- 04 Mar, 2018 16 commits
-
-
David Ahern authored
IPv6 does path selection for multipath routes deep in the lookup functions. The next patch adds L4 hash option and needs the skb for the forward path. To get the skb to the relevant FIB lookup functions it needs to go through the fib rules layer, so add a lookup_data argument to the fib_lookup_arg struct. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Rename NETEVENT_MULTIPATH_HASH_UPDATE to NETEVENT_IPV4_MPATH_HASH_UPDATE to denote it relates to a change in the IPv4 hash policy. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Make rt6_multipath_hash more of a direct parallel to fib_multipath_hash and reduce stack and overhead in the process: get_hash_from_flowi6 is just a wrapper around __get_hash_from_flowi6 with another stack allocation for flow_keys. Move setting the addresses, protocol and label into rt6_multipath_hash and allow it to make the call to flow_hash_from_keys. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
As of commit e37b1e97 ("ipv6: route: dissect flow in input path if fib rules need it") fib_multipath_hash takes an optional flow keys. If non-NULL it means the skb has already been dissected. If not set, then fib_multipath_hash needs to call skb_flow_dissect_flow_keys. Simplify the logic by setting flkeys to the local stack variable keys. Simplifies fib_multipath_hash by only have 1 set of instructions setting hash_keys. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Symmetry is good and allows easy comparison that ipv4 and ipv6 are doing the same thing. To that end, change ip_multipath_l3_keys to set addresses at the end after the icmp compares, and move the initialization of ipv6 flow keys to rt6_multipath_hash. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
fib_multipath_hash only needs net struct to check a sysctl. Make it clear by passing net instead of fib_info. In the end this allows alignment between the ipv4 and ipv6 versions. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Xin Long says: ==================== sctp: clean up sctp_sendmsg This cleanup mostly does three things: - extract some codes into functions to make sendmsg more readable. - tidy up some codes to avoid the unnecessary checks. - adjust some logic so that it will be easier to add the send flags and cmsgs features that I will post after this. To make it easy to review and to check if the code is compatible with before, this patchset is to do it step by step in 9 patches. NOTE: There will be a conflict when merging Commit 2277c7cd ("sctp: Add LSM hooks") from selinux tree, the solution is to: 1. remove all the lines in [B]: <<<<<<< HEAD [A] ======= [B] >>>>>>> 2277c7cd... sctp: Add LSM hooks 2. and apply the following diff-output: diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 980621e..d6803c8 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -1686,6 +1686,7 @@ static int sctp_sendmsg_new_asoc(struct sock *sk, __u16 sflags, struct net *net = sock_net(sk); struct sctp_association *asoc; enum sctp_scope scope; + struct sctp_af *af; int err = -EINVAL; *tp = NULL; @@ -1711,6 +1712,22 @@ static int sctp_sendmsg_new_asoc(struct sock *sk, __u16 sflags, scope = sctp_scope(daddr); + /* Label connection socket for first association 1-to-many + * style for client sequence socket()->sendmsg(). This + * needs to be done before sctp_assoc_add_peer() as that will + * set up the initial packet that needs to account for any + * security ip options (CIPSO/CALIPSO) added to the packet. + */ + af = sctp_get_af_specific(daddr->sa.sa_family); + if (!af) + return -EINVAL; + + err = security_sctp_bind_connect(sk, SCTP_SENDMSG_CONNECT, + (struct sockaddr *)daddr, + af->sockaddr_len); + if (err < 0) + return err; + asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL); if (!asoc) return -ENOMEM; ==================== Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
sctp_sendmsg_new_asoc and SCTP_ADDR_OVER check is only necessary when daddr is set, so move them up to if (daddr) statement. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch mostly is to: - rename sinfo_flags as sflags, to make the indents look better, and also keep consistent with other sctp_sendmsg_xx functions. - replace new_asoc with bool new, no need to define a pointer here, as if new_asoc is set, it must be asoc. - rename the 'out_nounlock:' as 'out', shorter and nicer. - remove associd, only one place is using it now, just use sinfo->sinfo_assoc_id directly. - remove 'cmsgs' initialization in sctp_sendmsg, as it will be done in sctp_sendmsg_parse. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
Now sctp_assoc_lookup_paddr can only be called only if daddr has been set. But if daddr has been set, sctp_endpoint_lookup_assoc would be done, where it could already have the transport. So this unnecessary transport looking up should be removed, but only reset transport as NULL when SCTP_ADDR_OVER is not set for UDP type socket. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for trying to get sinfo from asoc into sctp_sendmsg_update_sinfo. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for parsing msghdr and checking sk into sctp_sendmsg_parse. Note that different from before, 'sinfo' in sctp_sendmsg won't be NULL any more. It gets the value either from cmsgs->srinfo, cmsgs->sinfo or asoc. With it, the 'sinfo' and 'fill_sinfo_ttl' check can be removed from sctp_sendmsg. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for trying to get daddr from msg->msg_name into sctp_sendmsg_get_daddr. Note that after adding 'daddr', 'to' and 'msg_name' can be deleted. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for checking sinfo_flags on one asoc after this asoc has been found into sctp_sendmsg_check_sflags. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for creating a new asoc if no asoc was found into sctp_sendmsg_new_asoc. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for checking and sending on one asoc after this asoc has been found or created into sctp_sendmsg_to_asoc. Note that 'err != -ESRCH' check is for the case that asoc is freed when waiting for tx buffer in sctp_sendmsg_to_asoc. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 03 Mar, 2018 1 commit
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextDavid S. Miller authored
Daniel Borkmann says: ==================== pull-request: bpf-next 2018-03-03 The following pull-request contains BPF updates for your *net-next* tree. The main changes are: 1) Extend bpftool to build up CFG information of eBPF programs and add an option to dump this in DOT format such that this can later be used with DOT graphic tools (xdot, graphviz, etc) to visualize it. Part of the analysis performed is sub-program detection and basic-block partitioning, from Jiong. 2) Multiple enhancements for bpftool's batch mode, more specifically the parser now understands comments (#), continuation lines (\), and arguments enclosed between quotes. Also, allow to read from stdin via '-' as input file, all from Quentin. 3) Improve BPF kselftests by i) unifying the rlimit handling into a helper that is then used by all tests, and ii) add support for testing tail calls to test_verifier plus add tests covering all corner cases. The latter is especially useful for testing JITs, from Daniel. 4) Remove x64 JIT's bpf_flush_icache() since flush_icache_range() is a noop on x64, from Daniel. 5) Fix one more occasion in BPF samples where we do not detach the BPF program from the cgroup after completion, from Prashant. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 02 Mar, 2018 23 commits
-
-
Colin Ian King authored
Use the ARRAY_SIZE macro on a couple of arrays to determine size of the arrays. Also fix up alignment to clean up a checkpatch warning. Improvement suggested by Coccinelle. Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ganesh Goudar authored
Add TP Congestion Map entry for single-port T6 cards. Signed-off-by: Casey Leedom <leedom@chelsio.com> Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Merge tag 'mac80211-next-for-davem-2018-03-02' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next Johannes Berg says: ==================== Only a few new things: * hwsim net namespace stuff from Kirill Tkhai * A-MSDU support in fast-RX * 4-addr mode support in fast-RX * support for a spec quirk in Add-BA negotiation ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ganesh Goudar authored
Error code is already returned earlier if filter exists at specified location. So, remove dead code trying to free existing filter. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by: Rahul Lakkireddy <rahul.lakkireddy@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kirill Tkhai authored
These pernet_operations allocate and destroy IDA identifier, and these actions are synchronized by IDA subsystem locks. Exit method removes mac80211_hwsim_data enteries from the lists, and this is synchronized by hwsim_radio_lock with the rest parallel pernet_operations. Also it queues destroy_radio() work, and these work already may be executed in parallel with any pernet_operations (as it's a work :). So, we may mark these pernet_operations as async. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-
Kirill Tkhai authored
hwsim_netgroup counter is declarated as int, and it is incremented every time a new net is created. After sizeof(int) net are created, it will overflow, and different net namespaces will have the same identifier. This patch fixes the problem by introducing IDA instead of int counter. IDA guarantees, all the net namespaces have the uniq identifier. Note, that after we do ida_simple_remove() in hwsim_exit_net(), and we destroy the ID, later there may be executed destroy_radio() from the workqueue. But destroy_radio() does not use the ID, so it's OK. Out of bounds of this patch, just as a report to wireless subsystem maintainer, destroy_radio() increaments hwsim_radios_generation without hwsim_radio_lock, so this may need one more patch to fix. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-
Daniel Borkmann authored
Quentin Monnet says: ==================== Several enhancements for bpftool batch mode are introduced in this series. More specifically, input files for batch mode gain support for: * comments (starting with '#'), * continuation lines (after a line ending with '\'), * arguments enclosed between quotes. Also, make bpftool able to read from standard input when "-" is provided as input file name. ==================== Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Improve argument parsing from batch input files in order to support arguments enclosed between single (') or double quotes ("). For example, this command can now be parsed in batch mode: bpftool prog dump xlated id 1337 file "/tmp/my file with spaces" The function responsible for parsing command arguments is copied from its counterpart in lib/utils.c in iproute2 package. Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Make bpftool read its command list from standard input when the name if the input file is a single dash. Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Add support for continuation lines, such as in the following example: prog show prog dump xlated \ id 1337 opcodes This patch is based after the code for support for continuation lines from file lib/utils.c from package iproute2. "Lines" in error messages are renamed as "commands", as we count the number of commands (but we ignore empty lines, comments, and do not add continuation lines to the count). Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Replace '#' by '\0' in commands read from batch files in order to avoid processing the remaining part of the line, thus allowing users to use comments in the files. Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
David S. Miller authored
Eric Dumazet says: ==================== tcp_bbr: more GSO work Playing with r8152 USB 1Gbit NIC, on both USB2 and USB3 slots, I found that BBR was performing poorly, because of TSO being limited to 16KB This patch series makes sure BBR is not under estimating number of packets that are needed to fill the pipe when a device has suboptimal TSO limits. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
Its value is computed then immediately used, there is no need to store it. Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
This is second part of dealing with suboptimal device gso parameters. In first patch (350c9f48 "tcp_bbr: better deal with suboptimal GSO") we dealt with devices having low gso_max_segs Some devices lower gso_max_size from 64KB to 16 KB (r8152 is an example) In order to probe an optimal cwnd, we want BBR being not sensitive to whatever GSO constraint a device can have. This patch removes tso_segs_goal() CC callback in favor of min_tso_segs() for CC wanting to override sysctl_tcp_min_tso_segs Next patch will remove bbr->tso_segs_goal since it does not have to be persistent. Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexei Starovoitov authored
Jakub Kicinski says: ==================== Jiong says: This patch set is an application of CFG information on eBPF program visualization. It presents some initial code for building CFG information from eBPF instruction sequences. After we get eBPF program bytecode, we do sub-program detection and basic-block partition. These information then are visualized into DOT graph. The user could use any DOT graphic tools (xdot, graphviz etc) to view it. For example: bpftool prog dump xlated id 2 visual &>output.dot [xdot | dotty] output.dot dot -Tpng -o output.png This initial patch set hasn't tuned much on the dot description layout nor decoration, we could improve them later once the direction of the patch set is agreed on. We could also visualize some static analysis performance data. v2 (Jakub): - update license headers and add SPDX tags. ==================== Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Quentin Monnet authored
Add bash completion for the "visual" keyword used for dumping the CFG of eBPF programs with bpftool. Make sure we only complete with this keyword when we dump "xlated" (and not "jited") instructions. Acked-by: Jiong Wang <jiong.wang@netronome.com> Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch adds new command-line option for visualizing the xlated eBPF sequence. Documentations are updated accordingly. Usage: bpftool prog dump xlated id 2 visual Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com> Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch let bpftool print .dot graph file into stdout. This graph is generated by the following steps: - iterate through the function list. - generate basic-block(BB) definition for each BB in the function. - draw out edges to connect BBs. This patch is the initial support, the layout and decoration of the .dot graph could be improved. Also, it will be useful if we could visualize some performance data from static analysis. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch adds out edges for each basic-block. We will need these out edges to finish the .dot graph drawing. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch partition basic-block for each function in the CFG. The algorithm is simple, we identify basic-block head in a first traversal, then second traversal to identify the tail. We could build extended basic-block (EBB) in next steps. EBB could make the graph more readable when the eBPF sequence is big. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch detect all sub-programs from the eBPF sequence and keep the information in the new CFG data structure. The detection algorithm is basically the same as the one in verifier except we need to use insn->off instead of insn->imm to get the pc-relative call offset. Because verifier has modified insn->off/insn->imm during finishing the verification. Also, we don't need to do some sanity checks as verifier has done them. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch factors out those code of dumping xlated eBPF instructions into xlated_dumper.[h|c]. They are quite independent dumper functions, so better to be kept separately. New dumper support will be added in later patches in this set. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
It is obvious we could use 'else if' instead of start a new 'if' in the touched code. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-