Noam Camus [Tue, 23 Jun 2015 08:43:53 +0000 (11:43 +0300)]
NET: Add ezchip ethernet driver
Simple LAN device for debug or management purposes.
Device supports interrupts for RX and TX(completion).
Device does not have DMA ability.
Signed-off-by: Noam Camus <noamc@ezchip.com> Signed-off-by: Tal Zilcer <talz@ezchip.com> Acked-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Nimrod Andy [Tue, 23 Jun 2015 07:32:51 +0000 (15:32 +0800)]
net: fec: init MAC prior to mii bus probe
Below case causes mii bus probe failed:
ifconfig eth0 down -> suspend/resume with Mega/fax mix off -> ifconfig eth0 up
In i.MX6SX/i.MX7D chip, Mega/fast mix off feature is supported that means most of
SOC power will be off including ENET MAC for power saving. Once ENET MAC power
off, all initialized MAC registers reset to default, so in the case, it must
init MAC prior to mii bus probe.
Signed-off-by: Fugang Duan <B38611@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Anish Bhatt [Tue, 23 Jun 2015 00:44:35 +0000 (17:44 -0700)]
dcb : Fix incorrect documentation for struct dcb_app
While IEEE and CEE use the same structure to store apps, the selector
and priority fields for both are different. Only the priority field is
explained, add documentation explaining how the selector field differs
for both.
cgdcbxd code shows an example of how selector fields differ.
Signed-off-by: Anish Bhatt <anish@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Scott Feldman [Thu, 11 Jun 2015 18:20:42 +0000 (11:20 -0700)]
switchdev: change BUG_ON to WARN for attr set failure case
This particular BUG_ON condition was checking for attr set err in the
COMMIT phase, which isn't expected (it's a driver bug if PREPARE phase is
OK but COMMIT fails). But BUG_ON() is too strong for this case, so change
to WARN(). BUG_ON() would be warranted if the system was corrupted beyond
repair, but this is not the case here.
Signed-off-by: Scott Feldman <sfeldma@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Tue, 23 Jun 2015 13:56:32 +0000 (06:56 -0700)]
Merge branch 'switchdev-vlan'
Scott Feldman says:
====================
switchdev; add VLAN support for port's bridge_getlink
One more missing piece of the puzzle. Add vlan dump support to switchdev
port's bridge_getlink. iproute2 "bridge vlan show" cmd already knows how
to show the vlans installed on the bridge and the device , but (until now)
no one implemented the port vlan part of the netlink PF_BRIDGE:RTM_GETLINK
msg. Before this patch, "bridge vlan show":
$ bridge -c vlan show
port vlan ids
sw1p1 30-34 << bridge side vlans
57
sw1p1 << device side vlans (missing)
sw1p2 57
sw1p2
sw1p3
sw1p4
br0 None
(When the port is bridged, the output repeats the vlan list for the vlans
on the bridge side of the port and the vlans on the device side of the
port. The listing above show no vlans for the device side even though they
are installed).
After this patch:
$ bridge -c vlan show
port vlan ids
sw1p1 30-34 << bridge side vlan
57
sw1p1 30-34 << device side vlans
57
3840 PVID
sw1p2 57
sw1p2 57
3840 PVID
sw1p3 3842 PVID
sw1p4 3843 PVID
br0 None
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Scott Feldman [Mon, 22 Jun 2015 07:27:17 +0000 (00:27 -0700)]
switchdev; add VLAN support for port's bridge_getlink
One more missing piece of the puzzle. Add vlan dump support to switchdev
port's bridge_getlink. iproute2 "bridge vlan show" cmd already knows how
to show the vlans installed on the bridge and the device , but (until now)
no one implemented the port vlan part of the netlink PF_BRIDGE:RTM_GETLINK
msg. Before this patch, "bridge vlan show":
$ bridge -c vlan show
port vlan ids
sw1p1 30-34 << bridge side vlans
57
sw1p1 << device side vlans (missing)
sw1p2 57
sw1p2
sw1p3
sw1p4
br0 None
(When the port is bridged, the output repeats the vlan list for the vlans
on the bridge side of the port and the vlans on the device side of the
port. The listing above show no vlans for the device side even though they
are installed).
After this patch:
$ bridge -c vlan show
port vlan ids
sw1p1 30-34 << bridge side vlan
57
sw1p1 30-34 << device side vlans
57
3840 PVID
sw1p2 57
sw1p2 57
3840 PVID
sw1p3 3842 PVID
sw1p4 3843 PVID
br0 None
I re-used ndo_dflt_bridge_getlink to add vlan fill call-back func.
switchdev support adds an obj dump for VLAN objects, using the same
call-back scheme as FDB dump. Support included for both compressed and
un-compressed vlan dumps.
Signed-off-by: Scott Feldman <sfeldma@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Maninder Singh [Mon, 22 Jun 2015 07:09:16 +0000 (12:39 +0530)]
packet: remove handling of tx_ring
Remove handling of tx_ring in prb_setup_retire_blk_timer
for TPACKET_V3 because init_prb_bdqc is called only for zero tx_ring
and thus prb_setup_retire_blk_timer for zero tx_ring only.
And also in functon init_prb_bdqc there is no usage of tx_ring.
Thus removing tx_ring from init_prb_bdqc.
Signed-off-by: Maninder Singh <maninder1.s@samsung.com> Suggested-by: Frans Klaver <fransklaver@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Paul Gortmaker [Sun, 21 Jun 2015 20:28:02 +0000 (16:28 -0400)]
drivers/net: remove all references to obsolete Ethernet-HOWTO
This howto made sense in the 1990s when users had to manually configure
ISA cards with jumpers or vendor utilities, but with the implementation
of PCI it became increasingly less and less relevant, to the point where
it has been well over a decade since I last updated it. And there is
no value in anyone else taking over updating it either.
However the references to it continue to spread as boiler plate text
from one Kconfig file into the next. We are not doing end users any
favours by pointing them at this old document, so lets kill it with
fire, once and for all, to hopefully stop any further spread.
No code is changed in this commit, just Kconfig help text.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Tue, 23 Jun 2015 13:49:29 +0000 (06:49 -0700)]
Merge branch 'stmmac-rk3368'
Heiko Stuebner says:
====================
net: stmmac: dwmac-rk: add support for rk3368
Apart from small cleanups, this series provides support for the dwmac
on the new rk3368 ARM64 soc.
Tested on a R88 board using a RMII phy.
Changes since v1:
- Adapt to changes resulting from patch d42202dce002 ("net: stmmac:
dwmac-rk: Don't add function name in info or err messages")
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Heiko Stübner [Sun, 21 Jun 2015 19:52:54 +0000 (21:52 +0200)]
net: stmmac: dwmac-rk: add rk3368-specific data
Add constants and callback functions for the dwmac on rk3368 socs.
As can be seen, the base structure is the same, only registers and
the bits in them moved slightly.
Signed-off-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: David S. Miller <davem@davemloft.net>
Heiko Stübner [Sun, 21 Jun 2015 19:52:53 +0000 (21:52 +0200)]
net: stmmac: dwmac-rk: abstract access to mac settings in GRF
The mac settings like RGMII/RMII, speeds etc are done in the so called
"General Register Files", contain numerous other settings as well and
always seem to change between Rockchip SoCs. Therefore abstract the
register accesses into a per-soc ops struct to make this reusable on
other Rockchip SoCs.
Signed-off-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: David S. Miller <davem@davemloft.net>
Heiko Stübner [Sun, 21 Jun 2015 19:52:52 +0000 (21:52 +0200)]
net: stmmac: dwmac-rk: Fix clk rate when provided by soc
The first iteration of the dwmac-rk support did access an intermediate
clock directly below the pll selector. This was removed in a subsequent
revision, but the clock and one invocation remained. This results in
the driver trying to set the rate of a non-existent clock when the soc
and not some external source provides the phy clock for RMII phys.
So set the rate of the correct clock and remove the remaining now
completely unused definition.
Fixes: 436f5ae08f9d ("GMAC: add driver for Rockchip RK3288 SoCs integrated GMAC") Cc: stable@vger.kernel.org Signed-off-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: David S. Miller <davem@davemloft.net>
In a first version the driver did want to do some gpio wiggling, which
of course never made it into the kernel, but somehow these register
defines where forgotten. Remove them, as they shouldn't be here.
