- 18 4月, 2014 1 次提交
-
-
由 Michael S. Tsirkin 提交于
It is sometimes benefitial to ignore IO size, and only match on address. In hindsight this would have been a better default than matching length when KVM_IOEVENTFD_FLAG_DATAMATCH is not set, In particular, this kind of access can be optimized on VMX: there no need to do page lookups. This can currently be done with many ioeventfds but in a suboptimal way. However we can't change kernel/userspace ABI without risk of breaking some applications. Use len = 0 to mean "ignore length for matching" in a more optimal way. Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
-
- 11 4月, 2014 1 次提交
-
-
由 Keith Busch 提交于
For commands returned with failed status, queue these for resubmission and continue retrying them until success or for a limited amount of time. The final timeout was arbitrarily chosen so requests can't be retried indefinitely. Since these are requeued on the nvmeq that submitted the command, the callbacks have to take an nvmeq instead of an nvme_dev as a parameter so that we can use the locked queue to append the iod to retry later. The nvme_iod conviently can be used to track how long we've been trying to successfully complete an iod request. The nvme_iod also provides the nvme prp dma mappings, so I had to move a few things around so we can keep those mappings. Signed-off-by: NKeith Busch <keith.busch@intel.com> [fixed checkpatch issue with long line] Signed-off-by: NMatthew Wilcox <matthew.r.wilcox@intel.com>
-
- 08 4月, 2014 1 次提交
-
-
由 Alex Thorlton 提交于
Add VM_INIT_DEF_MASK, to allow us to set the default flags for VMs. It also adds a prctl control which allows us to set the THP disable bit in mm->def_flags so that VMs will pick up the setting as they are created. Signed-off-by: NAlex Thorlton <athorlton@sgi.com> Suggested-by: NOleg Nesterov <oleg@redhat.com> Cc: Gerald Schaefer <gerald.schaefer@de.ibm.com> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Christian Borntraeger <borntraeger@de.ibm.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Mel Gorman <mgorman@suse.de> Acked-by: NRik van Riel <riel@redhat.com> Cc: Ingo Molnar <mingo@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: David Rientjes <rientjes@google.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 06 4月, 2014 1 次提交
-
-
由 Mauro Carvalho Chehab 提交于
As reported by Linus, make headers_check is reporting: usr/include/linux/v4l2-common.h:72: found __[us]{8,16,32,64} type without #include <linux/types.h> which seems to have come in through commits 777f4f85 and 254a4777. That happens because struct v4l2_edid should be visible by both subdev and V4L2 APIs. So, it was moved to v4l2-common.h. As Linus pointed, the proper fix is to just add an include for linux/types.h at v4l2-common.h. Reported-by: NLinus Torvalds <torvalds@linux-foundation.org> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
- 04 4月, 2014 1 次提交
-
-
由 Serge Hallyn 提交于
If the glibc xattr.h header is included after the uapi header, compilation fails due to an enum re-using a #define from the uapi header. Protect against this by guarding the define and enum inclusions against each other. (See https://lists.debian.org/debian-glibc/2014/03/msg00029.html and https://sourceware.org/glibc/wiki/Synchronizing_Headers for more information.) Signed-off-by: NSerge Hallyn <serge.hallyn@ubuntu.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Allan McRae <allan@archlinux.org> Cc: <stable@vger.kernel.org> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 03 4月, 2014 1 次提交
-
-
由 Eric Paris 提交于
1000-1099 is for configuring things. So auditd ignored such messages. This is about actually logging what was configured. Move it into the range for such types of messages. Reported-by: NSteve Grubb <sgrubb@redhat.com> Signed-off-by: NEric Paris <eparis@redhat.com>
-
- 02 4月, 2014 2 次提交
-
-
由 Pavel Emelyanov 提交于
Introduce a bit kernel and userspace exchange between each-other on the init stage and turn writeback on if the userspace want this and mount option 'allow_wbcache' is present (controlled by fusermount). Also add each writable file into per-inode write list and call the generic_file_aio_write to make use of the Linux page cache engine. Signed-off-by: NMaxim Patlasov <MPatlasov@parallels.com> Signed-off-by: NMiklos Szeredi <mszeredi@suse.cz>
-
由 Petri Gynther 提交于
