* Re: fanotify as syscalls
From: Linus Torvalds @ 2009-09-17 16:40 UTC (permalink / raw)
To: Jamie Lokier
Cc: Evgeniy Polyakov, Eric Paris, David Miller, linux-kernel,
linux-fsdevel, netdev, viro, alan, hch
In-Reply-To: <20090916122723.GE29359@shareable.org>
On Wed, 16 Sep 2009, Jamie Lokier wrote:
>
> I'd forgotten about Linus' strace argument. That's a good one.
>
> Of course everything should be a syscall by that argument :-)
Oh yes, everything _should_ be a syscall.
The problem is that many things are too "amorphous" to be system calls,
and don't have any sane generic semantics (ie they only act on a specific
device node). So we have ioctl's etc for those things.
And then we have page faults. I've long wished that from a system call
tracing standpoint we could show page faults as pseudo-system-calls (at
least as long as they happen from user space - trying to handle nesting is
not worth it). It would make it _so_ much more obvious what the
performance patterns are if you could just do
strace -ttT firefox
for the cold-cache case and you'd see where the time is really spent.
(yeah, yeah, you can get that kind of information other ways, but it's a
hell of a lot less convenient than just getting a nice trace with
timestamps).
> And strace can trace some ioctls and setsockopts. (But it's never
> pretty to see isatty() showing in strace as SNDCTL_TMR_TIMEBASE :-)
Yes, strace can fix things up, and show "send a packet" as "fanotify". But
it's nasty and hard.
Quite frankly, I have _never_ever_ seen a good reason for talking to the
kernel with some idiotic packet interface. It's just a fancy way to do
ioctl's, and everybody knows that ioctl's are bad and evil. Why are fancy
packet interfaces suddenly much better?
Linus
^ permalink raw reply
* Re: [PATCH] d44: the poll handler b44_poll must not enable IRQ unconditionally
From: Matt Mackall @ 2009-09-17 16:45 UTC (permalink / raw)
To: DDD; +Cc: davem, romieu, netdev
In-Reply-To: <1253153447.24160.12.camel@dengdd-desktop>
On Thu, Sep 17, 2009 at 10:10:47AM +0800, DDD wrote:
> net/core/netpoll.c::netpoll_send_skb() calls the poll handler when
> it is available. As netconsole can be used from almost any context,
> IRQ must not be enabled blindly in the NAPI handler of the driver
> which supports netpoll.
>
> Call trace:
> netpoll_send_skb()
> {
> local_irq_save(flags)
> -> netpoll_poll()
> -> poll_napi()
> -> poll_one_napi()
> -> napi->poll()
> -> b44_poll()
> local_irq_restore(flags)
> }
>
> Signed-off-by: Dongdong Deng <dongdong.deng@windriver.com>
Acked-by: Matt Mackall <mpm@selenic.com>
> ---
> drivers/net/b44.c | 7 +++----
> 1 files changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/net/b44.c b/drivers/net/b44.c
> index 0189dcd..e046943 100644
> --- a/drivers/net/b44.c
> +++ b/drivers/net/b44.c
> @@ -847,23 +847,22 @@ static int b44_poll(struct napi_struct *napi, int budget)
> {
> struct b44 *bp = container_of(napi, struct b44, napi);
> int work_done;
> + unsigned long flags;
>
> - spin_lock_irq(&bp->lock);
> + spin_lock_irqsave(&bp->lock, flags);
>
> if (bp->istat & (ISTAT_TX | ISTAT_TO)) {
> /* spin_lock(&bp->tx_lock); */
> b44_tx(bp);
> /* spin_unlock(&bp->tx_lock); */
> }
> - spin_unlock_irq(&bp->lock);
> + spin_unlock_irqrestore(&bp->lock, flags);
>
> work_done = 0;
> if (bp->istat & ISTAT_RX)
> work_done += b44_rx(bp, budget);
>
> if (bp->istat & ISTAT_ERRORS) {
> - unsigned long flags;
> -
> spin_lock_irqsave(&bp->lock, flags);
> b44_halt(bp);
> b44_init_rings(bp);
> --
> 1.6.0.4
>
--
Mathematics is the supreme nostalgia of our time.
