1. 26 Sep, 2016 5 commits
    • Wei Yongjun's avatar
      net: dsa: mv88e6xxx: fix non static symbol warnings · b3f5bf64
      Wei Yongjun authored
      Fixes the following sparse warnings:
      
      drivers/net/dsa/mv88e6xxx/chip.c:219:5: warning:
       symbol 'mv88e6xxx_port_read' was not declared. Should it be static?
      drivers/net/dsa/mv88e6xxx/chip.c:227:5: warning:
       symbol 'mv88e6xxx_port_write' was not declared. Should it be static?
      Signed-off-by: default avatarWei Yongjun <weiyongjun1@huawei.com>
      Reviewed-by: default avatarVivien Didelot <vivien.didelot@savoirfairelinux.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b3f5bf64
    • Wei Yongjun's avatar
      be2net: fix non static symbol warnings · e6053dd5
      Wei Yongjun authored
      Fixes the following sparse warnings:
      
      drivers/net/ethernet/emulex/benet/be_main.c:47:25: warning:
       symbol 'be_err_recovery_workq' was not declared. Should it be static?
      drivers/net/ethernet/emulex/benet/be_main.c:63:25: warning:
       symbol 'be_wq' was not declared. Should it be static?
      Signed-off-by: default avatarWei Yongjun <weiyongjun1@huawei.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e6053dd5
    • Robert Jarzmik's avatar
      net: smc91x: take into account register shift · 876a55b8
      Robert Jarzmik authored
      This aligns smc91x with its cousin, namely smc911x.c.
      This also allows the driver to run also in a device-tree based lubbock
      board build, on which it was tested.
      Signed-off-by: default avatarRobert Jarzmik <robert.jarzmik@free.fr>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      876a55b8
    • Colin Ian King's avatar
      cxgb4: fix -ve error check on a signed iq · 1cb1860d
      Colin Ian King authored
      iq is unsigned, so the error check for iq < 0 has no effect so errors
      can slip past this check.  Fix this by making iq signed and also
      get_filter_steerq return a signed int so a -ve error can be returned.
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1cb1860d
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next · bce3414e
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter updates for net-next
      
      The following patchset contains Netfilter updates for your net-next
      tree, they are:
      
      1) Consolidate GRE protocol tracker using new GRE protocol definitions,
         patches from Gao Feng.
      
      2) Properly parse continuation lines in SIP helper, update allowed
         characters in Call-ID header and allow tabs in SIP headers as
         specified by RFC3261, from Marco Angaroni.
      
      3) Remove useless code in FTP conntrack helper, also from Gao Feng.
      
      4) Add number generation expression for nf_tables, with random and
         incremental generators. This also includes specific offset to add
         to the result, patches from Laura Garcia Liebana. Liping Zhang
         follows with a fix to avoid a race in this new expression.
      
      5) Fix new quota expression inversion logic, added in the previous
         pull request.
      
      6) Missing validation of queue configuration in nft_queue, patch
         from Liping Zhang.
      
      7) Remove unused ctl_table_path, as part of the deprecation of the
         ip_conntrack sysctl interface coming in the previous batch.
         Again from Liping Zhang.
      
      8) Add offset attribute to nft_hash expression, so we can generate
         any output from a specific base offset. Moreover, check for
         possible overflow, patches from Laura Garcia.
      
      9) Allow to invert dynamic set insertion from packet path, to check
         for overflows in case the set is full.
      
      10) Revisit nft_set_pktinfo*() logic from nf_tables to ensure
          proper initialization of layer 4 protocol. Consolidate pktinfo
          structure initialization for bridge and netdev families.
      
      11) Do not inconditionally drop IPv6 packets that we cannot parse
          transport protocol for ip6 and inet families, let the user decide
          on this via ruleset policy.
      
      12) Get rid of gotos in __nf_ct_try_assign_helper().
      
      13) Check for return value in register_netdevice_notifier() and
          nft_register_chain_type(), patches from Gao Feng.
      
      14) Get rid of CONFIG_IP6_NF_IPTABLES dependency in nf_queue
          infrastructure that is common to nf_tables, from Liping Zhang.
      
      15) Disable 'found' and 'searched' stats that are updates from the
          packet hotpath, not very useful these days.
      
      16) Validate maximum value of u32 netlink attributes in nf_tables,
          this introduces nft_parse_u32_check(). From Laura Garcia.
      
      17) Add missing code to integrate nft_queue with maps, patch from
          Liping Zhang. This also includes missing support ranges in
          nft_queue bridge family.
      
      18) Fix check in nft_payload_fast_eval() that ensure that we don't
          go over the skbuff data boundary, from Liping Zhang.
      
      19) Check if transport protocol is set from nf_tables tracing and
          payload expression. Again from Liping Zhang.
      
      20) Use net_get_random_once() whenever possible, from Gao Feng.
      
      21) Replace hardcoded value by sizeof() in xt_helper, from Gao Feng.
      
      22) Remove superfluous check for found element in nft_lookup.
      
      23) Simplify TCPMSS logic to check for minimum MTU, from Gao Feng.
      
      24) Replace double linked list by single linked list in Netfilter
          core hook infrastructure, patchset from Aaron Conole. This
          includes several patches to prepare this update.
      
      25) Fix wrong sequence adjustment of TCP RST with no ACK, from
          Gao Feng.
      
      26) Relax check for direction attribute in nft_ct for layer 3 and 4
          protocol fields, from Liping Zhang.
      
      27) Add new revision for hashlimit to support higher pps of upto 1
          million, from Vishwanath Pai.
      
      28) Evict stale entries in nf_conntrack when reading entries from
          /proc/net/nf_conntrack, from Florian Westphal.
      
      29) Fix transparent match for IPv6 request sockets, from Krisztian
          Kovacs.
      
      30) Add new range expression for nf_tables.
      
      31) Add missing code to support for flags in nft_log. Expose NF_LOG_*
          flags via uapi and use it from the generic logging infrastructure,
          instead of using xt specific definitions, from Liping Zhang.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bce3414e
  2. 25 Sep, 2016 30 commits
  3. 24 Sep, 2016 5 commits
    • Aaron Conole's avatar
      netfilter: nf_queue: whitespace cleanup · 54f17bbc
      Aaron Conole authored
      A future patch will modify the hook drop and outfn functions.  This will
      cause the line lengths to take up too much space.  This is simply a
      readability change.
      Signed-off-by: default avatarAaron Conole <aconole@bytheb.org>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      54f17bbc
    • David Howells's avatar
      rxrpc: Implement slow-start · 57494343
      David Howells authored
      Implement RxRPC slow-start, which is similar to RFC 5681 for TCP.  A
      tracepoint is added to log the state of the congestion management algorithm
      and the decisions it makes.
      
      Notes:
      
       (1) Since we send fixed-size DATA packets (apart from the final packet in
           each phase), counters and calculations are in terms of packets rather
           than bytes.
      
       (2) The ACK packet carries the equivalent of TCP SACK.
      
       (3) The FLIGHT_SIZE calculation in RFC 5681 doesn't seem particularly
           suited to SACK of a small number of packets.  It seems that, almost
           inevitably, by the time three 'duplicate' ACKs have been seen, we have
           narrowed the loss down to one or two missing packets, and the
           FLIGHT_SIZE calculation ends up as 2.
      
       (4) In rxrpc_resend(), if there was no data that apparently needed
           retransmission, we transmit a PING ACK to ask the peer to tell us what
           its Rx window state is.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      57494343
    • David Howells's avatar
      rxrpc: Schedule an ACK if the reply to a client call appears overdue · 0d967960
      David Howells authored
      If we've sent all the request data in a client call but haven't seen any
      sign of the reply data yet, schedule an ACK to be sent to the server to
      find out if the reply data got lost.
      
      If the server hasn't yet hard-ACK'd the request data, we send a PING ACK to
      demand a response to find out whether we need to retransmit.
      
      If the server says it has received all of the data, we send an IDLE ACK to
      tell the server that we haven't received anything in the receive phase as
      yet.
      
      To make this work, a non-immediate PING ACK must carry a delay.  I've chosen
      the same as the IDLE ACK for the moment.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      0d967960
    • David Howells's avatar
      rxrpc: Generate a summary of the ACK state for later use · 31a1b989
      David Howells authored
      Generate a summary of the Tx buffer packet state when an ACK is received
      for use in a later patch that does congestion management.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      31a1b989
    • David Howells's avatar
      rxrpc: Delay the resend timer to allow for nsec->jiffies conv error · df0562a7
      David Howells authored
      When determining the resend timer value, we have a value in nsec but the
      timer is in jiffies which may be a million or more times more coarse.
      nsecs_to_jiffies() rounds down - which means that the resend timeout
      expressed as jiffies is very likely earlier than the one expressed as
      nanoseconds from which it was derived.
      
      The problem is that rxrpc_resend() gets triggered by the timer, but can't
      then find anything to resend yet.  It sets the timer again - but gets
      kicked off immediately again and again until the nanosecond-based expiry
      time is reached and we actually retransmit.
      
      Fix this by adding 1 to the jiffies-based resend_at value to counteract the
      rounding and make sure that the timer happens after the nanosecond-based
      expiry is passed.
      
      Alternatives would be to adjust the timestamp on the packets to align
      with the jiffie scale or to switch back to using jiffie-timestamps.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      df0562a7