On Dienstag, 27. März 2018 17:43:08 CEST Linus Lüssing wrote:
> On Sat, Oct 29, 2016 at 12:56:28PM +0200, Jiri Pirko wrote:
> > >> I strongly believe it is a huge mistake to use sysfs for things like
> > >> this. This should be done via generic netlink api.
> > >
> > >This doesn't change the proble
Hi Roopa,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on net-next/master]
url:
https://github.com/0day-ci/linux/commits/Roopa-Prabhu/fib-rule-selftest/20180507-094538
reproduce:
# apt-get install sparse
make ARCH=x86_64 allmodconfig
On Fri, May 04, 2018 at 02:20:09AM +0100, Dmitry Safonov wrote:
> This reverts commit 7b4dc3600e48 ("[XFRM]: Do not add a state whose SPI
> is zero to the SPI hash.").
>
> Zero SPI is legal and defined for IPcomp.
> We shouldn't omit adding the state to SPI hash because it'll not be
> possible to
Hi Roopa,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on net-next/master]
url:
https://github.com/0day-ci/linux/commits/Roopa-Prabhu/fib-rule-selftest/20180507-094538
reproduce:
# apt-get install sparse
make ARCH=x86_64 allmodconfig
Hi all,
On Mon, 7 May 2018 12:09:09 +1000 Stephen Rothwell
wrote:
>
> Today's linux-next merge of the tip tree got a conflict in:
>
> arch/x86/net/bpf_jit_comp.c
>
> between commit:
>
> e782bdcf58c5 ("bpf, x64: remove ld_abs/ld_ind")
>
> from the bpf-next tree and commit:
>
> 5f26c501
On Sat, May 05, 2018 at 11:35:29PM +0200, Andrea Greco wrote:
> From: Andrea Greco
>
> Setup ethtols for export com20020 diag register
>
> Signed-off-by: Andrea Greco
> ---
> drivers/net/arcnet/com20020-isa.c| 1 +
> drivers/net/arcnet/com20020-membus.c | 1 +
> drivers/net/arcnet/com200
On Sat, May 05, 2018 at 11:37:54PM +0200, Andrea Greco wrote:
> From: Andrea Greco
>
> If com20020 clock is major of 40Mhz SLOWARB bit is requested.
>
> Signed-off-by: Andrea Greco
> ---
> drivers/net/arcnet/com20020.c | 4
> 1 file changed, 4 insertions(+)
>
> diff --git a/drivers/net/a
On Sat, May 05, 2018 at 11:34:45PM +0200, Andrea Greco wrote:
> From: Andrea Greco
Hi Andrea,
Here are some (mostly stylistic) suggestions to help you get your driver merged.
> Add support for com20022I/com20020, memory mapped chip version.
> Support bus: Intel 80xx and Motorola 68xx.
> Bus siz
In the case of writing a partial tls record we forgot to clear the
ctx->in_tcp_sendpages flag, causing some connections to stall.
Fixes: c212d2c7fc47 ("net/tls: Don't recursively call push_record during
tls_write_space callbacks")
Signed-off-by: Andre Tomt
---
net/tls/tls_main.c | 1 +
1 file c
Hi all,
Today's linux-next merge of the tip tree got a conflict in:
arch/x86/net/bpf_jit_comp.c
between commit:
e782bdcf58c5 ("bpf, x64: remove ld_abs/ld_ind")
from the bpf-next tree and commit:
5f26c50143f5 ("x86/bpf: Clean up non-standard comments, to make the code more
readable")
f
From: Pablo Neira Ayuso
Date: Mon, 7 May 2018 00:46:18 +0200
>
> The following patchset contains Netfilter/IPVS updates for your net-next
> tree, more relevant updates in this batch are:
...
> You can pull these changes from:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.g
On 5/6/18 6:59 PM, Roopa Prabhu wrote:
> From: Roopa Prabhu
>
> This is a followup to fib6 rules sport and dport
> match support. Having them supported in getroute
> makes it easier to test fib6 rule lookups. Used by fib6 rule
> self tests.
>
> Signed-off-by: Roopa Prabhu
> ---
> net/ipv6/rout
On 5/6/18 6:59 PM, Roopa Prabhu wrote:
> From: Roopa Prabhu
>
> This is a followup to fib rules sport, dport match support.
