Commit Graph

509100 Commits

Author SHA1 Message Date
Patrick McHardy
a55e22e92f netfilter: nf_tables: get rid of NFT_REG_VERDICT usage
Replace the array of registers passed to expressions by a struct nft_regs,
containing the verdict as a seperate member, which aliases to the
NFT_REG_VERDICT register.

This is needed to seperate the verdict from the data registers completely,
so their size can be changed.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-13 17:17:07 +02:00
Patrick McHardy
d07db9884a netfilter: nf_tables: introduce nft_validate_register_load()
Change nft_validate_input_register() to not only validate the input
register number, but also the length of the load, and rename it to
nft_validate_register_load() to reflect that change.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-13 16:25:50 +02:00
Patrick McHardy
27e6d2017a netfilter: nf_tables: kill nft_validate_output_register()
All users of nft_validate_register_store() first invoke
nft_validate_output_register(). There is in fact no use for using it
on its own, so simplify the code by folding the functionality into
nft_validate_register_store() and kill it.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-13 16:25:50 +02:00
Patrick McHardy
58f40ab6e2 netfilter: nft_lookup: use nft_validate_register_store() to validate types
In preparation of validating the length of a register store, use
nft_validate_register_store() in nft_lookup instead of open coding the
validation.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-13 16:25:49 +02:00
Patrick McHardy
1ec10212f9 netfilter: nf_tables: rename nft_validate_data_load()
The existing name is ambiguous, data is loaded as well when we read from
a register. Rename to nft_validate_register_store() for clarity and
consistency with the upcoming patch to introduce its counterpart,
nft_validate_register_load().

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-13 16:25:49 +02:00
Patrick McHardy
45d9bcda21 netfilter: nf_tables: validate len in nft_validate_data_load()
For values spanning multiple registers, we need to validate that enough
space is available from the destination register onwards. Add a len
argument to nft_validate_data_load() and consolidate the existing length
validations in preparation of that.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-13 16:25:49 +02:00
David S. Miller
e60a9de49c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue
Jeff Kirsher says:

====================
Intel Wired LAN Driver Updates 2015-04-11

This series contains updates to iflink, ixgbe and ixgbevf.

The entire set of changes come from Vlad Zolotarov to ultimately add
the ethtool ops to VF driver to allow querying the RSS indirection table
and RSS random key.

Currently we support only 82599 and x540 devices.  On those devices, VFs
share the RSS redirection table and hash key with a PF.  Letting the VF
query this information may introduce some security risks, therefore this
feature will be disabled by default.

The new netdev op allows a system administrator to change the default
behaviour with "ip link set" command.  The relevant iproute2 patch has
already been sent and awaits for this series upstream.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:36:57 -04:00
David S. Miller
1ceb0b8ca5 Merge branch 'fou-next'
Cong Wang says:

====================
fou: some fixes and updates

Patch 1~3 fix some minor bugs in net/ipv4/fou.c, the only
thing I am not sure is if it's too late to change the
byte order of FOU_ATTR_PORT, if so we have to fix iproute2
instead of kernel.

Patch 4~5 add some new features to make it complete.

v2: make fou->port be16 too
====================

Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:25:14 -04:00
WANG Cong
7a6c8c34e5 fou: implement FOU_CMD_GET
Cc: Tom Herbert <tom@herbertland.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:25:13 -04:00
WANG Cong
02d793c5bb fou: add network namespace support
Also convert the spinlock to a mutex.

Cc: Tom Herbert <tom@herbertland.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:25:13 -04:00
WANG Cong
4cbcdf2b6c fou: always use be16 for port
udp_config.local_udp_port is be16. And iproute2 passes
network order for FOU_ATTR_PORT.

This doesn't fix any bug, just for consistency.

Cc: Tom Herbert <tom@herbertland.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:25:13 -04:00
WANG Cong
67270636a8 fou: exit early when parsing config fails
Not a big deal, just for corretness.

Cc: Tom Herbert <tom@herbertland.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:25:13 -04:00
WANG Cong
9272f04872 fou: avoid calling udp_del_offload() twice
This fixes the following harmless warning:

./ip/ip fou del port 7777
[  122.907516] udp_del_offload: didn't find offload for port 7777

Cc: Tom Herbert <tom@herbertland.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:25:13 -04:00
David S. Miller
d72da6aa00 Merge branch 'selinux_xfrm_nl_cmd'
Nicolas Dichtel says:

====================
selinux: add missing xfrm nl cmd

With this series, xfrm commands are fully synchronized.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:19:40 -04:00
Nicolas Dichtel
bd2cba0738 selinux/nlmsg: add XFRM_MSG_MAPPING
This command is missing.

Fixes: 3a2dfbe8ac ("xfrm: Notify changes in UDP encapsulation via netlink")
CC: Martin Willi <martin@strongswan.org>
Reported-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:19:40 -04:00
Nicolas Dichtel
8d465bb777 selinux/nlmsg: add XFRM_MSG_MIGRATE
This command is missing.

Fixes: 5c79de6e79 ("[XFRM]: User interface for handling XFRM_MSG_MIGRATE")
Reported-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:19:40 -04:00
Nicolas Dichtel
b0b59b0056 selinux/nlmsg: add XFRM_MSG_REPORT
This command is missing.

Fixes: 97a64b4577 ("[XFRM]: Introduce XFRM_MSG_REPORT.")
Reported-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:19:40 -04:00
Eric Dumazet
52db70dca5 tcp: do not cache align timewait sockets
With recent adoption of skc_cookie in struct sock_common,
struct tcp_timewait_sock size increased from 192 to 200 bytes
on 64bit arches. SLAB rounds then to 256 bytes.

It is time to drop SLAB_HWCACHE_ALIGN constraint for twsk_slab.

This saves about 12 MB of memory on typical configuration reaching
262144 timewait sockets, and has no noticeable impact on performance.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 21:16:05 -04:00
David S. Miller
4e78eb0dbf There isn't much left, but we have
* new mac80211 internal software queue to allow drivers to have
    shorter hardware queues and pull on-demand
  * use rhashtable for mac80211 station table
  * minstrel rate control debug improvements and some refactoring
  * fix noisy message about TX power reduction
  * fix continuous message printing and activity if CRDA doesn't respond
  * fix VHT-related capabilities with "iw connect" or "iwconfig ..."
  * fix Kconfig for cfg80211 wireless extensions compatibility
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJVJ7CPAAoJEDBSmw7B7bqr8+IQAKCAbUyd6PFRT5tcz9kW5GCW
 /ibb+n1e14yWKgNEe1gddUGKG/L3HGCBXNkCYzR2M8mlL7dLPqspaBcGHS4dx8F4
 D0AuikqvtXIxfAXi0zmU2uo7rH7u2X34R2LtS8AlKByD+jmFvxMiPPvxNFgzJu/7
 63UQm73p2pnu/KdXLW1OQEcpZtZJ9+N/uBiq9zbVdX3A8T84ME0oMyy+EAQqCZdK
 CcsTXHCnAgmmXWJlu1JRdopr1bd38mSGB70eXduFtPqDdmtQRnoaCQ9e+tJDA4j4
 svEw0yDmsc4WG1EKLKKCRd3uFOZsng+lcXrHfpm5wlSPpCOItfQ9BzT3x1u6Y5JU
 Z1WMOMkkEce+95U7/RLoXwC/2RS3XelUXTde4cGIRMvO5drOrU58P0gdn3J+yKbv
 6v+2GGKy/39tdXUOxIl3EZT/huIl+h1UNO8C2hyaEwdXK+X1zl31/u6kk1Ns18Wr
 YPEJixxHx0zR8jaZgDC7OlWLuqn4Ay+Ls9yCyIesdHzKpizJKqn83PntYnpJmxoA
 9hlIyRDWnqH44KxzB85ni1C2Qudec3mcCWIWV7M+UoSC1Cgs/LxDzH7kRejR2ZIl
 vRhg5pqyr53L0h2lq5DO4Cj4UzbXb7YioKJRxjyKloNOlRrCZtK/VEsHbdsKEcIp
 d/wHj1AyFZeQfuhk8Qqr
 =mtuo
 -----END PGP SIGNATURE-----

Merge tag 'mac80211-next-for-davem-2015-04-10' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next

Johannes Berg says:

====================
There isn't much left, but we have
 * new mac80211 internal software queue to allow drivers to have
   shorter hardware queues and pull on-demand
 * use rhashtable for mac80211 station table
 * minstrel rate control debug improvements and some refactoring
 * fix noisy message about TX power reduction
 * fix continuous message printing and activity if CRDA doesn't respond
 * fix VHT-related capabilities with "iw connect" or "iwconfig ..."
 * fix Kconfig for cfg80211 wireless extensions compatibility
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 20:43:46 -04:00
Wolfgang Steinwender
716723c2d2 net/macb: sqe_test_errors are TX errors, not RX errors
The statistics are grouped by TX and RX errors.
The SQE Test Errors Register indicates problems with TX.

Signed-off-by: Wolfgang Steinwender <wsteinwender@pcs.com>
Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-12 20:42:29 -04:00
Vlad Zolotarov
b641173915 ixgbevf: Add the appropriate ethtool ops to query RSS indirection table and key
Added get_rxfh_indir_size, get_rxfh_key_size and get_rxfh ethtool_ops
callbacks implementations.

This enables the ethtool's "-x" and "--show-rxfh[-indir]" options for VF
devices.

This patch adds the support for 82599 and x540 devices only. Support for
other devices will be added later.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-11 11:50:28 -07:00
Vlad Zolotarov
ad1431e2db ixgbevf: Add RSS Key query code
Add the ixgbevf_get_rss_key() function that queries the PF for an RSS
Random Key using a new VF-PF channel IXGBE_VF_GET_RSS_KEY command.

This patch adds the support for 82599 and x540 devices only. Support for
other devices will be added later.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-11 11:39:19 -07:00
Vlad Zolotarov
3c0841a922 ixgbe: Add GET_RSS_KEY command to VF-PF channel commands set
For 82599 and x540 VFs and PF share the same RSS Key. Therefore we will
return the same RSS key for all VFs.

Support for other devices will be added later.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-11 11:30:12 -07:00
Vlad Zolotarov
94cf66f870 ixgbevf: Add a RETA query code
We will currently support only 82599 and x540 devices. Support for other
devices will be added later.

   - Added a new API version support.
   - Added the query implementation in the ixgbevf.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-11 09:26:19 -07:00
Vlad Zolotarov
4ce37a4c05 ixgbe: Add a RETA query command to VF-PF channel API
Add this new command for 82599 and x540 devices only. Support for other
devices will be added later.

82599 and x540 VFs and PF share the same RSS redirection table (RETA).
Therefore we just return it for all VFs.

For 82599 and x540 RETA table is an array of 32 registers (128 bytes) and
the maximum number of registers that may be delivered in a single VF-PF
channel command is 15. On the other hand VFs of these devices can be
configured to have up to 4 RSS queues. Therefore we will "compress" the
RETA by transferring only 2 bits per entry and thereby it will take only 8
registers (DWORDS) to transfer the whole VF RETA.

Thus this patch does the following:

  - Adds a new API version (to specify a new commands set).
  - Adds the IXGBE_VF_GET_RETA command to the VF-PF commands set.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 22:44:19 -07:00
Vlad Zolotarov
e65ce0d395 ixgbe: Add a new netdev op to allow/prevent a VF from querying an RSS info
Implements the new netdev op to allow user to enable/disable the ability
of a specific VF to query its RSS Indirection Table and an RSS Hash Key.

This patch limits the new feature support to 82599 and x540 devices only.
Support for other devices will be added later.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 22:26:30 -07:00
Vlad Zolotarov
01a3d79681 if_link: Add an additional parameter to ifla_vf_info for RSS querying
Add configuration setting for drivers to allow/block an RSS Redirection
Table and a Hash Key querying for discrete VFs.

On some devices VF share the mentioned above information with PF and
querying it may adduce a theoretical security risk. We want to let a
system administrator to decide if he/she wants to take this risk or not.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 21:57:22 -07:00
Vlad Zolotarov
7f276efb45 ixgbe: Add the appropriate ethtool ops to query RSS indirection table and key
Added get_rxfh_indir_size, get_rxfh_key_size and get_rxfh ethtool_ops
callbacks implementations.

This enables the ethtool's "-x" and "--show-rxfh[-indir]" options.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 21:47:53 -07:00
Vlad Zolotarov
dfaf891dd3 ixgbe: Refactor the RSS configuration code
This patch is a preparation for enablement of ethtool RSS indirection
table and hash key querying. We don't want to read registers every time
the RSS info is queried. Therefore we will store its current content in the
arrays in the adapter struct and will read it from there (instead of from
registers) when requested.

Will change the code that writes the indirection table and hash key into
the HW registers to take its content from these arrays. This will also
simplify the indirection table updating ethtool callback implementation
in the future.

Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 21:38:37 -07:00
David S. Miller
5288ec157c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue
Jeff Kirsher says:

====================
Intel Wired LAN Driver Updates 2015-04-10

This series contains updates to ixgbe and documentation for igb,
ixgbe and ixgb.

Stephen cleans up documentation to igb, ixgbe and ixgb.

Don updates how bridge mode is stored to minimize obfuscation and
makes updates for future silicon easier.  Adds a new bridge mode
support function which gathers all the logic needed to configure
bridge modes.  Adds Source Address Prunning for VEPA bridge mode
for x550 devices.

Vasu adds specific FCoE offloads for x550 for DDP context programming
and increased DDP exchanges.

Alex Duyck cleans up the use of HW_VLAN_CTAG_FILTER in hw_features,
where the driver was actually ignoring the value of the bit and was
just assuming it was always set.  Also cleans up the use of rcu_barrier()
since the driver has not used call_rcu() to free the rings for some
time now.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-10 12:49:34 -07:00
Thomas Graf
78ebb0d00b rtnetlink: Mark name argument of rtnl_create_link() const
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-10 12:42:40 -07:00
Alexander Duyck
020f1d9d9a ixgbe: Drop unnecessary call to rcu_barrier
The ixgbe driver hasn't used call_rcu to free the rings for some time now.
Since that is the case the call to rcu_barrier can be dropped since calls
to kfree_rcu don't require it.

Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 00:30:50 -07:00
Alexander Duyck
87031c0df5 ixgbe: Remove NETIF_F_HW_VLAN_CTAG_FILTER from hw_features
This change makes it so that the HW_VLAN_CTAG_FILTER bit is not falsely
advertised as being a feature that can be toggled on ixgbe parts.  The
driver was setting the bit in features and letting it be inherited by
hw_features, however the driver was actually ignoring the value of the bit
and just assuming it was always set.  As a result VLAN filtering was always
enabled which is a requirement for SR-IOV, VMDq, DCB, FCoE, and possibly
other features within the adapters.

Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 00:23:22 -07:00
Vasu Dev
ea412015a2 ixgbe: adds x550 specific FCoE offloads
Adds x550 specific FCoE offloads for DDP context programming and
increased DDP exchanges.

Signed-off-by: Vasu Dev <vasu.dev@intel.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 00:15:55 -07:00
Don Skidmore
6d4c96ad4a ixgbe: add support for X550 source_address_prunning
This patch will enable X550 Source Address Prunning for VEPA
bridge mode.  This requires that we also have replication enabled
as well, while in this mode.

Signed-off-by: Don Skidmore <donald.c.skidmore@intel.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-10 00:07:41 -07:00
Don Skidmore
219efe97bb ixgbe: add new bridge mode support function.
This patch gathers together all the logic needed to configure bridge
modes.  Currently that it is rather simple but this is really laying
the ground work for future X550 feature enhancement.

Signed-off-by: Don Skidmore <donald.c.skidmore@intel.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-09 23:59:50 -07:00
Don Skidmore
aa2bacb609 ixgbe: Move bridge mode from flag to variable
We are currently storing our BRIDGE_MODE as a bit in our adapter flags.
This patch will store the actual mode instead which minimizes obfuscation
and makes following patches for X550 simpler.

Signed-off-by: Don Skidmore <donald.c.skidmore@intel.com>
Tested-by: Phil Schmitt <phillip.j.schmitt@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-09 22:04:22 -07:00
Stephen Hemminger
322d3ed167 ixgb: remove references to ifconfig
Move documentation into this century, even if this device hasn't
been available for some time.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-09 22:04:04 -07:00
Stephen Hemminger
d7018be0ae ixgbe: fix documentation
The MTU values in the documentation do not match the source.
The source has frame limit of IXGBE_MAX_JUMBO_FRAME_SIZE (9728)
which is MTU of 9710 because of the accounting for Ethernet header
and CRC.

Also, don't refer to the obsolete ifconfig command.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-09 22:03:54 -07:00
Stephen Hemminger
c0a34ebd43 igb: doc don't refer to ifconfig
ifconfig command is obsolete, best to remove all references so that
new users learn ip.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2015-04-09 22:03:20 -07:00
David S. Miller
c3d0dac693 Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next
Johan Hedberg says:

====================
pull request: bluetooth-next 2015-04-09

We've had enough new patches during the past week (especially from
Marcel) that it'd be good to still get these queued for 4.1.

The majority of the changes are from Marcel with lots of cleanup &
refactoring patches for the HCI UART driver. Marcel also split out some
Broadcom & Intel vendor specific functionality into two new btintel &
btbcm modules.

In addition to the HCI driver changes there's the completion of our
local OOB data interface for pairing, added support for requesting
remote LE features when connecting, as well as a couple of minor fixes
for mac802154.

Please let me know if there are any issues pulling. Thanks.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 18:31:50 -04:00
Eric Dumazet
b52e69217b tcp: md5: fix a typo in tcp_v4_md5_lookup()
Lookup key for tcp_md5_do_lookup() has to be taken
from addr_sk, not sk (which can be the listener)

Fixes: fd3a154a00 ("tcp: md5: get rid of tcp_v[46]_reqsk_md5_lookup()")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 18:11:16 -04:00
David S. Miller
2e9095234d Merge branch 'xgbe-next'
Tom Lendacky says:

====================
amd-xgbe: AMD XGBE driver updates 2015-04-09

The following series of patches includes functional updates and changes
to the driver.

- Allow ethtool rx-frames coalescing to be changed while the device is up
- Consolidate initialization routine into the init function
- Add support for the TX watchdog timeout

This patch series is based on net-next.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 17:35:37 -04:00
Lendacky, Thomas
a8373f1a60 amd-xgbe: Add support for the netdev Tx watchdog
Add support to be able to detect a hung Tx task by adding the netdev
ndo_tx_timeout function callback. Do not set the watchdog_timeo value
so as to use the system default time (currently 5 seconds).

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 17:35:37 -04:00
Lendacky, Thomas
b876382bac amd-xgbe: Move Rx mode configuration into init
Currently a call to configure the Rx mode (promiscuous mode, all
multicast mode, etc.) is made in xgbe_start separate from the xgbe_init
function. This call to set the Rx mode should be part of the xgbe_init
function so that calls to the init function don't have to be preceded
with calls to configure the Rx mode.

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 17:35:37 -04:00
Lendacky, Thomas
8dee19e619 amd-xgbe: Allow rx-frames coalescing to be changed anytime
Currently the device must be down in order to update the rx-frames
coalescing setting because the interrupt indicator is set in the
descriptor data during initialization. Allow this setting to be changed
while the device is up by moving the interrupt decision into the
descriptor reset function and base the decision off of the supplied
descriptor index value.

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 17:35:37 -04:00
Hubert Sokolowski
1e53d5bb88 net: Pass VLAN ID to rtnl_fdb_notify.
When an FDB entry is added or deleted the information about VLAN
is not passed to listening applications like 'bridge monitor fdb'.
With this patch VLAN ID is passed if it was set in the original
netlink message.

Also remove an unused bdev variable.

Signed-off-by: Hubert Sokolowski <hubert.sokolowski@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 17:30:58 -04:00
David S. Miller
ca69d7102f Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

The following patchset contains Netfilter updates for your net-next tree.
They are:

* nf_tables set timeout infrastructure from Patrick Mchardy.

1) Add support for set timeout support.

2) Add support for set element timeouts using the new set extension
   infrastructure.

4) Add garbage collection helper functions to get rid of stale elements.
   Elements are accumulated in a batch that are asynchronously released
   via RCU when the batch is full.

5) Add garbage collection synchronization helpers. This introduces a new
   element busy bit to address concurrent access from the netlink API and the
   garbage collector.

5) Add timeout support for the nft_hash set implementation. The garbage
   collector peridically checks for stale elements from the workqueue.

* iptables/nftables cgroup fixes:

6) Ignore non full-socket objects from the input path, otherwise cgroup
   match may crash, from Daniel Borkmann.

7) Fix cgroup in nf_tables.

8) Save some cycles from xt_socket by skipping packet header parsing when
   skb->sk is already set because of early demux. Also from Daniel.

* br_netfilter updates from Florian Westphal.

9) Save frag_max_size and restore it from the forward path too.

10) Use a per-cpu area to restore the original source MAC address when traffic
    is DNAT'ed.

11) Add helper functions to access physical devices.

12) Use these new physdev helper function from xt_physdev.

13) Add another nf_bridge_info_get() helper function to fetch the br_netfilter
    state information.

14) Annotate original layer 2 protocol number in nf_bridge info, instead of
    using kludgy flags.

15) Also annotate the pkttype mangling when the packet travels back and forth
    from the IP to the bridge layer, instead of using a flag.

* More nf_tables set enhancement from Patrick:

16) Fix possible usage of set variant that doesn't support timeouts.

17) Avoid spurious "set is full" errors from Netlink API when there are pending
    stale elements scheduled to be released.

18) Restrict loop checks to set maps.

19) Add support for dynamic set updates from the packet path.

20) Add support to store optional user data (eg. comments) per set element.

BTW, I have also pulled net-next into nf-next to anticipate the conflict
resolution between your okfn() signature changes and Florian's br_netfilter
updates.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 14:46:04 -04:00
David S. Miller
3ab1a30fbd Major changes:
iwlwifi:
 
 * some more work on LAR
 * fixes for UMAC scan
 * more work on debugging framework
 * more work for 8000 devices
 * cleanups and small bugfixes
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQEcBAABAgAGBQJVJli2AAoJEG4XJFUm622bh6YH/1oKWWYkzCmAKVT3T3PKYcz8
 wSUDp0iOQD/f8bXG6qm9lKeqzsJvvUSYaIJRH/Vh7g0uBGzZ+0aK+Tle7zdsKe9i
 OrI+yK65jBWyNMfVO4yl3/Nb9ER3TneEDyrOPkXGnFJcyVnCugPcPRZVXiLS3scq
 fQrzZkEOM6Fl+nqMAXK7R9Vhk+Oz2U4Dm2r/Qq9sncAZwWUPGC60Vxc0iVcBKOhH
 bFZlvnO0RGeU2DMC0RuDkDhaWAsoUvkkR/EsNCwk38Hs2AOag3hBr8METaIF4S0R
 83ftVvjD8eJ8hDKP0AtQtMjZCjtAz+GR6D+maoUKxFQbMUq0xn7E2MqOOLxDeq0=
 =25In
 -----END PGP SIGNATURE-----

Merge tag 'wireless-drivers-next-for-davem-2015-04-09' of git://git.kernel.org/pub/scm/linux/kernel/git/kvalo/wireless-drivers-next

Kalle Valo says:

====================
Major changes:

iwlwifi:

* some more work on LAR
* fixes for UMAC scan
* more work on debugging framework
* more work for 8000 devices
* cleanups and small bugfixes
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 14:43:13 -04:00
David S. Miller
9399bdcbb5 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says:

====================
pull request (net-next): ipsec-next 2015-04-09

1) Prohibit the use/abuse of the xfrm netlink interface on
   32/64 bit compatibility tasks. We need a full compat
   layer before we can allow this. From Fan Du.

Please pull or let me know if there are problems.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-04-09 14:41:47 -04:00