29 Apr, 2016
1 commit
-
Signed-off-by: Eric Engestrom
Signed-off-by: David S. Miller
25 Mar, 2016
1 commit
-
Two minor typo.
Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
22 Mar, 2016
2 commits
-
Signed-off-by: Benjamin Poirier
Signed-off-by: David S. Miller -
Commit d67ef35fff67 ("clarify documentation for
net.ipv4.igmp_max_memberships") mistakenly indented a block of
documentation such that it now looks like it belongs to a specific sysctl.
Restore that block's original position.Cc: Jeremy Eder
Signed-off-by: Benjamin Poirier
Signed-off-by: David S. Miller
15 Mar, 2016
2 commits
-
Rename DSA port_join_bridge and port_leave_bridge routines to
respectively port_bridge_join and port_bridge_leave in order to respect
an implicit Port::Bridge namespace.Signed-off-by: Vivien Didelot
Acked-by: Jiri Pirko
Signed-off-by: David S. Miller -
Some new development in PHYLIB added new function pointers to the struct
phy_driver, document these.Signed-off-by: Florian Fainelli
Signed-off-by: David S. Miller
10 Mar, 2016
1 commit
-
Add kcm.txt to desribe KCM and interfaces.
Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller
03 Mar, 2016
1 commit
-
RDS iWarp support code has become stale and non testable. As
indicated earlier, am dropping the support for it.If new iWarp user(s) shows up in future, we can adapat the RDS IB
transprt for the special RDMA READ sink case. iWarp needs an MR
for the RDMA READ sink.Signed-off-by: Santosh Shilimkar
Signed-off-by: Santosh Shilimkar
Signed-off-by: David S. Miller
02 Mar, 2016
1 commit
-
…inux/kernel/git/jberg/mac80211-next
Johannes Berg says:
====================
Here's another round of updates for -next:
* big A-MSDU RX performance improvement (avoid linearize of paged RX)
* rfkill changes: cleanups, documentation, platform properties
* basic PBSS support in cfg80211
* MU-MIMO action frame processing support
* BlockAck reordering & duplicate detection offload support
* various cleanups & little fixes
====================Signed-off-by: David S. Miller <davem@davemloft.net>
26 Feb, 2016
3 commits
-
Currently, all ipv6 addresses are flushed when the interface is configured
down, including global, static addresses:$ ip -6 addr show dev eth1
3: eth1: mtu 1500 state UP qlen 1000
inet6 2100:1::2/120 scope global
valid_lft forever preferred_lft forever
inet6 fe80::e0:f9ff:fe79:34bd/64 scope link
valid_lft forever preferred_lft forever
$ ip link set dev eth1 down
$ ip -6 addr show dev eth1
<< nothing; all addresses have been flushed>>Add a new sysctl to make this behavior optional. The new setting defaults to
flush all addresses to maintain backwards compatibility. When the set global
addresses with no expire times are not flushed on an admin down. The sysctl
is per-interface or system-wide for all interfaces$ sysctl -w net.ipv6.conf.eth1.keep_addr_on_down=1
or
$ sysctl -w net.ipv6.conf.all.keep_addr_on_down=1Will keep addresses on eth1 on an admin down.
$ ip -6 addr show dev eth1
3: eth1: mtu 1500 state UP qlen 1000
inet6 2100:1::2/120 scope global
valid_lft forever preferred_lft forever
inet6 fe80::e0:f9ff:fe79:34bd/64 scope link
valid_lft forever preferred_lft forever
$ ip link set dev eth1 down
$ ip -6 addr show dev eth1
3: eth1: mtu 1500 state DOWN qlen 1000
inet6 2100:1::2/120 scope global tentative
valid_lft forever preferred_lft forever
inet6 fe80::e0:f9ff:fe79:34bd/64 scope link tentative
valid_lft forever preferred_lft foreverSigned-off-by: David Ahern
Signed-off-by: David S. Miller -
The VLAN GetNext operation is specific to some switches, and thus can be
complicated to implement for some drivers.Remove the support for the vlan_getnext/port_pvid_get approach in favor
of the generic and simpler port_vlan_dump function.Signed-off-by: Vivien Didelot
Signed-off-by: David S. Miller -
Similar to port_fdb_dump, add a port_vlan_dump function to DSA drivers
which gets passed the switchdev VLAN object and callback.This function, if implemented, takes precedence over the soon legacy
vlan_getnext/port_pvid_get approach.Signed-off-by: Vivien Didelot
Signed-off-by: David S. Miller
24 Feb, 2016
2 commits
-
Drivers/devices without their own rate control algorithm can get the
information what rates they should use from either the radiotap header of
injected frames or from the rate control algorithm. But the parsing of the
legacy rate information from the radiotap header was removed in commit
e6a9854b05c1 ("mac80211/drivers: rewrite the rate control API").The removal of this feature heavily reduced the usefulness of frame
injection when wanting to simulate specific transmission behavior. Having
rate parsing together with MCS rates and retry support allows a fine
grained selection of the tx behavior of injected frames for these kind of
tests.Signed-off-by: Sven Eckelmann
Cc: Simon Wunderlich
Signed-off-by: Johannes Berg -
Some DSA drivers may or may not support multiple software bridges on top
of an hardware switch.It is more convenient for them to access the bridge's net_device for
finer configuration.Removing the need to craft and access a bitmask also simplifies the
code.This patch changes the signature of bridge related functions, update DSA
drivers, and removes dsa_slave_br_port_mask.Signed-off-by: Vivien Didelot
Tested-by: Florian Fainelli
Signed-off-by: David S. Miller
19 Feb, 2016
1 commit
-
mmapped netlink has a number of unresolved issues:
- TX zerocopy support had to be disabled more than a year ago via
commit 4682a0358639b29cf ("netlink: Always copy on mmap TX.")
because the content of the mmapped area can change after netlink
attribute validation but before message processing.- RX support was implemented mainly to speed up nfqueue dumping packet
payload to userspace. However, since commit ae08ce0021087a5d812d2
("netfilter: nfnetlink_queue: zero copy support") we avoid one copy
with the socket-based interface too (via the skb_zerocopy helper).The other problem is that skbs attached to mmaped netlink socket
behave different from normal skbs:- they don't have a shinfo area, so all functions that use skb_shinfo()
(e.g. skb_clone) cannot be used.- reserving headroom prevents userspace from seeing the content as
it expects message to start at skb->head.
See for instance
commit aa3a022094fa ("netlink: not trim skb for mmaped socket when dump").- skbs handed e.g. to netlink_ack must have non-NULL skb->sk, else we
crash because it needs the sk to check if a tx ring is attached.Also not obvious, leads to non-intuitive bug fixes such as 7c7bdf359
("netfilter: nfnetlink: use original skbuff when acking batches").mmaped netlink also didn't play nicely with the skb_zerocopy helper
used by nfqueue and openvswitch. Daniel Borkmann fixed this via
commit 6bb0fef489f6 ("netlink, mmap: fix edge-case leakages in nf queue
zero-copy")' but at the cost of also needing to provide remaining
length to the allocation function.nfqueue also has problems when used with mmaped rx netlink:
- mmaped netlink doesn't allow use of nfqueue batch verdict messages.
Problem is that in the mmap case, the allocation time also determines
the ordering in which the frame will be seen by userspace (A
allocating before B means that A is located in earlier ring slot,
but this also means that B might get a lower sequence number then A
since seqno is decided later. To fix this we would need to extend the
spinlocked region to also cover the allocation and message setup which
isn't desirable.
- nfqueue can now be configured to queue large (GSO) skbs to userspace.
Queing GSO packets is faster than having to force a software segmentation
in the kernel, so this is a desirable option. However, with a mmap based
ring one has to use 64kb per ring slot element, else mmap has to fall back
to the socket path (NL_MMAP_STATUS_COPY) for all large packets.To use the mmap interface, userspace not only has to probe for mmap netlink
support, it also has to implement a recv/socket receive path in order to
handle messages that exceed the size of an rx ring element.Cc: Daniel Borkmann
Cc: Ken-ichirou MATSUZAWA
Cc: Pablo Neira Ayuso
Cc: Patrick McHardy
Cc: Thomas Graf
Signed-off-by: Florian Westphal
Signed-off-by: David S. Miller
12 Feb, 2016
1 commit
-
Signed-off-by: Edward Cree
Signed-off-by: David S. Miller
11 Feb, 2016
4 commits
-
In certain 802.11 wireless deployments, there will be NA proxies
that use knowledge of the network to correctly answer requests.
To prevent unsolicitd advertisements on the shared medium from
being a problem, on such deployments wireless needs to drop them.Enable this by providing an option called "drop_unsolicited_na".
Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller -
In order to solve a problem with 802.11, the so-called hole-196 attack,
add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if
enabled, causes the stack to drop IPv6 unicast packets encapsulated in
link-layer multi- or broadcast frames. Such frames can (as an attack)
be created by any member of the same wireless network and transmitted
as valid encrypted frames since the symmetric key for broadcast frames
is shared between all stations.Reviewed-by: Julian Anastasov
Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller -
In certain 802.11 wireless deployments, there will be ARP proxies
that use knowledge of the network to correctly answer requests.
To prevent gratuitous ARP frames on the shared medium from being
a problem, on such deployments wireless needs to drop them.Enable this by providing an option called "drop_gratuitous_arp".
Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller -
In order to solve a problem with 802.11, the so-called hole-196 attack,
add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if
enabled, causes the stack to drop IPv4 unicast packets encapsulated in
link-layer multi- or broadcast frames. Such frames can (as an attack)
be created by any member of the same wireless network and transmitted
as valid encrypted frames since the symmetric key for broadcast frames
is shared between all stations.Additionally, enabling this option provides compliance with a SHOULD
clause of RFC 1122.Reviewed-by: Julian Anastasov
Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller
03 Feb, 2016
1 commit
-
open-mesh.org and its subdomains can only be accessed via HTTPS. HTTP-only
requests are currently redirected automatically to HTTPS but references in
the source code should be only https.Signed-off-by: Sven Eckelmann
Signed-off-by: Marek Lindner
Signed-off-by: Antonio Quartulli
21 Jan, 2016
1 commit
-
Documentation should be kept consistent with the code:
static int tcp_syn_retries_max = MAX_TCP_SYNCNT;
#define MAX_TCP_SYNCNT 127Signed-off-by: Xin Long
Signed-off-by: David S. Miller
18 Jan, 2016
1 commit
-
Pull documentation updates from Jon Corbet:
"A relatively boring cycle in the docs tree. There's a few kernel-doc
fixes and various document tweaks.One patch reaches out of the documentation subtree to fix a comment in
init/do_mounts_rd.c. There didn't seem to be anybody more appropriate
to take that one, so I accepted it"* tag 'docs-4.5' of git://git.lwn.net/linux: (29 commits)
thermal: add description for integral_cutoff unit
Documentation: update libhugetlbfs site url
Documentation: Explain pci=conf1,conf2 more verbosely
DMA-API: fix confusing sentence in Documentation/DMA-API.txt
Documentation: translations: update linux cross reference link
Documentation: fix typo in CodingStyle
init, Documentation: Remove ramdisk_blocksize mentions
Documentation-getdelays: Apply a recommendation from "checkpatch.pl" in main()
Documentation: HOWTO: update versions from 3.x to 4.x
Documentation: remove outdated references from translations
Doc: treewide: Fix grammar "a" to "an"
Documentation: cpu-hotplug: Fix sysfs mount instructions
can-doc: Add hint about getting timestamps
Fix CFQ I/O scheduler parameter name in documentation
Documentation: arm: remove dead links from Marvell Berlin docs
Documentation: HOWTO: update code cross reference link
Doc: Docbook/iio: Fix typo in iio.tmpl
DocBook: make index.html generation less verbose by default
DocBook: Cleanup: remove an unused $(call) line
DocBook: Add a help message for DOCBOOKS env var
...
11 Jan, 2016
1 commit
-
Signed-off-by: Elad Raz
Signed-off-by: Ido Schimmel
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
09 Jan, 2016
1 commit
-
Signed-off-by: Sven Eckelmann
Signed-off-by: Marek Lindner
Signed-off-by: Antonio Quartulli
19 Dec, 2015
1 commit
-
Allow accepted sockets to derive their sk_bound_dev_if setting from the
l3mdev domain in which the packets originated. A sysctl setting is added
to control the behavior which is similar to sk_mark and
sysctl_tcp_fwmark_accept.This effectively allow a process to have a "VRF-global" listen socket,
with child sockets bound to the VRF device in which the packet originated.
A similar behavior can be achieved using sk_mark, but a solution using marks
is incomplete as it does not handle duplicate addresses in different L3
domains/VRFs. Allowing sockets to inherit the sk_bound_dev_if from l3mdev
domain provides a complete solution.Signed-off-by: David Ahern
Signed-off-by: David S. Miller
18 Dec, 2015
1 commit
-
Conflicts:
drivers/net/geneve.cHere we had an overlapping change, where in 'net' the extraneous stats
bump was being removed whilst in 'net-next' the final argument to
udp_tunnel6_xmit_skb() was being changed.Signed-off-by: David S. Miller
16 Dec, 2015
1 commit
-
As we all know, the value of pf_retrans >= max_retrans_path can
disable pf state. The variables of pf_retrans and max_retrans_path
can be changed by the userspace application.Sometimes the user expects to disable pf state while the 2
variables are changed to enable pf state. So it is necessary to
introduce a new variable to disable pf state.According to the suggestions from Vlad Yasevich, extra1 and extra2
are removed. The initialization of pf_enable is added.Acked-by: Vlad Yasevich
Signed-off-by: Zhu Yanjun
Acked-by: Marcelo Ricardo Leitner
Signed-off-by: David S. Miller
11 Dec, 2015
1 commit
-
This patch adds a hint about how to get timestamps of received
CAN frames with ioctl(2). This hint has been applied to the
former SocketCAN Documentation, but it got lost during mainlining
the first bits and pieces to linux kernel.Signed-off-by: Stefan Tatschner
Signed-off-by: Jonathan Corbet
04 Dec, 2015
1 commit
-
Apparently the e100.txt document contained a "License" section left
over from days of old, which does not need to be in the kernel
documentation. So clean it up..CC: John Ronciak
Signed-off-by: Jeff Kirsher
Tested-by: Aaron Brown
14 Nov, 2015
1 commit
-
Pull more documentation updates from Jon Corbet:
"A few more documentation patches that wandered in and have no reason
to wait; these include some improvements to the suggestions for email
clients and patch submission"* tag '4.4-additional' of git://git.lwn.net/linux:
Documentation: Add minimal Mutt config for using Gmail
Documentation: Add note on sending files directly with Mutt
Documentation: dontdiff: remove media from dontdiff
Documentation/SubmittingPatches: discuss In-Reply-To
Remove email address from Documentation/filesystems/overlayfs.txt
can-doc: Add missing semicolon to example
12 Nov, 2015
1 commit
-
The example code for CAN_BCM,
connect(s, (struct sockaddr *)&addr, sizeof(addr))
lacks a semicolon at the end of the line. This patch adds that
missing semicolon to ensure that the given code snippet actually
compiles.Signed-off-by: Stefan Tatschner
Acked-by: Marc Kleine-Budde
Signed-off-by: Jonathan Corbet
11 Nov, 2015
1 commit
-
Pull networking fixes from David Miller:
1) Fix null deref in xt_TEE netfilter module, from Eric Dumazet.
2) Several spots need to get to the original listner for SYN-ACK
packets, most spots got this ok but some were not. Whilst covering
the remaining cases, create a helper to do this. From Eric Dumazet.3) Missiing check of return value from alloc_netdev() in CAIF SPI code,
from Rasmus Villemoes.4) Don't sleep while != TASK_RUNNING in macvtap, from Vlad Yasevich.
5) Use after free in mvneta driver, from Justin Maggard.
6) Fix race on dst->flags access in dst_release(), from Eric Dumazet.
7) Add missing ZLIB_INFLATE dependency for new qed driver. From Arnd
Bergmann.8) Fix multicast getsockopt deadlock, from WANG Cong.
9) Fix deadlock in btusb, from Kuba Pawlak.
10) Some ipv6_add_dev() failure paths were not cleaning up the SNMP6
counter state. From Sabrina Dubroca.11) Fix packet_bind() race, which can cause lost notifications, from
Francesco Ruggeri.12) Fix MAC restoration in qlcnic driver during bonding mode changes,
from Jarod Wilson.13) Revert bridging forward delay change which broke libvirt and other
userspace things, from Vlad Yasevich.* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (65 commits)
Revert "bridge: Allow forward delay to be cfgd when STP enabled"
bpf_trace: Make dependent on PERF_EVENTS
qed: select ZLIB_INFLATE
net: fix a race in dst_release()
net: mvneta: Fix memory use after free.
net: Documentation: Fix default value tcp_limit_output_bytes
macvtap: Resolve possible __might_sleep warning in macvtap_do_read()
mvneta: add FIXED_PHY dependency
net: caif: check return value of alloc_netdev
net: hisilicon: NET_VENDOR_HISILICON should depend on HAS_DMA
drivers: net: xgene: fix RGMII 10/100Mb mode
netfilter: nft_meta: use skb_to_full_sk() helper
net_sched: em_meta: use skb_to_full_sk() helper
sched: cls_flow: use skb_to_full_sk() helper
netfilter: xt_owner: use skb_to_full_sk() helper
smack: use skb_to_full_sk() helper
net: add skb_to_full_sk() helper and use it in selinux_netlbl_skbuff_setsid()
bpf: doc: correct arch list for supported eBPF JIT
dwc_eth_qos: Delete an unnecessary check before the function call "of_node_put"
bonding: fix panic on non-ARPHRD_ETHER enslave failure
...
10 Nov, 2015
1 commit
-
Commit c39c4c6abb89 ("tcp: double default TSQ output bytes limit")
updated default value for tcp_limit_output_bytesSigned-off-by: Niklas Cassel
Signed-off-by: David S. Miller
09 Nov, 2015
1 commit
-
aarch64 and s390x support eBPF JIT too, correct document to reflect this and
avoid any confusion.Signed-off-by: Yang Shi
Acked-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
06 Nov, 2015
1 commit
-
Pull documentation update from Jon Corbet:
"There is a nice new document from Neil on how pathname lookups work
and some new CAN driver documentation. Beyond that, we have
kernel-doc fixes, a bit more work to support reproducible builds, and
the usual collection of small fixes"* tag 'docs-for-linus' of git://git.lwn.net/linux: (34 commits)
Documentation: add new description of path-name lookup.
Documentation/vm/slub.txt: document slabinfo-gnuplot.sh
Doc: ABI/stable: Fix typo in ABI/stable
doc: Clarify that nmi_watchdog param is for hardlockups
Typo correction for description in gpio document.
DocBook: Fix kernel-doc to be case-insensitive for private:
kernel-docs.txt: update kernelnewbies reference
Doc:kvm: Fix typo in Doc/virtual/kvm
Documentation/Changes: Add bc in "Current Minimal Requirements" section
Documentation/email-clients.txt: remove trailing whitespace
DocBook: Use a fixed encoding for output
MAINTAINERS: The docs tree has moved
Docs/kernel-parameters: Add earlycon devicetree usage
SubmittingPatches: make Subject examples match the de facto standard
Documentation: gpio: mention that -gpio has been deprecated
Documentation: cgroups: just fix a few typos
Documentation: Update kselftest.txt
Documentation: DMA API: Be more explicit that nents is always the same
Documentation: Update the default value of crashkernel low
zram: update documentation
...
30 Oct, 2015
3 commits
-
Steffen Klassert says:
====================
pull request (net-next): ipsec-next 2015-10-301) The flow cache is limited by the flow cache limit which
depends on the number of cpus and the xfrm garbage collector
threshold which is independent of the number of cpus. This
leads to the fact that on systems with more than 16 cpus
we hit the xfrm garbage collector limit and refuse new
allocations, so new flows are dropped. On systems with 16
or less cpus, we hit the flowcache limit. In this case, we
shrink the flow cache instead of refusing new flows.We increase the xfrm garbage collector threshold to INT_MAX
to get the same behaviour, independent of the number of cpus.2) Fix some unaligned accesses on sparc systems.
From Sowmini Varadhan.3) Fix some header checks in _decode_session4. We may call
pskb_may_pull with a negative value converted to unsigened
int from pskb_may_pull. This can lead to incorrect policy
lookups. We fix this by a check of the data pointer position
before we call pskb_may_pull.4) Reload skb header pointers after calling pskb_may_pull
in _decode_session4 as this may change the pointers into
the packet.5) Add a missing statistic counter on inner mode errors.
Please pull or let me know if there are problems.
====================Signed-off-by: David S. Miller
-
In certain use cases it is not always desirable for the switch device to
flood traffic to CPU port. Instead, only certain packet types (e.g.
STP, LACP) should be trapped to it.Signed-off-by: Ido Schimmel
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller -
Allow devices supporting this feature to control the flooding of unknown
unicast traffic, by making switchdev infrastructure propagate this setting
to the switch driver.Signed-off-by: Ido Schimmel
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
21 Oct, 2015
1 commit
-
This patch implements the second half of RACK that uses the the most
recent transmit time among all delivered packets to detect losses.tcp_rack_mark_lost() is called upon receiving a dubious ACK.
It then checks if an not-yet-sacked packet was sent at least
"reo_wnd" prior to the sent time of the most recently delivered.
If so the packet is deemed lost.The "reo_wnd" reordering window starts with 1msec for fast loss
detection and changes to min-RTT/4 when reordering is observed.
We found 1msec accommodates well on tiny degree of reordering
(
Signed-off-by: Neal Cardwell
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller