openwrt/staging/blogic.git
9 years agoMerge branch 'master' of git://blackhole.kfki.hu/nf-next
Pablo Neira Ayuso [Mon, 15 Jun 2015 16:31:22 +0000 (18:31 +0200)]
Merge branch 'master' of git://blackhole.kfki.hu/nf-next

Jozsef Kadlecsik says:

====================
ipset patches for nf-next

Please consider to apply the next bunch of patches for ipset. First
comes the small changes, then the bugfixes and at the end the RCU
related patches.

* Use MSEC_PER_SEC consistently instead of the number.
* Use SET_WITH_*() helpers to test set extensions from Sergey Popovich.
* Check extensions attributes before getting extensions from Sergey Popovich.
* Permit CIDR equal to the host address CIDR in IPv6 from Sergey Popovich.
* Make sure we always return line number on batch in the case of error
  from Sergey Popovich.
* Check CIDR value only when attribute is given from Sergey Popovich.
* Fix cidr handling for hash:*net* types, reported by Jonathan Johnson.
* Fix parallel resizing and listing of the same set so that the original
  set is kept for the whole dumping.
* Make sure listing doesn't grab a set which is just being destroyed.
* Remove rbtree from ip_set_hash_netiface.c in order to introduce RCU.
* Replace rwlock_t with spinlock_t in "struct ip_set", change the locking
  in the core and simplifications in the timeout routines.
* Introduce RCU locking in bitmap:* types with a slight modification in the
  logic on how an element is added.
* Introduce RCU locking in hash:* types. This is the most complex part of
  the changes.
* Introduce RCU locking in list type where standard rculist is used.
* Fix coding styles reported by checkpatch.pl.
====================

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: Kconfig: get rid of parens around depends on
Pablo Neira Ayuso [Fri, 12 Jun 2015 11:58:52 +0000 (13:58 +0200)]
netfilter: Kconfig: get rid of parens around depends on

According to the reporter, they are not needed.

Reported-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: ipset: Fix coding styles reported by checkpatch.pl
Jozsef Kadlecsik [Sat, 13 Jun 2015 17:45:33 +0000 (19:45 +0200)]
netfilter: ipset: Fix coding styles reported by checkpatch.pl

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Introduce RCU locking in list type
Jozsef Kadlecsik [Sat, 13 Jun 2015 14:56:02 +0000 (16:56 +0200)]
netfilter: ipset: Introduce RCU locking in list type

Standard rculist is used.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Introduce RCU locking in hash:* types
Jozsef Kadlecsik [Sat, 13 Jun 2015 15:29:56 +0000 (17:29 +0200)]
netfilter: ipset: Introduce RCU locking in hash:* types

Three types of data need to be protected in the case of the hash types:

a. The hash buckets: standard rcu pointer operations are used.
b. The element blobs in the hash buckets are stored in an array and
   a bitmap is used for book-keeping to tell which elements in the array
   are used or free.
c. Networks per cidr values and the cidr values themselves are stored
   in fix sized arrays and need no protection. The values are modified
   in such an order that in the worst case an element testing is repeated
   once with the same cidr value.

The ipset hash approach uses arrays instead of lists and therefore is
incompatible with rhashtable.

Performance is tested by Jesper Dangaard Brouer:

Simple drop in FORWARD
~~~~~~~~~~~~~~~~~~~~~~

Dropping via simple iptables net-mask match::

 iptables -t raw -N simple || iptables -t raw -F simple
 iptables -t raw -I simple  -s 198.18.0.0/15 -j DROP
 iptables -t raw -D PREROUTING -j simple
 iptables -t raw -I PREROUTING -j simple

Drop performance in "raw": 11.3Mpps

Generator: sending 12.2Mpps (tx:12264083 pps)

Drop via original ipset in RAW table
~~~~~~~~~~~~~~~~~~~~~~~~~~~

Create a set with lots of elements::

 sudo ./ipset destroy test
 echo "create test hash:ip hashsize 65536" > test.set
 for x in `seq 0 255`; do
    for y in `seq 0 255`; do
        echo "add test 198.18.$x.$y" >> test.set
    done
 done
 sudo ./ipset restore < test.set

Dropping via ipset::

 iptables -t raw -F
 iptables -t raw -N net198 || iptables -t raw -F net198
 iptables -t raw -I net198 -m set --match-set test src -j DROP
 iptables -t raw -I PREROUTING -j net198

Drop performance in "raw" with ipset: 8Mpps

Perf report numbers ipset drop in "raw"::

 +   24.65%  ksoftirqd/1  [ip_set]           [k] ip_set_test
 -   21.42%  ksoftirqd/1  [kernel.kallsyms]  [k] _raw_read_lock_bh
    - _raw_read_lock_bh
       + 99.88% ip_set_test
 -   19.42%  ksoftirqd/1  [kernel.kallsyms]  [k] _raw_read_unlock_bh
    - _raw_read_unlock_bh
       + 99.72% ip_set_test
 +    4.31%  ksoftirqd/1  [ip_set_hash_ip]   [k] hash_ip4_kadt
 +    2.27%  ksoftirqd/1  [ixgbe]            [k] ixgbe_fetch_rx_buffer
 +    2.18%  ksoftirqd/1  [ip_tables]        [k] ipt_do_table
 +    1.81%  ksoftirqd/1  [ip_set_hash_ip]   [k] hash_ip4_test
 +    1.61%  ksoftirqd/1  [kernel.kallsyms]  [k] __netif_receive_skb_core
 +    1.44%  ksoftirqd/1  [kernel.kallsyms]  [k] build_skb
 +    1.42%  ksoftirqd/1  [kernel.kallsyms]  [k] ip_rcv
 +    1.36%  ksoftirqd/1  [kernel.kallsyms]  [k] __local_bh_enable_ip
 +    1.16%  ksoftirqd/1  [kernel.kallsyms]  [k] dev_gro_receive
 +    1.09%  ksoftirqd/1  [kernel.kallsyms]  [k] __rcu_read_unlock
 +    0.96%  ksoftirqd/1  [ixgbe]            [k] ixgbe_clean_rx_irq
 +    0.95%  ksoftirqd/1  [kernel.kallsyms]  [k] __netdev_alloc_frag
 +    0.88%  ksoftirqd/1  [kernel.kallsyms]  [k] kmem_cache_alloc
 +    0.87%  ksoftirqd/1  [xt_set]           [k] set_match_v3
 +    0.85%  ksoftirqd/1  [kernel.kallsyms]  [k] inet_gro_receive
 +    0.83%  ksoftirqd/1  [kernel.kallsyms]  [k] nf_iterate
 +    0.76%  ksoftirqd/1  [kernel.kallsyms]  [k] put_compound_page
 +    0.75%  ksoftirqd/1  [kernel.kallsyms]  [k] __rcu_read_lock

Drop via ipset in RAW table with RCU-locking
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

With RCU locking, the RW-lock is gone.

Drop performance in "raw" with ipset with RCU-locking: 11.3Mpps

Performance-tested-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Introduce RCU locking in bitmap:* types
Jozsef Kadlecsik [Sat, 13 Jun 2015 12:39:59 +0000 (14:39 +0200)]
netfilter: ipset: Introduce RCU locking in bitmap:* types

There's nothing much required because the bitmap types use atomic
bit operations. However the logic of adding elements slightly changed:
first the MAC address updated (which is not atomic), then the element
activated (added). The extensions may call kfree_rcu() therefore we
call rcu_barrier() at module removal.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Prepare the ipset core to use RCU at set level
Jozsef Kadlecsik [Sat, 13 Jun 2015 12:22:25 +0000 (14:22 +0200)]
netfilter: ipset: Prepare the ipset core to use RCU at set level

Replace rwlock_t with spinlock_t in "struct ip_set" and change the locking
accordingly. Convert the comment extension into an rcu-avare object. Also,
simplify the timeout routines.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter:ipset Remove rbtree from hash:net,iface
Jozsef Kadlecsik [Sat, 13 Jun 2015 12:02:51 +0000 (14:02 +0200)]
netfilter:ipset Remove rbtree from hash:net,iface

Remove rbtree in order to introduce RCU instead of rwlock in ipset

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Make sure listing doesn't grab a set which is just being destroyed.
Jozsef Kadlecsik [Sat, 13 Jun 2015 11:39:38 +0000 (13:39 +0200)]
netfilter: ipset: Make sure listing doesn't grab a set which is just being destroyed.

There was a small window when all sets are destroyed and a concurrent
listing of all sets could grab a set which is just being destroyed.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Fix parallel resizing and listing of the same set
Jozsef Kadlecsik [Sat, 13 Jun 2015 09:59:45 +0000 (11:59 +0200)]
netfilter: ipset: Fix parallel resizing and listing of the same set

When elements added to a hash:* type of set and resizing triggered,
parallel listing could start to list the original set (before resizing)
and "continue" with listing the new set. Fix it by references and
using the original hash table for listing. Therefore the destroying of
the original hash table may happen from the resizing or listing functions.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Fix cidr handling for hash:*net* types
Jozsef Kadlecsik [Fri, 12 Jun 2015 20:11:00 +0000 (22:11 +0200)]
netfilter: ipset: Fix cidr handling for hash:*net* types

Commit "Simplify cidr handling for hash:*net* types" broke the cidr
handling for the hash:*net* types when the sets were used by the SET
target: entries with invalid cidr values were added to the sets.
Reported by Jonathan Johnson.

Testsuite entry is added to verify the fix.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Check CIDR value only when attribute is given
Sergey Popovich [Fri, 12 Jun 2015 19:30:57 +0000 (21:30 +0200)]
netfilter: ipset: Check CIDR value only when attribute is given

There is no reason to check CIDR value regardless attribute
specifying CIDR is given.

Initialize cidr array in element structure on element structure
declaration to let more freedom to the compiler to optimize
initialization right before element structure is used.

Remove local variables cidr and cidr2 for netnet and netportnet
hashes as we do not use packed cidr value for such set types and
can store value directly in e.cidr[].

Signed-off-by: Sergey Popovich <popovich_sergei@mail.ua>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Make sure we always return line number on batch
Sergey Popovich [Fri, 12 Jun 2015 19:26:43 +0000 (21:26 +0200)]
netfilter: ipset: Make sure we always return line number on batch

Even if we return with generic IPSET_ERR_PROTOCOL it is good idea
to return line number if we called in batch mode.

Moreover we are not always exiting with IPSET_ERR_PROTOCOL. For
example hash:ip,port,net may return IPSET_ERR_HASH_RANGE_UNSUPPORTED
or IPSET_ERR_INVALID_CIDR.

Signed-off-by: Sergey Popovich <popovich_sergei@mail.ua>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Permit CIDR equal to the host address CIDR in IPv6
Sergey Popovich [Fri, 12 Jun 2015 19:23:31 +0000 (21:23 +0200)]
netfilter: ipset: Permit CIDR equal to the host address CIDR in IPv6

Permit userspace to supply CIDR length equal to the host address CIDR
length in netlink message. Prohibit any other CIDR length for IPv6
variant of the set.

Also return -IPSET_ERR_HASH_RANGE_UNSUPPORTED instead of generic
-IPSET_ERR_PROTOCOL in IPv6 variant of hash:ip,port,net when
IPSET_ATTR_IP_TO attribute is given.

Signed-off-by: Sergey Popovich <popovich_sergei@mail.ua>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Check extensions attributes before getting extensions.
Sergey Popovich [Fri, 12 Jun 2015 19:14:09 +0000 (21:14 +0200)]
netfilter: ipset: Check extensions attributes before getting extensions.

Make all extensions attributes checks within ip_set_get_extensions()
and reduce number of duplicated code.

Signed-off-by: Sergey Popovich <popovich_sergei@mail.ua>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Use SET_WITH_*() helpers to test set extensions
Sergey Popovich [Fri, 12 Jun 2015 19:11:54 +0000 (21:11 +0200)]
netfilter: ipset: Use SET_WITH_*() helpers to test set extensions

Signed-off-by: Sergey Popovich <popovich_sergei@mail.ua>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: ipset: Use MSEC_PER_SEC consistently
Jozsef Kadlecsik [Fri, 12 Jun 2015 19:07:54 +0000 (21:07 +0200)]
netfilter: ipset: Use MSEC_PER_SEC consistently

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
9 years agonetfilter: xtables: avoid percpu ruleset duplication
Florian Westphal [Wed, 10 Jun 2015 23:34:55 +0000 (01:34 +0200)]
netfilter: xtables: avoid percpu ruleset duplication

We store the rule blob per (possible) cpu.  Unfortunately this means we can
waste lot of memory on big smp machines. ipt_entry structure ('rule head')
is 112 byte, so e.g. with maxcpu=64 one single rule eats
close to 8k RAM.

Since previous patch made counters percpu it appears there is nothing
left in the rule blob that needs to be percpu.

On my test system (144 possible cpus, 400k dummy rules) this
change saves close to 9 Gigabyte of RAM.

Reported-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: xtables: use percpu rule counters
Florian Westphal [Wed, 10 Jun 2015 23:34:54 +0000 (01:34 +0200)]
netfilter: xtables: use percpu rule counters

The binary arp/ip/ip6tables ruleset is stored per cpu.

The only reason left as to why we need percpu duplication are the rule
counters embedded into ipt_entry et al -- since each cpu has its own copy
of the rules, all counters can be lockless.

The downside is that the more cpus are supported, the more memory is
required.  Rules are not just duplicated per online cpu but for each
possible cpu, i.e. if maxcpu is 144, then rule is duplicated 144 times,
not for the e.g. 64 cores present.

To save some memory and also improve utilization of shared caches it
would be preferable to only store the rule blob once.

So we first need to separate counters and the rule blob.

Instead of using entry->counters, allocate this percpu and store the
percpu address in entry->counters.pcnt on CONFIG_SMP.

This change makes no sense as-is; it is merely an intermediate step to
remove the percpu duplication of the rule set in a followup patch.

Suggested-by: Eric Dumazet <edumazet@google.com>
Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
Reported-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: restore vlan tag when refragmenting
Florian Westphal [Fri, 5 Jun 2015 11:27:13 +0000 (13:27 +0200)]
netfilter: bridge: restore vlan tag when refragmenting

If bridge netfilter is used with both
bridge-nf-call-iptables and bridge-nf-filter-vlan-tagged enabled
then ip fragments in VLAN frames are sent without the vlan header.

This has never worked reliably.  Turns out this relied on pre-3.5
behaviour where skb frag_list was used to store ip fragments;
ip_fragment() then re-used these skbs.

But since commit 3cc4949269e01f39443d0fcfffb5bc6b47878d45
("ipv4: use skb coalescing in defragmentation") this is no longer
the case.  ip_do_fragment now needs to allocate new skbs, but these
don't contain the vlan tag information anymore.

Fix it by storing vlan information of the ressembled skb in the
br netfilter percpu frag area, and restore them for each of the
fragments.

Fixes: 3cc4949269e01f3 ("ipv4: use skb coalescing in defragmentation")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonet: ip_fragment: remove BRIDGE_NETFILTER mtu special handling
Florian Westphal [Fri, 5 Jun 2015 11:28:38 +0000 (13:28 +0200)]
net: ip_fragment: remove BRIDGE_NETFILTER mtu special handling

since commit d6b915e29f4adea9
("ip_fragment: don't forward defragmented DF packet") the largest
fragment size is available in the IPCB.

