;
272
269
}
273
270
274
-
hci_dev_unlock(hdev);
275
-
hci_dev_put(hdev);
276
-
277
271
conn = sco_conn_add(hcon);
278
272
if (!conn) {
279
273
hci_conn_drop(hcon);
280
-
return -ENOMEM;
274
+
err = -ENOMEM;
275
+
goto unlock;
281
276
}
282
277
283
-
err = sco_chan_add(conn, sk, NULL);
284
-
if (err)
285
-
return err;
286
-
287
278
lock_sock(sk);
279
+
280
+
err = sco_chan_add(conn, sk, NULL);
281
+
if (err) {
282
+
release_sock(sk);
283
+
goto unlock;
284
+
}
288
285
289
286
/* Update source addr of the socket */
290
287
bacpy(&sco_pi(sk)->src, &hcon->src);
···
298
295
}
299
296
300
297
release_sock(sk);
301
-
302
-
return err;
303
298
304
299
unlock:
305
300
hci_dev_unlock(hdev);
+6
-6
net/can/bcm.c
+6
-6
net/can/bcm.c
···
1526
1526
1527
1527
lock_sock(sk);
1528
1528
1529
+
#if IS_ENABLED(CONFIG_PROC_FS)
1530
+
/* remove procfs entry */
1531
+
if (net->can.bcmproc_dir && bo->bcm_proc_read)
1532
+
remove_proc_entry(bo->procname, net->can.bcmproc_dir);
1533
+
#endif /* CONFIG_PROC_FS */
1534
+
1529
1535
list_for_each_entry_safe(op, next, &bo->tx_ops, list)
1530
1536
bcm_remove_op(op);
1531
1537
···
1566
1560
1567
1561
list_for_each_entry_safe(op, next, &bo->rx_ops, list)
1568
1562
bcm_remove_op(op);
1569
-
1570
-
#if IS_ENABLED(CONFIG_PROC_FS)
1571
-
/* remove procfs entry */
1572
-
if (net->can.bcmproc_dir && bo->bcm_proc_read)
1573
-
remove_proc_entry(bo->procname, net->can.bcmproc_dir);
1574
-
#endif /* CONFIG_PROC_FS */
1575
1563
1576
1564
/* remove device reference */
1577
1565
if (bo->bound) {
+24
-33
net/can/raw.c
+24
-33
net/can/raw.c
···
84
84
struct sock sk;
85
85
int bound;
86
86
int ifindex;
87
+
struct net_device *dev;
87
88
struct list_head notifier;
88
89
int loopback;
89
90
int recv_own_msgs;
···
278
277
if (!net_eq(dev_net(dev), sock_net(sk)))
279
278
return;
280
279
281
-
if (ro->ifindex != dev->ifindex)
280
+
if (ro->dev != dev)
282
281
return;
283
282
284
283
switch (msg) {
···
293
292
294
293
ro->ifindex = 0;
295
294
ro->bound = 0;
295
+
ro->dev = NULL;
296
296
ro->count = 0;
297
297
release_sock(sk);
298
298
···
339
337
340
338
ro->bound = 0;
341
339
ro->ifindex = 0;
340
+
ro->dev = NULL;
342
341
343
342
/* set default filter to single entry dfilter */
344
343
ro->dfilter.can_id = 0;
···
388
385
389
386
lock_sock(sk);
390
387
388
+
rtnl_lock();
391
389
/* remove current filters & unregister */
392
390
if (ro->bound) {
393
-
if (ro->ifindex) {
394
-
struct net_device *dev;
395
-
396
-
dev = dev_get_by_index(sock_net(sk), ro->ifindex);
397
-
if (dev) {
398
-
raw_disable_allfilters(dev_net(dev), dev, sk);
399
-
dev_put(dev);
400
-
}
401
-
} else {
391
+
if (ro->dev)
392
+
raw_disable_allfilters(dev_net(ro->dev), ro->dev, sk);
393
+
else
402
394
raw_disable_allfilters(sock_net(sk), NULL, sk);
403
-
}
404
395
}
405
396
406
397
if (ro->count > 1)
···
402
405
403
406
ro->ifindex = 0;
404
407
ro->bound = 0;
408
+
ro->dev = NULL;
405
409
ro->count = 0;
406
410
free_percpu(ro->uniq);
411
+
rtnl_unlock();
407
412
408
413
sock_orphan(sk);
409
414
sock->sk = NULL;
···
421
422
struct sockaddr_can *addr = (struct sockaddr_can *)uaddr;
422
423
struct sock *sk = sock->sk;
423
424
struct raw_sock *ro = raw_sk(sk);
425
+
struct net_device *dev = NULL;
424
426
int ifindex;
425
427
int err = 0;
426
428
int notify_enetdown = 0;
···
431
431
if (addr->can_family != AF_CAN)
432
432
return -EINVAL;
433
433
434
+
rtnl_lock();
434
435
lock_sock(sk);
435
436
436
437
if (ro->bound && addr->can_ifindex == ro->ifindex)
437
438
goto out;
438
439
439
440
if (addr->can_ifindex) {
440
-
struct net_device *dev;
441
-
442
441
dev = dev_get_by_index(sock_net(sk), addr->can_ifindex);
443
442
if (!dev) {
444
443
err = -ENODEV;
···
466
467
if (!err) {
467
468
if (ro->bound) {
468
469
/* unregister old filters */
469
-
if (ro->ifindex) {
470
-
struct net_device *dev;
471
-
472
-
dev = dev_get_by_index(sock_net(sk),
473
-
ro->ifindex);
474
-
if (dev) {
475
-
raw_disable_allfilters(dev_net(dev),
476
-
dev, sk);
477
-
dev_put(dev);
478
-
}
479
-
} else {
470
+
if (ro->dev)
471
+
raw_disable_allfilters(dev_net(ro->dev),
472
+
ro->dev, sk);
473
+
else
480
474
raw_disable_allfilters(sock_net(sk), NULL, sk);
481
-
}
482
475
}
483
476
ro->ifindex = ifindex;
484
477
ro->bound = 1;
478
+
ro->dev = dev;
485
479
}
486
480
487
481
out:
488
482
release_sock(sk);
483
+
rtnl_unlock();
489
484
490
485
if (notify_enetdown) {
491
486
sk->sk_err = ENETDOWN;
···
546
553
rtnl_lock();
547
554
lock_sock(sk);
548
555
549
-
if (ro->bound && ro->ifindex) {
550
-
dev = dev_get_by_index(sock_net(sk), ro->ifindex);
551
-
if (!dev) {
556
+
dev = ro->dev;
557
+
if (ro->bound && dev) {
558
+
if (dev->reg_state != NETREG_REGISTERED) {
552
559
if (count > 1)
553
560
kfree(filter);
554
561
err = -ENODEV;
···
589
596
ro->count = count;
590
597
591
598
out_fil:
592
-
dev_put(dev);
593
599
release_sock(sk);
594
600
rtnl_unlock();
595
601
···
606
614
rtnl_lock();
607
615
lock_sock(sk);
608
616
609
-
if (ro->bound && ro->ifindex) {
610
-
dev = dev_get_by_index(sock_net(sk), ro->ifindex);
611
-
if (!dev) {
617
+
dev = ro->dev;
618
+
if (ro->bound && dev) {
619
+
if (dev->reg_state != NETREG_REGISTERED) {
612
620
err = -ENODEV;
613
621
goto out_err;
614
622
}
···
632
640
ro->err_mask = err_mask;
633
641
634
642
out_err:
635
-
dev_put(dev);
636
643
release_sock(sk);
637
644
rtnl_unlock();
638
645
+1
-1
net/ipv4/esp4.c
+1
-1
net/ipv4/esp4.c
+1
-1
net/ipv4/inet_connection_sock.c
+1
-1
net/ipv4/inet_connection_sock.c
···
1019
1019
1020
1020
icsk = inet_csk(sk_listener);
1021
1021
net = sock_net(sk_listener);
1022
-
max_syn_ack_retries = icsk->icsk_syn_retries ? :
1022
+
max_syn_ack_retries = READ_ONCE(icsk->icsk_syn_retries) ? :
1023
1023
READ_ONCE(net->ipv4.sysctl_tcp_synack_retries);
1024
1024
/* Normally all the openreqs are young and become mature
1025
1025
* (i.e. converted to established socket) for first timeout.
+2
-15
net/ipv4/inet_hashtables.c
+2
-15
net/ipv4/inet_hashtables.c
···
650
650
spin_lock(lock);
651
651
if (osk) {
652
652
WARN_ON_ONCE(sk->sk_hash != osk->sk_hash);
653
-
ret = sk_hashed(osk);
654
-
if (ret) {
655
-
/* Before deleting the node, we insert a new one to make
656
-
* sure that the look-up-sk process would not miss either
657
-
* of them and that at least one node would exist in ehash
658
-
* table all the time. Otherwise there's a tiny chance
659
-
* that lookup process could find nothing in ehash table.
660
-
*/
661
-
__sk_nulls_add_node_tail_rcu(sk, list);
662
-
sk_nulls_del_node_init_rcu(osk);
663
-
}
664
-
goto unlock;
665
-
}
666
-
if (found_dup_sk) {
653
+
ret = sk_nulls_del_node_init_rcu(osk);
654
+
} else if (found_dup_sk) {
667
655
*found_dup_sk = inet_ehash_lookup_by_sk(sk, list);
668
656
if (*found_dup_sk)
669
657
ret = false;
···
660
672
if (ret)
661
673
__sk_nulls_add_node_rcu(sk, list);
662
674
663
-
unlock:
664
675
spin_unlock(lock);
665
676
666
677
return ret;
+4
-4
net/ipv4/inet_timewait_sock.c
+4
-4
net/ipv4/inet_timewait_sock.c
···
88
88
}
89
89
EXPORT_SYMBOL_GPL(inet_twsk_put);
90
90
91
-
static void inet_twsk_add_node_tail_rcu(struct inet_timewait_sock *tw,
92
-
struct hlist_nulls_head *list)
91
+
static void inet_twsk_add_node_rcu(struct inet_timewait_sock *tw,
92
+
struct hlist_nulls_head *list)
93
93
{
94
-
hlist_nulls_add_tail_rcu(&tw->tw_node, list);
94
+
hlist_nulls_add_head_rcu(&tw->tw_node, list);
95
95
}
96
96
97
97
static void inet_twsk_add_bind_node(struct inet_timewait_sock *tw,
···
144
144
145
145
spin_lock(lock);
146
146
147
-
inet_twsk_add_node_tail_rcu(tw, &ehead->chain);
147
+
inet_twsk_add_node_rcu(tw, &ehead->chain);
148
148
149
149
/* Step 3: Remove SK from hash chain */
150
150
if (__sk_nulls_del_node_init_rcu(sk))
+4
-2
net/ipv4/ip_gre.c
+4
-2
net/ipv4/ip_gre.c
···
548
548
goto err_free_skb;
549
549
550
550
if (skb->len > dev->mtu + dev->hard_header_len) {
551
-
pskb_trim(skb, dev->mtu + dev->hard_header_len);
551
+
if (pskb_trim(skb, dev->mtu + dev->hard_header_len))
552
+
goto err_free_skb;
552
553
truncate = true;
553
554
}
554
555
···
690
689
goto free_skb;
691
690
692
691
if (skb->len > dev->mtu + dev->hard_header_len) {
693
-
pskb_trim(skb, dev->mtu + dev->hard_header_len);
692
+
if (pskb_trim(skb, dev->mtu + dev->hard_header_len))
693
+
goto free_skb;
694
694
truncate = true;
695
695
}
696
696
+30
-27
net/ipv4/tcp.c
+30
-27
net/ipv4/tcp.c
···
3291
3291
return -EINVAL;
3292
3292
3293
3293
lock_sock(sk);
3294
-
inet_csk(sk)->icsk_syn_retries = val;
3294
+
WRITE_ONCE(inet_csk(sk)->icsk_syn_retries, val);
3295
3295
release_sock(sk);
3296
3296
return 0;
3297
3297
}
···
3300
3300
void tcp_sock_set_user_timeout(struct sock *sk, u32 val)
3301
3301
{
3302
3302
lock_sock(sk);
3303
-
inet_csk(sk)->icsk_user_timeout = val;
3303
+
WRITE_ONCE(inet_csk(sk)->icsk_user_timeout, val);
3304
3304
release_sock(sk);
3305
3305
}
3306
3306
EXPORT_SYMBOL(tcp_sock_set_user_timeout);
···
3312
3312
if (val < 1 || val > MAX_TCP_KEEPIDLE)
3313
3313
return -EINVAL;
3314
3314
3315
-
tp->keepalive_time = val * HZ;
3315
+
/* Paired with WRITE_ONCE() in keepalive_time_when() */
3316
+
WRITE_ONCE(tp->keepalive_time, val * HZ);
3316
3317
if (sock_flag(sk, SOCK_KEEPOPEN) &&
3317
3318
!((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
3318
3319
u32 elapsed = keepalive_time_elapsed(tp);
···
3345
3344
return -EINVAL;
3346
3345
3347
3346
lock_sock(sk);
3348
-
tcp_sk(sk)->keepalive_intvl = val * HZ;
3347
+
WRITE_ONCE(tcp_sk(sk)->keepalive_intvl, val * HZ);
3349
3348
release_sock(sk);
3350
3349
return 0;
3351
3350
}
···
3357
3356
return -EINVAL;
3358
3357
3359
3358
lock_sock(sk);
3360
-
tcp_sk(sk)->keepalive_probes = val;
3359
+
/* Paired with READ_ONCE() in keepalive_probes() */
3360
+
WRITE_ONCE(tcp_sk(sk)->keepalive_probes, val);
3361
3361
release_sock(sk);
3362
3362
return 0;
3363
3363
}
···
3560
3558
if (val < 1 || val > MAX_TCP_KEEPINTVL)
3561
3559
err = -EINVAL;
3562
3560
else
3563
-
tp->keepalive_intvl = val * HZ;
3561
+
WRITE_ONCE(tp->keepalive_intvl, val * HZ);
3564
3562
break;
3565
3563
case TCP_KEEPCNT:
3566
3564
if (val < 1 || val > MAX_TCP_KEEPCNT)
3567
3565
err = -EINVAL;
3568
3566
else
3569
-
tp->keepalive_probes = val;
3567
+
WRITE_ONCE(tp->keepalive_probes, val);
3570
3568
break;
3571
3569
case TCP_SYNCNT:
3572
3570
if (val < 1 || val > MAX_TCP_SYNCNT)
3573
3571
err = -EINVAL;
3574
3572
else
3575
-
icsk->icsk_syn_retries = val;
3573
+
WRITE_ONCE(icsk->icsk_syn_retries, val);
3576
3574
break;
3577
3575
3578
3576
case TCP_SAVE_SYN:
···
3585
3583
3586
3584
case TCP_LINGER2:
3587
3585
if (val < 0)
3588
-
tp->linger2 = -1;
3586
+
WRITE_ONCE(tp->linger2, -1);
3589
3587
else if (val > TCP_FIN_TIMEOUT_MAX / HZ)
3590
-
tp->linger2 = TCP_FIN_TIMEOUT_MAX;
3588
+
WRITE_ONCE(tp->linger2, TCP_FIN_TIMEOUT_MAX);
3591
3589
else
3592
-
tp->linger2 = val * HZ;
3590
+
WRITE_ONCE(tp->linger2, val * HZ);
3593
3591
break;
3594
3592
3595
3593
case TCP_DEFER_ACCEPT:
3596
3594
/* Translate value in seconds to number of retransmits */
3597
-
icsk->icsk_accept_queue.rskq_defer_accept =
3598
-
secs_to_retrans(val, TCP_TIMEOUT_INIT / HZ,
3599
-
TCP_RTO_MAX / HZ);
3595
+
WRITE_ONCE(icsk->icsk_accept_queue.rskq_defer_accept,
3596
+
secs_to_retrans(val, TCP_TIMEOUT_INIT / HZ,
3597
+
TCP_RTO_MAX / HZ));
3600
3598
break;
3601
3599
3602
3600
case TCP_WINDOW_CLAMP:
···
3620
3618
if (val < 0)
3621
3619
err = -EINVAL;
3622
3620
else
3623
-
icsk->icsk_user_timeout = val;
3621
+
