* [PATCH iproute2 master 3/4] pedit: Check for extended capability in protocol parser
From: Amir Vadai @ 2017-05-14 8:17 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, Or Gerlitz, Amir Vadai
In-Reply-To: <20170514081746.9010-1-amir@vadai.me>
Do not allow using eth and udp header types if non-extended pedit kABI
is being used. Other protocol parsers already have this check.
Signed-off-by: Amir Vadai <amir@vadai.me>
---
tc/p_eth.c | 3 +++
tc/p_udp.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/tc/p_eth.c b/tc/p_eth.c
index ad3e28f80eb6..2d2f96ca2f0f 100644
--- a/tc/p_eth.c
+++ b/tc/p_eth.c
@@ -34,6 +34,9 @@ parse_eth(int *argc_p, char ***argv_p,
if (argc < 2)
return -1;
+ if (!sel->extended)
+ return -1;
+
tkey->htype = TCA_PEDIT_KEY_EX_HDR_TYPE_ETH;
if (strcmp(*argv, "type") == 0) {
diff --git a/tc/p_udp.c b/tc/p_udp.c
index a56a1b519254..3916d9586040 100644
--- a/tc/p_udp.c
+++ b/tc/p_udp.c
@@ -34,6 +34,9 @@ parse_udp(int *argc_p, char ***argv_p,
if (argc < 2)
return -1;
+ if (!sel->extended)
+ return -1;
+
tkey->htype = TCA_PEDIT_KEY_EX_HDR_TYPE_UDP;
if (strcmp(*argv, "sport") == 0) {
--
2.12.2
^ permalink raw reply related
* [PATCH iproute2 master 4/4] pedit: Introduce ipv6 support
From: Amir Vadai @ 2017-05-14 8:17 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, Or Gerlitz, Amir Vadai
In-Reply-To: <20170514081746.9010-1-amir@vadai.me>
Add support for modifying IPv6 headers using pedit.
Signed-off-by: Amir Vadai <amir@vadai.me>
---
man/man8/tc-pedit.8 | 30 ++++++++++++++++++
tc/Makefile | 1 +
tc/m_pedit.c | 43 +++++++++++++++++++++++--
tc/p_ip.c | 17 +---------
tc/p_ip6.c | 91 +++++++++++++++++++++++++++++++++++++++++++++++++++++
5 files changed, 164 insertions(+), 18 deletions(-)
create mode 100644 tc/p_ip6.c
diff --git a/man/man8/tc-pedit.8 b/man/man8/tc-pedit.8
index 9c4d57b972cc..82d4217bc958 100644
--- a/man/man8/tc-pedit.8
+++ b/man/man8/tc-pedit.8
@@ -33,6 +33,8 @@ pedit - generic packet editor action
|
.BI ip " EX_IPHDR_FIELD"
|
+.BI ip6 " IP6HDR_FIELD"
+|
.BI tcp " TCPHDR_FIELD"
|
.BI udp " UDPHDR_FIELD"
@@ -55,6 +57,12 @@ pedit - generic packet editor action
.IR EX_IPHDR_FIELD " := { "
.BR ttl " }"
+
+.ti -8
+.IR IP6HDR_FIELD " := { "
+.BR src " | " dst " | " flow_lbl " | " payload_len " | " nexthdr " |"
+.BR hoplimit " }"
+
.ti -8
.IR TCPHDR_FIELD " := { "
.BR sport " | " dport " | " flags " }"
@@ -211,6 +219,25 @@ are:
.B ttl
.RE
.TP
+.BI ip6 " IP6HDR_FIELD"
+The supported keywords for
+.I IP6HDR_FIELD
+are:
+.RS
+.TP
+.B src
+.TQ
+.B dst
+.TQ
+.B flow_lbl
+.TQ
+.B payload_len
+.TQ
+.B nexthdr
+.TQ
+.B hoplimit
+.RE
+.TP
.BI tcp " TCPHDR_FIELD"
The supported keywords for
.I TCPHDR_FIELD
@@ -331,6 +358,9 @@ tc filter add dev eth0 parent ffff: u32 \\
action pedit ex munge ip dst set 192.168.1.199
tc filter add dev eth0 parent ffff: u32 \\
match ip sport 22 0xffff \\
+ action pedit ex munge ip6 dst set fe80::dacb:8aff:fec7:320e
+tc filter add dev eth0 parent ffff: u32 \\
+ match ip sport 22 0xffff \\
action pedit ex munge eth dst set 11:22:33:44:55:66
tc filter add dev eth0 parent ffff: u32 \\
match ip dport 23 0xffff \\
diff --git a/tc/Makefile b/tc/Makefile
index 446a11391ad7..9a6bb1ddea57 100644
--- a/tc/Makefile
+++ b/tc/Makefile
@@ -53,6 +53,7 @@ TCMODULES += m_bpf.o
TCMODULES += m_tunnel_key.o
TCMODULES += m_sample.o
TCMODULES += p_ip.o
+TCMODULES += p_ip6.o
TCMODULES += p_icmp.o
TCMODULES += p_eth.o
TCMODULES += p_tcp.o
diff --git a/tc/m_pedit.c b/tc/m_pedit.c
index 9b74c965932e..dfa6b2c4835e 100644
--- a/tc/m_pedit.c
+++ b/tc/m_pedit.c
@@ -257,6 +257,32 @@ static int pack_mac(struct m_pedit_sel *sel, struct m_pedit_key *tkey,
return ret;
}
+static int pack_ipv6(struct m_pedit_sel *sel, struct m_pedit_key *tkey,
+ __u32 *ipv6)
+{
+ int ret = 0;
+ int i;
+
+ if (tkey->off & 0x3) {
+ fprintf(stderr,
+ "pack_ipv6: IPv6 offsets must begin in 32bit boundaries\n");
+ return -1;
+ }
+
+ for (i = 0; i < 4; i++) {
+ tkey->mask = 0;
+ tkey->val = ntohl(ipv6[i]);
+
+ ret = pack_key32(~0, sel, tkey);
+ if (ret)
+ return ret;
+
+ tkey->off += 4;
+ }
+
+ return 0;
+}
+
int parse_val(int *argc_p, char ***argv_p, __u32 *val, int type)
{
int argc = *argc_p;
@@ -281,8 +307,16 @@ int parse_val(int *argc_p, char ***argv_p, __u32 *val, int type)
return 0;
}
- if (type == TIPV6)
- return -1; /* not implemented yet */
+ if (type == TIPV6) {
+ inet_prefix addr;
+
+ if (get_prefix_1(&addr, *argv, AF_INET6))
+ return -1;
+
+ memcpy(val, addr.data, addr.bytelen);
+
+ return 0;
+ }
if (type == TMAC) {
#define MAC_ALEN 6
@@ -364,6 +398,11 @@ int parse_cmd(int *argc_p, char ***argv_p, __u32 len, int type, __u32 retain,
goto done;
}
+ if (type == TIPV6) {
+ res = pack_ipv6(sel, tkey, val);
+ goto done;
+ }
+
tkey->val = *v;
tkey->mask = *m;
diff --git a/tc/p_ip.c b/tc/p_ip.c
index 22fe6505e427..0272a6eaaf48 100644
--- a/tc/p_ip.c
+++ b/tc/p_ip.c
@@ -1,5 +1,5 @@
/*
- * m_pedit.c packet editor: IPV4/6 header
+ * p_ip.c packet editor: IPV4 header
*
* This program is free software; you can distribute it and/or
* modify it under the terms of the GNU General Public License
@@ -156,23 +156,8 @@ done:
return res;
}
-static int
-parse_ip6(int *argc_p, char ***argv_p,
- struct m_pedit_sel *sel, struct m_pedit_key *tkey)
-{
- int res = -1;
- return res;
-}
-
struct m_pedit_util p_pedit_ip = {
NULL,
"ip",
parse_ip,
};
-
-
-struct m_pedit_util p_pedit_ip6 = {
- NULL,
- "ip6",
- parse_ip6,
-};
diff --git a/tc/p_ip6.c b/tc/p_ip6.c
new file mode 100644
index 000000000000..a4824bda90e8
--- /dev/null
+++ b/tc/p_ip6.c
@@ -0,0 +1,91 @@
+/*
+ * p_ip6.c packet editor: IPV6 header
+ *
+ * This program is free software; you can distribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version
+ * 2 of the License, or (at your option) any later version.
+ *
+ * Authors: Amir Vadai <amir@vadai.me>
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <fcntl.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <string.h>
+#include "utils.h"
+#include "tc_util.h"
+#include "m_pedit.h"
+
+static int
+parse_ip6(int *argc_p, char ***argv_p,
+ struct m_pedit_sel *sel, struct m_pedit_key *tkey)
+{
+ int res = -1;
+ int argc = *argc_p;
+ char **argv = *argv_p;
+
+ if (argc < 2)
+ return -1;
+
+ if (!sel->extended)
+ return -1;
+
+ tkey->htype = TCA_PEDIT_KEY_EX_HDR_TYPE_IP6;
+
+ if (strcmp(*argv, "src") == 0) {
+ NEXT_ARG();
+ tkey->off = 8;
+ res = parse_cmd(&argc, &argv, 16, TIPV6, RU32, sel, tkey);
+ goto done;
+ }
+ if (strcmp(*argv, "dst") == 0) {
+ NEXT_ARG();
+ tkey->off = 24;
+ res = parse_cmd(&argc, &argv, 16, TIPV6, RU32, sel, tkey);
+ goto done;
+ }
+ if (strcmp(*argv, "flow_lbl") == 0) {
+ NEXT_ARG();
+ tkey->off = 0;
+ res = parse_cmd(&argc, &argv, 4, TU32, 0x0007ffff, sel, tkey);
+ goto done;
+ }
+ if (strcmp(*argv, "payload_len") == 0) {
+ NEXT_ARG();
+ tkey->off = 4;
+ res = parse_cmd(&argc, &argv, 2, TU32, RU16, sel, tkey);
+ goto done;
+ }
+ if (strcmp(*argv, "nexthdr") == 0) {
+ NEXT_ARG();
+ tkey->off = 6;
+ res = parse_cmd(&argc, &argv, 1, TU32, RU8, sel, tkey);
+ goto done;
+ }
+ if (strcmp(*argv, "hoplimit") == 0) {
+ NEXT_ARG();
+ tkey->off = 7;
+ res = parse_cmd(&argc, &argv, 1, TU32, RU8, sel, tkey);
+ goto done;
+ }
+
+ return -1;
+
+done:
+ *argc_p = argc;
+ *argv_p = argv;
+ return res;
+}
+
+struct m_pedit_util p_pedit_ip6 = {
+ NULL,
+ "ipv6",
+ parse_ip6,
+};
--
2.12.2
^ permalink raw reply related
* Re: [net 1/6] net/mlx5e: Use a spinlock to synchronize statistics
From: Saeed Mahameed @ 2017-05-14 8:52 UTC (permalink / raw)
To: David Miller; +Cc: Saeed Mahameed, Linux Netdev List, Gal Pressman, Kernel Team
In-Reply-To: <20170512.121354.1583292892374462482.davem@davemloft.net>
On Fri, May 12, 2017 at 7:13 PM, David Miller <davem@davemloft.net> wrote:
> From: Saeed Mahameed <saeedm@mellanox.com>
> Date: Fri, 12 May 2017 14:56:45 +0300
>
>> From: Gal Pressman <galp@mellanox.com>
>>
>> Add a spinlock to prevent races when querying statistics, for example
>> querying counters in the middle of a non atomic memcpy() operation in
>> mlx5e_update_stats().
>>
>> This RW lock should be held when accessing priv->stats, to prevent other
>> reads/writes.
>>
>> Fixes: 9218b44dcc05 ("net/mlx5e: Statistics handling refactoring")
>> Signed-off-by: Gal Pressman <galp@mellanox.com>
>> Suggested-by: Eric Dumazet <eric.dumazet@gmail.com>
>> Cc: kernel-team@fb.com
>> Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
>
> This is overkill, and that rwlock is going to show up in perf for some
> workloads.
>
> Furthermore, two kzalloc()'s for a single state update operation?
> That's not reasonable either.
>
Hi Dave,
Well, the idea of the patch is to minimize the stats update to a
single safe copy operation under stats_lock
for that we need a temp buffer to store stats FW commands output, and
then safely -under stats_lock- copy it to
the buffer ethtool is going to report.
I agree, it is really ridiculous that we allocate/free a couple of
buffers on each update_stats operations, regardless of this patch.
Is it ok if we use a temp buffer under netdev_priv for such usages or
even use kmemcache ?
> Use a seqlock, which is the primitive for handling this kind of
> situation cheaply, and adds no atomics to the read path.
>
Will change this. Thanks for the tip.
I will drop this patch for now and I will resend it later once Gal
addresses all of the above comments.
Thanks,
Saeed.
^ permalink raw reply
* Re: [PATCH v2 net-next 3/5] dsa: add DSA switch driver for Microchip KSZ9477
From: Sergei Shtylyov @ 2017-05-14 9:13 UTC (permalink / raw)
To: Andrew Lunn, Woojung.Huh
Cc: f.fainelli, vivien.didelot, netdev, davem, UNGLinuxDriver
In-Reply-To: <20170513145609.GD14058@lunn.ch>
Hello!
On 5/13/2017 5:56 PM, Andrew Lunn wrote:
[...]
>> +static int ksz_reset_switch(struct dsa_switch *ds)
>> +{
>> + struct ksz_device *dev = ds->priv;
>> + u8 data8;
>> + u16 data16;
>> + u32 data32;
>> +
>
> ...
>
>> +
>> + memset(dev->vlan_cache, 0, sizeof(*dev->vlan_cache) * dev->num_vlans);
>> +
>> + return 0;
>> +}
>
>> +static int ksz_setup(struct dsa_switch *ds)
>> +{
>> + struct ksz_device *dev = ds->priv;
>> + int ret = 0;
>> +
>> + dev->vlan_cache = devm_kmalloc_array(dev->dev,
>> + sizeof(struct vlan_table),
>> + dev->num_vlans, GFP_KERNEL);
>
> You should check, but i think devm_kmalloc_array sets the allocated
> memory to 0.
No. Else there would be no need for it, since kcalloc() is a function that
allocates the arrays and zeroes them.
> So i don't think you need the memset. If it is needed, i
> would move it here, after the check the allocation is successful.
If it could be done here, kcalloc() should be used.
[...]
MBR, Sergei
^ permalink raw reply
* [PATCH net v2] qed: Fix uninitialized data in aRFS infrastructure
From: Yuval Mintz @ 2017-05-14 9:21 UTC (permalink / raw)
To: arnd, davem, netdev; +Cc: Yuval Mintz
Current memset is using incorrect type of variable, causing the
upper-half of the strucutre to be left uninitialized and causing:
ethernet/qlogic/qed/qed_init_fw_funcs.c: In function 'qed_set_rfs_mode_disable':
ethernet/qlogic/qed/qed_init_fw_funcs.c:993:3: error: '*((void *)&ramline+4)' is used uninitialized in this function [-Werror=uninitialized]
Fixes: d51e4af5c209 ("qed: aRFS infrastructure support")
Reported-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Yuval Mintz <Yuval.Mintz@cavium.com>
---
Hi Arnd,
I don't see the original warning you've reported [probably due to
compiler differences], so other than via code reading I couldn't
actually test this. Can you please compile-test this one?
As mentioned in the original thread, I'll send the style-change
later to net-next.
Dave - please consider applying this to `net'.
Thanks,
Yuval
---
drivers/net/ethernet/qlogic/qed/qed_init_fw_funcs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/qlogic/qed/qed_init_fw_funcs.c b/drivers/net/ethernet/qlogic/qed/qed_init_fw_funcs.c
index 67200c5..0a8fde6 100644
--- a/drivers/net/ethernet/qlogic/qed/qed_init_fw_funcs.c
+++ b/drivers/net/ethernet/qlogic/qed/qed_init_fw_funcs.c
@@ -983,7 +983,7 @@ void qed_set_rfs_mode_disable(struct qed_hwfn *p_hwfn,
memset(&camline, 0, sizeof(union gft_cam_line_union));
qed_wr(p_hwfn, p_ptt, PRS_REG_GFT_CAM + CAM_LINE_SIZE * pf_id,
camline.cam_line_mapped.camline);
- memset(&ramline, 0, sizeof(union gft_cam_line_union));
+ memset(&ramline, 0, sizeof(ramline));
for (i = 0; i < RAM_LINE_SIZE / REG_SIZE; i++) {
u32 hw_addr = PRS_REG_GFT_PROFILE_MASK_RAM;
--
1.9.3
^ permalink raw reply related
* [pull request][net V2 0/5] Mellanox, mlx5 fixes 2017-05-12
From: Saeed Mahameed @ 2017-05-14 10:43 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Saeed Mahameed
Hi Dave,
This series contains some mlx5 fixes for net.
Please pull and let me know if there's any problem.
For -stable:
("net/mlx5e: Fix ethtool pause support and advertise reporting") kernels >= 4.8
("net/mlx5e: Use the correct pause values for ethtool advertising") kernels >= 4.8
v1->v2:
Dropped statistics spinlock patch, it needs some extra work.
Thanks,
Saeed.
The following changes since commit 1c4d5f51a812a82de97beee24f48ed05c65ebda5:
vmxnet3: ensure that adapter is in proper state during force_close (2017-05-12 12:23:52 -0400)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux.git tags/mlx5-fixes-2017-05-12-V2
for you to fetch changes up to 508541146af18e43072e41a31aa62fac2b01aac1:
net/mlx5: Use underlay QPN from the root name space (2017-05-14 13:33:45 +0300)
----------------------------------------------------------------
mlx5-fixes-2017-05-12
Misc fixes for mlx5 driver
----------------------------------------------------------------
Gal Pressman (2):
net/mlx5e: Use the correct pause values for ethtool advertising
net/mlx5e: Fix ethtool pause support and advertise reporting
Saeed Mahameed (2):
net/mlx5e: Fix setup TC ndo
net/mlx5e: IPoIB, Only support regular RQ for now
Yishai Hadas (1):
net/mlx5: Use underlay QPN from the root name space
drivers/net/ethernet/mellanox/mlx5/core/en.h | 2 +-
.../net/ethernet/mellanox/mlx5/core/en_ethtool.c | 9 +++++---
drivers/net/ethernet/mellanox/mlx5/core/en_fs.c | 5 ++---
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c | 9 +++-----
drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.h | 3 ++-
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 25 ++++++++++++++++++----
drivers/net/ethernet/mellanox/mlx5/core/fs_core.h | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/ipoib.c | 11 ++++++++--
include/linux/mlx5/fs.h | 4 +++-
10 files changed, 49 insertions(+), 23 deletions(-)
^ permalink raw reply
* [net V2 1/5] net/mlx5e: Use the correct pause values for ethtool advertising
From: Saeed Mahameed @ 2017-05-14 10:43 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Gal Pressman, kernel-team, Saeed Mahameed
In-Reply-To: <20170514104311.2081-1-saeedm@mellanox.com>
From: Gal Pressman <galp@mellanox.com>
Query the operational pause from firmware (PFCC register) instead of
always passing zeros.
Fixes: 665bc53969d7 ("net/mlx5e: Use new ethtool get/set link ksettings API")
Signed-off-by: Gal Pressman <galp@mellanox.com>
Cc: kernel-team@fb.com
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
---
drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c b/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c
index ce7b09d72ff6..d60e681b443e 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c
@@ -849,6 +849,8 @@ static int mlx5e_get_link_ksettings(struct net_device *netdev,
struct mlx5e_priv *priv = netdev_priv(netdev);
struct mlx5_core_dev *mdev = priv->mdev;
u32 out[MLX5_ST_SZ_DW(ptys_reg)] = {0};
+ u32 rx_pause = 0;
+ u32 tx_pause = 0;
u32 eth_proto_cap;
u32 eth_proto_admin;
u32 eth_proto_lp;
@@ -871,11 +873,13 @@ static int mlx5e_get_link_ksettings(struct net_device *netdev,
an_disable_admin = MLX5_GET(ptys_reg, out, an_disable_admin);
an_status = MLX5_GET(ptys_reg, out, an_status);
+ mlx5_query_port_pause(mdev, &rx_pause, &tx_pause);
+
ethtool_link_ksettings_zero_link_mode(link_ksettings, supported);
ethtool_link_ksettings_zero_link_mode(link_ksettings, advertising);
get_supported(eth_proto_cap, link_ksettings);
- get_advertising(eth_proto_admin, 0, 0, link_ksettings);
+ get_advertising(eth_proto_admin, tx_pause, rx_pause, link_ksettings);
get_speed_duplex(netdev, eth_proto_oper, link_ksettings);
eth_proto_oper = eth_proto_oper ? eth_proto_oper : eth_proto_cap;
--
2.11.0
^ permalink raw reply related
* [net V2 2/5] net/mlx5e: Fix ethtool pause support and advertise reporting
From: Saeed Mahameed @ 2017-05-14 10:43 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Gal Pressman, kernel-team, Saeed Mahameed
In-Reply-To: <20170514104311.2081-1-saeedm@mellanox.com>
From: Gal Pressman <galp@mellanox.com>
Pause bit should set when RX pause is on, not TX pause.
Also, setting Asym_Pause is incorrect, and should be turned off.
Fixes: 665bc53969d7 ("net/mlx5e: Use new ethtool get/set link ksettings API")
Signed-off-by: Gal Pressman <galp@mellanox.com>
Cc: kernel-team@fb.com
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
---
drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c b/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c
index d60e681b443e..8209affa75c3 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_ethtool.c
@@ -794,7 +794,6 @@ static void get_supported(u32 eth_proto_cap,
ptys2ethtool_supported_port(link_ksettings, eth_proto_cap);
ptys2ethtool_supported_link(supported, eth_proto_cap);
ethtool_link_ksettings_add_link_mode(link_ksettings, supported, Pause);
- ethtool_link_ksettings_add_link_mode(link_ksettings, supported, Asym_Pause);
}
static void get_advertising(u32 eth_proto_cap, u8 tx_pause,
@@ -804,7 +803,7 @@ static void get_advertising(u32 eth_proto_cap, u8 tx_pause,
unsigned long *advertising = link_ksettings->link_modes.advertising;
ptys2ethtool_adver_link(advertising, eth_proto_cap);
- if (tx_pause)
+ if (rx_pause)
ethtool_link_ksettings_add_link_mode(link_ksettings, advertising, Pause);
if (tx_pause ^ rx_pause)
ethtool_link_ksettings_add_link_mode(link_ksettings, advertising, Asym_Pause);
--
2.11.0
^ permalink raw reply related
* [net V2 4/5] net/mlx5e: IPoIB, Only support regular RQ for now
From: Saeed Mahameed @ 2017-05-14 10:43 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Saeed Mahameed
In-Reply-To: <20170514104311.2081-1-saeedm@mellanox.com>
IPoIB doesn't support striding RQ at the moment, for this
we need to explicitly choose non striding RQ in IPoIB init,
even if the HW supports it.
Fixes: 8f493ffd88ea ("net/mlx5e: IPoIB, RX steering RSS RQTs and TIRs")
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
---
drivers/net/ethernet/mellanox/mlx5/core/ipoib.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c b/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c
index 019c230da498..56bff3540954 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c
@@ -66,6 +66,10 @@ static void mlx5i_init(struct mlx5_core_dev *mdev,
mlx5e_build_nic_params(mdev, &priv->channels.params, profile->max_nch(mdev));
+ /* Override RQ params as IPoIB supports only LINKED LIST RQ for now */
+ mlx5e_set_rq_type_params(mdev, &priv->channels.params, MLX5_WQ_TYPE_LINKED_LIST);
+ priv->channels.params.lro_en = false;
+
mutex_init(&priv->state_lock);
netdev->hw_features |= NETIF_F_SG;
--
2.11.0
^ permalink raw reply related
* [net V2 3/5] net/mlx5e: Fix setup TC ndo
From: Saeed Mahameed @ 2017-05-14 10:43 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, Saeed Mahameed
In-Reply-To: <20170514104311.2081-1-saeedm@mellanox.com>
Fail-safe support patches introduced a trivial bug,
setup tc callback is doing a wrong check of the netdevice state,
the fix is simply to invert the condition.
Fixes: 6f9485af4020 ("net/mlx5e: Fail safe tc setup")
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
---
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
index a61b71b6fff3..41cd22a223dc 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_main.c
@@ -2976,7 +2976,7 @@ static int mlx5e_setup_tc(struct net_device *netdev, u8 tc)
new_channels.params = priv->channels.params;
new_channels.params.num_tc = tc ? tc : 1;
- if (test_bit(MLX5E_STATE_OPENED, &priv->state)) {
+ if (!test_bit(MLX5E_STATE_OPENED, &priv->state)) {
priv->channels.params = new_channels.params;
goto out;
}
--
2.11.0
^ permalink raw reply related
* [net V2 5/5] net/mlx5: Use underlay QPN from the root name space
From: Saeed Mahameed @ 2017-05-14 10:43 UTC (permalink / raw)
To: David S. Miller
Cc: netdev, Yishai Hadas, Erez Shitrit, Maor Gottlieb, Saeed Mahameed
In-Reply-To: <20170514104311.2081-1-saeedm@mellanox.com>
From: Yishai Hadas <yishaih@mellanox.com>
Root flow table is dynamically changed by the underlying flow steering
layer, and IPoIB/ULPs have no idea what will be the root flow table in
the future, hence we need a dynamic infrastructure to move Underlay QPs
with the root flow table.
Fixes: b3ba51498bdd ("net/mlx5: Refactor create flow table method to accept underlay QP")
Signed-off-by: Erez Shitrit <erezsh@mellanox.com>
Signed-off-by: Maor Gottlieb <maorg@mellanox.com>
Signed-off-by: Yishai Hadas <yishaih@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
---
drivers/net/ethernet/mellanox/mlx5/core/en.h | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/en_fs.c | 5 ++---
drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c | 9 +++-----
drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.h | 3 ++-
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 25 +++++++++++++++++++----
drivers/net/ethernet/mellanox/mlx5/core/fs_core.h | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/ipoib.c | 7 +++++--
include/linux/mlx5/fs.h | 4 +++-
8 files changed, 38 insertions(+), 19 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en.h b/drivers/net/ethernet/mellanox/mlx5/core/en.h
index 0099a3e397bc..2fd044b23875 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en.h
@@ -1003,7 +1003,7 @@ int mlx5e_create_direct_tirs(struct mlx5e_priv *priv);
void mlx5e_destroy_direct_tirs(struct mlx5e_priv *priv);
void mlx5e_destroy_rqt(struct mlx5e_priv *priv, struct mlx5e_rqt *rqt);
-int mlx5e_create_ttc_table(struct mlx5e_priv *priv, u32 underlay_qpn);
+int mlx5e_create_ttc_table(struct mlx5e_priv *priv);
void mlx5e_destroy_ttc_table(struct mlx5e_priv *priv);
int mlx5e_create_tis(struct mlx5_core_dev *mdev, int tc,
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_fs.c b/drivers/net/ethernet/mellanox/mlx5/core/en_fs.c
index 576d6787b484..53ed58320a24 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_fs.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_fs.c
@@ -800,7 +800,7 @@ void mlx5e_destroy_ttc_table(struct mlx5e_priv *priv)
mlx5e_destroy_flow_table(&ttc->ft);
}
-int mlx5e_create_ttc_table(struct mlx5e_priv *priv, u32 underlay_qpn)
+int mlx5e_create_ttc_table(struct mlx5e_priv *priv)
{
struct mlx5e_ttc_table *ttc = &priv->fs.ttc;
struct mlx5_flow_table_attr ft_attr = {};
@@ -810,7 +810,6 @@ int mlx5e_create_ttc_table(struct mlx5e_priv *priv, u32 underlay_qpn)
ft_attr.max_fte = MLX5E_TTC_TABLE_SIZE;
ft_attr.level = MLX5E_TTC_FT_LEVEL;
ft_attr.prio = MLX5E_NIC_PRIO;
- ft_attr.underlay_qpn = underlay_qpn;
ft->t = mlx5_create_flow_table(priv->fs.ns, &ft_attr);
if (IS_ERR(ft->t)) {
@@ -1147,7 +1146,7 @@ int mlx5e_create_flow_steering(struct mlx5e_priv *priv)
priv->netdev->hw_features &= ~NETIF_F_NTUPLE;
}
- err = mlx5e_create_ttc_table(priv, 0);
+ err = mlx5e_create_ttc_table(priv);
if (err) {
netdev_err(priv->netdev, "Failed to create ttc table, err=%d\n",
err);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c b/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c
index 19e3d2fc2099..fcec7bedd3cd 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.c
@@ -40,28 +40,25 @@
#include "eswitch.h"
int mlx5_cmd_update_root_ft(struct mlx5_core_dev *dev,
- struct mlx5_flow_table *ft)
+ struct mlx5_flow_table *ft, u32 underlay_qpn)
{
u32 in[MLX5_ST_SZ_DW(set_flow_table_root_in)] = {0};
u32 out[MLX5_ST_SZ_DW(set_flow_table_root_out)] = {0};
if ((MLX5_CAP_GEN(dev, port_type) == MLX5_CAP_PORT_TYPE_IB) &&
- ft->underlay_qpn == 0)
+ underlay_qpn == 0)
return 0;
MLX5_SET(set_flow_table_root_in, in, opcode,
MLX5_CMD_OP_SET_FLOW_TABLE_ROOT);
MLX5_SET(set_flow_table_root_in, in, table_type, ft->type);
MLX5_SET(set_flow_table_root_in, in, table_id, ft->id);
+ MLX5_SET(set_flow_table_root_in, in, underlay_qpn, underlay_qpn);
if (ft->vport) {
MLX5_SET(set_flow_table_root_in, in, vport_number, ft->vport);
MLX5_SET(set_flow_table_root_in, in, other_vport, 1);
}
- if ((MLX5_CAP_GEN(dev, port_type) == MLX5_CAP_PORT_TYPE_IB) &&
- ft->underlay_qpn != 0)
- MLX5_SET(set_flow_table_root_in, in, underlay_qpn, ft->underlay_qpn);
-
return mlx5_cmd_exec(dev, in, sizeof(in), out, sizeof(out));
}
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.h b/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.h
index 8fad80688536..0f98a7cf4877 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_cmd.h
@@ -71,7 +71,8 @@ int mlx5_cmd_delete_fte(struct mlx5_core_dev *dev,
unsigned int index);
int mlx5_cmd_update_root_ft(struct mlx5_core_dev *dev,
- struct mlx5_flow_table *ft);
+ struct mlx5_flow_table *ft,
+ u32 underlay_qpn);
int mlx5_cmd_fc_alloc(struct mlx5_core_dev *dev, u16 *id);
int mlx5_cmd_fc_free(struct mlx5_core_dev *dev, u16 id);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
index b8a176503d38..0e487e8ca634 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
@@ -650,7 +650,7 @@ static int update_root_ft_create(struct mlx5_flow_table *ft, struct fs_prio
if (ft->level >= min_level)
return 0;
- err = mlx5_cmd_update_root_ft(root->dev, ft);
+ err = mlx5_cmd_update_root_ft(root->dev, ft, root->underlay_qpn);
if (err)
mlx5_core_warn(root->dev, "Update root flow table of id=%u failed\n",
ft->id);
@@ -818,8 +818,6 @@ static struct mlx5_flow_table *__mlx5_create_flow_table(struct mlx5_flow_namespa
goto unlock_root;
}
- ft->underlay_qpn = ft_attr->underlay_qpn;
-
tree_init_node(&ft->node, 1, del_flow_table);
log_table_sz = ft->max_fte ? ilog2(ft->max_fte) : 0;
next_ft = find_next_chained_ft(fs_prio);
@@ -1489,7 +1487,8 @@ static int update_root_ft_destroy(struct mlx5_flow_table *ft)
new_root_ft = find_next_ft(ft);
if (new_root_ft) {
- int err = mlx5_cmd_update_root_ft(root->dev, new_root_ft);
+ int err = mlx5_cmd_update_root_ft(root->dev, new_root_ft,
+ root->underlay_qpn);
if (err) {
mlx5_core_warn(root->dev, "Update root flow table of id=%u failed\n",
@@ -2062,3 +2061,21 @@ int mlx5_init_fs(struct mlx5_core_dev *dev)
mlx5_cleanup_fs(dev);
return err;
}
+
+int mlx5_fs_add_rx_underlay_qpn(struct mlx5_core_dev *dev, u32 underlay_qpn)
+{
+ struct mlx5_flow_root_namespace *root = dev->priv.steering->root_ns;
+
+ root->underlay_qpn = underlay_qpn;
+ return 0;
+}
+EXPORT_SYMBOL(mlx5_fs_add_rx_underlay_qpn);
+
+int mlx5_fs_remove_rx_underlay_qpn(struct mlx5_core_dev *dev, u32 underlay_qpn)
+{
+ struct mlx5_flow_root_namespace *root = dev->priv.steering->root_ns;
+
+ root->underlay_qpn = 0;
+ return 0;
+}
+EXPORT_SYMBOL(mlx5_fs_remove_rx_underlay_qpn);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.h b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.h
index 81eafc7b9dd9..990acee6fb09 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/fs_core.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/fs_core.h
@@ -118,7 +118,6 @@ struct mlx5_flow_table {
/* FWD rules that point on this flow table */
struct list_head fwd_rules;
u32 flags;
- u32 underlay_qpn;
};
struct mlx5_fc_cache {
@@ -195,6 +194,7 @@ struct mlx5_flow_root_namespace {
struct mlx5_flow_table *root_ft;
/* Should be held when chaining flow tables */
struct mutex chain_lock;
+ u32 underlay_qpn;
};
int mlx5_init_fc_stats(struct mlx5_core_dev *dev);
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c b/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c
index 56bff3540954..cc1858752e70 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/ipoib.c
@@ -160,6 +160,8 @@ static int mlx5i_create_underlay_qp(struct mlx5_core_dev *mdev, struct mlx5_core
static void mlx5i_destroy_underlay_qp(struct mlx5_core_dev *mdev, struct mlx5_core_qp *qp)
{
+ mlx5_fs_remove_rx_underlay_qpn(mdev, qp->qpn);
+
mlx5_core_destroy_qp(mdev, qp);
}
@@ -174,6 +176,8 @@ static int mlx5i_init_tx(struct mlx5e_priv *priv)
return err;
}
+ mlx5_fs_add_rx_underlay_qpn(priv->mdev, ipriv->qp.qpn);
+
err = mlx5e_create_tis(priv->mdev, 0 /* tc */, ipriv->qp.qpn, &priv->tisn[0]);
if (err) {
mlx5_core_warn(priv->mdev, "create tis failed, %d\n", err);
@@ -193,7 +197,6 @@ static void mlx5i_cleanup_tx(struct mlx5e_priv *priv)
static int mlx5i_create_flow_steering(struct mlx5e_priv *priv)
{
- struct mlx5i_priv *ipriv = priv->ppriv;
int err;
priv->fs.ns = mlx5_get_flow_namespace(priv->mdev,
@@ -209,7 +212,7 @@ static int mlx5i_create_flow_steering(struct mlx5e_priv *priv)
priv->netdev->hw_features &= ~NETIF_F_NTUPLE;
}
- err = mlx5e_create_ttc_table(priv, ipriv->qp.qpn);
+ err = mlx5e_create_ttc_table(priv);
if (err) {
netdev_err(priv->netdev, "Failed to create ttc table, err=%d\n",
err);
diff --git a/include/linux/mlx5/fs.h b/include/linux/mlx5/fs.h
index 1b166d2e19c5..b25e7baa273e 100644
--- a/include/linux/mlx5/fs.h
+++ b/include/linux/mlx5/fs.h
@@ -109,7 +109,6 @@ struct mlx5_flow_table_attr {
int max_fte;
u32 level;
u32 flags;
- u32 underlay_qpn;
};
struct mlx5_flow_table *
@@ -167,4 +166,7 @@ struct mlx5_fc *mlx5_fc_create(struct mlx5_core_dev *dev, bool aging);
void mlx5_fc_destroy(struct mlx5_core_dev *dev, struct mlx5_fc *counter);
void mlx5_fc_query_cached(struct mlx5_fc *counter,
u64 *bytes, u64 *packets, u64 *lastuse);
+int mlx5_fs_add_rx_underlay_qpn(struct mlx5_core_dev *dev, u32 underlay_qpn);
+int mlx5_fs_remove_rx_underlay_qpn(struct mlx5_core_dev *dev, u32 underlay_qpn);
+
#endif
--
2.11.0
^ permalink raw reply related
* Re: [PATCH] kmod: don't load module unless req process has CAP_SYS_MODULE
From: Greg Kroah-Hartman @ 2017-05-14 10:45 UTC (permalink / raw)
To: Mahesh Bandewar
Cc: Ingo Molnar, LKML, netdev, Eric W . Biederman, Kees Cook,
David Miller, Eric Dumazet, Mahesh Bandewar
In-Reply-To: <20170512232259.10820-1-mahesh@bandewar.net>
On Fri, May 12, 2017 at 04:22:59PM -0700, Mahesh Bandewar wrote:
> From: Mahesh Bandewar <maheshb@google.com>
>
> A process inside random user-ns should not load a module, which is
> currently possible. As demonstrated in following scenario -
>
> Create namespaces; especially a user-ns and become root inside.
> $ unshare -rfUp -- unshare -unm -- bash
>
> Try to load the bridge module. It should fail and this is expected!
> # modprobe bridge
> WARNING: Error inserting stp (/lib/modules/4.11.0-smp-DEV/kernel/net/802/stp.ko): Operation not permitted
> FATAL: Error inserting bridge (/lib/modules/4.11.0-smp-DEV/kernel/net/bridge/bridge.ko): Operation not permitted
>
> Verify bridge module is not loaded.
> # lsmod | grep bridge
> #
>
> Now try to create a bridge inside this newly created net-ns which would
> mean bridge module need to be loaded.
> # ip link add br0 type bridge
> # echo $?
> 0
> # lsmod | grep bridge
> bridge 110592 0
> stp 16384 1 bridge
> llc 16384 2 bridge,stp
> #
>
> After this patch -
> # ip link add br0 type bridge
> RTNETLINK answers: Operation not supported
> # echo $?
> 2
> # lsmod | grep bridge
> #
Well, it only loads this because the kernel asked for it to be loaded,
right?
>
> Signed-off-by: Mahesh Bandewar <maheshb@google.com>
> ---
> kernel/kmod.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/kernel/kmod.c b/kernel/kmod.c
> index 563f97e2be36..ac30157169b7 100644
> --- a/kernel/kmod.c
> +++ b/kernel/kmod.c
> @@ -133,6 +133,9 @@ int __request_module(bool wait, const char *fmt, ...)
> #define MAX_KMOD_CONCURRENT 50 /* Completely arbitrary value - KAO */
> static int kmod_loop_msg;
>
> + if (!capable(CAP_SYS_MODULE))
> + return -EPERM;
At first glance this looks right, but I'm worried what this will break
that currently relies on this. There might be lots of systems that are
used to this being the method that the needed module is requested. What
about when userspace asks for a random char device and that module is
then loaded? Does this patch break that functionality?
thanks,
greg k-h
^ permalink raw reply
* Re: iproute2 build error due to sr-ipv6 lwtunnel
From: Daniel Borkmann @ 2017-05-14 13:26 UTC (permalink / raw)
To: David Lebrun; +Cc: netdev, stephen
In-Reply-To: <590AFA8A.30602@iogearbox.net>
On 05/04/2017 11:55 AM, Daniel Borkmann wrote:
> On 05/04/2017 11:28 AM, David Lebrun wrote:
>> On 05/04/2017 11:13 AM, Daniel Borkmann wrote:
>>> Hi David,
>>>
>>> I'm getting the following build error from e8493916a8ed ("iproute:
>>> add support for SR-IPv6 lwtunnel encapsulation"). Reverting your
>>> commit makes iproute2 build again for me. Please take a look.
>>
>> Hi Daniel,
>>
>> This is because linux/seg6.h does an include of linux/in6.h (cf kernel
>> commit ea3ebc73b46fbdb049dafd47543bb22efaa09c8e "uapi: fix linux/seg6.h
>> and linux/seg6_iptunnel.h userspace compilation errors"), and iproute2's
>> include/utils.h requires the system /usr/include/resolv.h, which itself
>> includes /usr/include/netinet/in.h, re-defining struct in6_addr.
>>
>> However, netinet/in.h protects some struct definitions with #ifndef
>> __USE_KERNEL_IPV6_DEFS, which is explicitly defined in
>> iproute_lwtunnel.c, thus avoiding this specific issue.
>>
>> What is your glibc version ?
>
> Ok, I see, on one of my machines I have an old user space, but
> latest net/net-next kernel (+ installed kernel headers) and
> iproute2. glibc version there is 2.18.
David, are you still looking into fixing this?
^ permalink raw reply
* Re: [PATCH] kmod: don't load module unless req process has CAP_SYS_MODULE
From: Eric W. Biederman @ 2017-05-14 13:57 UTC (permalink / raw)
To: Greg Kroah-Hartman
Cc: Mahesh Bandewar, Ingo Molnar, LKML, netdev, Kees Cook,
David Miller, Eric Dumazet, Mahesh Bandewar
In-Reply-To: <20170514104537.GA29323@kroah.com>
Greg Kroah-Hartman <gregkh@linuxfoundation.org> writes:
> On Fri, May 12, 2017 at 04:22:59PM -0700, Mahesh Bandewar wrote:
>> From: Mahesh Bandewar <maheshb@google.com>
>>
>> A process inside random user-ns should not load a module, which is
>> currently possible. As demonstrated in following scenario -
>>
>> Create namespaces; especially a user-ns and become root inside.
>> $ unshare -rfUp -- unshare -unm -- bash
>>
>> Try to load the bridge module. It should fail and this is expected!
>> # modprobe bridge
>> WARNING: Error inserting stp (/lib/modules/4.11.0-smp-DEV/kernel/net/802/stp.ko): Operation not permitted
>> FATAL: Error inserting bridge (/lib/modules/4.11.0-smp-DEV/kernel/net/bridge/bridge.ko): Operation not permitted
>>
>> Verify bridge module is not loaded.
>> # lsmod | grep bridge
>> #
>>
>> Now try to create a bridge inside this newly created net-ns which would
>> mean bridge module need to be loaded.
>> # ip link add br0 type bridge
>> # echo $?
>> 0
>> # lsmod | grep bridge
>> bridge 110592 0
>> stp 16384 1 bridge
>> llc 16384 2 bridge,stp
>> #
>>
>> After this patch -
>> # ip link add br0 type bridge
>> RTNETLINK answers: Operation not supported
>> # echo $?
>> 2
>> # lsmod | grep bridge
>> #
>
> Well, it only loads this because the kernel asked for it to be loaded,
> right?
>
>>
>> Signed-off-by: Mahesh Bandewar <maheshb@google.com>
>> ---
>> kernel/kmod.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/kernel/kmod.c b/kernel/kmod.c
>> index 563f97e2be36..ac30157169b7 100644
>> --- a/kernel/kmod.c
>> +++ b/kernel/kmod.c
>> @@ -133,6 +133,9 @@ int __request_module(bool wait, const char *fmt, ...)
>> #define MAX_KMOD_CONCURRENT 50 /* Completely arbitrary value - KAO */
>> static int kmod_loop_msg;
>>
>> + if (!capable(CAP_SYS_MODULE))
>> + return -EPERM;
>
> At first glance this looks right, but I'm worried what this will break
> that currently relies on this. There might be lots of systems that are
> used to this being the method that the needed module is requested. What
> about when userspace asks for a random char device and that module is
> then loaded? Does this patch break that functionality?
For the specific example give I think we would be better served by
adding a capability check at the call site. In this case CAP_NET_ADMIN
as those are the capabilities iproute traditionally has.
We have something similar in dev_load in already in the networking code.
This limits the people who can't load modules to root user in user
namespaces. I would be fine with any other code paths in a user
namespace getting a similar treatment.
Eric
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index bcb0f610ee42..6b72528a4636 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -2595,7 +2595,7 @@ static int rtnl_newlink(struct sk_buff *skb, struct nlmsghdr *nlh,
if (!ops) {
#ifdef CONFIG_MODULES
- if (kind[0]) {
+ if (kind[0] && capable(CAP_NET_ADMIN)) {
__rtnl_unlock();
request_module("rtnl-link-%s", kind);
rtnl_lock();
^ permalink raw reply related
* Re: [PATCH 2/3] bpf: Track alignment of MAP pointers in verifier.
From: Daniel Borkmann @ 2017-05-14 14:31 UTC (permalink / raw)
To: David Miller; +Cc: ast, alexei.starovoitov, netdev
In-Reply-To: <20170512.222856.46437864475991511.davem@davemloft.net>
On 05/13/2017 04:28 AM, David Miller wrote:
>
> Just like packet pointers, track the known alignment of MAP pointers.
>
> In order to facilitate the state tracking, move the register offset
> field into where there is an unused 32-bit padding slot on 64-bit.
>
> The check logic is the same as for packet pointers, except we do not
> apply NET_IP_ALIGN to the calculations.
>
> Also, there are several restrictions that apply to packet pointers
> which we do not extend to MAP pointers. For example, the
> MAX_PACKET_OFF limitation and the "adding integer with < 48 upper zero
> bits" thing.
>
> When we add a variable to the MAP pointer, all of the state
> transitions are identical except that we elide the reg->range clear
> because it is a packet pointer specific piece of state.
>
> This changes the string emitted when an unaligned access is trapped by
> the verifier. Therefore, we need to adjust the search string used by
> test_verifier.c
>
> Signed-off-by: David S. Miller <davem@davemloft.net>
(Sorry for late reply, still thinking/reviewing on it.)
[...]
> @@ -823,10 +825,27 @@ static int check_pkt_ptr_alignment(const struct bpf_reg_state *reg,
> }
>
> static int check_val_ptr_alignment(const struct bpf_reg_state *reg,
> - int size, bool strict)
> + int off, int size, bool strict)
> {
> - if (strict && size != 1) {
> - verbose("Unknown alignment. Only byte-sized access allowed in value access.\n");
> + int reg_off;
> +
> + /* Byte size accesses are always allowed. */
> + if (!strict || size == 1)
> + return 0;
> +
> + reg_off = reg->off;
> + if (reg->id) {
> + if (reg->aux_off_align % size) {
> + verbose("Value access is only %u byte aligned, %d byte access not allowed\n",
> + reg->aux_off_align, size);
> + return -EACCES;
> + }
> + reg_off += reg->aux_off;
> + }
What are the semantics of using id here? In ptr_to_pkt, we have it, so
that eventually, in find_good_pkt_pointers() we can match on id and update
the range for all such regs with the same id. I'm just wondering as the
side effect of this is that this makes state pruning worse.
Also, reg->off is currently only used in ptr_to_pkt types and checked as
well in check_packet_access(). Now as semantics change, do we need to check
for it as well in check_map_access_adj() which we currently don't do?
> + if ((reg_off + off) % size != 0) {
> + verbose("misaligned value access off %d+%d size %d\n",
> + reg_off, off, size);
> return -EACCES;
> }
>
> @@ -846,7 +865,7 @@ static int check_ptr_alignment(struct bpf_verifier_env *env,
> case PTR_TO_PACKET:
> return check_pkt_ptr_alignment(reg, off, size, strict);
> case PTR_TO_MAP_VALUE_ADJ:
> - return check_val_ptr_alignment(reg, size, strict);
> + return check_val_ptr_alignment(reg, off, size, strict);
> default:
> if (off % size != 0) {
> verbose("misaligned access off %d size %d\n",
[...]
> -static int check_packet_ptr_add(struct bpf_verifier_env *env,
> - struct bpf_insn *insn)
> +static int check_pointer_add(struct bpf_verifier_env *env,
> + struct bpf_insn *insn, bool is_packet)
> {
> struct bpf_reg_state *regs = env->cur_state.regs;
> struct bpf_reg_state *dst_reg = ®s[insn->dst_reg];
> @@ -1468,28 +1489,28 @@ static int check_packet_ptr_add(struct bpf_verifier_env *env,
> s32 imm;
>
> if (BPF_SRC(insn->code) == BPF_K) {
> - /* pkt_ptr += imm */
> + /* pointer += imm */
> imm = insn->imm;
>
> add_imm:
> - if (imm < 0) {
> - verbose("addition of negative constant to packet pointer is not allowed\n");
> - return -EACCES;
> - }
> - if (imm >= MAX_PACKET_OFF ||
> - imm + dst_reg->off >= MAX_PACKET_OFF) {
> - verbose("constant %d is too large to add to packet pointer\n",
> - imm);
> - return -EACCES;
> + if (is_packet) {
> + if (imm < 0) {
> + verbose("addition of negative constant to packet pointer is not allowed\n");
> + return -EACCES;
> + }
> + if (imm >= MAX_PACKET_OFF ||
> + imm + dst_reg->off >= MAX_PACKET_OFF) {
> + verbose("constant %d is too large to add to packet pointer\n",
> + imm);
> + return -EACCES;
> + }
> }
> - /* a constant was added to pkt_ptr.
> + /* a constant was added to the pointer.
> * Remember it while keeping the same 'id'
> */
> dst_reg->off += imm;
Can this now overflow for map type? Also in the UNKNOWN_VALUE case
below since overflow checks are then only enforced in ptr_to_pkt case?
> } else {
> - bool had_id;
> -
> - if (src_reg->type == PTR_TO_PACKET) {
> + if (is_packet && src_reg->type == PTR_TO_PACKET) {
> /* R6=pkt(id=0,off=0,r=62) R7=imm22; r7 += r6 */
> tmp_reg = *dst_reg; /* save r7 state */
> *dst_reg = *src_reg; /* copy pkt_ptr state r6 into r7 */
I believe clang could probably generate something similar also for
map value pointers.
> @@ -1503,46 +1524,62 @@ static int check_packet_ptr_add(struct bpf_verifier_env *env,
> }
>
> if (src_reg->type == CONST_IMM) {
> - /* pkt_ptr += reg where reg is known constant */
> + /* pointer += reg where reg is known constant */
> imm = src_reg->imm;
> goto add_imm;
> }
> - /* disallow pkt_ptr += reg
> + /* disallow pointer += reg
> * if reg is not uknown_value with guaranteed zero upper bits
> - * otherwise pkt_ptr may overflow and addition will become
> + * otherwise pointer_ptr may overflow and addition will become
> * subtraction which is not allowed
> */
> if (src_reg->type != UNKNOWN_VALUE) {
> - verbose("cannot add '%s' to ptr_to_packet\n",
> + verbose("cannot add '%s' to pointer\n",
> reg_type_str[src_reg->type]);
> return -EACCES;
> }
> - if (src_reg->imm < 48) {
> + if (is_packet && src_reg->imm < 48) {
> verbose("cannot add integer value with %lld upper zero bits to ptr_to_packet\n",
> src_reg->imm);
> return -EACCES;
> }
>
> - had_id = (dst_reg->id != 0);
> -
> - /* dst_reg stays as pkt_ptr type and since some positive
> + /* dst_reg stays as the same type and since some positive
> * integer value was added to the pointer, increment its 'id'
> */
> dst_reg->id = ++env->id_gen;
>
> - /* something was added to pkt_ptr, set range to zero */
> dst_reg->aux_off += dst_reg->off;
> dst_reg->off = 0;
> - dst_reg->range = 0;
> - if (had_id)
> +
> + if (is_packet) {
> + /* something was added to packet ptr, set range to zero */
> + dst_reg->range = 0;
> + }
> + if (dst_reg->aux_off_align) {
> dst_reg->aux_off_align = min(dst_reg->aux_off_align,
^ permalink raw reply
* Re: [PATCH] net/smc: mark as BROKEN due to remote memory exposure
From: David Miller @ 2017-05-14 15:51 UTC (permalink / raw)
To: hch; +Cc: Bart.VanAssche, netdev, linux-rdma, stable, ubraun
In-Reply-To: <20170514055848.GA23149@lst.de>
From: Christoph Hellwig <hch@lst.de>
Date: Sun, 14 May 2017 07:58:48 +0200
> this patch has not been superceeded by anything, can you explain why
> it has been marked as such in patchworks?
I think you're being overbearing by requiring this to be marked BROKEN
and I would like you to explore other ways with the authors to fix
whatever perceived problems you think SMC has.
You claim that this is somehow "urgent" is false. You can ask
distributions to disable SMC or whatever in the short term if it
reallly, truly, bothers you.
^ permalink raw reply
* question on devices that have a UUID but no MAC
From: Oliver Neukum @ 2017-05-14 16:48 UTC (permalink / raw)
To: netdev
Hi,
is there a canonical way to use a device's UUID to generate a MAC
inside the kernel? If I add it, where does it belong into?
Regards
Oliver
^ permalink raw reply
* [PATCH 1/3] Fix ERROR: trailing statements should be on next line
From: Maciek Fijalkowski @ 2017-05-14 17:51 UTC (permalink / raw)
To: mst; +Cc: jasonwang, virtualization, netdev, linux-kernel,
Maciej Fijalkowski
From: Maciej Fijalkowski <macfij7@wp.pl>
Signed-off-by: Maciej Fijalkowski <macfij7@wp.pl>
---
drivers/net/virtio_net.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index 9320d96..f20dfb8 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -217,7 +217,8 @@ static void give_pages(struct receive_queue *rq, struct page *page)
struct page *end;
/* Find end of list, sew whole thing into vi->rq.pages. */
- for (end = page; end->private; end = (struct page *)end->private);
+ for (end = page; end->private; end = (struct page *)end->private)
+ ;
end->private = (unsigned long)rq->pages;
rq->pages = page;
}
--
2.4.11
^ permalink raw reply related
* [PATCH 2/3] Fix ERROR: Macros with complex values should be enclosed in parentheses
From: Maciek Fijalkowski @ 2017-05-14 17:51 UTC (permalink / raw)
To: mst; +Cc: jasonwang, virtualization, netdev, linux-kernel,
Maciej Fijalkowski
In-Reply-To: <20170514175130.18664-1-macfij7@wp.pl>
From: Maciej Fijalkowski <macfij7@wp.pl>
Signed-off-by: Maciej Fijalkowski <macfij7@wp.pl>
---
drivers/net/virtio_net.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index f20dfb8..6c8170c 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -2663,7 +2663,7 @@ static struct virtio_device_id id_table[] = {
};
#define VIRTNET_FEATURES \
- VIRTIO_NET_F_CSUM, VIRTIO_NET_F_GUEST_CSUM, \
+ (VIRTIO_NET_F_CSUM, VIRTIO_NET_F_GUEST_CSUM, \
VIRTIO_NET_F_MAC, \
VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_UFO, VIRTIO_NET_F_HOST_TSO6, \
VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, \
@@ -2672,7 +2672,7 @@ static struct virtio_device_id id_table[] = {
VIRTIO_NET_F_CTRL_RX, VIRTIO_NET_F_CTRL_VLAN, \
VIRTIO_NET_F_GUEST_ANNOUNCE, VIRTIO_NET_F_MQ, \
VIRTIO_NET_F_CTRL_MAC_ADDR, \
- VIRTIO_NET_F_MTU
+ VIRTIO_NET_F_MTU)
static unsigned int features[] = {
VIRTNET_FEATURES,
--
2.4.11
^ permalink raw reply related
* [PATCH 3/3] Fix ERROR: code indent should use tabs where possible
From: Maciek Fijalkowski @ 2017-05-14 17:51 UTC (permalink / raw)
To: mst; +Cc: jasonwang, virtualization, netdev, linux-kernel,
Maciej Fijalkowski
In-Reply-To: <20170514175130.18664-1-macfij7@wp.pl>
From: Maciej Fijalkowski <macfij7@wp.pl>
Signed-off-by: Maciej Fijalkowski <macfij7@wp.pl>
---
drivers/net/virtio_net.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index 6c8170c..5d71e9f 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -2717,7 +2717,7 @@ static __init int virtio_net_driver_init(void)
if (ret)
goto err_dead;
- ret = register_virtio_driver(&virtio_net_driver);
+ ret = register_virtio_driver(&virtio_net_driver);
if (ret)
goto err_virtio;
return 0;
--
2.4.11
^ permalink raw reply related
* [PATCH net] i40e: proper update of the page_offset field
From: Björn Töpel @ 2017-05-14 17:56 UTC (permalink / raw)
To: netdev, intel-wired-lan
Cc: Björn Töpel, alexander.h.duyck, jeffrey.t.kirsher
From: Björn Töpel <bjorn.topel@intel.com>
In f8b45b74cc62 ("i40e/i40evf: Use build_skb to build frames")
i40e_build_skb updates the page_offset field with an incorrect offset,
which can lead to data corruption. This patch updates page_offset
correctly.
Note that the bug only appears on architectures where PAGE_SIZE is
8192 or larger.
Fixes: f8b45b74cc62 ("i40e/i40evf: Use build_skb to build frames")
Signed-off-by: Björn Töpel <bjorn.topel@intel.com>
---
drivers/net/ethernet/intel/i40e/i40e_txrx.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/intel/i40e/i40e_txrx.c b/drivers/net/ethernet/intel/i40e/i40e_txrx.c
index 29321a6167a6..cd894f4023b1 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_txrx.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_txrx.c
@@ -1854,7 +1854,8 @@ static struct sk_buff *i40e_build_skb(struct i40e_ring *rx_ring,
#if (PAGE_SIZE < 8192)
unsigned int truesize = i40e_rx_pg_size(rx_ring) / 2;
#else
- unsigned int truesize = SKB_DATA_ALIGN(size);
+ unsigned int truesize = SKB_DATA_ALIGN(sizeof(struct skb_shared_info)) +
+ SKB_DATA_ALIGN(I40E_SKB_PAD + size);
#endif
struct sk_buff *skb;
--
2.11.0
^ permalink raw reply related
* Re: [PATCH 2/3] Fix ERROR: Macros with complex values should be enclosed in parentheses
From: kbuild test robot @ 2017-05-14 18:48 UTC (permalink / raw)
To: Maciek Fijalkowski
Cc: mst, netdev, linux-kernel, virtualization, jasonwang, kbuild-all,
Maciej Fijalkowski
In-Reply-To: <20170514175130.18664-2-macfij7@wp.pl>
[-- Attachment #1: Type: text/plain, Size: 9598 bytes --]
Hi Maciej,
[auto build test ERROR on net-next/master]
[also build test ERROR on v4.12-rc1 next-20170512]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]
url: https://github.com/0day-ci/linux/commits/Maciek-Fijalkowski/Fix-ERROR-trailing-statements-should-be-on-next-line/20170515-021304
config: x86_64-acpi-redef (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All error/warnings (new ones prefixed by >>):
drivers//net/virtio_net.c:2647:20: warning: left-hand operand of comma expression has no effect [-Wunused-value]
(VIRTIO_NET_F_CSUM, VIRTIO_NET_F_GUEST_CSUM, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2647:45: warning: left-hand operand of comma expression has no effect [-Wunused-value]
(VIRTIO_NET_F_CSUM, VIRTIO_NET_F_GUEST_CSUM, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2648:18: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_MAC, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2649:24: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_UFO, VIRTIO_NET_F_HOST_TSO6, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2649:47: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_UFO, VIRTIO_NET_F_HOST_TSO6, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2649:71: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_UFO, VIRTIO_NET_F_HOST_TSO6, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2650:23: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2650:48: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2650:73: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2651:24: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_GUEST_ECN, VIRTIO_NET_F_GUEST_UFO, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2651:48: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_GUEST_ECN, VIRTIO_NET_F_GUEST_UFO, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2652:24: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_MRG_RXBUF, VIRTIO_NET_F_STATUS, VIRTIO_NET_F_CTRL_VQ, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2652:45: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_MRG_RXBUF, VIRTIO_NET_F_STATUS, VIRTIO_NET_F_CTRL_VQ, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2652:67: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_MRG_RXBUF, VIRTIO_NET_F_STATUS, VIRTIO_NET_F_CTRL_VQ, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2653:22: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_CTRL_RX, VIRTIO_NET_F_CTRL_VLAN, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2653:46: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_CTRL_RX, VIRTIO_NET_F_CTRL_VLAN, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2654:29: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_GUEST_ANNOUNCE, VIRTIO_NET_F_MQ, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2654:46: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_GUEST_ANNOUNCE, VIRTIO_NET_F_MQ, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
drivers//net/virtio_net.c:2655:28: warning: left-hand operand of comma expression has no effect [-Wunused-value]
VIRTIO_NET_F_CTRL_MAC_ADDR, \
^
>> drivers//net/virtio_net.c:2659:2: note: in expansion of macro 'VIRTNET_FEATURES'
VIRTNET_FEATURES,
^~~~~~~~~~~~~~~~
>> drivers//net/virtio_net.c:2647:2: error: initializer element is not constant
(VIRTIO_NET_F_CSUM, VIRTIO_NET_F_GUEST_CSUM, \
^
vim +/VIRTNET_FEATURES +2659 drivers//net/virtio_net.c
296f96fc Rusty Russell 2007-10-22 2641 static struct virtio_device_id id_table[] = {
296f96fc Rusty Russell 2007-10-22 2642 { VIRTIO_ID_NET, VIRTIO_DEV_ANY_ID },
296f96fc Rusty Russell 2007-10-22 2643 { 0 },
296f96fc Rusty Russell 2007-10-22 2644 };
296f96fc Rusty Russell 2007-10-22 2645
f3358507 Michael S. Tsirkin 2016-11-04 2646 #define VIRTNET_FEATURES \
d66a5bc5 Maciej Fijalkowski 2017-05-14 @2647 (VIRTIO_NET_F_CSUM, VIRTIO_NET_F_GUEST_CSUM, \
f3358507 Michael S. Tsirkin 2016-11-04 2648 VIRTIO_NET_F_MAC, \
f3358507 Michael S. Tsirkin 2016-11-04 2649 VIRTIO_NET_F_HOST_TSO4, VIRTIO_NET_F_HOST_UFO, VIRTIO_NET_F_HOST_TSO6, \
f3358507 Michael S. Tsirkin 2016-11-04 2650 VIRTIO_NET_F_HOST_ECN, VIRTIO_NET_F_GUEST_TSO4, VIRTIO_NET_F_GUEST_TSO6, \
f3358507 Michael S. Tsirkin 2016-11-04 2651 VIRTIO_NET_F_GUEST_ECN, VIRTIO_NET_F_GUEST_UFO, \
f3358507 Michael S. Tsirkin 2016-11-04 2652 VIRTIO_NET_F_MRG_RXBUF, VIRTIO_NET_F_STATUS, VIRTIO_NET_F_CTRL_VQ, \
f3358507 Michael S. Tsirkin 2016-11-04 2653 VIRTIO_NET_F_CTRL_RX, VIRTIO_NET_F_CTRL_VLAN, \
f3358507 Michael S. Tsirkin 2016-11-04 2654 VIRTIO_NET_F_GUEST_ANNOUNCE, VIRTIO_NET_F_MQ, \
f3358507 Michael S. Tsirkin 2016-11-04 2655 VIRTIO_NET_F_CTRL_MAC_ADDR, \
d66a5bc5 Maciej Fijalkowski 2017-05-14 2656 VIRTIO_NET_F_MTU)
f3358507 Michael S. Tsirkin 2016-11-04 2657
c45a6816 Rusty Russell 2008-05-02 2658 static unsigned int features[] = {
f3358507 Michael S. Tsirkin 2016-11-04 @2659 VIRTNET_FEATURES,
f3358507 Michael S. Tsirkin 2016-11-04 2660 };
f3358507 Michael S. Tsirkin 2016-11-04 2661
f3358507 Michael S. Tsirkin 2016-11-04 2662 static unsigned int features_legacy[] = {
:::::: The code at line 2659 was first introduced by commit
:::::: f3358507c11999c91abf54744658bccd49b5879c virtio-net: drop legacy features in virtio 1 mode
:::::: TO: Michael S. Tsirkin <mst@redhat.com>
:::::: CC: David S. Miller <davem@davemloft.net>
---
0-DAY kernel test infrastructure Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 31444 bytes --]
[-- Attachment #3: Type: text/plain, Size: 183 bytes --]
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
^ permalink raw reply
* Re: [PATCH v4] net/mlx4_core: Use min3 to select number of MSI-X vectors
From: Yuval Shaia @ 2017-05-14 19:01 UTC (permalink / raw)
To: yishaih-VPRAkNaXOzVWk0Htik3J/w, netdev-u79uwXL29TY76Z2rM5mHXA,
linux-rdma-u79uwXL29TY76Z2rM5mHXA, leonro-VPRAkNaXOzVWk0Htik3J/w
In-Reply-To: <1494569451-2567-1-git-send-email-yuval.shaia-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
On Fri, May 12, 2017 at 09:10:51AM +0300, Yuval Shaia wrote:
> Signed-off-by: Yuval Shaia <yuval.shaia-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
> ---
> v0 -> v1:
> * s/"min_t("/"min_t(int"
> v1 -> v2:
> * Use min3 instead of min_t twice
> v2 -> v3:
> * Change commit log header message to reflect the changes made in
> v2
> v3 -> v4:
> * Cast return value from num_online_cpus to int to avoid
> compilation errors from "sparse"
Hi Leon,
Got your r-b for v3, can you please review v4?
Thanks,
> ---
> drivers/net/ethernet/mellanox/mlx4/main.c | 10 ++++------
> 1 file changed, 4 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/net/ethernet/mellanox/mlx4/main.c b/drivers/net/ethernet/mellanox/mlx4/main.c
> index 7032054..83aab1e 100644
> --- a/drivers/net/ethernet/mellanox/mlx4/main.c
> +++ b/drivers/net/ethernet/mellanox/mlx4/main.c
> @@ -2862,12 +2862,10 @@ static void mlx4_enable_msi_x(struct mlx4_dev *dev)
> int port = 0;
>
> if (msi_x) {
> - int nreq = dev->caps.num_ports * num_online_cpus() + 1;
> -
> - nreq = min_t(int, dev->caps.num_eqs - dev->caps.reserved_eqs,
> - nreq);
> - if (nreq > MAX_MSIX)
> - nreq = MAX_MSIX;
> + int nreq = min3(dev->caps.num_ports *
> + (int)num_online_cpus() + 1,
> + dev->caps.num_eqs - dev->caps.reserved_eqs,
> + MAX_MSIX);
>
> entries = kcalloc(nreq, sizeof *entries, GFP_KERNEL);
> if (!entries)
> --
> 2.7.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
> the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH] net/smc: mark as BROKEN due to remote memory exposure
From: Bart Van Assche @ 2017-05-14 19:08 UTC (permalink / raw)
To: hch@lst.de, davem@davemloft.net
Cc: netdev@vger.kernel.org, linux-rdma@vger.kernel.org,
stable@vger.kernel.org, ubraun@linux.vnet.ibm.com
In-Reply-To: <20170514.115116.499149210596634881.davem@davemloft.net>
On Sun, 2017-05-14 at 11:51 -0400, David Miller wrote:
> From: Christoph Hellwig <hch@lst.de>
> Date: Sun, 14 May 2017 07:58:48 +0200
>
> > this patch has not been superceeded by anything, can you explain why
> > it has been marked as such in patchworks?
>
> I think you're being overbearing by requiring this to be marked BROKEN
> and I would like you to explore other ways with the authors to fix
> whatever perceived problems you think SMC has.
>
> You claim that this is somehow "urgent" is false. You can ask
> distributions to disable SMC or whatever in the short term if it
> reallly, truly, bothers you.
Hello Dave,
There is agreement that the user-space API for using the SMC protocol must
be changed, namely by dropping AF_SMC and by making applications use the
SMC protocol through socket(AF_INET..., SOCK_STREAM, ...). What is your
plan to avoid that applications start using and depending on AF_SMC?
Thanks,
Bart.
^ permalink raw reply
* Re: [PATCH] net: ipv6: Truncate single route when it doesn't fit into dump buffer.
From: Johannes Berg @ 2017-05-14 21:00 UTC (permalink / raw)
To: Jan Moskyto Matejka, David Ahern; +Cc: David Miller, mq, netdev, roopa
In-Reply-To: <20170513172915.5ram3mlsy4ihzwmw@lopatka.joja.cz>
On Sat, 2017-05-13 at 19:29 +0200, Jan Moskyto Matejka wrote:
>
> > When adding a route to the skb, track whether it contains at least
> > 1
> > route. If not, it means the next route in the dump is larger than
> > the
> > given buffer. Detect this condition and error out of the dump -
> > returning an error to the user (-ENOSPC? or EMSGSIZE?)
>
> EMSGSIZE seems OK for me.
If we return an error here, and consequently allow for userspace
changes to pick this up, perhaps we could also consider allowing to
split the dump between nexthops, so that arbitrary such things can be
returned.
We did a similar thing in nl80211 at some point - originally, a dump of
wireless devices present was doing a whole device per message, we later
allowed splitting a single device across multiple messages because
capability information was reaching a reasonable message size limit.
johannes
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox