1. 30 6月, 2016 20 次提交
    • M
      fib_rules: Added NLM_F_EXCL support to fib_nl_newrule · 153380ec
      Mateusz Bajorski 提交于
      When adding rule with NLM_F_EXCL flag then check if the same rule exist.
      If yes then exit with -EEXIST.
      
      This is already implemented in iproute2:
              if (cmd == RTM_NEWRULE) {
                      req.n.nlmsg_flags |= NLM_F_CREATE|NLM_F_EXCL;
                      req.r.rtm_type = RTN_UNICAST;
              }
      
      Tested ipv4 and ipv6 with net-next linux on qemu x86
      
      expected behavior after patch:
      localhost ~ # ip rule
      0:    from all lookup local
      32766:    from all lookup main
      32767:    from all lookup default
      localhost ~ # ip rule add from 10.46.177.97 lookup 104 pref 1005
      localhost ~ # ip rule add from 10.46.177.97 lookup 104 pref 1005
      RTNETLINK answers: File exists
      localhost ~ # ip rule
      0:    from all lookup local
      1005:    from 10.46.177.97 lookup 104
      32766:    from all lookup main
      32767:    from all lookup default
      
      There was already topic regarding this but I don't see any changes
      merged and problem still occurs.
      https://lkml.kernel.org/r/1135778809.5944.7.camel+%28%29+localhost+%21+localdomainSigned-off-by: NMateusz Bajorski <mateusz.bajorski@nokia.com>
      Acked-by: NDavid Ahern <dsa@cumulusnetworks.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      153380ec
    • S
      tcp: increase size at which tcp_bound_to_half_wnd bounds to > TCP_MSS_DEFAULT · 2631b79f
      Seymour, Shane M 提交于
      In previous commit 01f83d69
      the following comments were added:
      
      "When peer uses tiny windows, there is no use in packetizing to sub-MSS
      pieces for the sake of SWS or making sure there are enough packets in
      the pipe for fast recovery."
      
      The test should be > TCP_MSS_DEFAULT not >= 512. This allows low end
      devices that send an MSS of 536 (TCP_MSS_DEFAULT) to see better network
      performance by sending it 536 bytes of data at a time instead of bounding
      to half window size (268). Other network stacks work this way, e.g. HP-UX.
      Signed-off-by: NShane Seymour <shane.seymour@hpe.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2631b79f
    • A
      tcp: add an ability to dump and restore window parameters · b1ed4c4f
      Andrey Vagin 提交于
      We found that sometimes a restored tcp socket doesn't work.
      
      A reason of this bug is incorrect window parameters and in this case
      tcp_acceptable_seq() returns tcp_wnd_end(tp) instead of tp->snd_nxt. The
      other side drops packets with this seq, because seq is less than
      tp->rcv_nxt ( tcp_sequence() ).
      
      Data from a send queue is sent only if there is enough space in a
      window, so when we restore unacked data, we need to expand a window to
      fit this data.
      
      This was in a first version of this patch:
      "tcp: extend window to fit all restored unacked data in a send queue"
      
      Then Alexey recommended me to restore window parameters instead of
      adjusted them according with data in a sent queue. This sounds resonable.
      
      rcv_wnd has to be restored, because it was reported to another side
      and the offered window is never shrunk.
      One of reasons why we need to restore snd_wnd was described above.
      
      Cc: Pavel Emelyanov <xemul@parallels.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
      Cc: James Morris <jmorris@namei.org>
      Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
      Cc: Patrick McHardy <kaber@trash.net>
      Signed-off-by: NAndrey Vagin <avagin@openvz.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b1ed4c4f
    • D
      Merge branch 'bridge-igmp-stats' · 641f7e40
      David S. Miller 提交于
      Nikolay Aleksandrov says:
      
      ====================
      net: bridge: add support for IGMP/MLD stats
      
      This patchset adds support for the new IFLA_STATS_LINK_XSTATS_SLAVE
      attribute which can be used with RTM_GETSTATS in order to export per-slave
      statistics. It works by passing the attribute to the linkxstats callback
      and if the callback user supports it - it should dump that slave's stats.
      This is much more scalable and permits us to request only a single port's
      statistics instead of dumping everything every time.
      The second patch adds support for per-port IGMP/MLD statistics and uses
      the new API to export them for the bridge and its ports. The stats are
      made in a very lightweight manner, the normal fast-path is not affected
      at all and the flood paths (br_flood/br_multicast_flood) are only affected
      if the packet is IGMP and the IGMP stats have been enabled using cache-hot
      data for the check.
      
      v2: Patch 01 is new, patch 02 has been reworked to use the new API, also
      in addition counters for IGMP/MLD parse errors have been added and members
      are added for per-port multicast traffic stats. The multicast counting has
      been slightly optimized (moved the br_multicast_count inside the IPv4/6
      IGMP functions after the checks for IGMP traffic) to avoid one conditional
      that was on all of the multicast traffic path (both IGMP and other).
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      641f7e40
    • N
      net: bridge: add support for IGMP/MLD stats and export them via netlink · 1080ab95
      Nikolay Aleksandrov 提交于
      This patch adds stats support for the currently used IGMP/MLD types by the
      bridge. The stats are per-port (plus one stat per-bridge) and per-direction
      (RX/TX). The stats are exported via netlink via the new linkxstats API
      (RTM_GETSTATS). In order to minimize the performance impact, a new option
      is used to enable/disable the stats - multicast_stats_enabled, similar to
      the recent vlan stats. Also in order to avoid multiple IGMP/MLD type
      lookups and checks, we make use of the current "igmp" member of the bridge
      private skb->cb region to record the type on Rx (both host-generated and
      external packets pass by multicast_rcv()). We can do that since the igmp
      member was used as a boolean and all the valid IGMP/MLD types are positive
      values. The normal bridge fast-path is not affected at all, the only
      affected paths are the flooding ones and since we make use of the IGMP/MLD
      type, we can quickly determine if the packet should be counted using
      cache-hot data (cb's igmp member). We add counters for:
      * IGMP Queries
      * IGMP Leaves
      * IGMP v1/v2/v3 reports
      
      * MLD Queries
      * MLD Leaves
      * MLD v1/v2 reports
      
      These are invaluable when monitoring or debugging complex multicast setups
      with bridges.
      Signed-off-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1080ab95
    • N
      net: rtnetlink: add support for the IFLA_STATS_LINK_XSTATS_SLAVE attribute · 80e73cc5
      Nikolay Aleksandrov 提交于
      This patch adds support for the IFLA_STATS_LINK_XSTATS_SLAVE attribute
      which allows to export per-slave statistics if the master device supports
      the linkxstats callback. The attribute is passed down to the linkxstats
      callback and it is up to the callback user to use it (an example has been
      added to the only current user - the bridge). This allows us to query only
      specific slaves of master devices like bridge ports and export only what
      we're interested in instead of having to dump all ports and searching only
      for a single one. This will be used to export per-port IGMP/MLD stats and
      also per-port vlan stats in the future, possibly other statistics as well.
      Signed-off-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      80e73cc5
    • D
      Merge branch 'bpf-helper-improvements' · 545c321b
      David S. Miller 提交于
      Daniel Borkmann says:
      
      ====================
      BPF helper improvements
      
      This set adds various BPF helper improvements, that is, cleaning
      up and adding BPF_F_CURRENT_CPU flag for tracing helper, allowing
      for preemption checks on bpf_get_smp_processor_id() helper, and
      adding two new helpers bpf_skb_change_{proto, type} for tc related
      programs. For further details please see individual patches.
      
      Note, this set requires -net to be merged into -net-next tree first.
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      545c321b
    • D
      bpf: add bpf_skb_change_type helper · d2485c42
      Daniel Borkmann 提交于
      This work adds a helper for changing skb->pkt_type in a controlled way.
      We only allow a subset of possible values and can extend that in future
      should other use cases come up. Doing this as a helper has the advantage
      that errors can be handeled gracefully and thus helper kept extensible.
      
      It's a write counterpart to pkt_type member we can already read from
      struct __sk_buff context. Major use case is to change incoming skbs to
      PACKET_HOST in a programmatic way instead of having to recirculate via
      redirect(..., BPF_F_INGRESS), for example.
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d2485c42
    • D
      bpf: add bpf_skb_change_proto helper · 6578171a
      Daniel Borkmann 提交于
      This patch adds a minimal helper for doing the groundwork of changing
      the skb->protocol in a controlled way. Currently supported is v4 to
      v6 and vice versa transitions, which allows f.e. for a minimal, static
      nat64 implementation where applications in containers that still
      require IPv4 can be transparently operated in an IPv6-only environment.
      For example, host facing veth of the container can transparently do
      the transitions in a programmatic way with the help of clsact qdisc
      and cls_bpf.
      
      Idea is to separate concerns for keeping complexity of the helper
      lower, which means that the programs utilize bpf_skb_change_proto(),
      bpf_skb_store_bytes() and bpf_lX_csum_replace() to get the job done,
      instead of doing everything in a single helper (and thus partially
      duplicating helper functionality). Also, bpf_skb_change_proto()
      shouldn't need to deal with raw packet data as this is done by other
      helpers.
      
      bpf_skb_proto_6_to_4() and bpf_skb_proto_4_to_6() unclone the skb to
      operate on a private one, push or pop additionally required header
      space and migrate the gso/gro meta data from the shared info. We do
      mark the gso type as dodgy so that headers are checked and segs
      recalculated by the gso/gro engine. The gso_size target is adapted
      as well. The flags argument added is currently reserved and can be
      used for future extensions.
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6578171a
    • D
      bpf: don't use raw processor id in generic helper · 80b48c44
      Daniel Borkmann 提交于
      Use smp_processor_id() for the generic helper bpf_get_smp_processor_id()
      instead of the raw variant. This allows for preemption checks when we
      have DEBUG_PREEMPT, and otherwise uses the raw variant anyway. We only
      need to keep the raw variant for socket filters, but we can reuse the
      helper that is already there from cBPF side.
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      80b48c44
    • D
      bpf, trace: add BPF_F_CURRENT_CPU flag for bpf_perf_event_read · 6816a7ff
      Daniel Borkmann 提交于
      Follow-up commit to 1e33759c ("bpf, trace: add BPF_F_CURRENT_CPU
      flag for bpf_perf_event_output") to add the same functionality into
      bpf_perf_event_read() helper. The split of index into flags and index
      component is also safe here, since such large maps are rejected during
      map allocation time.
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6816a7ff
    • D
      bpf, trace: fetch current cpu only once · d7931330
      Daniel Borkmann 提交于
      We currently have two invocations, which is unnecessary. Fetch it only
      once and use the smp_processor_id() variant, so we also get preemption
      checks along with it when DEBUG_PREEMPT is set.
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d7931330
    • D
      bpf: minor cleanups on fd maps and helpers · 1ca1cc98
      Daniel Borkmann 提交于
      Some minor cleanups: i) Remove the unlikely() from fd array map lookups
      and let the CPU branch predictor do its job, scenarios where there is not
      always a map entry are very well valid. ii) Move the attribute type check
      in the bpf_perf_event_read() helper a bit earlier so it's consistent wrt
      checks with bpf_perf_event_output() helper as well. iii) remove some
      comments that are self-documenting in kprobe_prog_is_valid_access() and
      therefore make it consistent to tp_prog_is_valid_access() as well.
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1ca1cc98
    • D
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · ee58b571
      David S. Miller 提交于
      Several cases of overlapping changes, except the packet scheduler
      conflicts which deal with the addition of the free list parameter
      to qdisc_enqueue().
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ee58b571
    • L
      Merge tag 'nfs-for-4.7-2' of git://git.linux-nfs.org/projects/anna/linux-nfs · e7bdea77
      Linus Torvalds 提交于
      Pull NFS client bugfixes from Anna Schumaker:
       "Stable bugfixes:
         - Fix _cancel_empty_pagelist
         - Fix a double page unlock
         - Make nfs_atomic_open() call d_drop() on all ->open_context() errors.
         - Fix another OPEN_DOWNGRADE bug
      
        Other bugfixes:
         - Ensure we handle delegation errors in nfs4_proc_layoutget()
         - Layout stateids start out as being invalid
         - Add sparse lock annotations for pnfs_find_alloc_layout
         - Handle bad delegation stateids in nfs4_layoutget_handle_exception
         - Fix up O_DIRECT results
         - Fix potential use after free of state in nfs4_do_reclaim.
         - Mark the layout stateid invalid when all segments are removed
         - Don't let readdirplus revalidate an inode that was marked as stale
         - Fix potential race in nfs_fhget()
         - Fix an unused variable warning"
      
      * tag 'nfs-for-4.7-2' of git://git.linux-nfs.org/projects/anna/linux-nfs:
        NFS: Fix another OPEN_DOWNGRADE bug
        make nfs_atomic_open() call d_drop() on all ->open_context() errors.
        NFS: Fix an unused variable warning
        NFS: Fix potential race in nfs_fhget()
        NFS: Don't let readdirplus revalidate an inode that was marked as stale
        NFSv4.1/pnfs: Mark the layout stateid invalid when all segments are removed
        NFS: Fix a double page unlock
        pnfs_nfs: fix _cancel_empty_pagelist
        nfs4: Fix potential use after free of state in nfs4_do_reclaim.
        NFS: Fix up O_DIRECT results
        NFS/pnfs: handle bad delegation stateids in nfs4_layoutget_handle_exception
        NFSv4.1/pnfs: Add sparse lock annotations for pnfs_find_alloc_layout
        NFSv4.1/pnfs: Layout stateids start out as being invalid
        NFSv4.1/pnfs: Ensure we handle delegation errors in nfs4_proc_layoutget()
      e7bdea77
    • L
      Merge branch 'stable-4.7' of git://git.infradead.org/users/pcmoore/audit · 89a82a92
      Linus Torvalds 提交于
      Pull audit fixes from Paul Moore:
       "Two small patches to fix audit problems in 4.7-rcX: the first fixes a
        potential kref leak, the second removes some header file noise.
      
        The first is an important bug fix that really should go in before 4.7
        is released, the second is not critical, but falls into the very-nice-
        to-have category so I'm including in the pull request.
      
        Both patches are straightforward, self-contained, and pass our
        testsuite without problem"
      
      * 'stable-4.7' of git://git.infradead.org/users/pcmoore/audit:
        audit: move audit_get_tty to reduce scope and kabi changes
        audit: move calcs after alloc and check when logging set loginuid
      89a82a92
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 32826ac4
      Linus Torvalds 提交于
      Pull networking fixes from David Miller:
       "I've been traveling so this accumulates more than week or so of bug
        fixing.  It perhaps looks a little worse than it really is.
      
         1) Fix deadlock in ath10k driver, from Ben Greear.
      
         2) Increase scan timeout in iwlwifi, from Luca Coelho.
      
         3) Unbreak STP by properly reinjecting STP packets back into the
            stack.  Regression fix from Ido Schimmel.
      
         4) Mediatek driver fixes (missing malloc failure checks, leaking of
            scratch memory, wrong indexing when mapping TX buffers, etc.) from
            John Crispin.
      
         5) Fix endianness bug in icmpv6_err() handler, from Hannes Frederic
            Sowa.
      
         6) Fix hashing of flows in UDP in the ruseport case, from Xuemin Su.
      
         7) Fix netlink notifications in ovs for tunnels, delete link messages
            are never emitted because of how the device registry state is
            handled.  From Nicolas Dichtel.
      
         8) Conntrack module leaks kmemcache on unload, from Florian Westphal.
      
         9) Prevent endless jump loops in nft rules, from Liping Zhang and
            Pablo Neira Ayuso.
      
        10) Not early enough spinlock initialization in mlx4, from Eric
            Dumazet.
      
        11) Bind refcount leak in act_ipt, from Cong WANG.
      
        12) Missing RCU locking in HTB scheduler, from Florian Westphal.
      
        13) Several small MACSEC bug fixes from Sabrina Dubroca (missing RCU
            barrier, using heap for SG and IV, and erroneous use of async flag
            when allocating AEAD conext.)
      
        14) RCU handling fix in TIPC, from Ying Xue.
      
        15) Pass correct protocol down into ipv4_{update_pmtu,redirect}() in
            SIT driver, from Simon Horman.
      
        16) Socket timer deadlock fix in TIPC from Jon Paul Maloy.
      
        17) Fix potential deadlock in team enslave, from Ido Schimmel.
      
        18) Memory leak in KCM procfs handling, from Jiri Slaby.
      
        19) ESN generation fix in ipv4 ESP, from Herbert Xu.
      
        20) Fix GFP_KERNEL allocations with locks held in act_ife, from Cong
            WANG.
      
        21) Use after free in netem, from Eric Dumazet.
      
        22) Uninitialized last assert time in multicast router code, from Tom
            Goff.
      
        23) Skip raw sockets in sock_diag destruction broadcast, from Willem
            de Bruijn.
      
        24) Fix link status reporting in thunderx, from Sunil Goutham.
      
        25) Limit resegmentation of retransmit queue so that we do not
            retransmit too large GSO frames.  From Eric Dumazet.
      
        26) Delay bpf program release after grace period, from Daniel
            Borkmann"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (141 commits)
        openvswitch: fix conntrack netlink event delivery
        qed: Protect the doorbell BAR with the write barriers.
        neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit()
        e1000e: keep VLAN interfaces functional after rxvlan off
        cfg80211: fix proto in ieee80211_data_to_8023 for frames without LLC header
        qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag()
        bpf, perf: delay release of BPF prog after grace period
        net: bridge: fix vlan stats continue counter
        tcp: do not send too big packets at retransmit time
        ibmvnic: fix to use list_for_each_safe() when delete items
        net: thunderx: Fix TL4 configuration for secondary Qsets
        net: thunderx: Fix link status reporting
        net/mlx5e: Reorganize ethtool statistics
        net/mlx5e: Fix number of PFC counters reported to ethtool
        net/mlx5e: Prevent adding the same vxlan port
        net/mlx5e: Check for BlueFlame capability before allocating SQ uar
        net/mlx5e: Change enum to better reflect usage
        net/mlx5: Add ConnectX-5 PCIe 4.0 to list of supported devices
        net/mlx5: Update command strings
        net: marvell: Add separate config ANEG function for Marvell 88E1111
        ...
      32826ac4
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · 653c574a
      Linus Torvalds 提交于
      Pull s390 fixes from Martin Schwidefsky:
       "Another two bug fixes for 4.7:
      
         - The revert of patch which removed boot information for systems
           using an intermediate boot kernel, e.g. the SLES12 grub setup.
      
         - A fix for an incorrect inline assembly constraint that causes
           broken code to be generated with gcc 4.8.5"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390: fix test_fp_ctl inline assembly contraints
        Revert "s390/kdump: Clear subchannel ID to signal non-CCW/SCSI IPL"
      653c574a
    • L
      Merge tag 'pinctrl-v4.7-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl · 00bf377d
      Linus Torvalds 提交于
      Pull pin control fixes from Linus Walleij:
       "Here are a bunch of fixes for pin control.  Just drivers and a
        MAINTAINERS fixup:
      
         - Driver fixes for i.MX, single register, Tegra and BayTrail.
      
         - MAINTAINERS entry for the documentation"
      
      * tag 'pinctrl-v4.7-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
        pinctrl: baytrail: Fix mingled clock pins
        MAINTAINERS: belong Documentation/pinctrl.txt properly
        pinctrl: tegra: Fix build dependency
        gpio: tegra: Make lockdep class file-scoped
        pinctrl: single: Fix missing flush of posted write for a wakeirq
        pinctrl: imx: Do not treat a PIN without MUX register as an error
      00bf377d
    • L
      Merge branch 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup · 52827f38
      Linus Torvalds 提交于
      Pull cgroup fixes from Tejun Heo:
       "Three fix patches.  Two are for cgroup / css init failure path.  The
        last one makes css_set_lock irq-safe as the deadline scheduler ends up
        calling put_css_set() from irq context"
      
      * 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup:
        cgroup: Disable IRQs while holding css_set_lock
        cgroup: set css->id to -1 during init
        cgroup: remove redundant cleanup in css_create
      52827f38
  2. 29 6月, 2016 20 次提交