- 14 Jul, 2020 39 commits
-
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Wei Yongjun authored
The sparse tool complains as follows: net/core/dev.c:5594:1: warning: symbol '__pcpu_scope_flush_works' was not declared. Should it be static? 'flush_works' is not used outside of dev.c, so marks it static. Fixes: 41852497 ("net: batch calls to flush_all_backlogs()") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Petr Machata says: ==================== mlxsw: Add support for buffer drops mirroring This set offloads the recently introduced qevent infrastructure in TC and allows mlxsw to support mirroring of packets that were dropped due to buffer related reasons (e.g., early drops) during forwarding. Up until now mlxsw only supported mirroring that was either triggered by per-port triggers (i.e., via matchall) or by the policy engine (i.e., via flower). Packets that are dropped due to buffer related reasons are mirrored using a third type of trigger, a global trigger. Global triggers are bound once to a mirroring (SPAN) agent and enabled on a per-{port, TC} basis. This allows users, for example, to request that only packets that were early dropped on a specific netdev to be mirrored. Patch set overview: Patch #1 extends flow_block_offload and indirect offload structure to pass a scheduler instead of a netdevice. That is necessary, because binding type and netdevice are not a unique identifier of the block anymore. Patches #2-#3 add the required registers to support above mentioned functionality. Patches #4-#6 gradually add support for global mirroring triggers. Patch #7 adds support for enablement of global mirroring triggers. Patches #8-#11 are cleanups in the flow offload code and shuffle some code around to make the qevent offload easier. Patch #12 implements offload of RED early_drop qevent. Patch #13 extends the RED selftest for offloaded datapath to cover early_drop qevent. v2: - Patch #1: - In struct flow_block_indr, track both sch and dev. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
Add a selftest for offloading a mirror action attached to the block associated with RED early_drop qevent. Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
The RED qevents early_drop and mark can be offloaded under the following fairly strict conditions: - At most one filter is configured at the qevent block - The protocol is "any" - The classifier is matchall - The action is trap, sample, or mirror with the same conditions as with other SPAN offloads - The hw_counters type is none In this patchset, implement offload of mirror for early_drop qevent. The ECN trigger is currently not implemented in the FW and therefore the mark qevent is not supported. The qevent notifications look exactly like regular block binding notifications with a binder type that identifies them as qevents. Therefore the details of processing this binding are fairly similar to the matchall offload. struct flow_block_offload.sch points at the qdisc in question. Use it to figure out if the qdisc is offloaded at all and what TC it configures. Bounce bindings on not-offloaded qdiscs. Individual bindings are kept in a list so that several qevents can share the same block and all binding points get configured as the configured filters change. Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
Two RED qevents have been introduced recently. From the point of view of a driver, qevents are simply blocks with unusual binder types. However they need to be handled by different logic than ACL-like flows. Thus rename mlxsw_sp_setup_tc_block() to mlxsw_sp_setup_tc_block_clsact() and move the binder-type dispatch from there to spectrum.c into a new function of the original name. The new dispatcher is easier to extend with new binder types. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
A following patch introduces offloading of filters attached to blocks bound to the RED tail_drop qevent. The only classifier that mlxsw will permit in this role is matchall. mlxsw currently offloads matchall filters used with clsact qdisc. The data structures used for that offload will come handy for the qevent offload as well. Publish them in spectrum.h. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
The field "dev" in struct mlxsw_sp_flow_block_binding is not used. Drop it. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
No clean-up is performed at the target label of this goto. Convert it to a direct return. Signed-off-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ido Schimmel authored
While the binding of global mirroring triggers to a SPAN agent is global, packets are only mirrored if they belong to a port and TC on which the trigger was enabled. This allows, for example, to mirror packets that were tail-dropped on a specific netdev. Implement the operations that allow to enable / disable a global mirroring trigger on a specific port and TC. Signed-off-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ido Schimmel authored
Global mirroring triggers are triggers that are only keyed by their trigger, as opposed to per-port triggers, which are keyed by their trigger and port. Such triggers allow mirroring packets that were tail/early dropped or ECN marked to a SPAN agent. Implement the previously added trigger operations for these global triggers. Since such triggers are only supported from Spectrum-2 onwards, have the Spectrum-1 operations return an error. Signed-off-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ido Schimmel authored
Currently, a SPAN agent can only be bound to a per-port trigger where the trigger is either an incoming packet (INGRESS) or an outgoing packet (EGRESS) to / from the port. The subsequent patch will introduce the concept of global mirroring triggers. The binding / unbinding of global triggers is different than that of per-port triggers. Such triggers also need to be enabled / disabled on a per-{port, TC} basis and are only supported from Spectrum-2 onwards. Add trigger operations that allow us to abstract these differences. Only implement the operations for per-port triggers. Next patch will implement the operations for global triggers. Signed-off-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ido Schimmel authored
The per-ASIC SPAN operations are relevant to the SPAN module and therefore should be implemented there and not in the main driver file. Move them. These operations will be extended later on. Signed-off-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Amit Cohen authored
This register is used for global port analyzer configurations. Signed-off-by: Amit Cohen <amitc@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Amit Cohen authored
This register is used to configure the mirror enable for different mirror reasons. Signed-off-by: Amit Cohen <amitc@mellanox.com> Reviewed-by: Jiri Pirko <jiri@mellanox.com> Reviewed-by: Petr Machata <petrm@mellanox.com> Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Petr Machata authored
Previously, shared blocks were only relevant for the pseudo-qdiscs ingress and clsact. Recently, a qevent facility was introduced, which allows to bind blocks to well-defined slots of a qdisc instance. RED in particular got two qevents: early_drop and mark. Drivers that wish to offload these blocks will be sent the usual notification, and need to know which qdisc it is related to. To that end, extend flow_block_offload with a "sch" pointer, and initialize as appropriate. This prompts changes in the indirect block facility, which now tracks the scheduler in addition to the netdevice. Update signatures of several functions similarly. Signed-off-by: Petr Machata <petrm@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Andrew Lunn says: ==================== net simple kerneldoc fixes This is a collection of simple kerneldoc fixes. They are all low hanging fruit, were not real understanding of the code was needed. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Andrew Hendry <andrew.hendry@gmail.com> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Jon Maloy <jmaloy@redhat.com> Cc: Ying Xue <ying.xue@windriver.com> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Acked-by: Jon Maloy <jmaloy@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Fix the warning "Function parameter or member 'inode' not described in '__sock_release'' due to the kerneldoc being placed before __sock_release() not sock_release(), which does not take an inode parameter. Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Jamal Hadi Salim <jhs@mojatatu.com> Cc: Cong Wang <xiyou.wangcong@gmail.com> Cc: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Paul Moore <paul@paul-moore.com> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Acked-by: Paul Moore <paul@paul-moore.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Pablo Neira Ayuso <pablo@netfilter.org> Cc: Jozsef Kadlecsik <kadlec@netfilter.org> Cc: Florian Westphal <fw@strlen.de> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Paul Moore <paul@paul-moore.com> Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Acked-by: Paul Moore <paul@paul-moore.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Oliver Hartkopp <socketcan@hartkopp.net> Cc: Marc Kleine-Budde <mkl@pengutronix.de> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Andrew Lunn authored
Simple fixes which require no deep knowledge of the code. Cc: Eric Van Hensbergen <ericvh@gmail.com> Cc: Latchesar Ionkov <lucho@ionkov.net> Cc: Dominique Martinet <asmadeus@codewreck.org> Signed-off-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alex Elder authored
This commit affects comments (and in one case, whitespace) only. Throughout the IPA code, return statements are documented using "@Return:", whereas they should use "Return:" instead. Fix these mistakes. In function definitions, some parameters are missing their comment to describe them. And in structure definitions, some fields are missing their comment to describe them. Add these missing descriptions. Some arguments changed name and type along the way, but their descriptions were not updated (an endpoint pointer is now used in many places that previously used an endpoint ID). Fix these incorrect parameter descriptions. In the description for the ipa_clock structure, one field had a semicolon instead of a colon in its description. Fix this. Add a missing function description for ipa_gsi_endpoint_data_empty(). All of these issues were identified when building with "W=1". Signed-off-by: Alex Elder <elder@linaro.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 13 Jul, 2020 1 commit
-
-
Alexander A. Klimov authored
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-