This patchset adds support to do GRO/GSO by chaining packets
of the same flow at the SKB frag_list pointer. This avoids
the overhead to merge payloads into one big packet, and
on the other end, if GSO is needed it avoids the overhead
of splitting the big packet back to the native form.
Patch 1 pre
On fraglist GSO, we don't need to clone the original
skb. So we don't have anything to return to free.
Prepare GSO that it frees the original skb only
if the return pointer really changed. Fraglist
GSO frees the original skb itself on error and
returns -EREMOTE in this case.
Signed-off-by: Steffen
This patch extends UDP GRO to support fraglist GRO/GSO
by using the previously introduced infrastructure.
All UDP packets that are not targeted to a GRO capable
UDP sockets are going to fraglist GRO now (local input
and forward).
Signed-off-by: Steffen Klassert
---
net/ipv4/udp_offload.c | 57 ++
This patch adds the core functions to chain/unchain
GSO skbs at the frag_list pointer. This also adds
a new GSO type SKB_GSO_FRAGLIST and a is_flist
flag to napi_gro_cb which indicates that this
flow will be GROed by fraglist chaining.
Signed-off-by: Steffen Klassert
---
include/linux/netdevice.
On Thu, 2018-12-20 at 23:15 -0800, David Miller wrote:
> Please keep it to bug fixes.
>
> Thank you for your cooperation.
What happens to a series that i sent 10 minutes before this email, but
for some reason it still doesn't show up in the mailing list ?
I really would like for that series to m
Please keep it to bug fixes.
Thank you for your cooperation.
If nla_nest_start() may fail. The fix checks its return value and goes
to nla_put_failure if it fails.
Signed-off-by: Kangjie Lu
---
net/netfilter/nf_tables_api.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 2e61aab6ed7
On 20.12.2018 18:23, Willem de Bruijn wrote:
> On Thu, Dec 20, 2018 at 11:17 AM Ido Schimmel wrote:
>>
>> On Thu, Dec 20, 2018 at 03:09:22PM +0100, Christian Borntraeger wrote:
>>> On 20.12.2018 10:12, Ido Schimmel wrote:
+Willem
On Thu, Dec 20, 2018 at 08:45:40AM +0100, Christia
When netxen_rom_fast_read() fails, "bios" is left uninitialized and may
contain random value, thus should not be used.
The fix ensures that if netxen_rom_fast_read() fails, we return "-EIO".
Signed-off-by: Kangjie Lu
---
drivers/net/ethernet/qlogic/netxen/netxen_nic_init.c | 3 ++-
1 file chang
On 12/21/2018 05:16 AM, tristram...@microchip.com wrote:
>> +{ \
>> +.val_bits = (width),\
>> +.reg_stride = (width) / 8, \
>> +.reg
On Thu, 2018-12-20 at 20:31 -0700, Jason Gunthorpe wrote:
> On Thu, Dec 20, 2018 at 06:25:05PM -0800, Joe Perches wrote:
>
> > I agree it's not a very good message nor is bool use
> > of structure members a real problem except in very
> > few cases.
>
> I think the issue is that the link it shows
Add port param set command to set the value for a parameter.
Value can be set to any of the supported configuration modes.
Cc: Jiri Pirko
Signed-off-by: Vasundhara Volam
---
include/uapi/linux/devlink.h | 1 +
net/core/devlink.c | 37 -
2 files cha
This patchset adds support for configuration parameters setting through
devlink_port. Each device registers supported configuration parameters
table.
The user can retrieve data on these parameters by
"devlink port param show" command and can set new value to a
parameter by "devlink port param set
wake_on_lan - Enables Wake on Lan for this port. If enabled,
the controller asserts a wake pin based on the WOL type.
v2->v3:
- Define only WOL types used now and define them as bitfield, so that
mutliple WOL types can be enabled upon power on.
- Modify "wake-on-lan" name to "wake_on_lan" to be
Register devlink_port with devlink and create initial port params
table for bnxt_en. The table consists of a generic parameter:
wake_on_lan: Enables Wake on Lan for this port when magic packet
is received with this port's MAC address using ACPI pattern.
If enabled, the controller asserts a wake pi
Add support for "driverinit" configuration mode value for devlink_port
configuration parameters. Add devlink_port_param_driverinit_value_set()
function to help the driver set the value to devlink_port.
Also, move the common code to __devlink_param_driverinit_value_set()
to be used by both device a
Add notification call for devlink port param set, register and unregister
functions.
Add devlink_port_param_value_changed() function to enable the driver notify
devlink on value change. Driver should use this function after value was
changed on any configuration mode part to driverinit.
Cc: Jiri P
Add port param get command which gets data per parameter.
It also has option to dump the parameters data per port.
Cc: Jiri Pirko
Signed-off-by: Vasundhara Volam
---
include/uapi/linux/devlink.h | 2 +
net/core/devlink.c | 102 ---
2 files cha
Add support for "driverinit" configuration mode value for devlink_port
configuration parameters. Add devlink_port_param_driverinit_value_get()
function to help the driver get the value from devlink_port.
Also, move the common code to __devlink_param_driverinit_value_get()
to be used by both device
Add functions to register and unregister for the driver supported
configuration parameters table per port.
v2->v3:
- Add a helper __devlink_params_register() with common code used by
both devlink_params_register() and devlink_port_params_register().
Cc: Jiri Pirko
Signed-off-by: Vasundhara Vol
On Thu, Dec 20, 2018 at 11:25 PM Jakub Kicinski
wrote:
>
> On Thu, 20 Dec 2018 14:40:11 +0530, Vasundhara Volam wrote:
> > This patchset adds support for configuration parameters setting through
> > devlink_port. Each device registers supported configuration parameters
> > table.
> >
> > The user
On Tue, 18 Dec 2018 20:29:04 +0100
Petr Vorel wrote:
> bash and dash require for escape sequence to use 'echo -e' or printf
> (but working on zsh). Choosing printf as it's implementation is IMHO
> more portable than echo implementations.
> dash also require to use \033[0; as escape sequence inste
> + { \
> + .val_bits = (width),\
> + .reg_stride = (width) / 8, \
> + .reg_bits = (regbits) + (regalign), \
> +
On Thu, 20 Dec 2018 08:17:27 +0800
we...@ucloud.cn wrote:
> From: wenxu
>
> ip l add dev tun type gretap external
> ip r a 10.0.0.1 encap ip dst 192.168.152.171 id 1000 dev gretap
>
> For gretap example when the command set the id but don't set the
> TUNNEL_KEY flags. There is no key field in t
On Thu, Dec 20, 2018 at 11:23:13AM +0200, Leon Romanovsky wrote:
> From: Leon Romanovsky
>
> Hi,
>
> As a followup to Jason's request to rethink CONFIG_INFINIBAND_ON_DEMAND_PAGING
> usage, this series cleans mlx5_ib and RDMA/core code and it is based on
> already
> sent but not yet accepted pat
On Thu, Dec 20, 2018 at 06:25:05PM -0800, Joe Perches wrote:
> I agree it's not a very good message nor is bool use
> of structure members a real problem except in very
> few cases.
I think the issue is that the link it shows lacks the context of the
discussion thread - and the actual guidance he
From: Peter Oskolkov
Date: Thu, 20 Dec 2018 16:41:52 -0800
> Clang does not recognize that calls to error() terminate execution
> and complains about uninitialized variable use that happens after calls
> to error(). This noop patchset fixes this.
>
> Signed-off-by: Peter Oskolkov
I wonder why
From: Eric Dumazet
Date: Thu, 20 Dec 2018 15:28:56 -0800
> Alexei reported use after frees in inet_diag_dump_icsk() [1]
>
> Because we use refcount_set() when various sockets are setup and
> inserted into ehash, we also need to make sure inet_diag_dump_icsk()
> wont race with the refcount_set()
From: "Michael S. Tsirkin"
Date: Thu, 20 Dec 2018 17:34:23 -0500
> On Thu, Dec 20, 2018 at 05:14:54PM -0500, Willem de Bruijn wrote:
>> From: Willem de Bruijn
>>
>> Virtio-net devices negotiate LRO support with the host.
>> Display the initially negotiated state with ethtool -k.
>>
>> Also all
From: Heiner Kallweit
Date: Wed, 19 Dec 2018 07:50:43 +0100
> PHY_HALTED and PHY_READY both are non-started states and quite similar.
> Major difference is that phy_start() changes from PHY_HALTED to
> PHY_RESUMING which doesn't reconfigure aneg (what PHY_UP does).
>
> There's no guarantee that
On Wed, 5 Dec 2018 19:13:41 +0100
Paolo Abeni wrote:
> This avoids an indirect call in the receive path for TCP and UDP
> packets. TCP takes precedence on UDP, so that we have a single
> additional conditional in the common case.
>
> v1 -> v2:
> - adapted to INDIRECT_CALL_ changes
>
> Signed-
From: Pablo Neira Ayuso
Date: Fri, 21 Dec 2018 01:28:04 +0100
> The following patchset contains Netfilter updates for net-next:
...
> You can pull these changes from:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
Pulled, thanks.
On Thu, 20 Dec 2018 18:25:05 -0800 Joe Perches wrote:
> On Thu, 2018-12-20 at 09:49 -0800, Bart Van Assche wrote:
> > On Thu, 2018-12-20 at 18:44 +0100, Christoph Hellwig wrote:
> > > On Thu, Dec 20, 2018 at 10:43:18AM -0700, Jason Gunthorpe wrote:
> > > > > - chunk->coherent is an int not a bo
Hi all,
Today's linux-next merge of the bpf-next tree got a conflict in:
tools/testing/selftests/bpf/test_verifier.c
between commits:
7640ead93924 ("bpf: verifier: make sure callees don't prune with caller
differences")
14507e35bd9d ("selftests: bpf: verifier: add tests for JSET interpre
On 12/21/2018 02:30 AM, tristram...@microchip.com wrote:
>> +static const struct regmap_config ksz9477_regmap_config = {
>> +.reg_bits = 32,
>> +.val_bits = 8,
>> +.max_register = 0x100,
>> +.cache_type = REGCACHE_RBTREE,
>> +.read_flag_mask = KS_SPIOP_RD << SPI_ADDR_SHIFT,
>> +
On 12/21/2018 02:02 AM, tristram...@microchip.com wrote:
>> On 12/20/2018 10:41 AM, Andrew Lunn wrote:
>>> On Wed, Dec 19, 2018 at 05:20:33PM -0800, Florian Fainelli wrote:
On 12/19/18 5:06 PM, Marek Vasut wrote:
> Previous patches unconver that ksz_spi_write() is always ever called
>
On Fri, 2018-12-21 at 02:13 +, Saeed Mahameed wrote:
> On Thu, 2018-12-20 at 16:56 -0800, Jonathan Lemon wrote:
> > On 20 Dec 2018, at 15:41, Saeed Mahameed wrote:
> >
> > > On Thu, 2018-12-20 at 14:11 -0800, Jonathan Lemon wrote:
> > > > (Resending due to mailer issues)
> > > >
> > > > On 20
On Thu, 2018-12-20 at 09:49 -0800, Bart Van Assche wrote:
> On Thu, 2018-12-20 at 18:44 +0100, Christoph Hellwig wrote:
> > On Thu, Dec 20, 2018 at 10:43:18AM -0700, Jason Gunthorpe wrote:
> > > > - chunk->coherent is an int not a bool since checkpatch complains
> > > > about
> > > > using b
From: Daniel Borkmann
Date: Fri, 21 Dec 2018 01:46:42 +0100
> The following pull-request contains BPF updates for your *net-next* tree.
>
> There is a merge conflict in test_verifier.c. Result looks as follows:
...
Thanks Daniel, pulled.
On Thu, 2018-12-20 at 16:56 -0800, Jonathan Lemon wrote:
> On 20 Dec 2018, at 15:41, Saeed Mahameed wrote:
>
> > On Thu, 2018-12-20 at 14:11 -0800, Jonathan Lemon wrote:
> > > (Resending due to mailer issues)
> > >
> > > On 20 Dec 2018, at 5:03, Jesper Dangaard Brouer wrote:
> > >
> > > > On Wed
On 12/21/2018 01:48 AM, tristram...@microchip.com wrote:
Well, I just did 'git grep regmap_i2c drivers' and 'git grep regmap_spi
drivers/' and found eg.
drivers/iio/pressure/zpa2326_i2c.c
drivers/iio/pressure/zpa2326_spi.c
There's plenty of drivers using regmap in driv
Regmap provides bit manipulation functions to set/clear bits, use those
insted of reimplementing them.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung Huh
---
V2: New patch
---
drivers/net/dsa/microchip/ksz9477.c | 46 -
These functions and callbacks are never used, remove them.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung Huh
---
V2: No change
---
drivers/net/dsa/microchip/ksz9477_spi.c | 2 --
drivers/net/dsa/microchip/ksz_common.h | 24 -
Since the driver now uses regmap , get rid of ad-hoc ksz_io_ops
abstraction, which no longer has any meaning. Moreover, since regmap
has it's own locking, get rid of the register access mutex.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung Huh
---
The regmap config tables are rather similar for various generations of
the KSZ8xxx/KSZ9xxx switches. Introduce a macro which allows generating
those tables without duplication. Note that $regalign parameter is not
used right now, but will be used in KSZ87xx series switches.
Signed-off-by: Marek Va
These functions are only used by the KSZ9477 code, move them from
the header into that code. Note that these functions will be soon
replaced by regmap equivalents.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung Huh
---
V2: New patch
---
drivers/ne
The functions in the header file are static, and the header file is
included from single C file, just inline the code into the C file.
The bonus is that it's easier to spot further content to clean up.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung
The indirect function call to dev->dev_ops->get_port_addr() is expensive
especially if called for every single register access, and only returns
the value of PORT_CTRL_ADDR() macro. Use PORT_CTRL_ADDR() macro directly
instead.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc:
Add basic SPI regmap support into the driver.
Previous patches unconver that ksz_spi_write() is always ever called
with len = 1, 2 or 4. We can thus drop the if (len > SPI_TX_BUF_LEN)
check and we can also drop the allocation of the txbuf which is part
of the driver data and wastes 256 bytes for n
Factor out the code which sends out the register read/write opcodes
to the switch, since the code differs in single bit between read and
write.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung Huh
---
V2: New patch
---
drivers/net/dsa/microchip/ksz9
These functions and callbacks are never used, remove them.
Signed-off-by: Marek Vasut
Cc: Andrew Lunn
Cc: Florian Fainelli
Cc: Tristram Ha
Cc: Woojung Huh
---
V2: No change
---
drivers/net/dsa/microchip/ksz9477_spi.c | 25 -
drivers/net/dsa/microchip/ksz_common.h | 2
This patchset converts KSZ9477 switch driver to regmap.
This was tested with extra patches on KSZ8795 and compile-tested
for KSZ9477, as I don't own a device with KSZ9477.
Tristram, I hope this helps you get started with the regmap.
Please test on the KSZ9477 and let me know how it works, or
idea
On Thu, Dec 20, 2018 at 6:39 PM Ido Schimmel wrote:
>
> When user requests to resolve an output route, the kernel synthesizes
> an skb where the relevant parameters (e.g., source address) are set. The
> skb is then passed to ip_route_output_key_hash_rcu() which might call
> into the flow dissector
> +static const struct regmap_config ksz9477_regmap_config = {
> + .reg_bits = 32,
> + .val_bits = 8,
> + .max_register = 0x100,
> + .cache_type = REGCACHE_RBTREE,
> + .read_flag_mask = KS_SPIOP_RD << SPI_ADDR_SHIFT,
> + .write_flag_mask = KS_SPIOP_WR << SPI_ADDR_SHIFT,
> +
Hi, Guys,
I have one question. I'm working following configuration, and implementing a
device driver.
Basically, port 1-7 is working fine. I'm now having problem on port8.
- System
- i.MX6 and Marvel 88q5050 Switch(PHY addr is 0x10)
From: Willem de Bruijn
Date: Thu, 20 Dec 2018 16:22:51 -0500
> From: Willem de Bruijn
>
> Convert the existing txtimestamp test to run as part of kselftest
> and return a pass/fail.
>
> Also expand the variations of timestamping tested, including packet
> sockets, ipv6 raw and dgram and passin
From: Ido Schimmel
Date: Thu, 20 Dec 2018 17:03:26 +
> Patch #1 prevents a user triaggerable warning in the flow dissector by
> setting 'skb->dev' in skbs used for IPv4 output route get requests.
>
> Patch #2 adds a test case that triggers the warning without the first
> patch.
>
> I have a
> On 12/20/2018 10:41 AM, Andrew Lunn wrote:
> > On Wed, Dec 19, 2018 at 05:20:33PM -0800, Florian Fainelli wrote:
> >> On 12/19/18 5:06 PM, Marek Vasut wrote:
> >>> Previous patches unconver that ksz_spi_write() is always ever called
> >>> with len = 1, 2 or 4. We can thus drop the if (len > SPI_T
On 20 Dec 2018, at 15:41, Saeed Mahameed wrote:
> On Thu, 2018-12-20 at 14:11 -0800, Jonathan Lemon wrote:
>> (Resending due to mailer issues)
>>
>> On 20 Dec 2018, at 5:03, Jesper Dangaard Brouer wrote:
>>
>>> On Wed, 19 Dec 2018 12:06:51 -0800
>>> Jonathan Lemon wrote:
>>>
Return pfmemallo
From: Peter Oskolkov
Date: Thu, 20 Dec 2018 10:51:49 -0800
> A minor code cleanup.
>
> Signed-off-by: Peter Oskolkov
Applied, thanks Peter.
From: Paolo Abeni
Date: Thu, 20 Dec 2018 19:38:15 +0100
> This series includes some follow-up for the recently added skb extension.
> The first patch addresses an unlikely race while adding skb extensions,
> and the following two are just minor code clean-up.
Please respin after addressing Flori
From: Sam Protsenko
Date: Thu, 20 Dec 2018 20:29:20 +0200
> Extract "Protocol" field decompression code from transport protocols to
> PPP generic layer, where it actually belongs. As a consequence, this
> patch fixes incorrect place of PFC decompression in L2TP driver (when
> it's not PPPOX_BOUND
> >> Well, I just did 'git grep regmap_i2c drivers' and 'git grep regmap_spi
> >> drivers/' and found eg.
> >> drivers/iio/pressure/zpa2326_i2c.c
> >> drivers/iio/pressure/zpa2326_spi.c
> >>
> >> There's plenty of drivers using regmap in drivers/ to demonstrate how to
> >> use it. And there's alway
From: Kalle Valo
Date: Thu, 20 Dec 2018 20:02:21 +0200
> here's a pull request to net-next for 4.21. More info in the signed
> below.
>
> As I have been too busy this cycle not all of these have been in
> linux-next, but most of them has been tested by the kbuild bot and the
> last few remaining
Hi David,
The following pull-request contains BPF updates for your *net-next* tree.
There is a merge conflict in test_verifier.c. Result looks as follows:
[...]
},
{
"calls: cross frame pruning",
.insns = {
[...]
From: Stephen Hemminger
Date: Thu, 20 Dec 2018 09:52:28 -0800
> Don't need extern prefix before function prototypes.
> Checkpatch has complained about this for a couple of years.
>
> Signed-off-by: Stephen Hemminger
Applied.
Acked-by: Jonathan Lemon
On 20 Dec 2018, at 15:28, Eric Dumazet wrote:
Alexei reported use after frees in inet_diag_dump_icsk() [1]
Because we use refcount_set() when various sockets are setup and
inserted into ehash, we also need to make sure inet_diag_dump_icsk()
wont race with the refcount
From: Ido Schimmel
Date: Thu, 20 Dec 2018 17:03:26 +
> Patch #1 prevents a user triaggerable warning in the flow dissector by
> setting 'skb->dev' in skbs used for IPv4 output route get requests.
>
> Patch #2 adds a test case that triggers the warning without the first
> patch.
>
> I have a
Clang does not recognize that calls to error() terminate execution
and complains about uninitialized variable use that happens after calls
to error(). This noop patchset fixes this.
Signed-off-by: Peter Oskolkov
---
tools/testing/selftests/net/reuseport_addr_any.c | 10 ++
1 file change
From: Colin King
Date: Thu, 20 Dec 2018 16:50:50 +
> From: Colin Ian King
>
> Currently the stray semicolon means that the final term in the addition
> is being missed. Fix this by removing it. Cleans up clang warning:
>
> net/core/neighbour.c:2821:9: warning: expression result unused
>
From: Steen Hegelund
Date: Thu, 20 Dec 2018 14:16:31 +0100
> When doing indirect access in the Ocelot chip, a command is setup,
> issued and then we need to poll until the result is ready. The polling
> timeout is specified in milliseconds in the datasheet and not in
> register access attempts.
>
On 20 Dec 2018, at 14:47, Eric Dumazet wrote:
On Thu, Dec 20, 2018 at 12:59 PM Jonathan Lemon
wrote:
This protects against callers like inet_diag_dump_icsk(), which may
walk the
chain on another cpu and change the refcount before the tw structure
is ready.
Signed-off-by: Jonathan Lemon
-
From: Ganesh Goudar
Date: Thu, 20 Dec 2018 18:56:09 +0530
> Arjun Vynipadath will be taking over as maintainer from now.
>
> Signed-off-by: Ganesh Goudar
Applied.
Clang does not recognize that calls to error() terminate execution
and complains about uninitialized variable use that happens after calls
to error(). This noop patchset fixes this.
Signed-off-by: Peter Oskolkov
---
tools/testing/selftests/net/reuseport_addr_any.c | 10 ++
1 file change
From: Herbert Xu
Date: Thu, 20 Dec 2018 21:20:10 +0800
> It was reported that IPsec would crash when it encounters an IPv6
> reassembled packet because skb->sk is non-zero and not a valid
> pointer.
>
> This is because skb->sk is now a union with ip_defrag_offset.
>
> This patch fixes this by r
From: Jozsef Kadlecsik
Two new commands (IPSET_CMD_GET_BYNAME, IPSET_CMD_GET_BYINDEX) are
introduced. The new commands makes possible to eliminate the getsockopt
operation (in iptables set/SET match/target) and thus use only netlink
communication between userspace and kernel for ipset. With the n
From: Taehee Yoo
nf_flow_offload_gc_step() and nf_flow_table_iterate() are very similar.
so that many duplicate code can be removed.
After this patch, nf_flow_offload_gc_step() is simple callback function of
nf_flow_table_iterate() like nf_flow_table_do_cleanup().
Signed-off-by: Taehee Yoo
Sign
These are very very (for long time unused) caching infrastructure
definition, remove then. They have nothing to do with the NFC subsystem.
Signed-off-by: Pablo Neira Ayuso
---
include/uapi/linux/netfilter.h| 4
include/uapi/linux/netfilter_decnet.h | 10 --
include/uapi/lin
From: Xiaozhou Liu
Since a pseudo-random starting point is used in finding a port in
the default case, that 'else if' branch above is no longer a necessity.
So remove it to simplify code.
Signed-off-by: Xiaozhou Liu
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_nat_proto_common.c | 2
From: Andreas Jaggi
Useful to only set a particular range of the conntrack mark while
leaving existing parts of the value alone, e.g. when updating
conntrack marks via netlink from userspace.
For NFQUEUE it was already implemented in commit 534473c6080e
("netfilter: ctnetlink: honor CTA_MARK_MAS
From: Florent Fourcot
New function added by "Introduction of new commands and protocol
version 7" is not working, since we return skb2 to user
Signed-off-by: Victorien Molle
Signed-off-by: Florent Fourcot
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/ipset/ip_set_core.c | 2 +-
1 file c
From: Florian Westphal
This is a leftover from days where single-cpu systems were common:
Store last port used to resolve a clash to use it as a starting point when
the next conflict needs to be resolved.
When we have parallel attempt to connect to same address:port pair,
its likely that both co
From: Qian Cai
To make overflows as obvious as possible and to prevent code from blithely
proceeding with a truncated string. This also has a side-effect to fix a
compilation warning when using GCC 8.2.1.
net/netfilter/ipset/ip_set_core.c: In function 'ip_set_sockfn_get':
net/netfilter/ipset/ip_
From: Florian Westphal
In case almost or all available ports are taken, clash resolution can
take a very long time, resulting in soft lockup.
This can happen when many to-be-natted hosts connect to same
destination:port (e.g. a proxy) and all connections pass the same SNAT.
Pick a random offset
From: Florian Westphal
almost all l4proto->unique_tuple implementations just call this helper,
so make ->unique_tuple() optional and call its helper directly if the
l4proto doesn't override it.
This is an intermediate step to get rid of ->unique_tuple completely.
Signed-off-by: Florian Westphal
From: Florian Westphal
No need for indirections here, we only support ipv4 and ipv6
and the called functions are very small.
Signed-off-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_nat_l3proto.h | 3 ---
net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 8 --
From: Florian Westphal
fold remaining users (icmp, icmpv6, gre) into nf_nat_l4proto_unique_tuple.
The static-save of old incarnation of resolved key in gre and icmp is
removed as well, just use the prandom based offset like the others.
Signed-off-by: Florian Westphal
Signed-off-by: Pablo Neira
From: Yafang Shao
These parameters aren't used now.
So remove them.
Signed-off-by: Yafang Shao
Acked-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_conntrack_proto.c | 21 +++--
1 file changed, 7 insertions(+), 14 deletions(-)
diff --git a/net/net
From: Florian Westphal
This removes the (now empty) nf_nat_l4proto struct, all its instances
and all the no longer needed runtime (un)register functionality.
nf_nat_need_gre() can be axed as well: the module that calls it (to
load the no-longer-existing nat_gre module) also calls other nat core
From: Alin Nastac
Each media stream negotiation between 2 SIP peers will trigger creation
of 4 different expectations (2 RTP and 2 RTCP):
- INVITE will create expectations for the media packets sent by the
called peer
- reply to the INVITE will create expectations for media packets sent
b
Clang does not recognize that calls to error() terminate execution
and complains about uninitialized variable use that happens after calls
to error(). This noop patchset fixes this.
---
tools/testing/selftests/net/reuseport_addr_any.c | 10 ++
1 file changed, 10 insertions(+)
diff --git
From: Florian Westphal
all protocols did set this to nf_nat_l4proto_nlattr_to_range, so
just call it directly.
The important difference is that we'll now also call it for
protocols that we don't support (i.e., nf_nat_proto_unknown did
not provide .nlattr_to_range).
However, there should be no h
From: Taehee Yoo
When network namespace is destroyed, cleanup_net() is called.
cleanup_net() holds pernet_ops_rwsem then calls each ->exit callback.
So that clusterip_tg_destroy() is called by cleanup_net().
And clusterip_tg_destroy() calls unregister_netdevice_notifier().
But both cleanup_net()
From: Florian Westphal
Similar to previous change, this time for eache and timestamp.
Unlike helper and acct, these can be disabled at build time, so they
need ifdef guards.
Next patch will remove a few (now obsolete) functions.
Signed-off-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
From: Florian Westphal
Its a bit hard to see what table[3] really lines up with, so add
human-readable mnemonics and use them for initialisation.
This makes it easier to see e.g. which sysctls are not exported to
unprivileged userns.
objdiff shows no changes.
Signed-off-by: Florian Westphal
S
From: Florian Westphal
remove the obsolete sysctl anchors and move auto_assign_helper_warned
to avoid/cover a hole. Reduces size by 40 bytes on 64 bit.
Signed-off-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
---
include/net/netns/conntrack.h | 6 +-
1 file changed, 1 insertion(+
From: Yafang Shao
This patch adds two sysctl knobs for GRE:
net.netfilter.nf_conntrack_gre_timeout = 30
net.netfilter.nf_conntrack_gre_timeout_stream = 180
Update the Documentation as well.
Signed-off-by: Yafang Shao
Signed-off-by: Pablo Neira Ayuso
---
Documentation/network
From: Florian Westphal
This removes the last l4proto indirection, the two callers, the l3proto
packet mangling helpers for ipv4 and ipv6, now call the
nf_nat_l4proto_manip_pkt() helper.
nf_nat_proto_{dccp,tcp,sctp,gre,icmp,icmpv6} are left behind, even though
they contain no functionality anymor
From: Florian Westphal
We have no explicit signal when a UDP stream has terminated, peers just
stop sending.
For suspected stream connections a timeout of two minutes is sane to keep
NAT mapping alive a while longer.
It matches tcp conntracks 'timewait' default timeout value.
Signed-off-by: Fl
From: Florian Westphal
Needless copy&paste, just handle all in one. Next patch will handle
acct and timestamp, which have similar functions.
Intentionally leaves cruft behind, will be cleaned up in a followup
patch.
The obsolete sysctl pointers in netns_ct struct are left in place and
removed
1 - 100 of 367 matches
Mail list logo
