- 30 Nov, 2022 1 commit
-
-
Sriram Yagnaraman authored
SCTP conntrack currently assumes that the SCTP endpoints will probe secondary paths using HEARTBEAT before sending traffic. But, according to RFC 9260, SCTP endpoints can send any traffic on any of the confirmed paths after SCTP association is up. SCTP endpoints that sends INIT will confirm all peer addresses that upper layer configures, and the SCTP endpoint that receives COOKIE_ECHO will only confirm the address it sent the INIT_ACK to. So, we can have a situation where the INIT sender can start to use secondary paths without the need to send HEARTBEAT. This patch allows DATA/SACK packets to create new connection tracking entry. A new state has been added to indicate that a DATA/SACK chunk has been seen in the original direction - SCTP_CONNTRACK_DATA_SENT. State transitions mostly follows the HEARTBEAT_SENT, except on receiving HEARTBEAT/HEARTBEAT_ACK/DATA/SACK in the reply direction. State transitions in original direction: - DATA_SENT behaves similar to HEARTBEAT_SENT for all chunks, except that it remains in DATA_SENT on receving HEARTBEAT, HEARTBEAT_ACK/DATA/SACK chunks State transitions in reply direction: - DATA_SENT behaves similar to HEARTBEAT_SENT for all chunks, except that it moves to HEARTBEAT_ACKED on receiving HEARTBEAT/HEARTBEAT_ACK/DATA/SACK chunks Note: This patch still doesn't solve the problem when the SCTP endpoint decides to use primary paths for association establishment but uses a secondary path for association shutdown. We still have to depend on timeout for connections to expire in such a case. Signed-off-by:
Sriram Yagnaraman <sriram.yagnaraman@est.tech> Reviewed-by:
Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
-
- 22 Nov, 2022 11 commits
-
-
Dan Carpenter authored
The __nft_expr_type_get() function returns NULL on error. It never returns error pointers. Fixes: 3a07327d ("netfilter: nft_inner: support for inner tunnel header matching") Signed-off-by:
Dan Carpenter <error27@gmail.com> Signed-off-by:
-
Paolo Abeni authored
Colin Foster says: ==================== cleanup ocelot_stats exposure The ocelot_stats structures became redundant across all users. Replace this redundancy with a static const struct. After doing this, several definitions inside include/soc/mscc/ocelot.h no longer needed to be shared. Patch 2 removes them. Checkpatch throws an error for a complicated macro not in parentheses. I understand the reason for OCELOT_COMMON_STATS was to allow expansion, but interestingly this patch set is essentially reverting the ability for expansion. I'm keeping the macro in this set, but am open to remove it, since it doesn't _actually_ provide any immediate benefits anymore. ==================== Link: https://lore.kernel.org/r/20221119231406.3167852-1-colin.foster@in-advantage.comSigned-off-by:
Paolo Abeni <pabeni@redhat.com>
-
Colin Foster authored
Ocelot uses regmap_bulk_read() operations to efficiently read stats registers. Currently the implementation relies on the stats layout to be ordered to be most efficient. Issue a warning if any future implementations happen to break this pattern. Signed-off-by:
Colin Foster <colin.foster@in-advantage.com> Co-developed-by:
Vladimir Oltean <vladimir.oltean@nxp.com> Reviewed-by:
-
Colin Foster authored
Since commit 4d1d157f ("net: mscc: ocelot: share the common stat definitions between all drivers") there is no longer a need to share the stats structures to the world. Relocate these definitions to inside ocelot_stats.c instead of a global include header. Signed-off-by:
-
Colin Foster authored
Ever since commit 4d1d157f ("net: mscc: ocelot: share the common stat definitions between all drivers") the stats_layout entry in ocelot and felix drivers have become redundant. Remove the unnecessary code. Suggested-by:
Vladimir Oltean <olteanv@gmail.com> Signed-off-by:
-
Björn Töpel authored
The selftests/net does not have proper cross-compilation support, and does not properly state libbpf as a dependency. Mimic/copy the BPF build from selftests/bpf, which has the nice side-effect that libbpf is built as well. Signed-off-by:
Björn Töpel <bjorn@rivosinc.com> Reviewed-by:
Anders Roxell <anders.roxell@linaro.org> Link: https://lore.kernel.org/r/20221119171841.2014936-1-bjorn@kernel.orgSigned-off-by:
-
Tiezhu Yang authored
The latest version of grep claims the egrep is now obsolete so the build now contains warnings that look like: egrep: warning: egrep is obsolescent; using grep -E fix this up by moving the related file to use "grep -E" instead. sed -i "s/egrep/grep -E/g" `grep egrep -rwl samples/pktgen` Here are the steps to install the latest grep: wget http://ftp.gnu.org/gnu/grep/grep-3.8.tar.gz tar xf grep-3.8.tar.gz cd grep-3.8 && ./configure && make sudo make install export PATH=/usr/local/bin:$PATH Signed-off-by:
Tiezhu Yang <yangtiezhu@loongson.cn> Link: https://lore.kernel.org/r/1668826504-32162-1-git-send-email-yangtiezhu@loongson.cnSigned-off-by:
-
Suman Ghosh authored
1. If a profile does not support DMAC extraction then avoid installing NPC flow rules for unicast. Similarly, if LXMB(L2 and L3) extraction is not supported by the profile then avoid installing broadcast and multicast rules. 2. Allow MCAM entry insertion for promiscuous mode. 3. For the profiles where DMAC is not extracted in MKEX key default unicast entry installed by AF is not valid. Hence do not use action from the AF installed default unicast entry for such cases. 4. Adjacent packet header fields in a packet like IP header source and destination addresses or UDP/TCP header source port and destination can be extracted together in MKEX profile. Therefore MKEX profile can be configured to in two ways: a. Total of 4 bytes from start of UDP header(src port + destination port) or b. Two bytes from start and two bytes from offset 2 Signed-off-by:
Suman Ghosh <sumang@marvell.com> Signed-off-by:
Subbaraya Sundeep <sbhatta@marvell.com> Link: https://lore.kernel.org/r/20221118053329.2288486-1-sumang@marvell.comSigned-off-by:
-
Florian Fainelli authored
Clear the RGMII_LINK bit upon detecting link down to be consistent with setting the bit upon link up. We also move the clearing of the out-of-band disable to the runtime initialization rather than for each link up/down transition. Signed-off-by:
Florian Fainelli <f.fainelli@gmail.com> Link: https://lore.kernel.org/r/20221118213754.1383364-1-f.fainelli@gmail.comSigned-off-by:
Jakub Kicinski <kuba@kernel.org>
-
Dan Carpenter authored
Smatch complains that "err" can be uninitialized on these paths. Also it's just nicer to "return 0;" instead of "return err;" Fixes: 3a344f99 ("net: microchip: sparx5: Add support for TC flower ARP dissector") Signed-off-by:
-
Eric Dumazet authored
I was mistaken how atomic64_try_cmpxchg(&sk_cookie, &res, new) is working. I was assuming @res would contain the final sk_cookie value, regardless of the success of our cmpxchg() We could do something like: if (atomic64_try_cmpxchg(&sk_cookie, &res, new) res = new; But we can avoid a conditional and read sk_cookie again. atomic64_cmpxchg(&sk_cookie, res, new); res = atomic64_read(&sk_cookie); Reported-by:
coverity-bot <keescook+coverity-bot@chromium.org> Addresses-Coverity-ID: 1527347 ("Error handling issues") Fixes: 4ebf802c ("net: __sock_gen_cookie() cleanup") Signed-off-by:
Eric Dumazet <edumazet@google.com> Link: https://lore.kernel.org/r/20221118043843.3703186-1-edumazet@google.comSigned-off-by:
-
- 21 Nov, 2022 28 commits
-
-
David S. Miller authored
Mat Martineau says: ==================== mptcp: More specific netlink command errors This series makes the error reporting for the MPTCP_PM_CMD_ADD_ADDR netlink command more specific, since there are multiple reasons the command could fail. Note that patch 2 adds a GENL_SET_ERR_MSG_FMT() macro to genetlink.h, which is outside the MPTCP subsystem. Patch 1 refactors in-kernel listening socket and endpoint creation to simplify the second patch. Patch 2 updates the error values returned by the in-kernel path manager when it fails to create a local endpoint. ==================== Signed-off-by:David S. Miller <davem@davemloft.net>
-
Paolo Abeni authored
Endpoint creation can fail for a number of reasons; in case of failure append the error number to the extended ack message, using a newly introduced generic helper. Additionally let mptcp_pm_nl_append_new_local_addr() report different error reasons. Reviewed-by:
Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by:
-
Paolo Abeni authored
When endpoint creation fails, we need to free the newly allocated entry and eventually destroy the paired mptcp listener socket. Consolidate such action in a single point let all the errors path reach it. Reviewed-by:
-
Kuniyuki Iwashima authored
We assume the correct errno is -EADDRINUSE when sk->sk_prot->get_port() fails, so some ->get_port() functions return just 1 on failure and the callers return -EADDRINUSE instead. However, mptcp_get_port() can return -EINVAL. Let's not ignore the error. Note the only exception is inet_autobind(), all of whose callers return -EAGAIN instead. Fixes: cec37a6e ("mptcp: Handle MP_CAPABLE options for outgoing connections") Signed-off-by:
Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by:
-
Yoshihiro Shimoda authored
Smatch detected the following warning. drivers/net/ethernet/renesas/rswitch.c:1717 rswitch_init() warn: '%pM' cannot be followed by 'n' The 'n' should be '\n'. Reported-by:Geert Uytterhoeven <geert+renesas@glider.be> Fixes: 3590918b ("net: ethernet: renesas: Add support for "Ethernet Switch"") Signed-off-by:
Yoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com> Reviewed-by:
Saeed Mahameed <saeed@kernel.org> Signed-off-by:
-
David S. Miller authored
netdev.vger.kernel.org archive mirror Steen Hegelund says: ==================== net: Add support for VCAP debugFS in Sparx5 This provides support for getting VCAP instance, VCAP rule and VCAP port keyset configuration information via the debug file system. It builds on top of the initial IS2 VCAP support found in these series: https://lore.kernel.org/all/20221020130904.1215072-1-steen.hegelund@microchip.com/ https://lore.kernel.org/all/20221109114116.3612477-1-steen.hegelund@microchip.com/ https://lore.kernel.org/all/20221111130519.1459549-1-steen.hegelund@microchip.com/ Functionality: ============== The VCAP API exposes a /sys/kernel/debug/sparx5/vcaps folder containing the following entries: - raw_<vcap>_<instance> This is a raw dump of the VCAP instance with a line for each available VCAP rule. This information is limited to the VCAP rule address, the rule size and the rule keyset name as this requires very little information from the VCAP cache. This can be used to detect if a valid rule is stored at the correct address. - <vcap>_<instance> This dumps the VCAP instance configuration: address ranges, chain id ranges, word size of keys and actions etc, and for each VCAP rule the details of keys (values and masks) and actions are shown. This is useful when discovering if the expected rule is present and in which order it will be matched. - <interface> This shows the keyset configuration per lookup and traffic type and the set of sticky bits (common for all interfaces). This is cleared when shown, so it is possible to sample over a period of time. It also shows if this port/lookup is enabled for matching in the VCAP. This can be used to find out which keyset the traffic being sent to a port, will be matched against, and if such traffic has been seen by one of the ports. Delivery: ========= This is current plan for delivering the full VCAP feature set of Sparx5: - TC protocol all support for IS2 VCAP - Sparx5 IS0 VCAP support - TC policer and drop action support (depends on the Sparx5 QoS support upstreamed separately) - Sparx5 ES0 VCAP support - TC flower template support - TC matchall filter support for mirroring and policing ports - TC flower filter mirror action support - Sparx5 ES2 VCAP support Version History: ================ v2 Removed a 'support' folder (used for integration testing) that had been added in patch 6/8 by a mistake. Wrapped long lines. v1 Initial version ==================== Signed-off-by:
-
Steen Hegelund authored
This tests the functionality of the debugFS support: - finding valid keyset on an address - raw VCAP output - full rule VCAP output Signed-off-by:
Steen Hegelund <steen.hegelund@microchip.com> Signed-off-by:
-
Steen Hegelund authored
This ensures that the VCAP cache and the lists maintained in the VCAP instance is protected when accessed by different clients. Signed-off-by:
-
Steen Hegelund authored
This add support for displaying the keys and actions in a rule. The keys and action display format will be determined by the size and the type of the key or action. The longer keys will typically be displayed as a hexadecimal byte array. The actionset is not decoded in full as the Sparx5 IS2 only has one supported action, so this will be added later with other VCAP types. Signed-off-by:
-
Steen Hegelund authored
This add support to show all rules in a VCAP instance. The information shown is: - rule id - address range - size - chain id - keyset name, subword size, register span - actionset name, subword size, register span - counter value - sticky bit (one bit width counter) Signed-off-by:
-
Steen Hegelund authored
This adds support for decoding VCAP rules with a minimum number of attributes: address, rule size and keyset. This allows for a quick inspection of a VCAP instance to determine if the rule are present and in the correct order. Signed-off-by:
-
Steen Hegelund authored
Add a debugFS root folder for Sparx5 and add a vcap folder underneath with the VCAP instances and the ports Signed-off-by:
-
Steen Hegelund authored
This ensures that the last_used_addr in a VCAP instance is returned to the default value when all rules have been deleted. Signed-off-by:
-
Steen Hegelund authored
This ensures that the l3_proto always have a valid value and that any dissector parsing errors causes the flower rule to be discarded. Signed-off-by:
-
David S. Miller authored
Jeroen de Borst says: ==================== gve: Handle alternate miss-completions Some versions of the virtual NIC present miss-completions in an alternative way. Let the diver handle these alternate completions and announce this capability to the device. The capability is announced uing a new AdminQ command that sends driver information to the device. The device can refuse a driver if it is lacking support for a capability, or it can adopt it's behavior to work around OS specific issues. Changed in v5: - Removed comments in fucntion calls - Switched ENOTSUPP back to EOPNOTSUPP and made sure it gets passed Changed in v4: - Clarified new AdminQ command in cover letter - Changed EOPNOTSUPP to ENOTSUPP to match device's response Changed in v3: - Rewording cover letter - Added 'Reviewed-by: Jesse Brandeburg <jesse.brandeburg@intel.com>' Changes in v2: - Changed the subject to include 'gve:' ==================== Signed-off-by: -
Jeroen de Borst authored
The virtual NIC has 2 ways of indicating a miss-path completion. This handles the alternate. Signed-off-by:
Jeroen de Borst <jeroendb@google.com> Reviewed-by:
Jesse Brandeburg <jesse.brandeburg@intel.com> Signed-off-by:
-
Jeroen de Borst authored
Check whether the driver is compatible with the device presented. Signed-off-by:
-
Dmitry Vyukov authored
Extend the test to check the scenario when NCI core tries to send data to already closed device to ensure that nothing bad happens. Signed-off-by:
Dmitry Vyukov <dvyukov@google.com> Cc: Bongsu Jeon <bongsu.jeon@samsung.com> Cc: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Cc: Jakub Kicinski <kuba@kernel.org> Cc: netdev@vger.kernel.org Signed-off-by:
-
David S. Miller authored
Andy Chiu says: ==================== net: axienet: Use a DT property to configure frequency of the MDIO bus Some FPGA platforms have to set frequency of the MDIO bus lower than 2.5 MHz. Thus, we use a DT property, which is "clock-frequency", to work with it at boot time. The default 2.5 MHz would be set if the property is not pressent. Also, factor out mdio enable/disable functions due to the api change since 253761a0. Changelog: --- v5 --- 1. Make dt-binding patch prior to the implementation patch. 2. Disable mdio bus in error path. 3. Update description of some functions. --- v4 --- 1. change MAX_MDIO_FREQ to DEFAULT_MDIO_FREQ as suggested by Andrew. --- v3 RESEND --- 1. Repost the exact same patch again --- v3 --- 1. Fix coding style, and make probing of the driver fail if MDC overflow --- v2 --- 1. Use clock-frequency, as defined in mdio.yaml, to configure MDIO clock. 2. Only print out frequency if it is set to a non-standard value. 3. Reduce the scope of axienet_mdio_enable and remove axienet_mdio_disable because no one really uses it anymore. ==================== Signed-off-by:
-
Andy Chiu authored
Some FPGA platforms have 80KHz MDIO bus frequency constraint when connecting Ethernet to its on-board external Marvell PHY. Thus, we may have to set MDIO clock according to the DT. Otherwise, use the default 2.5 MHz, as specified by 802.3, if the entry is not present. Also, change MAX_MDIO_FREQ to DEFAULT_MDIO_FREQ because we may actually set MDIO bus frequency higher than 2.5MHz if undelying devices support it. And properly disable the mdio bus clock in error path. Signed-off-by:
Andy Chiu <andy.chiu@sifive.com> Reviewed-by:
Radhey Shyam Pandey <radhey.shyam.pandey@amd.com> Reviewed-by:
Andrew Lunn <andrew@lunn.ch> Signed-off-by:
-
Andy Chiu authored
mdio bus frequency is going to be configurable at boottime by a property in DT now, so add a description to it. Signed-off-by:
Greentime Hu <greentime.hu@sifive.com> Reviewed-by:
Rob Herring <robh@kernel.org> Signed-off-by:
-
Andy Chiu authored
Both axienet_mdio_{enable/disable} functions are no longer used in xilinx_axienet_main.c due to 253761a0. And axienet_mdio_disable is not even used in the mdio.c. So unexport and remove them. Signed-off-by: -
Dan Carpenter authored
Smatch complains that: drivers/net/ethernet/microchip/sparx5/sparx5_dcb.c:112 sparx5_dcb_apptrust_validate() error: uninitialized symbol 'match'. This would only happen if the: if (sparx5_dcb_apptrust_policies[i].nselectors != nselectors) condition is always true (they are not equal). The "nselectors" variable comes from dcbnl_ieee_set() and it is a number between 0-256. This seems like a probably a real bug. Fixes: 23f8382c ("net: microchip: sparx5: add support for apptrust") Signed-off-by:Daniel Machon <daniel.machon@microchip.com> Signed-off-by:
-
Lorenzo Bianconi authored
Fix RSTCTRL_PPE0 and RSTCTRL_PPE1 register mask definitions for MTK_NETSYS_V2. Remove duplicated definitions. Fixes: 160d3a9b ("net: ethernet: mtk_eth_soc: introduce MTK_NETSYS_V2 support") Signed-off-by:
Lorenzo Bianconi <lorenzo@kernel.org> Signed-off-by:
-
Horatiu Vultur authored
When VCAP_KUNIT_TEST is enabled the following warnings are generated: drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c:257:34: warning: Using plain integer as NULL pointer drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c:258:41: warning: Using plain integer as NULL pointer drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c:342:23: warning: Using plain integer as NULL pointer drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c:359:23: warning: Using plain integer as NULL pointer drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c:1327:34: warning: Using plain integer as NULL pointer drivers/net/ethernet/microchip/vcap/vcap_api_kunit.c:1328:41: warning: Using plain integer as NULL pointer Therefore fix this. Fixes: dccc30cc ("net: microchip: sparx5: Add KUNIT test of counters and sorted rules") Fixes: c956b9b3 ("net: microchip: sparx5: Adding KUNIT tests of key/action values in VCAP API") Fixes: 67d63751 ("net: microchip: sparx5: Adding KUNIT test for the VCAP API") Signed-off-by:
Horatiu Vultur <horatiu.vultur@microchip.com> Signed-off-by:
-
David S. Miller authored
Simon Horman says: ==================== nfp: IPsec offload support Huanhuan Wang says: this series adds support for IPsec offload to the NFP driver. It covers three enhancements: 1. Patches 1/3: - Extend the capability word and control word to to support new features. 2. Patch 2/3: - Add framework to support IPsec offloading for NFP driver, but IPsec offload control plane interface xfrm callbacks which interact with upper layer are not implemented in this patch. 3. Patch 3/3: - IPsec control plane interface xfrm callbacks are implemented in this patch. Changes since v3 * Remove structure fields that describe firmware but are not used for Kernel offload * Add WARN_ON(!xa_empty()) before call to xa_destroy() * Added helpers for hash methods Changes since v2 * OFFLOAD_HANDLE_ERROR macro and the associated code removed * Unnecessary logging removed * Hook function xdo_dev_state_free in struct xfrmdev_ops removed * Use Xarray to maintain SA entries Changes since v1 * Explicitly return failure when XFRM_STATE_ESN is set * Fix the issue that AEAD algorithm is not correctly offloaded ==================== Signed-off-by: -
Huanhuan Wang authored
Xfrm callbacks are implemented to offload SA info into firmware by mailbox. It supports 16K SA info in total. Expose ipsec offload feature to upper layer, this feature will signal the availability of the offload. Based on initial work of Norm Bagley <norman.bagley@netronome.com>. Signed-off-by:
Huanhuan Wang <huanhuan.wang@corigine.com> Reviewed-by:
Louis Peens <louis.peens@corigine.com> Signed-off-by:
Simon Horman <simon.horman@corigine.com> Acked-by:
Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by:
-
Huanhuan Wang authored
A new metadata type and config structure are introduced to interact with firmware to support ipsec offloading. This feature relies on specific firmware that supports ipsec encrypt/decrypt by advertising related capability bit. The xfrm callbacks which interact with upper layer are implemented in the following patch. Based on initial work of Norm Bagley <norman.bagley@netronome.com>. Signed-off-by:
Leon Romanovsky <leonro@nvidia.com> Signed-off-by:
-