^ permalink raw reply
* Re: [PATCH 1/2] wl12xx: switch to %pM to print the mac address
From: David Miller @ 2009-09-17 17:19 UTC (permalink / raw)
To: plagnioj; +Cc: linville, bhutchings, netdev
In-Reply-To: <20090917144208.GH29905@game.jcrosoft.org>
From: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Date: Thu, 17 Sep 2009 16:42:08 +0200
> On 08:55 Thu 17 Sep , John W. Linville wrote:
>> Ugh, you're right -- remind me not to ACK things before bed...
>>
>> Jean-Christophe posted a new patch that looked better, although it
>> probably needs to be rebased on this one since I think Dave applied
>> it after my (misguided) ACK.
> ok I'll do asap really sorry
I've already fixed this in my tree.
^ permalink raw reply
* Re: [PATCH] ipv6: Log the affected address when DAD failure occurs
From: David Miller @ 2009-09-17 17:24 UTC (permalink / raw)
To: me; +Cc: netdev
In-Reply-To: <1253101477.10715.8.camel@fnki-nb00130>
From: Jens Rosenboom <me@jayr.de>
Date: Wed, 16 Sep 2009 13:44:37 +0200
> From: Jens Rosenboom <me@jayr.de>
>
> If an interface has multiple addresses, the current message for DAD
> failure isn't really helpful, so this patch adds the address itself to
> the printk.
>
> Signed-off-by: Jens Rosenboom <me@jayr.de>
Applied.
^ permalink raw reply
* Re: [PATCH] pkt_sched: Fix qstats.qlen updating in dump_stats
From: David Miller @ 2009-09-17 17:26 UTC (permalink / raw)
To: jarkao2; +Cc: kaber, netdev
In-Reply-To: <20090916103838.GA9719@ff.dom.local>
From: Jarek Poplawski <jarkao2@gmail.com>
Date: Wed, 16 Sep 2009 10:38:38 +0000
> Some classful qdiscs miss qstats.qlen updating with q.qlen of their
> child qdiscs in dump_stats methods.
>
> Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Applied, thanks.
^ permalink raw reply
* Re: [Patch net-next]atl1e:fix 2.6.31-git4 -- ATL1E 0000:03:00.0: DMA-API: device driver frees DMA
From: David Miller @ 2009-09-17 17:27 UTC (permalink / raw)
To: jie.yang; +Cc: miles.lane, chris.snook, jcliburn, netdev, linux-kernel
In-Reply-To: <12530933101782-git-send-email-jie.yang@atheros.com>
From: <jie.yang@atheros.com>
Date: Wed, 16 Sep 2009 17:28:30 +0800
> use the wrong API when free dma. So when map dma use a flag to demostrate whether it is 'pci_map_single' or 'pci_map_page'. When free the dma, check the flags to select the right APIs('pci_unmap_single' or 'pci_unmap_page').
>
> set the flags type to u16 instead of unsigned long on David's comments.
>
> Signed-off-by: Jie Yang <jie.yang@atheros.com>
Applied.
^ permalink raw reply
* Re: [crash] kernel BUG at net/core/pktgen.c:3503!
From: David Miller @ 2009-09-17 17:29 UTC (permalink / raw)
To: gorcunov; +Cc: mingo, torvalds, akpm, netdev, linux-kernel
In-Reply-To: <20090915185112.GA17587@lenovo>
From: Cyrill Gorcunov <gorcunov@gmail.com>
Date: Tue, 15 Sep 2009 22:51:12 +0400
> [Ingo Molnar - Tue, Sep 15, 2009 at 08:36:47PM +0200]
> |
> | not sure which merge caused this, but i got this boot crash with latest
> | -git:
> |
> | calling flow_cache_init+0x0/0x1b9 @ 1
> | initcall flow_cache_init+0x0/0x1b9 returned 0 after 64 usecs
> | calling pg_init+0x0/0x37c @ 1
> | pktgen 2.72: Packet Generator for packet performance testing.