UHID_CREATE2: HID report descriptor data (rd_data) is an array in struct uhid_create2_req, instead of a pointer. Enables use from languages that don't support pointers, e.g. Python. UHID_INPUT2: Data array is the last field of struct uhid_input2_req. Enables userspace to write only the required bytes to kernel (ev.type + ev.u.input2.size + the part of the data array that matters), instead of the entire struct uhid_input2_req. Note: UHID_CREATE2 increases the total size of struct uhid_event slightly, thus increasing the size of messages that are queued for userspace. However, this won't affect the userspace processing of these events. [Jiri Kosina <jkosina@suse.cz>: adjust to hid_get_raw_report() and hid_output_raw_report() API changes] Signed-off-by: NPetri Gynther <pgynther@google.com> Reviewed-by: NDavid Herrmann <dh.herrmann@gmail.com> Signed-off-by: NJiri Kosina <jkosina@suse.cz>
-
- 01 4月, 2014 4 次提交
-
-
由 Miklos Szeredi 提交于
If flags contain RENAME_EXCHANGE then exchange source and destination files. There's no restriction on the type of the files; e.g. a directory can be exchanged with a symlink. Signed-off-by: NMiklos Szeredi <mszeredi@suse.cz> Reviewed-by: NJan Kara <jack@suse.cz> Reviewed-by: NJ. Bruce Fields <bfields@redhat.com>
-
由 Miklos Szeredi 提交于
If this flag is specified and the target of the rename exists then the rename syscall fails with EEXIST. The VFS does the existence checking, so it is trivial to enable for most local filesystems. This patch only enables it in ext4. For network filesystems the VFS check is not enough as there may be a race between a remote create and the rename, so these filesystems need to handle this flag in their ->rename() implementations to ensure atomicity. Andy writes about why this is useful: "The trivial answer: to eliminate the race condition from 'mv -i'. Another answer: there's a common pattern to atomically create a file with contents: open a temporary file, write to it, optionally fsync it, close it, then link(2) it to the final name, then unlink the temporary file. The reason to use link(2) is because it won't silently clobber the destination. This is annoying: - It requires an extra system call that shouldn't be necessary. - It doesn't work on (IMO sensible) filesystems that don't support hard links (e.g. vfat). - It's not atomic -- there's an intermediate state where both files exist. - It's ugly. The new rename flag will make this totally sensible. To be fair, on new enough kernels, you can also use O_TMPFILE and linkat to achieve the same thing even more cleanly." Suggested-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: NMiklos Szeredi <mszeredi@suse.cz> Reviewed-by: NJ. Bruce Fields <bfields@redhat.com>
-
由 david decotigny 提交于
This allows to monitor carrier on/off transitions and detect link flapping issues: - new /sys/class/net/X/carrier_changes - new rtnetlink IFLA_CARRIER_CHANGES (getlink) Tested: - grep . /sys/class/net/*/carrier_changes + ip link set dev X down/up + plug/unplug cable - updated iproute2: prints IFLA_CARRIER_CHANGES - iproute2 20121211-2 (debian): unchanged behavior Signed-off-by: NDavid Decotigny <decot@googlers.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Florian Fainelli 提交于
NET_ADDR_* values are exported in the /sys/class/net/<iface>/addr_assign_type sysfs attributes, and as such constitutes an user-space ABI. Move the NET_ADDR_* definitions from include/linux/netdevice.h to include/uapi/linux/netdevice.h Signed-off-by: NFlorian Fainelli <f.fainelli@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 29 3月, 2014 1 次提交
-
-
由 Hans Verkuil 提交于
bt->width should be (bt)->width, and same for the other fields. Signed-off-by: NHans Verkuil <hans.verkuil@cisco.com> Cc: stable@vger.kernel.org # For 3.12 or upper Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
- 25 3月, 2014 1 次提交
-
-
由 Eric Paris 提交于
We were exposing a function based on kernel config options to userspace. This is wrong. Move it to the audit internal header. Suggested-by: NChris Metcalf <cmetcalf@tilera.com> Signed-off-by: NEric Paris <eparis@redhat.com>
-
- 22 3月, 2014 1 次提交
-
-
由 Richard Cochran 提交于
This patch adds a pair of new ioctls to the PTP Hardware Clock device interface. Using the ioctls, user space programs can query each pin to find out its current function and also reprogram a different function if desired. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 21 3月, 2014 3 次提交
-
-
由 Cornelia Huck 提交于
Introduce a new interrupt class for s390 adapter interrupts and enable irqfds for s390. This is depending on a new s390 specific vm capability, KVM_CAP_S390_IRQCHIP, that needs to be enabled by userspace. Acked-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NCornelia Huck <cornelia.huck@de.ibm.com>
-
