]> git.karo-electronics.de Git - linux-beck.git/log
linux-beck.git
8 years agoopenvswitch: allow management from inside user namespaces
Tycho Andersen [Fri, 5 Feb 2016 16:20:52 +0000 (09:20 -0700)]
openvswitch: allow management from inside user namespaces

Operations with the GENL_ADMIN_PERM flag fail permissions checks because
this flag means we call netlink_capable, which uses the init user ns.

Instead, let's introduce a new flag, GENL_UNS_ADMIN_PERM for operations
which should be allowed inside a user namespace.

The motivation for this is to be able to run openvswitch in unprivileged
containers. I've tested this and it seems to work, but I really have no
idea about the security consequences of this patch, so thoughts would be
much appreciated.

v2: use the GENL_UNS_ADMIN_PERM flag instead of a check in each function
v3: use separate ifs for UNS_ADMIN_PERM and ADMIN_PERM, instead of one
    massive one

Reported-by: James Page <james.page@canonical.com>
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Eric Biederman <ebiederm@xmission.com>
CC: Pravin Shelar <pshelar@ovn.org>
CC: Justin Pettit <jpettit@nicira.com>
CC: "David S. Miller" <davem@davemloft.net>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoethtool: future-proof interface for speed extensions
Michael S. Tsirkin [Sun, 7 Feb 2016 21:27:55 +0000 (23:27 +0200)]
ethtool: future-proof interface for speed extensions

Many virtual and not quite virtual devices allow any speed to be set
through ethtool. In particular, this applies to the virtio-net devices.
Document this fact to make sure people don't assume the enum lists all
possible values.  Reserve values greater than INT_MAX for future
extension and to avoid conflict with SPEED_UNKNOWN.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agovrf: duplicate include of rtnetlink.h
stephen hemminger [Wed, 10 Feb 2016 06:11:27 +0000 (22:11 -0800)]
vrf: duplicate include of rtnetlink.h

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agovxlan: udp_tunnel duplicate include net/udp_tunnel.h
stephen hemminger [Wed, 10 Feb 2016 06:07:29 +0000 (22:07 -0800)]
vxlan: udp_tunnel duplicate include net/udp_tunnel.h

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agords: duplicate include net/tcp.h
stephen hemminger [Wed, 10 Feb 2016 06:04:47 +0000 (22:04 -0800)]
rds: duplicate include net/tcp.h

Duplicate include detected.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobonding: Return correct error code
Amitoj Kaur Chawla [Sun, 7 Feb 2016 05:26:25 +0000 (10:56 +0530)]
bonding: Return correct error code

The return value of kzalloc on failure of allocation of memory should
be -ENOMEM and not -1.

Found using Coccinelle. A simplified version of the semantic patch
used is:

//<smpl>
@@
expression *e;
@@

e = kzalloc(...);
if (e == NULL) {
...
return
- -1
+ -ENOMEM
;
}
//</smpl>

The single call site only checks that the return value is not 0,
hence no change is required at the call site.

Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'gso-checksums'
David S. Miller [Thu, 11 Feb 2016 13:55:42 +0000 (08:55 -0500)]
Merge branch 'gso-checksums'

Alexander Duyck says:

====================
Add GSO support for outer checksum w/ inner checksum offloads

This patch series updates the existing segmentation offload code for
tunnels to make better use of existing and updated GSO checksum
computation.  This is done primarily through two mechanisms.  First we
maintain a separate checksum in the GSO context block of the sk_buff.  This
allows us to maintain two checksum values, one offloaded with values stored
in csum_start and csum_offset, and one computed and tracked in
SKB_GSO_CB(skb)->csum.  By maintaining these two values we are able to take
advantage of the same sort of math used in local checksum offload so that
we can provide both inner and outer checksums with minimal overhead.

Below is the performance for a netperf session between an ixgbe PF and VF
on the same host but in different namespaces.  As can be seen a significant
gain in performance can be had from allowing the use of Tx checksum offload
on the inner headers while performing a software offload on the outer
header computation:

 Recv   Send   Send                       Utilization  Service Demand
 Socket Socket Message Elapsed            Send  Recv   Send  Recv
 Size   Size   Size    Time    Throughput local remote local remote
 bytes  bytes  bytes   secs.   10^6bits/s % S   % U    us/KB us/KB

Before:
 87380  16384  16384   10.00   12844.38   9.30  -1.00  0.712 -1.00
After:
 87380  16384  16384   10.00   13216.63   6.78  -1.00  0.504 -1.000

Changes from v1:
* Dropped use of CHECKSUM_UNNECESSARY for remote checksum offload
* Left encap_hdr_csum as it will likely be needed in future for SCTP GSO
* Broke the changes out over many more patches
* Updated GRE segmentation to more closely match UDP tunnel segmentation
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Allow tunnels to use inner checksum offloads with outer checksums needed
Alexander Duyck [Fri, 5 Feb 2016 23:28:26 +0000 (15:28 -0800)]
net: Allow tunnels to use inner checksum offloads with outer checksums needed

This patch enables us to use inner checksum offloads if provided by
hardware with outer checksums computed by software.

