- 21 3月, 2022 10 次提交
-
-
由 Jakub Kicinski 提交于
Newer versions of the PCIe microcode support writing back the position of the TX pointer back into host memory. This speeds up TX completions, because we avoid a read from device memory (replacing PCIe read with DMA coherent read). Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NFei Qin <fei.qin@corigine.com> Signed-off-by: NSimon Horman <simon.horman@corigine.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jakub Kicinski 提交于
QCidx is not used on fast path, move it to the lower cacheline. Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NFei Qin <fei.qin@corigine.com> Signed-off-by: NSimon Horman <simon.horman@corigine.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jakub Kicinski 提交于
New datapaths may use multiple descriptor units to describe a single packet. Prepare for that by adding a descriptors per simple frame constant into ring size calculations. Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NFei Qin <fei.qin@corigine.com> Signed-off-by: NSimon Horman <simon.horman@corigine.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jakub Kicinski 提交于
To reduce the coupling of slow path ring implementations and their callers, use callbacks instead. Changes to Jakub's work: * Also use callbacks for xmit functions Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NYinjun Zhang <yinjun.zhang@corigine.com> Signed-off-by: NSimon Horman <simon.horman@corigine.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jakub Kicinski 提交于
In preparation for support for a new datapath format move all ring and fast path logic into separate files. It is basically a verbatim move with some wrapping functions, no new structures and functions added. The current data path is called NFD3 from the initial version of the driver ABI it used. The non-fast path, but ring related functions are moved to nfp_net_dp.c file. Changes to Jakub's work: * Rebase on xsk related code. * Split the patch, move the callback changes to next commit. Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NFei Qin <fei.qin@corigine.com> Signed-off-by: NSimon Horman <simon.horman@corigine.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jakub Kicinski 提交于
Ring enable masks are 64bit long. Replace mask calculation from: block_cnt == 64 ? 0xffffffffffffffffULL : (1 << block_cnt) - 1 with: (U64_MAX >> (64 - block_cnt)) to simplify the code. Signed-off-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NFei Qin <fei.qin@corigine.com> Signed-off-by: NSimon Horman <simon.horman@corigine.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next由 David S. Miller 提交于
Pablo Neira Ayuso says: ==================== Netfilter updates for net-next The following patchset contains Netfilter updates for net-next. This patchset contains updates for the nf_tables register tracking infrastructure, disable bogus warning when attaching ct helpers, one namespace pollution fix and few cleanups for the flowtable. 1) Revisit conntrack gc routine to reduce chances of overruning the netlink buffer from the event path. From Florian Westphal. 2) Disable warning on explicit ct helper assignment, from Phil Sutter. 3) Read-only expressions do not update registers, mark them as NFT_REDUCE_READONLY. Add helper functions to update the register tracking information. This patch re-enables the register tracking infrastructure. 4) Cancel register tracking in case an expression fully/partially clobbers existing data. 5) Add register tracking support for remaining expressions: ct, lookup, meta, numgen, osf, hash, immediate, socket, xfrm, tunnel, fib, exthdr. 6) Rename init and exit functions for the conntrack h323 helper, from Randy Dunlap. 7) Remove redundant field in struct flow_offload_work. 8) Update nf_flow_table_iterate() to pass flowtable to callback. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Casper Andersson 提交于
Standalone ports use vid 0. Let the bridge use vid 1 when "vlan_default_pvid 0" is set to avoid collisions. Since no VLAN is created when default pvid is 0 this is set at "PORT_ATTR_SET" and handled in the Switchdev fdb handler. Signed-off-by: NCasper Andersson <casper.casan@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Wan Jiabing 提交于
allocated_mem is allocated by kcalloc(). The memory is set to zero. It is unnecessary to call memset again. Signed-off-by: NWan Jiabing <wanjiabing@vivo.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Wang Yufen 提交于
In calipso_map_cat_ntoh(), in the for loop, if the return value of netlbl_bitmap_walk() is equal to (net_clen_bits - 1), when netlbl_bitmap_walk() is called next time, out-of-bounds memory accesses of bitmap[byte_offset] occurs. The bug was found during fuzzing. The following is the fuzzing report BUG: KASAN: slab-out-of-bounds in netlbl_bitmap_walk+0x3c/0xd0 Read of size 1 at addr ffffff8107bf6f70 by task err_OH/252 CPU: 7 PID: 252 Comm: err_OH Not tainted 5.17.0-rc7+ #17 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x21c/0x230 show_stack+0x1c/0x60 dump_stack_lvl+0x64/0x7c print_address_description.constprop.0+0x70/0x2d0 __kasan_report+0x158/0x16c kasan_report+0x74/0x120 __asan_load1+0x80/0xa0 netlbl_bitmap_walk+0x3c/0xd0 calipso_opt_getattr+0x1a8/0x230 calipso_sock_getattr+0x218/0x340 calipso_sock_getattr+0x44/0x60 netlbl_sock_getattr+0x44/0x80 selinux_netlbl_socket_setsockopt+0x138/0x170 selinux_socket_setsockopt+0x4c/0x60 security_socket_setsockopt+0x4c/0x90 __sys_setsockopt+0xbc/0x2b0 __arm64_sys_setsockopt+0x6c/0x84 invoke_syscall+0x64/0x190 el0_svc_common.constprop.0+0x88/0x200 do_el0_svc+0x88/0xa0 el0_svc+0x128/0x1b0 el0t_64_sync_handler+0x9c/0x120 el0t_64_sync+0x16c/0x170 Reported-by: NHulk Robot <hulkci@huawei.com> Signed-off-by: NWang Yufen <wangyufen@huawei.com> Acked-by: NPaul Moore <paul@paul-moore.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 20 3月, 2022 19 次提交
-
-
由 Pablo Neira Ayuso 提交于
The flowtable object is already passed as argument to nf_flow_table_iterate(), do use not data pointer to pass flowtable. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Already available through the flowtable object, remove it. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Randy Dunlap 提交于
Eliminate anonymous module_init() and module_exit(), which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an initcall_debug log. Give each of these init and exit functions unique driver-specific names to eliminate the anonymous names. Example 1: (System.map) ffffffff832fc78c t init ffffffff832fc79e t init ffffffff832fc8f8 t init Example 2: (initcall_debug log) calling init+0x0/0x12 @ 1 initcall init+0x0/0x12 returned 0 after 15 usecs calling init+0x0/0x60 @ 1 initcall init+0x0/0x60 returned 0 after 2 usecs calling init+0x0/0x9a @ 1 initcall init+0x0/0x9a returned 0 after 74 usecs Fixes: f587de0e ("[NETFILTER]: nf_conntrack/nf_nat: add H.323 helper port") Signed-off-by: NRandy Dunlap <rdunlap@infradead.org> Acked-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
Check if we can elide the load. Cancel if the new candidate isn't identical to previous store. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
The fib expression stores to a register, so we can't add empty stub. Check that the register that is being written is in fact redundant. In most cases, this is expected to cancel tracking as re-use is unlikely. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Check if the destination register already contains the data that this tunnel expression performs. This allows to skip this redundant operation. If the destination contains a different selector, update the register tracking information. This patch does not perform bitwise tracking. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Check if the destination register already contains the data that this xfrm expression performs. This allows to skip this redundant operation. If the destination contains a different selector, update the register tracking information. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Check if the destination register already contains the data that this socket expression performs. This allows to skip this redundant operation. If the destination contains a different selector, update the register tracking information. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
The immediate expression might clobber existing data on the registers, cancel register tracking for the destination register. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Check if the destination register already contains the data that this osf expression performs. Always cancel register tracking for jhash since this requires tracking multiple source registers in case of concatenations. Perform register tracking (without bitwise) for symhash since input does not come from source register. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Allow to recycle the previous output of the OS fingerprint expression if flags and ttl are the same. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Random and increment are stateful, each invocation results in fresh output. Cancel register tracking for these two expressions. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
its enough to export the meta get reduce helper and then call it from nft_meta_bridge too. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
