1. 15 Oct, 2015 2 commits
    • Pablo Neira's avatar
      netfilter: nfnetlink_log: validate dependencies to avoid breaking atomicity · 8cbc8708
      Pablo Neira authored
      Check that dependencies are fulfilled before updating the logger
      instance, otherwise we can leave things in intermediate state on errors
      in nfulnl_recv_config().
      
      [ Ken-ichirou reports that this is also fixing missing instance refcnt drop
        on error introduced in his patch 914eebf2 ("netfilter: nfnetlink_log:
        autoload nf_conntrack_netlink module NFQA_CFG_F_CONNTRACK config flag"). ]
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Tested-by: default avatarKen-ichirou MATSUZAWA <chamaken@gmail.com>
      8cbc8708
    • Pablo Neira Ayuso's avatar
      netfilter: nfnetlink_log: consolidate check for instance in nfulnl_recv_config() · 336a3b3e
      Pablo Neira Ayuso authored
      This patch consolidates the check for valid logger instance once we have
      passed the command handling:
      
      The config message that we receive may contain the following info:
      
      1) Command only: We always get a valid instance pointer if we just
         created it. In case that the instance is being destroyed or the
         command is unknown, we jump to exit path of nfulnl_recv_config().
         This patch doesn't modify this handling.
      
      2) Config only: In this case, the instance must always exist since the
         user is asking for configuration updates. If the instance doesn't exist
         this returns -ENODEV.
      
      3) No command and no configs are specified: This case is rare. The
         user is sending us a config message with neither commands nor
         config options. In this case, we have to check if the instance exists
         and bail out otherwise. Before this patch, it was possible to send a
         config message with no command and no config updates for an
         unexisting instance without triggering an error. So this is the only
         case that changes.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Tested-by: default avatarKen-ichirou MATSUZAWA <chamaken@gmail.com>
      336a3b3e
  2. 14 Oct, 2015 2 commits
  3. 13 Oct, 2015 6 commits
  4. 12 Oct, 2015 6 commits
  5. 07 Oct, 2015 2 commits
    • Simon Horman's avatar
      ipvs: Remove possibly unused variables from ip_vs_conn_net_{init,cleanup} · 92240e8d
      Simon Horman authored
      If CONFIG_PROC_FS is undefined then the arguments of proc_create()
      and remove_proc_entry() are unused. As a result the net variables of
      ip_vs_conn_net_{init,cleanup} are unused.
      
      net/netfilter/ipvs//ip_vs_conn.c: In function ‘ip_vs_conn_net_init’:
      net/netfilter/ipvs//ip_vs_conn.c:1350:14: warning: unused variable ‘net’ [-Wunused-variable]
      net/netfilter/ipvs//ip_vs_conn.c: In function ‘ip_vs_conn_net_cleanup’:
      net/netfilter/ipvs//ip_vs_conn.c:1361:14: warning: unused variable ‘net’ [-Wunused-variable]
      ...
      
      Resolve this by dereferencing net as needed rather than storing it
      in a variable.
      
      Fixes: 3d993766 ("ipvs: Pass ipvs not net into ip_vs_control_net_(init|cleanup)")
      Signed-off-by: default avatarSimon Horman <horms@verge.net.au>
      Acked-by: default avatarJulian Anastasov <ja@ssi.bg>
      92240e8d
    • David Ahern's avatar
      ipvs: Remove possibly unused variable from ip_vs_out · ed1c9f0e
      David Ahern authored
      Eric's net namespace changes in 1b75097d leaves net unreferenced if
      CONFIG_IP_VS_IPV6 is not enabled:
      
      ../net/netfilter/ipvs/ip_vs_core.c: In function ‘ip_vs_out’:
      ../net/netfilter/ipvs/ip_vs_core.c:1177:14: warning: unused variable ‘net’ [-Wunused-variable]
      
      After the net refactoring there is only 1 user; push the reference to the
      1 user. While the line length slightly exceeds 80 it seems to be the
      best change.
      
      Fixes: 1b75097d("ipvs: Pass ipvs into ip_vs_out")
      Signed-off-by: default avatarDavid Ahern <dsa@cumulusnetworks.com>
      Acked-by: default avatarJulian Anastasov <ja@ssi.bg>
      [horms: updated subject]
      Signed-off-by: default avatarSimon Horman <horms@verge.net.au>
      ed1c9f0e
  6. 05 Oct, 2015 7 commits
  7. 04 Oct, 2015 2 commits
    • Pablo Neira Ayuso's avatar
      netfilter: rename nfnetlink_queue_core.c to nfnetlink_queue.c · 32f40c5f
      Pablo Neira Ayuso authored
      Now that we have integrated the ct glue code into nfnetlink_queue without
      introducing dependencies with the conntrack code.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      32f40c5f
    • Pablo Neira Ayuso's avatar
      netfilter: nfnetlink_queue: get rid of nfnetlink_queue_ct.c · b7bd1809
      Pablo Neira Ayuso authored
      The original intention was to avoid dependencies between nfnetlink_queue and
      conntrack without ifdef pollution. However, we can achieve this by moving the
      conntrack dependent code into ctnetlink and keep some glue code to access the
      nfq_ct indirection from nfqueue.
      
      After this patch, the nfq_ct indirection is always compiled in the netfilter
      core to avoid polluting nfqueue with ifdefs. Thus, if nf_conntrack is not
      compiled this results in only 8-bytes of memory waste in x86_64.
      
      This patch also adds ctnetlink_nfqueue_seqadj() to avoid that the nf_conn
      structure layout if exposed to nf_queue, which creates another dependency with
      nf_conntrack at compilation time.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      b7bd1809
  8. 03 Oct, 2015 13 commits
    • Eric Dumazet's avatar
      tcp/dccp: add SLAB_DESTROY_BY_RCU flag for request sockets · e96f78ab
      Eric Dumazet authored
      Before letting request sockets being put in TCP/DCCP regular
      ehash table, we need to add either :
      
      - SLAB_DESTROY_BY_RCU flag to their kmem_cache
      - add RCU grace period before freeing them.
      
      Since we carefully respected the SLAB_DESTROY_BY_RCU protocol
      like ESTABLISH and TIMEWAIT sockets, use it here.
      
      req_prot_init() being only used by TCP and DCCP, I did not add
      a new slab_flags into their rsk_prot, but reuse prot->slab_flags
      
      Since all reqsk_alloc() users are correctly dealing with a failure,
      add the __GFP_NOWARN flag to avoid traces under pressure.
      
      Fixes: 079096f1 ("tcp/dccp: install syn_recv requests into ehash table")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e96f78ab
    • David S. Miller's avatar
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue · 4236e2a1
      David S. Miller authored
      Jeff Kirsher says:
      
      ====================
      Intel Wired LAN Driver Updates 2015-09-30
      
      This series contains updates to i40e and i40evf only.
      
      Vasily Averin provides a couple of rtnl lock/unlock fixes for both i40e
      and i40evf.
      
      Shannon provides several updates and fixes, first fixes up a type clash
      in i40e_aq_rc_to_posix(), where the error codes are signed values, so we
      need to treat them as such.  Then fixes up a padding issue where an
      extra byte is added in i40e_aqc_get_cee_dcb_cfg_v1_resp to directly
      acknowledge the padding.  Updated i40e to keep debugfs register read
      and writes from accessing outside of the io-remapped space.  Added
      support and device id for another 20 GbE device.
      
      Jesse fixes the transmit hand workaround code for ARM that was causing
      Tx hangs to still occur occasionally when there really was no hang.  Then
      fixed the receive dropped counter to show up in netstat interface.
      Refactor the interrupt enable function since it was always making the
      caller add the base_vector from the VSI struct which is already passed
      to the function.  Fix kbuild warnings found in 0day build infrastructure
      by adding a harmless cast to a dev_info(), also fix 32 bit build
      warnings found by sparse.
      
      Greg fixed a configuration error that results if a port VLAN is set
      for a VF before the VF driver is loaded, so that when the VF driver is
      loaded the port VLAN is ignored.
      
      Mitch fixes the use of QOS field consistently in
      i40e_ndo_set_vf_port_vlan().  Modified the init timing of the driver
      to increase stability on load/unload and SR-IOV enable/disable cycles.
      
      Anjali updates i40e to not collect VEB stats if they are disabled in the
      hardware for performance reasons.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4236e2a1
    • David S. Miller's avatar
      Merge branch 'ravb-r8a7795' · 28117b08
      David S. Miller authored
      Simon Horman says:
      
      ====================
      ravb: Add support for r8a7795 SoC
      
      please consider this series for net-next.
      It enhances the ravb driver to support the r8a7795 SoC.
      
      Changes:
      
      * Dropped RFC prefix
      * Details in changelog of individual patches
      
      Base:
      
      * net-next/master
      
      Availability:
      
      To aid review of this in conjunction with other EtherAVB changes
      the following branches are available in my renesas tree on kernel.org.
      
      * me/r8a7795-ravb-driver-v4: this series
      * me/r8a7795-ravb-pfc-v2: r8a7795 sh-pfc update for EthernetAVB
      * me/r8a7795-ravb-integration-v4: enable EthernetAVB on r8a7795
      * me/r8a7795-ravb-driver-and-integration-v4.runtime:
            the above three branches with their runtime dependencies
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      28117b08
    • Kazuya Mizuguchi's avatar
      ravb: Add support for r8a7795 SoC · 22d4df8f
      Kazuya Mizuguchi authored
      This patch supports the r8a7795 SoC by:
      - Using two interrupts
        + One for E-MAC
        + One for everything else
        + Both can be handled by the existing common interrupt handler, which
          affords a simpler update to support the new SoC. In future some
          consideration may be given to implementing multiple interrupt handlers
      - Limiting the phy speed to 100Mbit/s for the new SoC;
        at this time it is not clear how this restriction may be lifted
        but I hope it will be possible as more information comes to light
      Signed-off-by: default avatarKazuya Mizuguchi <kazuya.mizuguchi.ks@renesas.com>
      [horms: reworked]
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      22d4df8f
    • Kazuya Mizuguchi's avatar
      ravb: Document binding for r8a7795 SoC · 619f3bd2
      Kazuya Mizuguchi authored
      This patch updates the ravb binding to support the r8a7795 SoC by:
      - Adding a compat string for the new hardware
      - Adding 25 named interrupts to binding for the new SoC;
        older SoCs continue to use a single multiplexed interrupt
      
      The example is also updated to reflect the r8a7795 as this is the
      more complex case.
      
      Based on work by Kazuya Mizuguchi and others.
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Acked-by: default avatarGeert Uytterhoeven <geert+renesas@glider.be>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      619f3bd2
    • Kazuya Mizuguchi's avatar
      ravb: Provide dev parameter to DMA API · e2dbb33a
      Kazuya Mizuguchi authored
      This patch is in preparation for using this driver on arm64 where the
      implementation of __dma_alloc_coherent fails if a device parameter is not
      provided.
      Signed-off-by: default avatarKazuya Mizuguchi <kazuya.mizuguchi.ks@renesas.com>
      Signed-off-by: default avatarYoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com>
      Signed-off-by: default avatarMasaru Nagai <masaru.nagai.vx@renesas.com>
      [horms: squashed into a single patch]
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e2dbb33a
    • Simon Horman's avatar
      phylib: Add phy_set_max_speed helper · f3a6bd39
      Simon Horman authored
      Add a helper to allow ethernet drivers to limit the speed of a phy
      (that they are attached to).
      
      This mainly involves factoring out the business-end of
      of_set_phy_supported() and exporting a new symbol.
      
      This code seems to be open coded in several places, in several different
      variants.
      
      It is is envisaged that this will be used in situations where setting the
      "max-speed" property in DT is not appropriate, e.g. because the maximum
      speed is not a property of the phy hardware.
      Signed-off-by: default avatarSimon Horman <horms+renesas@verge.net.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f3a6bd39
    • David S. Miller's avatar
      Merge branch 'bpf-updates' · f8e1100a
      David S. Miller authored
      Daniel Borkmann says:
      
      ====================
      BPF updates
      
      Some minor updates to {cls,act}_bpf to retrieve routing realms
      and to make skb->priority writable.
      
      Thanks!
      
      v1 -> v2:
       - Dropped preclassify patch for now from the series as the
         rest is pretty much independent of it
       - Rest unchanged, only rebased and already posted Acked-by's kept
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f8e1100a
    • Daniel Borkmann's avatar
      sched, bpf: make skb->priority writable · 754f1e6a
      Daniel Borkmann authored
      {cls,act}_bpf can now set the skb->priority from an eBPF program based
      on various critera, so that for example classful qdiscs like multiq can
      update the skb's priority during enqueue time and further push it down
      into subsequent qdiscs.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      754f1e6a
    • Daniel Borkmann's avatar
      sched, bpf: add helper for retrieving routing realms · c46646d0
      Daniel Borkmann authored
      Using routing realms as part of the classifier is quite useful, it
      can be viewed as a tag for one or multiple routing entries (think of
      an analogy to net_cls cgroup for processes), set by user space routing
      daemons or via iproute2 as an indicator for traffic classifiers and
      later on processed in the eBPF program.
      
      Unlike actions, the classifier can inspect device flags and enable
      netif_keep_dst() if necessary. tc actions don't have that possibility,
      but in case people know what they are doing, it can be used from there
      as well (e.g. via devs that must keep dsts by design anyway).
      
      If a realm is set, the handler returns the non-zero realm. User space
      can set the full 32bit realm for the dst.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c46646d0
    • Daniel Borkmann's avatar
      ebpf: migrate bpf_prog's flags to bitfield · a91263d5
      Daniel Borkmann authored
      As we need to add further flags to the bpf_prog structure, lets migrate
      both bools to a bitfield representation. The size of the base structure
      (excluding insns) remains unchanged at 40 bytes.
      
      Add also tags for the kmemchecker, so that it doesn't throw false
      positives. Even in case gcc would generate suboptimal code, it's not
      being accessed in performance critical paths.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a91263d5
    • David S. Miller's avatar
      Merge branch 'switchdev-obj' · bd8762be
      David S. Miller authored
      Jiri Pirko says:
      
      ====================
      switchdev: bring back switchdev_obj
      
      Second version of the patch extends to a patchset. Basically this patchset
      brings object structure back which disappeared with recent Vivien's patchset.
      Also it does a bit of naming changes in order to get the things in line.
      Also, object id is put back into object structure.
      Thanks to Scott and Vivien for review and suggestions.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bd8762be
    • Jiri Pirko's avatar