- 04 Sep, 2013 40 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/net-nextDavid S. Miller authored
Jeff Kirsher says: ==================== This series contains updates to igb only. Todd provides a fix for igb to not look for a PBA in the iNVM on devices that are flashless. Akeem provides igb patches to add a new PHY id for i354, as well as a couple of patches to implement the new PHY id. He also provides several patches to correctly report the appropriate media type as well as correctly report advertised/supported link for i354 devices. Lastly Akeem implements a 1 second delay mechanism for i210 devices to avoid erroneous link issue with the link partner. ==================== Signed-off-by:David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller authored
Pablo Neira Ayuso says: ==================== The following batch contains: * Three fixes for the new synproxy target available in your net-next tree, from Jesper D. Brouer and Patrick McHardy. * One fix for TCPMSS to correctly handling the fragmentation case, from Phil Oester. I'll pass this one to -stable. ==================== Signed-off-by: -
Akeem G Abodunrin authored
This patch updates igb driver version to 5.0.5 Signed-off-by:
Akeem G Abodunrin <akeem.g.abodunrin@intel.com> Tested-by:
Aaron Brown <aaron.f.brown@intel.com> Signed-off-by:
Jeff Kirsher <jeffrey.t.kirsher@intel.com>
-
Akeem G Abodunrin authored
This patch changes the way we report supported/advertised link for i354 devices, especially for 2.5 GB. Instead of reporting 2.5 GB for all i354 devices erroneously, check first, if it is 2.5 GB capable. Signed-off-by:
-
Akeem G Abodunrin authored
This patch changes how we get speed/duplex for non_copper devices; it now uses pcs register to get current speed and duplex instead of using generic status register that we use to detect speed/duplex for copper devices. Signed-off-by:
-
Phil Oester authored
In commit b396966c (netfilter: xt_TCPMSS: Fix missing fragmentation handling), I attempted to add safe fragment handling to xt_TCPMSS. However, Andy Padavan of Project N56U correctly points out that returning XT_CONTINUE in this function does not work. The callers (tcpmss_tg[46]) expect to receive a value of 0 in order to return XT_CONTINUE. Signed-off-by:
Phil Oester <kernel@linuxace.com> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
-
Akeem G Abodunrin authored
Since i354 2.5Gb devices are not Copper media type but SerDes, so this patch changes the way we detect speed/duplex link info for this device. Signed-off-by:
-
Akeem G Abodunrin authored
PHY Power Management does not exist for i354 device. So, there is no need to read and write this register or clear go link Disconnect bit, which could cause a lot of issues. Signed-off-by:
-
Akeem G Abodunrin authored
This patch implements downshift mechanism for M88E1543 PHY, so that downshift is disabled first during link setup process, and later enabled if we are master and downshift link is negotiated. Also cleaned up return code implementation. Signed-off-by:
-
Akeem G Abodunrin authored
This patch changes PHY_ID for i354 device, now using M88E1543 instead of M88E1545. Signed-off-by:
-
Akeem G Abodunrin authored
This patch adds 1 sec delay mechanism to i210 device family, in order to avoid erroneous link issue with the link partner. Signed-off-by:
-
Todd Fujinaka authored
When a part is flashless, do not look for a PBA in the iNVM. Signed-off-by:
Todd Fujinaka <todd.fujinaka@intel.com> Tested-by:
-
Jesper Dangaard Brouer authored
Packets reaching SYNPROXY were default dropped, as they were most likely invalid (given the recommended state matching). This patch, changes SYNPROXY target to let packets, not consumed, continue being processed by the stack. This will be more in line other target modules. As it will allow more flexible configurations of handling, logging or matching on packets in INVALID states. Signed-off-by:
Jesper Dangaard Brouer <brouer@redhat.com> Acked-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Patrick McHardy authored
With CONFIG_NETFILTER_DEBUG we get the following warning during SYNPROXY init: [ 80.558906] WARNING: CPU: 1 PID: 4833 at net/netfilter/nf_conntrack_extend.c:80 __nf_ct_ext_add_length+0x217/0x220 [nf_conntrack]() The reason is that the conntrack template is set to confirmed before adding the extension and it is invalid to add extensions to already confirmed conntracks. Fix by adding the extensions before setting the conntrack to confirmed. Reported-by:
Jesper Dangaard Brouer <jesper.brouer@gmail.com> Signed-off-by:
-
Jesper Dangaard Brouer authored
Its seems Patrick missed to incoorporate some of my requested changes during review v2 of SYNPROXY netfilter module. Which were, to avoid SYN+ACK packets to enter the path, meant for the ACK packet from the client (from the 3WHS). Further there were a bug in ip6t_SYNPROXY.c, for matching SYN packets that didn't exclude the ACK flag. Go a step further with SYN packet/flag matching by excluding flags ACK+FIN+RST, in both IPv4 and IPv6 modules. The intented usage of SYNPROXY is as follows: (gracefully describing usage in commit) iptables -t raw -A PREROUTING -i eth0 -p tcp --dport 80 --syn -j NOTRACK iptables -A INPUT -i eth0 -p tcp --dport 80 -m state UNTRACKED,INVALID \ -j SYNPROXY --sack-perm --timestamp --mss 1480 --wscale 7 --ecn echo 0 > /proc/sys/net/netfilter/nf_conntrack_tcp_loose This does filter SYN flags early, for packets in the UNTRACKED state, but packets in the INVALID state with other TCP flags could still reach the module, thus this stricter flag matching is still needed. Signed-off-by: -
Vijay Subramanian authored
tcp_rcv_established() returns only one value namely 0. We change the return value to void (as suggested by David Miller). After commit 0c24604b (tcp: implement RFC 5961 4.2), we no longer send RSTs in response to SYNs. We can remove the check and processing on the return value of tcp_rcv_established(). We also fix jtcp_rcv_established() in tcp_probe.c to match that of tcp_rcv_established(). Signed-off-by:
Vijay Subramanian <subramanian.vijay@gmail.com> Signed-off-by:
-
Daniel Borkmann authored
With recent changes in tcp_probe module (e.g. f925d0a6 ("net: tcp_probe: add IPv6 support")) we also need to take into account that tbuf needs to be updated as format string will be further expanded. tbuf sits on the stack in tcpprobe_read() function that is invoked when user space reads procfs file /proc/net/tcpprobe, hence not fast path as in jtcp_rcv_established(). Having a size similarly as in sctp_probe module of 256 bytes is fully sufficient for that, we need theoretical maximum of 252 bytes otherwise we could get truncated. Signed-off-by:
Daniel Borkmann <dborkman@redhat.com> Signed-off-by:
-
Dan Carpenter authored
Just remove a small semicolon. Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Acked-by:
Himanshu Madhani <himanshu.madhani@qlogic.com> Signed-off-by:
-
Sucheta Chakraborty authored
This patch fixes warning "warning: symbol 'qlcnic_set_dcb_ops' was not declared. Should it be static?" Signed-off-by:
Sucheta Chakraborty <sucheta.chakraborty@qlogic.com> Signed-off-by:
-
Dan Carpenter authored
This was found with a manual audit and I don't have a reproducer. We limit ->calling_len and ->called_len when we get them from copy_from_user() in x25_ioctl() so when they come from skb->data then we should cap them there as well. Signed-off-by:
-
Dan Carpenter authored
"tty->name" and "name" are a 64 character buffers. My static checker complains because we add the "cf" on the front so it look like we are copying a 66 character string into a 64 character buffer. Also if the name is larger than IFNAMSIZ (16) it triggers a BUG_ON() inside the call to alloc_netdev(). This is all under CAP_SYS_ADMIN so it's not a security fix, it just adds a little robustness. Signed-off-by:
-
Anton Blanchard authored
The hypervisor is big endian, so little endian kernel builds need to byteswap. Signed-off-by:
Anton Blanchard <anton@samba.org> Signed-off-by:
-
Jingoo Han authored
Casting from 'void *' is unnecessary, because casting from 'void *' to any pointer type is automatic. Reported-by:
Sergei Shtylyov <sergei.shtylyov@cogentembedded.com> Signed-off-by:
Jingoo Han <jg1.han@samsung.com> Signed-off-by:
-
Michael Chan authored
Signed-off-by:
Michael Chan <mchan@broadcom.com> Signed-off-by:
-
Michael Chan authored
Use bp->pfid from bnx2x instead to avoid duplication. Signed-off-by:
-
Michael Chan authored
Use BP_PORT and chip_port_mode directly from bnx2x.h to avoid duplication. Signed-off-by:
-
Michael Chan authored
to avoid duplication of the same logic. Signed-off-by:
-
Michael Chan authored
This eliminates duplication and ensures that all bnx2x chips will be supported. Signed-off-by:
-
Veaceslav Falico authored
Currently we're linking upper devices to lower ones, which results in upside-down relationship: upper devices seeing lower devices via its upper lists. Fix this by correctly linking lower devices to the upper ones. CC: "David S. Miller" <davem@davemloft.net> CC: Eric Dumazet <edumazet@google.com> CC: Jiri Pirko <jiri@resnulli.us> CC: Alexander Duyck <alexander.h.duyck@intel.com> CC: Cong Wang <amwang@redhat.com> Signed-off-by:
Veaceslav Falico <vfalico@redhat.com> Signed-off-by:
-
Nicolas Dichtel authored
The goal of this patch is to harmonize cleanup done on a skbuff on rx path. Before this patch, behaviors were different depending of the tunnel type. Signed-off-by:
Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by:
-
Nicolas Dichtel authored
The goal of this patch is to harmonize cleanup done on a skbuff on xmit path. Before this patch, behaviors were different depending of the tunnel type. Signed-off-by:
-
Nicolas Dichtel authored
This function was only used when a packet was sent to another netns. Now, it can also be used after tunnel encapsulation or decapsulation. Only skb_orphan() should not be done when a packet is not crossing netns. Signed-off-by:
-
Nicolas Dichtel authored
This argument is not used, let's remove it. Signed-off-by:
-
Nicolas Dichtel authored
This argument is not used, let's remove it. Signed-off-by:
-
nikolay@redhat.com authored
bond_compute_features is always called with RTNL held, so we can safely drop the read bond->lock. Signed-off-by:
Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by:
-
nikolay@redhat.com authored
We're protected by RTNL so nothing can happen and we can safely drop the read bond->lock. Signed-off-by:
-
nikolay@redhat.com authored
We can drop the use of bond->lock for mutual exclusion in bond_3ad_update_lacp_rate and use RTNL in the sysfs store function instead. This way we'll prevent races with mode change and interface up/down as well as simplify update_lacp_rate by removing the check for port->slave because it'll always be initialized (done while enslaving with RTNL). This change will also help in the future removal of reader bond->lock from bond_enslave. Signed-off-by:
-
nikolay@redhat.com authored
We don't have to release all slaves when closing the bond dev, so remove the outdated comment and the braces around the left single statement. Signed-off-by:
-
nikolay@redhat.com authored
This patch aims to remove a use of the bond->lock for mutual exclusion which will later allow easier migration to RCU of the users of this functionality. We use RTNL as a synchronizing mechanism since it's always held when send_peer_notif is set, and when it is decremented from the notifier function. We can also drop some locking, and fix the leakage of the send_peer_notif counter. Signed-off-by:
-
Jason Wang authored
As Michael point out, We used to limit the max pending DMAs to get better cache utilization. But it was not done correctly since it was one done when there's no new buffers submitted from guest. Guest can easily exceeds the limitation by keeping sending packets. So this patch moves the check into main loop. Tests shows about 5%-10% improvement on per cpu throughput for guest tx. Signed-off-by:
Jason Wang <jasowang@redhat.com> Signed-off-by:
-
