Eric Lee / smarc-fsl-linux-kernel

23 Nov, 2011

1 commit

23 Apr, 2011

1 commit

13 Mar, 2011

5 commits

02 Mar, 2011

1 commit

24 Feb, 2011

1 commit

23 Feb, 2011

2 commits

27 Jan, 2011

2 commits

  • 62fa8a846   net: Implement read-only protection and COW'ing of metrics. ... Browse Code »

    Routing metrics are now copy-on-write.

    Initially a route entry points it's metrics at a read-only location.
    If a routing table entry exists, it will point there. Else it will
    point at the all zero metric place-holder called 'dst_default_metrics'.

    The writeability state of the metrics is stored in the low bits of the
    metrics pointer, we have two bits left to spare if we want to store
    more states.

    For the initial implementation, COW is implemented simply via kmalloc.
    However future enhancements will change this to place the writable
    metrics somewhere else, in order to increase sharing. Very likely
    this "somewhere else" will be the inetpeer cache.

    Note also that this means that metrics updates may transiently fail
    if we cannot COW the metrics successfully.

    But even by itself, this patch should decrease memory usage and
    increase cache locality especially for routing workloads. In those
    cases the read-only metric copies stay in place and never get written
    to.

    TCP workloads where metrics get updated, and those rare cases where
    PMTU triggers occur, will take a very slight performance hit. But
    that hit will be alleviated when the long-term writable metrics
    move to a more sharable location.

    Since the metrics storage went from a u32 array of RTAX_MAX entries to
    what is essentially a pointer, some retooling of the dst_entry layout
    was necessary.

    Most importantly, we need to preserve the alignment of the reference
    count so that it doesn't share cache lines with the read-mostly state,
    as per Eric Dumazet's alignment assertion checks.

    The only non-trivial bit here is the move of the 'flags' member into
    the writeable cacheline. This is OK since we are always accessing the
    flags around the same moment when we made a modification to the
    reference count.

    Signed-off-by: David S. Miller

    David S. Miller
     
  • 7cc2edb83   xfrm6: Don't forget to propagate peer into ipsec route. ... Browse Code »

    Like ipv4, we have to propagate the ipv6 route peer into
    the ipsec top-level route during instantiation.

    Signed-off-by: David S. Miller

    David S. Miller
     

12 Oct, 2010

1 commit

  • fc66f95c6   net dst: use a percpu_counter to track entries ... Browse Code »

    struct dst_ops tracks number of allocated dst in an atomic_t field,
    subject to high cache line contention in stress workload.

    Switch to a percpu_counter, to reduce number of time we need to dirty a
    central location. Place it on a separate cache line to avoid dirtying
    read only fields.

    Stress test :

    (Sending 160.000.000 UDP frames,
    IP route cache disabled, dual E5540 @2.53GHz,
    32bit kernel, FIB_TRIE, SLUB/NUMA)

    Before:

    real 0m51.179s
    user 0m15.329s
    sys 10m15.942s

    After:

    real 0m45.570s
    user 0m15.525s
    sys 9m56.669s

    With a small reordering of struct neighbour fields, subject of a
    following patch, (to separate refcnt from other read mostly fields)

    real 0m41.841s
    user 0m15.261s
    sys 8m45.949s

    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     

24 Sep, 2010

1 commit

05 Jul, 2010

1 commit

  • 44b451f16   xfrm: fix xfrm by MARK logic ... Browse Code »

    While using xfrm by MARK feature in
    2.6.34 - 2.6.35 kernels, the mark
    is always cleared in flowi structure via memset in
    _decode_session4 (net/ipv4/xfrm4_policy.c), so
    the policy lookup fails.
    IPv6 code is affected by this bug too.

    Signed-off-by: Peter Kosyh
    Acked-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Peter Kosyh
     

28 Apr, 2010

1 commit

22 Apr, 2010

1 commit

07 Apr, 2010

1 commit

  • 80c802f30   xfrm: cache bundles instead of policies for outgoing flows ... Browse Code »

    __xfrm_lookup() is called for each packet transmitted out of
    system. The xfrm_find_bundle() does a linear search which can
    kill system performance depending on how many bundles are
    required per policy.

