[commits] [linux-merge]linux integration; branch, ecsv/to_submit_net, created. v4.6-rc6-139-g13e4e70

The branch, ecsv/to_submit_net has been created at 13e4e70a0a0f18e2bf884d44ef755a4bf2b890eb (commit)

- Shortlog ------------------------------------------------------------ commit 13e4e70a0a0f18e2bf884d44ef755a4bf2b890eb Author: Sven Eckelmann sven@narfation.org Date: Fri May 6 22:27:09 2016 +0200

batman-adv: Fix double neigh_node_put in batadv_v_ogm_route_update

The router is put down twice when it was non-NULL and either orig_ifinfo is NULL afterwards or batman-adv receives a packet with the same sequence number. This will end up in a use-after-free when the batadv_neigh_node is removed because the reference counter ended up too early at 0.

Fixes: 667996ebeab4 ("batman-adv: OGMv2 - implement originators logic") Signed-off-by: Sven Eckelmann sven@narfation.org

commit 975ac9c0265f5d2581c0d63da3ca37a85b232bcf Author: Sven Eckelmann sven@narfation.org Date: Fri May 6 11:43:39 2016 +0200

batman-adv: Fix refcnt leak in batadv_v_neigh_*

The functions batadv_neigh_ifinfo_get increase the reference counter of the batadv_neigh_ifinfo. These have to be reduced again when the reference is not used anymore to correctly free the objects.

Fixes: b05bbab5e1fc ("batman-adv: B.A.T.M.A.N. V - implement neighbor comparison API calls") Signed-off-by: Sven Eckelmann sven@narfation.org Signed-off-by: Marek Lindner mareklindner@neomailbox.ch

commit 12b4109f85a3d5dc0f42aeef78b8d0d8a280d388 Author: Sven Eckelmann sven@narfation.org Date: Fri May 6 11:43:38 2016 +0200

batman-adv: Avoid nullptr derefence in batadv_v_neigh_is_sob

batadv_neigh_ifinfo_get can return NULL when it cannot find (even when only temporarily) anymore the neigh_ifinfo in the list neigh->ifinfo_list. This has to be checked to avoid kernel Oopses when the ifinfo is dereferenced.

This a situation which isn't expected but is already handled by functions like batadv_v_neigh_cmp. The same kind of warning is therefore used before the function returns without dereferencing the pointers.

Fixes: b05bbab5e1fc ("batman-adv: B.A.T.M.A.N. V - implement neighbor comparison API calls") Signed-off-by: Sven Eckelmann sven@narfation.org Signed-off-by: Marek Lindner mareklindner@neomailbox.ch

commit 0f76d2e531ede9cda4d2618851f14075eb01d4b9 Author: Sven Eckelmann sven@narfation.org Date: Mon Feb 22 22:56:33 2016 +0100

batman-adv: Fix unexpected free of bcast_own on add_if error

The function batadv_iv_ogm_orig_add_if allocates new buffers for bcast_own and bcast_own_sum. It is expected that these buffers are unchanged in case either bcast_own or bcast_own_sum couldn't be resized.

But the error handling of this function frees the already resized buffer for bcast_own when the allocation of the new bcast_own_sum buffer failed. This will lead to an invalid memory access when some code will try to access bcast_own.

Instead the resized new bcast_own buffer has to be kept. This will not lead to problems because the size of the buffer was only increased and therefore no user of the buffer will try to access bytes outside of the new buffer.

Fixes: fdafa7d29ace ("batman-adv: provide orig_node routing API") Signed-off-by: Sven Eckelmann sven@narfation.org Signed-off-by: Marek Lindner mareklindner@neomailbox.ch

commit 8820430a7b8e794105bd98397fdaf1a4eff3de39 Author: Antonio Quartulli a@unstable.cc Date: Mon May 2 18:27:38 2016 +0800

batman-adv: make sure ELP/OGM orig MAC is updated on address change

When the MAC address of the primary interface is changed, update the originator address in the ELP and OGM skb buffers as well in order to reflect the change.

Fixes: a4b88af77e28 ("batman-adv: ELP - adding basic infrastructure") Reported-by: Marek Lindner marek@neomailbox.ch Signed-off-by: Antonio Quartulli a@unstable.cc Signed-off-by: Marek Lindner mareklindner@neomailbox.ch

commit fead5d613878b12460b45f500b21fed90b883be9 Author: Linus Lüssing linus.luessing@c0d3.blue Date: Thu Jan 7 08:11:12 2016 +0100

batman-adv: Avoid duplicate neigh_node additions

Two parallel calls to batadv_neigh_node_new() might race for creating and adding the same neig_node. Fix this by including the check for any already existing, identical neigh_node within the spin-lock.

This fixes splats like the following:

[ 739.535069] ------------[ cut here ]------------ [ 739.535079] WARNING: CPU: 0 PID: 0 at /usr/src/batman-adv/git/batman-adv/net/batman-adv/bat_iv_ogm.c:1004 batadv_iv_ogm_process_per_outif+0xe3f/0xe60 [batman_adv]() [ 739.535092] too many matching neigh_nodes [ 739.535094] Modules linked in: dm_mod tun ip6table_filter ip6table_mangle ip6table_nat nf_nat_ipv6 ip6_tables xt_nat iptable_nat nf_nat_ipv4 nf_nat xt_TCPMSS xt_mark iptable_mangle xt_tcpudp xt_conntrack iptable_filter ip_tables x_tables ip_gre ip_tunnel gre bridge stp llc thermal_sys kvm_intel kvm crct10dif_pclmul crc32_pclmul sha256_ssse3 sha256_generic hmac drbg ansi_cprng aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd evdev pcspkr ip6_gre ip6_tunnel tunnel6 batman_adv(O) libcrc32c nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack autofs4 ext4 crc16 mbcache jbd2 xen_netfront xen_blkfront crc32c_intel [ 739.535177] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 4.2.0-0.bpo.1-amd64 #1 Debian 4.2.6-3~bpo8+2 [ 739.535186] 0000000000000000 ffffffffa013b050 ffffffff81554521 ffff88007d003c18 [ 739.535201] ffffffff8106fa01 0000000000000000 ffff8800047a087a ffff880079c3a000 [ 739.735602] ffff88007b82bf40 ffff88007bc2d1c0 ffffffff8106fa7a ffffffffa013aa8e [ 739.735624] Call Trace: [ 739.735639] <IRQ> [<ffffffff81554521>] ? dump_stack+0x40/0x50 [ 739.735677] [<ffffffff8106fa01>] ? warn_slowpath_common+0x81/0xb0 [ 739.735692] [<ffffffff8106fa7a>] ? warn_slowpath_fmt+0x4a/0x50 [ 739.735715] [<ffffffffa012448f>] ? batadv_iv_ogm_process_per_outif+0xe3f/0xe60 [batman_adv] [ 739.735740] [<ffffffffa0124813>] ? batadv_iv_ogm_receive+0x363/0x380 [batman_adv] [ 739.735762] [<ffffffffa0124813>] ? batadv_iv_ogm_receive+0x363/0x380 [batman_adv] [ 739.735783] [<ffffffff810b0841>] ? __raw_callee_save___pv_queued_spin_unlock+0x11/0x20 [ 739.735804] [<ffffffffa012cb39>] ? batadv_batman_skb_recv+0xc9/0x110 [batman_adv] [ 739.735825] [<ffffffff81464891>] ? __netif_receive_skb_core+0x841/0x9a0 [ 739.735838] [<ffffffff810b0841>] ? __raw_callee_save___pv_queued_spin_unlock+0x11/0x20 [ 739.735853] [<ffffffff81465681>] ? process_backlog+0xa1/0x140 [ 739.735864] [<ffffffff81464f1a>] ? net_rx_action+0x20a/0x320 [ 739.735878] [<ffffffff81073aa7>] ? __do_softirq+0x107/0x270 [ 739.735891] [<ffffffff81073d82>] ? irq_exit+0x92/0xa0 [ 739.735905] [<ffffffff8137e0d1>] ? xen_evtchn_do_upcall+0x31/0x40 [ 739.735924] [<ffffffff8155b8fe>] ? xen_do_hypervisor_callback+0x1e/0x40 [ 739.735939] <EOI> [<ffffffff810013aa>] ? xen_hypercall_sched_op+0xa/0x20 [ 739.735965] [<ffffffff810013aa>] ? xen_hypercall_sched_op+0xa/0x20 [ 739.735979] [<ffffffff8100a39c>] ? xen_safe_halt+0xc/0x20 [ 739.735991] [<ffffffff8101da6c>] ? default_idle+0x1c/0xa0 [ 739.736004] [<ffffffff810abf6b>] ? cpu_startup_entry+0x2eb/0x350 [ 739.736019] [<ffffffff81b2af5e>] ? start_kernel+0x480/0x48b [ 739.736032] [<ffffffff81b2d116>] ? xen_start_kernel+0x507/0x511 [ 739.736048] ---[ end trace c106bb901244bc8c ]---

Reported-by: Martin Weinelt martin@darmstadt.freifunk.net Signed-off-by: Linus Lüssing linus.luessing@c0d3.blue Signed-off-by: Marek Lindner mareklindner@neomailbox.ch

commit e975ca2095cc06070c721489892003e1f2085422 Author: Sven Eckelmann sven.eckelmann@open-mesh.com Date: Tue Feb 16 10:47:07 2016 +0100

batman-adv: Fix integer overflow in batadv_iv_ogm_calc_tq

The undefined behavior sanatizer detected an signed integer overflow in a setup with near perfect link quality

UBSAN: Undefined behaviour in net/batman-adv/bat_iv_ogm.c:1246:25 signed integer overflow: 8713350 * 255 cannot be represented in type 'int'

The problems happens because the calculation of mixed unsigned and signed integers resulted in an integer multiplication.

batadv_ogm_packet::tq (u8 255) * tq_own (u8 255) * tq_asym_penalty (int 134; max 255) * tq_iface_penalty (int 255; max 255)

The tq_iface_penalty, tq_asym_penalty and inv_asym_penalty can just be changed to unsigned int because they are not expected to become negative.

Fixes: 46e44fdb96ef ("batman-adv: add WiFi penalty") Signed-off-by: Sven Eckelmann sven.eckelmann@open-mesh.com Signed-off-by: Marek Lindner mareklindner@neomailbox.ch

commit 288928658583a27256c6c295aeccd95a3ddcefce Author: Ido Schimmel idosch@mellanox.com Date: Fri May 6 22:18:40 2016 +0200

mlxsw: spectrum: Add missing rollback in flood configuration

When we fail to set the flooding configuration for the broadcast and unregistered multicast traffic, we should revert the flooding configuration of the unknown unicast traffic.

Fixes: 0293038e0c36 ("mlxsw: spectrum: Add support for flood control") Signed-off-by: Ido Schimmel idosch@mellanox.com Signed-off-by: Jiri Pirko jiri@mellanox.com Signed-off-by: David S. Miller davem@davemloft.net

commit 51554db2d23f71989e040df838613bbae554d4e0 Author: Ido Schimmel idosch@mellanox.com Date: Fri May 6 22:18:39 2016 +0200

mlxsw: spectrum: Fix rollback order in LAG join failure

Make the leave procedure in the error path symmetric to the join procedure and first remove the port from the collector before potentially destroying the LAG.

Fixes: 0d65fc13042f ("mlxsw: spectrum: Implement LAG port join/leave") Signed-off-by: Ido Schimmel idosch@mellanox.com Signed-off-by: Jiri Pirko jiri@mellanox.com Signed-off-by: David S. Miller davem@davemloft.net

commit 229740c63169462a838a8b8e16391ed000934631 Author: Jarno Rajahalme jarno@ovn.org Date: Tue May 3 16:10:21 2016 -0700

udp_offload: Set encapsulation before inner completes.

UDP tunnel segmentation code relies on the inner offsets being set for an UDP tunnel GSO packet, but the inner *_complete() functions will set the inner offsets only if 'encapsulation' is set before calling them. Currently, udp_gro_complete() sets 'encapsulation' only after the inner *_complete() functions are done. This causes the inner offsets having invalid values after udp_gro_complete() returns, which in turn will make it impossible to properly segment the packet in case it needs to be forwarded, which would be visible to the user either as invalid packets being sent or as packet loss.

This patch fixes this by setting skb's 'encapsulation' in udp_gro_complete() before calling into the inner complete functions, and by making each possible UDP tunnel gro_complete() callback set the inner_mac_header to the beginning of the tunnel payload.

Signed-off-by: Jarno Rajahalme jarno@ovn.org Reviewed-by: Alexander Duyck aduyck@mirantis.com Signed-off-by: David S. Miller davem@davemloft.net

commit 43b8448cd7b42a4c39476c9a12c960c1408f1946 Author: Jarno Rajahalme jarno@ovn.org Date: Tue May 3 16:10:20 2016 -0700

udp_tunnel: Remove redundant udp_tunnel_gro_complete().

The setting of the UDP tunnel GSO type is already performed by udp[46]_gro_complete().

Signed-off-by: Jarno Rajahalme jarno@ovn.org Signed-off-by: David S. Miller davem@davemloft.net

commit 8e0ddc040a87a3b700bdf67394d24fe30a0f1eb9 Author: Sudarsana Reddy Kalluru sudarsana.kalluru@qlogic.com Date: Thu May 5 00:35:16 2016 -0400

qede: prevent chip hang when increasing channels

qede requires qed to provide enough resources to accommodate 16 combined channels, but that upper-bound isn't actually being enforced by it. Instead, qed inform back to qede how many channels can be opened based on available resources - but that calculation doesn't really take into account the resources requested by qede; Instead it considers other FW/HW available resources.

As a result, if a user would increase the number of channels to more than 16 [e.g., using ethtool] the chip would hang.

This change increments the resources requested by qede to 64 combined channels instead of 16; This value is an upper bound on the possible available channels [due to other FW/HW resources].

Signed-off-by: Sudarsana Reddy Kalluru sudarsana.kalluru@qlogic.com Signed-off-by: Yuval Mintz Yuval.Mintz@qlogic.com Signed-off-by: David S. Miller davem@davemloft.net

commit 1d2f7b2d956e242179aaf4a08f3545f99c81f9a3 Author: David Ahern dsa@cumulusnetworks.com Date: Wed May 4 21:26:08 2016 -0700

net: ipv6: tcp reset, icmp need to consider L3 domain

Responses for packets to unused ports are getting lost with L3 domains.

IPv4 has ip_send_unicast_reply for sending TCP responses which accounts for L3 domains; update the IPv6 counterpart tcp_v6_send_response. For icmp the L3 master check needs to be moved up in icmp6_send to properly respond to UDP packets to a port with no listener.

Fixes: ca254490c8df ("net: Add VRF support to IPv6 stack") Signed-off-by: David Ahern dsa@cumulusnetworks.com Signed-off-by: David S. Miller davem@davemloft.net

commit 856ce5d083e14571d051301fe3c65b32b8cbe321 Author: Linus Lüssing linus.luessing@c0d3.blue Date: Wed May 4 17:25:02 2016 +0200

bridge: fix igmp / mld query parsing

With the newly introduced helper functions the skb pulling is hidden in the checksumming function - and undone before returning to the caller.

The IGMP and MLD query parsing functions in the bridge still assumed that the skb is pointing to the beginning of the IGMP/MLD message while it is now kept at the beginning of the IPv4/6 header.

If there is a querier somewhere else, then this either causes the multicast snooping to stay disabled even though it could be enabled. Or, if we have the querier enabled too, then this can create unnecessary IGMP / MLD query messages on the link.

Fixing this by taking the offset between IP and IGMP/MLD header into account, too.

Fixes: 9afd85c9e455 ("net: Export IGMP/MLD message validation code") Reported-by: Simon Wunderlich sw@simonwunderlich.de Signed-off-by: Linus Lüssing linus.luessing@c0d3.blue Signed-off-by: David S. Miller davem@davemloft.net

commit 31ca0458a61a502adb7ed192bf9716c6d05791a5 Author: Nikolay Aleksandrov nikolay@cumulusnetworks.com Date: Wed May 4 16:18:45 2016 +0200

net: bridge: fix old ioctl unlocked net device walk

get_bridge_ifindices() is used from the old "deviceless" bridge ioctl calls which aren't called with rtnl held. The comment above says that it is called with rtnl but that is not really the case. Here's a sample output from a test ASSERT_RTNL() which I put in get_bridge_ifindices and executed "brctl show": [ 957.422726] RTNL: assertion failed at net/bridge//br_ioctl.c (30) [ 957.422925] CPU: 0 PID: 1862 Comm: brctl Tainted: G W O 4.6.0-rc4+ #157 [ 957.423009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.8.1-20150318_183358- 04/01/2014 [ 957.423009] 0000000000000000 ffff880058adfdf0 ffffffff8138dec5 0000000000000400 [ 957.423009] ffffffff81ce8380 ffff880058adfe58 ffffffffa05ead32 0000000000000001 [ 957.423009] 00007ffec1a444b0 0000000000000400 ffff880053c19130 0000000000008940 [ 957.423009] Call Trace: [ 957.423009] [<ffffffff8138dec5>] dump_stack+0x85/0xc0 [ 957.423009] [<ffffffffa05ead32>] br_ioctl_deviceless_stub+0x212/0x2e0 [bridge] [ 957.423009] [<ffffffff81515beb>] sock_ioctl+0x22b/0x290 [ 957.423009] [<ffffffff8126ba75>] do_vfs_ioctl+0x95/0x700 [ 957.423009] [<ffffffff8126c159>] SyS_ioctl+0x79/0x90 [ 957.423009] [<ffffffff8163a4c0>] entry_SYSCALL_64_fastpath+0x23/0xc1

Since it only reads bridge ifindices, we can use rcu to safely walk the net device list. Also remove the wrong rtnl comment above.

Signed-off-by: Nikolay Aleksandrov nikolay@cumulusnetworks.com Signed-off-by: David S. Miller davem@davemloft.net

commit dedc58e067d8c379a15a8a183c5db318201295bb Author: Ian Campbell ian.campbell@docker.com Date: Wed May 4 14:21:53 2016 +0100

VSOCK: do not disconnect socket when peer has shutdown SEND only

The peer may be expecting a reply having sent a request and then done a shutdown(SHUT_WR), so tearing down the whole socket at this point seems wrong and breaks for me with a client which does a SHUT_WR.

Looking at other socket family's stream_recvmsg callbacks doing a shutdown here does not seem to be the norm and removing it does not seem to have had any adverse effects that I can see.

I'm using Stefan's RFC virtio transport patches, I'm unsure of the impact on the vmci transport.

Signed-off-by: Ian Campbell ian.campbell@docker.com Cc: "David S. Miller" davem@davemloft.net Cc: Stefan Hajnoczi stefanha@redhat.com Cc: Claudio Imbrenda imbrenda@linux.vnet.ibm.com Cc: Andy King acking@vmware.com Cc: Dmitry Torokhov dtor@vmware.com Cc: Jorgen Hansen jhansen@vmware.com Cc: Adit Ranadive aditr@vmware.com Cc: netdev@vger.kernel.org Signed-off-by: David S. Miller davem@davemloft.net

commit 82d69203df634b4dfa765c94f60ce9482bcc44d6 Author: Daniel Jurgens danielj@mellanox.com Date: Wed May 4 15:00:33 2016 +0300

net/mlx4_en: Fix endianness bug in IPV6 csum calculation

Use htons instead of unconditionally byte swapping nexthdr. On a little endian systems shifting the byte is correct behavior, but it results in incorrect csums on big endian architectures.

Fixes: f8c6455bb04b ('net/mlx4_en: Extend checksum offloading by CHECKSUM COMPLETE') Signed-off-by: Daniel Jurgens danielj@mellanox.com Reviewed-by: Carol Soto clsoto@us.ibm.com Tested-by: Carol Soto clsoto@us.ibm.com Signed-off-by: Tariq Toukan tariqt@mellanox.com Signed-off-by: David S. Miller davem@davemloft.net

commit c2cf530d42437fa2a1fce7b56ea4b478ec35b42a Merge: 32b583a 7d2837d Author: David S. Miller davem@davemloft.net Date: Wed May 4 17:11:39 2016 -0400

Merge branch 'bnxt_en-fixes'

Michael Chan says:

==================== bnxt_en: 2 bug fixes.

Fix crash on ppc64 due to missing memory barrier and restore multicast after reset. ====================

Signed-off-by: David S. Miller davem@davemloft.net

commit 7d2837dd7a3239e8201d9bef75c1a708e451e123 Author: Michael Chan michael.chan@broadcom.com Date: Wed May 4 16:56:44 2016 -0400

bnxt_en: Setup multicast properly after resetting device.

The multicast/all-multicast internal flags are not properly restored after device reset. This could lead to unreliable multicast operations after an ethtool configuration change for example.

Call bnxt_mc_list_updated() and setup the vnic->mask in bnxt_init_chip() to fix the issue.

Signed-off-by: Michael Chan michael.chan@broadcom.com Signed-off-by: David S. Miller davem@davemloft.net

commit 67a95e2022c7f0405408fb1f910283785ece354a Author: Michael Chan michael.chan@broadcom.com Date: Wed May 4 16:56:43 2016 -0400

bnxt_en: Need memory barrier when processing the completion ring.

The code determines if the next ring entry is valid before proceeding further to read the rest of the entry. The CPU can re-order and read the rest of the entry first, possibly reading a stale entry, if DMA of a new entry happens right after reading it. This issue can be readily seen on a ppc64 system, causing it to crash.

Signed-off-by: Michael Chan michael.chan@broadcom.com Signed-off-by: David S. Miller davem@davemloft.net

commit 32b583a0cb9b757d68c44f2819fa6ccf95dbb953 Merge: 5f8e447 d6af1a3 Author: David S. Miller davem@davemloft.net Date: Wed May 4 16:35:31 2016 -0400

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec

Steffen Klassert says:

==================== pull request (net): ipsec 2016-05-04

1) The flowcache can hit an OOM condition if too many entries are in the gc_list. Fix this by counting the entries in the gc_list and refuse new allocations if the value is too high.

2) The inner headers are invalid after a xfrm transformation, so reset the skb encapsulation field to ensure nobody tries access the inner headers. Otherwise tunnel devices stacked on top of xfrm may build the outer headers based on wrong informations.

3) Add pmtu handling to vti, we need it to report pmtu informations for local generated packets.

Please pull or let me know if there are problems. ====================

Signed-off-by: David S. Miller davem@davemloft.net

commit 5f8e44741f9f216e33736ea4ec65ca9ac03036e6 Author: Kangjie Lu kangjielu@gmail.com Date: Tue May 3 16:46:24 2016 -0400

net: fix infoleak in rtnetlink

The stack object “map” has a total size of 32 bytes. Its last 4 bytes are padding generated by compiler. These padding bytes are not initialized and sent out via “nla_put”.

Signed-off-by: Kangjie Lu kjlu@gatech.edu Signed-off-by: David S. Miller davem@davemloft.net

commit b8670c09f37bdf2847cc44f36511a53afc6161fd Author: Kangjie Lu kangjielu@gmail.com Date: Tue May 3 16:35:05 2016 -0400

net: fix infoleak in llc

The stack object “info” has a total size of 12 bytes. Its last byte is padding which is not initialized and leaked via “put_cmsg”.

Signed-off-by: Kangjie Lu kjlu@gatech.edu Signed-off-by: David S. Miller davem@davemloft.net

commit 1c021bb717a70aaeaa4b25c91f43c2aeddd922de Author: Uwe Kleine-König u.kleine-koenig@pengutronix.de Date: Tue May 3 16:38:53 2016 +0200

net: fec: only clear a queue's work bit if the queue was emptied

In the receive path a queue's work bit was cleared unconditionally even if fec_enet_rx_queue only read out a part of the available packets from the hardware. This resulted in not reading any packets in the next napi turn and so packets were delayed or lost.

The obvious fix is to only clear a queue's bit when the queue was emptied.

Fixes: 4d494cdc92b3 ("net: fec: change data structure to support multiqueue") Signed-off-by: Uwe Kleine-König u.kleine-koenig@pengutronix.de Reviewed-by: Lucas Stach l.stach@pengutronix.de Tested-by: Fugang Duan fugang.duan@nxp.com Acked-by: Fugang Duan fugang.duan@nxp.com Signed-off-by: David S. Miller davem@davemloft.net

commit 20decb7e486d7eefff3931f58d092d2d7c024a1c Author: Matthias Brugger mbrugger@suse.com Date: Tue May 3 16:05:07 2016 +0200

drivers: net: xgene: Fix error handling

When probe bails out with an error, we try to unregister the netdev before we have even registered it. Fix the goto statements for that.

Signed-off-by: Matthias Brugger mbrugger@suse.com Signed-off-by: David S. Miller davem@davemloft.net

commit d6af1a31cc72fbd558c7eddbc36f61bf09d1cf6a Author: Steffen Klassert steffen.klassert@secunet.com Date: Wed Mar 16 10:17:37 2016 +0100

vti: Add pmtu handling to vti_xmit.

We currently rely on the PMTU discovery of xfrm. However if a packet is locally sent, the PMTU mechanism of xfrm tries to do local socket notification what might not work for applications like ping that don't check for this. So add pmtu handling to vti_xmit to report MTU changes immediately.

Reported-by: Mark McKinstry Mark.McKinstry@alliedtelesis.co.nz Signed-off-by: Steffen Klassert steffen.klassert@secunet.com

commit 215276c0147ef49bc07692ca68bae35a30a64b9a Author: Steffen Klassert steffen.klassert@secunet.com Date: Mon Feb 22 10:56:45 2016 +0100

xfrm: Reset encapsulation field of the skb before transformation

The inner headers are invalid after a xfrm transformation. So reset the skb encapsulation field to ensure nobody tries to access the inner headers.

Signed-off-by: Steffen Klassert steffen.klassert@secunet.com

commit 6ad3122a08e3a9c2148873665752e87cf4f393cc Author: Steffen Klassert steffen.klassert@secunet.com Date: Mon Feb 22 10:40:07 2016 +0100

flowcache: Avoid OOM condition under preasure

We can hit an OOM condition if we are under presure because we can not free the entries in gc_list fast enough. So add a counter for the not yet freed entries in the gc_list and refuse new allocations if the value is too high.

Signed-off-by: Steffen Klassert steffen.klassert@secunet.com

-----------------------------------------------------------------------