- 08 Apr, 2015 1 commit
-
-
Daniel Borkmann authored
Currently in xt_socket, we take advantage of early demuxed sockets since commit 00028aa3 ("netfilter: xt_socket: use IP early demux") in order to avoid a second socket lookup in the fast path, but we only make partial use of this: We still unnecessarily parse headers, extract proto, {s,d}addr and {s,d}ports from the skb data, accessing possible conntrack information, etc even though we were not even calling into the socket lookup via xt_socket_get_sock_{v4,v6}() due to skb->sk hit, meaning those cycles can be spared. After this patch, we only proceed the slower, manual lookup path when we have a skb->sk miss, thus time to match verdict for early demuxed sockets will improve further, which might be i.e. interesting for use cases such as mentioned in 681f130f ("netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag"). Signed-off-by:
Daniel Borkmann <daniel@iogearbox.net> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
-
- 02 Apr, 2015 1 commit
-
-
Florian Westphal authored
We also need to save/store in forward, else br_parse_ip_options call will zero frag_max_size as well. Fixes: 93fdd47e ('bridge: Save frag_max_size between PRE_ROUTING and POST_ROUTING') Signed-off-by:
Florian Westphal <fw@strlen.de> Signed-off-by:
-
- 01 Apr, 2015 7 commits
-
-
Pablo Neira Ayuso authored
We have to stop iterating on the rule expressions if the cgroup mismatches. Moreover, make sure a non-full socket from the input path leads us to a crash. Fixes: ce674173 ("netfilter: nft_meta: add cgroup support") Signed-off-by:
-
Daniel Borkmann authored
While originally only being intended for outgoing traffic, commit a00e7634 ("netfilter: x_tables: allow to use cgroup match for LOCAL_IN nf hooks") enabled xt_cgroups for the NF_INET_LOCAL_IN hook as well, in order to allow for nfacct accounting. Besides being currently limited to early demuxes only, commit a00e7634 forgot to add a check if we deal with full sockets, i.e. in this case not with time wait sockets. TCP time wait sockets do not have the same memory layout as full sockets, a lower memory footprint and consequently also don't have a sk_classid member; probing for sk_classid member there could potentially lead to a crash. Fixes: a00e7634 ("netfilter: x_tables: allow to use cgroup match for LOCAL_IN nf hooks") Cc: Alexey Perevalov <a.perevalov@samsung.com> Signed-off-by:
-
Patrick McHardy authored
Add support for element timeouts to nft_hash. The lookup and walking functions are changed to ignore timed out elements, a periodic garbage collection task cleans out expired entries. Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Patrick McHardy authored
GC is expected to happen asynchrously to the netlink interface. In the netlink path, both insertion and removal of elements consist of two steps, insertion followed by activation or deactivation followed by removal, during which the element must not be freed by GC. The synchronization helpers use an unused bit in the genmask field to atomically mark an element as "busy", meaning it is either currently being handled through the netlink API or by GC. Elements being processed by GC will never survive, netlink will simply ignore them. Elements being currently processed through netlink will be skipped by GC and reprocessed during the next run. Signed-off-by:
-
Patrick McHardy authored
Add helpers for GC batch destruction: since element destruction needs a RCU grace period for all set implementations, add some helper functions for asynchronous batch destruction. Elements are collected in a batch structure, which is asynchronously released using RCU once its full. Signed-off-by:
-
Patrick McHardy authored
Add API support for set element timeouts. Elements can have a individual timeout value specified, overriding the sets' default. Two new extension types are used for timeouts - the timeout value and the expiration time. The timeout value only exists if it differs from the default value. Signed-off-by:
-
Patrick McHardy authored
Add set timeout support to the netlink API. Sets with timeout support enabled can have a default timeout value and garbage collection interval specified. Signed-off-by:
-
- 31 Mar, 2015 31 commits
-
-
David S. Miller authored
Richard Cochran says: ==================== ptp: remove open coded ns_to_timespec64 and reverse This patch series is a follow up to the recent timespec64 work for the PTP Hardware Clock drivers. Arnd noticed that drivers are using open coded implementations of ns_to_timespec64 and timespec64_to_ns. This series replaces the open coded logic with the helper functions. ==================== Signed-off-by:David S. Miller <davem@davemloft.net>
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by:
Richard Cochran <richardcochran@gmail.com> Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by:
Jacob Keller <jacob.e.keller@intel.com> Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Signed-off-by:
-
Richard Cochran authored
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by:
-
Mahesh Bandewar authored
When mii-mon discovers that the link is up, it will call bond_3ad_handle_link_change() but we forget to add the LACP_ENABLED flag when we discover the speed and duplex for the slave link are normal. Change-Id: Ie8b268ecfeea0f99bf9fdcd72706c0653f9d9e49 Signed-off-by:
Mahesh Bandewar <maheshb@google.com> Signed-off-by:
Andy Gospodarek <gospo@cumulusnetworks.com> Signed-off-by:
-
Mahesh Bandewar authored
AD_PORT_ACTOR_CHURN and AD_PORT_PARTNER_CHURN are already present and essentially BOND_MONITOR_CHURNED is a combination of these two definitions. Signed-off-by:
-
David S. Miller authored
Nicolas Ferre says: ==================== net/macb: fixes after big driver update The recent modifications to the macb driver lead to issues with the probe function code flow. Here are some attempt to fix them. This time, some more issues are fixed related to the clock as reported by Boris Brezillon. The series is written on top of net-next. Changes in v2: - address Cyrille comment about exit condition of queue configuration loop - add fixes for probe sequence related to clocks - add ethtool register dump - fix peripheral version test ==================== Signed-off-by: -
Nicolas Ferre authored
As we need to check peripheral version from the hardware during probe, I introduce a little helper to unify these tests. It would prevent to de-synchronize the test like previously observed. Signed-off-by:
Nicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by:
-
Nicolas Ferre authored
We currently need two checks of the peripheral version in MACB_MID register. One of them got out of sync after modification by 8a013a9c (net: macb: Include multi queue support for xilinx ZynqMP ethernet version). Fix this in macb_configure_caps() so that xilinx ZynqMP will be considered as a GEM flavor. Fixes: 8a013a9c ("net: macb: Include multi queue support for xilinx ZynqMP ethernet version") Signed-off-by:
-
Nicolas Ferre authored
User i/o register EMAC_USRIO or GMAC_UR can be found on both macb and gem flavors of the peripheral. By using the proper accessor, we can add it to the register dump feature of ethtool. Increment the version of this API so it can be noticed from user space. Signed-off-by:
-
Nicolas Ferre authored
As accessing the peripheral registers need the clocks to be set, we have to enable them as soon as possible. Their configuration depend on the type of device used and determined by the DT compatible string. That lead to add another initialization function in the DT configuration structure. As the device private structure length depend on an information read in the registers, we have to store the clock pointers in temporary variables before feeding the structure fields. Signed-off-by:
-
Nicolas Ferre authored
As a non-native English speaker, I would correct "capacities" of the macb peripheral to "capabilities": correct me if I'm wrong! Signed-off-by:
-
Nicolas Ferre authored
Capabilities configuration by macb_configure_caps() was moved far too late by 421d9df0 (net/macb: merge at91_ether driver into macb driver) which would lead to badly configured hardware. So, move this function to early probe and modify its prototype to re-gain its original behavior. DT data retrieval is also moved to simplify the probe code flow. Signed-off-by:
-
Nicolas Ferre authored
As we access the MID register directly, we need to tell why we don't use the macb_is_gem() dedicated function. Signed-off-by:
-
Nicolas Ferre authored
When merging at91_ether and macb driver during 421d9df0 (net/macb: merge at91_ether driver into macb driver) the probe function has been split. The code dealing with initialization of queues is now moved in macb_init() which needs information computed in the parent macb_probe() function. So, add the queue_mask information to the private structure and use it when needed in macb_init(). Signed-off-by:
Boris Brezillon <boris.brezillon@free-electrons.com> Cc: Cyrille Pitchen <cyrille.pitchen@atmel.com> Signed-off-by:
-
Fabio Estevam authored
Commit cb6e0b36 ("net: smc91x: make use of 4th parameter to devm_gpiod_get_index") caused the following build warning: drivers/net/ethernet/smsc/smc91x.c:2208:6: warning: unused variable 'res' [-Wunused-variable] Remove the unused 'res' variable. Reported-by:
Olof's autobuilder <build@lixom.net> Signed-off-by:
Fabio Estevam <fabio.estevam@freescale.com> Acked-by:
Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by:
-
David S. Miller authored
Merge tag 'mac80211-next-for-davem-2015-03-30' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next Johannes Berg says: ==================== Lots of updates for net-next; along with the usual flurry of small fixes, cleanups and internal features we have: * VHT support for TDLS and IBSS (conditional on drivers though) * first TX performance improvements (the biggest will come later) * many suspend/resume (race) fixes * name_assign_type support from Tom Gundersen ==================== Signed-off-by:
-
Jiri Pirko authored
Unlike other places, this function uses name "dev" for what should be "orig_dev", which might be a bit confusing. So fix this. Signed-off-by:
Jiri Pirko <jiri@resnulli.us> Signed-off-by:
-
David S. Miller authored
Or Gerlitz says: ==================== mlx4: Extend statistics gathering and display This series from Eran and Matan extends the statistics collected and later reported to the user via ethtool for native mode and SRIOV PF. More Packet statistics, PFC statistics and global pause statistics are now displayed via ethtool. ==================== Signed-off-by: -
Eran Ben Elisha authored
More packet statistics are now calculated and visible to the user via ethtool: - RX packet errors statistics. - TX/RX drops are now calculated. - TX multicast and broadcast statistics. - RX/TX per priority bytes statistics. - RX/TX no vlan packets and bytes statistics. Signed-off-by:
Eran Ben Elisha <eranbe@mellanox.com> Signed-off-by:
Hadar Hen Zion <hadarh@mellanox.com> Signed-off-by:
Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by:
-
Matan Barak authored
Flow control per priority and Global pause counters are now visible via ethtool. The counters shows statistics regarding pauses in the device. Signed-off-by:
Matan Barak <matanb@mellanox.com> Signed-off-by:
Shani Michaeli <shanim@mellanox.com> Signed-off-by:
-
Eran Ben Elisha authored
This will allow parallel access to the statistics bitmap. A pre-step for adding PFC counters, where the statistics bitmap can be dynamically changed when modifying the PFC setting. Signed-off-by:
-
Eran Ben Elisha authored
The driver uses a bitmask to indicate which statistics should be displayed to the user in ethtool. The bitmask is u64, therefore we are limited for a selective view of up to 64 statistics. Extend the bitmap in order to show more than 64 statistics. In addition, add packet statistics to the ethtool display for PF. Signed-off-by:
-