WRITE_ONCE(icsk->icsk_user_timeout, val);
3624
3622
break;
3625
3623
3626
3624
case TCP_FASTOPEN:
···
3658
3656
if (!tp->repair)
3659
3657
err = -EPERM;
3660
3658
else
3661
-
tp->tsoffset = val - tcp_time_stamp_raw();
3659
+
WRITE_ONCE(tp->tsoffset, val - tcp_time_stamp_raw());
3662
3660
break;
3663
3661
case TCP_REPAIR_WINDOW:
3664
3662
err = tcp_repair_set_window(tp, optval, optlen);
3665
3663
break;
3666
3664
case TCP_NOTSENT_LOWAT:
3667
-
tp->notsent_lowat = val;
3665
+
WRITE_ONCE(tp->notsent_lowat, val);
3668
3666
sk->sk_write_space(sk);
3669
3667
break;
3670
3668
case TCP_INQ:
···
3676
3674
case TCP_TX_DELAY:
3677
3675
if (val)
3678
3676
tcp_enable_tx_delay();
3679
-
tp->tcp_tx_delay = val;
3677
+
WRITE_ONCE(tp->tcp_tx_delay, val);
3680
3678
break;
3681
3679
default:
3682
3680
err = -ENOPROTOOPT;
···
3993
3991
val = keepalive_probes(tp);
3994
3992
break;
3995
3993
case TCP_SYNCNT:
3996
-
val = icsk->icsk_syn_retries ? :
3994
+
val = READ_ONCE(icsk->icsk_syn_retries) ? :
3997
3995
READ_ONCE(net->ipv4.sysctl_tcp_syn_retries);
3998
3996
break;
3999
3997
case TCP_LINGER2:
4000
-
val = tp->linger2;
3998
+
val = READ_ONCE(tp->linger2);
4001
3999
if (val >= 0)
4002
4000
val = (val ? : READ_ONCE(net->ipv4.sysctl_tcp_fin_timeout)) / HZ;
4003
4001
break;
4004
4002
case TCP_DEFER_ACCEPT:
4005
-
val = retrans_to_secs(icsk->icsk_accept_queue.rskq_defer_accept,
4006
-
TCP_TIMEOUT_INIT / HZ, TCP_RTO_MAX / HZ);
4003
+
val = READ_ONCE(icsk->icsk_accept_queue.rskq_defer_accept);
4004
+
val = retrans_to_secs(val, TCP_TIMEOUT_INIT / HZ,
4005
+
TCP_RTO_MAX / HZ);
4007
4006
break;
4008
4007
case TCP_WINDOW_CLAMP:
4009
4008
val = tp->window_clamp;
···
4141
4138
break;
4142
4139
4143
4140
case TCP_USER_TIMEOUT:
4144
-
val = icsk->icsk_user_timeout;
4141
+
val = READ_ONCE(icsk->icsk_user_timeout);
4145
4142
break;
4146
4143
4147
4144
case TCP_FASTOPEN:
4148
-
val = icsk->icsk_accept_queue.fastopenq.max_qlen;
4145
+
val = READ_ONCE(icsk->icsk_accept_queue.fastopenq.max_qlen);
4149
4146
break;
4150
4147
4151
4148
case TCP_FASTOPEN_CONNECT:
···
4157
4154
break;
4158
4155
4159
4156
case TCP_TX_DELAY:
4160
-
val = tp->tcp_tx_delay;
4157
+
val = READ_ONCE(tp->tcp_tx_delay);
4161
4158
break;
4162
4159
4163
4160
case TCP_TIMESTAMP:
4164
-
val = tcp_time_stamp_raw() + tp->tsoffset;
4161
+
val = tcp_time_stamp_raw() + READ_ONCE(tp->tsoffset);
4165
4162
break;
4166
4163
case TCP_NOTSENT_LOWAT:
4167
-
val = tp->notsent_lowat;
4164
+
val = READ_ONCE(tp->notsent_lowat);
4168
4165
break;
4169
4166
case TCP_INQ:
4170
4167
val = tp->recvmsg_inq;
+4
-2
net/ipv4/tcp_fastopen.c
+4
-2
net/ipv4/tcp_fastopen.c
···
296
296
static bool tcp_fastopen_queue_check(struct sock *sk)
297
297
{
298
298
struct fastopen_queue *fastopenq;
299
+
int max_qlen;
299
300
300
301
/* Make sure the listener has enabled fastopen, and we don't
301
302
* exceed the max # of pending TFO requests allowed before trying
···
309
308
* temporarily vs a server not supporting Fast Open at all.
310
309
*/
311
310
fastopenq = &inet_csk(sk)->icsk_accept_queue.fastopenq;
312
-
if (fastopenq->max_qlen == 0)
311
+
max_qlen = READ_ONCE(fastopenq->max_qlen);
312
+
if (max_qlen == 0)
313
313
return false;
314
314
315
-
if (fastopenq->qlen >= fastopenq->max_qlen) {
315
+
if (fastopenq->qlen >= max_qlen) {
316
316
struct request_sock *req1;
317
317
spin_lock(&fastopenq->lock);
318
318
req1 = fastopenq->rskq_rst_head;
+6
-4
net/ipv4/tcp_ipv4.c
+6
-4
net/ipv4/tcp_ipv4.c
···
307
307
inet->inet_daddr,
308
308
inet->inet_sport,
309
309
usin->sin_port));
310
-
tp->tsoffset = secure_tcp_ts_off(net, inet->inet_saddr,
311
-
inet->inet_daddr);
310
+
WRITE_ONCE(tp->tsoffset,
311
+
secure_tcp_ts_off(net, inet->inet_saddr,
312
+
inet->inet_daddr));
312
313
}
313
314
314
315
inet->inet_id = get_random_u16();
···
989
988
tcp_rsk(req)->rcv_nxt,
990
989
req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
991
990
tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
992
-
req->ts_recent,
991
+
READ_ONCE(req->ts_recent),
993
992
0,
994
993
tcp_md5_do_lookup(sk, l3index, addr, AF_INET),
995
994
inet_rsk(req)->no_srccheck ? IP_REPLY_ARG_NOSRCCHECK : 0,
996
-
ip_hdr(skb)->tos, tcp_rsk(req)->txhash);
995
+
ip_hdr(skb)->tos,
996
+
READ_ONCE(tcp_rsk(req)->txhash));
997
997
}
998
998
999
999
/*
+7
-4
net/ipv4/tcp_minisocks.c
+7
-4
net/ipv4/tcp_minisocks.c
···
528
528
newicsk->icsk_ack.lrcvtime = tcp_jiffies32;
529
529
530
530
newtp->lsndtime = tcp_jiffies32;
531
-
newsk->sk_txhash = treq->txhash;
531
+
newsk->sk_txhash = READ_ONCE(treq->txhash);
532
532
newtp->total_retrans = req->num_retrans;
533
533
534
534
tcp_init_xmit_timers(newsk);
···
555
555
newtp->max_window = newtp->snd_wnd;
556
556
557
557
if (newtp->rx_opt.tstamp_ok) {
558
-
newtp->rx_opt.ts_recent = req->ts_recent;
558
+
newtp->rx_opt.ts_recent = READ_ONCE(req->ts_recent);
559
559
newtp->rx_opt.ts_recent_stamp = ktime_get_seconds();
560
560
newtp->tcp_header_len = sizeof(struct tcphdr) + TCPOLEN_TSTAMP_ALIGNED;
561
561
} else {
···
619
619
tcp_parse_options(sock_net(sk), skb, &tmp_opt, 0, NULL);
620
620
621
621
if (tmp_opt.saw_tstamp) {
622
-
tmp_opt.ts_recent = req->ts_recent;
622
+
tmp_opt.ts_recent = READ_ONCE(req->ts_recent);
623
623
if (tmp_opt.rcv_tsecr)
624
624
tmp_opt.rcv_tsecr -= tcp_rsk(req)->ts_off;
625
625
/* We do not store true stamp, but it is not required,
···
758
758
759
759
/* In sequence, PAWS is OK. */
760
760
761
+
/* TODO: We probably should defer ts_recent change once
762
+
* we take ownership of @req.
