1 |
commit: 27728be6c304d96b167f86c2c5fa4a154c784da2 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed May 27 15:26:03 2020 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed May 27 15:26:03 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=27728be6 |
7 |
|
8 |
Linux patch 4.9.225 |
9 |
|
10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
11 |
|
12 |
0000_README | 4 + |
13 |
1224_linux-4.9.225.patch | 3057 ++++++++++++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 3061 insertions(+) |
15 |
|
16 |
diff --git a/0000_README b/0000_README |
17 |
index c199ad4..ae2c4f5 100644 |
18 |
--- a/0000_README |
19 |
+++ b/0000_README |
20 |
@@ -939,6 +939,10 @@ Patch: 1223_linux-4.9.224.patch |
21 |
From: http://www.kernel.org |
22 |
Desc: Linux 4.9.224 |
23 |
|
24 |
+Patch: 1224_linux-4.9.225.patch |
25 |
+From: http://www.kernel.org |
26 |
+Desc: Linux 4.9.225 |
27 |
+ |
28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
30 |
Desc: Support for namespace user.pax.* on tmpfs. |
31 |
|
32 |
diff --git a/1224_linux-4.9.225.patch b/1224_linux-4.9.225.patch |
33 |
new file mode 100644 |
34 |
index 0000000..6134f53 |
35 |
--- /dev/null |
36 |
+++ b/1224_linux-4.9.225.patch |
37 |
@@ -0,0 +1,3057 @@ |
38 |
+diff --git a/Documentation/networking/l2tp.txt b/Documentation/networking/l2tp.txt |
39 |
+index 4650a00ed012..9bc271cdc9a8 100644 |
40 |
+--- a/Documentation/networking/l2tp.txt |
41 |
++++ b/Documentation/networking/l2tp.txt |
42 |
+@@ -177,10 +177,10 @@ setsockopt on the PPPoX socket to set a debug mask. |
43 |
+ |
44 |
+ The following debug mask bits are available: |
45 |
+ |
46 |
+-PPPOL2TP_MSG_DEBUG verbose debug (if compiled in) |
47 |
+-PPPOL2TP_MSG_CONTROL userspace - kernel interface |
48 |
+-PPPOL2TP_MSG_SEQ sequence numbers handling |
49 |
+-PPPOL2TP_MSG_DATA data packets |
50 |
++L2TP_MSG_DEBUG verbose debug (if compiled in) |
51 |
++L2TP_MSG_CONTROL userspace - kernel interface |
52 |
++L2TP_MSG_SEQ sequence numbers handling |
53 |
++L2TP_MSG_DATA data packets |
54 |
+ |
55 |
+ If enabled, files under a l2tp debugfs directory can be used to dump |
56 |
+ kernel state about L2TP tunnels and sessions. To access it, the |
57 |
+diff --git a/Makefile b/Makefile |
58 |
+index 3e58c142f92f..d17a2ad3cc4d 100644 |
59 |
+--- a/Makefile |
60 |
++++ b/Makefile |
61 |
+@@ -1,6 +1,6 @@ |
62 |
+ VERSION = 4 |
63 |
+ PATCHLEVEL = 9 |
64 |
+-SUBLEVEL = 224 |
65 |
++SUBLEVEL = 225 |
66 |
+ EXTRAVERSION = |
67 |
+ NAME = Roaring Lionus |
68 |
+ |
69 |
+diff --git a/arch/arm/include/asm/futex.h b/arch/arm/include/asm/futex.h |
70 |
+index cc414382dab4..561b2ba6bc28 100644 |
71 |
+--- a/arch/arm/include/asm/futex.h |
72 |
++++ b/arch/arm/include/asm/futex.h |
73 |
+@@ -162,8 +162,13 @@ arch_futex_atomic_op_inuser(int op, int oparg, int *oval, u32 __user *uaddr) |
74 |
+ preempt_enable(); |
75 |
+ #endif |
76 |
+ |
77 |
+- if (!ret) |
78 |
+- *oval = oldval; |
79 |
++ /* |
80 |
++ * Store unconditionally. If ret != 0 the extra store is the least |
81 |
++ * of the worries but GCC cannot figure out that __futex_atomic_op() |
82 |
++ * is either setting ret to -EFAULT or storing the old value in |
83 |
++ * oldval which results in a uninitialized warning at the call site. |
84 |
++ */ |
85 |
++ *oval = oldval; |
86 |
+ |
87 |
+ return ret; |
88 |
+ } |
89 |
+diff --git a/arch/arm64/kernel/machine_kexec.c b/arch/arm64/kernel/machine_kexec.c |
90 |
+index bc96c8a7fc79..3e4b778f16a5 100644 |
91 |
+--- a/arch/arm64/kernel/machine_kexec.c |
92 |
++++ b/arch/arm64/kernel/machine_kexec.c |
93 |
+@@ -177,7 +177,8 @@ void machine_kexec(struct kimage *kimage) |
94 |
+ /* Flush the reboot_code_buffer in preparation for its execution. */ |
95 |
+ __flush_dcache_area(reboot_code_buffer, arm64_relocate_new_kernel_size); |
96 |
+ flush_icache_range((uintptr_t)reboot_code_buffer, |
97 |
+- arm64_relocate_new_kernel_size); |
98 |
++ (uintptr_t)reboot_code_buffer + |
99 |
++ arm64_relocate_new_kernel_size); |
100 |
+ |
101 |
+ /* Flush the kimage list and its buffers. */ |
102 |
+ kexec_list_flush(kimage); |
103 |
+diff --git a/drivers/base/component.c b/drivers/base/component.c |
104 |
+index 08da6160e94d..55f0856bd9b5 100644 |
105 |
+--- a/drivers/base/component.c |
106 |
++++ b/drivers/base/component.c |
107 |
+@@ -162,7 +162,8 @@ static int try_to_bring_up_master(struct master *master, |
108 |
+ ret = master->ops->bind(master->dev); |
109 |
+ if (ret < 0) { |
110 |
+ devres_release_group(master->dev, NULL); |
111 |
+- dev_info(master->dev, "master bind failed: %d\n", ret); |
112 |
++ if (ret != -EPROBE_DEFER) |
113 |
++ dev_info(master->dev, "master bind failed: %d\n", ret); |
114 |
+ return ret; |
115 |
+ } |
116 |
+ |
117 |
+@@ -431,8 +432,9 @@ static int component_bind(struct component *component, struct master *master, |
118 |
+ devres_release_group(component->dev, NULL); |
119 |
+ devres_release_group(master->dev, NULL); |
120 |
+ |
121 |
+- dev_err(master->dev, "failed to bind %s (ops %ps): %d\n", |
122 |
+- dev_name(component->dev), component->ops, ret); |
123 |
++ if (ret != -EPROBE_DEFER) |
124 |
++ dev_err(master->dev, "failed to bind %s (ops %ps): %d\n", |
125 |
++ dev_name(component->dev), component->ops, ret); |
126 |
+ } |
127 |
+ |
128 |
+ return ret; |
129 |
+diff --git a/drivers/dma/tegra210-adma.c b/drivers/dma/tegra210-adma.c |
130 |
+index 2d4aeba579f7..c16c06b3dd2f 100644 |
131 |
+--- a/drivers/dma/tegra210-adma.c |
132 |
++++ b/drivers/dma/tegra210-adma.c |
133 |
+@@ -793,7 +793,7 @@ static int tegra_adma_probe(struct platform_device *pdev) |
134 |
+ ret = dma_async_device_register(&tdma->dma_dev); |
135 |
+ if (ret < 0) { |
136 |
+ dev_err(&pdev->dev, "ADMA registration failed: %d\n", ret); |
137 |
+- goto irq_dispose; |
138 |
++ goto rpm_put; |
139 |
+ } |
140 |
+ |
141 |
+ ret = of_dma_controller_register(pdev->dev.of_node, |
142 |
+diff --git a/drivers/hid/hid-ids.h b/drivers/hid/hid-ids.h |
143 |
+index 25c006338100..4630b58634d8 100644 |
144 |
+--- a/drivers/hid/hid-ids.h |
145 |
++++ b/drivers/hid/hid-ids.h |
146 |
+@@ -353,6 +353,7 @@ |
147 |
+ #define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_7349 0x7349 |
148 |
+ #define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_73F7 0x73f7 |
149 |
+ #define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_A001 0xa001 |
150 |
++#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_C002 0xc002 |
151 |
+ |
152 |
+ #define USB_VENDOR_ID_ELAN 0x04f3 |
153 |
+ |
154 |
+diff --git a/drivers/hid/hid-multitouch.c b/drivers/hid/hid-multitouch.c |
155 |
+index fba655d639af..1207102823de 100644 |
156 |
+--- a/drivers/hid/hid-multitouch.c |
157 |
++++ b/drivers/hid/hid-multitouch.c |
158 |
+@@ -1332,6 +1332,9 @@ static const struct hid_device_id mt_devices[] = { |
159 |
+ { .driver_data = MT_CLS_EGALAX_SERIAL, |
160 |
+ MT_USB_DEVICE(USB_VENDOR_ID_DWAV, |
161 |
+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_A001) }, |
162 |
++ { .driver_data = MT_CLS_EGALAX, |
163 |
++ MT_USB_DEVICE(USB_VENDOR_ID_DWAV, |
164 |
++ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_C002) }, |
165 |
+ |
166 |
+ /* Elitegroup panel */ |
167 |
+ { .driver_data = MT_CLS_SERIAL, |
168 |
+diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c |
169 |
+index eaa312bc3a3c..c4066276eb7b 100644 |
170 |
+--- a/drivers/i2c/i2c-dev.c |
171 |
++++ b/drivers/i2c/i2c-dev.c |
172 |
+@@ -47,7 +47,7 @@ |
173 |
+ struct i2c_dev { |
174 |
+ struct list_head list; |
175 |
+ struct i2c_adapter *adap; |
176 |
+- struct device *dev; |
177 |
++ struct device dev; |
178 |
+ struct cdev cdev; |
179 |
+ }; |
180 |
+ |
181 |
+@@ -91,12 +91,14 @@ static struct i2c_dev *get_free_i2c_dev(struct i2c_adapter *adap) |
182 |
+ return i2c_dev; |
183 |
+ } |
184 |
+ |
185 |
+-static void put_i2c_dev(struct i2c_dev *i2c_dev) |
186 |
++static void put_i2c_dev(struct i2c_dev *i2c_dev, bool del_cdev) |
187 |
+ { |
188 |
+ spin_lock(&i2c_dev_list_lock); |
189 |
+ list_del(&i2c_dev->list); |
190 |
+ spin_unlock(&i2c_dev_list_lock); |
191 |
+- kfree(i2c_dev); |
192 |
++ if (del_cdev) |
193 |
++ cdev_device_del(&i2c_dev->cdev, &i2c_dev->dev); |
194 |
++ put_device(&i2c_dev->dev); |
195 |
+ } |
196 |
+ |
197 |
+ static ssize_t name_show(struct device *dev, |
198 |
+@@ -542,6 +544,14 @@ static const struct file_operations i2cdev_fops = { |
199 |
+ |
200 |
+ static struct class *i2c_dev_class; |
201 |
+ |
202 |
++static void i2cdev_dev_release(struct device *dev) |
203 |
++{ |
204 |
++ struct i2c_dev *i2c_dev; |
205 |
++ |
206 |
++ i2c_dev = container_of(dev, struct i2c_dev, dev); |
207 |
++ kfree(i2c_dev); |
208 |
++} |
209 |
++ |
210 |
+ static int i2cdev_attach_adapter(struct device *dev, void *dummy) |
211 |
+ { |
212 |
+ struct i2c_adapter *adap; |
213 |
+@@ -558,27 +568,23 @@ static int i2cdev_attach_adapter(struct device *dev, void *dummy) |
214 |
+ |
215 |
+ cdev_init(&i2c_dev->cdev, &i2cdev_fops); |
216 |
+ i2c_dev->cdev.owner = THIS_MODULE; |
217 |
+- res = cdev_add(&i2c_dev->cdev, MKDEV(I2C_MAJOR, adap->nr), 1); |
218 |
+- if (res) |
219 |
+- goto error_cdev; |
220 |
+- |
221 |
+- /* register this i2c device with the driver core */ |
222 |
+- i2c_dev->dev = device_create(i2c_dev_class, &adap->dev, |
223 |
+- MKDEV(I2C_MAJOR, adap->nr), NULL, |
224 |
+- "i2c-%d", adap->nr); |
225 |
+- if (IS_ERR(i2c_dev->dev)) { |
226 |
+- res = PTR_ERR(i2c_dev->dev); |
227 |
+- goto error; |
228 |
++ |
229 |
++ device_initialize(&i2c_dev->dev); |
230 |
++ i2c_dev->dev.devt = MKDEV(I2C_MAJOR, adap->nr); |
231 |
++ i2c_dev->dev.class = i2c_dev_class; |
232 |
++ i2c_dev->dev.parent = &adap->dev; |
233 |
++ i2c_dev->dev.release = i2cdev_dev_release; |
234 |
++ dev_set_name(&i2c_dev->dev, "i2c-%d", adap->nr); |
235 |
++ |
236 |
++ res = cdev_device_add(&i2c_dev->cdev, &i2c_dev->dev); |
237 |
++ if (res) { |
238 |
++ put_i2c_dev(i2c_dev, false); |
239 |
++ return res; |
240 |
+ } |
241 |
+ |
242 |
+ pr_debug("i2c-dev: adapter [%s] registered as minor %d\n", |
243 |
+ adap->name, adap->nr); |
244 |
+ return 0; |
245 |
+-error: |
246 |
+- cdev_del(&i2c_dev->cdev); |
247 |
+-error_cdev: |
248 |
+- put_i2c_dev(i2c_dev); |
249 |
+- return res; |
250 |
+ } |
251 |
+ |
252 |
+ static int i2cdev_detach_adapter(struct device *dev, void *dummy) |
253 |
+@@ -594,9 +600,7 @@ static int i2cdev_detach_adapter(struct device *dev, void *dummy) |
254 |
+ if (!i2c_dev) /* attach_adapter must have failed */ |
255 |
+ return 0; |
256 |
+ |
257 |
+- cdev_del(&i2c_dev->cdev); |
258 |
+- put_i2c_dev(i2c_dev); |
259 |
+- device_destroy(i2c_dev_class, MKDEV(I2C_MAJOR, adap->nr)); |
260 |
++ put_i2c_dev(i2c_dev, true); |
261 |
+ |
262 |
+ pr_debug("i2c-dev: adapter [%s] unregistered\n", adap->name); |
263 |
+ return 0; |
264 |
+diff --git a/drivers/i2c/muxes/i2c-demux-pinctrl.c b/drivers/i2c/muxes/i2c-demux-pinctrl.c |
265 |
+index 3e6fe1760d82..a86c511c29e0 100644 |
266 |
+--- a/drivers/i2c/muxes/i2c-demux-pinctrl.c |
267 |
++++ b/drivers/i2c/muxes/i2c-demux-pinctrl.c |
268 |
+@@ -270,6 +270,7 @@ static int i2c_demux_pinctrl_probe(struct platform_device *pdev) |
269 |
+ err_rollback_available: |
270 |
+ device_remove_file(&pdev->dev, &dev_attr_available_masters); |
271 |
+ err_rollback: |
272 |
++ i2c_demux_deactivate_master(priv); |
273 |
+ for (j = 0; j < i; j++) { |
274 |
+ of_node_put(priv->chan[j].parent_np); |
275 |
+ of_changeset_destroy(&priv->chan[j].chgset); |
276 |
+diff --git a/drivers/iio/dac/vf610_dac.c b/drivers/iio/dac/vf610_dac.c |
277 |
+index c4ec7779b394..190a7c1c5604 100644 |
278 |
+--- a/drivers/iio/dac/vf610_dac.c |
279 |
++++ b/drivers/iio/dac/vf610_dac.c |
280 |
+@@ -235,6 +235,7 @@ static int vf610_dac_probe(struct platform_device *pdev) |
281 |
+ return 0; |
282 |
+ |
283 |
+ error_iio_device_register: |
284 |
++ vf610_dac_exit(info); |
285 |
+ clk_disable_unprepare(info->clk); |
286 |
+ |
287 |
+ return ret; |
288 |
+diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c |
289 |
+index e6ae8d123984..a3279f303b49 100644 |
290 |
+--- a/drivers/iommu/amd_iommu_init.c |
291 |
++++ b/drivers/iommu/amd_iommu_init.c |
292 |
+@@ -1171,8 +1171,8 @@ static int __init init_iommu_from_acpi(struct amd_iommu *iommu, |
293 |
+ } |
294 |
+ case IVHD_DEV_ACPI_HID: { |
295 |
+ u16 devid; |
296 |
+- u8 hid[ACPIHID_HID_LEN] = {0}; |
297 |
+- u8 uid[ACPIHID_UID_LEN] = {0}; |
298 |
++ u8 hid[ACPIHID_HID_LEN]; |
299 |
++ u8 uid[ACPIHID_UID_LEN]; |
300 |
+ int ret; |
301 |
+ |
302 |
+ if (h->type != 0x40) { |
303 |
+@@ -1189,6 +1189,7 @@ static int __init init_iommu_from_acpi(struct amd_iommu *iommu, |
304 |
+ break; |
305 |
+ } |
306 |
+ |
307 |
++ uid[0] = '\0'; |
308 |
+ switch (e->uidf) { |
309 |
+ case UID_NOT_PRESENT: |
310 |
+ |
311 |
+@@ -1203,8 +1204,8 @@ static int __init init_iommu_from_acpi(struct amd_iommu *iommu, |
312 |
+ break; |
313 |
+ case UID_IS_CHARACTER: |
314 |
+ |
315 |
+- memcpy(uid, (u8 *)(&e->uid), ACPIHID_UID_LEN - 1); |
316 |
+- uid[ACPIHID_UID_LEN - 1] = '\0'; |
317 |
++ memcpy(uid, &e->uid, e->uidl); |
318 |
++ uid[e->uidl] = '\0'; |
319 |
+ |
320 |
+ break; |
321 |
+ default: |
322 |
+diff --git a/drivers/misc/mei/client.c b/drivers/misc/mei/client.c |
323 |
+index 451d417eb451..1c8df33404b0 100644 |
324 |
+--- a/drivers/misc/mei/client.c |
325 |
++++ b/drivers/misc/mei/client.c |
326 |
+@@ -276,6 +276,7 @@ void mei_me_cl_rm_by_uuid(struct mei_device *dev, const uuid_le *uuid) |
327 |
+ down_write(&dev->me_clients_rwsem); |
328 |
+ me_cl = __mei_me_cl_by_uuid(dev, uuid); |
329 |
+ __mei_me_cl_del(dev, me_cl); |
330 |
++ mei_me_cl_put(me_cl); |
331 |
+ up_write(&dev->me_clients_rwsem); |
332 |
+ } |
333 |
+ |
334 |
+@@ -297,6 +298,7 @@ void mei_me_cl_rm_by_uuid_id(struct mei_device *dev, const uuid_le *uuid, u8 id) |
335 |
+ down_write(&dev->me_clients_rwsem); |
336 |
+ me_cl = __mei_me_cl_by_uuid_id(dev, uuid, id); |
337 |
+ __mei_me_cl_del(dev, me_cl); |
338 |
++ mei_me_cl_put(me_cl); |
339 |
+ up_write(&dev->me_clients_rwsem); |
340 |
+ } |
341 |
+ |
342 |
+diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c |
343 |
+index 5478a2ab45c4..54b5f61c8ed9 100644 |
344 |
+--- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c |
345 |
++++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c |
346 |
+@@ -2236,8 +2236,6 @@ static int cxgb_up(struct adapter *adap) |
347 |
+ #if IS_ENABLED(CONFIG_IPV6) |
348 |
+ update_clip(adap); |
349 |
+ #endif |
350 |
+- /* Initialize hash mac addr list*/ |
351 |
+- INIT_LIST_HEAD(&adap->mac_hlist); |
352 |
+ return err; |
353 |
+ |
354 |
+ irq_err: |
355 |
+@@ -2259,6 +2257,7 @@ static void cxgb_down(struct adapter *adapter) |
356 |
+ |
357 |
+ t4_sge_stop(adapter); |
358 |
+ t4_free_sge_resources(adapter); |
359 |
++ |
360 |
+ adapter->flags &= ~FULL_INIT_DONE; |
361 |
+ } |
362 |
+ |
363 |
+@@ -4789,6 +4788,9 @@ static int init_one(struct pci_dev *pdev, const struct pci_device_id *ent) |
364 |
+ (is_t5(adapter->params.chip) ? STATMODE_V(0) : |
365 |
+ T6_STATMODE_V(0))); |
366 |
+ |
367 |
++ /* Initialize hash mac addr list */ |
368 |
++ INIT_LIST_HEAD(&adapter->mac_hlist); |
369 |
++ |
370 |
+ for_each_port(adapter, i) { |
371 |
+ netdev = alloc_etherdev_mq(sizeof(struct port_info), |
372 |
+ MAX_ETH_QSETS); |
373 |
+@@ -5067,6 +5069,7 @@ sriov: |
374 |
+ static void remove_one(struct pci_dev *pdev) |
375 |
+ { |
376 |
+ struct adapter *adapter = pci_get_drvdata(pdev); |
377 |
++ struct hash_mac_addr *entry, *tmp; |
378 |
+ |
379 |
+ if (!adapter) { |
380 |
+ pci_release_regions(pdev); |
381 |
+@@ -5105,6 +5108,12 @@ static void remove_one(struct pci_dev *pdev) |
382 |
+ if (adapter->num_uld || adapter->num_ofld_uld) |
383 |
+ t4_uld_mem_free(adapter); |
384 |
+ free_some_resources(adapter); |
385 |
++ list_for_each_entry_safe(entry, tmp, &adapter->mac_hlist, |
386 |
++ list) { |
387 |
++ list_del(&entry->list); |
388 |
++ kfree(entry); |
389 |
++ } |
390 |
++ |
391 |
+ #if IS_ENABLED(CONFIG_IPV6) |
392 |
+ t4_cleanup_clip_tbl(adapter); |
393 |
+ #endif |
394 |
+diff --git a/drivers/net/ethernet/chelsio/cxgb4vf/cxgb4vf_main.c b/drivers/net/ethernet/chelsio/cxgb4vf/cxgb4vf_main.c |
395 |
+index 9eb3071b69a4..17db5be9d2b7 100644 |
396 |
+--- a/drivers/net/ethernet/chelsio/cxgb4vf/cxgb4vf_main.c |
397 |
++++ b/drivers/net/ethernet/chelsio/cxgb4vf/cxgb4vf_main.c |
398 |
+@@ -719,9 +719,6 @@ static int adapter_up(struct adapter *adapter) |
399 |
+ if (adapter->flags & USING_MSIX) |
400 |
+ name_msix_vecs(adapter); |
401 |
+ |
402 |
+- /* Initialize hash mac addr list*/ |
403 |
+- INIT_LIST_HEAD(&adapter->mac_hlist); |
404 |
+- |
405 |
+ adapter->flags |= FULL_INIT_DONE; |
406 |
+ } |
407 |
+ |
408 |
+@@ -2902,6 +2899,9 @@ static int cxgb4vf_pci_probe(struct pci_dev *pdev, |
409 |
+ if (err) |
410 |
+ goto err_unmap_bar; |
411 |
+ |
412 |
++ /* Initialize hash mac addr list */ |
413 |
++ INIT_LIST_HEAD(&adapter->mac_hlist); |
414 |
++ |
415 |
+ /* |
416 |
+ * Allocate our "adapter ports" and stitch everything together. |
417 |
+ */ |
418 |
+diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c |
419 |
+index 7e35bd665630..90eab0521be1 100644 |
420 |
+--- a/drivers/net/ethernet/intel/igb/igb_main.c |
421 |
++++ b/drivers/net/ethernet/intel/igb/igb_main.c |
422 |
+@@ -3395,7 +3395,7 @@ void igb_configure_tx_ring(struct igb_adapter *adapter, |
423 |
+ tdba & 0x00000000ffffffffULL); |
424 |
+ wr32(E1000_TDBAH(reg_idx), tdba >> 32); |
425 |
+ |
426 |
+- ring->tail = hw->hw_addr + E1000_TDT(reg_idx); |
427 |
++ ring->tail = adapter->io_addr + E1000_TDT(reg_idx); |
428 |
+ wr32(E1000_TDH(reg_idx), 0); |
429 |
+ writel(0, ring->tail); |
430 |
+ |
431 |
+@@ -3734,7 +3734,7 @@ void igb_configure_rx_ring(struct igb_adapter *adapter, |
432 |
+ ring->count * sizeof(union e1000_adv_rx_desc)); |
433 |
+ |
434 |
+ /* initialize head and tail */ |
435 |
+- ring->tail = hw->hw_addr + E1000_RDT(reg_idx); |
436 |
++ ring->tail = adapter->io_addr + E1000_RDT(reg_idx); |
437 |
+ wr32(E1000_RDH(reg_idx), 0); |
438 |
+ writel(0, ring->tail); |
439 |
+ |
440 |
+diff --git a/drivers/net/gtp.c b/drivers/net/gtp.c |
441 |
+index a9e8a7356c41..fe844888e0ed 100644 |
442 |
+--- a/drivers/net/gtp.c |
443 |
++++ b/drivers/net/gtp.c |
444 |
+@@ -1108,11 +1108,11 @@ static struct genl_family gtp_genl_family = { |
445 |
+ }; |
446 |
+ |
447 |
+ static int gtp_genl_fill_info(struct sk_buff *skb, u32 snd_portid, u32 snd_seq, |
448 |
+- u32 type, struct pdp_ctx *pctx) |
449 |
++ int flags, u32 type, struct pdp_ctx *pctx) |
450 |
+ { |
451 |
+ void *genlh; |
452 |
+ |
453 |
+- genlh = genlmsg_put(skb, snd_portid, snd_seq, >p_genl_family, 0, |
454 |
++ genlh = genlmsg_put(skb, snd_portid, snd_seq, >p_genl_family, flags, |
455 |
+ type); |
456 |
+ if (genlh == NULL) |
457 |
+ goto nlmsg_failure; |
458 |
+@@ -1208,8 +1208,8 @@ static int gtp_genl_get_pdp(struct sk_buff *skb, struct genl_info *info) |
459 |
+ goto err_unlock; |
460 |
+ } |
461 |
+ |
462 |
+- err = gtp_genl_fill_info(skb2, NETLINK_CB(skb).portid, |
463 |
+- info->snd_seq, info->nlhdr->nlmsg_type, pctx); |
464 |
++ err = gtp_genl_fill_info(skb2, NETLINK_CB(skb).portid, info->snd_seq, |
465 |
++ 0, info->nlhdr->nlmsg_type, pctx); |
466 |
+ if (err < 0) |
467 |
+ goto err_unlock_free; |
468 |
+ |
469 |
+@@ -1252,6 +1252,7 @@ static int gtp_genl_dump_pdp(struct sk_buff *skb, |
470 |
+ gtp_genl_fill_info(skb, |
471 |
+ NETLINK_CB(cb->skb).portid, |
472 |
+ cb->nlh->nlmsg_seq, |
473 |
++ NLM_F_MULTI, |
474 |
+ cb->nlh->nlmsg_type, pctx)) { |
475 |
+ cb->args[0] = i; |
476 |
+ cb->args[1] = j; |
477 |
+diff --git a/drivers/nvdimm/btt.c b/drivers/nvdimm/btt.c |
478 |
+index 0c46ada027cf..e90ecb179622 100644 |
479 |
+--- a/drivers/nvdimm/btt.c |
480 |
++++ b/drivers/nvdimm/btt.c |
481 |
+@@ -447,9 +447,9 @@ static int btt_log_init(struct arena_info *arena) |
482 |
+ |
483 |
+ static int btt_freelist_init(struct arena_info *arena) |
484 |
+ { |
485 |
+- int old, new, ret; |
486 |
++ int new, ret; |
487 |
+ u32 i, map_entry; |
488 |
+- struct log_entry log_new, log_old; |
489 |
++ struct log_entry log_new; |
490 |
+ |
491 |
+ arena->freelist = kcalloc(arena->nfree, sizeof(struct free_entry), |
492 |
+ GFP_KERNEL); |
493 |
+@@ -457,10 +457,6 @@ static int btt_freelist_init(struct arena_info *arena) |
494 |
+ return -ENOMEM; |
495 |
+ |
496 |
+ for (i = 0; i < arena->nfree; i++) { |
497 |
+- old = btt_log_read(arena, i, &log_old, LOG_OLD_ENT); |
498 |
+- if (old < 0) |
499 |
+- return old; |
500 |
+- |
501 |
+ new = btt_log_read(arena, i, &log_new, LOG_NEW_ENT); |
502 |
+ if (new < 0) |
503 |
+ return new; |
504 |
+diff --git a/drivers/platform/x86/alienware-wmi.c b/drivers/platform/x86/alienware-wmi.c |
505 |
+index bee2115ecf10..ec7482c7e7eb 100644 |
506 |
+--- a/drivers/platform/x86/alienware-wmi.c |
507 |
++++ b/drivers/platform/x86/alienware-wmi.c |
508 |
+@@ -504,23 +504,22 @@ static acpi_status alienware_wmax_command(struct wmax_basic_args *in_args, |
509 |
+ |
510 |
+ input.length = (acpi_size) sizeof(*in_args); |
511 |
+ input.pointer = in_args; |
512 |
+- if (out_data != NULL) { |
513 |
++ if (out_data) { |
514 |
+ output.length = ACPI_ALLOCATE_BUFFER; |
515 |
+ output.pointer = NULL; |
516 |
+ status = wmi_evaluate_method(WMAX_CONTROL_GUID, 1, |
517 |
+ command, &input, &output); |
518 |
+- } else |
519 |
++ if (ACPI_SUCCESS(status)) { |
520 |
++ obj = (union acpi_object *)output.pointer; |
521 |
++ if (obj && obj->type == ACPI_TYPE_INTEGER) |
522 |
++ *out_data = (u32)obj->integer.value; |
523 |
++ } |
524 |
++ kfree(output.pointer); |
525 |
++ } else { |
526 |
+ status = wmi_evaluate_method(WMAX_CONTROL_GUID, 1, |
527 |
+ command, &input, NULL); |
528 |
+- |
529 |
+- if (ACPI_SUCCESS(status) && out_data != NULL) { |
530 |
+- obj = (union acpi_object *)output.pointer; |
531 |
+- if (obj && obj->type == ACPI_TYPE_INTEGER) |
532 |
+- *out_data = (u32) obj->integer.value; |
533 |
+ } |
534 |
+- kfree(output.pointer); |
535 |
+ return status; |
536 |
+- |
537 |
+ } |
538 |
+ |
539 |
+ /* |
540 |
+diff --git a/drivers/platform/x86/asus-nb-wmi.c b/drivers/platform/x86/asus-nb-wmi.c |
541 |
+index 0fd7e40b86a0..8137aa343706 100644 |
542 |
+--- a/drivers/platform/x86/asus-nb-wmi.c |
543 |
++++ b/drivers/platform/x86/asus-nb-wmi.c |
544 |
+@@ -561,9 +561,33 @@ static struct asus_wmi_driver asus_nb_wmi_driver = { |
545 |
+ .detect_quirks = asus_nb_wmi_quirks, |
546 |
+ }; |
547 |
+ |
548 |
++static const struct dmi_system_id asus_nb_wmi_blacklist[] __initconst = { |
549 |
++ { |
550 |
++ /* |
551 |
++ * asus-nb-wm adds no functionality. The T100TA has a detachable |
552 |
++ * USB kbd, so no hotkeys and it has no WMI rfkill; and loading |
553 |
++ * asus-nb-wm causes the camera LED to turn and _stay_ on. |
554 |
++ */ |
555 |
++ .matches = { |
556 |
++ DMI_EXACT_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), |
557 |
++ DMI_EXACT_MATCH(DMI_PRODUCT_NAME, "T100TA"), |
558 |
++ }, |
559 |
++ }, |
560 |
++ { |
561 |
++ /* The Asus T200TA has the same issue as the T100TA */ |
562 |
++ .matches = { |
563 |
++ DMI_EXACT_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), |
564 |
++ DMI_EXACT_MATCH(DMI_PRODUCT_NAME, "T200TA"), |
565 |
++ }, |
566 |
++ }, |
567 |
++ {} /* Terminating entry */ |
568 |
++}; |
569 |
+ |
570 |
+ static int __init asus_nb_wmi_init(void) |
571 |
+ { |
572 |
++ if (dmi_check_system(asus_nb_wmi_blacklist)) |
573 |
++ return -ENODEV; |
574 |
++ |
575 |
+ return asus_wmi_register_driver(&asus_nb_wmi_driver); |
576 |
+ } |
577 |
+ |
578 |
+diff --git a/drivers/rapidio/devices/rio_mport_cdev.c b/drivers/rapidio/devices/rio_mport_cdev.c |
579 |
+index 28c45db45aba..ebe8e8dc4677 100644 |
580 |
+--- a/drivers/rapidio/devices/rio_mport_cdev.c |
581 |
++++ b/drivers/rapidio/devices/rio_mport_cdev.c |
582 |
+@@ -905,6 +905,11 @@ rio_dma_transfer(struct file *filp, u32 transfer_mode, |
583 |
+ rmcd_error("pinned %ld out of %ld pages", |
584 |
+ pinned, nr_pages); |
585 |
+ ret = -EFAULT; |
586 |
++ /* |
587 |
++ * Set nr_pages up to mean "how many pages to unpin, in |
588 |
++ * the error handler: |
589 |
++ */ |
590 |
++ nr_pages = pinned; |
591 |
+ goto err_pg; |
592 |
+ } |
593 |
+ |
594 |
+diff --git a/drivers/staging/greybus/uart.c b/drivers/staging/greybus/uart.c |
595 |
+index 2633d2bfb1b4..9ef9cbfd8926 100644 |
596 |
+--- a/drivers/staging/greybus/uart.c |
597 |
++++ b/drivers/staging/greybus/uart.c |
598 |
+@@ -539,9 +539,9 @@ static void gb_tty_set_termios(struct tty_struct *tty, |
599 |
+ } |
600 |
+ |
601 |
+ if (C_CRTSCTS(tty) && C_BAUD(tty) != B0) |
602 |
+- newline.flow_control |= GB_SERIAL_AUTO_RTSCTS_EN; |
603 |
++ newline.flow_control = GB_SERIAL_AUTO_RTSCTS_EN; |
604 |
+ else |
605 |
+- newline.flow_control &= ~GB_SERIAL_AUTO_RTSCTS_EN; |
606 |
++ newline.flow_control = 0; |
607 |
+ |
608 |
+ if (memcmp(&gb_tty->line_coding, &newline, sizeof(newline))) { |
609 |
+ memcpy(&gb_tty->line_coding, &newline, sizeof(newline)); |
610 |
+diff --git a/drivers/staging/iio/accel/sca3000_ring.c b/drivers/staging/iio/accel/sca3000_ring.c |
611 |
+index d1cb9b9cf22b..391cbcc4ed77 100644 |
612 |
+--- a/drivers/staging/iio/accel/sca3000_ring.c |
613 |
++++ b/drivers/staging/iio/accel/sca3000_ring.c |
614 |
+@@ -56,7 +56,7 @@ static int sca3000_read_data(struct sca3000_state *st, |
615 |
+ st->tx[0] = SCA3000_READ_REG(reg_address_high); |
616 |
+ ret = spi_sync_transfer(st->us, xfer, ARRAY_SIZE(xfer)); |
617 |
+ if (ret) { |
618 |
+- dev_err(get_device(&st->us->dev), "problem reading register"); |
619 |
++ dev_err(&st->us->dev, "problem reading register"); |
620 |
+ goto error_free_rx; |
621 |
+ } |
622 |
+ |
623 |
+diff --git a/drivers/staging/iio/resolver/ad2s1210.c b/drivers/staging/iio/resolver/ad2s1210.c |
624 |
+index 598f0faa48c8..0f5eb2bf5f73 100644 |
625 |
+--- a/drivers/staging/iio/resolver/ad2s1210.c |
626 |
++++ b/drivers/staging/iio/resolver/ad2s1210.c |
627 |
+@@ -126,17 +126,24 @@ static int ad2s1210_config_write(struct ad2s1210_state *st, u8 data) |
628 |
+ static int ad2s1210_config_read(struct ad2s1210_state *st, |
629 |
+ unsigned char address) |
630 |
+ { |
631 |
+- struct spi_transfer xfer = { |
632 |
+- .len = 2, |
633 |
+- .rx_buf = st->rx, |
634 |
+- .tx_buf = st->tx, |
635 |
++ struct spi_transfer xfers[] = { |
636 |
++ { |
637 |
++ .len = 1, |
638 |
++ .rx_buf = &st->rx[0], |
639 |
++ .tx_buf = &st->tx[0], |
640 |
++ .cs_change = 1, |
641 |
++ }, { |
642 |
++ .len = 1, |
643 |
++ .rx_buf = &st->rx[1], |
644 |
++ .tx_buf = &st->tx[1], |
645 |
++ }, |
646 |
+ }; |
647 |
+ int ret = 0; |
648 |
+ |
649 |
+ ad2s1210_set_mode(MOD_CONFIG, st); |
650 |
+ st->tx[0] = address | AD2S1210_MSB_IS_HIGH; |
651 |
+ st->tx[1] = AD2S1210_REG_FAULT; |
652 |
+- ret = spi_sync_transfer(st->sdev, &xfer, 1); |
653 |
++ ret = spi_sync_transfer(st->sdev, xfers, 2); |
654 |
+ if (ret < 0) |
655 |
+ return ret; |
656 |
+ st->old_data = true; |
657 |
+diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c |
658 |
+index 2e541a029657..e33d23c2f6ea 100644 |
659 |
+--- a/drivers/usb/core/message.c |
660 |
++++ b/drivers/usb/core/message.c |
661 |
+@@ -1081,11 +1081,11 @@ void usb_disable_endpoint(struct usb_device *dev, unsigned int epaddr, |
662 |
+ |
663 |
+ if (usb_endpoint_out(epaddr)) { |
664 |
+ ep = dev->ep_out[epnum]; |
665 |
+- if (reset_hardware) |
666 |
++ if (reset_hardware && epnum != 0) |
667 |
+ dev->ep_out[epnum] = NULL; |
668 |
+ } else { |
669 |
+ ep = dev->ep_in[epnum]; |
670 |
+- if (reset_hardware) |
671 |
++ if (reset_hardware && epnum != 0) |
672 |
+ dev->ep_in[epnum] = NULL; |
673 |
+ } |
674 |
+ if (ep) { |
675 |
+diff --git a/drivers/watchdog/watchdog_dev.c b/drivers/watchdog/watchdog_dev.c |
676 |
+index 9e17d933ea94..3167f276c4c2 100644 |
677 |
+--- a/drivers/watchdog/watchdog_dev.c |
678 |
++++ b/drivers/watchdog/watchdog_dev.c |
679 |
+@@ -38,7 +38,6 @@ |
680 |
+ #include <linux/init.h> /* For __init/__exit/... */ |
681 |
+ #include <linux/jiffies.h> /* For timeout functions */ |
682 |
+ #include <linux/kernel.h> /* For printk/panic/... */ |
683 |
+-#include <linux/kref.h> /* For data references */ |
684 |
+ #include <linux/miscdevice.h> /* For handling misc devices */ |
685 |
+ #include <linux/module.h> /* For module stuff/... */ |
686 |
+ #include <linux/mutex.h> /* For mutexes */ |
687 |
+@@ -53,14 +52,14 @@ |
688 |
+ |
689 |
+ /* |
690 |
+ * struct watchdog_core_data - watchdog core internal data |
691 |
+- * @kref: Reference count. |
692 |
++ * @dev: The watchdog's internal device |
693 |
+ * @cdev: The watchdog's Character device. |
694 |
+ * @wdd: Pointer to watchdog device. |
695 |
+ * @lock: Lock for watchdog core. |
696 |
+ * @status: Watchdog core internal status bits. |
697 |
+ */ |
698 |
+ struct watchdog_core_data { |
699 |
+- struct kref kref; |
700 |
++ struct device dev; |
701 |
+ struct cdev cdev; |
702 |
+ struct watchdog_device *wdd; |
703 |
+ struct mutex lock; |
704 |
+@@ -794,7 +793,7 @@ static int watchdog_open(struct inode *inode, struct file *file) |
705 |
+ file->private_data = wd_data; |
706 |
+ |
707 |
+ if (!hw_running) |
708 |
+- kref_get(&wd_data->kref); |
709 |
++ get_device(&wd_data->dev); |
710 |
+ |
711 |
+ /* dev/watchdog is a virtual (and thus non-seekable) filesystem */ |
712 |
+ return nonseekable_open(inode, file); |
713 |
+@@ -806,11 +805,11 @@ out_clear: |
714 |
+ return err; |
715 |
+ } |
716 |
+ |
717 |
+-static void watchdog_core_data_release(struct kref *kref) |
718 |
++static void watchdog_core_data_release(struct device *dev) |
719 |
+ { |
720 |
+ struct watchdog_core_data *wd_data; |
721 |
+ |
722 |
+- wd_data = container_of(kref, struct watchdog_core_data, kref); |
723 |
++ wd_data = container_of(dev, struct watchdog_core_data, dev); |
724 |
+ |
725 |
+ kfree(wd_data); |
726 |
+ } |
727 |
+@@ -870,7 +869,7 @@ done: |
728 |
+ */ |
729 |
+ if (!running) { |
730 |
+ module_put(wd_data->cdev.owner); |
731 |
+- kref_put(&wd_data->kref, watchdog_core_data_release); |
732 |
++ put_device(&wd_data->dev); |
733 |
+ } |
734 |
+ return 0; |
735 |
+ } |
736 |
+@@ -889,17 +888,22 @@ static struct miscdevice watchdog_miscdev = { |
737 |
+ .fops = &watchdog_fops, |
738 |
+ }; |
739 |
+ |
740 |
++static struct class watchdog_class = { |
741 |
++ .name = "watchdog", |
742 |
++ .owner = THIS_MODULE, |
743 |
++ .dev_groups = wdt_groups, |
744 |
++}; |
745 |
++ |
746 |
+ /* |
747 |
+ * watchdog_cdev_register: register watchdog character device |
748 |
+ * @wdd: watchdog device |
749 |
+- * @devno: character device number |
750 |
+ * |
751 |
+ * Register a watchdog character device including handling the legacy |
752 |
+ * /dev/watchdog node. /dev/watchdog is actually a miscdevice and |
753 |
+ * thus we set it up like that. |
754 |
+ */ |
755 |
+ |
756 |
+-static int watchdog_cdev_register(struct watchdog_device *wdd, dev_t devno) |
757 |
++static int watchdog_cdev_register(struct watchdog_device *wdd) |
758 |
+ { |
759 |
+ struct watchdog_core_data *wd_data; |
760 |
+ int err; |
761 |
+@@ -907,7 +911,6 @@ static int watchdog_cdev_register(struct watchdog_device *wdd, dev_t devno) |
762 |
+ wd_data = kzalloc(sizeof(struct watchdog_core_data), GFP_KERNEL); |
763 |
+ if (!wd_data) |
764 |
+ return -ENOMEM; |
765 |
+- kref_init(&wd_data->kref); |
766 |
+ mutex_init(&wd_data->lock); |
767 |
+ |
768 |
+ wd_data->wdd = wdd; |
769 |
+@@ -934,23 +937,33 @@ static int watchdog_cdev_register(struct watchdog_device *wdd, dev_t devno) |
770 |
+ } |
771 |
+ } |
772 |
+ |
773 |
++ device_initialize(&wd_data->dev); |
774 |
++ wd_data->dev.devt = MKDEV(MAJOR(watchdog_devt), wdd->id); |
775 |
++ wd_data->dev.class = &watchdog_class; |
776 |
++ wd_data->dev.parent = wdd->parent; |
777 |
++ wd_data->dev.groups = wdd->groups; |
778 |
++ wd_data->dev.release = watchdog_core_data_release; |
779 |
++ dev_set_drvdata(&wd_data->dev, wdd); |
780 |
++ dev_set_name(&wd_data->dev, "watchdog%d", wdd->id); |
781 |
++ |
782 |
+ /* Fill in the data structures */ |
783 |
+ cdev_init(&wd_data->cdev, &watchdog_fops); |
784 |
+- wd_data->cdev.owner = wdd->ops->owner; |
785 |
+ |
786 |
+ /* Add the device */ |
787 |
+- err = cdev_add(&wd_data->cdev, devno, 1); |
788 |
++ err = cdev_device_add(&wd_data->cdev, &wd_data->dev); |
789 |
+ if (err) { |
790 |
+ pr_err("watchdog%d unable to add device %d:%d\n", |
791 |
+ wdd->id, MAJOR(watchdog_devt), wdd->id); |
792 |
+ if (wdd->id == 0) { |
793 |
+ misc_deregister(&watchdog_miscdev); |
794 |
+ old_wd_data = NULL; |
795 |
+- kref_put(&wd_data->kref, watchdog_core_data_release); |
796 |
++ put_device(&wd_data->dev); |
797 |
+ } |
798 |
+ return err; |
799 |
+ } |
800 |
+ |
801 |
++ wd_data->cdev.owner = wdd->ops->owner; |
802 |
++ |
803 |
+ /* Record time of most recent heartbeat as 'just before now'. */ |
804 |
+ wd_data->last_hw_keepalive = jiffies - 1; |
805 |
+ |
806 |
+@@ -960,7 +973,7 @@ static int watchdog_cdev_register(struct watchdog_device *wdd, dev_t devno) |
807 |
+ */ |
808 |
+ if (watchdog_hw_running(wdd)) { |
809 |
+ __module_get(wdd->ops->owner); |
810 |
+- kref_get(&wd_data->kref); |
811 |
++ get_device(&wd_data->dev); |
812 |
+ queue_delayed_work(watchdog_wq, &wd_data->work, 0); |
813 |
+ } |
814 |
+ |
815 |
+@@ -979,7 +992,7 @@ static void watchdog_cdev_unregister(struct watchdog_device *wdd) |
816 |
+ { |
817 |
+ struct watchdog_core_data *wd_data = wdd->wd_data; |
818 |
+ |
819 |
+- cdev_del(&wd_data->cdev); |
820 |
++ cdev_device_del(&wd_data->cdev, &wd_data->dev); |
821 |
+ if (wdd->id == 0) { |
822 |
+ misc_deregister(&watchdog_miscdev); |
823 |
+ old_wd_data = NULL; |
824 |
+@@ -992,15 +1005,9 @@ static void watchdog_cdev_unregister(struct watchdog_device *wdd) |
825 |
+ |
826 |
+ cancel_delayed_work_sync(&wd_data->work); |
827 |
+ |
828 |
+- kref_put(&wd_data->kref, watchdog_core_data_release); |
829 |
++ put_device(&wd_data->dev); |
830 |
+ } |
831 |
+ |
832 |
+-static struct class watchdog_class = { |
833 |
+- .name = "watchdog", |
834 |
+- .owner = THIS_MODULE, |
835 |
+- .dev_groups = wdt_groups, |
836 |
+-}; |
837 |
+- |
838 |
+ /* |
839 |
+ * watchdog_dev_register: register a watchdog device |
840 |
+ * @wdd: watchdog device |
841 |
+@@ -1012,27 +1019,14 @@ static struct class watchdog_class = { |
842 |
+ |
843 |
+ int watchdog_dev_register(struct watchdog_device *wdd) |
844 |
+ { |
845 |
+- struct device *dev; |
846 |
+- dev_t devno; |
847 |
+ int ret; |
848 |
+ |
849 |
+- devno = MKDEV(MAJOR(watchdog_devt), wdd->id); |
850 |
+- |
851 |
+- ret = watchdog_cdev_register(wdd, devno); |
852 |
++ ret = watchdog_cdev_register(wdd); |
853 |
+ if (ret) |
854 |
+ return ret; |
855 |
+ |
856 |
+- dev = device_create_with_groups(&watchdog_class, wdd->parent, |
857 |
+- devno, wdd, wdd->groups, |
858 |
+- "watchdog%d", wdd->id); |
859 |
+- if (IS_ERR(dev)) { |
860 |
+- watchdog_cdev_unregister(wdd); |
861 |
+- return PTR_ERR(dev); |
862 |
+- } |
863 |
+- |
864 |
+ ret = watchdog_register_pretimeout(wdd); |
865 |
+ if (ret) { |
866 |
+- device_destroy(&watchdog_class, devno); |
867 |
+ watchdog_cdev_unregister(wdd); |
868 |
+ } |
869 |
+ |
870 |
+@@ -1050,7 +1044,6 @@ int watchdog_dev_register(struct watchdog_device *wdd) |
871 |
+ void watchdog_dev_unregister(struct watchdog_device *wdd) |
872 |
+ { |
873 |
+ watchdog_unregister_pretimeout(wdd); |
874 |
+- device_destroy(&watchdog_class, wdd->wd_data->cdev.dev); |
875 |
+ watchdog_cdev_unregister(wdd); |
876 |
+ } |
877 |
+ |
878 |
+diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c |
879 |
+index 617e9ae67f50..e11aacb35d6b 100644 |
880 |
+--- a/fs/ceph/caps.c |
881 |
++++ b/fs/ceph/caps.c |
882 |
+@@ -3394,6 +3394,7 @@ retry: |
883 |
+ WARN_ON(1); |
884 |
+ tsession = NULL; |
885 |
+ target = -1; |
886 |
++ mutex_lock(&session->s_mutex); |
887 |
+ } |
888 |
+ goto retry; |
889 |
+ |
890 |
+diff --git a/fs/configfs/dir.c b/fs/configfs/dir.c |
891 |
+index c2ef617d2f97..c875f246cb0e 100644 |
892 |
+--- a/fs/configfs/dir.c |
893 |
++++ b/fs/configfs/dir.c |
894 |
+@@ -1537,6 +1537,7 @@ static int configfs_rmdir(struct inode *dir, struct dentry *dentry) |
895 |
+ spin_lock(&configfs_dirent_lock); |
896 |
+ configfs_detach_rollback(dentry); |
897 |
+ spin_unlock(&configfs_dirent_lock); |
898 |
++ config_item_put(parent_item); |
899 |
+ return -EINTR; |
900 |
+ } |
901 |
+ frag->frag_dead = true; |
902 |
+diff --git a/fs/file.c b/fs/file.c |
903 |
+index 09aac4d4729b..82d3f925bab3 100644 |
904 |
+--- a/fs/file.c |
905 |
++++ b/fs/file.c |
906 |
+@@ -89,7 +89,7 @@ static void copy_fd_bitmaps(struct fdtable *nfdt, struct fdtable *ofdt, |
907 |
+ */ |
908 |
+ static void copy_fdtable(struct fdtable *nfdt, struct fdtable *ofdt) |
909 |
+ { |
910 |
+- unsigned int cpy, set; |
911 |
++ size_t cpy, set; |
912 |
+ |
913 |
+ BUG_ON(nfdt->max_fds < ofdt->max_fds); |
914 |
+ |
915 |
+diff --git a/fs/gfs2/glock.c b/fs/gfs2/glock.c |
916 |
+index adc1a97cfe96..efd44d5645d8 100644 |
917 |
+--- a/fs/gfs2/glock.c |
918 |
++++ b/fs/gfs2/glock.c |
919 |
+@@ -548,9 +548,6 @@ __acquires(&gl->gl_lockref.lock) |
920 |
+ goto out_unlock; |
921 |
+ if (nonblock) |
922 |
+ goto out_sched; |
923 |
+- smp_mb(); |
924 |
+- if (atomic_read(&gl->gl_revokes) != 0) |
925 |
+- goto out_sched; |
926 |
+ set_bit(GLF_DEMOTE_IN_PROGRESS, &gl->gl_flags); |
927 |
+ GLOCK_BUG_ON(gl, gl->gl_demote_state == LM_ST_EXCLUSIVE); |
928 |
+ gl->gl_target = gl->gl_demote_state; |
929 |
+diff --git a/include/linux/net.h b/include/linux/net.h |
930 |
+index cd0c8bd0a1de..54270c4707cf 100644 |
931 |
+--- a/include/linux/net.h |
932 |
++++ b/include/linux/net.h |
933 |
+@@ -298,6 +298,9 @@ int kernel_sendpage(struct socket *sock, struct page *page, int offset, |
934 |
+ int kernel_sock_ioctl(struct socket *sock, int cmd, unsigned long arg); |
935 |
+ int kernel_sock_shutdown(struct socket *sock, enum sock_shutdown_cmd how); |
936 |
+ |
937 |
++/* Routine returns the IP overhead imposed by a (caller-protected) socket. */ |
938 |
++u32 kernel_sock_ip_overhead(struct sock *sk); |
939 |
++ |
940 |
+ #define MODULE_ALIAS_NETPROTO(proto) \ |
941 |
+ MODULE_ALIAS("net-pf-" __stringify(proto)) |
942 |
+ |
943 |
+diff --git a/include/linux/padata.h b/include/linux/padata.h |
944 |
+index 0f9e567d5e15..3afa17ed59da 100644 |
945 |
+--- a/include/linux/padata.h |
946 |
++++ b/include/linux/padata.h |
947 |
+@@ -24,7 +24,6 @@ |
948 |
+ #include <linux/workqueue.h> |
949 |
+ #include <linux/spinlock.h> |
950 |
+ #include <linux/list.h> |
951 |
+-#include <linux/timer.h> |
952 |
+ #include <linux/notifier.h> |
953 |
+ #include <linux/kobject.h> |
954 |
+ |
955 |
+@@ -37,6 +36,7 @@ |
956 |
+ * @list: List entry, to attach to the padata lists. |
957 |
+ * @pd: Pointer to the internal control structure. |
958 |
+ * @cb_cpu: Callback cpu for serializatioon. |
959 |
++ * @cpu: Cpu for parallelization. |
960 |
+ * @seq_nr: Sequence number of the parallelized data object. |
961 |
+ * @info: Used to pass information from the parallel to the serial function. |
962 |
+ * @parallel: Parallel execution function. |
963 |
+@@ -46,6 +46,7 @@ struct padata_priv { |
964 |
+ struct list_head list; |
965 |
+ struct parallel_data *pd; |
966 |
+ int cb_cpu; |
967 |
++ int cpu; |
968 |
+ int info; |
969 |
+ void (*parallel)(struct padata_priv *padata); |
970 |
+ void (*serial)(struct padata_priv *padata); |
971 |
+@@ -83,7 +84,6 @@ struct padata_serial_queue { |
972 |
+ * @serial: List to wait for serialization after reordering. |
973 |
+ * @pwork: work struct for parallelization. |
974 |
+ * @swork: work struct for serialization. |
975 |
+- * @pd: Backpointer to the internal control structure. |
976 |
+ * @work: work struct for parallelization. |
977 |
+ * @num_obj: Number of objects that are processed by this cpu. |
978 |
+ * @cpu_index: Index of the cpu. |
979 |
+@@ -91,7 +91,6 @@ struct padata_serial_queue { |
980 |
+ struct padata_parallel_queue { |
981 |
+ struct padata_list parallel; |
982 |
+ struct padata_list reorder; |
983 |
+- struct parallel_data *pd; |
984 |
+ struct work_struct work; |
985 |
+ atomic_t num_obj; |
986 |
+ int cpu_index; |
987 |
+@@ -118,10 +117,10 @@ struct padata_cpumask { |
988 |
+ * @reorder_objects: Number of objects waiting in the reorder queues. |
989 |
+ * @refcnt: Number of objects holding a reference on this parallel_data. |
990 |
+ * @max_seq_nr: Maximal used sequence number. |
991 |
++ * @cpu: Next CPU to be processed. |
992 |
+ * @cpumask: The cpumasks in use for parallel and serial workers. |
993 |
++ * @reorder_work: work struct for reordering. |
994 |
+ * @lock: Reorder lock. |
995 |
+- * @processed: Number of already processed objects. |
996 |
+- * @timer: Reorder timer. |
997 |
+ */ |
998 |
+ struct parallel_data { |
999 |
+ struct padata_instance *pinst; |
1000 |
+@@ -130,10 +129,10 @@ struct parallel_data { |
1001 |
+ atomic_t reorder_objects; |
1002 |
+ atomic_t refcnt; |
1003 |
+ atomic_t seq_nr; |
1004 |
++ int cpu; |
1005 |
+ struct padata_cpumask cpumask; |
1006 |
++ struct work_struct reorder_work; |
1007 |
+ spinlock_t lock ____cacheline_aligned; |
1008 |
+- unsigned int processed; |
1009 |
+- struct timer_list timer; |
1010 |
+ }; |
1011 |
+ |
1012 |
+ /** |
1013 |
+diff --git a/include/uapi/linux/if_pppol2tp.h b/include/uapi/linux/if_pppol2tp.h |
1014 |
+index 4bd1f55d6377..6418c4d10241 100644 |
1015 |
+--- a/include/uapi/linux/if_pppol2tp.h |
1016 |
++++ b/include/uapi/linux/if_pppol2tp.h |
1017 |
+@@ -18,6 +18,7 @@ |
1018 |
+ #include <linux/types.h> |
1019 |
+ #include <linux/in.h> |
1020 |
+ #include <linux/in6.h> |
1021 |
++#include <linux/l2tp.h> |
1022 |
+ |
1023 |
+ /* Structure used to connect() the socket to a particular tunnel UDP |
1024 |
+ * socket over IPv4. |
1025 |
+@@ -90,14 +91,12 @@ enum { |
1026 |
+ PPPOL2TP_SO_REORDERTO = 5, |
1027 |
+ }; |
1028 |
+ |
1029 |
+-/* Debug message categories for the DEBUG socket option */ |
1030 |
++/* Debug message categories for the DEBUG socket option (deprecated) */ |
1031 |
+ enum { |
1032 |
+- PPPOL2TP_MSG_DEBUG = (1 << 0), /* verbose debug (if |
1033 |
+- * compiled in) */ |
1034 |
+- PPPOL2TP_MSG_CONTROL = (1 << 1), /* userspace - kernel |
1035 |
+- * interface */ |
1036 |
+- PPPOL2TP_MSG_SEQ = (1 << 2), /* sequence numbers */ |
1037 |
+- PPPOL2TP_MSG_DATA = (1 << 3), /* data packets */ |
1038 |
++ PPPOL2TP_MSG_DEBUG = L2TP_MSG_DEBUG, |
1039 |
++ PPPOL2TP_MSG_CONTROL = L2TP_MSG_CONTROL, |
1040 |
++ PPPOL2TP_MSG_SEQ = L2TP_MSG_SEQ, |
1041 |
++ PPPOL2TP_MSG_DATA = L2TP_MSG_DATA, |
1042 |
+ }; |
1043 |
+ |
1044 |
+ |
1045 |
+diff --git a/include/uapi/linux/l2tp.h b/include/uapi/linux/l2tp.h |
1046 |
+index 4bd27d0270a2..bb2d62037037 100644 |
1047 |
+--- a/include/uapi/linux/l2tp.h |
1048 |
++++ b/include/uapi/linux/l2tp.h |
1049 |
+@@ -108,7 +108,7 @@ enum { |
1050 |
+ L2TP_ATTR_VLAN_ID, /* u16 */ |
1051 |
+ L2TP_ATTR_COOKIE, /* 0, 4 or 8 bytes */ |
1052 |
+ L2TP_ATTR_PEER_COOKIE, /* 0, 4 or 8 bytes */ |
1053 |
+- L2TP_ATTR_DEBUG, /* u32 */ |
1054 |
++ L2TP_ATTR_DEBUG, /* u32, enum l2tp_debug_flags */ |
1055 |
+ L2TP_ATTR_RECV_SEQ, /* u8 */ |
1056 |
+ L2TP_ATTR_SEND_SEQ, /* u8 */ |
1057 |
+ L2TP_ATTR_LNS_MODE, /* u8 */ |
1058 |
+@@ -175,6 +175,21 @@ enum l2tp_seqmode { |
1059 |
+ L2TP_SEQ_ALL = 2, |
1060 |
+ }; |
1061 |
+ |
1062 |
++/** |
1063 |
++ * enum l2tp_debug_flags - debug message categories for L2TP tunnels/sessions |
1064 |
++ * |
1065 |
++ * @L2TP_MSG_DEBUG: verbose debug (if compiled in) |
1066 |
++ * @L2TP_MSG_CONTROL: userspace - kernel interface |
1067 |
++ * @L2TP_MSG_SEQ: sequence numbers |
1068 |
++ * @L2TP_MSG_DATA: data packets |
1069 |
++ */ |
1070 |
++enum l2tp_debug_flags { |
1071 |
++ L2TP_MSG_DEBUG = (1 << 0), |
1072 |
++ L2TP_MSG_CONTROL = (1 << 1), |
1073 |
++ L2TP_MSG_SEQ = (1 << 2), |
1074 |
++ L2TP_MSG_DATA = (1 << 3), |
1075 |
++}; |
1076 |
++ |
1077 |
+ /* |
1078 |
+ * NETLINK_GENERIC related info |
1079 |
+ */ |
1080 |
+diff --git a/kernel/padata.c b/kernel/padata.c |
1081 |
+index 6939111b3cbe..e82f066d63ac 100644 |
1082 |
+--- a/kernel/padata.c |
1083 |
++++ b/kernel/padata.c |
1084 |
+@@ -66,15 +66,11 @@ static int padata_cpu_hash(struct parallel_data *pd) |
1085 |
+ static void padata_parallel_worker(struct work_struct *parallel_work) |
1086 |
+ { |
1087 |
+ struct padata_parallel_queue *pqueue; |
1088 |
+- struct parallel_data *pd; |
1089 |
+- struct padata_instance *pinst; |
1090 |
+ LIST_HEAD(local_list); |
1091 |
+ |
1092 |
+ local_bh_disable(); |
1093 |
+ pqueue = container_of(parallel_work, |
1094 |
+ struct padata_parallel_queue, work); |
1095 |
+- pd = pqueue->pd; |
1096 |
+- pinst = pd->pinst; |
1097 |
+ |
1098 |
+ spin_lock(&pqueue->parallel.lock); |
1099 |
+ list_replace_init(&pqueue->parallel.list, &local_list); |
1100 |
+@@ -137,6 +133,7 @@ int padata_do_parallel(struct padata_instance *pinst, |
1101 |
+ padata->cb_cpu = cb_cpu; |
1102 |
+ |
1103 |
+ target_cpu = padata_cpu_hash(pd); |
1104 |
++ padata->cpu = target_cpu; |
1105 |
+ queue = per_cpu_ptr(pd->pqueue, target_cpu); |
1106 |
+ |
1107 |
+ spin_lock(&queue->parallel.lock); |
1108 |
+@@ -160,8 +157,6 @@ EXPORT_SYMBOL(padata_do_parallel); |
1109 |
+ * A pointer to the control struct of the next object that needs |
1110 |
+ * serialization, if present in one of the percpu reorder queues. |
1111 |
+ * |
1112 |
+- * NULL, if all percpu reorder queues are empty. |
1113 |
+- * |
1114 |
+ * -EINPROGRESS, if the next object that needs serialization will |
1115 |
+ * be parallel processed by another cpu and is not yet present in |
1116 |
+ * the cpu's reorder queue. |
1117 |
+@@ -171,25 +166,12 @@ EXPORT_SYMBOL(padata_do_parallel); |
1118 |
+ */ |
1119 |
+ static struct padata_priv *padata_get_next(struct parallel_data *pd) |
1120 |
+ { |
1121 |
+- int cpu, num_cpus; |
1122 |
+- unsigned int next_nr, next_index; |
1123 |
+ struct padata_parallel_queue *next_queue; |
1124 |
+ struct padata_priv *padata; |
1125 |
+ struct padata_list *reorder; |
1126 |
++ int cpu = pd->cpu; |
1127 |
+ |
1128 |
+- num_cpus = cpumask_weight(pd->cpumask.pcpu); |
1129 |
+- |
1130 |
+- /* |
1131 |
+- * Calculate the percpu reorder queue and the sequence |
1132 |
+- * number of the next object. |
1133 |
+- */ |
1134 |
+- next_nr = pd->processed; |
1135 |
+- next_index = next_nr % num_cpus; |
1136 |
+- cpu = padata_index_to_cpu(pd, next_index); |
1137 |
+ next_queue = per_cpu_ptr(pd->pqueue, cpu); |
1138 |
+- |
1139 |
+- padata = NULL; |
1140 |
+- |
1141 |
+ reorder = &next_queue->reorder; |
1142 |
+ |
1143 |
+ spin_lock(&reorder->lock); |
1144 |
+@@ -200,7 +182,8 @@ static struct padata_priv *padata_get_next(struct parallel_data *pd) |
1145 |
+ list_del_init(&padata->list); |
1146 |
+ atomic_dec(&pd->reorder_objects); |
1147 |
+ |
1148 |
+- pd->processed++; |
1149 |
++ pd->cpu = cpumask_next_wrap(cpu, pd->cpumask.pcpu, -1, |
1150 |
++ false); |
1151 |
+ |
1152 |
+ spin_unlock(&reorder->lock); |
1153 |
+ goto out; |
1154 |
+@@ -223,6 +206,7 @@ static void padata_reorder(struct parallel_data *pd) |
1155 |
+ struct padata_priv *padata; |
1156 |
+ struct padata_serial_queue *squeue; |
1157 |
+ struct padata_instance *pinst = pd->pinst; |
1158 |
++ struct padata_parallel_queue *next_queue; |
1159 |
+ |
1160 |
+ /* |
1161 |
+ * We need to ensure that only one cpu can work on dequeueing of |
1162 |
+@@ -241,12 +225,11 @@ static void padata_reorder(struct parallel_data *pd) |
1163 |
+ padata = padata_get_next(pd); |
1164 |
+ |
1165 |
+ /* |
1166 |
+- * All reorder queues are empty, or the next object that needs |
1167 |
+- * serialization is parallel processed by another cpu and is |
1168 |
+- * still on it's way to the cpu's reorder queue, nothing to |
1169 |
+- * do for now. |
1170 |
++ * If the next object that needs serialization is parallel |
1171 |
++ * processed by another cpu and is still on it's way to the |
1172 |
++ * cpu's reorder queue, nothing to do for now. |
1173 |
+ */ |
1174 |
+- if (!padata || PTR_ERR(padata) == -EINPROGRESS) |
1175 |
++ if (PTR_ERR(padata) == -EINPROGRESS) |
1176 |
+ break; |
1177 |
+ |
1178 |
+ /* |
1179 |
+@@ -255,7 +238,6 @@ static void padata_reorder(struct parallel_data *pd) |
1180 |
+ * so exit immediately. |
1181 |
+ */ |
1182 |
+ if (PTR_ERR(padata) == -ENODATA) { |
1183 |
+- del_timer(&pd->timer); |
1184 |
+ spin_unlock_bh(&pd->lock); |
1185 |
+ return; |
1186 |
+ } |
1187 |
+@@ -274,28 +256,27 @@ static void padata_reorder(struct parallel_data *pd) |
1188 |
+ |
1189 |
+ /* |
1190 |
+ * The next object that needs serialization might have arrived to |
1191 |
+- * the reorder queues in the meantime, we will be called again |
1192 |
+- * from the timer function if no one else cares for it. |
1193 |
++ * the reorder queues in the meantime. |
1194 |
+ * |
1195 |
+- * Ensure reorder_objects is read after pd->lock is dropped so we see |
1196 |
+- * an increment from another task in padata_do_serial. Pairs with |
1197 |
++ * Ensure reorder queue is read after pd->lock is dropped so we see |
1198 |
++ * new objects from another task in padata_do_serial. Pairs with |
1199 |
+ * smp_mb__after_atomic in padata_do_serial. |
1200 |
+ */ |
1201 |
+ smp_mb(); |
1202 |
+- if (atomic_read(&pd->reorder_objects) |
1203 |
+- && !(pinst->flags & PADATA_RESET)) |
1204 |
+- mod_timer(&pd->timer, jiffies + HZ); |
1205 |
+- else |
1206 |
+- del_timer(&pd->timer); |
1207 |
+ |
1208 |
+- return; |
1209 |
++ next_queue = per_cpu_ptr(pd->pqueue, pd->cpu); |
1210 |
++ if (!list_empty(&next_queue->reorder.list)) |
1211 |
++ queue_work(pinst->wq, &pd->reorder_work); |
1212 |
+ } |
1213 |
+ |
1214 |
+-static void padata_reorder_timer(unsigned long arg) |
1215 |
++static void invoke_padata_reorder(struct work_struct *work) |
1216 |
+ { |
1217 |
+- struct parallel_data *pd = (struct parallel_data *)arg; |
1218 |
++ struct parallel_data *pd; |
1219 |
+ |
1220 |
++ local_bh_disable(); |
1221 |
++ pd = container_of(work, struct parallel_data, reorder_work); |
1222 |
+ padata_reorder(pd); |
1223 |
++ local_bh_enable(); |
1224 |
+ } |
1225 |
+ |
1226 |
+ static void padata_serial_worker(struct work_struct *serial_work) |
1227 |
+@@ -342,29 +323,22 @@ static void padata_serial_worker(struct work_struct *serial_work) |
1228 |
+ */ |
1229 |
+ void padata_do_serial(struct padata_priv *padata) |
1230 |
+ { |
1231 |
+- int cpu; |
1232 |
+- struct padata_parallel_queue *pqueue; |
1233 |
+- struct parallel_data *pd; |
1234 |
+- |
1235 |
+- pd = padata->pd; |
1236 |
+- |
1237 |
+- cpu = get_cpu(); |
1238 |
+- pqueue = per_cpu_ptr(pd->pqueue, cpu); |
1239 |
++ struct parallel_data *pd = padata->pd; |
1240 |
++ struct padata_parallel_queue *pqueue = per_cpu_ptr(pd->pqueue, |
1241 |
++ padata->cpu); |
1242 |
+ |
1243 |
+ spin_lock(&pqueue->reorder.lock); |
1244 |
+- atomic_inc(&pd->reorder_objects); |
1245 |
+ list_add_tail(&padata->list, &pqueue->reorder.list); |
1246 |
++ atomic_inc(&pd->reorder_objects); |
1247 |
+ spin_unlock(&pqueue->reorder.lock); |
1248 |
+ |
1249 |
+ /* |
1250 |
+- * Ensure the atomic_inc of reorder_objects above is ordered correctly |
1251 |
++ * Ensure the addition to the reorder list is ordered correctly |
1252 |
+ * with the trylock of pd->lock in padata_reorder. Pairs with smp_mb |
1253 |
+ * in padata_reorder. |
1254 |
+ */ |
1255 |
+ smp_mb__after_atomic(); |
1256 |
+ |
1257 |
+- put_cpu(); |
1258 |
+- |
1259 |
+ padata_reorder(pd); |
1260 |
+ } |
1261 |
+ EXPORT_SYMBOL(padata_do_serial); |
1262 |
+@@ -413,9 +387,14 @@ static void padata_init_pqueues(struct parallel_data *pd) |
1263 |
+ struct padata_parallel_queue *pqueue; |
1264 |
+ |
1265 |
+ cpu_index = 0; |
1266 |
+- for_each_cpu(cpu, pd->cpumask.pcpu) { |
1267 |
++ for_each_possible_cpu(cpu) { |
1268 |
+ pqueue = per_cpu_ptr(pd->pqueue, cpu); |
1269 |
+- pqueue->pd = pd; |
1270 |
++ |
1271 |
++ if (!cpumask_test_cpu(cpu, pd->cpumask.pcpu)) { |
1272 |
++ pqueue->cpu_index = -1; |
1273 |
++ continue; |
1274 |
++ } |
1275 |
++ |
1276 |
+ pqueue->cpu_index = cpu_index; |
1277 |
+ cpu_index++; |
1278 |
+ |
1279 |
+@@ -449,12 +428,13 @@ static struct parallel_data *padata_alloc_pd(struct padata_instance *pinst, |
1280 |
+ |
1281 |
+ padata_init_pqueues(pd); |
1282 |
+ padata_init_squeues(pd); |
1283 |
+- setup_timer(&pd->timer, padata_reorder_timer, (unsigned long)pd); |
1284 |
+ atomic_set(&pd->seq_nr, -1); |
1285 |
+ atomic_set(&pd->reorder_objects, 0); |
1286 |
+ atomic_set(&pd->refcnt, 1); |
1287 |
+ pd->pinst = pinst; |
1288 |
+ spin_lock_init(&pd->lock); |
1289 |
++ pd->cpu = cpumask_first(pd->cpumask.pcpu); |
1290 |
++ INIT_WORK(&pd->reorder_work, invoke_padata_reorder); |
1291 |
+ |
1292 |
+ return pd; |
1293 |
+ |
1294 |
+diff --git a/lib/Makefile b/lib/Makefile |
1295 |
+index 452d2956a5a2..7a55c5205281 100644 |
1296 |
+--- a/lib/Makefile |
1297 |
++++ b/lib/Makefile |
1298 |
+@@ -230,5 +230,7 @@ obj-$(CONFIG_UCS2_STRING) += ucs2_string.o |
1299 |
+ obj-$(CONFIG_UBSAN) += ubsan.o |
1300 |
+ |
1301 |
+ UBSAN_SANITIZE_ubsan.o := n |
1302 |
++KASAN_SANITIZE_ubsan.o := n |
1303 |
++CFLAGS_ubsan.o := $(call cc-option, -fno-stack-protector) $(DISABLE_STACKLEAK_PLUGIN) |
1304 |
+ |
1305 |
+ obj-$(CONFIG_SBITMAP) += sbitmap.o |
1306 |
+diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c |
1307 |
+index 7c3da29fad8e..36c7f616294a 100644 |
1308 |
+--- a/net/l2tp/l2tp_core.c |
1309 |
++++ b/net/l2tp/l2tp_core.c |
1310 |
+@@ -112,53 +112,19 @@ struct l2tp_net { |
1311 |
+ spinlock_t l2tp_session_hlist_lock; |
1312 |
+ }; |
1313 |
+ |
1314 |
+-static void l2tp_tunnel_free(struct l2tp_tunnel *tunnel); |
1315 |
+ |
1316 |
+ static inline struct l2tp_tunnel *l2tp_tunnel(struct sock *sk) |
1317 |
+ { |
1318 |
+ return sk->sk_user_data; |
1319 |
+ } |
1320 |
+ |
1321 |
+-static inline struct l2tp_net *l2tp_pernet(struct net *net) |
1322 |
++static inline struct l2tp_net *l2tp_pernet(const struct net *net) |
1323 |
+ { |
1324 |
+ BUG_ON(!net); |
1325 |
+ |
1326 |
+ return net_generic(net, l2tp_net_id); |
1327 |
+ } |
1328 |
+ |
1329 |
+-/* Tunnel reference counts. Incremented per session that is added to |
1330 |
+- * the tunnel. |
1331 |
+- */ |
1332 |
+-static inline void l2tp_tunnel_inc_refcount_1(struct l2tp_tunnel *tunnel) |
1333 |
+-{ |
1334 |
+- atomic_inc(&tunnel->ref_count); |
1335 |
+-} |
1336 |
+- |
1337 |
+-static inline void l2tp_tunnel_dec_refcount_1(struct l2tp_tunnel *tunnel) |
1338 |
+-{ |
1339 |
+- if (atomic_dec_and_test(&tunnel->ref_count)) |
1340 |
+- l2tp_tunnel_free(tunnel); |
1341 |
+-} |
1342 |
+-#ifdef L2TP_REFCNT_DEBUG |
1343 |
+-#define l2tp_tunnel_inc_refcount(_t) \ |
1344 |
+-do { \ |
1345 |
+- pr_debug("l2tp_tunnel_inc_refcount: %s:%d %s: cnt=%d\n", \ |
1346 |
+- __func__, __LINE__, (_t)->name, \ |
1347 |
+- atomic_read(&_t->ref_count)); \ |
1348 |
+- l2tp_tunnel_inc_refcount_1(_t); \ |
1349 |
+-} while (0) |
1350 |
+-#define l2tp_tunnel_dec_refcount(_t) \ |
1351 |
+-do { \ |
1352 |
+- pr_debug("l2tp_tunnel_dec_refcount: %s:%d %s: cnt=%d\n", \ |
1353 |
+- __func__, __LINE__, (_t)->name, \ |
1354 |
+- atomic_read(&_t->ref_count)); \ |
1355 |
+- l2tp_tunnel_dec_refcount_1(_t); \ |
1356 |
+-} while (0) |
1357 |
+-#else |
1358 |
+-#define l2tp_tunnel_inc_refcount(t) l2tp_tunnel_inc_refcount_1(t) |
1359 |
+-#define l2tp_tunnel_dec_refcount(t) l2tp_tunnel_dec_refcount_1(t) |
1360 |
+-#endif |
1361 |
+- |
1362 |
+ /* Session hash global list for L2TPv3. |
1363 |
+ * The session_id SHOULD be random according to RFC3931, but several |
1364 |
+ * L2TP implementations use incrementing session_ids. So we do a real |
1365 |
+@@ -216,27 +182,6 @@ static void l2tp_tunnel_sock_put(struct sock *sk) |
1366 |
+ sock_put(sk); |
1367 |
+ } |
1368 |
+ |
1369 |
+-/* Lookup a session by id in the global session list |
1370 |
+- */ |
1371 |
+-static struct l2tp_session *l2tp_session_find_2(struct net *net, u32 session_id) |
1372 |
+-{ |
1373 |
+- struct l2tp_net *pn = l2tp_pernet(net); |
1374 |
+- struct hlist_head *session_list = |
1375 |
+- l2tp_session_id_hash_2(pn, session_id); |
1376 |
+- struct l2tp_session *session; |
1377 |
+- |
1378 |
+- rcu_read_lock_bh(); |
1379 |
+- hlist_for_each_entry_rcu(session, session_list, global_hlist) { |
1380 |
+- if (session->session_id == session_id) { |
1381 |
+- rcu_read_unlock_bh(); |
1382 |
+- return session; |
1383 |
+- } |
1384 |
+- } |
1385 |
+- rcu_read_unlock_bh(); |
1386 |
+- |
1387 |
+- return NULL; |
1388 |
+-} |
1389 |
+- |
1390 |
+ /* Session hash list. |
1391 |
+ * The session_id SHOULD be random according to RFC2661, but several |
1392 |
+ * L2TP implementations (Cisco and Microsoft) use incrementing |
1393 |
+@@ -249,38 +194,31 @@ l2tp_session_id_hash(struct l2tp_tunnel *tunnel, u32 session_id) |
1394 |
+ return &tunnel->session_hlist[hash_32(session_id, L2TP_HASH_BITS)]; |
1395 |
+ } |
1396 |
+ |
1397 |
+-/* Lookup a session by id |
1398 |
+- */ |
1399 |
+-struct l2tp_session *l2tp_session_find(struct net *net, struct l2tp_tunnel *tunnel, u32 session_id) |
1400 |
++/* Lookup a tunnel. A new reference is held on the returned tunnel. */ |
1401 |
++struct l2tp_tunnel *l2tp_tunnel_get(const struct net *net, u32 tunnel_id) |
1402 |
+ { |
1403 |
+- struct hlist_head *session_list; |
1404 |
+- struct l2tp_session *session; |
1405 |
++ const struct l2tp_net *pn = l2tp_pernet(net); |
1406 |
++ struct l2tp_tunnel *tunnel; |
1407 |
+ |
1408 |
+- /* In L2TPv3, session_ids are unique over all tunnels and we |
1409 |
+- * sometimes need to look them up before we know the |
1410 |
+- * tunnel. |
1411 |
+- */ |
1412 |
+- if (tunnel == NULL) |
1413 |
+- return l2tp_session_find_2(net, session_id); |
1414 |
++ rcu_read_lock_bh(); |
1415 |
++ list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) { |
1416 |
++ if (tunnel->tunnel_id == tunnel_id) { |
1417 |
++ l2tp_tunnel_inc_refcount(tunnel); |
1418 |
++ rcu_read_unlock_bh(); |
1419 |
+ |
1420 |
+- session_list = l2tp_session_id_hash(tunnel, session_id); |
1421 |
+- read_lock_bh(&tunnel->hlist_lock); |
1422 |
+- hlist_for_each_entry(session, session_list, hlist) { |
1423 |
+- if (session->session_id == session_id) { |
1424 |
+- read_unlock_bh(&tunnel->hlist_lock); |
1425 |
+- return session; |
1426 |
++ return tunnel; |
1427 |
+ } |
1428 |
+ } |
1429 |
+- read_unlock_bh(&tunnel->hlist_lock); |
1430 |
++ rcu_read_unlock_bh(); |
1431 |
+ |
1432 |
+ return NULL; |
1433 |
+ } |
1434 |
+-EXPORT_SYMBOL_GPL(l2tp_session_find); |
1435 |
++EXPORT_SYMBOL_GPL(l2tp_tunnel_get); |
1436 |
+ |
1437 |
+-/* Like l2tp_session_find() but takes a reference on the returned session. |
1438 |
++/* Lookup a session. A new reference is held on the returned session. |
1439 |
+ * Optionally calls session->ref() too if do_ref is true. |
1440 |
+ */ |
1441 |
+-struct l2tp_session *l2tp_session_get(struct net *net, |
1442 |
++struct l2tp_session *l2tp_session_get(const struct net *net, |
1443 |
+ struct l2tp_tunnel *tunnel, |
1444 |
+ u32 session_id, bool do_ref) |
1445 |
+ { |
1446 |
+@@ -355,7 +293,8 @@ EXPORT_SYMBOL_GPL(l2tp_session_get_nth); |
1447 |
+ /* Lookup a session by interface name. |
1448 |
+ * This is very inefficient but is only used by management interfaces. |
1449 |
+ */ |
1450 |
+-struct l2tp_session *l2tp_session_get_by_ifname(struct net *net, char *ifname, |
1451 |
++struct l2tp_session *l2tp_session_get_by_ifname(const struct net *net, |
1452 |
++ const char *ifname, |
1453 |
+ bool do_ref) |
1454 |
+ { |
1455 |
+ struct l2tp_net *pn = l2tp_pernet(net); |
1456 |
+@@ -382,20 +321,28 @@ struct l2tp_session *l2tp_session_get_by_ifname(struct net *net, char *ifname, |
1457 |
+ } |
1458 |
+ EXPORT_SYMBOL_GPL(l2tp_session_get_by_ifname); |
1459 |
+ |
1460 |
+-static int l2tp_session_add_to_tunnel(struct l2tp_tunnel *tunnel, |
1461 |
+- struct l2tp_session *session) |
1462 |
++int l2tp_session_register(struct l2tp_session *session, |
1463 |
++ struct l2tp_tunnel *tunnel) |
1464 |
+ { |
1465 |
+ struct l2tp_session *session_walk; |
1466 |
+ struct hlist_head *g_head; |
1467 |
+ struct hlist_head *head; |
1468 |
+ struct l2tp_net *pn; |
1469 |
++ int err; |
1470 |
+ |
1471 |
+ head = l2tp_session_id_hash(tunnel, session->session_id); |
1472 |
+ |
1473 |
+ write_lock_bh(&tunnel->hlist_lock); |
1474 |
++ if (!tunnel->acpt_newsess) { |
1475 |
++ err = -ENODEV; |
1476 |
++ goto err_tlock; |
1477 |
++ } |
1478 |
++ |
1479 |
+ hlist_for_each_entry(session_walk, head, hlist) |
1480 |
+- if (session_walk->session_id == session->session_id) |
1481 |
+- goto exist; |
1482 |
++ if (session_walk->session_id == session->session_id) { |
1483 |
++ err = -EEXIST; |
1484 |
++ goto err_tlock; |
1485 |
++ } |
1486 |
+ |
1487 |
+ if (tunnel->version == L2TP_HDR_VER_3) { |
1488 |
+ pn = l2tp_pernet(tunnel->l2tp_net); |
1489 |
+@@ -403,30 +350,44 @@ static int l2tp_session_add_to_tunnel(struct l2tp_tunnel *tunnel, |
1490 |
+ session->session_id); |
1491 |
+ |
1492 |
+ spin_lock_bh(&pn->l2tp_session_hlist_lock); |
1493 |
++ |
1494 |
+ hlist_for_each_entry(session_walk, g_head, global_hlist) |
1495 |
+- if (session_walk->session_id == session->session_id) |
1496 |
+- goto exist_glob; |
1497 |
++ if (session_walk->session_id == session->session_id) { |
1498 |
++ err = -EEXIST; |
1499 |
++ goto err_tlock_pnlock; |
1500 |
++ } |
1501 |
+ |
1502 |
++ l2tp_tunnel_inc_refcount(tunnel); |
1503 |
++ sock_hold(tunnel->sock); |
1504 |
+ hlist_add_head_rcu(&session->global_hlist, g_head); |
1505 |
++ |
1506 |
+ spin_unlock_bh(&pn->l2tp_session_hlist_lock); |
1507 |
++ } else { |
1508 |
++ l2tp_tunnel_inc_refcount(tunnel); |
1509 |
++ sock_hold(tunnel->sock); |
1510 |
+ } |
1511 |
+ |
1512 |
+ hlist_add_head(&session->hlist, head); |
1513 |
+ write_unlock_bh(&tunnel->hlist_lock); |
1514 |
+ |
1515 |
++ /* Ignore management session in session count value */ |
1516 |
++ if (session->session_id != 0) |
1517 |
++ atomic_inc(&l2tp_session_count); |
1518 |
++ |
1519 |
+ return 0; |
1520 |
+ |
1521 |
+-exist_glob: |
1522 |
++err_tlock_pnlock: |
1523 |
+ spin_unlock_bh(&pn->l2tp_session_hlist_lock); |
1524 |
+-exist: |
1525 |
++err_tlock: |
1526 |
+ write_unlock_bh(&tunnel->hlist_lock); |
1527 |
+ |
1528 |
+- return -EEXIST; |
1529 |
++ return err; |
1530 |
+ } |
1531 |
++EXPORT_SYMBOL_GPL(l2tp_session_register); |
1532 |
+ |
1533 |
+ /* Lookup a tunnel by id |
1534 |
+ */ |
1535 |
+-struct l2tp_tunnel *l2tp_tunnel_find(struct net *net, u32 tunnel_id) |
1536 |
++struct l2tp_tunnel *l2tp_tunnel_find(const struct net *net, u32 tunnel_id) |
1537 |
+ { |
1538 |
+ struct l2tp_tunnel *tunnel; |
1539 |
+ struct l2tp_net *pn = l2tp_pernet(net); |
1540 |
+@@ -444,7 +405,7 @@ struct l2tp_tunnel *l2tp_tunnel_find(struct net *net, u32 tunnel_id) |
1541 |
+ } |
1542 |
+ EXPORT_SYMBOL_GPL(l2tp_tunnel_find); |
1543 |
+ |
1544 |
+-struct l2tp_tunnel *l2tp_tunnel_find_nth(struct net *net, int nth) |
1545 |
++struct l2tp_tunnel *l2tp_tunnel_find_nth(const struct net *net, int nth) |
1546 |
+ { |
1547 |
+ struct l2tp_net *pn = l2tp_pernet(net); |
1548 |
+ struct l2tp_tunnel *tunnel; |
1549 |
+@@ -1307,7 +1268,6 @@ static void l2tp_tunnel_destruct(struct sock *sk) |
1550 |
+ /* Remove hooks into tunnel socket */ |
1551 |
+ sk->sk_destruct = tunnel->old_sk_destruct; |
1552 |
+ sk->sk_user_data = NULL; |
1553 |
+- tunnel->sock = NULL; |
1554 |
+ |
1555 |
+ /* Remove the tunnel struct from the tunnel list */ |
1556 |
+ pn = l2tp_pernet(tunnel->l2tp_net); |
1557 |
+@@ -1317,6 +1277,8 @@ static void l2tp_tunnel_destruct(struct sock *sk) |
1558 |
+ atomic_dec(&l2tp_tunnel_count); |
1559 |
+ |
1560 |
+ l2tp_tunnel_closeall(tunnel); |
1561 |
++ |
1562 |
++ tunnel->sock = NULL; |
1563 |
+ l2tp_tunnel_dec_refcount(tunnel); |
1564 |
+ |
1565 |
+ /* Call the original destructor */ |
1566 |
+@@ -1341,6 +1303,7 @@ void l2tp_tunnel_closeall(struct l2tp_tunnel *tunnel) |
1567 |
+ tunnel->name); |
1568 |
+ |
1569 |
+ write_lock_bh(&tunnel->hlist_lock); |
1570 |
++ tunnel->acpt_newsess = false; |
1571 |
+ for (hash = 0; hash < L2TP_HASH_SIZE; hash++) { |
1572 |
+ again: |
1573 |
+ hlist_for_each_safe(walk, tmp, &tunnel->session_hlist[hash]) { |
1574 |
+@@ -1394,17 +1357,6 @@ static void l2tp_udp_encap_destroy(struct sock *sk) |
1575 |
+ } |
1576 |
+ } |
1577 |
+ |
1578 |
+-/* Really kill the tunnel. |
1579 |
+- * Come here only when all sessions have been cleared from the tunnel. |
1580 |
+- */ |
1581 |
+-static void l2tp_tunnel_free(struct l2tp_tunnel *tunnel) |
1582 |
+-{ |
1583 |
+- BUG_ON(atomic_read(&tunnel->ref_count) != 0); |
1584 |
+- BUG_ON(tunnel->sock != NULL); |
1585 |
+- l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: free...\n", tunnel->name); |
1586 |
+- kfree_rcu(tunnel, rcu); |
1587 |
+-} |
1588 |
+- |
1589 |
+ /* Workqueue tunnel deletion function */ |
1590 |
+ static void l2tp_tunnel_del_work(struct work_struct *work) |
1591 |
+ { |
1592 |
+@@ -1655,6 +1607,7 @@ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, u32 |
1593 |
+ tunnel->magic = L2TP_TUNNEL_MAGIC; |
1594 |
+ sprintf(&tunnel->name[0], "tunl %u", tunnel_id); |
1595 |
+ rwlock_init(&tunnel->hlist_lock); |
1596 |
++ tunnel->acpt_newsess = true; |
1597 |
+ |
1598 |
+ /* The net we belong to */ |
1599 |
+ tunnel->l2tp_net = net; |
1600 |
+@@ -1840,7 +1793,6 @@ EXPORT_SYMBOL_GPL(l2tp_session_set_header_len); |
1601 |
+ struct l2tp_session *l2tp_session_create(int priv_size, struct l2tp_tunnel *tunnel, u32 session_id, u32 peer_session_id, struct l2tp_session_cfg *cfg) |
1602 |
+ { |
1603 |
+ struct l2tp_session *session; |
1604 |
+- int err; |
1605 |
+ |
1606 |
+ session = kzalloc(sizeof(struct l2tp_session) + priv_size, GFP_KERNEL); |
1607 |
+ if (session != NULL) { |
1608 |
+@@ -1895,25 +1847,7 @@ struct l2tp_session *l2tp_session_create(int priv_size, struct l2tp_tunnel *tunn |
1609 |
+ |
1610 |
+ l2tp_session_set_header_len(session, tunnel->version); |
1611 |
+ |
1612 |
+- err = l2tp_session_add_to_tunnel(tunnel, session); |
1613 |
+- if (err) { |
1614 |
+- kfree(session); |
1615 |
+- |
1616 |
+- return ERR_PTR(err); |
1617 |
+- } |
1618 |
+- |
1619 |
+- /* Bump the reference count. The session context is deleted |
1620 |
+- * only when this drops to zero. |
1621 |
+- */ |
1622 |
+ l2tp_session_inc_refcount(session); |
1623 |
+- l2tp_tunnel_inc_refcount(tunnel); |
1624 |
+- |
1625 |
+- /* Ensure tunnel socket isn't deleted */ |
1626 |
+- sock_hold(tunnel->sock); |
1627 |
+- |
1628 |
+- /* Ignore management session in session count value */ |
1629 |
+- if (session->session_id != 0) |
1630 |
+- atomic_inc(&l2tp_session_count); |
1631 |
+ |
1632 |
+ return session; |
1633 |
+ } |
1634 |
+diff --git a/net/l2tp/l2tp_core.h b/net/l2tp/l2tp_core.h |
1635 |
+index 7c2037184b6c..2b9b6fb67ae9 100644 |
1636 |
+--- a/net/l2tp/l2tp_core.h |
1637 |
++++ b/net/l2tp/l2tp_core.h |
1638 |
+@@ -23,16 +23,6 @@ |
1639 |
+ #define L2TP_HASH_BITS_2 8 |
1640 |
+ #define L2TP_HASH_SIZE_2 (1 << L2TP_HASH_BITS_2) |
1641 |
+ |
1642 |
+-/* Debug message categories for the DEBUG socket option */ |
1643 |
+-enum { |
1644 |
+- L2TP_MSG_DEBUG = (1 << 0), /* verbose debug (if |
1645 |
+- * compiled in) */ |
1646 |
+- L2TP_MSG_CONTROL = (1 << 1), /* userspace - kernel |
1647 |
+- * interface */ |
1648 |
+- L2TP_MSG_SEQ = (1 << 2), /* sequence numbers */ |
1649 |
+- L2TP_MSG_DATA = (1 << 3), /* data packets */ |
1650 |
+-}; |
1651 |
+- |
1652 |
+ struct sk_buff; |
1653 |
+ |
1654 |
+ struct l2tp_stats { |
1655 |
+@@ -172,6 +162,10 @@ struct l2tp_tunnel { |
1656 |
+ |
1657 |
+ struct rcu_head rcu; |
1658 |
+ rwlock_t hlist_lock; /* protect session_hlist */ |
1659 |
++ bool acpt_newsess; /* Indicates whether this |
1660 |
++ * tunnel accepts new sessions. |
1661 |
++ * Protected by hlist_lock. |
1662 |
++ */ |
1663 |
+ struct hlist_head session_hlist[L2TP_HASH_SIZE]; |
1664 |
+ /* hashed list of sessions, |
1665 |
+ * hashed by id */ |
1666 |
+@@ -207,7 +201,9 @@ struct l2tp_tunnel { |
1667 |
+ }; |
1668 |
+ |
1669 |
+ struct l2tp_nl_cmd_ops { |
1670 |
+- int (*session_create)(struct net *net, u32 tunnel_id, u32 session_id, u32 peer_session_id, struct l2tp_session_cfg *cfg); |
1671 |
++ int (*session_create)(struct net *net, struct l2tp_tunnel *tunnel, |
1672 |
++ u32 session_id, u32 peer_session_id, |
1673 |
++ struct l2tp_session_cfg *cfg); |
1674 |
+ int (*session_delete)(struct l2tp_session *session); |
1675 |
+ }; |
1676 |
+ |
1677 |
+@@ -241,18 +237,18 @@ out: |
1678 |
+ return tunnel; |
1679 |
+ } |
1680 |
+ |
1681 |
+-struct l2tp_session *l2tp_session_get(struct net *net, |
1682 |
++struct l2tp_tunnel *l2tp_tunnel_get(const struct net *net, u32 tunnel_id); |
1683 |
++ |
1684 |
++struct l2tp_session *l2tp_session_get(const struct net *net, |
1685 |
+ struct l2tp_tunnel *tunnel, |
1686 |
+ u32 session_id, bool do_ref); |
1687 |
+-struct l2tp_session *l2tp_session_find(struct net *net, |
1688 |
+- struct l2tp_tunnel *tunnel, |
1689 |
+- u32 session_id); |
1690 |
+ struct l2tp_session *l2tp_session_get_nth(struct l2tp_tunnel *tunnel, int nth, |
1691 |
+ bool do_ref); |
1692 |
+-struct l2tp_session *l2tp_session_get_by_ifname(struct net *net, char *ifname, |
1693 |
++struct l2tp_session *l2tp_session_get_by_ifname(const struct net *net, |
1694 |
++ const char *ifname, |
1695 |
+ bool do_ref); |
1696 |
+-struct l2tp_tunnel *l2tp_tunnel_find(struct net *net, u32 tunnel_id); |
1697 |
+-struct l2tp_tunnel *l2tp_tunnel_find_nth(struct net *net, int nth); |
1698 |
++struct l2tp_tunnel *l2tp_tunnel_find(const struct net *net, u32 tunnel_id); |
1699 |
++struct l2tp_tunnel *l2tp_tunnel_find_nth(const struct net *net, int nth); |
1700 |
+ |
1701 |
+ int l2tp_tunnel_create(struct net *net, int fd, int version, u32 tunnel_id, |
1702 |
+ u32 peer_tunnel_id, struct l2tp_tunnel_cfg *cfg, |
1703 |
+@@ -263,6 +259,9 @@ struct l2tp_session *l2tp_session_create(int priv_size, |
1704 |
+ struct l2tp_tunnel *tunnel, |
1705 |
+ u32 session_id, u32 peer_session_id, |
1706 |
+ struct l2tp_session_cfg *cfg); |
1707 |
++int l2tp_session_register(struct l2tp_session *session, |
1708 |
++ struct l2tp_tunnel *tunnel); |
1709 |
++ |
1710 |
+ void __l2tp_session_unhash(struct l2tp_session *session); |
1711 |
+ int l2tp_session_delete(struct l2tp_session *session); |
1712 |
+ void l2tp_session_free(struct l2tp_session *session); |
1713 |
+@@ -281,6 +280,17 @@ int l2tp_nl_register_ops(enum l2tp_pwtype pw_type, |
1714 |
+ void l2tp_nl_unregister_ops(enum l2tp_pwtype pw_type); |
1715 |
+ int l2tp_ioctl(struct sock *sk, int cmd, unsigned long arg); |
1716 |
+ |
1717 |
++static inline void l2tp_tunnel_inc_refcount(struct l2tp_tunnel *tunnel) |
1718 |
++{ |
1719 |
++ atomic_inc(&tunnel->ref_count); |
1720 |
++} |
1721 |
++ |
1722 |
++static inline void l2tp_tunnel_dec_refcount(struct l2tp_tunnel *tunnel) |
1723 |
++{ |
1724 |
++ if (atomic_dec_and_test(&tunnel->ref_count)) |
1725 |
++ kfree_rcu(tunnel, rcu); |
1726 |
++} |
1727 |
++ |
1728 |
+ /* Session reference counts. Incremented when code obtains a reference |
1729 |
+ * to a session. |
1730 |
+ */ |
1731 |
+diff --git a/net/l2tp/l2tp_eth.c b/net/l2tp/l2tp_eth.c |
1732 |
+index eecc64e138de..8b8fc2337960 100644 |
1733 |
+--- a/net/l2tp/l2tp_eth.c |
1734 |
++++ b/net/l2tp/l2tp_eth.c |
1735 |
+@@ -30,6 +30,9 @@ |
1736 |
+ #include <net/xfrm.h> |
1737 |
+ #include <net/net_namespace.h> |
1738 |
+ #include <net/netns/generic.h> |
1739 |
++#include <linux/ip.h> |
1740 |
++#include <linux/ipv6.h> |
1741 |
++#include <linux/udp.h> |
1742 |
+ |
1743 |
+ #include "l2tp_core.h" |
1744 |
+ |
1745 |
+@@ -41,7 +44,6 @@ struct l2tp_eth { |
1746 |
+ struct net_device *dev; |
1747 |
+ struct sock *tunnel_sock; |
1748 |
+ struct l2tp_session *session; |
1749 |
+- struct list_head list; |
1750 |
+ atomic_long_t tx_bytes; |
1751 |
+ atomic_long_t tx_packets; |
1752 |
+ atomic_long_t tx_dropped; |
1753 |
+@@ -52,20 +54,9 @@ struct l2tp_eth { |
1754 |
+ |
1755 |
+ /* via l2tp_session_priv() */ |
1756 |
+ struct l2tp_eth_sess { |
1757 |
+- struct net_device *dev; |
1758 |
++ struct net_device __rcu *dev; |
1759 |
+ }; |
1760 |
+ |
1761 |
+-/* per-net private data for this module */ |
1762 |
+-static unsigned int l2tp_eth_net_id; |
1763 |
+-struct l2tp_eth_net { |
1764 |
+- struct list_head l2tp_eth_dev_list; |
1765 |
+- spinlock_t l2tp_eth_lock; |
1766 |
+-}; |
1767 |
+- |
1768 |
+-static inline struct l2tp_eth_net *l2tp_eth_pernet(struct net *net) |
1769 |
+-{ |
1770 |
+- return net_generic(net, l2tp_eth_net_id); |
1771 |
+-} |
1772 |
+ |
1773 |
+ static int l2tp_eth_dev_init(struct net_device *dev) |
1774 |
+ { |
1775 |
+@@ -82,12 +73,13 @@ static int l2tp_eth_dev_init(struct net_device *dev) |
1776 |
+ static void l2tp_eth_dev_uninit(struct net_device *dev) |
1777 |
+ { |
1778 |
+ struct l2tp_eth *priv = netdev_priv(dev); |
1779 |
+- struct l2tp_eth_net *pn = l2tp_eth_pernet(dev_net(dev)); |
1780 |
++ struct l2tp_eth_sess *spriv; |
1781 |
+ |
1782 |
+- spin_lock(&pn->l2tp_eth_lock); |
1783 |
+- list_del_init(&priv->list); |
1784 |
+- spin_unlock(&pn->l2tp_eth_lock); |
1785 |
+- dev_put(dev); |
1786 |
++ spriv = l2tp_session_priv(priv->session); |
1787 |
++ RCU_INIT_POINTER(spriv->dev, NULL); |
1788 |
++ /* No need for synchronize_net() here. We're called by |
1789 |
++ * unregister_netdev*(), which does the synchronisation for us. |
1790 |
++ */ |
1791 |
+ } |
1792 |
+ |
1793 |
+ static int l2tp_eth_dev_xmit(struct sk_buff *skb, struct net_device *dev) |
1794 |
+@@ -141,8 +133,8 @@ static void l2tp_eth_dev_setup(struct net_device *dev) |
1795 |
+ static void l2tp_eth_dev_recv(struct l2tp_session *session, struct sk_buff *skb, int data_len) |
1796 |
+ { |
1797 |
+ struct l2tp_eth_sess *spriv = l2tp_session_priv(session); |
1798 |
+- struct net_device *dev = spriv->dev; |
1799 |
+- struct l2tp_eth *priv = netdev_priv(dev); |
1800 |
++ struct net_device *dev; |
1801 |
++ struct l2tp_eth *priv; |
1802 |
+ |
1803 |
+ if (session->debug & L2TP_MSG_DATA) { |
1804 |
+ unsigned int length; |
1805 |
+@@ -166,16 +158,25 @@ static void l2tp_eth_dev_recv(struct l2tp_session *session, struct sk_buff *skb, |
1806 |
+ skb_dst_drop(skb); |
1807 |
+ nf_reset(skb); |
1808 |
+ |
1809 |
++ rcu_read_lock(); |
1810 |
++ dev = rcu_dereference(spriv->dev); |
1811 |
++ if (!dev) |
1812 |
++ goto error_rcu; |
1813 |
++ |
1814 |
++ priv = netdev_priv(dev); |
1815 |
+ if (dev_forward_skb(dev, skb) == NET_RX_SUCCESS) { |
1816 |
+ atomic_long_inc(&priv->rx_packets); |
1817 |
+ atomic_long_add(data_len, &priv->rx_bytes); |
1818 |
+ } else { |
1819 |
+ atomic_long_inc(&priv->rx_errors); |
1820 |
+ } |
1821 |
++ rcu_read_unlock(); |
1822 |
++ |
1823 |
+ return; |
1824 |
+ |
1825 |
++error_rcu: |
1826 |
++ rcu_read_unlock(); |
1827 |
+ error: |
1828 |
+- atomic_long_inc(&priv->rx_errors); |
1829 |
+ kfree_skb(skb); |
1830 |
+ } |
1831 |
+ |
1832 |
+@@ -186,11 +187,15 @@ static void l2tp_eth_delete(struct l2tp_session *session) |
1833 |
+ |
1834 |
+ if (session) { |
1835 |
+ spriv = l2tp_session_priv(session); |
1836 |
+- dev = spriv->dev; |
1837 |
++ |
1838 |
++ rtnl_lock(); |
1839 |
++ dev = rtnl_dereference(spriv->dev); |
1840 |
+ if (dev) { |
1841 |
+- unregister_netdev(dev); |
1842 |
+- spriv->dev = NULL; |
1843 |
++ unregister_netdevice(dev); |
1844 |
++ rtnl_unlock(); |
1845 |
+ module_put(THIS_MODULE); |
1846 |
++ } else { |
1847 |
++ rtnl_unlock(); |
1848 |
+ } |
1849 |
+ } |
1850 |
+ } |
1851 |
+@@ -200,35 +205,89 @@ static void l2tp_eth_show(struct seq_file *m, void *arg) |
1852 |
+ { |
1853 |
+ struct l2tp_session *session = arg; |
1854 |
+ struct l2tp_eth_sess *spriv = l2tp_session_priv(session); |
1855 |
+- struct net_device *dev = spriv->dev; |
1856 |
++ struct net_device *dev; |
1857 |
++ |
1858 |
++ rcu_read_lock(); |
1859 |
++ dev = rcu_dereference(spriv->dev); |
1860 |
++ if (!dev) { |
1861 |
++ rcu_read_unlock(); |
1862 |
++ return; |
1863 |
++ } |
1864 |
++ dev_hold(dev); |
1865 |
++ rcu_read_unlock(); |
1866 |
+ |
1867 |
+ seq_printf(m, " interface %s\n", dev->name); |
1868 |
++ |
1869 |
++ dev_put(dev); |
1870 |
+ } |
1871 |
+ #endif |
1872 |
+ |
1873 |
+-static int l2tp_eth_create(struct net *net, u32 tunnel_id, u32 session_id, u32 peer_session_id, struct l2tp_session_cfg *cfg) |
1874 |
++static void l2tp_eth_adjust_mtu(struct l2tp_tunnel *tunnel, |
1875 |
++ struct l2tp_session *session, |
1876 |
++ struct net_device *dev) |
1877 |
++{ |
1878 |
++ unsigned int overhead = 0; |
1879 |
++ struct dst_entry *dst; |
1880 |
++ u32 l3_overhead = 0; |
1881 |
++ |
1882 |
++ /* if the encap is UDP, account for UDP header size */ |
1883 |
++ if (tunnel->encap == L2TP_ENCAPTYPE_UDP) { |
1884 |
++ overhead += sizeof(struct udphdr); |
1885 |
++ dev->needed_headroom += sizeof(struct udphdr); |
1886 |
++ } |
1887 |
++ if (session->mtu != 0) { |
1888 |
++ dev->mtu = session->mtu; |
1889 |
++ dev->needed_headroom += session->hdr_len; |
1890 |
++ return; |
1891 |
++ } |
1892 |
++ lock_sock(tunnel->sock); |
1893 |
++ l3_overhead = kernel_sock_ip_overhead(tunnel->sock); |
1894 |
++ release_sock(tunnel->sock); |
1895 |
++ if (l3_overhead == 0) { |
1896 |
++ /* L3 Overhead couldn't be identified, this could be |
1897 |
++ * because tunnel->sock was NULL or the socket's |
1898 |
++ * address family was not IPv4 or IPv6, |
1899 |
++ * dev mtu stays at 1500. |
1900 |
++ */ |
1901 |
++ return; |
1902 |
++ } |
1903 |
++ /* Adjust MTU, factor overhead - underlay L3, overlay L2 hdr |
1904 |
++ * UDP overhead, if any, was already factored in above. |
1905 |
++ */ |
1906 |
++ overhead += session->hdr_len + ETH_HLEN + l3_overhead; |
1907 |
++ |
1908 |
++ /* If PMTU discovery was enabled, use discovered MTU on L2TP device */ |
1909 |
++ dst = sk_dst_get(tunnel->sock); |
1910 |
++ if (dst) { |
1911 |
++ /* dst_mtu will use PMTU if found, else fallback to intf MTU */ |
1912 |
++ u32 pmtu = dst_mtu(dst); |
1913 |
++ |
1914 |
++ if (pmtu != 0) |
1915 |
++ dev->mtu = pmtu; |
1916 |
++ dst_release(dst); |
1917 |
++ } |
1918 |
++ session->mtu = dev->mtu - overhead; |
1919 |
++ dev->mtu = session->mtu; |
1920 |
++ dev->needed_headroom += session->hdr_len; |
1921 |
++} |
1922 |
++ |
1923 |
++static int l2tp_eth_create(struct net *net, struct l2tp_tunnel *tunnel, |
1924 |
++ u32 session_id, u32 peer_session_id, |
1925 |
++ struct l2tp_session_cfg *cfg) |
1926 |
+ { |
1927 |
+ struct net_device *dev; |
1928 |
+ char name[IFNAMSIZ]; |
1929 |
+- struct l2tp_tunnel *tunnel; |
1930 |
+ struct l2tp_session *session; |
1931 |
+ struct l2tp_eth *priv; |
1932 |
+ struct l2tp_eth_sess *spriv; |
1933 |
+ int rc; |
1934 |
+- struct l2tp_eth_net *pn; |
1935 |
+- |
1936 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
1937 |
+- if (!tunnel) { |
1938 |
+- rc = -ENODEV; |
1939 |
+- goto out; |
1940 |
+- } |
1941 |
+ |
1942 |
+ if (cfg->ifname) { |
1943 |
+ dev = dev_get_by_name(net, cfg->ifname); |
1944 |
+ if (dev) { |
1945 |
+ dev_put(dev); |
1946 |
+ rc = -EEXIST; |
1947 |
+- goto out; |
1948 |
++ goto err; |
1949 |
+ } |
1950 |
+ strlcpy(name, cfg->ifname, IFNAMSIZ); |
1951 |
+ } else |
1952 |
+@@ -238,26 +297,22 @@ static int l2tp_eth_create(struct net *net, u32 tunnel_id, u32 session_id, u32 p |
1953 |
+ peer_session_id, cfg); |
1954 |
+ if (IS_ERR(session)) { |
1955 |
+ rc = PTR_ERR(session); |
1956 |
+- goto out; |
1957 |
++ goto err; |
1958 |
+ } |
1959 |
+ |
1960 |
+ dev = alloc_netdev(sizeof(*priv), name, NET_NAME_UNKNOWN, |
1961 |
+ l2tp_eth_dev_setup); |
1962 |
+ if (!dev) { |
1963 |
+ rc = -ENOMEM; |
1964 |
+- goto out_del_session; |
1965 |
++ goto err_sess; |
1966 |
+ } |
1967 |
+ |
1968 |
+ dev_net_set(dev, net); |
1969 |
+- if (session->mtu == 0) |
1970 |
+- session->mtu = dev->mtu - session->hdr_len; |
1971 |
+- dev->mtu = session->mtu; |
1972 |
+- dev->needed_headroom += session->hdr_len; |
1973 |
++ l2tp_eth_adjust_mtu(tunnel, session, dev); |
1974 |
+ |
1975 |
+ priv = netdev_priv(dev); |
1976 |
+ priv->dev = dev; |
1977 |
+ priv->session = session; |
1978 |
+- INIT_LIST_HEAD(&priv->list); |
1979 |
+ |
1980 |
+ priv->tunnel_sock = tunnel->sock; |
1981 |
+ session->recv_skb = l2tp_eth_dev_recv; |
1982 |
+@@ -267,48 +322,50 @@ static int l2tp_eth_create(struct net *net, u32 tunnel_id, u32 session_id, u32 p |
1983 |
+ #endif |
1984 |
+ |
1985 |
+ spriv = l2tp_session_priv(session); |
1986 |
+- spriv->dev = dev; |
1987 |
+ |
1988 |
+- rc = register_netdev(dev); |
1989 |
+- if (rc < 0) |
1990 |
+- goto out_del_dev; |
1991 |
++ l2tp_session_inc_refcount(session); |
1992 |
+ |
1993 |
+- __module_get(THIS_MODULE); |
1994 |
+- /* Must be done after register_netdev() */ |
1995 |
+- strlcpy(session->ifname, dev->name, IFNAMSIZ); |
1996 |
++ rtnl_lock(); |
1997 |
+ |
1998 |
+- dev_hold(dev); |
1999 |
+- pn = l2tp_eth_pernet(dev_net(dev)); |
2000 |
+- spin_lock(&pn->l2tp_eth_lock); |
2001 |
+- list_add(&priv->list, &pn->l2tp_eth_dev_list); |
2002 |
+- spin_unlock(&pn->l2tp_eth_lock); |
2003 |
++ /* Register both device and session while holding the rtnl lock. This |
2004 |
++ * ensures that l2tp_eth_delete() will see that there's a device to |
2005 |
++ * unregister, even if it happened to run before we assign spriv->dev. |
2006 |
++ */ |
2007 |
++ rc = l2tp_session_register(session, tunnel); |
2008 |
++ if (rc < 0) { |
2009 |
++ rtnl_unlock(); |
2010 |
++ goto err_sess_dev; |
2011 |
++ } |
2012 |
+ |
2013 |
+- return 0; |
2014 |
++ rc = register_netdevice(dev); |
2015 |
++ if (rc < 0) { |
2016 |
++ rtnl_unlock(); |
2017 |
++ l2tp_session_delete(session); |
2018 |
++ l2tp_session_dec_refcount(session); |
2019 |
++ free_netdev(dev); |
2020 |
+ |
2021 |
+-out_del_dev: |
2022 |
+- free_netdev(dev); |
2023 |
+- spriv->dev = NULL; |
2024 |
+-out_del_session: |
2025 |
+- l2tp_session_delete(session); |
2026 |
+-out: |
2027 |
+- return rc; |
2028 |
+-} |
2029 |
++ return rc; |
2030 |
++ } |
2031 |
+ |
2032 |
+-static __net_init int l2tp_eth_init_net(struct net *net) |
2033 |
+-{ |
2034 |
+- struct l2tp_eth_net *pn = net_generic(net, l2tp_eth_net_id); |
2035 |
++ strlcpy(session->ifname, dev->name, IFNAMSIZ); |
2036 |
++ rcu_assign_pointer(spriv->dev, dev); |
2037 |
++ |
2038 |
++ rtnl_unlock(); |
2039 |
+ |
2040 |
+- INIT_LIST_HEAD(&pn->l2tp_eth_dev_list); |
2041 |
+- spin_lock_init(&pn->l2tp_eth_lock); |
2042 |
++ l2tp_session_dec_refcount(session); |
2043 |
++ |
2044 |
++ __module_get(THIS_MODULE); |
2045 |
+ |
2046 |
+ return 0; |
2047 |
+-} |
2048 |
+ |
2049 |
+-static struct pernet_operations l2tp_eth_net_ops = { |
2050 |
+- .init = l2tp_eth_init_net, |
2051 |
+- .id = &l2tp_eth_net_id, |
2052 |
+- .size = sizeof(struct l2tp_eth_net), |
2053 |
+-}; |
2054 |
++err_sess_dev: |
2055 |
++ l2tp_session_dec_refcount(session); |
2056 |
++ free_netdev(dev); |
2057 |
++err_sess: |
2058 |
++ kfree(session); |
2059 |
++err: |
2060 |
++ return rc; |
2061 |
++} |
2062 |
+ |
2063 |
+ |
2064 |
+ static const struct l2tp_nl_cmd_ops l2tp_eth_nl_cmd_ops = { |
2065 |
+@@ -323,25 +380,18 @@ static int __init l2tp_eth_init(void) |
2066 |
+ |
2067 |
+ err = l2tp_nl_register_ops(L2TP_PWTYPE_ETH, &l2tp_eth_nl_cmd_ops); |
2068 |
+ if (err) |
2069 |
+- goto out; |
2070 |
+- |
2071 |
+- err = register_pernet_device(&l2tp_eth_net_ops); |
2072 |
+- if (err) |
2073 |
+- goto out_unreg; |
2074 |
++ goto err; |
2075 |
+ |
2076 |
+ pr_info("L2TP ethernet pseudowire support (L2TPv3)\n"); |
2077 |
+ |
2078 |
+ return 0; |
2079 |
+ |
2080 |
+-out_unreg: |
2081 |
+- l2tp_nl_unregister_ops(L2TP_PWTYPE_ETH); |
2082 |
+-out: |
2083 |
++err: |
2084 |
+ return err; |
2085 |
+ } |
2086 |
+ |
2087 |
+ static void __exit l2tp_eth_exit(void) |
2088 |
+ { |
2089 |
+- unregister_pernet_device(&l2tp_eth_net_ops); |
2090 |
+ l2tp_nl_unregister_ops(L2TP_PWTYPE_ETH); |
2091 |
+ } |
2092 |
+ |
2093 |
+diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c |
2094 |
+index d6fccfdca201..47d7bdff8be8 100644 |
2095 |
+--- a/net/l2tp/l2tp_netlink.c |
2096 |
++++ b/net/l2tp/l2tp_netlink.c |
2097 |
+@@ -72,10 +72,12 @@ static struct l2tp_session *l2tp_nl_session_get(struct genl_info *info, |
2098 |
+ (info->attrs[L2TP_ATTR_CONN_ID])) { |
2099 |
+ tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); |
2100 |
+ session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); |
2101 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
2102 |
+- if (tunnel) |
2103 |
++ tunnel = l2tp_tunnel_get(net, tunnel_id); |
2104 |
++ if (tunnel) { |
2105 |
+ session = l2tp_session_get(net, tunnel, session_id, |
2106 |
+ do_ref); |
2107 |
++ l2tp_tunnel_dec_refcount(tunnel); |
2108 |
++ } |
2109 |
+ } |
2110 |
+ |
2111 |
+ return session; |
2112 |
+@@ -278,8 +280,8 @@ static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info |
2113 |
+ } |
2114 |
+ tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); |
2115 |
+ |
2116 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
2117 |
+- if (tunnel == NULL) { |
2118 |
++ tunnel = l2tp_tunnel_get(net, tunnel_id); |
2119 |
++ if (!tunnel) { |
2120 |
+ ret = -ENODEV; |
2121 |
+ goto out; |
2122 |
+ } |
2123 |
+@@ -289,6 +291,8 @@ static int l2tp_nl_cmd_tunnel_delete(struct sk_buff *skb, struct genl_info *info |
2124 |
+ |
2125 |
+ l2tp_tunnel_delete(tunnel); |
2126 |
+ |
2127 |
++ l2tp_tunnel_dec_refcount(tunnel); |
2128 |
++ |
2129 |
+ out: |
2130 |
+ return ret; |
2131 |
+ } |
2132 |
+@@ -306,8 +310,8 @@ static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info |
2133 |
+ } |
2134 |
+ tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); |
2135 |
+ |
2136 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
2137 |
+- if (tunnel == NULL) { |
2138 |
++ tunnel = l2tp_tunnel_get(net, tunnel_id); |
2139 |
++ if (!tunnel) { |
2140 |
+ ret = -ENODEV; |
2141 |
+ goto out; |
2142 |
+ } |
2143 |
+@@ -318,6 +322,8 @@ static int l2tp_nl_cmd_tunnel_modify(struct sk_buff *skb, struct genl_info *info |
2144 |
+ ret = l2tp_tunnel_notify(&l2tp_nl_family, info, |
2145 |
+ tunnel, L2TP_CMD_TUNNEL_MODIFY); |
2146 |
+ |
2147 |
++ l2tp_tunnel_dec_refcount(tunnel); |
2148 |
++ |
2149 |
+ out: |
2150 |
+ return ret; |
2151 |
+ } |
2152 |
+@@ -430,34 +436,37 @@ static int l2tp_nl_cmd_tunnel_get(struct sk_buff *skb, struct genl_info *info) |
2153 |
+ |
2154 |
+ if (!info->attrs[L2TP_ATTR_CONN_ID]) { |
2155 |
+ ret = -EINVAL; |
2156 |
+- goto out; |
2157 |
++ goto err; |
2158 |
+ } |
2159 |
+ |
2160 |
+ tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); |
2161 |
+ |
2162 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
2163 |
+- if (tunnel == NULL) { |
2164 |
+- ret = -ENODEV; |
2165 |
+- goto out; |
2166 |
+- } |
2167 |
+- |
2168 |
+ msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
2169 |
+ if (!msg) { |
2170 |
+ ret = -ENOMEM; |
2171 |
+- goto out; |
2172 |
++ goto err; |
2173 |
++ } |
2174 |
++ |
2175 |
++ tunnel = l2tp_tunnel_get(net, tunnel_id); |
2176 |
++ if (!tunnel) { |
2177 |
++ ret = -ENODEV; |
2178 |
++ goto err_nlmsg; |
2179 |
+ } |
2180 |
+ |
2181 |
+ ret = l2tp_nl_tunnel_send(msg, info->snd_portid, info->snd_seq, |
2182 |
+ NLM_F_ACK, tunnel, L2TP_CMD_TUNNEL_GET); |
2183 |
+ if (ret < 0) |
2184 |
+- goto err_out; |
2185 |
++ goto err_nlmsg_tunnel; |
2186 |
++ |
2187 |
++ l2tp_tunnel_dec_refcount(tunnel); |
2188 |
+ |
2189 |
+ return genlmsg_unicast(net, msg, info->snd_portid); |
2190 |
+ |
2191 |
+-err_out: |
2192 |
++err_nlmsg_tunnel: |
2193 |
++ l2tp_tunnel_dec_refcount(tunnel); |
2194 |
++err_nlmsg: |
2195 |
+ nlmsg_free(msg); |
2196 |
+- |
2197 |
+-out: |
2198 |
++err: |
2199 |
+ return ret; |
2200 |
+ } |
2201 |
+ |
2202 |
+@@ -501,8 +510,9 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2203 |
+ ret = -EINVAL; |
2204 |
+ goto out; |
2205 |
+ } |
2206 |
++ |
2207 |
+ tunnel_id = nla_get_u32(info->attrs[L2TP_ATTR_CONN_ID]); |
2208 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
2209 |
++ tunnel = l2tp_tunnel_get(net, tunnel_id); |
2210 |
+ if (!tunnel) { |
2211 |
+ ret = -ENODEV; |
2212 |
+ goto out; |
2213 |
+@@ -510,29 +520,24 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2214 |
+ |
2215 |
+ if (!info->attrs[L2TP_ATTR_SESSION_ID]) { |
2216 |
+ ret = -EINVAL; |
2217 |
+- goto out; |
2218 |
++ goto out_tunnel; |
2219 |
+ } |
2220 |
+ session_id = nla_get_u32(info->attrs[L2TP_ATTR_SESSION_ID]); |
2221 |
+- session = l2tp_session_find(net, tunnel, session_id); |
2222 |
+- if (session) { |
2223 |
+- ret = -EEXIST; |
2224 |
+- goto out; |
2225 |
+- } |
2226 |
+ |
2227 |
+ if (!info->attrs[L2TP_ATTR_PEER_SESSION_ID]) { |
2228 |
+ ret = -EINVAL; |
2229 |
+- goto out; |
2230 |
++ goto out_tunnel; |
2231 |
+ } |
2232 |
+ peer_session_id = nla_get_u32(info->attrs[L2TP_ATTR_PEER_SESSION_ID]); |
2233 |
+ |
2234 |
+ if (!info->attrs[L2TP_ATTR_PW_TYPE]) { |
2235 |
+ ret = -EINVAL; |
2236 |
+- goto out; |
2237 |
++ goto out_tunnel; |
2238 |
+ } |
2239 |
+ cfg.pw_type = nla_get_u16(info->attrs[L2TP_ATTR_PW_TYPE]); |
2240 |
+ if (cfg.pw_type >= __L2TP_PWTYPE_MAX) { |
2241 |
+ ret = -EINVAL; |
2242 |
+- goto out; |
2243 |
++ goto out_tunnel; |
2244 |
+ } |
2245 |
+ |
2246 |
+ if (tunnel->version > 2) { |
2247 |
+@@ -551,7 +556,7 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2248 |
+ u16 len = nla_len(info->attrs[L2TP_ATTR_COOKIE]); |
2249 |
+ if (len > 8) { |
2250 |
+ ret = -EINVAL; |
2251 |
+- goto out; |
2252 |
++ goto out_tunnel; |
2253 |
+ } |
2254 |
+ cfg.cookie_len = len; |
2255 |
+ memcpy(&cfg.cookie[0], nla_data(info->attrs[L2TP_ATTR_COOKIE]), len); |
2256 |
+@@ -560,7 +565,7 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2257 |
+ u16 len = nla_len(info->attrs[L2TP_ATTR_PEER_COOKIE]); |
2258 |
+ if (len > 8) { |
2259 |
+ ret = -EINVAL; |
2260 |
+- goto out; |
2261 |
++ goto out_tunnel; |
2262 |
+ } |
2263 |
+ cfg.peer_cookie_len = len; |
2264 |
+ memcpy(&cfg.peer_cookie[0], nla_data(info->attrs[L2TP_ATTR_PEER_COOKIE]), len); |
2265 |
+@@ -603,7 +608,7 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2266 |
+ if ((l2tp_nl_cmd_ops[cfg.pw_type] == NULL) || |
2267 |
+ (l2tp_nl_cmd_ops[cfg.pw_type]->session_create == NULL)) { |
2268 |
+ ret = -EPROTONOSUPPORT; |
2269 |
+- goto out; |
2270 |
++ goto out_tunnel; |
2271 |
+ } |
2272 |
+ |
2273 |
+ /* Check that pseudowire-specific params are present */ |
2274 |
+@@ -613,7 +618,7 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2275 |
+ case L2TP_PWTYPE_ETH_VLAN: |
2276 |
+ if (!info->attrs[L2TP_ATTR_VLAN_ID]) { |
2277 |
+ ret = -EINVAL; |
2278 |
+- goto out; |
2279 |
++ goto out_tunnel; |
2280 |
+ } |
2281 |
+ break; |
2282 |
+ case L2TP_PWTYPE_ETH: |
2283 |
+@@ -627,10 +632,10 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2284 |
+ break; |
2285 |
+ } |
2286 |
+ |
2287 |
+- ret = -EPROTONOSUPPORT; |
2288 |
+- if (l2tp_nl_cmd_ops[cfg.pw_type]->session_create) |
2289 |
+- ret = (*l2tp_nl_cmd_ops[cfg.pw_type]->session_create)(net, tunnel_id, |
2290 |
+- session_id, peer_session_id, &cfg); |
2291 |
++ ret = l2tp_nl_cmd_ops[cfg.pw_type]->session_create(net, tunnel, |
2292 |
++ session_id, |
2293 |
++ peer_session_id, |
2294 |
++ &cfg); |
2295 |
+ |
2296 |
+ if (ret >= 0) { |
2297 |
+ session = l2tp_session_get(net, tunnel, session_id, false); |
2298 |
+@@ -641,6 +646,8 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf |
2299 |
+ } |
2300 |
+ } |
2301 |
+ |
2302 |
++out_tunnel: |
2303 |
++ l2tp_tunnel_dec_refcount(tunnel); |
2304 |
+ out: |
2305 |
+ return ret; |
2306 |
+ } |
2307 |
+diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c |
2308 |
+index d919b3e6b548..979fa868a4f1 100644 |
2309 |
+--- a/net/l2tp/l2tp_ppp.c |
2310 |
++++ b/net/l2tp/l2tp_ppp.c |
2311 |
+@@ -122,8 +122,11 @@ |
2312 |
+ struct pppol2tp_session { |
2313 |
+ int owner; /* pid that opened the socket */ |
2314 |
+ |
2315 |
+- struct sock *sock; /* Pointer to the session |
2316 |
++ struct mutex sk_lock; /* Protects .sk */ |
2317 |
++ struct sock __rcu *sk; /* Pointer to the session |
2318 |
+ * PPPoX socket */ |
2319 |
++ struct sock *__sk; /* Copy of .sk, for cleanup */ |
2320 |
++ struct rcu_head rcu; /* For asynchronous release */ |
2321 |
+ struct sock *tunnel_sock; /* Pointer to the tunnel UDP |
2322 |
+ * socket */ |
2323 |
+ int flags; /* accessed by PPPIOCGFLAGS. |
2324 |
+@@ -138,6 +141,24 @@ static const struct ppp_channel_ops pppol2tp_chan_ops = { |
2325 |
+ |
2326 |
+ static const struct proto_ops pppol2tp_ops; |
2327 |
+ |
2328 |
++/* Retrieves the pppol2tp socket associated to a session. |
2329 |
++ * A reference is held on the returned socket, so this function must be paired |
2330 |
++ * with sock_put(). |
2331 |
++ */ |
2332 |
++static struct sock *pppol2tp_session_get_sock(struct l2tp_session *session) |
2333 |
++{ |
2334 |
++ struct pppol2tp_session *ps = l2tp_session_priv(session); |
2335 |
++ struct sock *sk; |
2336 |
++ |
2337 |
++ rcu_read_lock(); |
2338 |
++ sk = rcu_dereference(ps->sk); |
2339 |
++ if (sk) |
2340 |
++ sock_hold(sk); |
2341 |
++ rcu_read_unlock(); |
2342 |
++ |
2343 |
++ return sk; |
2344 |
++} |
2345 |
++ |
2346 |
+ /* Helpers to obtain tunnel/session contexts from sockets. |
2347 |
+ */ |
2348 |
+ static inline struct l2tp_session *pppol2tp_sock_to_session(struct sock *sk) |
2349 |
+@@ -224,21 +245,22 @@ static void pppol2tp_recv(struct l2tp_session *session, struct sk_buff *skb, int |
2350 |
+ /* If the socket is bound, send it in to PPP's input queue. Otherwise |
2351 |
+ * queue it on the session socket. |
2352 |
+ */ |
2353 |
+- sk = ps->sock; |
2354 |
++ rcu_read_lock(); |
2355 |
++ sk = rcu_dereference(ps->sk); |
2356 |
+ if (sk == NULL) |
2357 |
+ goto no_sock; |
2358 |
+ |
2359 |
+ if (sk->sk_state & PPPOX_BOUND) { |
2360 |
+ struct pppox_sock *po; |
2361 |
+ |
2362 |
+- l2tp_dbg(session, PPPOL2TP_MSG_DATA, |
2363 |
++ l2tp_dbg(session, L2TP_MSG_DATA, |
2364 |
+ "%s: recv %d byte data frame, passing to ppp\n", |
2365 |
+ session->name, data_len); |
2366 |
+ |
2367 |
+ po = pppox_sk(sk); |
2368 |
+ ppp_input(&po->chan, skb); |
2369 |
+ } else { |
2370 |
+- l2tp_dbg(session, PPPOL2TP_MSG_DATA, |
2371 |
++ l2tp_dbg(session, L2TP_MSG_DATA, |
2372 |
+ "%s: recv %d byte data frame, passing to L2TP socket\n", |
2373 |
+ session->name, data_len); |
2374 |
+ |
2375 |
+@@ -247,30 +269,16 @@ static void pppol2tp_recv(struct l2tp_session *session, struct sk_buff *skb, int |
2376 |
+ kfree_skb(skb); |
2377 |
+ } |
2378 |
+ } |
2379 |
++ rcu_read_unlock(); |
2380 |
+ |
2381 |
+ return; |
2382 |
+ |
2383 |
+ no_sock: |
2384 |
+- l2tp_info(session, PPPOL2TP_MSG_DATA, "%s: no socket\n", session->name); |
2385 |
++ rcu_read_unlock(); |
2386 |
++ l2tp_info(session, L2TP_MSG_DATA, "%s: no socket\n", session->name); |
2387 |
+ kfree_skb(skb); |
2388 |
+ } |
2389 |
+ |
2390 |
+-static void pppol2tp_session_sock_hold(struct l2tp_session *session) |
2391 |
+-{ |
2392 |
+- struct pppol2tp_session *ps = l2tp_session_priv(session); |
2393 |
+- |
2394 |
+- if (ps->sock) |
2395 |
+- sock_hold(ps->sock); |
2396 |
+-} |
2397 |
+- |
2398 |
+-static void pppol2tp_session_sock_put(struct l2tp_session *session) |
2399 |
+-{ |
2400 |
+- struct pppol2tp_session *ps = l2tp_session_priv(session); |
2401 |
+- |
2402 |
+- if (ps->sock) |
2403 |
+- sock_put(ps->sock); |
2404 |
+-} |
2405 |
+- |
2406 |
+ /************************************************************************ |
2407 |
+ * Transmit handling |
2408 |
+ ***********************************************************************/ |
2409 |
+@@ -431,17 +439,16 @@ abort: |
2410 |
+ */ |
2411 |
+ static void pppol2tp_session_close(struct l2tp_session *session) |
2412 |
+ { |
2413 |
+- struct pppol2tp_session *ps = l2tp_session_priv(session); |
2414 |
+- struct sock *sk = ps->sock; |
2415 |
+- struct socket *sock = sk->sk_socket; |
2416 |
++ struct sock *sk; |
2417 |
+ |
2418 |
+ BUG_ON(session->magic != L2TP_SESSION_MAGIC); |
2419 |
+ |
2420 |
+- if (sock) |
2421 |
+- inet_shutdown(sock, SEND_SHUTDOWN); |
2422 |
+- |
2423 |
+- /* Don't let the session go away before our socket does */ |
2424 |
+- l2tp_session_inc_refcount(session); |
2425 |
++ sk = pppol2tp_session_get_sock(session); |
2426 |
++ if (sk) { |
2427 |
++ if (sk->sk_socket) |
2428 |
++ inet_shutdown(sk->sk_socket, SEND_SHUTDOWN); |
2429 |
++ sock_put(sk); |
2430 |
++ } |
2431 |
+ } |
2432 |
+ |
2433 |
+ /* Really kill the session socket. (Called from sock_put() if |
2434 |
+@@ -461,6 +468,14 @@ static void pppol2tp_session_destruct(struct sock *sk) |
2435 |
+ } |
2436 |
+ } |
2437 |
+ |
2438 |
++static void pppol2tp_put_sk(struct rcu_head *head) |
2439 |
++{ |
2440 |
++ struct pppol2tp_session *ps; |
2441 |
++ |
2442 |
++ ps = container_of(head, typeof(*ps), rcu); |
2443 |
++ sock_put(ps->__sk); |
2444 |
++} |
2445 |
++ |
2446 |
+ /* Called when the PPPoX socket (session) is closed. |
2447 |
+ */ |
2448 |
+ static int pppol2tp_release(struct socket *sock) |
2449 |
+@@ -486,11 +501,23 @@ static int pppol2tp_release(struct socket *sock) |
2450 |
+ |
2451 |
+ session = pppol2tp_sock_to_session(sk); |
2452 |
+ |
2453 |
+- /* Purge any queued data */ |
2454 |
+ if (session != NULL) { |
2455 |
+- __l2tp_session_unhash(session); |
2456 |
+- l2tp_session_queue_purge(session); |
2457 |
+- sock_put(sk); |
2458 |
++ struct pppol2tp_session *ps; |
2459 |
++ |
2460 |
++ l2tp_session_delete(session); |
2461 |
++ |
2462 |
++ ps = l2tp_session_priv(session); |
2463 |
++ mutex_lock(&ps->sk_lock); |
2464 |
++ ps->__sk = rcu_dereference_protected(ps->sk, |
2465 |
++ lockdep_is_held(&ps->sk_lock)); |
2466 |
++ RCU_INIT_POINTER(ps->sk, NULL); |
2467 |
++ mutex_unlock(&ps->sk_lock); |
2468 |
++ call_rcu(&ps->rcu, pppol2tp_put_sk); |
2469 |
++ |
2470 |
++ /* Rely on the sock_put() call at the end of the function for |
2471 |
++ * dropping the reference held by pppol2tp_sock_to_session(). |
2472 |
++ * The last reference will be dropped by pppol2tp_put_sk(). |
2473 |
++ */ |
2474 |
+ } |
2475 |
+ release_sock(sk); |
2476 |
+ |
2477 |
+@@ -557,16 +584,47 @@ out: |
2478 |
+ static void pppol2tp_show(struct seq_file *m, void *arg) |
2479 |
+ { |
2480 |
+ struct l2tp_session *session = arg; |
2481 |
+- struct pppol2tp_session *ps = l2tp_session_priv(session); |
2482 |
++ struct sock *sk; |
2483 |
++ |
2484 |
++ sk = pppol2tp_session_get_sock(session); |
2485 |
++ if (sk) { |
2486 |
++ struct pppox_sock *po = pppox_sk(sk); |
2487 |
+ |
2488 |
+- if (ps) { |
2489 |
+- struct pppox_sock *po = pppox_sk(ps->sock); |
2490 |
+- if (po) |
2491 |
+- seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); |
2492 |
++ seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); |
2493 |
++ sock_put(sk); |
2494 |
+ } |
2495 |
+ } |
2496 |
+ #endif |
2497 |
+ |
2498 |
++static void pppol2tp_session_init(struct l2tp_session *session) |
2499 |
++{ |
2500 |
++ struct pppol2tp_session *ps; |
2501 |
++ struct dst_entry *dst; |
2502 |
++ |
2503 |
++ session->recv_skb = pppol2tp_recv; |
2504 |
++ session->session_close = pppol2tp_session_close; |
2505 |
++#if IS_ENABLED(CONFIG_L2TP_DEBUGFS) |
2506 |
++ session->show = pppol2tp_show; |
2507 |
++#endif |
2508 |
++ |
2509 |
++ ps = l2tp_session_priv(session); |
2510 |
++ mutex_init(&ps->sk_lock); |
2511 |
++ ps->tunnel_sock = session->tunnel->sock; |
2512 |
++ ps->owner = current->pid; |
2513 |
++ |
2514 |
++ /* If PMTU discovery was enabled, use the MTU that was discovered */ |
2515 |
++ dst = sk_dst_get(session->tunnel->sock); |
2516 |
++ if (dst) { |
2517 |
++ u32 pmtu = dst_mtu(dst); |
2518 |
++ |
2519 |
++ if (pmtu) { |
2520 |
++ session->mtu = pmtu - PPPOL2TP_HEADER_OVERHEAD; |
2521 |
++ session->mru = pmtu - PPPOL2TP_HEADER_OVERHEAD; |
2522 |
++ } |
2523 |
++ dst_release(dst); |
2524 |
++ } |
2525 |
++} |
2526 |
++ |
2527 |
+ /* connect() handler. Attach a PPPoX socket to a tunnel UDP socket |
2528 |
+ */ |
2529 |
+ static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, |
2530 |
+@@ -578,7 +636,6 @@ static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, |
2531 |
+ struct l2tp_session *session = NULL; |
2532 |
+ struct l2tp_tunnel *tunnel; |
2533 |
+ struct pppol2tp_session *ps; |
2534 |
+- struct dst_entry *dst; |
2535 |
+ struct l2tp_session_cfg cfg = { 0, }; |
2536 |
+ int error = 0; |
2537 |
+ u32 tunnel_id, peer_tunnel_id; |
2538 |
+@@ -700,13 +757,17 @@ static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, |
2539 |
+ /* Using a pre-existing session is fine as long as it hasn't |
2540 |
+ * been connected yet. |
2541 |
+ */ |
2542 |
+- if (ps->sock) { |
2543 |
++ mutex_lock(&ps->sk_lock); |
2544 |
++ if (rcu_dereference_protected(ps->sk, |
2545 |
++ lockdep_is_held(&ps->sk_lock))) { |
2546 |
++ mutex_unlock(&ps->sk_lock); |
2547 |
+ error = -EEXIST; |
2548 |
+ goto end; |
2549 |
+ } |
2550 |
+ |
2551 |
+ /* consistency checks */ |
2552 |
+ if (ps->tunnel_sock != tunnel->sock) { |
2553 |
++ mutex_unlock(&ps->sk_lock); |
2554 |
+ error = -EEXIST; |
2555 |
+ goto end; |
2556 |
+ } |
2557 |
+@@ -722,35 +783,19 @@ static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, |
2558 |
+ error = PTR_ERR(session); |
2559 |
+ goto end; |
2560 |
+ } |
2561 |
+- } |
2562 |
+- |
2563 |
+- /* Associate session with its PPPoL2TP socket */ |
2564 |
+- ps = l2tp_session_priv(session); |
2565 |
+- ps->owner = current->pid; |
2566 |
+- ps->sock = sk; |
2567 |
+- ps->tunnel_sock = tunnel->sock; |
2568 |
+ |
2569 |
+- session->recv_skb = pppol2tp_recv; |
2570 |
+- session->session_close = pppol2tp_session_close; |
2571 |
+-#if IS_ENABLED(CONFIG_L2TP_DEBUGFS) |
2572 |
+- session->show = pppol2tp_show; |
2573 |
+-#endif |
2574 |
+- |
2575 |
+- /* We need to know each time a skb is dropped from the reorder |
2576 |
+- * queue. |
2577 |
+- */ |
2578 |
+- session->ref = pppol2tp_session_sock_hold; |
2579 |
+- session->deref = pppol2tp_session_sock_put; |
2580 |
+- |
2581 |
+- /* If PMTU discovery was enabled, use the MTU that was discovered */ |
2582 |
+- dst = sk_dst_get(tunnel->sock); |
2583 |
+- if (dst != NULL) { |
2584 |
+- u32 pmtu = dst_mtu(dst); |
2585 |
++ pppol2tp_session_init(session); |
2586 |
++ ps = l2tp_session_priv(session); |
2587 |
++ l2tp_session_inc_refcount(session); |
2588 |
+ |
2589 |
+- if (pmtu != 0) |
2590 |
+- session->mtu = session->mru = pmtu - |
2591 |
+- PPPOL2TP_HEADER_OVERHEAD; |
2592 |
+- dst_release(dst); |
2593 |
++ mutex_lock(&ps->sk_lock); |
2594 |
++ error = l2tp_session_register(session, tunnel); |
2595 |
++ if (error < 0) { |
2596 |
++ mutex_unlock(&ps->sk_lock); |
2597 |
++ kfree(session); |
2598 |
++ goto end; |
2599 |
++ } |
2600 |
++ drop_refcnt = true; |
2601 |
+ } |
2602 |
+ |
2603 |
+ /* Special case: if source & dest session_id == 0x0000, this |
2604 |
+@@ -775,14 +820,25 @@ static int pppol2tp_connect(struct socket *sock, struct sockaddr *uservaddr, |
2605 |
+ po->chan.mtu = session->mtu; |
2606 |
+ |
2607 |
+ error = ppp_register_net_channel(sock_net(sk), &po->chan); |
2608 |
+- if (error) |
2609 |
++ if (error) { |
2610 |
++ mutex_unlock(&ps->sk_lock); |
2611 |
+ goto end; |
2612 |
++ } |
2613 |
+ |
2614 |
+ out_no_ppp: |
2615 |
+ /* This is how we get the session context from the socket. */ |
2616 |
+ sk->sk_user_data = session; |
2617 |
++ rcu_assign_pointer(ps->sk, sk); |
2618 |
++ mutex_unlock(&ps->sk_lock); |
2619 |
++ |
2620 |
++ /* Keep the reference we've grabbed on the session: sk doesn't expect |
2621 |
++ * the session to disappear. pppol2tp_session_destruct() is responsible |
2622 |
++ * for dropping it. |
2623 |
++ */ |
2624 |
++ drop_refcnt = false; |
2625 |
++ |
2626 |
+ sk->sk_state = PPPOX_CONNECTED; |
2627 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: created\n", |
2628 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: created\n", |
2629 |
+ session->name); |
2630 |
+ |
2631 |
+ end: |
2632 |
+@@ -795,25 +851,19 @@ end: |
2633 |
+ |
2634 |
+ #ifdef CONFIG_L2TP_V3 |
2635 |
+ |
2636 |
+-/* Called when creating sessions via the netlink interface. |
2637 |
+- */ |
2638 |
+-static int pppol2tp_session_create(struct net *net, u32 tunnel_id, u32 session_id, u32 peer_session_id, struct l2tp_session_cfg *cfg) |
2639 |
++/* Called when creating sessions via the netlink interface. */ |
2640 |
++static int pppol2tp_session_create(struct net *net, struct l2tp_tunnel *tunnel, |
2641 |
++ u32 session_id, u32 peer_session_id, |
2642 |
++ struct l2tp_session_cfg *cfg) |
2643 |
+ { |
2644 |
+ int error; |
2645 |
+- struct l2tp_tunnel *tunnel; |
2646 |
+ struct l2tp_session *session; |
2647 |
+- struct pppol2tp_session *ps; |
2648 |
+- |
2649 |
+- tunnel = l2tp_tunnel_find(net, tunnel_id); |
2650 |
+- |
2651 |
+- /* Error if we can't find the tunnel */ |
2652 |
+- error = -ENOENT; |
2653 |
+- if (tunnel == NULL) |
2654 |
+- goto out; |
2655 |
+ |
2656 |
+ /* Error if tunnel socket is not prepped */ |
2657 |
+- if (tunnel->sock == NULL) |
2658 |
+- goto out; |
2659 |
++ if (!tunnel->sock) { |
2660 |
++ error = -ENOENT; |
2661 |
++ goto err; |
2662 |
++ } |
2663 |
+ |
2664 |
+ /* Default MTU values. */ |
2665 |
+ if (cfg->mtu == 0) |
2666 |
+@@ -827,18 +877,20 @@ static int pppol2tp_session_create(struct net *net, u32 tunnel_id, u32 session_i |
2667 |
+ peer_session_id, cfg); |
2668 |
+ if (IS_ERR(session)) { |
2669 |
+ error = PTR_ERR(session); |
2670 |
+- goto out; |
2671 |
++ goto err; |
2672 |
+ } |
2673 |
+ |
2674 |
+- ps = l2tp_session_priv(session); |
2675 |
+- ps->tunnel_sock = tunnel->sock; |
2676 |
++ pppol2tp_session_init(session); |
2677 |
+ |
2678 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: created\n", |
2679 |
+- session->name); |
2680 |
++ error = l2tp_session_register(session, tunnel); |
2681 |
++ if (error < 0) |
2682 |
++ goto err_sess; |
2683 |
+ |
2684 |
+- error = 0; |
2685 |
++ return 0; |
2686 |
+ |
2687 |
+-out: |
2688 |
++err_sess: |
2689 |
++ kfree(session); |
2690 |
++err: |
2691 |
+ return error; |
2692 |
+ } |
2693 |
+ |
2694 |
+@@ -995,16 +1047,14 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2695 |
+ struct l2tp_tunnel *tunnel = session->tunnel; |
2696 |
+ struct pppol2tp_ioc_stats stats; |
2697 |
+ |
2698 |
+- l2tp_dbg(session, PPPOL2TP_MSG_CONTROL, |
2699 |
++ l2tp_dbg(session, L2TP_MSG_CONTROL, |
2700 |
+ "%s: pppol2tp_session_ioctl(cmd=%#x, arg=%#lx)\n", |
2701 |
+ session->name, cmd, arg); |
2702 |
+ |
2703 |
+- sk = ps->sock; |
2704 |
++ sk = pppol2tp_session_get_sock(session); |
2705 |
+ if (!sk) |
2706 |
+ return -EBADR; |
2707 |
+ |
2708 |
+- sock_hold(sk); |
2709 |
+- |
2710 |
+ switch (cmd) { |
2711 |
+ case SIOCGIFMTU: |
2712 |
+ err = -ENXIO; |
2713 |
+@@ -1018,7 +1068,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2714 |
+ if (copy_to_user((void __user *) arg, &ifr, sizeof(struct ifreq))) |
2715 |
+ break; |
2716 |
+ |
2717 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: get mtu=%d\n", |
2718 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: get mtu=%d\n", |
2719 |
+ session->name, session->mtu); |
2720 |
+ err = 0; |
2721 |
+ break; |
2722 |
+@@ -1034,7 +1084,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2723 |
+ |
2724 |
+ session->mtu = ifr.ifr_mtu; |
2725 |
+ |
2726 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: set mtu=%d\n", |
2727 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: set mtu=%d\n", |
2728 |
+ session->name, session->mtu); |
2729 |
+ err = 0; |
2730 |
+ break; |
2731 |
+@@ -1048,7 +1098,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2732 |
+ if (put_user(session->mru, (int __user *) arg)) |
2733 |
+ break; |
2734 |
+ |
2735 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: get mru=%d\n", |
2736 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: get mru=%d\n", |
2737 |
+ session->name, session->mru); |
2738 |
+ err = 0; |
2739 |
+ break; |
2740 |
+@@ -1063,7 +1113,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2741 |
+ break; |
2742 |
+ |
2743 |
+ session->mru = val; |
2744 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: set mru=%d\n", |
2745 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: set mru=%d\n", |
2746 |
+ session->name, session->mru); |
2747 |
+ err = 0; |
2748 |
+ break; |
2749 |
+@@ -1073,7 +1123,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2750 |
+ if (put_user(ps->flags, (int __user *) arg)) |
2751 |
+ break; |
2752 |
+ |
2753 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: get flags=%d\n", |
2754 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: get flags=%d\n", |
2755 |
+ session->name, ps->flags); |
2756 |
+ err = 0; |
2757 |
+ break; |
2758 |
+@@ -1083,7 +1133,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2759 |
+ if (get_user(val, (int __user *) arg)) |
2760 |
+ break; |
2761 |
+ ps->flags = val; |
2762 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: set flags=%d\n", |
2763 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: set flags=%d\n", |
2764 |
+ session->name, ps->flags); |
2765 |
+ err = 0; |
2766 |
+ break; |
2767 |
+@@ -1100,7 +1150,7 @@ static int pppol2tp_session_ioctl(struct l2tp_session *session, |
2768 |
+ if (copy_to_user((void __user *) arg, &stats, |
2769 |
+ sizeof(stats))) |
2770 |
+ break; |
2771 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: get L2TP stats\n", |
2772 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: get L2TP stats\n", |
2773 |
+ session->name); |
2774 |
+ err = 0; |
2775 |
+ break; |
2776 |
+@@ -1128,7 +1178,7 @@ static int pppol2tp_tunnel_ioctl(struct l2tp_tunnel *tunnel, |
2777 |
+ struct sock *sk; |
2778 |
+ struct pppol2tp_ioc_stats stats; |
2779 |
+ |
2780 |
+- l2tp_dbg(tunnel, PPPOL2TP_MSG_CONTROL, |
2781 |
++ l2tp_dbg(tunnel, L2TP_MSG_CONTROL, |
2782 |
+ "%s: pppol2tp_tunnel_ioctl(cmd=%#x, arg=%#lx)\n", |
2783 |
+ tunnel->name, cmd, arg); |
2784 |
+ |
2785 |
+@@ -1171,7 +1221,7 @@ static int pppol2tp_tunnel_ioctl(struct l2tp_tunnel *tunnel, |
2786 |
+ err = -EFAULT; |
2787 |
+ break; |
2788 |
+ } |
2789 |
+- l2tp_info(tunnel, PPPOL2TP_MSG_CONTROL, "%s: get L2TP stats\n", |
2790 |
++ l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: get L2TP stats\n", |
2791 |
+ tunnel->name); |
2792 |
+ err = 0; |
2793 |
+ break; |
2794 |
+@@ -1261,7 +1311,7 @@ static int pppol2tp_tunnel_setsockopt(struct sock *sk, |
2795 |
+ switch (optname) { |
2796 |
+ case PPPOL2TP_SO_DEBUG: |
2797 |
+ tunnel->debug = val; |
2798 |
+- l2tp_info(tunnel, PPPOL2TP_MSG_CONTROL, "%s: set debug=%x\n", |
2799 |
++ l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: set debug=%x\n", |
2800 |
+ tunnel->name, tunnel->debug); |
2801 |
+ break; |
2802 |
+ |
2803 |
+@@ -1280,7 +1330,6 @@ static int pppol2tp_session_setsockopt(struct sock *sk, |
2804 |
+ int optname, int val) |
2805 |
+ { |
2806 |
+ int err = 0; |
2807 |
+- struct pppol2tp_session *ps = l2tp_session_priv(session); |
2808 |
+ |
2809 |
+ switch (optname) { |
2810 |
+ case PPPOL2TP_SO_RECVSEQ: |
2811 |
+@@ -1289,7 +1338,7 @@ static int pppol2tp_session_setsockopt(struct sock *sk, |
2812 |
+ break; |
2813 |
+ } |
2814 |
+ session->recv_seq = val ? -1 : 0; |
2815 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2816 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2817 |
+ "%s: set recv_seq=%d\n", |
2818 |
+ session->name, session->recv_seq); |
2819 |
+ break; |
2820 |
+@@ -1301,13 +1350,13 @@ static int pppol2tp_session_setsockopt(struct sock *sk, |
2821 |
+ } |
2822 |
+ session->send_seq = val ? -1 : 0; |
2823 |
+ { |
2824 |
+- struct sock *ssk = ps->sock; |
2825 |
+- struct pppox_sock *po = pppox_sk(ssk); |
2826 |
++ struct pppox_sock *po = pppox_sk(sk); |
2827 |
++ |
2828 |
+ po->chan.hdrlen = val ? PPPOL2TP_L2TP_HDR_SIZE_SEQ : |
2829 |
+ PPPOL2TP_L2TP_HDR_SIZE_NOSEQ; |
2830 |
+ } |
2831 |
+ l2tp_session_set_header_len(session, session->tunnel->version); |
2832 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2833 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2834 |
+ "%s: set send_seq=%d\n", |
2835 |
+ session->name, session->send_seq); |
2836 |
+ break; |
2837 |
+@@ -1318,20 +1367,20 @@ static int pppol2tp_session_setsockopt(struct sock *sk, |
2838 |
+ break; |
2839 |
+ } |
2840 |
+ session->lns_mode = val ? -1 : 0; |
2841 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2842 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2843 |
+ "%s: set lns_mode=%d\n", |
2844 |
+ session->name, session->lns_mode); |
2845 |
+ break; |
2846 |
+ |
2847 |
+ case PPPOL2TP_SO_DEBUG: |
2848 |
+ session->debug = val; |
2849 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: set debug=%x\n", |
2850 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: set debug=%x\n", |
2851 |
+ session->name, session->debug); |
2852 |
+ break; |
2853 |
+ |
2854 |
+ case PPPOL2TP_SO_REORDERTO: |
2855 |
+ session->reorder_timeout = msecs_to_jiffies(val); |
2856 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2857 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2858 |
+ "%s: set reorder_timeout=%d\n", |
2859 |
+ session->name, session->reorder_timeout); |
2860 |
+ break; |
2861 |
+@@ -1412,7 +1461,7 @@ static int pppol2tp_tunnel_getsockopt(struct sock *sk, |
2862 |
+ switch (optname) { |
2863 |
+ case PPPOL2TP_SO_DEBUG: |
2864 |
+ *val = tunnel->debug; |
2865 |
+- l2tp_info(tunnel, PPPOL2TP_MSG_CONTROL, "%s: get debug=%x\n", |
2866 |
++ l2tp_info(tunnel, L2TP_MSG_CONTROL, "%s: get debug=%x\n", |
2867 |
+ tunnel->name, tunnel->debug); |
2868 |
+ break; |
2869 |
+ |
2870 |
+@@ -1435,31 +1484,31 @@ static int pppol2tp_session_getsockopt(struct sock *sk, |
2871 |
+ switch (optname) { |
2872 |
+ case PPPOL2TP_SO_RECVSEQ: |
2873 |
+ *val = session->recv_seq; |
2874 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2875 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2876 |
+ "%s: get recv_seq=%d\n", session->name, *val); |
2877 |
+ break; |
2878 |
+ |
2879 |
+ case PPPOL2TP_SO_SENDSEQ: |
2880 |
+ *val = session->send_seq; |
2881 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2882 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2883 |
+ "%s: get send_seq=%d\n", session->name, *val); |
2884 |
+ break; |
2885 |
+ |
2886 |
+ case PPPOL2TP_SO_LNSMODE: |
2887 |
+ *val = session->lns_mode; |
2888 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2889 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2890 |
+ "%s: get lns_mode=%d\n", session->name, *val); |
2891 |
+ break; |
2892 |
+ |
2893 |
+ case PPPOL2TP_SO_DEBUG: |
2894 |
+ *val = session->debug; |
2895 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, "%s: get debug=%d\n", |
2896 |
++ l2tp_info(session, L2TP_MSG_CONTROL, "%s: get debug=%d\n", |
2897 |
+ session->name, *val); |
2898 |
+ break; |
2899 |
+ |
2900 |
+ case PPPOL2TP_SO_REORDERTO: |
2901 |
+ *val = (int) jiffies_to_msecs(session->reorder_timeout); |
2902 |
+- l2tp_info(session, PPPOL2TP_MSG_CONTROL, |
2903 |
++ l2tp_info(session, L2TP_MSG_CONTROL, |
2904 |
+ "%s: get reorder_timeout=%d\n", session->name, *val); |
2905 |
+ break; |
2906 |
+ |
2907 |
+@@ -1638,8 +1687,9 @@ static void pppol2tp_seq_session_show(struct seq_file *m, void *v) |
2908 |
+ { |
2909 |
+ struct l2tp_session *session = v; |
2910 |
+ struct l2tp_tunnel *tunnel = session->tunnel; |
2911 |
+- struct pppol2tp_session *ps = l2tp_session_priv(session); |
2912 |
+- struct pppox_sock *po = pppox_sk(ps->sock); |
2913 |
++ unsigned char state; |
2914 |
++ char user_data_ok; |
2915 |
++ struct sock *sk; |
2916 |
+ u32 ip = 0; |
2917 |
+ u16 port = 0; |
2918 |
+ |
2919 |
+@@ -1649,6 +1699,15 @@ static void pppol2tp_seq_session_show(struct seq_file *m, void *v) |
2920 |
+ port = ntohs(inet->inet_sport); |
2921 |
+ } |
2922 |
+ |
2923 |
++ sk = pppol2tp_session_get_sock(session); |
2924 |
++ if (sk) { |
2925 |
++ state = sk->sk_state; |
2926 |
++ user_data_ok = (session == sk->sk_user_data) ? 'Y' : 'N'; |
2927 |
++ } else { |
2928 |
++ state = 0; |
2929 |
++ user_data_ok = 'N'; |
2930 |
++ } |
2931 |
++ |
2932 |
+ seq_printf(m, " SESSION '%s' %08X/%d %04X/%04X -> " |
2933 |
+ "%04X/%04X %d %c\n", |
2934 |
+ session->name, ip, port, |
2935 |
+@@ -1656,9 +1715,7 @@ static void pppol2tp_seq_session_show(struct seq_file *m, void *v) |
2936 |
+ session->session_id, |
2937 |
+ tunnel->peer_tunnel_id, |
2938 |
+ session->peer_session_id, |
2939 |
+- ps->sock->sk_state, |
2940 |
+- (session == ps->sock->sk_user_data) ? |
2941 |
+- 'Y' : 'N'); |
2942 |
++ state, user_data_ok); |
2943 |
+ seq_printf(m, " %d/%d/%c/%c/%s %08x %u\n", |
2944 |
+ session->mtu, session->mru, |
2945 |
+ session->recv_seq ? 'R' : '-', |
2946 |
+@@ -1675,8 +1732,12 @@ static void pppol2tp_seq_session_show(struct seq_file *m, void *v) |
2947 |
+ atomic_long_read(&session->stats.rx_bytes), |
2948 |
+ atomic_long_read(&session->stats.rx_errors)); |
2949 |
+ |
2950 |
+- if (po) |
2951 |
++ if (sk) { |
2952 |
++ struct pppox_sock *po = pppox_sk(sk); |
2953 |
++ |
2954 |
+ seq_printf(m, " interface %s\n", ppp_dev_name(&po->chan)); |
2955 |
++ sock_put(sk); |
2956 |
++ } |
2957 |
+ } |
2958 |
+ |
2959 |
+ static int pppol2tp_seq_show(struct seq_file *m, void *v) |
2960 |
+diff --git a/net/socket.c b/net/socket.c |
2961 |
+index 65afc8ec68d4..88abc72df2a6 100644 |
2962 |
+--- a/net/socket.c |
2963 |
++++ b/net/socket.c |
2964 |
+@@ -3321,3 +3321,49 @@ int kernel_sock_shutdown(struct socket *sock, enum sock_shutdown_cmd how) |
2965 |
+ return sock->ops->shutdown(sock, how); |
2966 |
+ } |
2967 |
+ EXPORT_SYMBOL(kernel_sock_shutdown); |
2968 |
++ |
2969 |
++/* This routine returns the IP overhead imposed by a socket i.e. |
2970 |
++ * the length of the underlying IP header, depending on whether |
2971 |
++ * this is an IPv4 or IPv6 socket and the length from IP options turned |
2972 |
++ * on at the socket. Assumes that the caller has a lock on the socket. |
2973 |
++ */ |
2974 |
++u32 kernel_sock_ip_overhead(struct sock *sk) |
2975 |
++{ |
2976 |
++ struct inet_sock *inet; |
2977 |
++ struct ip_options_rcu *opt; |
2978 |
++ u32 overhead = 0; |
2979 |
++ bool owned_by_user; |
2980 |
++#if IS_ENABLED(CONFIG_IPV6) |
2981 |
++ struct ipv6_pinfo *np; |
2982 |
++ struct ipv6_txoptions *optv6 = NULL; |
2983 |
++#endif /* IS_ENABLED(CONFIG_IPV6) */ |
2984 |
++ |
2985 |
++ if (!sk) |
2986 |
++ return overhead; |
2987 |
++ |
2988 |
++ owned_by_user = sock_owned_by_user(sk); |
2989 |
++ switch (sk->sk_family) { |
2990 |
++ case AF_INET: |
2991 |
++ inet = inet_sk(sk); |
2992 |
++ overhead += sizeof(struct iphdr); |
2993 |
++ opt = rcu_dereference_protected(inet->inet_opt, |
2994 |
++ owned_by_user); |
2995 |
++ if (opt) |
2996 |
++ overhead += opt->opt.optlen; |
2997 |
++ return overhead; |
2998 |
++#if IS_ENABLED(CONFIG_IPV6) |
2999 |
++ case AF_INET6: |
3000 |
++ np = inet6_sk(sk); |
3001 |
++ overhead += sizeof(struct ipv6hdr); |
3002 |
++ if (np) |
3003 |
++ optv6 = rcu_dereference_protected(np->opt, |
3004 |
++ owned_by_user); |
3005 |
++ if (optv6) |
3006 |
++ overhead += (optv6->opt_flen + optv6->opt_nflen); |
3007 |
++ return overhead; |
3008 |
++#endif /* IS_ENABLED(CONFIG_IPV6) */ |
3009 |
++ default: /* Returns 0 overhead if the socket is not ipv4 or ipv6 */ |
3010 |
++ return overhead; |
3011 |
++ } |
3012 |
++} |
3013 |
++EXPORT_SYMBOL(kernel_sock_ip_overhead); |
3014 |
+diff --git a/scripts/gcc-plugins/Makefile b/scripts/gcc-plugins/Makefile |
3015 |
+index 8b29dc17c73c..2cad963c4fb7 100644 |
3016 |
+--- a/scripts/gcc-plugins/Makefile |
3017 |
++++ b/scripts/gcc-plugins/Makefile |
3018 |
+@@ -9,6 +9,7 @@ else |
3019 |
+ HOST_EXTRACXXFLAGS += -I$(GCC_PLUGINS_DIR)/include -I$(src) -std=gnu++98 -fno-rtti |
3020 |
+ HOST_EXTRACXXFLAGS += -fno-exceptions -fasynchronous-unwind-tables -ggdb |
3021 |
+ HOST_EXTRACXXFLAGS += -Wno-narrowing -Wno-unused-variable |
3022 |
++ HOST_EXTRACXXFLAGS += -Wno-format-diag |
3023 |
+ export HOST_EXTRACXXFLAGS |
3024 |
+ endif |
3025 |
+ |
3026 |
+diff --git a/scripts/gcc-plugins/gcc-common.h b/scripts/gcc-plugins/gcc-common.h |
3027 |
+index 08fe09c28bd2..6792915f5174 100644 |
3028 |
+--- a/scripts/gcc-plugins/gcc-common.h |
3029 |
++++ b/scripts/gcc-plugins/gcc-common.h |
3030 |
+@@ -31,7 +31,9 @@ |
3031 |
+ #include "ggc.h" |
3032 |
+ #include "timevar.h" |
3033 |
+ |
3034 |
++#if BUILDING_GCC_VERSION < 10000 |
3035 |
+ #include "params.h" |
3036 |
++#endif |
3037 |
+ |
3038 |
+ #if BUILDING_GCC_VERSION <= 4009 |
3039 |
+ #include "pointer-set.h" |
3040 |
+@@ -796,6 +798,7 @@ static inline gimple gimple_build_assign_with_ops(enum tree_code subcode, tree l |
3041 |
+ return gimple_build_assign(lhs, subcode, op1, op2 PASS_MEM_STAT); |
3042 |
+ } |
3043 |
+ |
3044 |
++#if BUILDING_GCC_VERSION < 10000 |
3045 |
+ template <> |
3046 |
+ template <> |
3047 |
+ inline bool is_a_helper<const ggoto *>::test(const_gimple gs) |
3048 |
+@@ -809,6 +812,7 @@ inline bool is_a_helper<const greturn *>::test(const_gimple gs) |
3049 |
+ { |
3050 |
+ return gs->code == GIMPLE_RETURN; |
3051 |
+ } |
3052 |
++#endif |
3053 |
+ |
3054 |
+ static inline gasm *as_a_gasm(gimple stmt) |
3055 |
+ { |
3056 |
+diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c |
3057 |
+index c783fefa558a..e034dc21421e 100644 |
3058 |
+--- a/security/integrity/evm/evm_crypto.c |
3059 |
++++ b/security/integrity/evm/evm_crypto.c |
3060 |
+@@ -90,7 +90,7 @@ static struct shash_desc *init_desc(char type) |
3061 |
+ algo = evm_hash; |
3062 |
+ } |
3063 |
+ |
3064 |
+- if (*tfm == NULL) { |
3065 |
++ if (IS_ERR_OR_NULL(*tfm)) { |
3066 |
+ mutex_lock(&mutex); |
3067 |
+ if (*tfm) |
3068 |
+ goto out; |
3069 |
+diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c |
3070 |
+index 44b44d7e0dbc..853a7d2333b3 100644 |
3071 |
+--- a/security/integrity/ima/ima_fs.c |
3072 |
++++ b/security/integrity/ima/ima_fs.c |
3073 |
+@@ -331,8 +331,7 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf, |
3074 |
+ integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, |
3075 |
+ "policy_update", "signed policy required", |
3076 |
+ 1, 0); |
3077 |
+- if (ima_appraise & IMA_APPRAISE_ENFORCE) |
3078 |
+- result = -EACCES; |
3079 |
++ result = -EACCES; |
3080 |
+ } else { |
3081 |
+ result = ima_parse_add_rule(data); |
3082 |
+ } |
3083 |
+diff --git a/sound/core/pcm_lib.c b/sound/core/pcm_lib.c |
3084 |
+index f09ae7efc695..f0052c06d065 100644 |
3085 |
+--- a/sound/core/pcm_lib.c |
3086 |
++++ b/sound/core/pcm_lib.c |
3087 |
+@@ -456,6 +456,7 @@ static int snd_pcm_update_hw_ptr0(struct snd_pcm_substream *substream, |
3088 |
+ |
3089 |
+ no_delta_check: |
3090 |
+ if (runtime->status->hw_ptr == new_hw_ptr) { |
3091 |
++ runtime->hw_ptr_jiffies = curr_jiffies; |
3092 |
+ update_audio_tstamp(substream, &curr_tstamp, &audio_tstamp); |
3093 |
+ return 0; |
3094 |
+ } |