* Re: [PATCH RFC 3/5] sched/cpufreq: Fix incorrect RCU API usage
From: Steven Rostedt @ 2019-02-21 16:17 UTC (permalink / raw)
To: Joel Fernandes (Google)
Cc: linux-kernel, Alexei Starovoitov, Christian Brauner,
Daniel Borkmann, David Ahern, David S. Miller, Ido Schimmel,
Ingo Molnar, moderated list:INTEL ETHERNET DRIVERS,
Jakub Kicinski, Jeff Kirsher, Jesper Dangaard Brouer,
John Fastabend, Josh Triplett, keescook, Lai Jiangshan,
Martin KaFai Lau, Mathieu Desnoyers, netdev, Paul E. McKenney,
Peter Zijlstra, rcu, Song Liu, xdp-newbies, Yonghong Song,
Rafael J. Wysocki
In-Reply-To: <20190221054942.132388-4-joel@joelfernandes.org>
On Thu, 21 Feb 2019 00:49:40 -0500
"Joel Fernandes (Google)" <joel@joelfernandes.org> wrote:
> Recently I added an RCU annotation check to rcu_assign_pointer(). All
> pointers assigned to RCU protected data are to be annotated with __rcu
> inorder to be able to use rcu_assign_pointer() similar to checks in
> other RCU APIs.
>
> This resulted in a sparse error: kernel//sched/cpufreq.c:41:9: sparse:
> error: incompatible types in comparison expression (different address
> spaces)
>
> Fix this by using the correct APIs for RCU accesses. This will
> potentially avoid any future bugs in the code. If it is felt that RCU
> protection is not needed here, then the rcu_assign_pointer call can be
> dropped and replaced with, say, WRITE_ONCE or smp_store_release. Or, may
> be we add a new API to do it. But calls rcu_assign_pointer seems an
> abuse of the RCU API unless RCU is being used.
This all looks broken, and this patch is papering over the issue, or
worse, hiding it.
>
> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
> ---
> kernel/sched/cpufreq.c | 8 ++++++--
> kernel/sched/sched.h | 2 +-
> 2 files changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/sched/cpufreq.c b/kernel/sched/cpufreq.c
> index 22bd8980f32f..c9aeb3bf5dc2 100644
> --- a/kernel/sched/cpufreq.c
> +++ b/kernel/sched/cpufreq.c
> @@ -7,7 +7,7 @@
> */
> #include "sched.h"
>
> -DEFINE_PER_CPU(struct update_util_data *, cpufreq_update_util_data);
> +DEFINE_PER_CPU(struct update_util_data __rcu *, cpufreq_update_util_data);
>
> /**
> * cpufreq_add_update_util_hook - Populate the CPU's update_util_data pointer.
> @@ -34,8 +34,12 @@ void cpufreq_add_update_util_hook(int cpu, struct update_util_data *data,
> if (WARN_ON(!data || !func))
> return;
>
> - if (WARN_ON(per_cpu(cpufreq_update_util_data, cpu)))
> + rcu_read_lock();
> + if (WARN_ON(rcu_dereference(per_cpu(cpufreq_update_util_data, cpu)))) {
> + rcu_read_unlock();
> return;
> + }
> + rcu_read_unlock();
>
> data->func = func;
> rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), data);
An rcu_assign_pointer() is to update something that is going to be read
under rcu_read_lock() elsewhere. But updates to an rcu variable are not
protected by rcu_read_lock() (hence the "read" in the name). Adding
rcu_read_lock() above does nothing, but perhaps hides an issue.
Writes usually have something else that protects against races. Thus,
the above shouldn't be switched to using a rcu_dereference(), but
perhaps a rcu_dereference_protected(), with whatever is protecting
updates?
Which doing a bit of investigating, looks to be the rwsem
"policy->rwsem", where policy comes from:
policy = cpufreq_cpu_get(cpu);
I would say the code as is, is not broken. But this patch isn't helping
anything.
-- Steve
> diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h
> index d04530bf251f..2ab545d40381 100644
> --- a/kernel/sched/sched.h
> +++ b/kernel/sched/sched.h
> @@ -2166,7 +2166,7 @@ static inline u64 irq_time_read(int cpu)
> #endif /* CONFIG_IRQ_TIME_ACCOUNTING */
>
> #ifdef CONFIG_CPU_FREQ
> -DECLARE_PER_CPU(struct update_util_data *, cpufreq_update_util_data);
> +DECLARE_PER_CPU(struct update_util_data __rcu *, cpufreq_update_util_data);
>
> /**
> * cpufreq_update_util - Take a note about CPU utilization changes.
^ permalink raw reply
* Re: [PATCH] drivers: net: phy: mdio-mux: Add support for Generic Mux controls
From: Peter Rosin @ 2019-02-21 16:17 UTC (permalink / raw)
To: Andrew Lunn, Pankaj Bansal
Cc: Leo Li, Florian Fainelli, Heiner Kallweit, netdev@vger.kernel.org
In-Reply-To: <20190221151753.GC5894@lunn.ch>
On 2019-02-21 16:17, Andrew Lunn wrote:
>>>> config MDIO_BUS_MUX
>>>> tristate
>>>> depends on OF_MDIO
>>>> + select MULTIPLEXER
>>>> help
>>>> This module provides a driver framework for MDIO bus
>>>> multiplexers which connect one of several child MDIO busses
>>>
>>> Hi Pankaj
>>>
>>> Please add a MDIO_BUS_MUX_MULTIPLEXER and put all the code into mdio-
>>> mux-multiplexer.c
>>
>> Isn't MUX short for MULTIPLEXER ? wouldn't this be more confusing ?
>
> Look at the pattern:
>
> config MDIO_BUS_MUX
> config MDIO_BUS_MUX_BCM_IPROC
> config MDIO_BUS_MUX_GPIO
> config MDIO_BUS_MUX_MMIOREG
>
> You are adding another sort of MUX, A Mux that uses a kernel
> Multiplexer. Hence the name should be MDIO_BUS_MUX_MULTIPLEXER.
>
> You can try to avoid confusion by using good help text:
>
> help This module provides a driver for MDIO bus multiplexer
> that is controlled via the kernel multiplexer subsystem. The
> bus multiplexer connects one of several child MDIO busses to
> a parent bus. Child bus selection is under the control of
> the kernel multiplexer subsystem.
>
> This test basically follows the other MDIO multiplexers.
The same "problem" happened for I2C muxes, and there the driver
ended up being "i2c-mux-gpmux" with config symbol I2C_MUX_GPMUX, with
GP being short for general purpose.
If that matters...
Cheers,
Peter
^ permalink raw reply
* Re: [PATCH v5 0/5] M_CAN Framework re-write
From: Dan Murphy @ 2019-02-21 16:24 UTC (permalink / raw)
To: wg, mkl, davem; +Cc: linux-can, netdev, linux-kernel
In-Reply-To: <20190214182754.30721-1-dmurphy@ti.com>
Bump
On 2/14/19 12:27 PM, Dan Murphy wrote:
> Hello
>
> OK I did not give up on this patch series just got a little preoccupied with
> some other kernel work. But here is the update per the comments.
