1. 30 Oct, 2014 14 commits
  2. 29 Oct, 2014 6 commits
  3. 28 Oct, 2014 14 commits
  4. 27 Oct, 2014 6 commits
    • Alexei Starovoitov's avatar
      bpf: split eBPF out of NET · f89b7755
      Alexei Starovoitov authored
      introduce two configs:
      - hidden CONFIG_BPF to select eBPF interpreter that classic socket filters
        depend on
      - visible CONFIG_BPF_SYSCALL (default off) that tracing and sockets can use
      
      that solves several problems:
      - tracing and others that wish to use eBPF don't need to depend on NET.
        They can use BPF_SYSCALL to allow loading from userspace or select BPF
        to use it directly from kernel in NET-less configs.
      - in 3.18 programs cannot be attached to events yet, so don't force it on
      - when the rest of eBPF infra is there in 3.19+, it's still useful to
        switch it off to minimize kernel size
      
      bloat-o-meter on x64 shows:
      add/remove: 0/60 grow/shrink: 0/2 up/down: 0/-15601 (-15601)
      
      tested with many different config combinations. Hopefully didn't miss anything.
      Signed-off-by: default avatarAlexei Starovoitov <ast@plumgrid.com>
      Acked-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f89b7755
    • David S. Miller's avatar
      Merge branch 'cxgb4-net' · 8ae3c911
      David S. Miller authored
      Anish Bhatt says:
      
      ====================
      cxgb4 : DCBx fixes for apps/host lldp agents
      
      This patchset  contains some minor fixes for cxgb4 DCBx code. Chiefly, cxgb4
      was not cleaning up any apps added to kernel app table when link was lost.
      Disabling DCBx in firmware would automatically set DCBx state to host-managed
      and enabled, we now wait for an explicit enable call from an lldp agent instead
      
      First patch was originally sent to net-next, but considering it applies to
      correcting behaviour of code already in net, I think it qualifies as a bug fix.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8ae3c911
    • Anish Bhatt's avatar
      cxgb4 : Handle dcb enable correctly · 3bb06261
      Anish Bhatt authored
      Disabling DCBx in firmware automatically enables DCBx for control via host
      lldp agents. Wait for an explicit setstate call from an lldp agents to enable
       DCBx instead.
      
      Fixes: 76bcb31e ("cxgb4 : Add DCBx support codebase and dcbnl_ops")
      Signed-off-by: default avatarAnish Bhatt <anish@chelsio.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3bb06261
    • Anish Bhatt's avatar
      cxgb4 : Improve handling of DCB negotiation or loss thereof · 2376c879
      Anish Bhatt authored
      Clear out any DCB apps we might have added to kernel table when we lose DCB
      sync (or IEEE equivalent event). These were previously left behind and not
      cleaned up correctly. IEEE allows individual components to work independently,
       so improve check for IEEE completion by specifying individual components.
      
      Fixes: 10b00466 ("cxgb4: IEEE fixes for DCBx state machine")
      Signed-off-by: default avatarAnish Bhatt <anish@chelsio.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2376c879
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · 5d26b1f5
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter fixes for net
      
      The following patchset contains Netfilter fixes for your net tree,
      they are:
      
      1) Allow to recycle a TCP port in conntrack when the change role from
         server to client, from Marcelo Leitner.
      
      2) Fix possible off by one access in ip_set_nfnl_get_byindex(), patch
         from Dan Carpenter.
      
      3) alloc_percpu returns NULL on error, no need for IS_ERR() in nf_tables
         chain statistic updates. From Sabrina Dubroca.
      
      4) Don't compile ip options in bridge netfilter, this mangles the packet
         and bridge should not alter layer >= 3 headers when forwarding packets.
         Patch from Herbert Xu and tested by Florian Westphal.
      
      5) Account the final NLMSG_DONE message when calculating the size of the
         nflog netlink batches. Patch from Florian Westphal.
      
      6) Fix a possible netlink attribute length overflow with large packets.
         Again from Florian Westphal.
      
      7) Release the skbuff if nfnetlink_log fails to put the final
         NLMSG_DONE message. This fixes a leak on error. This shouldn't ever
         happen though, otherwise this means we miscalculate the netlink batch
         size, so spot a warning if this ever happens so we can track down the
         problem. This patch from Houcheng Lin.
      
      8) Look at the right list when recycling targets in the nft_compat,
         patch from Arturo Borrero.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5d26b1f5
    • Arturo Borrero's avatar
      netfilter: nft_compat: fix wrong target lookup in nft_target_select_ops() · 7965ee93
      Arturo Borrero authored
      The code looks for an already loaded target, and the correct list to search
      is nft_target_list, not nft_match_list.
      Signed-off-by: default avatarArturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      7965ee93