- 08 4月, 2015 6 次提交
-
-
由 Florian Westphal 提交于
->mask is a bit info field that mixes various use cases. In particular, we have flags that are mutually exlusive, and flags that are only used within br_netfilter while others need to be exposed to other parts of the kernel. Remove BRNF_8021Q/PPPoE flags. They're mutually exclusive and only needed within br_netfilter context. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
Don't access skb->nf_bridge directly, this pointer will be removed soon. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
Avoid skb->nf_bridge accesses where possible. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
right now we store this in the nf_bridge_info struct, accessible via skb->nf_bridge. This patch prepares removal of this pointer from skb: Instead of using skb->nf_bridge->x, we use helpers to obtain the in/out device (or ifindexes). Followup patches to netfilter will then allow nf_bridge_info to be obtained by a call into the br_netfilter core, rather than keeping a pointer to it in sk_buff. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Florian Westphal 提交于
br_netfilter maintains an extra state, nf_bridge_info, which is attached to skb via skb->nf_bridge pointer. Amongst other things we use skb->nf_bridge->data to store the original mac header for every processed skb. This is required for ip refragmentation when using conntrack on top of bridge, because ip_fragment doesn't copy it from original skb. However there is no need anymore to do this unconditionally. Move this to the one place where its needed -- when br_netfilter calls ip_fragment(). Also switch to percpu storage for this so we can handle fragmenting without accessing nf_bridge meta data. Only user left is neigh resolution when DNAT is detected, to hold the original source mac address (neigh resolution builds new mac header using bridge mac), so rename ->data and reduce its size to whats needed. Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Daniel Borkmann 提交于
Currently in xt_socket, we take advantage of early demuxed sockets since commit 00028aa3 ("netfilter: xt_socket: use IP early demux") in order to avoid a second socket lookup in the fast path, but we only make partial use of this: We still unnecessarily parse headers, extract proto, {s,d}addr and {s,d}ports from the skb data, accessing possible conntrack information, etc even though we were not even calling into the socket lookup via xt_socket_get_sock_{v4,v6}() due to skb->sk hit, meaning those cycles can be spared. After this patch, we only proceed the slower, manual lookup path when we have a skb->sk miss, thus time to match verdict for early demuxed sockets will improve further, which might be i.e. interesting for use cases such as mentioned in 681f130f ("netfilter: xt_socket: add XT_SOCKET_NOWILDCARD flag"). Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
- 02 4月, 2015 1 次提交
-
-
由 Florian Westphal 提交于
We also need to save/store in forward, else br_parse_ip_options call will zero frag_max_size as well. Fixes: 93fdd47e ('bridge: Save frag_max_size between PRE_ROUTING and POST_ROUTING') Signed-off-by: NFlorian Westphal <fw@strlen.de> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
- 01 4月, 2015 33 次提交
-
-
由 Pablo Neira Ayuso 提交于
We have to stop iterating on the rule expressions if the cgroup mismatches. Moreover, make sure a non-full socket from the input path leads us to a crash. Fixes: ce674173 ("netfilter: nft_meta: add cgroup support") Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Daniel Borkmann 提交于
While originally only being intended for outgoing traffic, commit a00e7634 ("netfilter: x_tables: allow to use cgroup match for LOCAL_IN nf hooks") enabled xt_cgroups for the NF_INET_LOCAL_IN hook as well, in order to allow for nfacct accounting. Besides being currently limited to early demuxes only, commit a00e7634 forgot to add a check if we deal with full sockets, i.e. in this case not with time wait sockets. TCP time wait sockets do not have the same memory layout as full sockets, a lower memory footprint and consequently also don't have a sk_classid member; probing for sk_classid member there could potentially lead to a crash. Fixes: a00e7634 ("netfilter: x_tables: allow to use cgroup match for LOCAL_IN nf hooks") Cc: Alexey Perevalov <a.perevalov@samsung.com> Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Patrick McHardy 提交于
Add support for element timeouts to nft_hash. The lookup and walking functions are changed to ignore timed out elements, a periodic garbage collection task cleans out expired entries. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Patrick McHardy 提交于
GC is expected to happen asynchrously to the netlink interface. In the netlink path, both insertion and removal of elements consist of two steps, insertion followed by activation or deactivation followed by removal, during which the element must not be freed by GC. The synchronization helpers use an unused bit in the genmask field to atomically mark an element as "busy", meaning it is either currently being handled through the netlink API or by GC. Elements being processed by GC will never survive, netlink will simply ignore them. Elements being currently processed through netlink will be skipped by GC and reprocessed during the next run. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Patrick McHardy 提交于
Add helpers for GC batch destruction: since element destruction needs a RCU grace period for all set implementations, add some helper functions for asynchronous batch destruction. Elements are collected in a batch structure, which is asynchronously released using RCU once its full. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Patrick McHardy 提交于
Add API support for set element timeouts. Elements can have a individual timeout value specified, overriding the sets' default. Two new extension types are used for timeouts - the timeout value and the expiration time. The timeout value only exists if it differs from the default value. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Patrick McHardy 提交于
Add set timeout support to the netlink API. Sets with timeout support enabled can have a default timeout value and garbage collection interval specified. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 David S. Miller 提交于
Richard Cochran says: ==================== ptp: remove open coded ns_to_timespec64 and reverse This patch series is a follow up to the recent timespec64 work for the PTP Hardware Clock drivers. Arnd noticed that drivers are using open coded implementations of ns_to_timespec64 and timespec64_to_ns. This series replaces the open coded logic with the helper functions. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Acked-by: NJacob Keller <jacob.e.keller@intel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Richard Cochran 提交于
This patch changes the driver to use ns_to_timespec64() and timespec64_to_ns() instead of open coding the same logic. Compile tested only. Signed-off-by: NRichard Cochran <richardcochran@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Mahesh Bandewar 提交于
When mii-mon discovers that the link is up, it will call bond_3ad_handle_link_change() but we forget to add the LACP_ENABLED flag when we discover the speed and duplex for the slave link are normal. Change-Id: Ie8b268ecfeea0f99bf9fdcd72706c0653f9d9e49 Signed-off-by: NMahesh Bandewar <maheshb@google.com> Signed-off-by: NAndy Gospodarek <gospo@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Mahesh Bandewar 提交于
AD_PORT_ACTOR_CHURN and AD_PORT_PARTNER_CHURN are already present and essentially BOND_MONITOR_CHURNED is a combination of these two definitions. Signed-off-by: NMahesh Bandewar <maheshb@google.com> Signed-off-by: NAndy Gospodarek <gospo@cumulusnetworks.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Nicolas Ferre says: ==================== net/macb: fixes after big driver update The recent modifications to the macb driver lead to issues with the probe function code flow. Here are some attempt to fix them. This time, some more issues are fixed related to the clock as reported by Boris Brezillon. The series is written on top of net-next. Changes in v2: - address Cyrille comment about exit condition of queue configuration loop - add fixes for probe sequence related to clocks - add ethtool register dump - fix peripheral version test ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
As we need to check peripheral version from the hardware during probe, I introduce a little helper to unify these tests. It would prevent to de-synchronize the test like previously observed. Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
We currently need two checks of the peripheral version in MACB_MID register. One of them got out of sync after modification by 8a013a9c (net: macb: Include multi queue support for xilinx ZynqMP ethernet version). Fix this in macb_configure_caps() so that xilinx ZynqMP will be considered as a GEM flavor. Fixes: 8a013a9c ("net: macb: Include multi queue support for xilinx ZynqMP ethernet version") Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Cc: Michal Simek <michal.simek@xilinx.com> Cc: Punnaiah Choudary Kalluri <punnaia@xilinx.com> Cc: <stable@vger.kernel.org> #4.0 (if it doesn't make it for -final) Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
User i/o register EMAC_USRIO or GMAC_UR can be found on both macb and gem flavors of the peripheral. By using the proper accessor, we can add it to the register dump feature of ethtool. Increment the version of this API so it can be noticed from user space. Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
As accessing the peripheral registers need the clocks to be set, we have to enable them as soon as possible. Their configuration depend on the type of device used and determined by the DT compatible string. That lead to add another initialization function in the DT configuration structure. As the device private structure length depend on an information read in the registers, we have to store the clock pointers in temporary variables before feeding the structure fields. Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
As a non-native English speaker, I would correct "capacities" of the macb peripheral to "capabilities": correct me if I'm wrong! Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
Capabilities configuration by macb_configure_caps() was moved far too late by 421d9df0 (net/macb: merge at91_ether driver into macb driver) which would lead to badly configured hardware. So, move this function to early probe and modify its prototype to re-gain its original behavior. DT data retrieval is also moved to simplify the probe code flow. Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Cc: Cyrille Pitchen <cyrille.pitchen@atmel.com> Cc: Boris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
As we access the MID register directly, we need to tell why we don't use the macb_is_gem() dedicated function. Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Nicolas Ferre 提交于
When merging at91_ether and macb driver during 421d9df0 (net/macb: merge at91_ether driver into macb driver) the probe function has been split. The code dealing with initialization of queues is now moved in macb_init() which needs information computed in the parent macb_probe() function. So, add the queue_mask information to the private structure and use it when needed in macb_init(). Signed-off-by: NNicolas Ferre <nicolas.ferre@atmel.com> Acked-by: NBoris Brezillon <boris.brezillon@free-electrons.com> Cc: Cyrille Pitchen <cyrille.pitchen@atmel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Fabio Estevam 提交于
Commit cb6e0b36 ("net: smc91x: make use of 4th parameter to devm_gpiod_get_index") caused the following build warning: drivers/net/ethernet/smsc/smc91x.c:2208:6: warning: unused variable 'res' [-Wunused-variable] Remove the unused 'res' variable. Reported-by: NOlof's autobuilder <build@lixom.net> Signed-off-by: NFabio Estevam <fabio.estevam@freescale.com> Acked-by: NUwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Merge tag 'mac80211-next-for-davem-2015-03-30' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next Johannes Berg says: ==================== Lots of updates for net-next; along with the usual flurry of small fixes, cleanups and internal features we have: * VHT support for TDLS and IBSS (conditional on drivers though) * first TX performance improvements (the biggest will come later) * many suspend/resume (race) fixes * name_assign_type support from Tom Gundersen ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jiri Pirko 提交于
Unlike other places, this function uses name "dev" for what should be "orig_dev", which might be a bit confusing. So fix this. Signed-off-by: NJiri Pirko <jiri@resnulli.us> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-