- 30 Jun, 2014 1 commit
-
-
Duan Jiong authored
replace: #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) with #if IS_ENABLED(CONFIG_NF_CT_NETLINK) replace: #if !defined(CONFIG_NF_NAT) && !defined(CONFIG_NF_NAT_MODULE) with #if !IS_ENABLED(CONFIG_NF_NAT) replace: #if !defined(CONFIG_NF_CONNTRACK) && !defined(CONFIG_NF_CONNTRACK_MODULE) with #if !IS_ENABLED(CONFIG_NF_CONNTRACK) And add missing: IS_ENABLED(CONFIG_NF_CT_NETLINK) in net/ipv{4,6}/netfilter/nf_nat_l3proto_ipv{4,6}.c Signed-off-by:Duan Jiong <duanj.fnst@cn.fujitsu.com> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
-
- 29 Jun, 2014 1 commit
-
-
Fengguang Wu authored
net/netfilter/nft_log.c:79:44-45: Unneeded semicolon Removes unneeded semicolon. Generated by: scripts/coccinelle/misc/semicolon.cocci CC: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by:
Fengguang Wu <fengguang.wu@intel.com> Signed-off-by:
-
- 28 Jun, 2014 2 commits
-
-
Pablo Neira Ayuso authored
net/netfilter/xt_LOG.c: In function 'log_tg': >> net/netfilter/xt_LOG.c:43: error: format not a string literal and no format arguments Fixes: fab4085f ("netfilter: log: nf_log_packet() as real unified interface") Reported-by:
-
Pablo Neira Ayuso authored
warning: (NETFILTER_XT_TARGET_LOG) selects NF_LOG_IPV6 which has unmet direct dependencies (NET && INET && IPV6 && NETFILTER && IP6_NF_IPTABLES && NETFILTER_ADVANCED) warning: (NF_LOG_IPV4 && NF_LOG_IPV6) selects NF_LOG_COMMON which has unmet direct dependencies (NET && INET && NETFILTER && NF_CONNTRACK) Fixes: 83e96d44 ("netfilter: log: split family specific code to nf_log_{ip,ip6,common}.c files") Reported-by:
-
- 27 Jun, 2014 6 commits
-
-
Pablo Neira Ayuso authored
Use the unified nf_log_packet() interface that allows us explicit logger selection through the nf_loginfo structure. If you specify the group attribute, this means you want to receive logging messages through nfnetlink_log. In that case, the snaplen and qthreshold attributes allows you to tune internal aspects of the netlink logging infrastructure. On the other hand, if the level is specified, then the plain text format through the kernel logging ring is used instead, which is also used by default if neither group nor level are indicated. Signed-off-by: -
Pablo Neira Ayuso authored
This includes the special handling for NFPROTO_INET. There is no real inet logger since we don't see packets of this family. However, rules are loaded using this special family type. So let's just request both IPV4 and IPV6 loggers. Signed-off-by: -
Pablo Neira Ayuso authored
This adds the generic plain text packet loggger for bridged packets. It routes the logging message to the real protocol packet logger. I decided not to refactor the ebt_log code for two reasons: 1) The ebt_log output is not consistent with the IPv4 and IPv6 Netfilter packet loggers. The output is different for no good reason and it adds redundant code to handle packet logging. 2) To avoid breaking backward compatibility for applications outthere that are parsing the specific ebt_log output, the ebt_log output has been left as is. So only nftables will use the new consistent logging format for logged bridged packets. More decisions coming in this patch: 1) This also removes ebt_log as default logger for bridged packets. Thus, nf_log_packet() routes packet to this new packet logger instead. This doesn't break backward compatibility since nf_log_packet() is not used to log packets in plain text format from anywhere in the ebtables/netfilter bridge code. 2) The new bridge packet logger also performs a lazy request to register the real IPv4, ARP and IPv6 netfilter packet loggers. If the real protocol logger is no available (not compiled or the module is not available in the system, not packet logging happens. Signed-off-by: -
Pablo Neira Ayuso authored