由 Cornelia Huck 提交于
Allow KVM_ENABLE_CAP to act on a vm as well as on a vcpu. This makes more sense when the caller wants to enable a vm-related capability. s390 will be the first user; wire it up. Reviewed-by: NThomas Huth <thuth@linux.vnet.ibm.com> Reviewed-by: NChristian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: NCornelia Huck <cornelia.huck@de.ibm.com>
-
由 Ben Chan 提交于
This patch adds the MBIM extended functional descriptor structure defined in "Universal Serial Bus Communications Class Subclass Specification for Mobile Broadband Interface Model, Revision 1.0, Errata-1" published by USB-IF. Signed-off-by: NBen Chan <benchan@chromium.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 20 3月, 2014 3 次提交
-
-
由 AKASHI Takahiro 提交于
lib/audit.c provides a generic function for auditing system calls. This patch extends it for compat syscall support on bi-architectures (32/64-bit) by adding lib/compat_audit.c. What is required to support this feature are: * add asm/unistd32.h for compat system call names * select CONFIG_AUDIT_ARCH_COMPAT_GENERIC Signed-off-by: NAKASHI Takahiro <takahiro.akashi@linaro.org> Acked-by: NRichard Guy Briggs <rgb@redhat.com> Signed-off-by: NEric Paris <eparis@redhat.com>
-
由 William Roberts 提交于
During an audit event, cache and print the value of the process's proctitle value (proc/<pid>/cmdline). This is useful in situations where processes are started via fork'd virtual machines where the comm field is incorrect. Often times, setting the comm field still is insufficient as the comm width is not very wide and most virtual machine "package names" do not fit. Also, during execution, many threads have their comm field set as well. By tying it back to the global cmdline value for the process, audit records will be more complete in systems with these properties. An example of where this is useful and applicable is in the realm of Android. With Android, their is no fork/exec for VM instances. The bare, preloaded Dalvik VM listens for a fork and specialize request. When this request comes in, the VM forks, and the loads the specific application (specializing). This was done to take advantage of COW and to not require a load of basic packages by the VM on very app spawn. When this spawn occurs, the package name is set via setproctitle() and shows up in procfs. Many of these package names are longer then 16 bytes, the historical width of task->comm. Having the cmdline in the audit records will couple the application back to the record directly. Also, on my Debian development box, some audit records were more useful then what was printed under comm. The cached proctitle is tied to the life-cycle of the audit_context structure and is built on demand. Proctitle is controllable by userspace, and thus should not be trusted. It is meant as an aid to assist in debugging. The proctitle event is emitted during syscall audits, and can be filtered with auditctl. Example: type=AVC msg=audit(1391217013.924:386): avc: denied { getattr } for pid=1971 comm="mkdir" name="/" dev="selinuxfs" ino=1 scontext=system_u:system_r:consolekit_t:s0-s0:c0.c255 tcontext=system_u:object_r:security_t:s0 tclass=filesystem type=SYSCALL msg=audit(1391217013.924:386): arch=c000003e syscall=137 success=yes exit=0 a0=7f019dfc8bd7 a1=7fffa6aed2c0 a2=fffffffffff4bd25 a3=7fffa6aed050 items=0 ppid=1967 pid=1971 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mkdir" exe="/bin/mkdir" subj=system_u:system_r:consolekit_t:s0-s0:c0.c255 key=(null) type=UNKNOWN[1327] msg=audit(1391217013.924:386): proctitle=6D6B646972002D70002F7661722F72756E2F636F6E736F6C65 Acked-by: Steve Grubb <sgrubb@redhat.com> (wrt record formating) Signed-off-by: NWilliam Roberts <wroberts@tresys.com> Signed-off-by: NEric Paris <eparis@redhat.com>
-
由 Paul Bolle 提交于
Signed-off-by: NPaul Bolle <pebolle@tiscali.nl> Signed-off-by: NJiri Kosina <jkosina@suse.cz>
-
- 15 3月, 2014 1 次提交
-
-
由 Veaceslav Falico 提交于
Per IEEE 802.3*, the correct packet type for loopback 0x9000. There's already one ETH_P_LOOP 0x0060, which has been there for ages, however it's plainly wrong as anything that small is considered a length field. We can't remove it because legacy, so add a new type which corresponds to the correct id. http://www.iana.org/assignments/ieee-802-numbers/ieee-802-numbers.xhtml CC: "David S. Miller" <davem@davemloft.net> CC: Stefan Richter <stefanr@s5r6.in-berlin.de> CC: Simon Wunderlich <sw@simonwunderlich.de> CC: Neil Jerram <Neil.Jerram@metaswitch.com> CC: Simon Horman <horms@verge.net.au> CC: Arvid Brodin <Arvid.Brodin@xdin.com> Signed-off-by: NVeaceslav Falico <vfalico@redhat.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 13 3月, 2014 7 次提交
-
-
由 Antti Palosaari 提交于
Rename v4l2_format_sdr to v4l2_sdr_format in order to keep it in line with other formats. Reported-by: NHans Verkuil <hverkuil@xs4all.nl> Signed-off-by: NAntti Palosaari <crope@iki.fi> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
由 Antti Palosaari 提交于
Add volatile boolean control to indicate if tuner frequency synthesizer is locked to requested frequency. That means tuner is able to receive given frequency. Control is named as "PLL lock", since frequency synthesizers are based of phase-locked-loop. Maybe more general name could be wise still? Cc: Hans Verkuil <hverkuil@xs4all.nl> Signed-off-by: NAntti Palosaari <crope@iki.fi> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
由 Antti Palosaari 提交于
V4L2_SDR_FMT_CU8 — Complex unsigned 8-bit IQ sample V4L2_SDR_FMT_CU16LE — Complex unsigned 16-bit little endian IQ sample Cc: Hans Verkuil <hverkuil@xs4all.nl> Signed-off-by: NAntti Palosaari <crope@iki.fi> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
由 Antti Palosaari 提交于
It appears that controls are ordered by ID number when enumerating. That could lead illogical UI as controls are usually enumerated and drawn by the application at runtime. Change order of controls by reorganizing assigned IDs now as we can. It is not reasonable possible after the API is released. Also, leave some spare space between IDs too for possible future extensions. Cc: Hans Verkuil <hverkuil@xs4all.nl> Signed-off-by: NAntti Palosaari <crope@iki.fi> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
由 Antti Palosaari 提交于
Modern silicon RF tuners has one or more adjustable filters on signal path, in order to filter noise from desired radio channel. Add channel bandwidth control to tell the driver which is radio channel width we want receive. Filters could be then adjusted by the driver or hardware, using RF frequency and channel bandwidth as a base of filter calculations. On automatic mode (normal mode), bandwidth is calculated from sampling rate or tuning info got from userspace. That new control gives possibility to set manual mode and let user have more control for filters. Cc: Hans Verkuil <hverkuil@xs4all.nl> Signed-off-by: NAntti Palosaari <crope@iki.fi> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
由 Gabriel L. Somlo 提交于
Both QEMU and KVM have already accumulated a significant number of optimizations based on the hard-coded assumption that ioapic polarity will always use the ActiveHigh convention, where the logical and physical states of level-triggered irq lines always match (i.e., active(asserted) == high == 1, inactive == low == 0). QEMU guests are expected to follow directions given via ACPI and configure the ioapic with polarity 0 (ActiveHigh). However, even when misbehaving guests (e.g. OS X <= 10.9) set the ioapic polarity to 1 (ActiveLow), QEMU will still use the ActiveHigh signaling convention when interfacing with KVM. This patch modifies KVM to completely ignore ioapic polarity as set by the guest OS, enabling misbehaving guests to work alongside those which comply with the ActiveHigh polarity specified by QEMU's ACPI tables. Signed-off-by: NMichael S. Tsirkin <mst@redhat.com> Signed-off-by: NGabriel L. Somlo <somlo@cmu.edu> [Move documentation to KVM_IRQ_LINE, add ia64. - Paolo] Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Lukas Czerner 提交于
Introduce new FALLOC_FL_ZERO_RANGE flag for fallocate. This has the same functionality as xfs ioctl XFS_IOC_ZERO_RANGE. It can be used to convert a range of file to zeros preferably without issuing data IO. Blocks should be preallocated for the regions that span holes in the file, and the entire range is preferable converted to unwritten extents - even though file system may choose to zero out the extent or do whatever which will result in reading zeros from the range while the range remains allocated for the file. This can be also used to preallocate blocks past EOF in the same way as with fallocate. Flag FALLOC_FL_KEEP_SIZE which should cause the inode size to remain the same. Signed-off-by: NLukas Czerner <lczerner@redhat.com> Reviewed-by: NDave Chinner <dchinner@redhat.com> Signed-off-by: NDave Chinner <david@fromorbit.com>
-
- 11 3月, 2014 2 次提交
-
-
由 Hans Verkuil 提交于
Struct v4l2_subdev_edid and the VIDIOC_SUBDEV_G/S_EDID ioctls were specific for subdevices, but for hardware with a simple video pipeline you do not need/want to create subdevice nodes to just get/set the EDID. Move the v4l2_subdev_edid struct to v4l2-common.h and rename as v4l2_edid. Add the same ioctls to videodev2.h as well, thus allowing this API to be used with both video nodes and v4l-subdev nodes. Signed-off-by: NHans Verkuil <hans.verkuil@cisco.com> Acked-by: NLaurent Pinchart <laurent.pinchart@ideasonboard.com> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
由 Daniel Jeong 提交于
Three Flash fault are added. V4L2_FLASH_FAULT_UNDER_VOLTAGE for the case low voltage below the min. limit. V4L2_FLASH_FAULT_INPUT_VOLTAGE for the case falling input voltage and chip adjust flash current not occur under voltage event. V4L2_FLASH_FAULT_LED_OVER_TEMPERATURE for the case the temperature exceed the maximun limit Signed-off-by: NDaniel Jeong <gshark.jeong@gmail.com> Signed-off-by: NSakari Ailus <sakari.ailus@iki.fi> Signed-off-by: NMauro Carvalho Chehab <m.chehab@samsung.com>
-
- 08 3月, 2014 1 次提交
-
-
由 Richard Guy Briggs 提交于
Fill in missing descriptions for AUDIT_CONTROL and AUDIT_WRITE definitions. Signed-off-by: NRichard Guy Briggs <rgb@redhat.com>
-
- 07 3月, 2014 3 次提交
-
-
由 Oliver Hartkopp 提交于
The configuration for CAN FD depends on CAN_CTRLMODE_FD enabled in the driver specific ctrlmode_supported capabilities. The configuration can be done either with the 'fd { on | off }' option in the 'ip' tool from iproute2 or by setting the CAN netdevice MTU to CAN_MTU (16) or to CANFD_MTU (72). Signed-off-by: NOliver Hartkopp <socketcan@hartkopp.net> Acked-by: NStephane Grosjean <s.grosjean@peak-system.com> Signed-off-by: NMarc Kleine-Budde <mkl@pengutronix.de>
-
由 Oliver Hartkopp 提交于
As CAN FD offers a second bitrate for the data section of the CAN frame the infrastructure for storing and configuring this second bitrate is introduced. Improved the readability of the if-statement by inserting some newlines. Signed-off-by: NOliver Hartkopp <socketcan@hartkopp.net> Acked-by: NStephane Grosjean <s.grosjean@peak-system.com> Signed-off-by: NMarc Kleine-Budde <mkl@pengutronix.de>
-
由 Nicolas Dichtel 提交于
iproute2 already defines a structure with that name, let's use another one to avoid any conflict. CC: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: NNicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: NSteffen Klassert <steffen.klassert@secunet.com>
-
- 06 3月, 2014 5 次提交
-
-
由 Josh Hunt 提交于
Adds a new property for hash set types, where if a set is created with the 'forceadd' option and the set becomes full the next addition to the set may succeed and evict a random entry from the set. To keep overhead low eviction is done very simply. It checks to see which bucket the new entry would be added. If the bucket's pos value is non-zero (meaning there's at least one entry in the bucket) it replaces the first entry in the bucket. If pos is zero, then it continues down the normal add process. This property is useful if you have a set for 'ban' lists where it may not matter if you release some entries from the set early. Signed-off-by: NJosh Hunt <johunt@akamai.com> Signed-off-by: NJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-
由 Florian Westphal 提交于
commit 2dfb973c0dcc6d2211 (add markmask for hash:ip,mark data type) inserted IPSET_ATTR_MARKMASK in-between other enum values, i.e. changing values of all further attributes. This causes 'ipset list' segfault on existing kernels since ipset no longer finds IPSET_ATTR_MEMSIZE (it has a different value on kernel side). Jozsef points out it should be moved below IPSET_ATTR_MARK which works since there is some extra reserved space after that value. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-
由 Jozsef Kadlecsik 提交于
Signed-off-by: NJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-
由 Vytas Dauksa 提交于
Introduce packet mark mask for hash:ip,mark data type. This allows to set mark bit filter for the ip set. Change-Id: Id8dd9ca7e64477c4f7b022a1d9c1a5b187f1c96e Signed-off-by: NJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-
由 Vytas Dauksa 提交于
Introduce packet mark support with new ip,mark hash set. This includes userspace and kernelspace code, hash:ip,mark set tests and man page updates. The intended use of ip,mark set is similar to the ip:port type, but for protocols which don't use a predictable port number. Instead of port number it matches a firewall mark determined by a layer 7 filtering program like opendpi. As well as allowing or blocking traffic it will also be used for accounting packets and bytes sent for each protocol. Signed-off-by: NJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-