04 Dec, 2009
4 commits
-
Refactor the code so fib_rules_register always takes a template instead
of the actual fib_rules_ops structure that will be used. This is
required for network namespace support so 2 out of the 3 callers already
do this, it allows the error handling to be made common, and it allows
fib_rules_unregister to free the template for hte caller.Modify fib_rules_unregister to use call_rcu instead of syncrhonize_rcu
to allw multiple namespaces to be cleaned up in the same rcu grace
period.Signed-off-by: Eric W. Biederman
Signed-off-by: David S. Miller -
commit 68144d350f4f6c348659c825cde6a82b34c27a91
Author: Patrick McHardy
Date: Thu Dec 3 12:05:25 2009 +0100net: fib_rules: add oif classification
Support routing table lookup based on the flow's oif. This is useful to
classify packets originating from sockets bound to interfaces differently.The route cache already includes the oif and needs no changes.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
-
commit 229e77eec406ad68662f18e49fda8b5d366768c5
Author: Patrick McHardy
Date: Thu Dec 3 12:05:23 2009 +0100net: fib_rules: rename ifindex/ifname/FRA_IFNAME to iifindex/iifname/FRA_IIFNAME
The next patch will add oif classification, rename interface related members
and attributes to reflect that they're used for iif classification.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
-
commit b8952893d5d86f69c4e499d191b98c6658f64b0f
Author: Patrick McHardy
Date: Thu Dec 3 12:05:22 2009 +0100net: fib_rules: rearrange struct fib_rule
The ifname member is only used to resolve interface names and is not needed
during rule lookups. The target and ctarget members however are used during
rule lookups and are currently located in a second cacheline.Move ifname further to the end to make sure both target and ctarget are
located in the same cacheline as other members used during rule lookups.The layout on 64 bit changes from:
struct fib_rule {
...
u32 table; /* 56 4 */
u8 action; /* 60 1 *//* XXX 3 bytes hole, try to pack */
/* --- cacheline 1 boundary (64 bytes) --- */
u32 target; /* 64 4 *//* XXX 4 bytes hole, try to pack */
struct fib_rule * ctarget; /* 72 8 */
struct rcu_head rcu; /* 80 16 */
struct net * fr_net; /* 96 8 */
};to:
struct fib_rule {
...
u32 table; /* 40 4 */
u8 action; /* 44 1 *//* XXX 3 bytes hole, try to pack */
u32 target; /* 48 4 */
/* XXX 4 bytes hole, try to pack */
struct fib_rule * ctarget; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
char ifname[16]; /* 64 16 */
struct rcu_head rcu; /* 80 16 */
struct net * fr_net; /* 96 8 */};
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
04 Nov, 2009
1 commit
-
This cleanup patch puts struct/union/enum opening braces,
in first line to ease grep games.struct something
{becomes :
struct something {
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
21 May, 2009
1 commit
-
The netlink message header (struct nlmsghdr) is an unused parameter in
fill method of fib_rules_ops struct. This patch removes this
parameter from this method and fixes the places where this method is
called.(include/net/fib_rules.h)
Signed-off-by: Rami Rosen
Signed-off-by: David S. Miller
18 May, 2009
1 commit
-
Signed-off-by: Rami Rosen
Signed-off-by: David S. Miller
06 Jul, 2008
1 commit
-
This is required to pass namespace context into rt_cache_flush called from
->flush_cache.Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller
16 Apr, 2008
1 commit
-
Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller
29 Jan, 2008
7 commits
-
Save namespace context on the fib rule at the rule creation time and
call routing lookup in the correct namespace.Signed-off-by: Denis V. Lunev
Acked-by: Daniel Lezcano
Signed-off-by: David S. Miller -
Remove struct net from fib_rules_register(unregister)/notify_change
paths and diet code size a bit.add/remove: 0/0 grow/shrink: 10/12 up/down: 35/-100 (-65)
function old new delta
notify_rule_change 273 280 +7
trie_show_stats 471 475 +4
fn_trie_delete 473 477 +4
fib_rules_unregister 144 148 +4
fib4_rule_compare 119 123 +4
resize 2842 2845 +3
fn_trie_select_default 515 518 +3
inet_sk_rebuild_header 836 838 +2
fib_trie_seq_show 764 766 +2
__devinet_sysctl_register 276 278 +2
fn_trie_lookup 1124 1123 -1
ip_fib_check_default 133 131 -2
devinet_conf_sysctl 223 221 -2
snmp_fold_field 126 123 -3
fn_trie_insert 2091 2086 -5
inet_create 876 870 -6
fib4_rules_init 197 191 -6
fib_sync_down 452 444 -8
inet_gso_send_check 334 325 -9
fib_create_info 3003 2991 -12
fib_nl_delrule 568 553 -15
fib_nl_newrule 883 852 -31Signed-off-by: Denis V. Lunev
Acked-by: Daniel Lezcano
Signed-off-by: David S. Miller -
The backward link from FIB rules operations to the network namespace
will allow to simplify the API a bit.Signed-off-by: Denis V. Lunev
Acked-by: Daniel Lezcano
Signed-off-by: David S. Miller -
fib_rules_unregister is called only after successful register and the
return code is never checked.Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller -
fib_rules_ops contains operations and the list of configured rules. ops will
become per/namespace soon, so we need them to be known in the default_pref
callback.Acked-by: Benjamin Thery
