- 02 Oct, 2014 7 commits
-
-
Pablo Neira Ayuso authored
You can use physdev to match the physical interface enslaved to the bridge device. This information is stored in skb->nf_bridge and it is set up by br_netfilter. So, this is only available when iptables is used from the bridge netfilter path. Since 34666d46 ("netfilter: bridge: move br_netfilter out of the core"), the br_netfilter code is modular. To reduce the impact of this change, we can autoload the br_netfilter if the physdev match is used since we assume that the users need br_netfilter in place. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
This allows us to emulate the NAT table in ebtables, which is actually a plain filter chain that hooks at prerouting, output and postrouting. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
This code was based on the wrong asumption that you can probe based on the match/target private size that we get from userspace. This doesn't work at all when you have to dump the info back to userspace since you don't know what word size the userspace utility is using. Currently, the extensions that require arch compat are limit match and the ebt_mark match/target. The standard targets are not used by the nft-xt compat layer, so they are not affected. We can work around this limitation with a new revision that uses arch agnostic types. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
Make sure the objects have been released before the nf_tables modules is removed. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
In 34666d46 ("netfilter: bridge: move br_netfilter out of the core"), the bridge netfilter code has been modularized. Use IS_ENABLED instead of ifdef to cover the module case. Fixes: 34666d46 ("netfilter: bridge: move br_netfilter out of the core") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
Move nf_send_reset() and nf_send_reset6() to nf_reject_ipv4 and nf_reject_ipv6 respectively. This code is shared by x_tables and nf_tables. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
Pablo Neira Ayuso authored
This patch introduces the NFT_REJECT_ICMPX_UNREACH type which provides an abstraction to the ICMP and ICMPv6 codes that you can use from the inet and bridge tables, they are: * NFT_REJECT_ICMPX_NO_ROUTE: no route to host - network unreachable * NFT_REJECT_ICMPX_PORT_UNREACH: port unreachable * NFT_REJECT_ICMPX_HOST_UNREACH: host unreachable * NFT_REJECT_ICMPX_ADMIN_PROHIBITED: administratevely prohibited You can still use the specific codes when restricting the rule to match the corresponding layer 3 protocol. I decided to not overload the existing NFT_REJECT_ICMP_UNREACH to have different semantics depending on the table family and to allow the user to specify ICMP family specific codes if they restrict it to the corresponding family. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-
- 01 Oct, 2014 3 commits
-
-
Eric Dumazet authored
Proper CHECKSUM_COMPLETE support needs to adjust skb->csum when we remove one header. Its done using skb_gro_postpull_rcsum() In the case of IPv4, we know that the adjustment is not really needed, because the checksum over IPv4 header is 0. Lets add a comment to ease code comprehension and avoid copy/paste errors. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Stephen Rothwell authored
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Acked-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Fabian Frederick authored
Commit 3243acd3 ("ieee802154: add __init to lowpan_frags_sysctl_register") added __init to lowpan_frags_ns_sysctl_register instead of lowpan_frags_sysctl_register Suggested-by: Alexander Aring <alex.aring@gmail.com> Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 30 Sep, 2014 30 commits
-
-
David S. Miller authored
David L Stevens says: ==================== sunvnet: add jumbo frames support This patch set updates the sunvnet driver to version 1.6 of the VIO protocol to support per-port exchange of MTU information and allow non-standard MTU sizes, including jumbo frames. Using large MTUs shows a nearly 5X throughput improvement Linux-Solaris and > 10X throughput improvement Linux-Linux. Changes from v8: -add a short timeout to free pending skbs if a new transmit doesn't do it first per Dave Miller <davem@davemloft.net> Changes from v7: -handle skb allocation failures in vnet_skb_shape() per Dave Miller <davem@davemloft.net> Changes from v6: -made kernel transmit path zero-copy to remove memory n^2 scaling issue raised by Raghuram Kothakota <Raghuram.Kothakota@oracle.com> Changes from v5: - fixed comment per Sowmini Varadhan <sowmini.varadhan@oracle.com> Changes from v4: - changed VNET_MAXPACKET per David Laight <David.Laight@ACULAB.COM> - added cookies to support non-contiguous buffers of max size Changes from v3: - added version functions per Dave Miller <davem@davemloft.net> - moved rmtu to vnet_port per Dave Miller <davem@davemloft.net> - explicitly set options bits and capability flags to 0 per Raghuram Kothakota <Raghuram.Kothakota@oracle.com> Changes from v2: - make checkpatch clean Changes from v1: - fix brace formatting per Dave Miller <davem@davemloft.net> ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
David L Stevens authored
This patch sends ICMP and ICMPv6 messages for Path MTU Discovery when a remote port MTU is smaller than the device MTU. This allows mixing newer VIO protocol devices that support MTU negotiation with older devices that do not on the same vswitch. It also allows Linux-Linux LDOMs to use 64K-1 data packets even though Solaris vswitch is limited to <16K MTU. Signed-off-by: David L Stevens <david.stevens@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David L Stevens authored
This patch allows an admin to set the MTU on a sunvnet device to arbitrary values between the minimum (68) and maximum (65535) IPv4 packet sizes. Signed-off-by: David L Stevens <david.stevens@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David L Stevens authored
This patch removes pre-allocated transmit buffers and instead directly maps pending packets on demand. This saves O(n^2) maximum-sized transmit buffers, for n hosts on a vswitch, as well as a copy to those buffers. Single-stream TCP throughput linux-solaris dropped ~5% for 1500-byte MTU, but linux-linux at 1500-bytes increased ~20%. Signed-off-by: David L Stevens <david.stevens@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David L Stevens authored
This patch upgrades the sunvnet driver to support VIO protocol version 1.6. In particular, it adds per-port MTU negotiation, allowing MTUs other than ETH_FRAMELEN with ports using newer VIO protocol versions. Signed-off-by: David L Stevens <david.stevens@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Li RongQing authored
No caller uses the return value, so make this function return void. Signed-off-by: Li RongQing <roy.qing.li@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Fabian Frederick authored
lowpan_frags_sysctl_register is only called by __init lowpan_net_frag_init (part of the lowpan module). Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Fabian Frederick authored
irlan_open is only called by __init irlan_init in same module. Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Guenter Roeck authored
Fix: arch/mips/net/bpf_jit.c: In function 'build_body': arch/mips/net/bpf_jit.c:762:6: error: unused variable 'tmp' cc1: all warnings being treated as errors make[2]: *** [arch/mips/net/bpf_jit.o] Error 1 Seen when building mips:allmodconfig in -next since next-20140924. Signed-off-by: Guenter Roeck <linux@roeck-us.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Antoine Tenart says: ==================== ARM: Berlin: Ethernet support This series introduce support for the Ethernet controller on Berlin SoCs, using the existing pxa168 Ethernet driver. In order to do this, DT support is added to the driver alongside some other modifications and fixes. This has been tested on a Berlin BG2Q DMP board. Changes since v5: - fixed the build when building the driver as a module Changes since v4: - removed the phy-addr property and added a phy subnode - added COMPILE_TEST for the pxa168_eth driver Changes since v3: - moved the addition of pxa168_eth_get_mac_address() to the patch using it first Changes since v2: - reworked how the MAC address is configured - made the clock anonymous Changes since v1: - removed custom Berlin Ethernet driver - used the pxa168 Ethernet driver instead - made modifications to the pxa168 driver (DT support, fixes) ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
This patch enables the Ethernet port on the Marvell Berlin2Q DMP board. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
This patch adds the Ethernet node, enabling the network unit on Berlin BG2Q SoCs. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
Add a dependency to COMPILE_TEST so that the driver can be compiled for test purposes. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
Berlin SoCs have an Ethernet controller compatible with the pxa168. Allow these SoCs to use the pxa168_eth driver. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
This patch rework the way the MAC address is retrieved. The MAC address can now, in addition to being random, be set in the device tree or retrieved from the Ethernet controller MAC address registers. The probing function will try to get a MAC address in the following order: - From the device tree. - From the Ethernet controller MAC address registers. - Generate a random one. This patch also adds a function to read the MAC address from the Ethernet Controller registers. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
When changing the MAC address, in addition to updating the dev_addr in the net_device structure, this patch also update the MAC address registers (high and low) of the Ethernet controller with the new MAC. The address stored in these registers is used for IEEE 802.3x Ethernet flow control, which is already enabled. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
IEEE 802.3x Ethernet flow control is disabled when bit (1 << 2) is set in the port status register. Fix the flow control detection in the link event handling function which was relying on the opposite assumption. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
This adds the binding documentation for the Marvell PXA168 Ethernet controller, following its DT support. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
Add the device tree support to the pxa168_eth driver. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Antoine Ténart authored
Clean up a bit the pxa168_eth driver before adding the device tree support. Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Or Gerlitz says: ==================== mlx4_core driver updates A series from Jack and Co of low-level fixes for the mlx4_core driver ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jack Morgenstein authored
ConnectX2 HCAs have max_mtu=4k and max_vl=8 vls. However, if you specify a 4K mtu, the max_vl supported for 4K is 4 vls. The driver at startup attempts to set a 4K mtu using the max_vl value obtained from QUERY_PORT. Since the max_vl value is 8 vls (which is supported up to 2K mtu size), the first attempt to set the mtl/vl port value will fail, generating the following error message in the log: mlx4_core 0000:06:00.0: command 0xc failed: fw status = 0x40 The driver then tries again, using mtu=4k, vls=4, and this succeeds. Since we do not want to have this error message always displayed at driver start when there are ConnectX2 HCAs on the host, we deprecate the error message for this specific command/input_modifier/opcode_modifier/fw-status to be debug. Signed-off-by: Jack Morgenstein <jackm@dev.mellanox.co.il> Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jack Morgenstein authored
The function mlx4_QUERY_PORT_wrapper implements only the QUERY_PORT "general" case (opcode modifier = 0). Verify that the opcode modifier is zero, and also that the input modifier contains only the port number in bits 0..7 (all other bits should be zero). Signed-off-by: Jack Morgenstein <jackm@dev.mellanox.co.il> Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Majd Dibbiny authored
In the new flow, we separate the pci initialization and teardown from the initialization and teardown of the other resources. __mlx4_init_one handles the pci resources initialization. It then calls mlx4_load_one to initialize the remainder of the resources. When removing a device, mlx4_remove_one is invoked. However, now mlx4_remove_one calls mlx4_unload_one to free all the resources except the pci resources. When mlx4_unload_one returns, mlx4_remove_one then frees the pci resources. The above separation will allow us to implement 'reset flow' in the future. It will also enable more EQs for VFs and is a pre-step to the modern API to enable/disable SRIOV. Also added nvfs; an integer array of size MLX4_MAX_PORTS + 1; to the mlx4_dev struct. This new field is used to avoid parsing the num_vfs module parameter each time the mlx4_restart_one is called. Signed-off-by: Majd Dibbiny <majd@mellanox.com> Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jack Morgenstein authored
When unloading the host driver while there are VFs active on VMs, the PF driver disabled sriov anyway, causing kernel crashes. We now leave SRIOV enabled, to avoid that. When the driver is reloaded, __mlx4_init_one is invoked on the PF. It now checks to see if SRIOV is already enabled on the PF -- and if so does not enable sriov again. Signed-off-by: Tal Alon <talal@mellanox.com> Signed-off-by: Jack Morgenstein <jackm@dev.mellanox.co.il> Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Florian Westphal authored
Eric reports build failure with CONFIG_BRIDGE_NETFILTER=n We insist to build br_nf_core.o unconditionally, but we must only do so if br_netfilter was enabled, else it fails to build due to functions being defined to empty stubs (and some structure members being defined out). Also, BRIDGE_NETFILTER=y|m makes no sense when BRIDGE=n. Fixes: 34666d46 (netfilter: bridge: move br_netfilter out of the core) Reported-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Markus Pargmann says: ==================== net: cpsw: Support for am335x chip MACIDs This series adds support to the cpsw driver to read the MACIDs of the am335x chip and use them as fallback. These addresses are only used if there are no mac addresses in the devicetree, for example set by a bootloader. ==================== Acked-by: Mugunthan V N <mugunthanvnm@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Markus Pargmann authored
There are 2 MACIDs stored in the control module of the am33xx. These are read by the cpsw driver if no valid MACID was found in the devicetree. Signed-off-by: Markus Pargmann <mpa@pengutronix.de> Reviewed-by: Wolfram Sang <wsa@the-dreams.de> Acked-by: Tony Lindgren <tony@atomide.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Markus Pargmann authored
Signed-off-by: Markus Pargmann <mpa@pengutronix.de> Reviewed-by: Wolfram Sang <wsa@the-dreams.de> Acked-by: Tony Lindgren <tony@atomide.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Markus Pargmann authored
This patch adds a function to get the MACIDs from the am33xx SoC control module registers which hold unique vendor MACIDs. This is only used if of_get_mac_address() fails to get a valid mac address. Signed-off-by: Markus Pargmann <mpa@pengutronix.de> Reviewed-by: Wolfram Sang <wsa@the-dreams.de> Tested-by: Steven Rostedt <rostedt@goodmis.org> Acked-by: Tony Lindgren <tony@atomide.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-