- 10 Jan, 2016 17 commits
-
-
David S. Miller authored
Nikolay Borisov says: ==================== Namespaceify tcp keepalive machinery The following patch series enables the tcp keepalive mechanism to be configured per net namespace. This is especially useful if you have multiple containers hosted on one node and one of them is under DoS- in such situations one thing which could be done is to configure the tcp keepalive settings such that connections for that particular container are being reset faster. Another scenario where not being able to control those knob comes per container is problematic is occurs the value of net.netfilter.nf_conntrack_tcp_timeout_established is set below the keepalive interval, in such situations the server won't send an RST packet resulting in applications not trying to reconnect and stale connection waiting. Changing the global keepalive value is a possible solution but it might interfere with other containers. The three patches gradually convert each of the affected knobs to be per netns. I thought it would be easier for review than put everything in one patch. If people deem it more appropriate to squash everything in one patch (maybe after review) I'd be more than happy to do it. The patches have been compile-tested on 4.4 and functionally tested on 3.12 and they work as expected. These are based off 4.4-rc8 ==================== Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nikolay Borisov authored
This is the final part required to namespaceify the tcp keep alive mechanism. Signed-off-by: Nikolay Borisov <kernel@kyup.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nikolay Borisov authored
This is required to have full tcp keepalive mechanism namespace support. Signed-off-by: Nikolay Borisov <kernel@kyup.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nikolay Borisov authored
Different net namespaces might have different requirements as to the keepalive time of tcp sockets. This might be required in cases where different firewall rules are in place which require tcp timeout sockets to be increased/decreased independently of the host. Signed-off-by: Nikolay Borisov <kernel@kyup.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Jiri Pirko says: ==================== mlxsw: Adding layer 2 multicast Elad says: This patchset add Linux hardware reflection for L2 multicast offload and add MC support in mlxsw. For every bridge MDB entry insertion, either by IGMP snooping or by static insertion/removal, a switchdev ops is been called. In mlxsw, a new multicast group (MID) is been created and ports are assigned. When all ports are removed, the multicast group is been deleted. --- v1->v2: - GFP_ATOMIC->GFP_KERNEL change in patch 7/8 ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Add SWITCHDEV_OBJ_ID_PORT_MDB switchdev ops support. On first MDB insertion creates a new multicast group (MID) and add members port to the MID. Also add new MDB entry for the flooding-domain (fid-vid) and link the MDB entry to the newly constructed MC group. Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Adding a generic function that translate VID to FID. Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Adding back SMID register definition and packing. For each MC group a new SMID entry will be generated. Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Multicast-related records have specific format in SFD register. Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Offload MDB changes per port to hardware Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Elad Raz authored
Define HW multicast entry: MAC and VID. Using a MAC address simplifies support for both IPV4 and IPv6. Signed-off-by: Elad Raz <eladr@mellanox.com> Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.open-mesh.org/linux-mergeDavid S. Miller authored
Antonio Quartulli says: ==================== Included changes: - increase internal module version - increase BLA wait periods to 6 - purge BLA backbone table when it is disabled - make sure post function is invoked only if sysfs value is changed - simplify code by removing useless NULL checks - various corrections to existing kerneldoc - minor cleanups ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jiri Pirko authored
It may happen that we get notification for FDB entry for object (port, lag, vport), which does not exist. Currently we ignore that, which only causes this being re-sent in next notification. The entry will never disappear. So get rid of it by simply removing it using SFD register. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jiri Pirko authored
Do not pass struct mlxsw_sp_port to mlxsw_sp_port_fdb_uc_op and rather just pass local_port. This is needed in case this is called from SFN process function and mlxsw_sp_port is not existent for particular local_port. Signed-off-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sudip Mukherjee authored
Modify plip driver to use the new parallel port device model. Signed-off-by: Sudip Mukherjee <sudip@vectorindia.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 09 Jan, 2016 23 commits
-
-
Sven Eckelmann authored
Signed-off-by: Sven Eckelmann <sven@narfation.org> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Sven Eckelmann authored
Signed-off-by: Sven Eckelmann <sven@narfation.org> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Sven Eckelmann authored
Signed-off-by: Sven Eckelmann <sven@narfation.org> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Sven Eckelmann authored
kernel-doc is not able to skip an #ifdef between the kernel documentation block and the start of the struct. Moving the #ifdef before the kernel doc block avoids this problem Signed-off-by: Sven Eckelmann <sven@narfation.org> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Sven Eckelmann authored
Signed-off-by: Sven Eckelmann <sven@narfation.org> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Markus Elfring authored
Let us split a check for a condition at the beginning of the batadv_is_ap_isolated() function so that a direct return can be performed in this function if the variable "vlan" contained a null pointer. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Markus Elfring authored
The batadv_softif_vlan_free_ref() function tests whether its argument is NULL and then returns immediately. Thus the test around the call is not needed. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Markus Elfring authored
* Let us return directly if a call of the batadv_orig_hash_find() function returned a null pointer. * Omit the initialisation for the variable "skb" at the beginning. * Replace an assignment by a call of the kfree_skb() function and delete the affected variable "ret" then. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Markus Elfring authored
The kfree_skb() function tests whether its argument is NULL and then returns immediately. Thus the test around the calls is not needed. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring <elfring@users.sourceforge.net> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Sven Eckelmann authored
The code to convert the throughput information from a string to the batman-adv internal (100Kibit/s) representation is duplicated in batadv_parse_gw_bandwidth. Move this functionality to its own function batadv_parse_throughput to reduce the code complexity. Signed-off-by: Sven Eckelmann <sven@open-mesh.com> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Simon Wunderlich authored
Currently, the post function is also called on errors or if there were no changes, which is redundant for the functions currently using these facilities. Signed-off-by: Simon Wunderlich <simon@open-mesh.com> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Simon Wunderlich authored
If networks take a long time to come up, e.g. due to lossy links, then the bridge loop avoidance wait time to suppress broadcasts may not wait long enough and detect a backbone before the mesh is brought up. Increasing the wait period further to 60 seconds makes this scenario less likely. Signed-off-by: Simon Wunderlich <simon@open-mesh.com> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Simon Wunderlich authored
When bridge loop avoidance is disabled through sysfs, the internal datastructures are not disabled, but only BLA operations are disabled. To be sure that they are removed, purge the data immediately. That is especially useful if a firmwares network state is changed, and the BLA wait periods should restart on the new network. Signed-off-by: Simon Wunderlich <simon@open-mesh.com> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Marek Lindner authored
Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Sven Eckelmann authored
The function handles tlv containers and not tlv handlers. Thus the lockdep_assert_held has to check for the container_list lock. Fixes: 2c72d655 ("batman-adv: Annotate deleting functions with external lock via lockdep") Signed-off-by: Sven Eckelmann <sven@open-mesh.com> Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
Simon Wunderlich authored
Signed-off-by: Simon Wunderlich <sw@simonwunderlich.de> Signed-off-by: Antonio Quartulli <a@unstable.cc>
-
David S. Miller authored
Hayes Wang says: ==================== r8152: code adjustment Adjust test_bit(), clear_bit(), disable_aldps(), and enable_aldps(). ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
hayeswang authored
Replace disable_aldps() and enable_aldps() with aldps_en(). Signed-off-by: Hayes Wang <hayeswang@realtek.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
hayeswang authored
Replace test_bit() followed by clear_bit() with test_and_clear_bit(). Signed-off-by: Hayes Wang <hayeswang@realtek.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Daniel Borkmann authored
Move the details behind the cb[] access into a small helper to decouple and make them generic for bpf_prog_run_save_cb()/bpf_prog_run_clear_cb() that was introduced via commit ff936a04 ("bpf: fix cb access in socket filter programs"). Also add a comment to better clarify what is done in bpf_skb_cb(). Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Lance Richardson says: ==================== ipv4: fix various issues reported by sparse This trivial patch series addresses a number of endianness- and lock-related issues reported by sparse. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Lance Richardson authored
Add lock release/acquire annotations to ping_seq_start() and ping_seq_stop() to satisfy sparse. Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Lance Richardson authored
fib_multipath_hash() computes a hash using __be32 values, force cast these to u32 to pacify sparse. Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-