> Having them supported in getroute makes it easier to test
> fib rule lookups. Used by fib rule self tests. Before this patch
> getroute used same skb to pass through the r
Hello,
I am just notice your subject line.There are missing something i think
On Sat, May 05, 2018 at 02:32:46PM -0500, Wenwen Wang wrote:
In divasmain.c, the function divas_write() firstly invokes the function
diva_xdi_open_adapter() to open the adapter that matches with the adapter
number provi
On Sun, May 06, 2018 at 06:27:28PM +0100, Mathieu Xhonneux wrote:
> As of Linux 4.14, it is possible to define advanced local processing for
> IPv6 packets with a Segment Routing Header through the seg6local LWT
> infrastructure. This LWT implements the network programming principles
> defined in t
From: Roopa Prabhu
This is a followup to fib6 rules sport and dport
match support. Having them supported in getroute
makes it easier to test fib6 rule lookups. Used by fib6 rule
self tests.
Signed-off-by: Roopa Prabhu
---
net/ipv6/route.c | 25 +
1 file changed, 25 inse
From: Roopa Prabhu
This is a followup to fib rules sport, dport match support.
Having them supported in getroute makes it easier to test
fib rule lookups. Used by fib rule self tests. Before this patch
getroute used same skb to pass through the route lookup and
for the netlink getroute reply msg.
From: Roopa Prabhu
This adds a first set of tests for fib rule match/action for
ipv4 and ipv6. Initial tests only cover action lookup table.
can be extended to cover other actions in the future.
Uses ip route get to validate the rule lookup.
Signed-off-by: Roopa Prabhu
---
tools/testing/selfte
From: Roopa Prabhu
This series adds a new test to test fib rules.
ip route get is used to test fib rule matches.
This series also extends ip route get to match on
sport and dport to test recent support of sport
and dport fib rule match.
v2 - address ido's commemt to make sport dport
ip route get
Hi Florian,
> Well, the way the code is structure is that if you call that function
> with a test mode value that is not part of the standard set, it returns
> -EOPNOTSUPP, so if your particular PHY driver wants to "overlay"
> standard and non-standard modes, it can by using that hint.
>
> This s
Hi all,
Today's linux-next merge of the net-next tree got a conflict in:
kernel/bpf/syscall.c
between commit:
9ef09e35e521 ("bpf: fix possible spectre-v1 in find_and_alloc_map()")
from the net tree and commit:
a26ca7c982cb ("bpf: btf: Add pretty print support to the basic arraymap")
fr
Hi Mathieu,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on bpf-next/master]
url:
https://github.com/0day-ci/linux/commits/Mathieu-Xhonneux/ipv6-sr-introduce-seg6local-End-BPF-action/20180506-233046
base: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
Hi Mathieu,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on bpf-next/master]
url:
https://github.com/0day-ci/linux/commits/Mathieu-Xhonneux/ipv6-sr-introduce-seg6local-End-BPF-action/20180506-233046
base: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
From: Inju Song
Implements the Google's Maglev hashing algorithm as a IPVS scheduler.
Basically it provides consistent hashing but offers some special
features about disruption and load balancing.
1) minimal disruption: when the set of destinations changes,
a connection will likely be sent
Hi David,
The following patchset contains Netfilter/IPVS updates for your net-next
tree, more relevant updates in this batch are:
1) Add Maglev support to IPVS. Moreover, store lastest server weight in
IPVS since this is needed by maglev, patches from from Inju Song.
2) Preparation works to a
From: Felix Fietkau
Just like ip_dst_mtu_maybe_forward(), to avoid a dependency with ipv6.ko.
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
include/net/ip6_route.h | 21 +
include/net/ipv6.h | 2 --
net/ipv6/ip6_output.c | 22 ---
From: Felix Fietkau
Reduces the number of cache lines touched in the offload forwarding
path. This is safe because PMTU limits are bypassed for the forwarding
path (see commit f87c10a8aa1e for more details).
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilt
From: Felix Fietkau
Simplifies further code cleanups
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_flow_table.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/include/net/netfilter/nf_flow_table.h
b/include/net/netfilt
From: Inju Song
To build the maglev hashing scheduler, add some configuration
to Kconfig and Makefile.
