Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'net-5.18-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Pull networking fixes from Paolo Abeni:
"Including fixes from can, xfrm and netfilter subtrees.
Notably this reverts a recent TCP/DCCP netns-related change to address
a possible UaF.
Current release - regressions:
- tcp: revert "tcp/dccp: get rid of inet_twsk_purge()"
- xfrm: set dst dev to blackhole_netdev instead of loopback_dev in
ifdown
Previous releases - regressions:
- netfilter: flowtable: fix TCP flow teardown
- can: revert "can: m_can: pci: use custom bit timings for Elkhart
Lake"
- xfrm: check encryption module availability consistency
- eth: vmxnet3: fix possible use-after-free bugs in
vmxnet3_rq_alloc_rx_buf()
- eth: mlx5: initialize flow steering during driver probe
- eth: ice: fix crash when writing timestamp on RX rings
Previous releases - always broken:
- mptcp: fix checksum byte order
- eth: lan966x: fix assignment of the MAC address
- eth: mlx5: remove HW-GRO from reported features
- eth: ftgmac100: disable hardware checksum on AST2600"
* tag 'net-5.18-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (50 commits)
net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.
ptp: ocp: change sysfs attr group handling
selftests: forwarding: fix missing backslash
netfilter: nf_tables: disable expression reduction infra
netfilter: flowtable: move dst_check to packet path
netfilter: flowtable: fix TCP flow teardown
net: ftgmac100: Disable hardware checksum on AST2600
igb: skip phy status check where unavailable
nfc: pn533: Fix buggy cleanup order
mptcp: Do TCP fallback on early DSS checksum failure
mptcp: fix checksum byte order
net: af_key: check encryption module availability consistency
net: af_key: add check for pfkey_broadcast in function pfkey_process
net/mlx5: Drain fw_reset when removing device
net/mlx5e: CT: Fix setting flow_source for smfs ct tuples
net/mlx5e: CT: Fix support for GRE tuples
net/mlx5e: Remove HW-GRO from reported features
net/mlx5e: Properly block HW GRO when XDP is enabled
net/mlx5e: Properly block LRO when XDP is enabled
net/mlx5e: Block rx-gro-hw feature in switchdev mode
...
+695
-363
+6
-18
drivers/net/can/m_can/m_can.c
+6
-18
drivers/net/can/m_can/m_can.c
···
1495
1495
err = can_set_static_ctrlmode(dev, CAN_CTRLMODE_FD_NON_ISO);
1496
1496
if (err)
1497
1497
return err;
1498
-
cdev->can.bittiming_const = cdev->bit_timing ?
1499
-
cdev->bit_timing : &m_can_bittiming_const_30X;
1500
-
1501
-
cdev->can.data_bittiming_const = cdev->data_timing ?
1502
-
cdev->data_timing :
1503
-
&m_can_data_bittiming_const_30X;
1498
+
cdev->can.bittiming_const = &m_can_bittiming_const_30X;
1499
+
cdev->can.data_bittiming_const = &m_can_data_bittiming_const_30X;
1504
1500
break;
1505
1501
case 31:
1506
1502
/* CAN_CTRLMODE_FD_NON_ISO is fixed with M_CAN IP v3.1.x */
1507
1503
err = can_set_static_ctrlmode(dev, CAN_CTRLMODE_FD_NON_ISO);
1508
1504
if (err)
1509
1505
return err;
1510
-
cdev->can.bittiming_const = cdev->bit_timing ?
1511
-
cdev->bit_timing : &m_can_bittiming_const_31X;
1512
-
1513
-
cdev->can.data_bittiming_const = cdev->data_timing ?
1514
-
cdev->data_timing :
1515
-
&m_can_data_bittiming_const_31X;
1506
+
cdev->can.bittiming_const = &m_can_bittiming_const_31X;
1507
+
cdev->can.data_bittiming_const = &m_can_data_bittiming_const_31X;
1516
1508
break;
1517
1509
case 32:
1518
1510
case 33:
1519
1511
/* Support both MCAN version v3.2.x and v3.3.0 */
1520
-
cdev->can.bittiming_const = cdev->bit_timing ?
1521
-
cdev->bit_timing : &m_can_bittiming_const_31X;
1522
-
1523
-
cdev->can.data_bittiming_const = cdev->data_timing ?
1524
-
cdev->data_timing :
1525
-
&m_can_data_bittiming_const_31X;
1512
+
cdev->can.bittiming_const = &m_can_bittiming_const_31X;
1513
+
cdev->can.data_bittiming_const = &m_can_data_bittiming_const_31X;
1526
1514
1527
1515
cdev->can.ctrlmode_supported |=
1528
1516
(m_can_niso_supported(cdev) ?
-3
drivers/net/can/m_can/m_can.h
-3
drivers/net/can/m_can/m_can.h
+4
-44
drivers/net/can/m_can/m_can_pci.c
+4
-44
drivers/net/can/m_can/m_can_pci.c
···
18
18
19
19
#define M_CAN_PCI_MMIO_BAR 0
20
20
21
+
#define M_CAN_CLOCK_FREQ_EHL 200000000
21
22
#define CTL_CSR_INT_CTL_OFFSET 0x508
22
-
23
-
struct m_can_pci_config {
24
-
const struct can_bittiming_const *bit_timing;
25
-
const struct can_bittiming_const *data_timing;
26
-
unsigned int clock_freq;
27
-
};
28
23
29
24
struct m_can_pci_priv {
30
25
struct m_can_classdev cdev;
···
84
89
.read_fifo = iomap_read_fifo,
85
90
};
86
91
87
-
static const struct can_bittiming_const m_can_bittiming_const_ehl = {
88
-
.name = KBUILD_MODNAME,
89
-
.tseg1_min = 2, /* Time segment 1 = prop_seg + phase_seg1 */
90
-
.tseg1_max = 64,
91
-
.tseg2_min = 1, /* Time segment 2 = phase_seg2 */
92
-
.tseg2_max = 128,
93
-
.sjw_max = 128,
94
-
.brp_min = 1,
95
-
.brp_max = 512,
96
-
.brp_inc = 1,
97
-
};
98
-
99
-
static const struct can_bittiming_const m_can_data_bittiming_const_ehl = {
100
-
.name = KBUILD_MODNAME,
101
-
.tseg1_min = 2, /* Time segment 1 = prop_seg + phase_seg1 */
102
-
.tseg1_max = 16,
103
-
.tseg2_min = 1, /* Time segment 2 = phase_seg2 */
104
-
.tseg2_max = 8,
105
-
.sjw_max = 4,
106
-
.brp_min = 1,
107
-
.brp_max = 32,
108
-
.brp_inc = 1,
109
-
};
110
-
111
-
static const struct m_can_pci_config m_can_pci_ehl = {
112
-
.bit_timing = &m_can_bittiming_const_ehl,
113
-
.data_timing = &m_can_data_bittiming_const_ehl,
114
-
.clock_freq = 200000000,
115
-
};
116
-
117
92
static int m_can_pci_probe(struct pci_dev *pci, const struct pci_device_id *id)
118
93
{
119
94
struct device *dev = &pci->dev;
120
-
const struct m_can_pci_config *cfg;
121
95
struct m_can_classdev *mcan_class;
122
96
struct m_can_pci_priv *priv;
123
97
void __iomem *base;
···
114
150
if (!mcan_class)
115
151
return -ENOMEM;
116
152
117
-
cfg = (const struct m_can_pci_config *)id->driver_data;
118
-
119
153
priv = cdev_to_priv(mcan_class);
120
154
121
155
priv->base = base;
···
125
163
mcan_class->dev = &pci->dev;
126
164
mcan_class->net->irq = pci_irq_vector(pci, 0);
127
165
mcan_class->pm_clock_support = 1;
128
-
mcan_class->bit_timing = cfg->bit_timing;
129
-
mcan_class->data_timing = cfg->data_timing;
130
-
mcan_class->can.clock.freq = cfg->clock_freq;
166
+
mcan_class->can.clock.freq = id->driver_data;
131
167
mcan_class->ops = &m_can_pci_ops;
132
168
133
169
pci_set_drvdata(pci, mcan_class);
···
178
218
m_can_pci_suspend, m_can_pci_resume);
179
219
180
220
static const struct pci_device_id m_can_pci_id_table[] = {
181
-
{ PCI_VDEVICE(INTEL, 0x4bc1), (kernel_ulong_t)&m_can_pci_ehl, },
182
-
{ PCI_VDEVICE(INTEL, 0x4bc2), (kernel_ulong_t)&m_can_pci_ehl, },
221
+
{ PCI_VDEVICE(INTEL, 0x4bc1), M_CAN_CLOCK_FREQ_EHL, },
222
+
{ PCI_VDEVICE(INTEL, 0x4bc2), M_CAN_CLOCK_FREQ_EHL, },
183
223
{ } /* Terminating Entry */
184
224
};
185
225
MODULE_DEVICE_TABLE(pci, m_can_pci_id_table);
+4
-2
drivers/net/ethernet/broadcom/bcmsysport.c
+4
-2
drivers/net/ethernet/broadcom/bcmsysport.c
···
2585
2585
device_set_wakeup_capable(&pdev->dev, 1);
2586
2586
2587
2587
priv->wol_clk = devm_clk_get_optional(&pdev->dev, "sw_sysportwol");
2588
-
if (IS_ERR(priv->wol_clk))
2589
-
return PTR_ERR(priv->wol_clk);
2588
+
if (IS_ERR(priv->wol_clk)) {
2589
+
ret = PTR_ERR(priv->wol_clk);
2590
+
goto err_deregister_fixed_link;
2591
+
}
2590
2592
2591
2593
/* Set the needed headroom once and for all */
2592
2594
BUILD_BUG_ON(sizeof(struct bcm_tsb) != 8);
+1
-1
drivers/net/ethernet/cadence/macb_main.c
+1
-1
drivers/net/ethernet/cadence/macb_main.c
···
1219
1219
/* Make hw descriptor updates visible to CPU */
1220
1220
rmb();
1221
1221
1222
-
queue->rx_prepared_head++;
1223
1222
desc = macb_rx_desc(queue, entry);
1224
1223
1225
1224
if (!queue->rx_skbuff[entry]) {
···
1257
1258
dma_wmb();
1258
1259
desc->addr &= ~MACB_BIT(RX_USED);
1259
1260
}
1261
+
queue->rx_prepared_head++;
1260
1262
}
1261
1263
1262
1264
/* Make descriptor updates visible to hardware */
+5
drivers/net/ethernet/faraday/ftgmac100.c
+5
drivers/net/ethernet/faraday/ftgmac100.c
···
1928
1928
/* AST2400 doesn't have working HW checksum generation */
1929
1929
if (np && (of_device_is_compatible(np, "aspeed,ast2400-mac")))
1930
1930
netdev->hw_features &= ~NETIF_F_HW_CSUM;
1931
+
1932
+
/* AST2600 tx checksum with NCSI is broken */
1933
+
if (priv->use_ncsi && of_device_is_compatible(np, "aspeed,ast2600-mac"))
1934
+
netdev->hw_features &= ~NETIF_F_HW_CSUM;
1935
+
1931
1936
if (np && of_get_property(np, "no-hw-checksum", NULL))
1932
1937
netdev->hw_features &= ~(NETIF_F_HW_CSUM | NETIF_F_RXCSUM);
1933
1938
netdev->features |= netdev->hw_features;
+8
-8
drivers/net/ethernet/intel/ice/ice_lib.c
+8
-8
drivers/net/ethernet/intel/ice/ice_lib.c
···
3043
3043
ice_for_each_q_vector(vsi, i) {
3044
3044
struct ice_q_vector *q_vector = vsi->q_vectors[i];
3045
3045
3046
-
coalesce[i].itr_tx = q_vector->tx.itr_setting;
3047
-
coalesce[i].itr_rx = q_vector->rx.itr_setting;
3046
+
coalesce[i].itr_tx = q_vector->tx.itr_settings;
3047
+
coalesce[i].itr_rx = q_vector->rx.itr_settings;
3048
3048
coalesce[i].intrl = q_vector->intrl;
3049
3049
3050
3050
if (i < vsi->num_txq)
···
3100
3100
*/
3101
3101
if (i < vsi->alloc_rxq && coalesce[i].rx_valid) {
3102
3102
rc = &vsi->q_vectors[i]->rx;
3103
-
rc->itr_setting = coalesce[i].itr_rx;
3103
+
rc->itr_settings = coalesce[i].itr_rx;
3104
3104
ice_write_itr(rc, rc->itr_setting);
3105
3105
} else if (i < vsi->alloc_rxq) {
3106
3106
rc = &vsi->q_vectors[i]->rx;
3107
-
rc->itr_setting = coalesce[0].itr_rx;
3107
+
rc->itr_settings = coalesce[0].itr_rx;
3108
3108
ice_write_itr(rc, rc->itr_setting);
3109
3109
}
3110
3110
3111
3111
if (i < vsi->alloc_txq && coalesce[i].tx_valid) {
3112
3112
rc = &vsi->q_vectors[i]->tx;
3113
-
rc->itr_setting = coalesce[i].itr_tx;
3113
+
rc->itr_settings = coalesce[i].itr_tx;
3114
3114
ice_write_itr(rc, rc->itr_setting);
3115
3115
} else if (i < vsi->alloc_txq) {
3116
3116
rc = &vsi->q_vectors[i]->tx;
3117
-
rc->itr_setting = coalesce[0].itr_tx;
3117
+
rc->itr_settings = coalesce[0].itr_tx;
3118
3118
ice_write_itr(rc, rc->itr_setting);
3119
3119
}
3120
3120
···
3128
3128
for (; i < vsi->num_q_vectors; i++) {
3129
3129
/* transmit */
3130
3130
rc = &vsi->q_vectors[i]->tx;
3131
-
rc->itr_setting = coalesce[0].itr_tx;
3131
+
rc->itr_settings = coalesce[0].itr_tx;
3132
3132
ice_write_itr(rc, rc->itr_setting);
3133
3133
3134
3134
/* receive */
3135
3135
rc = &vsi->q_vectors[i]->rx;
3136
-
rc->itr_setting = coalesce[0].itr_rx;
3136
+
rc->itr_settings = coalesce[0].itr_rx;
3137
3137
ice_write_itr(rc, rc->itr_setting);
3138
3138
3139
3139
vsi->q_vectors[i]->intrl = coalesce[0].intrl;
+4
-3
drivers/net/ethernet/intel/ice/ice_main.c
+4
-3
drivers/net/ethernet/intel/ice/ice_main.c
···
6172
6172
ice_ptp_link_change(pf, pf->hw.pf_id, true);
6173
6173
}
6174
6174
6175
-
/* clear this now, and the first stats read will be used as baseline */
6176
-
vsi->stat_offsets_loaded = false;
6177
-
6175
+
/* Perform an initial read of the statistics registers now to
6176
+
* set the baseline so counters are ready when interface is up
6177
+
*/
6178
+
ice_update_eth_stats(vsi);
6178
6179
ice_service_task_schedule(pf);
6179
6180
6180
6181
return 0;
+15
-4
drivers/net/ethernet/intel/ice/ice_ptp.c
+15
-4
drivers/net/ethernet/intel/ice/ice_ptp.c
···
500
500
* This function must be called periodically to ensure that the cached value
501
501
* is never more than 2 seconds old. It must also be called whenever the PHC
502
502
* time has been changed.
503
+
*
504
+
* Return:
505
+
* * 0 - OK, successfully updated
506
+
* * -EAGAIN - PF was busy, need to reschedule the update
503
507
*/
504
-
static void ice_ptp_update_cached_phctime(struct ice_pf *pf)
508
+
static int ice_ptp_update_cached_phctime(struct ice_pf *pf)
505
509
{
506
510
u64 systime;
507
511
int i;
512
+
513
+
if (test_and_set_bit(ICE_CFG_BUSY, pf->state))
514
+
return -EAGAIN;
508
515
509
516
/* Read the current PHC time */
510
517
systime = ice_ptp_read_src_clk_reg(pf, NULL);
···
535
528
WRITE_ONCE(vsi->rx_rings[j]->cached_phctime, systime);
536
529
}
537
530
}
531
+
clear_bit(ICE_CFG_BUSY, pf->state);
532
+
533
+
return 0;
538
534
}
539
535
540
536
/**
···
2340
2330
{
2341
2331
struct ice_ptp *ptp = container_of(work, struct ice_ptp, work.work);
2342
2332
struct ice_pf *pf = container_of(ptp, struct ice_pf, ptp);
2333
+
int err;
2343
2334
2344
2335
if (!test_bit(ICE_FLAG_PTP, pf->flags))
2345
2336
return;
2346
2337
2347
-
ice_ptp_update_cached_phctime(pf);
2338
+
err = ice_ptp_update_cached_phctime(pf);
2348
2339
2349
2340
ice_ptp_tx_tstamp_cleanup(&pf->hw, &pf->ptp.port.tx);
2350
2341
2351
-
/* Run twice a second */
2342
+
/* Run twice a second or reschedule if phc update failed */
2352
2343
kthread_queue_delayed_work(ptp->kworker, &ptp->work,
2353
-
msecs_to_jiffies(500));
2344
+
msecs_to_jiffies(err ? 10 : 500));
2354
2345
}
2355
2346
2356
2347
/**
+8
-3
drivers/net/ethernet/intel/ice/ice_txrx.h
+8
-3
drivers/net/ethernet/intel/ice/ice_txrx.h
···
384
384
/* this matches the maximum number of ITR bits, but in usec
385
385
* values, so it is shifted left one bit (bit zero is ignored)
386
386
*/
387
-
u16 itr_setting:13;
388
-
u16 itr_reserved:2;
389
-
u16 itr_mode:1;
387
+
union {
388
+
struct {
389
+
u16 itr_setting:13;
390
+
u16 itr_reserved:2;
391
+
u16 itr_mode:1;
392
+
};
393
+
u16 itr_settings;
394
+
};
390
395
enum ice_container_type type;
391
396
};
392
397
+2
-1
drivers/net/ethernet/intel/igb/igb_main.c
+2
-1
drivers/net/ethernet/intel/igb/igb_main.c
+33
-25
drivers/net/ethernet/mellanox/mlx5/core/en/tc/ct_fs_smfs.c
+33
-25
drivers/net/ethernet/mellanox/mlx5/core/en/tc/ct_fs_smfs.c
···
23
23
};
24
24
25
25
struct mlx5_ct_fs_smfs_matchers {
26
-
struct mlx5_ct_fs_smfs_matcher smfs_matchers[4];
26
+
struct mlx5_ct_fs_smfs_matcher smfs_matchers[6];
27
27
struct list_head used;
28
28
};
29
29
···
44
44
};
45
45
46
46
static inline void
47
-
mlx5_ct_fs_smfs_fill_mask(struct mlx5_ct_fs *fs, struct mlx5_flow_spec *spec, bool ipv4, bool tcp)
47
+
mlx5_ct_fs_smfs_fill_mask(struct mlx5_ct_fs *fs, struct mlx5_flow_spec *spec, bool ipv4, bool tcp,
48
+
bool gre)
48
49
{
49
50
void *headers_c = MLX5_ADDR_OF(fte_match_param, spec->match_criteria, outer_headers);
50
51
···
78
77
MLX5_SET_TO_ONES(fte_match_set_lyr_2_4, headers_c, tcp_dport);
79
78
MLX5_SET(fte_match_set_lyr_2_4, headers_c, tcp_flags,
80
79
ntohs(MLX5_CT_TCP_FLAGS_MASK));
81
-
} else {
80
+
} else if (!gre) {
82
81
MLX5_SET_TO_ONES(fte_match_set_lyr_2_4, headers_c, udp_sport);
83
82
MLX5_SET_TO_ONES(fte_match_set_lyr_2_4, headers_c, udp_dport);
84
83
}
···
88
87
89
88
static struct mlx5dr_matcher *
90
89
mlx5_ct_fs_smfs_matcher_create(struct mlx5_ct_fs *fs, struct mlx5dr_table *tbl, bool ipv4,
91
-
bool tcp, u32 priority)
90
+
bool tcp, bool gre, u32 priority)
92
91
{
93
92
struct mlx5dr_matcher *dr_matcher;
94
93
struct mlx5_flow_spec *spec;
···
97
96
if (!spec)
98
97
return ERR_PTR(-ENOMEM);
99
98
100
-
mlx5_ct_fs_smfs_fill_mask(fs, spec, ipv4, tcp);
99
+
mlx5_ct_fs_smfs_fill_mask(fs, spec, ipv4, tcp, gre);
101
100
spec->match_criteria_enable = MLX5_MATCH_MISC_PARAMETERS_2 | MLX5_MATCH_OUTER_HEADERS;
102
101
103
102
dr_matcher = mlx5_smfs_matcher_create(tbl, priority, spec);
···
109
108
}
110
109
111
110
static struct mlx5_ct_fs_smfs_matcher *
112
-
mlx5_ct_fs_smfs_matcher_get(struct mlx5_ct_fs *fs, bool nat, bool ipv4, bool tcp)
111
+
mlx5_ct_fs_smfs_matcher_get(struct mlx5_ct_fs *fs, bool nat, bool ipv4, bool tcp, bool gre)
113
112
{
114
113
struct mlx5_ct_fs_smfs *fs_smfs = mlx5_ct_fs_priv(fs);
115
114
struct mlx5_ct_fs_smfs_matcher *m, *smfs_matcher;
···
120
119
int prio;
121
120
122
121
matchers = nat ? &fs_smfs->matchers_nat : &fs_smfs->matchers;
123
-
smfs_matcher = &matchers->smfs_matchers[ipv4 * 2 + tcp];
122
+
smfs_matcher = &matchers->smfs_matchers[ipv4 * 3 + tcp * 2 + gre];
124
123
125
124
if (refcount_inc_not_zero(&smfs_matcher->ref))
126
125
return smfs_matcher;
···
146
145
}
147
146
148
147
tbl = nat ? fs_smfs->ct_nat_tbl : fs_smfs->ct_tbl;
149
-
dr_matcher = mlx5_ct_fs_smfs_matcher_create(fs, tbl, ipv4, tcp, prio);
148
+
dr_matcher = mlx5_ct_fs_smfs_matcher_create(fs, tbl, ipv4, tcp, gre, prio);
150
149
if (IS_ERR(dr_matcher)) {
151
150
netdev_warn(fs->netdev,
152
-
"ct_fs_smfs: failed to create matcher (nat %d, ipv4 %d, tcp %d), err: %ld\n",
153
-
nat, ipv4, tcp, PTR_ERR(dr_matcher));
151
+
"ct_fs_smfs: failed to create matcher (nat %d, ipv4 %d, tcp %d, gre %d), err: %ld\n",
152
+
nat, ipv4, tcp, gre, PTR_ERR(dr_matcher));
154
153
155
154
smfs_matcher = ERR_CAST(dr_matcher);
156
155
goto out_unlock;
···
223
222
static inline bool
224
223
mlx5_tc_ct_valid_used_dissector_keys(const u32 used_keys)
225
224
{
226
-
#define DISSECTOR_BIT(name) BIT(FLOW_DISSECTOR_KEY_ ## name)
227
-
const u32 basic_keys = DISSECTOR_BIT(BASIC) | DISSECTOR_BIT(CONTROL) |
228
-
DISSECTOR_BIT(PORTS) | DISSECTOR_BIT(META);
229
-
const u32 ipv4_tcp = basic_keys | DISSECTOR_BIT(IPV4_ADDRS) | DISSECTOR_BIT(TCP);
230
-
const u32 ipv4_udp = basic_keys | DISSECTOR_BIT(IPV4_ADDRS);
231
-
const u32 ipv6_tcp = basic_keys | DISSECTOR_BIT(IPV6_ADDRS) | DISSECTOR_BIT(TCP);
232
-
const u32 ipv6_udp = basic_keys | DISSECTOR_BIT(IPV6_ADDRS);
225
+
#define DISS_BIT(name) BIT(FLOW_DISSECTOR_KEY_ ## name)
226
+
const u32 basic_keys = DISS_BIT(BASIC) | DISS_BIT(CONTROL) | DISS_BIT(META);
227
+
const u32 ipv4_tcp = basic_keys | DISS_BIT(IPV4_ADDRS) | DISS_BIT(PORTS) | DISS_BIT(TCP);
228
+
const u32 ipv6_tcp = basic_keys | DISS_BIT(IPV6_ADDRS) | DISS_BIT(PORTS) | DISS_BIT(TCP);
229
+
const u32 ipv4_udp = basic_keys | DISS_BIT(IPV4_ADDRS) | DISS_BIT(PORTS);
230
+
const u32 ipv6_udp = basic_keys | DISS_BIT(IPV6_ADDRS) | DISS_BIT(PORTS);
231
+
const u32 ipv4_gre = basic_keys | DISS_BIT(IPV4_ADDRS);
232
+
const u32 ipv6_gre = basic_keys | DISS_BIT(IPV6_ADDRS);
233
233
234
234
return (used_keys == ipv4_tcp || used_keys == ipv4_udp || used_keys == ipv6_tcp ||
235
-
used_keys == ipv6_udp);
235
+
used_keys == ipv6_udp || used_keys == ipv4_gre || used_keys == ipv6_gre);
236
236
}
237
237
238
238
static bool
···
256
254
flow_rule_match_control(flow_rule, &control);
257
255
flow_rule_match_ipv4_addrs(flow_rule, &ipv4_addrs);
258
256
flow_rule_match_ipv6_addrs(flow_rule, &ipv6_addrs);
259
-
flow_rule_match_ports(flow_rule, &ports);
260
-
flow_rule_match_tcp(flow_rule, &tcp);
257
+
if (basic.key->ip_proto != IPPROTO_GRE)
258
+
flow_rule_match_ports(flow_rule, &ports);
259
+
if (basic.key->ip_proto == IPPROTO_TCP)
260
+
flow_rule_match_tcp(flow_rule, &tcp);
261
261
262
262
if (basic.mask->n_proto != htons(0xFFFF) ||
263
263
(basic.key->n_proto != htons(ETH_P_IP) && basic.key->n_proto != htons(ETH_P_IPV6)) ||
264
264
basic.mask->ip_proto != 0xFF ||
265
-
(basic.key->ip_proto != IPPROTO_UDP && basic.key->ip_proto != IPPROTO_TCP)) {
265
+
(basic.key->ip_proto != IPPROTO_UDP && basic.key->ip_proto != IPPROTO_TCP &&
266
+
basic.key->ip_proto != IPPROTO_GRE)) {
266
267
ct_dbg("rule uses unexpected basic match (n_proto 0x%04x/0x%04x, ip_proto 0x%02x/0x%02x)",
267
268
ntohs(basic.key->n_proto), ntohs(basic.mask->n_proto),
268
269
basic.key->ip_proto, basic.mask->ip_proto);
269
270
return false;
270
271
}
271
272
272
-
if (ports.mask->src != htons(0xFFFF) || ports.mask->dst != htons(0xFFFF)) {
273
+
if (basic.key->ip_proto != IPPROTO_GRE &&
274
+
(ports.mask->src != htons(0xFFFF) || ports.mask->dst != htons(0xFFFF))) {
273
275
ct_dbg("rule uses ports match (src 0x%04x, dst 0x%04x)",
274
276
ports.mask->src, ports.mask->dst);
275
277
return false;
···
297
291
struct mlx5dr_action *actions[5];
298
292
struct mlx5dr_rule *rule;
299
293
int num_actions = 0, err;
300
-
bool nat, tcp, ipv4;
294
+
bool nat, tcp, ipv4, gre;
301
295
302
296
if (!mlx5_ct_fs_smfs_ct_validate_flow_rule(fs, flow_rule))
303
297
return ERR_PTR(-EOPNOTSUPP);
···
320
314
ipv4 = mlx5e_tc_get_ip_version(spec, true) == 4;
321
315
tcp = MLX5_GET(fte_match_param, spec->match_value,
322
316
outer_headers.ip_protocol) == IPPROTO_TCP;
317
+
gre = MLX5_GET(fte_match_param, spec->match_value,
318
+
outer_headers.ip_protocol) == IPPROTO_GRE;
323
319
324
-
smfs_matcher = mlx5_ct_fs_smfs_matcher_get(fs, nat, ipv4, tcp);
320
+
smfs_matcher = mlx5_ct_fs_smfs_matcher_get(fs, nat, ipv4, tcp, gre);
325
321
if (IS_ERR(smfs_matcher)) {
326
322
err = PTR_ERR(smfs_matcher);
327
323
goto err_matcher;
328
324
}
329
325
330
326
rule = mlx5_smfs_rule_create(smfs_matcher->dr_matcher, spec, num_actions, actions,
331
-
MLX5_FLOW_CONTEXT_FLOW_SOURCE_ANY_VPORT);
327
+
spec->flow_context.flow_source);
332
328
if (!rule) {
333
329
err = -EINVAL;
334
330
goto err_create;
+10
-3
drivers/net/ethernet/mellanox/mlx5/core/en/trap.c
+10
-3
drivers/net/ethernet/mellanox/mlx5/core/en/trap.c
···
14
14
bool busy = false;
15
15
int work_done = 0;
16
16
17
+
rcu_read_lock();
18
+
17
19
ch_stats->poll++;
18
20
19
21
work_done = mlx5e_poll_rx_cq(&rq->cq, budget);
20
22
busy |= work_done == budget;
21
23
busy |= rq->post_wqes(rq);
22
24
23
-
if (busy)
24
-
return budget;
25
+
if (busy) {
26
+
work_done = budget;
27
+
goto out;
28
+
}
25
29
26
30
if (unlikely(!napi_complete_done(napi, work_done)))
27
-
return work_done;
31
+
goto out;
28
32
29
33
mlx5e_cq_arm(&rq->cq);
34
+
35
+
out:
36
+
rcu_read_unlock();
30
37
return work_done;
31
38
}
32
39
+23
-4
drivers/net/ethernet/mellanox/mlx5/core/en_main.c
+23
-4
