diff --git a/Makefile b/Makefile index d71493885648..26213a8c79d2 100644 --- a/Makefile +++ b/Makefile @@ -3,10 +3,10 @@ SHELL = /bin/bash .SHELLFLAGS += -e KERNEL_ABI_MINOR_VERSION = 2 -KVERSION_SHORT ?= 4.19.0-9-$(KERNEL_ABI_MINOR_VERSION) +KVERSION_SHORT ?= 4.19.0-12-$(KERNEL_ABI_MINOR_VERSION) KVERSION ?= $(KVERSION_SHORT)-amd64 -KERNEL_VERSION ?= 4.19.118 -KERNEL_SUBVERSION ?= 2+deb10u1 +KERNEL_VERSION ?= 4.19.152 +KERNEL_SUBVERSION ?= 1 kernel_procure_method ?= build CONFIGURED_ARCH ?= amd64 @@ -51,7 +51,7 @@ DSC_FILE = linux_$(KERNEL_VERSION)-$(KERNEL_SUBVERSION).dsc DEBIAN_FILE = linux_$(KERNEL_VERSION)-$(KERNEL_SUBVERSION).debian.tar.xz ORIG_FILE = linux_$(KERNEL_VERSION).orig.tar.xz BUILD_DIR=linux-$(KERNEL_VERSION) -SOURCE_FILE_BASE_URL="http://security.debian.org/debian-security/pool/updates/main/l/linux" +SOURCE_FILE_BASE_URL="https://sonicstorage.blob.core.windows.net/debian-security/pool/updates/main/l/linux" DSC_FILE_URL = "$(SOURCE_FILE_BASE_URL)/$(DSC_FILE)" DEBIAN_FILE_URL = "$(SOURCE_FILE_BASE_URL)/$(DEBIAN_FILE)" diff --git a/patch/Support-for-fullcone-nat.patch b/patch/Support-for-fullcone-nat.patch index 4d4027cca35d..eeb87730d0d0 100644 --- a/patch/Support-for-fullcone-nat.patch +++ b/patch/Support-for-fullcone-nat.patch @@ -1,6 +1,8 @@ From 67cc2bd46c7ad1431ddd1819cdfad6ecc08a7593 Mon Sep 17 00:00:00 2001 + From: Kiran Kella Date: Fri, 6 Sep 2019 20:54:19 -0700 + Subject: [PATCH] netfilter: nf_nat: Support fullcone NAT Changes done in the kernel to ensure 3-tuple uniqueness of the conntrack @@ -33,44 +35,44 @@ Signed-off-by: Kiran Kella [forward port to Linux v4.19, https://github.com/Azure/sonic-linux-kernel/pull/147] Signed-off-by: Akhilesh Samineni --- - include/net/netfilter/nf_conntrack.h | 3 + - include/net/netfilter/nf_nat.h | 6 + - include/net/netfilter/nf_nat_l4proto.h | 12 +- - include/uapi/linux/netfilter/nf_nat.h | 1 + - net/ipv4/netfilter/nf_nat_proto_gre.c | 8 +- - net/ipv4/netfilter/nf_nat_proto_icmp.c | 6 +- - net/ipv6/netfilter/nf_nat_proto_icmpv6.c | 5 +- - net/netfilter/nf_nat_core.c | 173 ++++++++++++++++++++--- - net/netfilter/nf_nat_proto_common.c | 32 +++-- - net/netfilter/nf_nat_proto_dccp.c | 6 +- - net/netfilter/nf_nat_proto_sctp.c | 6 +- - net/netfilter/nf_nat_proto_tcp.c | 6 +- - net/netfilter/nf_nat_proto_udp.c | 12 +- - net/netfilter/nf_nat_proto_unknown.c | 4 +- + include/net/netfilter/nf_conntrack.h | 3 + + include/net/netfilter/nf_nat.h | 6 + + include/net/netfilter/nf_nat_l4proto.h | 12 +- + include/uapi/linux/netfilter/nf_nat.h | 1 + net/ipv4/netfilter/nf_nat_proto_gre.c | 8 + + net/ipv4/netfilter/nf_nat_proto_icmp.c | 6 + + net/ipv6/netfilter/nf_nat_proto_icmpv6.c | 5 + + net/netfilter/nf_nat_core.c | 173 +++++++++++++++++++++++++++--- + net/netfilter/nf_nat_proto_common.c | 32 ++++-- + net/netfilter/nf_nat_proto_dccp.c | 6 + + net/netfilter/nf_nat_proto_sctp.c | 6 + + net/netfilter/nf_nat_proto_tcp.c | 6 + + net/netfilter/nf_nat_proto_udp.c | 12 +- + net/netfilter/nf_nat_proto_unknown.c | 4 - 14 files changed, 220 insertions(+), 60 deletions(-) diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h -index f45141bdbb83..64b9293a31f6 100644 +index ac4d70aee..beee8670b 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h @@ -84,6 +84,9 @@ struct nf_conn { #if IS_ENABLED(CONFIG_NF_NAT) struct hlist_node nat_bysource; #endif -+ /* To optionally ensure 3-tuple uniqueness on the translated source */ -+ struct hlist_node nat_by_manip_src; ++ /* To optionally ensure 3-tuple uniqueness on the translated source */ ++ struct hlist_node nat_by_manip_src; + /* all members below initialized via memset */ - u8 __nfct_init_offset[0]; - + struct { } __nfct_init_offset; + diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h -index a17eb2f8d40e..7c3cc3c7b35f 100644 +index a17eb2f8d..7c3cc3c7b 100644 --- a/include/net/netfilter/nf_nat.h +++ b/include/net/netfilter/nf_nat.h @@ -51,6 +51,12 @@ struct nf_conn_nat *nf_ct_nat_ext_add(struct nf_conn *ct); int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple, const struct nf_conn *ignored_conntrack); - + +/* Is this 3-tuple already taken? (not by us)*/ +int +nf_nat_used_3_tuple(const struct nf_conntrack_tuple *tuple, @@ -81,7 +83,7 @@ index a17eb2f8d40e..7c3cc3c7b35f 100644 { #if defined(CONFIG_NF_NAT) || defined(CONFIG_NF_NAT_MODULE) diff --git a/include/net/netfilter/nf_nat_l4proto.h b/include/net/netfilter/nf_nat_l4proto.h -index b4d6b29bca62..fbcbb9ad9e4b 100644 +index b4d6b29bc..fbcbb9ad9 100644 --- a/include/net/netfilter/nf_nat_l4proto.h +++ b/include/net/netfilter/nf_nat_l4proto.h @@ -32,7 +32,7 @@ struct nf_nat_l4proto { @@ -96,7 +98,7 @@ index b4d6b29bca62..fbcbb9ad9e4b 100644 @@ -70,11 +70,11 @@ bool nf_nat_l4proto_in_range(const struct nf_conntrack_tuple *tuple, const union nf_conntrack_man_proto *min, const union nf_conntrack_man_proto *max); - + -void nf_nat_l4proto_unique_tuple(const struct nf_nat_l3proto *l3proto, - struct nf_conntrack_tuple *tuple, - const struct nf_nat_range2 *range, @@ -107,11 +109,11 @@ index b4d6b29bca62..fbcbb9ad9e4b 100644 + const struct nf_nat_range2 *range, + enum nf_nat_manip_type maniptype, + const struct nf_conn *ct, u16 *rover); - + int nf_nat_l4proto_nlattr_to_range(struct nlattr *tb[], struct nf_nat_range2 *range); diff --git a/include/uapi/linux/netfilter/nf_nat.h b/include/uapi/linux/netfilter/nf_nat.h -index 4a95c0db14d4..1cda390e17c6 100644 +index 4a95c0db1..1cda390e1 100644 --- a/include/uapi/linux/netfilter/nf_nat.h +++ b/include/uapi/linux/netfilter/nf_nat.h @@ -11,6 +11,7 @@ @@ -119,16 +121,16 @@ index 4a95c0db14d4..1cda390e17c6 100644 #define NF_NAT_RANGE_PROTO_RANDOM_FULLY (1 << 4) #define NF_NAT_RANGE_PROTO_OFFSET (1 << 5) +#define NF_NAT_RANGE_FULLCONE (1 << 6) - + #define NF_NAT_RANGE_PROTO_RANDOM_ALL \ (NF_NAT_RANGE_PROTO_RANDOM | NF_NAT_RANGE_PROTO_RANDOM_FULLY) diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c -index 00fda6331ce5..d2ca4f6003ba 100644 +index 00fda6331..d2ca4f600 100644 --- a/net/ipv4/netfilter/nf_nat_proto_gre.c +++ b/net/ipv4/netfilter/nf_nat_proto_gre.c @@ -38,7 +38,7 @@ MODULE_AUTHOR("Harald Welte "); MODULE_DESCRIPTION("Netfilter NAT protocol helper module for GRE"); - + /* generate unique tuple ... */ -static void +static int @@ -141,7 +143,7 @@ index 00fda6331ce5..d2ca4f6003ba 100644 if (!ct->master) - return; + return 0; - + if (maniptype == NF_NAT_MANIP_SRC) keyptr = &tuple->src.u.gre.key; @@ -73,11 +73,11 @@ gre_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -151,21 +153,21 @@ index 00fda6331ce5..d2ca4f6003ba 100644 - return; + return 1; } - + pr_debug("%p: no NAT mapping\n", ct); - return; + return 0; } - + /* manipulate a GRE packet according to maniptype */ diff --git a/net/ipv4/netfilter/nf_nat_proto_icmp.c b/net/ipv4/netfilter/nf_nat_proto_icmp.c -index 6d7cf1d79baf..403783cda503 100644 +index 6d7cf1d79..403783cda 100644 --- a/net/ipv4/netfilter/nf_nat_proto_icmp.c +++ b/net/ipv4/netfilter/nf_nat_proto_icmp.c @@ -27,7 +27,7 @@ icmp_in_range(const struct nf_conntrack_tuple *tuple, ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id); } - + -static void +static int icmp_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -181,16 +183,16 @@ index 6d7cf1d79baf..403783cda503 100644 - return; + return 0; } - + static bool diff --git a/net/ipv6/netfilter/nf_nat_proto_icmpv6.c b/net/ipv6/netfilter/nf_nat_proto_icmpv6.c -index d9bf42ba44fa..7ff30a023f04 100644 +index d9bf42ba4..7ff30a023 100644 --- a/net/ipv6/netfilter/nf_nat_proto_icmpv6.c +++ b/net/ipv6/netfilter/nf_nat_proto_icmpv6.c @@ -29,7 +29,7 @@ icmpv6_in_range(const struct nf_conntrack_tuple *tuple, ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id); } - + -static void +static int icmpv6_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -205,24 +207,24 @@ index d9bf42ba44fa..7ff30a023f04 100644 } + return 0; } - + static bool diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c -index 2268b10a9dcf..1b83427a7a68 100644 +index 2268b10a9..3ff1554ab 100644 --- a/net/netfilter/nf_nat_core.c +++ b/net/netfilter/nf_nat_core.c @@ -43,6 +43,7 @@ static const struct nf_nat_l4proto __rcu **nf_nat_l4protos[NFPROTO_NUMPROTO] static unsigned int nat_net_id __read_mostly; - + static struct hlist_head *nf_nat_bysource __read_mostly; +static struct hlist_head *nf_nat_by_manip_src __read_mostly; static unsigned int nf_nat_htable_size __read_mostly; static unsigned int nf_nat_hash_rnd __read_mostly; - + @@ -155,6 +156,31 @@ hash_by_src(const struct net *n, const struct nf_conntrack_tuple *tuple) return reciprocal_scale(hash, nf_nat_htable_size); } - + +static inline unsigned int +hash_by_dst(const struct net *n, const struct nf_conntrack_tuple *tuple) +{ @@ -289,13 +291,13 @@ index 2268b10a9dcf..1b83427a7a68 100644 +} EXPORT_SYMBOL(nf_nat_used_tuple); +EXPORT_SYMBOL(nf_nat_used_3_tuple); - + /* If we source map this tuple so reply looks like reply_tuple, will * that meet the constraints of range. @@ -237,6 +296,36 @@ find_appropriate_src(struct net *net, return 0; } - + +/* Only called for DST manip */ +static int +find_appropriate_dst(struct net *net, @@ -354,11 +356,11 @@ index 2268b10a9dcf..1b83427a7a68 100644 const struct nf_nat_l4proto *l4proto; + struct nf_nat_range2 nat_range; struct net *net = nf_ct_net(ct); - + + memcpy(&nat_range, range, sizeof(struct nf_nat_range2)); + zone = nf_ct_zone(ct); - + rcu_read_lock(); @@ -345,48 +442,77 @@ get_unique_tuple(struct nf_conntrack_tuple *tuple, * manips not an issue. @@ -381,7 +383,7 @@ index 2268b10a9dcf..1b83427a7a68 100644 goto out; } } - + + if (maniptype == NF_NAT_MANIP_DST) { + if (nat_range.flags & NF_NAT_RANGE_FULLCONE) { + /* Destination IP range does not apply when fullcone flag is set. */ @@ -408,11 +410,11 @@ index 2268b10a9dcf..1b83427a7a68 100644 *tuple = *orig_tuple; - find_best_ips_proto(zone, tuple, range, ct, maniptype); + find_best_ips_proto(zone, tuple, &nat_range, ct, maniptype); - + /* 3) The per-protocol part of the manip is made to map into * the range to make a unique tuple. */ - + /* Only bother mapping if it's not already in range and unique */ - if (!(range->flags & NF_NAT_RANGE_PROTO_RANDOM_ALL)) { - if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) { @@ -441,7 +443,7 @@ index 2268b10a9dcf..1b83427a7a68 100644 goto out; } } - + /* Last chance: get protocol to try to obtain unique tuple. */ - l4proto->unique_tuple(l3proto, tuple, range, maniptype, ct); + return l4proto->unique_tuple(l3proto, tuple, &nat_range, maniptype, ct); @@ -449,26 +451,26 @@ index 2268b10a9dcf..1b83427a7a68 100644 rcu_read_unlock(); + return 1; } - + struct nf_conn_nat *nf_ct_nat_ext_add(struct nf_conn *ct) @@ -428,7 +554,9 @@ nf_nat_setup_info(struct nf_conn *ct, nf_ct_invert_tuplepr(&curr_tuple, &ct->tuplehash[IP_CT_DIR_REPLY].tuple); - + - get_unique_tuple(&new_tuple, &curr_tuple, range, ct, maniptype); + if (! get_unique_tuple(&new_tuple, &curr_tuple, range, ct, maniptype)) { + return NF_DROP; + } - + if (!nf_ct_tuple_equal(&new_tuple, &curr_tuple)) { struct nf_conntrack_tuple reply; @@ -450,12 +578,16 @@ nf_nat_setup_info(struct nf_conn *ct, - + if (maniptype == NF_NAT_MANIP_SRC) { unsigned int srchash; + unsigned int manip_src_hash; spinlock_t *lock; - + + manip_src_hash = hash_by_src(net, &new_tuple); srchash = hash_by_src(net, &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); @@ -486,11 +488,11 @@ index 2268b10a9dcf..1b83427a7a68 100644 + hlist_del_rcu(&ct->nat_by_manip_src); spin_unlock_bh(&nf_nat_locks[h % CONNTRACK_LOCKS]); } - + @@ -1055,9 +1188,14 @@ static int __init nf_nat_init(void) if (!nf_nat_bysource) return -ENOMEM; - + + nf_nat_by_manip_src = nf_ct_alloc_hashtable(&nf_nat_htable_size, 0); + if (!nf_nat_by_manip_src) + return -ENOMEM; @@ -509,15 +511,15 @@ index 2268b10a9dcf..1b83427a7a68 100644 + kvfree(nf_nat_by_manip_src); unregister_pernet_subsys(&nat_net_ops); } - + diff --git a/net/netfilter/nf_nat_proto_common.c b/net/netfilter/nf_nat_proto_common.c -index 5d849d835561..6ee918302a02 100644 +index 5d849d835..6ee918302 100644 --- a/net/netfilter/nf_nat_proto_common.c +++ b/net/netfilter/nf_nat_proto_common.c @@ -34,12 +34,12 @@ bool nf_nat_l4proto_in_range(const struct nf_conntrack_tuple *tuple, } EXPORT_SYMBOL_GPL(nf_nat_l4proto_in_range); - + -void nf_nat_l4proto_unique_tuple(const struct nf_nat_l3proto *l3proto, - struct nf_conntrack_tuple *tuple, - const struct nf_nat_range2 *range, @@ -539,7 +541,7 @@ index 5d849d835561..6ee918302a02 100644 if (maniptype == NF_NAT_MANIP_DST) - return; + return 0; - + if (ntohs(*portptr) < 1024) { /* Loose convention: >> 512 is credential passing */ @@ -87,17 +87,27 @@ void nf_nat_l4proto_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -551,7 +553,7 @@ index 5d849d835561..6ee918302a02 100644 + off++; + } } - + - for (i = 0; ; ++off) { + for (i = 0; (i != range_size); ++i, ++off) { *portptr = htons(min + off % range_size); @@ -573,15 +575,15 @@ index 5d849d835561..6ee918302a02 100644 + return 0; } EXPORT_SYMBOL_GPL(nf_nat_l4proto_unique_tuple); - + diff --git a/net/netfilter/nf_nat_proto_dccp.c b/net/netfilter/nf_nat_proto_dccp.c -index 67ea0d83aa5a..68ef70bb55df 100644 +index 67ea0d83a..68ef70bb5 100644 --- a/net/netfilter/nf_nat_proto_dccp.c +++ b/net/netfilter/nf_nat_proto_dccp.c @@ -20,15 +20,15 @@ - + static u_int16_t dccp_port_rover; - + -static void +static int dccp_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -595,16 +597,16 @@ index 67ea0d83aa5a..68ef70bb55df 100644 + return nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct, + &dccp_port_rover); } - + static bool diff --git a/net/netfilter/nf_nat_proto_sctp.c b/net/netfilter/nf_nat_proto_sctp.c -index 1c5d9b65fbba..a9d9070c36c8 100644 +index 1c5d9b65f..a9d9070c3 100644 --- a/net/netfilter/nf_nat_proto_sctp.c +++ b/net/netfilter/nf_nat_proto_sctp.c @@ -14,15 +14,15 @@ - + static u_int16_t nf_sctp_port_rover; - + -static void +static int sctp_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -618,16 +620,16 @@ index 1c5d9b65fbba..a9d9070c36c8 100644 + return nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct, + &nf_sctp_port_rover); } - + static bool diff --git a/net/netfilter/nf_nat_proto_tcp.c b/net/netfilter/nf_nat_proto_tcp.c -index f15fcd475f98..1b039055421f 100644 +index f15fcd475..1b0390554 100644 --- a/net/netfilter/nf_nat_proto_tcp.c +++ b/net/netfilter/nf_nat_proto_tcp.c @@ -20,15 +20,15 @@ - + static u16 tcp_port_rover; - + -static void +static int tcp_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -641,16 +643,16 @@ index f15fcd475f98..1b039055421f 100644 + return nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct, + &tcp_port_rover); } - + static bool diff --git a/net/netfilter/nf_nat_proto_udp.c b/net/netfilter/nf_nat_proto_udp.c -index 5790f70a83b2..0b26bb52aef6 100644 +index d85c31c24..ecdcdb2bf 100644 --- a/net/netfilter/nf_nat_proto_udp.c +++ b/net/netfilter/nf_nat_proto_udp.c @@ -19,15 +19,15 @@ - + static u16 udp_port_rover; - + -static void +static int udp_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -664,12 +666,12 @@ index 5790f70a83b2..0b26bb52aef6 100644 + return nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct, + &udp_port_rover); } - + static void -@@ -97,15 +97,15 @@ static bool udplite_manip_pkt(struct sk_buff *skb, +@@ -96,15 +96,15 @@ static bool udplite_manip_pkt(struct sk_buff *skb, return true; } - + -static void +static int udplite_unique_tuple(const struct nf_nat_l3proto *l3proto, @@ -683,16 +685,16 @@ index 5790f70a83b2..0b26bb52aef6 100644 + return nf_nat_l4proto_unique_tuple(l3proto, tuple, range, maniptype, ct, + &udplite_port_rover); } - + const struct nf_nat_l4proto nf_nat_l4proto_udplite = { diff --git a/net/netfilter/nf_nat_proto_unknown.c b/net/netfilter/nf_nat_proto_unknown.c -index c5db3e251232..377a2938cd79 100644 +index c5db3e251..377a2938c 100644 --- a/net/netfilter/nf_nat_proto_unknown.c +++ b/net/netfilter/nf_nat_proto_unknown.c @@ -25,7 +25,7 @@ static bool unknown_in_range(const struct nf_conntrack_tuple *tuple, return true; } - + -static void unknown_unique_tuple(const struct nf_nat_l3proto *l3proto, +static int unknown_unique_tuple(const struct nf_nat_l3proto *l3proto, struct nf_conntrack_tuple *tuple, @@ -705,5 +707,5 @@ index c5db3e251232..377a2938cd79 100644 - return; + return 0; } - + static bool diff --git a/patch/e1000-Do-not-perform-reset-in-reset_task-if-we-are-a.patch b/patch/e1000-Do-not-perform-reset-in-reset_task-if-we-are-a.patch deleted file mode 100644 index acd077435ebb..000000000000 --- a/patch/e1000-Do-not-perform-reset-in-reset_task-if-we-are-a.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 49ee3c2ab5234757bfb56a0b3a3cb422f427e3a3 Mon Sep 17 00:00:00 2001 -From: Alexander Duyck -Date: Fri, 17 Apr 2020 09:35:31 -0700 -Subject: [PATCH] e1000: Do not perform reset in reset_task if we are already - down - -We are seeing a deadlock in e1000 down when NAPI is being disabled. Looking -over the kernel function trace of the system it appears that the interface -is being closed and then a reset is hitting which deadlocks the interface -as the NAPI interface is already disabled. - -To prevent this from happening I am disabling the reset task when -__E1000_DOWN is already set. In addition code has been added so that we set -the __E1000_DOWN while holding the __E1000_RESET flag in e1000_close in -order to guarantee that the reset task will not run after we have started -the close call. - -Signed-off-by: Alexander Duyck -Tested-by: Maxim Zhukov -Signed-off-by: Jeff Kirsher ---- - drivers/net/ethernet/intel/e1000/e1000_main.c | 18 ++++++++++++++---- - 1 file changed, 14 insertions(+), 4 deletions(-) - -diff --git a/drivers/net/ethernet/intel/e1000/e1000_main.c b/drivers/net/ethernet/intel/e1000/e1000_main.c -index 05bc6e216bca..d9fa4600f745 100644 ---- a/drivers/net/ethernet/intel/e1000/e1000_main.c -+++ b/drivers/net/ethernet/intel/e1000/e1000_main.c -@@ -542,8 +542,13 @@ void e1000_reinit_locked(struct e1000_adapter *adapter) - WARN_ON(in_interrupt()); - while (test_and_set_bit(__E1000_RESETTING, &adapter->flags)) - msleep(1); -- e1000_down(adapter); -- e1000_up(adapter); -+ -+ /* only run the task if not already down */ -+ if (!test_bit(__E1000_DOWN, &adapter->flags)) { -+ e1000_down(adapter); -+ e1000_up(adapter); -+ } -+ - clear_bit(__E1000_RESETTING, &adapter->flags); - } - -@@ -1433,10 +1438,15 @@ int e1000_close(struct net_device *netdev) - struct e1000_hw *hw = &adapter->hw; - int count = E1000_CHECK_RESET_COUNT; - -- while (test_bit(__E1000_RESETTING, &adapter->flags) && count--) -+ while (test_and_set_bit(__E1000_RESETTING, &adapter->flags) && count--) - usleep_range(10000, 20000); - -- WARN_ON(test_bit(__E1000_RESETTING, &adapter->flags)); -+ WARN_ON(count < 0); -+ -+ /* signal that we're down so that the reset task will no longer run */ -+ set_bit(__E1000_DOWN, &adapter->flags); -+ clear_bit(__E1000_RESETTING, &adapter->flags); -+ - e1000_down(adapter); - e1000_power_down_phy(adapter); - e1000_free_irq(adapter); --- -2.17.1 - diff --git a/patch/macsec-Support-XPN-frame-handling-IEEE-802.1AEbw.patch b/patch/macsec-Support-XPN-frame-handling-IEEE-802.1AEbw.patch index ce1df815ace8..a7c9d628a5ee 100644 --- a/patch/macsec-Support-XPN-frame-handling-IEEE-802.1AEbw.patch +++ b/patch/macsec-Support-XPN-frame-handling-IEEE-802.1AEbw.patch @@ -23,11 +23,11 @@ frame can be 0 when XPN cipher suite is used, so fixed the function Signed-off-by: Era Mayflower Signed-off-by: David S. Miller --- - drivers/net/macsec.c | 157 ++++++++++++++++++++++++++++++++++++++++---------- - 1 file changed, 125 insertions(+), 32 deletions(-) + drivers/net/macsec.c | 156 ++++++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 125 insertions(+), 31 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c -index df7d6de7c..a41a6cd78 100644 +index 4c5b67a2d..bc3aa124e 100644 --- a/drivers/net/macsec.c +++ b/drivers/net/macsec.c @@ -21,10 +21,38 @@ @@ -323,16 +323,15 @@ index df7d6de7c..a41a6cd78 100644 sg_init_table(sg, ret); ret = skb_to_sgvec(skb, sg, 0, skb->len); -@@ -1086,7 +1176,7 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) - struct macsec_rxh_data *rxd; - struct macsec_dev *macsec; +@@ -1088,6 +1178,7 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) + unsigned int len; sci_t sci; -- u32 pn; + u32 pn; + u32 hdr_pn; bool cbit; struct pcpu_rx_sc_stats *rxsc_stats; struct pcpu_secy_stats *secy_stats; -@@ -1160,7 +1250,7 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) +@@ -1161,7 +1252,7 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) secy_stats = this_cpu_ptr(macsec->stats); rxsc_stats = this_cpu_ptr(rx_sc->stats); @@ -341,7 +340,7 @@ index df7d6de7c..a41a6cd78 100644 u64_stats_update_begin(&secy_stats->syncp); secy_stats->stats.InPktsBadTag++; u64_stats_update_end(&secy_stats->syncp); -@@ -1192,13 +1282,16 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) +@@ -1193,13 +1284,16 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) } /* First, PN check to avoid decrypting obviously wrong packets */ @@ -361,7 +360,7 @@ index df7d6de7c..a41a6cd78 100644 spin_unlock(&rx_sa->lock); if (late) { -@@ -1227,7 +1320,7 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) +@@ -1228,7 +1322,7 @@ static rx_handler_result_t macsec_handle_frame(struct sk_buff **pskb) return RX_HANDLER_CONSUMED; } @@ -370,7 +369,7 @@ index df7d6de7c..a41a6cd78 100644 goto drop; deliver: -@@ -1720,7 +1813,7 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info) +@@ -1723,7 +1817,7 @@ static int macsec_add_rxsa(struct sk_buff *skb, struct genl_info *info) if (tb_sa[MACSEC_SA_ATTR_PN]) { spin_lock_bh(&rx_sa->lock); @@ -379,7 +378,7 @@ index df7d6de7c..a41a6cd78 100644 spin_unlock_bh(&rx_sa->lock); } -@@ -1876,7 +1969,7 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info) +@@ -1879,7 +1973,7 @@ static int macsec_add_txsa(struct sk_buff *skb, struct genl_info *info) nla_memcpy(tx_sa->key.id, tb_sa[MACSEC_SA_ATTR_KEYID], MACSEC_KEYID_LEN); spin_lock_bh(&tx_sa->lock); @@ -388,7 +387,7 @@ index df7d6de7c..a41a6cd78 100644 spin_unlock_bh(&tx_sa->lock); if (tb_sa[MACSEC_SA_ATTR_ACTIVE]) -@@ -2060,7 +2153,7 @@ static int macsec_upd_txsa(struct sk_buff *skb, struct genl_info *info) +@@ -2063,7 +2157,7 @@ static int macsec_upd_txsa(struct sk_buff *skb, struct genl_info *info) if (tb_sa[MACSEC_SA_ATTR_PN]) { spin_lock_bh(&tx_sa->lock); @@ -397,7 +396,7 @@ index df7d6de7c..a41a6cd78 100644 spin_unlock_bh(&tx_sa->lock); } -@@ -2108,7 +2201,7 @@ static int macsec_upd_rxsa(struct sk_buff *skb, struct genl_info *info) +@@ -2111,7 +2205,7 @@ static int macsec_upd_rxsa(struct sk_buff *skb, struct genl_info *info) if (tb_sa[MACSEC_SA_ATTR_PN]) { spin_lock_bh(&rx_sa->lock); @@ -406,7 +405,7 @@ index df7d6de7c..a41a6cd78 100644 spin_unlock_bh(&rx_sa->lock); } -@@ -2470,7 +2563,7 @@ static int dump_secy(struct macsec_secy *secy, struct net_device *dev, +@@ -2473,7 +2567,7 @@ static int dump_secy(struct macsec_secy *secy, struct net_device *dev, } if (nla_put_u8(skb, MACSEC_SA_ATTR_AN, i) || @@ -415,7 +414,7 @@ index df7d6de7c..a41a6cd78 100644 nla_put(skb, MACSEC_SA_ATTR_KEYID, MACSEC_KEYID_LEN, tx_sa->key.id) || nla_put_u8(skb, MACSEC_SA_ATTR_ACTIVE, tx_sa->active)) { nla_nest_cancel(skb, txsa_nest); -@@ -2572,7 +2665,7 @@ static int dump_secy(struct macsec_secy *secy, struct net_device *dev, +@@ -2575,7 +2669,7 @@ static int dump_secy(struct macsec_secy *secy, struct net_device *dev, nla_nest_end(skb, attr); if (nla_put_u8(skb, MACSEC_SA_ATTR_AN, i) || diff --git a/patch/preconfig/packaging-update-abiname.patch b/patch/preconfig/packaging-update-abiname.patch index 80d54db51044..5114b222644f 100644 --- a/patch/preconfig/packaging-update-abiname.patch +++ b/patch/preconfig/packaging-update-abiname.patch @@ -9,26 +9,26 @@ From: Olivier Singla 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/debian/config/defines b/debian/config/defines -index 5b8562d43..9366229f0 100644 +index cd4938ecc..e54c10256 100644 --- a/debian/config/defines +++ b/debian/config/defines @@ -1,5 +1,5 @@ [abi] --abiname: 9 -+abiname: 9-2 +-abiname: 12 ++abiname: 12-2 ignore-changes: __cpuhp_* bpf_analyzer diff --git a/debian/control.md5sum b/debian/control.md5sum -index 085323e31..8f484283d 100644 +index e86f5f1db..caddd5360 100644 --- a/debian/control.md5sum +++ b/debian/control.md5sum @@ -25,7 +25,7 @@ afb508873a44a1f196c2a525fec4b415 debian/templates/image.prerm.in 51797b6c275eb14e99009e78553904cc debian/templates/perf.lintian-overrides.in 814dda166c7e3ef02e6e259e805ac66a debian/templates/tests-control.image.in befa899554918fd2a5264e5dca3c4eef debian/templates/tests-control.main.in --334fdefa84d0804cb0ec672010528eeb debian/config/defines -+7726b7cfcdd85592ccc92496068faca0 debian/config/defines +-d078f945701eb7a9569bd0bc04e8b9a9 debian/config/defines ++139d99a05bc29dcd945ff8a0ebdd9ce1 debian/config/defines da871dd4234a8d1ed82d76fa536fa411 debian/config/alpha/defines 6a030dc96bbeb2340082dc7c5c67a640 debian/config/amd64/defines 3f9e6c98b1abe4a32b12add5d1ada119 debian/config/arm64/defines diff --git a/patch/series b/patch/series index 1ce8244772fe..0b3aea266655 100755 --- a/patch/series +++ b/patch/series @@ -28,7 +28,6 @@ driver-support-optoe-EOF_fix.patch driver-support-optoe-chunk-offset-fix.patch driver-support-optoe-QSFP_DD.patch driver-net-tg3-add-param-short-preamble-and-reset.patch -e1000-Do-not-perform-reset-in-reset_task-if-we-are-a.patch 0001-hwmon-lm75-add-support-for-PCT2075.patch 0004-dt-bindings-hwmon-Add-missing-documentation-for-lm75.patch 0005-dt-bindings-hwmon-Add-tmp75b-to-lm75.txt.patch