>
> It should be understood I broke these out for reviewability.
> For instance the first patch does not compile on its own as including this
> patch should not change the current functionality and it pulls all the io-mapped
> code from the m_can base file to a platfrom file.
>
> The next patch "Migrate the m_can code to use the framework"
> is the change to the kernel for the io-mapped conversion from a flat file to use
> the framework. Finally the rename patch just renames the m_can_priv to
> m_can_classdev. I broke this change out specifically for readability of the
> migration patch per comments on the code.
>
> AFAIC the first 3 patches can all be squashed into a single patch. Or the
> first 2 patches in the series can be re-arranged but then m_can functionality is
> affected in the migration patch.
>
> Again the first 3 patches here are all just for readability and review purposes.
>
> Dan
>
> Dan Murphy (5):
> can: m_can: Create a m_can platform framework
> can: m_can: Migrate the m_can code to use the framework
> can: m_can: Rename m_can_priv to m_can_classdev
> dt-bindings: can: tcan4x5x: Add DT bindings for TCAN4x5X driver
> can: tcan4x5x: Add tcan4x5x driver to the kernel
>
> .../devicetree/bindings/net/can/tcan4x5x.txt | 37 +
> drivers/net/can/m_can/Kconfig | 14 +-
> drivers/net/can/m_can/Makefile | 2 +
> drivers/net/can/m_can/m_can.c | 788 +++++++++---------
> drivers/net/can/m_can/m_can.h | 159 ++++
> drivers/net/can/m_can/m_can_platform.c | 198 +++++
> drivers/net/can/m_can/tcan4x5x.c | 531 ++++++++++++
> 7 files changed, 1320 insertions(+), 409 deletions(-)
> create mode 100644 Documentation/devicetree/bindings/net/can/tcan4x5x.txt
> create mode 100644 drivers/net/can/m_can/m_can.h
> create mode 100644 drivers/net/can/m_can/m_can_platform.c
> create mode 100644 drivers/net/can/m_can/tcan4x5x.c
>
--
------------------
Dan Murphy
^ permalink raw reply
* Re: [PATCH net-next 1/5] net/mlx5e: Return -EOPNOTSUPP when modify header action zero
From: Or Gerlitz @ 2019-02-21 16:26 UTC (permalink / raw)
To: Tonghao Zhang; +Cc: Saeed Mahameed, Linux Netdev List
In-Reply-To: <1550715283-23579-1-git-send-email-xiangxia.m.yue@gmail.com>
On Thu, Feb 21, 2019 at 3:42 PM <xiangxia.m.yue@gmail.com> wrote:
> else /* namespace is MLX5_FLOW_NAMESPACE_KERNEL - NIC offloading */
> max_actions = MLX5_CAP_FLOWTABLE_NIC_RX(priv->mdev, max_modify_header_actions);
>
> + if (!max_actions) {
> + NL_SET_ERR_MSG_MOD(extack,
> + "don't support pedit actions, can't offload");
> + netdev_warn(priv->netdev, "don't support pedit actions, can't offload\n");
it's not going to work if we keep filling the driver with duplicated
error messages, stick to extack only
Also, when you respin with comments provided on this submission,
please send also cover letter
which is going to be "[PATCH net-next 00/05] ... " use
--cover-letter for git format-patch and edit it after creation
^ permalink raw reply
* Re: [PATCH v2] tcp: Reset tcp connections in SYN-SENT state
From: Eric Dumazet @ 2019-02-21 16:30 UTC (permalink / raw)
To: Devi Sandeep Endluri V V
Cc: netdev, Subash Abhinov Kasiviswanathan, sharathv, ssaha, stranche
In-Reply-To: <20190221110651.GA1146@dendluri-linux.qualcomm.com>
On Thu, Feb 21, 2019 at 3:07 AM Devi Sandeep Endluri V V
<dendluri@codeaurora.org> wrote:
>
> Userspace sends tcp connection (sock) destroy on network permission
> change. Kernel though doesn't send reset for the connections in
> SYN-SENT state and these connections continue to remain. Even as
> per RFC 793, there is no hard rule to not send RST on ABORT in
> this state. Change to make sure RST are send for connections in
> syn-sent state to avoid lingering connections on network switch.
>
> References from RFC 793
>
> ABORT Call
>
> SYN-SENT STATE
>
> All queued SENDs and RECEIVEs should be given "connection reset"
> notification, delete the TCB, enter CLOSED state, and return.
>
> SEGMENT ARRIVES
>
> If the state is SYN-SENT then
> If the RST bit is set
>
> If the ACK was acceptable then signal the user "error:
> connection reset", drop the segment, enter CLOSED state,
> delete TCB, and return. Otherwise (no ACK) drop the segment
> and return.
This patch and commit log is quite misleading.
It appears all you want to change is the stack behavior on the
tcp_abort() case (ss -K ..) for SYN_SENT sockets.
This patch _does_ not change the behavior for sockets that are closed
by the usual way (close(fd)) while on SYN_SENT state.
It would be really nice if you said so in the change log, instead of
citing an old RFC.
Otherwise I have to spend time deciphering the whole thing.
Thank you.
^ permalink raw reply
* Re: [PATCH] samples/bpf: Fix dummy program unloading for xdp_redirect samples
From: Maciej Fijalkowski @ 2019-02-21 16:30 UTC (permalink / raw)
To: Toke Høiland-Jørgensen; +Cc: netdev
In-Reply-To: <20190221160539.32132-1-toke@redhat.com>
On Thu, 21 Feb 2019 17:05:39 +0100
Toke Høiland-Jørgensen <toke@redhat.com> wrote:
> The xdp_redirect and xdp_redirect_map sample programs both load a dummy
> program onto the egress interfaces. However, the unload code checks these
> programs against the wrong fd number, and thus refuses to unload them. Fix
> the comparison to avoid this.
>
> Fixes: 3b7a8ec2dec3 ("samples/bpf: Check the prog id before exiting")
> Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
> ---
> samples/bpf/xdp_redirect_map_user.c | 2 +-
> samples/bpf/xdp_redirect_user.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/samples/bpf/xdp_redirect_map_user.c b/samples/bpf/xdp_redirect_map_user.c
> index 327226be5a06..1dbe7fd3a1a8 100644
> --- a/samples/bpf/xdp_redirect_map_user.c
> +++ b/samples/bpf/xdp_redirect_map_user.c
> @@ -57,7 +57,7 @@ static void int_exit(int sig)
> printf("bpf_get_link_xdp_id failed\n");
> exit(1);
> }
> - if (prog_id == curr_prog_id)
> + if (dummy_prog_id == curr_prog_id)
> bpf_set_link_xdp_fd(ifindex_out, -1, xdp_flags);
> else if (!curr_prog_id)
> printf("couldn't find a prog id on iface OUT\n");
> diff --git a/samples/bpf/xdp_redirect_user.c b/samples/bpf/xdp_redirect_user.c
> index a5d8ad3129ed..e9054c0269ff 100644
> --- a/samples/bpf/xdp_redirect_user.c
> +++ b/samples/bpf/xdp_redirect_user.c
> @@ -57,7 +57,7 @@ static void int_exit(int sig)
> printf("bpf_get_link_xdp_id failed\n");
> exit(1);
> }
> - if (prog_id == curr_prog_id)
> + if (dummy_prog_id == curr_prog_id)
> bpf_set_link_xdp_fd(ifindex_out, -1, xdp_flags);
> else if (!curr_prog_id)
> printf("couldn't find a prog id on iface OUT\n");
It seems that I confused this in last version of patchset...my bad.