It basically reduces encap_hdr_csum to an advisory flag for now, but based
on the fact that SCTP may be getting segmentation support before long I
thought we may want to keep it as it is possible we may need to support
CRC32c and 1's compliment checksum in the same packet at some point in the
future.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoudp: Use uh->len instead of skb->len to compute checksum in segmentation
Alexander Duyck [Fri, 5 Feb 2016 23:28:20 +0000 (15:28 -0800)]
udp: Use uh->len instead of skb->len to compute checksum in segmentation

The segmentation code was having to do a bunch of work to pull the
skb->len and strip the udp header offset before the value could be used to
adjust the checksum.  Instead of doing all this work we can just use the
value that goes into uh->len since that is the correct value with the
correct byte order that we need anyway.  By using this value we can save
ourselves a bunch of pain as there is no need to do multiple byte swaps.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoudp: Clean up the use of flags in UDP segmentation offload
Alexander Duyck [Fri, 5 Feb 2016 23:28:14 +0000 (15:28 -0800)]
udp: Clean up the use of flags in UDP segmentation offload

This patch goes though and cleans up the logic related to several of the
control flags used in UDP segmentation.  Specifically the use of dont_encap
isn't really needed as we can just check the skb for CHECKSUM_PARTIAL and
if it isn't set then we don't need to update the internal headers.  As such
we can just drop that value.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agogre: Use inner_proto to obtain inner header protocol
Alexander Duyck [Fri, 5 Feb 2016 23:28:08 +0000 (15:28 -0800)]
gre: Use inner_proto to obtain inner header protocol

Instead of parsing headers to determine the inner protocol we can just pull
the value from inner_proto.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agogre: Use GSO flags to determine csum need instead of GRE flags
Alexander Duyck [Fri, 5 Feb 2016 23:28:01 +0000 (15:28 -0800)]
gre: Use GSO flags to determine csum need instead of GRE flags

This patch updates the gre checksum path to follow something much closer to
the UDP checksum path.  By doing this we can avoid needing to do as much
header inspection and can just make use of the fields we were already
reading in the sk_buff structure.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Move skb_has_shared_frag check out of GRE code and into segmentation
Alexander Duyck [Fri, 5 Feb 2016 23:27:55 +0000 (15:27 -0800)]
net: Move skb_has_shared_frag check out of GRE code and into segmentation

The call skb_has_shared_frag is used in the GRE path and skb_checksum_help
to verify that no frags can be modified by an external entity.  This check
really doesn't belong in the GRE path but in the skb_segment function
itself.  This way any protocol that might be segmented will be performing
this check before attempting to offload a checksum to software.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Store checksum result for offloaded GSO checksums
Alexander Duyck [Fri, 5 Feb 2016 23:27:49 +0000 (15:27 -0800)]
net: Store checksum result for offloaded GSO checksums

This patch makes it so that we can offload the checksums for a packet up
to a certain point and then begin computing the checksums via software.
Setting this up is fairly straight forward as all we need to do is reset
the values stored in csum and csum_start for the GSO context block.

One complication for this is remote checksum offload.  In order to allow
the inner checksums to be offloaded while computing the outer checksum
manually we needed to have some way of indicating that the offload wasn't
real.  In order to do that I replaced CHECKSUM_PARTIAL with
CHECKSUM_UNNECESSARY in the case of us computing checksums for the outer
header while skipping computing checksums for the inner headers.  We clean
up the ip_summed flag and set it to either CHECKSUM_PARTIAL or
CHECKSUM_NONE once we hand the packet off to the next lower level.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Update remote checksum segmentation to support use of GSO checksum
Alexander Duyck [Fri, 5 Feb 2016 23:27:43 +0000 (15:27 -0800)]
net: Update remote checksum segmentation to support use of GSO checksum

This patch addresses two main issues.

First in the case of remote checksum offload we were avoiding dealing with
scatter-gather issues.  As a result it would be possible to assemble a
series of frames that used frags instead of being linearized as they should
have if remote checksum offload was enabled.

Second I have updated the code so that we now let GSO take care of doing
the checksum on the data itself and drop the special case that was added
for remote checksum offload.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Move GSO csum into SKB_GSO_CB
Alexander Duyck [Fri, 5 Feb 2016 23:27:37 +0000 (15:27 -0800)]
net: Move GSO csum into SKB_GSO_CB

This patch moves the checksum maintained by GSO out of skb->csum and into
the GSO context block in order to allow for us to work on outer checksums
while maintaining the inner checksum offsets in the case of the inner
checksum being offloaded, while the outer checksums will be computed.

While updating the code I also did a minor cleanu-up on gso_make_checksum.
The change is mostly to make it so that we store the values and compute the
checksum instead of computing the checksum and then storing the values we
needed to update.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Drop unecessary enc_features variable from tunnel segmentation functions
Alexander Duyck [Fri, 5 Feb 2016 23:27:31 +0000 (15:27 -0800)]
net: Drop unecessary enc_features variable from tunnel segmentation functions

The enc_features variable isn't necessary since features isn't used
anywhere after we create enc_features so instead just use a destructive AND
on features itself and save ourselves the variable declaration.

Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agohv_netvsc: cleanup netdev feature flags for netvsc
sixiao@microsoft.com [Thu, 4 Feb 2016 23:49:34 +0000 (15:49 -0800)]
hv_netvsc: cleanup netdev feature flags for netvsc

1. Adding NETIF_F_TSO6 feature flag;
2. Adding NETIF_F_HW_CSUM. NETIF_F_IPV6_CSUM and NETIF_F_IP_CSUM are
being deprecated;
3. Cleanup the coding style of flag assignment by using macro.

Signed-off-by: Simon Xiao <sixiao@microsoft.com>
Reviewed-by: K. Y. Srinivasan <kys@microsoft.com>
Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'ethtool-nfc-ipv6'
David S. Miller [Thu, 11 Feb 2016 12:16:29 +0000 (07:16 -0500)]
Merge branch 'ethtool-nfc-ipv6'

Edward Cree says:

====================
IPv6 NFC

This series adds support for steering IPv6 flows using the ethtool NFC
 interface, and implements it for sfc devices.
Tested using an in-development patch to the ethtool utility.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agosfc: implement IPv6 NFC (and IPV4_USER_FLOW)
Edward Cree [Fri, 5 Feb 2016 11:16:50 +0000 (11:16 +0000)]
sfc: implement IPv6 NFC (and IPV4_USER_FLOW)

Signed-off-by: Edward Cree <ecree@solarflare.com>
Reviewed-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoethtool: add IPv6 to the NFC API
Edward Cree [Fri, 5 Feb 2016 11:16:21 +0000 (11:16 +0000)]
ethtool: add IPv6 to the NFC API

Signed-off-by: Edward Cree <ecree@solarflare.com>
Reviewed-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'cxgb4-tos'
David S. Miller [Thu, 11 Feb 2016 12:13:29 +0000 (07:13 -0500)]
Merge branch 'cxgb4-tos'

Hariprasad Shenai says:

====================
Add TOS support and some cleanup

This series adds TOS support for iWARP and also does some cleanup to make
code more readable. Patch series is created against infiniband tree and
includes patches on iw_cxgb4 and cxgb4 driver.

We have included all the maintainers of respective drivers. Kindly review
the change and let us know in case of any review comments.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agocxgb4/iw_cxgb4: TOS support
Hariprasad Shenai [Fri, 5 Feb 2016 06:13:30 +0000 (11:43 +0530)]
cxgb4/iw_cxgb4: TOS support

This series provides support for iWARP applications to specify a TOS
value and have that map to a VLAN Priority for iw_cxgb4 iWARP connections.

In iw_cxgb4, when allocating an L2T entry, pass the skb_priority based
on the tos value in the cm_id. Also pass the correct tos value during
connection setup so the passive side gets the client's desired tos.
When sending the FLOWC work request to FW, if the egress device is
in a vlan, then use the vlan priority bits as the scheduling class.
This allows associating RDMA connections with scheduling classes to
provide traffic shaping per flow.

Signed-off-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoiw_cxgb4: remove false error log entry
Hariprasad Shenai [Fri, 5 Feb 2016 06:13:29 +0000 (11:43 +0530)]
iw_cxgb4: remove false error log entry

Don't log errors if a listening endpoint is going away when procesing a
PASS_ACCEPT_REQ message.  This can happen.  Change the error printk to
a PDBG() debug log entry

Signed-off-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoiw_cxgb4: make queue allocation code more readable
Hariprasad Shenai [Fri, 5 Feb 2016 06:13:28 +0000 (11:43 +0530)]
iw_cxgb4: make queue allocation code more readable

Rename local mm* variables to more meaningful names

Signed-off-by: Steve Wise <swise@opengridcomputing.com>
Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'fec-next'
David S. Miller [Thu, 11 Feb 2016 11:15:00 +0000 (06:15 -0500)]
Merge branch 'fec-next'

Troy Kisky says:

====================
net: fec: cleanup/fixes

V2 is a rebase on top of johannes endian-safe patch and
is only the 1st eight patches.
The testing for this series was done on a nitrogen6x.
The base commit was
commit b45efa30a626e915192a6c548cd8642379cd47cc
    Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

Testing showed no change in performance.
Testing used imx_v6_v7_defconfig + CONFIG_MICREL_PHY.
The processor was running at 996Mhz.
The following commands were used to get the transfer rates.

On an x86 ubunto system,
iperf -s -i.5 -u

On a nitrogen6x board, running via SD Card.
I first stopped some background processes

stop cron
stop upstart-file-bridge
stop upstart-socket-bridge
stop upstart-udev-bridge
stop rsyslog
stop dbus
killall dhclient
echo performance >/sys/devices/system/cpu/cpu0/cpufreq/scaling_governor

taskset 0x2 iperf -c 192.168.0.201 -u -t60 -b500M -r

There is a branch available on github with this series, and the rest of
my fec patches, for those who would like to test it.
https://github.com:boundarydevices/linux-imx6.git branch net-next_master
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: improve error handling
Troy Kisky [Fri, 5 Feb 2016 21:52:50 +0000 (14:52 -0700)]
net: fec: improve error handling

Unmap initial buffer on error.
Don't free skb until it has been unmapped.
Move cbd_bufaddr assignment closer to the mapping function.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: don't transfer ownership until descriptor write is complete
Troy Kisky [Fri, 5 Feb 2016 21:52:49 +0000 (14:52 -0700)]
net: fec: don't transfer ownership until descriptor write is complete

If you don't own it, you shouldn't write to it.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: don't disable FEC_ENET_TS_TIMER interrupt
Troy Kisky [Fri, 5 Feb 2016 21:52:48 +0000 (14:52 -0700)]
net: fec: don't disable FEC_ENET_TS_TIMER interrupt

Only the interrupt routine processes this condition.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: add variable reg_desc_active to speed things up
Troy Kisky [Fri, 5 Feb 2016 21:52:47 +0000 (14:52 -0700)]
net: fec: add variable reg_desc_active to speed things up

There is no need for complex macros every time we need to activate
a queue. Also, no need to call skb_get_queue_mapping when we already
know which queue it is using.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: add struct bufdesc_prop
Troy Kisky [Fri, 5 Feb 2016 21:52:46 +0000 (14:52 -0700)]
net: fec: add struct bufdesc_prop

This reduces code and gains speed.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: fix fec_enet_get_free_txdesc_num
Troy Kisky [Fri, 5 Feb 2016 21:52:45 +0000 (14:52 -0700)]
net: fec: fix fec_enet_get_free_txdesc_num

When first initialized, cur_tx points to the 1st
entry in the queue, and dirty_tx points to the last.
At this point, fec_enet_get_free_txdesc_num will
return tx_ring_size -2. If tx_ring_size -2 entries
are now queued, then fec_enet_get_free_txdesc_num
should return 0, but it returns tx_ring_size instead.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: fix rx error counts
Troy Kisky [Fri, 5 Feb 2016 21:52:44 +0000 (14:52 -0700)]
net: fec: fix rx error counts

On an overrun, the other flags are not
valid, so don't check them.

Also, don't pass bad frames up the stack.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: fec: stop the "rcv is not +last, " error messages
Troy Kisky [Fri, 5 Feb 2016 21:52:43 +0000 (14:52 -0700)]
net: fec: stop the "rcv is not +last, " error messages

Setting the FTRL register will stop the fec from
trying to use multiple receive buffers.

Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobonding: 3ad: allow to set ad_actor settings while the bond is up
Nikolay Aleksandrov [Thu, 4 Feb 2016 16:42:28 +0000 (17:42 +0100)]
bonding: 3ad: allow to set ad_actor settings while the bond is up

No need to require the bond down while changing these settings, the change
will be reflected immediately and the 3ad mode will sort itself out.
For faster convergence set port->ntt to true in order to generate new
LACPDUs immediately.

CC: Jay Vosburgh <j.vosburgh@gmail.com>
CC: Veaceslav Falico <vfalico@gmail.com>
CC: Andy Gospodarek <gospo@cumulusnetworks.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv6: add option to drop unsolicited neighbor advertisements
Johannes Berg [Thu, 4 Feb 2016 12:31:20 +0000 (13:31 +0100)]
ipv6: add option to drop unsolicited neighbor advertisements

In certain 802.11 wireless deployments, there will be NA proxies
that use knowledge of the network to correctly answer requests.
To prevent unsolicitd advertisements on the shared medium from
being a problem, on such deployments wireless needs to drop them.

Enable this by providing an option called "drop_unsolicited_na".

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv6: add option to drop unicast encapsulated in L2 multicast
Johannes Berg [Thu, 4 Feb 2016 12:31:19 +0000 (13:31 +0100)]
ipv6: add option to drop unicast encapsulated in L2 multicast

In order to solve a problem with 802.11, the so-called hole-196 attack,
add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if
enabled, causes the stack to drop IPv6 unicast packets encapsulated in
link-layer multi- or broadcast frames. Such frames can (as an attack)
be created by any member of the same wireless network and transmitted
as valid encrypted frames since the symmetric key for broadcast frames
is shared between all stations.

Reviewed-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: add option to drop gratuitous ARP packets
Johannes Berg [Thu, 4 Feb 2016 12:31:18 +0000 (13:31 +0100)]
ipv4: add option to drop gratuitous ARP packets

In certain 802.11 wireless deployments, there will be ARP proxies
that use knowledge of the network to correctly answer requests.
To prevent gratuitous ARP frames on the shared medium from being
a problem, on such deployments wireless needs to drop them.

Enable this by providing an option called "drop_gratuitous_arp".

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: add option to drop unicast encapsulated in L2 multicast
Johannes Berg [Thu, 4 Feb 2016 12:31:17 +0000 (13:31 +0100)]
ipv4: add option to drop unicast encapsulated in L2 multicast

In order to solve a problem with 802.11, the so-called hole-196 attack,
add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if
enabled, causes the stack to drop IPv4 unicast packets encapsulated in
link-layer multi- or broadcast frames. Such frames can (as an attack)
be created by any member of the same wireless network and transmitted
as valid encrypted frames since the symmetric key for broadcast frames
is shared between all stations.

Additionally, enabling this option provides compliance with a SHOULD
clause of RFC 1122.

Reviewed-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMAINTAINERS: Update tg3 maintainer
Siva Reddy Kallam [Thu, 4 Feb 2016 09:50:47 +0000 (15:20 +0530)]
MAINTAINERS: Update tg3 maintainer

Signed-off-by: Siva Reddy Kallam <siva.kallam@broadcom.com>
Signed-off-by: Michael Chan <mchan@broadcom.com>
Acked-by: Prashant Sreedharan <prashant@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobpf_dbg: do not initialise statics to 0
Wei Tang [Thu, 4 Feb 2016 09:36:23 +0000 (17:36 +0800)]
bpf_dbg: do not initialise statics to 0

This patch fixes the checkpatch.pl error to bpf_dbg.c:

ERROR: do not initialise statics to 0

Signed-off-by: Wei Tang <tangwei@cmss.chinamobile.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agonet: Add support for filtering link dump by master device and kind
David Ahern [Tue, 2 Feb 2016 16:17:07 +0000 (08:17 -0800)]
net: Add support for filtering link dump by master device and kind

Add support for filtering link dumps by master device and kind, similar
to the filtering implemented for neighbor dumps.

Each net_device that exists adds between 1196 bytes (eth) and 1556 bytes
(bridge) to the link dump. As the number of interfaces increases so does
the amount of data pushed to user space for a link list. If the user
only wants to see a list of specific devices (e.g., interfaces enslaved
to a specific bridge or a list of VRFs) most of that data is thrown away.
Passing the filters to the kernel to have only relevant data returned
makes the dump more efficient.

Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Acked-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'tcp-fast-so_reuseport'
David S. Miller [Thu, 11 Feb 2016 08:54:23 +0000 (03:54 -0500)]
Merge branch 'tcp-fast-so_reuseport'

Craig Gallek says:

====================
Faster SO_REUSEPORT for TCP

This patch series complements an earlier series (6a5ef90c58da)
which added faster SO_REUSEPORT lookup for UDP sockets by
extending the feature to TCP sockets.  It uses the same
array-based data structure which allows for socket selection
after finding the first listening socket that matches an incoming
packet.  Prior to this feature, every socket in the reuseport
group needed to be found and examined before a selection could be
made.

With this series the SO_ATTACH_REUSEPORT_CBPF and
SO_ATTACH_REUSEPORT_EBPF socket options now work for TCP sockets
as well.  The test at the end of the series includes an example of
how to use these options to select a reuseport socket based on the
cpu core id handling the incoming packet.

There are several refactoring patches that precede the feature
implementation.  Only the last two patches in this series
should result in any behavioral changes.

v4
- Fix build issue when compiling IPv6 as a module.  This required
  moving the ipv6_rcv_saddr_equal into an object that is included as a
  built-in object.  I included this change in the second patch which
  adds inet6_hash since that is where ipv6_rcv_saddr_equal will
  later be called from non-module code.

v3:
- Another warning in the first patch caught by a build bot.  Return 0 in
  the no-op UDP hash function.

v2:
- In the first patched I missed a couple of hash functions that should now be
  returning int instead of void.  I missed these the first time through as it
  only generated a warning and not an error :\
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agosoreuseport: BPF selection functional test for TCP
Craig Gallek [Wed, 10 Feb 2016 16:50:41 +0000 (11:50 -0500)]
soreuseport: BPF selection functional test for TCP

Unfortunately the existing test relied on packet payload in order to
map incoming packets to sockets.  In order to get this to work with TCP,
TCP_FASTOPEN needed to be used.

Since the fast open path is slightly different than the standard TCP path,
I created a second test which sends to reuseport group members based
on receiving cpu core id.  This will probably serve as a better
real-world example use as well.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agosoreuseport: fast reuseport TCP socket selection
Craig Gallek [Wed, 10 Feb 2016 16:50:40 +0000 (11:50 -0500)]
soreuseport: fast reuseport TCP socket selection

This change extends the fast SO_REUSEPORT socket lookup implemented
for UDP to TCP.  Listener sockets with SO_REUSEPORT and the same
receive address are additionally added to an array for faster
random access.  This means that only a single socket from the group
must be found in the listener list before any socket in the group can
be used to receive a packet.  Previously, every socket in the group
needed to be considered before handing off the incoming packet.

This feature also exposes the ability to use a BPF program when
selecting a socket from a reuseport group.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agosoreuseport: Prep for fast reuseport TCP socket selection
Craig Gallek [Wed, 10 Feb 2016 16:50:39 +0000 (11:50 -0500)]
soreuseport: Prep for fast reuseport TCP socket selection

Both of the lines in this patch probably should have been included
in the initial implementation of this code for generic socket
support, but weren't technically necessary since only UDP sockets
were supported.

First, the sk_reuseport_cb points to a structure which assumes
each socket in the group has this pointer assigned at the same
time it's added to the array in the structure.  The sk_clone_lock
function breaks this assumption.  Since a child socket shouldn't
implicitly be in a reuseport group, the simple fix is to clear
the field in the clone.

Second, the SO_ATTACH_REUSEPORT_xBPF socket options require that
SO_REUSEPORT also be set first.  For UDP sockets, this is easily
enforced at bind-time since that process both puts the socket in
the appropriate receive hlist and updates the reuseport structures.
Since these operations can happen at two different times for TCP
sockets (bind and listen) it must be explicitly checked to enforce
the use of SO_REUSEPORT with SO_ATTACH_REUSEPORT_xBPF in the
setsockopt call.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoinet: refactor inet[6]_lookup functions to take skb
Craig Gallek [Wed, 10 Feb 2016 16:50:38 +0000 (11:50 -0500)]
inet: refactor inet[6]_lookup functions to take skb

This is a preliminary step to allow fast socket lookup of SO_REUSEPORT
groups.  Doing so with a BPF filter will require access to the
skb in question.  This change plumbs the skb (and offset to payload
data) through the call stack to the listening socket lookup
implementations where it will be used in a following patch.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agotcp: __tcp_hdrlen() helper
Craig Gallek [Wed, 10 Feb 2016 16:50:37 +0000 (11:50 -0500)]
tcp: __tcp_hdrlen() helper

tcp_hdrlen is wasteful if you already have a pointer to struct tcphdr.
This splits the size calculation into a helper function that can be
used if a struct tcphdr is already available.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoinet: create IPv6-equivalent inet_hash function
Craig Gallek [Wed, 10 Feb 2016 16:50:36 +0000 (11:50 -0500)]
inet: create IPv6-equivalent inet_hash function

In order to support fast lookups for TCP sockets with SO_REUSEPORT,
the function that adds sockets to the listening hash set needs
to be able to check receive address equality.  Since this equality
check is different for IPv4 and IPv6, we will need two different
socket hashing functions.

This patch adds inet6_hash identical to the existing inet_hash function
and updates the appropriate references.  A following patch will
differentiate the two by passing different comparison functions to
__inet_hash.

Additionally, in order to use the IPv6 address equality function from
inet6_hashtables (which is compiled as a built-in object when IPv6 is
enabled) it also needs to be in a built-in object file as well.  This
moves ipv6_rcv_saddr_equal into inet_hashtables to accomplish this.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agosock: struct proto hash function may error
Craig Gallek [Wed, 10 Feb 2016 16:50:35 +0000 (11:50 -0500)]
sock: struct proto hash function may error

In order to support fast reuseport lookups in TCP, the hash function
defined in struct proto must be capable of returning an error code.
This patch changes the function signature of all related hash functions
to return an integer and handles or propagates this return value at
all call sites.

Signed-off-by: Craig Gallek <kraig@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge tag 'batman-adv-for-davem' of git://git.open-mesh.org/linux-merge
David S. Miller [Thu, 11 Feb 2016 08:49:55 +0000 (03:49 -0500)]
Merge tag 'batman-adv-for-davem' of git://git.open-mesh.org/linux-merge

Antonio Quartulli says:

====================
Here you have a batch of patches by Sven Eckelmann that
drops our private reference counting implementation and
substitutes it with the kref objects/functions.

Then you have a patch, by Simon Wunderlich, that
makes the broadcast protection window code more generic so
that it can be re-used in the future by other components
with different requirements.

Lastly, Sven is also introducing two lockdep asserts in
functions operating on our TVLV container list, to make
sure that the proper lock is always acquired by the users.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'be2net-next'
David S. Miller [Thu, 11 Feb 2016 08:47:05 +0000 (03:47 -0500)]
Merge branch 'be2net-next'

Ajit Khaparde says:

====================
be2net Patch series

Please consider applying these two patches to net-next

  Patch-1: Request RSS capability of Rx interface depending on number of
    Rx rings
  Patch-2: Interpret and log new data that's added to the port
    misconfigure async event
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobe2net: Interpret and log new data that's added to the port misconfigure async event
Ajit Khaparde [Wed, 10 Feb 2016 17:15:54 +0000 (22:45 +0530)]
be2net: Interpret and log new data that's added to the port misconfigure async event

>From FW version 11.0. onwards, the PORT_MISCONFIG event generated by the FW
will carry more information about the event in the "data_word1"
and "data_word2" fields. This patch adds support in the driver to parse the
new information and log it accordingly. This patch also changes some of the
messages that are being logged currently.

Signed-off-by: Suresh Reddy <suresh.reddy@broadcom.com>
Signed-off-by: Venkat Duvvuru <venkatkumar.duvvuru@broadcom.com>
Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobe2net: Request RSS capability of Rx interface depending on number of Rx rings
Ajit Khaparde [Wed, 10 Feb 2016 17:15:53 +0000 (22:45 +0530)]
be2net: Request RSS capability of Rx interface depending on number of Rx rings

Currently we request RSS capability even if a single Rx ring is created.
As a result in few cases we unnecessarily consume an RSS capable interface
which is a limited resource in the chip.
This patch enables RSS on an interface only if more than one Rx ring
is created.

Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobatman-adv: Convert batadv_tt_common_entry to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:57 +0000 (10:29 +0100)]
batman-adv: Convert batadv_tt_common_entry to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_orig_node to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:56 +0000 (10:29 +0100)]
batman-adv: Convert batadv_orig_node to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_orig_node_vlan to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:55 +0000 (10:29 +0100)]
batman-adv: Convert batadv_orig_node_vlan to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_hard_iface to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:54 +0000 (10:29 +0100)]
batman-adv: Convert batadv_hard_iface to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_neigh_node to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:53 +0000 (10:29 +0100)]
batman-adv: Convert batadv_neigh_node to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_orig_ifinfo to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:52 +0000 (10:29 +0100)]
batman-adv: Convert batadv_orig_ifinfo to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_neigh_ifinfo to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:51 +0000 (10:29 +0100)]
batman-adv: Convert batadv_neigh_ifinfo to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_tt_orig_list_entry to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:50 +0000 (10:29 +0100)]
batman-adv: Convert batadv_tt_orig_list_entry to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_tvlv_handler to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:49 +0000 (10:29 +0100)]
batman-adv: Convert batadv_tvlv_handler to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_tvlv_container to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:48 +0000 (10:29 +0100)]
batman-adv: Convert batadv_tvlv_container to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_dat_entry to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:47 +0000 (10:29 +0100)]
batman-adv: Convert batadv_dat_entry to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_nc_path to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:46 +0000 (10:29 +0100)]
batman-adv: Convert batadv_nc_path to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_nc_node to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:45 +0000 (10:29 +0100)]
batman-adv: Convert batadv_nc_node to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_bla_claim to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:44 +0000 (10:29 +0100)]
batman-adv: Convert batadv_bla_claim to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_bla_backbone_gw to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:43 +0000 (10:29 +0100)]
batman-adv: Convert batadv_bla_backbone_gw to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_softif_vlan to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:42 +0000 (10:29 +0100)]
batman-adv: Convert batadv_softif_vlan to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_gw_node to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:41 +0000 (10:29 +0100)]
batman-adv: Convert batadv_gw_node to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Convert batadv_hardif_neigh_node to kref
Sven Eckelmann [Sat, 16 Jan 2016 09:29:40 +0000 (10:29 +0100)]
batman-adv: Convert batadv_hardif_neigh_node to kref

batman-adv uses a self-written reference implementation which is just based
on atomic_t. This is less obvious when reading the code than kref and
therefore increases the change that the reference counting will be missed.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Add lockdep assert for container_list_lock
Sven Eckelmann [Sun, 20 Dec 2015 08:04:03 +0000 (09:04 +0100)]
batman-adv: Add lockdep assert for container_list_lock

The batadv_tvlv_container* functions state in their kernel-doc that they
require tvlv.container_list_lock. Add an assert to automatically detect
when this might have been ignored by the caller.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: add seqno maximum age and protection start flag parameters
Simon Wunderlich [Mon, 23 Nov 2015 18:57:22 +0000 (19:57 +0100)]
batman-adv: add seqno maximum age and protection start flag parameters

To allow future use of the window protected function with different
maximum sequence numbers, add a parameter to set this value which
was previously hardcoded. Another parameter added for future use is a
flag to return whether the protection window has started.

While at it, also fix the kerneldoc.

Signed-off-by: Simon Wunderlich <simon@open-mesh.com>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agobatman-adv: Drop reference to netdevice on last reference
Sven Eckelmann [Tue, 5 Jan 2016 11:06:26 +0000 (12:06 +0100)]
batman-adv: Drop reference to netdevice on last reference

The references to the network device should be dropped inside the release
function for batadv_hard_iface similar to what is done with the batman-adv
internal datastructures.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
8 years agosxgbe: remove unused code
Jean Sacren [Wed, 10 Feb 2016 03:47:17 +0000 (20:47 -0700)]
sxgbe: remove unused code

Remove the unused code of sxgbe_xpcs.

Reported-by: Julia Lawall <julia.lawall@lip6.fr>
Suggested-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Jean Sacren <sakiwit@gmail.com>
Cc: Byungho An <bh74.an@samsung.com>
Cc: Girish K S <ks.giri@samsung.com>
Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1601191918470.2531@hadrien
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'renesas-bit-twiddling'
David S. Miller [Wed, 10 Feb 2016 10:38:19 +0000 (05:38 -0500)]
Merge branch 'renesas-bit-twiddling'

Sergei Shtylyov says:

====================
Factor out register bit twiddling in the Renesas Ethernet drivers

   Here's a set of 2 patches against DaveM's 'net-next.git' repo. We factor out
the often repeated pattern of reading a register, AND'ing and/or OR'ing some
bits, and then writing the value back.

[1/2] ravb: factor out register bit twiddling code
[2/2] sh_eth: factor out register bit twiddling code
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agosh_eth: factor out register bit twiddling code
Sergei Shtylyov [Tue, 9 Feb 2016 22:38:28 +0000 (01:38 +0300)]
sh_eth: factor out register bit twiddling code

The  driver has often repeated pattern of reading a register,  AND'ing and/or
OR'ing some bits  and writing  the  value back. Factor the pattern out into
sh_eth_modify() -- this saves  84 bytes of code with ARM gcc 4.7.3.

While at it, update Cogent Embedded's copyright.

Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoravb: factor out register bit twiddling code
Sergei Shtylyov [Tue, 9 Feb 2016 22:37:44 +0000 (01:37 +0300)]
ravb: factor out register bit twiddling code

The  driver has often repeated pattern of reading a register,  AND'ing and/or
OR'ing some bits  and writing  the  value back. Factor the pattern out into
ravb_modify() -- this saves 260 bytes of code with ARM gcc 4.7.3.

While at it, update Cogent Embedded's copyrights.

Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'tpacket-gso-csum-offload'
David S. Miller [Tue, 9 Feb 2016 11:43:59 +0000 (06:43 -0500)]
Merge branch 'tpacket-gso-csum-offload'

Willem de Bruijn says:

====================
packet: tpacket gso and csum offload

Extend PACKET_VNET_HDR socket option support to packet sockets with
memory mapped rings.

Patches 2 and 4 add support to tpacket_rcv and tpacket_snd.

Patch 1 prepares for this by moving the relevant virtio_net_hdr
logic out of packet_snd and packet_rcv into helper functions.

GSO transmission requires all headers in the skb linear section.
Patch 3 moves parsing of tx_ring slot headers before skb allocation
to enable allocation with sufficient linear size.

Changes
  v1->v2:
    - fix bounds checks:
      - subtract sizeof(vnet_hdr) before comparing tp_len to size_max
      - compare tp_len to size_max also with GSO, just do not truncate to MTU
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agopacket: tpacket_snd gso and checksum offload
Willem de Bruijn [Wed, 3 Feb 2016 23:02:17 +0000 (18:02 -0500)]
packet: tpacket_snd gso and checksum offload

Support socket option PACKET_VNET_HDR together with PACKET_TX_RING.

When enabled, a struct virtio_net_hdr is expected to precede the data
in the ring. The vnet option must be set before the ring is created.

The implementation reuses the existing skb_copy_bits code that is used
when dev->hard_header_len is non-zero. Move this ll_header check to
before the skb alloc and combine it with a test for vnet_hdr->hdr_len.
Allocate and copy the max of the two.

Verified with test program at
github.com/wdebruij/kerneltools/blob/master/tests/psock_txring_vnet.c

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agopacket: parse tpacket header before skb alloc
Willem de Bruijn [Wed, 3 Feb 2016 23:02:16 +0000 (18:02 -0500)]
packet: parse tpacket header before skb alloc

GSO packet headers must be stored in the linear skb segment.
Move tpacket header parsing before sock_alloc_send_skb. The GSO
follow-on patch will later increase the skb linear argument to
sock_alloc_send_skb if needed for large packets.

The header parsing code does not require an allocated skb, so is
safe to move. Later pass to tpacket_fill_skb the computed data
start and length.

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agopacket: vnet_hdr support for tpacket_rcv
Willem de Bruijn [Wed, 3 Feb 2016 23:02:15 +0000 (18:02 -0500)]
packet: vnet_hdr support for tpacket_rcv

Support socket option PACKET_VNET_HDR together with PACKET_RX_RING.
When enabled, a struct virtio_net_hdr will precede the data in the
packet ring slots.

Verified with test program at
github.com/wdebruij/kerneltools/blob/master/tests/psock_rxring_vnet.c

  pkt: 1454269209.798420 len=5066
  vnet: gso_type=tcpv4 gso_size=1448 hlen=66 ecn=off
  csum: start=34 off=16
  eth: proto=0x800
  ip: src=<masked> dst=<masked> proto=6 len=5052

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agopacket: move vnet_hdr code to helper functions
Willem de Bruijn [Wed, 3 Feb 2016 23:02:14 +0000 (18:02 -0500)]
packet: move vnet_hdr code to helper functions

packet_snd and packet_rcv support virtio net headers for GSO.
Move this logic into helper functions to be able to reuse it in
tpacket_snd and tpacket_rcv.

This is a straighforward code move with one exception. Instead of
creating and passing a separate gso_type variable, reuse
vnet_hdr.gso_type after conversion from virtio to kernel gso type.

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobonding: 3ad: apply ad_actor settings changes immediately
Nikolay Aleksandrov [Wed, 3 Feb 2016 12:17:01 +0000 (13:17 +0100)]
bonding: 3ad: apply ad_actor settings changes immediately

Currently the bonding allows to set ad_actor_system and prio while the
bond device is down, but these are actually applied only if there aren't
any slaves yet (applied to bond device when first slave shows up, and to
slaves at 3ad bind time). After this patch changes are applied immediately
and the new values can be used/seen after the bond's upped so it's not
necessary anymore to release all and enslave again to see the changes.

CC: Jay Vosburgh <j.vosburgh@gmail.com>
CC: Veaceslav Falico <vfalico@gmail.com>
CC: Andy Gospodarek <gospo@cumulusnetworks.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'bridge-mdb-entry-offload-flag'
David S. Miller [Tue, 9 Feb 2016 09:42:55 +0000 (04:42 -0500)]
Merge branch 'bridge-mdb-entry-offload-flag'

Jiri Pirko says:

====================
bridge: mdb: flag offloaded mdb entries

This patchset extends uapi to let the user know if an mdb entry is offloaded.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobridge: mdb: Passing the port-group pointer to br_mdb module
Elad Raz [Wed, 3 Feb 2016 08:57:06 +0000 (09:57 +0100)]
bridge: mdb: Passing the port-group pointer to br_mdb module

Passing the port-group to br_mdb in order to allow direct access to the
structure. br_mdb will later use the structure to reflect HW reflection
status via "state" variable.

Signed-off-by: Elad Raz <eladr@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobridge: mdb: Separate br_mdb_entry->state from net_bridge_port_group->state
Elad Raz [Wed, 3 Feb 2016 08:57:05 +0000 (09:57 +0100)]
bridge: mdb: Separate br_mdb_entry->state from net_bridge_port_group->state

Change net_bridge_port_group 'state' member to 'flags' and define new set
of flags internal to the kernel.

Signed-off-by: Elad Raz <eladr@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobridge: mdb: add support for offloaded mdb entries
Elad Raz [Wed, 3 Feb 2016 08:57:04 +0000 (09:57 +0100)]
bridge: mdb: add support for offloaded mdb entries

Add new bitmask member 'flags' to br_mdb_entry structure. Adding
MDB_FLAGS_OFFLOAD bit which indicates MDB entries is offloaded to hardware.

Signed-off-by: Elad Raz <eladr@mellanox.com>
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agobonding: trivial: style fixes
Zhang Shengju [Wed, 3 Feb 2016 02:02:32 +0000 (02:02 +0000)]
bonding: trivial: style fixes

remove some redudant brackets, use sizeof(*) instead of sizeof(struct x).

Signed-off-by: Zhang Shengju <zhangshengju@cmss.chinamobile.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agotcp: Fix syncookies sysctl default.
David S. Miller [Mon, 8 Feb 2016 09:24:33 +0000 (04:24 -0500)]
tcp: Fix syncookies sysctl default.

Unintentionally the default was changed to zero, fix
that.

Fixes: 12ed8244ed ("ipv4: Namespaceify tcp syncookies sysctl knob")
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoMerge branch 'ns-tcp-sysctls'
David S. Miller [Sun, 7 Feb 2016 19:36:21 +0000 (14:36 -0500)]
Merge branch 'ns-tcp-sysctls'

Nikolay Borisov says:

====================
Namespaceify more of the tcp sysctl knobs

This patch series continues making more of the tcp-related
sysctl knobs be per net-namespace. Most of these apply per
socket and have global defaults so should be safe and I
don't expect any breakages.

Having those per net-namespace is useful when multiple
containers are hosted and it is required to tune the
tcp settings for each independently of the host node.

I've split the patches to be per-sysctl but after
the review if the outcome is positive I'm happy
to either send it in one big blob or just.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp_notsent_lowat sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:57 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp_notsent_lowat sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp_fin_timeout sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:56 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp_fin_timeout sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp_orphan_retries sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:55 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp_orphan_retries sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp_retries2 sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:54 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp_retries2 sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp_retries1 sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:53 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp_retries1 sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp reordering sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:52 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp reordering sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp syncookies sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:51 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp syncookies sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
8 years agoipv4: Namespaceify tcp synack retries sysctl knob
Nikolay Borisov [Wed, 3 Feb 2016 07:46:50 +0000 (09:46 +0200)]
ipv4: Namespaceify tcp synack retries sysctl knob

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: David S. Miller <davem@davemloft.net>