Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.3.4 2012-04-27T17:17:35Z 2012-04-27T17:17:35Z Greg Kroah-Hartman gregkh@linuxfoundation.org 2012-04-27T17:17:35Z urn:sha1:d0c4f31c99b390c9bfc54e79de0f7650ab819352 2012-04-27T17:17:06Z Eric Dumazet eric.dumazet@gmail.com 2012-04-25T03:01:22Z urn:sha1:0df29c4a2857ed43ff23689423144aaf4f4101bc [ This combines upstream commit a21d45726acacc963d8baddf74607d9b74e2b723 and the follow-on bug fix commit a21d45726acacc963d8baddf74607d9b74e2b723 ] Marc Merlin reported many order-1 allocations failures in TX path on its wireless setup, that dont make any sense with MTU=1500 network, and non SG capable hardware. After investigation, it turns out TCP uses sk_stream_alloc_skb() and used as a convention skb_tailroom(skb) to know how many bytes of data payload could be put in this skb (for non SG capable devices) Note : these skb used kmalloc-4096 (MTU=1500 + MAX_HEADER + sizeof(struct skb_shared_info) being above 2048) Later, mac80211 layer need to add some bytes at the tail of skb (IEEE80211_ENCRYPT_TAILROOM = 18 bytes) and since no more tailroom is available has to call pskb_expand_head() and request order-1 allocations. This patch changes sk_stream_alloc_skb() so that only sk->sk_prot->max_header bytes of headroom are reserved, and use a new skb field, avail_size to hold the data payload limit. This way, order-0 allocations done by TCP stack can leave more than 2 KB of tailroom and no more allocation is performed in mac80211 layer (or any layer needing some tailroom) avail_size is unioned with mark/dropcount, since mark will be set later in IP stack for output packets. Therefore, skb size is unchanged. Reported-by: Marc MERLIN <marc@merlins.org> Tested-by: Marc MERLIN <marc@merlins.org> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:06Z Eric Dumazet eric.dumazet@gmail.com 2012-04-10T20:08:39Z urn:sha1:1cf9d571c6e48f15608203fc76fa29c617459e0c [ Upstream commit 87151b8689d890dfb495081f7be9b9e257f7a2df ] Marc Merlin reported many order-1 allocations failures in TX path on its wireless setup, that dont make any sense with MTU=1500 network, and non SG capable hardware. Turns out part of the problem comes from pskb_expand_head() not using ksize() to get exact head size given by kmalloc(). Doing the same thing than __alloc_skb() allows more tailroom in skb and can prevent future reallocations. As a bonus, struct skb_shared_info becomes cache line aligned. Reported-by: Marc MERLIN <marc@merlins.org> Tested-by: Marc MERLIN <marc@merlins.org> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Neal Cardwell ncardwell@google.com 2012-04-22T09:45:47Z urn:sha1:069d2955aa39b11764025031235ec3d7d215ce84 [ Upstream commit d135c522f1234f62e81be29cebdf59e9955139ad ] Commit f5fff5d forgot to fix TCP_MAXSEG behavior IPv6 sockets, so IPv6 TCP server sockets that used TCP_MAXSEG would find that the advmss of child sockets would be incorrect. This commit mirrors the advmss logic from tcp_v4_syn_recv_sock in tcp_v6_syn_recv_sock. Eventually this logic should probably be shared between IPv4 and IPv6, but this at least fixes this issue. Signed-off-by: Neal Cardwell <ncardwell@google.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Eric W. Biederman ebiederm@xmission.com 2012-04-18T16:11:23Z urn:sha1:0bcc60d6527fde19ce2ccff7bc3eaba5209a6693 [ Upstream commit 3adadc08cc1e2cbcc15a640d639297ef5fcb17f5 ] While reviewing the sysctl code in ax25 I spotted races in ax25_exit where it is possible to receive notifications and packets after already freeing up some of the data structures needed to process those notifications and updates. Call unregister_netdevice_notifier early so that the rest of the cleanup code does not need to deal with network devices. This takes advantage of my recent enhancement to unregister_netdevice_notifier to send unregister notifications of all network devices that are current registered. Move the unregistration for packet types, socket types and protocol types before we cleanup any of the ax25 data structures to remove the possibilities of other races. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Dan Carpenter dan.carpenter@oracle.com 2012-04-19T07:00:19Z urn:sha1:9d0566204ed97b07856dbe9ad1cea97d255132cb [ Upstream commit 716af4abd6e6370226f567af50bfaca274515980 ] MAX_ADDR_LEN is 32. ETH_ALEN is 6. mac->sa_data is a 14 byte array, so the memcpy() is doing a read past the end of the array. I asked about this on netdev and Ben Hutchings told me it's supposed to be copying ETH_ALEN bytes (thanks Ben). Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Julian Anastasov ja@ssi.bg 2012-04-16T04:43:15Z urn:sha1:e6f8c8491515dcaa8686d7e6b805edd4aba281d8 [ Upstream commit b922934d017f1cc831b017913ed7d1a56c558b43 ] ops_init should free the net_generic data on init failure and __register_pernet_operations should not call ops_free when NET_NS is not enabled. Signed-off-by: Julian Anastasov <ja@ssi.bg> Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Eric Dumazet edumazet@google.com 2012-04-16T23:28:07Z urn:sha1:07b267776c0746c14b28d931a623fb59736a672a [ Upstream commit 4d846f02392a710f9604892ac3329e628e60a230 ] tcp_grow_window() has to grow rcv_ssthresh up to window_clamp, allowing sender to increase its window. tcp_grow_window() still assumes a tcp frame is under MSS, but its no longer true with LRO/GRO. This patch fixes one of the performance issue we noticed with GRO on. Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Neal Cardwell <ncardwell@google.com> Cc: Tom Herbert <therbert@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Hiroaki SHIMODA shimoda.hiroaki@gmail.com 2012-04-15T13:26:01Z urn:sha1:aa222ab252147b94968f7da05d788607d471a66e [ Upstream commit 890fdf2a0cb88202d1427589db2cf29c1bdd3c1d ] In register_netdevice(), when ndo_init() is successful and later some error occurred, ndo_uninit() will be called. So dummy deivce is desirable to implement ndo_uninit() method to free percpu stats for this case. And, ndo_uninit() is also called along with dev->destructor() when device is unregistered, so in order to prevent dev->dstats from being freed twice, dev->destructor is modified to free_netdev(). Signed-off-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2012-04-27T17:17:05Z Stephane Fillod fillods@users.sf.net 2012-04-15T11:38:29Z urn:sha1:2ccc2c1e85b15874fd39350b04100f3a7b998308 [ Upstream commit a99ff7d0123b19ecad3b589480b6542716ab6b52 ] Make smsc75xx recalculate the hard_mtu after adjusting the hard_header_len. Without this, usbnet adjusts the MTU down to 1492 bytes, and the host is unable to receive standard 1500-byte frames from the device. Inspired by same fix on cdc_eem 78fb72f7936c01d5b426c03a691eca082b03f2b9. Tested on ARM/Omap3 with EVB-LAN7500-LC. Signed-off-by: Stephane Fillod <fillods@users.sf.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>