Acked-by: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
^ permalink raw reply
* Re: [PATCH net-next 2/5] net/mlx5e: Make the log friendly when decapsulation offload not supported
From: Or Gerlitz @ 2019-02-21 16:31 UTC (permalink / raw)
To: Tonghao Zhang; +Cc: Saeed Mahameed, Linux Netdev List
In-Reply-To: <1550715283-23579-2-git-send-email-xiangxia.m.yue@gmail.com>
On Thu, Feb 21, 2019 at 3:42 PM <xiangxia.m.yue@gmail.com> wrote:
>
> From: Tonghao Zhang <xiangxia.m.yue@gmail.com>
>
> If we try to offload decapsulation actions to VFs hw, we get the log [1].
but the switching was on the tunnel type (if (tunnel_type == [...]) -
what rules caused you to get here?
what was the ingress device and what was the egress (mirred) device?
> It's not friendly, because the kind of net device is null, and we don't
> know what '0' means.
>
> [1] "mlx5_core 0000:05:01.2 vf_0: decapsulation offload is not supported for net device (0)"
^ permalink raw reply
* Re: [PATCH 6/6] net: ethernet: ti: cpsw: deprecate cpsw-phy-sel driver
From: Tony Lindgren @ 2019-02-21 16:36 UTC (permalink / raw)
To: David Miller
Cc: grygorii.strashko, kishon, robh+dt, netdev, nsekhar, linux-kernel,
linux-omap, devicetree, linux-arm-kernel
In-Reply-To: <20190220.161831.2067856031892978.davem@davemloft.net>
* David Miller <davem@davemloft.net> [190221 00:18]:
> From: Tony Lindgren <tony@atomide.com>
> Date: Wed, 20 Feb 2019 13:01:27 -0800
>
> > What I can do is set up a separate branch with just this
> > patch on top of the dts changes that the arm-soc guys can
> > then merge towards the end of the merge cycle. If that
> > works for you, let me know and I'll do it.
>
> Yes, it does work for me.
OK I've applied this patch into omap-for-v5.1/cpsw.
Thanks,
Tony
^ permalink raw reply
* [PATCH bpf-next v1] bpf, lpm: fix lookup bug in map_delete_elem
From: Alban Crequy @ 2019-02-21 16:39 UTC (permalink / raw)
To: ast, daniel; +Cc: netdev, linux-kernel, alban, iago
From: Alban Crequy <alban@kinvolk.io>
trie_delete_elem() was deleting an entry even though it was not matching
if the prefixlen was correct. This patch adds a check on matchlen.
Reproducer:
$ sudo bpftool map create /sys/fs/bpf/mylpm type lpm_trie key 8 value 1 entries 128 name mylpm flags 1
$ sudo bpftool map update pinned /sys/fs/bpf/mylpm key hex 10 00 00 00 aa bb cc dd value hex 01
$ sudo bpftool map dump pinned /sys/fs/bpf/mylpm
key: 10 00 00 00 aa bb cc dd value: 01
Found 1 element
$ sudo bpftool map delete pinned /sys/fs/bpf/mylpm key hex 10 00 00 00 ff ff ff ff
$ echo $?
0
$ sudo bpftool map dump pinned /sys/fs/bpf/mylpm
Found 0 elements
Signed-off-by: Alban Crequy <alban@kinvolk.io>
---
kernel/bpf/lpm_trie.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/kernel/bpf/lpm_trie.c b/kernel/bpf/lpm_trie.c
index abf1002080df..93a5cbbde421 100644
--- a/kernel/bpf/lpm_trie.c
+++ b/kernel/bpf/lpm_trie.c
@@ -471,6 +471,7 @@ static int trie_delete_elem(struct bpf_map *map, void *_key)
}
if (!node || node->prefixlen != key->prefixlen ||
+ node->prefixlen != matchlen ||
(node->flags & LPM_TREE_NODE_FLAG_IM)) {
ret = -ENOENT;
goto out;
--
2.20.1
^ permalink raw reply related
* Re: [PATCH v5 0/5] M_CAN Framework re-write
From: Wolfgang Grandegger @ 2019-02-21 16:41 UTC (permalink / raw)
To: Dan Murphy, mkl, davem; +Cc: linux-can, netdev, linux-kernel
In-Reply-To: <52148371-16aa-b87a-02f0-9037d5d34988@ti.com>
Hello Dan,
I will have a closer look end of this week!
Wolfgang.
Am 21.02.19 um 17:24 schrieb Dan Murphy:
> Bump
>
> On 2/14/19 12:27 PM, Dan Murphy wrote:
>> Hello
>>
>> OK I did not give up on this patch series just got a little preoccupied with
>> some other kernel work. But here is the update per the comments.
>>
>> It should be understood I broke these out for reviewability.
>> For instance the first patch does not compile on its own as including this
>> patch should not change the current functionality and it pulls all the io-mapped
>> code from the m_can base file to a platfrom file.
>>
>> The next patch "Migrate the m_can code to use the framework"
>> is the change to the kernel for the io-mapped conversion from a flat file to use
>> the framework. Finally the rename patch just renames the m_can_priv to
>> m_can_classdev. I broke this change out specifically for readability of the
>> migration patch per comments on the code.
>>
>> AFAIC the first 3 patches can all be squashed into a single patch. Or the
>> first 2 patches in the series can be re-arranged but then m_can functionality is
>> affected in the migration patch.
>>
>> Again the first 3 patches here are all just for readability and review purposes.
>>
>> Dan
>>
>> Dan Murphy (5):
>> can: m_can: Create a m_can platform framework
>> can: m_can: Migrate the m_can code to use the framework
>> can: m_can: Rename m_can_priv to m_can_classdev
>> dt-bindings: can: tcan4x5x: Add DT bindings for TCAN4x5X driver
>> can: tcan4x5x: Add tcan4x5x driver to the kernel
>>
>> .../devicetree/bindings/net/can/tcan4x5x.txt | 37 +
>> drivers/net/can/m_can/Kconfig | 14 +-
>> drivers/net/can/m_can/Makefile | 2 +
>> drivers/net/can/m_can/m_can.c | 788 +++++++++---------
>> drivers/net/can/m_can/m_can.h | 159 ++++
>> drivers/net/can/m_can/m_can_platform.c | 198 +++++
>> drivers/net/can/m_can/tcan4x5x.c | 531 ++++++++++++
>> 7 files changed, 1320 insertions(+), 409 deletions(-)
>> create mode 100644 Documentation/devicetree/bindings/net/can/tcan4x5x.txt
>> create mode 100644 drivers/net/can/m_can/m_can.h
>> create mode 100644 drivers/net/can/m_can/m_can_platform.c
>> create mode 100644 drivers/net/can/m_can/tcan4x5x.c
>>
>
>
^ permalink raw reply
* [PATCH net 0/4] udp: a few fixes
From: Paolo Abeni @ 2019-02-21 16:43 UTC (permalink / raw)
To: netdev; +Cc: David S. Miller, Stefano Brivio
This series includes some UDP-related fixlet. All this stuff has been
pointed out by the sparse tool. The first two patches are just annotation
related, while the last 2 cover some very unlikely races.