In most cases, nft_lookup will be read-only, i.e. won't clobber registers. In case of map, we need to cancel the registers that will see stores. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Check if the destination register already contains the data that this ct expression performs. This allows to skip this redundant operation. If the destination contains a different selector, update the register tracking information. Export nft_expr_reduce_bitwise as a symbol since nft_ct might be compiled as a module. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Output of expressions might be larger than one single register, this might clobber existing data. Reset tracking for all destination registers that required to store the expression output. This patch adds three new helper functions: - nft_reg_track_update: cancel previous register tracking and update it. - nft_reg_track_cancel: cancel any previous register tracking info. - __nft_reg_track_cancel: cancel only one single register tracking info. Partial register clobbering detection is also supported by checking the .num_reg field which describes the number of register that are used. This patch updates the following expressions: - meta_bridge - bitwise - byteorder - meta - payload to use these helper functions. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Pablo Neira Ayuso 提交于
Skip register tracking for expressions that perform read-only operations on the registers. Define and use a cookie pointer NFT_REDUCE_READONLY to avoid defining stubs for these expressions. This patch re-enables register tracking which was disabled in ed5f85d4 ("netfilter: nf_tables: disable register tracking"). Follow up patches add remaining register tracking for existing expressions. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Phil Sutter 提交于
The function sets the pernet boolean to avoid the spurious warning from nf_ct_lookup_helper() when assigning conntrack helpers via nftables. Fixes: 1a64edf5 ("netfilter: nft_ct: add helper set support") Signed-off-by: NPhil Sutter <phil@nwl.cc> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
as of commit 4608fdfc ("netfilter: conntrack: collect all entries in one cycle") conntrack gc was changed to run every 2 minutes. On systems where conntrack hash table is set to large value, most evictions happen from gc worker rather than the packet path due to hash table distribution. This causes netlink event overflows when events are collected. This change collects average expiry of scanned entries and reschedules to the average remaining value, within 1 to 60 second interval. To avoid event overflows, reschedule after each bucket and add a limit for both run time and number of evictions per run. If more entries have to be evicted, reschedule and restart 1 jiffy into the future. Reported-by: NKarel Rericha <karel@maxtel.cz> Cc: Shmulik Ladkani <shmulik.ladkani@gmail.com> Cc: Eyal Birger <eyal.birger@gmail.com> Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
- 19 3月, 2022 11 次提交
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux由 David S. Miller 提交于
Saeed Mahameed says: ==================== mlx5-updates-2022-03-18 1) XDP multi buffer support This series enables XDP on non-linear legacy RQ in multi buffer mode. When XDP is enabled, fragmentation scheme on non-linear legacy RQ is adjusted to comply to limitations of XDP multi buffer (fragments of the same size). DMA addresses of fragments are stored in struct page for the completion handler to be able to unmap them. XDP_TX is supported. XDP_REDIRECT is not yet supported, the XDP core blocks it for multi buffer packets at the moment. 2) Trivial cleanups ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/klassert/由 David S. Miller 提交于
ipsec-next Steffen Klassert says: ==================== pull request (net-next): ipsec-next 2022-03-19 1) Delete duplicated functions that calls same xfrm_api_check. From Leon Romanovsky. 2) Align userland API of the default policy structure to the internal structures. From Nicolas Dichtel. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Dan Carpenter 提交于
This code is fine, but it's easier to review if we use snprintf() instead of sprintf(). Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Acked-by: NJonathan Lemon <jonathan.lemon@gmail.com> Link: https://lore.kernel.org/r/20220318074723.GA6617@kiliSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Yang Yingliang 提交于
The skb will be checked in kfree_skb(), so remove the outside check. Signed-off-by: NYang Yingliang <yangyingliang@huawei.com> Reviewed-by: NKrzysztof Kozlowski <krzk@kernel.org> Link: https://lore.kernel.org/r/20220318072728.2659578-1-yangyingliang@huawei.comSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue由 Jakub Kicinski 提交于
Tony Nguyen says: ==================== 40GbE Intel Wired LAN Driver Updates 2022-03-17 This series contains updates to i40e and igb drivers. Tom Rix moves a conversion to little endian to occur only when the value is used for i40e. He also zeros out a structure to resolve possible use of garbage value for igb as reported by clang. * '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue: igb: zero hwtstamp by default i40e: little endian only valid checksums ==================== Link: https://lore.kernel.org/r/20220317160236.3534321-1-anthony.l.nguyen@intel.comSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Jakub Kicinski 提交于
Merge tag 'for-net-next-2022-03-18' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next Luiz Augusto von Dentz says: ==================== bluetooth-next pull request for net-next: - Add support for Asus TF103C - Add support for Realtek RTL8852B - Add support for Realtek RTL8723BE - Add WBS support to mt7921s * tag 'for-net-next-2022-03-18' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next: (24 commits) Bluetooth: ath3k: remove superfluous header files Bluetooth: bcm203x: remove superfluous header files Bluetooth: hci_bcm: Add the Asus TF103C to the bcm_broken_irq_dmi_table Bluetooth: mt7921s: Add WBS support Bluetooth: mt7921s: Add .btmtk_get_codec_config_data Bluetooth: mt7921s: Add .get_data_path_id Bluetooth: mt7921s: Set HCI_QUIRK_VALID_LE_STATES Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt Bluetooth: btmtkuart: fix error handling in mtk_hci_wmt_sync() Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed Bluetooth: Send AdvMonitor Dev Found for all matched devices Bluetooth: msft: Clear tracked devices on resume Bluetooth: fix incorrect nonblock bitmask in bt_sock_wait_ready() Bluetooth: Don't assign twice the same value Bluetooth: btrtl: Add support for RTL8852B Bluetooth: hci_uart: add missing NULL check in h5_enqueue Bluetooth: Fix use after free in hci_send_acl Bluetooth: btusb: Use quirk to skip HCI_FLT_CLEAR_ALL on fake CSR controllers Bluetooth: hci_sync: Add a new quirk to skip HCI_FLT_CLEAR_ALL Bluetooth: btmtkuart: fix the conflict between mtk and msft vendor event ... ==================== Link: https://lore.kernel.org/r/20220318224752.1477292-1-luiz.dentz@gmail.comSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Colin Ian King 提交于
Variable index is being assigned a value that is never read, it is being re-assigned later in a following for-loop. The assignment is redundant and can be removed. Cleans up clang scan build warning: drivers/net/ethernet/qlogic/qlcnic/qlcnic_ethtool.c:1358:17: warning: Although the value stored to 'index' is used in the enclosing expression, the value is never actually read from 'index' [deadcode.DeadStores] Signed-off-by: NColin Ian King <colin.i.king@gmail.com> Link: https://lore.kernel.org/r/20220318012035.89482-1-colin.i.king@gmail.comSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Colin Ian King 提交于
Variable sie is being assigned a value that is never read. The The assignment is redundant and can be removed. Cleans up clang scan build warning: drivers/net/ethernet/atheros/atl1c/atl1c_main.c:1054:22: warning: Although the value stored to 'size' is used in the enclosing expression, the value is never actually read from 'size' [deadcode.DeadStores] Signed-off-by: NColin Ian King <colin.i.king@gmail.com> Link: https://lore.kernel.org/r/20220318005021.82073-1-colin.i.king@gmail.comSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Yonglong Li 提交于
In some corner cases, the peer handing an incoming ADD_ADDR option, can receive a retransmitted ADD_ADDR for the same address before the subflow creation completes. We can avoid the above issue by generating and sending the ADD_ADDR echo before starting the MPJ subflow connection. This slightly changes the behaviour of the packetdrill tests as the ADD_ADDR echo packet is sent earlier. Acked-by: NPaolo Abeni <pabeni@redhat.com> Signed-off-by: NYonglong Li <liyonglong@chinatelecom.cn> Signed-off-by: NMat Martineau <mathew.j.martineau@linux.intel.com> Link: https://lore.kernel.org/r/20220317221444.426335-1-mathew.j.martineau@linux.intel.comSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Kuniyuki Iwashima 提交于
Let's remove unnecessary brackets around CONFIG_AF_UNIX_OOB. Signed-off-by: NKuniyuki Iwashima <kuniyu@amazon.co.jp> Link: https://lore.kernel.org/r/20220317032308.65372-1-kuniyu@amazon.co.jpSigned-off-by: NJakub Kicinski <kuba@kernel.org>
-
由 Saeed Mahameed 提交于
There is no function mlx5e_get_sq(), remove the declaration. Signed-off-by: NSaeed Mahameed <saeedm@nvidia.com> Signed-off-by: NMoshe Tal <moshet@nvidia.com> Reviewed-by: NMaxim Mikityanskiy <maximmi@nvidia.com> Reviewed-by: NTariq Toukan <tariqt@nvidia.com>
-