- The compile configurations of MH are added to the Kconfig.
- The MH build rule is added to the Makefile.
Signed-off-by: Inju Song
Signed-off-by: Julian Anastasov
Signed-off-by: Simon Ho
From: Felix Fietkau
Reduce code duplication and make it much easier to read
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_flow_table.c | 93 ---
1 file changed, 34 insertions(+), 59 deletions(-)
diff --git a/net/net
From: Felix Fietkau
Useful as preparation for adding iptables support for offload.
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/ipv6/netfilter/nf_flow_table_ipv6.c | 232
net/netfilter/nf_flow_table_ip.c| 215 ++
From: Felix Fietkau
Preparation for adding more code to the same module
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/Makefile | 2 ++
net/netfilter/{nf_flow_table.c => nf_flow_table_core.c} | 0
2 files changed, 2 insertions(
From: Felix Fietkau
Allows the function to be shared with the IPv6 hook code
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_flow_table_ip.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netf
From: Felix Fietkau
Allows some minor code sharing with the ipv6 hook code and is also
useful as preparation for adding iptables support for offload
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/ipv4/netfilter/nf_flow_table_ipv4.c | 241 ---
From: Felix Fietkau
Since the offload hook code was moved, this table no longer depends on
the IPv4 and IPv6 flowtable modules
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/Kconfig | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/netf
From: Taehee Yoo
The nfulnl_log_packet() is added to make sure that the NFLOG target
works as only user-space logger. but now, nf_log_packet() can find proper
log function using NF_LOG_TYPE_ULOG and NF_LOG_TYPE_LOG.
Signed-off-by: Taehee Yoo
Signed-off-by: Pablo Neira Ayuso
---
include/net/ne
From: Felix Fietkau
The offload ip hook expects a pointer to the flowtable, not to the
rhashtable. Since the rhashtable is the first member, this is safe for
the moment, but breaks as soon as the structure layout changes
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/ne
From: Felix Fietkau
Preparation for sending flows back to the slow path
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_flow_table_core.c | 17 +++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_flow_table_core.
From: Felix Fietkau
Reduces duplication of .gc and .params in flowtable type definitions and
makes the API clearer
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_flow_table.h | 6 +-
net/ipv4/netfilter/nf_flow_table_ipv4.c | 3 +-
net/ipv6/net
Replace the nf_tables_ prefix by nft_ and merge code into single lookup
function whenever possible. In many cases we go over the 80-chars
boundary function names, this save us ~50 LoC.
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_tables.h | 12 +-
net/netfilter/nf_tables_api.c
From: Taehee Yoo
In the check_target, ip6t_get_target is called twice.
Signed-off-by: Taehee Yoo
Signed-off-by: Pablo Neira Ayuso
---
net/ipv6/netfilter/ip6_tables.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 65c9
From: Thierry Du Tre
This is a patch proposal to support shifted ranges in portmaps. (i.e. tcp/udp
incoming port 5000-5100 on WAN redirected to LAN 192.168.1.5:2000-2100)
Currently DNAT only works for single port or identical port ranges. (i.e.
ports 5000-5100 on WAN interface redirected to a
From: Taehee Yoo
A ebt_free_table_info frees all of chainstacks.
It similar to xt_free_table_info. this inline function
reduces code line.
Signed-off-by: Taehee Yoo
Signed-off-by: Pablo Neira Ayuso
---
net/bridge/netfilter/ebtables.c | 39 +++
1 file change
From: Taehee Yoo
There are no __exit mark in the helper modules.
because these exit functions used to be called by init function
but now that is not. so we can add __exit mark.
Signed-off-by: Taehee Yoo
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_conntrack_ftp.c | 3 +--
net/netfil
From: Felix Fietkau
Avoids having nf_flow_table depend on nftables (useful for future
iptables backport work)
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_flow_table.h | 1 +
include/net/netfilter/nf_tables.h | 3 ---
net/netfilter/nf_flow_t
From: Phil Sutter
Drop nft_set_type's ability to act as a container of multiple backend
implementations it chooses from. Instead consolidate the whole selection
logic in nft_select_set_ops() and the actual backend provided estimate()
callback.
This turns nf_tables_set_types into a list containin
From: Florian Westphal
Marco De Benedetto says:
I would like to use a timeout of 30 days for elements in a set but it
seems there is a some kind of problem above 24d20h31m23s.
Fix this by using 'jiffies64' for timeout handling to get same behaviour
on 32 and 64bit systems.
nftables passes tim
From: Taehee Yoo
EBT_MATCH and EBT_NOMATCH are used to change return value.
match functions(ebt_xxx.c) return false when received frame is not matched
and returns true when received frame is matched.
but, EBT_MATCH_ITERATE understands oppositely.
so, to change return value, EBT_MATCH and EBT_NOMA
From: Florian Westphal
nft rejects rules that lack a timeout and a size limit when they're used
to add elements from packet path.
Pick a sane upperlimit instead of rejecting outright.
The upperlimit is visible to userspace, just as if it would have been
given during set declaration.
Signed-off-
From: Taehee Yoo
ipt_get_target is used to get struct xt_entry_target
and ipt_get_target_c is used to get const struct xt_entry_target.
However in the ipt_do_table, ipt_get_target is used to get
const struct xt_entry_target. it should be replaced by ipt_get_target_c.
Signed-off-by: Taehee Yoo
S
From: Cong Wang
tbl->entries is not initialized after kmalloc(), therefore
causes an uninit-value warning in ip_vs_lblc_check_expire()
as reported by syzbot.
Reported-by:
Cc: Simon Horman
Cc: Julian Anastasov
Cc: Pablo Neira Ayuso
Signed-off-by: Cong Wang
Acked-by: Julian Anastasov
Acked-b
From: Florian Westphal
before:
textdata bss dec hex filename
2657 844 03501 dad net/netfilter/nft_rt.ko
1008262240 401 103467 1942b net/netfilter/nf_tables.ko
after:
2657 844 03501 dad net/netfilter/nft_rt.ko
1024562316
From: Taehee Yoo
ebt_get_target similar to {ip/ip6/arp}t_get_target.
and ebt_get_target_c similar to {ip/ip6/arp}t_get_target_c.
Signed-off-by: Taehee Yoo
Signed-off-by: Pablo Neira Ayuso
---
include/uapi/linux/netfilter_bridge/ebtables.h | 6 ++
net/bridge/netfilter/ebtables.c
From: Florian Westphal
before:
textdata bss dec hex filename
5056 844 05900170c net/netfilter/nft_exthdr.ko
1024562316 401 105173 19ad5 net/netfilter/nf_tables.ko
after:
1064102392 401 109203 1aa93 net/netfilter/nf_tables.ko
Signed
From: Florian Westphal
It overcomplicates things for no reason.
nft_meta_bridge only offers retrieval of bridge port interface name.
Because of this being its own module, we had to export all nft_meta
functions, which we can then make static again (which even reduces
the size of nft_meta -- incl
From: Florian Westphal
size net/netfilter/nft_meta.ko
textdata bss dec hex filename
5826 936 167631a6b net/netfilter/nft_meta.ko
964072064 400 98871 18237 net/netfilter/nf_tables.ko
after:
1008262240 401 103467 1942b net/netfilter
From: Ahmed Abdelsalam
IPv6 Segment Routing Header (SRH) contains a list of SIDs to be crossed
by SR encapsulated packet. Each SID is encoded as an IPv6 prefix.
When a Firewall receives an SR encapsulated packet, it should be able
to identify which node previously processed the packet (previous
From: Felix Fietkau
Avoid looking at unrelated fields in UDP packets
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_flow_table_ip.c | 12
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfi
From: Florent Fourcot
IPCTNL_MSG_CT_GET_STATS netlink command allow to monitor current number
of conntrack entries. However, if one wants to compare it with the
maximum (and detect exhaustion), the only solution is currently to read
sysctl value.
This patch add nf_conntrack_max value in netlink
From: Cong Wang
Similarly, tbl->entries is not initialized after kmalloc(),
therefore causes an uninit-value warning in ip_vs_lblc_check_expire(),
as reported by syzbot.
Reported-by:
Cc: Simon Horman
Cc: Julian Anastasov
Cc: Pablo Neira Ayuso
Signed-off-by: Cong Wang
Acked-by: Julian Anasta
From: Florian Westphal
Signed-off-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_nat_l3proto.h | 24
net/ipv4/netfilter/iptable_nat.c | 3 +--
net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 14 +-
net/ipv4/netfilte
From: Phil Sutter
These macros allow conveniently declaring arrays which use NFT_{RT,CT}_*
values as indexes.
Signed-off-by: Phil Sutter
Signed-off-by: Pablo Neira Ayuso
---
include/uapi/linux/netfilter/nf_tables.h | 4
1 file changed, 4 insertions(+)
diff --git a/include/uapi/linux/net
From: Florian Westphal
This must now use a 64bit jiffies value, else we set
a bogus timeout on 32bit.
Fixes: 8e1102d5a1596 ("netfilter: nf_tables: support timeouts larger than 23
days")
Signed-off-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nft_dynset.c | 2 +-
1
From: Fernando Fernandez Mancera
Add nf_osf_ttl() and nf_osf_match() into nf_osf.c to prepare for
nf_tables support.
Signed-off-by: Fernando Fernandez Mancera
Signed-off-by: Pablo Neira Ayuso
---
include/linux/netfilter/nf_osf.h | 27 +
include/uapi/linux/netfilter/nf_osf.h | 90 ++
From: Laura Garcia Liebana
This patch includes a new attribute in the numgen structure to allow
the lookup of an element based on the number generator as a key.
For this purpose, different ops have been included to extend the
current numgen inc functions.
Currently, only supported for numgen in
From: Laura Garcia Liebana
The modulus in the hash function was limited to > 1 as initially
there was no sense to create a hashing of just one element.
Nevertheless, there are certain cases specially for load balancing
where this case needs to be addressed.
This patch fixes the following error.
Keep it simple to start with, just report attribute offsets that can be
useful to userspace when representating errors to users.
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_tables_api.c | 299 +-
1 file changed, 206 insertions(+), 93 deletions(-)
From: Felix Fietkau
It is too trivial to keep as a separate exported function
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
include/net/netfilter/nf_flow_table.h | 5 -
net/netfilter/nf_flow_table_core.c| 6 --
2 files changed, 4 insertions(+), 7 deletions(-)
From: Felix Fietkau
Pass all NAT types to the flow offload struct, otherwise parts of the
address/port pair do not get translated properly, causing connection
stalls
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_flow_table_core.c | 2 +-
1 file changed, 1
From: Felix Fietkau
Allow the slow path to handle the shutdown of the connection with proper
timeouts. The packet containing RST/FIN is also sent to the slow path
and the TCP conntrack module will update its state.
Signed-off-by: Felix Fietkau
Signed-off-by: Pablo Neira Ayuso
---
net/netfilte
From: Inju Song
The hashing table in scheduler such as source hash or maglev hash
should ignore the changed weight to 0 and allow changing the weight
from/to non-0 values. So, struct ip_vs_dest needs to keep weight
with latest non-0 weight.
Signed-off-by: Inju Song
Signed-off-by: Julian Anastas
From: Felix Fietkau
On cleanup, this will be treated differently from FLOW_OFFLOAD_DYING:
If FLOW_OFFLOAD_DYING is set, the connection is going away, so both the
offload state and the connection tracking entry will be deleted.
If FLOW_OFFLOAD_TEARDOWN is set, the connection remains alive, but
t
From: Felix Fietkau
Since conntrack hasn't seen any packets from the offloaded flow in a
while, and the timeout for offloaded flows is set to an extremely long
value, we need to fix up the state before we can send a flow back to the
slow path.
For TCP, reset td_maxwin in both directions, which m
From: Arvind Yadav
Fix checkpatch.pl error:
ERROR: space prohibited before open square bracket '['.
Signed-off-by: Arvind Yadav
Signed-off-by: Simon Horman
---
net/netfilter/ipvs/ip_vs_proto_tcp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs
From: Vincent Bernat
The sh/dh/lblc/lblcr algorithms are using Knuth's multiplicative
hashing incorrectly. Replace its use by the hash_32() macro, which
correctly implements this algorithm. It doesn't use the same constant,
but it shouldn't matter.
Signed-off-by: Vincent Bernat
Acked-by: Julian
On Sun, May 6, 2018 at 10:17 AM, Willem de Bruijn
wrote:
> On Sat, May 5, 2018 at 7:39 PM, Alexander Duyck
> wrote:
>> On Sat, May 5, 2018 at 3:01 AM, Willem de Bruijn
>> wrote:
>>> On Fri, May 4, 2018 at 8:30 PM, Alexander Duyck
>>> wrote:
From: Alexander Duyck
This patch is me
On Sun, May 06 2018, Herbert Xu wrote:
> On Sun, May 06, 2018 at 08:00:49AM +1000, NeilBrown wrote:
>>
>> The insert function must (and does) take the lock on the bucket before
>> testing if there is a "next" table.
>> If one inserter finds that it has locked the "last" table (because there
>> is
On Sat, May 05 2018, Tom Herbert wrote:
> On Sat, May 5, 2018 at 2:43 AM, Herbert Xu
> wrote:
>> On Fri, May 04, 2018 at 01:54:14PM +1000, NeilBrown wrote:
>>> rhashtable_walk_prev() returns the object returned by
>>> the previous rhashtable_walk_next(), providing it is still in the
>>> table (o
On Sun, May 6, 2018 at 2:50 PM, Willem de Bruijn
wrote:
> On Sat, May 5, 2018 at 3:31 AM, Alexander Duyck
> wrote:
>> From: Alexander Duyck
>>
>> This patch adds support for a software provided checksum and GSO_PARTIAL
>> segmentation support. With this we can offload UDP segmentation on devices
On Sun, May 06 2018, Herbert Xu wrote:
> On Sun, May 06, 2018 at 07:48:20AM +1000, NeilBrown wrote:
>>
>> The spinlock protects 2 or more buckets. The nested table contains at
>> least 512 buckets, maybe more.
>> It is quite possible for two insertions into 2 different buckets to both
>> get thei
On Sat, May 5, 2018 at 3:31 AM, Alexander Duyck
wrote:
> From: Alexander Duyck
>
> This patch adds support for a software provided checksum and GSO_PARTIAL
> segmentation support. With this we can offload UDP segmentation on devices
> that only have partial support for tunnels.
>
> Since we are n
>> > If now I add veth0 to a bridge (e.g.
>> >
>> > ip link add br0 type bridge
>> > ip link set dev veth0 master br0
>> >
>> > ) and continue to send on veth1 and receive on veth0 I don't receive
>> > the packets any more. The other direction (veth0 sending, veth1
>> > receiving) s
Hello Willem,
On Sun, May 06, 2018 at 06:58:34PM +0200, Willem de Bruijn wrote:
> On Sat, May 5, 2018 at 10:57 AM, Uwe Kleine-König
> wrote:
> > For testing purposes I created a veth device pair (veth0 veth1), open a
> > socket for each of the devices and send packets around between them. In
> >
On Sun, May 06, 2018 at 08:19:49PM +0300, Alexey Dobriyan wrote:
> +++ b/fs/proc/internal.h
> @@ -48,8 +48,8 @@ struct proc_dir_entry {
> const struct seq_operations *seq_ops;
> int (*single_show)(struct seq_file *, void *);
> };
> - unsigned int state_size;
>
On May 6, 2018 10:26:37 AM PDT, Andrew Lunn wrote:
>On Sat, May 05, 2018 at 12:04:23PM -0700, Florian Fainelli wrote:
>> From: Russell King
>>
>> Add rudimentary phylink support to mv88e6xxx. This allows the driver
>> using user ports with fixed links to keep operating normally. User
>ports
>> w
Hello,
syzbot found the following crash on:
HEAD commit:8fb11a9a8d51 net/ipv6: rename rt6_next to fib6_next
git tree: net-next
console output: https://syzkaller.appspot.com/x/log.txt?x=108e923780
kernel config: https://syzkaller.appspot.com/x/.config?x=c416c61f3cd96be
dashboard li
On Sat, May 05, 2018 at 12:04:23PM -0700, Florian Fainelli wrote:
> From: Russell King
>
> Add rudimentary phylink support to mv88e6xxx. This allows the driver
> using user ports with fixed links to keep operating normally. User ports
> with normal PHYs are not affected since the switch automatic
On Wed, Apr 25, 2018 at 05:47:47PM +0200, Christoph Hellwig wrote:
> Changes since V1:
> - open code proc_create_data to avoid setting not fully initialized
>entries live
> - use unsigned int for state_size
Need this to maintain sizeof(struct proc_dir_entry):
Otherwise ACK fs/proc/ part.
d
On Sat, May 5, 2018 at 7:39 PM, Alexander Duyck
wrote:
> On Sat, May 5, 2018 at 3:01 AM, Willem de Bruijn
> wrote:
>> On Fri, May 4, 2018 at 8:30 PM, Alexander Duyck
>> wrote:
>>> From: Alexander Duyck
>>>
>>> This patch is meant to allow us to avoid having to recompute the checksum
>>> from sc
On Sat, May 5, 2018 at 10:57 AM, Uwe Kleine-König
wrote:
> Hello,
>
> my eventual goal is to implement MRP and for that I started to program a
> bit and stumbled over a problem I don't understand.
>
> For testing purposes I created a veth device pair (veth0 veth1), open a
> socket for each of the
On 2018-04-18 19:47, Paul Moore wrote:
> On Fri, Mar 16, 2018 at 5:00 AM, Richard Guy Briggs wrote:
> > Implement the proc fs write to set the audit container ID of a process,
> > emitting an AUDIT_CONTAINER record to document the event.
> >
> > This is a write from the container orchestrator task
On Sun, May 6, 2018 at 6:43 AM, Jacob S. Moroni wrote:
> Hello,
>
> I have a stupid question regarding which variant of spin_lock to use
> throughout the network stack, and inside RX handlers specifically.
>
> It's my understanding that skbuffs are normally passed into the stack
> from soft IRQ co
The new bpf_lwt_push_encap helper should only be accessible within the
LWT BPF IN hook, and not the OUT one, as this may lead to a skb under
panic.
At the moment, both LWT BPF IN and OUT share the same list of helpers,
whose calls are authorized by the verifier. This patch separates the
verifier o
include/net/seg6.h cannot be included in a source file if CONFIG_IPV6 is
not enabled:
include/net/seg6.h: In function 'seg6_pernet':
>> include/net/seg6.h:52:14: error: 'struct net' has no member named
'ipv6'; did you mean 'ipv4'?
return net->ipv6.seg
The BPF seg6local hook should be powerful enough to enable users to
implement most of the use-cases one could think of. After some thinking,
we figured out that the following actions should be possible on a SRv6
packet, requiring 3 specific helpers :
- bpf_lwt_seg6_store_bytes: Modify non-sensi
As of Linux 4.14, it is possible to define advanced local processing for
IPv6 packets with a Segment Routing Header through the seg6local LWT
infrastructure. This LWT implements the network programming principles
defined in the IETF “SRv6 Network Programming” draft.
The implemented operations are
The function lookup_nexthop is essential to implement most of the seg6local
actions. As we want to provide a BPF helper allowing to apply some of these
actions on the packet being processed, the helper should be able to call
this function, hence the need to make it public.
Moreover, if one argumen
Add a new test for the seg6local End.BPF action. The following helpers
are also tested :
- bpf_lwt_push_encap within the LWT BPF IN hook
- bpf_lwt_seg6_action
- bpf_lwt_seg6_adjust_srh
- bpf_lwt_seg6_store_bytes
A chain of End.BPF actions is built. The SRH is injected through a LWT
BPF IN hook be
This patch adds the End.BPF action to the LWT seg6local infrastructure.
This action works like any other seg6local End action, meaning that an IPv6
header with SRH is needed, whose DA has to be equal to the SID of the
action. It will also advance the SRH to the next segment, the BPF program
does no
Hello,
I have a stupid question regarding which variant of spin_lock to use
throughout the network stack, and inside RX handlers specifically.
It's my understanding that skbuffs are normally passed into the stack
from soft IRQ context if the device is using NAPI, and hard IRQ
context if it's not
1 - 100 of 105 matches
Mail list logo