Paolo Abeni (4):
udpv6: add the required annotation to mib type
fou6: fix proto error handler argument type
udpv6: fix possible user after free in error handler
udp: fix possible user after free in error handler
net/ipv4/udp.c | 6 ++++--
net/ipv6/fou6.c | 2 +-
net/ipv6/udp.c | 12 +++++++-----
3 files changed, 12 insertions(+), 8 deletions(-)
--
2.20.1
^ permalink raw reply
* [PATCH net 1/4] udpv6: add the required annotation to mib type
From: Paolo Abeni @ 2019-02-21 16:43 UTC (permalink / raw)
To: netdev; +Cc: David S. Miller, Stefano Brivio
In-Reply-To: <cover.1550767274.git.pabeni@redhat.com>
In commit 029a37434880 ("udp6: cleanup stats accounting in recvmsg()")
I forgot to add the percpu annotation for the mib pointer. Add it, and
make sparse happy.
Fixes: 029a37434880 ("udp6: cleanup stats accounting in recvmsg()")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
net/ipv6/udp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index 2596ffdeebea..e6c52c27f354 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -288,8 +288,8 @@ int udpv6_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
int peeked, peeking, off;
int err;
int is_udplite = IS_UDPLITE(sk);
+ struct udp_mib __percpu *mib;
bool checksum_valid = false;
- struct udp_mib *mib;
int is_udp4;
if (flags & MSG_ERRQUEUE)
--
2.20.1
^ permalink raw reply related
* [PATCH net 2/4] fou6: fix proto error handler argument type
From: Paolo Abeni @ 2019-02-21 16:43 UTC (permalink / raw)
To: netdev; +Cc: David S. Miller, Stefano Brivio
In-Reply-To: <cover.1550767274.git.pabeni@redhat.com>
Last argument of gue6_err_proto_handler() has a wrong type annotation,
fix it and make sparse happy again.
Fixes: b8a51b38e4d4 ("fou, fou6: ICMP error handlers for FoU and GUE")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Stefano Brivio <sbrivio@redhat.com>
---
net/ipv6/fou6.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv6/fou6.c b/net/ipv6/fou6.c
index b858bd5280bf..867474abe269 100644
--- a/net/ipv6/fou6.c
+++ b/net/ipv6/fou6.c
@@ -72,7 +72,7 @@ static int gue6_build_header(struct sk_buff *skb, struct ip_tunnel_encap *e,
static int gue6_err_proto_handler(int proto, struct sk_buff *skb,
struct inet6_skb_parm *opt,
- u8 type, u8 code, int offset, u32 info)
+ u8 type, u8 code, int offset, __be32 info)
{
const struct inet6_protocol *ipprot;
--
2.20.1
^ permalink raw reply related
* [PATCH net 3/4] udpv6: fix possible user after free in error handler
From: Paolo Abeni @ 2019-02-21 16:43 UTC (permalink / raw)
To: netdev; +Cc: David S. Miller, Stefano Brivio
In-Reply-To: <cover.1550767274.git.pabeni@redhat.com>
Before derefencing the encap pointer, commit e7cc082455cb ("udp: Support
for error handlers of tunnels with arbitrary destination port") checks
for a NULL value, but the two fetch operation can race with removal.
Fix the above using a single access.
Also fix a couple of type annotations, to make sparse happy.
Fixes: e7cc082455cb ("udp: Support for error handlers of tunnels with arbitrary destination port")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Stefano Brivio <sbrivio@redhat.com>
---
net/ipv6/udp.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
index e6c52c27f354..b444483cdb2b 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -420,17 +420,19 @@ EXPORT_SYMBOL(udpv6_encap_enable);
*/
static int __udp6_lib_err_encap_no_sk(struct sk_buff *skb,
struct inet6_skb_parm *opt,
- u8 type, u8 code, int offset, u32 info)
+ u8 type, u8 code, int offset, __be32 info)
{
int i;
for (i = 0; i < MAX_IPTUN_ENCAP_OPS; i++) {
int (*handler)(struct sk_buff *skb, struct inet6_skb_parm *opt,
- u8 type, u8 code, int offset, u32 info);
+ u8 type, u8 code, int offset, __be32 info);
+ const struct ip6_tnl_encap_ops *encap;
- if (!ip6tun_encaps[i])
+ encap = rcu_dereference(ip6tun_encaps[i]);
+ if (!encap)
continue;
- handler = rcu_dereference(ip6tun_encaps[i]->err_handler);
+ handler = encap->err_handler;
if (handler && !handler(skb, opt, type, code, offset, info))
return 0;
}
--
2.20.1
^ permalink raw reply related
* [PATCH net 4/4] udp: fix possible user after free in error handler
From: Paolo Abeni @ 2019-02-21 16:44 UTC (permalink / raw)
To: netdev; +Cc: David S. Miller, Stefano Brivio
In-Reply-To: <cover.1550767274.git.pabeni@redhat.com>
Similar to the previous commit, this addresses the same issue for
ipv4: use a single fetch operation and use the correct rcu
annotation.
Fixes: e7cc082455cb ("udp: Support for error handlers of tunnels with arbitrary destination port")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Stefano Brivio <sbrivio@redhat.com>
---
net/ipv4/udp.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 5c3cd5d84a6f..372fdc5381a9 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -562,10 +562,12 @@ static int __udp4_lib_err_encap_no_sk(struct sk_buff *skb, u32 info)
for (i = 0; i < MAX_IPTUN_ENCAP_OPS; i++) {
int (*handler)(struct sk_buff *skb, u32 info);
+ const struct ip_tunnel_encap_ops *encap;
- if (!iptun_encaps[i])
+ encap = rcu_dereference(iptun_encaps[i]);
+ if (!encap)
continue;
- handler = rcu_dereference(iptun_encaps[i]->err_handler);
+ handler = encap->err_handler;
if (handler && !handler(skb, info))
return 0;
}
--
2.20.1
^ permalink raw reply related
* [PATCH net] net: phy: marvell10g: Fix Multi-G advertisement to only advertise 10G
From: Maxime Chevallier @ 2019-02-21 16:54 UTC (permalink / raw)
To: davem
Cc: Maxime Chevallier, netdev, linux-kernel, Andrew Lunn,
Florian Fainelli, Heiner Kallweit, Russell King, linux-arm-kernel,
Antoine Tenart, thomas.petazzoni
Some Marvell Alaska PHYs support 2.5G, 5G and 10G BaseT links. Their
default behaviour is to advertise all of these modes, but at the moment,
only 10GBaseT is supported. To prevent link partners from establishing
link at that speed, clear these modes upon configuring aneg parameters.
Fixes: 20b2af32ff3f ("net: phy: add Marvell Alaska X 88X3310 10Gigabit PHY support")
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Reported-by: Russell King <linux@armlinux.org.uk>
---
Dave,
This patch will conflict when merging net into net-next, and is actually
not needed there. In net-next, this issue is fixed by the recent work
done by Andrew and Heiner, that introduce more generic ways to handle aneg
configuration for C45 PHYs.
The commit fixing this would be :
3de97f3c6308 ("net: phy: marvell10g: use genphy_c45_an_config_aneg")
However this fix should be backported, hence why it was implemented in a
small standalone patch here.
Please tell me if you have any issue with this.
Thanks,
Maxime
drivers/net/phy/marvell10g.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/net/phy/marvell10g.c b/drivers/net/phy/marvell10g.c
index 82ab6ed3b74e..6bac602094bd 100644
--- a/drivers/net/phy/marvell10g.c
+++ b/drivers/net/phy/marvell10g.c
@@ -26,6 +26,8 @@
#include <linux/marvell_phy.h>
#include <linux/phy.h>
+#define MDIO_AN_10GBT_CTRL_ADV_NBT_MASK 0x01e0
+
enum {
MV_PCS_BASE_T = 0x0000,
MV_PCS_BASE_R = 0x1000,
@@ -386,8 +388,10 @@ static int mv3310_config_aneg(struct phy_device *phydev)
else
reg = 0;
+ /* Make sure we clear unsupported 2.5G/5G advertising */
ret = mv3310_modify(phydev, MDIO_MMD_AN, MDIO_AN_10GBT_CTRL,
- MDIO_AN_10GBT_CTRL_ADV10G, reg);
+ MDIO_AN_10GBT_CTRL_ADV10G |
+ MDIO_AN_10GBT_CTRL_ADV_NBT_MASK, reg);
if (ret < 0)
return ret;
if (ret > 0)
--
2.19.2
^ permalink raw reply related
* Re: [PATCH net-next 5/5] net/mlx5e: Support enable/disable VFs link state on switchdev mode
From: Or Gerlitz @ 2019-02-21 17:03 UTC (permalink / raw)
To: Tonghao Zhang; +Cc: Saeed Mahameed, Linux Netdev List
In-Reply-To: <1550715283-23579-5-git-send-email-xiangxia.m.yue@gmail.com>
On Thu, Feb 21, 2019 at 3:42 PM <xiangxia.m.yue@gmail.com> wrote:
> From: Tonghao Zhang <xiangxia.m.yue@gmail.com>
>
> This patch allow users to enable/disable VFs link state
> on switchdev mode.
NAK
We do it with the reps, if you change the administrative link state of a VF rep
it will effect the operational link state of the VF, see upstream commit
20a1ea674783 net/mlx5e: Support VF vport link state control for SRIOV
switchdev mode
^ permalink raw reply
* Re: [PATCH net-next v4 07/17] net: sched: protect filter_chain list with filter_chain_lock mutex
From: Vlad Buslov @ 2019-02-21 17:11 UTC (permalink / raw)
To: Cong Wang
Cc: Ido Schimmel, netdev@vger.kernel.org, jhs@mojatatu.com,
jiri@resnulli.us, davem@davemloft.net, ast@kernel.org,
daniel@iogearbox.net
In-Reply-To: <CAM_iQpXm9-mpANJ77pykotHO+OEP1EnsY1SwZygbnNczdp0vPQ@mail.gmail.com>
On Wed 20 Feb 2019 at 23:00, Cong Wang <xiyou.wangcong@gmail.com> wrote:
> On Tue, Feb 19, 2019 at 7:20 AM Vlad Buslov <vladbu@mellanox.com> wrote:
>>
>>
>> On Tue 19 Feb 2019 at 05:08, Cong Wang <xiyou.wangcong@gmail.com> wrote:
>> > On Fri, Feb 15, 2019 at 2:02 AM Vlad Buslov <vladbu@mellanox.com> wrote:
>> >>
>> >> I looked at the code and problem seems to be matchall classifier
>> >> specific. My implementation of unlocked cls API assumes that concurrent
>> >> insertions are possible and checks for it when deleting "empty" tp.
>> >> Since classifiers don't expose number of elements, the only way to test
>> >> this is to do tp->walk() on them and assume that walk callback is called
>> >> once per filter on every classifier. In your example new tp is created
>> >> for second filter, filter insertion fails, number of elements on newly
>> >> created tp is checked with tp->walk() before deleting it. However,
>> >> matchall classifier always calls the tp->walk() callback once, even when
>> >> it doesn't have a valid filter (in this case with NULL filter pointer).
>> >
>> > Again, this can be eliminated by just switching to normal
>> > non-retry logic. This is yet another headache to review this
>> > kind of unlock-and-retry logic, I have no idea why you are such
>> > a big fan of it.
>>
>> The retry approach was suggested to me multiple times by Jiri on
>> previous code reviews so I assumed it is preferred approach in such
>> cases. I don't have a strong preference in this regard, but locking
>> whole tp on filter update will remove any parallelism when updating same
>> classifier instance concurrently. The goal of these changes is to allow
>> parallel rule update and to achieve that I had to introduce some
>> complexity into the code.
>
> Yeah, but with unlock-and-retry it would waste more time when
> retry occurs. So it can't be better in the worst scenario.
>
> The question is essentially that do we want to waste CPU cycles
> when conflicts occurs or just block there until it is safe to enter
> the critical section?
>
> And, is the retry bound? Is it possible that we would retry infinitely
> as long as we time it correctly?
>
>
>>
>> Now let me explain why these two approaches result completely different
>> performance in this case. Lets start with a list of most CPU-consuming
>> parts in new filter creation process in descending order (raw data at
>> the end of this mail):
>>
>> 1) Hardware offload - if available and no skip_hw.
>> 2) Exts (actions) initalization - most expensive part even with single
>> action, CPU usage increases with number of actions per filter.
>> 3) cls API.
>> 4) Flower classifier data structure initialization.
>>
>> Note that 1)+2) is ~80% of cost of creating a flower filter. So if we
>> just lock the whole flower classifier instance during rule update we
>> serialize 1, 2 and 4, and only cls API (~13% of CPU cost) can be
>> executed concurrently. However, in proposed flower implementation hw
>> offloading and action initialization code is called without any locks
>> and tp->lock is only obtained when modifying flower data structures,
>> which means that only 3) is serialized and everything else (87% of CPU
>> cost) can be executed in parallel.
>
> What about when conflicts detected and retry the whole change?
> And, of course, how often do conflicts happen?
>
> Thanks.
I had similar concerns when designing this change. Lets look at two
cases when this retry is needed.
One process creates first filter on classifier and fails, while other
processes are trying to concurrently add filter to same block/chain/tp:
1) Process obtains filter_chain_lock, performs unsuccessful tp lookup,
releases the lock.
2) Calls tcf_chain_tp_insert_unique() which obtains filter_chain_lock,
inserts new tp, releases the lock.
3) Calls tp->ops->change() that returns an error.
4) Calls tcf_chain_tp_delete_empty() which takes filter_chain_lock, verifies that no
filters were added to tp concurrently, sets tp->deleting flag, removes
tp from chain.
This is supposed to be very rare occurrence because for retry to happen
it not only requires concurrent insertions to same block/chain/tp, but
also that tp with requested prio didn't exist before and no concurrent
process succeeded in adding at least one filter to tp during step 3
before it is marked for deletion in step 4 (otherwise
tcf_proto_check_delete() fails and concurrent threads don't perform
retry).
Another case is when last filter is being deleted while concurrent
processes adding new filters to same block/chain/tp:
1) tc_del_tfilter() gets last filter with tp->ops->get()
2) Deletes it with tp->ops->delete()...
3) ... that return 'last' hint set to true.
4) Calls tcf_chain_tp_delete_empty() which takes filter_chain_lock, verifies that no
filters were added to tp concurrently, sets tp->deleting flag, removes
tp from chain.
This case is also quite rare because it requires concurrent users to
successfully lookup tp before tp->deleting is set to true and tp is
removed from chain, but not create any new filters on tp during that
time.
After considering this I decided that it is not worth it to penalize
common case of updating filters by completely removing parallelism when
updates target same tp instance for such rare corner cases as described
above.
Now regarding forcing users to retry indefinitely. In later cases no
more than one retry is possible because concurrent add processes create
new tp on first retry. In former case multiple retries are possible, but
to block concurrent users indefinitely would require malicious process
to somehow always have priority when obtaining filter_chain_lock during
steps 1, 2, then wait to allow all concurrent users to lookup the tp,
then obtain filter_chain_lock in step 4 and initiate tp deletion before
any of concurrent users that have a reference to this new tp instance
can insert any single filter on it, then go back to step 1, obtain lock
first and repeat. I don't see how this can be timed from userspace
repeatedly as creating first filter on new tp involves multiple cycles
of getting and releasing filter_chain_lock and each of them require
attacker to "influence" kernel scheduler to behave in very specific
fashion.
Regards,
Vlad
^ permalink raw reply
* Re: [PATCH RFC 3/5] sched/cpufreq: Fix incorrect RCU API usage
From: Joel Fernandes @ 2019-02-21 17:13 UTC (permalink / raw)
To: Peter Zijlstra
Cc: Paul E. McKenney, linux-kernel, Alexei Starovoitov,
Christian Brauner, Daniel Borkmann, David Ahern, David S. Miller,
Ido Schimmel, Ingo Molnar, moderated list:INTEL ETHERNET DRIVERS,
Jakub Kicinski, Jeff Kirsher, Jesper Dangaard Brouer,
John Fastabend, Josh Triplett, keescook, Lai Jiangshan,
Martin KaFai Lau, Mathieu Desnoyers, netdev, rcu, Song Liu,
Steven Rostedt, xdp-newbies, Yonghong Song
In-Reply-To: <20190221161144.GU32494@hirez.programming.kicks-ass.net>
On Thu, Feb 21, 2019 at 05:11:44PM +0100, Peter Zijlstra wrote:
> On Thu, Feb 21, 2019 at 07:52:18AM -0800, Paul E. McKenney wrote:
> > On Thu, Feb 21, 2019 at 04:31:17PM +0100, Peter Zijlstra wrote:
> > > On Thu, Feb 21, 2019 at 10:21:39AM -0500, Joel Fernandes wrote:
> > > > On Thu, Feb 21, 2019 at 10:18:05AM +0100, Peter Zijlstra wrote:
> > > > > On Thu, Feb 21, 2019 at 12:49:40AM -0500, Joel Fernandes (Google) wrote:
> > > > > > @@ -34,8 +34,12 @@ void cpufreq_add_update_util_hook(int cpu, struct update_util_data *data,
> > > > > > if (WARN_ON(!data || !func))
> > > > > > return;
> > > > > >
> > > > > > - if (WARN_ON(per_cpu(cpufreq_update_util_data, cpu)))
> > > > > > + rcu_read_lock();
> > > > > > + if (WARN_ON(rcu_dereference(per_cpu(cpufreq_update_util_data, cpu)))) {
> > > > > > + rcu_read_unlock();
> > > > > > return;
> > > > > > + }
> > > > > > + rcu_read_unlock();
> > > > > >
> > > > > > data->func = func;
> > > > > > rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), data);
>
> > For whatever it is worth, in that case it could use rcu_access_pointer().
> > And this primitive does not do the lockdep check for being within an RCU
> > read-side critical section. As Peter says, if there is no dereferencing,
> > there can be no use-after-free bug, so the RCU read-side critical is
> > not needed.
>
> On top of that, I suspect this is under the write-side lock (we're doing
> assignment after all).
Yes it is under a policy->rwsem, just confirmed that.
And indeed rcu_read_lock() is not needed here in this patch, thanks for
pointing that out. Sometimes the word "dereference" plays some visual tricks
and in this case tempted me to add an RCU reader section ;-) Assuming you
guys are in agreement with usage of rcu_access_pointer() here to keep sparse
happy, I'll rework the patch accordingly and resubmit with that.
thanks!
- Joel
^ permalink raw reply
* Re: [PATCH RFC 4/5] sched/topology: Annonate RCU pointers properly
From: Joel Fernandes @ 2019-02-21 17:17 UTC (permalink / raw)
To: Peter Zijlstra
Cc: linux-kernel, Alexei Starovoitov, Christian Brauner,
Daniel Borkmann, David Ahern, David S. Miller, Ido Schimmel,
Ingo Molnar, moderated list:INTEL ETHERNET DRIVERS,
Jakub Kicinski, Jeff Kirsher, Jesper Dangaard Brouer,
John Fastabend, Josh Triplett, keescook, Lai Jiangshan,
Martin KaFai Lau, Mathieu Desnoyers, netdev, Paul E. McKenney,
rcu, Song Liu, Steven Rostedt, xdp-newbies, Yonghong Song
In-Reply-To: <20190221152944.GS32494@hirez.programming.kicks-ass.net>
On Thu, Feb 21, 2019 at 04:29:44PM +0100, Peter Zijlstra wrote:
> On Thu, Feb 21, 2019 at 10:10:57AM -0500, Joel Fernandes wrote:
> > Hi Peter,
> >
> > Thanks for taking a look.
> >
> > On Thu, Feb 21, 2019 at 10:19:44AM +0100, Peter Zijlstra wrote:
> > > On Thu, Feb 21, 2019 at 12:49:41AM -0500, Joel Fernandes (Google) wrote:
> > >
> > > > Also replace rcu_assign_pointer call on rq->sd with WRITE_ONCE. This
> > > > should be sufficient for the rq->sd initialization.
> > >
> > > > @@ -668,7 +668,7 @@ cpu_attach_domain(struct sched_domain *sd, struct root_domain *rd, int cpu)
> > > >
> > > > rq_attach_root(rq, rd);
> > > > tmp = rq->sd;
> > > > - rcu_assign_pointer(rq->sd, sd);
> > > > + WRITE_ONCE(rq->sd, sd);
> > > > dirty_sched_domain_sysctl(cpu);
> > > > destroy_sched_domains(tmp);
> > >
> > > Where did the RELEASE barrier go?
> > >
> > > That was a publish operation, now it is not.
> >
> > Funny thing is, initially I had written this patch with smp_store_release()
> > instead of WRITE_ONCE, but checkpatch complaints with that since it needs a
> > comment on top of it, and I wasn't sure if RELEASE barrier was the intent of
> > using rcu_assign_pointer (all the more reason to replace it with something
> > more explicit).
> >
> > I will replace it with the following and resubmit it then:
> >
> > /* Release barrier */
> > smp_store_release(&rq->sd, sd);
> >
> > Or do we want to just drop the "Release barrier" comment and live with the
> > checkpatch warning?
>
> How about we keep using rcu_assign_pointer(), the whole sched domain
> tree is under rcu; peruse that destroy_sched_domains() function for
> instance.
>
> Also check how for_each_domain() uses rcu_dereference().
May be then, all those pointers should be made __rcu as well. Then we can use
rcu_assign_pointer() here. I will look more into it and study these functions
as you are suggesting.
thanks,
- Joel
^ permalink raw reply
* Re: stmmac / meson8b-dwmac
From: Simon Huelck @ 2019-02-21 17:27 UTC (permalink / raw)
To: Jerome Brunet, Jose Abreu, Martin Blumenstingl
Cc: linux-amlogic, netdev, alexandre.torgue, Emiliano Ingrassia,
Gpeppe.cavallaro
In-Reply-To: <1426d8ed40be0927c135aff25dcf989a11326932.camel@baylibre.com>
Am 21.02.2019 um 15:21 schrieb Jerome Brunet:
> On Tue, 2019-02-19 at 20:41 +0100, Simon Huelck wrote:
>> Am 19.02.2019 um 09:47 schrieb Jose Abreu:
>>> Hi Simon,
>>>
>>> On 2/18/2019 6:05 PM, Simon Huelck wrote:
>>>> disabling EEE doesnt help ( did it via the entry in the .dtb / .dts ),
>>>> the results are the same. I can confirm the LPI counters are zero or one
>>>> only after the test.....
>>> It's interesting to see that you have a lot of RX packets but few
>>> RX interrupts. This can either be due to mis-configuration of
>>> interrupt flags or RX Watchdog.
>>>
>>> 1. For interrupt flags you should be using LEVEL triggered IRQ.
>>> 2. For RX Watchdog you can try disabling it by adding the
>>> following in your platform wrapper driver (which will be
>>> "dwmac-meson8b.c", at probe):
>>> "plat_data->force_sf_dma_mode = 1;" and
>>> "plat_data->riwt_off = 1;"
>>>
>>> Thanks,
>>> Jose Miguel Abreu
>> Hi,
>>
>>
>> are you aware that odroid c2 dts is using level irq ?
> The odroid-c2 (meson-gxl) is using level triggered irq, indeed.
> For a reason that still eludes me, The odroid-c1 (meson8b) isn't.
>
> This is confusing since both boards have been mentionned in this thread.
>
>> at which numbers do you estimage that RX irqs are low in numbers ?
>>
>>
>> regards,
>>
>> Simon
>>
>>
>> _______________________________________________
>> linux-amlogic mailing list
>> linux-amlogic@lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/linux-amlogic
>
Hi,
this was changed recently, with a patch for the EEE stuff , see here:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.0-rc7&id=e35e26b26e955c53e61c154ba26b9bb15da6b858
before that the IRQ stuff was differently. I tried to revert this patch
via git locally, but had no success ( i guess git tried to revert this
patch on the server :-P)
regards,
Simon
^ permalink raw reply
* Re: [PATCH net-next v2 1/7] net: Don't set transport offset to invalid value
From: Willem de Bruijn @ 2019-02-21 17:28 UTC (permalink / raw)
To: Maxim Mikityanskiy
Cc: David S. Miller, Saeed Mahameed, Willem de Bruijn, Jason Wang,
Eric Dumazet, netdev@vger.kernel.org, Eran Ben Elisha,
Tariq Toukan
In-Reply-To: <20190221123908.7196-2-maximmi@mellanox.com>
On Thu, Feb 21, 2019 at 7:40 AM Maxim Mikityanskiy <maximmi@mellanox.com> wrote:
>
> If the socket was created with socket(AF_PACKET, SOCK_RAW, 0),
> skb->protocol will be unset, __skb_flow_dissect() will fail, and
> skb_probe_transport_header() will fall back to the offset_hint, making
> the resulting skb_transport_offset incorrect.
>
> If, however, there is no transport header in the packet,
> transport_header shouldn't be set to an arbitrary value.
>
> Fix it by leaving the transport offset unset if it couldn't be found, to
> be explicit rather than to fill it with some wrong value. It changes the
> behavior, but if some code relied on the old behavior, it would be
> broken anyway, as the old one is incorrect.
>
> Signed-off-by: Maxim Mikityanskiy <maximmi@mellanox.com>
qdisc_pkt_len_init also expects skb_transport_header(skb) to always be
set for gso packets.
Once net is merged into net-next, commit d5be7f632bad ("net: validate
untrusted gso packets without csum offload") will ensure that packets
that fail flow dissection do not make it into the stack. But we have
to skip dissection in some cases, like tun [1].
I think we need to add a check in qdisc_pkt_len_init to skip the gso
size estimation branch if !skb_transport_header_was_set(skb).
Otherwise this patch set looks good to me. To avoid resubmitting
everything we can fix up the qdisc_pkt_len_init in a follow-up, in
which case I'm happy to add my Acked-by to this series.
[1] http://patchwork.ozlabs.org/patch/1044429/
^ permalink raw reply
* Re: [PATCH RFC 3/5] sched/cpufreq: Fix incorrect RCU API usage
From: Paul E. McKenney @ 2019-02-21 17:29 UTC (permalink / raw)
To: Joel Fernandes
Cc: Peter Zijlstra, linux-kernel, Alexei Starovoitov,
Christian Brauner, Daniel Borkmann, David Ahern, David S. Miller,
Ido Schimmel, Ingo Molnar, moderated list:INTEL ETHERNET DRIVERS,
Jakub Kicinski, Jeff Kirsher, Jesper Dangaard Brouer,
John Fastabend, Josh Triplett, keescook, Lai Jiangshan,
Martin KaFai Lau, Mathieu Desnoyers, netdev, rcu, Song Liu,
Steven Rostedt, xdp-newbies, Yonghong Song
In-Reply-To: <20190221171311.GA118415@google.com>
On Thu, Feb 21, 2019 at 12:13:11PM -0500, Joel Fernandes wrote:
> On Thu, Feb 21, 2019 at 05:11:44PM +0100, Peter Zijlstra wrote:
> > On Thu, Feb 21, 2019 at 07:52:18AM -0800, Paul E. McKenney wrote:
> > > On Thu, Feb 21, 2019 at 04:31:17PM +0100, Peter Zijlstra wrote:
> > > > On Thu, Feb 21, 2019 at 10:21:39AM -0500, Joel Fernandes wrote:
> > > > > On Thu, Feb 21, 2019 at 10:18:05AM +0100, Peter Zijlstra wrote:
> > > > > > On Thu, Feb 21, 2019 at 12:49:40AM -0500, Joel Fernandes (Google) wrote:
> > > > > > > @@ -34,8 +34,12 @@ void cpufreq_add_update_util_hook(int cpu, struct update_util_data *data,
> > > > > > > if (WARN_ON(!data || !func))
> > > > > > > return;
> > > > > > >
> > > > > > > - if (WARN_ON(per_cpu(cpufreq_update_util_data, cpu)))
> > > > > > > + rcu_read_lock();
> > > > > > > + if (WARN_ON(rcu_dereference(per_cpu(cpufreq_update_util_data, cpu)))) {
> > > > > > > + rcu_read_unlock();
> > > > > > > return;
> > > > > > > + }
> > > > > > > + rcu_read_unlock();
> > > > > > >
> > > > > > > data->func = func;
> > > > > > > rcu_assign_pointer(per_cpu(cpufreq_update_util_data, cpu), data);
> >
> > > For whatever it is worth, in that case it could use rcu_access_pointer().
> > > And this primitive does not do the lockdep check for being within an RCU
> > > read-side critical section. As Peter says, if there is no dereferencing,
> > > there can be no use-after-free bug, so the RCU read-side critical is
> > > not needed.
> >
> > On top of that, I suspect this is under the write-side lock (we're doing
> > assignment after all).
>
> Yes it is under a policy->rwsem, just confirmed that.
>
> And indeed rcu_read_lock() is not needed here in this patch, thanks for
> pointing that out. Sometimes the word "dereference" plays some visual tricks
> and in this case tempted me to add an RCU reader section ;-) Assuming you
> guys are in agreement with usage of rcu_access_pointer() here to keep sparse
> happy, I'll rework the patch accordingly and resubmit with that.
Works for me!
Thanx, Paul
^ permalink raw reply
* Re: [RFC PATCH net-next v3 15/21] ethtool: provide link settings and link modes in GET_SETTINGS request
From: Florian Fainelli @ 2019-02-21 17:40 UTC (permalink / raw)
To: Michal Kubecek
Cc: netdev, David Miller, Andrew Lunn, Jakub Kicinski, Jiri Pirko,
linux-kernel
In-Reply-To: <20190221101425.GO23151@unicorn.suse.cz>
On 2/21/19 2:14 AM, Michal Kubecek wrote:
> On Wed, Feb 20, 2019 at 07:14:50PM -0800, Florian Fainelli wrote:
>> On 2/18/2019 10:22 AM, Michal Kubecek wrote:
>>> +#define ETH_SETTINGS_IM_LINKINFO 0x01
>>> +#define ETH_SETTINGS_IM_LINKMODES 0x02
>>> +
>>> +#define ETH_SETTINGS_IM_ALL 0x03
>>
>> You could define ETH_SETTINGS_IM_ALL as:
>>
>> #define ETH_SETTING_IM_ALL \
>> (ETH_SETTINGS_IM_LINKINFO |
>> ETH_SETTINGS_IM_LINMODES)
>>
>> that would scale better IMHO, especially given that you have to keep
>> bumping that mask with new bits in subsequent patches.
>
> I'm considering going even further and using something similar to what
> is used for NETIF_F_* constants so that the *_ALL value would be
> calculated automatically. But I'm not sure if it's not too fancy for
> a uapi header file.
Adding new netdev features still requires defining two constants: one in
the enumeration, and one that resolves the bit to bitmask constant, so
this would amount to the same possible mistakes/errors being made here
by changing two lines.
>
>>> + if (tb[ETHA_SETTINGS_INFOMASK])
>>> + req_info->req_mask = nla_get_u32(tb[ETHA_SETTINGS_INFOMASK]);
>>> + if (tb[ETHA_SETTINGS_COMPACT])
>>> + req_info->compact = true;
>>> + if (req_info->req_mask == 0)
>>> + req_info->req_mask = ETH_SETTINGS_IM_ALL;
>>
>> What if userland is newer than the kernel and specifies a req_mask with
>> bits set that you don't support? Should not you always do an &
>> ETH_SETTINGS_IM_ALL here?
>
> In that case only known bits would be handled and the check at the end
> of prepare_info() would add a warning to extack that part of the
> information couldn't be provided (same as if some of the recognized
> parts didn't have necessary ethtool_ops handlers or if they failed).
I guess that is fair, I was just wondering if it made sense for the
kernel to report that there is one particular bitmask of settings that
it does not support at all and report that through netlink extended ack,
as opposed to silently not processing the bits it does not know.
--
Florian
^ permalink raw reply
* [PATCH] sysctl: add proc_do_large_bitmap test node
From: Eric Sandeen @ 2019-02-21 17:45 UTC (permalink / raw)
To: Eric Sandeen, Linux Kernel Mailing List, fsdevel, netdev
Cc: Luis Chamberlain, Kees Cook
In-Reply-To: <53be40fc-6ec4-c714-a64e-f69c96f7058f@redhat.com>
Add a test node for proc_do_large_bitmap to the test_sysctl.c
infrastructure. It's sized the same as the one existing user.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
---
diff --git a/lib/test_sysctl.c b/lib/test_sysctl.c
index 3dd801c1c85b..1263be4ebfaf 100644
--- a/lib/test_sysctl.c
+++ b/lib/test_sysctl.c
@@ -47,6 +47,9 @@ struct test_sysctl_data {
unsigned int uint_0001;
char string_0001[65];
+
+#define SYSCTL_TEST_BITMAP_SIZE 65536
+ unsigned long *bitmap_0001;
};
static struct test_sysctl_data test_data = {
@@ -102,6 +106,13 @@ static struct ctl_table test_table[] = {
.mode = 0644,
.proc_handler = proc_dostring,
},
+ {
+ .procname = "bitmap_0001",
+ .data = &test_data.bitmap_0001,
+ .maxlen = SYSCTL_TEST_BITMAP_SIZE,
+ .mode = 0644,
+ .proc_handler = proc_do_large_bitmap,
+ },
{ }
};
@@ -129,15 +140,21 @@ static struct ctl_table_header *test_sysctl_header;
static int __init test_sysctl_init(void)
{
+ test_data.bitmap_0001 = kzalloc(SYSCTL_TEST_BITMAP_SIZE/8, GFP_KERNEL);
+ if (!test_data.bitmap_0001)
+ return -ENOMEM;
test_sysctl_header = register_sysctl_table(test_sysctl_root_table);
- if (!test_sysctl_header)
+ if (!test_sysctl_header) {
+ kfree(test_data.bitmap_0001);
return -ENOMEM;
+ }
return 0;
}
late_initcall(test_sysctl_init);
static void __exit test_sysctl_exit(void)
{
+ kfree(test_data.bitmap_0001);
if (test_sysctl_header)
unregister_sysctl_table(test_sysctl_header);
}
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox