Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'net-5.15-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

Pull networking fixes from Jakub Kicinski:
"Including fixes from netfilter, and can.

We'll have one more fix for a socket accounting regression, it's still
getting polished. Otherwise things look fine.

Current release - regressions:

- revert "vrf: reset skb conntrack connection on VRF rcv", there are
valid uses for previous behavior

- can: m_can: fix iomap_read_fifo() and iomap_write_fifo()

Current release - new code bugs:

- mlx5: e-switch, return correct error code on group creation failure

Previous releases - regressions:

- sctp: fix transport encap_port update in sctp_vtag_verify

- stmmac: fix E2E delay mechanism (in PTP timestamping)

Previous releases - always broken:

- netfilter: ip6t_rt: fix out-of-bounds read of ipv6_rt_hdr

- netfilter: xt_IDLETIMER: fix out-of-bound read caused by lack of
init

- netfilter: ipvs: make global sysctl read-only in non-init netns

- tcp: md5: fix selection between vrf and non-vrf keys

- ipv6: count rx stats on the orig netdev when forwarding

- bridge: mcast: use multicast_membership_interval for IGMPv3

- can:
- j1939: fix UAF for rx_kref of j1939_priv abort sessions on
receiving bad messages

- isotp: fix TX buffer concurrent access in isotp_sendmsg() fix
return error on FC timeout on TX path

- ice: fix re-init of RDMA Tx queues and crash if RDMA was not inited

- hns3: schedule the polling again when allocation fails, prevent
stalls

- drivers: add missing of_node_put() when aborting
for_each_available_child_of_node()

- ptp: fix possible memory leak and UAF in ptp_clock_register()

- e1000e: fix packet loss in burst mode on Tiger Lake and later

- mlx5e: ipsec: fix more checksum offload issues"

* tag 'net-5.15-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (75 commits)
usbnet: sanity check for maxpacket
net: enetc: make sure all traffic classes can send large frames
net: enetc: fix ethtool counter name for PM0_TERR
ptp: free 'vclock_index' in ptp_clock_release()
sfc: Don't use netif_info before net_device setup
sfc: Export fibre-specific supported link modes
net/mlx5e: IPsec: Fix work queue entry ethernet segment checksum flags
net/mlx5e: IPsec: Fix a misuse of the software parser's fields
net/mlx5e: Fix vlan data lost during suspend flow
net/mlx5: E-switch, Return correct error code on group creation failure
net/mlx5: Lag, change multipath and bonding to be mutually exclusive
ice: Add missing E810 device ids
igc: Update I226_K device ID
e1000e: Fix packet loss on Tiger Lake and later
e1000e: Separate TGP board type from SPT
ptp: Fix possible memory leak in ptp_clock_register()
net: stmmac: Fix E2E delay mechanism
nfc: st95hf: Make spi remove() callback return zero
net: hns3: disable sriov before unload hclge layer
net: hns3: fix vf reset workqueue cannot exit
...

