26 Apr, 2007
4 commits
-
To clearly state the intent of copying to linear sk_buffs, _offset being a
overly long variant but interesting for the sake of saving some bytes.Signed-off-by: Arnaldo Carvalho de Melo
-
The error pointer argument in netlink message handlers is used
to signal the special case where processing has to be interrupted
because a dump was started but no error happened. Instead it is
simpler and more clear to return -EINTR and have netlink_run_queue()
deal with getting the queue right.nfnetlink passed on this error pointer to its subsystem handlers
but only uses it to signal the start of a netlink dump. Therefore
it can be removed there as well.This patch also cleans up the error handling in the affected
message handlers to be consistent since it had to be touched anyway.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
So that it is also an offset from skb->head, reduces its size from 8 to 4 bytes
on 64bit architectures, allowing us to combine the 4 bytes hole left by the
layer headers conversion, reducing struct sk_buff size to 256 bytes, i.e. 4
64byte cachelines, and since the sk_buff slab cache is SLAB_HWCACHE_ALIGN...
:-)Many calculations that previously required that skb->{transport,network,
mac}_header be first converted to a pointer now can be done directly, being
meaningful as offsets or pointers.Signed-off-by: Arnaldo Carvalho de Melo
Signed-off-by: David S. Miller -
We currently use a special structure (struct skb_timeval) and plain
'struct timeval' to store packet timestamps in sk_buffs and struct
sock.This has some drawbacks :
- Fixed resolution of micro second.
- Waste of space on 64bit platforms where sizeof(struct timeval)=16I suggest using ktime_t that is a nice abstraction of high resolution
time services, currently capable of nanosecond resolution.As sizeof(ktime_t) is 8 bytes, using ktime_t in 'struct sock' permits
a 8 byte shrink of this structure on 64bit architectures. Some other
structures also benefit from this size reduction (struct ipq in
ipv4/ip_fragment.c, struct frag_queue in ipv6/reassembly.c, ...)Once this ktime infrastructure adopted, we can more easily provide
nanosecond resolution on top of it. (ioctl SIOCGSTAMPNS and/or
SO_TIMESTAMPNS/SCM_TIMESTAMPNS)Note : this patch includes a bug correction in
compat_sock_get_timestamp() where a "err = 0;" was missing (so this
syscall returned -ENOENT instead of 0)Signed-off-by: Eric Dumazet
CC: Stephen Hemminger
CC: John find
Signed-off-by: David S. Miller
13 Feb, 2007
2 commits
-
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Many struct file_operations in the kernel can be "const". Marking them const
moves these to the .rodata section, which avoids false sharing with potential
dirty data. In addition it'll catch accidental writes at compile time to
these shared resources.Signed-off-by: Arjan van de Ven
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
03 Dec, 2006
3 commits
-
Signed-off-by: Eric Leblond
Signed-off-by: Patrick McHardy -
nfmark is being used in various subsystems and has become
the defacto mark field for all kinds of packets. Therefore
it makes sense to rename it to `mark' and remove the
dependency on CONFIG_NETFILTER.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller
16 Nov, 2006
1 commit
-
Based on patch by James D. Nurmi:
I've got some code very dependant on nfnetlink_queue, and turned up a
large number of warns coming from skb_trim. While it's quite possibly
my code, having not seen it on older kernels made me a bit suspect.Anyhow, based on some googling I turned up this thread:
http://lkml.org/lkml/2006/8/13/56And believe the issue to be related, so attached is a small patch to
the kernel -- not sure if this is completely correct, but for anyone
else hitting the WARN_ON(1) in skbuff.h, it might be helpful..Signed-off-by: James D. Nurmi
Ported to ip6_queue and nfnetlink_queue and added return value
checks.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
06 Nov, 2006
1 commit
-
htons() is not needed (and no, it's not misspelled ntohs() -
userland expects net-endian here).Signed-off-by: Al Viro
Signed-off-by: David S. Miller
23 Sep, 2006
2 commits
-
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Replace CHECKSUM_HW by CHECKSUM_PARTIAL (for outgoing packets, whose
checksum still needs to be completed) and CHECKSUM_COMPLETE (for
incoming packets, device supplied full checksum).Patch originally from Herbert Xu, updated by myself for 2.6.18-rc3.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
30 Jun, 2006
1 commit
-
When a device that is acting as a bridge port is unregistered, the
ip_queue/nfnetlink_queue notifier doesn't check if its one of
physindev/physoutdev and doesn't release the references if it is.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
10 Apr, 2006
1 commit
-
Fix section mismatch warnings caused by netfilter's init_or_cleanup
functions used in many places by splitting the init from the cleanup
parts.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
29 Mar, 2006
1 commit
-
Every netfilter module uses `init' for its module_init() function and
`fini' or `cleanup' for its module_exit() function.Problem is, this creates uninformative initcall_debug output and makes
ctags rather useless.So go through and rename them all to $(filename)_init and
$(filename)_fini.Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller
23 Mar, 2006
1 commit
-
Fix oversized message, use NLMSG_SPACE just one since it reserves space
for the netlink header and NFA_SPACE for every attribute.Thanks to Harald Welte for the feedback
Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
13 Mar, 2006
1 commit
-
Fix NULL-ptr dereference when a config message for a non-existant
queue containing only an NFQA_CFG_PARAMS attribute is received.Coverity #433
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
05 Feb, 2006
1 commit
-
The packet marked is the netlink skb, not the queued skb.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
06 Jan, 2006
1 commit
-
Benefits of the patch:
- Fewer pointer dereferences should make the code slightly faster.
