1. 11 10月, 2018 32 次提交
  2. 10 10月, 2018 2 次提交
  3. 09 10月, 2018 6 次提交
    • D
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next · 071a234a
      David S. Miller 提交于
      Alexei Starovoitov says:
      
      ====================
      pull-request: bpf-next 2018-10-08
      
      The following pull-request contains BPF updates for your *net-next* tree.
      
      The main changes are:
      
      1) sk_lookup_[tcp|udp] and sk_release helpers from Joe Stringer which allow
      BPF programs to perform lookups for sockets in a network namespace. This would
      allow programs to determine early on in processing whether the stack is
      expecting to receive the packet, and perform some action (eg drop,
      forward somewhere) based on this information.
      
      2) per-cpu cgroup local storage from Roman Gushchin.
      Per-cpu cgroup local storage is very similar to simple cgroup storage
      except all the data is per-cpu. The main goal of per-cpu variant is to
      implement super fast counters (e.g. packet counters), which don't require
      neither lookups, neither atomic operations in a fast path.
      The example of these hybrid counters is in selftests/bpf/netcnt_prog.c
      
      3) allow HW offload of programs with BPF-to-BPF function calls from Quentin Monnet
      
      4) support more than 64-byte key/value in HW offloaded BPF maps from Jakub Kicinski
      
      5) rename of libbpf interfaces from Andrey Ignatov.
      libbpf is maturing as a library and should follow good practices in
      library design and implementation to play well with other libraries.
      This patch set brings consistent naming convention to global symbols.
      
      6) relicense libbpf as LGPL-2.1 OR BSD-2-Clause from Alexei Starovoitov
      to let Apache2 projects use libbpf
      
      7) various AF_XDP fixes from Björn and Magnus
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      071a234a
    • D
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next · 9000a457
      David S. Miller 提交于
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter updates for net-next
      
      The following patchset contains Netfilter updates for your net-next tree:
      
      1) Support for matching on ipsec policy already set in the route, from
         Florian Westphal.
      
      2) Split set destruction into deactivate and destroy phase to make it
         fit better into the transaction infrastructure, also from Florian.
         This includes a patch to warn on imbalance when setting the new
         activate and deactivate interfaces.
      
      3) Release transaction list from the workqueue to remove expensive
         synchronize_rcu() from configuration plane path. This speeds up
         configuration plane quite a bit. From Florian Westphal.
      
      4) Add new xfrm/ipsec extension, this new extension allows you to match
         for ipsec tunnel keys such as source and destination address, spi and
         reqid. From Máté Eckl and Florian Westphal.
      
      5) Add secmark support, this includes connsecmark too, patches
         from Christian Gottsche.
      
      6) Allow to specify remaining bytes in xt_quota, from Chenbo Feng.
         One follow up patch to calm a clang warning for this one, from
         Nathan Chancellor.
      
      7) Flush conntrack entries based on layer 3 family, from Kristian Evensen.
      
      8) New revision for cgroups2 to shrink the path field.
      
      9) Get rid of obsolete need_conntrack(), as a result from recent
         demodularization works.
      
      10) Use WARN_ON instead of BUG_ON, from Florian Westphal.
      
      11) Unused exported symbol in nf_nat_ipv4_fn(), from Florian.
      
      12) Remove superfluous check for timeout netlink parser and dump
          functions in layer 4 conntrack helpers.
      
      13) Unnecessary redundant rcu read side locks in NAT redirect,
          from Taehee Yoo.
      
      14) Pass nf_hook_state structure to error handlers, patch from
          Florian Westphal.
      
      15) Remove ->new() interface from layer 4 protocol trackers. Place
          them in the ->packet() interface. From Florian.
      
      16) Place conntrack ->error() handling in the ->packet() interface.
          Patches from Florian Westphal.
      
      17) Remove unused parameter in the pernet initialization path,
          also from Florian.
      
      18) Remove additional parameter to specify layer 3 protocol when
          looking up for protocol tracker. From Florian.
      
      19) Shrink array of layer 4 protocol trackers, from Florian.
      
      20) Check for linear skb only once from the ALG NAT mangling
          codebase, from Taehee Yoo.
      