    This modifies __xfrm_lookup() to store bundles directly in
    the flow cache. If we did not get a hit, we just create a new
    bundle instead of doing slow search. This means that we can now
    get multiple xfrm_dst's for same flow (on per-cpu basis).

    Signed-off-by: Timo Teras
    Signed-off-by: David S. Miller

    Timo Teräs
     

03 Mar, 2010

1 commit

  • 87c1e12b5   ipsec: Fix bogus bundle flowi ... Browse Code »

    When I merged the bundle creation code, I introduced a bogus
    flowi value in the bundle. Instead of getting from the caller,
    it was instead set to the flow in the route object, which is
    totally different.

    The end result is that the bundles we created never match, and
    we instead end up with an ever growing bundle list.

    Thanks to Jamal for find this problem.

    Reported-by: Jamal Hadi Salim
    Signed-off-by: Herbert Xu
    Acked-by: Steffen Klassert
    Acked-by: Jamal Hadi Salim
    Signed-off-by: David S. Miller

    Herbert Xu
     

25 Jan, 2010

1 commit

  • d7c7544c3   netns xfrm: deal with dst entries in netns ... Browse Code »

    GC is non-existent in netns, so after you hit GC threshold, no new
    dst entries will be created until someone triggers cleanup in init_net.

    Make xfrm4_dst_ops and xfrm6_dst_ops per-netns.
    This is not done in a generic way, because it woule waste
    (AF_MAX - 2) * sizeof(struct dst_ops) bytes per-netns.

    Reorder GC threshold initialization so it'd be done before registering
    XFRM policies.

    Signed-off-by: Alexey Dobriyan
    Signed-off-by: David S. Miller

    Alexey Dobriyan
     

12 Nov, 2009

1 commit

  • f8572d8f2   sysctl net: Remove unused binary sysctl code ... Browse Code »

    Now that sys_sysctl is a compatiblity wrapper around /proc/sys
    all sysctl strategy routines, and all ctl_name and strategy
    entries in the sysctl tables are unused, and can be
    revmoed.

    In addition neigh_sysctl_register has been modified to no longer
    take a strategy argument and it's callers have been modified not
    to pass one.

    Cc: "David Miller"
    Cc: Hideaki YOSHIFUJI
    Cc: netdev@vger.kernel.org
    Signed-off-by: Eric W. Biederman

    Eric W. Biederman
     

05 Aug, 2009

1 commit

31 Jul, 2009

1 commit

  • a33bc5c15   xfrm: select sane defaults for xfrm[4|6] gc_thresh ... Browse Code »

    Choose saner defaults for xfrm[4|6] gc_thresh values on init

    Currently, the xfrm[4|6] code has hard-coded initial gc_thresh values
    (set to 1024). Given that the ipv4 and ipv6 routing caches are sized
    dynamically at boot time, the static selections can be non-sensical.
    This patch dynamically selects an appropriate gc threshold based on
    the corresponding main routing table size, using the assumption that
    we should in the worst case be able to handle as many connections as
    the routing table can.

    For ipv4, the maximum route cache size is 16 * the number of hash
    buckets in the route cache. Given that xfrm4 starts garbage
    collection at the gc_thresh and prevents new allocations at 2 *
    gc_thresh, we set gc_thresh to half the maximum route cache size.

    For ipv6, its a bit trickier. there is no maximum route cache size,
    but the ipv6 dst_ops gc_thresh is statically set to 1024. It seems
    sane to select a simmilar gc_thresh for the xfrm6 code that is half
    the number of hash buckets in the v6 route cache times 16 (like the v4
    code does).

    Signed-off-by: Neil Horman
    Signed-off-by: David S. Miller

    Neil Horman
     

28 Jul, 2009

1 commit

  • a44a4a006   xfrm: export xfrm garbage collector thresholds via sysctl ... Browse Code »

    Export garbage collector thresholds for xfrm[4|6]_dst_ops

    Had a problem reported to me recently in which a high volume of ipsec
    connections on a system began reporting ENOBUFS for new connections
    eventually.