Therefore we no longer need to care about 'encapsulation'
overhead of stripped PPPOE/VLAN headers since ip_do_fragment
doesn't use device mtu in such cases.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: forward IPv6 fragmented packets
Bernhard Thaler [Sat, 30 May 2015 13:30:16 +0000 (15:30 +0200)]
netfilter: bridge: forward IPv6 fragmented packets

IPv6 fragmented packets are not forwarded on an ethernet bridge
with netfilter ip6_tables loaded. e.g. steps to reproduce

1) create a simple bridge like this

        modprobe br_netfilter
        brctl addbr br0
        brctl addif br0 eth0
        brctl addif br0 eth2
        ifconfig eth0 up
        ifconfig eth2 up
        ifconfig br0 up

2) place a host with an IPv6 address on each side of the bridge

        set IPv6 address on host A:
        ip -6 addr add fd01:2345:6789:1::1/64 dev eth0

        set IPv6 address on host B:
        ip -6 addr add fd01:2345:6789:1::2/64 dev eth0

3) run a simple ping command on host A with packets > MTU

        ping6 -s 4000 fd01:2345:6789:1::2

4) wait some time and run e.g. "ip6tables -t nat -nvL" on the bridge

IPv6 fragmented packets traverse the bridge cleanly until somebody runs.
"ip6tables -t nat -nvL". As soon as it is run (and netfilter modules are
loaded) IPv6 fragmented packets do not traverse the bridge any more (you
see no more responses in ping's output).

After applying this patch IPv6 fragmented packets traverse the bridge
cleanly in above scenario.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
[pablo@netfilter.org: small changes to br_nf_dev_queue_xmit]
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: re-order check_hbh_len()
Bernhard Thaler [Sat, 30 May 2015 13:29:38 +0000 (15:29 +0200)]
netfilter: bridge: re-order check_hbh_len()

Prepare check_hbh_len() to be called from newly introduced
br_validate_ipv6() in next commit.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: rename br_parse_ip_options
Bernhard Thaler [Sat, 30 May 2015 13:29:02 +0000 (15:29 +0200)]
netfilter: bridge: rename br_parse_ip_options

br_parse_ip_options() does not parse any IP options, it validates IP
packets as a whole and the function name is misleading.

Rename br_parse_ip_options() to br_validate_ipv4() and remove unneeded
commments.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: refactor frag_max_size
Bernhard Thaler [Sat, 30 May 2015 13:28:28 +0000 (15:28 +0200)]
netfilter: bridge: refactor frag_max_size

Currently frag_max_size is member of br_input_skb_cb and copied back and
forth using IPCB(skb) and BR_INPUT_SKB_CB(skb) each time it is changed or
used.

Attach frag_max_size to nf_bridge_info and set value in pre_routing and
forward functions. Use its value in forward and xmit functions.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: detect NAT66 correctly and change MAC address
Bernhard Thaler [Sat, 30 May 2015 13:27:40 +0000 (15:27 +0200)]
netfilter: bridge: detect NAT66 correctly and change MAC address

IPv4 iptables allows to REDIRECT/DNAT/SNAT any traffic over a bridge.

e.g. REDIRECT
$ sysctl -w net.bridge.bridge-nf-call-iptables=1
$ iptables -t nat -A PREROUTING -p tcp -m tcp --dport 8080 \
  -j REDIRECT --to-ports 81

This does not work with ip6tables on a bridge in NAT66 scenario
because the REDIRECT/DNAT/SNAT is not correctly detected.

The bridge pre-routing (finish) netfilter hook has to check for a possible
redirect and then fix the destination mac address. This allows to use the
ip6tables rules for local REDIRECT/DNAT/SNAT REDIRECT similar to the IPv4
iptables version.

e.g. REDIRECT
$ sysctl -w net.bridge.bridge-nf-call-ip6tables=1
$ ip6tables -t nat -A PREROUTING -p tcp -m tcp --dport 8080 \
  -j REDIRECT --to-ports 81

This patch makes it possible to use IPv6 NAT66 on a bridge. It was tested
on a bridge with two interfaces using SNAT/DNAT NAT66 rules.

Reported-by: Artie Hamilton <artiemhamilton@yahoo.com>
Signed-off-by: Sven Eckelmann <sven@open-mesh.com>
[bernhard.thaler@wvnet.at: rebased, add indirect call to ip6_route_input()]
[bernhard.thaler@wvnet.at: rebased, split into separate patches]
Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: re-order br_nf_pre_routing_finish_ipv6()
Bernhard Thaler [Sat, 30 May 2015 13:26:57 +0000 (15:26 +0200)]
netfilter: bridge: re-order br_nf_pre_routing_finish_ipv6()

Put br_nf_pre_routing_finish_ipv6() after daddr_was_changed() and
br_nf_pre_routing_finish_bridge() to prepare calling these functions
from there.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: bridge: refactor clearing BRNF_NF_BRIDGE_PREROUTING
Bernhard Thaler [Sat, 30 May 2015 13:26:13 +0000 (15:26 +0200)]
netfilter: bridge: refactor clearing BRNF_NF_BRIDGE_PREROUTING

use binary AND on complement of BRNF_NF_BRIDGE_PREROUTING to unset
bit in nf_bridge->mask.

Signed-off-by: Bernhard Thaler <bernhard.thaler@wvnet.at>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agonetfilter: conntrack: warn the user if there is a better helper to use
Marcelo Ricardo Leitner [Thu, 21 May 2015 13:57:12 +0000 (10:57 -0300)]
netfilter: conntrack: warn the user if there is a better helper to use

After db29a9508a92 ("netfilter: conntrack: disable generic tracking for
known protocols"), if the specific helper is built but not loaded
(a standard for most distributions) systems with a restrictive firewall
but weak configuration regarding netfilter modules to load, will
silently stop working.

This patch then puts a warning message so the sysadmin knows where to
start looking into. It's a pr_warn_once regardless of protocol itself
but it should be enough to give a hint on where to look.

Cc: Florian Westphal <fw@strlen.de>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
9 years agoMerge branch 'tcp-gso-settings-defer'
David S. Miller [Thu, 11 Jun 2015 23:33:11 +0000 (16:33 -0700)]
Merge branch 'tcp-gso-settings-defer'

Eric Dumazet says:

====================
tcp: defer shinfo->gso_size|type settings

We put shinfo->gso_segs in TCP_SKB_CB(skb) a while back for performance
reasons.

This was in commit cd7d8498c9a5 ("tcp: change tcp_skb_pcount() location")

This patch series complete the job for gso_size and gso_type, so that
we do not bring 2 extra cache lines in tcp write xmit fast path,
and making tcp_init_tso_segs() simpler and faster.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: remove obsolete check in tcp_set_skb_tso_segs()
Eric Dumazet [Thu, 11 Jun 2015 16:15:19 +0000 (09:15 -0700)]
tcp: remove obsolete check in tcp_set_skb_tso_segs()

We had various issues in the past when TCP stack was modifying
gso_size/gso_segs while clones were in flight.

Commit c52e2421f73 ("tcp: must unclone packets before mangling them")
fixed these bugs and added a WARN_ON_ONCE(skb_cloned(skb)); in
tcp_set_skb_tso_segs()

These bugs are now fixed, and because TCP stack now only sets
shinfo->gso_size|segs on the clone itself, the check can be removed.

As a result of this change, compiler inlines tcp_set_skb_tso_segs() in
tcp_init_tso_segs()

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: fill shinfo->gso_size at last moment
Eric Dumazet [Thu, 11 Jun 2015 16:15:18 +0000 (09:15 -0700)]
tcp: fill shinfo->gso_size at last moment

In commit cd7d8498c9a5 ("tcp: change tcp_skb_pcount() location") we stored
gso_segs in a temporary cache hot location.

This patch does the same for gso_size.

This allows to save 2 cache line misses in tcp xmit path for
the last packet that is considered but not sent because of
various conditions (cwnd, tso defer, receiver window, TSQ...)

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: tcp_set_skb_tso_segs() no longer need struct sock parameter
Eric Dumazet [Thu, 11 Jun 2015 16:15:17 +0000 (09:15 -0700)]
tcp: tcp_set_skb_tso_segs() no longer need struct sock parameter

tcp_set_skb_tso_segs() & tcp_init_tso_segs() no longer
use the sock pointer.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: fill shinfo->gso_type at last moment
Eric Dumazet [Thu, 11 Jun 2015 16:15:16 +0000 (09:15 -0700)]
tcp: fill shinfo->gso_type at last moment

Our goal is to touch skb_shinfo(skb) only when absolutely needed,
to avoid two cache line misses in TCP output path for last skb
that is considered but not sent because of various conditions
(cwnd, tso defer, receiver window, TSQ...)

A packet is GSO only when skb_shinfo(skb)->gso_size is not zero.

We can set skb_shinfo(skb)->gso_type to sk->sk_gso_type even for
non GSO packets.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: reserve tcp_skb_mss() to tcp stack
Eric Dumazet [Thu, 11 Jun 2015 16:15:15 +0000 (09:15 -0700)]
tcp: reserve tcp_skb_mss() to tcp stack

tcp_gso_segment() and tcp_gro_receive() are not strictly
part of TCP stack. They should not assume tcp_skb_mss(skb)
is in fact skb_shinfo(skb)->gso_size.

This will allow us to change tcp_skb_mss() in following patches.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoswitchdev: fix BUG when port driver doesn't support set attr op
Scott Feldman [Thu, 11 Jun 2015 15:19:01 +0000 (08:19 -0700)]
switchdev: fix BUG when port driver doesn't support set attr op

Fix a BUG_ON() where CONFIG_NET_SWITCHDEV is set but the driver for a
bridged port does not support switchdev_port_attr_set op.  Don't BUG_ON()
if -EOPNOTSUPP is returned.

Also change BUG_ON() to netdev_err since this is a normal error path and
does not warrant the use of BUG_ON(), which is reserved for unrecoverable
errs.

Signed-off-by: Scott Feldman <sfeldma@gmail.com>
Reported-by: Brenden Blanco <bblanco@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge branch 'bna-next'
David S. Miller [Thu, 11 Jun 2015 22:57:18 +0000 (15:57 -0700)]
Merge branch 'bna-next'

Ivan Vecera says:

====================
bna: clean-up

The patches clean the bna driver.

v2: changes & comments requested by Joe
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: use netdev_* and dev_* instead of printk and pr_*
Ivan Vecera [Thu, 11 Jun 2015 13:52:31 +0000 (15:52 +0200)]
bna: use netdev_* and dev_* instead of printk and pr_*

...and remove some of them. It is not necessary to log when .probe() and
.remove() are called or when TxQ is started or stopped. Also log level
of some of them was changed to more appropriate one (link up/down,
firmware loading failure.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: fix timeout API argument type
Ivan Vecera [Thu, 11 Jun 2015 13:52:30 +0000 (15:52 +0200)]
bna: fix timeout API argument type

Timeout functions are defined with 'void *' ptr argument. They should
be defined directly with 'struct bfa_ioc *' type to avoid type conversions.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: use list_for_each_entry where appropriate
Ivan Vecera [Thu, 11 Jun 2015 13:52:29 +0000 (15:52 +0200)]
bna: use list_for_each_entry where appropriate

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: get rid of private macros for manipulation with lists
Ivan Vecera [Thu, 11 Jun 2015 13:52:28 +0000 (15:52 +0200)]
bna: get rid of private macros for manipulation with lists

Remove macros for manipulation with struct list_head and replace them
with standard ones.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove useless pointer assignment
Ivan Vecera [Thu, 11 Jun 2015 13:52:27 +0000 (15:52 +0200)]
bna: remove useless pointer assignment

Pointer cmpl used to iterate through completion entries is updated at
the beginning of while loop as well as at the end. The update at the end
of the loop is useless.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: use memdup_user to copy userspace buffers
Ivan Vecera [Thu, 11 Jun 2015 13:52:26 +0000 (15:52 +0200)]
bna: use memdup_user to copy userspace buffers

Patch converts kzalloc->copy_from_user sequence to memdup_user. There
is also one useless assignment of NULL to bnad->regdata as it is followed
by assignment of kzalloc output.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: correct comparisons/assignments to bool
Ivan Vecera [Thu, 11 Jun 2015 13:52:25 +0000 (15:52 +0200)]
bna: correct comparisons/assignments to bool

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove TX_E_PRIO_CHANGE event and BNA_TX_F_PRIO_CHANGED flag
Ivan Vecera [Thu, 11 Jun 2015 13:52:24 +0000 (15:52 +0200)]
bna: remove TX_E_PRIO_CHANGE event and BNA_TX_F_PRIO_CHANGED flag

TX_E_PRIO_CHANGE event is never sent for bna_tx so it doesn't need to be
handled. After this change bna_tx->flags cannot contain
BNA_TX_F_PRIO_CHANGED flag and it can be also eliminated.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove paused from bna_rx_config and flags from bna_rxf
Ivan Vecera [Thu, 11 Jun 2015 13:52:23 +0000 (15:52 +0200)]
bna: remove paused from bna_rx_config and flags from bna_rxf

The bna_rx_config struct member paused can be removed as it is never
written and as it cannot have non-zero value the bna_rxf struct member
flags also cannot have BNA_RXF_F_PAUSED value and is always zero.
So the flags member can be removed as well as bna_rxf_flags enum and
the code-paths that needs to have non-zero bna_rxf->flags.
This clean-up makes bna_rxf_sm_paused state unsed and can be also removed.

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove RXF_E_PAUSE and RXF_E_RESUME events
Ivan Vecera [Thu, 11 Jun 2015 13:52:22 +0000 (15:52 +0200)]
bna: remove RXF_E_PAUSE and RXF_E_RESUME events

RXF_E_PAUSE & RXF_E_RESUME events are never sent for bna_rxf object so
they needn't to be handled. The bna_rxf's state bna_rxf_sm_fltr_clr_wait
and function bna_rxf_fltr_clear are unused after this so remove them also.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove prio_change_cbfn oper_state_cbfn from struct bna_tx
Ivan Vecera [Thu, 11 Jun 2015 13:52:21 +0000 (15:52 +0200)]
bna: remove prio_change_cbfn oper_state_cbfn from struct bna_tx

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove oper_state_cbfn from struct bna_rxf
Ivan Vecera [Thu, 11 Jun 2015 13:52:20 +0000 (15:52 +0200)]
bna: remove oper_state_cbfn from struct bna_rxf

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove pause_cbfn from struct bna_enet
Ivan Vecera [Thu, 11 Jun 2015 13:52:19 +0000 (15:52 +0200)]
bna: remove pause_cbfn from struct bna_enet

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove unused cbfn parameter
Ivan Vecera [Thu, 11 Jun 2015 13:52:18 +0000 (15:52 +0200)]
bna: remove unused cbfn parameter

removed:
bna_rx_ucast_add
bna_rx_ucast_del

simplified:
bna_enet_pause_config
bna_rx_mcast_delall
bna_rx_mcast_listset
bna_rx_mode_set
bna_rx_ucast_listset
bna_rx_ucast_set

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: use BIT(x) instead of (1 << x)
Ivan Vecera [Thu, 11 Jun 2015 13:52:17 +0000 (15:52 +0200)]
bna: use BIT(x) instead of (1 << x)

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: get rid of duplicate and unused macros
Ivan Vecera [Thu, 11 Jun 2015 13:52:16 +0000 (15:52 +0200)]
bna: get rid of duplicate and unused macros

replaced macros:
BNA_MAC_IS_EQUAL -> ether_addr_equal
BNA_POWER_OF_2 -> is_power_of_2
BNA_TO_POWER_OF_2_HIGH -> roundup_pow_of_two

removed unused macros:
bfa_fsm_get_state
bfa_ioc_clr_stats
bfa_ioc_fetch_stats
bfa_ioc_get_alt_ioc_fwstate
bfa_ioc_isr_mode_set
bfa_ioc_maxfrsize
bfa_ioc_mbox_cmd_pending
bfa_ioc_ownership_reset
bfa_ioc_rx_bbcredit
bfa_ioc_state_disabled
bfa_sm_cmp_state
bfa_sm_get_state
bfa_sm_send_event
bfa_sm_set_state
bfa_sm_state_decl
BFA_STRING_32
BFI_ADAPTER_IS_{PROTO,TTV,UNSUPP)
BFI_IOC_ENDIAN_SIG
BNA_{C,RX,TX}Q_PAGE_INDEX_MAX
BNA_{C,RX,TX}Q_PAGE_INDEX_MAX_SHIFT
BNA_{C,RX,TX}Q_QPGE_PTR_GET
BNA_IOC_TIMER_FREQ
BNA_MESSAGE_SIZE
BNA_QE_INDX_2_PTR
BNA_QE_INDX_RANGE
BNA_Q_GET_{C,P}I
BNA_Q_{C,P}I_ADD
BNA_Q_FREE_COUNT
BNA_Q_IN_USE_COUNT
BNA_TO_POWER_OF_2
containing_rec

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: replace pragma(pack) with attribute __packed
Ivan Vecera [Thu, 11 Jun 2015 13:52:15 +0000 (15:52 +0200)]
bna: replace pragma(pack) with attribute __packed

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: get rid of mac_t
Ivan Vecera [Thu, 11 Jun 2015 13:52:14 +0000 (15:52 +0200)]
bna: get rid of mac_t

The patch converts mac_t type to widely used 'u8 [ETH_ALEN]'.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: use ether_addr_copy instead of memcpy
Ivan Vecera [Thu, 11 Jun 2015 13:52:13 +0000 (15:52 +0200)]
bna: use ether_addr_copy instead of memcpy

Parameters of all ether_addr_copy instances were checked for proper
alignment. Alignment of bnad_bcast_addr is forced to 2 as the implicit
alignment is 1.
I have also renamed address parameter of bnad_set_mac_address() to addr.
The name mac_addr was a little bit confusing as the real parameter is
struct sockaddr *.

v2: added __aligned directive to bnad_bcast_addr, renamed parameter of
    bnad_set_mac_address() (thx joe@perches.com)

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge branch 'mlx5-next'
David S. Miller [Thu, 11 Jun 2015 22:55:26 +0000 (15:55 -0700)]
Merge branch 'mlx5-next'

Or Gerlitz says:

====================
mlx5 Ethernet driver update - Jun 11 2015

This series from Saeed, Achiad and Gal contains few fixes
to the recently introduced mlx5 Ethernet functionality.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5e: Add transport domain to the ethernet TIRs/TISs
Achiad Shochat [Thu, 11 Jun 2015 11:47:33 +0000 (14:47 +0300)]
net/mlx5e: Add transport domain to the ethernet TIRs/TISs

Allocate and use transport domain by the Ethernet driver code.

Signed-off-by: Achiad Shochat <achiad@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5_core: Add transport domain alloc/dealloc support
Achiad Shochat [Thu, 11 Jun 2015 11:47:32 +0000 (14:47 +0300)]
net/mlx5_core: Add transport domain alloc/dealloc support

Each transport object, namely TIR and TIS, must have a transport domain
number (TDN) identifier.

The driver wrongly assumed that it is OK to use TDN=0 without explicit
TDN allocation from the device.

The TDN will also be used for isolating different processes once user
mode Ethernet will be supported.

Signed-off-by: Achiad Shochat <achiad@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5e: Support NETIF_F_SG
Saeed Mahameed [Thu, 11 Jun 2015 11:47:31 +0000 (14:47 +0300)]
net/mlx5e: Support NETIF_F_SG

When NETIF_F_SG is set, each send WQE may have a different size since
each skb can have different number of fragments as of LSO header etc.

This implies that a given WQE may wrap around the send queue, i.e begin
at its end and continue at its start. While it is legal by the device spec,
we preferred a solution that avoids it - when building of current WQE is
done, if the next WQE may wrap around the send queue, fill the send queue
with NOPs WQEs till its end, so that the next WQE will begin at send queue
start.

NOP WQE for itself cannot wrap around the send queue since it is of
minimal size - 64 bytes, and all send WQEs are a multiple of that size.

Signed-off-by: Achiad Shochat <achiad@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5e: Enforce max flow-tables level >= 3
Gal Pressman [Thu, 11 Jun 2015 11:47:30 +0000 (14:47 +0300)]
net/mlx5e: Enforce max flow-tables level >= 3

The Ethernet driver requires at least 3 flow table levels to
operate, enforce that.

Signed-off-by: Gal Pressman <galp@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5e: Disable client vlan TX acceleration
Saeed Mahameed [Thu, 11 Jun 2015 11:47:29 +0000 (14:47 +0300)]
net/mlx5e: Disable client vlan TX acceleration

We need to resolve a HW configuration issue for enabling HW CVLAN
insertion. Meanwhile, no need to implement the VLAN insertion in
the driver, rather use the generic kernel VLAN insertion method.

Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5e: Add HW cacheline start padding
Saeed Mahameed [Thu, 11 Jun 2015 11:47:28 +0000 (14:47 +0300)]
net/mlx5e: Add HW cacheline start padding

Enable HW cacheline start padding and align RX WQE size to cacheline
while considering HW start padding. Also, fix dma_unmap call to use
the correct SKB data buffer size.

Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5e: Fix HW MTU settings
Saeed Mahameed [Thu, 11 Jun 2015 11:47:27 +0000 (14:47 +0300)]
net/mlx5e: Fix HW MTU settings

Previously we configured HW MTU to be netdev->mtu, actually we
need to configure netdev->mtu + (ETH_HLEN + VLAN_HLEN + ETH_FCS_LEN).

Also, query MTU can not fail, hence make the relevant helper a
void functionm, add mlx5e_set_dev_port_mtu, helper function to
handle MTU setting.

Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx5_core: fix an error code
Dan Carpenter [Thu, 11 Jun 2015 08:50:01 +0000 (11:50 +0300)]
net/mlx5_core: fix an error code

We return success if mlx5e_alloc_sq_db() fails but we should return an
error code.

Fixes: f62b8bb8f2d3 ('net/mlx5: Extend mlx5_core to support ConnectX-4 Ethernet functionality')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agovxge: use swap() in vxge_hw_channel_dtr_alloc()
Fabian Frederick [Wed, 10 Jun 2015 16:33:26 +0000 (18:33 +0200)]
vxge: use swap() in vxge_hw_channel_dtr_alloc()

Use kernel.h macro definition.

Thanks to Julia Lawall for Coccinelle scripting support.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: fs_enet: use swap() in fs_enet_rx_napi()
Fabian Frederick [Wed, 10 Jun 2015 16:33:19 +0000 (18:33 +0200)]
net: fs_enet: use swap() in fs_enet_rx_napi()

Use kernel.h macro definition.

Thanks to Julia Lawall for Coccinelle scripting support.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/ibm/emac: use swap() in emac_make_bootlist()
Fabian Frederick [Wed, 10 Jun 2015 16:33:16 +0000 (18:33 +0200)]
net/ibm/emac: use swap() in emac_make_bootlist()

Use kernel.h macro definition.

Thanks to Julia Lawall for Coccinelle scripting support.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx4_core: use swap() in mlx4_make_profile()
Fabian Frederick [Wed, 10 Jun 2015 16:33:13 +0000 (18:33 +0200)]
net/mlx4_core: use swap() in mlx4_make_profile()

Use kernel.h macro definition.

Thanks to Julia Lawall for Coccinelle scripting support.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/mlx4: use swap() in mlx4_init_qp_table()
Fabian Frederick [Wed, 10 Jun 2015 16:33:06 +0000 (18:33 +0200)]
net/mlx4: use swap() in mlx4_init_qp_table()

Use kernel.h macro definition.

Thanks to Julia Lawall for Coccinelle scripting support.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/ps3_gelic: Fix build error with DEBUG
Geoff Levand [Wed, 10 Jun 2015 17:19:48 +0000 (10:19 -0700)]
net/ps3_gelic: Fix build error with DEBUG

When the DEBUG preprocessor macro is defined the ps3_gelic_net driver build
fails due to an undeclared routine gelic_descr_get_status().  This problem
was introduced during the code cleanup of commit
6b0c21cede22be1f68f0a632c0ca38008ce1abe7 (net: Fix p3_gelic_net sparse warnings),
which re-arranged the ordering of some of the gelic routines.

This change just moves the gelic_descr_get_status() routine up in the
ps3_gelic_net.c source file. There is no functional change.

Fixes build errors like these:

  drivers/net/ethernet/toshiba/ps3_gelic_net.c: error: implicit declaration of function gelic_descr_get_status

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/ethtool: Add current supported tunable options
Hadar Hen Zion [Thu, 11 Jun 2015 07:28:16 +0000 (10:28 +0300)]
net/ethtool: Add current supported tunable options

Add strings array of the current supported tunable options.

Signed-off-by: Hadar Hen Zion <hadarh@mellanox.com>
Reviewed-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge branch 'broadcom-MDIO-turn-around'
David S. Miller [Thu, 11 Jun 2015 07:32:21 +0000 (00:32 -0700)]
Merge branch 'broadcom-MDIO-turn-around'

Florian Fainelli says:

====================
net: broadcom MDIO support for broken turn-around

These two patches update the GENET and UniMAC MDIO controllers to deal with
PHYs that are known to have a broken turn-around bug (e.g: BCM53125 and others)

This utilizes the infrastructure that code recently added to do that in 'net-next'.

Note that the changes look nearly identical and I will try to address the MDIO
code duplication between GENET and UniMAC in a future patch series.

Changes in v2:
- remove brcmphy.h include in mdio-bcm-unimac.c
- use the same comment as with GENET's MDIO read function
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: phy: mdio-bcm-unimac: handle broken turn-around for specific PHYs
Florian Fainelli [Wed, 10 Jun 2015 19:24:11 +0000 (12:24 -0700)]
net: phy: mdio-bcm-unimac: handle broken turn-around for specific PHYs

Some Ethernet PHYs/switches such as Broadcom's BCM53125 have a hardware bug
which makes them not release the MDIO line during turn-around time.  This gets
flagged by the UniMAC MDIO controller as a read failure, and we fail the read
transaction.

Check the MDIO bus phy_ignore_ta_mask bitmask for the PHY we are reading
from and if it is listed in this bitmask, ignore the read failure and
proceed with returning the data we read out of the controller.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: bcmgenet: handle broken turn-around for specific PHYs
Florian Fainelli [Wed, 10 Jun 2015 19:24:10 +0000 (12:24 -0700)]
net: bcmgenet: handle broken turn-around for specific PHYs

Some Ethernet PHYs/switches such as Broadcom's BCM53125 have a hardware
bug which makes them not release the MDIO line during turn-around time.
This gets flagged by the GENET MDIO controller as a read failure, and we
fail the read transaction.

Check the MDIO bus phy_ignore_ta_mask bitmask for the PHY we are reading
from and if it is listed in this bitmask, ignore the read failure and
proceed with returning the data we read out of the controller.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: phy: davicom: add IDs for DM9161B and C variants
Gustavo Zacarias [Wed, 10 Jun 2015 16:48:20 +0000 (13:48 -0300)]
net: phy: davicom: add IDs for DM9161B and C variants

Add PHY IDs for Davicom DM9161B and DM9161C variants.
Tested with a DM9161C on a custom Atmel-based SAM9X25 board in RMII
mode.

The DM9161B uses the same model id with just the LSB bit of the version
id changing (which is masked out).

For all intents and purposes they're the same as the DM9161A with an
added GPSI mode and better fabrication process.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoRenesas Ethernet AVB PTP clock driver
Sergei Shtylyov [Wed, 10 Jun 2015 22:02:30 +0000 (01:02 +0300)]
Renesas Ethernet AVB PTP clock driver

Ethernet AVB device includes the gPTP  timer, so we can implement a PTP clock
driver.  We're doing that in a separate file, with  the main Ethernet driver
calling the PTP driver's [de]initialization and interrupt handler functions.
Unfortunately, the clock seems tightly coupled with the AVB-DMAC, so when that
one leaves the operation mode, we have to unregister the PTP clock... :-(

Based on the original patches by Masaru Nagai.

Signed-off-by: Masaru Nagai <masaru.nagai.vx@renesas.com>
Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoRenesas Ethernet AVB driver proper
Sergei Shtylyov [Wed, 10 Jun 2015 22:01:43 +0000 (01:01 +0300)]
Renesas Ethernet AVB driver proper

Ethernet AVB includes an Gigabit Ethernet controller (E-MAC) that is basically
compatible with SuperH Gigabit Ethernet E-MAC.  Ethernet AVB has  a  dedicated
direct memory access controller (AVB-DMAC) that is a new design compared to the
SuperH E-DMAC. The AVB-DMAC is compliant with 3 standards formulated for IEEE
802.1BA: IEEE 802.1AS timing and synchronization protocol, IEEE 802.1Qav real-
time transfer, and the IEEE 802.1Qat stream reservation protocol.

The  driver only supports device tree probing, so the binding document is
included in this patch.

Based on the original patches by Mitsuhiro Kimura.

Signed-off-by: Mitsuhiro Kimura <mitsuhiro.kimura.kc@renesas.com>
Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: add CDG congestion control
Kenneth Klette Jonassen [Wed, 10 Jun 2015 17:08:17 +0000 (19:08 +0200)]
tcp: add CDG congestion control

CAIA Delay-Gradient (CDG) is a TCP congestion control that modifies
the TCP sender in order to [1]:

  o Use the delay gradient as a congestion signal.
  o Back off with an average probability that is independent of the RTT.
  o Coexist with flows that use loss-based congestion control, i.e.,
    flows that are unresponsive to the delay signal.
  o Tolerate packet loss unrelated to congestion. (Disabled by default.)

Its FreeBSD implementation was presented for the ICCRG in July 2012;
slides are available at http://www.ietf.org/proceedings/84/iccrg.html

Running the experiment scenarios in [1] suggests that our implementation
achieves more goodput compared with FreeBSD 10.0 senders, although it also
causes more queueing delay for a given backoff factor.

The loss tolerance heuristic is disabled by default due to safety concerns
for its use in the Internet [2, p. 45-46].

We use a variant of the Hybrid Slow start algorithm in tcp_cubic to reduce
the probability of slow start overshoot.

[1] D.A. Hayes and G. Armitage. "Revisiting TCP congestion control using
    delay gradients." In Networking 2011, pages 328-341. Springer, 2011.
[2] K.K. Jonassen. "Implementing CAIA Delay-Gradient in Linux."
    MSc thesis. Department of Informatics, University of Oslo, 2015.

Cc: Eric Dumazet <edumazet@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Neal Cardwell <ncardwell@google.com>
Cc: David Hayes <davihay@ifi.uio.no>
Cc: Andreas Petlund <apetlund@simula.no>
Cc: Dave Taht <dave.taht@bufferbloat.net>
Cc: Nicolas Kuhn <nicolas.kuhn@telecom-bretagne.eu>
Signed-off-by: Kenneth Klette Jonassen <kennetkl@ifi.uio.no>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agotcp: export tcp_enter_cwr()
Kenneth Klette Jonassen [Wed, 10 Jun 2015 17:08:16 +0000 (19:08 +0200)]
tcp: export tcp_enter_cwr()

Upcoming tcp_cdg uses tcp_enter_cwr() to initiate PRR. Export this
function so that CDG can be compiled as a module.

Cc: Eric Dumazet <edumazet@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>
Cc: Neal Cardwell <ncardwell@google.com>
Cc: David Hayes <davihay@ifi.uio.no>
Cc: Andreas Petlund <apetlund@simula.no>
Cc: Dave Taht <dave.taht@bufferbloat.net>
Cc: Nicolas Kuhn <nicolas.kuhn@telecom-bretagne.eu>
Signed-off-by: Kenneth Klette Jonassen <kennetkl@ifi.uio.no>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoswitchdev: fix handling for drivers not supporting IPv4 fib add/del ops
Scott Feldman [Thu, 11 Jun 2015 00:04:49 +0000 (17:04 -0700)]
switchdev: fix handling for drivers not supporting IPv4 fib add/del ops

If CONFIG_NET_SWITCHDEV is enabled, but port driver does not implement
support for IPv4 FIB add/del ops, don't fail route add/del offload
operations.  Route adds will not be marked as OFFLOAD.  Routes will be
installed in the kernel FIB, as usual.

This was report/fixed by Florian when testing DSA driver with net-next on
devices with L2 offload support but no L3 offload support. What he reported
was an initial route installed from DHCP client would fail (route not
installed to kernel FIB).  This was triggering the setting of
ipv4.fib_offload_disabled, which would disable route offloading after the
first failure.  So subsequent attempts to install the route would succeed.

There is follow-on work/discussion to address the handling of route install
failures, but for now, let's differentiate between no support and failed
support.

Reported-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Scott Feldman <sfeldma@gmail.com>
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge branch 'brcm-pseudo-phy-addr'
David S. Miller [Thu, 11 Jun 2015 06:33:59 +0000 (23:33 -0700)]
Merge branch 'brcm-pseudo-phy-addr'

Florian Fainelli says:

====================
net: phy: broadcom: define pseudo-PHY address

This patch series converts existing in-tree users of the Broadcom pseudo-PHY
address (30) used to configure MDIO-connected switches to share a constant in a
shared header files.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: dsa: bcm_sf2: Utilize BRCM_PSEUDO_PHY_ADDR
Florian Fainelli [Thu, 11 Jun 2015 01:08:01 +0000 (18:08 -0700)]
net: dsa: bcm_sf2: Utilize BRCM_PSEUDO_PHY_ADDR

Utilize the newly introduced BRCM_PSEUDO_PHY_ADDR constant from
brcmphy.h instead of open-coding the Broadcom Ethernet switches
pseudo-PHY address (30).

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobgmac: Utilize BRCM_PSEUDO_PHY_ADDR
Florian Fainelli [Thu, 11 Jun 2015 01:08:00 +0000 (18:08 -0700)]
bgmac: Utilize BRCM_PSEUDO_PHY_ADDR

What BGMAC defines as BGMAC_PHY_NOREGS is in fact the Broadcom Ethernet
switches' pseudo-PHY address (30), utilize the newly introduced constant
from brcmphy.h

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agob44: Utilize BRCM_PSEUDO_PHY_ADDR
Florian Fainelli [Thu, 11 Jun 2015 01:07:59 +0000 (18:07 -0700)]
b44: Utilize BRCM_PSEUDO_PHY_ADDR

What B44 has been locally using as B44_PHY_ADDR_NO_LOCAL_PHY is in fact
the Broadcom Ethernet switches pseudo-PHY address (30). Update the
header to use the newly introduced constant and update comments so they
are within 80 columns and consistent.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: phy: broadcom: define Broadcom pseudo-PHY address in brcmphy.h
Florian Fainelli [Thu, 11 Jun 2015 01:07:58 +0000 (18:07 -0700)]
net: phy: broadcom: define Broadcom pseudo-PHY address in brcmphy.h

Define the pseudo-PHY address (30) which is used by all Broadcom
Ethernet switches in a shared header file.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: phy: broadcom: include phy.h for brcmphy.h
Florian Fainelli [Thu, 11 Jun 2015 01:07:57 +0000 (18:07 -0700)]
net: phy: broadcom: include phy.h for brcmphy.h

We utilize inline functions from the PHY library, make sure that we do
include phy.h in brcmphy.h in order for the code including brcmphy.h not
to have to resolve this inclusion dependency.

Fixes: 705314797b8b ("net: phy: broadcom: move shadow 0x1C register accessors to brcmphy.h")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet: tcp: dctcp_update_alpha() fixes.
Eric Dumazet [Thu, 11 Jun 2015 05:11:17 +0000 (22:11 -0700)]
net: tcp: dctcp_update_alpha() fixes.

dctcp_alpha can be read by from dctcp_get_info() without
synchro, so use WRITE_ONCE() to prevent compiler from using
dctcp_alpha as a temporary variable.

Also, playing with small dctcp_shift_g (like 1), can expose
an overflow with 32bit values shifted 9 times before divide.

Use an u64 field to avoid this problem, and perform the divide
only if acked_bytes_ecn is not zero.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge tag 'mac80211-next-for-davem-2015-06-10' of git://git.kernel.org/pub/scm/linux...
David S. Miller [Thu, 11 Jun 2015 05:49:49 +0000 (22:49 -0700)]
Merge tag 'mac80211-next-for-davem-2015-06-10' of git://git./linux/kernel/git/jberg/mac80211-next

Johannes Berg says:

====================
For this round we mostly have fixes:
 * mesh fixes from Alexis Green and Chun-Yeow Yeoh,
 * a documentation fix from Jakub Kicinski,
 * a missing channel release (from Michal Kazior),
 * a fix for a signal strength reporting bug (from Sara Sharon),
 * handle deauth while associating (myself),
 * don't report mangled TX SKB back to userspace for status (myself),
 * handle aggregation session timeouts properly in fast-xmit (myself)

However, there are also a few cleanups and one big change that
affects all drivers (and that required me to pull in your tree)
to change the mac80211 HW flags to use an unsigned long bitmap
so that we can extend them more easily - we're running out of
flags even with a cleanup to remove the two unused ones.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agonet/unix: support SCM_SECURITY for stream sockets
Stephen Smalley [Wed, 10 Jun 2015 12:44:59 +0000 (08:44 -0400)]
net/unix: support SCM_SECURITY for stream sockets

SCM_SECURITY was originally only implemented for datagram sockets,
not for stream sockets.  However, SCM_CREDENTIALS is supported on
Unix stream sockets.  For consistency, implement Unix stream support
for SCM_SECURITY as well.  Also clean up the existing code and get
rid of the superfluous UNIXSID macro.

