Pablo Neira Ayuso [Tue, 1 Mar 2016 18:55:14 +0000 (19:55 +0100)]
netfilter: nft_masq: support port range
Complete masquerading support by allowing port range selection.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Westphal [Thu, 25 Feb 2016 09:08:38 +0000 (10:08 +0100)]
netfilter: don't call hooks unless needed
With the previous patches in place, a netns nf_hook_list might be empty,
even if e.g. init_net performs filtering.
Thus change nf_hook_thresh to check the hook_list as well before
initializing hook_state and calling nf_hook_slow().
We still make use of static keys; if no netfilter modules are loaded
list is guaranteed to be empty.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Westphal [Thu, 25 Feb 2016 09:08:37 +0000 (10:08 +0100)]
netfilter: bridge: register hooks only when bridge interface is added
This moves bridge hooks to a register-when-needed scheme.
We use a device notifier to register the 'call-iptables' netfilter hooks
only once a bridge gets added.
This means that if the initial namespace uses a bridge, newly created
network namespaces no longer get the PRE_ROUTING ipt_sabotage hook.
It will registered in that network namespace once a bridge is created
within that namespace.
A few modules still use global hooks:
- conntrack
- bridge PF_BRIDGE hooks
- IPVS
- CLUSTER match (deprecated)
- SYNPROXY
As long as these modules are not loaded/used, a new network namespace has
empty hook list and NF_HOOK() will boil down to single list_empty test even
if initial namespace does stateless packet filtering.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Westphal [Thu, 25 Feb 2016 09:08:36 +0000 (10:08 +0100)]
netfilter: xtables: don't hook tables by default
delay hook registration until the table is being requested inside a
namespace.
Historically, a particular table (iptables mangle, ip6tables filter, etc)
was registered on module load.
When netns support was added to iptables only the ip/ip6tables ruleset was
made namespace aware, not the actual hook points.
This means f.e. that when ipt_filter table/module is loaded on a system,
then each namespace on that system has an (empty) iptables filter ruleset.
In other words, if a namespace sends a packet, such skb is 'caught' by
netfilter machinery and fed to hooking points for that table (i.e. INPUT,
FORWARD, etc).
Thanks to Eric Biederman, hooks are no longer global, but per namespace.
This means that we can avoid allocation of empty ruleset in a namespace and
defer hook registration until we need the functionality.
We register a tables hook entry points ONLY in the initial namespace.
When an iptables get/setockopt is issued inside a given namespace, we check
if the table is found in the per-namespace list.
If not, we attempt to find it in the initial namespace, and, if found,
create an empty default table in the requesting namespace and register the
needed hooks.
Hook points are destroyed only once namespace is deleted, there is no
'usage count' (it makes no sense since there is no 'remove table' operation
in xtables api).
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Westphal [Thu, 25 Feb 2016 09:08:35 +0000 (10:08 +0100)]
netfilter: xtables: prepare for on-demand hook register
This change prepares for upcoming on-demand xtables hook registration.
We change the protoypes of the register/unregister functions.
A followup patch will then add nf_hook_register/unregister calls
to the iptables one.
Once a hook is registered packets will be picked up, so all assignments
of the form
net->ipv4.iptable_$table = new_table
have to be moved to ip(6)t_register_table, else we can see NULL
net->ipv4.iptable_$table later.
This patch doesn't change functionality; without this the actual change
simply gets too big.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Joe Stringer [Wed, 3 Feb 2016 18:00:10 +0000 (10:00 -0800)]
netfilter: nf_defrag_ipv4: Drop redundant ip_send_check()
Since commit
0848f6428ba3 ("inet: frags: fix defragmented packet's IP
header for af_packet"), ip_send_check() would be called twice for
defragmentation that occurs from netfilter ipv4 defrag hooks. Remove the
extra call.
Signed-off-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Pablo Neira Ayuso [Wed, 2 Mar 2016 19:04:07 +0000 (20:04 +0100)]
Merge tag 'ipvs-for-v4.6' of https://git./linux/kernel/git/horms/ipvs-next into HEAD
Simon Horman says:
====================
please consider these cleanups for IPVS for v4.6.
* Arnd Bergmann has resolved a bunch of unused variable warnings and;
* Yannick Brosseau has removed a noisy debug message
====================
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Sudip Mukherjee [Tue, 23 Feb 2016 08:10:10 +0000 (13:40 +0530)]
netfilter: xt_osf: remove unused variable
While building with W=1 we got the warning:
net/netfilter/xt_osf.c:265:9: warning: variable 'loop_cont' set but not used
The local variable loop_cont was only initialized and then assigned a
value but was never used or checked after that.
While removing the variable, the case of OSFOPT_TS was not removed so
that it will serve as a reminder to us that we can do something in that
particular case.
Signed-off-by: Sudip Mukherjee <sudip.mukherjee@codethink.co.uk>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Westphal [Tue, 16 Feb 2016 16:24:08 +0000 (17:24 +0100)]
netfilter: meta: add PRANDOM support
Can be used to randomly match packets e.g. for statistic traffic sampling.
See commit
3ad0040573b0c00f8848
("bpf: split state from prandom_u32() and consolidate {c, e}BPF prngs")
for more info why this doesn't use prandom_u32 directly.
Unlike bpf nft_meta can be built as a module, so add an EXPORT_SYMBOL
for prandom_seed_full_state too.
Cc: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Stafford Horne [Sun, 28 Feb 2016 07:49:29 +0000 (16:49 +0900)]
3c59x: Ensure to apply the expires time
In commit
5b6490def9168af6a ("3c59x: Use setup_timer()") Amitoj
removed add_timer which sets up the epires timer. In this patch
the behavior is restore but it uses mod_timer which is a bit more
compact.
Signed-off-by: Stafford Horne <shorne@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Dan Carpenter [Sat, 27 Feb 2016 11:31:43 +0000 (14:31 +0300)]
rocker: fix an error code
We intended to return PTR_ERR() here instead of 1.
Fixes:
1f9993f6825f ('rocker: fix a neigh entry leak issue')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 26 Feb 2016 19:57:37 +0000 (14:57 -0500)]
Merge branch '1GbE' of git://git./linux/kernel/git/jkirsher/next-queue
Jeff Kirsher says:
====================
1GbE Intel Wired LAN Driver Updates 2016-02-24
This series contains updates to e1000e, igb and igbvf.
Raanan provides updates for e1000e, first increases the ULP timer since it
now takes longer for the ULP exit to complete on Skylake. Fixes the
configuration of the internal hardware PHY clock gating mechanism, which was
causing packet loss due to mis configuring. Fixed additional ULP
configuration settings which were not being properly cleared after cable
connect in V-Pro capable systems. Added support for more i219 devices.
Takuma Ueba provides a fix for I210 where IPv6 autoconf test sometimes
fails due to DAD NS for link-local is not transmitted. To avoid this
issue, we need to wait until 1000BASE-T status register "Remote receiver
status OK".
Todd provides a patch to override EEPROM WoL settings for specific OEM
devices. Then renamed igb defines to be more generic, since the define
E1000_MRQC_ENABLE_RSS_4Q enables 4 and 8 queues depending on the part.