This adds the generic plain text packet loggger for ARP packets. It is based on the ebt_log code. Nevertheless, the output has been modified to make it consistent with the original xt_LOG output. This is an example output: IN=wlan0 OUT= ARP HTYPE=1 PTYPE=0x0800 OPCODE=2 MACSRC=00:ab:12:34:55:63 IPSRC=192.168.10.1 MACDST=80:09:12:70:4f:50 IPDST=192.168.10.150 This patch enables packet logging from ARP chains, eg. nft add rule arp filter input log prefix "input: " Signed-off-by: -
Pablo Neira Ayuso authored
Before this patch, the nf_loginfo parameter specified the logging configuration in case the specified default logger was loaded. This patch updates the semantics of the nf_loginfo parameter in nf_log_packet() which now indicates the logger that you explicitly want to use. Thus, nf_log_packet() is exposed as an unified interface which internally routes the log message to the corresponding logger type by family. The module dependencies are expressed by the new nf_logger_find_get() and nf_logger_put() functions which bump the logger module refcount. Thus, you can not remove logger modules that are used by rules anymore. Another important effect of this change is that the family specific module is only loaded when required. Therefore, xt_LOG and nft_log will just trigger the autoload of the nf_log_{ip,ip6} modules according to the family. Signed-off-by: -
Pablo Neira Ayuso authored
The plain text logging is currently embedded into the xt_LOG target. In order to be able to use the plain text logging from nft_log, as a first step, this patch moves the family specific code to the following files and Kconfig symbols: 1) net/ipv4/netfilter/nf_log_ip.c: CONFIG_NF_LOG_IPV4 2) net/ipv6/netfilter/nf_log_ip6.c: CONFIG_NF_LOG_IPV6 3) net/netfilter/nf_log_common.c: CONFIG_NF_LOG_COMMON These new modules will be required by xt_LOG and nft_log. This patch is based on original patch from Arturo Borrero Gonzalez. Signed-off-by:
-
- 25 Jun, 2014 6 commits
-
-
Pablo Neira Ayuso authored
This patch moves Eric Dumazet's log buffer implementation from the xt_log.h header file to the core net/netfilter/nf_log.c. This also includes the renaming of the structure and functions to avoid possible undesired namespace clashes. This change allows us to use it from the arp and bridge packet logging implementation in follow up patches.
-
Pablo Neira Ayuso authored
Now that legacy ulog targets are not available anymore in the tree, we can have up to two possible loggers: 1) The plain text logging via kernel logging ring. 2) The nfnetlink_log infrastructure which delivers log messages to userspace. This patch replaces the list of loggers by an array of two pointers per family for each possible logger and it also introduces a new field to the nf_logger structure which indicates the position in the logger array (based on the logger type). This prepares a follow up patch that consolidates the nf_log_packet() interface by allowing to specify the logger as parameter. Signed-off-by: -
Pablo Neira Ayuso authored
This has been marked as deprecated for quite some time and the NFLOG target replacement has been also available since 2006. Signed-off-by: -
Florian Westphal authored
This brings the (per-conntrack) ecache extension back to 24 bytes in size (was 152 byte on x86_64 with lockdep on). When event delivery fails, re-delivery is attempted via work queue. Redelivery is attempted at least every 0.1 seconds, but can happen more frequently if userspace is not congested. The nf_ct_release_dying_list() function is removed. With this patch, ownership of the to-be-redelivered conntracks (on-dying-list-with-DYING-bit not yet set) is with the work queue, which will release the references once event is out. Joint work with Pablo Neira Ayuso. Signed-off-by:
Florian Westphal <fw@strlen.de> Signed-off-by:
-
Eric Dumazet authored
kvfree() helper can make xt_free_table_info() much cleaner. Signed-off-by:
Eric Dumazet <edumazet@google.com> Signed-off-by:
-
Fabian Frederick authored
Fix checkpatch warning: WARNING: kfree(NULL) is safe this check is probably not required Signed-off-by:
Fabian Frederick <fabf@skynet.be> Signed-off-by:
-
- 24 Jun, 2014 1 commit
-
-
Anish Bhatt authored
Hi, This patch fixes warnings generated by sparse as pointed out by kbuild test robot, please apply to net-next. Applies on top of commit 79631c89 ("trivial: net/irda/irlmp.c: Fix closing brace followed by if") -Anish v2: cleanup submission as per davem's feedback Fixes: 76bcb31e ("cxgb4 : Add DCBx support codebase and dcbnl_ops") Signed-off-by:
Anish Bhatt <anish@chelsio.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
- 23 Jun, 2014 22 commits
-
-
Rasmus Villemoes authored
Signed-off-by:
Rasmus Villemoes <linux@rasmusvillemoes.dk> Signed-off-by:
-
David S. Miller authored
Signed-off-by: -
David S. Miller authored
Govindarajulu Varadarajan says: ==================== enic updates This series fixes minor bugs and adds new features like Accelerated RFS, busy_poll, tx clean-up in napi_poll. v3: * While doing tx cleanup in napi, ignore budget and clean up all desc possible. v2: * Fix #ifdef coding style issue in '[PATCH 4/8] enic: alloc/free rx_cpu_rmap' And [PATCH 5/8] enic: Add Accelerated RFS support' ==================== Signed-off-by: -
Govindarajulu Varadarajan authored
Till now enic had been doing tx clean in isr. Using napi infrastructure to move the tx clean up out of isr to softirq. Now, wq isr schedules napi poll. In enic_poll_msix_wq we clean up the tx queus. This is applicable only on MSIX. In INTx and MSI we use single napi to clean both rx & tx queues. Signed-off-by:
Govindarajulu Varadarajan <_govind@gmx.com> Signed-off-by:
-
Govindarajulu Varadarajan authored
This patch adds support for low latency busy_poll. * Introduce drivers ndo_busy_poll function enic_busy_poll, which is called by socket waiting for data. * Introduce locking between napi_poll nad busy_poll * enic_busy_poll cleans up all the rx pkts possible. While in busy_poll, rq holds the state ENIC_POLL_STATE_POLL. While in napi_poll, rq holds the state ENIC_POLL_STATE_NAPI. * in napi_poll we return if we are in busy_poll. Incase of INTx & msix, we just service wq and return if busy_poll is going on. Signed-off-by:
-
Tony Camuso authored
We were experiencing occasional "BUG: scheduling while atomic" splats in our testing. Enabling DEBUG_SPINLOCK and DEBUG_LOCKDEP in the kernel exposed a lockdep in the enic driver. enic 0000:0b:00.0 eth2: Link UP ====================================================== [ INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected ] 3.12.0-rc1.x86_64-dbg+ #2 Tainted: GF W ------------------------------------------------------ NetworkManager/4209 [HC0[0]:SC0[2]:HE1:SE0] is trying to acquire: (&(&enic->devcmd_lock)->rlock){+.+...}, at: [<ffffffffa026b7e4>] enic_dev_packet_filter+0x44/0x90 [enic] The fix was to replace spin_lock with spin_lock_bh for the enic devcmd_lock, so that soft irqs would be disabled while the lock is held. Signed-off-by:Sujith Sankar <ssujith@cisco.com> Signed-off-by:
Tony Camuso <tcamuso@redhat.com> Signed-off-by:
-
Govindarajulu Varadarajan authored
This patch adds supports for Accelerated Receive Flow Steering. When the desired rx is different from current rq, for a flow, kernel calls the driver function enic_rx_flow_steer(). enic_rx_flow_steer adds a IP-TCP/UDP hardware filter. Driver registers a timer function enic_flow_may_expire. This function is called every HZ/4 seconds. In this function we check if the added filter has expired by calling rps_may_expire_flow(). If the flow has expired, it removes the hw filter. As of now adaptor supports only IPv4 - TCP/UDP filters. Signed-off-by:
-
Govindarajulu Varadarajan authored
rx_cpu_rmap provides the reverse irq cpu affinity. This patch allocates and sets drivers netdev->rx_cpu_rmap accordingly. rx_cpu_rmap is set in enic_request_intr() which is called by enic_open and rx_cpu_rmap is freed in enic_free_intr() which is called by enic_stop. This is used by Accelerated RFS. Signed-off-by:
-
Govindarajulu Varadarajan authored
This patch adds interface to add and delete IP 5 tuple filter. This interface is used by Accelerated RFS code to steer a flow to corresponding receive queue. As of now adaptor supports only ipv4 + tcp/udp packet steering. Signed-off-by:
-
Govindarajulu Varadarajan authored
Hardware (in readq(&devcmd->args[0])) returns positive number in case of error. But _vnic_dev_cmd should return a negative value in case of error. Signed-off-by:
-
Govindarajulu Varadarajan authored
skb_flow_dissect() dissects only transport header type in ip_proto. It dose not give any information about IPv4 or IPv6. This patch adds new member, n_proto, to struct flow_keys. Which records the IP layer type. i.e IPv4 or IPv6. This can be used in netdev->ndo_rx_flow_steer driver function to dissect flow. Adding new member to flow_keys increases the struct size by around 4 bytes. This causes BUILD_BUG_ON(sizeof(qcb->data) < sz); to fail in qdisc_cb_private_validate() So increase data size by 4 Signed-off-by:
-
David S. Miller authored
Varka Bhadram says: ==================== Driver for TI CC2520 Radio changes since v6: - proper releasing of resources - changed pr_debug() to dev_dbg() - removed unwanted header file - changed is_tx type to bool changes since v5: - added saddr and panc_changed functionality - rework on lqi field - improvements in checkings for reception - modification in debug messages changes since v4: - feature to write into cc2520 RAM - added h/w address filtering changes since v3: - drop the unused varible changes since v2: - drop spi mode dt binding changes since v1: - improvement in gpio setup - changed len pointer to len variable changes for v1: - improvements in the locking mechanism in Tx and SFD ISR - proper checkings for GPIO pins - avoids the memory leak for priv - used devm_* API's - moved the code from header file to .c file - removed cc2520_unregister() ==================== Signed-off-by: -
Varka Bhadram authored
DT bindings for cc2520 radio driver Signed-off-by:
Varka Bhadram <varkab@cdac.in> Signed-off-by:
-
Varka Bhadram authored
Signed-off-by:
-
Varka Bhadram authored
This patch adds the driver support for the cc2520 radio. Driver support: - Tx and Rx of IEEE-802.15.4 packets - Energy Detection on channel - Setting the Channel for the radio. [b/w 11 - 26 channels] - Start and Stop the radio - h/w address filtering Signed-off-by:
-
David S. Miller authored
Anish Bhatt says: ==================== cxgb4 : Add DCBx support to Chelsio cxgb4 driver This patchset adds support for DCBx via dcbnl_ops to the cxgb4 driver. This should enable cxgb4 to work with open-lldp and the like. The last patch only updates copyright year. v2 : move inclusion of struct port_dcb_info to the same patch as where it is defined. ==================== Signed-off-by: -
Anish Bhatt authored
Signed-off-by:
-
Anish Bhatt authored
Signed-off-by:
-
Anish Bhatt authored
cxgb4 : Integrate DCBx support into cxgb4 module. Register dbcnl_ops to give access to DCBx functions Signed-off-by:
-
Anish Bhatt authored
Signed-off-by:
-
Anish Bhatt authored
cxgb4 : Update fw interface file for DCBx support. Adds all the required fields to fw interface to communicate DCBx info Signed-off-by:
-
Manuel Schölling authored
The time comparsion functions require arguments of type unsigned long instead of (signed) long. Signed-off-by:
Manuel Schölling <manuel.schoelling@gmx.de> Signed-off-by:
-
- 21 Jun, 2014 1 commit
-
-
Duan Jiong authored
tcf_ematch is allocated by kzalloc in function tcf_em_tree_validate(), so cm_old is always NULL. Signed-off-by:
-