763
+
*/
761
764
if (tmp_opt.saw_tstamp && !after(TCP_SKB_CB(skb)->seq, tcp_rsk(req)->rcv_nxt))
762
-
req->ts_recent = tmp_opt.rcv_tsval;
765
+
WRITE_ONCE(req->ts_recent, tmp_opt.rcv_tsval);
763
766
764
767
if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn) {
765
768
/* Truncate SYN, it is out of window starting
+3
-3
net/ipv4/tcp_output.c
+3
-3
net/ipv4/tcp_output.c
···
878
878
if (likely(ireq->tstamp_ok)) {
879
879
opts->options |= OPTION_TS;
880
880
opts->tsval = tcp_skb_timestamp(skb) + tcp_rsk(req)->ts_off;
881
-
opts->tsecr = req->ts_recent;
881
+
opts->tsecr = READ_ONCE(req->ts_recent);
882
882
remaining -= TCPOLEN_TSTAMP_ALIGNED;
883
883
}
884
884
if (likely(ireq->sack_ok)) {
···
3660
3660
rcu_read_lock();
3661
3661
md5 = tcp_rsk(req)->af_specific->req_md5_lookup(sk, req_to_sk(req));
3662
3662
#endif
3663
-
skb_set_hash(skb, tcp_rsk(req)->txhash, PKT_HASH_TYPE_L4);
3663
+
skb_set_hash(skb, READ_ONCE(tcp_rsk(req)->txhash), PKT_HASH_TYPE_L4);
3664
3664
/* bpf program will be interested in the tcp_flags */
3665
3665
TCP_SKB_CB(skb)->tcp_flags = TCPHDR_SYN | TCPHDR_ACK;
3666
3666
tcp_header_size = tcp_synack_options(sk, req, mss, skb, &opts, md5,
···
4210
4210
4211
4211
/* Paired with WRITE_ONCE() in sock_setsockopt() */
4212
4212
if (READ_ONCE(sk->sk_txrehash) == SOCK_TXREHASH_ENABLED)
4213
-
tcp_rsk(req)->txhash = net_tx_rndhash();
4213
+
WRITE_ONCE(tcp_rsk(req)->txhash, net_tx_rndhash());
4214
4214
res = af_ops->send_synack(sk, NULL, &fl, req, NULL, TCP_SYNACK_NORMAL,
4215
4215
NULL);
4216
4216
if (!res) {
+11
-5
net/ipv4/udp_offload.c
+11
-5
net/ipv4/udp_offload.c
···
274
274
__sum16 check;
275
275
__be16 newlen;
276
276
277
-
if (skb_shinfo(gso_skb)->gso_type & SKB_GSO_FRAGLIST)
278
-
return __udp_gso_segment_list(gso_skb, features, is_ipv6);
279
-
280
277
mss = skb_shinfo(gso_skb)->gso_size;
281
278
if (gso_skb->len <= sizeof(*uh) + mss)
282
279
return ERR_PTR(-EINVAL);
280
+
281
+
if (skb_gso_ok(gso_skb, features | NETIF_F_GSO_ROBUST)) {
282
+
/* Packet is from an untrusted source, reset gso_segs. */
283
+
skb_shinfo(gso_skb)->gso_segs = DIV_ROUND_UP(gso_skb->len - sizeof(*uh),
284
+
mss);
285
+
return NULL;
286
+
}
287
+
288
+
if (skb_shinfo(gso_skb)->gso_type & SKB_GSO_FRAGLIST)
289
+
return __udp_gso_segment_list(gso_skb, features, is_ipv6);
283
290
284
291
skb_pull(gso_skb, sizeof(*uh));
285
292
···
395
388
if (!pskb_may_pull(skb, sizeof(struct udphdr)))
396
389
goto out;
397
390
398
-
if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4 &&
399
-
!skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
391
+
if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4)
400
392
return __udp_gso_segment(skb, features, false);
401
393
402
394
mss = skb_shinfo(skb)->gso_size;
+2
-1
net/ipv6/ip6_gre.c
+2
-1
net/ipv6/ip6_gre.c
+2
-2
net/ipv6/tcp_ipv6.c
+2
-2
net/ipv6/tcp_ipv6.c
···
1126
1126
tcp_rsk(req)->rcv_nxt,
1127
1127
req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
1128
1128
tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
1129
-
req->ts_recent, sk->sk_bound_dev_if,
1129
+
READ_ONCE(req->ts_recent), sk->sk_bound_dev_if,
1130
1130
tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr, l3index),
1131
1131
ipv6_get_dsfield(ipv6_hdr(skb)), 0, sk->sk_priority,
1132
-
tcp_rsk(req)->txhash);
1132
+
READ_ONCE(tcp_rsk(req)->txhash));
1133
1133
}
1134
1134
1135
1135
+1
-2
net/ipv6/udp_offload.c
+1
-2
net/ipv6/udp_offload.c
···
43
43
if (!pskb_may_pull(skb, sizeof(struct udphdr)))
44
44
goto out;
45
45
46
-
if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4 &&
47
-
!skb_gso_ok(skb, features | NETIF_F_GSO_ROBUST))
46
+
if (skb_shinfo(skb)->gso_type & SKB_GSO_UDP_L4)
48
47
return __udp_gso_segment(skb, features, true);
49
48
50
49
mss = skb_shinfo(skb)->gso_size;
+1
-1
net/llc/af_llc.c
+1
-1
net/llc/af_llc.c
···
402
402
memcpy(laddr.mac, addr->sllc_mac, IFHWADDRLEN);
403
403
laddr.lsap = addr->sllc_sap;
404
404
rc = -EADDRINUSE; /* mac + sap clash. */
405
-
ask = llc_lookup_established(sap, &daddr, &laddr);
405
+
ask = llc_lookup_established(sap, &daddr, &laddr, &init_net);
406
406
if (ask) {
407
407
sock_put(ask);
408
408
goto out_put;
+30
-19
net/llc/llc_conn.c
+30
-19
net/llc/llc_conn.c
···
453
453
static inline bool llc_estab_match(const struct llc_sap *sap,
454
454
const struct llc_addr *daddr,
455
455
const struct llc_addr *laddr,
456
-
const struct sock *sk)
456
+
const struct sock *sk,
457
+
const struct net *net)
457
458
{
458
459
struct llc_sock *llc = llc_sk(sk);
459
460
460
-
return llc->laddr.lsap == laddr->lsap &&
461
+
return net_eq(sock_net(sk), net) &&
462
+
llc->laddr.lsap == laddr->lsap &&
461
463
llc->daddr.lsap == daddr->lsap &&
462
464
ether_addr_equal(llc->laddr.mac, laddr->mac) &&
463
465
ether_addr_equal(llc->daddr.mac, daddr->mac);
···
470
468
* @sap: SAP
471
469
* @daddr: address of remote LLC (MAC + SAP)
472
470
* @laddr: address of local LLC (MAC + SAP)
471
+
* @net: netns to look up a socket in
473
472
*
474
473
* Search connection list of the SAP and finds connection using the remote
475
474
* mac, remote sap, local mac, and local sap. Returns pointer for
···
479
476
*/
480
477
static struct sock *__llc_lookup_established(struct llc_sap *sap,
481
478
struct llc_addr *daddr,
482
-
struct llc_addr *laddr)
479
+
struct llc_addr *laddr,
480
+
const struct net *net)
483
481
{
484
482
struct sock *rc;
485
483
struct hlist_nulls_node *node;
···
490
486
rcu_read_lock();
491
487
again:
492
488
sk_nulls_for_each_rcu(rc, node, laddr_hb) {
493
-
if (llc_estab_match(sap, daddr, laddr, rc)) {
489
+
if (llc_estab_match(sap, daddr, laddr, rc, net)) {
494
490
/* Extra checks required by SLAB_TYPESAFE_BY_RCU */
495
491
if (unlikely(!refcount_inc_not_zero(&rc->sk_refcnt)))
496
492
goto again;
497
493
if (unlikely(llc_sk(rc)->sap != sap ||
498
-
!llc_estab_match(sap, daddr, laddr, rc))) {
494
+
!llc_estab_match(sap, daddr, laddr, rc, net))) {
499
495
sock_put(rc);
500
496
continue;
501
497
}
···
517
513
518
514
struct sock *llc_lookup_established(struct llc_sap *sap,
519
515
struct llc_addr *daddr,
520
-
struct llc_addr *laddr)
516
+
struct llc_addr *laddr,
517
+
const struct net *net)
521
518
{
522
519
struct sock *sk;
523
520
524
521
local_bh_disable();
525
-
sk = __llc_lookup_established(sap, daddr, laddr);
522
+
sk = __llc_lookup_established(sap, daddr, laddr, net);
526
523
local_bh_enable();
527
524
return sk;
528
525
}
529
526
530
527
static inline bool llc_listener_match(const struct llc_sap *sap,
531
528
const struct llc_addr *laddr,
532
-
const struct sock *sk)
529
+
const struct sock *sk,
530
+
const struct net *net)
533
531
{
534
532
struct llc_sock *llc = llc_sk(sk);
535
533
536
-
return sk->sk_type == SOCK_STREAM && sk->sk_state == TCP_LISTEN &&
534
+
return net_eq(sock_net(sk), net) &&
535
+
sk->sk_type == SOCK_STREAM && sk->sk_state == TCP_LISTEN &&
537
536
llc->laddr.lsap == laddr->lsap &&
538
537
ether_addr_equal(llc->laddr.mac, laddr->mac);
539
538
}
540
539
541
540
static struct sock *__llc_lookup_listener(struct llc_sap *sap,
542
-
struct llc_addr *laddr)
541
+
struct llc_addr *laddr,
542
+
const struct net *net)
543
543
{
544
544
struct sock *rc;
545
545
struct hlist_nulls_node *node;
···
553
545
rcu_read_lock();
554
546
again:
555
547
sk_nulls_for_each_rcu(rc, node, laddr_hb) {
556
-
if (llc_listener_match(sap, laddr, rc)) {
548
+
if (llc_listener_match(sap, laddr, rc, net)) {
557
549
/* Extra checks required by SLAB_TYPESAFE_BY_RCU */
558
550
if (unlikely(!refcount_inc_not_zero(&rc->sk_refcnt)))
559
551
goto again;
560
552
if (unlikely(llc_sk(rc)->sap != sap ||
561
-
!llc_listener_match(sap, laddr, rc))) {
553
+
!llc_listener_match(sap, laddr, rc, net))) {
562
554
sock_put(rc);
563
555
continue;
564
556
}
···
582
574
* llc_lookup_listener - Finds listener for local MAC + SAP
583
575
* @sap: SAP
584
576
* @laddr: address of local LLC (MAC + SAP)
577
+
* @net: netns to look up a socket in
585
578
*
586
579
* Search connection list of the SAP and finds connection listening on
587
580
* local mac, and local sap. Returns pointer for parent socket found,
···
590
581
* Caller has to make sure local_bh is disabled.
591
582
*/
592
583
static struct sock *llc_lookup_listener(struct llc_sap *sap,
593
-
struct llc_addr *laddr)
584
+
struct llc_addr *laddr,
585
+
const struct net *net)
594
586
{
587
+
struct sock *rc = __llc_lookup_listener(sap, laddr, net);
595
588
static struct llc_addr null_addr;
596
-
struct sock *rc = __llc_lookup_listener(sap, laddr);
597
589
598
590
if (!rc)
599
-
rc = __llc_lookup_listener(sap, &null_addr);
591
+
rc = __llc_lookup_listener(sap, &null_addr, net);
600
592
601
593
return rc;
602
594
}
603
595
604
596
static struct sock *__llc_lookup(struct llc_sap *sap,
605
597
struct llc_addr *daddr,
606
-
struct llc_addr *laddr)
598
+
struct llc_addr *laddr,
599
+
const struct net *net)
607
600
{
608
-
struct sock *sk = __llc_lookup_established(sap, daddr, laddr);
601
+
struct sock *sk = __llc_lookup_established(sap, daddr, laddr, net);
609
602
610
-
return sk ? : llc_lookup_listener(sap, laddr);
603
+
return sk ? : llc_lookup_listener(sap, laddr, net);
611
604
}
612
605
613
606
/**
···
787
776
llc_pdu_decode_da(skb, daddr.mac);
788
777
llc_pdu_decode_dsap(skb, &daddr.lsap);
789
778
790
-
sk = __llc_lookup(sap, &saddr, &daddr);
779
+
sk = __llc_lookup(sap, &saddr, &daddr, dev_net(skb->dev));
791
780
if (!sk)
792
781
goto drop;
793
782
+1
-1
net/llc/llc_if.c
+1
-1
net/llc/llc_if.c
···
92
92
daddr.lsap = dsap;
93
93
memcpy(daddr.mac, dmac, sizeof(daddr.mac));
94
94
memcpy(laddr.mac, lmac, sizeof(laddr.mac));
95
-
existing = llc_lookup_established(llc->sap, &daddr, &laddr);
95
+
existing = llc_lookup_established(llc->sap, &daddr, &laddr, sock_net(sk));
96
96
if (existing) {
97
97
if (existing->sk_state == TCP_ESTABLISHED) {
98
98
sk = existing;
-3
net/llc/llc_input.c
-3
net/llc/llc_input.c
···
163
163
void (*sta_handler)(struct sk_buff *skb);
164
164
void (*sap_handler)(struct llc_sap *sap, struct sk_buff *skb);
165
165
166
-
if (!net_eq(dev_net(dev), &init_net))
167
-
goto drop;
168
-
169
166
/*
170
167
* When the interface is in promisc. mode, drop all the crap that it
171
168
* receives, do not try to analyse it.
+11
-7
net/llc/llc_sap.c
+11
-7
net/llc/llc_sap.c
···
294
294
295
295
static inline bool llc_dgram_match(const struct llc_sap *sap,
296
296
const struct llc_addr *laddr,
297
-
const struct sock *sk)
297
+
const struct sock *sk,
298
+
const struct net *net)
298
299
{
299
300
struct llc_sock *llc = llc_sk(sk);
300
301
301
302
return sk->sk_type == SOCK_DGRAM &&
302
-
llc->laddr.lsap == laddr->lsap &&
303
-
ether_addr_equal(llc->laddr.mac, laddr->mac);
303
+
net_eq(sock_net(sk), net) &&
304
+
llc->laddr.lsap == laddr->lsap &&
305
+
ether_addr_equal(llc->laddr.mac, laddr->mac);
304
306
}
305
307
306
308
/**
307
309
* llc_lookup_dgram - Finds dgram socket for the local sap/mac
308
310
* @sap: SAP
309
311
* @laddr: address of local LLC (MAC + SAP)
312
+
* @net: netns to look up a socket in
310
313
*
311
314
* Search socket list of the SAP and finds connection using the local
312
315
* mac, and local sap. Returns pointer for socket found, %NULL otherwise.
313
316
*/
314
317
static struct sock *llc_lookup_dgram(struct llc_sap *sap,
315
-
const struct llc_addr *laddr)
318
+
const struct llc_addr *laddr,
319
+
const struct net *net)
316
320
{
317
321
struct sock *rc;
318
322
struct hlist_nulls_node *node;
···
326
322
rcu_read_lock_bh();
327
323
again:
328
324
sk_nulls_for_each_rcu(rc, node, laddr_hb) {
329
-
if (llc_dgram_match(sap, laddr, rc)) {
325
+
if (llc_dgram_match(sap, laddr, rc, net)) {
330
326
/* Extra checks required by SLAB_TYPESAFE_BY_RCU */
331
327
if (unlikely(!refcount_inc_not_zero(&rc->sk_refcnt)))
332
328
goto again;
333
329
if (unlikely(llc_sk(rc)->sap != sap ||
334
-
!llc_dgram_match(sap, laddr, rc))) {
330
+
!llc_dgram_match(sap, laddr, rc, net))) {
335
331
sock_put(rc);
336
332
continue;
337
333
}
···
433
429
llc_sap_mcast(sap, &laddr, skb);
434
430
kfree_skb(skb);
435
431
} else {
436
-
struct sock *sk = llc_lookup_dgram(sap, &laddr);
432
+
struct sock *sk = llc_lookup_dgram(sap, &laddr, dev_net(skb->dev));
437
433
if (sk) {
438
434
llc_sap_rcv(sap, skb, sk);
439
435
sock_put(sk);
+10
-2
net/netfilter/nf_tables_api.c
+10
-2
net/netfilter/nf_tables_api.c
···
3685
3685
if (err < 0)
3686
3686
return err;
3687
3687
}
3688
-
3689
-
cond_resched();
3690
3688
}
3691
3689
3692
3690
return 0;
···
3708
3710
err = nft_chain_validate(&ctx, chain);
3709
3711
if (err < 0)
3710
3712
return err;
3713
+
3714
+
cond_resched();
3711
3715
}
3712
3716
3713
3717
return 0;
···
4086
4086
} else {
4087
4087
list_for_each_entry(chain, &table->chains, list) {
4088
4088
if (!nft_is_active_next(net, chain))
4089
+
continue;
4090
+
if (nft_chain_is_bound(chain))
4089
4091
continue;
4090
4092
4091
4093
ctx.chain = chain;
···
10519
10517
10520
10518
if (!tb[NFTA_VERDICT_CODE])
10521
10519
return -EINVAL;
10520
+
10521
+
/* zero padding hole for memcmp */
10522
+
memset(data, 0, sizeof(*data));
10522
10523
data->verdict.code = ntohl(nla_get_be32(tb[NFTA_VERDICT_CODE]));
10523
10524
10524
10525
switch (data->verdict.code) {
···
10804
10799
ctx.family = table->family;
10805
10800
ctx.table = table;
10806
10801
list_for_each_entry(chain, &table->chains, list) {
10802
+
if (nft_chain_is_bound(chain))
10803
+
continue;
10804
+
10807
10805
ctx.chain = chain;
10808
10806
list_for_each_entry_safe(rule, nr, &chain->rules, list) {
10809
10807
list_del(&rule->list);
+5
-1
net/netfilter/nft_set_pipapo.c
+5
-1
net/netfilter/nft_set_pipapo.c
···
1929
1929
int i, start, rules_fx;
1930
1930
1931
1931
match_start = data;
1932
-
match_end = (const u8 *)nft_set_ext_key_end(&e->ext)->data;
1932
+
1933
+
if (nft_set_ext_exists(&e->ext, NFT_SET_EXT_KEY_END))
1934
+
match_end = (const u8 *)nft_set_ext_key_end(&e->ext)->data;
1935
+
else
1936
+
match_end = data;
1933
1937
1934
1938
start = first_rule;
1935
1939
rules_fx = rules_f0;
+47
-52
net/sched/cls_bpf.c
+47
-52
net/sched/cls_bpf.c
···
406
406
return 0;
407
407
}
408
408
409
-
static int cls_bpf_set_parms(struct net *net, struct tcf_proto *tp,
410
-
struct cls_bpf_prog *prog, unsigned long base,
411
-
struct nlattr **tb, struct nlattr *est, u32 flags,
412
-
struct netlink_ext_ack *extack)
413
-
{
414
-
bool is_bpf, is_ebpf, have_exts = false;
415
-
u32 gen_flags = 0;
416
-
int ret;
417
-
418
-
is_bpf = tb[TCA_BPF_OPS_LEN] && tb[TCA_BPF_OPS];
419
-
is_ebpf = tb[TCA_BPF_FD];
420
-
if ((!is_bpf && !is_ebpf) || (is_bpf && is_ebpf))
421
-
return -EINVAL;
422
-
423
-
ret = tcf_exts_validate(net, tp, tb, est, &prog->exts, flags,
424
-
extack);
425
-
if (ret < 0)
426
-
return ret;
427
-
428
-
if (tb[TCA_BPF_FLAGS]) {
429
-
u32 bpf_flags = nla_get_u32(tb[TCA_BPF_FLAGS]);
430
-
431
-
if (bpf_flags & ~TCA_BPF_FLAG_ACT_DIRECT)
432
-
return -EINVAL;
433
-
434
-
have_exts = bpf_flags & TCA_BPF_FLAG_ACT_DIRECT;
435
-
}
436
-
if (tb[TCA_BPF_FLAGS_GEN]) {
437
-
gen_flags = nla_get_u32(tb[TCA_BPF_FLAGS_GEN]);
438
-
if (gen_flags & ~CLS_BPF_SUPPORTED_GEN_FLAGS ||
439
-
!tc_flags_valid(gen_flags))
440
-
return -EINVAL;
441
-
}
442
-
443
-
prog->exts_integrated = have_exts;
444
-
prog->gen_flags = gen_flags;
445
-
446
-
ret = is_bpf ? cls_bpf_prog_from_ops(tb, prog) :
447
-
cls_bpf_prog_from_efd(tb, prog, gen_flags, tp);
448
-
if (ret < 0)
449
-
return ret;
450
-
451
-
if (tb[TCA_BPF_CLASSID]) {
452
-
prog->res.classid = nla_get_u32(tb[TCA_BPF_CLASSID]);
453
-
tcf_bind_filter(tp, &prog->res, base);
454
-
}
455
-
456
-
return 0;
457
-
}
458
-
459
409
static int cls_bpf_change(struct net *net, struct sk_buff *in_skb,
460
410
struct tcf_proto *tp, unsigned long base,
461
411
u32 handle, struct nlattr **tca,
···
413
463
struct netlink_ext_ack *extack)
414
464
{
415
465
struct cls_bpf_head *head = rtnl_dereference(tp->root);
466
+
bool is_bpf, is_ebpf, have_exts = false;
416
467
struct cls_bpf_prog *oldprog = *arg;
417
468
struct nlattr *tb[TCA_BPF_MAX + 1];
469
+
bool bound_to_filter = false;
418
470
struct cls_bpf_prog *prog;
471
+
u32 gen_flags = 0;
419
472
int ret;
420
473
421
474
