- 04 Mar, 2018 22 commits
-
-
Brenda J. Butler authored
Add a command line arg to suppress tap output. Handy in case all the tap output is being supplied by the plugins. Signed-off-by: Brenda J. Butler <bjb@mojatatu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
David Ahern says: ==================== net/ipv6: Add support for path selection using hash of 5-tuple Hardware supports multipath selection using the standard L4 5-tuple instead of just L3 and the flow label. In addition, some network operators prefer IPv6 path selection to use the 5-tuple. To that end, add support to IPv6 for multipath hash policy similar to bf4e0a3d ("net: ipv4: add support for ECMP hash policy choice"). The default is still L3 which covers source and destination addresses along with flow label and IPv6 protocol. This gives users a choice in hash algorithms if they believe L3 only and the IPv6 flow label are not sufficient for their use case. A separate sysctl is added for IPv6, allowing IPv4 and IPv6 to use different algorithms if desired. The first 3 patches modify the IPv4 variant so that at the end of the patch set the ipv4 and ipv6 implementations are direct parallels. Patch 4 refactors the existing rt6_multipath_hash in preparation for adding the policy option. Patch 5 renames the existing netevent to have IPv4 in the name so ipv4 changes can be distinguished from IPv6 if the netevent handler cares. Patch 6 adds the skb as an argument through the FIB lookup functions to the multipath selection. Needed for the forwarding case. Patch 7 adds the L4 hash support. Patch 8 adds the hook for the netevent to the spectrum driver to update the ASIC. Patch 9 removes no longer used code. Patch 10 adds a testcase for IPv6 multipath with L4 hash. v3 - comments from Ido: - removed fib_info arg in patch 1; left by mistake on rebase to net-next - removed __get_hash_from_flowi4 declaration - line wrap change to spectrum_router.c to maintain 80 chars v2 - rebased to top of tree - added refactor of fib_multipath_hash following recent change - plumb skb through lookup functions to multipath selection - fix sysctl setting; was missing the data set in ipv6_sysctl_net_init - added test case RFC to v1: - rebase to top of net-next - fix addr_type in hash_keys and removed flow label as noticed by Ido - added a comment to cover letter about choice in algorithms based on use case per Or's comments ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Add IPv6 multipath test using L4 hashing. Created with inputs from Ido Schimmel. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Tested-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
__get_hash_from_flowi6 is still used for flowlabels, but the IPv4 variant and the wrappers to both are not used. Remove them. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Similar to 28678f07 ("mlxsw: spectrum_router: Update multipath hash parameters upon netevents") for IPv4, make sure the kernel and asic are using the same hash algorithm for path selection. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Tested-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Some operators prefer IPv6 path selection to use a standard 5-tuple hash rather than just an L3 hash with the flow the label. To that end add support to IPv6 for multipath hash policy similar to bf4e0a3d ("net: ipv4: add support for ECMP hash policy choice"). The default is still L3 which covers source and destination addresses along with flow label and IPv6 protocol. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Tested-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
IPv6 does path selection for multipath routes deep in the lookup functions. The next patch adds L4 hash option and needs the skb for the forward path. To get the skb to the relevant FIB lookup functions it needs to go through the fib rules layer, so add a lookup_data argument to the fib_lookup_arg struct. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Rename NETEVENT_MULTIPATH_HASH_UPDATE to NETEVENT_IPV4_MPATH_HASH_UPDATE to denote it relates to a change in the IPv4 hash policy. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Make rt6_multipath_hash more of a direct parallel to fib_multipath_hash and reduce stack and overhead in the process: get_hash_from_flowi6 is just a wrapper around __get_hash_from_flowi6 with another stack allocation for flow_keys. Move setting the addresses, protocol and label into rt6_multipath_hash and allow it to make the call to flow_hash_from_keys. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
As of commit e37b1e97 ("ipv6: route: dissect flow in input path if fib rules need it") fib_multipath_hash takes an optional flow keys. If non-NULL it means the skb has already been dissected. If not set, then fib_multipath_hash needs to call skb_flow_dissect_flow_keys. Simplify the logic by setting flkeys to the local stack variable keys. Simplifies fib_multipath_hash by only have 1 set of instructions setting hash_keys. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
Symmetry is good and allows easy comparison that ipv4 and ipv6 are doing the same thing. To that end, change ip_multipath_l3_keys to set addresses at the end after the icmp compares, and move the initialization of ipv6 flow keys to rt6_multipath_hash. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Ahern authored
fib_multipath_hash only needs net struct to check a sysctl. Make it clear by passing net instead of fib_info. In the end this allows alignment between the ipv4 and ipv6 versions. Signed-off-by: David Ahern <dsahern@gmail.com> Reviewed-by: Ido Schimmel <idosch@mellanox.com> Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Xin Long says: ==================== sctp: clean up sctp_sendmsg This cleanup mostly does three things: - extract some codes into functions to make sendmsg more readable. - tidy up some codes to avoid the unnecessary checks. - adjust some logic so that it will be easier to add the send flags and cmsgs features that I will post after this. To make it easy to review and to check if the code is compatible with before, this patchset is to do it step by step in 9 patches. NOTE: There will be a conflict when merging Commit 2277c7cd ("sctp: Add LSM hooks") from selinux tree, the solution is to: 1. remove all the lines in [B]: <<<<<<< HEAD [A] ======= [B] >>>>>>> 2277c7cd... sctp: Add LSM hooks 2. and apply the following diff-output: diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 980621e..d6803c8 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -1686,6 +1686,7 @@ static int sctp_sendmsg_new_asoc(struct sock *sk, __u16 sflags, struct net *net = sock_net(sk); struct sctp_association *asoc; enum sctp_scope scope; + struct sctp_af *af; int err = -EINVAL; *tp = NULL; @@ -1711,6 +1712,22 @@ static int sctp_sendmsg_new_asoc(struct sock *sk, __u16 sflags, scope = sctp_scope(daddr); + /* Label connection socket for first association 1-to-many + * style for client sequence socket()->sendmsg(). This + * needs to be done before sctp_assoc_add_peer() as that will + * set up the initial packet that needs to account for any + * security ip options (CIPSO/CALIPSO) added to the packet. + */ + af = sctp_get_af_specific(daddr->sa.sa_family); + if (!af) + return -EINVAL; + + err = security_sctp_bind_connect(sk, SCTP_SENDMSG_CONNECT, + (struct sockaddr *)daddr, + af->sockaddr_len); + if (err < 0) + return err; + asoc = sctp_association_new(ep, sk, scope, GFP_KERNEL); if (!asoc) return -ENOMEM; ==================== Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
sctp_sendmsg_new_asoc and SCTP_ADDR_OVER check is only necessary when daddr is set, so move them up to if (daddr) statement. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch mostly is to: - rename sinfo_flags as sflags, to make the indents look better, and also keep consistent with other sctp_sendmsg_xx functions. - replace new_asoc with bool new, no need to define a pointer here, as if new_asoc is set, it must be asoc. - rename the 'out_nounlock:' as 'out', shorter and nicer. - remove associd, only one place is using it now, just use sinfo->sinfo_assoc_id directly. - remove 'cmsgs' initialization in sctp_sendmsg, as it will be done in sctp_sendmsg_parse. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
Now sctp_assoc_lookup_paddr can only be called only if daddr has been set. But if daddr has been set, sctp_endpoint_lookup_assoc would be done, where it could already have the transport. So this unnecessary transport looking up should be removed, but only reset transport as NULL when SCTP_ADDR_OVER is not set for UDP type socket. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for trying to get sinfo from asoc into sctp_sendmsg_update_sinfo. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for parsing msghdr and checking sk into sctp_sendmsg_parse. Note that different from before, 'sinfo' in sctp_sendmsg won't be NULL any more. It gets the value either from cmsgs->srinfo, cmsgs->sinfo or asoc. With it, the 'sinfo' and 'fill_sinfo_ttl' check can be removed from sctp_sendmsg. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for trying to get daddr from msg->msg_name into sctp_sendmsg_get_daddr. Note that after adding 'daddr', 'to' and 'msg_name' can be deleted. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for checking sinfo_flags on one asoc after this asoc has been found into sctp_sendmsg_check_sflags. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for creating a new asoc if no asoc was found into sctp_sendmsg_new_asoc. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Xin Long authored
This patch is to move the codes for checking and sending on one asoc after this asoc has been found or created into sctp_sendmsg_to_asoc. Note that 'err != -ESRCH' check is for the case that asoc is freed when waiting for tx buffer in sctp_sendmsg_to_asoc. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 03 Mar, 2018 1 commit
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-nextDavid S. Miller authored
Daniel Borkmann says: ==================== pull-request: bpf-next 2018-03-03 The following pull-request contains BPF updates for your *net-next* tree. The main changes are: 1) Extend bpftool to build up CFG information of eBPF programs and add an option to dump this in DOT format such that this can later be used with DOT graphic tools (xdot, graphviz, etc) to visualize it. Part of the analysis performed is sub-program detection and basic-block partitioning, from Jiong. 2) Multiple enhancements for bpftool's batch mode, more specifically the parser now understands comments (#), continuation lines (\), and arguments enclosed between quotes. Also, allow to read from stdin via '-' as input file, all from Quentin. 3) Improve BPF kselftests by i) unifying the rlimit handling into a helper that is then used by all tests, and ii) add support for testing tail calls to test_verifier plus add tests covering all corner cases. The latter is especially useful for testing JITs, from Daniel. 4) Remove x64 JIT's bpf_flush_icache() since flush_icache_range() is a noop on x64, from Daniel. 5) Fix one more occasion in BPF samples where we do not detach the BPF program from the cgroup after completion, from Prashant. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 02 Mar, 2018 17 commits
-
-
Colin Ian King authored
Use the ARRAY_SIZE macro on a couple of arrays to determine size of the arrays. Also fix up alignment to clean up a checkpatch warning. Improvement suggested by Coccinelle. Signed-off-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ganesh Goudar authored
Add TP Congestion Map entry for single-port T6 cards. Signed-off-by: Casey Leedom <leedom@chelsio.com> Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Merge tag 'mac80211-next-for-davem-2018-03-02' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next Johannes Berg says: ==================== Only a few new things: * hwsim net namespace stuff from Kirill Tkhai * A-MSDU support in fast-RX * 4-addr mode support in fast-RX * support for a spec quirk in Add-BA negotiation ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ganesh Goudar authored
Error code is already returned earlier if filter exists at specified location. So, remove dead code trying to free existing filter. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Ganesh Goudar <ganeshgr@chelsio.com> Signed-off-by: Rahul Lakkireddy <rahul.lakkireddy@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kirill Tkhai authored
These pernet_operations allocate and destroy IDA identifier, and these actions are synchronized by IDA subsystem locks. Exit method removes mac80211_hwsim_data enteries from the lists, and this is synchronized by hwsim_radio_lock with the rest parallel pernet_operations. Also it queues destroy_radio() work, and these work already may be executed in parallel with any pernet_operations (as it's a work :). So, we may mark these pernet_operations as async. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-
Kirill Tkhai authored
hwsim_netgroup counter is declarated as int, and it is incremented every time a new net is created. After sizeof(int) net are created, it will overflow, and different net namespaces will have the same identifier. This patch fixes the problem by introducing IDA instead of int counter. IDA guarantees, all the net namespaces have the uniq identifier. Note, that after we do ida_simple_remove() in hwsim_exit_net(), and we destroy the ID, later there may be executed destroy_radio() from the workqueue. But destroy_radio() does not use the ID, so it's OK. Out of bounds of this patch, just as a report to wireless subsystem maintainer, destroy_radio() increaments hwsim_radios_generation without hwsim_radio_lock, so this may need one more patch to fix. Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-
Daniel Borkmann authored
Quentin Monnet says: ==================== Several enhancements for bpftool batch mode are introduced in this series. More specifically, input files for batch mode gain support for: * comments (starting with '#'), * continuation lines (after a line ending with '\'), * arguments enclosed between quotes. Also, make bpftool able to read from standard input when "-" is provided as input file name. ==================== Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Improve argument parsing from batch input files in order to support arguments enclosed between single (') or double quotes ("). For example, this command can now be parsed in batch mode: bpftool prog dump xlated id 1337 file "/tmp/my file with spaces" The function responsible for parsing command arguments is copied from its counterpart in lib/utils.c in iproute2 package. Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Make bpftool read its command list from standard input when the name if the input file is a single dash. Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Add support for continuation lines, such as in the following example: prog show prog dump xlated \ id 1337 opcodes This patch is based after the code for support for continuation lines from file lib/utils.c from package iproute2. "Lines" in error messages are renamed as "commands", as we count the number of commands (but we ignore empty lines, comments, and do not add continuation lines to the count). Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
Quentin Monnet authored
Replace '#' by '\0' in commands read from batch files in order to avoid processing the remaining part of the line, thus allowing users to use comments in the files. Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-
David S. Miller authored
Eric Dumazet says: ==================== tcp_bbr: more GSO work Playing with r8152 USB 1Gbit NIC, on both USB2 and USB3 slots, I found that BBR was performing poorly, because of TSO being limited to 16KB This patch series makes sure BBR is not under estimating number of packets that are needed to fill the pipe when a device has suboptimal TSO limits. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
Its value is computed then immediately used, there is no need to store it. Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
This is second part of dealing with suboptimal device gso parameters. In first patch (350c9f48 "tcp_bbr: better deal with suboptimal GSO") we dealt with devices having low gso_max_segs Some devices lower gso_max_size from 64KB to 16 KB (r8152 is an example) In order to probe an optimal cwnd, we want BBR being not sensitive to whatever GSO constraint a device can have. This patch removes tso_segs_goal() CC callback in favor of min_tso_segs() for CC wanting to override sysctl_tcp_min_tso_segs Next patch will remove bbr->tso_segs_goal since it does not have to be persistent. Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexei Starovoitov authored
Jakub Kicinski says: ==================== Jiong says: This patch set is an application of CFG information on eBPF program visualization. It presents some initial code for building CFG information from eBPF instruction sequences. After we get eBPF program bytecode, we do sub-program detection and basic-block partition. These information then are visualized into DOT graph. The user could use any DOT graphic tools (xdot, graphviz etc) to view it. For example: bpftool prog dump xlated id 2 visual &>output.dot [xdot | dotty] output.dot dot -Tpng -o output.png This initial patch set hasn't tuned much on the dot description layout nor decoration, we could improve them later once the direction of the patch set is agreed on. We could also visualize some static analysis performance data. v2 (Jakub): - update license headers and add SPDX tags. ==================== Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Quentin Monnet authored
Add bash completion for the "visual" keyword used for dumping the CFG of eBPF programs with bpftool. Make sure we only complete with this keyword when we dump "xlated" (and not "jited") instructions. Acked-by: Jiong Wang <jiong.wang@netronome.com> Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-
Jiong Wang authored
This patch adds new command-line option for visualizing the xlated eBPF sequence. Documentations are updated accordingly. Usage: bpftool prog dump xlated id 2 visual Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com> Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-