- 10 Jan, 2014 12 commits
-
-
Christoph Paasch authored
This patch adds a new netlink attribute for the source-IP and appends it to the netlink reply. Now, iproute2 can have access to the source-IP. Signed-off-by: Christoph Paasch <christoph.paasch@uclouvain.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Christoph Paasch authored
We add the source-address to the tcp-metrics, so that different metrics will be used per source/destination-pair. We use the destination-hash to store the metric inside the hash-table. That way, deleting and dumping via "ip tcp_metrics" is easy. Signed-off-by: Christoph Paasch <christoph.paasch@uclouvain.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Christoph Paasch authored
As we will add also the source-address, we rename all accesses to the tcp-metrics address to use "daddr". Signed-off-by: Christoph Paasch <christoph.paasch@uclouvain.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-nextDavid S. Miller authored
John W. Linville says: ==================== Please pull these updates for the 3.14 stream! For the mac80211 bits, Johannes says: "Felix adds some helper functions for P2P NoA software tracking, Joe fixes alignment (but as this apparently never caused issues I didn't send it to 3.13), Kyeyoon/Jouni add QoS-mapping support (a Hotspot 2.0 feature), Weilong fixed a bunch of checkpatch errors and I get to play fire-fighter or so and clean up other people's locking issues. I also added nl80211 vendor-specific events, as we'd discussed at the wireless summit." For the iwlwifi bits, Emmanuel says: "I have here a rework of the interrupt handling to meet RT kernel requirements - basically we don't take any lock in the primary interrupt handler. This gave me a good reason to clean things up a bit on the way. There is also a fix of the QoS mapping along with a few workarounds for hardware / firmware issues that are hard to hit. Three fixes suggested by static analyzers, and other various stuff. Most importantly, I update the Copyright note to include the new year." For the bluetooth bits, Gustavo says: "More patches to 3.14. The bulk of changes here is the 6LoWPAN support for Bluetooth LE Devices. The commits that touches net/ieee802154/ are already acked by David Miller. Other than that we have some RFCOMM fixes and improvements plus fixes and clean ups all over the tree." Beyond that, ath9k, brcmfmac, mwifiex, and wil6210 get their usual level of attention. The wl1251 driver gets a number of updates, and there are a handful of other bits here and there. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller authored
Pablo Neira Ayuso says: ==================== This batch contains one single patch with the l2tp match for xtables, from James Chapman. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
John W. Linville authored
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem Conflicts: net/ieee802154/6lowpan.c
-
Paul Durrant authored
The recent patch to improve guest receive side flow control (ca2f09f2) had a slight flaw in the wait condition for the vif thread in that any remaining skbs in the guest receive side netback internal queue would prevent the thread from sleeping. An unresponsive frontend can lead to a permanently non-empty internal queue and thus the thread will spin. In this case the thread should really sleep until the frontend becomes responsive again. This patch adds an extra flag to the vif which is set if the shared ring is full and cleared when skbs are drained into the shared ring. Thus, if the thread runs, finds the shared ring full and can make no progress the flag remains set. If the flag remains set then the thread will sleep, regardless of a non-empty queue, until the next event from the frontend. Signed-off-by: Paul Durrant <paul.durrant@citrix.com> Cc: Wei Liu <wei.liu2@citrix.com> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: David Vrabel <david.vrabel@citrix.com> Acked-by: Wei Liu <wei.liu2@citrix.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hariprasad Shenai authored
Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kuninori Morimoto authored
Huqiu reported current sh_sir driver doesn't call free_irq() in spite of using request_irq(). This patch replaces request_irq() into devm_request_irq() to solve this issue Reported-by: Huqiu Liu<huqiuliu@gmail.com> Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kuninori Morimoto authored
Huqiu reported current sh_irda driver doesn't call free_irq() in spite of using request_irq(). This patch replaces request_irq() into devm_request_irq() to solve this issue Reported-by: Huqiu Liu<huqiuliu@gmail.com> Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kuninori Morimoto authored
SH_SIR is not Dongle Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nftablesDavid S. Miller authored
Pablo Neira Ayuso says: ==================== nf_tables updates for net-next The following patchset contains the following nf_tables updates, mostly updates from Patrick McHardy, they are: * Add the "inet" table and filter chain type for this new netfilter family: NFPROTO_INET. This special table/chain allows IPv4 and IPv6 rules, this should help to simplify the burden in the administration of dual stack firewalls. This also includes several patches to prepare the infrastructure for this new table and a new meta extension to match the layer 3 and 4 protocol numbers, from Patrick McHardy. * Load both IPv4 and IPv6 conntrack modules in nft_ct if the rule is used in NFPROTO_INET, as we don't certainly know which one would be used, also from Patrick McHardy. * Do not allow to delete a table that contains sets, otherwise these sets become orphan, from Patrick McHardy. * Hold a reference to the corresponding nf_tables family module when creating a table of that family type, to avoid the module deletion when in use, from Patrick McHardy. * Update chain counters before setting the chain policy to ensure that we don't leave the chain in inconsistent state in case of errors (aka. restore chain atomicity). This also fixes a possible leak if it fails to allocate the chain counters if no counters are passed to be restored, from Patrick McHardy. * Don't check for overflows in the table counter if we are just renaming a chain, from Patrick McHardy. * Replay the netlink request after dropping the nfnl lock to load the module that supports provides a chain type, from Patrick. * Fix chain type module references, from Patrick. * Several cleanups, function renames, constification and code refactorizations also from Patrick McHardy. * Add support to set the connmark, this can be used to set it based on the meta mark (similar feature to -j CONNMARK --restore), from Kristian Evensen. * A couple of fixes to the recently added meta/set support and nft_reject, and fix missing chain type unregistration if we fail to register our the family table/filter chain type, from myself. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 09 Jan, 2014 28 commits
-
-
Pablo Neira Ayuso authored
We have to unregister chain type if this fails to register netns. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
James Chapman authored
Introduce an xtables add-on for matching L2TP packets. Supports L2TPv2 and L2TPv3 over IPv4 and IPv6. As well as filtering on L2TP tunnel-id and session-id, the filtering decision can also include the L2TP packet type (control or data), protocol version (2 or 3) and encapsulation type (UDP or IP). The most common use for this will likely be to filter L2TP data packets of individual L2TP tunnels or sessions. While a u32 match can be used, the L2TP protocol headers are such that field offsets differ depending on bits set in the header, making rules for matching generic L2TP connections cumbersome. This match extension takes care of all that. Signed-off-by: James Chapman <jchapman@katalix.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/net-nextDavid S. Miller authored
Jeff Kirsher says: ==================== Intel Wired LAN Driver Updates This series contains updates to i40e only. Anjali provides a fix where interrupts were not being re-enabled on ICR0 even though they were auto masked by hardware. Then provides a fix to cleanup RSS initialization because it was doing some extra work, so remove the extra work and any bugs it created when managing number of queues. Since hardware requires a full packet template to be pointed to when adding hardware flow filters, add the template and use it for programming filters. Jesse provides a fix to replace the use of driver specific defines with kernel ETH_ALEN defines. Then disables packet split because with the use of GRO, we do not need the extra bus overhead. Fixes spelling error in code comment. Kamil provides a fix for the driver where the hardware expects the MAC address in a very specific format and the driver was filing the data incorrectly. Mitch provides a fix to resolve a panic on reset by adding checks to VSI->rx_rings. Then shortens alloc_rx_buff_failed and alloc_rx_page_failed variables since both part of an RX specific structure so just remove the _rx part of the name. Then fixes badly formatted lines, long lines and mis-formatted lines. Shannon provides a fix to call AQ to release any reservation held by this PF on the NVM resource lock on startup, in order to clear anything that might have been left over from a previous run. Then removes interrupt on AQ error since nearly everything we do is synchronous, using the interrupt-on-error bit is unnecessary and causing unneeded interrupts. Adds code to handle the ability to send messages among the physical function interfaces by the admin queue. Catherine sets the MFP flag earlier in software init and uses that flag to decide if other hardware work-arounds are required which turns off flow director in MFP mode. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Wei Yongjun authored
Fixes the following sparse warning: net/ipv4/ip_tunnel.c:116:18: warning: symbol 'tunnel_dst_check' was not declared. Should it be static? Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Wei Yongjun authored
memory allocated by kmem_cache_alloc() should be freed using kmem_cache_free(), not kfree(). Fixes: e298e505 ('openvswitch: Per cpu flow stats.') Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Acked-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
We don't encode argument types into function names and since besides nft_do_chain() there are only AF-specific versions, there is no risk of confusion. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
We currently leak the set memory when deleting a table that still has sets in it. Return EBUSY when attempting to delete a table with sets. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
The table refers to data of the AF module, so we need to make sure the module isn't unloaded while the table exists. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
Simplifies error handling. Additionally use the correct type u32 for the host byte order flags value. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
Minor nf_chain_type cleanups: - reorder struct to plug a hoe - rename struct module member to "owner" for consistency - rename nf_hookfn array to "hooks" for consistency - reorder initializers for better readability Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
To avoid races, we need to replay to request after dropping the nfnl_mutex to auto-load the chain type module. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
In some cases we neither take a reference to the AF info nor to the chain type, allowing the module to be unloaded while in use. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
The chain type module reference handling makes no sense at all: we take a reference immediately when the module is registered, preventing the module from ever being unloaded. Fix by taking a reference when we're actually creating a chain of the chain type and release the reference when destroying the chain. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
The table use counter is only increased for new chains, so move the check to the correct position. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
Chain counter validation is performed after the chain policy has potentially been changed. Move counter validation/setting before changing of the chain policy to fix this. Additionally fix a memory leak if chain counter allocation fails for new chains, remove an unnecessary free_percpu() and move counter allocation for new chains Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Patrick McHardy authored
Currently nf_tables_newchain() atomicity is broken because of having validation of some netlink attributes performed after changing attributes of the chain. The chain policy is (currently) fine, but split it up as preparation for the following fixes and to avoid future mistakes. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
We have to validate that the input register is in the range of allowed registers, otherwise we can take a incorrect register value as input that may lead us to a crash. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Kristian Evensen authored
This patch adds kernel support for setting properties of tracked connections. Currently, only connmark is supported. One use-case for this feature is to provide the same functionality as -j CONNMARK --save-mark in iptables. Some restructuring was needed to implement the set op. The new structure follows that of nft_meta. Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Sujith Manoharan authored
Fast Channel Change across bands was enabled for AR9462 recently, but this is causing baseband issues. Disable it until this feature is tested well. Also, remove the feature bit for AR9565 since it is a single-band card and doesn't support this feature. Cc: stable@vger.kernel.org Reported-by: Oleksij Rempel <linux@rempel-privat.de> Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Sujith Manoharan authored
Accessing the current channel definition in mac80211 when processing RX packets is problematic because it could have been updated when a scan is issued. Since a channel change involves flushing the existing packets in the RX queue before a chip-reset is done, they would be processed using the wrong band/channel information. To avoid this, use the current channel information maintained in the driver. Cc: stable@vger.kernel.org Reported-by: Oleksij Rempel <linux@rempel-privat.de> Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Sujith Manoharan authored
* Add new AR9565 1.0/1.0.1/1.1 IDs * Change Dell/Lenovo/Samsung cards to 2-Antenna with diversity. Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Bing Zhao authored
Instead of having two copies of the code for device tree cfgdata downloading, add a function to improve the code. Reviewed-by: Paul Stewart <pstew@chromium.org> Signed-off-by: Bing Zhao <bzhao@marvell.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Bing Zhao authored
If cfgdata length exceeds the command buffer size we will end up getting buffer overflow problem. Fix it by checking the buffer size less the command header length. Reviewed-by: Paul Stewart <pstew@chromium.org> Signed-off-by: Bing Zhao <bzhao@marvell.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Vladimir Kondratiev authored
As soon as skb is ready to be reaped, prefetch 1-st cache line. This accelerates data access that is performed later, during the packet classification by the driver and IP stack. Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Vladimir Kondratiev authored
Bit DMA_CFG_DESC_TX_OFFLOAD_CFG_L3T_IPV4_POS should be set for IPv4 only. Don't set it for IPv6 Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Vladimir Kondratiev authored
Use hardware capabilities to limit IRQ generation to about 15 per msec It corresponds to about 7 packets/IRQ when running iperf with default parameters at 1.3Gbps Do not enable this feature in the sniffer (monitor) mode, because interrupt moderation cause timestamp accuracy deterioration. For the sniffer flow, it is important to get precise timestamp. Signed-off-by: Vladimir Kondratiev <qca_vkondrat@qca.qualcomm.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Arend van Spriel authored
This patch adds support for the bcm43362 1x1 11n chipset. This chipset is used in AP6210 wifi module found on Cubieboard [1]. [1] http://cubieboard.org/Reviewed-by: Franky Lin <frankyl@broadcom.com> Reviewed-by: Pieter-Paul Giesberts <pieterpg@broadcom.com> Reviewed-by: Hante Meuleman <meuleman@broadcom.com> Signed-off-by: Arend van Spriel <arend@broadcom.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-