> | ------------[ cut here ]------------
> | kernel BUG at net/core/pktgen.c:3503!
> | invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> | last sysfs file:
> |
>
> Hi Ingo,
>
> just curious, will the following patch fix the problem?
> I've been fixing problem with familiar symthoms on
> system with custome virtual cpu implementation so
> it may not help in mainline but anyway :)
Ingo, does Cyrill's patch help?
^ permalink raw reply
* Re: [net-next-2.6 PATCH] be2net: fix some cmds to use mccq instead of mbox
From: David Miller @ 2009-09-17 17:30 UTC (permalink / raw)
To: sathyap; +Cc: netdev
In-Reply-To: <20090917044331.GA14568@serverengines.com>
From: Sathya Perla <sathyap@serverengines.com>
Date: Thu, 17 Sep 2009 10:13:31 +0530
> All cmds issued to BE after the creation of mccq must now use the mcc-q
> (and not mbox) to avoid a hw issue that results in mbox poll timeout.
>
> Signed-off-by: Sathya Perla <sathyap@serverengines.com>
Applied, thanks.
^ permalink raw reply
* 2.6.31 / WARNING / tcp_input
From: Denys Fedoryschenko @ 2009-09-17 17:33 UTC (permalink / raw)
To: netdev
Nothing unusual in configs, heavily loaded HTTP proxy.
Some tunings:
sysctl -w net.core.somaxconn=4096
sysctl -w net.core.wmem_max=384000
kernel.panic_on_oops=1
kernel.panic=5
vm.min_free_kbytes=16384
net.ipv4.tcp_max_syn_backlog=10240
net.ipv4.conf.all.arp_filter=1
vm.panic_on_oom=2
net.core.netdev_max_backlog=4000
[ 123.221032] ------------[ cut here ]------------
[ 123.221183] WARNING: at net/ipv4/tcp_input.c:2920 tcp_ack+0xc6c/0x17bf()
[ 123.221316] Hardware name: PowerEdge 2900
[ 123.221438] Modules linked in: ext4 jbd2 mptspi mptsas scsi_transport_spi
scsi_transport_sas mptscsih mptbase xt_owner ipt_REDIRECT xt_tcpudp xt_dscp
iptable_raw iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack rtc_cmos
rtc_core rtc_lib nf_defrag_ipv4 iptable_filter ip_tables x_tables 8021q garp
stp llc loop usb_storage mtdblock mtd_blkdevs mtd iTCO_wdt
iTCO_vendor_support pata_acpi ata_piix ata_generic libata megaraid_sas bnx2
sr_mod cdrom tulip r8169 sky2 via_velocity via_rhine sis900 ne2k_pci 8390
skge tg3 libphy 8139too e1000 e100 usbhid ohci_hcd uhci_hcd ehci_hcd usbcore
nls_base
[ 123.225025] Pid: 0, comm: swapper Not tainted 2.6.31-build-0046-32bit #20
[ 123.225162] Call Trace:
[ 123.225289] [<c012d051>] warn_slowpath_common+0x60/0x90
[ 123.225415] [<c012d08e>] warn_slowpath_null+0xd/0x10
[ 123.225540] [<c02c8e15>] tcp_ack+0xc6c/0x17bf
[ 123.225665] [<c02ca51c>] tcp_rcv_established+0x6dc/0x8fd
[ 123.225791] [<c02cff7f>] tcp_v4_do_rcv+0x24/0x17e
[ 123.225915] [<c02d04c0>] tcp_v4_rcv+0x3e7/0x5a8
[ 123.226039] [<c02b953a>] ip_local_deliver_finish+0xb6/0x12e
[ 123.226174] [<c02b9613>] ip_local_deliver+0x61/0x6a
[ 123.226303] [<c02b9215>] ip_rcv_finish+0x29d/0x2b3
[ 123.226427] [<c02b9458>] ip_rcv+0x22d/0x259
[ 123.226552] [<c029d700>] netif_receive_skb+0x439/0x458