Roland Hii fixes an issue where only the half cycle time of less than or
equal to 70 millisecond uses the I210 clock output function. His patch
adds additional conditions when half cycle time is equal to 125 or 250 or
500 millisecond to use the clock output function.
Alex Duyck adds support for generic transmit checksums for igb and igbvf.
Jon Maxwell fixes an issues where customer applications are registering
and un-registering multicast addresses every few seconds which is leading
to many "Link is up" messages in the logs as a result of the
netif_carrier_off(netdev) in igbvf_msix_other(). So remove the
link is up message when registering multicast addresses.
Corinna Vinschen provides a fix for when switching off VLAN offloading on
i350, the VLAN interface becomes unusable.
Stefan Assmann updates the driver to use ndo_stop() instead of
dev_close() when running ethtool offline self test. Since dev_close()
causes IFF_UP to be cleared which will remove the interfaces routes
and some addresses.
v2: Dropped patches 6-10 in the original series. Patch 6-7 added support
for character device for AVB and based on community feedback, we do not
want to do this. Patches 8-10 provided fixes to the problematic code
added in patches 6 & 7. So all of them must go!
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Thu, 25 Feb 2016 00:46:21 +0000 (16:46 -0800)]
GSO: Provide software checksum of tunneled UDP fragmentation offload
On reviewing the code I realized that GRE and UDP tunnels could cause a
kernel panic if we used GSO to segment a large UDP frame that was sent
through the tunnel with an outer checksum and hardware offloads were not
available.
In order to correct this we need to update the feature flags that are
passed to the skb_segment function so that in the event of UDP
fragmentation being requested for the inner header the segmentation
function will correctly generate the checksum for the payload if we cannot
segment the outer header.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 26 Feb 2016 19:22:27 +0000 (14:22 -0500)]
Merge branch 'vrf-saddr-selection'
David Ahern says:
====================
net: l3mdev: Fix source address for unnumbered deployments
David Lamparter noted a use case where the source address selection fails
to pick an address from a VRF interface - unnumbered interfaces. The use
case has the VRF device as the VRF local loopback with addresses and
interfaces enslaved without an address themselves. e.g,
ip addr add 9.9.9.9/32 dev lo
ip link set lo up
ip link add name vrf0 type vrf table 101
ip rule add oif vrf0 table 101
ip rule add iif vrf0 table 101
ip link set vrf0 up
ip addr add 10.0.0.3/32 dev vrf0
ip link add name dummy2 type dummy
ip link set dummy2 master vrf0 up
--> note dummy2 has no address - unnumbered device
ip route add 10.2.2.2/32 dev dummy2 table 101
ip neigh add 10.2.2.2 dev dummy2 lladdr 02:00:00:00:00:02
ping to the 10.2.2.2 through the L3 domain:
$ ping -I vrf0 -c1 10.2.2.2
ping: Warning: source address might be selected on device other than vrf0.
PING 10.2.2.2 (10.2.2.2) from 9.9.9.9 vrf0: 56(84) bytes of data.
picks up the wrong address -- the one from 'lo' not vrf0. And from tcpdump:
12:57:29.449128 IP 9.9.9.9 > 10.2.2.2: ICMP echo request, id 2491, seq 1, length 64
This patch series changes address selection to only consider devices in
the same L3 domain and to use the VRF device as the L3 domains loopback.
$ ping -I vrf0 -c1 10.2.2.2
PING 10.2.2.2 (10.2.2.2) from 10.0.0.3 vrf0: 56(84) bytes of data.
From tcpdump:
12:59:25.096426 IP 10.0.0.3 > 10.2.2.2: ICMP echo request, id 2113, seq 1, length 64
Now the source address comes from vrf0.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
David Lamparter [Wed, 24 Feb 2016 19:47:03 +0000 (11:47 -0800)]
net: l3mdev: prefer VRF master for source address selection
When selecting an address in context of a VRF, the vrf master should be
preferred for address selection. If it isn't, the user has a hard time
getting the system to select to their preference - the code will pick
the address off the first in-VRF interface it can find, which on a
router could well be a non-routable address.
Signed-off-by: David Lamparter <equinox@diac24.net>
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
[dsa: Fixed comment style and removed extra blank link ]
Signed-off-by: David S. Miller <davem@davemloft.net>
David Ahern [Wed, 24 Feb 2016 19:47:02 +0000 (11:47 -0800)]
net: l3mdev: address selection should only consider devices in L3 domain
David Lamparter noted a use case where the source address selection fails
to pick an address from a VRF interface - unnumbered interfaces.
Relevant commands from his script:
ip addr add 9.9.9.9/32 dev lo
ip link set lo up
ip link add name vrf0 type vrf table 101
ip rule add oif vrf0 table 101
ip rule add iif vrf0 table 101
ip link set vrf0 up
ip addr add 10.0.0.3/32 dev vrf0
ip link add name dummy2 type dummy
ip link set dummy2 master vrf0 up
--> note dummy2 has no address - unnumbered device
ip route add 10.2.2.2/32 dev dummy2 table 101
ip neigh add 10.2.2.2 dev dummy2 lladdr 02:00:00:00:00:02
tcpdump -ni dummy2 &
And using ping instead of his socat example:
$ ping -I vrf0 -c1 10.2.2.2
ping: Warning: source address might be selected on device other than vrf0.
PING 10.2.2.2 (10.2.2.2) from 9.9.9.9 vrf0: 56(84) bytes of data.
>From tcpdump:
12:57:29.449128 IP 9.9.9.9 > 10.2.2.2: ICMP echo request, id 2491, seq 1, length 64
Note the source address is from lo and is not a VRF local address. With
this patch:
$ ping -I vrf0 -c1 10.2.2.2
PING 10.2.2.2 (10.2.2.2) from 10.0.0.3 vrf0: 56(84) bytes of data.
>From tcpdump:
12:59:25.096426 IP 10.0.0.3 > 10.2.2.2: ICMP echo request, id 2113, seq 1, length 64
Now the source address comes from vrf0.
The ipv4 function for selecting source address takes a const argument.
Removing the const requires touching a lot of places, so instead
l3mdev_master_ifindex_rcu is changed to take a const argument and then
do the typecast to non-const as required by netdev_master_upper_dev_get_rcu.
This is similar to what l3mdev_fib_table_rcu does.
IPv6 for unnumbered interfaces appears to be selecting the addresses
properly.
Cc: David Lamparter <david@opensourcerouting.org>
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 26 Feb 2016 03:07:00 +0000 (22:07 -0500)]
Merge branch 'ethtool-ksettings'
David Decotigny says:
====================
new ETHTOOL_GLINKSETTINGS/SLINKSETTINGS API
History:
v9
- add 'link' in macro, struct and function names
- rename ethtool_link_ksettings::parent -> ::base
- remove un-needed mlx4 en_dbg_enabled() companion patch
- note: bitmap u32[] API patches were merged separately by Kan Liang
v8
- bitmap u32 API returns number of bits copied, unit tests updated
v7
- module_exit in test_bitmap
v6
- fix copy_from_user in user/kernel handshake
v5
note: please see v4 bullets for a question regarding bitmap.c
- minor fix to make allyesconfig/allmodconfig
v4
- removed typedef for link mode bitmaps
- moved bitmap<->u32[] conversion routines to bitmap.c . This is the
naive implementation. I have an endian-aware version that uses
memcpy/memset as much as possible, but I find it harder to follow
(see http://paste.ubuntu.com/
13863722/). Please let me know if I
should use it instead.