      21) Use rhashtable_walk_enter() instead of deprecated
          rhashtable_walk_init(), also from Taehee.
      
      22) No need to flush all conntracks when only one single address
          is gone, from Tan Hu.
      
      23) Remove redundant check for NAT flags in flowtable code, from
          Taehee Yoo.
      
      24) Use rhashtable_lookup() instead of rhashtable_lookup_fast()
          from netfilter codebase, since rcu read lock side is already
          assumed in this path.
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9000a457
    • A
      bpf: fix building without CONFIG_INET · df3f94a0
      Arnd Bergmann 提交于
      The newly added TCP and UDP handling fails to link when CONFIG_INET
      is disabled:
      
      net/core/filter.o: In function `sk_lookup':
      filter.c:(.text+0x7ff8): undefined reference to `tcp_hashinfo'
      filter.c:(.text+0x7ffc): undefined reference to `tcp_hashinfo'
      filter.c:(.text+0x8020): undefined reference to `__inet_lookup_established'
      filter.c:(.text+0x8058): undefined reference to `__inet_lookup_listener'
      filter.c:(.text+0x8068): undefined reference to `udp_table'
      filter.c:(.text+0x8070): undefined reference to `udp_table'
      filter.c:(.text+0x808c): undefined reference to `__udp4_lib_lookup'
      net/core/filter.o: In function `bpf_sk_release':
      filter.c:(.text+0x82e8): undefined reference to `sock_gen_put'
      
      Wrap the related sections of code in #ifdefs for the config option.
      
      Furthermore, sk_lookup() should always have been marked 'static', this
      also avoids a warning about a missing prototype when building with
      'make W=1'.
      
      Fixes: 6acc9b43 ("bpf: Add helper to retrieve socket in BPF")
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NJoe Stringer <joe@wand.net.nz>
      Acked-by: NSong Liu <songliubraving@fb.com>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      df3f94a0
    • N
      netfilter: xt_quota: Don't use aligned attribute in sizeof · ffa0a9a5
      Nathan Chancellor 提交于
      Clang warns:
      
      net/netfilter/xt_quota.c:47:44: warning: 'aligned' attribute ignored
      when parsing type [-Wignored-attributes]
              BUILD_BUG_ON(sizeof(atomic64_t) != sizeof(__aligned_u64));
                                                        ^~~~~~~~~~~~~
      
      Use 'sizeof(__u64)' instead, as the alignment doesn't affect the size
      of the type.
      
      Fixes: e9837e55 ("netfilter: xt_quota: fix the behavior of xt_quota module")
      Signed-off-by: NNathan Chancellor <natechancellor@gmail.com>
      Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
      ffa0a9a5
    • I
      dpaa2-eth: Don't account Tx confirmation frames on NAPI poll · 68049a5f
      Ioana Ciocoi Radulescu 提交于
      Until now, both Rx and Tx confirmation frames handled during
      NAPI poll were counted toward the NAPI budget. However, Tx
      confirmations are lighter to process than Rx frames, which can
      skew the amount of work actually done inside one NAPI cycle.
      
      Update the code to only count Rx frames toward the NAPI budget
      and set a separate threshold on how many Tx conf frames can be
      processed in one poll cycle.
      
      The NAPI poll routine stops when either the budget is consumed
      by Rx frames or when Tx confirmation frames reach this threshold.
      Signed-off-by: NIoana Radulescu <ruxandra.radulescu@nxp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      68049a5f
    • Y
      net: mscc: ocelot: remove set but not used variable 'phy_mode' · 9e19dabc
      YueHaibing 提交于
      Fixes gcc '-Wunused-but-set-variable' warning:
      
      drivers/net/ethernet/mscc/ocelot_board.c: In function 'mscc_ocelot_probe':
      drivers/net/ethernet/mscc/ocelot_board.c:262:17: warning:
       variable 'phy_mode' set but not used [-Wunused-but-set-variable]
         enum phy_mode phy_mode;
      
      It never used since introduction in
      commit 71e32a20 ("net: mscc: ocelot: make use of SerDes PHYs for handling their configuration")
      Signed-off-by: NYueHaibing <yuehaibing@huawei.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9e19dabc