- Size of generated code is smaller
- improved readabilitySigned-off-by: Jesper Juhl
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
05 Jan, 2006
1 commit
-
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller
15 Nov, 2005
1 commit
-
This patch unconditionally requires CAP_NET_ADMIN for all nfnetlink
messages. It also removes the per-message cap_required field, since all
existing subsystems use CAP_NET_ADMIN for all their messages anyway.Patrick McHardy owes me a beer if we ever need to re-introduce this.
Signed-off-by: Harald Welte
Signed-off-by: David S. Miller
06 Nov, 2005
1 commit
-
These is a cleanup patch, kzalloc can be used in a couple of cases
Signed-off-by: Samir Bellabes
Signed-off-by: Harald Welte
Signed-off-by: Arnaldo Carvalho de Melo
04 Oct, 2005
1 commit
-
I've found the problem in general. It affects any 64-bit
architecture. The problem occurs when you change the system time.Suppose that when you boot your system clock is forward by a day.
This gets recorded down in skb_tv_base. You then wind the clock back
by a day. From that point onwards the offset will be negative which
essentially overflows the 32-bit variables they're stored in.In fact, why don't we just store the real time stamp in those 32-bit
variables? After all, we're not going to overflow for quite a while
yet.When we do overflow, we'll need a better solution of course.
Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
07 Sep, 2005
1 commit
-
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
06 Sep, 2005
2 commits
-
htonll() is nothing else than cpu_to_be64(), so we'd rather call the
latter.Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
This patch makes needlessly global functions static.
Signed-off-by: Adrian Bunk
Signed-off-by: David S. Miller
30 Aug, 2005
7 commits
-
Reduces skb size by 8 bytes on 64-bit.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
This patch adds a /proc/net/netfilter/nf_queue file, similar to the
recently-added /proc/net/netfilter/nf_log. It indicates which queue
handler is registered to which protocol family. This is useful since
there are now multiple queue handlers in the treee (ip[6]_queue,
nfnetlink_queue).Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
This patch adds support for passing the real 'physical' device ifindex
down to userspace via nfnetlink_log and nfnetlink_queue.This feature basically obsoletes net/bridge/netfilter/ebt_ulog.c, and
it is likely ebt_ulog.c will die with one of the next couple of
patches.Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
Prior to this patch, every nfnetlink subsystem had to specify it's
attribute count. However, in reality the attribute count depends on
the message type within the subsystem, not the subsystem itself. This
patch moves 'attr_count' from 'struct nfnetlink_subsys' into
nfnl_callback to fix this.Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
This is a generic (layer3 independent) version of what ipt_ULOG is already
doing for IPv4 today. ipt_ULOG, ebt_ulog and finally also ip[6]t_LOG will
be deprecated by this mechanism in the long term.Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
- Add new nfnetlink_queue module
- Add new ipt_NFQUEUE and ip6t_NFQUEUE modules to access queue numbers 1-65535
- Mark ip_queue and ip6_queue Kconfig options as OBSOLETE
- Update feature-removal-schedule to remove ip[6]_queue in DecemberSigned-off-by: Harald Welte
Signed-off-by: David S. Miller