--- /dev/null
+From foo@baz Thu 09 Apr 2020 03:41:19 PM CEST
+From: Jarod Wilson <jarod@redhat.com>
+Date: Mon, 30 Mar 2020 11:22:19 -0400
+Subject: ipv6: don't auto-add link-local address to lag ports
+
+From: Jarod Wilson <jarod@redhat.com>
+
+[ Upstream commit 744fdc8233f6aa9582ce08a51ca06e59796a3196 ]
+
+Bonding slave and team port devices should not have link-local addresses
+automatically added to them, as it can interfere with openvswitch being
+able to properly add tc ingress.
+
+Basic reproducer, courtesy of Marcelo:
+
+$ ip link add name bond0 type bond
+$ ip link set dev ens2f0np0 master bond0
+$ ip link set dev ens2f1np2 master bond0
+$ ip link set dev bond0 up
+$ ip a s
+1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
+group default qlen 1000
+ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
+ inet 127.0.0.1/8 scope host lo
+ valid_lft forever preferred_lft forever
+ inet6 ::1/128 scope host
+ valid_lft forever preferred_lft forever
+2: ens2f0np0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc
+mq master bond0 state UP group default qlen 1000
+ link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff
+5: ens2f1np2: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc
+mq master bond0 state DOWN group default qlen 1000
+ link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff
+11: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
+noqueue state UP group default qlen 1000
+ link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff
+ inet6 fe80::20f:53ff:fe2f:ea40/64 scope link
+ valid_lft forever preferred_lft forever
+
+(above trimmed to relevant entries, obviously)
+
+$ sysctl net.ipv6.conf.ens2f0np0.addr_gen_mode=0
+net.ipv6.conf.ens2f0np0.addr_gen_mode = 0
+$ sysctl net.ipv6.conf.ens2f1np2.addr_gen_mode=0
+net.ipv6.conf.ens2f1np2.addr_gen_mode = 0
+
+$ ip a l ens2f0np0
+2: ens2f0np0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc
+mq master bond0 state UP group default qlen 1000
+ link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff
+ inet6 fe80::20f:53ff:fe2f:ea40/64 scope link tentative
+ valid_lft forever preferred_lft forever
+$ ip a l ens2f1np2
+5: ens2f1np2: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc
+mq master bond0 state DOWN group default qlen 1000
+ link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff
+ inet6 fe80::20f:53ff:fe2f:ea40/64 scope link tentative
+ valid_lft forever preferred_lft forever
+
+Looks like addrconf_sysctl_addr_gen_mode() bypasses the original "is
+this a slave interface?" check added by commit c2edacf80e15, and
+results in an address getting added, while w/the proposed patch added,
+no address gets added. This simply adds the same gating check to another
+code path, and thus should prevent the same devices from erroneously
+obtaining an ipv6 link-local address.
+
+Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode")
+Reported-by: Moshe Levi <moshele@mellanox.com>
+CC: Stephen Hemminger <stephen@networkplumber.org>
+CC: Marcelo Ricardo Leitner <mleitner@redhat.com>
+CC: netdev@vger.kernel.org
+Signed-off-by: Jarod Wilson <jarod@redhat.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/ipv6/addrconf.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/net/ipv6/addrconf.c
++++ b/net/ipv6/addrconf.c
+@@ -3175,6 +3175,10 @@ static void addrconf_addr_gen(struct ine
+ if (netif_is_l3_master(idev->dev))
+ return;
+
++ /* no link local addresses on devices flagged as slaves */
++ if (idev->dev->flags & IFF_SLAVE)
++ return;
++
+ ipv6_addr_set(&addr, htonl(0xFE800000), 0, 0, 0);
+
+ switch (idev->cnf.addr_gen_mode) {
--- /dev/null
+From foo@baz Thu 09 Apr 2020 01:26:03 PM CEST
+From: Petr Machata <petrm@mellanox.com>
+Date: Sun, 5 Apr 2020 09:50:22 +0300
+Subject: mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE
+
+From: Petr Machata <petrm@mellanox.com>
+
+[ Upstream commit ccfc569347f870830e7c7cf854679a06cf9c45b5 ]
+
+The handler for FLOW_ACTION_VLAN_MANGLE ends by returning whatever the
+lower-level function that it calls returns. If there are more actions lined
+up after this action, those are never offloaded. Fix by only bailing out
+when the called function returns an error.
+
+Fixes: a150201a70da ("mlxsw: spectrum: Add support for vlan modify TC action")
+Signed-off-by: Petr Machata <petrm@mellanox.com>
+Reviewed-by: Jiri Pirko <jiri@mellanox.com>
+Signed-off-by: Ido Schimmel <idosch@mellanox.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c
++++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c
+@@ -112,9 +112,11 @@ static int mlxsw_sp_flower_parse_actions
+ u8 prio = tcf_vlan_push_prio(a);
+ u16 vid = tcf_vlan_push_vid(a);
+
+- return mlxsw_sp_acl_rulei_act_vlan(mlxsw_sp, rulei,
+- action, vid,
+- proto, prio);
++ err = mlxsw_sp_acl_rulei_act_vlan(mlxsw_sp, rulei,
++ action, vid,
++ proto, prio);
++ if (err)
++ return err;
+ } else {
+ dev_err(mlxsw_sp->bus_info->dev, "Unsupported action\n");
+ return -EOPNOTSUPP;
--- /dev/null
+From foo@baz Thu 09 Apr 2020 03:41:19 PM CEST
+From: Florian Fainelli <f.fainelli@gmail.com>
+Date: Sun, 5 Apr 2020 13:00:30 -0700
+Subject: net: dsa: bcm_sf2: Ensure correct sub-node is parsed
+
+From: Florian Fainelli <f.fainelli@gmail.com>
+
+[ Upstream commit afa3b592953bfaecfb4f2f335ec5f935cff56804 ]
+
+When the bcm_sf2 was converted into a proper platform device driver and
+used the new dsa_register_switch() interface, we would still be parsing
+the legacy DSA node that contained all the port information since the
+platform firmware has intentionally maintained backward and forward
+compatibility to client programs. Ensure that we do parse the correct
+node, which is "ports" per the revised DSA binding.
+
+Fixes: d9338023fb8e ("net: dsa: bcm_sf2: Make it a real platform device driver")
+Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
+Reviewed-by: Vivien Didelot <vivien.didelot@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/dsa/bcm_sf2.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+--- a/drivers/net/dsa/bcm_sf2.c
++++ b/drivers/net/dsa/bcm_sf2.c
+@@ -1112,6 +1112,7 @@ static int bcm_sf2_sw_probe(struct platf
+ const struct bcm_sf2_of_data *data;
+ struct b53_platform_data *pdata;
+ struct dsa_switch_ops *ops;
++ struct device_node *ports;
+ struct bcm_sf2_priv *priv;
+ struct b53_device *dev;
+ struct dsa_switch *ds;
+@@ -1174,7 +1175,11 @@ static int bcm_sf2_sw_probe(struct platf
+ */
+ set_bit(0, priv->cfp.used);
+
+- bcm_sf2_identify_ports(priv, dn->child);
++ ports = of_find_node_by_name(dn, "ports");
++ if (ports) {
++ bcm_sf2_identify_ports(priv, ports);
++ of_node_put(ports);
++ }
+
+ priv->irq0 = irq_of_parse_and_map(dn, 0);
+ priv->irq1 = irq_of_parse_and_map(dn, 1);
--- /dev/null
+From foo@baz Thu 09 Apr 2020 03:41:19 PM CEST
+From: Oleksij Rempel <o.rempel@pengutronix.de>
+Date: Fri, 3 Apr 2020 09:53:25 +0200
+Subject: net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
+
+From: Oleksij Rempel <o.rempel@pengutronix.de>
+
+[ Upstream commit 6110dff776f7fa65c35850ef65b41d3b39e2fac2 ]
+
+After the power-down bit is cleared, the chip internally triggers a
+global reset. According to the KSZ9031 documentation, we have to wait at
+least 1ms for the reset to finish.
+
+If the chip is accessed during reset, read will return 0xffff, while
+write will be ignored. Depending on the system performance and MDIO bus
+speed, we may or may not run in to this issue.
+
+This bug was discovered on an iMX6QP system with KSZ9031 PHY and
+attached PHY interrupt line. If IRQ was used, the link status update was
+lost. In polling mode, the link status update was always correct.
+
+The investigation showed, that during a read-modify-write access, the
+read returned 0xffff (while the chip was still in reset) and
+corresponding write hit the chip _after_ reset and triggered (due to the
+0xffff) another reset in an undocumented bit (register 0x1f, bit 1),
+resulting in the next write being lost due to the new reset cycle.
+
+This patch fixes the issue by adding a 1...2 ms sleep after the
+genphy_resume().
+
+Fixes: 836384d2501d ("net: phy: micrel: Add specific suspend")
+Signed-off-by: Oleksij Rempel <o.rempel@pengutronix.de>
+Reviewed-by: Andrew Lunn <andrew@lunn.ch>
+Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/phy/micrel.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+--- a/drivers/net/phy/micrel.c
++++ b/drivers/net/phy/micrel.c
+@@ -29,6 +29,7 @@
+ #include <linux/micrel_phy.h>
+ #include <linux/of.h>
+ #include <linux/clk.h>
++#include <linux/delay.h>
+
+ /* Operation Mode Strap Override */
+ #define MII_KSZPHY_OMSO 0x16
+@@ -727,6 +728,12 @@ static int kszphy_resume(struct phy_devi
+
+ genphy_resume(phydev);
+
++ /* After switching from power-down to normal mode, an internal global
++ * reset is automatically generated. Wait a minimum of 1 ms before
++ * read/write access to the PHY registers.
++ */
++ usleep_range(1000, 2000);
++
+ ret = kszphy_config_reset(phydev);
+ if (ret)
+ return ret;
--- /dev/null
+From foo@baz Thu 09 Apr 2020 03:41:19 PM CEST
+From: Jisheng Zhang <Jisheng.Zhang@synaptics.com>
+Date: Fri, 3 Apr 2020 10:23:29 +0800
+Subject: net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
+
+From: Jisheng Zhang <Jisheng.Zhang@synaptics.com>
+
+[ Upstream commit 3e1221acf6a8f8595b5ce354bab4327a69d54d18 ]
+
+Commit 9463c4455900 ("net: stmmac: dwmac1000: Clear unused address
+entries") cleared the unused mac address entries, but introduced an
+out-of bounds mac address register programming bug -- After setting
+the secondary unicast mac addresses, the "reg" value has reached
+netdev_uc_count() + 1, thus we should only clear address entries
+if (addr < perfect_addr_number)
+
+Fixes: 9463c4455900 ("net: stmmac: dwmac1000: Clear unused address entries")
+Signed-off-by: Jisheng Zhang <Jisheng.Zhang@synaptics.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/ethernet/stmicro/stmmac/dwmac1000_core.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/net/ethernet/stmicro/stmmac/dwmac1000_core.c
++++ b/drivers/net/ethernet/stmicro/stmmac/dwmac1000_core.c
+@@ -218,7 +218,7 @@ static void dwmac1000_set_filter(struct
+ reg++;
+ }
+
+- while (reg <= perfect_addr_number) {
++ while (reg < perfect_addr_number) {
+ writel(0, ioaddr + GMAC_ADDR_HIGH(reg));
+ writel(0, ioaddr + GMAC_ADDR_LOW(reg));
+ reg++;
coresight-do-not-use-the-bit-macro-in-the-uapi-header.patch
padata-always-acquire-cpu_hotplug_lock-before-pinst-lock.patch
mm-mempolicy-require-at-least-one-nodeid-for-mpol_preferred.patch
+ipv6-don-t-auto-add-link-local-address-to-lag-ports.patch
+net-dsa-bcm_sf2-ensure-correct-sub-node-is-parsed.patch
+net-phy-micrel-kszphy_resume-add-delay-after-genphy_resume-before-accessing-phy-registers.patch
+net-stmmac-dwmac1000-fix-out-of-bounds-mac-address-reg-setting.patch
+slcan-don-t-transmit-uninitialized-stack-data-in-padding.patch
+mlxsw-spectrum_flower-do-not-stop-at-flow_action_vlan_mangle.patch
--- /dev/null
+From foo@baz Thu 09 Apr 2020 03:41:19 PM CEST
+From: Richard Palethorpe <rpalethorpe@suse.com>
+Date: Wed, 1 Apr 2020 12:06:39 +0200
+Subject: slcan: Don't transmit uninitialized stack data in padding
+
+From: Richard Palethorpe <rpalethorpe@suse.com>
+
+[ Upstream commit b9258a2cece4ec1f020715fe3554bc2e360f6264 ]
+
+struct can_frame contains some padding which is not explicitly zeroed in
+slc_bump. This uninitialized data will then be transmitted if the stack
+initialization hardening feature is not enabled (CONFIG_INIT_STACK_ALL).
+
+This commit just zeroes the whole struct including the padding.
+
+Signed-off-by: Richard Palethorpe <rpalethorpe@suse.com>
+Fixes: a1044e36e457 ("can: add slcan driver for serial/USB-serial CAN adapters")
+Reviewed-by: Kees Cook <keescook@chromium.org>
+Cc: linux-can@vger.kernel.org
+Cc: netdev@vger.kernel.org
+Cc: security@kernel.org
+Cc: wg@grandegger.com
+Cc: mkl@pengutronix.de
+Cc: davem@davemloft.net
+Acked-by: Marc Kleine-Budde <mkl@pengutronix.de>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/net/can/slcan.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+--- a/drivers/net/can/slcan.c
++++ b/drivers/net/can/slcan.c
+@@ -147,7 +147,7 @@ static void slc_bump(struct slcan *sl)
+ u32 tmpid;
+ char *cmd = sl->rbuff;
+
+- cf.can_id = 0;
++ memset(&cf, 0, sizeof(cf));
+
+ switch (*cmd) {
+ case 'r':
+@@ -186,8 +186,6 @@ static void slc_bump(struct slcan *sl)
+ else
+ return;
+
+- *(u64 *) (&cf.data) = 0; /* clear payload */
+-
+ /* RTR frames may have a dlc > 0 but they never have any data bytes */
+ if (!(cf.can_id & CAN_RTR_FLAG)) {
+ for (i = 0; i < cf.can_dlc; i++) {
projects / thirdparty / kernel / stable-queue.git / commitdiff