+913 -301
+5 -4
Documentation/networking/devlink/ice.rst
··· 30 30 PHY, link, etc. 31 31 * - ``fw.mgmt.api`` 32 32 - running 33 - - 1.5 34 - - 2-digit version number of the API exported over the AdminQ by the 35 - management firmware. Used by the driver to identify what commands 36 - are supported. 33 + - 1.5.1 34 + - 3-digit version number (major.minor.patch) of the API exported over 35 + the AdminQ by the management firmware. Used by the driver to 36 + identify what commands are supported. Historical versions of the 37 + kernel only displayed a 2-digit version number (major.minor). 37 38 * - ``fw.mgmt.build`` 38 39 - running 39 40 - 0x305d955f
+5 -5
Documentation/networking/mctp.rst
··· 59 59 }; 60 60 61 61 struct sockaddr_mctp { 62 - unsigned short int smctp_family; 63 - int smctp_network; 64 - struct mctp_addr smctp_addr; 65 - __u8 smctp_type; 66 - __u8 smctp_tag; 62 + __kernel_sa_family_t smctp_family; 63 + unsigned int smctp_network; 64 + struct mctp_addr smctp_addr; 65 + __u8 smctp_type; 66 + __u8 smctp_tag; 67 67 }; 68 68 69 69 #define MCTP_NET_ANY 0x0
+4 -4
drivers/isdn/hardware/mISDN/hfcpci.c
··· 1994 1994 pci_set_master(hc->pdev); 1995 1995 if (!hc->irq) { 1996 1996 printk(KERN_WARNING "HFC-PCI: No IRQ for PCI card found\n"); 1997 - return 1; 1997 + return -EINVAL; 1998 1998 } 1999 1999 hc->hw.pci_io = 2000 2000 (char __iomem *)(unsigned long)hc->pdev->resource[1].start; 2001 2001 2002 2002 if (!hc->hw.pci_io) { 2003 2003 printk(KERN_WARNING "HFC-PCI: No IO-Mem for PCI card found\n"); 2004 - return 1; 2004 + return -ENOMEM; 2005 2005 } 2006 2006 /* Allocate memory for FIFOS */ 2007 2007 /* the memory needs to be on a 32k boundary within the first 4G */ ··· 2012 2012 if (!buffer) { 2013 2013 printk(KERN_WARNING 2014 2014 "HFC-PCI: Error allocating memory for FIFO!\n"); 2015 - return 1; 2015 + return -ENOMEM; 2016 2016 } 2017 2017 hc->hw.fifos = buffer; 2018 2018 pci_write_config_dword(hc->pdev, 0x80, hc->hw.dmahandle); ··· 2022 2022 "HFC-PCI: Error in ioremap for PCI!\n"); 2023 2023 dma_free_coherent(&hc->pdev->dev, 0x8000, hc->hw.fifos, 2024 2024 hc->hw.dmahandle); 2025 - return 1; 2025 + return -ENOMEM; 2026 2026 } 2027 2027 2028 2028 printk(KERN_INFO
+12 -2
drivers/net/can/m_can/m_can_platform.c
··· 32 32 static int iomap_read_fifo(struct m_can_classdev *cdev, int offset, void *val, size_t val_count) 33 33 { 34 34 struct m_can_plat_priv *priv = cdev_to_priv(cdev); 35 + void __iomem *src = priv->mram_base + offset; 35 36 36 - ioread32_rep(priv->mram_base + offset, val, val_count); 37 + while (val_count--) { 38 + *(unsigned int *)val = ioread32(src); 39 + val += 4; 40 + src += 4; 41 + } 37 42 38 43 return 0; 39 44 } ··· 56 51 const void *val, size_t val_count) 57 52 { 58 53 struct m_can_plat_priv *priv = cdev_to_priv(cdev); 54 + void __iomem *dst = priv->mram_base + offset; 59 55 60 - iowrite32_rep(priv->base + offset, val, val_count); 56 + while (val_count--) { 57 + iowrite32(*(unsigned int *)val, dst); 58 + val += 4; 59 + dst += 4; 60 + } 61 61 62 62 return 0; 63 63 }
+12 -8
drivers/net/can/rcar/rcar_can.c
··· 846 846 struct rcar_can_priv *priv = netdev_priv(ndev); 847 847 u16 ctlr; 848 848 849 - if (netif_running(ndev)) { 850 - netif_stop_queue(ndev); 851 - netif_device_detach(ndev); 852 - } 849 + if (!netif_running(ndev)) 850 + return 0; 851 + 852 + netif_stop_queue(ndev); 853 + netif_device_detach(ndev); 854 + 853 855 ctlr = readw(&priv->regs->ctlr); 854 856 ctlr |= RCAR_CAN_CTLR_CANM_HALT; 855 857 writew(ctlr, &priv->regs->ctlr); ··· 870 868 u16 ctlr; 871 869 int err; 872 870 871 + if (!netif_running(ndev)) 872 + return 0; 873 + 873 874 err = clk_enable(priv->clk); 874 875 if (err) { 875 876 netdev_err(ndev, "clk_enable() failed, error %d\n", err); ··· 886 881 writew(ctlr, &priv->regs->ctlr); 887 882 priv->can.state = CAN_STATE_ERROR_ACTIVE; 888 883 889 - if (netif_running(ndev)) { 890 - netif_device_attach(ndev); 891 - netif_start_queue(ndev); 892 - } 884 + netif_device_attach(ndev); 885 + netif_start_queue(ndev); 886 + 893 887 return 0; 894 888 } 895 889
+4 -5
drivers/net/can/sja1000/peak_pci.c
··· 752 752 struct net_device *prev_dev = chan->prev_dev; 753 753 754 754 dev_info(&pdev->dev, "removing device %s\n", dev->name); 755 + /* do that only for first channel */ 756 + if (!prev_dev && chan->pciec_card) 757 + peak_pciec_remove(chan->pciec_card); 755 758 unregister_sja1000dev(dev); 756 759 free_sja1000dev(dev); 757 760 dev = prev_dev; 758 761 759 - if (!dev) { 760 - /* do that only for first channel */ 761 - if (chan->pciec_card) 762 - peak_pciec_remove(chan->pciec_card); 762 + if (!dev) 763 763 break; 764 - } 765 764 priv = netdev_priv(dev); 766 765 chan = priv->priv; 767 766 }
+3 -5
drivers/net/can/usb/peak_usb/pcan_usb_fd.c
··· 551 551 } else if (sm->channel_p_w_b & PUCAN_BUS_WARNING) { 552 552 new_state = CAN_STATE_ERROR_WARNING; 553 553 } else { 554 - /* no error bit (so, no error skb, back to active state) */ 555 - dev->can.state = CAN_STATE_ERROR_ACTIVE; 554 + /* back to (or still in) ERROR_ACTIVE state */ 555 + new_state = CAN_STATE_ERROR_ACTIVE; 556 556 pdev->bec.txerr = 0; 557 557 pdev->bec.rxerr = 0; 558 - return 0; 559 558 } 560 559 561 560 /* state hasn't changed */ ··· 567 568 568 569 /* allocate an skb to store the error frame */ 569 570 skb = alloc_can_err_skb(netdev, &cf); 570 - if (skb) 571 - can_change_state(netdev, cf, tx_state, rx_state); 571 + can_change_state(netdev, cf, tx_state, rx_state); 572 572 573 573 /* things must be done even in case of OOM */ 574 574 if (new_state == CAN_STATE_BUS_OFF)
+1 -1
drivers/net/dsa/lantiq_gswip.c
··· 230 230 #define GSWIP_SDMA_PCTRLp(p) (0xBC0 + ((p) * 0x6)) 231 231 #define GSWIP_SDMA_PCTRL_EN BIT(0) /* SDMA Port Enable */ 232 232 #define GSWIP_SDMA_PCTRL_FCEN BIT(1) /* Flow Control Enable */ 233 - #define GSWIP_SDMA_PCTRL_PAUFWD BIT(1) /* Pause Frame Forwarding */ 233 + #define GSWIP_SDMA_PCTRL_PAUFWD BIT(3) /* Pause Frame Forwarding */ 234 234 235 235 #define GSWIP_TABLE_ACTIVE_VLAN 0x01 236 236 #define GSWIP_TABLE_VLAN_MAPPING 0x02
+1 -7
drivers/net/dsa/mt7530.c
··· 1035 1035 { 1036 1036 struct mt7530_priv *priv = ds->priv; 1037 1037 1038 - if (!dsa_is_user_port(ds, port)) 1039 - return 0; 1040 - 1041 1038 mutex_lock(&priv->reg_mutex); 1042 1039 1043 1040 /* Allow the user port gets connected to the cpu port and also ··· 1056 1059 mt7530_port_disable(struct dsa_switch *ds, int port) 1057 1060 { 1058 1061 struct mt7530_priv *priv = ds->priv; 1059 - 1060 - if (!dsa_is_user_port(ds, port)) 1061 - return; 1062 1062 1063 1063 mutex_lock(&priv->reg_mutex); 1064 1064 ··· 3205 3211 return -ENOMEM; 3206 3212 3207 3213 priv->ds->dev = &mdiodev->dev; 3208 - priv->ds->num_ports = DSA_MAX_PORTS; 3214 + priv->ds->num_ports = MT7530_NUM_PORTS; 3209 3215 3210 3216 /* Use medatek,mcm property to distinguish hardware type that would 3211 3217 * casues a little bit differences on power-on sequence.
+1 -1
drivers/net/ethernet/cavium/thunder/nic_main.c
··· 1193 1193 dev_err(&nic->pdev->dev, 1194 1194 "Request for #%d msix vectors failed, returned %d\n", 1195 1195 nic->num_vec, ret); 1196 - return 1; 1196 + return ret; 1197 1197 } 1198 1198 1199 1199 /* Register mailbox interrupt handler */
+2 -2
drivers/net/ethernet/cavium/thunder/nicvf_main.c
··· 1224 1224 if (ret < 0) { 1225 1225 netdev_err(nic->netdev, 1226 1226 "Req for #%d msix vectors failed\n", nic->num_vec); 1227 - return 1; 1227 + return ret; 1228 1228 } 1229 1229 1230 1230 sprintf(nic->irq_name[irq], "%s Mbox", "NICVF"); ··· 1243 1243 if (!nicvf_check_pf_ready(nic)) { 1244 1244 nicvf_disable_intr(nic, NICVF_INTR_MBOX, 0); 1245 1245 nicvf_unregister_interrupts(nic); 1246 - return 1; 1246 + return -EIO; 1247 1247 } 1248 1248 1249 1249 return 0;
+1 -1
drivers/net/ethernet/freescale/enetc/enetc_ethtool.c
··· 157 157 { ENETC_PM0_TFRM, "MAC tx frames" }, 158 158 { ENETC_PM0_TFCS, "MAC tx fcs errors" }, 159 159 { ENETC_PM0_TVLAN, "MAC tx VLAN frames" }, 160 - { ENETC_PM0_TERR, "MAC tx frames" }, 160 + { ENETC_PM0_TERR, "MAC tx frame errors" }, 161 161 { ENETC_PM0_TUCA, "MAC tx unicast frames" }, 162 162 { ENETC_PM0_TMCA, "MAC tx multicast frames" }, 163 163 { ENETC_PM0_TBCA, "MAC tx broadcast frames" },
+4 -1
drivers/net/ethernet/freescale/enetc/enetc_pf.c
··· 517 517 518 518 static void enetc_configure_port_mac(struct enetc_hw *hw) 519 519 { 520 + int tc; 521 + 520 522 enetc_port_wr(hw, ENETC_PM0_MAXFRM, 521 523 ENETC_SET_MAXFRM(ENETC_RX_MAXFRM_SIZE)); 522 524 523 - enetc_port_wr(hw, ENETC_PTCMSDUR(0), ENETC_MAC_MAXFRM_SIZE); 525 + for (tc = 0; tc < 8; tc++) 526 + enetc_port_wr(hw, ENETC_PTCMSDUR(tc), ENETC_MAC_MAXFRM_SIZE); 524 527 525 528 enetc_port_wr(hw, ENETC_PM0_CMD_CFG, ENETC_PM0_CMD_PHY_TX_EN | 526 529 ENETC_PM0_CMD_TXP | ENETC_PM0_PROMISC);
+21
drivers/net/ethernet/hisilicon/hns3/hnae3.c
··· 10 10 static LIST_HEAD(hnae3_client_list); 11 11 static LIST_HEAD(hnae3_ae_dev_list); 12 12 13 + void hnae3_unregister_ae_algo_prepare(struct hnae3_ae_algo *ae_algo) 14 + { 15 + const struct pci_device_id *pci_id; 16 + struct hnae3_ae_dev *ae_dev; 17 + 18 + if (!ae_algo) 19 + return; 20 + 21 + list_for_each_entry(ae_dev, &hnae3_ae_dev_list, node) { 22 + if (!hnae3_get_bit(ae_dev->flag, HNAE3_DEV_INITED_B)) 23 + continue; 24 + 25 + pci_id = pci_match_id(ae_algo->pdev_id_table, ae_dev->pdev); 26 + if (!pci_id) 27 + continue; 28 + if (IS_ENABLED(CONFIG_PCI_IOV)) 29 + pci_disable_sriov(ae_dev->pdev); 30 + } 31 + } 32 + EXPORT_SYMBOL(hnae3_unregister_ae_algo_prepare); 33 + 13 34 /* we are keeping things simple and using single lock for all the 14 35 * list. This is a non-critical code so other updations, if happen 15 36 * in parallel, can wait.
+1
drivers/net/ethernet/hisilicon/hns3/hnae3.h
··· 853 853 int hnae3_register_ae_dev(struct hnae3_ae_dev *ae_dev); 854 854 void hnae3_unregister_ae_dev(struct hnae3_ae_dev *ae_dev); 855 855 856 + void hnae3_unregister_ae_algo_prepare(struct hnae3_ae_algo *ae_algo); 856 857 void hnae3_unregister_ae_algo(struct hnae3_ae_algo *ae_algo); 857 858 void hnae3_register_ae_algo(struct hnae3_ae_algo *ae_algo); 858 859
+22 -15
drivers/net/ethernet/hisilicon/hns3/hns3_enet.c
··· 1847 1847 1848 1848 static int hns3_skb_linearize(struct hns3_enet_ring *ring, 1849 1849 struct sk_buff *skb, 1850 - u8 max_non_tso_bd_num, 1851 1850 unsigned int bd_num) 1852 1851 { 1853 1852 /* 'bd_num == UINT_MAX' means the skb' fraglist has a ··· 1863 1864 * will not help. 1864 1865 */ 1865 1866 if (skb->len > HNS3_MAX_TSO_SIZE || 1866 - (!skb_is_gso(skb) && skb->len > 1867 - HNS3_MAX_NON_TSO_SIZE(max_non_tso_bd_num))) { 1867 + (!skb_is_gso(skb) && skb->len > HNS3_MAX_NON_TSO_SIZE)) { 1868 1868 u64_stats_update_begin(&ring->syncp); 1869 1869 ring->stats.hw_limitation++; 1870 1870 u64_stats_update_end(&ring->syncp); ··· 1898 1900 goto out; 1899 1901 } 1900 1902 1901 - if (hns3_skb_linearize(ring, skb, max_non_tso_bd_num, 1902 - bd_num)) 1903 + if (hns3_skb_linearize(ring, skb, bd_num)) 1903 1904 return -ENOMEM; 1904 1905 1905 1906 bd_num = hns3_tx_bd_count(skb->len); ··· 3255 3258 { 3256 3259 hns3_unmap_buffer(ring, &ring->desc_cb[i]); 3257 3260 ring->desc[i].addr = 0; 3261 + ring->desc_cb[i].refill = 0; 3258 3262 } 3259 3263 3260 3264 static void hns3_free_buffer_detach(struct hns3_enet_ring *ring, int i, ··· 3334 3336 3335 3337 ring->desc[i].addr = cpu_to_le64(ring->desc_cb[i].dma + 3336 3338 ring->desc_cb[i].page_offset); 3339 + ring->desc_cb[i].refill = 1; 3337 3340 3338 3341 return 0; 3339 3342 } ··· 3364 3365 { 3365 3366 hns3_unmap_buffer(ring, &ring->desc_cb[i]); 3366 3367 ring->desc_cb[i] = *res_cb; 3368 + ring->desc_cb[i].refill = 1; 3367 3369 ring->desc[i].addr = cpu_to_le64(ring->desc_cb[i].dma + 3368 3370 ring->desc_cb[i].page_offset); 3369 3371 ring->desc[i].rx.bd_base_info = 0; ··· 3373 3373 static void hns3_reuse_buffer(struct hns3_enet_ring *ring, int i) 3374 3374 { 3375 3375 ring->desc_cb[i].reuse_flag = 0; 3376 + ring->desc_cb[i].refill = 1; 3376 3377 ring->desc[i].addr = cpu_to_le64(ring->desc_cb[i].dma + 3377 3378 ring->desc_cb[i].page_offset); 3378 3379 ring->desc[i].rx.bd_base_info = 0; ··· 3480 3479 int ntc = ring->next_to_clean; 3481 3480 int ntu = ring->next_to_use; 3482 3481 3482 + if (unlikely(ntc == ntu && !ring->desc_cb[ntc].refill)) 3483 + return ring->desc_num; 3484 + 3483 3485 return ((ntc >= ntu) ? 0 : ring->desc_num) + ntc - ntu; 3484 3486 } 3485 3487 3486 - static void hns3_nic_alloc_rx_buffers(struct hns3_enet_ring *ring, 3488 + /* Return true if there is any allocation failure */ 3489 + static bool hns3_nic_alloc_rx_buffers(struct hns3_enet_ring *ring, 3487 3490 int cleand_count) 3488 3491 { 3489 3492 struct hns3_desc_cb *desc_cb; ··· 3512 3507 hns3_rl_err(ring_to_netdev(ring), 3513 3508 "alloc rx buffer failed: %d\n", 3514 3509 ret); 3515 - break; 3510 + 3511 + writel(i, ring->tqp->io_base + 3512 + HNS3_RING_RX_RING_HEAD_REG); 3513 + return true; 3516 3514 } 3517 3515 hns3_replace_buffer(ring, ring->next_to_use, &res_cbs); 3518 3516 ··· 3528 3520 } 3529 3521 3530 3522 writel(i, ring->tqp->io_base + HNS3_RING_RX_RING_HEAD_REG); 3523 + return false; 3531 3524 } 3532 3525 3533 3526 static bool hns3_can_reuse_page(struct hns3_desc_cb *cb) ··· 3833 3824 { 3834 3825 ring->desc[ring->next_to_clean].rx.bd_base_info &= 3835 3826 cpu_to_le32(~BIT(HNS3_RXD_VLD_B)); 3827 + ring->desc_cb[ring->next_to_clean].refill = 0; 3836 3828 ring->next_to_clean += 1; 3837 3829 3838 3830 if (unlikely(ring->next_to_clean == ring->desc_num)) ··· 4180 4170 { 4181 4171 #define RCB_NOF_ALLOC_RX_BUFF_ONCE 16 4182 4172 int unused_count = hns3_desc_unused(ring); 4173 + bool failure = false; 4183 4174 int recv_pkts = 0; 4184 4175 int err; 4185 4176 ··· 4189 4178 while (recv_pkts < budget) { 4190 4179 /* Reuse or realloc buffers */ 4191 4180 if (unused_count >= RCB_NOF_ALLOC_RX_BUFF_ONCE) { 4192 - hns3_nic_alloc_rx_buffers(ring, unused_count); 4193 - unused_count = hns3_desc_unused(ring) - 4194 - ring->pending_buf; 4181 + failure = failure || 4182 + hns3_nic_alloc_rx_buffers(ring, unused_count); 4183 + unused_count = 0; 4195 4184 } 4196 4185 4197 4186 /* Poll one pkt */ ··· 4210 4199 } 4211 4200 4212 4201 out: 4213 - /* Make all data has been write before submit */ 4214 - if (unused_count > 0) 4215 - hns3_nic_alloc_rx_buffers(ring, unused_count); 4216 - 4217 - return recv_pkts; 4202 + return failure ? budget : recv_pkts; 4218 4203 } 4219 4204 4220 4205 static void hns3_update_rx_int_coalesce(struct hns3_enet_tqp_vector *tqp_vector)