if (tca[TCA_OPTIONS] == NULL)
···
457
504
goto errout;
458
505
prog->handle = handle;
459
506
460
-
ret = cls_bpf_set_parms(net, tp, prog, base, tb, tca[TCA_RATE], flags,
461
-
extack);
507
+
is_bpf = tb[TCA_BPF_OPS_LEN] && tb[TCA_BPF_OPS];
508
+
is_ebpf = tb[TCA_BPF_FD];
509
+
if ((!is_bpf && !is_ebpf) || (is_bpf && is_ebpf)) {
510
+
ret = -EINVAL;
511
+
goto errout_idr;
512
+
}
513
+
514
+
ret = tcf_exts_validate(net, tp, tb, tca[TCA_RATE], &prog->exts,
515
+
flags, extack);
462
516
if (ret < 0)
463
517
goto errout_idr;
518
+
519
+
if (tb[TCA_BPF_FLAGS]) {
520
+
u32 bpf_flags = nla_get_u32(tb[TCA_BPF_FLAGS]);
521
+
522
+
if (bpf_flags & ~TCA_BPF_FLAG_ACT_DIRECT) {
523
+
ret = -EINVAL;
524
+
goto errout_idr;
525
+
}
526
+
527
+
have_exts = bpf_flags & TCA_BPF_FLAG_ACT_DIRECT;
528
+
}
529
+
if (tb[TCA_BPF_FLAGS_GEN]) {
530
+
gen_flags = nla_get_u32(tb[TCA_BPF_FLAGS_GEN]);
531
+
if (gen_flags & ~CLS_BPF_SUPPORTED_GEN_FLAGS ||
532
+
!tc_flags_valid(gen_flags)) {
533
+
ret = -EINVAL;
534
+
goto errout_idr;
535
+
}
536
+
}
537
+
538
+
prog->exts_integrated = have_exts;
539
+
prog->gen_flags = gen_flags;
540
+
541
+
ret = is_bpf ? cls_bpf_prog_from_ops(tb, prog) :
542
+
cls_bpf_prog_from_efd(tb, prog, gen_flags, tp);
543
+
if (ret < 0)
544
+
goto errout_idr;
545
+
546
+
if (tb[TCA_BPF_CLASSID]) {
547
+
prog->res.classid = nla_get_u32(tb[TCA_BPF_CLASSID]);
548
+
tcf_bind_filter(tp, &prog->res, base);
549
+
bound_to_filter = true;
550
+
}
464
551
465
552
ret = cls_bpf_offload(tp, prog, oldprog, extack);
466
553
if (ret)
···
523
530
return 0;
524
531
525
532
errout_parms:
533
+
if (bound_to_filter)
534
+
tcf_unbind_filter(tp, &prog->res);
526
535
cls_bpf_free_parms(prog);
527
536
errout_idr:
528
537
if (!oldprog)
+47
-52
net/sched/cls_flower.c
+47
-52
net/sched/cls_flower.c
···
2173
2173
return mask->meta.l2_miss;
2174
2174
}
2175
2175
2176
-
static int fl_set_parms(struct net *net, struct tcf_proto *tp,
2177
-
struct cls_fl_filter *f, struct fl_flow_mask *mask,
2178
-
unsigned long base, struct nlattr **tb,
2179
-
struct nlattr *est,
2180
-
struct fl_flow_tmplt *tmplt,
2181
-
u32 flags, u32 fl_flags,
2182
-
struct netlink_ext_ack *extack)
2183
-
{
2184
-
int err;
2185
-
2186
-
err = tcf_exts_validate_ex(net, tp, tb, est, &f->exts, flags,
2187
-
fl_flags, extack);
2188
-
if (err < 0)
2189
-
return err;
2190
-
2191
-
if (tb[TCA_FLOWER_CLASSID]) {
2192
-
f->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
2193
-
if (flags & TCA_ACT_FLAGS_NO_RTNL)
2194
-
rtnl_lock();
2195
-
tcf_bind_filter(tp, &f->res, base);
2196
-
if (flags & TCA_ACT_FLAGS_NO_RTNL)
2197
-
rtnl_unlock();
2198
-
}
2199
-
2200
-
err = fl_set_key(net, tb, &f->key, &mask->key, extack);
2201
-
if (err)
2202
-
return err;
2203
-
2204
-
fl_mask_update_range(mask);
2205
-
fl_set_masked_key(&f->mkey, &f->key, mask);
2206
-
2207
-
if (!fl_mask_fits_tmplt(tmplt, mask)) {
2208
-
NL_SET_ERR_MSG_MOD(extack, "Mask does not fit the template");
2209
-
return -EINVAL;
2210
-
}
2211
-
2212
-
/* Enable tc skb extension if filter matches on data extracted from
2213
-
* this extension.
2214
-
*/
2215
-
if (fl_needs_tc_skb_ext(&mask->key)) {
2216
-
f->needs_tc_skb_ext = 1;
2217
-
tc_skb_ext_tc_enable();
2218
-
}
2219
-
2220
-
return 0;
2221
-
}
2222
-
2223
2176
static int fl_ht_insert_unique(struct cls_fl_filter *fnew,
2224
2177
struct cls_fl_filter *fold,
2225
2178
bool *in_ht)
···
2204
2251
struct cls_fl_head *head = fl_head_dereference(tp);
2205
2252
bool rtnl_held = !(flags & TCA_ACT_FLAGS_NO_RTNL);
2206
2253
struct cls_fl_filter *fold = *arg;
2254
+
bool bound_to_filter = false;
2207
2255
struct cls_fl_filter *fnew;
2208
2256
struct fl_flow_mask *mask;
2209
2257
struct nlattr **tb;
···
2289
2335
if (err < 0)
2290
2336
goto errout_idr;
2291
2337
2292
-
err = fl_set_parms(net, tp, fnew, mask, base, tb, tca[TCA_RATE],
2293
-
tp->chain->tmplt_priv, flags, fnew->flags,
2294
-
extack);
2295
-
if (err)
2338
+
err = tcf_exts_validate_ex(net, tp, tb, tca[TCA_RATE],
2339
+
&fnew->exts, flags, fnew->flags,
2340
+
extack);
2341
+
if (err < 0)
2296
2342
goto errout_idr;
2343
+
2344
+
if (tb[TCA_FLOWER_CLASSID]) {
2345
+
fnew->res.classid = nla_get_u32(tb[TCA_FLOWER_CLASSID]);
2346
+
if (flags & TCA_ACT_FLAGS_NO_RTNL)
2347
+
rtnl_lock();
2348
+
tcf_bind_filter(tp, &fnew->res, base);
2349
+
if (flags & TCA_ACT_FLAGS_NO_RTNL)
2350
+
rtnl_unlock();
2351
+
bound_to_filter = true;
2352
+
}
2353
+
2354
+
err = fl_set_key(net, tb, &fnew->key, &mask->key, extack);
2355
+
if (err)
2356
+
goto unbind_filter;
2357
+
2358
+
fl_mask_update_range(mask);
2359
+
fl_set_masked_key(&fnew->mkey, &fnew->key, mask);
2360
+
2361
+
if (!fl_mask_fits_tmplt(tp->chain->tmplt_priv, mask)) {
2362
+
NL_SET_ERR_MSG_MOD(extack, "Mask does not fit the template");
2363
+
err = -EINVAL;
2364
+
goto unbind_filter;
2365
+
}
2366
+
2367
+
/* Enable tc skb extension if filter matches on data extracted from
2368
+
* this extension.