Acked-by: Daniel Lezcano
Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller -
The patch extends the different fib rules API in order to pass the
network namespace pointer. That will allow to access the different
tables from a namespace relative object. As usual, the pointer to the
init_net variable is passed as parameter so we don't break the
network.Acked-by: Benjamin Thery
Acked-by: Daniel Lezcano
Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller -
When the fib_rules initialization finished, no return code is provided
so there is no way to know, for the caller, if the initialization has
been successful or has failed. This patch fix that.Signed-off-by: Daniel Lezcano
Acked-by: Benjamin Thery
Signed-off-by: David S. Miller
11 Nov, 2007
1 commit
-
This patch fixes a small memory leak. Default fib rules can be deleted by
the user if the rule does not carry FIB_RULE_PERMANENT flag, f.e. by
ip rule flushSuch a rule will not be freed as the ref-counter has 2 on start and becomes
clearly unreachable after removal.Signed-off-by: Denis V. Lunev
Acked-by: Alexey Kuznetsov
Signed-off-by: David S. Miller
11 Oct, 2007
1 commit
-
This patch slightly cleanups FIB rules framework. rules_list as a pointer
on struct fib_rules_ops is useless. It is always assigned with a static
per/subsystem list in IPv4, IPv6 and DecNet.Signed-off-by: Denis V. Lunev
Acked-by: Alexey Kuznetsov
Signed-off-by: David S. Miller
08 Jun, 2007
1 commit
-
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
26 Apr, 2007
4 commits
-
The results of FIB rules lookups are cached in the routing cache
except for IPv6 as no such cache exists. So far, it was the
responsibility of the user to flush the cache after modifying any
rules. This lead to many false bug reports due to misunderstanding
of this concept.This patch automatically flushes the route cache after inserting
or deleting a rule.Thanks to Muli Ben-Yehuda for catching a bug
in the previous patch.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
This patch adds a new rule action FR_ACT_GOTO which allows
to skip a set of rules by jumping to another rule. The rule
to jump to is specified via the FRA_GOTO attribute which
carries a rule preference.Referring to a rule which doesn't exists is explicitely allowed.
Such goto rules are marked with the flag FIB_RULE_UNRESOLVED
and will act like a rule with a non-matching selector. The rule
will become functional as soon as its target is present.The goto action enables performance optimizations by reducing
the average number of rules that have to be passed per lookup.Example:
0: from all lookup local
40: not from all to 192.168.23.128 goto 32766
41: from all fwmark 0xa blackhole
42: from all fwmark 0xff blackhole
32766: from all lookup mainSigned-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Implements a unified, protocol independant rules dumping function
which is capable of both, dumping a specific protocol family or
all of them. This speeds up dumping as less lookups are required.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller
26 Mar, 2007
1 commit
-
Based upon a patch from Patrick McHardy.
The fib_rules netlink attribute policy introduced in 2.6.19 broke
userspace compatibilty. When specifying a rule with "from all"
or "to all", iproute adds a zero byte long netlink attribute,
but the policy requires all addresses to have a size equal to
sizeof(struct in_addr)/sizeof(struct in6_addr), resulting in a
validation error.Check attribute length of FRA_SRC/FRA_DST in the generic framework
by letting the family specific rules implementation provide the
length of an address. Report an error if address length is non
zero but no address attribute is provided. Fix actual bug by
checking address length for non-zero instead of relying on
availability of attribute.Signed-off-by: Thomas Graf
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
03 Dec, 2006
3 commits
-
Account for the netlink message header size directly in nlmsg_new()
instead of relying on the caller calculate it correctly.Replaces error handling of message construction functions when
constructing notifications with bug traps since a failure implies
a bug in calculating the size of the skb.Signed-off-by: Thomas Graf
Acked-by: Paul Moore
Signed-off-by: David S. Miller -
Move the attribute policy for the non-specific attributes into
net/fib_rules.h and include it in the respective protocols.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller -
Move mark selector currently implemented per protocol into
the protocol independant part.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller
23 Sep, 2006
2 commits
-
Introduce RTA_TABLE route attribute and FRA_TABLE routing rule attribute
to hold 32 bit routing table IDs. Usespace compatibility is provided by
continuing to accept and send the rtm_table field, but because of its
limited size it can only carry the low 8 bits of the table ID. This
implies that if larger IDs are used, _all_ userspace programs using them
need to use RTA_TABLE.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Derived from net/ipv/fib_rules.c
Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller