--- /dev/null
+From foo@baz Sat Aug 18 11:41:32 CEST 2018
+From: Wei Wang <weiwan@google.com>
+Date: Fri, 10 Aug 2018 11:14:56 -0700
+Subject: l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
+
+From: Wei Wang <weiwan@google.com>
+
+[ Upstream commit 6d37fa49da1e8db8fb1995be22ac837ca41ac8a8 ]
+
+In l2tp code, if it is a L2TP_UDP_ENCAP tunnel, tunnel->sk points to a
+UDP socket. User could call sendmsg() on both this tunnel and the UDP
+socket itself concurrently. As l2tp_xmit_skb() holds socket lock and call
+__sk_dst_check() to refresh sk->sk_dst_cache, while udpv6_sendmsg() is
+lockless and call sk_dst_check() to refresh sk->sk_dst_cache, there
+could be a race and cause the dst cache to be freed multiple times.
+So we fix l2tp side code to always call sk_dst_check() to garantee
+xchg() is called when refreshing sk->sk_dst_cache to avoid race
+conditions.
+
+Syzkaller reported stack trace:
+BUG: KASAN: use-after-free in atomic_read include/asm-generic/atomic-instrumented.h:21 [inline]
+BUG: KASAN: use-after-free in atomic_fetch_add_unless include/linux/atomic.h:575 [inline]
+BUG: KASAN: use-after-free in atomic_add_unless include/linux/atomic.h:597 [inline]
+BUG: KASAN: use-after-free in dst_hold_safe include/net/dst.h:308 [inline]
+BUG: KASAN: use-after-free in ip6_hold_safe+0xe6/0x670 net/ipv6/route.c:1029
+Read of size 4 at addr ffff8801aea9a880 by task syz-executor129/4829
+
+CPU: 0 PID: 4829 Comm: syz-executor129 Not tainted 4.18.0-rc7-next-20180802+ #30
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:77 [inline]
+ dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0x242/0x30d mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ kasan_check_read+0x11/0x20 mm/kasan/kasan.c:272
+ atomic_read include/asm-generic/atomic-instrumented.h:21 [inline]
+ atomic_fetch_add_unless include/linux/atomic.h:575 [inline]
+ atomic_add_unless include/linux/atomic.h:597 [inline]
+ dst_hold_safe include/net/dst.h:308 [inline]
+ ip6_hold_safe+0xe6/0x670 net/ipv6/route.c:1029
+ rt6_get_pcpu_route net/ipv6/route.c:1249 [inline]
+ ip6_pol_route+0x354/0xd20 net/ipv6/route.c:1922
+ ip6_pol_route_output+0x54/0x70 net/ipv6/route.c:2098
+ fib6_rule_lookup+0x283/0x890 net/ipv6/fib6_rules.c:122
+ ip6_route_output_flags+0x2c5/0x350 net/ipv6/route.c:2126
+ ip6_dst_lookup_tail+0x1278/0x1da0 net/ipv6/ip6_output.c:978
+ ip6_dst_lookup_flow+0xc8/0x270 net/ipv6/ip6_output.c:1079
+ ip6_sk_dst_lookup_flow+0x5ed/0xc50 net/ipv6/ip6_output.c:1117
+ udpv6_sendmsg+0x2163/0x36b0 net/ipv6/udp.c:1354
+ inet_sendmsg+0x1a1/0x690 net/ipv4/af_inet.c:798
+ sock_sendmsg_nosec net/socket.c:622 [inline]
+ sock_sendmsg+0xd5/0x120 net/socket.c:632
+ ___sys_sendmsg+0x51d/0x930 net/socket.c:2115
+ __sys_sendmmsg+0x240/0x6f0 net/socket.c:2210
+ __do_sys_sendmmsg net/socket.c:2239 [inline]
+ __se_sys_sendmmsg net/socket.c:2236 [inline]
+ __x64_sys_sendmmsg+0x9d/0x100 net/socket.c:2236
+ do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
+ entry_SYSCALL_64_after_hwframe+0x49/0xbe
+RIP: 0033:0x446a29
+Code: e8 ac b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
+RSP: 002b:00007f4de5532db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
+RAX: ffffffffffffffda RBX: 00000000006dcc38 RCX: 0000000000446a29
+RDX: 00000000000000b8 RSI: 0000000020001b00 RDI: 0000000000000003
+RBP: 00000000006dcc30 R08: 00007f4de5533700 R09: 0000000000000000
+R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dcc3c
+R13: 00007ffe2b830fdf R14: 00007f4de55339c0 R15: 0000000000000001
+
+Fixes: 71b1391a4128 ("l2tp: ensure sk->dst is still valid")
+Reported-by: syzbot+05f840f3b04f211bad55@syzkaller.appspotmail.com
+Signed-off-by: Wei Wang <weiwan@google.com>
+Signed-off-by: Martin KaFai Lau <kafai@fb.com>
+Cc: Guillaume Nault <g.nault@alphalink.fr>
+Cc: David Ahern <dsahern@gmail.com>
+Cc: Cong Wang <xiyou.wangcong@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/l2tp/l2tp_core.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/net/l2tp/l2tp_core.c
++++ b/net/l2tp/l2tp_core.c
+@@ -1110,7 +1110,7 @@ int l2tp_xmit_skb(struct l2tp_session *s
+
+ /* Get routing info from the tunnel socket */
+ skb_dst_drop(skb);
+- skb_dst_set(skb, dst_clone(__sk_dst_check(sk, 0)));
++ skb_dst_set(skb, sk_dst_check(sk, 0));
+
+ inet = inet_sk(sk);
+ fl = &inet->cork.fl;
--- /dev/null
+From foo@baz Sat Aug 18 11:41:32 CEST 2018
+From: Hangbin Liu <liuhangbin@gmail.com>
+Date: Mon, 13 Aug 2018 18:44:04 +0800
+Subject: net_sched: Fix missing res info when create new tc_index filter
+
+From: Hangbin Liu <liuhangbin@gmail.com>
+
+[ Upstream commit 008369dcc5f7bfba526c98054f8525322acf0ea3 ]
+
+Li Shuang reported the following warn:
+
+[ 733.484610] WARNING: CPU: 6 PID: 21123 at net/sched/sch_cbq.c:1418 cbq_destroy_class+0x5d/0x70 [sch_cbq]
+[ 733.495190] Modules linked in: sch_cbq cls_tcindex sch_dsmark rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache xt_CHECKSUM iptable_mangle ipt_MASQUERADE iptable_nat l
+[ 733.574155] syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm igb ixgbe ahci libahci i2c_algo_bit libata i40e i2c_core dca mdio megaraid_sas dm_mirror dm_region_hash dm_log dm_mod
+[ 733.592500] CPU: 6 PID: 21123 Comm: tc Not tainted 4.18.0-rc8.latest+ #131
+[ 733.600169] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.1.5 04/11/2016
+[ 733.608518] RIP: 0010:cbq_destroy_class+0x5d/0x70 [sch_cbq]
+[ 733.614734] Code: e7 d9 d2 48 8b 7b 48 e8 61 05 da d2 48 8d bb f8 00 00 00 e8 75 ae d5 d2 48 39 eb 74 0a 48 89 df 5b 5d e9 16 6c 94 d2 5b 5d c3 <0f> 0b eb b6 0f 1f 44 00 00 66 2e 0f 1f 84
+[ 733.635798] RSP: 0018:ffffbfbb066bb9d8 EFLAGS: 00010202
+[ 733.641627] RAX: 0000000000000001 RBX: ffff9cdd17392800 RCX: 000000008010000f
+[ 733.649588] RDX: ffff9cdd1df547e0 RSI: ffff9cdd17392800 RDI: ffff9cdd0f84c800
+[ 733.657547] RBP: ffff9cdd0f84c800 R08: 0000000000000001 R09: 0000000000000000
+[ 733.665508] R10: ffff9cdd0f84d000 R11: 0000000000000001 R12: 0000000000000001
+[ 733.673469] R13: 0000000000000000 R14: 0000000000000001 R15: ffff9cdd17392200
+[ 733.681430] FS: 00007f911890a740(0000) GS:ffff9cdd1f8c0000(0000) knlGS:0000000000000000
+[ 733.690456] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 733.696864] CR2: 0000000000b5544c CR3: 0000000859374002 CR4: 00000000001606e0
+[ 733.704826] Call Trace:
+[ 733.707554] cbq_destroy+0xa1/0xd0 [sch_cbq]
+[ 733.712318] qdisc_destroy+0x62/0x130
+[ 733.716401] dsmark_destroy+0x2a/0x70 [sch_dsmark]
+[ 733.721745] qdisc_destroy+0x62/0x130
+[ 733.725829] qdisc_graft+0x3ba/0x470
+[ 733.729817] tc_get_qdisc+0x2a6/0x2c0
+[ 733.733901] ? cred_has_capability+0x7d/0x130
+[ 733.738761] rtnetlink_rcv_msg+0x263/0x2d0
+[ 733.743330] ? rtnl_calcit.isra.30+0x110/0x110
+[ 733.748287] netlink_rcv_skb+0x4d/0x130
+[ 733.752576] netlink_unicast+0x1a3/0x250
+[ 733.756949] netlink_sendmsg+0x2ae/0x3a0
+[ 733.761324] sock_sendmsg+0x36/0x40
+[ 733.765213] ___sys_sendmsg+0x26f/0x2d0
+[ 733.769493] ? handle_pte_fault+0x586/0xdf0
+[ 733.774158] ? __handle_mm_fault+0x389/0x500
+[ 733.778919] ? __sys_sendmsg+0x5e/0xa0
+[ 733.783099] __sys_sendmsg+0x5e/0xa0
+[ 733.787087] do_syscall_64+0x5b/0x180
+[ 733.791171] entry_SYSCALL_64_after_hwframe+0x44/0xa9
+[ 733.796805] RIP: 0033:0x7f9117f23f10
+[ 733.800791] Code: c3 48 8b 05 82 6f 2c 00 f7 db 64 89 18 48 83 cb ff eb dd 0f 1f 80 00 00 00 00 83 3d 8d d0 2c 00 00 75 10 b8 2e 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8
+[ 733.821873] RSP: 002b:00007ffe96818398 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
+[ 733.830319] RAX: ffffffffffffffda RBX: 000000005b71244c RCX: 00007f9117f23f10
+[ 733.838280] RDX: 0000000000000000 RSI: 00007ffe968183e0 RDI: 0000000000000003
+[ 733.846241] RBP: 00007ffe968183e0 R08: 000000000000ffff R09: 0000000000000003
+[ 733.854202] R10: 00007ffe96817e20 R11: 0000000000000246 R12: 0000000000000000
+[ 733.862161] R13: 0000000000662ee0 R14: 0000000000000000 R15: 0000000000000000
+[ 733.870121] ---[ end trace 28edd4aad712ddca ]---
+
+This is because we didn't update f->result.res when create new filter. Then in
+tcindex_delete() -> tcf_unbind_filter(), we will failed to find out the res
+and unbind filter, which will trigger the WARN_ON() in cbq_destroy_class().
+
+Fix it by updating f->result.res when create new filter.
+
+Fixes: 6e0565697a106 ("net_sched: fix another crash in cls_tcindex")
+Reported-by: Li Shuang <shuali@redhat.com>
+Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
+Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/sched/cls_tcindex.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/sched/cls_tcindex.c
++++ b/net/sched/cls_tcindex.c
+@@ -465,6 +465,7 @@ tcindex_set_parms(struct net *net, struc
+ struct tcindex_filter *nfp;
+ struct tcindex_filter __rcu **fp;
+
++ f->result.res = r->res;
+ tcf_exts_change(&f->result.exts, &r->exts);
+
+ fp = cp->h + (handle % cp->hash);
--- /dev/null
+From foo@baz Sat Aug 18 11:41:32 CEST 2018
+From: Hangbin Liu <liuhangbin@gmail.com>
+Date: Mon, 13 Aug 2018 18:44:03 +0800
+Subject: net_sched: fix NULL pointer dereference when delete tcindex filter
+
+From: Hangbin Liu <liuhangbin@gmail.com>
+
+[ Upstream commit 2df8bee5654bb2b7312662ca6810d4dc16b0b67f ]
+
+Li Shuang reported the following crash:
+
+[ 71.267724] BUG: unable to handle kernel NULL pointer dereference at 0000000000000004
+[ 71.276456] PGD 800000085d9bd067 P4D 800000085d9bd067 PUD 859a0b067 PMD 0
+[ 71.284127] Oops: 0000 [#1] SMP PTI
+[ 71.288015] CPU: 12 PID: 2386 Comm: tc Not tainted 4.18.0-rc8.latest+ #131
+[ 71.295686] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.1.5 04/11/2016
+[ 71.304037] RIP: 0010:tcindex_delete+0x72/0x280 [cls_tcindex]
+[ 71.310446] Code: 00 31 f6 48 87 75 20 48 85 f6 74 11 48 8b 47 18 48 8b 40 08 48 8b 40 50 e8 fb a6 f8 fc 48 85 db 0f 84 dc 00 00 00 48 8b 73 18 <8b> 56 04 48 8d 7e 04 85 d2 0f 84 7b 01 00
+[ 71.331517] RSP: 0018:ffffb45207b3f898 EFLAGS: 00010282
+[ 71.337345] RAX: ffff8ad3d72d6360 RBX: ffff8acc84393680 RCX: 000000000000002e
+[ 71.345306] RDX: ffff8ad3d72c8570 RSI: 0000000000000000 RDI: ffff8ad847a45800
+[ 71.353277] RBP: ffff8acc84393688 R08: ffff8ad3d72c8400 R09: 0000000000000000
+[ 71.361238] R10: ffff8ad3de786e00 R11: 0000000000000000 R12: ffffb45207b3f8c7
+[ 71.369199] R13: ffff8ad3d93bd2a0 R14: 000000000000002e R15: ffff8ad3d72c9600
+[ 71.377161] FS: 00007f9d3ec3e740(0000) GS:ffff8ad3df980000(0000) knlGS:0000000000000000
+[ 71.386188] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 71.392597] CR2: 0000000000000004 CR3: 0000000852f06003 CR4: 00000000001606e0
+[ 71.400558] Call Trace:
+[ 71.403299] tcindex_destroy_element+0x25/0x40 [cls_tcindex]
+[ 71.409611] tcindex_walk+0xbb/0x110 [cls_tcindex]
+[ 71.414953] tcindex_destroy+0x44/0x90 [cls_tcindex]
+[ 71.420492] ? tcindex_delete+0x280/0x280 [cls_tcindex]
+[ 71.426323] tcf_proto_destroy+0x16/0x40
+[ 71.430696] tcf_chain_flush+0x51/0x70
+[ 71.434876] tcf_block_put_ext.part.30+0x8f/0x1b0
+[ 71.440122] tcf_block_put+0x4d/0x70
+[ 71.444108] cbq_destroy+0x4d/0xd0 [sch_cbq]
+[ 71.448869] qdisc_destroy+0x62/0x130
+[ 71.452951] dsmark_destroy+0x2a/0x70 [sch_dsmark]
+[ 71.458300] qdisc_destroy+0x62/0x130
+[ 71.462373] qdisc_graft+0x3ba/0x470
+[ 71.466359] tc_get_qdisc+0x2a6/0x2c0
+[ 71.470443] ? cred_has_capability+0x7d/0x130
+[ 71.475307] rtnetlink_rcv_msg+0x263/0x2d0
+[ 71.479875] ? rtnl_calcit.isra.30+0x110/0x110
+[ 71.484832] netlink_rcv_skb+0x4d/0x130
+[ 71.489109] netlink_unicast+0x1a3/0x250
+[ 71.493482] netlink_sendmsg+0x2ae/0x3a0
+[ 71.497859] sock_sendmsg+0x36/0x40
+[ 71.501748] ___sys_sendmsg+0x26f/0x2d0
+[ 71.506029] ? handle_pte_fault+0x586/0xdf0
+[ 71.510694] ? __handle_mm_fault+0x389/0x500
+[ 71.515457] ? __sys_sendmsg+0x5e/0xa0
+[ 71.519636] __sys_sendmsg+0x5e/0xa0
+[ 71.523626] do_syscall_64+0x5b/0x180
+[ 71.527711] entry_SYSCALL_64_after_hwframe+0x44/0xa9
+[ 71.533345] RIP: 0033:0x7f9d3e257f10
+[ 71.537331] Code: c3 48 8b 05 82 6f 2c 00 f7 db 64 89 18 48 83 cb ff eb dd 0f 1f 80 00 00 00 00 83 3d 8d d0 2c 00 00 75 10 b8 2e 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8
+[ 71.558401] RSP: 002b:00007fff6f893398 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
+[ 71.566848] RAX: ffffffffffffffda RBX: 000000005b71274d RCX: 00007f9d3e257f10
+[ 71.574810] RDX: 0000000000000000 RSI: 00007fff6f8933e0 RDI: 0000000000000003
+[ 71.582770] RBP: 00007fff6f8933e0 R08: 000000000000ffff R09: 0000000000000003
+[ 71.590729] R10: 00007fff6f892e20 R11: 0000000000000246 R12: 0000000000000000
+[ 71.598689] R13: 0000000000662ee0 R14: 0000000000000000 R15: 0000000000000000
+[ 71.606651] Modules linked in: sch_cbq cls_tcindex sch_dsmark xt_CHECKSUM iptable_mangle ipt_MASQUERADE iptable_nat nf_nat_ipv4 nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_coni
+[ 71.685425] libahci i2c_algo_bit i2c_core i40e libata dca mdio megaraid_sas dm_mirror dm_region_hash dm_log dm_mod
+[ 71.697075] CR2: 0000000000000004
+[ 71.700792] ---[ end trace f604eb1acacd978b ]---
+
+Reproducer:
+tc qdisc add dev lo handle 1:0 root dsmark indices 64 set_tc_index
+tc filter add dev lo parent 1:0 protocol ip prio 1 tcindex mask 0xfc shift 2
+tc qdisc add dev lo parent 1:0 handle 2:0 cbq bandwidth 10Mbit cell 8 avpkt 1000 mpu 64
+tc class add dev lo parent 2:0 classid 2:1 cbq bandwidth 10Mbit rate 1500Kbit avpkt 1000 prio 1 bounded isolated allot 1514 weight 1 maxburst 10
+tc filter add dev lo parent 2:0 protocol ip prio 1 handle 0x2e tcindex classid 2:1 pass_on
+tc qdisc add dev lo parent 2:1 pfifo limit 5
+tc qdisc del dev lo root
+
+This is because in tcindex_set_parms, when there is no old_r, we set new
+exts to cr.exts. And we didn't set it to filter when r == &new_filter_result.
+
+Then in tcindex_delete() -> tcf_exts_get_net(), we will get NULL pointer
+dereference as we didn't init exts.
+
+Fix it by moving tcf_exts_change() after "if (old_r && old_r != r)" check.
+Then we don't need "cr" as there is no errout after that.
+
+Fixes: bf63ac73b3e13 ("net_sched: fix an oops in tcindex filter")
+Reported-by: Li Shuang <shuali@redhat.com>
+Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
+Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/sched/cls_tcindex.c | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+--- a/net/sched/cls_tcindex.c
++++ b/net/sched/cls_tcindex.c
+@@ -447,11 +447,6 @@ tcindex_set_parms(struct net *net, struc
+ tcf_bind_filter(tp, &cr.res, base);
+ }
+
+- if (old_r)
+- tcf_exts_change(&r->exts, &e);
+- else
+- tcf_exts_change(&cr.exts, &e);
+-
+ if (old_r && old_r != r) {
+ err = tcindex_filter_result_init(old_r);
+ if (err < 0) {
+@@ -462,6 +457,8 @@ tcindex_set_parms(struct net *net, struc
+
+ oldp = p;
+ r->res = cr.res;
++ tcf_exts_change(&r->exts, &e);
++
+ rcu_assign_pointer(tp->root, cp);
+
+ if (r == &new_filter_result) {
--- /dev/null
+From foo@baz Sat Aug 18 11:41:32 CEST 2018
+From: Heiner Kallweit <hkallweit1@gmail.com>
+Date: Sun, 12 Aug 2018 13:26:26 +0200
+Subject: r8169: don't use MSI-X on RTL8168g
+
+From: Heiner Kallweit <hkallweit1@gmail.com>
+
+[ Upstream commit 7c53a722459c1d6ffb0f5b2058c06ca8980b8600 ]
+
+There have been two reports that network doesn't come back on resume
+from suspend when using MSI-X. Both cases affect the same chip version
+(RTL8168g - version 40), on different systems. Falling back to MSI
+fixes the issue.
+Even though we don't really have a proof yet that the network chip
+version is to blame, let's disable MSI-X for this version.
+
+Reported-by: Steve Dodd <steved424@gmail.com>
+Reported-by: Lou Reed <gogen@disroot.org>
+Tested-by: Steve Dodd <steved424@gmail.com>
+Tested-by: Lou Reed <gogen@disroot.org>
+Fixes: 6c6aa15fdea5 ("r8169: improve interrupt handling")
+Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/ethernet/realtek/r8169.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/drivers/net/ethernet/realtek/r8169.c
++++ b/drivers/net/ethernet/realtek/r8169.c
+@@ -7544,6 +7544,11 @@ static int rtl_alloc_irq(struct rtl8169_
+ RTL_W8(tp, Config2, RTL_R8(tp, Config2) & ~MSIEnable);
+ RTL_W8(tp, Cfg9346, Cfg9346_Lock);
+ flags = PCI_IRQ_LEGACY;
++ } else if (tp->mac_version == RTL_GIGA_MAC_VER_40) {
++ /* This version was reported to have issues with resume
++ * from suspend when using MSI-X
++ */
++ flags = PCI_IRQ_LEGACY | PCI_IRQ_MSI;
+ } else {
+ flags = PCI_IRQ_ALL_TYPES;
+ }
--- /dev/null
+l2tp-use-sk_dst_check-to-avoid-race-on-sk-sk_dst_cache.patch
+net_sched-fix-null-pointer-dereference-when-delete-tcindex-filter.patch
+net_sched-fix-missing-res-info-when-create-new-tc_index-filter.patch
+r8169-don-t-use-msi-x-on-rtl8168g.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