[ 123.226677] [<c02ab3ca>] ? eth_type_trans+0x25/0xa9
[ 123.226808] [<f84c1193>] bnx2_poll_work+0xffd/0x1137 [bnx2]
[ 123.226938] [<c012331a>] ? enqueue_task_fair+0x131/0x173
[ 123.227069] [<c011f015>] ? activate_task+0x3c/0x4b
[ 123.227206] [<f84c145f>] bnx2_poll+0xf8/0x1d8 [bnx2]
[ 123.227331] [<c029dc93>] net_rx_action+0x93/0x177
[ 123.227457] [<c0131ad9>] __do_softirq+0xa7/0x144
[ 123.227582] [<c0131a32>] ? __do_softirq+0x0/0x144
[ 123.227705] <IRQ> [<c0131853>] ? irq_exit+0x29/0x5c
[ 123.227876] [<c0104393>] ? do_IRQ+0x80/0x96
[ 123.228000] [<c0102f49>] ? common_interrupt+0x29/0x30
[ 123.228136] [<c0108a1e>] ? mwait_idle+0x8a/0xb9
[ 123.228266] [<c0101bf0>] ? cpu_idle+0x44/0x60
[ 123.228390] [<c02f90ed>] ? start_secondary+0x195/0x19a
[ 123.228515] ---[ end trace 22f267765b97f808 ]---
^ permalink raw reply
* Re: fanotify as syscalls
From: Arjan van de Ven @ 2009-09-17 17:35 UTC (permalink / raw)
To: Linus Torvalds
Cc: Jamie Lokier, Evgeniy Polyakov, Eric Paris, David Miller,
linux-kernel, linux-fsdevel, netdev, viro, alan, hch
In-Reply-To: <alpine.LFD.2.01.0909170934450.4950@localhost.localdomain>
On Thu, 17 Sep 2009 09:40:16 -0700 (PDT)
Linus Torvalds <torvalds@linux-foundation.org> wrote:
>
> And then we have page faults. I've long wished that from a system
> call tracing standpoint we could show page faults as
> pseudo-system-calls (at least as long as they happen from user space
> - trying to handle nesting is not worth it). It would make it _so_
> much more obvious what the performance patterns are if you could just
> do
>
> strace -ttT firefox
>
> for the cold-cache case and you'd see where the time is really spent.
>
> (yeah, yeah, you can get that kind of information other ways, but
> it's a hell of a lot less convenient than just getting a nice trace
> with timestamps).
ohhh I should add pagefaults to timechart
good one.
--
Arjan van de Ven Intel Open Source Technology Centre
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
^ permalink raw reply
* Re: [PATCH 1/2] wl12xx: switch to %pM to print the mac address
From: Jean-Christophe PLAGNIOL-VILLARD @ 2009-09-17 17:31 UTC (permalink / raw)
To: David Miller; +Cc: linville, bhutchings, netdev
In-Reply-To: <20090917.101939.109704983.davem@davemloft.net>
On 10:19 Thu 17 Sep , David Miller wrote:
> From: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> Date: Thu, 17 Sep 2009 16:42:08 +0200
>
> > On 08:55 Thu 17 Sep , John W. Linville wrote:
> >> Ugh, you're right -- remind me not to ACK things before bed...
> >>
> >> Jean-Christophe posted a new patch that looked better, although it
> >> probably needs to be rebased on this one since I think Dave applied
> >> it after my (misguided) ACK.
> > ok I'll do asap really sorry
>
> I've already fixed this in my tree.
Tks
Best Regards,
J/
^ permalink raw reply
* Re: [crash] kernel BUG at net/core/pktgen.c:3503!
