platform/kernel/linux-rpi3.git
6 years agonet sched actions: implement get_fill_size routine in act_gact
Roman Mashak [Thu, 8 Mar 2018 21:59:20 +0000 (16:59 -0500)]
net sched actions: implement get_fill_size routine in act_gact

Signed-off-by: Roman Mashak <mrv@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet sched actions: calculate add/delete event message size
Roman Mashak [Thu, 8 Mar 2018 21:59:19 +0000 (16:59 -0500)]
net sched actions: calculate add/delete event message size

Introduce routines to calculate size of the shared tc netlink attributes
and the full message size including netlink header and tc service header.

Update add/delete action logic to have the size for event messages,
the size is passed to tcf_add_notify() and tcf_del_notify() where the
notification message is being allocated and constructed.

Signed-off-by: Roman Mashak <mrv@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet sched actions: add new tc_action_ops callback
Roman Mashak [Thu, 8 Mar 2018 21:59:18 +0000 (16:59 -0500)]
net sched actions: add new tc_action_ops callback

Add a new callback in tc_action_ops, it will be needed by the tc actions
to compute its size when a ADD/DELETE notification message is constructed.
This routine has to take into account optional/variable size TLVs specific
per action.

Signed-off-by: Roman Mashak <mrv@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet sched actions: update Add/Delete action API with new argument
Roman Mashak [Thu, 8 Mar 2018 21:59:17 +0000 (16:59 -0500)]
net sched actions: update Add/Delete action API with new argument

Introduce a new function argument to carry total attributes size for
correct allocation of skb in event messages.

Signed-off-by: Roman Mashak <mrv@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: do not create fallback tunnels for non-default namespaces
Eric Dumazet [Thu, 8 Mar 2018 20:51:41 +0000 (12:51 -0800)]
net: do not create fallback tunnels for non-default namespaces

fallback tunnels (like tunl0, gre0, gretap0, erspan0, sit0,
ip6tnl0, ip6gre0) are automatically created when the corresponding
module is loaded.

These tunnels are also automatically created when a new network
namespace is created, at a great cost.

In many cases, netns are used for isolation purposes, and these
extra network devices are a waste of resources. We are using
thousands of netns per host, and hit the netns creation/delete
bottleneck a lot. (Many thanks to Kirill for recent work on this)

Add a new sysctl so that we can opt-out from this automatic creation.

Note that these tunnels are still created for the initial namespace,
to be the least intrusive for typical setups.

Tested:
lpk43:~# cat add_del_unshare.sh
for i in `seq 1 40`
do
 (for j in `seq 1 100` ; do  unshare -n /bin/true >/dev/null ; done) &
done
wait

lpk43:~# echo 0 >/proc/sys/net/core/fb_tunnels_only_for_init_net
lpk43:~# time ./add_del_unshare.sh

real 0m37.521s
user 0m0.886s
sys 7m7.084s
lpk43:~# echo 1 >/proc/sys/net/core/fb_tunnels_only_for_init_net
lpk43:~# time ./add_del_unshare.sh

real 0m4.761s
user 0m0.851s
sys 1m8.343s
lpk43:~#

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agotools: tc-testing: Can pause just before post-suite
Brenda J. Butler [Thu, 8 Mar 2018 20:28:03 +0000 (15:28 -0500)]
tools: tc-testing: Can pause just before post-suite

With option -P, the test script will pause just before
the post_suite functions are called.  This allows the tester to
inspect the system before it is torn down.

Signed-off-by: Brenda J. Butler <bjb@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agotools: tc-testing: Can refer to $TESTID in test spec
Brenda J. Butler [Thu, 8 Mar 2018 20:27:44 +0000 (15:27 -0500)]
tools: tc-testing: Can refer to $TESTID in test spec

When processing the commands in the test cases, substitute
the test id for $TESTID.  This helps to make more flexible
tests.  For example, the testid can be given as a command
line argument.

As an example, if we wish to save the test output to a file
named for the test case, we can write in the test case:

"cmdUnderTest": "some test command | tee -a $TESTID.out"

Signed-off-by: Brenda J. Butler <bjb@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: dsa: mv88e6xxx: Fix irq free'ing
Andrew Lunn [Thu, 8 Mar 2018 20:21:36 +0000 (21:21 +0100)]
net: dsa: mv88e6xxx: Fix irq free'ing

Call the common irq free function, rather than going recursive and
blowing away the stack, followed by the machine.

Fixes: 294d711ee8c0 ("net: dsa: mv88e6xxx: Poll when no interrupt defined")
Signed-off-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agotc-testing: add csum tests
Roman Mashak [Thu, 8 Mar 2018 19:56:43 +0000 (14:56 -0500)]
tc-testing: add csum tests

Signed-off-by: Roman Mashak <mrv@mojatatu.com>
Tested-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: usb: asix88179_178a: de-duplicate code
Alexander Kurz [Thu, 8 Mar 2018 11:19:54 +0000 (11:19 +0000)]
net: usb: asix88179_178a: de-duplicate code

Remove the duplicated code for asix88179_178a bind and reset methods.

Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: usb: asix88179_178a: set permanent address once only
Alexander Kurz [Thu, 8 Mar 2018 11:19:53 +0000 (11:19 +0000)]
net: usb: asix88179_178a: set permanent address once only

The permanent address of asix88179_178a devices is read at probe time
and should not be overwritten later. Otherwise it may be overwritten
unintentionally with a configured address.

Signed-off-by: Alexander Kurz <akurz@blala.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'ntuple-filters-with-RSS'
David S. Miller [Fri, 9 Mar 2018 02:54:52 +0000 (21:54 -0500)]
Merge branch 'ntuple-filters-with-RSS'

Edward Cree says:

====================
ntuple filters with RSS

This series introduces the ability to mark an ethtool steering filter to use
 RSS spreading, and the ability to create and configure multiple RSS contexts
 with different indirection tables, hash keys, and hash fields.
An implementation for the sfc driver (for 7000-series and later SFC NICs) is
 included in patch 2/2.

The anticipated use case of this feature is for steering traffic destined for
 a container (or virtual machine) to the subset of CPUs on which processes in
 the container (or the VM's vCPUs) are bound, while retaining the scalability
 of RSS spreading from the viewpoint inside the container.
The use of both a base queue number (ring_cookie) and indirection table is
 intended to allow re-use of a single RSS context to target multiple sets of
 CPUs.  For instance, if an 8-core system is hosting three containers on CPUs
 [1,2], [3,4] and [6,7], then a single RSS context with an equal-weight [0,1]
 indirection table could be used to target all three containers by setting
 ring_cookie to 1, 3 and 6 on the respective filters.

v2: Initialised ctx in efx_ef10_filter_insert() to avoid (false positive) gcc
 warning.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agosfc: support RSS spreading of ethtool ntuple filters
Edward Cree [Thu, 8 Mar 2018 15:45:17 +0000 (15:45 +0000)]
sfc: support RSS spreading of ethtool ntuple filters

Use a linked list to associate user-facing context IDs with FW-facing
 context IDs (since the latter can change after an MC reset).

Signed-off-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: ethtool: extend RXNFC API to support RSS spreading of filter matches
Edward Cree [Thu, 8 Mar 2018 15:45:03 +0000 (15:45 +0000)]
net: ethtool: extend RXNFC API to support RSS spreading of filter matches

We use a two-step process to configure a filter with RSS spreading.  First,
 the RSS context is allocated and configured using ETHTOOL_SRSSH; this
 returns an identifier (rss_context) which can then be passed to subsequent
 invocations of ETHTOOL_SRXCLSRLINS to specify that the offset from the RSS
 indirection table lookup should be added to the queue number (ring_cookie)
 when delivering the packet.  Drivers for devices which can only use the
 indirection table entry directly (not add it to a base queue number)
 should reject rule insertions combining RSS with a nonzero ring_cookie.

Signed-off-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agords: rds_info_from_znotifier() can be static
kbuild test robot [Thu, 8 Mar 2018 11:37:30 +0000 (19:37 +0800)]
rds: rds_info_from_znotifier() can be static

Fixes: 9426bbc6de99 ("rds: use list structure to track information for zerocopy completion notification")
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agords: rds_message_zcopy_from_user() can be static
kbuild test robot [Thu, 8 Mar 2018 10:56:14 +0000 (18:56 +0800)]
rds: rds_message_zcopy_from_user() can be static

Fixes: d40a126b16ea ("rds: refactor zcopy code into rds_message_zcopy_from_user")
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Acked-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet/ncsi: unlock on error in ncsi_set_interface_nl()
Dan Carpenter [Thu, 8 Mar 2018 09:36:28 +0000 (12:36 +0300)]
net/ncsi: unlock on error in ncsi_set_interface_nl()

There are two error paths which are missing unlocks in this function.

Fixes: 955dc68cb9b2 ("net/ncsi: Add generic netlink family")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet/ncsi: use kfree_skb() instead of kfree()
Dan Carpenter [Thu, 8 Mar 2018 09:36:04 +0000 (12:36 +0300)]
net/ncsi: use kfree_skb() instead of kfree()

We're supposed to use kfree_skb() to free these sk_buffs.

Fixes: 955dc68cb9b2 ("net/ncsi: Add generic netlink family")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoliquidio: avoid doing useless work
Prasad Kanneganti [Thu, 8 Mar 2018 06:23:32 +0000 (22:23 -0800)]
liquidio: avoid doing useless work

Avoid doing useless work by making sure that the response_list is not empty
before scheduling work to process it.

Signed-off-by: Prasad Kanneganti <prasad.kanneganti@cavium.com>
Signed-off-by: Felix Manlunas <felix.manlunas@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoliquidio: Resolved mbox read issue while reading more than one 64bit data
Intiyaz Basha [Thu, 8 Mar 2018 06:12:24 +0000 (22:12 -0800)]
liquidio: Resolved mbox read issue while reading more than one 64bit data

Corrected length check when data received in the mbox is more than one
64 bit data value

Signed-off-by: Intiyaz Basha <intiyaz.basha@cavium.com>
Signed-off-by: Felix Manlunas <felix.manlunas@cavium.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge tag 'mlx5-updates-2018-02-28-2' of git://git.kernel.org/pub/scm/linux/kernel...
David S. Miller [Thu, 8 Mar 2018 19:43:48 +0000 (14:43 -0500)]
Merge tag 'mlx5-updates-2018-02-28-2' of git://git./linux/kernel/git/mellanox/linux

Saeed Mahameed says:

====================
mlx5-updates-2018-02-28-2 (IPSec-2)

This series follows our previous one to lay out the foundations for IPSec
in user-space and extend current kernel netdev IPSec support. As noted in
our previous pull request cover letter "mlx5-updates-2018-02-28-1 (IPSec-1)",
the IPSec mechanism will be supported through our flow steering mechanism.
Therefore, we need to change the initialization order. Furthermore, IPsec
is also supported in both egress and ingress. Since our current flow
steering is egress only, we add an empty (only implemented through FPGA
steering ops) egress namespace to handle that case. We also implement
the required flow steering callbacks and logic in our FPGA driver.

We extend the FPGA support for ESN and modifying a xfrm too. Therefore, we
add support for some new FPGA command interface that supports them. The
other required bits are added too. The new features and requirements are
advertised via cap bits.

Last but not least, we revise our driver's accel_esp API. This API will be
shared between our netdev and IB driver, so we need to have all the required
functionality from both worlds.

Regards,
Aviad and Matan
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'ibmvnic-Clean-up-net-close-and-fix-reset-bug'
David S. Miller [Thu, 8 Mar 2018 17:51:46 +0000 (12:51 -0500)]
Merge branch 'ibmvnic-Clean-up-net-close-and-fix-reset-bug'

Thomas Falcon says:

====================
ibmvnic: Clean up net close and fix reset bug

This patch set cleans up and reorganizes the driver's net_device
close function and leverages that to fix up a bug that can occur
during some device resets. Some reset cases require the backing
adapter to be disabled before continuing, but other cases, such as
during a device failover or partition migration, do not require this
step. Since the device will not be initialized at this stage and
its command-processing queue is closed, do not send the request to
disable the device as it could result in an error or timeout
disrupting the reset.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoibmvnic: Do not disable device during failover or partition migration
Thomas Falcon [Wed, 7 Mar 2018 23:51:47 +0000 (17:51 -0600)]
ibmvnic: Do not disable device during failover or partition migration

During a device failover or partition migration reset, it is not
necessary to disable the backing adapter since it should not be
running yet and its Command-Response Queue is closed. Sending
device commands during this time could result in an error or
timeout disrupting the reset process. In these cases, just halt
transmissions, clean up resources, and continue with reset.

Signed-off-by: Thomas Falcon <tlfalcon@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoibmvnic: Reorganize device close
Thomas Falcon [Wed, 7 Mar 2018 23:51:46 +0000 (17:51 -0600)]
ibmvnic: Reorganize device close

Introduce a function to halt network operations and clean up any
unused or outstanding socket buffers. Then, during device close,
disable backing adapter before halting all queues and performing
cleanup. This ensures all backing device operations will be
stopped before the driver cleans up shared resources.

Signed-off-by: Thomas Falcon <tlfalcon@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoibmvnic: Clean up device close
Thomas Falcon [Wed, 7 Mar 2018 23:51:45 +0000 (17:51 -0600)]
ibmvnic: Clean up device close

Remove some dead code now that RX pools are being cleaned. This
was included to wait until any pending RX queue interrupts are
processed, but NAPI polling should be disabled by this point.

Another minor change is to use the net device parameter for any
print functions instead of accessing it from the adapter structure.

Signed-off-by: Thomas Falcon <tlfalcon@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoopenvswitch: fix vport packet length check.
William Tu [Wed, 7 Mar 2018 23:38:48 +0000 (15:38 -0800)]
openvswitch: fix vport packet length check.

When sending a packet to a tunnel device, the dev's hard_header_len
could be larger than the skb->len in function packet_length().
In the case of ip6gretap/erspan, hard_header_len = LL_MAX_HEADER + t_hlen,
which is around 180, and an ARP packet sent to this tunnel has
skb->len = 42.  This causes the 'unsign int length' to become super
large because it is negative value, causing the later ovs_vport_send
to drop it due to over-mtu size.  The patch fixes it by setting it to 0.

Signed-off-by: William Tu <u9012063@gmail.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'pernet-convert-part5'
David S. Miller [Thu, 8 Mar 2018 17:36:46 +0000 (12:36 -0500)]
Merge branch 'pernet-convert-part5'

Kirill Tkhai says:

====================
Converting pernet_operations (part #5)

this series continues to review and to convert pernet_operations
to make them possible to be executed in parallel for several
net namespaces in the same time. There are mostly netfilter
operations (and they should be the last netfilter's), also
there are two patches touching pktgen and xfrm.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convet ipv6_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:41:23 +0000 (12:41 +0300)]
net: Convet ipv6_net_ops

These pernet_operations are similar to ipv4_net_ops.
They are safe to be async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert ipv4_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:41:16 +0000 (12:41 +0300)]
net: Convert ipv4_net_ops

These pernet_operations register and unregister bunch
of nf_conntrack_l4proto. Exit method unregisters related
sysctl, init method calls init_net and get_net_proto.
The whole builtin_l4proto4 array has pretty simple
init_net and get_net_proto methods. The first one register
sysctl table, the second one is just RO memory dereference.
So, these pernet_operations are safe to be marked as async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert iptable_security_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:41:07 +0000 (12:41 +0300)]
net: Convert iptable_security_net_ops

These pernet_operations unregister net::ipv4::iptable_security table.
Another net/pernet_operations do not send ipv4 packets to foreign
net namespaces. So, we mark them async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert iptable_raw_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:58 +0000 (12:40 +0300)]
net: Convert iptable_raw_net_ops

These pernet_operations unregister net::ipv4::iptable_raw table.
Another net/pernet_operations do not send ipv4 packets to foreign
net namespaces. So, we mark them async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert iptable_nat_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:45 +0000 (12:40 +0300)]
net: Convert iptable_nat_net_ops

These pernet_operations unregister net::ipv4::nat_table table.
Another net/pernet_operations do not send ipv4 packets to foreign
net namespaces. So, we mark them async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert iptable_mangle_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:36 +0000 (12:40 +0300)]
net: Convert iptable_mangle_net_ops

These pernet_operations unregister net::ipv4::iptable_mangle table.
Another net/pernet_operations do not send ipv4 packets to foreign
net namespaces. So, we mark them async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert arptable_filter_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:28 +0000 (12:40 +0300)]
net: Convert arptable_filter_net_ops

These pernet_operations unregister net::ipv4::arptable_filter.
Another net/pernet_operations do not send arp packets to foreign
net namespaces. So, we mark them async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert pg_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:19 +0000 (12:40 +0300)]
net: Convert pg_net_ops

These pernet_operations create per-net pktgen threads
and /proc entries. These pernet subsys looks closed
in itself, and there are no pernet_operations outside
this file, which are interested in the threads.
Init and/or exit methods look safe to be executed
in parallel.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert nfnl_queue_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:09 +0000 (12:40 +0300)]
net: Convert nfnl_queue_net_ops

These pernet_operations register and unregister net::nf::queue_handler
and /proc entry. The handler is accessed only under RCU, so this looks
safe to convert them.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert nfnl_log_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:40:00 +0000 (12:40 +0300)]
net: Convert nfnl_log_net_ops

These pernet_operations create and destroy /proc entries.
Also, exit method unsets nfulnl_logger. The logger is not
set by default, and it becomes bound via userspace request.
So, they look safe to be made async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert cttimeout_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:39:51 +0000 (12:39 +0300)]
net: Convert cttimeout_ops

These pernet_operations also look closed in themself.
Exit method touch only per-net structures, so it's
safe to execute them for several net namespaces in parallel.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert nfnl_acct_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:39:42 +0000 (12:39 +0300)]
net: Convert nfnl_acct_ops

These pernet_operations look closed in themself,
and there are no other users of net::nfnl_acct_list
outside. They are safe to be executed for several
net namespaces in parallel.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert nfnetlink_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:39:33 +0000 (12:39 +0300)]
net: Convert nfnetlink_net_ops

These pernet_operations create and destroy net::nfnl
socket of NETLINK_NETFILTER code. There are no other
places, where such type the socket is created, except
these pernet_operations. It seem other pernet_operations
depending on CONFIG_NETFILTER_NETLINK send messages
to this socket. So, we mark it async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert nf_tables_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:39:23 +0000 (12:39 +0300)]
net: Convert nf_tables_net_ops

These pernet_operations looks nicely separated per-net.
Exit method unregisters net's nf tables objects.
We allow them be executed in parallel.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert xfrm_user_net_ops
Kirill Tkhai [Wed, 7 Mar 2018 09:39:14 +0000 (12:39 +0300)]
net: Convert xfrm_user_net_ops

These pernet_operations create and destroy net::xfrm::nlsk
socket of NETLINK_XFRM. There is only entry point, where
it's dereferenced, it's xfrm_user_rcv_msg(). There is no
in-kernel senders to this socket.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: Convert ip6 tables pernet_operations
Kirill Tkhai [Wed, 7 Mar 2018 09:39:06 +0000 (12:39 +0300)]
net: Convert ip6 tables pernet_operations

The pernet_operations:

    ip6table_filter_net_ops
    ip6table_mangle_net_ops
    ip6table_nat_net_ops
    ip6table_raw_net_ops
    ip6table_security_net_ops

have exit methods, which call ip6t_unregister_table().
ip6table_filter_net_ops has init method registering
filter table.

Since there must not be in-flight ipv6 packets at the time
of pernet_operations execution and since pernet_operations
don't send ipv6 packets each other, these pernet_operations
are safe to be async.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet/sched: cls_flower: Add support to handle first frag as match field
Pieter Jansen van Vuuren [Tue, 6 Mar 2018 17:11:14 +0000 (18:11 +0100)]
net/sched: cls_flower: Add support to handle first frag as match field

Allow setting firstfrag as matching option in tc flower classifier.

 # tc filter add dev eth0 protocol ip parent ffff: \
     flower indev eth0 \
        ip_flags firstfrag
     action mirred egress redirect dev eth1

Signed-off-by: Pieter Jansen van Vuuren <pieter.jansenvanvuuren@netronome.com>
Signed-off-by: Simon Horman <simon.horman@netronome.com>
Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'hns3-next'
David S. Miller [Thu, 8 Mar 2018 16:23:38 +0000 (11:23 -0500)]
Merge branch 'hns3-next'

Peng Li says:

====================
fix some bugs for hns3 driver

This patchset fix some bugs for hns3 driver.
[Patch 1/6 - Patch 3/6] fix bugs related about VF driver.
[Patch 3/6 - Patch 6/6] fix the bugs about ethtool_ops.set_channels.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: hns3: add support for VF driver inner interface hclgevf_ops.get_tqps_and_rss_info
Peng Li [Thu, 8 Mar 2018 11:41:55 +0000 (19:41 +0800)]
net: hns3: add support for VF driver inner interface hclgevf_ops.get_tqps_and_rss_info

This patch adds support for VF driver inner interface
hclgevf_ops.get_tqps_and_rss_info. This interface will be
used in the initialization process.

Signed-off-by: Peng Li <lipeng321@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: hns3: set the max ring num when alloc netdev
Peng Li [Thu, 8 Mar 2018 11:41:54 +0000 (19:41 +0800)]
net: hns3: set the max ring num when alloc netdev

HNS3 driver should alloc netdev with max support ring num, as
driver support change netdev count by ethtool -L.

Signed-off-by: Peng Li <lipeng321@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: hns3: fix the queue id for tqp enable&&reset
Peng Li [Thu, 8 Mar 2018 11:41:53 +0000 (19:41 +0800)]
net: hns3: fix the queue id for tqp enable&&reset

Command HCLGE_OPC_CFG_COM_TQP_QUEUE should use queue id in the
function, but command HCLGE_OPC_RESET_TQP_QUEUE should use global
queue id.
This patch fixes the queue id about queue enable/disable/reset.

Signed-off-by: Peng Li <lipeng321@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: hns3: fix endian issue when PF get mbx message flag
Peng Li [Thu, 8 Mar 2018 11:41:52 +0000 (19:41 +0800)]
net: hns3: fix endian issue when PF get mbx message flag

This patch fixes the endian issue when PF get mbx message flag.

Signed-off-by: Peng Li <lipeng321@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: hns3: set the cmdq out_vld bit to 0 after used
Peng Li [Thu, 8 Mar 2018 11:41:51 +0000 (19:41 +0800)]
net: hns3: set the cmdq out_vld bit to 0 after used

Driver check the out_vld bit when get a new cmdq BD, if the bit is 1,
the BD is valid. driver Should set the bit 0 after used and hw will
set the bit 1 if get a valid BD.

Signed-off-by: Peng Li <lipeng321@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: hns3: VF should get the real rss_size instead of rss_size_max
Peng Li [Thu, 8 Mar 2018 11:41:50 +0000 (19:41 +0800)]
net: hns3: VF should get the real rss_size instead of rss_size_max

VF driver should get the real rss_size which is assigned
by host PF, not rss_size_max.

Signed-off-by: Peng Li <lipeng321@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agodevlink: Change dpipe/resource get privileges
Arkadi Sharshevsky [Thu, 8 Mar 2018 10:52:25 +0000 (12:52 +0200)]
devlink: Change dpipe/resource get privileges

Let dpipe/resource be retrieved by unprivileged users.

Signed-off-by: Arkadi Sharshevsky <arkadis@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoselftests/net: enable fragments for fib-onlink-tests
Anders Roxell [Thu, 8 Mar 2018 10:17:23 +0000 (11:17 +0100)]
selftests/net: enable fragments for fib-onlink-tests

We miss CONFIG_* fragments so test fib-onlink-tests.sh can do:
ip li add lisa type vrf table 1101
ip li add veth1 type veth peer name veth2

And the follow message occurs if it isn't enabled:
Configuring interfaces
RTNETLINK answers: Operation not supported

This enables for NET_NRF (and friends) and VETH so we can create a vrf
table and veth.

Fixes: 153e1b84f477 ("selftests: Add FIB onlink tests")
Signed-off-by: Anders Roxell <anders.roxell@linaro.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoipvlan: properly annotate rx_handler access
Paolo Abeni [Thu, 8 Mar 2018 09:29:30 +0000 (10:29 +0100)]
ipvlan: properly annotate rx_handler access

The rx_handler field is rcu-protected, but I forgot to use the
proper accessor while refactoring netif_is_ipvlan_port(). Such
function only check the rx_handler value, so it is safe, but we need
to properly read rx_handler via rcu_access_pointer() to avoid sparse
warnings.

Fixes: 1ec54cb44e67 ("net: unpollute priv_flags space")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet/mlx5: Fix wrongly assigned CQ reference counter
Leon Romanovsky [Wed, 28 Feb 2018 09:18:13 +0000 (11:18 +0200)]
net/mlx5: Fix wrongly assigned CQ reference counter

The kernel compiled with CONFIG_REFCOUNT_FULL produces the following
error. The reason to it that initial value of refcount_t is supposed
to be more than 0, change it.

[    3.106634] ------------[ cut here ]------------
[    3.107756] refcount_t: increment on 0; use-after-free.
[    3.109130] WARNING: CPU: 0 PID: 1 at lib/refcount.c:153 refcount_inc+0x27/0x30
[    3.110085] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.16.0-rc1-00028-gf683e04bdccc #137
[    3.110085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
[    3.110085] RIP: 0010:refcount_inc+0x27/0x30
[    3.110085] RSP: 0000:ffffaa620000fba0 EFLAGS: 00010286
[    3.110085] RAX: 0000000000000000 RBX: ffff9a6d1a1821c8 RCX: ffffffff98a50f48
[    3.110085] RDX: 0000000000000001 RSI: 0000000000000086 RDI: 0000000000000246
[    3.110085] RBP: ffff9a6d1ac800a0 R08: 0000000000000289 R09: 000000000000000a
[    3.110085] R10: fffff03bc0682840 R11: ffffffff9949856d R12: ffff9a6d1b4a4000
[    3.110085] R13: 0000000000000000 R14: ffff9a6d1a0a6c00 R15: ffffaa620000fc5c
[    3.110085] FS:  0000000000000000(0000) GS:ffff9a6d1fc00000(0000) knlGS:0000000000000000
[    3.110085] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    3.110085] CR2: 0000000000000000 CR3: 000000000ba0a000 CR4: 00000000000006b0
[    3.110085] Call Trace:
[    3.110085]  mlx5_core_create_cq+0xde/0x250
[    3.110085]  ? __kmalloc+0x1ce/0x1e0
[    3.110085]  mlx5e_create_cq+0x15c/0x1e0
[    3.110085]  mlx5e_open_drop_rq+0xea/0x190
[    3.110085]  mlx5e_attach_netdev+0x53/0x140
[    3.110085]  mlx5e_attach+0x3d/0x60
[    3.110085]  mlx5e_add+0x11d/0x2f0
[    3.110085]  mlx5_add_device+0x77/0x170
[    3.110085]  mlx5_register_interface+0x74/0xc0
[    3.110085]  ? set_debug_rodata+0x11/0x11
[    3.110085]  init+0x67/0x72
[    3.110085]  ? mlx4_en_init_ptys2ethtool_map+0x346/0x346
[    3.110085]  do_one_initcall+0x98/0x147
[    3.110085]  ? set_debug_rodata+0x11/0x11
[    3.110085]  kernel_init_freeable+0x164/0x1e0
[    3.110085]  ? rest_init+0xb0/0xb0
[    3.110085]  kernel_init+0xa/0x100
[    3.110085]  ret_from_fork+0x35/0x40
[    3.110085] Code: 00 00 00 00 e8 ab ff ff ff 84 c0 74 02 f3 c3 80 3d 3b c3 64 01 00 75 f5 48 c7 c7 68 0b 81 98 c6 05 2b c3 64 01 01 e8 79 d7 a3 ff <0f> ff c3 66 0f 1f 44 00 00 8b 06 83 f8 ff 74 39 31 c9 39 f8 89
[    3.110085] ---[ end trace a0068e1c68438a74 ]---

Fixes: f105b45bf77c ("net/mlx5: CQ hold/put API")
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: IPSec, Add support for ESN
Aviad Yehezkel [Thu, 18 Jan 2018 14:02:17 +0000 (16:02 +0200)]
net/mlx5: IPSec, Add support for ESN

Currently ESN is not supported with IPSec device offload.

This patch adds ESN support to IPsec device offload.
Implementing new xfrm device operation to synchronize offloading device
ESN with xfrm received SN. New QP command to update SA state at the
following:

           ESN 1                    ESN 2                  ESN 3
|-----------*-----------|-----------*-----------|-----------*
^           ^           ^           ^           ^           ^

^ - marks where QP command invoked to update the SA ESN state
    machine.
| - marks the start of the ESN scope (0-2^32-1). At this point move SA
    ESN overlap bit to zero and increment ESN.
* - marks the middle of the ESN scope (2^31). At this point move SA
    ESN overlap bit to one.

Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Yossef Efraim <yossefe@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5e: Added common function for to_ipsec_sa_entry
Aviad Yehezkel [Thu, 18 Jan 2018 14:31:55 +0000 (16:31 +0200)]
net/mlx5e: Added common function for to_ipsec_sa_entry

New function for getting driver internal sa entry from xfrm state.
All checks are done in one function.

Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: Add flow-steering commands for FPGA IPSec implementation
Aviad Yehezkel [Sun, 18 Feb 2018 13:07:20 +0000 (15:07 +0200)]
net/mlx5: Add flow-steering commands for FPGA IPSec implementation

In order to add a context to the FPGA, we need to get both the software
transform context (which includes the keys, etc) and the
source/destination IPs (which are included in the steering
rule). Therefore, we register new set of firmware like commands for
the FPGA. Each time a rule is added, the steering core infrastructure
calls the FPGA command layer. If the rule is intended for the FPGA,
it combines the IPs information with the software transformation
context and creates the respective hardware transform.
Afterwards, it calls the standard steering command layer.

Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: Refactor accel IPSec code
Aviad Yehezkel [Thu, 18 Jan 2018 11:05:48 +0000 (13:05 +0200)]
net/mlx5: Refactor accel IPSec code

The current code has one layer that executed FPGA commands and
the Ethernet part directly used this code. Since downstream patches
introduces support for IPSec in mlx5_ib, we need to provide some
abstractions. This patch refactors the accel code into one layer
that creates a software IPSec transformation and another one which
creates the actual hardware context.
The internal command implementation is now hidden in the FPGA
core layer. The code also adds the ability to share FPGA hardware
contexts. If two contexts are the same, only a reference count
is taken.

Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: Added required metadata capability for ipsec
Aviad Yehezkel [Wed, 17 Jan 2018 09:20:33 +0000 (11:20 +0200)]
net/mlx5: Added required metadata capability for ipsec

Currently our device requires additional metadata in packet
to perform ipsec crypto offload.

Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: Export ipsec capabilities
Aviad Yehezkel [Mon, 29 Jan 2018 13:05:50 +0000 (15:05 +0200)]
net/mlx5: Export ipsec capabilities

We will need that for ipsec verbs.

Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: IPSec, Add command V2 support
Aviad Yehezkel [Tue, 16 Jan 2018 14:12:22 +0000 (16:12 +0200)]
net/mlx5: IPSec, Add command V2 support

This patch adds V2 command support.
New fpga devices support extended features (udp encap, esn etc...), this
features require new hardware sadb format therefore we have a new version
of commands to manipulate it.

Signed-off-by: Yossef Efraim <yossefe@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5e: IPSec, Add support for ESP trailer removal by hardware
Yossi Kuperman [Sun, 22 Oct 2017 16:45:45 +0000 (19:45 +0300)]
net/mlx5e: IPSec, Add support for ESP trailer removal by hardware

Current hardware decrypts and authenticates incoming ESP packets.
Subsequently, the software extracts the nexthdr field, truncates the
trailer and adjusts csum accordingly.

With this patch and a capable device, the trailer is being removed
by the hardware and the nexthdr field is conveyed via PET. This way
we avoid both the need to access the trailer (cache miss) and to
compute its relative checksum, which significantly improve
the performance.

Experiment shows that trailer removal improves the performance by
2Gbps, (netperf). Both forwarding and host-to-host configurations.

Signed-off-by: Yossi Kuperman <yossiku@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: IPSec, Generalize sandbox QP commands
Yossi Kuperman [Sun, 22 Oct 2017 16:43:58 +0000 (19:43 +0300)]
net/mlx5: IPSec, Generalize sandbox QP commands

The current code assume only SA QP commands.
Refactor in order to pave the way for new QP commands:
1. Generic cmd response format.
2. SA cmd checks are in dedicated functions.
3. Aligned debug prints.

Signed-off-by: Yossi Kuperman <yossiku@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
6 years agonet/mlx5: Use MLX5_IPSEC_DEV macro for ipsec caps
Saeed Mahameed [Wed, 7 Mar 2018 23:44:48 +0000 (15:44 -0800)]
net/mlx5: Use MLX5_IPSEC_DEV macro for ipsec caps

Fix build break of mlx5_accel_ipsec_device_caps is not defined when
MLX5_ACCEL is not selected, use MLX5_IPSEC_DEV instead which handles
such case.

Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Reported-by: Doug Ledford <dledford@redhat.com>
6 years agoip6mr: remove synchronize_rcu() in favor of SOCK_RCU_FREE
Eric Dumazet [Wed, 7 Mar 2018 16:43:19 +0000 (08:43 -0800)]
ip6mr: remove synchronize_rcu() in favor of SOCK_RCU_FREE

Kirill found that recently added synchronize_rcu() call in
ip6mr_sk_done()
was slowing down netns dismantle and posted a patch to use it only if
the socket
was found.

I instead suggested to get rid of this call, and use instead
SOCK_RCU_FREE

We might later change IPv4 side to use the same technique and unify
both stacks. IPv4 does not use synchronize_rcu() but has a call_rcu()
that could be replaced by SOCK_RCU_FREE.

Tested:
 time for i in {1..1000}; do unshare -n /bin/false;done

 Before : real 7m18.911s
 After : real 10.187s

Fixes: 8571ab479a6e ("ip6mr: Make mroute_sk rcu-based")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Cc: Yuval Mintz <yuvalm@mellanox.com>
Reviewed-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'RDS-zerocopy-code-enhancements'
David S. Miller [Wed, 7 Mar 2018 23:05:57 +0000 (18:05 -0500)]
Merge branch 'RDS-zerocopy-code-enhancements'

Sowmini Varadhan says:

====================
RDS: zerocopy code enhancements

A couple of enhancements to the rds zerocop code
- patch 1 refactors rds_message_copy_from_user to pull the zcopy logic
  into its own function
- patch 2 drops the usage sk_buff to track MSG_ZEROCOPY cookies and
  uses a simple linked list (enhancement suggested by willemb during
  code review)
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agords: use list structure to track information for zerocopy completion notification
Sowmini Varadhan [Tue, 6 Mar 2018 15:22:34 +0000 (07:22 -0800)]
rds: use list structure to track information for zerocopy completion notification

Commit 401910db4cd4 ("rds: deliver zerocopy completion notification
with data") removes support fo r zerocopy completion notification
on the sk_error_queue, thus we no longer need to track the cookie
information in sk_buff structures.

This commit removes the struct sk_buff_head rs_zcookie_queue by
a simpler list that results in a smaller memory footprint as well
as more efficient memory_allocation time.

Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Acked-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agords: refactor zcopy code into rds_message_zcopy_from_user
Sowmini Varadhan [Tue, 6 Mar 2018 15:22:33 +0000 (07:22 -0800)]
rds: refactor zcopy code into rds_message_zcopy_from_user

Move the large block of code predicated on zcopy from
rds_message_copy_from_user into a new function,
rds_message_zcopy_from_user()

Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Acked-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agocxgb3: remove VLA usage
Gustavo A. R. Silva [Wed, 7 Mar 2018 18:03:33 +0000 (12:03 -0600)]
cxgb3: remove VLA usage

Remove VLA usage and change the 'len' argument to a u8 and use a 256
byte buffer on the stack. Notice that these lengths are limited by the
encoding field in the VPD structure, which is a u8 [1].

[1] https://marc.info/?l=linux-netdev&m=152044354814024&w=2

Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agosock: Fix SO_ZEROCOPY switch case
Jesus Sanchez-Palencia [Wed, 7 Mar 2018 17:40:57 +0000 (09:40 -0800)]
sock: Fix SO_ZEROCOPY switch case

Fix the SO_ZEROCOPY switch case on sock_setsockopt() avoiding the
ret values to be overwritten by the one set on the default case.

Fixes: 28190752c7092 ("sock: permit SO_ZEROCOPY on PF_RDS socket")
Signed-off-by: Jesus Sanchez-Palencia <jesus.sanchez-palencia@intel.com>
Acked-by: Willem de Bruijn <willemb@google.com>
Acked-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'mvpp2-ucast-filter'
David S. Miller [Wed, 7 Mar 2018 20:53:39 +0000 (15:53 -0500)]
Merge branch 'mvpp2-ucast-filter'

Maxime Chevallier says:

====================
net: mvpp2: Add Unicast filtering capabilities

This series adds unicast filtering support to the Marvell PPv2 controller.

This is implemented using the header parser cababilities of the PPv2,
which allows for generic packet filtering based on matching patterns in
the packet headers.

PPv2 controller only has 256 of these entries, and we need to share them
with other features, such as VLAN filtering.

For each interface, we have 5 entries dedicated to unicast filtering (the
controller's own address, and 4 other), and 21 to multicast filtering.

When this number is reached, the controller switches to unicast or
multicast promiscuous mode.

The first patch reworks the function that adds and removes addresses to the
filter. This is preparatory work to ease UC filter implementation.

The second patch adds the UC filtering feature.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: mvpp2: Add support for unicast filtering
Maxime Chevallier [Wed, 7 Mar 2018 14:18:04 +0000 (15:18 +0100)]
net: mvpp2: Add support for unicast filtering

Marvell PPv2 controller can be used to implement packet filtering based
on the destination MAC address. This is already used to implement
multicast filtering. This patch adds support for Unicast filtering.

Filtering is based on so-called "TCAM entries" to implement filtering.
Due to their limited number and the fact that these are also used for
other purposes, we reserve 80 entries for both unicast and multicast
filters. On top of the broadcast address, and each interface's own MAC
address, we reserve 25 entries per port, 4 for unicast filters, 21 for
multicast.

Whenever unicast or multicast range for one port is full, the filtering
is disabled and port goes into promiscuous mode for the given type of
addresses.

Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: mvpp2: Simplify MAC filtering function parameters
Maxime Chevallier [Wed, 7 Mar 2018 14:18:03 +0000 (15:18 +0100)]
net: mvpp2: Simplify MAC filtering function parameters

The mvpp2_prs_mac_da_accept function takes into parameter both the
struct representing the controller and the port id. This is meaningful
when we want to create TCAM entries for non-initialized ports, but in
this case we expect the port to be initialized before starting adding or
removing MAC addresses to the per-port filter.

This commit changes the function so that it takes struct mvpp2_port as
a parameter instead.

Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoselftests: forwarding: fix flags passed to first drop rule in gact_drop_and_ok_test
Jiri Pirko [Wed, 7 Mar 2018 12:58:00 +0000 (13:58 +0100)]
selftests: forwarding: fix flags passed to first drop rule in gact_drop_and_ok_test

Fix copy&paste error and pass proper flags.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoselftests: forwarding: fix "ok" action test
Jiri Pirko [Wed, 7 Mar 2018 12:57:59 +0000 (13:57 +0100)]
selftests: forwarding: fix "ok" action test

Fix the "ok" action test so it checks that packet that is okayed does not
continue to be processed by other rules. Fix error message as well.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Reviewed-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: cdc_eem: clean up bind error path
Johan Hovold [Wed, 7 Mar 2018 09:46:58 +0000 (10:46 +0100)]
net: cdc_eem: clean up bind error path

Drop bogus call to usb_driver_release_interface() from an error path in
the usbnet bind() callback, which is called during interface probe. At
this point the interface is not bound and usb_driver_release_interface()
returns early.

Also remove the bogus call to clear the interface data, which is owned
by the usbnet driver and would not even have been set by the time bind()
is called.

Signed-off-by: Johan Hovold <johan@kernel.org>
Acked-by: Oliver Neukum <oneukum@suse.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: kalmia: clean up bind error path
Johan Hovold [Wed, 7 Mar 2018 09:46:57 +0000 (10:46 +0100)]
net: kalmia: clean up bind error path

Drop bogus call to usb_driver_release_interface() from an error path in
the usbnet bind() callback, which is called during interface probe. At
this point the interface is not bound and usb_driver_release_interface()
returns early.

Also remove the bogus call to clear the interface data, which is owned
by the usbnet driver and would not even have been set by the time bind()
is called.

Signed-off-by: Johan Hovold <johan@kernel.org>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge tag 'mlx5-updates-2018-02-28-1' of git://git.kernel.org/pub/scm/linux/kernel...
David S. Miller [Wed, 7 Mar 2018 20:28:13 +0000 (15:28 -0500)]
Merge tag 'mlx5-updates-2018-02-28-1' of git://git./linux/kernel/git/mellanox/linux

Saeed Mahameed says:

====================
mlx5-updates-2018-02-28-1 (IPSec-1)

This series consists of some fixes and refactors for the mlx5 drivers,
especially around the FPGA and flow steering. Most of them are trivial
fixes and are the foundation of allowing IPSec acceleration from user-space.

We use flow steering abstraction in order to accelerate IPSec packets.
When a user creates a steering rule, [s]he states that we'll carry an
encrypt/decrypt flow action (using a specific configuration) for every
packet which conforms to a certain match. Since currently offloading these
packets is done via FPGA, we'll add another set of flow steering ops.
These ops will execute the required FPGA commands and then call the
standard steering ops.

In order to achieve this, we need that the commands will get all the
required information. Therefore, we pass the fte object and embed the
flow_action struct inside the fte. In addition, we add the shim layer
that will later be used for alternating between the standard and the
FPGA steering commands.

Some fixes, like " net/mlx5e: Wait for FPGA command responses with a timeout"
are very relevant for user-space applications, as these applications could
be killed, but we still want to wait for the FPGA and update the kernel's
database.

Regards,
Aviad and Matan
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoselftests: net: Introduce first PMTU test
Stefano Brivio [Tue, 6 Mar 2018 21:16:27 +0000 (22:16 +0100)]
selftests: net: Introduce first PMTU test

One single test implemented so far: test_pmtu_vti6_exception
checks that the PMTU of a route exception, caused by a tunnel
exceeding the link layer MTU, is affected by administrative
changes of the tunnel MTU. Creation of the route exception is
checked too.

Requested-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Acked-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet/mlx4_en: try to use high order pages for RX rings
Eric Dumazet [Tue, 6 Mar 2018 19:12:53 +0000 (11:12 -0800)]
net/mlx4_en: try to use high order pages for RX rings

RX rings can fit most of the time in a contiguous piece of memory,
so lets use kvzalloc_node/kvfree instead of vzalloc_node/vfree

Note that kvzalloc_node() automatically falls back to another node,
there is no need to do the fallback ourselves.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Tariq Toukan <tariqt@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoenic: fix boolreturn.cocci warnings
Fengguang Wu [Tue, 6 Mar 2018 18:23:23 +0000 (02:23 +0800)]
enic: fix boolreturn.cocci warnings

drivers/net/ethernet/cisco/enic/vnic_dev.c:1294:9-10: WARNING: return of 0/1 in function 'vnic_dev_capable_udp_rss' with return type bool

 Return statements in functions returning bool should use
 true/false instead of 1/0.
Generated by: scripts/coccinelle/misc/boolreturn.cocci

Fixes: 48398b6e7065 ("enic: set UDP rss flag")
CC: Govindarajulu Varadarajan <gvaradar@cisco.com>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: dsa: mv88e6xxx: fix boolreturn.cocci warnings
Fengguang Wu [Tue, 6 Mar 2018 15:54:07 +0000 (23:54 +0800)]
net: dsa: mv88e6xxx: fix boolreturn.cocci warnings

drivers/net/dsa/mv88e6xxx/serdes.c:66:9-10: WARNING: return of 0/1 in function 'mv88e6352_port_has_serdes' with return type bool

 Return statements in functions returning bool should use
 true/false instead of 1/0.
Generated by: scripts/coccinelle/misc/boolreturn.cocci

Fixes: eb755c3f6b7d ("net: dsa: mv88e6xxx: Add helper to determining if port has SERDES")
CC: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: phy: mdio-mux: slience probe defer error
Jerome Brunet [Tue, 6 Mar 2018 11:10:45 +0000 (12:10 +0100)]
net: phy: mdio-mux: slience probe defer error

If we fail to register the mdio bus due to probe defer, we should not
print an error message. Just be silent in this case.

Signed-off-by: Jerome Brunet <jbrunet@baylibre.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: unpollute priv_flags space
Paolo Abeni [Tue, 6 Mar 2018 09:56:31 +0000 (10:56 +0100)]
net: unpollute priv_flags space

the ipvlan device driver defines and uses 2 bits inside the priv_flags
net_device field. Such bits and the related helper are used only
inside the ipvlan device driver, and the core networking does not
need to be aware of them.

This change moves netif_is_ipvlan* helper in the ipvlan driver and
re-implement them looking for ipvlan specific symbols instead of
using priv_flags.

Overall this frees two bits inside priv_flags - and move the following
ones to avoid gaps - without any intended functional change.

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'net-phy-remove-phy_error-from-phy_disable_interrupts'
David S. Miller [Wed, 7 Mar 2018 17:30:20 +0000 (12:30 -0500)]
Merge branch 'net-phy-remove-phy_error-from-phy_disable_interrupts'

Heiner Kallweit says:

====================
net: phy: remove phy_error from phy_disable_interrupts

All callers of phy_disable_interrupts() call phy_error() in the error
case. Therefore we don't need to do this within the function too.
This change also allows us to use phy_disable_interrupts() in code
holding phydev->lock (because phy_error() takes this lock).
Make use of this in phy_stop().

v2:
- splitted into two separate patches
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: phy: use phy_disable_interrupts in phy_stop
Heiner Kallweit [Mon, 5 Mar 2018 21:34:46 +0000 (22:34 +0100)]
net: phy: use phy_disable_interrupts in phy_stop

Now that phy_disable_interrupts() can't take lock phydev->lock any longer,
we can use it to simplify phy_stop().

Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: phy: remove phy_error from phy_disable_interrupts
Heiner Kallweit [Mon, 5 Mar 2018 21:34:27 +0000 (22:34 +0100)]
net: phy: remove phy_error from phy_disable_interrupts

All callers of phy_disable_interrupts() call phy_error() in the error
case. Therefore we don't need to do this within the function too.
This change also allows us to use phy_disable_interrupts() in code
holding phydev->lock (because phy_error() can take this lock).

Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoselftests/net: fix in_netns.sh script
Prashant Bhole [Tue, 6 Mar 2018 08:31:32 +0000 (17:31 +0900)]
selftests/net: fix in_netns.sh script

execute the subprocess in netns using 'ip netns exec'

Fixes: cc30c93fa020 ("selftests/net: ignore background traffic in psock_fanout")
Signed-off-by: Prashant Bhole <bhole_prashant_q7@lab.ntt.co.jp>
Acked-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agonet: mvpp2: mvpp2_check_hw_buf_num() can be static
kbuild test robot [Tue, 6 Mar 2018 05:05:06 +0000 (13:05 +0800)]
net: mvpp2: mvpp2_check_hw_buf_num() can be static

Fixes: effbf5f58d64 ("net: mvpp2: update the BM buffer free/destroy logic")
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoipv6: ndisc: use true and false for boolean values
Gustavo A. R. Silva [Mon, 5 Mar 2018 22:11:54 +0000 (16:11 -0600)]
ipv6: ndisc: use true and false for boolean values

Assign true or false to boolean variables instead of an integer value.

This issue was detected with the help of Coccinelle.

Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agodt-bindings: net: dsa: marvell: describe compatibility string
Brandon Streiff [Mon, 5 Mar 2018 22:05:22 +0000 (16:05 -0600)]
dt-bindings: net: dsa: marvell: describe compatibility string

There are two compatibility strings for mv88e6xxx, but it isn't clear
from the documentation why only those two exist when the mv88e6xxx driver
supports more than the 6085 and 6190. Briefly describe how the compatible
property is used, and provide guidance on which to use.

The model list comes from looking at port_base_addr values (0x0 vs 0x10)
in drivers/net/dsa/mv88e6xxx/chip.c.

Signed-off-by: Brandon Streiff <brandon.streiff@ni.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agotipc: bcast: use true and false for boolean values
Gustavo A. R. Silva [Mon, 5 Mar 2018 21:56:14 +0000 (15:56 -0600)]
tipc: bcast: use true and false for boolean values

Assign true or false to boolean variables instead of an integer value.

This issue was detected with the help of Coccinelle.

Signed-off-by: Gustavo A. R. Silva <garsilva@embeddedor.com>
Acked-by: Ying Xue <ying.xue@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch '1GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next...
David S. Miller [Wed, 7 Mar 2018 17:05:56 +0000 (12:05 -0500)]
Merge branch '1GbE' of git://git./linux/kernel/git/jkirsher/next-queue

Jeff Kirsher says:

====================
1GbE Intel Wired LAN Driver Updates 2018-03-05

This series contains updates to igb only.

Corinna Vinschen adds the support for trusted VFs into the igb driver.

Mika fixes an issue where PCIe device is physically unplugged can cause
a kernel crash.  This issue is that netif_device_detach() is called in
these cases, which prevents netif_unregister() from bringing the device
down properly.

Christophe JAILLET fixes an issue with igb where HWTSTAMP_TX_ON was
being handled like a bit mask and not a value.

v2: dropped the e1000e fix from the series since I will be pushing it
    through David Miller's net tree.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'lan743x-driver'
David S. Miller [Wed, 7 Mar 2018 16:44:43 +0000 (11:44 -0500)]
Merge branch 'lan743x-driver'

Bryan Whitehead says:

====================
lan743x: Add new lan743x driver

Add new lan743x driver.

The lan743x from Microchip Technologies Inc,
is a PCIe to Gigabit Ethernet Controller.

Updates for V4:
Patch 1/2 - Applied community suggestions
convert to using module_pci_driver

Updates for V3:
Patch 1/2 - Applied community suggestions
removed initialization tracking flags.
converted to 64 bit statistics.
converted tx clean up tasklet to napi.

Updates for V2:
Patch 1/2 - Applied community suggestions
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agolan743x: Update MAINTAINERS to include lan743x driver
Bryan Whitehead [Mon, 5 Mar 2018 19:23:31 +0000 (14:23 -0500)]
lan743x: Update MAINTAINERS to include lan743x driver

Update MAINTAINERS to include lan743x driver

Signed-off-by: Bryan Whitehead <Bryan.Whitehead@microchip.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agolan743x: Add main source files for new lan743x driver
Bryan Whitehead [Mon, 5 Mar 2018 19:23:30 +0000 (14:23 -0500)]
lan743x: Add main source files for new lan743x driver

Add main source files for new lan743x driver

Signed-off-by: Bryan Whitehead <Bryan.Whitehead@microchip.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agoMerge branch 'sctp-add-support-for-some-msg_control-options-from-RFC6458'
David S. Miller [Wed, 7 Mar 2018 15:55:30 +0000 (10:55 -0500)]
Merge branch 'sctp-add-support-for-some-msg_control-options-from-RFC6458'

Xin Long says:

====================
sctp: add support for some msg_control options from RFC6458

This patchset is to add support for 3 msg_control options described
in RFC6458:

    5.3.7.  SCTP PR-SCTP Information Structure (SCTP_PRINFO)
    5.3.9.  SCTP Destination IPv4 Address Structure (SCTP_DSTADDRV4)
    5.3.10. SCTP Destination IPv6 Address Structure (SCTP_DSTADDRV6)

one send flag described in RFC6458:

    SCTP_SENDALL:  This flag, if set, will cause a one-to-many
    style socket to send the message to all associations that
    are currently established on this socket.  For the one-to-
    one style socket, this flag has no effect.

Note there is another msg_control option:

    5.3.8.  SCTP AUTH Information Structure (SCTP_AUTHINFO)

It's a little complicated, I will post it in another patchset after
this.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agosctp: add support for snd flag SCTP_SENDALL process in sendmsg
Xin Long [Mon, 5 Mar 2018 12:44:20 +0000 (20:44 +0800)]
sctp: add support for snd flag SCTP_SENDALL process in sendmsg

This patch is to add support for snd flag SCTP_SENDALL process
in sendmsg, as described in section 5.3.4 of RFC6458.

With this flag, you can send the same data to all the asocs of
this sk once.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
6 years agosctp: add support for SCTP_DSTADDRV4/6 Information for sendmsg
Xin Long [Mon, 5 Mar 2018 12:44:19 +0000 (20:44 +0800)]
sctp: add support for SCTP_DSTADDRV4/6 Information for sendmsg

This patch is to add support for Destination IPv4/6 Address options
for sendmsg, as described in section 5.3.9/10 of RFC6458.

With this option, you can provide more than one destination addrs
to sendmsg when creating asoc, like sctp_connectx.

It's also a necessary send info for sctp_sendv.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>