ILTIN))
> set_bit(__QDISC_STATE_DEACTIVATED, &qdisc->state);
> +
> + rcu_assign_pointer(dev_queue->qdisc, qdisc_default);
> }
> }
>
I have tested the patch on v5.4.71 and it fixes our issues.
Tested-by: Vishwanath Pai
On 11/2/20 4:08 AM, Yunsheng Lin wrote:
> On 2020/10/30 1:20, Vishwanath Pai wrote:
>> On 10/29/20 6:24 AM, Yunsheng Lin wrote:
>>> On 2020/10/29 12:50, Vishwanath Pai wrote:
>>>> On 10/28/20 10:37 PM, Yunsheng Lin wrote:
>>>>> On 2020/10/29 4:04, Vis
On 10/29/20 6:24 AM, Yunsheng Lin wrote:
> On 2020/10/29 12:50, Vishwanath Pai wrote:
>> On 10/28/20 10:37 PM, Yunsheng Lin wrote:
>>> On 2020/10/29 4:04, Vishwanath Pai wrote:
>>>> On 10/28/20 1:47 PM, Cong Wang wrote:
>>>>> On Wed, Oct 28, 2020 a
On 10/28/20 10:37 PM, Yunsheng Lin wrote:
> On 2020/10/29 4:04, Vishwanath Pai wrote:
>> On 10/28/20 1:47 PM, Cong Wang wrote:
>>> On Wed, Oct 28, 2020 at 8:37 AM Pai, Vishwanath
wrote:
>>>> Hi,
>>>>
>>>> We noticed some problems when test
On 10/28/20 1:47 PM, Cong Wang wrote:
> On Wed, Oct 28, 2020 at 8:37 AM Pai, Vishwanath wrote:
>> Hi,
>>
>> We noticed some problems when testing the latest 5.4 LTS kernel and
traced it
>> back to this commit using git bisect. When running our tests the
machine stops
>> responding to all traffi
On 9/17/20 3:26 PM, Cong Wang wrote:
> On Fri, Sep 11, 2020 at 1:13 AM Yunsheng Lin
wrote:
>>
>> On 2020/9/11 4:07, Cong Wang wrote:
>>> On Tue, Sep 8, 2020 at 4:06 AM Yunsheng Lin
wrote:
Currently there is concurrent reset and enqueue operation for the
same lockless qdisc whe
r place where we may need to fix this as
well:
bnx2x_config_rss_eth()
Thanks,
Vishwanath
On 06/22/2018 10:57 AM, Vishwanath Pai wrote:
> Ah, that is great! I will test it out on my machine and let you know.
>
> Thanks,
> Vishwanath
>
> On 06/22/2018 10:21 AM, Kalluru, Suda
plied in the
> load path (bnx2x_nic_load() --> bnx2x_init_rss()). Have unit tested the
> change on my setup.
>
> Thanks,
> Sudarsana
>
> -Original Message-
> From: Vishwanath Pai [mailto:v...@akamai.com]
> Sent: 22 June 2018 18:52
> To: Kalluru, Sudarsana
return 0;
> Ariel,
>Could you please review the path (bnx2x_set_rss_flags()--> bnx2x_rss())
> and confirm/correct on the above.
>
> Thanks,
> Sudarsana
>
> -Original Message-
> From: Vishwanath Pai [mailto:v...@akamai.com]
> Sent: 22 June 2
Hi,
We recently noticed a kernel panic in the bnx2x driver when trying to set
rx-flow-hash parameters via ethtool during if-pre-up.d. I am running kernel
v4.17.2 from ubuntu-mainline-ppa. I have added the stack trace below:
[ 18.280209] BUG: unable to handle kernel NULL pointer dereference at
XT_HASHLIMIT_INVERT);
> } else {
> goto overlimit;
>
Thanks for fixing this.
Acked-by: Vishwanath Pai
-Vishwanath
::
Suggested-by: Igor Lubashev
Signed-off-by: Vishwanath Pai
---
include/net/addrconf.h | 2 +-
net/ipv6/addrconf.c| 6 +++---
net/ipv6/ndisc.c | 9 +
3 files changed, 9 insertions(+), 8 deletions(-)
diff --git a/include/net/addrconf.h b/include/net/addrconf.h
index 15b5ffd..2a616ea
On 10/30/2017 04:43 PM, David Ahern wrote:
> On 10/30/17 2:29 PM, Vishwanath Pai wrote:
>> This patch updates the error messages displayed in kernel log to include
>> hwaddress of the source machine that caused ipv6 duplicate address
>> detection failures.
>>
>> E
address 2601::2bb4 on eth0!
b) When we detect DAD failure during address assignment to an interface:
IPv6: eth0: IPv6 duplicate address 2601::2b78 used by 34:ab:cd:56:11:e8
detected!
Suggested-by: Igor Lubashev
Signed-off-by: Vishwanath Pai
---
include/net/addrconf.h | 2 +-
net/ipv6/addrconf.c
t;
> I modified the comment part: the elements counter can still be incorrect
> in the case of a huge set, because elements might time out during the
> listing.
>
> Thanks for your patience!
>
> Best regards,
> Jozsef
>
> On Thu, 17 Aug 2017, Vishwanath Pai wrote
: bea74641e378 ("netfilter: xt_hashlimit: add rate match mode")
Signed-off-by: Vishwanath Pai
---
net/netfilter/xt_hashlimit.c | 12 +++-
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 10d4823.
n cfg_copy().
Fixes: bea74641e378 ("netfilter: xt_hashlimit: add rate match mode")
Signed-off-by: Vishwanath Pai
---
net/netfilter/xt_hashlimit.c | 14 --
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
in
On 09/06/2017 03:57 PM, Arnd Bergmann wrote:
> 64-bit division is expensive on 32-bit architectures, and
> requires a special function call to avoid a link error like:
>
> net/netfilter/xt_hashlimit.o: In function `hashlimit_mt_common':
> xt_hashlimit.c:(.text+0x1328): undefined reference to `__ae
On 09/04/2017 06:14 AM, Pablo Neira Ayuso wrote:
> Sounds good, applied, thanks.
>
> A couple of questions: Does it really make sense to expose
> --hashlimit-rate-interval or are you using 1 second always there? I
> always wonder if it makes sense to expose yet another toggle that it's
> not clear
_u64 instead.
Fixes: bea74641e378 ("netfilter: xt_hashlimit: add rate match mode")
Signed-off-by: Vishwanath Pai
---
net/netfilter/xt_hashlimit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 10d
reated revision 3 for hashlimit. The two new options
we add are:
--hashlimit-rate-match
--hashlimit-rate-interval
I have updated the help text to add these new options. Also added a few
tests for the new options.
Suggested-by: Igor Lubashev
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
--
reated revision 3 for hashlimit. The two new options
we add are:
--hashlimit-rate-match
--hashlimit-rate-interval
I have updated the help text to add these new options. Also added a few
tests for the new options.
Suggested-by: Igor Lubashev
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pa
"Number of entries: 2" but no members are listed. That is
because mtype_list runs "ip_set_timeout_expired" and does not list the
expired entries, but set->elements is never upated (until mtype_gc
cleans it up later).
Reviewed-by: Joshua Hunt
Signed-off-by: Vishwanath Pai
-
Warnings are only printed out for IPSET_CMD_TEST. The user won't see
warnings from other commands.
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
---
src/ipset.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ipset.c b/src/ipset.c
index 2c4fa10..b0
hey try to
specify it. We also don't print it out on 'ipset l'.
I created revision 4 to make this change, revision 3 should work with
older kernels just like before.
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
---
lib/ipset_list_set.c | 92 +++
e") for users of
the older revision. It will be a much bigger change if that is
what we need.
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
---
net/netfilter/ipset/ip_set_list_set.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/ipset/ip_set_list_set
ed-off-by: Vishwanath Pai
Reviewed-by: Josh Hunt
---
net/netfilter/ipset/ip_set_list_set.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/net/netfilter/ipset/ip_set_list_set.c
b/net/netfilter/ipset/ip_set_list_set.c
index 51077c5..178d4eb 100644
--- a/net/netfil
; * HZ * CREDITS_PER_JIFFY;
>
> -- 1.9.1
Thanks for fixing this.
Acked-by: Vishwanath Pai
On 09/30/2016 01:46 PM, Pablo Neira Ayuso wrote:
> On Thu, Sep 29, 2016 at 01:39:50PM -0400, Vishwanath Pai wrote:
>> v2:
>> Remove unnecessary div64_u64 around constants
>>
>> v3:
>> remove backslashes
>>
>> --
>>
>> Fix link error in 32b
; for the version 1 data to restore the original faster 32-bit division.
>>
>> With both changes combined, we no longer get a link error.
>>
>> Fixes: 11d5f15723c9 ("netfilter: xt_hashlimit: Create revision 2 to support
>> higher pps rates")
>> Signed-
On 09/29/2016 02:47 PM, Mark Brown wrote:
> On Thu, Sep 29, 2016 at 12:40:35PM +0100, Build bot for Mark Brown wrote:
>
> For the past couple of days -next has been failing to build an ARM
> allmodconfig due to:
>
>> arm-allmodconfig
>> ERROR: "__aeabi_uldivmod" [net/netfilter/xt_hashlimit.k
v2:
Remove unnecessary div64_u64 around constants
v3:
remove backslashes
--
Fix link error in 32bit arch because of 64bit division
Division of 64bit integers will cause linker error undefined reference
to `__udivdi3'. Fix this by replacing divisions with div64_64
Signed-off-by: Vishwanat
v2:
Remove unnecessary div64_u64 around constants
--
Fix link error in 32bit arch because of 64bit division
Division of 64bit integers will cause linker error undefined reference
to `__udivdi3'. Fix this by replacing divisions with div64_64
Signed-off-by: Vishwanath Pai
---
net/netf
Fix link error in 32bit arch because of 64bit division
Division of 64bit integers will cause linker error undefined reference
to `__udivdi3'. Fix this by replacing divisions with div64_64
Signed-off-by: Vishwanath Pai
---
net/netfilter/xt_hashlimit.c | 15 ---
1 file chang
On Tue, Sep 27, 2016 at 12:15 AM, Liping Zhang wrote:
> Hi Vishwanath,
>
> 2016-09-23 0:43 GMT+08:00 Vishwanath Pai :
>>
>> /* Precision saver. */
>> -static u32 user2credits(u32 user)
>> +static u64 user2credits(u64 user, int revision)
>> {
>
hashlimit_cfg to 64-bit. Create two new structs hashlimit_cfg2
and xt_hashlimit_mtinfo2 and also create newer versions of all the
functions for match, checkentry and destory.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
extensions/libxt_hashlimit.c | 457
functions and variables related to revision 1 by adding _v1 at the
end of the names.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
extensions/libxt_hashlimit.c | 78 ++--
1 file changed, 39 insertions(+), 39 deletions(-)
diff --git a
/2016 12:53 PM, Jan Engelhardt wrote:
> On Thursday 2016-09-22 18:43, Vishwanath Pai wrote:
>> >+struct hashlimit_cfg2 {
>> >+ __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */
>> >+ __u64 avg;/* Average secs between packets * scale */
>> >+ __u64
shlimit_mt, hashlimit_mt_check etc are very
similar in both rev1 and rev2 with only minor changes, so I have split
those functions and moved all the common code to a *_common function.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
include/uapi/linux/netfilter/xt_hashlimit.h | 23 ++
net
I am planning to add a revision 2 for the hashlimit xtables module to
support higher packets per second rates. This patch renames all the
functions and variables related to revision 1 by adding _v1 at the
end of the names.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
include
On 07/08/2016 07:54 AM, Pablo Neira Ayuso wrote:
> We have to keep the existing behaviour. Yes, it's broken or ambiguos
> but there may be people outthere relying on this.
>
> What I think we can do to resolve this scenario that you describe
> abobe is to provide a new option:
>
> --hashl
On 07/08/2016 12:54 PM, Vishwanath Pai wrote:
> On 07/08/2016 12:37 PM, David Laight wrote:
>> If you think some users would still want 32bit limits, then you should
>> (probably) use a _64 suffix for the new functions.
>>
>> David
>
> I am proposing
On 07/08/2016 12:37 PM, David Laight wrote:
> If you think some users would still want 32bit limits, then you should
> (probably) use a _64 suffix for the new functions.
>
> David
I am proposing a new revision for hashlimit that supports a higher rate
along with a few other changes/fixes (i
functions for match, checkentry and destory.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
extensions/libxt_hashlimit.c | 460 ++---
extensions/libxt_hashlimit.t | 2 +
include/linux/netfilter/xt_hashlimit.h | 23 ++
3 files changed
I am planning to add a revision 2 for the hashlimit xtables module to
support higher packets per second rates. This patch renames all the
functions and variables related to revision 1 by adding _v1 at the end of
the names.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
extensions
functions like hashlimit_mt, hashlimit_mt_check etc are very
similar in both rev1 and rev2 with only minor changes, so I have split
those functions and moved all the common code to a *_common function.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
include/uapi/linux/netfilter
I am planning to add a revision 2 for the hashlimit xtables module to
support higher packets per second rates. This patch renames all the
functions and variables related to revision 1 by adding _v1 at the end of
the names.
Signed-off-by: Vishwanath Pai
Signed-off-by: Joshua Hunt
---
include
On 07/05/2016 04:13 PM, Vishwanath Pai wrote:
> On 06/25/2016 05:39 AM, Pablo Neira Ayuso wrote:
>> I see, but I'm not convinced about this /proc rename feature.
>>
>> I think the main point of this, as well as other entries in bugzilla
>> related to this,
On 06/23/2016 07:16 AM, Pablo Neira Ayuso wrote:
> On Wed, Jun 01, 2016 at 08:11:38PM -0400, Vishwanath Pai wrote:
>> +static void
>> +cfg_copy(struct hashlimit_cfg2 *to, void *from, int revision)
>> +{
>> +if (revision == 1) {
>> +str
On 06/25/2016 05:39 AM, Pablo Neira Ayuso wrote:
> I see, but I'm not convinced about this /proc rename feature.
>
> I think the main point of this, as well as other entries in bugzilla
> related to this, is ability to update an existing hashlimit state.
>
> So, I'm not proposing to rename --enha
flag XT_NFLOG_F_COPY_LEN.
Also updated the man page to reflect the new option and added tests to
extensions/libxt_NFLOG.t
Reported-by: Joe Dollard
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index f611631..8c67066
On 06/23/2016 06:25 AM, Pablo Neira Ayuso wrote:
> On Wed, Jun 01, 2016 at 08:17:59PM -0400, Vishwanath Pai wrote:
>> libxt_hashlimit: iptables-restore does not work as expected with xt_hashlimit
>>
>> Add the following iptables rule.
>>
>> $ iptables -A INPUT -
placed by --nflog-size now. --nflog-range would
still exist but does not do anything.
Reported-by: Joe Dollard
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
diff --git a/include/net/netfilter/nf_log.h b/include/net/netfilter/nf_log.h
index 57639fc..83d855b 100644
--- a/include/net/net
this.
Reported-by: Joe Dollard
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index f611631..8c564a2 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -12,7 +12,10 @@ enum {
O_GROUP = 0
On 06/17/2016 07:22 AM, Pablo Neira Ayuso wrote:
> On Wed, Jun 15, 2016 at 03:13:15PM +, Lubashev, Igor wrote:
>> Vish, Pablo,
>>
>> I wonder about the value of sending more data than a client is
>> willing to consume (setting aside the important fact that the client
>> code crashes due to the
On 06/15/2016 08:39 AM, Pablo Neira Ayuso wrote:
> But nlmsg_len should match len in this.
>
> If we're just sending a part of the packet to userspace, then we
> should adjust nlmsg_len to indicate exactly the netlink message length
> that we're sending to userspace.
>
> Is your patch triggering
On 06/09/2016 01:57 PM, Vishwanath Pai wrote:
> On 06/08/2016 08:16 AM, Pablo Neira Ayuso wrote:
>> Looking again at your code:
>>
>> case NFULNL_COPY_PACKET:
>> - if (inst->copy_range > skb->len)
>> + data_len = i
On 06/08/2016 08:16 AM, Pablo Neira Ayuso wrote:
> Looking again at your code:
>
> case NFULNL_COPY_PACKET:
> - if (inst->copy_range > skb->len)
> + data_len = inst->copy_range;
> + if (li->u.ulog.copy_len < data_len)
> + data
On 06/06/2016 06:31 PM, Pablo Neira Ayuso wrote:
> On Wed, Jun 01, 2016 at 08:23:54PM -0400, Vishwanath Pai wrote:
>> netfilter/nflog: nflog-range does not truncate packets
>>
>> The --nflog-range parameter from userspace is ignored in the kernel and
>> the entire pack
.
Signed-off-by: Vishwanath Pai
Reviewed-by: Joshua Hunt
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 4ef1fae..f40ddba 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -680,7 +680,6 @@ nfulnl_log_packet(struct net *net
off-by: Vishwanath Pai
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 4193464..ac67875 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -67,6 +67,7 @@ enum {
O_HTABLE_MAX,
O_HTABLE_GCINT,
O_HTABLE_EXPIRE,
+ O_
: Vishwanath Pai
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index c5b8d77..ad7fb93 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -23,7 +23,7 @@
#include
#define XT_HASHLIMIT_BURST 5
-#define XT_HASHLIMIT_BURST_MAX 1
burst in hashlimit_cfg to 64-bit. Create two new structs hashlimit_cfg2
and xt_hashlimit_mtinfo2 and also create newer versions of all the
functions for match, checkentry and destory.
Signed-off-by: Vishwanath Pai
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index
ey are similar in
every possible way
3) This behavior has to be forced with a new userspace flag:
--hashlimit-ehanced-procfs, if this flag is not passed we default to
the old behavior. This is to make sure we do not break existing scripts
that rely on the existing behavior.
Signed-off-by: Vish
changes, so I have split
those functions and moved all the common code to a *_common function.
Signed-off-by: Vishwanath Pai
diff --git a/include/uapi/linux/netfilter/xt_hashlimit.h
b/include/uapi/linux/netfilter/xt_hashlimit.h
index ea8c1c0..be5d2e1 100644
--- a/include/uapi/linux/netfilter
: Vishwanath Pai
diff --git a/include/uapi/linux/netfilter/xt_hashlimit.h
b/include/uapi/linux/netfilter/xt_hashlimit.h
index 6db9037..ea8c1c0 100644
--- a/include/uapi/linux/netfilter/xt_hashlimit.h
+++ b/include/uapi/linux/netfilter/xt_hashlimit.h
@@ -5,7 +5,7 @@
#include
/* timings are in
swap will error out if ref_netlink != 0 on the set.
Note: The changes to *_head functions is because previously we would
increment ref whenever we called these functions, we don't do that
anymore.
Reviewed-by: Joshua Hunt
Signed-off-by: Vishwanath Pai
--
diff --git a/include/linux/n
Hi Jozsef,
On 03/13/2016 08:07 AM, Jozsef Kadlecsik wrote:
> Hi,
>
> On Sat, 12 Mar 2016, Vishwanath Pai wrote:
>
>> netfilter: fix race condition in ipset save and delete
>>
>> This fix adds a new reference counter (ref_kernel) for the struct ip_set.
>>
don't do that
anymore.
Reviewed-by: Joshua Hunt
Signed-off-by: Vishwanath Pai
--
diff --git a/include/linux/netfilter/ipset/ip_set.h
b/include/linux/netfilter/ipset/ip_set.h
index 0e1f433..86d86db 100644
--- a/include/linux/netfilter/ipset/ip_set.h
+++ b/include/linux/netfilter/
69 matches
Mail list logo
