- 26 Dec, 2019 8 commits
-
-
Florian Westphal authored
skb_dst is an inline helper with a WARN_ON(), so this is a bit more code than it looks like. Signed-off-by:
Florian Westphal <fw@strlen.de> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
-
Florian Westphal authored
Move this out of the main eval loop, the numgen expression provides a better alternative to meta random. Signed-off-by:
-
Florian Westphal authored
Reduces repetiveness and reduces size of meta eval function. Signed-off-by:
-
Florian Westphal authored
checkpatch complains about == NULL checks in original code, so use !in instead. Signed-off-by:
-
Florian Westphal authored
Reduce size of main eval function. Signed-off-by:
-
Florian Westphal authored
Not a hot path. Also, both have copy&paste case statements, so use a common helper for both. Signed-off-by:
-
Florian Westphal authored
When pkttype is loopback, nft_meta performs guesswork to detect broad/multicast packets. Place this in a helper, this is hardly a hot path. Signed-off-by:
-
Florian Westphal authored
reduce size of the (large) meta evaluation function. Signed-off-by:
-
- 17 Dec, 2019 32 commits
-
-
Florian Westphal authored
Not used anywhere, remove them. Signed-off-by:
-
Xin Long authored
When nla_put_xxx() fails under nla_nest_start_noflag(), nla_nest_cancel() should be called, so that the skb can be trimmed properly. Signed-off-by:
Xin Long <lucien.xin@gmail.com> Reviewed-by:
Simon Horman <simon.horman@netronome.com> Signed-off-by:
-
Xin Long authored
This patch is to add the nest attr OPTS_ERSPAN/VXLAN when dumping KEY_OPTS, and it would be helpful when parsing in userpace. Also, this is needed for supporting multiple geneve opts in the future patches. Signed-off-by:
-
Xin Long authored
This is not necessary, but it'll be easier to parse in userspace, also given that other places like act_tunnel_key, cls_flower and ip_tunnel_core are also doing so. Signed-off-by:
-
Xin Long authored
ERSPAN_VERSION is an attribute parsed in kernel side, nla_policy type should be added for it, like other attributes. Fixes: af308b94 ("netfilter: nf_tables: add tunnel support") Signed-off-by:
-
Xin Long authored
info->key.tp_src and tp_dst are __be16, when using nla_put_be16() to dump them, htons() is not needed, so remove it in this patch. Fixes: af308b94 ("netfilter: nf_tables: add tunnel support") Signed-off-by:
-
Lukas Wunner authored
Amend kerneldoc of struct net_device to fix a "make htmldocs" warning: include/linux/netdevice.h:2045: warning: Function parameter or member 'nf_hooks_ingress' not described in 'net_device' Reported-by:
kbuild test robot <lkp@intel.com> Signed-off-by:
Lukas Wunner <lukas@wunner.de> Cc: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by:
-
Lukas Wunner authored
If CONFIG_NETFILTER_INGRESS is not enabled, nf_ingress() becomes a no-op because it solely contains an if-clause calling nf_hook_ingress_active(), for which an empty inline stub exists in <linux/netfilter_ingress.h>. All the symbols used in the if-clause's body are still available even if CONFIG_NETFILTER_INGRESS is not enabled. The additional "#ifdef CONFIG_NETFILTER_INGRESS" in nf_ingress() is thus unnecessary, so drop it. Signed-off-by:
-
David S. Miller authored
Jason A. Donenfeld says: ==================== WireGuard CI and housekeeping This is a collection of commits gathered during the last 1.5 weeks since merging WireGuard. If you'd prefer, I can send tree pull requests instead, but I figure it might be best for now to just send things as full patch sets to netdev. The first part of this adds in the CI test harness that we've been using for quite some time with success. You can type `make` and get the selftests running in a fresh VM immediately. This has been an instrumental tool in developing WireGuard, and I think it'd benefit most from being in-tree alongside the selftests that are already there. Once this lands, I plan to get build.wireguard.com building wireguard- linux.git and net-next.git on every single commit pushed, and do so on a bunch of different architectures. As this migrates into Linus' tree eventually and then into net.git, I'll get net.git building there too on every commit. Future work with this involves generalizing it to include more networking subsystem tests beyond just WireGuard, but one step at a time. In the process of porting this to the tree, the builder uncovered a mistake in the config menu file, which the second commit fixes. The last three commits are small housekeeping things, fixing spelling mistakes, replacing call_rcu with kfree_rcu, and removing an unused include. ==================== Signed-off-by:David S. Miller <davem@davemloft.net>
-
Wei Yongjun authored
The callback function of call_rcu() just calls a kfree(), so we can use kfree_rcu() instead of call_rcu() + callback function. Signed-off-by:
Wei Yongjun <weiyongjun1@huawei.com> Signed-off-by:
Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by:
-
YueHaibing authored
Remove <linux/version.h> from the includes for main.c, which is unused. Signed-off-by:
YueHaibing <yuehaibing@huawei.com> [Jason: reworded commit message] Signed-off-by:
-
Josh Soref authored
This fixes two spelling errors in source code comments. Signed-off-by:
Josh Soref <jsoref@gmail.com> [Jason: rewrote commit message] Signed-off-by:
-
Jason A. Donenfeld authored
This fixes the crypto selection submenu depenencies. Otherwise, we'd wind up issuing warnings in which certain dependencies we also select couldn't be satisfied. This condition was triggered by the addition of the test suite autobuilder in the previous commit. Signed-off-by:
-
Jason A. Donenfeld authored
WireGuard has been using this on build.wireguard.com for the last several years with considerable success. It allows for very quick and iterative development cycles, and supports several platforms. To run the test suite on your current platform in QEMU: $ make -C tools/testing/selftests/wireguard/qemu -j$(nproc) To run it with KASAN and such turned on: $ DEBUG_KERNEL=yes make -C tools/testing/selftests/wireguard/qemu -j$(nproc) To run it emulated for another platform in QEMU: $ ARCH=arm make -C tools/testing/selftests/wireguard/qemu -j$(nproc) At the moment, we support aarch64_be, aarch64, arm, armeb, i686, m68k, mips64, mips64el, mips, mipsel, powerpc64le, powerpc, and x86_64. The system supports incremental rebuilding, so it should be very fast to change a single file and then test it out and have immediate feedback. This requires for the right toolchain and qemu to be installed prior. I've had success with those from musl.cc. This is tailored for WireGuard at the moment, though later projects might generalize it for other network testing. Signed-off-by:
-
Aditya Pakki authored
In caif_xmit, there is a crash if the ptr dev is NULL. However, by returning the error to the callers, the error can be handled. The patch fixes this issue. Signed-off-by:
Aditya Pakki <pakki001@umn.edu> Signed-off-by:
-
Aditya Pakki authored
In fore200e_send and fore200e_close, the pointers from the arguments are dereferenced in the variable declaration block and then checked for NULL. The patch fixes these issues by avoiding NULL pointer dereferences. Signed-off-by:
-
David S. Miller authored
Ido Schimmel says: ==================== Simplify IPv4 route offload API Motivation ========== The aim of this patch set is to simplify the IPv4 route offload API by making the stack a bit smarter about the notifications it is generating. This allows driver authors to focus on programming the underlying device instead of having to duplicate the IPv4 route insertion logic in their driver, which is error-prone. This is the first patch set out of a series of four. Subsequent patch sets will simplify the IPv6 API, add offload/trap indication to routes and add tests for all the code paths (including error paths). Available here [1]. Details ======= Today, whenever an IPv4 route is added or deleted a notification is sent in the FIB notification chain and it is up to offload drivers to decide if the route should be programmed to the hardware or not. This is not an easy task as in hardware routes are keyed by {prefix, prefix length, table id}, whereas the kernel can store multiple such routes that only differ in metric / TOS / nexthop info. This series makes sure that only routes that are actually used in the data path are notified to offload drivers. This greatly simplifies the work these drivers need to do, as they are now only concerned with programming the hardware and do not need to replicate the IPv4 route insertion logic and store multiple identical routes. The route that is notified is the first FIB alias in the FIB node with the given {prefix, prefix length, table ID}. In case the route is deleted and there is another route with the same key, a replace notification is emitted. Otherwise, a delete notification is emitted. The above means that in the case of multiple routes with the same key, but different TOS, only the route with the highest TOS is notified. While the kernel can route a packet based on its TOS, this is not supported by any hardware devices I am familiar with. Moreover, this is not supported by IPv6 nor by BIRD/FRR from what I could see. Offload drivers should therefore use the presence of a non-zero TOS as an indication to trap packets matching the route and let the kernel route them instead. mlxsw has been doing it for the past two years. Testing ======= To ensure there is no degradation in route insertion rates, I averaged the insertion rate of 512k routes (/24 and /32) over 50 runs. Did not observe any degradation. Functional tests are available here [1]. They rely on route trap indication, which is only added in the last patch set. In addition, I have been running syzkaller for the past week with all four patch sets and debug options enabled. Did not observe any problems. Patch set overview ================== Patches #1-#8 gradually introduce the new FIB notifications Patch #9 converts mlxsw to use the new notifications Patch #10 converts the remaining listeners and removes the old notifications v2: * Extend fib_find_alias() with another argument instead of introducing a new function (David Ahern) RFC: https://patchwork.ozlabs.org/cover/1170530/ [1] https://github.com/idosch/linux/tree/fib-notifier ==================== Signed-off-by: -
Ido Schimmel authored
Unlike mlxsw, the other listeners to the FIB notification chain do not require any special modifications as they never considered multiple identical routes. This patch removes the old route notifications and converts all the listeners to use the new replace / delete notifications. Signed-off-by:
Ido Schimmel <idosch@mellanox.com> Reviewed-by:
David Ahern <dsahern@gmail.com> Signed-off-by:
-
Ido Schimmel authored
With the new notifications mlxsw does not need to handle identical routes itself, as this is taken care of by the core IPv4 code. Instead, mlxsw only needs to take care of inserting and removing routes from the device. Convert mlxsw to use the new IPv4 route notifications and simplify the code. Signed-off-by:
-
Ido Schimmel authored
When a new listener is registered to the FIB notification chain it receives a dump of all the available routes in the system. Instead, make sure to only replay the IPv4 routes that are actually used in the data path and are of any interest to the new listener. Signed-off-by:
-
Ido Schimmel authored
In a similar fashion to previous patch, when a route is deleted as part of table flushing, promote the next route in the list, if exists. Otherwise, simply emit a delete notification. Signed-off-by:
-
Ido Schimmel authored
When a route is deleted we potentially need to promote the next route in the FIB alias list (e.g., with an higher metric). In case we find such a route, a replace notification is emitted. Otherwise, a delete notification for the deleted route. v2: * Convert to use fib_find_alias() instead of fib_find_first_alias() Signed-off-by:
-
Ido Schimmel authored
When a route is added, it should only be notified in case it is the first route in the FIB alias list with the given {prefix, prefix length, table ID}. Otherwise, it is not used in the data path and should not be considered by switch drivers. v2: * Convert to use fib_find_alias() instead of fib_find_first_alias() Signed-off-by: -
Ido Schimmel authored
When replacing a route, its replacement should only be notified in case the replaced route is of any interest to listeners. In other words, if the replaced route is currently used in the data path, which means it is the first route in the FIB alias list with the given {prefix, prefix length, table ID}. v2: * Convert to use fib_find_alias() instead of fib_find_first_alias() Signed-off-by: -
Ido Schimmel authored
Extend the function with another argument, 'find_first'. When set, the function returns the first FIB alias with the matching {prefix, prefix length, table ID}. The TOS and priority parameters are ignored. Current callers are converted to pass 'false' in order to maintain existing behavior. This will be used by subsequent patches in the series. v2: * New patch Signed-off-by: -
Ido Schimmel authored
Currently, a new route is notified in the FIB notification chain before it is inserted to the FIB alias list. Subsequent patches will use the placement of the new route in the ordered FIB alias list in order to determine if the route should be notified or not. As a preparatory step, change the order so that the route is first inserted into the FIB alias list and only then notified. Signed-off-by:
-
Ido Schimmel authored
Subsequent patches are going to simplify the IPv4 route offload API, which will only use two events - replace and delete. Introduce a temporary version of these two events in order to make the conversion easier to review. Signed-off-by:
-
David S. Miller authored
Huazhong Tan says: ==================== net: hns3: some optimizaions related to work task This series refactors the work task of the HNS3 ethernet driver. [patch 1/5] uses delayed workqueue to replace the timer for hclgevf_service task, make the code simpler. [patch 2/5] & [patch 3/5] unifies current mailbox, reset and service work into one. [patch 4/5] allocates a private work queue with WQ_MEM_RECLAIM for the HNS3 driver. [patch 5/5] adds a new flag to indicate whether reset fails, and prevent scheduling service task to handle periodic task when this flag has been set. ==================== Signed-off-by: -
Guojia Liao authored
service_task will be scheduled per second to do some periodic jobs. When reset fails, it means this device is not available now, so the periodic jobs do not need to be handled. This patch adds flag HCLGE_STATE_RST_FAIL/HCLGEVF_STATE_RST_FAIL to indicate that reset fails, and checks this flag before schedule periodic task. Signed-off-by:
Guojia Liao <liaoguojia@huawei.com> Signed-off-by:
Huazhong Tan <tanhuazhong@huawei.com> Signed-off-by:
-
Yunsheng Lin authored
The hns3 driver may be used in memory reclaim path when it is the low level transport of a network file system, so it needs to guarantee forward progress even under memory pressure. This patch allocates a private WQ with WQ_MEM_RECLAIM set for both hclge_main and hclgevf_main modules. Signed-off-by:
Yunsheng Lin <linyunsheng@huawei.com> Signed-off-by:
-
Yunsheng Lin authored
There are four work (mbx_service_task, service_task, rst_service_task and keep_alive_task)in the hclgevf module, mbx_service_task is for handling mailbox issue, service_task is for periodic management issue and rst_service_task is for reset related issue, keep_alive_task is used to keepalive between PF and VF, which can be done in a single work. This patch removes the mbx_service_task, rst_service_task and keep_alive_task, and moves the related handling to the service_task work in order to remove concurrency between the four work and to improve efficiency. Signed-off-by:
-
Yunsheng Lin authored
There are three work (mbx_service_task, service_task, rst_service_task) in the HNS3 driver, mbx_service_task is for handling mailbox work, service_task is for periodic management issue and rst_service_task is for reset related issue, which can be handled in a single work. This patch removes the mbx_service_task and rst_service_task work, and moves the related handling to the service_task work in order to remove concurrency between the three work and to improve efficiency. BTW, since stats_timer in struct hclge_hw_stats is not needed anymore, so removes the definition of struct hclge_hw_stats, and moves mac_stats into struct hclge_dev. Signed-off-by:
-