+3 -4
drivers/net/ethernet/hisilicon/hns3/hns3_enet.h
··· 186 186 187 187 #define HNS3_MAX_BD_SIZE 65535 188 188 #define HNS3_MAX_TSO_BD_NUM 63U 189 - #define HNS3_MAX_TSO_SIZE \ 190 - (HNS3_MAX_BD_SIZE * HNS3_MAX_TSO_BD_NUM) 189 + #define HNS3_MAX_TSO_SIZE 1048576U 190 + #define HNS3_MAX_NON_TSO_SIZE 9728U 191 191 192 - #define HNS3_MAX_NON_TSO_SIZE(max_non_tso_bd_num) \ 193 - (HNS3_MAX_BD_SIZE * (max_non_tso_bd_num)) 194 192 195 193 #define HNS3_VECTOR_GL0_OFFSET 0x100 196 194 #define HNS3_VECTOR_GL1_OFFSET 0x200 ··· 330 332 u32 length; /* length of the buffer */ 331 333 332 334 u16 reuse_flag; 335 + u16 refill; 333 336 334 337 /* desc type, used by the ring user to mark the type of the priv data */ 335 338 u16 type;
+9
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_dcb.c
··· 137 137 *changed = true; 138 138 break; 139 139 case IEEE_8021QAZ_TSA_ETS: 140 + /* The hardware will switch to sp mode if bandwidth is 141 + * 0, so limit ets bandwidth must be greater than 0. 142 + */ 143 + if (!ets->tc_tx_bw[i]) { 144 + dev_err(&hdev->pdev->dev, 145 + "tc%u ets bw cannot be 0\n", i); 146 + return -EINVAL; 147 + } 148 + 140 149 if (hdev->tm_info.tc_info[i].tc_sch_mode != 141 150 HCLGE_SCH_MODE_DWRR) 142 151 *changed = true;
+4 -1
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_err.c
··· 1560 1560 1561 1561 /* configure TM QCN hw errors */ 1562 1562 hclge_cmd_setup_basic_desc(&desc, HCLGE_TM_QCN_MEM_INT_CFG, false); 1563 - if (en) 1563 + desc.data[0] = cpu_to_le32(HCLGE_TM_QCN_ERR_INT_TYPE); 1564 + if (en) { 1565 + desc.data[0] |= cpu_to_le32(HCLGE_TM_QCN_FIFO_INT_EN); 1564 1566 desc.data[1] = cpu_to_le32(HCLGE_TM_QCN_MEM_ERR_INT_EN); 1567 + } 1565 1568 1566 1569 ret = hclge_cmd_send(&hdev->hw, &desc, 1); 1567 1570 if (ret)
+2
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_err.h
··· 50 50 #define HCLGE_PPP_MPF_ECC_ERR_INT3_EN 0x003F 51 51 #define HCLGE_PPP_MPF_ECC_ERR_INT3_EN_MASK 0x003F 52 52 #define HCLGE_TM_SCH_ECC_ERR_INT_EN 0x3 53 + #define HCLGE_TM_QCN_ERR_INT_TYPE 0x29 54 + #define HCLGE_TM_QCN_FIFO_INT_EN 0xFFFF00 53 55 #define HCLGE_TM_QCN_MEM_ERR_INT_EN 0xFFFFFF 54 56 #define HCLGE_NCSI_ERR_INT_EN 0x3 55 57 #define HCLGE_NCSI_ERR_INT_TYPE 0x9
+1
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c
··· 13065 13065 13066 13066 static void hclge_exit(void) 13067 13067 { 13068 + hnae3_unregister_ae_algo_prepare(&ae_algo); 13068 13069 hnae3_unregister_ae_algo(&ae_algo); 13069 13070 destroy_workqueue(hclge_wq); 13070 13071 }
+2
drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c
··· 752 752 hdev->tm_info.pg_info[i].tc_bit_map = hdev->hw_tc_map; 753 753 for (k = 0; k < hdev->tm_info.num_tc; k++) 754 754 hdev->tm_info.pg_info[i].tc_dwrr[k] = BW_PERCENT; 755 + for (; k < HNAE3_MAX_TC; k++) 756 + hdev->tm_info.pg_info[i].tc_dwrr[k] = 0; 755 757 } 756 758 } 757 759
+3 -3
drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c
··· 2273 2273 hdev->reset_attempts = 0; 2274 2274 2275 2275 hdev->last_reset_time = jiffies; 2276 - while ((hdev->reset_type = 2277 - hclgevf_get_reset_level(hdev, &hdev->reset_pending)) 2278 - != HNAE3_NONE_RESET) 2276 + hdev->reset_type = 2277 + hclgevf_get_reset_level(hdev, &hdev->reset_pending); 2278 + if (hdev->reset_type != HNAE3_NONE_RESET) 2279 2279 hclgevf_reset(hdev); 2280 2280 } else if (test_and_clear_bit(HCLGEVF_RESET_REQUESTED, 2281 2281 &hdev->reset_state)) {
+3 -1
drivers/net/ethernet/intel/e1000e/e1000.h
··· 113 113 board_pch2lan, 114 114 board_pch_lpt, 115 115 board_pch_spt, 116 - board_pch_cnp 116 + board_pch_cnp, 117 + board_pch_tgp 117 118 }; 118 119 119 120 struct e1000_ps_page { ··· 500 499 extern const struct e1000_info e1000_pch_lpt_info; 501 500 extern const struct e1000_info e1000_pch_spt_info; 502 501 extern const struct e1000_info e1000_pch_cnp_info; 502 + extern const struct e1000_info e1000_pch_tgp_info; 503 503 extern const struct e1000_info e1000_es2_info; 504 504 505 505 void e1000e_ptp_init(struct e1000_adapter *adapter);
+30 -1
drivers/net/ethernet/intel/e1000e/ich8lan.c
··· 4813 4813 static s32 e1000_init_hw_ich8lan(struct e1000_hw *hw) 4814 4814 { 4815 4815 struct e1000_mac_info *mac = &hw->mac; 4816 - u32 ctrl_ext, txdctl, snoop; 4816 + u32 ctrl_ext, txdctl, snoop, fflt_dbg; 4817 4817 s32 ret_val; 4818 4818 u16 i; 4819 4819 ··· 4871 4871 else 4872 4872 snoop = (u32)~(PCIE_NO_SNOOP_ALL); 4873 4873 e1000e_set_pcie_no_snoop(hw, snoop); 4874 + 4875 + /* Enable workaround for packet loss issue on TGP PCH 4876 + * Do not gate DMA clock from the modPHY block 4877 + */ 4878 + if (mac->type >= e1000_pch_tgp) { 4879 + fflt_dbg = er32(FFLT_DBG); 4880 + fflt_dbg |= E1000_FFLT_DBG_DONT_GATE_WAKE_DMA_CLK; 4881 + ew32(FFLT_DBG, fflt_dbg); 4882 + } 4874 4883 4875 4884 ctrl_ext = er32(CTRL_EXT); 4876 4885 ctrl_ext |= E1000_CTRL_EXT_RO_DIS; ··· 5984 5975 5985 5976 const struct e1000_info e1000_pch_cnp_info = { 5986 5977 .mac = e1000_pch_cnp, 5978 + .flags = FLAG_IS_ICH 5979 + | FLAG_HAS_WOL 5980 + | FLAG_HAS_HW_TIMESTAMP 5981 + | FLAG_HAS_CTRLEXT_ON_LOAD 5982 + | FLAG_HAS_AMT 5983 + | FLAG_HAS_FLASH 5984 + | FLAG_HAS_JUMBO_FRAMES 5985 + | FLAG_APME_IN_WUC, 5986 + .flags2 = FLAG2_HAS_PHY_STATS 5987 + | FLAG2_HAS_EEE, 5988 + .pba = 26, 5989 + .max_hw_frame_size = 9022, 5990 + .get_variants = e1000_get_variants_ich8lan, 5991 + .mac_ops = &ich8_mac_ops, 5992 + .phy_ops = &ich8_phy_ops, 5993 + .nvm_ops = &spt_nvm_ops, 5994 + }; 5995 + 5996 + const struct e1000_info e1000_pch_tgp_info = { 5997 + .mac = e1000_pch_tgp, 5987 5998 .flags = FLAG_IS_ICH 5988 5999 | FLAG_HAS_WOL 5989 6000 | FLAG_HAS_HW_TIMESTAMP
+3
drivers/net/ethernet/intel/e1000e/ich8lan.h
··· 289 289 /* Proprietary Latency Tolerance Reporting PCI Capability */ 290 290 #define E1000_PCI_LTR_CAP_LPT 0xA8 291 291 292 + /* Don't gate wake DMA clock */ 293 + #define E1000_FFLT_DBG_DONT_GATE_WAKE_DMA_CLK 0x1000 294 + 292 295 void e1000e_write_protect_nvm_ich8lan(struct e1000_hw *hw); 293 296 void e1000e_set_kmrn_lock_loss_workaround_ich8lan(struct e1000_hw *hw, 294 297 bool state);
+23 -22
drivers/net/ethernet/intel/e1000e/netdev.c
··· 51 51 [board_pch_lpt] = &e1000_pch_lpt_info, 52 52 [board_pch_spt] = &e1000_pch_spt_info, 53 53 [board_pch_cnp] = &e1000_pch_cnp_info, 54 + [board_pch_tgp] = &e1000_pch_tgp_info, 54 55 }; 55 56 56 57 struct e1000_reg_info { ··· 7897 7896 { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_CMP_I219_V11), board_pch_cnp }, 7898 7897 { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_CMP_I219_LM12), board_pch_spt }, 7899 7898 { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_CMP_I219_V12), board_pch_spt }, 7900 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_LM13), board_pch_cnp }, 7901 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_V13), board_pch_cnp }, 7902 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_LM14), board_pch_cnp }, 7903 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_V14), board_pch_cnp }, 7904 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_LM15), board_pch_cnp }, 7905 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_V15), board_pch_cnp }, 7906 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_LM23), board_pch_cnp }, 7907 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_V23), board_pch_cnp }, 7908 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_LM16), board_pch_cnp }, 7909 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_V16), board_pch_cnp }, 7910 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_LM17), board_pch_cnp }, 7911 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_V17), board_pch_cnp }, 7912 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_LM22), board_pch_cnp }, 7913 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_V22), board_pch_cnp }, 7914 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_LM18), board_pch_cnp }, 7915 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_V18), board_pch_cnp }, 7916 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_LM19), board_pch_cnp }, 7917 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_V19), board_pch_cnp }, 7918 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_LM20), board_pch_cnp }, 7919 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_V20), board_pch_cnp }, 7920 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_LM21), board_pch_cnp }, 7921 - { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_V21), board_pch_cnp }, 7899 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_LM13), board_pch_tgp }, 7900 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_V13), board_pch_tgp }, 7901 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_LM14), board_pch_tgp }, 7902 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_V14), board_pch_tgp }, 7903 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_LM15), board_pch_tgp }, 7904 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_TGP_I219_V15), board_pch_tgp }, 7905 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_LM23), board_pch_tgp }, 7906 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_V23), board_pch_tgp }, 7907 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_LM16), board_pch_tgp }, 7908 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_V16), board_pch_tgp }, 7909 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_LM17), board_pch_tgp }, 7910 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_ADP_I219_V17), board_pch_tgp }, 7911 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_LM22), board_pch_tgp }, 7912 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_RPL_I219_V22), board_pch_tgp }, 7913 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_LM18), board_pch_tgp }, 7914 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_V18), board_pch_tgp }, 7915 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_LM19), board_pch_tgp }, 7916 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_MTP_I219_V19), board_pch_tgp }, 7917 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_LM20), board_pch_tgp }, 7918 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_V20), board_pch_tgp }, 7919 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_LM21), board_pch_tgp }, 7920 + { PCI_VDEVICE(INTEL, E1000_DEV_ID_PCH_LNP_I219_V21), board_pch_tgp }, 7922 7921 7923 7922 { 0, 0, 0, 0, 0, 0, 0 } /* terminate list */ 7924 7923 };
+2
drivers/net/ethernet/intel/ice/ice_common.c
··· 25 25 case ICE_DEV_ID_E810C_BACKPLANE: 26 26 case ICE_DEV_ID_E810C_QSFP: 27 27 case ICE_DEV_ID_E810C_SFP: 28 + case ICE_DEV_ID_E810_XXV_BACKPLANE: 29 + case ICE_DEV_ID_E810_XXV_QSFP: 28 30 case ICE_DEV_ID_E810_XXV_SFP: 29 31 hw->mac_type = ICE_MAC_E810; 30 32 break;
+4
drivers/net/ethernet/intel/ice/ice_devids.h
··· 21 21 #define ICE_DEV_ID_E810C_QSFP 0x1592 22 22 /* Intel(R) Ethernet Controller E810-C for SFP */ 23 23 #define ICE_DEV_ID_E810C_SFP 0x1593 24 + /* Intel(R) Ethernet Controller E810-XXV for backplane */ 25 + #define ICE_DEV_ID_E810_XXV_BACKPLANE 0x1599 26 + /* Intel(R) Ethernet Controller E810-XXV for QSFP */ 27 + #define ICE_DEV_ID_E810_XXV_QSFP 0x159A 24 28 /* Intel(R) Ethernet Controller E810-XXV for SFP */ 25 29 #define ICE_DEV_ID_E810_XXV_SFP 0x159B 26 30 /* Intel(R) Ethernet Connection E823-C for backplane */