- fixes suggested by Ben Hutchings
v3
- rebased v2 on top of latest net-next, minor checkpatch/printf %*pb
updates
v2
- keep return 0 in get_settings when successful, instead of
propagating positive result from driver's get_settings callback.
v1
- original submission
The main goal of this series is to support ethtool link mode masks
larger than 32 bits. It implements a new ioctl pair
(ETHTOOL_GLINKSETTINGS/SLINKSETTINGS), its associated callbacks
(get/set_link_ksettings) and a new struct ethtool_link_settings, which
should eventually replace legacy ethtool_cmd. Internally, the kernel
uses fixed length link mode masks defined at compilation time in
ethtool.h (for now: 31 bits), that can be increased by changing
__ETHTOOL_LINK_MODE_LAST in ethtool.h (absolute max is 4064 bits,
checked at compile time), and the user/kernel interface allows this
length to be arbitrary within 1..4064. This should allow some
flexibility without using too much heap/stack space, at the cost of a
small kernel/user handshake for the user to determine the sizes of
those bitmaps.
Along the way, I chose to drop in the new structure the 3 ethtool_cmd
fields marked "deprecated" (transceiver/maxrxpkt/maxtxpkt). They are
still available for old drivers via the (old) ETHTOOL_GSET/SSET API,
but are not available to drivers that switch to new API. Of those 3
fields, ethtool_cmd::transceiver seems to be still actively used by
several drivers, maybe we should not consider this field deprecated?
The 2 other fields are basically not used. This transition requires
some care in the way old and new ethtool talk to the kernel.
More technical details provided in the description for main patch. In
particular details about backward compatibility properties.
Some open questions:
- the kernel/interface multiplexes the "tell me the bitmap length"
handshake and the "give me the settings" inside the new
ETHTOOL_GLINKSETTINGS cmd. I was thinking of making this into 2
separate cmds: 1 cmd ETHTOOL_GKERNELPROPERTIES which would be
kernel-wide rather than device-specific, would return properties
like "length of the link mode bitmaps", and possibly others. And
ETHTOOL_GLINKSETTINGS would expect the proper bitmaps
- the link mode bitmaps are piggybacked at tail of the new struct
ethtool_link_settings. Since its user-visible definition does not
assume specific bitmap width, I am using a 0-length array as the
publicly visible placeholder. But then, the kernel needs to
specialize it (struct ethtool_link_ksettings) to specify its
current link mode masks. This means that kernel code is "littered"
with "ksettings->base.field" to access "field" inside
ethtool_settings:
+ I could use ethtool_link_settings everywhere (instead of a new
ethtool_ksettings) and an container_of accessor (or a plain cast)
to retrieve the link mode masks?
+ or: we could decide to make the link mode masks statically
bounded again, ie. make their width public, but larger than
current 32, and unchangeable forever. This would make everything
straightforward, but we might hit limits later, or have an
unneeded memory/stack usage for unused bits.
any preference?
- I foresee bugs where people use the legacy/deprecated SUPPORTED_x
macros instead of the new ETHTOOL_LINK_MODE_x_BIT enums in the new
get/set_link_ksettings callbacks. Not sure how to prevent problems
with this.
The only driver which was converted for now is mlx4. I am not
considering fcoe as fully converted, but I updated it a minima to be
able to remove __ethtool_get_settings, now known as
__ethtool_get_link_ksettings.
Tested with legacy and "future" ethtool on 64b x86 kernel and 32+64b
ethtool, and on a 32b x86 kernel + 32b ethtool.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:12 +0000 (10:58 -0800)]
net: mlx4: use new ETHTOOL_G/SSETTINGS API
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:11 +0000 (10:58 -0800)]
net: ethtool: remove unused __ethtool_get_settings
replaced by __ethtool_get_link_ksettings.
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:10 +0000 (10:58 -0800)]
net: core: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:09 +0000 (10:58 -0800)]
net: bridge: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:08 +0000 (10:58 -0800)]
net: 8021q: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:07 +0000 (10:58 -0800)]
net: rdma: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:06 +0000 (10:58 -0800)]
net: fcoe: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:05 +0000 (10:58 -0800)]
net: team: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:04 +0000 (10:58 -0800)]
net: macvlan: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:03 +0000 (10:58 -0800)]
net: ipvlan: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:02 +0000 (10:58 -0800)]
net: bonding: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:01 +0000 (10:58 -0800)]
net: usnic: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:58:00 +0000 (10:58 -0800)]
tx4939: use __ethtool_get_ksettings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:57:59 +0000 (10:57 -0800)]
net: ethtool: add new ETHTOOL_xLINKSETTINGS API
This patch defines a new ETHTOOL_GLINKSETTINGS/SLINKSETTINGS API,
handled by the new get_link_ksettings/set_link_ksettings callbacks.
This API provides support for most legacy ethtool_cmd fields, adds
support for larger link mode masks (up to 4064 bits, variable length),
and removes ethtool_cmd deprecated
fields (transceiver/maxrxpkt/maxtxpkt).
This API is deprecating the legacy ETHTOOL_GSET/SSET API and provides
the following backward compatibility properties:
- legacy ethtool with legacy drivers: no change, still using the
get_settings/set_settings callbacks.
- legacy ethtool with new get/set_link_ksettings drivers: the new
driver callbacks are used, data internally converted to legacy
ethtool_cmd. ETHTOOL_GSET will return only the 1st 32b of each link
mode mask. ETHTOOL_SSET will fail if user tries to set the
ethtool_cmd deprecated fields to
non-0 (transceiver/maxrxpkt/maxtxpkt). A kernel warning is logged if
driver sets higher bits.
- future ethtool with legacy drivers: no change, still using the
get_settings/set_settings callbacks, internally converted to new data
structure. Deprecated fields (transceiver/maxrxpkt/maxtxpkt) will be
ignored and seen as 0 from user space. Note that that "future"
ethtool tool will not allow changes to these deprecated fields.
- future ethtool with new drivers: direct call to the new callbacks.
By "future" ethtool, what is meant is:
- query: first try ETHTOOL_GLINKSETTINGS, and revert to ETHTOOL_GSET if
fails
- set: query first and remember which of ETHTOOL_GLINKSETTINGS or
ETHTOOL_GSET was successful
+ if ETHTOOL_GLINKSETTINGS was successful, then change config with
ETHTOOL_SLINKSETTINGS. A failure there is final (do not try
ETHTOOL_SSET).
+ otherwise ETHTOOL_GSET was successful, change config with
ETHTOOL_SSET. A failure there is final (do not try
ETHTOOL_SLINKSETTINGS).
The interaction user/kernel via the new API requires a small
ETHTOOL_GLINKSETTINGS handshake first to agree on the length of the link
mode bitmaps. If kernel doesn't agree with user, it returns the bitmap
length it is expecting from user as a negative length (and cmd field is
0). When kernel and user agree, kernel returns valid info in all
fields (ie. link mode length > 0 and cmd is ETHTOOL_GLINKSETTINGS).
Data structure crossing user/kernel boundary is 32/64-bit
agnostic. Converted internally to a legal kernel bitmap.
The internal __ethtool_get_settings kernel helper will gradually be
replaced by __ethtool_get_link_ksettings by the time the first
"link_settings" drivers start to appear. So this patch doesn't change
it, it will be removed before it needs to be changed.
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:57:58 +0000 (10:57 -0800)]
net: usnic: use __ethtool_get_settings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Decotigny [Wed, 24 Feb 2016 18:57:57 +0000 (10:57 -0800)]
net: usnic: remove unused call to ethtool_ops::get_settings
Signed-off-by: David Decotigny <decot@googlers.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Tom Herbert [Wed, 24 Feb 2016 18:02:52 +0000 (10:02 -0800)]
net: Facility to report route quality of connected sockets
This patch add the SO_CNX_ADVICE socket option (setsockopt only). The
purpose is to allow an application to give feedback to the kernel about
the quality of the network path for a connected socket. The value
argument indicates the type of quality report. For this initial patch
the only supported advice is a value of 1 which indicates "bad path,
please reroute"-- the action taken by the kernel is to call
dst_negative_advice which will attempt to choose a different ECMP route,
reset the TX hash for flow label and UDP source port in encapsulation,
etc.
This facility should be useful for connected UDP sockets where only the
application can provide any feedback about path quality. It could also
be useful for TCP applications that have additional knowledge about the
path outside of the normal TCP control loop.
Signed-off-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Ahern [Wed, 24 Feb 2016 17:25:37 +0000 (09:25 -0800)]
net: ipv6: Make address flushing on ifdown optional
Currently, all ipv6 addresses are flushed when the interface is configured
down, including global, static addresses:
$ ip -6 addr show dev eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2100:1::2/120 scope global
valid_lft forever preferred_lft forever
inet6 fe80::e0:f9ff:fe79:34bd/64 scope link
valid_lft forever preferred_lft forever
$ ip link set dev eth1 down
$ ip -6 addr show dev eth1
<< nothing; all addresses have been flushed>>
Add a new sysctl to make this behavior optional. The new setting defaults to
flush all addresses to maintain backwards compatibility. When the set global
addresses with no expire times are not flushed on an admin down. The sysctl
is per-interface or system-wide for all interfaces
$ sysctl -w net.ipv6.conf.eth1.keep_addr_on_down=1
or
$ sysctl -w net.ipv6.conf.all.keep_addr_on_down=1
Will keep addresses on eth1 on an admin down.
$ ip -6 addr show dev eth1
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2100:1::2/120 scope global
valid_lft forever preferred_lft forever
inet6 fe80::e0:f9ff:fe79:34bd/64 scope link
valid_lft forever preferred_lft forever
$ ip link set dev eth1 down
$ ip -6 addr show dev eth1
3: eth1: <BROADCAST,MULTICAST> mtu 1500 state DOWN qlen 1000
inet6 2100:1::2/120 scope global tentative
valid_lft forever preferred_lft forever
inet6 fe80::e0:f9ff:fe79:34bd/64 scope link tentative
valid_lft forever preferred_lft forever
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Florian Westphal [Wed, 24 Feb 2016 16:20:17 +0000 (17:20 +0100)]
tipc: fix null deref crash in compat config path
msg.dst_sk needs to be set up with a valid socket because some callbacks
later derive the netns from it.
Fixes:
263ea09084d172d ("Revert "genl: Add genlmsg_new_unicast() for unicast message allocation")
Reported-by: Jon Maloy <maloy@donjonn.com>
Bisected-by: Jon Maloy <maloy@donjonn.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jon Paul Maloy [Wed, 24 Feb 2016 16:10:48 +0000 (11:10 -0500)]
tipc: fix crash during node removal
When the TIPC module is unloaded, we have identified a race condition
that allows a node reference counter to go to zero and the node instance
being freed before the node timer is finished with accessing it. This
leads to occasional crashes, especially in multi-namespace environments.
The scenario goes as follows:
CPU0:(node_stop) CPU1:(node_timeout) // ref == 2
1: if(!mod_timer())
2: if (del_timer())
3: tipc_node_put() // ref -> 1
4: tipc_node_put() // ref -> 0
5: kfree_rcu(node);
6: tipc_node_get(node)
7: // BOOM!
We now clean up this functionality as follows:
1) We remove the node pointer from the node lookup table before we
attempt deactivating the timer. This way, we reduce the risk that
tipc_node_find() may obtain a valid pointer to an instance marked
for deletion; a harmless but undesirable situation.
2) We use del_timer_sync() instead of del_timer() to safely deactivate
the node timer without any risk that it might be reactivated by the
timeout handler. There is no risk of deadlock here, since the two
functions never touch the same spinlocks.
3: We remove a pointless tipc_node_get() + tipc_node_put() from the
timeout handler.
Reported-by: Zhijiang Hu <huzhijiang@gmail.com>
Acked-by: Ying Xue <ying.xue@windriver.com>
Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jon Paul Maloy [Wed, 24 Feb 2016 16:00:19 +0000 (11:00 -0500)]
tipc: eliminate risk of finding to-be-deleted node instance
Although we have never seen it happen, we have identified the
following problematic scenario when nodes are stopped and deleted:
CPU0: CPU1:
tipc_node_xxx() //ref == 1
tipc_node_put() //ref -> 0
tipc_node_find() // node still in table
tipc_node_delete()
list_del_rcu(n. list)
tipc_node_get() //ref -> 1, bad
kfree_rcu()
tipc_node_put() //ref to 0 again.
kfree_rcu() // BOOM!
We fix this by introducing use of the conditional kref_get_if_not_zero()
instead of kref_get() in the function tipc_node_find(). This eliminates
any risk of post-mortem access.
Reported-by: Zhijiang Hu <huzhijiang@gmail.com>
Acked-by: Ying Xue <ying.xue@windriver.com>
Signed-off-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 25 Feb 2016 21:54:45 +0000 (16:54 -0500)]
Merge branch 'qed-misc'
Yuval Mintz says:
====================
qed*: Driver updates
Usually I try to provide a sensible description of the patch set even if
it lacks a general 'motif', but this simply contains several small,
unrelated and self-explenatory tweaks and additions.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Yuval Mintz [Wed, 24 Feb 2016 14:52:50 +0000 (16:52 +0200)]
qed, qede: rebrand module description
Drop the `QL4xxx 40G/100G' and use `FastLinQ 4xxxx' instead.
Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yuval Mintz [Wed, 24 Feb 2016 14:52:49 +0000 (16:52 +0200)]
qed: Prevent probe on previous error
Don't allow driver to probe on an adapter at a failed state;
Gracefully block the probe instead.
Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yuval Mintz [Wed, 24 Feb 2016 14:52:48 +0000 (16:52 +0200)]
qed: add MODULE_FIRMWARE()
Module is using a binary firmware file and so should be marked as such.
Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yuval Mintz [Wed, 24 Feb 2016 14:52:47 +0000 (16:52 +0200)]
qede: Don't report link change needlessly
There are several corner cases where driver might get a 2nd notification
about the same link change. Don't log any additional changes if the
physical carrier is already reported as it should.
Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yuval Mintz [Wed, 24 Feb 2016 14:52:46 +0000 (16:52 +0200)]
qede: Linearize SKBs when needed
There's a corner-case in HW where an SKB queued for transmission that
contains too many frags will cause FW to assert.
This patch solves this by linearizing the SKB if necessary.
Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yuval Mintz [Wed, 24 Feb 2016 14:52:45 +0000 (16:52 +0200)]
qede: Change pci DID for 10g device
The device ID for the 10g module has changed. Populate the pci_ids table
accordingly.
Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Amitoj Kaur Chawla [Wed, 24 Feb 2016 14:39:38 +0000 (20:09 +0530)]
netxen: Use kobj_to_dev()
Introduce the use of kobj_to_dev() helper function instead of open
coding it with container_of()
The Coccinelle semantic patch used to make this change is as follows:
//<smpl>
@@
expression a;
symbol kobj;
@@
- container_of(a, struct device, kobj)
+ kobj_to_dev(a)
//</smpl>
Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Amitoj Kaur Chawla [Wed, 24 Feb 2016 13:58:19 +0000 (19:28 +0530)]
3c59x: Use setup_timer()
Convert a call to init_timer and accompanying intializations of
the timer's data and function fields to a call to setup_timer.
The Coccinelle semantic patch that fixes this problem is
as follows:
// <smpl>
@@
expression t,f,d;
@@
-init_timer(&t);
+setup_timer(&t,f,d);
...
-t.data = d;
-t.function = f;
// </smpl>
Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Amitoj Kaur Chawla [Wed, 24 Feb 2016 13:58:01 +0000 (19:28 +0530)]
forcedeth: Use setup_timer()
Convert a call to init_timer and accompanying intializations of
the timer's data and function fields to a call to setup_timer.
The Coccinelle semantic patch that fixes this problem is
as follows:
// <smpl>
@@
expression t,f,d;
@@
-init_timer(&t);
+setup_timer(&t,f,d);
-t.data = d;
-t.function = f;
// </smpl>
Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Amitoj Kaur Chawla [Wed, 24 Feb 2016 13:57:49 +0000 (19:27 +0530)]
net: tulip: Use setup_timer()
Convert a call to init_timer and accompanying intializations of
the timer's data and function fields to a call to setup_timer.
The Coccinelle semantic patch that fixes this problem is
as follows:
// <smpl>
@@
expression t,f,d;
@@
-init_timer(&t);
+setup_timer(&t,f,d);
-t.data = d;
-t.function = f;
// </smpl>
Signed-off-by: Amitoj Kaur Chawla <amitoj1606@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 25 Feb 2016 21:22:03 +0000 (16:22 -0500)]
Merge branch 'gianfar-ls1021a-ptp'
Yangbo Lu says:
====================
gianfar: Add PTP support for ls1021a platform
This patchset is to enable ptp support for ls1021a platform. The endianness
issue in gianfar driver and gianfar ptp driver must be fixed, and a 1588
timer node must be added into dts.
Changes for v2:
- Modified commit message
- Added more reviewers
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Yangbo Lu [Wed, 24 Feb 2016 09:26:56 +0000 (17:26 +0800)]
gianfar: fix endianness for hardware timestamp
Fix endianness for the 64-bit hardware timestamp value with
be64_to_cpu to support both PowerPC platforms and ARM platforms.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yangbo Lu [Wed, 24 Feb 2016 09:26:55 +0000 (17:26 +0800)]
gianfar_ptp: replace get_of_u32 with of_property_read_u32
Replace get_of_u32 with standard helper function of_property_read_u32
since the latter can process cpu endianness.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yangbo Lu [Wed, 24 Feb 2016 09:26:54 +0000 (17:26 +0800)]
ARM: dts: ls1021a: add 1588 timer node
Add the 1588 timer node for ls1021a platform to
support gianfar ptp driver.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Clemens Gruber [Tue, 23 Feb 2016 19:16:58 +0000 (20:16 +0100)]
phy: marvell: Fix
88E1510 initialization
A bug was introduced in the merge commit
b633353115e3 ("Merge
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net")
The generic marvell_config_init (and therefore marvell_of_reg_init) is
not called anymore for the Marvell
88E1510 (in net-next).
This patch calls marvell_config_init and moves the specific init
function for the
88E1510 below the marvell_config_init function to avoid
adding a function predeclaration.
Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 25 Feb 2016 20:20:22 +0000 (15:20 -0500)]
Merge branch 'dsa-port-vlan-dump'
Vivien Didelot says:
====================
net: dsa: add port VLAN dump operation
The VLAN GetNext approach is specific to some switches and thus hard to
implement for others. This patchset replaces it with a simpler port VLAN dump
operation, similar to the corresponding FDB operation.
The mv88e6xxx driver is the only one currently affected by the change.
The documentation is updated accordingly.
Note: this patchset uses http://www.spinics.net/lists/kernel/msg2186705.html
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Tue, 23 Feb 2016 17:13:56 +0000 (12:13 -0500)]
net: dsa: drop vlan_getnext
The VLAN GetNext operation is specific to some switches, and thus can be
complicated to implement for some drivers.
Remove the support for the vlan_getnext/port_pvid_get approach in favor
of the generic and simpler port_vlan_dump function.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Tue, 23 Feb 2016 17:13:55 +0000 (12:13 -0500)]
net: dsa: mv88e6xxx: implement port_vlan_dump
Remove the port_pvid_get and vlan_getnext functions in favor of a
simpler mv88e6xxx_port_vlan_dump function.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vivien Didelot [Tue, 23 Feb 2016 17:13:54 +0000 (12:13 -0500)]
net: dsa: add port_vlan_dump routine
Similar to port_fdb_dump, add a port_vlan_dump function to DSA drivers
which gets passed the switchdev VLAN object and callback.
This function, if implemented, takes precedence over the soon legacy
vlan_getnext/port_pvid_get approach.
Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 25 Feb 2016 20:17:13 +0000 (15:17 -0500)]
Merge branch 'vxlan-rx-cleanups'
Jiri Benc says:
====================
vxlan: consolidate rx handling
Currently, vxlan_rcv is just called at the end of vxlan_udp_encap_recv,
continuing the rx processing where vxlan_udp_encap_recv left it. There's no
clear border between those two functions. This patchset moves
vxlan_udp_encap_recv and vxlan_rcv into a single function.
This also allows to do some simplification in error path.
The VXLAN-GPE implementation that will follow up this set can be seen at:
https://github.com/jbenc/linux-vxlan/commits/master
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Jiri Benc [Tue, 23 Feb 2016 17:02:59 +0000 (18:02 +0100)]
vxlan: simplify metadata_dst usage in vxlan_rcv
Now when the packet is scrubbed early, the metadata_dst can be assigned to
the skb as soon as it is allocated. This simplifies the error cleanup path,
as the dst will be freed by kfree_skb. It is also not necessary to pass it
as a parameter to functions anymore.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jiri Benc [Tue, 23 Feb 2016 17:02:58 +0000 (18:02 +0100)]
vxlan: consolidate rx handling to a single function
Now when both vxlan_udp_encap_recv and vxlan_rcv are much shorter, combine
them into a single function.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jiri Benc [Tue, 23 Feb 2016 17:02:57 +0000 (18:02 +0100)]
vxlan: move ECN decapsulation to a separate function
It simplifies the vxlan_rcv function.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jiri Benc [Tue, 23 Feb 2016 17:02:56 +0000 (18:02 +0100)]
vxlan: move inner L2 header processing to a separate function
This code will be different for VXLAN-GPE, so move it to a separate
function. It will also make the rx path less spaghetti-like.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jiri Benc [Tue, 23 Feb 2016 17:02:55 +0000 (18:02 +0100)]
vxlan: consolidate GBP handling even more
Now when the packet is scrubbed early, skb->mark can be set in the GBP
handling code.
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Thu, 25 Feb 2016 19:16:22 +0000 (14:16 -0500)]
Merge branch 'tc_action-ns'
Cong Wang says:
====================
net_sched: add network namespace support for tc actions
This patchset adds network namespace support for tc actions.
v2:
* pull the first patch into net-next
* reduce code duplication by introducing more helper functions
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
WANG Cong [Mon, 22 Feb 2016 23:57:53 +0000 (15:57 -0800)]
net_sched: add network namespace support for tc actions
Currently tc actions are stored in a per-module hashtable,
therefore are visible to all network namespaces. This is
probably the last part of the tc subsystem which is not
aware of netns now. This patch makes them per-netns,
several tc action API's need to be adjusted for this.
The tc action API code is ugly due to historical reasons,
we need to refactor that code in the future.
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
WANG Cong [Mon, 22 Feb 2016 23:57:52 +0000 (15:57 -0800)]
net_sched: prepare tcf_hashinfo_destroy() for netns support
We only release the memory of the hashtable itself, not its
entries inside. This is not a problem yet since we only call
it in module release path, and module is refcount'ed by
actions. This would be a problem after we move the per module
hinfo into per netns in the latter patch.
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Guillaume Nault [Tue, 23 Feb 2016 12:59:43 +0000 (13:59 +0100)]
ppp: clarify parsing of user supplied data in ppp_set_compress()
* Split big conditional statement.
* Check (data.length <= CCP_MAX_OPTION_LENGTH) only once.
* Don't read ccp_option[1] if not initialised.
Reading uninitialised ccp_option[1] was harmless, because this could
only happen when data.length was 0 or 1. So even then, we couldn't pass
the (ccp_option[1] < 2 || ccp_option[1] > data.length) test anyway.
Signed-off-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
Arnd Bergmann [Tue, 23 Feb 2016 10:36:02 +0000 (11:36 +0100)]
bnx2x: add a separate GENEVE Kconfig symbol
When CONFIG_GENEVE is built as a loadable module, and bnx2x is built-in,
we get this link error:
drivers/net/built-in.o: In function `bnx2x_open':
:(.text+0x33322): undefined reference to `geneve_get_rx_port'
drivers/net/built-in.o: In function `bnx2x_sp_rtnl_task':
:(.text+0x3e632): undefined reference to `geneve_get_rx_port'
This avoids the problem by adding a separate Kconfig symbol named
CONFIG_BNX2X_GENEVE that is only enabled when the code is
reachable from the driver.
This is the same trick that BNX2X does for VXLAN support, and
is similar to how I40E handles both.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes:
883ce97d25b0 ("bnx2x: Add Geneve inner-RSS support")
Acked-By: Yuval Mintz <Yuval.Mintz@qlogic.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Stefan Assmann [Wed, 3 Feb 2016 08:20:50 +0000 (09:20 +0100)]
igb: call ndo_stop() instead of dev_close() when running offline selftest
Calling dev_close() causes IFF_UP to be cleared which will remove the
interfaces routes and some addresses. That's probably not what the user
intended when running the offline selftest. Besides this does not happen
if the interface is brought down before the test, so the current
behaviour is inconsistent.
Instead call the net_device_ops ndo_stop function directly and avoid
touching IFF_UP at all.
Signed-off-by: Stefan Assmann <sassmann@kpanic.de>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Corinna Vinschen [Thu, 28 Jan 2016 12:53:23 +0000 (13:53 +0100)]
igb: Fix VLAN tag stripping on Intel i350
Problem: When switching off VLAN offloading on an i350, the VLAN
interface gets unusable. For testing, set up a VLAN on an i350
and some remote machine, e.g.:
$ ip link add link eth0 name eth0.42 type vlan id 42
$ ip addr add 192.168.42.1/24 dev eth0.42
$ ip link set dev eth0.42 up
Offloading is switched on by default:
$ ethtool -k eth0 | grep vlan-offload
rx-vlan-offload: on
tx-vlan-offload: on
$ ping -c 3 -I eth0.42 192.168.42.2
[...works as usual...]
Now switch off VLAN offloading and try again:
$ ethtool -K eth0 rxvlan off
Actual changes:
rx-vlan-offload: off
tx-vlan-offload: off [requested on]
$ ping -c 3 -I eth0.42 192.168.42.2
PING 192.168.42.2 (192.168.42.2) from 192.168.42.1 eth0.42: 56(84) bytes of da
ta.
--- 192.168.42.2 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms
I can only reproduce it on an i350, the above works fine on a 82580.
While inspecting the igb source, I came across the code in igb_set_vmolr
which sets the E1000_VMOLR_STRVLAN/E1000_DVMOLR_STRVLAN flags once and
for all, and in all of the igb code there's no other place where the
STRVLAN is set or cleared. Thus, VLAN stripping is enabled in igb
unconditionally, independently of the offloading setting.
I compared that to the latest Intel igb-5.3.3.5 driver from
http://sourceforge.net/projects/e1000/ which in fact sets and clears the
STRVLAN flag independently from igb_set_vmolr in its own function
igb_set_vf_vlan_strip, depending on the vlan settings.
So I included the STRVLAN handling from the igb-5.3.3.5 driver into our
current igb driver and tested the above scenario again. This time ping
still works after switching off VLAN offloading.
Tested on i350, with and without addtional VFs, as well as on 82580
successfully.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Jon Maxwell [Sun, 24 Jan 2016 23:22:52 +0000 (10:22 +1100)]
igbvf: remove "link is Up" message when registering mcast address
A similar issue was addressed a few years ago in the following thread:
http://www.spinics.net/lists/netdev/msg245877.html
At that time there were concerns that removing this statement may cause other
side effects. However the submitter addressed those concerns. But the dialogue
went cold. We have a new case where a customers application is registering and
un-registering multicast addresses every few seconds. This is leading to many
"Link is Up" messages in the logs as a result of the
"netif_carrier_off(netdev)" statement called by igbvf_msix_other(). Also on
some kernels it is interfering with the bonding driver causing it to failover
and subsequently affecting connectivity.
The Sourgeforge driver does not make this call and is therefore not affected.
If there were any side effects I would expect that driver to also be affected.
I have tested re-loading the igbvf driver and downing the adapter with the PF
entity on the host where the VM has this patch. When I bring it back up again
connectivity is restored as expected. Therefore I request that this patch gets
submitted.
Signed-off-by: Jon Maxwell <jmaxwell37@gmail.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Alexander Duyck [Wed, 13 Jan 2016 15:31:30 +0000 (07:31 -0800)]
igbvf: Add support for generic Tx checksums
This patch adds support for generic Tx checksums to the igbvf driver. It
turns out this is actually pretty easy after going over the datasheet as we
were doing a number of steps we didn't need to.
In order to perform a Tx checksum for an L4 header we need to fill in the
following fields in the Tx descriptor:
MACLEN (maximum of 127), retrieved from:
skb_network_offset()
IPLEN (maximum of 511), retrieved from:
skb_checksum_start_offset() - skb_network_offset()
TUCMD.L4T indicates offset and if checksum or crc32c, based on:
skb->csum_offset
The added advantage to doing this is that we can support inner checksum
offloads for tunnels and MPLS while still being able to transparently
insert VLAN tags.
I also took the opportunity to clean-up many of the feature flag
configuration bits to make them a bit more consistent between drivers. In
the case of the VF drivers this meant adding support for SCTP CRCs, and
inner checksum offloads for MPLS and various tunnel types.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Alexander Duyck [Wed, 13 Jan 2016 15:31:23 +0000 (07:31 -0800)]
igb: Add support for generic Tx checksums
This patch adds support for generic Tx checksums to the igb driver. It
turns out this is actually pretty easy after going over the datasheet as we
were doing a number of steps we didn't need to.
In order to perform a Tx checksum for an L4 header we need to fill in the
following fields in the Tx descriptor:
MACLEN (maximum of 127), retrieved from:
skb_network_offset()
IPLEN (maximum of 511), retrieved from:
skb_checksum_start_offset() - skb_network_offset()
TUCMD.L4T indicates offset and if checksum or crc32c, based on:
skb->csum_offset
The added advantage to doing this is that we can support inner checksum
offloads for tunnels and MPLS while still being able to transparently
insert VLAN tags.
I also took the opportunity to clean-up many of the feature flag
configuration bits to make them a bit more consistent between drivers.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Todd Fujinaka [Mon, 11 Jan 2016 17:34:50 +0000 (09:34 -0800)]
igb: rename igb define to be more generic
E1000_MRQC_ENABLE_RSS_4Q enables 4 and 8 queues depending on the part
so rename to be generic.
Similarly, E1000_MRQC_ENABLE_VMDQ_RSS_2Q has no numeric meaning so
rename to be more generic.
Signed-off-by: Todd Fujinaka <todd.fujinaka@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Roland Hii [Mon, 11 Jan 2016 07:34:18 +0000 (15:34 +0800)]
igb: add conditions for I210 to generate periodic clock output
In general case the maximum supported half cycle time of the synchronized
output clock is 70msec. Slower half cycle time than 70msec can be
programmed also as long as the output clock is synchronized to whole
seconds, useful specifically for generating a 1Hz clock.
Permitted values for the clock half cycle time are: 125,000,000 decimal,
250,000,000 decimal and 500,000,000 decimal (equals to 125msec, 250msec
and 500msec respectively).
Before this patch, only the half cycle time of less than or equal to 70msec
uses the I210 clock output function. This patch adds additional conditions
when half cycle time is equal to 125msec or 250msec or 500msec to use
clock output function.
Under other conditions, interrupt driven target time output events method
is still used to generate the desired clock output.
Signed-off-by: Roland Hii <roland.king.guan.hii@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Todd Fujinaka [Tue, 5 Jan 2016 18:08:28 +0000 (10:08 -0800)]
igb: enable WoL for OEM devices regardless of EEPROM setting
Override EEPROM settings for specific OEM devices.
Signed-off-by: Todd Fujinaka <todd.fujinaka@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Julia Lawall [Sun, 3 Jan 2016 06:44:56 +0000 (07:44 +0100)]
igb: constify e1000_phy_operations structure
This e1000_phy_operations structure is never modified, so declare it as
const. Other structures of this type are already const.
Done with the help of Coccinelle.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Takuma Ueba [Thu, 31 Dec 2015 05:58:14 +0000 (14:58 +0900)]
igb: When GbE link up, wait for Remote receiver status condition
I210 device IPv6 autoconf test sometimes fails,
because DAD NS for link-local is not transmitted.
This packet is silently dropped.
This problem is seen only GbE environment.
igb_watchdog_task link up detection continues to the following process.
The following cases are observed:
1.PHY 1000BASE-T Status Register Remote receiver status bit is NG.
(NG status becomes OK after about 200 - 700ms)
2.In this case, the transfer packet is silently dropped.
1000BASE-T Status register
[Expected]: 0x3800 or 0x7800
[problem occurred]: 0x2800 or 0x6800
Frequency of occurrence: approx 1/10 - 1/40 observed
In order to avoid this problem,
wait until 1000BASE-T Status register "Remote receiver status OK"
After applying this patch, at least 400 runs succeed with no problems.
Signed-off-by: Takuma Ueba <t.ueba11@gmail.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Raanan Avargil [Tue, 22 Dec 2015 13:35:05 +0000 (15:35 +0200)]
e1000e: Initial support for KabeLake
i219 (4) and i219 (5) are the next LOM generations that will be
available on the next Intel platform (KabeLake).
This patch provides the initial support for the devices.
Signed-off-by: Raanan Avargil <raanan.avargil@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Raanan Avargil [Tue, 22 Dec 2015 13:35:04 +0000 (15:35 +0200)]
e1000e: Clear ULP configuration register on ULP exit
There have been bugs caused by HW ULP configuration settings not being
properly cleared after cable connect in V-Pro capable systems.
This caused HW to get out of sync occasionally.
The fix ensures that ULP settings are cleared in HW after
LAN cable re-connect.
Signed-off-by: Raanan Avargil <raanan.avargil@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Raanan Avargil [Tue, 22 Dec 2015 13:35:03 +0000 (15:35 +0200)]
e1000e: Set HW FIFO minimum pointer gap for non-gig speeds
Based on feedback from HW team, the configured value of the internal PHY
HW FIFO pointer gap was incorrect for non-gig speeds.
This patch provides the correct configuration.
Signed-off-by: Raanan Avargil <raanan.avargil@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Raanan Avargil [Tue, 22 Dec 2015 13:35:02 +0000 (15:35 +0200)]
e1000e: Increase PHY PLL clock gate timing
Several packet loss issues were reported for which the root cause for
them was an incorrect configuration of internal HW PHY clock gating
mechanism by SW.
This patch provides the correct mechanism.
Signed-off-by: Raanan Avargil <raanan.avargil@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Raanan Avargil [Tue, 22 Dec 2015 13:35:01 +0000 (15:35 +0200)]
e1000e: Increase ULP timer
Due to system level changes introduced in Skylake, ULP exit takes
significantly longer to occur. Therefore, driver must wait longer for.
Signed-off-by: Raanan Avargil <raanan.avargil@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
David S. Miller [Wed, 24 Feb 2016 21:55:58 +0000 (16:55 -0500)]
Merge branch 'gianfar-xmit-improvements'
Claudiu Manoil says:
====================
gianfar: xmit() improvements
Remove redundant operations, improve code locality and maintainability.
Thanks.
V2: Updated first patch to not touch existing wmb().
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Claudiu Manoil [Tue, 23 Feb 2016 09:48:39 +0000 (11:48 +0200)]
gianfar: Remove redundant ops for do_tstamp from xmit()
Timestamp BD status updates that can be merged into the
same "do_tstamp" block, no need for extra save/restore
to the BD area. The code is more readable too.
Signed-off-by: Claudiu Manoil <claudiu.manoil@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Claudiu Manoil [Tue, 23 Feb 2016 09:48:38 +0000 (11:48 +0200)]
gianfar: Use skb_frag_t pointers inside xmit()
Signed-off-by: Claudiu Manoil <claudiu.manoil@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Claudiu Manoil [Tue, 23 Feb 2016 09:48:37 +0000 (11:48 +0200)]
gianfar: Map head TxBD first
Move the mapping of the head BD before the mapping of fragments.
The TOE (h/w offload) decision logic block can be also moved up
(as the TOE flag belongs to the head BD), resulting in more
localized code (TOE logic vs BD mapping code blocks).
Note that, for this h/w, the R (status) bit for the head BD of a S/G
frame needs to be written last for a reliable transmission.
For the fragmented skb case, a local variable is used to temporarily
store the status info of the first BD, replacing a BD status read.
A merge of 2 "if(do_tstamp)" blocks was also possible.
Signed-off-by: Claudiu Manoil <claudiu.manoil@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Rafał Miłecki [Mon, 22 Feb 2016 21:51:13 +0000 (22:51 +0100)]
bgmac: support Ethernet device on BCM47094 SoC
It needs very similar workarounds to the one on BCM4707. It was tested
on D-Link DIR-885L home router.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 24 Feb 2016 20:25:19 +0000 (15:25 -0500)]
Merge branch 'be2net-fixes'
Ajit Khaparde says:
====================
be2net patches
Please consider applying to net-next
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
ajit.khaparde@broadcom.com [Mon, 22 Feb 2016 19:05:01 +0000 (00:35 +0530)]
be2net: Fix a UE caused by passing large frames to the ASIC
In QnQ configurations like Flex-10 where the VLANs are inserted by the
ASIC, on rare occasions the HW is encountering a scenario where the
final frame length ends to be greater than what the ASIC can support.
This is because when the TXULP pulls the TX WRB to check the length
of the frame to be transmitted it also adds the size of VLANs to be
inserted by the HW to the length of the frame indicated in the WRB,
which in some cases fails the range check. This causes a UE.
Avoid this by trimming the skb length to accommodate the VLAN insertion.
Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
ajit.khaparde@broadcom.com [Mon, 22 Feb 2016 19:03:48 +0000 (00:33 +0530)]
be2net: Declare some u16 fields as u32 to improve performance
When 16-bit integers are loaded on CPUs with high order native
register sizes, the CPU could use some extra ops before using them.
And currently some of the frequently used fields in the driver like
the producer and consumer indices of the queues are declared as u16.
This patch declares such fields as u32. With this change we see the
64-byte packets per second numbers improve by about 4%.
Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 24 Feb 2016 18:58:05 +0000 (13:58 -0500)]
Merge branch 'flow_dissector-fixes-and-improvements'
Alexander Duyck says:
====================
Flow dissector fixes and improvements
This patch series is meant to fix and/or improve a number of items within
the flow dissector code. The main change out of all of this is that IPv4
and IPv6 fragmentation should now be handled better than it was. As a
result we should see an improvement when handling things like IP fragment
reassembly as the skbs should now only have header data in the linear
portion of the buffer while the fragments will only hold payload data.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Wed, 24 Feb 2016 17:30:04 +0000 (09:30 -0800)]
eth: Pull header from first fragment via eth_get_headlen
We want to try and pull the L4 header in if it is available in the first
fragment. As such add the flag to indicate we want to pull the headers on
the first fragment in.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Wed, 24 Feb 2016 17:29:57 +0000 (09:29 -0800)]
flow_dissector: Use same pointer for IPv4 and IPv6 addresses
The IPv6 parsing was using a local pointer when it could use the same
pointer as the IPv4 portion of the code since the key_addrs can support
both IPv4 and IPv6 as it is just a pointer.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Wed, 24 Feb 2016 17:29:51 +0000 (09:29 -0800)]
flow_dissector: Correctly handle parsing FCoE
The flow dissector bits handling FCoE didn't bother to actually validate
that the space there was enough for the FCoE header. So we need to update
things so that if there is room we add the header and report a good result,
otherwise we do not add the header, and report the bad result.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Wed, 24 Feb 2016 17:29:44 +0000 (09:29 -0800)]
flow_dissector: Fix fragment handling for header length computation
It turns out that for IPv4 we were reporting the ip_proto of the fragment,
and for IPv6 we were not. This patch updates that behavior so that we
always report the IP protocol of the fragment. In addition it takes the
steps of updating the payload offset code so that we will determine the
start of the payload not including the L4 header for any fragment after the
first.
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Wed, 24 Feb 2016 17:29:38 +0000 (09:29 -0800)]
flow_dissector: Check for IP fragmentation even if not using IPv4 address
This patch corrects the logic for the IPv4 parsing so that it is consistent
with how we handle IPv6. Specifically if we do not have the flow key
indicating we want the addresses we still may need to take a look at the IP
fragmentation bits and to see if we should stop after we have recognized
the L3 header.
Fixes:
807e165dc44f ("flow_dissector: Add control/reporting of fragmentation")
Signed-off-by: Alexander Duyck <aduyck@mirantis.com>
Acked-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 24 Feb 2016 18:50:23 +0000 (13:50 -0500)]
Merge branch 'mlx5-next'
Saeed Mahameed says:
====================
QoS and VxLAN offloads support for Mellanox 100G mlx5 driver
This patch series introduces QoS IEEE dcbnl support for
PFC, ETS and max rate.
In addition we added VxLAN support and introduced a patch
that modifies the driver to report checksum complete in RX path
for all IP (tunneled and non-tunneled) traffic which is non HW LRO.
This series is applied on top of the latest mlx5_ifc and NDO fixes
we sent to the net tree:
net/mlx5e: Use static constant netdevice ndos
net/mlx5e: Remove select queue ndo initialization
net/mlx5: Use offset based reserved field names in the IFC header file
The QoS patches depend on the IFC change since they expose new fields in
the driver/firmware API. Both QoS and VxLAN patches depend on the NDO changes,
since they add new ndo entries.
Changes from V1:
- Fixed the S.O.B from "Matt" to "Matthew" to be aligned with the committer title.
- Don't populate VxLAN/dcbnl ndos for virtual functions.
- Addressed John comment on mlx5_setup_tc to be aligned with latest API changes.
- Added device ETS capability check prior query/modify ets configuration.
- Call mlx5e_dcbnl_ieee_setets_core at the end of mlx5e_create_netdev and don't
fail netdev creation in case it failed or ETS was not supported.
The series where applied on top of: ("
5270c4dade09 Merge branch 'vxlan-cleanups'") +
latest mlx5 ifc and ndo fixes from net tree.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Matthew Finlay [Mon, 22 Feb 2016 16:17:34 +0000 (18:17 +0200)]
net/mlx5e: Add TX inner packet counters
Add TSO and TX checksum counters for tunneled, inner packets
Signed-off-by: Matthew Finlay <matt@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>