    It seemed that after about 2000 connections we started being unable to
    create more. A quick look revealed that the xfrm code used a dst_ops
    structure that limited the gc_thresh value to 1024, and always
    dropped route cache entries after 2x the gc_thresh.

    It seems the most direct solution is to export the gc_thresh values in
    the xfrm[4|6] dst_ops as sysctls, like the main routing table does, so
    that higher volumes of connections can be supported. This patch has
    been tested and allows the reporter to increase their ipsec connection
    volume successfully.

    Reported-by: Joe Nall
    Signed-off-by: Neil Horman

    ipv4/xfrm4_policy.c | 18 ++++++++++++++++++
    ipv6/xfrm6_policy.c | 18 ++++++++++++++++++
    2 files changed, 36 insertions(+)
    Signed-off-by: David S. Miller

    Neil Horman
     

04 Jul, 2009

1 commit

  • 59cae0092   xfrm6: fix the proto and ports decode of sctp protocol ... Browse Code »

    The SCTP pushed the skb above the sctp chunk header, so the
    check of pskb_may_pull(skb, nh + offset + 1 - skb->data) in
    _decode_session6() will never return 0 and the ports decode
    of sctp will always fail. (nh + offset + 1 - skb->data < 0)

    Signed-off-by: Wei Yongjun
    Acked-by: Herbert Xu
    Signed-off-by: David S. Miller

    Wei Yongjun
     

01 Feb, 2009

1 commit

26 Nov, 2008

3 commits

12 Nov, 2008

1 commit

02 Nov, 2008

1 commit

  • 7e3a42a12   xfrm6: handling fragment ... Browse Code »

    RFC4301 Section 7.1 says:

    "7.1. Tunnel Mode SAs that Carry Initial and Non-Initial Fragments

    All implementations MUST support tunnel mode SAs that are configured
    to pass traffic without regard to port field (or ICMP type/code or
    Mobility Header type) values. If the SA will carry traffic for
    specified protocols, the selector set for the SA MUST specify the
    port fields (or ICMP type/code or Mobility Header type) as ANY. An
    SA defined in this fashion will carry all traffic including initial
    and non-initial fragments for the indicated Local/Remote addresses
    and specified Next Layer protocol(s)."

    But for IPv6, fragment is treated as a protocol. This change catches
    protocol transported in fragmented packet. In IPv4, there is no
    problem.

    Signed-off-by: Nicolas Dichtel
    Signed-off-by: David S. Miller

    Nicolas Dichtel
     

15 Aug, 2008

1 commit

26 Mar, 2008

1 commit

25 Mar, 2008

1 commit

06 Mar, 2008

1 commit

04 Mar, 2008

1 commit

01 Feb, 2008

1 commit

29 Jan, 2008

2 commits

  • 569d36452   [NETNS][DST] dst: pass the dst_ops as parameter to the gc functions ... Browse Code »

    The garbage collection function receive the dst_ops structure as
    parameter. This is useful for the next incoming patchset because it
    will need the dst_ops (there will be several instances) and the
    network namespace pointer (contained in the dst_ops).

    The protocols which do not take care of the namespaces will not be
    impacted by this change (expect for the function signature), they do
    just ignore the parameter.

    Signed-off-by: Daniel Lezcano
    Signed-off-by: David S. Miller

    Daniel Lezcano
     
  • a1b051405   [XFRM] IPv6: Fix dst/routing check at transformation. ... Browse Code »

    IPv6 specific thing is wrongly removed from transformation at net-2.6.25.
    This patch recovers it with current design.

    o Update "path" of xfrm_dst since IPv6 transformation should
    care about routing changes. It is required by MIPv6 and
    off-link destined IPsec.
    o Rename nfheader_len which is for non-fragment transformation used by
    MIPv6 to rt6i_nfheader_len as IPv6 name space.

    Signed-off-by: Masahide NAKAMURA
    Acked-by: Herbert Xu
    Signed-off-by: David S. Miller

    Masahide NAKAMURA