- 05 3月, 2018 17 次提交
-
-
由 David Ahern 提交于
Some operators prefer IPv6 path selection to use a standard 5-tuple hash rather than just an L3 hash with the flow the label. To that end add support to IPv6 for multipath hash policy similar to bf4e0a3d ("net: ipv4: add support for ECMP hash policy choice"). The default is still L3 which covers source and destination addresses along with flow label and IPv6 protocol. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Tested-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
IPv6 does path selection for multipath routes deep in the lookup functions. The next patch adds L4 hash option and needs the skb for the forward path. To get the skb to the relevant FIB lookup functions it needs to go through the fib rules layer, so add a lookup_data argument to the fib_lookup_arg struct. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Rename NETEVENT_MULTIPATH_HASH_UPDATE to NETEVENT_IPV4_MPATH_HASH_UPDATE to denote it relates to a change in the IPv4 hash policy. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Make rt6_multipath_hash more of a direct parallel to fib_multipath_hash and reduce stack and overhead in the process: get_hash_from_flowi6 is just a wrapper around __get_hash_from_flowi6 with another stack allocation for flow_keys. Move setting the addresses, protocol and label into rt6_multipath_hash and allow it to make the call to flow_hash_from_keys. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
As of commit e37b1e97 ("ipv6: route: dissect flow in input path if fib rules need it") fib_multipath_hash takes an optional flow keys. If non-NULL it means the skb has already been dissected. If not set, then fib_multipath_hash needs to call skb_flow_dissect_flow_keys. Simplify the logic by setting flkeys to the local stack variable keys. Simplifies fib_multipath_hash by only have 1 set of instructions setting hash_keys. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Symmetry is good and allows easy comparison that ipv4 and ipv6 are doing the same thing. To that end, change ip_multipath_l3_keys to set addresses at the end after the icmp compares, and move the initialization of ipv6 flow keys to rt6_multipath_hash. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
fib_multipath_hash only needs net struct to check a sysctl. Make it clear by passing net instead of fib_info. In the end this allows alignment between the ipv4 and ipv6 versions. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Reviewed-by: NNikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Xin Long says: ==================== sctp: clean up sctp_sendmsg This cleanup mostly does three things: - extract some codes into functions to make sendmsg more readable. - tidy up some codes to avoid the unnecessary checks. - adjust some logic so that it will be easier to add the send flags and cmsgs features that I will post after this. To make it easy to review and to check if the code is compatible with before, this patchset is to do it step by step in 9 patches. NOTE: There will be a conflict when merging Commit 2277c7cd ("sctp: Add LSM hooks") from selinux tree, the solution is to: 1. remove all the lines in [B]: <<<<<<< HEAD [A] ======= [B] >>>>>>> 2277c7cd... sctp: Add LSM hooks 2. and apply the following diff-output: diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 980621e..d6803c8 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -1686,6 +1686,7 @@ static int sctp_sendmsg_new_asoc(struct sock *sk, __u16 sflags, struct net *net = sock_net(sk); struct sctp_association *asoc; enum sctp_scope scope; + struct sctp_af *af; int err = -EINVAL; *tp = NULL; @@ -1711,6 +1712,22 @@ static int sctp_sendmsg_new_asoc(struct sock *sk, __u16 sflags, scope = sctp_scope(daddr); + /* Label connection socket for first association 1-to-many + * style for client sequence socket()->sendmsg(). This + * needs to be done before sctp_assoc_add_peer() as that will + * set up the initial packet that needs to account for any + * security ip options (CIPSO/CALIPSO) added to the packet. + */ + af = sctp_get_af_specific(daddr->sa.sa_family); + if (!af) + return -EINVAL; + + err = security_sctp_bind_connect(sk, SCTP_SENDMSG_CONNECT, + (struct sockaddr *)daddr, + af->sockaddr_len); + if (err < 0) + return err; + asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL); if (!asoc) return -ENOMEM; ==================== Acked-by: NNeil Horman <nhorman@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
sctp_sendmsg_new_asoc and SCTP_ADDR_OVER check is only necessary when daddr is set, so move them up to if (daddr) statement. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch mostly is to: - rename sinfo_flags as sflags, to make the indents look better, and also keep consistent with other sctp_sendmsg_xx functions. - replace new_asoc with bool new, no need to define a pointer here, as if new_asoc is set, it must be asoc. - rename the 'out_nounlock:' as 'out', shorter and nicer. - remove associd, only one place is using it now, just use sinfo->sinfo_assoc_id directly. - remove 'cmsgs' initialization in sctp_sendmsg, as it will be done in sctp_sendmsg_parse. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
Now sctp_assoc_lookup_paddr can only be called only if daddr has been set. But if daddr has been set, sctp_endpoint_lookup_assoc would be done, where it could already have the transport. So this unnecessary transport looking up should be removed, but only reset transport as NULL when SCTP_ADDR_OVER is not set for UDP type socket. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to move the codes for trying to get sinfo from asoc into sctp_sendmsg_update_sinfo. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to move the codes for parsing msghdr and checking sk into sctp_sendmsg_parse. Note that different from before, 'sinfo' in sctp_sendmsg won't be NULL any more. It gets the value either from cmsgs->srinfo, cmsgs->sinfo or asoc. With it, the 'sinfo' and 'fill_sinfo_ttl' check can be removed from sctp_sendmsg. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to move the codes for trying to get daddr from msg->msg_name into sctp_sendmsg_get_daddr. Note that after adding 'daddr', 'to' and 'msg_name' can be deleted. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to move the codes for checking sinfo_flags on one asoc after this asoc has been found into sctp_sendmsg_check_sflags. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to move the codes for creating a new asoc if no asoc was found into sctp_sendmsg_new_asoc. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to move the codes for checking and sending on one asoc after this asoc has been found or created into sctp_sendmsg_to_asoc. Note that 'err != -ESRCH' check is for the case that asoc is freed when waiting for tx buffer in sctp_sendmsg_to_asoc. Signed-off-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 03 3月, 2018 1 次提交
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next由 David S. Miller 提交于
Daniel Borkmann says: ==================== pull-request: bpf-next 2018-03-03 The following pull-request contains BPF updates for your *net-next* tree. The main changes are: 1) Extend bpftool to build up CFG information of eBPF programs and add an option to dump this in DOT format such that this can later be used with DOT graphic tools (xdot, graphviz, etc) to visualize it. Part of the analysis performed is sub-program detection and basic-block partitioning, from Jiong. 2) Multiple enhancements for bpftool's batch mode, more specifically the parser now understands comments (#), continuation lines (\), and arguments enclosed between quotes. Also, allow to read from stdin via '-' as input file, all from Quentin. 3) Improve BPF kselftests by i) unifying the rlimit handling into a helper that is then used by all tests, and ii) add support for testing tail calls to test_verifier plus add tests covering all corner cases. The latter is especially useful for testing JITs, from Daniel. 4) Remove x64 JIT's bpf_flush_icache() since flush_icache_range() is a noop on x64, from Daniel. 5) Fix one more occasion in BPF samples where we do not detach the BPF program from the cgroup after completion, from Prashant. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 02 3月, 2018 22 次提交
-
-
由 Colin Ian King 提交于
Use the ARRAY_SIZE macro on a couple of arrays to determine size of the arrays. Also fix up alignment to clean up a checkpatch warning. Improvement suggested by Coccinelle. Signed-off-by: NColin Ian King <colin.king@canonical.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ganesh Goudar 提交于
Add TP Congestion Map entry for single-port T6 cards. Signed-off-by: NCasey Leedom <leedom@chelsio.com> Signed-off-by: NGanesh Goudar <ganeshgr@chelsio.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Merge tag 'mac80211-next-for-davem-2018-03-02' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next Johannes Berg says: ==================== Only a few new things: * hwsim net namespace stuff from Kirill Tkhai * A-MSDU support in fast-RX * 4-addr mode support in fast-RX * support for a spec quirk in Add-BA negotiation ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ganesh Goudar 提交于
Error code is already returned earlier if filter exists at specified location. So, remove dead code trying to free existing filter. Reported-by: NDan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NGanesh Goudar <ganeshgr@chelsio.com> Signed-off-by: NRahul Lakkireddy <rahul.lakkireddy@chelsio.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Kirill Tkhai 提交于
These pernet_operations allocate and destroy IDA identifier, and these actions are synchronized by IDA subsystem locks. Exit method removes mac80211_hwsim_data enteries from the lists, and this is synchronized by hwsim_radio_lock with the rest parallel pernet_operations. Also it queues destroy_radio() work, and these work already may be executed in parallel with any pernet_operations (as it's a work :). So, we may mark these pernet_operations as async. Signed-off-by: NKirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
由 Kirill Tkhai 提交于
hwsim_netgroup counter is declarated as int, and it is incremented every time a new net is created. After sizeof(int) net are created, it will overflow, and different net namespaces will have the same identifier. This patch fixes the problem by introducing IDA instead of int counter. IDA guarantees, all the net namespaces have the uniq identifier. Note, that after we do ida_simple_remove() in hwsim_exit_net(), and we destroy the ID, later there may be executed destroy_radio() from the workqueue. But destroy_radio() does not use the ID, so it's OK. Out of bounds of this patch, just as a report to wireless subsystem maintainer, destroy_radio() increaments hwsim_radios_generation without hwsim_radio_lock, so this may need one more patch to fix. Signed-off-by: NKirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
由 Daniel Borkmann 提交于
Quentin Monnet says: ==================== Several enhancements for bpftool batch mode are introduced in this series. More specifically, input files for batch mode gain support for: * comments (starting with '#'), * continuation lines (after a line ending with '\'), * arguments enclosed between quotes. Also, make bpftool able to read from standard input when "-" is provided as input file name. ==================== Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
-
由 Quentin Monnet 提交于
Improve argument parsing from batch input files in order to support arguments enclosed between single (') or double quotes ("). For example, this command can now be parsed in batch mode: bpftool prog dump xlated id 1337 file "/tmp/my file with spaces" The function responsible for parsing command arguments is copied from its counterpart in lib/utils.c in iproute2 package. Signed-off-by: NQuentin Monnet <quentin.monnet@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
-
由 Quentin Monnet 提交于
Make bpftool read its command list from standard input when the name if the input file is a single dash. Signed-off-by: NQuentin Monnet <quentin.monnet@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
-
由 Quentin Monnet 提交于
Add support for continuation lines, such as in the following example: prog show prog dump xlated \ id 1337 opcodes This patch is based after the code for support for continuation lines from file lib/utils.c from package iproute2. "Lines" in error messages are renamed as "commands", as we count the number of commands (but we ignore empty lines, comments, and do not add continuation lines to the count). Signed-off-by: NQuentin Monnet <quentin.monnet@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
-
由 Quentin Monnet 提交于
Replace '#' by '\0' in commands read from batch files in order to avoid processing the remaining part of the line, thus allowing users to use comments in the files. Signed-off-by: NQuentin Monnet <quentin.monnet@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
-
由 David S. Miller 提交于
Eric Dumazet says: ==================== tcp_bbr: more GSO work Playing with r8152 USB 1Gbit NIC, on both USB2 and USB3 slots, I found that BBR was performing poorly, because of TSO being limited to 16KB This patch series makes sure BBR is not under estimating number of packets that are needed to fill the pipe when a device has suboptimal TSO limits. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric Dumazet 提交于
Its value is computed then immediately used, there is no need to store it. Signed-off-by: NEric Dumazet <edumazet@google.com> Acked-by: NNeal Cardwell <ncardwell@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric Dumazet 提交于
This is second part of dealing with suboptimal device gso parameters. In first patch (350c9f48 "tcp_bbr: better deal with suboptimal GSO") we dealt with devices having low gso_max_segs Some devices lower gso_max_size from 64KB to 16 KB (r8152 is an example) In order to probe an optimal cwnd, we want BBR being not sensitive to whatever GSO constraint a device can have. This patch removes tso_segs_goal() CC callback in favor of min_tso_segs() for CC wanting to override sysctl_tcp_min_tso_segs Next patch will remove bbr->tso_segs_goal since it does not have to be persistent. Signed-off-by: NEric Dumazet <edumazet@google.com> Acked-by: NNeal Cardwell <ncardwell@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Alexei Starovoitov 提交于
Jakub Kicinski says: ==================== Jiong says: This patch set is an application of CFG information on eBPF program visualization. It presents some initial code for building CFG information from eBPF instruction sequences. After we get eBPF program bytecode, we do sub-program detection and basic-block partition. These information then are visualized into DOT graph. The user could use any DOT graphic tools (xdot, graphviz etc) to view it. For example: bpftool prog dump xlated id 2 visual &>output.dot [xdot | dotty] output.dot dot -Tpng -o output.png This initial patch set hasn't tuned much on the dot description layout nor decoration, we could improve them later once the direction of the patch set is agreed on. We could also visualize some static analysis performance data. v2 (Jakub): - update license headers and add SPDX tags. ==================== Acked-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Quentin Monnet 提交于
Add bash completion for the "visual" keyword used for dumping the CFG of eBPF programs with bpftool. Make sure we only complete with this keyword when we dump "xlated" (and not "jited") instructions. Acked-by: NJiong Wang <jiong.wang@netronome.com> Signed-off-by: NQuentin Monnet <quentin.monnet@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Jiong Wang 提交于
This patch adds new command-line option for visualizing the xlated eBPF sequence. Documentations are updated accordingly. Usage: bpftool prog dump xlated id 2 visual Reviewed-by: NQuentin Monnet <quentin.monnet@netronome.com> Signed-off-by: NJiong Wang <jiong.wang@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Jiong Wang 提交于
This patch let bpftool print .dot graph file into stdout. This graph is generated by the following steps: - iterate through the function list. - generate basic-block(BB) definition for each BB in the function. - draw out edges to connect BBs. This patch is the initial support, the layout and decoration of the .dot graph could be improved. Also, it will be useful if we could visualize some performance data from static analysis. Signed-off-by: NJiong Wang <jiong.wang@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Jiong Wang 提交于
This patch adds out edges for each basic-block. We will need these out edges to finish the .dot graph drawing. Signed-off-by: NJiong Wang <jiong.wang@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Jiong Wang 提交于
This patch partition basic-block for each function in the CFG. The algorithm is simple, we identify basic-block head in a first traversal, then second traversal to identify the tail. We could build extended basic-block (EBB) in next steps. EBB could make the graph more readable when the eBPF sequence is big. Signed-off-by: NJiong Wang <jiong.wang@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Jiong Wang 提交于
This patch detect all sub-programs from the eBPF sequence and keep the information in the new CFG data structure. The detection algorithm is basically the same as the one in verifier except we need to use insn->off instead of insn->imm to get the pc-relative call offset. Because verifier has modified insn->off/insn->imm during finishing the verification. Also, we don't need to do some sanity checks as verifier has done them. Signed-off-by: NJiong Wang <jiong.wang@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-
由 Jiong Wang 提交于
This patch factors out those code of dumping xlated eBPF instructions into xlated_dumper.[h|c]. They are quite independent dumper functions, so better to be kept separately. New dumper support will be added in later patches in this set. Signed-off-by: NJiong Wang <jiong.wang@netronome.com> Acked-by: NJakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: NAlexei Starovoitov <ast@kernel.org>
-