From: Ingo Molnar @ 2009-09-17 17:44 UTC (permalink / raw)
To: David Miller; +Cc: gorcunov, torvalds, akpm, netdev, linux-kernel
In-Reply-To: <20090917.102923.174779685.davem@davemloft.net>
* David Miller <davem@davemloft.net> wrote:
> From: Cyrill Gorcunov <gorcunov@gmail.com>
> Date: Tue, 15 Sep 2009 22:51:12 +0400
>
> > [Ingo Molnar - Tue, Sep 15, 2009 at 08:36:47PM +0200]
> > |
> > | not sure which merge caused this, but i got this boot crash with latest
> > | -git:
> > |
> > | calling flow_cache_init+0x0/0x1b9 @ 1
> > | initcall flow_cache_init+0x0/0x1b9 returned 0 after 64 usecs
> > | calling pg_init+0x0/0x37c @ 1
> > | pktgen 2.72: Packet Generator for packet performance testing.
> > | ------------[ cut here ]------------
> > | kernel BUG at net/core/pktgen.c:3503!
> > | invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
> > | last sysfs file:
> > |
> >
> > Hi Ingo,
> >
> > just curious, will the following patch fix the problem?
> > I've been fixing problem with familiar symthoms on
> > system with custome virtual cpu implementation so
> > it may not help in mainline but anyway :)
>
> Ingo, does Cyrill's patch help?
For now i've turned pktgen off in my tests. Will check it again once
things have calmed down somewhat.
Also, i just tried to reproduce the pktgen crash with latest -git and
the config i sent - no luck, so i cannot test Cyrill's patch either.
Btw., we are seeing some other preempt count and task related
weirdnesses as well in other code, maybe it's related. No good pattern
yet to act upon.
Anyway - please disregard this bugreport until i've investigated it
closer.
Ingo
^ permalink raw reply
* Re: [crash] kernel BUG at net/core/pktgen.c:3503!
From: David Miller @ 2009-09-17 17:49 UTC (permalink / raw)
To: mingo; +Cc: gorcunov, torvalds, akpm, netdev, linux-kernel
In-Reply-To: <20090917174448.GA9548@elte.hu>
From: Ingo Molnar <mingo@elte.hu>
Date: Thu, 17 Sep 2009 19:44:48 +0200
> Anyway - please disregard this bugreport until i've investigated it
> closer.
Ok, thanks for the status update.
^ permalink raw reply
* Re: [crash] kernel BUG at net/core/pktgen.c:3503!
From: Cyrill Gorcunov @ 2009-09-17 17:51 UTC (permalink / raw)
To: Ingo Molnar; +Cc: David Miller, torvalds, akpm, netdev, linux-kernel
In-Reply-To: <20090917174448.GA9548@elte.hu>
[Ingo Molnar - Thu, Sep 17, 2009 at 07:44:48PM +0200]
...
|
| >
| > Ingo, does Cyrill's patch help?
|
| For now i've turned pktgen off in my tests. Will check it again once
| things have calmed down somewhat.
|
| Also, i just tried to reproduce the pktgen crash with latest -git and
| the config i sent - no luck, so i cannot test Cyrill's patch either.
|
| Btw., we are seeing some other preempt count and task related
| weirdnesses as well in other code, maybe it's related. No good pattern
| yet to act upon.
|
| Anyway - please disregard this bugreport until i've investigated it
| closer.
|
| Ingo
|
I'm unable to reproduce this issue too. I was trying
many ways (under kvm) -- no bug triggered. Though on
a system for which I had done this patch in first place
the bug was been hitting all the time (but it contains
custom vcpu management code, which is not our case here).
-- Cyrill
^ permalink raw reply
* [GIT]: Networking
From: David Miller @ 2009-09-17 17:54 UTC (permalink / raw)
To: torvalds; +Cc: akpm, netdev, linux-kernel
1) The idea to use ->close() and then a ->open() to refresh multicast
addresses in the bonding driver was a bad idea and breaks a bunch
of stuff. Better scheme from Moni Shoua.
2) Some TCP code still assuming ssthresh was a u16, oops. Fix from
Ilpo Järvinen.
3) RXRPC updates from David Howells.
4) genetlink table locking busted with netns, fix from Johannes Berg.
5) Several fixes for multiq packet scheduler fallout from Jarek Poplawski.
6) can receives packets in wrong context eliciting warnings from
local_softirq_pending(), fix from Oliver Hartkopp.