2369
+
*/
2370
+
if (fl_needs_tc_skb_ext(&mask->key)) {
2371
+
fnew->needs_tc_skb_ext = 1;
2372
+
tc_skb_ext_tc_enable();
2373
+
}
2297
2374
2298
2375
err = fl_check_assign_mask(head, fnew, fold, mask);
2299
2376
if (err)
2300
-
goto errout_idr;
2377
+
goto unbind_filter;
2301
2378
2302
2379
err = fl_ht_insert_unique(fnew, fold, &in_ht);
2303
2380
if (err)
···
2419
2434
fnew->mask->filter_ht_params);
2420
2435
errout_mask:
2421
2436
fl_mask_put(head, fnew->mask);
2437
+
2438
+
unbind_filter:
2439
+
if (bound_to_filter) {
2440
+
if (flags & TCA_ACT_FLAGS_NO_RTNL)
2441
+
rtnl_lock();
2442
+
tcf_unbind_filter(tp, &fnew->res);
2443
+
if (flags & TCA_ACT_FLAGS_NO_RTNL)
2444
+
rtnl_unlock();
2445
+
}
2446
+
2422
2447
errout_idr:
2423
2448
if (!fold)
2424
2449
idr_remove(&head->handle_idr, fnew->handle);
+12
-23
net/sched/cls_matchall.c
+12
-23
net/sched/cls_matchall.c
···
159
159
[TCA_MATCHALL_FLAGS] = { .type = NLA_U32 },
160
160
};
161
161
162
-
static int mall_set_parms(struct net *net, struct tcf_proto *tp,
163
-
struct cls_mall_head *head,
164
-
unsigned long base, struct nlattr **tb,
165
-
struct nlattr *est, u32 flags, u32 fl_flags,
166
-
struct netlink_ext_ack *extack)
167
-
{
168
-
int err;
169
-
170
-
err = tcf_exts_validate_ex(net, tp, tb, est, &head->exts, flags,
171
-
fl_flags, extack);
172
-
if (err < 0)
173
-
return err;
174
-
175
-
if (tb[TCA_MATCHALL_CLASSID]) {
176
-
head->res.classid = nla_get_u32(tb[TCA_MATCHALL_CLASSID]);
177
-
tcf_bind_filter(tp, &head->res, base);
178
-
}
179
-
return 0;
180
-
}
181
-
182
162
static int mall_change(struct net *net, struct sk_buff *in_skb,
183
163
struct tcf_proto *tp, unsigned long base,
184
164
u32 handle, struct nlattr **tca,
···
167
187
{
168
188
struct cls_mall_head *head = rtnl_dereference(tp->root);
169
189
struct nlattr *tb[TCA_MATCHALL_MAX + 1];
190
+
bool bound_to_filter = false;
170
191
struct cls_mall_head *new;
171
192
u32 userflags = 0;
172
193
int err;
···
207
226
goto err_alloc_percpu;
208
227
}
209
228
210
-
err = mall_set_parms(net, tp, new, base, tb, tca[TCA_RATE],
211
-
flags, new->flags, extack);
212
-
if (err)
229
+
err = tcf_exts_validate_ex(net, tp, tb, tca[TCA_RATE],
230
+
&new->exts, flags, new->flags, extack);
231
+
if (err < 0)
213
232
goto err_set_parms;
233
+
234
+
if (tb[TCA_MATCHALL_CLASSID]) {
235
+
new->res.classid = nla_get_u32(tb[TCA_MATCHALL_CLASSID]);
236
+
tcf_bind_filter(tp, &new->res, base);
237
+
bound_to_filter = true;
238
+
}
214
239
215
240
if (!tc_skip_hw(new->flags)) {
216
241
err = mall_replace_hw_filter(tp, new, (unsigned long)new,
···
233
246
return 0;
234
247
235
248
err_replace_hw_filter:
249
+
if (bound_to_filter)
250
+
tcf_unbind_filter(tp, &new->res);
236
251
err_set_parms:
237
252
free_percpu(new->pf);
238
253
err_alloc_percpu:
+37
-11
net/sched/cls_u32.c
+37
-11
net/sched/cls_u32.c
···
712
712
[TCA_U32_FLAGS] = { .type = NLA_U32 },
713
713
};
714
714
715
+
static void u32_unbind_filter(struct tcf_proto *tp, struct tc_u_knode *n,
716
+
struct nlattr **tb)
717
+
{
718
+
if (tb[TCA_U32_CLASSID])
719
+
tcf_unbind_filter(tp, &n->res);
720
+
}
721
+
722
+
static void u32_bind_filter(struct tcf_proto *tp, struct tc_u_knode *n,
723
+
unsigned long base, struct nlattr **tb)
724
+
{
725
+
if (tb[TCA_U32_CLASSID]) {
726
+
n->res.classid = nla_get_u32(tb[TCA_U32_CLASSID]);
727
+
tcf_bind_filter(tp, &n->res, base);
728
+
}
729
+
}
730
+
715
731
static int u32_set_parms(struct net *net, struct tcf_proto *tp,
716
-
unsigned long base,
717
732
struct tc_u_knode *n, struct nlattr **tb,
718
733
struct nlattr *est, u32 flags, u32 fl_flags,
719
734
struct netlink_ext_ack *extack)
···
774
759
775
760
if (ht_old)
776
761
ht_old->refcnt--;
777
-
}
778
-
if (tb[TCA_U32_CLASSID]) {
779
-
n->res.classid = nla_get_u32(tb[TCA_U32_CLASSID]);
780
-
tcf_bind_filter(tp, &n->res, base);
781
762
}
782
763
783
764
if (ifindex >= 0)
···
914
903
if (!new)
915
904
return -ENOMEM;
916
905
917
-
err = u32_set_parms(net, tp, base, new, tb,
918
-
tca[TCA_RATE], flags, new->flags,
919
-
extack);
906
+
err = u32_set_parms(net, tp, new, tb, tca[TCA_RATE],
907
+
flags, new->flags, extack);
920
908
921
909
if (err) {
922
910
__u32_destroy_key(new);
923
911
return err;
924
912
}
925
913
914
+
u32_bind_filter(tp, new, base, tb);
915
+
926
916
err = u32_replace_hw_knode(tp, new, flags, extack);
927
917
if (err) {
918
+
u32_unbind_filter(tp, new, tb);
919
+
920
+
if (tb[TCA_U32_LINK]) {
921
+
struct tc_u_hnode *ht_old;
922
+
923
+
ht_old = rtnl_dereference(n->ht_down);
924
+
if (ht_old)
925
+
ht_old->refcnt++;
926
+
}
928
927
__u32_destroy_key(new);
929
928
return err;
930
929
}
···
1095
1074
}
1096
1075
#endif
1097
1076
1098
-
err = u32_set_parms(net, tp, base, n, tb, tca[TCA_RATE],
1077
+
err = u32_set_parms(net, tp, n, tb, tca[TCA_RATE],
1099
1078
flags, n->flags, extack);
1079
+
1080
+
u32_bind_filter(tp, n, base, tb);
1081
+
1100
1082
if (err == 0) {
1101
1083
struct tc_u_knode __rcu **ins;
1102
1084
struct tc_u_knode *pins;
1103
1085
1104
1086
err = u32_replace_hw_knode(tp, n, flags, extack);
1105
1087
if (err)
1106
-
goto errhw;
1088
+
goto errunbind;
1107
1089
1108
1090
if (!tc_in_hw(n->flags))
1109
1091
n->flags |= TCA_CLS_FLAGS_NOT_IN_HW;
···
1124
1100
return 0;
1125
1101
}
1126
1102
1127
-
errhw:
1103
+
errunbind:
1104
+
u32_unbind_filter(tp, n, tb);
1105
+
1128
1106
#ifdef CONFIG_CLS_U32_MARK
1129
1107
free_percpu(n->pcpu_success);
1130
1108
#endif
+23
-2
tools/testing/selftests/bpf/progs/async_stack_depth.c
+23
-2
tools/testing/selftests/bpf/progs/async_stack_depth.c
···
22
22
return buf[69];
23
23
}
24
24
25
+
__attribute__((noinline))
26
+
static int bad_timer_cb(void *map, int *key, struct bpf_timer *timer)
27
+
{
28
+
volatile char buf[300] = {};
29
+
return buf[255] + timer_cb(NULL, NULL, NULL);
30
+
}
31
+
25
32
SEC("tc")
26
-
__failure __msg("combined stack size of 2 calls")
27
-
int prog(struct __sk_buff *ctx)
33
+
__failure __msg("combined stack size of 2 calls is 576. Too large")
34
+
int pseudo_call_check(struct __sk_buff *ctx)
28
35
{
29
36
struct hmap_elem *elem;
30
37
volatile char buf[256] = {};
···
42
35
43
36
timer_cb(NULL, NULL, NULL);
44
37
return bpf_timer_set_callback(&elem->timer, timer_cb) + buf[0];
38
+
}
39
+
40
+
SEC("tc")
41
+
__failure __msg("combined stack size of 2 calls is 608. Too large")
42
+
int async_call_root_check(struct __sk_buff *ctx)
43
+
{
44
+
struct hmap_elem *elem;
45
+
volatile char buf[256] = {};
46
+
47
+
elem = bpf_map_lookup_elem(&hmap, &(int){0});
48
+
if (!elem)
49
+
return 0;
50
+
51
+
return bpf_timer_set_callback(&elem->timer, bad_timer_cb) + buf[0];
45
52
}
46
53
47
54
char _license[] SEC("license") = "GPL";
+2
tools/testing/selftests/tc-testing/config
+2
tools/testing/selftests/tc-testing/config
+1
tools/testing/selftests/tc-testing/settings
+1
tools/testing/selftests/tc-testing/settings
···
1
+
timeout=900