drivers/net/ethernet/mellanox/mlx5/core/en_main.c
···
3864
3864
if (netdev->features & NETIF_F_NTUPLE)
3865
3865
netdev_warn(netdev, "Disabling ntuple, not supported in switchdev mode\n");
3866
3866
3867
+
features &= ~NETIF_F_GRO_HW;
3868
+
if (netdev->features & NETIF_F_GRO_HW)
3869
+
netdev_warn(netdev, "Disabling HW_GRO, not supported in switchdev mode\n");
3870
+
3867
3871
return features;
3868
3872
}
3869
3873
···
3896
3892
}
3897
3893
if (features & NETIF_F_GRO_HW) {
3898
3894
netdev_warn(netdev, "Disabling HW-GRO, not supported in legacy RQ\n");
3895
+
features &= ~NETIF_F_GRO_HW;
3896
+
}
3897
+
}
3898
+
3899
+
if (params->xdp_prog) {
3900
+
if (features & NETIF_F_LRO) {
3901
+
netdev_warn(netdev, "LRO is incompatible with XDP\n");
3902
+
features &= ~NETIF_F_LRO;
3903
+
}
3904
+
if (features & NETIF_F_GRO_HW) {
3905
+
netdev_warn(netdev, "HW GRO is incompatible with XDP\n");
3906
+
features &= ~NETIF_F_GRO_HW;
3907
+
}
3908
+
}
3909
+
3910
+
if (priv->xsk.refcnt) {
3911
+
if (features & NETIF_F_GRO_HW) {
3912
+
netdev_warn(netdev, "HW GRO is incompatible with AF_XDP (%u XSKs are active)\n",
3913
+
priv->xsk.refcnt);
3899
3914
features &= ~NETIF_F_GRO_HW;
3900
3915
}
3901
3916
}
···
4872
4849
netdev->hw_features |= NETIF_F_HW_VLAN_CTAG_RX;
4873
4850
netdev->hw_features |= NETIF_F_HW_VLAN_CTAG_FILTER;
4874
4851
netdev->hw_features |= NETIF_F_HW_VLAN_STAG_TX;
4875
-
4876
-
if (!!MLX5_CAP_GEN(mdev, shampo) &&
4877
-
mlx5e_check_fragmented_striding_rq_cap(mdev))
4878
-
netdev->hw_features |= NETIF_F_GRO_HW;
4879
4852
4880
4853
if (mlx5e_tunnel_any_tx_proto_supported(mdev)) {
4881
4854
netdev->hw_enc_features |= NETIF_F_HW_CSUM;
+76
-57
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
+76
-57
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
···
2663
2663
clean_tree(&root_ns->ns.node);
2664
2664
}
2665
2665
2666
-
void mlx5_cleanup_fs(struct mlx5_core_dev *dev)
2667
-
{
2668
-
struct mlx5_flow_steering *steering = dev->priv.steering;
2669
-
2670
-
cleanup_root_ns(steering->root_ns);
2671
-
cleanup_root_ns(steering->fdb_root_ns);
2672
-
steering->fdb_root_ns = NULL;
2673
-
kfree(steering->fdb_sub_ns);
2674
-
steering->fdb_sub_ns = NULL;
2675
-
cleanup_root_ns(steering->port_sel_root_ns);
2676
-
cleanup_root_ns(steering->sniffer_rx_root_ns);
2677
-
cleanup_root_ns(steering->sniffer_tx_root_ns);
2678
-
cleanup_root_ns(steering->rdma_rx_root_ns);
2679
-
cleanup_root_ns(steering->rdma_tx_root_ns);
2680
-
cleanup_root_ns(steering->egress_root_ns);
2681
-
mlx5_cleanup_fc_stats(dev);
2682
-
kmem_cache_destroy(steering->ftes_cache);
2683
-
kmem_cache_destroy(steering->fgs_cache);
2684
-
mlx5_ft_pool_destroy(dev);
2685
-
kfree(steering);
2686
-
}
2687
-
2688
2666
static int init_sniffer_tx_root_ns(struct mlx5_flow_steering *steering)
2689
2667
{
2690
2668
struct fs_prio *prio;
···
3064
3086
return err;
3065
3087
}
3066
3088
3067
-
int mlx5_init_fs(struct mlx5_core_dev *dev)
3089
+
void mlx5_fs_core_cleanup(struct mlx5_core_dev *dev)
3068
3090
{
3069
-
struct mlx5_flow_steering *steering;
3091
+
struct mlx5_flow_steering *steering = dev->priv.steering;
3092
+
3093
+
cleanup_root_ns(steering->root_ns);
3094
+
cleanup_root_ns(steering->fdb_root_ns);
3095
+
steering->fdb_root_ns = NULL;
3096
+
kfree(steering->fdb_sub_ns);
3097
+
steering->fdb_sub_ns = NULL;
3098
+
cleanup_root_ns(steering->port_sel_root_ns);
3099
+
cleanup_root_ns(steering->sniffer_rx_root_ns);
3100
+
cleanup_root_ns(steering->sniffer_tx_root_ns);
3101
+
cleanup_root_ns(steering->rdma_rx_root_ns);
3102
+
cleanup_root_ns(steering->rdma_tx_root_ns);
3103
+
cleanup_root_ns(steering->egress_root_ns);
3104
+
}
3105
+
3106
+
int mlx5_fs_core_init(struct mlx5_core_dev *dev)
3107
+
{
3108
+
struct mlx5_flow_steering *steering = dev->priv.steering;
3070
3109
int err = 0;
3071
-
3072
-
err = mlx5_init_fc_stats(dev);
3073
-
if (err)
3074
-
return err;
3075
-
3076
-
err = mlx5_ft_pool_init(dev);
3077
-
if (err)
3078
-
return err;
3079
-
3080
-
steering = kzalloc(sizeof(*steering), GFP_KERNEL);
3081
-
if (!steering) {
3082
-
err = -ENOMEM;
3083
-
goto err;
3084
-
}
3085
-
3086
-
steering->dev = dev;
3087
-
dev->priv.steering = steering;
3088
-
3089
-
if (mlx5_fs_dr_is_supported(dev))
3090
-
steering->mode = MLX5_FLOW_STEERING_MODE_SMFS;
3091
-
else
3092
-
steering->mode = MLX5_FLOW_STEERING_MODE_DMFS;
3093
-
3094
-
steering->fgs_cache = kmem_cache_create("mlx5_fs_fgs",
3095
-
sizeof(struct mlx5_flow_group), 0,
3096
-
0, NULL);
3097
-
steering->ftes_cache = kmem_cache_create("mlx5_fs_ftes", sizeof(struct fs_fte), 0,
3098
-
0, NULL);
3099
-
if (!steering->ftes_cache || !steering->fgs_cache) {
3100
-
err = -ENOMEM;
3101
-
goto err;
3102
-
}
3103
3110
3104
3111
if ((((MLX5_CAP_GEN(dev, port_type) == MLX5_CAP_PORT_TYPE_ETH) &&
3105
3112
(MLX5_CAP_GEN(dev, nic_flow_table))) ||
···
3143
3180
}
3144
3181
3145
3182
return 0;
3183
+
3146
3184
err:
3147
-
mlx5_cleanup_fs(dev);
3185
+
mlx5_fs_core_cleanup(dev);
3186
+
return err;
3187
+
}
3188
+
3189
+
void mlx5_fs_core_free(struct mlx5_core_dev *dev)
3190
+
{
3191
+
struct mlx5_flow_steering *steering = dev->priv.steering;
3192
+
3193
+
kmem_cache_destroy(steering->ftes_cache);
3194
+
kmem_cache_destroy(steering->fgs_cache);
3195
+
kfree(steering);
3196
+
mlx5_ft_pool_destroy(dev);
3197
+
mlx5_cleanup_fc_stats(dev);
3198
+
}
3199
+
3200
+
int mlx5_fs_core_alloc(struct mlx5_core_dev *dev)
3201
+
{
3202
+
struct mlx5_flow_steering *steering;
3203
+
int err = 0;
3204
+
3205
+
err = mlx5_init_fc_stats(dev);
3206
+
if (err)
3207
+
return err;
3208
+
3209
+
err = mlx5_ft_pool_init(dev);
3210
+
if (err)
3211
+
goto err;
3212
+
3213
+
steering = kzalloc(sizeof(*steering), GFP_KERNEL);
3214
+
if (!steering) {
3215
+
err = -ENOMEM;
3216
+
goto err;
3217
+
}
3218
+
3219
+
steering->dev = dev;
3220
+
dev->priv.steering = steering;
3221
+
3222
+
if (mlx5_fs_dr_is_supported(dev))
3223
+
steering->mode = MLX5_FLOW_STEERING_MODE_SMFS;
3224
+
else
3225
+
steering->mode = MLX5_FLOW_STEERING_MODE_DMFS;
3226
+
3227
+
steering->fgs_cache = kmem_cache_create("mlx5_fs_fgs",
3228
+
sizeof(struct mlx5_flow_group), 0,
3229
+
0, NULL);
3230
+
steering->ftes_cache = kmem_cache_create("mlx5_fs_ftes", sizeof(struct fs_fte), 0,
3231
+
0, NULL);
3232
+
if (!steering->ftes_cache || !steering->fgs_cache) {
3233
+
err = -ENOMEM;
3234
+
goto err;
3235
+
}
3236
+
3237
+
return 0;
3238
+
3239
+
err:
3240
+
mlx5_fs_core_free(dev);
3148
3241
return err;
3149
3242
}
3150
3243
+4
-2
drivers/net/ethernet/mellanox/mlx5/core/fs_core.h
+4
-2
drivers/net/ethernet/mellanox/mlx5/core/fs_core.h
···
298
298
int mlx5_flow_namespace_set_mode(struct mlx5_flow_namespace *ns,
299
299
enum mlx5_flow_steering_mode mode);
300
300
301
-
int mlx5_init_fs(struct mlx5_core_dev *dev);
302
-
void mlx5_cleanup_fs(struct mlx5_core_dev *dev);
301
+
int mlx5_fs_core_alloc(struct mlx5_core_dev *dev);
302
+
void mlx5_fs_core_free(struct mlx5_core_dev *dev);
303
+
int mlx5_fs_core_init(struct mlx5_core_dev *dev);
304
+
void mlx5_fs_core_cleanup(struct mlx5_core_dev *dev);
303
305
304
306
int mlx5_fs_egress_acls_init(struct mlx5_core_dev *dev, int total_vports);
305
307
void mlx5_fs_egress_acls_cleanup(struct mlx5_core_dev *dev);
+22
-3
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c
+22
-3
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c
···
8
8
enum {
9
9
MLX5_FW_RESET_FLAGS_RESET_REQUESTED,
10
10
MLX5_FW_RESET_FLAGS_NACK_RESET_REQUEST,
11
-
MLX5_FW_RESET_FLAGS_PENDING_COMP
11
+
MLX5_FW_RESET_FLAGS_PENDING_COMP,
12
+
MLX5_FW_RESET_FLAGS_DROP_NEW_REQUESTS
12
13
};
13
14
14
15
struct mlx5_fw_reset {
···
209
208
210
209
if (fatal_error) {
211
210
mlx5_core_warn(dev, "Got Device Reset\n");
212
-
queue_work(fw_reset->wq, &fw_reset->reset_reload_work);
211
+
if (!test_bit(MLX5_FW_RESET_FLAGS_DROP_NEW_REQUESTS, &fw_reset->reset_flags))
212
+
queue_work(fw_reset->wq, &fw_reset->reset_reload_work);
213
+
else
214
+
mlx5_core_err(dev, "Device is being removed, Drop new reset work\n");
213
215
return;
214
216
}
215
217
···
437
433
struct mlx5_fw_reset *fw_reset = mlx5_nb_cof(nb, struct mlx5_fw_reset, nb);
438
434
struct mlx5_eqe *eqe = data;
439
435
436
+
if (test_bit(MLX5_FW_RESET_FLAGS_DROP_NEW_REQUESTS, &fw_reset->reset_flags))
437
+
return NOTIFY_DONE;
438
+
440
439
switch (eqe->sub_type) {
441
440
case MLX5_GENERAL_SUBTYPE_FW_LIVE_PATCH_EVENT:
442
-
queue_work(fw_reset->wq, &fw_reset->fw_live_patch_work);
441
+
queue_work(fw_reset->wq, &fw_reset->fw_live_patch_work);
443
442
break;
444
443
case MLX5_GENERAL_SUBTYPE_PCI_SYNC_FOR_FW_UPDATE_EVENT:
445
444
mlx5_sync_reset_events_handle(fw_reset, eqe);
···
484
477
void mlx5_fw_reset_events_stop(struct mlx5_core_dev *dev)
485
478
{
486
479
mlx5_eq_notifier_unregister(dev, &dev->priv.fw_reset->nb);
480
+
}
481
+
482
+
void mlx5_drain_fw_reset(struct mlx5_core_dev *dev)
483
+
{
484
+
struct mlx5_fw_reset *fw_reset = dev->priv.fw_reset;
485
+
486
+
set_bit(MLX5_FW_RESET_FLAGS_DROP_NEW_REQUESTS, &fw_reset->reset_flags);
487
+
cancel_work_sync(&fw_reset->fw_live_patch_work);
488
+
cancel_work_sync(&fw_reset->reset_request_work);
489
+
cancel_work_sync(&fw_reset->reset_reload_work);
490
+
cancel_work_sync(&fw_reset->reset_now_work);
491
+
cancel_work_sync(&fw_reset->reset_abort_work);
487
492
}
488
493
489
494
int mlx5_fw_reset_init(struct mlx5_core_dev *dev)
+1
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.h
+1
drivers/net/ethernet/mellanox/mlx5/core/fw_reset.h
···
16
16
int mlx5_fw_reset_wait_reset_done(struct mlx5_core_dev *dev);
17
17
void mlx5_fw_reset_events_start(struct mlx5_core_dev *dev);
18
18
void mlx5_fw_reset_events_stop(struct mlx5_core_dev *dev);
19
+
void mlx5_drain_fw_reset(struct mlx5_core_dev *dev);
19
20
int mlx5_fw_reset_init(struct mlx5_core_dev *dev);
20
21
void mlx5_fw_reset_cleanup(struct mlx5_core_dev *dev);
21
22
+16
-3
drivers/net/ethernet/mellanox/mlx5/core/main.c
+16
-3
drivers/net/ethernet/mellanox/mlx5/core/main.c
···
938
938
goto err_sf_table_cleanup;
939
939
}
940
940
941
+
err = mlx5_fs_core_alloc(dev);
942
+
if (err) {
943
+
mlx5_core_err(dev, "Failed to alloc flow steering\n");
944
+
goto err_fs;
945
+
}
946
+
941
947
dev->dm = mlx5_dm_create(dev);
942
948
if (IS_ERR(dev->dm))
943
949
mlx5_core_warn(dev, "Failed to init device memory%d\n", err);
···
954
948
955
949
return 0;
956
950
951
+
err_fs:
952
+
mlx5_sf_table_cleanup(dev);
957
953
err_sf_table_cleanup:
958
954
mlx5_sf_hw_table_cleanup(dev);
959
955
err_sf_hw_table_cleanup:
···
993
985
mlx5_hv_vhca_destroy(dev->hv_vhca);
994
986
mlx5_fw_tracer_destroy(dev->tracer);
995
987
mlx5_dm_cleanup(dev);
988
+
mlx5_fs_core_free(dev);
996
989
mlx5_sf_table_cleanup(dev);
997
990
mlx5_sf_hw_table_cleanup(dev);
998
991
mlx5_vhca_event_cleanup(dev);
···
1200
1191
goto err_tls_start;
1201
1192
}
1202
1193
1203
-
err = mlx5_init_fs(dev);
1194
+
err = mlx5_fs_core_init(dev);
1204
1195
if (err) {
1205
1196
mlx5_core_err(dev, "Failed to init flow steering\n");
1206
1197
goto err_fs;
···
1245
1236
err_vhca:
1246
1237
mlx5_vhca_event_stop(dev);
1247
1238
err_set_hca:
1248
-
mlx5_cleanup_fs(dev);
1239
+
mlx5_fs_core_cleanup(dev);
1249
1240
err_fs:
1250
1241
mlx5_accel_tls_cleanup(dev);
1251
1242
err_tls_start:
···
1274
1265
mlx5_ec_cleanup(dev);
1275
1266
mlx5_sf_hw_table_destroy(dev);
1276
1267
mlx5_vhca_event_stop(dev);
1277
-
mlx5_cleanup_fs(dev);
1268
+
mlx5_fs_core_cleanup(dev);
1278
1269
mlx5_accel_ipsec_cleanup(dev);
1279
1270
mlx5_accel_tls_cleanup(dev);
1280
1271
mlx5_fpga_device_stop(dev);
···
1627
1618
struct mlx5_core_dev *dev = pci_get_drvdata(pdev);
1628
1619
struct devlink *devlink = priv_to_devlink(dev);
1629
1620
1621
+
/* mlx5_drain_fw_reset() is using devlink APIs. Hence, we must drain
1622
+
* fw_reset before unregistering the devlink.
1623
+
*/
1624
+
mlx5_drain_fw_reset(dev);
1630
1625
devlink_unregister(devlink);
1631
1626
mlx5_sriov_disable(pdev);
1632
1627
mlx5_crdump_disable(dev);
+50
-21
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_action.c
+50
-21
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_action.c
···
530
530
return 0;
531
531
}
532
532
533
+
static void dr_action_modify_ttl_adjust(struct mlx5dr_domain *dmn,
534
+
struct mlx5dr_ste_actions_attr *attr,
535
+
bool rx_rule,
536
+
bool *recalc_cs_required)
537
+
{
538
+
*recalc_cs_required = false;
539
+
540
+
/* if device supports csum recalculation - no adjustment needed */
541
+
if (mlx5dr_ste_supp_ttl_cs_recalc(&dmn->info.caps))
542
+
return;
543
+
544
+
/* no adjustment needed on TX rules */
545
+
if (!rx_rule)
546
+
return;
547
+
548
+
if (!MLX5_CAP_ESW_FLOWTABLE(dmn->mdev, fdb_ipv4_ttl_modify)) {
549
+
/* Ignore the modify TTL action.
550
+
* It is always kept as last HW action.
551
+
*/
552
+
attr->modify_actions--;
553
+
return;
554
+
}
555
+
556
+
if (dmn->type == MLX5DR_DOMAIN_TYPE_FDB)
557
+
/* Due to a HW bug on some devices, modifying TTL on RX flows
558
+
* will cause an incorrect checksum calculation. In such cases
559
+
* we will use a FW table to recalculate the checksum.
560
+
*/
561
+
*recalc_cs_required = true;
562
+
}
563
+
533
564
static void dr_action_print_sequence(struct mlx5dr_domain *dmn,
534
565
struct mlx5dr_action *actions[],
535
566
int last_idx)
···
681
650
case DR_ACTION_TYP_MODIFY_HDR:
682
651
attr.modify_index = action->rewrite->index;
683
652
attr.modify_actions = action->rewrite->num_of_actions;
684
-
recalc_cs_required = action->rewrite->modify_ttl &&
685
-
!mlx5dr_ste_supp_ttl_cs_recalc(&dmn->info.caps);
653
+
if (action->rewrite->modify_ttl)
654
+
dr_action_modify_ttl_adjust(dmn, &attr, rx_rule,
655
+
&recalc_cs_required);
686
656
break;
687
657
case DR_ACTION_TYP_L2_TO_TNL_L2:
688
658
case DR_ACTION_TYP_L2_TO_TNL_L3:
···
764
732
*new_hw_ste_arr_sz = nic_matcher->num_of_builders;
765
733
last_ste = ste_arr + DR_STE_SIZE * (nic_matcher->num_of_builders - 1);
766
734
767
-
/* Due to a HW bug in some devices, modifying TTL on RX flows will
768
-
* cause an incorrect checksum calculation. In this case we will
769
-
* use a FW table to recalculate.
770
-
*/
771
-
if (dmn->type == MLX5DR_DOMAIN_TYPE_FDB &&
772
-
rx_rule && recalc_cs_required && dest_action) {
735
+
if (recalc_cs_required && dest_action) {
773
736
ret = dr_action_handle_cs_recalc(dmn, dest_action, &attr.final_icm_addr);
774
737
if (ret) {
775
738
mlx5dr_err(dmn,
···
869
842
mlx5dr_action_create_mult_dest_tbl(struct mlx5dr_domain *dmn,
870
843
struct mlx5dr_action_dest *dests,
871
844
u32 num_of_dests,
872
-
bool ignore_flow_level)
845
+
bool ignore_flow_level,
846
+
u32 flow_source)
873
847
{
874
848
struct mlx5dr_cmd_flow_destination_hw_info *hw_dests;
875
849
struct mlx5dr_action **ref_actions;
···
942
914
reformat_req,
943
915
&action->dest_tbl->fw_tbl.id,
944
916
&action->dest_tbl->fw_tbl.group_id,
945
-
ignore_flow_level);
917
+
ignore_flow_level,
918
+
flow_source);
946
919
if (ret)
947
920
goto free_action;
948
921
···
1585
1556
return sw_field == MLX5_ACTION_IN_FIELD_OUT_IP_TTL;
1586
1557
}
1587
1558
1588
-
static bool dr_action_modify_ttl_ignore(struct mlx5dr_domain *dmn)
1589
-
{
1590
-
return !mlx5dr_ste_supp_ttl_cs_recalc(&dmn->info.caps) &&
1591
-
!MLX5_CAP_ESW_FLOWTABLE(dmn->mdev, fdb_ipv4_ttl_modify);
1592
-
}
1593
-
1594
1559
static int dr_actions_convert_modify_header(struct mlx5dr_action *action,
1595
1560
u32 max_hw_actions,
1596
1561
u32 num_sw_actions,
···
1596
1573
const struct mlx5dr_ste_action_modify_field *hw_dst_action_info;
1597
1574
const struct mlx5dr_ste_action_modify_field *hw_src_action_info;
1598
1575
struct mlx5dr_domain *dmn = action->rewrite->dmn;
1576
+
__be64 *modify_ttl_sw_action = NULL;
1599
1577
int ret, i, hw_idx = 0;
1600
1578
__be64 *sw_action;
1601
1579
__be64 hw_action;
···
1609
1585
action->rewrite->allow_rx = 1;
1610
1586
action->rewrite->allow_tx = 1;
1611
1587
1612
-
for (i = 0; i < num_sw_actions; i++) {
1613
-
sw_action = &sw_actions[i];
1588
+
for (i = 0; i < num_sw_actions || modify_ttl_sw_action; i++) {
1589
+
/* modify TTL is handled separately, as a last action */
1590
+
if (i == num_sw_actions) {
1591
+
sw_action = modify_ttl_sw_action;
1592
+
modify_ttl_sw_action = NULL;
1593
+
} else {
1594
+
sw_action = &sw_actions[i];
1595
+
}
1614
1596
1615
1597
ret = dr_action_modify_check_field_limitation(action,
1616
1598
sw_action);
···
1625
1595
1626
1596
if (!(*modify_ttl) &&
1627
1597
dr_action_modify_check_is_ttl_modify(sw_action)) {
1628
-
if (dr_action_modify_ttl_ignore(dmn))
1629
-
continue;
1630
-
1598
+
modify_ttl_sw_action = sw_action;
1631
1599
*modify_ttl = true;
1600
+
continue;
1632
1601
}
1633
1602
1634
1603
/* Convert SW action to HW action */
+3
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_fw.c
+3
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_fw.c
···
104
104
bool reformat_req,
105
105
u32 *tbl_id,
106
106
u32 *group_id,
107
-
bool ignore_flow_level)
107
+
bool ignore_flow_level,
108
+
u32 flow_source)
108
109
{
109
110
struct mlx5dr_cmd_create_flow_table_attr ft_attr = {};
110
111
struct mlx5dr_cmd_fte_info fte_info = {};
···
140
139
fte_info.val = val;
141
140
fte_info.dest_arr = dest;
142
141
fte_info.ignore_flow_level = ignore_flow_level;
142
+
fte_info.flow_context.flow_source = flow_source;
143
143
144
144
ret = mlx5dr_cmd_set_fte(dmn->mdev, 0, 0, &ft_info, *group_id, &fte_info);
145
145
if (ret) {
+2
-2
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_ste_v0.c
+2
-2
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_ste_v0.c
···
420
420
* encapsulation. The reason for that is that we support
421
421
* modify headers for outer headers only
422
422
*/
423
-
if (action_type_set[DR_ACTION_TYP_MODIFY_HDR]) {
423
+
if (action_type_set[DR_ACTION_TYP_MODIFY_HDR] && attr->modify_actions) {
424
424
dr_ste_v0_set_entry_type(last_ste, DR_STE_TYPE_MODIFY_PKT);
425
425
dr_ste_v0_set_rewrite_actions(last_ste,
426
426
attr->modify_actions,
···
513
513
}
514
514
}
515
515
516
-
if (action_type_set[DR_ACTION_TYP_MODIFY_HDR]) {
516
+
if (action_type_set[DR_ACTION_TYP_MODIFY_HDR] && attr->modify_actions) {
517
517
if (dr_ste_v0_get_entry_type(last_ste) == DR_STE_TYPE_MODIFY_PKT)
518
518
dr_ste_v0_arr_init_next(&last_ste,
519
519
added_stes,
+2
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_types.h
+2
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/dr_types.h
···
1461
1461
bool reformat_req,
1462
1462
u32 *tbl_id,
1463
1463
u32 *group_id,
1464
-
bool ignore_flow_level);
1464
+
bool ignore_flow_level,
1465
+
u32 flow_source);
1465
1466
void mlx5dr_fw_destroy_md_tbl(struct mlx5dr_domain *dmn, u32 tbl_id,
1466
1467
u32 group_id);
1467
1468
#endif /* _DR_TYPES_H_ */
+3
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c
+3
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/fs_dr.c
···
520
520
} else if (num_term_actions > 1) {
521
521
bool ignore_flow_level =
522
522
!!(fte->action.flags & FLOW_ACT_IGNORE_FLOW_LEVEL);
523
+
u32 flow_source = fte->flow_context.flow_source;
523
524
524
525
if (num_actions == MLX5_FLOW_CONTEXT_ACTION_MAX ||
525
526
fs_dr_num_actions == MLX5_FLOW_CONTEXT_ACTION_MAX) {
···
530
529
tmp_action = mlx5dr_action_create_mult_dest_tbl(domain,
531
530
term_actions,
532
531
num_term_actions,
533
-
ignore_flow_level);
532
+
ignore_flow_level,
533
+
flow_source);
534
534
if (!tmp_action) {
535
535
err = -EOPNOTSUPP;
536
536
goto free_actions;
+2
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/mlx5dr.h
+2
-1
drivers/net/ethernet/mellanox/mlx5/core/steering/mlx5dr.h
···
99
99
mlx5dr_action_create_mult_dest_tbl(struct mlx5dr_domain *dmn,
100
100
struct mlx5dr_action_dest *dests,
101
101
u32 num_of_dests,
102
-
bool ignore_flow_level);
102
+
bool ignore_flow_level,
103
+
u32 flow_source);
103
104
104
105
struct mlx5dr_action *mlx5dr_action_create_drop(void);
105
106
+28
drivers/net/ethernet/microchip/lan966x/lan966x_main.c
+28
drivers/net/ethernet/microchip/lan966x/lan966x_main.c
···
103
103
return 0;
104
104
}
105
105
106
+
static bool lan966x_port_unique_address(struct net_device *dev)
107
+
{
108
+
struct lan966x_port *port = netdev_priv(dev);
109
+
struct lan966x *lan966x = port->lan966x;
110
+
int p;
111
+
112
+
for (p = 0; p < lan966x->num_phys_ports; ++p) {
113
+
port = lan966x->ports[p];
114
+
if (!port || port->dev == dev)
115
+
continue;
116
+
117
+
if (ether_addr_equal(dev->dev_addr, port->dev->dev_addr))
118
+
return false;
119
+
}
120
+
121
+
return true;
122
+
}
123
+
106
124
static int lan966x_port_set_mac_address(struct net_device *dev, void *p)
107
125
{
108
126
struct lan966x_port *port = netdev_priv(dev);
···
128
110
const struct sockaddr *addr = p;
129
111
int ret;
130
112
113
+
if (ether_addr_equal(addr->sa_data, dev->dev_addr))
114
+
return 0;
115
+
131
116
/* Learn the new net device MAC address in the mac table. */
132
117
ret = lan966x_mac_cpu_learn(lan966x, addr->sa_data, HOST_PVID);
133
118
if (ret)
134
119
return ret;
120
+
121
+
/* If there is another port with the same address as the dev, then don't
122
+
* delete it from the MAC table
123
+
*/
124
+
if (!lan966x_port_unique_address(dev))
125
+
goto out;
135
126
136
127
/* Then forget the previous one. */
137
128
ret = lan966x_mac_cpu_forget(lan966x, dev->dev_addr, HOST_PVID);
138
129
if (ret)
139
130
return ret;
140
131
132
+
out:
141
133
eth_hw_addr_set(dev, addr->sa_data);
142
134
return ret;
143
135
}
+2
-1
drivers/net/ethernet/qlogic/qla3xxx.c
+2
-1
drivers/net/ethernet/qlogic/qla3xxx.c
···
3614
3614
qdev->mem_map_registers;
3615
3615
unsigned long hw_flags;
3616
3616
3617
-
if (test_bit((QL_RESET_PER_SCSI | QL_RESET_START), &qdev->flags)) {
3617
+
if (test_bit(QL_RESET_PER_SCSI, &qdev->flags) ||
3618
+
test_bit(QL_RESET_START, &qdev->flags)) {
3618
3619
clear_bit(QL_LINK_MASTER, &qdev->flags);
3619
3620
3620
3621
/*
+4
-2
drivers/net/ipa/gsi.c
+4
-2
drivers/net/ipa/gsi.c
···
1367
1367
struct gsi_event *event_done;
1368
1368
struct gsi_event *event;
1369
1369
struct gsi_trans *trans;
1370
+
u32 trans_count = 0;
1370
1371
u32 byte_count = 0;
1371
-
u32 old_index;
1372
1372
u32 event_avail;
1373
+
u32 old_index;
1373
1374
1374
1375
trans_info = &channel->trans_info;
1375
1376
···
1391
1390
do {
1392
1391
trans->len = __le16_to_cpu(event->len);
1393
1392
byte_count += trans->len;
1393
+
trans_count++;
1394
1394
1395
1395
/* Move on to the next event and transaction */
1396
1396
if (--event_avail)
···
1403
1401
1404
1402
/* We record RX bytes when they are received */
1405
1403
channel->byte_count += byte_count;
1406
-
channel->trans_count++;
1404
+
channel->trans_count += trans_count;
1407
1405
}
1408
1406
1409
1407
/* Initialize a ring, including allocating DMA memory for its entries */
+6
-7
drivers/net/ipa/ipa_endpoint.c
+6
-7
drivers/net/ipa/ipa_endpoint.c
···
1150
1150
return;
1151
1151
1152
1152
skb = __dev_alloc_skb(len, GFP_ATOMIC);
1153
-
if (!skb)
1154
-
return;
1155
-
1156
-
/* Copy the data into the socket buffer and receive it */
1157
-
skb_put(skb, len);
1158
-
memcpy(skb->data, data, len);
1159
-
skb->truesize += extra;
1153
+
if (skb) {
1154
+
/* Copy the data into the socket buffer and receive it */
1155
+
skb_put(skb, len);
1156
+
memcpy(skb->data, data, len);
1157
+
skb->truesize += extra;
1158
+
}
1160
1159
1161
1160
ipa_modem_skb_rx(endpoint->netdev, skb);
1162
1161
}
+1
-1
drivers/net/ipa/ipa_qmi.c
+1
-1
drivers/net/ipa/ipa_qmi.c
+1
drivers/net/ppp/pppoe.c
+1
drivers/net/ppp/pppoe.c
+6
drivers/net/vmxnet3/vmxnet3_drv.c
+6
drivers/net/vmxnet3/vmxnet3_drv.c
···
589
589
if (dma_mapping_error(&adapter->pdev->dev,
590
590
rbi->dma_addr)) {
591
591
dev_kfree_skb_any(rbi->skb);
592
+
rbi->skb = NULL;
592
593
rq->stats.rx_buf_alloc_failure++;
593
594
break;
594
595
}
···
614
613
if (dma_mapping_error(&adapter->pdev->dev,
615
614
rbi->dma_addr)) {
616
615
put_page(rbi->page);
616
+
rbi->page = NULL;
617
617
rq->stats.rx_buf_alloc_failure++;
618
618
break;
619
619
}
···
1667
1665
{
1668
1666
u32 i, ring_idx;
1669
1667
struct Vmxnet3_RxDesc *rxd;
1668
+
1669
+
/* ring has already been cleaned up */
1670
+
if (!rq->rx_ring[0].base)
1671
+
return;
1670
1672
1671
1673
for (ring_idx = 0; ring_idx < 2; ring_idx++) {
1672
1674
for (i = 0; i < rq->rx_ring[ring_idx].size; i++) {
+3
-2
drivers/nfc/pn533/pn533.c
+3
-2
drivers/nfc/pn533/pn533.c
···
2787
2787
{
2788
2788
struct pn533_cmd *cmd, *n;
2789
2789
2790
+
/* delete the timer before cleanup the worker */
2791
+
del_timer_sync(&priv->listen_timer);
2792
+
2790
2793
flush_delayed_work(&priv->poll_work);
2791
2794
destroy_workqueue(priv->wq);
2792
2795
2793
2796
skb_queue_purge(&priv->resp_q);
2794
-
2795
-
del_timer(&priv->listen_timer);
2796
2797
2797
2798
list_for_each_entry_safe(cmd, n, &priv->cmd_queue, queue) {
2798
2799
list_del(&cmd->queue);
+45
-17
drivers/ptp/ptp_ocp.c
+45
-17
drivers/ptp/ptp_ocp.c
···
300
300
struct platform_device *spi_flash;
301
301
struct clk_hw *i2c_clk;
302
302
struct timer_list watchdog;
303
-
const struct ocp_attr_group *attr_tbl;
303
+
const struct attribute_group **attr_group;
304
304
const struct ptp_ocp_eeprom_map *eeprom_map;
305
305
struct dentry *debug_root;
306
306
time64_t gnss_lost;
···
841
841
}
842
842
843
843
static void
844
-
ptp_ocp_adjtime_coarse(struct ptp_ocp *bp, u64 delta_ns)
844
+
ptp_ocp_adjtime_coarse(struct ptp_ocp *bp, s64 delta_ns)
845
845
{
846
846
struct timespec64 ts;
847
847
unsigned long flags;
···
850
850
spin_lock_irqsave(&bp->lock, flags);
851
851
err = __ptp_ocp_gettime_locked(bp, &ts, NULL);
852
852
if (likely(!err)) {
853
-
timespec64_add_ns(&ts, delta_ns);
853
+
set_normalized_timespec64(&ts, ts.tv_sec,
854
+
ts.tv_nsec + delta_ns);
854
855
__ptp_ocp_settime_locked(bp, &ts);
855
856
}
856
857
spin_unlock_irqrestore(&bp->lock, flags);
···
1837
1836
}
1838
1837
1839
1838
static void
1839
+
ptp_ocp_attr_group_del(struct ptp_ocp *bp)
1840
+
{
1841
+
sysfs_remove_groups(&bp->dev.kobj, bp->attr_group);
1842
+
kfree(bp->attr_group);
1843
+
}
1844
+
1845
+
static int
1846
+
ptp_ocp_attr_group_add(struct ptp_ocp *bp,
1847
+
const struct ocp_attr_group *attr_tbl)
1848
+
{
1849
+
int count, i;
1850
+
int err;
1851
+
1852
+
count = 0;
1853
+
for (i = 0; attr_tbl[i].cap; i++)
1854
+
if (attr_tbl[i].cap & bp->fw_cap)
1855
+
count++;
1856
+
1857
+
bp->attr_group = kcalloc(count + 1, sizeof(struct attribute_group *),
1858
+
GFP_KERNEL);
1859
+
if (!bp->attr_group)
1860
+
return -ENOMEM;
1861
+
1862
+
count = 0;
1863
+
for (i = 0; attr_tbl[i].cap; i++)
1864
+
if (attr_tbl[i].cap & bp->fw_cap)
1865
+
bp->attr_group[count++] = attr_tbl[i].group;
1866
+
1867
+
err = sysfs_create_groups(&bp->dev.kobj, bp->attr_group);
1868
+
if (err)
1869
+
bp->attr_group[0] = NULL;
1870
+
1871
+
return err;
1872
+
}
1873
+
1874
+
static void
1840
1875
ptp_ocp_sma_init(struct ptp_ocp *bp)
1841
1876
{
1842
1877
u32 reg;
···
1941
1904
bp->flash_start = 1024 * 4096;
1942
1905
bp->eeprom_map = fb_eeprom_map;
1943
1906
bp->fw_version = ioread32(&bp->image->version);
1944
-
bp->attr_tbl = fb_timecard_groups;
1945
1907
bp->fw_cap = OCP_CAP_BASIC;
1946
1908
1947
1909
ver = bp->fw_version & 0xffff;
···
1953
1917
ptp_ocp_nmea_out_init(bp);
1954
1918
ptp_ocp_sma_init(bp);
1955
1919
ptp_ocp_signal_init(bp);
1920
+
1921
+
err = ptp_ocp_attr_group_add(bp, fb_timecard_groups);
1922
+
if (err)
1923
+
return err;
1956
1924
1957
1925
err = ptp_ocp_fb_set_pins(bp);
1958
1926
if (err)
···
3428
3388
{
3429
3389
struct pps_device *pps;
3430
3390
char buf[32];
3431
-
int i, err;
3432
3391
3433
3392
if (bp->gnss_port != -1) {
3434
3393
sprintf(buf, "ttyS%d", bp->gnss_port);
···
3451
3412
pps = pps_lookup_dev(bp->ptp);
3452
3413
if (pps)
3453
3414
ptp_ocp_symlink(bp, pps->dev, "pps");
3454
-
3455
-
for (i = 0; bp->attr_tbl[i].cap; i++) {
3456
-
if (!(bp->attr_tbl[i].cap & bp->fw_cap))
3457
-
continue;
3458
-
err = sysfs_create_group(&bp->dev.kobj, bp->attr_tbl[i].group);
3459
-
if (err)
3460
-
return err;
3461
-
}
3462
3415
3463
3416
ptp_ocp_debugfs_add_device(bp);
3464
3417
···
3523
3492
ptp_ocp_detach_sysfs(struct ptp_ocp *bp)
3524
3493
{
3525
3494
struct device *dev = &bp->dev;
3526
-
int i;
3527
3495
3528
3496
sysfs_remove_link(&dev->kobj, "ttyGNSS");
3529
3497
sysfs_remove_link(&dev->kobj, "ttyMAC");
3530
3498
sysfs_remove_link(&dev->kobj, "ptp");
3531
3499
sysfs_remove_link(&dev->kobj, "pps");
3532
-
if (bp->attr_tbl)
3533
-
for (i = 0; bp->attr_tbl[i].cap; i++)
3534
-
sysfs_remove_group(&dev->kobj, bp->attr_tbl[i].group);
3535
3500
}
3536
3501
3537
3502
static void
···
3537
3510
3538
3511
ptp_ocp_debugfs_remove_device(bp);
3539
3512
ptp_ocp_detach_sysfs(bp);
3513
+
ptp_ocp_attr_group_del(bp);
3540
3514
if (timer_pending(&bp->watchdog))
3541
3515
del_timer_sync(&bp->watchdog);
3542
3516
if (bp->ts0)
+1
-1
include/linux/netdevice.h
+1
-1
include/linux/netdevice.h
+2
-1
include/net/inet_timewait_sock.h
+2
-1
include/net/inet_timewait_sock.h
···
71
71
tw_tos : 8;
72
72
u32 tw_txhash;
73
73
u32 tw_priority;
74
-
u32 tw_bslot; /* bind bucket slot */
75
74
struct timer_list tw_timer;
76
75
struct inet_bind_bucket *tw_tb;
77
76
};
···
108
109
}
109
110
110
111
void inet_twsk_deschedule_put(struct inet_timewait_sock *tw);
112
+
113
+
void inet_twsk_purge(struct inet_hashinfo *hashinfo, int family);
111
114
112
115
static inline
113
116
struct net *twsk_net(const struct inet_timewait_sock *twsk)
+1
include/net/ip.h
+1
include/net/ip.h
+13
-1
include/net/xfrm.h
+13
-1
include/net/xfrm.h
···
1093
1093
return false;
1094
1094
}
1095
1095
1096
+
static inline bool __xfrm_check_dev_nopolicy(struct sk_buff *skb,
1097
+
int dir, unsigned short family)
1098
+
{
1099
+
if (dir != XFRM_POLICY_OUT && family == AF_INET) {
1100
+
/* same dst may be used for traffic originating from
1101
+
* devices with different policy settings.
1102
+
*/
1103
+
return IPCB(skb)->flags & IPSKB_NOPOLICY;
1104
+
}
1105
+
return skb_dst(skb) && (skb_dst(skb)->flags & DST_NOPOLICY);
1106
+
}
1107
+
1096
1108
static inline int __xfrm_policy_check2(struct sock *sk, int dir,
1097
1109
struct sk_buff *skb,
1098
1110
unsigned int family, int reverse)
···
1116
1104
return __xfrm_policy_check(sk, ndir, skb, family);
1117
1105
1118
1106
return __xfrm_check_nopolicy(net, skb, dir) ||
1119
-
(skb_dst(skb) && (skb_dst(skb)->flags & DST_NOPOLICY)) ||
1107
+
__xfrm_check_dev_nopolicy(skb, dir, family) ||
1120
1108
__xfrm_policy_check(sk, ndir, skb, family);
1121
1109
}
1122
1110
+7
net/bridge/br_input.c
+7
net/bridge/br_input.c
···
39
39
dev_sw_netstats_rx_add(brdev, skb->len);
40
40
41
41
vg = br_vlan_group_rcu(br);
42
+
43
+
/* Reset the offload_fwd_mark because there could be a stacked
44
+
* bridge above, and it should not think this bridge it doing
45
+
* that bridge's work forwarding out its ports.
46
+
*/
47
+
br_switchdev_frame_unmark(skb);
48
+
42
49
/* Bridge is just like any other port. Make sure the
43
50
* packet is allowed except in promisc mode when someone
44
51
* may be running packet capture.
+1
-1
net/core/dev.c
+1
-1
net/core/dev.c
···
681
681
const struct net_device *last_dev;
682
682
struct net_device_path_ctx ctx = {
683
683
.dev = dev,
684
-
.daddr = daddr,
685
684
};
686
685
struct net_device_path *path;
687
686
int ret = 0;
688
687
688
+
memcpy(ctx.daddr, daddr, sizeof(ctx.daddr));
689
689
stack->num_paths = 0;
690
690
while (ctx.dev && ctx.dev->netdev_ops->ndo_fill_forward_path) {
691
691
last_dev = ctx.dev;
+6
net/dccp/ipv4.c
+6
net/dccp/ipv4.c
···
1030
1030
inet_ctl_sock_destroy(pn->v4_ctl_sk);
1031
1031
}
1032
1032
1033
+
static void __net_exit dccp_v4_exit_batch(struct list_head *net_exit_list)
1034
+
{
1035
+
inet_twsk_purge(&dccp_hashinfo, AF_INET);
1036
+
}
1037
+
1033
1038
static struct pernet_operations dccp_v4_ops = {
1034
1039
.init = dccp_v4_init_net,
1035
1040
.exit = dccp_v4_exit_net,
1041
+
.exit_batch = dccp_v4_exit_batch,
1036
1042
.id = &dccp_v4_pernet_id,
1037
1043
.size = sizeof(struct dccp_v4_pernet),
1038
1044
};
+6
net/dccp/ipv6.c
+6
net/dccp/ipv6.c
···
1115
1115
inet_ctl_sock_destroy(pn->v6_ctl_sk);
1116
1116
}
1117
1117
1118
+
static void __net_exit dccp_v6_exit_batch(struct list_head *net_exit_list)
1119
+
{
1120
+
inet_twsk_purge(&dccp_hashinfo, AF_INET6);
1121
+
}
1122
+
1118
1123
static struct pernet_operations dccp_v6_ops = {
1119
1124
.init = dccp_v6_init_net,
1120
1125
.exit = dccp_v6_exit_net,
1126
+
.exit_batch = dccp_v6_exit_batch,
1121
1127
.id = &dccp_v6_pernet_id,
1122
1128
.size = sizeof(struct dccp_v6_pernet),
1123
1129
};
+51
-7
net/ipv4/inet_timewait_sock.c
+51
-7
net/ipv4/inet_timewait_sock.c
···
52
52
spin_unlock(lock);
53
53
54
54
/* Disassociate with bind bucket. */
55
-
bhead = &hashinfo->bhash[tw->tw_bslot];
55
+
bhead = &hashinfo->bhash[inet_bhashfn(twsk_net(tw), tw->tw_num,
56
+
hashinfo->bhash_size)];
56
57
57
58
spin_lock(&bhead->lock);
58
59
inet_twsk_bind_unhash(tw, hashinfo);
···
112
111
Note, that any socket with inet->num != 0 MUST be bound in
113
112
binding cache, even if it is closed.
114
113
*/
115
-
/* Cache inet_bhashfn(), because 'struct net' might be no longer
116
-
* available later in inet_twsk_kill().
117
-
*/
118
-
tw->tw_bslot = inet_bhashfn(twsk_net(tw), inet->inet_num,
119
-
hashinfo->bhash_size);
120
-
bhead = &hashinfo->bhash[tw->tw_bslot];
114
+
bhead = &hashinfo->bhash[inet_bhashfn(twsk_net(tw), inet->inet_num,
115
+
hashinfo->bhash_size)];
121
116
spin_lock(&bhead->lock);
122
117
tw->tw_tb = icsk->icsk_bind_hash;
123
118
WARN_ON(!icsk->icsk_bind_hash);
···
254
257
}
255
258
}
256
259
EXPORT_SYMBOL_GPL(__inet_twsk_schedule);
260
+
261
+
void inet_twsk_purge(struct inet_hashinfo *hashinfo, int family)
262
+
{
263
+
struct inet_timewait_sock *tw;
264
+
struct sock *sk;
265
+
struct hlist_nulls_node *node;
266
+
unsigned int slot;
267
+
268
+
for (slot = 0; slot <= hashinfo->ehash_mask; slot++) {
269
+
struct inet_ehash_bucket *head = &hashinfo->ehash[slot];
270
+
restart_rcu:
271
+
cond_resched();
272
+
rcu_read_lock();
273
+
restart:
274
+
sk_nulls_for_each_rcu(sk, node, &head->chain) {
275
+
if (sk->sk_state != TCP_TIME_WAIT)
276
+
continue;
277
+
tw = inet_twsk(sk);
278
+
if ((tw->tw_family != family) ||
279
+
refcount_read(&twsk_net(tw)->ns.count))
280
+
continue;
281
+
282
+
if (unlikely(!refcount_inc_not_zero(&tw->tw_refcnt)))
283
+
continue;
284
+
285
+
if (unlikely((tw->tw_family != family) ||
286
+
refcount_read(&twsk_net(tw)->ns.count))) {
287
+
inet_twsk_put(tw);
288
+
goto restart;
289
+
}
290
+
291
+
rcu_read_unlock();
292
+
local_bh_disable();
293
+
inet_twsk_deschedule_put(tw);
294
+
local_bh_enable();
295
+
goto restart_rcu;
296
+
}
297
+
/* If the nulls value we got at the end of this lookup is
298
+
* not the expected one, we must restart lookup.
299
+
* We probably met an item that was moved to another chain.
300
+
*/
301
+
if (get_nulls_value(node) != slot)
302
+
goto restart;
303
+
rcu_read_unlock();
304
+
}
305
+
}
306
+
EXPORT_SYMBOL_GPL(inet_twsk_purge);
+18
-5
net/ipv4/route.c
+18
-5
net/ipv4/route.c
···
1726
1726
struct in_device *in_dev = __in_dev_get_rcu(dev);
1727
1727
unsigned int flags = RTCF_MULTICAST;
1728
1728
struct rtable *rth;
1729
+
bool no_policy;
1729
1730
u32 itag = 0;
1730
1731
int err;
1731
1732
···
1737
1736
if (our)
1738
1737
flags |= RTCF_LOCAL;
1739
1738
1739
+
no_policy = IN_DEV_ORCONF(in_dev, NOPOLICY);
1740
+
if (no_policy)
1741
+
IPCB(skb)->flags |= IPSKB_NOPOLICY;
1742
+
1740
1743
rth = rt_dst_alloc(dev_net(dev)->loopback_dev, flags, RTN_MULTICAST,
1741
-
IN_DEV_ORCONF(in_dev, NOPOLICY), false);
1744
+
no_policy, false);
1742
1745
if (!rth)
1743
1746
return -ENOBUFS;
1744
1747
···
1801
1796
struct rtable *rth;
1802
1797
int err;
1803
1798
struct in_device *out_dev;
1804
-
bool do_cache;
1799
+
bool do_cache, no_policy;
1805
1800
u32 itag = 0;
1806
1801
1807
1802
/* get a working reference to the output device */
···
1846
1841
}
1847
1842
}
1848
1843
1844
+
no_policy = IN_DEV_ORCONF(in_dev, NOPOLICY);
1845
+
if (no_policy)
1846
+
IPCB(skb)->flags |= IPSKB_NOPOLICY;
1847
+
1849
1848
fnhe = find_exception(nhc, daddr);
1850
1849
if (do_cache) {
1851
1850
if (fnhe)
···
1862
1853
}
1863
1854
}
1864
1855
1865
-
rth = rt_dst_alloc(out_dev->dev, 0, res->type,
1866
-
IN_DEV_ORCONF(in_dev, NOPOLICY),
1856
+
rth = rt_dst_alloc(out_dev->dev, 0, res->type, no_policy,
1867
1857
IN_DEV_ORCONF(out_dev, NOXFRM));
1868
1858
if (!rth) {
1869
1859
err = -ENOBUFS;
···
2237
2229
struct rtable *rth;
2238
2230
struct flowi4 fl4;
2239
2231
bool do_cache = true;
2232
+
bool no_policy;
2240
2233
2241
2234
/* IP on this device is disabled. */
2242
2235
···
2356
2347
RT_CACHE_STAT_INC(in_brd);
2357
2348
2358
2349
local_input:
2350
+
no_policy = IN_DEV_ORCONF(in_dev, NOPOLICY);
2351
+
if (no_policy)
2352
+
IPCB(skb)->flags |= IPSKB_NOPOLICY;
2353
+
2359
2354
do_cache &= res->fi && !itag;
2360
2355
if (do_cache) {
2361
2356
struct fib_nh_common *nhc = FIB_RES_NHC(*res);
···
2374
2361
2375
2362
rth = rt_dst_alloc(ip_rt_get_dev(net, res),
2376
2363
flags | RTCF_LOCAL, res->type,
2377
-
IN_DEV_ORCONF(in_dev, NOPOLICY), false);
2364
+
no_policy, false);
2378
2365
if (!rth)
2379
2366
goto e_nobufs;
2380
2367
+2
net/ipv4/tcp_ipv4.c
+2
net/ipv4/tcp_ipv4.c
+6
net/ipv6/tcp_ipv6.c
+6
net/ipv6/tcp_ipv6.c
···
2207
2207
inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2208
2208
}
2209
2209
2210
+
static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2211
+
{
2212
+
inet_twsk_purge(&tcp_hashinfo, AF_INET6);
2213
+
}
2214
+
2210
2215
static struct pernet_operations tcpv6_net_ops = {
2211
2216
.init = tcpv6_net_init,
2212
2217
.exit = tcpv6_net_exit,
2218
+
.exit_batch = tcpv6_net_exit_batch,
2213
2219
};
2214
2220
2215
2221
int __init tcpv6_init(void)
+7
-5
net/key/af_key.c
+7
-5
net/key/af_key.c
···
2826
2826