+2 -1
drivers/net/ethernet/intel/ice/ice_devlink.c
··· 63 63 { 64 64 struct ice_hw *hw = &pf->hw; 65 65 66 - snprintf(ctx->buf, sizeof(ctx->buf), "%u.%u", hw->api_maj_ver, hw->api_min_ver); 66 + snprintf(ctx->buf, sizeof(ctx->buf), "%u.%u.%u", hw->api_maj_ver, 67 + hw->api_min_ver, hw->api_patch); 67 68 68 69 return 0; 69 70 }
+2 -2
drivers/net/ethernet/intel/ice/ice_flex_pipe.c
··· 1668 1668 for (i = 0; i < hw->tnl.count && i < ICE_TUNNEL_MAX_ENTRIES; i++) 1669 1669 if (hw->tnl.tbl[i].valid && 1670 1670 hw->tnl.tbl[i].type == type && 1671 - idx--) 1671 + idx-- == 0) 1672 1672 return i; 1673 1673 1674 1674 WARN_ON_ONCE(1); ··· 1828 1828 u16 index; 1829 1829 1830 1830 tnl_type = ti->type == UDP_TUNNEL_TYPE_VXLAN ? TNL_VXLAN : TNL_GENEVE; 1831 - index = ice_tunnel_idx_to_entry(&pf->hw, idx, tnl_type); 1831 + index = ice_tunnel_idx_to_entry(&pf->hw, tnl_type, idx); 1832 1832 1833 1833 status = ice_create_tunnel(&pf->hw, index, tnl_type, ntohs(ti->port)); 1834 1834 if (status) {
+9
drivers/net/ethernet/intel/ice/ice_lib.c
··· 2841 2841 */ 2842 2842 int ice_vsi_release(struct ice_vsi *vsi) 2843 2843 { 2844 + enum ice_status err; 2844 2845 struct ice_pf *pf; 2845 2846 2846 2847 if (!vsi->back) ··· 2913 2912 2914 2913 ice_fltr_remove_all(vsi); 2915 2914 ice_rm_vsi_lan_cfg(vsi->port_info, vsi->idx); 2915 + err = ice_rm_vsi_rdma_cfg(vsi->port_info, vsi->idx); 2916 + if (err) 2917 + dev_err(ice_pf_to_dev(vsi->back), "Failed to remove RDMA scheduler config for VSI %u, err %d\n", 2918 + vsi->vsi_num, err); 2916 2919 ice_vsi_delete(vsi); 2917 2920 ice_vsi_free_q_vectors(vsi); 2918 2921 ··· 3097 3092 prev_num_q_vectors = ice_vsi_rebuild_get_coalesce(vsi, coalesce); 3098 3093 3099 3094 ice_rm_vsi_lan_cfg(vsi->port_info, vsi->idx); 3095 + ret = ice_rm_vsi_rdma_cfg(vsi->port_info, vsi->idx); 3096 + if (ret) 3097 + dev_err(ice_pf_to_dev(vsi->back), "Failed to remove RDMA scheduler config for VSI %u, err %d\n", 3098 + vsi->vsi_num, ret); 3100 3099 ice_vsi_free_q_vectors(vsi); 3101 3100 3102 3101 /* SR-IOV determines needed MSIX resources all at once instead of per
+7 -1
drivers/net/ethernet/intel/ice/ice_main.c
··· 4224 4224 if (!pf) 4225 4225 return -ENOMEM; 4226 4226 4227 + /* initialize Auxiliary index to invalid value */ 4228 + pf->aux_idx = -1; 4229 + 4227 4230 /* set up for high or low DMA */ 4228 4231 err = dma_set_mask_and_coherent(dev, DMA_BIT_MASK(64)); 4229 4232 if (err) ··· 4618 4615 4619 4616 ice_aq_cancel_waiting_tasks(pf); 4620 4617 ice_unplug_aux_dev(pf); 4621 - ida_free(&ice_aux_ida, pf->aux_idx); 4618 + if (pf->aux_idx >= 0) 4619 + ida_free(&ice_aux_ida, pf->aux_idx); 4622 4620 set_bit(ICE_DOWN, pf->state); 4623 4621 4624 4622 mutex_destroy(&(&pf->hw)->fdir_fltr_lock); ··· 5020 5016 { PCI_VDEVICE(INTEL, ICE_DEV_ID_E810C_BACKPLANE), 0 }, 5021 5017 { PCI_VDEVICE(INTEL, ICE_DEV_ID_E810C_QSFP), 0 }, 5022 5018 { PCI_VDEVICE(INTEL, ICE_DEV_ID_E810C_SFP), 0 }, 5019 + { PCI_VDEVICE(INTEL, ICE_DEV_ID_E810_XXV_BACKPLANE), 0 }, 5020 + { PCI_VDEVICE(INTEL, ICE_DEV_ID_E810_XXV_QSFP), 0 }, 5023 5021 { PCI_VDEVICE(INTEL, ICE_DEV_ID_E810_XXV_SFP), 0 }, 5024 5022 { PCI_VDEVICE(INTEL, ICE_DEV_ID_E823C_BACKPLANE), 0 }, 5025 5023 { PCI_VDEVICE(INTEL, ICE_DEV_ID_E823C_QSFP), 0 },
+13
drivers/net/ethernet/intel/ice/ice_sched.c
··· 2071 2071 } 2072 2072 2073 2073 /** 2074 + * ice_rm_vsi_rdma_cfg - remove VSI and its RDMA children nodes 2075 + * @pi: port information structure 2076 + * @vsi_handle: software VSI handle 2077 + * 2078 + * This function clears the VSI and its RDMA children nodes from scheduler tree 2079 + * for all TCs. 2080 + */ 2081 + enum ice_status ice_rm_vsi_rdma_cfg(struct ice_port_info *pi, u16 vsi_handle) 2082 + { 2083 + return ice_sched_rm_vsi_cfg(pi, vsi_handle, ICE_SCHED_NODE_OWNER_RDMA); 2084 + } 2085 + 2086 + /** 2074 2087 * ice_get_agg_info - get the aggregator ID 2075 2088 * @hw: pointer to the hardware structure 2076 2089 * @agg_id: aggregator ID
+1
drivers/net/ethernet/intel/ice/ice_sched.h
··· 89 89 ice_sched_cfg_vsi(struct ice_port_info *pi, u16 vsi_handle, u8 tc, u16 maxqs, 90 90 u8 owner, bool enable); 91 91 enum ice_status ice_rm_vsi_lan_cfg(struct ice_port_info *pi, u16 vsi_handle); 92 + enum ice_status ice_rm_vsi_rdma_cfg(struct ice_port_info *pi, u16 vsi_handle); 92 93 93 94 /* Tx scheduler rate limiter functions */ 94 95 enum ice_status
+1 -1
drivers/net/ethernet/intel/igc/igc_hw.h
··· 22 22 #define IGC_DEV_ID_I220_V 0x15F7 23 23 #define IGC_DEV_ID_I225_K 0x3100 24 24 #define IGC_DEV_ID_I225_K2 0x3101 25 + #define IGC_DEV_ID_I226_K 0x3102 25 26 #define IGC_DEV_ID_I225_LMVP 0x5502 26 - #define IGC_DEV_ID_I226_K 0x5504 27 27 #define IGC_DEV_ID_I225_IT 0x0D9F 28 28 #define IGC_DEV_ID_I226_LM 0x125B 29 29 #define IGC_DEV_ID_I226_V 0x125C
+3
drivers/net/ethernet/mellanox/mlx5/core/en/fs.h
··· 199 199 int mlx5e_create_flow_steering(struct mlx5e_priv *priv); 200 200 void mlx5e_destroy_flow_steering(struct mlx5e_priv *priv); 201 201 202 + int mlx5e_fs_init(struct mlx5e_priv *priv); 203 + void mlx5e_fs_cleanup(struct mlx5e_priv *priv); 204 + 202 205 int mlx5e_add_vlan_trap(struct mlx5e_priv *priv, int trap_id, int tir_num); 203 206 void mlx5e_remove_vlan_trap(struct mlx5e_priv *priv); 204 207 int mlx5e_add_mac_trap(struct mlx5e_priv *priv, int trap_id, int tir_num);
+2
drivers/net/ethernet/mellanox/mlx5/core/en/tc_tun.c
··· 10 10 #include "en_tc.h" 11 11 #include "rep/tc.h" 12 12 #include "rep/neigh.h" 13 + #include "lag.h" 14 + #include "lag_mp.h" 13 15 14 16 struct mlx5e_tc_tun_route_attr { 15 17 struct net_device *out_dev;
+27 -24
drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec_rxtx.c
··· 141 141 * Pkt: MAC IP ESP IP L4 142 142 * 143 143 * Transport Mode: 144 - * SWP: OutL3 InL4 145 - * InL3 144 + * SWP: OutL3 OutL4 146 145 * Pkt: MAC IP ESP L4 147 146 * 148 147 * Tunnel(VXLAN TCP/UDP) over Transport Mode ··· 170 171 return; 171 172 172 173 if (!xo->inner_ipproto) { 173 - eseg->swp_inner_l3_offset = skb_network_offset(skb) / 2; 174 - eseg->swp_inner_l4_offset = skb_inner_transport_offset(skb) / 2; 175 - if (skb->protocol == htons(ETH_P_IPV6)) 176 - eseg->swp_flags |= MLX5_ETH_WQE_SWP_INNER_L3_IPV6; 177 - if (xo->proto == IPPROTO_UDP) 174 + switch (xo->proto) { 175 + case IPPROTO_UDP: 176 + eseg->swp_flags |= MLX5_ETH_WQE_SWP_OUTER_L4_UDP; 177 + fallthrough; 178 + case IPPROTO_TCP: 179 + /* IP | ESP | TCP */ 180 + eseg->swp_outer_l4_offset = skb_inner_transport_offset(skb) / 2; 181 + break; 182 + default: 183 + break; 184 + } 185 + } else { 186 + /* Tunnel(VXLAN TCP/UDP) over Transport Mode */ 187 + switch (xo->inner_ipproto) { 188 + case IPPROTO_UDP: 178 189 eseg->swp_flags |= MLX5_ETH_WQE_SWP_INNER_L4_UDP; 179 - return; 190 + fallthrough; 191 + case IPPROTO_TCP: 192 + eseg->swp_inner_l3_offset = skb_inner_network_offset(skb) / 2; 193 + eseg->swp_inner_l4_offset = 194 + (skb->csum_start + skb->head - skb->data) / 2; 195 + if (skb->protocol == htons(ETH_P_IPV6)) 196 + eseg->swp_flags |= MLX5_ETH_WQE_SWP_INNER_L3_IPV6; 197 + break; 198 + default: 199 + break; 200 + } 180 201 } 181 202 182 - /* Tunnel(VXLAN TCP/UDP) over Transport Mode */ 183 - switch (xo->inner_ipproto) { 184 - case IPPROTO_UDP: 185 - eseg->swp_flags |= MLX5_ETH_WQE_SWP_INNER_L4_UDP; 186 - fallthrough; 187 - case IPPROTO_TCP: 188 - eseg->swp_inner_l3_offset = skb_inner_network_offset(skb) / 2; 189 - eseg->swp_inner_l4_offset = (skb->csum_start + skb->head - skb->data) / 2; 190 - if (skb->protocol == htons(ETH_P_IPV6)) 191 - eseg->swp_flags |= MLX5_ETH_WQE_SWP_INNER_L3_IPV6; 192 - break; 193 - default: 194 - break; 195 - } 196 - 197 - return; 198 203 } 199 204 200 205 void mlx5e_ipsec_set_iv_esn(struct sk_buff *skb, struct xfrm_state *x,
+16 -12
drivers/net/ethernet/mellanox/mlx5/core/en_fs.c
··· 1186 1186 struct mlx5e_flow_table *ft; 1187 1187 int err; 1188 1188 1189 - priv->fs.vlan = kvzalloc(sizeof(*priv->fs.vlan), GFP_KERNEL); 1190 - if (!priv->fs.vlan) 1191 - return -ENOMEM; 1192 - 1193 1189 ft = &priv->fs.vlan->ft; 1194 1190 ft->num_groups = 0; 1195 1191 ··· 1194 1198 ft_attr.prio = MLX5E_NIC_PRIO; 1195 1199 1196 1200 ft->t = mlx5_create_flow_table(priv->fs.ns, &ft_attr); 1197 - if (IS_ERR(ft->t)) { 1198 - err = PTR_ERR(ft->t); 1199 - goto err_free_t; 1200 - } 1201 + if (IS_ERR(ft->t)) 1202 + return PTR_ERR(ft->t); 1201 1203 1202 1204 ft->g = kcalloc(MLX5E_NUM_VLAN_GROUPS, sizeof(*ft->g), GFP_KERNEL); 1203 1205 if (!ft->g) { ··· 1215 1221 kfree(ft->g); 1216 1222 err_destroy_vlan_table: 1217 1223 mlx5_destroy_flow_table(ft->t); 1218 - err_free_t: 1219 - kvfree(priv->fs.vlan); 1220 - priv->fs.vlan = NULL; 1221 1224 1222 1225 return err; 1223 1226 } ··· 1223 1232 { 1224 1233 mlx5e_del_vlan_rules(priv); 1225 1234 mlx5e_destroy_flow_table(&priv->fs.vlan->ft); 1226 - kvfree(priv->fs.vlan); 1227 1235 } 1228 1236 1229 1237 static void mlx5e_destroy_inner_ttc_table(struct mlx5e_priv *priv) ··· 1340 1350 mlx5e_destroy_inner_ttc_table(priv); 1341 1351 mlx5e_arfs_destroy_tables(priv); 1342 1352 mlx5e_ethtool_cleanup_steering(priv); 1353 + } 1354 + 1355 + int mlx5e_fs_init(struct mlx5e_priv *priv) 1356 + { 1357 + priv->fs.vlan = kvzalloc(sizeof(*priv->fs.vlan), GFP_KERNEL); 1358 + if (!priv->fs.vlan) 1359 + return -ENOMEM; 1360 + return 0; 1361 + } 1362 + 1363 + void mlx5e_fs_cleanup(struct mlx5e_priv *priv) 1364 + { 1365 + kvfree(priv->fs.vlan); 1366 + priv->fs.vlan = NULL; 1343 1367 }
+7
drivers/net/ethernet/mellanox/mlx5/core/en_main.c
··· 4578 4578 4579 4579 mlx5e_timestamp_init(priv); 4580 4580 4581 + err = mlx5e_fs_init(priv); 4582 + if (err) { 4583 + mlx5_core_err(mdev, "FS initialization failed, %d\n", err); 4584 + return err; 4585 + } 4586 + 4581 4587 err = mlx5e_ipsec_init(priv); 4582 4588 if (err) 4583 4589 mlx5_core_err(mdev, "IPSec initialization failed, %d\n", err); ··· 4601 4595 mlx5e_health_destroy_reporters(priv); 4602 4596 mlx5e_tls_cleanup(priv); 4603 4597 mlx5e_ipsec_cleanup(priv); 4598 + mlx5e_fs_cleanup(priv); 4604 4599 } 4605 4600 4606 4601 static int mlx5e_init_nic_rx(struct mlx5e_priv *priv)
+2
drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
··· 67 67 #include "lib/fs_chains.h" 68 68 #include "diag/en_tc_tracepoint.h" 69 69 #include <asm/div64.h> 70 + #include "lag.h" 71 + #include "lag_mp.h" 70 72 71 73 #define nic_chains(priv) ((priv)->fs.tc.chains) 72 74 #define MLX5_MH_ACT_SZ MLX5_UN_SZ_BYTES(set_add_copy_action_in_auto)
+11 -9
drivers/net/ethernet/mellanox/mlx5/core/en_tx.c
··· 213 213 memcpy(&vhdr->h_vlan_encapsulated_proto, skb->data + cpy1_sz, cpy2_sz); 214 214 } 215 215 216 - /* If packet is not IP's CHECKSUM_PARTIAL (e.g. icmd packet), 217 - * need to set L3 checksum flag for IPsec 218 - */ 219 216 static void 220 217 ipsec_txwqe_build_eseg_csum(struct mlx5e_txqsq *sq, struct sk_buff *skb, 221 218 struct mlx5_wqe_eth_seg *eseg) 222 219 { 220 + struct xfrm_offload *xo = xfrm_offload(skb); 221 + 223 222 eseg->cs_flags = MLX5_ETH_WQE_L3_CSUM; 224 - if (skb->encapsulation) { 225 - eseg->cs_flags |= MLX5_ETH_WQE_L3_INNER_CSUM; 223 + if (xo->inner_ipproto) { 224 + eseg->cs_flags |= MLX5_ETH_WQE_L4_INNER_CSUM | MLX5_ETH_WQE_L3_INNER_CSUM; 225 + } else if (likely(skb->ip_summed == CHECKSUM_PARTIAL)) { 226 + eseg->cs_flags |= MLX5_ETH_WQE_L4_CSUM; 226 227 sq->stats->csum_partial_inner++; 227 - } else { 228 - sq->stats->csum_partial++; 229 228 } 230 229 } 231 230 ··· 233 234 struct mlx5e_accel_tx_state *accel, 234 235 struct mlx5_wqe_eth_seg *eseg) 235 236 { 237 + if (unlikely(mlx5e_ipsec_eseg_meta(eseg))) { 238 + ipsec_txwqe_build_eseg_csum(sq, skb, eseg); 239 + return; 240 + } 241 + 236 242 if (likely(skb->ip_summed == CHECKSUM_PARTIAL)) { 237 243 eseg->cs_flags = MLX5_ETH_WQE_L3_CSUM; 238 244 if (skb->encapsulation) { ··· 253 249 eseg->cs_flags = MLX5_ETH_WQE_L3_CSUM | MLX5_ETH_WQE_L4_CSUM; 254 250 sq->stats->csum_partial++; 255 251 #endif 256 - } else if (unlikely(mlx5e_ipsec_eseg_meta(eseg))) { 257 - ipsec_txwqe_build_eseg_csum(sq, skb, eseg); 258 252 } else 259 253 sq->stats->csum_none++; 260 254 }
+3 -4
drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c
··· 473 473 474 474 err_min_rate: 475 475 list_del(&group->list); 476 - err = mlx5_destroy_scheduling_element_cmd(esw->dev, 477 - SCHEDULING_HIERARCHY_E_SWITCH, 478 - group->tsar_ix); 479 - if (err) 476 + if (mlx5_destroy_scheduling_element_cmd(esw->dev, 477 + SCHEDULING_HIERARCHY_E_SWITCH, 478 + group->tsar_ix)) 480 479 NL_SET_ERR_MSG_MOD(extack, "E-Switch destroy TSAR for group failed"); 481 480 err_sched_elem: 482 481 kfree(group);
+4
drivers/net/ethernet/mellanox/mlx5/core/lag.c
··· 442 442 if (!mlx5_lag_is_ready(ldev)) { 443 443 do_bond = false; 444 444 } else { 445 + /* VF LAG is in multipath mode, ignore bond change requests */ 446 + if (mlx5_lag_is_multipath(dev0)) 447 + return; 448 + 445 449 tracker = ldev->tracker; 446 450 447 451 do_bond = tracker.is_bonded && mlx5_lag_check_prereq(ldev);
+8 -5
drivers/net/ethernet/mellanox/mlx5/core/lag_mp.c
··· 9 9 #include "eswitch.h" 10 10 #include "lib/mlx5.h" 11 11 12 + static bool __mlx5_lag_is_multipath(struct mlx5_lag *ldev) 13 + { 14 + return !!(ldev->flags & MLX5_LAG_FLAG_MULTIPATH); 15 + } 16 + 12 17 static bool mlx5_lag_multipath_check_prereq(struct mlx5_lag *ldev) 13 18 { 14 19 if (!mlx5_lag_is_ready(ldev)) 15 20 return false; 16 21 22 + if (__mlx5_lag_is_active(ldev) && !__mlx5_lag_is_multipath(ldev)) 23 + return false; 24 + 17 25 return mlx5_esw_multipath_prereq(ldev->pf[MLX5_LAG_P1].dev, 18 26 ldev->pf[MLX5_LAG_P2].dev); 19 - } 20 - 21 - static bool __mlx5_lag_is_multipath(struct mlx5_lag *ldev) 22 - { 23 - return !!(ldev->flags & MLX5_LAG_FLAG_MULTIPATH); 24 27 } 25 28 26 29 bool mlx5_lag_is_multipath(struct mlx5_core_dev *dev)
+2
drivers/net/ethernet/mellanox/mlx5/core/lag_mp.h
··· 24 24 void mlx5_lag_mp_reset(struct mlx5_lag *ldev); 25 25 int mlx5_lag_mp_init(struct mlx5_lag *ldev); 26 26 void mlx5_lag_mp_cleanup(struct mlx5_lag *ldev); 27 + bool mlx5_lag_is_multipath(struct mlx5_core_dev *dev); 27 28 28 29 #else /* CONFIG_MLX5_ESWITCH */ 29 30 30 31 static inline void mlx5_lag_mp_reset(struct mlx5_lag *ldev) {}; 31 32 static inline int mlx5_lag_mp_init(struct mlx5_lag *ldev) { return 0; } 32 33 static inline void mlx5_lag_mp_cleanup(struct mlx5_lag *ldev) {} 34 + bool mlx5_lag_is_multipath(struct mlx5_core_dev *dev) { return false; } 33 35 34 36 #endif /* CONFIG_MLX5_ESWITCH */ 35 37 #endif /* __MLX5_LAG_MP_H__ */
+1
drivers/net/ethernet/microchip/sparx5/sparx5_main.c
··· 758 758 err = dev_err_probe(sparx5->dev, PTR_ERR(serdes), 759 759 "port %u: missing serdes\n", 760 760 portno); 761 + of_node_put(portnp); 761 762 goto cleanup_config; 762 763 } 763 764 config->portno = portno;
+1
drivers/net/ethernet/mscc/ocelot_vsc7514.c
··· 969 969 target = ocelot_regmap_init(ocelot, res); 970 970 if (IS_ERR(target)) { 971 971 err = PTR_ERR(target); 972 + of_node_put(portnp); 972 973 goto out_teardown; 973 974 } 974 975
+2 -2
drivers/net/ethernet/netronome/nfp/nfp_asm.c
··· 196 196 } 197 197 198 198 reg->dst_lmextn = swreg_lmextn(dst); 199 - reg->src_lmextn = swreg_lmextn(lreg) | swreg_lmextn(rreg); 199 + reg->src_lmextn = swreg_lmextn(lreg) || swreg_lmextn(rreg); 200 200 201 201 return 0; 202 202 } ··· 277 277 } 278 278 279 279 reg->dst_lmextn = swreg_lmextn(dst); 280 - reg->src_lmextn = swreg_lmextn(lreg) | swreg_lmextn(rreg); 280 + reg->src_lmextn = swreg_lmextn(lreg) || swreg_lmextn(rreg); 281 281 282 282 return 0; 283 283 }
+26 -11
drivers/net/ethernet/sfc/mcdi_port_common.c
··· 132 132 case MC_CMD_MEDIA_SFP_PLUS: 133 133 case MC_CMD_MEDIA_QSFP_PLUS: 134 134 SET_BIT(FIBRE); 135 - if (cap & (1 << MC_CMD_PHY_CAP_1000FDX_LBN)) 135 + if (cap & (1 << MC_CMD_PHY_CAP_1000FDX_LBN)) { 136 136 SET_BIT(1000baseT_Full); 137 - if (cap & (1 << MC_CMD_PHY_CAP_10000FDX_LBN)) 138 - SET_BIT(10000baseT_Full); 139 - if (cap & (1 << MC_CMD_PHY_CAP_40000FDX_LBN)) 137 + SET_BIT(1000baseX_Full); 138 + } 139 + if (cap & (1 << MC_CMD_PHY_CAP_10000FDX_LBN)) { 140 + SET_BIT(10000baseCR_Full); 141 + SET_BIT(10000baseLR_Full); 142 + SET_BIT(10000baseSR_Full); 143 + } 144 + if (cap & (1 << MC_CMD_PHY_CAP_40000FDX_LBN)) { 140 145 SET_BIT(40000baseCR4_Full); 141 - if (cap & (1 << MC_CMD_PHY_CAP_100000FDX_LBN)) 146 + SET_BIT(40000baseSR4_Full); 147 + } 148 + if (cap & (1 << MC_CMD_PHY_CAP_100000FDX_LBN)) { 142 149 SET_BIT(100000baseCR4_Full); 143 - if (cap & (1 << MC_CMD_PHY_CAP_25000FDX_LBN)) 150 + SET_BIT(100000baseSR4_Full); 151 + } 152 + if (cap & (1 << MC_CMD_PHY_CAP_25000FDX_LBN)) { 144 153 SET_BIT(25000baseCR_Full); 154 + SET_BIT(25000baseSR_Full); 155 + } 145 156 if (cap & (1 << MC_CMD_PHY_CAP_50000FDX_LBN)) 146 157 SET_BIT(50000baseCR2_Full); 147 158 break; ··· 203 192 result |= (1 << MC_CMD_PHY_CAP_100FDX_LBN); 204 193 if (TEST_BIT(1000baseT_Half)) 205 194 result |= (1 << MC_CMD_PHY_CAP_1000HDX_LBN); 206 - if (TEST_BIT(1000baseT_Full) || TEST_BIT(1000baseKX_Full)) 195 + if (TEST_BIT(1000baseT_Full) || TEST_BIT(1000baseKX_Full) || 196 + TEST_BIT(1000baseX_Full)) 207 197 result |= (1 << MC_CMD_PHY_CAP_1000FDX_LBN); 208 - if (TEST_BIT(10000baseT_Full) || TEST_BIT(10000baseKX4_Full)) 198 + if (TEST_BIT(10000baseT_Full) || TEST_BIT(10000baseKX4_Full) || 199 + TEST_BIT(10000baseCR_Full) || TEST_BIT(10000baseLR_Full) || 200 + TEST_BIT(10000baseSR_Full)) 209 201 result |= (1 << MC_CMD_PHY_CAP_10000FDX_LBN); 210 - if (TEST_BIT(40000baseCR4_Full) || TEST_BIT(40000baseKR4_Full)) 202 + if (TEST_BIT(40000baseCR4_Full) || TEST_BIT(40000baseKR4_Full) || 203 + TEST_BIT(40000baseSR4_Full)) 211 204 result |= (1 << MC_CMD_PHY_CAP_40000FDX_LBN); 212 - if (TEST_BIT(100000baseCR4_Full)) 205 + if (TEST_BIT(100000baseCR4_Full) || TEST_BIT(100000baseSR4_Full)) 213 206 result |= (1 << MC_CMD_PHY_CAP_100000FDX_LBN); 214 - if (TEST_BIT(25000baseCR_Full)) 207 + if (TEST_BIT(25000baseCR_Full) || TEST_BIT(25000baseSR_Full)) 215 208 result |= (1 << MC_CMD_PHY_CAP_25000FDX_LBN); 216 209 if (TEST_BIT(50000baseCR2_Full)) 217 210 result |= (1 << MC_CMD_PHY_CAP_50000FDX_LBN);
+2 -2
drivers/net/ethernet/sfc/ptp.c
··· 648 648 } else if (rc == -EINVAL) { 649 649 fmt = MC_CMD_PTP_OUT_GET_ATTRIBUTES_SECONDS_NANOSECONDS; 650 650 } else if (rc == -EPERM) { 651 - netif_info(efx, probe, efx->net_dev, "no PTP support\n"); 651 + pci_info(efx->pci_dev, "no PTP support\n"); 652 652 return rc; 653 653 } else { 654 654 efx_mcdi_display_error(efx, MC_CMD_PTP, sizeof(inbuf), ··· 824 824 * should only have been called during probe. 825 825 */ 826 826 if (rc == -ENOSYS || rc == -EPERM) 827 - netif_info(efx, probe, efx->net_dev, "no PTP support\n"); 827 + pci_info(efx->pci_dev, "no PTP support\n"); 828 828 else if (rc) 829 829 efx_mcdi_display_error(efx, MC_CMD_PTP, 830 830 MC_CMD_PTP_IN_DISABLE_LEN,
+1 -1
drivers/net/ethernet/sfc/siena_sriov.c
··· 1057 1057 return; 1058 1058 1059 1059 if (efx_siena_sriov_cmd(efx, false, &efx->vi_scale, &count)) { 1060 - netif_info(efx, probe, efx->net_dev, "no SR-IOV VFs probed\n"); 1060 + pci_info(efx->pci_dev, "no SR-IOV VFs probed\n"); 1061 1061 return; 1062 1062 } 1063 1063 if (count > 0 && count > max_vfs)
+1 -1
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
··· 736 736 config.rx_filter = HWTSTAMP_FILTER_PTP_V2_EVENT; 737 737 ptp_v2 = PTP_TCR_TSVER2ENA; 738 738 snap_type_sel = PTP_TCR_SNAPTYPSEL_1; 739 - if (priv->synopsys_id != DWMAC_CORE_5_10) 739 + if (priv->synopsys_id < DWMAC_CORE_4_10) 740 740 ts_event_en = PTP_TCR_TSEVNTENA; 741 741 ptp_over_ipv4_udp = PTP_TCR_TSIPV4ENA; 742 742 ptp_over_ipv6_udp = PTP_TCR_TSIPV6ENA;
+3 -3
drivers/net/hamradio/baycom_epp.c
··· 623 623 624 624 /* --------------------------------------------------------------------- */ 625 625 626 - #ifdef __i386__ 626 + #if defined(__i386__) && !defined(CONFIG_UML) 627 627 #include <asm/msr.h> 628 628 #define GETTICK(x) \ 629 629 ({ \ 630 630 if (boot_cpu_has(X86_FEATURE_TSC)) \ 631 631 x = (unsigned int)rdtsc(); \ 632 632 }) 633 - #else /* __i386__ */ 633 + #else /* __i386__ && !CONFIG_UML */ 634 634 #define GETTICK(x) 635 - #endif /* __i386__ */ 635 + #endif /* __i386__ && !CONFIG_UML */ 636 636 637 637 static void epp_bh(struct work_struct *work) 638 638 {
+1
drivers/net/usb/Kconfig
··· 117 117 select PHYLIB 118 118 select MICROCHIP_PHY 119 119 select FIXED_PHY 120 + select CRC32 120 121 help 121 122 This option adds support for Microchip LAN78XX based USB 2 122 123 & USB 3 10/100/1000 Ethernet adapters.
+4
drivers/net/usb/usbnet.c
··· 1788 1788 if (!dev->rx_urb_size) 1789 1789 dev->rx_urb_size = dev->hard_mtu; 1790 1790 dev->maxpacket = usb_maxpacket (dev->udev, dev->out, 1); 1791 + if (dev->maxpacket == 0) { 1792 + /* that is a broken device */ 1793 + goto out4; 1794 + } 1791 1795 1792 1796 /* let userspace know we have a random address */ 1793 1797 if (ether_addr_equal(net->dev_addr, node_id))
-4
drivers/net/vrf.c
··· 1360 1360 bool need_strict = rt6_need_strict(&ipv6_hdr(skb)->daddr); 1361 1361 bool is_ndisc = ipv6_ndisc_frame(skb); 1362 1362 1363 - nf_reset_ct(skb); 1364 - 1365 1363 /* loopback, multicast & non-ND link-local traffic; do not push through 1366 1364 * packet taps again. Reset pkt_type for upper layers to process skb. 1367 1365 * For strict packets with a source LLA, determine the dst using the ··· 1421 1423 skb->dev = vrf_dev; 1422 1424 skb->skb_iif = vrf_dev->ifindex; 1423 1425 IPCB(skb)->flags |= IPSKB_L3SLAVE; 1424 - 1425 - nf_reset_ct(skb); 1426 1426 1427 1427 if (ipv4_is_multicast(ip_hdr(skb)->daddr)) 1428 1428 goto out;
+2 -4
drivers/nfc/st95hf/core.c
··· 1226 1226 &reset_cmd, 1227 1227 ST95HF_RESET_CMD_LEN, 1228 1228 ASYNC); 1229 - if (result) { 1229 + if (result) 1230 1230 dev_err(&spictx->spidev->dev, 1231 1231 "ST95HF reset failed in remove() err = %d\n", result); 1232 - return result; 1233 - } 1234 1232 1235 1233 /* wait for 3 ms to complete the controller reset process */ 1236 1234 usleep_range(3000, 4000); ··· 1237 1239 if (stcontext->st95hf_supply) 1238 1240 regulator_disable(stcontext->st95hf_supply); 1239 1241 1240 - return result; 1242 + return 0; 1241 1243 } 1242 1244 1243 1245 /* Register as SPI protocol driver */
+10 -6
drivers/ptp/ptp_clock.c
··· 170 170 struct ptp_clock *ptp = container_of(dev, struct ptp_clock, dev); 171 171 172 172 ptp_cleanup_pin_groups(ptp); 173 + kfree(ptp->vclock_index); 173 174 mutex_destroy(&ptp->tsevq_mux); 174 175 mutex_destroy(&ptp->pincfg_mux); 175 176 mutex_destroy(&ptp->n_vclocks_mux); ··· 284 283 /* Create a posix clock and link it to the device. */ 285 284 err = posix_clock_register(&ptp->clock, &ptp->dev); 286 285 if (err) { 286 + if (ptp->pps_source) 287 + pps_unregister_source(ptp->pps_source); 288 + 289 + if (ptp->kworker) 290 + kthread_destroy_worker(ptp->kworker); 291 + 292 + put_device(&ptp->dev); 293 + 287 294 pr_err("failed to create posix clock\n"); 288 - goto no_clock; 295 + return ERR_PTR(err); 289 296 } 290 297 291 298 return ptp; 292 299 293 - no_clock: 294 - if (ptp->pps_source) 295 - pps_unregister_source(ptp->pps_source); 296 300 no_pps: 297 301 ptp_cleanup_pin_groups(ptp); 298 302 no_pin_groups: ··· 326 320 327 321 ptp->defunct = 1; 328 322 wake_up_interruptible(&ptp->tsev_wq); 329 - 330 - kfree(ptp->vclock_index); 331 323 332 324 if (ptp->kworker) { 333 325 kthread_cancel_delayed_work_sync(&ptp->aux_work);
+2 -2
drivers/ptp/ptp_kvm_x86.c
··· 31 31 32 32 ret = kvm_hypercall2(KVM_HC_CLOCK_PAIRING, clock_pair_gpa, 33 33 KVM_CLOCK_PAIRING_WALLCLOCK); 34 - if (ret == -KVM_ENOSYS || ret == -KVM_EOPNOTSUPP) 34 + if (ret == -KVM_ENOSYS) 35 35 return -ENODEV; 36 36 37 - return 0; 37 + return ret; 38 38 } 39 39 40 40 int kvm_arch_ptp_get_clock(struct timespec64 *ts)
-1
include/linux/mlx5/driver.h
··· 1138 1138 int mlx5_cmd_destroy_vport_lag(struct mlx5_core_dev *dev); 1139 1139 bool mlx5_lag_is_roce(struct mlx5_core_dev *dev); 1140 1140 bool mlx5_lag_is_sriov(struct mlx5_core_dev *dev); 1141 - bool mlx5_lag_is_multipath(struct mlx5_core_dev *dev); 1142 1141 bool mlx5_lag_is_active(struct mlx5_core_dev *dev); 1143 1142 bool mlx5_lag_is_master(struct mlx5_core_dev *dev); 1144 1143 bool mlx5_lag_is_shared_fdb(struct mlx5_core_dev *dev);
+1 -1
include/net/mctp.h
··· 54 54 struct sock sk; 55 55 56 56 /* bind() params */ 57 - int bind_net; 57 + unsigned int bind_net; 58 58 mctp_eid_t bind_addr; 59 59 __u8 bind_type; 60 60
+3 -3
include/net/sctp/sm.h
··· 384 384 * Verification Tag value does not match the receiver's own 385 385 * tag value, the receiver shall silently discard the packet... 386 386 */ 387 - if (ntohl(chunk->sctp_hdr->vtag) == asoc->c.my_vtag) 388 - return 1; 387 + if (ntohl(chunk->sctp_hdr->vtag) != asoc->c.my_vtag) 388 + return 0; 389 389 390 390 chunk->transport->encap_port = SCTP_INPUT_CB(chunk->skb)->encap_port; 391 - return 0; 391 + return 1; 392 392 } 393 393 394 394 /* Check VTAG of the packet matches the sender's own tag and the T bit is
+3 -2
include/net/tcp.h
··· 1576 1576 u8 keylen; 1577 1577 u8 family; /* AF_INET or AF_INET6 */ 1578 1578 u8 prefixlen; 1579 + u8 flags; 1579 1580 union tcp_md5_addr addr; 1580 1581 int l3index; /* set if key added with L3 scope */ 1581 1582 u8 key[TCP_MD5SIG_MAXKEYLEN]; ··· 1622 1621 int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key, 1623 1622 const struct sock *sk, const struct sk_buff *skb); 1624 1623 int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr, 1625 - int family, u8 prefixlen, int l3index, 1624 + int family, u8 prefixlen, int l3index, u8 flags, 1626 1625 const u8 *newkey, u8 newkeylen, gfp_t gfp); 1627 1626 int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, 1628 - int family, u8 prefixlen, int l3index); 1627 + int family, u8 prefixlen, int l3index, u8 flags); 1629 1628 struct tcp_md5sig_key *tcp_v4_md5_lookup(const struct sock *sk, 1630 1629 const struct sock *addr_sk); 1631 1630
+5 -2
include/uapi/linux/mctp.h
··· 10 10 #define __UAPI_MCTP_H 11 11 12 12 #include <linux/types.h> 13 + #include <linux/socket.h> 13 14 14 15 typedef __u8 mctp_eid_t; 15 16 ··· 19 18 }; 20 19 21 20 struct sockaddr_mctp { 22 - unsigned short int smctp_family; 23 - int smctp_network; 21 + __kernel_sa_family_t smctp_family; 22 + __u16 __smctp_pad0; 23 + unsigned int smctp_network; 24 24 struct mctp_addr smctp_addr; 25 25 __u8 smctp_type; 26 26 __u8 smctp_tag; 27 + __u8 __smctp_pad1; 27 28 }; 28 29 29 30 #define MCTP_NET_ANY 0x0
+1 -3
net/bridge/br_private.h
··· 1125 1125 1126 1126 static inline unsigned long br_multicast_gmi(const struct net_bridge_mcast *brmctx) 1127 1127 { 1128 - /* use the RFC default of 2 for QRV */ 1129 - return 2 * brmctx->multicast_query_interval + 1130 - brmctx->multicast_query_response_interval; 1128 + return brmctx->multicast_membership_interval; 1131 1129 } 1132 1130 1133 1131 static inline bool
+3 -1
net/bridge/netfilter/ebtables.c
··· 926 926 return -ENOMEM; 927 927 for_each_possible_cpu(i) { 928 928 newinfo->chainstack[i] = 929 - vmalloc(array_size(udc_cnt, sizeof(*(newinfo->chainstack[0])))); 929 + vmalloc_node(array_size(udc_cnt, 930 + sizeof(*(newinfo->chainstack[0]))), 931 + cpu_to_node(i)); 930 932 if (!newinfo->chainstack[i]) { 931 933 while (i) 932 934 vfree(newinfo->chainstack[--i]);
+36 -15
net/can/isotp.c
··· 121 121 struct tpcon { 122 122 int idx; 123 123 int len; 124 - u8 state; 124 + u32 state; 125 125 u8 bs; 126 126 u8 sn; 127 127 u8 ll_dl; ··· 848 848 { 849 849 struct sock *sk = sock->sk; 850 850 struct isotp_sock *so = isotp_sk(sk); 851 + u32 old_state = so->tx.state; 851 852 struct sk_buff *skb; 852 853 struct net_device *dev; 853 854 struct canfd_frame *cf; ··· 861 860 return -EADDRNOTAVAIL; 862 861 863 862 /* we do not support multiple buffers - for now */ 864 - if (so->tx.state != ISOTP_IDLE || wq_has_sleeper(&so->wait)) { 865 - if (msg->msg_flags & MSG_DONTWAIT) 866 - return -EAGAIN; 863 + if (cmpxchg(&so->tx.state, ISOTP_IDLE, ISOTP_SENDING) != ISOTP_IDLE || 864 + wq_has_sleeper(&so->wait)) { 865 + if (msg->msg_flags & MSG_DONTWAIT) { 866 + err = -EAGAIN; 867 + goto err_out; 868 + } 867 869 868 870 /* wait for complete transmission of current pdu */ 869 - wait_event_interruptible(so->wait, so->tx.state == ISOTP_IDLE); 871 + err = wait_event_interruptible(so->wait, so->tx.state == ISOTP_IDLE); 872 + if (err) 873 + goto err_out; 870 874 } 871 875 872 - if (!size || size > MAX_MSG_LENGTH) 873 - return -EINVAL; 876 + if (!size || size > MAX_MSG_LENGTH) { 877 + err = -EINVAL; 878 + goto err_out; 879 + } 874 880 875 881 /* take care of a potential SF_DL ESC offset for TX_DL > 8 */ 876 882 off = (so->tx.ll_dl > CAN_MAX_DLEN) ? 1 : 0; 877 883 878 884 /* does the given data fit into a single frame for SF_BROADCAST? */ 879 885 if ((so->opt.flags & CAN_ISOTP_SF_BROADCAST) && 880 - (size > so->tx.ll_dl - SF_PCI_SZ4 - ae - off)) 881 - return -EINVAL; 886 + (size > so->tx.ll_dl - SF_PCI_SZ4 - ae - off)) { 887 + err = -EINVAL; 888 + goto err_out; 889 + } 882 890 883 891 err = memcpy_from_msg(so->tx.buf, msg, size); 884 892 if (err < 0) 885 - return err; 893 + goto err_out; 886 894 887 895 dev = dev_get_by_index(sock_net(sk), so->ifindex); 888 - if (!dev) 889 - return -ENXIO; 896 + if (!dev) { 897 + err = -ENXIO; 898 + goto err_out; 899 + } 890 900 891 901 skb = sock_alloc_send_skb(sk, so->ll.mtu + sizeof(struct can_skb_priv), 892 902 msg->msg_flags & MSG_DONTWAIT, &err); 893 903 if (!skb) { 894 904 dev_put(dev); 895 - return err; 905 + goto err_out; 896 906 } 897 907 898 908 can_skb_reserve(skb); 899 909 can_skb_prv(skb)->ifindex = dev->ifindex; 900 910 can_skb_prv(skb)->skbcnt = 0; 901 911 902 - so->tx.state = ISOTP_SENDING; 903 912 so->tx.len = size; 904 913 so->tx.idx = 0; 905 914 ··· 965 954 if (err) { 966 955 pr_notice_once("can-isotp: %s: can_send_ret %pe\n", 967 956 __func__, ERR_PTR(err)); 968 - return err; 957 + goto err_out; 969 958 } 970 959 971 960 if (wait_tx_done) { 972 961 /* wait for complete transmission of current pdu */ 973 962 wait_event_interruptible(so->wait, so->tx.state == ISOTP_IDLE); 963 + 964 + if (sk->sk_err) 965 + return -sk->sk_err; 974 966 } 975 967 976 968 return size; 969 + 970 + err_out: 971 + so->tx.state = old_state; 972 + if (so->tx.state == ISOTP_IDLE) 973 + wake_up_interruptible(&so->wait); 974 + 975 + return err; 977 976 } 978 977 979 978 static int isotp_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
+1
net/can/j1939/j1939-priv.h
··· 330 330 void j1939_tp_schedule_txtimer(struct j1939_session *session, int msec); 331 331 void j1939_session_timers_cancel(struct j1939_session *session); 332 332 333 + #define J1939_MIN_TP_PACKET_SIZE 9 333 334 #define J1939_MAX_TP_PACKET_SIZE (7 * 0xff) 334 335 #define J1939_MAX_ETP_PACKET_SIZE (7 * 0x00ffffff) 335 336
+5 -2
net/can/j1939/main.c
··· 249 249 struct j1939_priv *priv, *priv_new; 250 250 int ret; 251 251 252 - priv = j1939_priv_get_by_ndev(ndev); 252 + spin_lock(&j1939_netdev_lock); 253 + priv = j1939_priv_get_by_ndev_locked(ndev); 253 254 if (priv) { 254 255 kref_get(&priv->rx_kref); 256 + spin_unlock(&j1939_netdev_lock); 255 257 return priv; 256 258 } 259 + spin_unlock(&j1939_netdev_lock); 257 260 258 261 priv = j1939_priv_create(ndev); 259 262 if (!priv) ··· 272 269 /* Someone was faster than us, use their priv and roll 273 270 * back our's. 274 271 */ 272 + kref_get(&priv_new->rx_kref); 275 273 spin_unlock(&j1939_netdev_lock); 276 274 dev_put(ndev); 277 275 kfree(priv); 278 - kref_get(&priv_new->rx_kref); 279 276 return priv_new; 280 277 } 281 278 j1939_priv_set(ndev, priv);
+9 -5
net/can/j1939/transport.c
··· 1237 1237 session->err = -ETIME; 1238 1238 j1939_session_deactivate(session); 1239 1239 } else { 1240 - netdev_alert(priv->ndev, "%s: 0x%p: rx timeout, send abort\n", 1241 - __func__, session); 1242 - 1243 1240 j1939_session_list_lock(session->priv); 1244 1241 if (session->state >= J1939_SESSION_ACTIVE && 1245 1242 session->state < J1939_SESSION_ACTIVE_MAX) { 1243 + netdev_alert(priv->ndev, "%s: 0x%p: rx timeout, send abort\n", 1244 + __func__, session); 1246 1245 j1939_session_get(session); 1247 1246 hrtimer_start(&session->rxtimer, 1248 1247 ms_to_ktime(J1939_XTP_ABORT_TIMEOUT_MS), ··· 1608 1609 abort = J1939_XTP_ABORT_FAULT; 1609 1610 else if (len > priv->tp_max_packet_size) 1610 1611 abort = J1939_XTP_ABORT_RESOURCE; 1612 + else if (len < J1939_MIN_TP_PACKET_SIZE) 1613 + abort = J1939_XTP_ABORT_FAULT; 1611 1614 } 1612 1615 1613 1616 if (abort != J1939_XTP_NO_ABORT) { ··· 1790 1789 static void j1939_xtp_rx_dat_one(struct j1939_session *session, 1791 1790 struct sk_buff *skb) 1792 1791 { 1792 + enum j1939_xtp_abort abort = J1939_XTP_ABORT_FAULT; 1793 1793 struct j1939_priv *priv = session->priv; 1794 1794 struct j1939_sk_buff_cb *skcb, *se_skcb; 1795 1795 struct sk_buff *se_skb = NULL; ··· 1805 1803 1806 1804 skcb = j1939_skb_to_cb(skb); 1807 1805 dat = skb->data; 1808 - if (skb->len <= 1) 1806 + if (skb->len != 8) { 1809 1807 /* makes no sense */ 1808 + abort = J1939_XTP_ABORT_UNEXPECTED_DATA; 1810 1809 goto out_session_cancel; 1810 + } 1811 1811 1812 1812 switch (session->last_cmd) { 1813 1813 case 0xff: ··· 1908 1904 out_session_cancel: 1909 1905 kfree_skb(se_skb); 1910 1906 j1939_session_timers_cancel(session); 1911 - j1939_session_cancel(session, J1939_XTP_ABORT_FAULT); 1907 + j1939_session_cancel(session, abort); 1912 1908 j1939_session_put(session); 1913 1909 } 1914 1910
+7 -2
net/dsa/dsa2.c
··· 1374 1374 1375 1375 for_each_available_child_of_node(ports, port) { 1376 1376 err = of_property_read_u32(port, "reg", &reg); 1377 - if (err) 1377 + if (err) { 1378 + of_node_put(port); 1378 1379 goto out_put_node; 1380 + } 1379 1381 1380 1382 if (reg >= ds->num_ports) { 1381 1383 dev_err(ds->dev, "port %pOF index %u exceeds num_ports (%zu)\n", 1382 1384 port, reg, ds->num_ports); 1385 + of_node_put(port); 1383 1386 err = -EINVAL; 1384 1387 goto out_put_node; 1385 1388 } ··· 1390 1387 dp = dsa_to_port(ds, reg); 1391 1388 1392 1389 err = dsa_port_parse_of(dp, port); 1393 - if (err) 1390 + if (err) { 1391 + of_node_put(port); 1394 1392 goto out_put_node; 1393 + } 1395 1394 } 1396 1395 1397 1396 out_put_node:
+32 -13
net/ipv4/tcp_ipv4.c
··· 1037 1037 DEFINE_STATIC_KEY_FALSE(tcp_md5_needed); 1038 1038 EXPORT_SYMBOL(tcp_md5_needed); 1039 1039 1040 + static bool better_md5_match(struct tcp_md5sig_key *old, struct tcp_md5sig_key *new) 1041 + { 1042 + if (!old) 1043 + return true; 1044 + 1045 + /* l3index always overrides non-l3index */ 1046 + if (old->l3index && new->l3index == 0) 1047 + return false; 1048 + if (old->l3index == 0 && new->l3index) 1049 + return true; 1050 + 1051 + return old->prefixlen < new->prefixlen; 1052 + } 1053 + 1040 1054 /* Find the Key structure for an address. */ 1041 1055 struct tcp_md5sig_key *__tcp_md5_do_lookup(const struct sock *sk, int l3index, 1042 1056 const union tcp_md5_addr *addr, ··· 1073 1059 lockdep_sock_is_held(sk)) { 1074 1060 if (key->family != family) 1075 1061 continue; 1076 - if (key->l3index && key->l3index != l3index) 1062 + if (key->flags & TCP_MD5SIG_FLAG_IFINDEX && key->l3index != l3index) 1077 1063 continue; 1078 1064 if (family == AF_INET) { 1079 1065 mask = inet_make_mask(key->prefixlen); ··· 1088 1074 match = false; 1089 1075 } 1090 1076 1091 - if (match && (!best_match || 1092 - key->prefixlen > best_match->prefixlen)) 1077 + if (match && better_md5_match(best_match, key)) 1093 1078 best_match = key; 1094 1079 } 1095 1080 return best_match; ··· 1098 1085 static struct tcp_md5sig_key *tcp_md5_do_lookup_exact(const struct sock *sk, 1099 1086 const union tcp_md5_addr *addr, 1100 1087 int family, u8 prefixlen, 1101 - int l3index) 1088 + int l3index, u8 flags) 1102 1089 { 1103 1090 const struct tcp_sock *tp = tcp_sk(sk); 1104 1091 struct tcp_md5sig_key *key; ··· 1118 1105 lockdep_sock_is_held(sk)) { 1119 1106 if (key->family != family) 1120 1107 continue; 1121 - if (key->l3index && key->l3index != l3index) 1108 + if ((key->flags & TCP_MD5SIG_FLAG_IFINDEX) != (flags & TCP_MD5SIG_FLAG_IFINDEX)) 1109 + continue; 1110 + if (key->l3index != l3index) 1122 1111 continue; 1123 1112 if (!memcmp(&key->addr, addr, size) && 1124 1113 key->prefixlen == prefixlen) ··· 1144 1129 1145 1130 /* This can be called on a newly created socket, from other files */ 1146 1131 int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr, 1147 - int family, u8 prefixlen, int l3index, 1132 + int family, u8 prefixlen, int l3index, u8 flags, 1148 1133 const u8 *newkey, u8 newkeylen, gfp_t gfp) 1149 1134 { 1150 1135 /* Add Key to the list */ ··· 1152 1137 struct tcp_sock *tp = tcp_sk(sk); 1153 1138 struct tcp_md5sig_info *md5sig; 1154 1139 1155 - key = tcp_md5_do_lookup_exact(sk, addr, family, prefixlen, l3index); 1140 + key = tcp_md5_do_lookup_exact(sk, addr, family, prefixlen, l3index, flags); 1156 1141 if (key) { 1157 1142 /* Pre-existing entry - just update that one. 1158 1143 * Note that the key might be used concurrently. ··· 1197 1182 key->family = family; 1198 1183 key->prefixlen = prefixlen; 1199 1184 key->l3index = l3index; 1185 + key->flags = flags; 1200 1186 memcpy(&key->addr, addr, 1201 1187 (family == AF_INET6) ? sizeof(struct in6_addr) : 1202 1188 sizeof(struct in_addr)); ··· 1207 1191 EXPORT_SYMBOL(tcp_md5_do_add); 1208 1192 1209 1193 int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, int family, 1210 - u8 prefixlen, int l3index) 1194 + u8 prefixlen, int l3index, u8 flags) 1211 1195 { 1212 1196 struct tcp_md5sig_key *key; 1213 1197 1214 - key = tcp_md5_do_lookup_exact(sk, addr, family, prefixlen, l3index); 1198 + key = tcp_md5_do_lookup_exact(sk, addr, family, prefixlen, l3index, flags); 1215 1199 if (!key) 1216 1200 return -ENOENT; 1217 1201 hlist_del_rcu(&key->node); ··· 1245 1229 const union tcp_md5_addr *addr; 1246 1230 u8 prefixlen = 32; 1247 1231 int l3index = 0; 1232 + u8 flags; 1248 1233 1249 1234 if (optlen < sizeof(cmd)) 1250 1235 return -EINVAL; ··· 1256 1239 if (sin->sin_family != AF_INET) 1257 1240 return -EINVAL; 1258 1241 1242 + flags = cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX; 1243 + 1259 1244 if (optname == TCP_MD5SIG_EXT && 1260 1245 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) { 1261 1246 prefixlen = cmd.tcpm_prefixlen; ··· 1265 1246 return -EINVAL; 1266 1247 } 1267 1248 1268 - if (optname == TCP_MD5SIG_EXT && 1249 + if (optname == TCP_MD5SIG_EXT && cmd.tcpm_ifindex && 1269 1250 cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX) { 1270 1251 struct net_device *dev; 1271 1252 ··· 1286 1267 addr = (union tcp_md5_addr *)&sin->sin_addr.s_addr; 1287 1268 1288 1269 if (!cmd.tcpm_keylen) 1289 - return tcp_md5_do_del(sk, addr, AF_INET, prefixlen, l3index); 1270 + return tcp_md5_do_del(sk, addr, AF_INET, prefixlen, l3index, flags); 1290 1271 1291 1272 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) 1292 1273 return -EINVAL; 1293 1274 1294 - return tcp_md5_do_add(sk, addr, AF_INET, prefixlen, l3index, 1275 + return tcp_md5_do_add(sk, addr, AF_INET, prefixlen, l3index, flags, 1295 1276 cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 1296 1277 } 1297 1278 ··· 1615 1596 * memory, then we end up not copying the key 1616 1597 * across. Shucks. 1617 1598 */ 1618 - tcp_md5_do_add(newsk, addr, AF_INET, 32, l3index, 1599 + tcp_md5_do_add(newsk, addr, AF_INET, 32, l3index, key->flags, 1619 1600 key->key, key->keylen, GFP_ATOMIC); 1620 1601 sk_nocaps_add(newsk, NETIF_F_GSO_MASK); 1621 1602 }
+2 -1
net/ipv6/ip6_output.c
··· 464 464 465 465 int ip6_forward(struct sk_buff *skb) 466 466 { 467 - struct inet6_dev *idev = __in6_dev_get_safely(skb->dev); 468 467 struct dst_entry *dst = skb_dst(skb); 469 468 struct ipv6hdr *hdr = ipv6_hdr(skb); 470 469 struct inet6_skb_parm *opt = IP6CB(skb); 471 470 struct net *net = dev_net(dst->dev); 471 + struct inet6_dev *idev; 472 472 u32 mtu; 473 473 474 + idev = __in6_dev_get_safely(dev_get_by_index_rcu(net, IP6CB(skb)->iif)); 474 475 if (net->ipv6.devconf_all->forwarding == 0) 475 476 goto error; 476 477
+6 -42
net/ipv6/netfilter/ip6t_rt.c
··· 25 25 static inline bool 26 26 segsleft_match(u_int32_t min, u_int32_t max, u_int32_t id, bool invert) 27 27 { 28 - bool r; 29 - pr_debug("segsleft_match:%c 0x%x <= 0x%x <= 0x%x\n", 30 - invert ? '!' : ' ', min, id, max); 31 - r = (id >= min && id <= max) ^ invert; 32 - pr_debug(" result %s\n", r ? "PASS" : "FAILED"); 33 - return r; 28 + return (id >= min && id <= max) ^ invert; 34 29 } 35 30 36 31 static bool rt_mt6(const struct sk_buff *skb, struct xt_action_param *par) ··· 60 65 return false; 61 66 } 62 67 63 - pr_debug("IPv6 RT LEN %u %u ", hdrlen, rh->hdrlen); 64 - pr_debug("TYPE %04X ", rh->type); 65 - pr_debug("SGS_LEFT %u %02X\n", rh->segments_left, rh->segments_left); 66 - 67 - pr_debug("IPv6 RT segsleft %02X ", 68 - segsleft_match(rtinfo->segsleft[0], rtinfo->segsleft[1], 69 - rh->segments_left, 70 - !!(rtinfo->invflags & IP6T_RT_INV_SGS))); 71 - pr_debug("type %02X %02X %02X ", 72 - rtinfo->rt_type, rh->type, 73 - (!(rtinfo->flags & IP6T_RT_TYP) || 74 - ((rtinfo->rt_type == rh->type) ^ 75 - !!(rtinfo->invflags & IP6T_RT_INV_TYP)))); 76 - pr_debug("len %02X %04X %02X ", 77 - rtinfo->hdrlen, hdrlen, 78 - !(rtinfo->flags & IP6T_RT_LEN) || 79 - ((rtinfo->hdrlen == hdrlen) ^ 80 - !!(rtinfo->invflags & IP6T_RT_INV_LEN))); 81 - pr_debug("res %02X %02X %02X ", 82 - rtinfo->flags & IP6T_RT_RES, 83 - ((const struct rt0_hdr *)rh)->reserved, 84 - !((rtinfo->flags & IP6T_RT_RES) && 85 - (((const struct rt0_hdr *)rh)->reserved))); 86 - 87 68 ret = (segsleft_match(rtinfo->segsleft[0], rtinfo->segsleft[1], 88 69 rh->segments_left, 89 70 !!(rtinfo->invflags & IP6T_RT_INV_SGS))) && ··· 78 107 reserved), 79 108 sizeof(_reserved), 80 109 &_reserved); 110 + if (!rp) { 111 + par->hotdrop = true; 112 + return false; 113 + } 81 114 82 115 ret = (*rp == 0); 83 116 } 84 117 85 - pr_debug("#%d ", rtinfo->addrnr); 86 118 if (!(rtinfo->flags & IP6T_RT_FST)) { 87 119 return ret; 88 120 } else if (rtinfo->flags & IP6T_RT_FST_NSTRICT) { 89 - pr_debug("Not strict "); 90 121 if (rtinfo->addrnr > (unsigned int)((hdrlen - 8) / 16)) { 91 - pr_debug("There isn't enough space\n"); 92 122 return false; 93 123 } else { 94 124 unsigned int i = 0; 95 125 96 - pr_debug("#%d ", rtinfo->addrnr); 97 126 for (temp = 0; 98 127 temp < (unsigned int)((hdrlen - 8) / 16); 99 128 temp++) { ··· 109 138 return false; 110 139 } 111 140 112 - if (ipv6_addr_equal(ap, &rtinfo->addrs[i])) { 113 - pr_debug("i=%d temp=%d;\n", i, temp); 141 + if (ipv6_addr_equal(ap, &rtinfo->addrs[i])) 114 142 i++; 115 - } 116 143 if (i == rtinfo->addrnr) 117 144 break; 118 145 } 119 - pr_debug("i=%d #%d\n", i, rtinfo->addrnr); 120 146 if (i == rtinfo->addrnr) 121 147 return ret; 122 148 else 123 149 return false; 124 150 } 125 151 } else { 126 - pr_debug("Strict "); 127 152 if (rtinfo->addrnr > (unsigned int)((hdrlen - 8) / 16)) { 128 - pr_debug("There isn't enough space\n"); 129 153 return false; 130 154 } else { 131 - pr_debug("#%d ", rtinfo->addrnr); 132 155 for (temp = 0; temp < rtinfo->addrnr; temp++) { 133 156 ap = skb_header_pointer(skb, 134 157 ptr ··· 138 173 if (!ipv6_addr_equal(ap, &rtinfo->addrs[temp])) 139 174 break; 140 175 } 141 - pr_debug("temp=%d #%d\n", temp, rtinfo->addrnr); 142 176 if (temp == rtinfo->addrnr && 143 177 temp == (unsigned int)((hdrlen - 8) / 16)) 144 178 return ret;
+9 -6
net/ipv6/tcp_ipv6.c
··· 599 599 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr; 600 600 int l3index = 0; 601 601 u8 prefixlen; 602 + u8 flags; 602 603 603 604 if (optlen < sizeof(cmd)) 604 605 return -EINVAL; ··· 609 608 610 609 if (sin6->sin6_family != AF_INET6) 611 610 return -EINVAL; 611 + 612 + flags = cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX; 612 613 613 614 if (optname == TCP_MD5SIG_EXT && 614 615 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) { ··· 622 619 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128; 623 620 } 624 621 625 - if (optname == TCP_MD5SIG_EXT && 622 + if (optname == TCP_MD5SIG_EXT && cmd.tcpm_ifindex && 626 623 cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX) { 627 624 struct net_device *dev; 628 625 ··· 643 640 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 644 641 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 645 642 AF_INET, prefixlen, 646 - l3index); 643 + l3index, flags); 647 644 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 648 - AF_INET6, prefixlen, l3index); 645 + AF_INET6, prefixlen, l3index, flags); 649 646 } 650 647 651 648 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN) ··· 653 650 654 651 if (ipv6_addr_v4mapped(&sin6->sin6_addr)) 655 652 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3], 656 - AF_INET, prefixlen, l3index, 653 + AF_INET, prefixlen, l3index, flags, 657 654 cmd.tcpm_key, cmd.tcpm_keylen, 658 655 GFP_KERNEL); 659 656 660 657 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr, 661 - AF_INET6, prefixlen, l3index, 658 + AF_INET6, prefixlen, l3index, flags, 662 659 cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL); 663 660 } 664 661 ··· 1407 1404 * across. Shucks. 1408 1405 */ 1409 1406 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr, 1410 - AF_INET6, 128, l3index, key->key, key->keylen, 1407 + AF_INET6, 128, l3index, key->flags, key->key, key->keylen, 1411 1408 sk_gfp_mask(sk, GFP_ATOMIC)); 1412 1409 } 1413 1410 #endif
+1 -1
net/netfilter/Kconfig
··· 109 109 config NF_CONNTRACK_SECMARK 110 110 bool 'Connection tracking security mark support' 111 111 depends on NETWORK_SECMARK 112 - default m if NETFILTER_ADVANCED=n 112 + default y if NETFILTER_ADVANCED=n 113 113 help 114 114 This option enables security markings to be applied to 115 115 connections. Typically they are copied to connections from
+5
net/netfilter/ipvs/ip_vs_ctl.c
··· 4090 4090 tbl[idx++].data = &ipvs->sysctl_conn_reuse_mode; 4091 4091 tbl[idx++].data = &ipvs->sysctl_schedule_icmp; 4092 4092 tbl[idx++].data = &ipvs->sysctl_ignore_tunneled; 4093 + #ifdef CONFIG_IP_VS_DEBUG 4094 + /* Global sysctls must be ro in non-init netns */ 4095 + if (!net_eq(net, &init_net)) 4096 + tbl[idx++].mode = 0444; 4097 + #endif 4093 4098 4094 4099 ipvs->sysctl_hdr = register_net_sysctl(net, "net/ipv4/vs", tbl); 4095 4100 if (ipvs->sysctl_hdr == NULL) {
+3 -6
net/netfilter/nft_chain_filter.c
··· 342 342 return; 343 343 } 344 344 345 - /* UNREGISTER events are also happening on netns exit. 346 - * 347 - * Although nf_tables core releases all tables/chains, only this event 348 - * handler provides guarantee that hook->ops.dev is still accessible, 349 - * so we cannot skip exiting net namespaces. 350 - */ 351 345 __nft_release_basechain(ctx); 352 346 } 353 347 ··· 358 364 359 365 if (event != NETDEV_UNREGISTER && 360 366 event != NETDEV_CHANGENAME) 367 + return NOTIFY_DONE; 368 + 369 + if (!check_net(ctx.net)) 361 370 return NOTIFY_DONE; 362 371 363 372 nft_net = nft_pernet(ctx.net);
+1 -1
net/netfilter/xt_IDLETIMER.c
··· 137 137 { 138 138 int ret; 139 139 140 - info->timer = kmalloc(sizeof(*info->timer), GFP_KERNEL); 140 + info->timer = kzalloc(sizeof(*info->timer), GFP_KERNEL); 141 141 if (!info->timer) { 142 142 ret = -ENOMEM; 143 143 goto out;
+1 -1
net/sched/act_ct.c
··· 960 960 tmpl = p->tmpl; 961 961 962 962 tcf_lastuse_update(&c->tcf_tm); 963 + tcf_action_update_bstats(&c->common, skb); 963 964 964 965 if (clear) { 965 966 qdisc_skb_cb(skb)->post_ct = false; ··· 1050 1049 1051 1050 qdisc_skb_cb(skb)->post_ct = true; 1052 1051 out_clear: 1053 - tcf_action_update_bstats(&c->common, skb); 1054 1052 if (defrag) 1055 1053 qdisc_skb_cb(skb)->pkt_len = skb->len; 1056 1054 return retval;
+1
tools/testing/selftests/net/config
··· 43 43 CONFIG_NET_ACT_MIRRED=m 44 44 CONFIG_BAREUDP=m 45 45 CONFIG_IPV6_IOAM6_LWTUNNEL=y 46 + CONFIG_CRYPTO_SM4=y
+60
tools/testing/selftests/net/fcnal-test.sh
··· 289 289 run_cmd sysctl -q -w $* 290 290 } 291 291 292 + # get sysctl values in NS-A 293 + get_sysctl() 294 + { 295 + ${NSA_CMD} sysctl -n $* 296 + } 297 + 292 298 ################################################################################ 293 299 # Setup for tests 294 300 ··· 1009 1003 run_cmd nettest -s -I ${NSA_DEV} -M ${MD5_PW} -m ${NS_NET} 1010 1004 log_test $? 1 "MD5: VRF: Device must be a VRF - prefix" 1011 1005 1006 + test_ipv4_md5_vrf__vrf_server__no_bind_ifindex 1007 + test_ipv4_md5_vrf__global_server__bind_ifindex0 1008 + } 1009 + 1010 + test_ipv4_md5_vrf__vrf_server__no_bind_ifindex() 1011 + { 1012 + log_start 1013 + show_hint "Simulates applications using VRF without TCP_MD5SIG_FLAG_IFINDEX" 1014 + run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & 1015 + sleep 1 1016 + run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} 1017 + log_test $? 0 "MD5: VRF: VRF-bound server, unbound key accepts connection" 1018 + 1019 + log_start 1020 + show_hint "Binding both the socket and the key is not required but it works" 1021 + run_cmd nettest -s -I ${VRF} -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & 1022 + sleep 1 1023 + run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} 1024 + log_test $? 0 "MD5: VRF: VRF-bound server, bound key accepts connection" 1025 + } 1026 + 1027 + test_ipv4_md5_vrf__global_server__bind_ifindex0() 1028 + { 1029 + # This particular test needs tcp_l3mdev_accept=1 for Global server to accept VRF connections 1030 + local old_tcp_l3mdev_accept 1031 + old_tcp_l3mdev_accept=$(get_sysctl net.ipv4.tcp_l3mdev_accept) 1032 + set_sysctl net.ipv4.tcp_l3mdev_accept=1 1033 + 1034 + log_start 1035 + run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & 1036 + sleep 1 1037 + run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} 1038 + log_test $? 2 "MD5: VRF: Global server, Key bound to ifindex=0 rejects VRF connection" 1039 + 1040 + log_start 1041 + run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --force-bind-key-ifindex & 1042 + sleep 1 1043 + run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} 1044 + log_test $? 0 "MD5: VRF: Global server, key bound to ifindex=0 accepts non-VRF connection" 1045 + log_start 1046 + 1047 + run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & 1048 + sleep 1 1049 + run_cmd_nsb nettest -r ${NSA_IP} -X ${MD5_PW} 1050 + log_test $? 0 "MD5: VRF: Global server, key not bound to ifindex accepts VRF connection" 1051 + 1052 + log_start 1053 + run_cmd nettest -s -M ${MD5_PW} -m ${NS_NET} --no-bind-key-ifindex & 1054 + sleep 1 1055 + run_cmd_nsc nettest -r ${NSA_IP} -X ${MD5_PW} 1056 + log_test $? 0 "MD5: VRF: Global server, key not bound to ifindex accepts non-VRF connection" 1057 + 1058 + # restore value 1059 + set_sysctl net.ipv4.tcp_l3mdev_accept="$old_tcp_l3mdev_accept" 1012 1060 } 1013 1061 1014 1062 ipv4_tcp_novrf()
+1
tools/testing/selftests/net/forwarding/Makefile
··· 9 9 gre_inner_v4_multipath.sh \ 10 10 gre_inner_v6_multipath.sh \ 11 11 gre_multipath.sh \ 12 + ip6_forward_instats_vrf.sh \ 12 13 ip6gre_inner_v4_multipath.sh \ 13 14 ip6gre_inner_v6_multipath.sh \ 14 15 ipip_flat_gre_key.sh \
+2
tools/testing/selftests/net/forwarding/forwarding.config.sample
··· 39 39 # Timeout (in seconds) before ping exits regardless of how many packets have 40 40 # been sent or received 41 41 PING_TIMEOUT=5 42 + # IPv6 traceroute utility name. 43 + TROUTE6=traceroute6
