- 11 Jun, 2012 11 commits
-
-
danborkmann@iogearbox.net authored
This small patch removes access to the last element of the spkt_device array through a constant. Instead, it is accessed by sizeof() to respect possible changes in if_packet.h. Signed-off-by:
Daniel Borkmann <daniel.borkmann@tik.ee.ethz.ch> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
David S. Miller authored
If no peer actually gets attached (either because create is zero or the peer allocation fails) we'll trigger a BUG because we unconditionally do an rt{,6}_peer_ptr() afterwards. Fix this by guarding it with the proper check. Signed-off-by: -
Pablo Neira Ayuso authored
This patch fixes the compilation of the TCP and UDP trackers with sysctl compilation disabled: net/netfilter/nf_conntrack_proto_udp.c: In function ‘udp_init_net_data’: net/netfilter/nf_conntrack_proto_udp.c:279:13: error: ‘struct nf_proto_net’ has no member named ‘user’ net/netfilter/nf_conntrack_proto_tcp.c:1606:9: error: ‘struct nf_proto_net’ has no member named ‘user’ net/netfilter/nf_conntrack_proto_tcp.c:1643:9: error: ‘struct nf_proto_net’ has no member named ‘user’ Reported-by:
Fengguang Wu <wfg@linux.intel.com> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by:
-
Eric Dumazet authored
__dev_get_by_name() is slow because pm_qos_req has been inserted between name[] and name_hlist, adding cache misses. pm_qos_req has nothing to do at the beginning of struct net_device Signed-off-by:
Eric Dumazet <edumazet@google.com> Signed-off-by:
-
-
David S. Miller authored
We handle NULL in rt{,6}_set_peer but then our caller will try to pass that NULL pointer into inet_putpeer() which isn't ready for it. Fix this by moving the NULL check one level up, and then remove the now unnecessary NULL check from inetpeer_ptr_set_peer(). Reported-by:Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
-
David S. Miller authored
Signed-off-by: -
David S. Miller authored
Signed-off-by: -
David S. Miller authored
This implementation can deal with having many inetpeer roots, which is a necessary prerequisite for per-FIB table rooted peer tables. Each family (AF_INET, AF_INET6) has a sequence number which we bump when we get a family invalidation request. Each peer lookup cheaply checks whether the flush sequence of the root we are using is out of date, and if so flushes it and updates the sequence number. Signed-off-by: -
David S. Miller authored
There is zero point to this function. It's only real substance is to perform an extremely outdated BSD4.2 ICMP check, which we can safely remove. If you really have a MTU limited link being routed by a BSD4.2 derived system, here's a nickel go buy yourself a real router. The other actions of ip_rt_frag_needed(), checking and conditionally updating the peer, are done by the per-protocol handlers of the ICMP event. TCP, UDP, et al. have a handler which will receive this event and transmit it back into the associated route via dst_ops->update_pmtu(). This simplification is important, because it eliminates the one place where we do not have a proper route context in which to make an inetpeer lookup. Signed-off-by: -
David S. Miller authored
We encode the pointer(s) into an unsigned long with one state bit. The state bit is used so we can store the inetpeer tree root to use when resolving the peer later. Later the peer roots will be per-FIB table, and this change works to facilitate that. Signed-off-by:
-
- 10 Jun, 2012 3 commits
-
-
David S. Miller authored
Otherwise we reference potentially non-existing members when ipv6 is disabled. Signed-off-by: -
Eric Dumazet authored
As pointed out by Michael Tokarev , struct unix_iter_state is no longer needed. Suggested-by:
Michael Tokarev <mjt@tls.msk.ru> Signed-off-by:
-
David S. Miller authored
Signed-off-by:
-
- 09 Jun, 2012 5 commits
-
-
David S. Miller authored
We only need one interface for this operation, since we always know which inetpeer root we want to flush. Signed-off-by: -
David S. Miller authored
Instead of net/ipv4/inetpeer.c Signed-off-by: -
David S. Miller authored
Since it's guarenteed that we will access the inetpeer if we're trying to do timewait recycling and TCP options were enabled on the connection, just cache the peer in the timewait socket. In the future, inetpeer lookups will be context dependent (per routing realm), and this helps facilitate that as well. Signed-off-by: -
David S. Miller authored
The get_peer method TCP uses is full of special cases that make no sense accommodating, and it also gets in the way of doing more reasonable things here. First of all, if the socket doesn't have a usable cached route, there is no sense in trying to optimize timewait recycling. Likewise for the case where we have IP options, such as SRR enabled, that make the IP header destination address (and thus the destination address of the route key) differ from that of the connection's destination address. Just return a NULL peer in these cases, and thus we're also able to get rid of the clumsy inetpeer release logic. Signed-off-by: -
David S. Miller authored
There's a lot of places that open-code rt{,6}_get_peer() only because they want to set 'create' to one. So add an rt{,6}_get_peer_create() for their sake. There were also a few spots open-coding plain rt{,6}_get_peer() and those are transformed here as well. Signed-off-by:
-
- 08 Jun, 2012 3 commits
-
-
Eric Dumazet authored
/proc/net/unix has quadratic behavior, and can hold unix_table_lock for a while if high number of unix sockets are alive. (90 ms for 200k sockets...) We already have a hash table, so its quite easy to use it. Problem is unbound sockets are still hashed in a single hash slot (unix_socket_table[UNIX_HASH_TABLE]) This patch also spreads unbound sockets to 256 hash slots, to speedup both /proc/net/unix and unix_diag. Time to read /proc/net/unix with 200k unix sockets : (time dd if=/proc/net/unix of=/dev/null bs=4k) before : 520 secs after : 2 secs Signed-off-by:
-
Gao feng authored
add struct net as a parameter of inet_getpeer_v[4,6], use net to replace &init_net. and modify some places to provide net for inet_getpeer_v[4,6] Signed-off-by:
Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by:
-
Gao feng authored
now inetpeer doesn't support namespace,the information will be leaking across namespace. this patch move the global vars v4_peers and v6_peers to netns_ipv4 and netns_ipv6 as a field peers. add struct pernet_operations inetpeer_ops to initial pernet inetpeer data. and change family_to_base and inet_getpeer to support namespace. Signed-off-by:
-
- 07 Jun, 2012 18 commits
-
-
Padmanabh Ratnakar authored
Permanent MAC is wrongly supplied in create iface command. Call the command with no MAC address and then MAC address should be later queried and applied. Signed-off-by:
Padmanabh Ratnakar <padmanabh.ratnakar@emulex.com> Signed-off-by:
-
Hong zhi guo authored
instead of raw assignment to current->state Signed-off-by:
Hong Zhiguo <honkiko@gmail.com> Signed-off-by:
-
Yuval Mintz authored
This patch extends the bnx2x's ethtool interface to enable control in the eee feature, as well as report statistic information about it. Signed-off-by:
Yuval Mintz <yuvalmin@broadcom.com> Signed-off-by:
Eilon Greenstein <eilong@broadcom.com> Signed-off-by:
-
Yuval Mintz authored
This patch adds energy efficient energy support (802.3az) to bnx2x boards with 84833 phys (and sufficiently new BC and external FW). Signed-off-by:
-
Yuval Mintz authored
This patch extends the kernel's ethtool interface by adding support for 2 new EEE commands - get_eee and set_eee. Thanks goes to Giuseppe Cavallaro for his original patch adding this support. Signed-off-by:
Ben Hutchings <bhutchings@solarflare.com> Signed-off-by:
-
Ben Hutchings authored
__alloc_skb() now extends tailroom to allow the use of padding added by the heap allocator. Signed-off-by:
-
Rajesh Borundia authored
o Use correct l3 (ETH_IP or ETH_IPV6)protcol in case of inband vlan. Because of incorrect protcol type driver was setting incorrect opcode. This resulted in adapter calculating checksum incorrectly. o Updated driver version to 5.0.29 Signed-off-by:
Rajesh Borundia <rajesh.borundia@qlogic.com> Signed-off-by:
Anirban Chakraborty <anirban.chakraborty@qlogic.com> Signed-off-by:
-
Jitendra Kalsaria authored
Add debug messages for FW CDRP command failure. Signed-off-by:
Jitendra Kalsaria <jitendra.kalsaria@qlogic.com> Signed-off-by:
-
Rajesh Borundia authored
o Linux stack estimates MSS from skb->len or skb_shinfo(skb)->gso_size. In case of LRO skb->len is aggregate of len of number of packets hence MSS obtained using skb->len would be incorrect. Incorrect estimation of recv MSS would lead to delayed acks in some traffic patterns (which sends two or three packets and wait for ack and only then send remaining packets). This leads to drop in performance. Hence we need to set gso_size to MSS obtained from firmware. o This is fixed recently in firmware hence the MSS is obtained based on capability. If fw is capable of sending the MSS then only driver sets the gso_size. Signed-off-by:
-
Dan Carpenter authored
We added another error condition here, but if we were to hit it then we need to unregister_netdev() before doing the free_netdev(). Otherwise we would hit the BUG_ON() in free_netdev(): BUG_ON(dev->reg_state != NETREG_UNREGISTERED); Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Tested-by:
Raffaele Recalcati <raffaele.recalcati@bticino.it> Signed-off-by:
-
Alban Crequy authored
This patch is a cleanup. Use NFPROTO_* for consistency with other netfilter code. Signed-off-by:
Alban Crequy <alban.crequy@collabora.co.uk> Reviewed-by:
Javier Martinez Canillas <javier.martinez@collabora.co.uk> Reviewed-by:
Vincent Sanders <vincent.sanders@collabora.co.uk> Signed-off-by:
-
Alban Crequy authored
This patch is a cleanup. Use NFPROTO_* for consistency with other netfilter code. Signed-off-by:
-
Alban Crequy authored
This patch is a cleanup. Use NFPROTO_* for consistency with other netfilter code. Signed-off-by:
-
Alban Crequy authored
This patch is a cleanup. Use NFPROTO_* for consistency with other netfilter code. Signed-off-by:
-
Alban Crequy authored
This patch is a cleanup. Use NFPROTO_* for consistency with other netfilter code. Signed-off-by:
-
Denys Fedoryshchenko authored
The mask option allows you put all address belonging that mask into the same recent slot. This can be useful in case that recent is used to detect attacks from the same network segment. Tested for backward compatibility. Signed-off-by:
Denys Fedoryshchenko <denys@visp.net.lb> Signed-off-by:
-
Florian Westphal authored
because reply packets need to go to the same nfqueue, src/dst ip address were xor'd prior to jhash(). However, this causes bad distribution for some workloads, e.g. flows a.b.1.{1,n} -> a.b.2.{1,n} all share the same hash value. Avoid this by hashing both. To get same hash for replies, first argument is the smaller address. Signed-off-by:Florian Westphal <fw@strlen.de> Signed-off-by:
-
Gao feng authored
This patch adds namespace support for cttimeout. Acked-by:
Eric W. Biederman <ebiederm@xmission.com> Signed-off-by:
-