Motivated by https://bugzilla.redhat.com/show_bug.cgi?id=1224211,
where systemd was using SCM_CREDENTIALS and assumed wrongly that
SCM_SECURITY was also supported on Unix stream sockets.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoatm: idt77105: Use setup_timer
Vaishali Thakkar [Wed, 10 Jun 2015 05:40:05 +0000 (11:10 +0530)]
atm: idt77105: Use setup_timer

Use the timer API function setup_timer instead of structure field
assignments to initialize a timer.

A simplified version of the Coccinelle semantic patch that performs
this transformation is as follows:

@change@
expression e1, e2, a;
@@

-init_timer(&e1);
+setup_timer(&e1, a, 0UL);
... when != a = e2
-e1.function = a;

Signed-off-by: Vaishali Thakkar <vthakkar1994@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoAdd support of Cavium Liquidio ethernet adapters
Raghu Vatsavayi [Wed, 10 Jun 2015 01:15:23 +0000 (18:15 -0700)]
Add support of Cavium Liquidio ethernet adapters

Following patch V8 adds support for Cavium Liquidio pci express
based 10Gig ethernet adapters.
1) Consolidated all debug macros to either call dev_* or
   netdev_* macros directly, feedback from previous patch.
2) Changed soft commands to avoid crash when running
   in interrupt context.
3) Fixed link status not reflecting correct status when NetworkManager
   is running. Added MODULE_FIRMWARE declarations.

Following were the previous patches.
Patch V7:
1) Minor comments from v6 release regarding debug statements.
2) Fix for large multicast lists.
3) Fixed lockup issue if port initialization fails.
4) Enabled MSI by default.
https://patchwork.ozlabs.org/patch/464441/

Patch V6:
1) Addressed the uint64 vs u64 issue, feedback from previous patch.
2) Consolidated some receive processing routines.
3) Removed link status polling method.
https://patchwork.ozlabs.org/patch/459514/

Patch V5:
Based on the feedback from earlier patches with regards to
consolidation of common functions like device init, register
programming for cn66xx and cn68xx devices.
https://patchwork.ozlabs.org/patch/438979/

Patch V4:
Following were the changes based on the feedback from earlier patch:
1) Added mmiowb while synchronizing queue updates and other hw
   interactions.
2) Statistics will now be incremented non-atomically per each ring.
   liquidio_get_stats will add stats of each ring while reporting the
   total statistics counts.
3) Modified liquidio_ioctl  to return proper return codes.
4) Modified device naming to use standard Ethernet naming.
5) Global function names in the driver will have lio_/liquidio_/octeon_
   prefix.
6) Ethtool related changes for:
   Removed redundant stats and jiffies.
   Use default ethtool handler of link status.
   Speed setting will make use of ethtool_cmd_speed_set.
7) Added checks for pci_map_*  return codes.
8) Check for signals while waiting in interruptible mode
https://patchwork.ozlabs.org/patch/435073/

Patch v3:
Implemented feedback from previous patch like:
Removed NAPI Config and DEBUG config options, added BQL and xmit_more
support.
https://patchwork.ozlabs.org/patch/422749/

Patch V2:
Implemented feedback from previous patch.
https://patchwork.ozlabs.org/patch/413539/

First Patch:
https://patchwork.ozlabs.org/patch/412946/

Signed-off-by: Derek Chickles <derek.chickles@caviumnetworks.com>
Signed-off-by: Satanand Burla <satananda.burla@caviumnetworks.com>
Signed-off-by: Felix Manlunas <felix.manlunas@caviumnetworks.com>
Signed-off-by: Robert Richter <Robert.Richter@caviumnetworks.com>
Signed-off-by: Aleksey Makarov <Aleksey.Makarov@caviumnetworks.com>
Signed-off-by: Raghu Vatsavayi <raghu.vatsavayi@caviumnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next...
David S. Miller [Thu, 11 Jun 2015 05:14:14 +0000 (22:14 -0700)]
Merge branch 'master' of git://git./linux/kernel/git/jkirsher/next-queue

Jeff Kirsher says:

====================
Intel Wired LAN Driver Updates 2015-06-09

This series contains updates to ixgbe only.

The series adds additional support for x550 support, such as WoL and
auto-negotiation of flow control.  Adds new PHY support (external PHY)
for x550, as well as the new methods/functions needed to support the new
PHY's.  Fixed a bug found in code inspection, where a check was missed
when clearing counters for x550.  Also fixed the init code flow for copper
x550 devices.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge branch 'cxgb4-next'
David S. Miller [Thu, 11 Jun 2015 05:00:27 +0000 (22:00 -0700)]
Merge branch 'cxgb4-next'

Hariprasad Shenai says:

====================
Add cim_ma_la, cim_pif_la and tx_rate debugfs entry

This patch series adds the following.
Add debugfs entry to dump CIM MA logic analyzer and CIM PIF logic analyzer logs.
Also adds support to dump tx rate of the channels in the adapter

This patch series has been created against net-next tree and includes
patches on cxgb4 driver.

We have included all the maintainers of respective drivers. Kindly review
the change and let us know in case of any review comments.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agocxgb4: Add debugfs entry to dump channel rate
Hariprasad Shenai [Tue, 9 Jun 2015 12:57:52 +0000 (18:27 +0530)]
cxgb4: Add debugfs entry to dump channel rate

Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agocxgb4: Add debugfs entry to dump CIM PIF logic analyzer contents
Hariprasad Shenai [Tue, 9 Jun 2015 12:57:51 +0000 (18:27 +0530)]
cxgb4: Add debugfs entry to dump CIM PIF logic analyzer contents

Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agocxgb4: Add a debugfs entry to dump CIM MA logic analyzer logs
Hariprasad Shenai [Tue, 9 Jun 2015 12:57:50 +0000 (18:27 +0530)]
cxgb4: Add a debugfs entry to dump CIM MA logic analyzer logs

Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobna: remove obsolete use of EXTRA_CFLAGS
Jiri Slaby [Tue, 9 Jun 2015 12:24:43 +0000 (14:24 +0200)]
bna: remove obsolete use of EXTRA_CFLAGS

EXTRA_CFLAGS should be used on the command line only.

Since EXTRA_CFLAGS here add only a non-existant path to compiler
include paths (by -I), remove EXTRA_CFLAGS completely.

Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agobridge: make br_fdb_delete also check if the port matches
Nikolay Aleksandrov [Tue, 9 Jun 2015 10:34:13 +0000 (03:34 -0700)]
bridge: make br_fdb_delete also check if the port matches

Before this patch the user-specified bridge port was ignored when
deleting an fdb entry and thus one could delete an entry that belonged
to any port.
Example (eth0 and eth1 are br0 ports):
bridge fdb add 00:11:22:33:44:55 dev eth0 master
bridge fdb del 00:11:22:33:44:55 dev eth1 master
(succeeds)

after the patch:
bridge fdb add 00:11:22:33:44:55 dev eth0 master
bridge fdb del 00:11:22:33:44:55 dev eth1 master
RTNETLINK answers: No such file or directory

Based on a patch by Wilson Kok.

Reported-by: Wilson Kok <wkok@cumulusnetworks.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
9 years agoMerge tag 'linux-can-next-for-4.2-20150609' of git://git.kernel.org/pub/scm/linux...
David S. Miller [Thu, 11 Jun 2015 04:56:25 +0000 (21:56 -0700)]
Merge tag 'linux-can-next-for-4.2-20150609' of git://git./linux/kernel/git/mkl/linux-can-next

Marc Kleine-Budde says:

====================
pull-request: can-next 2015-05-06

this is a pull request of a two patches for net-next.

The first patch is by Tomas Krcka, he fixes the (currently unused)
register address for acceptance filters. Oliver Hartkopp contributes a
patch for the cangw, where an optional UID is added to reference
routing jobs.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>