Signed-off-by: Heiko Stuebner <heiko@sntech.de> Signed-off-by: David S. Miller <davem@davemloft.net>
Andrew Lunn [Sat, 20 Jun 2015 19:31:29 +0000 (21:31 +0200)]
dsa: mv88x6xxx: Zero statistics counters
Zero the statistics counters when setting up the global
registers. Otherwise the counters will remain from the last boot if
the power has not been removed.
Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Tue, 23 Jun 2015 13:33:51 +0000 (06:33 -0700)]
Merge branch 'dsa-mv88e6xxx-debugfs'
Andrew Lunn says:
====================
debugfs for mv88e6xxx
This patchset adds some debugfs files for seeing into a mv88e6xxx
family of switch chips.
DB T/P Vec State Addr
003 Port 008 7 00:22:02:00:18:44
003 Port 008 6 80:ee:73:83:60:27
005 Port 020 7 94:10:3e:80:bc:f3
0f8 Port 001 6 8e:25:13:53:44:de
This walks all possible entries, so is a bit slow, but is always
correct.
Of particular interest here is that you get to see all ports,
including the CPU port and any DSA ports. You cannot get statistics
for these ports via ethtool.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Andrew Lunn [Sat, 20 Jun 2015 16:42:31 +0000 (18:42 +0200)]
dsa: mv88x6xxx: Add debugfs interface for statistics
Allow the contents of the statistics counters to be shown in debugfs.
This is particularly useful for the cpu and dsa ports, which cannot be
seen using ethtools -S.
Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
vmxnet3: Changes for vmxnet3 adapter version 2 (fwd)
Make the driver understand adapter version 2.
Cc: Rachel Lunnon <rachel_lunnon@stormagic.com> Signed-off-by: Guolin Yang <gyang@vmware.com> Signed-off-by: Shreyas N Bhatewara <sbhatewara@vmware.com> Signed-off-by: David S. Miller <davem@davemloft.net>
If rcd length was zero, the page used for frag was not being released. It
was being replaced with a newly allocated page. This change takes care
of that memory leak.
Signed-off-by: Guolin Yang <gyang@vmware.com> Signed-off-by: Shreyas N Bhatewara <sbhatewara@vmware.com> Signed-off-by: David S. Miller <davem@davemloft.net>
vmxnet3: Register shutdown handler for device (fwd)
Implement a handler for pci shutdown so that the driver has an
opportunity to make sure that device is quiesced before the PCI
switches to legacy IRQs. This way the possibility of
"screaming interrupt" is avoided.
Acked-by: Shrikrishna Khare <skhare@vmware.com> Signed-off-by: Shreyas N Bhatewara <sbhatewara@vmware.com> Signed-off-by: David S. Miller <davem@davemloft.net>
netfilter: nf_qeueue: Drop queue entries on nf_unregister_hook
Add code to nf_unregister_hook to flush the nf_queue when a hook is
unregistered. This guarantees that the pointer that the nf_queue code
retains into the nf_hook list will remain valid while a packet is
queued.
I tested what would happen if we do not flush queued packets and was
trivially able to obtain the oops below. All that was required was
to stop the nf_queue listening process, to delete all of the nf_tables,
and to awaken the nf_queue listening process.
netfilter: nftables: Do not run chains in the wrong network namespace
Currenlty nf_tables chains added in one network namespace are being
run in all network namespace. The issues are myriad with the simplest
being an unprivileged user can cause any network packets to be dropped.
Address this by simply not running nf_tables chains in the wrong
network namespace.
Cc: stable@vger.kernel.org Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Pankaj Gupta [Fri, 19 Jun 2015 14:17:53 +0000 (19:47 +0530)]
macvtap: Increase limit of macvtap queues
Macvtap should be compatible with tuntap for
maximum number of queues.
commit 'baf71c5c1f80d82e92924050a60b5baaf97e3094 (tuntap:
Increase the number of queues in tun.)' removes
the limitations and increases number of queues in tuntap.
Now, Its safe to increase number of queues in Macvtap as well.
This patch also modifies 'macvtap_del_queues' function
to avoid extra memory allocation in stack.
Changes from v1->v2 :
Michael S. Tsirkin, Jason Wang :
Better way to use linked list to
avoid use of extra memory in stack.
Sergei Shtylyov : Specify dependent commit's summary.
Signed-off-by: Pankaj Gupta <pagupta@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Wagner [Fri, 19 Jun 2015 14:00:44 +0000 (16:00 +0200)]
bpf: BPF based latency tracing
BPF offers another way to generate latency histograms. We attach
kprobes at trace_preempt_off and trace_preempt_on and calculate the
time it takes to from seeing the off/on transition.
The first array is used to store the start time stamp. The key is the
CPU id. The second array stores the log2(time diff). We need to use
static allocation here (array and not hash tables). The kprobes
hooking into trace_preempt_on|off should not calling any dynamic
memory allocation or free path. We need to avoid recursivly
getting called. Besides that, it reduces jitter in the measurement.
bridge: multicast: start querier timer when running user-space stp
When STP is running in user-space and querier is configured, the
querier timer is not started when a port goes to a non-blocking state.
This patch unifies the user- and kernel-space stp multicast port enable
path and enables it in all states different from blocking. Note that when a
port goes in BR_STATE_DISABLED it's not enabled because that is handled
in the beginning of the port list loop.
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Tue, 23 Jun 2015 10:24:58 +0000 (03:24 -0700)]
Merge tag 'nfc-next-4.2-2' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/nfc-next
NFC 4.2 2nd pull request
This one only contains a one liner fix for a typo that I
introduced while cleaning some of the nfcmrvl patches that
were part of the 1st 4.2 pull request.
Here's the final bluetooth-next pull request for 4.2.
- Cleanups & fixes to 802.15.4 code and related drivers
- Fix btusb driver memory leak
- New USB IDs for Atheros controllers
- Support for BCM4324B3 UART based Broadcom controller
- Fix for Bluetooth encryption key size handling
- Broadcom controller initialization fixes
- Support for Intel controller DDC parameters
- Support for multiple Bluetooth LE advertising instances
- Fix for HCI user channel cleanup path
Please let me know if there are any issues pulling. Thanks.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Mahesh Bandewar [Thu, 18 Jun 2015 18:30:54 +0000 (11:30 -0700)]
bonding: Display LACP info only to CAP_NET_ADMIN capable user
Actor and Partner details can be accessed via proc-fs, sys-fs
entries or netlink interface. These interfaces are world readable
at this moment. The earlier patch-series made the LACP communication
secure to avoid nuisance attack from within the same L2 domain but
it did not prevent "someone unprivileged" looking at that information
on host and perform the same act.
This patch essentially avoids spitting those entries if the user
in question does not have enough privileges.
Signed-off-by: Mahesh Bandewar <maheshb@google.com> Signed-off-by: Andy Gospodarek <gospo@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Tue, 23 Jun 2015 08:24:48 +0000 (01:24 -0700)]
Merge branch 'macb-sama5d2'
Nicolas Ferre says:
====================
net/macb: add sama5d2 support
This series is basically the support for another flavor of the GEM IP
configuration. It ended up being a series because of some little fixes made to
the binding documentation before adding the new compatibility string.
Bye,
v2: - fix bindings
- add sama5d2 compatibility string to the binding documentation
====================
Acked-by: Alexandre Belloni <alexandre.belloni@free-electrons.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Cyrille Pitchen [Thu, 18 Jun 2015 14:27:23 +0000 (16:27 +0200)]
net/macb: add config for Atmel sama5d2 SoCs
Add the compatible string for Atmel sama5d2 SoC family as the configuration
options differ from other instances of the GEM.
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@atmel.com> Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Scott Feldman [Wed, 17 Jun 2015 23:08:31 +0000 (16:08 -0700)]
switchdev: fdb filter_dev is always NULL for self (device), so remove check
Remove the filter_dev check when dumping fdb entries, otherwise dump
returns empty list. filter_dev is always passed as NULL when dumping fdbs
on SELF. We want the fdbs installed on the device to be listed in the
dump.
Signed-off-by: Scott Feldman <sfeldma@gmail.com> Fixes: 45d4122c ("switchdev: add support for fdb add/del/dump via switchdev_port_obj ops") Acked-by: Sridhar Samudrala <sridhar.samudrala@intel.com> Acked-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net>
Roopa Prabhu [Wed, 17 Jun 2015 18:07:01 +0000 (11:07 -0700)]
ipv4: include NLM_F_APPEND flag in append route notifications
This patch adds NLM_F_APPEND flag to struct nlmsg_hdr->nlmsg_flags
in newroute notifications if the route add was an append.
(This is similar to how NLM_F_REPLACE is already part of new
route replace notifications today)
This helps userspace determine if the route add operation was
an append.
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Acked-by: Scott Feldman <sfeldma@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
David Herrmann [Wed, 17 Jun 2015 15:14:33 +0000 (17:14 +0200)]
netlink: add API to retrieve all group memberships
This patch adds getsockopt(SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS) to
retrieve all groups a socket is a member of. Currently, we have to use
getsockname() and look at the nl.nl_groups bitmask. However, this mask is
limited to 32 groups. Hence, similar to NETLINK_ADD_MEMBERSHIP and
NETLINK_DROP_MEMBERSHIP, this adds a separate sockopt to manager higher
groups IDs than 32.
This new NETLINK_LIST_MEMBERSHIPS option takes a pointer to __u32 and the
size of the array. The array is filled with the full membership-set of the
socket, and the required array size is returned in optlen. Hence,
user-space can retry with a properly sized array in case it was too small.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Craig Gallek [Wed, 17 Jun 2015 14:59:10 +0000 (10:59 -0400)]
sock_diag: fetch source port from inet_sock
When an inet_sock is destroyed, its source port (sk_num) is set to
zero as part of the unhash procedure. In order to supply a source
port as part of the NETLINK_SOCK_DIAG socket destruction broadcasts,
the source port number must be read from inet_sport instead.
Tested: ss -E Signed-off-by: Craig Gallek <kraig@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Antonio Borneo [Wed, 17 Jun 2015 11:42:31 +0000 (19:42 +0800)]
net: via/Kconfig: replace USE_OF with OF_???
USE_OF is used as intermediate Kconfig option by few
arch's (ARM, MIPS, Xtensa).
Replace instances of USE_OF outside of arch folders
with proper OF_???.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Kees Cook [Tue, 16 Jun 2015 22:36:17 +0000 (15:36 -0700)]
cxgb3: avoid needless buffer copy for firmware
There's no reason to perform a buffer copy for the firmware name. This
also avoids a (currently impossible with current callers) NULL dereference
if there was no matching firmware.
Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Julien Grall [Tue, 16 Jun 2015 19:10:48 +0000 (20:10 +0100)]
net/xen-netback: Don't mix hexa and decimal with 0x in the printf format
Append 0x to all %x in order to avoid while reading when there is other
decimal value in the log.
Also replace some of the hexadecimal print to decimal to uniformize the
format with netfront.
Signed-off-by: Julien Grall <julien.grall@citrix.com> Cc: Wei Liu <wei.liu2@citrix.com> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: netdev@vger.kernel.org Acked-by: Ian Campbell <ian.campbell@citrix.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Julien Grall [Tue, 16 Jun 2015 19:10:47 +0000 (20:10 +0100)]
net/xen-netback: Remove unused code in xenvif_rx_action
The variables old_req_cons and ring_slots_used are assigned but never
used since commit 1650d5455bd2dc6b5ee134bd6fc1a3236c266b5b "xen-netback:
always fully coalesce guest Rx packets".
Signed-off-by: Julien Grall <julien.grall@citrix.com> Acked-by: Wei Liu <wei.liu2@citrix.com> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: netdev@vger.kernel.org Signed-off-by: David S. Miller <davem@davemloft.net>
Julien Grall [Tue, 16 Jun 2015 19:10:46 +0000 (20:10 +0100)]
net/xen-netfront: Correct printf format in xennet_get_responses
rx->status is an int16_t, print it using %d rather than %u in order to
have a meaningful value when the field is negative.
Also use %u rather than %x for rx->offset.
Signed-off-by: Julien Grall <julien.grall@citrix.com> Reviewed-by: David Vrabel <david.vrabel@citrix.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com> Cc: netdev@vger.kernel.org Signed-off-by: David S. Miller <davem@davemloft.net>
Willem de Bruijn [Tue, 16 Jun 2015 16:51:37 +0000 (12:51 -0400)]
packet: free packet_rollover after synchronize_net
Destruction of the po->rollover must be delayed until there are no
more packets in flight that can access it. The field is destroyed in
packet_release, before synchronize_net. Delay using rcu.
Fixes: 0648ab70afe6 ("packet: rollover prepare: per-socket state") Suggested-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Willem de Bruijn <willemb@google.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
====================
Netfilter updates for net-next
The following patchset contains a final Netfilter pull request for net-next
4.2. This mostly addresses some fallout from the previous pull request, small
netns updates and a couple of new features for nfnetlink_log and the socket
match that didn't get in time for the previous pull request. More specifically
they are:
1) Add security context information to nfnetlink_queue, from Roman Kubiak.
2) Add support to restore the sk_mark into skb->mark through xt_socket,
from Harout Hedeshian.
3) Force alignment of 16 bytes of per cpu xt_counters, from Eric Dumazet.
4) Rename br_netfilter.c to br_netfilter_hooks.c to prepare split of IPv6 code
into a separated file.
5) Move the IPv6 code in br_netfilter into a separated file.
6) Remove unused RCV_SKB_FAIL() in nfnetlink_queue and nfetlink_log, from Eric
Biederman.
7) Two liner to simplify netns logic in em_ipset_match().
8) Add missing includes to net/net_namespace.h to avoid compilation problems
that result from not including linux/netfilter.h in netns headers.
9) Use a forward declaration instead of including linux/proc_fs.h from
netns/netfilter.h
10) Add a new linux/netfilter_defs.h to replace the linux/netfilter.h inclusion
in netns headers.
11) Remove spurious netfilter.h file included in the net tree, also from Eric
Biederman.
12) Fix x_tables compilation warnings on 32 bits platforms that resulted from
recent changes in x_tables counters, from Florian Westphal.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Florian Westphal [Wed, 17 Jun 2015 21:58:28 +0000 (23:58 +0200)]
netfilter: xtables: fix warnings on 32bit platforms
On 32bit archs gcc complains due to cast from void* to u64.
Add intermediate casts to long to silence these warnings.
include/linux/netfilter/x_tables.h:376:10: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
include/linux/netfilter/x_tables.h:384:15: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
include/linux/netfilter/x_tables.h:391:23: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
include/linux/netfilter/x_tables.h:400:22: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
Fixes: 71ae0dff02d756e ("netfilter: xtables: use percpu rule counters") Reported-by: kbuild test robot <fengguang.wu@intel.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
netfilter: don't pull include/linux/netfilter.h from netns headers
This pulls the full hook netfilter definitions from all those that include
net_namespace.h.
Instead let's just include the bare minimum required in the new
linux/netfilter_defs.h file, and use it from the netfilter netns header files.
I also needed to include in.h and in6.h from linux/netfilter.h otherwise we hit
this compilation error:
In file included from include/linux/netfilter_defs.h:4:0,
from include/net/netns/netfilter.h:4,
from include/net/net_namespace.h:22,
from include/linux/netdevice.h:43,
from net/netfilter/nfnetlink_queue_core.c:23:
include/uapi/linux/netfilter.h:76:17: error: field ‘in’ has incomplete type struct in_addr in;
And also explicit include linux/netfilter.h in several spots.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
netfilter: use forward declaration instead of including linux/proc_fs.h
We don't need to pull the full definitions in that file, a simple forward
declaration is enough.
Moreover, include linux/procfs.h from nf_synproxy_core, otherwise this hits a
compilation error due to missing declarations, ie.
net/netfilter/nf_synproxy_core.c: In function ‘synproxy_proc_init’:
net/netfilter/nf_synproxy_core.c:326:2: error: implicit declaration of function ‘proc_create’ [-Werror=implicit-function-declaration]
if (!proc_create("synproxy", S_IRUGO, net->proc_net_stat,
^
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Johan Hedberg [Thu, 18 Jun 2015 18:05:31 +0000 (21:05 +0300)]
Bluetooth: Fix warning of potentially uninitialized adv_instance variable
Rework the logic of checking for a valid adv_instance for non-zero
cp->instance values. Without this change we may get (false positive)
warnings as follows:
>> net/bluetooth/mgmt.c:7294:29: warning: 'adv_instance' may be used
uninitialized in this function [-Wuninitialized]
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Dmitry Tunin [Thu, 18 Jun 2015 17:41:51 +0000 (20:41 +0300)]
Bluetooth: ath3k: Add support of 04ca:300d AR3012 device
BugLink: https://bugs.launchpad.net/bugs/1394368
This device requires new firmware files
AthrBT_0x11020100.dfu and ramps_0x11020100_40.dfu added to
/lib/firmware/ar3k/ that are not included in linux-firmware yet.
Florian Grandel [Thu, 18 Jun 2015 01:16:53 +0000 (03:16 +0200)]
Bluetooth: hci_core: increase max adv inst
Now that all preconditions are present for actual multi-advertising, the
number of allowed advertising instances can be larger than one. This
patch increases the number of allowed advertising instances to 5.
Florian Grandel [Thu, 18 Jun 2015 01:16:51 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi-adv for mgmt_reenable_advertising()
During service discovery, advertising will be disabled. This patch
ensures that it is correctly being re-enabled, both for configuration
made via set advertising and add advertising, once the scanning
times out.
Florian Grandel [Thu, 18 Jun 2015 01:16:49 +0000 (03:16 +0200)]
Bluetooth: mgmt: program multi-adv on power on
Advertising instances programmed while powered off should be advertised
once the device is powered. This patch ensures that all combinations
of setting and/or adding advertising configuration while powered off
will be correctly activated on power on.
Florian Grandel [Thu, 18 Jun 2015 01:16:48 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for remove_advertising*()
The remove_advertising() and remove_advertising_complete() functions
had instance identifiers hard coded. Notably, when passing in 0x00 as
an instance identifier to signal that all instances should be removed
then the mgmt API would return a hard coded 0x01 rather than returning
the expected value 0x00. This bug is being fixed by always referencing
the instance identifier from the management API call instead.
remove_advertising() is refactored to use the new dynamic advertising
instance list. The logic is being changed to make multi-instance
advertising actually work, notably the schedule_adv_instance() method is
being referenced to make sure that other instances will continue to
advertise even if one instance is being removed.
The code is made more readable by factoring advertising instance
management and initialization into the low-level
hci_remove_adv_instance() and hci_adv_instances_clear() functions.
The method now references the clear_adv_instance() helper method to
remove duplicate logic and code.
Florian Grandel [Thu, 18 Jun 2015 01:16:47 +0000 (03:16 +0200)]
Bluetooth: mgmt/hci_core: multi-adv for add_advertising*()
The add_advertising() and add_advertising_complete() functions reference
the now obsolete hdev->adv_instance struct. Both methods are being
refactored to access the dynamic advertising instance list instead.
This patch also introduces all logic necessary to actually deal with
multiple instance advertising. Notably the mgmt_adv_inst_expired() and
schedule_adv_inst() method are being referenced to schedule instances in
a round robin fashion.
This patch also introduces a "pending" flag into the adv_info struct.
This is necessary to identify and remove recently added advertising
instances when the HCI commands return with an error status code.
Otherwise new advertising instances could be leaked without properly
informing userspace about their existence.
Florian Grandel [Thu, 18 Jun 2015 01:16:46 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for clear_adv_instances()
The clear_adv_instance() function could not clean up multiple
advertising instances previously. It is being changed to provide both, a
means to clean up a single instance and cleaning up all instances at
once.
An additional instance parameter is being introduced to achieve this.
Passing in 0x00 to this parameter signifies that all instances should be
cleaned up. This semantics has been chosen similarly to the semantics of
the instance parameter in the remove_advertising() function.
When removing a single instance the method also ensures that another
instance will be scheduled if available. When the currently advertising
method is being removed, it will be canceled immediately.
Florian Grandel [Thu, 18 Jun 2015 01:16:45 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for set_advertising*()
The set_advertising() and set_advertising_complete() methods rely on
the now obsolete hci_dev->adv_instance structure. We replace this
reference by an equivalent access to the newly introduced dynamic
advertising instance list.
This patch introduces a helper function that schedules an advertising
instance correctly calculating advertising timing based on the timeout
and duration settings of the instance. Scheduling is factored into
its own function for readability and code sharing.
Florian Grandel [Thu, 18 Jun 2015 01:16:44 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for create_instance_adv_data()
The create_instance_adv_data() function could not deal with
multiple advertising instances previously. This is being fixed by
retrieving advertising instances from the newly introduced dynamic
advertising instance list.
Florian Grandel [Thu, 18 Jun 2015 01:16:43 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for create_instance_scan_rsp_data()
The create_instance_scan_rsp_data() function could not deal with
multiple advertising instances previously. This is being fixed by adding
an additional instance parameter.
Florian Grandel [Thu, 18 Jun 2015 01:16:42 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for enable_advertising()
Previously enable_advertising() would rely on
get_adv_instance_scan_rsp_len() which checked for a hard coded instance
identifier. This is being changed to check for the current advertising
instance's scan response length instead. The function is renamed
accordingly.
Florian Grandel [Thu, 18 Jun 2015 01:16:40 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for get_adv_instance_flags()
The get_adv_instance_flags() would not work with instance identifiers
other than 0x01. This is being fixed so that arbitrary instance
identifiers can be dealt with while still correctly dealing with the
special case of the 0x00 identifier.
Florian Grandel [Thu, 18 Jun 2015 01:16:39 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for get_current_adv_instance()
Replaces the hard coded instance identifier in
get_current_adv_instance() with the actual current instance identifier
so that this method is prepared to work with more than one advertising
instance.
Florian Grandel [Thu, 18 Jun 2015 01:16:38 +0000 (03:16 +0200)]
Bluetooth: mgmt: multi adv for read_adv_features()
The read_adv_features() method had a single instance identifier hard
coded. Refer to the advertising instance list instead to return a
dynamically generated list of instance identifiers.
The ...for_instance function name is quite long and does not follow the
..._inst_... convention followed elsewhere in the code. This patch
renames the ...for_instance functions to their shorter ..._inst_...
version.
Florian Grandel [Thu, 18 Jun 2015 01:16:35 +0000 (03:16 +0200)]
Bluetooth: hci_core/mgmt: move adv timeout to hdev
Currently the delayed work managing advertising duration and timeout is
part of the advertising instance structure. This is not correct as only
a single instance can be advertised at any given time. To implement
round robin advertising a single delayed work structure is needed.
To fix this the delayed work structure is being moved to the hci_dev
structure. The instance specific variable is renamed to "remaining_time"
to make it clear that this is the remaining lifetime of the instance and
not the current advertising timeout.
Florian Grandel [Thu, 18 Jun 2015 01:16:34 +0000 (03:16 +0200)]
Bluetooth: hci_core/mgmt: Introduce multi-adv list
The current hci dev structure only supports a single advertising
instance. To support multi-instance advertising it is necessary to
introduce a linked list of advertising instances so that multiple
advertising instances can be dynamically added and/or removed.
In a first step, the existing adv_instance member of the hci_dev
struct is supplemented by a linked list of advertising instances.
This patch introduces the list and supporting list management
infrastructure. The list is not being used yet.
Harout Hedeshian [Tue, 16 Jun 2015 00:40:43 +0000 (18:40 -0600)]
netfilter: xt_socket: add XT_SOCKET_RESTORESKMARK flag
xt_socket is useful for matching sockets with IP_TRANSPARENT and
taking some action on the matching packets. However, it lacks the
ability to match only a small subset of transparent sockets.
Suppose there are 2 applications, each with its own set of transparent
sockets. The first application wants all matching packets dropped,
while the second application wants them forwarded somewhere else.
Add the ability to retore the skb->mark from the sk_mark. The mark
is only restored if a matching socket is found and the transparent /
nowildcard conditions are satisfied.
Now the 2 hypothetical applications can differentiate their sockets
based on a mark value set with SO_MARK.
iptables -t mangle -I PREROUTING -m socket --transparent \
--restore-skmark -j action
iptables -t mangle -A action -m mark --mark 10 -j action2
iptables -t mangle -A action -m mark --mark 11 -j action3
Signed-off-by: Harout Hedeshian <harouth@codeaurora.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Roman Kubiak [Fri, 12 Jun 2015 10:32:57 +0000 (12:32 +0200)]
netfilter: nfnetlink_queue: add security context information
This patch adds an additional attribute when sending
packet information via netlink in netfilter_queue module.
It will send additional security context data, so that
userspace applications can verify this context against
their own security databases.
Signed-off-by: Roman Kubiak <r.kubiak@samsung.com> Acked-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
projects / linux-beck.git / log