+172
tools/testing/selftests/net/forwarding/ip6_forward_instats_vrf.sh
··· 1 + #!/bin/bash 2 + # SPDX-License-Identifier: GPL-2.0 3 + 4 + # Test ipv6 stats on the incoming if when forwarding with VRF 5 + 6 + ALL_TESTS=" 7 + ipv6_ping 8 + ipv6_in_too_big_err 9 + ipv6_in_hdr_err 10 + ipv6_in_addr_err 11 + ipv6_in_discard 12 + " 13 + 14 + NUM_NETIFS=4 15 + source lib.sh 16 + 17 + h1_create() 18 + { 19 + simple_if_init $h1 2001:1:1::2/64 20 + ip -6 route add vrf v$h1 2001:1:2::/64 via 2001:1:1::1 21 + } 22 + 23 + h1_destroy() 24 + { 25 + ip -6 route del vrf v$h1 2001:1:2::/64 via 2001:1:1::1 26 + simple_if_fini $h1 2001:1:1::2/64 27 + } 28 + 29 + router_create() 30 + { 31 + vrf_create router 32 + __simple_if_init $rtr1 router 2001:1:1::1/64 33 + __simple_if_init $rtr2 router 2001:1:2::1/64 34 + mtu_set $rtr2 1280 35 + } 36 + 37 + router_destroy() 38 + { 39 + mtu_restore $rtr2 40 + __simple_if_fini $rtr2 2001:1:2::1/64 41 + __simple_if_fini $rtr1 2001:1:1::1/64 42 + vrf_destroy router 43 + } 44 + 45 + h2_create() 46 + { 47 + simple_if_init $h2 2001:1:2::2/64 48 + ip -6 route add vrf v$h2 2001:1:1::/64 via 2001:1:2::1 49 + mtu_set $h2 1280 50 + } 51 + 52 + h2_destroy() 53 + { 54 + mtu_restore $h2 55 + ip -6 route del vrf v$h2 2001:1:1::/64 via 2001:1:2::1 56 + simple_if_fini $h2 2001:1:2::2/64 57 + } 58 + 59 + setup_prepare() 60 + { 61 + h1=${NETIFS[p1]} 62 + rtr1=${NETIFS[p2]} 63 + 64 + rtr2=${NETIFS[p3]} 65 + h2=${NETIFS[p4]} 66 + 67 + vrf_prepare 68 + h1_create 69 + router_create 70 + h2_create 71 + 72 + forwarding_enable 73 + } 74 + 75 + cleanup() 76 + { 77 + pre_cleanup 78 + 79 + forwarding_restore 80 + 81 + h2_destroy 82 + router_destroy 83 + h1_destroy 84 + vrf_cleanup 85 + } 86 + 87 + ipv6_in_too_big_err() 88 + { 89 + RET=0 90 + 91 + local t0=$(ipv6_stats_get $rtr1 Ip6InTooBigErrors) 92 + local vrf_name=$(master_name_get $h1) 93 + 94 + # Send too big packets 95 + ip vrf exec $vrf_name \ 96 + $PING6 -s 1300 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null 97 + 98 + local t1=$(ipv6_stats_get $rtr1 Ip6InTooBigErrors) 99 + test "$((t1 - t0))" -ne 0 100 + check_err $? 101 + log_test "Ip6InTooBigErrors" 102 + } 103 + 104 + ipv6_in_hdr_err() 105 + { 106 + RET=0 107 + 108 + local t0=$(ipv6_stats_get $rtr1 Ip6InHdrErrors) 109 + local vrf_name=$(master_name_get $h1) 110 + 111 + # Send packets with hop limit 1, easiest with traceroute6 as some ping6 112 + # doesn't allow hop limit to be specified 113 + ip vrf exec $vrf_name \ 114 + $TROUTE6 2001:1:2::2 &> /dev/null 115 + 116 + local t1=$(ipv6_stats_get $rtr1 Ip6InHdrErrors) 117 + test "$((t1 - t0))" -ne 0 118 + check_err $? 119 + log_test "Ip6InHdrErrors" 120 + } 121 + 122 + ipv6_in_addr_err() 123 + { 124 + RET=0 125 + 126 + local t0=$(ipv6_stats_get $rtr1 Ip6InAddrErrors) 127 + local vrf_name=$(master_name_get $h1) 128 + 129 + # Disable forwarding temporary while sending the packet 130 + sysctl -qw net.ipv6.conf.all.forwarding=0 131 + ip vrf exec $vrf_name \ 132 + $PING6 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null 133 + sysctl -qw net.ipv6.conf.all.forwarding=1 134 + 135 + local t1=$(ipv6_stats_get $rtr1 Ip6InAddrErrors) 136 + test "$((t1 - t0))" -ne 0 137 + check_err $? 138 + log_test "Ip6InAddrErrors" 139 + } 140 + 141 + ipv6_in_discard() 142 + { 143 + RET=0 144 + 145 + local t0=$(ipv6_stats_get $rtr1 Ip6InDiscards) 146 + local vrf_name=$(master_name_get $h1) 147 + 148 + # Add a policy to discard 149 + ip xfrm policy add dst 2001:1:2::2/128 dir fwd action block 150 + ip vrf exec $vrf_name \ 151 + $PING6 2001:1:2::2 -c 1 -w $PING_TIMEOUT &> /dev/null 152 + ip xfrm policy del dst 2001:1:2::2/128 dir fwd 153 + 154 + local t1=$(ipv6_stats_get $rtr1 Ip6InDiscards) 155 + test "$((t1 - t0))" -ne 0 156 + check_err $? 157 + log_test "Ip6InDiscards" 158 + } 159 + ipv6_ping() 160 + { 161 + RET=0 162 + 163 + ping6_test $h1 2001:1:2::2 164 + } 165 + 166 + trap cleanup EXIT 167 + 168 + setup_prepare 169 + setup_wait 170 + tests_run 171 + 172 + exit $EXIT_STATUS
+8
tools/testing/selftests/net/forwarding/lib.sh
··· 751 751 | jq '.[] | select(.parent == "'"$parent"'") | '"$selector" 752 752 } 753 753 754 + ipv6_stats_get() 755 + { 756 + local dev=$1; shift 757 + local stat=$1; shift 758 + 759 + cat /proc/net/dev_snmp6/$dev | grep "^$stat" | cut -f2 760 + } 761 + 754 762 humanize() 755 763 { 756 764 local speed=$1; shift
+26 -2
tools/testing/selftests/net/nettest.c
··· 28 28 #include <unistd.h> 29 29 #include <time.h> 30 30 #include <errno.h> 31 + #include <getopt.h> 31 32 32 33 #include <linux/xfrm.h> 33 34 #include <linux/ipsec.h> ··· 102 101 struct sockaddr_in6 v6; 103 102 } md5_prefix; 104 103 unsigned int prefix_len; 104 + /* 0: default, -1: force off, +1: force on */ 105 + int bind_key_ifindex; 105 106 106 107 /* expected addresses and device index for connection */ 107 108 const char *expected_dev; ··· 274 271 } 275 272 memcpy(&md5sig.tcpm_addr, addr, alen); 276 273 277 - if (args->ifindex) { 274 + if ((args->ifindex && args->bind_key_ifindex >= 0) || args->bind_key_ifindex >= 1) { 278 275 opt = TCP_MD5SIG_EXT; 279 276 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_IFINDEX; 280 277 281 278 md5sig.tcpm_ifindex = args->ifindex; 279 + log_msg("TCP_MD5SIG_FLAG_IFINDEX set tcpm_ifindex=%d\n", md5sig.tcpm_ifindex); 280 + } else { 281 + log_msg("TCP_MD5SIG_FLAG_IFINDEX off\n", md5sig.tcpm_ifindex); 282 282 } 283 283 284 284 rc = setsockopt(sd, IPPROTO_TCP, opt, &md5sig, sizeof(md5sig)); ··· 1828 1822 } 1829 1823 1830 1824 #define GETOPT_STR "sr:l:c:p:t:g:P:DRn:M:X:m:d:I:BN:O:SCi6xL:0:1:2:3:Fbq" 1825 + #define OPT_FORCE_BIND_KEY_IFINDEX 1001 1826 + #define OPT_NO_BIND_KEY_IFINDEX 1002 1827 + 1828 + static struct option long_opts[] = { 1829 + {"force-bind-key-ifindex", 0, 0, OPT_FORCE_BIND_KEY_IFINDEX}, 1830 + {"no-bind-key-ifindex", 0, 0, OPT_NO_BIND_KEY_IFINDEX}, 1831 + {0, 0, 0, 0} 1832 + }; 1831 1833 1832 1834 static void print_usage(char *prog) 1833 1835 { ··· 1872 1858 " -M password use MD5 sum protection\n" 1873 1859 " -X password MD5 password for client mode\n" 1874 1860 " -m prefix/len prefix and length to use for MD5 key\n" 1861 + " --no-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX off\n" 1862 + " --force-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX on\n" 1863 + " (default: only if -I is passed)\n" 1864 + "\n" 1875 1865 " -g grp multicast group (e.g., 239.1.1.1)\n" 1876 1866 " -i interactive mode (default is echo and terminate)\n" 1877 1867 "\n" ··· 1911 1893 * process input args 1912 1894 */ 1913 1895 1914 - while ((rc = getopt(argc, argv, GETOPT_STR)) != -1) { 1896 + while ((rc = getopt_long(argc, argv, GETOPT_STR, long_opts, NULL)) != -1) { 1915 1897 switch (rc) { 1916 1898 case 'B': 1917 1899 both_mode = 1; ··· 1983 1965 break; 1984 1966 case 'M': 1985 1967 args.password = optarg; 1968 + break; 1969 + case OPT_FORCE_BIND_KEY_IFINDEX: 1970 + args.bind_key_ifindex = 1; 1971 + break; 1972 + case OPT_NO_BIND_KEY_IFINDEX: 1973 + args.bind_key_ifindex = -1; 1986 1974 break; 1987 1975 case 'X': 1988 1976 args.client_pw = optarg;
-1
tools/testing/selftests/netfilter/nft_flowtable.sh
··· 199 199 # test basic connectivity 200 200 if ! ip netns exec ns1 ping -c 1 -q 10.0.2.99 > /dev/null; then 201 201 echo "ERROR: ns1 cannot reach ns2" 1>&2 202 - bash 203 202 exit 1 204 203 fi 205 204
+145
tools/testing/selftests/netfilter/nft_nat.sh
··· 741 741 return $lret 742 742 } 743 743 744 + # test port shadowing. 745 + # create two listening services, one on router (ns0), one 746 + # on client (ns2), which is masqueraded from ns1 point of view. 747 + # ns2 sends udp packet coming from service port to ns1, on a highport. 748 + # Later, if n1 uses same highport to connect to ns0:service, packet 749 + # might be port-forwarded to ns2 instead. 750 + 751 + # second argument tells if we expect the 'fake-entry' to take effect 752 + # (CLIENT) or not (ROUTER). 753 + test_port_shadow() 754 + { 755 + local test=$1 756 + local expect=$2 757 + local daddrc="10.0.1.99" 758 + local daddrs="10.0.1.1" 759 + local result="" 760 + local logmsg="" 761 + 762 + echo ROUTER | ip netns exec "$ns0" nc -w 5 -u -l -p 1405 >/dev/null 2>&1 & 763 + nc_r=$! 764 + 765 + echo CLIENT | ip netns exec "$ns2" nc -w 5 -u -l -p 1405 >/dev/null 2>&1 & 766 + nc_c=$! 767 + 768 + # make shadow entry, from client (ns2), going to (ns1), port 41404, sport 1405. 769 + echo "fake-entry" | ip netns exec "$ns2" nc -w 1 -p 1405 -u "$daddrc" 41404 > /dev/null 770 + 771 + # ns1 tries to connect to ns0:1405. With default settings this should connect 772 + # to client, it matches the conntrack entry created above. 773 + 774 + result=$(echo "" | ip netns exec "$ns1" nc -w 1 -p 41404 -u "$daddrs" 1405) 775 + 776 + if [ "$result" = "$expect" ] ;then 777 + echo "PASS: portshadow test $test: got reply from ${expect}${logmsg}" 778 + else 779 + echo "ERROR: portshadow test $test: got reply from \"$result\", not $expect as intended" 780 + ret=1 781 + fi 782 + 783 + kill $nc_r $nc_c 2>/dev/null 784 + 785 + # flush udp entries for next test round, if any 786 + ip netns exec "$ns0" conntrack -F >/dev/null 2>&1 787 + } 788 + 789 + # This prevents port shadow of router service via packet filter, 790 + # packets claiming to originate from service port from internal 791 + # network are dropped. 792 + test_port_shadow_filter() 793 + { 794 + local family=$1 795 + 796 + ip netns exec "$ns0" nft -f /dev/stdin <<EOF 797 + table $family filter { 798 + chain forward { 799 + type filter hook forward priority 0; policy accept; 800 + meta iif veth1 udp sport 1405 drop 801 + } 802 + } 803 + EOF 804 + test_port_shadow "port-filter" "ROUTER" 805 + 806 + ip netns exec "$ns0" nft delete table $family filter 807 + } 808 + 809 + # This prevents port shadow of router service via notrack. 810 + test_port_shadow_notrack() 811 + { 812 + local family=$1 813 + 814 + ip netns exec "$ns0" nft -f /dev/stdin <<EOF 815 + table $family raw { 816 + chain prerouting { 817 + type filter hook prerouting priority -300; policy accept; 818 + meta iif veth0 udp dport 1405 notrack 819 + udp dport 1405 notrack 820 + } 821 + chain output { 822 + type filter hook output priority -300; policy accept; 823 + udp sport 1405 notrack 824 + } 825 + } 826 + EOF 827 + test_port_shadow "port-notrack" "ROUTER" 828 + 829 + ip netns exec "$ns0" nft delete table $family raw 830 + } 831 + 832 + # This prevents port shadow of router service via sport remap. 833 + test_port_shadow_pat() 834 + { 835 + local family=$1 836 + 837 + ip netns exec "$ns0" nft -f /dev/stdin <<EOF 838 + table $family pat { 839 + chain postrouting { 840 + type nat hook postrouting priority -1; policy accept; 841 + meta iif veth1 udp sport <= 1405 masquerade to : 1406-65535 random 842 + } 843 + } 844 + EOF 845 + test_port_shadow "pat" "ROUTER" 846 + 847 + ip netns exec "$ns0" nft delete table $family pat 848 + } 849 + 850 + test_port_shadowing() 851 + { 852 + local family="ip" 853 + 854 + ip netns exec "$ns0" sysctl net.ipv4.conf.veth0.forwarding=1 > /dev/null 855 + ip netns exec "$ns0" sysctl net.ipv4.conf.veth1.forwarding=1 > /dev/null 856 + 857 + ip netns exec "$ns0" nft -f /dev/stdin <<EOF 858 + table $family nat { 859 + chain postrouting { 860 + type nat hook postrouting priority 0; policy accept; 861 + meta oif veth0 masquerade 862 + } 863 + } 864 + EOF 865 + if [ $? -ne 0 ]; then 866 + echo "SKIP: Could not add add $family masquerade hook" 867 + return $ksft_skip 868 + fi 869 + 870 + # test default behaviour. Packet from ns1 to ns0 is redirected to ns2. 871 + test_port_shadow "default" "CLIENT" 872 + 873 + # test packet filter based mitigation: prevent forwarding of 874 + # packets claiming to come from the service port. 875 + test_port_shadow_filter "$family" 876 + 877 + # test conntrack based mitigation: connections going or coming 878 + # from router:service bypass connection tracking. 879 + test_port_shadow_notrack "$family" 880 + 881 + # test nat based mitigation: fowarded packets coming from service port 882 + # are masqueraded with random highport. 883 + test_port_shadow_pat "$family" 884 + 885 + ip netns exec "$ns0" nft delete table $family nat 886 + } 744 887 745 888 # ip netns exec "$ns0" ping -c 1 -q 10.0.$i.99 746 889 for i in 0 1 2; do ··· 1003 860 reset_counters 1004 861 $test_inet_nat && test_redirect inet 1005 862 $test_inet_nat && test_redirect6 inet 863 + 864 + test_port_shadowing 1006 865 1007 866 if [ $ret -ne 0 ];then 1008 867 echo -n "FAIL: "
-2
tools/testing/vsock/vsock_diag_test.c
··· 332 332 read_vsock_stat(&sockets); 333 333 334 334 check_no_sockets(&sockets); 335 - 336 - free_sock_stat(&sockets); 337 335 } 338 336 339 337 static void test_listen_socket_server(const struct test_opts *opts)