void *ext_hdrs[SADB_EXT_MAX];
2827
2827
int err;
2828
2828
2829
-
pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL,
2830
-
BROADCAST_PROMISC_ONLY, NULL, sock_net(sk));
2829
+
err = pfkey_broadcast(skb_clone(skb, GFP_KERNEL), GFP_KERNEL,
2830
+
BROADCAST_PROMISC_ONLY, NULL, sock_net(sk));
2831
+
if (err)
2832
+
return err;
2831
2833
2832
2834
memset(ext_hdrs, 0, sizeof(ext_hdrs));
2833
2835
err = parse_exthdrs(skb, hdr, ext_hdrs);
···
2900
2898
break;
2901
2899
if (!aalg->pfkey_supported)
2902
2900
continue;
2903
-
if (aalg_tmpl_set(t, aalg))
2901
+
if (aalg_tmpl_set(t, aalg) && aalg->available)
2904
2902
sz += sizeof(struct sadb_comb);
2905
2903
}
2906
2904
return sz + sizeof(struct sadb_prop);
···
2918
2916
if (!ealg->pfkey_supported)
2919
2917
continue;
2920
2918
2921
-
if (!(ealg_tmpl_set(t, ealg)))
2919
+
if (!(ealg_tmpl_set(t, ealg) && ealg->available))
2922
2920
continue;
2923
2921
2924
2922
for (k = 1; ; k++) {
···
2929
2927
if (!aalg->pfkey_supported)
2930
2928
continue;
2931
2929
2932
-
if (aalg_tmpl_set(t, aalg))
2930
+
if (aalg_tmpl_set(t, aalg) && aalg->available)
2933
2931
sz += sizeof(struct sadb_comb);
2934
2932
}
2935
2933
}
+24
-12
net/mptcp/options.c
+24
-12
net/mptcp/options.c
···
107
107
ptr += 2;
108
108
}
109
109
if (opsize == TCPOLEN_MPTCP_MPC_ACK_DATA_CSUM) {
110
-
mp_opt->csum = (__force __sum16)get_unaligned_be16(ptr);
110
+
mp_opt->csum = get_unaligned((__force __sum16 *)ptr);
111
111
mp_opt->suboptions |= OPTION_MPTCP_CSUMREQD;
112
112
ptr += 2;
113
113
}
···
221
221
222
222
if (opsize == expected_opsize + TCPOLEN_MPTCP_DSS_CHECKSUM) {
223
223
mp_opt->suboptions |= OPTION_MPTCP_CSUMREQD;
224
-
mp_opt->csum = (__force __sum16)get_unaligned_be16(ptr);
224
+
mp_opt->csum = get_unaligned((__force __sum16 *)ptr);
225
225
ptr += 2;
226
226
}
227
227
···
1240
1240
WRITE_ONCE(msk->rcv_wnd_sent, ack_seq);
1241
1241
}
1242
1242
1243
-
u16 __mptcp_make_csum(u64 data_seq, u32 subflow_seq, u16 data_len, __wsum sum)
1243
+
__sum16 __mptcp_make_csum(u64 data_seq, u32 subflow_seq, u16 data_len, __wsum sum)
1244
1244
{
1245
1245
struct csum_pseudo_header header;
1246
1246
__wsum csum;
···
1256
1256
header.csum = 0;
1257
1257
1258
1258
csum = csum_partial(&header, sizeof(header), sum);
1259
-
return (__force u16)csum_fold(csum);
1259
+
return csum_fold(csum);
1260
1260
}
1261
1261
1262
-
static u16 mptcp_make_csum(const struct mptcp_ext *mpext)
1262
+
static __sum16 mptcp_make_csum(const struct mptcp_ext *mpext)
1263
1263
{
1264
1264
return __mptcp_make_csum(mpext->data_seq, mpext->subflow_seq, mpext->data_len,
1265
1265
~csum_unfold(mpext->csum));
1266
+
}
1267
+
1268
+
static void put_len_csum(u16 len, __sum16 csum, void *data)
1269
+
{
1270
+
__sum16 *sumptr = data + 2;
1271
+
__be16 *ptr = data;
1272
+
1273
+
put_unaligned_be16(len, ptr);
1274
+
1275
+
put_unaligned(csum, sumptr);
1266
1276
}
1267
1277
1268
1278
void mptcp_write_options(__be32 *ptr, const struct tcp_sock *tp,
···
1350
1340
put_unaligned_be32(mpext->subflow_seq, ptr);
1351
1341
ptr += 1;
1352
1342
if (opts->csum_reqd) {
1353
-
put_unaligned_be32(mpext->data_len << 16 |
1354
-
mptcp_make_csum(mpext), ptr);
1343
+
put_len_csum(mpext->data_len,
1344
+
mptcp_make_csum(mpext),
1345
+
ptr);
1355
1346
} else {
1356
1347
put_unaligned_be32(mpext->data_len << 16 |
1357
1348
TCPOPT_NOP << 8 | TCPOPT_NOP, ptr);
···
1403
1392
goto mp_capable_done;
1404
1393
1405
1394
if (opts->csum_reqd) {
1406
-
put_unaligned_be32(opts->data_len << 16 |
1407
-
__mptcp_make_csum(opts->data_seq,
1408
-
opts->subflow_seq,
1409
-
opts->data_len,
1410
-
~csum_unfold(opts->csum)), ptr);
1395
+
put_len_csum(opts->data_len,
1396
+
__mptcp_make_csum(opts->data_seq,
1397
+
opts->subflow_seq,
1398
+
opts->data_len,
1399
+
~csum_unfold(opts->csum)),
1400
+
ptr);
1411
1401
} else {
1412
1402
put_unaligned_be32(opts->data_len << 16 |
1413
1403
TCPOPT_NOP << 8 | TCPOPT_NOP, ptr);
+2
-3
net/mptcp/pm.c
+2
-3
net/mptcp/pm.c
···
178
178
struct mptcp_pm_data *pm = &msk->pm;
179
179
bool update_subflows;
180
180
181
-
update_subflows = (ssk->sk_state == TCP_CLOSE) &&
182
-
(subflow->request_join || subflow->mp_join);
181
+
update_subflows = subflow->request_join || subflow->mp_join;
183
182
if (!READ_ONCE(pm->work_pending) && !update_subflows)
184
183
return;
185
184
186
185
spin_lock_bh(&pm->lock);
187
186
if (update_subflows)
188
-
pm->subflows--;
187
+
__mptcp_pm_close_subflow(msk);
189
188
190
189
/* Even if this subflow is not really established, tell the PM to try
191
190
* to pick the next ones, if possible.
+17
-2
net/mptcp/protocol.h
+17
-2
net/mptcp/protocol.h
···
443
443
can_ack : 1, /* only after processing the remote a key */
444
444
disposable : 1, /* ctx can be free at ulp release time */
445
445
stale : 1, /* unable to snd/rcv data, do not use for xmit */
446
-
local_id_valid : 1; /* local_id is correctly initialized */
446
+
local_id_valid : 1, /* local_id is correctly initialized */
447
+
valid_csum_seen : 1; /* at least one csum validated */
447
448
enum mptcp_data_avail data_avail;
448
449
u32 remote_nonce;
449
450
u64 thmac;
···
724
723
void mptcp_crypto_key_sha(u64 key, u32 *token, u64 *idsn);
725
724
726
725
void mptcp_crypto_hmac_sha(u64 key1, u64 key2, u8 *msg, int len, void *hmac);
727
-
u16 __mptcp_make_csum(u64 data_seq, u32 subflow_seq, u16 data_len, __wsum sum);
726
+
__sum16 __mptcp_make_csum(u64 data_seq, u32 subflow_seq, u16 data_len, __wsum sum);
728
727
729
728
void __init mptcp_pm_init(void);
730
729
void mptcp_pm_data_init(struct mptcp_sock *msk);
···
833
832
unsigned int mptcp_pm_get_add_addr_accept_max(const struct mptcp_sock *msk);
834
833
unsigned int mptcp_pm_get_subflows_max(const struct mptcp_sock *msk);
835
834
unsigned int mptcp_pm_get_local_addr_max(const struct mptcp_sock *msk);
835
+
836
+
/* called under PM lock */
837
+
static inline void __mptcp_pm_close_subflow(struct mptcp_sock *msk)
838
+
{
839
+
if (--msk->pm.subflows < mptcp_pm_get_subflows_max(msk))
840
+
WRITE_ONCE(msk->pm.accept_subflow, true);
841
+
}
842
+
843
+
static inline void mptcp_pm_close_subflow(struct mptcp_sock *msk)
844
+
{
845
+
spin_lock_bh(&msk->pm.lock);
846
+
__mptcp_pm_close_subflow(msk);
847
+
spin_unlock_bh(&msk->pm.lock);
848
+
}
836
849
837
850
void mptcp_sockopt_sync(struct mptcp_sock *msk, struct sock *ssk);
838
851
void mptcp_sockopt_sync_locked(struct mptcp_sock *msk, struct sock *ssk);
+28
-7
net/mptcp/subflow.c
+28
-7
net/mptcp/subflow.c
···
888
888
{
889
889
struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk);
890
890
u32 offset, seq, delta;
891
-
u16 csum;
891
+
__sum16 csum;
892
892
int len;
893
893
894
894
if (!csum_reqd)
···
955
955
subflow->map_data_csum);
956
956
if (unlikely(csum)) {
957
957
MPTCP_INC_STATS(sock_net(ssk), MPTCP_MIB_DATACSUMERR);
958
-
subflow->send_mp_fail = 1;
959
-
MPTCP_INC_STATS(sock_net(ssk), MPTCP_MIB_MPFAILTX);
958
+
if (subflow->mp_join || subflow->valid_csum_seen) {
959
+
subflow->send_mp_fail = 1;
960
+
MPTCP_INC_STATS(sock_net(ssk), MPTCP_MIB_MPFAILTX);
961
+
}
960
962
return subflow->mp_join ? MAPPING_INVALID : MAPPING_DUMMY;
961
963
}
962
964
965
+
subflow->valid_csum_seen = 1;
963
966
return MAPPING_OK;
964
967
}
965
968
···
1144
1141
}
1145
1142
}
1146
1143
1144
+
static bool subflow_can_fallback(struct mptcp_subflow_context *subflow)
1145
+
{
1146
+
struct mptcp_sock *msk = mptcp_sk(subflow->conn);
1147
+
1148
+
if (subflow->mp_join)
1149
+
return false;
1150
+
else if (READ_ONCE(msk->csum_enabled))
1151
+
return !subflow->valid_csum_seen;
1152
+
else
1153
+
return !subflow->fully_established;
1154
+
}
1155
+
1147
1156
static bool subflow_check_data_avail(struct sock *ssk)
1148
1157
{
1149
1158
struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk);
···
1233
1218
return true;
1234
1219
}
1235
1220
1236
-
if (subflow->mp_join || subflow->fully_established) {
1221
+
if (!subflow_can_fallback(subflow)) {
1237
1222
/* fatal protocol error, close the socket.
1238
1223
* subflow_error_report() will introduce the appropriate barriers
1239
1224
*/
···
1437
1422
struct sockaddr_storage addr;
1438
1423
int remote_id = remote->id;
1439
1424
int local_id = loc->id;
1425
+
int err = -ENOTCONN;
1440
1426
struct socket *sf;
1441
1427
struct sock *ssk;
1442
1428
u32 remote_token;
1443
1429
int addrlen;
1444
1430
int ifindex;
1445
1431
u8 flags;
1446
-
int err;
1447
1432
1448
1433
if (!mptcp_is_fully_established(sk))
1449
-
return -ENOTCONN;
1434
+
goto err_out;
1450
1435
1451
1436
err = mptcp_subflow_create_socket(sk, &sf);
1452
1437
if (err)
1453
-
return err;
1438
+
goto err_out;
1454
1439
1455
1440
ssk = sf->sk;
1456
1441
subflow = mptcp_subflow_ctx(ssk);
···
1507
1492
failed:
1508
1493
subflow->disposable = 1;
1509
1494
sock_release(sf);
1495
+
1496
+
err_out:
1497
+
/* we account subflows before the creation, and this failures will not
1498
+
* be caught by sk_state_change()
1499
+
*/
1500
+
mptcp_pm_close_subflow(msk);
1510
1501
return err;
1511
1502
}
1512
1503
+11
-49
net/netfilter/nf_flow_table_core.c
+11
-49
net/netfilter/nf_flow_table_core.c
···
179
179
180
180
static void flow_offload_fixup_tcp(struct ip_ct_tcp *tcp)
181
181
{
182
-
tcp->state = TCP_CONNTRACK_ESTABLISHED;
183
182
tcp->seen[0].td_maxwin = 0;
184
183
tcp->seen[1].td_maxwin = 0;
185
184
}
186
185
187
-
static void flow_offload_fixup_ct_timeout(struct nf_conn *ct)
186
+
static void flow_offload_fixup_ct(struct nf_conn *ct)
188
187
{
189
188
struct net *net = nf_ct_net(ct);
190
189
int l4num = nf_ct_protonum(ct);
···
192
193
if (l4num == IPPROTO_TCP) {
193
194
struct nf_tcp_net *tn = nf_tcp_pernet(net);
194
195
195
-
timeout = tn->timeouts[TCP_CONNTRACK_ESTABLISHED];
196
+
flow_offload_fixup_tcp(&ct->proto.tcp);
197
+
198
+
timeout = tn->timeouts[ct->proto.tcp.state];
196
199
timeout -= tn->offload_timeout;
197
200
} else if (l4num == IPPROTO_UDP) {
198
201
struct nf_udp_net *tn = nf_udp_pernet(net);
···
210
209
211
210
if (nf_flow_timeout_delta(READ_ONCE(ct->timeout)) > (__s32)timeout)
212
211
WRITE_ONCE(ct->timeout, nfct_time_stamp + timeout);
213
-
}
214
-
215
-
static void flow_offload_fixup_ct_state(struct nf_conn *ct)
216
-
{
217
-
if (nf_ct_protonum(ct) == IPPROTO_TCP)
218
-
flow_offload_fixup_tcp(&ct->proto.tcp);
219
-
}
220
-
221
-
static void flow_offload_fixup_ct(struct nf_conn *ct)
222
-
{
223
-
flow_offload_fixup_ct_state(ct);
224
-
flow_offload_fixup_ct_timeout(ct);
225
212
}
226
213
227
214
static void flow_offload_route_release(struct flow_offload *flow)
···
324
335
u32 timeout;
325
336
326
337
timeout = nf_flowtable_time_stamp + flow_offload_get_timeout(flow);
327
-
if (READ_ONCE(flow->timeout) != timeout)
338
+
if (timeout - READ_ONCE(flow->timeout) > HZ)
328
339
WRITE_ONCE(flow->timeout, timeout);
340
+
else
341
+
return;
329
342
330
343
if (likely(!nf_flowtable_hw_offload(flow_table)))
331
344
return;
···
350
359
rhashtable_remove_fast(&flow_table->rhashtable,
351
360
&flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].node,
352
361
nf_flow_offload_rhash_params);
353
-
354
-
clear_bit(IPS_OFFLOAD_BIT, &flow->ct->status);
355
-
356
-
if (nf_flow_has_expired(flow))
357
-
flow_offload_fixup_ct(flow->ct);
358
-
else
359
-
flow_offload_fixup_ct_timeout(flow->ct);
360
-
361
362
flow_offload_free(flow);
362
363
}
363
364
364
365
void flow_offload_teardown(struct flow_offload *flow)
365
366
{
367
+
clear_bit(IPS_OFFLOAD_BIT, &flow->ct->status);
366
368
set_bit(NF_FLOW_TEARDOWN, &flow->flags);
367
-
368
-
flow_offload_fixup_ct_state(flow->ct);
369
+
flow_offload_fixup_ct(flow->ct);
369
370
}
370
371
EXPORT_SYMBOL_GPL(flow_offload_teardown);
371
372
···
421
438
return err;
422
439
}
423
440
424
-
static bool flow_offload_stale_dst(struct flow_offload_tuple *tuple)
425
-
{
426
-
struct dst_entry *dst;
427
-
428
-
if (tuple->xmit_type == FLOW_OFFLOAD_XMIT_NEIGH ||
429
-
tuple->xmit_type == FLOW_OFFLOAD_XMIT_XFRM) {
430
-
dst = tuple->dst_cache;
431
-
if (!dst_check(dst, tuple->dst_cookie))
432
-
return true;
433
-
}
434
-
435
-
return false;
436
-
}
437
-
438
-
static bool nf_flow_has_stale_dst(struct flow_offload *flow)
439
-
{
440
-
return flow_offload_stale_dst(&flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple) ||
441
-
flow_offload_stale_dst(&flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple);
442
-
}
443
-
444
441
static void nf_flow_offload_gc_step(struct nf_flowtable *flow_table,
445
442
struct flow_offload *flow, void *data)
446
443
{
447
444
if (nf_flow_has_expired(flow) ||
448
-
nf_ct_is_dying(flow->ct) ||
449
-
nf_flow_has_stale_dst(flow))
450
-
set_bit(NF_FLOW_TEARDOWN, &flow->flags);
445
+
nf_ct_is_dying(flow->ct))
446
+
flow_offload_teardown(flow);
451
447
452
448
if (test_bit(NF_FLOW_TEARDOWN, &flow->flags)) {
453
449
if (test_bit(NF_FLOW_HW, &flow->flags)) {
+19
net/netfilter/nf_flow_table_ip.c
+19
net/netfilter/nf_flow_table_ip.c
···
248
248
return true;
249
249
}
250
250
251
+
static inline bool nf_flow_dst_check(struct flow_offload_tuple *tuple)
252
+
{
253
+
if (tuple->xmit_type != FLOW_OFFLOAD_XMIT_NEIGH &&
254
+
tuple->xmit_type != FLOW_OFFLOAD_XMIT_XFRM)
255
+
return true;
256
+
257
+
return dst_check(tuple->dst_cache, tuple->dst_cookie);
258
+
}
259
+
251
260
static unsigned int nf_flow_xmit_xfrm(struct sk_buff *skb,
252
261
const struct nf_hook_state *state,
253
262
struct dst_entry *dst)
···
375
366
thoff = (iph->ihl * 4) + offset;
376
367
if (nf_flow_state_check(flow, iph->protocol, skb, thoff))
377
368
return NF_ACCEPT;
369
+
370
+
if (!nf_flow_dst_check(&tuplehash->tuple)) {
371
+
flow_offload_teardown(flow);
372
+
return NF_ACCEPT;
373
+
}
378
374
379
375
if (skb_try_make_writable(skb, thoff + hdrsize))
380
376
return NF_DROP;
···
637
623
thoff = sizeof(*ip6h) + offset;
638
624
if (nf_flow_state_check(flow, ip6h->nexthdr, skb, thoff))
639
625
return NF_ACCEPT;
626
+
627
+
if (!nf_flow_dst_check(&tuplehash->tuple)) {
628
+
flow_offload_teardown(flow);
629
+
return NF_ACCEPT;
630
+
}
640
631
641
632
if (skb_try_make_writable(skb, thoff + hdrsize))
642
633
return NF_DROP;
+1
-10
net/netfilter/nf_tables_api.c
+1
-10
net/netfilter/nf_tables_api.c
···
8342
8342
static bool nft_expr_reduce(struct nft_regs_track *track,
8343
8343
const struct nft_expr *expr)
8344
8344
{
8345
-
if (!expr->ops->reduce) {
8346
-
pr_warn_once("missing reduce for expression %s ",
8347
-
expr->ops->type->name);
8348
-
return false;
8349
-
}
8350
-
8351
-
if (nft_reduce_is_readonly(expr))
8352
-
return false;
8353
-
8354
-
return expr->ops->reduce(track, expr);
8345
+
return false;
8355
8346
}
8356
8347
8357
8348
static int nf_tables_commit_chain_prepare(struct net *net, struct nft_chain *chain)
+17
-11
net/netfilter/nft_flow_offload.c
+17
-11
net/netfilter/nft_flow_offload.c
···
36
36
route->tuple[dir].xmit_type = nft_xmit_type(dst_cache);
37
37
}
38
38
39
+
static bool nft_is_valid_ether_device(const struct net_device *dev)
40
+
{
41
+
if (!dev || (dev->flags & IFF_LOOPBACK) || dev->type != ARPHRD_ETHER ||
42
+
dev->addr_len != ETH_ALEN || !is_valid_ether_addr(dev->dev_addr))
43
+
return false;
44
+
45
+
return true;
46
+
}
47
+
39
48
static int nft_dev_fill_forward_path(const struct nf_flow_route *route,
40
49
const struct dst_entry *dst_cache,
41
50
const struct nf_conn *ct,
···
55
46
struct net_device *dev = dst_cache->dev;
56
47
struct neighbour *n;
57
48
u8 nud_state;
49
+
50
+
if (!nft_is_valid_ether_device(dev))
51
+
goto out;
58
52
59
53
n = dst_neigh_lookup(dst_cache, daddr);
60
54
if (!n)
···
72
60
if (!(nud_state & NUD_VALID))
73
61
return -1;
74
62
63
+
out:
75
64
return dev_fill_forward_path(dev, ha, stack);
76
65
}
77
66
···
90
77
u8 h_dest[ETH_ALEN];
91
78
enum flow_offload_xmit_type xmit_type;
92
79
};
93
-
94
-
static bool nft_is_valid_ether_device(const struct net_device *dev)
95
-
{
96
-
if (!dev || (dev->flags & IFF_LOOPBACK) || dev->type != ARPHRD_ETHER ||
97
-
dev->addr_len != ETH_ALEN || !is_valid_ether_addr(dev->dev_addr))
98
-
return false;
99
-
100
-
return true;
101
-
}
102
80
103
81
static void nft_dev_path_info(const struct net_device_path_stack *stack,
104
82
struct nft_forward_info *info,
···
123
119
info->indev = NULL;
124
120
break;
125
121
}
126
-
info->outdev = path->dev;
122
+
if (!info->outdev)
123
+
info->outdev = path->dev;
127
124
info->encap[info->num_encaps].id = path->encap.id;
128
125
info->encap[info->num_encaps].proto = path->encap.proto;
129
126
info->num_encaps++;
···
298
293
case IPPROTO_TCP:
299
294
tcph = skb_header_pointer(pkt->skb, nft_thoff(pkt),
300
295
sizeof(_tcph), &_tcph);
301
-
if (unlikely(!tcph || tcph->fin || tcph->rst))
296
+
if (unlikely(!tcph || tcph->fin || tcph->rst ||
297
+
!nf_conntrack_tcp_established(ct)))
302
298
goto out;
303
299
break;
304
300
case IPPROTO_UDP:
+1
-1
net/nfc/nci/data.c
+1
-1
net/nfc/nci/data.c
+2
-2
net/nfc/nci/hci.c
+2
-2
net/nfc/nci/hci.c
···
153
153
154
154
i = 0;
155
155
skb = nci_skb_alloc(ndev, conn_info->max_pkt_payload_len +
156
-
NCI_DATA_HDR_SIZE, GFP_KERNEL);
156
+
NCI_DATA_HDR_SIZE, GFP_ATOMIC);
157
157
if (!skb)
158
158
return -ENOMEM;
159
159
···
184
184
if (i < data_len) {
185
185
skb = nci_skb_alloc(ndev,
186
186
conn_info->max_pkt_payload_len +
187
-
NCI_DATA_HDR_SIZE, GFP_KERNEL);
187
+
NCI_DATA_HDR_SIZE, GFP_ATOMIC);
188
188
if (!skb)
189
189
return -ENOMEM;
190
190
+4
net/sched/act_pedit.c
+4
net/sched/act_pedit.c
···
232
232
for (i = 0; i < p->tcfp_nkeys; ++i) {
233
233
u32 cur = p->tcfp_keys[i].off;
234
234
235
+
/* sanitize the shift value for any later use */
236
+
p->tcfp_keys[i].shift = min_t(size_t, BITS_PER_TYPE(int) - 1,
237
+
p->tcfp_keys[i].shift);
238
+
235
239
/* The AT option can read a single byte, we can bound the actual
236
240
* value with uchar max.
237
241
*/
+1
-1
net/xfrm/xfrm_policy.c
+1
-1
net/xfrm/xfrm_policy.c
···
3744
3744
void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev)
3745
3745
{
3746
3746
while ((dst = xfrm_dst_child(dst)) && dst->xfrm && dst->dev == dev) {
3747
-
dst->dev = dev_net(dev)->loopback_dev;
3747
+
dst->dev = blackhole_netdev;
3748
3748
dev_hold(dst->dev);
3749
3749
dev_put(dev);
3750
3750
}
+1
-1
tools/testing/selftests/net/forwarding/Makefile
+1
-1
tools/testing/selftests/net/forwarding/Makefile
+46
-2
tools/testing/selftests/net/mptcp/mptcp_join.sh
+46
-2
tools/testing/selftests/net/mptcp/mptcp_join.sh
···
1444
1444
[ "${dump_stats}" = 1 ] && dump_stats
1445
1445
}
1446
1446
1447
+
chk_subflow_nr()
1448
+
{
1449
+
local need_title="$1"
1450
+
local msg="$2"
1451
+
local subflow_nr=$3
1452
+
local cnt1
1453
+
local cnt2
1454
+
1455
+
if [ -n "${need_title}" ]; then
1456
+
printf "%03u %-36s %s" "${TEST_COUNT}" "${TEST_NAME}" "${msg}"
1457
+
else
1458
+
printf "%-${nr_blank}s %s" " " "${msg}"
1459
+
fi
1460
+
1461
+
cnt1=$(ss -N $ns1 -tOni | grep -c token)
1462
+
cnt2=$(ss -N $ns2 -tOni | grep -c token)
1463
+
if [ "$cnt1" != "$subflow_nr" -o "$cnt2" != "$subflow_nr" ]; then
1464
+
echo "[fail] got $cnt1:$cnt2 subflows expected $subflow_nr"
1465
+
fail_test
1466
+
dump_stats=1
1467
+
else
1468
+
echo "[ ok ]"
1469
+
fi
1470
+
1471
+
[ "${dump_stats}" = 1 ] && ( ss -N $ns1 -tOni ; ss -N $ns1 -tOni | grep token; ip -n $ns1 mptcp endpoint )
1472
+
}
1473
+
1447
1474
chk_link_usage()
1448
1475
{
1449
1476
local ns=$1
···
2583
2556
fi
2584
2557
}
2585
2558
2586
-
implicit_tests()
2559
+
endpoint_tests()
2587
2560
{
2588
2561
# userspace pm type prevents add_addr
2589
2562
if reset "implicit EP"; then
···
2603
2576
pm_nl_add_endpoint $ns2 10.0.2.2 flags signal
2604
2577
pm_nl_check_endpoint 0 "modif is allowed" \
2605
2578
$ns2 10.0.2.2 id 1 flags signal
2579
+
wait
2580
+
fi
2581
+
2582
+
if reset "delete and re-add"; then
2583
+
pm_nl_set_limits $ns1 1 1
2584
+
pm_nl_set_limits $ns2 1 1
2585
+
pm_nl_add_endpoint $ns2 10.0.2.2 id 2 dev ns2eth2 flags subflow
2586
+
run_tests $ns1 $ns2 10.0.1.1 4 0 0 slow &
2587
+
2588
+
wait_mpj $ns2
2589
+
pm_nl_del_endpoint $ns2 2 10.0.2.2
2590
+
sleep 0.5
2591
+
chk_subflow_nr needtitle "after delete" 1
2592
+
2593
+
pm_nl_add_endpoint $ns2 10.0.2.2 dev ns2eth2 flags subflow
2594
+
wait_mpj $ns2
2595
+
chk_subflow_nr "" "after re-add" 2
2606
2596
wait
2607
2597
fi
2608
2598
}
···
2668
2624
d@deny_join_id0_tests
2669
2625
m@fullmesh_tests
2670
2626
z@fastclose_tests
2671
-
I@implicit_tests
2627
+
I@endpoint_tests
2672
2628
)
2673
2629
2674
2630
all_tests_args=""