7) TCP MD5 code has preempt level imbalance, fix from Robert Varga.
8) SKY2 bug fixes from Stephen Hemminger.
9) Alexey Dobriyan is const'ified several protocol and ops structures.
10) Wireless bug fixes via John Linville.
11) IPV6 conformance fix wrt ROUTER_PREF_INVALID options and making
the DAD failure log message more informative, from Jens Rosenboom.
12) S390 IUCV stack fixes from Ursula Braun and Hendrik Brueckner.
13) ieee802154 stack fixes from Dmitry Eremin-Solenikov.
Please pull, thanks a lot!
The following changes since commit 4142e0d1def2c0176c27fd2e810243045a62eb6d:
Linus Torvalds (1):
Merge branch 'osync_cleanup' of git://git.kernel.org/.../jack/linux-fs-2.6
are available in the git repository at:
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6.git master
Alexander Duyck (2):
igb: reset sgmii phy at start of init
igb: do not allow phy sw reset code to make calls to null pointers
Alexey Dobriyan (3):
net: constify struct net_protocol
net: constify struct inet6_protocol
net: constify remaining proto_ops
Christian Lamparter (1):
p54usb: add Zcomax XG-705A usbid
Daniel C Halperin (1):
iwlwifi: fix HT operation in 2.4 GHz band
David Howells (5):
RxRPC: Declare the security index constants symbolically
RxRPC: Allow key payloads to be passed in XDR form
RxRPC: Allow RxRPC keys to be read
RxRPC: Parse security index 5 keys (Kerberos 5)
RxRPC: Use uX/sX rather than uintX_t/intX_t types
David S. Miller (3):
Merge branch 'master' of git://git.kernel.org/.../linville/wireless-next-2.6
Merge branch 'for-linus' of git://git.kernel.org/.../lowpan/lowpan
wl12xx: Fix print_mac() conversion.
Dmitry Eremin-Solenikov (2):
af_ieee802154: setsockopt optlen arg isn't __user
ieee802154: add locking for seq numbers
Dongdong Deng (1):
b44: the poll handler b44_poll must not enable IRQ unconditionally
Eric Dumazet (1):
net: kmemcheck annotation in struct socket
Gerrit Renker (1):
net-next-2.6 [PATCH 1/1] dccp: ccids whitespace-cleanup / CodingStyle
Hendrik Brueckner (6):
iucv: fix iucv_buffer_cpumask check when calling IUCV functions
iucv: use correct output register in iucv_query_maxconn()
af_iucv: fix race in __iucv_sock_wait()
af_iucv: handle non-accepted sockets after resuming from suspend
af_iucv: do not call iucv_sock_kill() twice
af_iucv: fix race when queueing skbs on the backlog queue
Holger Schurig (2):
cfg80211: use cfg80211_wext_freq() for freq conversion
cfg80211: minimal error handling for wext-compat freq scanning
Ilpo Järvinen (1):
tcp: fix ssthresh u16 leftover
Jarek Poplawski (4):
pkt_sched: Fix qdisc_graft WRT ingress qdisc
pkt_sched: Fix tx queue selection in tc_modify_qdisc
pkt_sched: Fix qdisc_create on stab error handling
pkt_sched: Fix qstats.qlen updating in dump_stats
Jean-Christophe PLAGNIOL-VILLARD (1):
wl12xx: switch to %pM to print the mac address
Jens Rosenboom (2):
ipv6: Ignore route option with ROUTER_PREF_INVALID
ipv6: Log the affected address when DAD failure occurs
Jie Yang (1):
atl1e: fix 2.6.31-git4 -- ATL1E 0000:03:00.0: DMA-API: device driver frees DMA
Jiri Pirko (1):
bonding: make ab_arp select active slaves as other modes
Johannes Berg (3):
iwlwifi: disable powersave for 4965
genetlink: fix netns vs. netlink table locking
cfg80211: fix SME connect
Ken Kawasaki (1):
pcnet_cs: add cis of Linksys multifunction pcmcia card
Larry Finger (1):
ssb: Fix error when V1 SPROM extraction is forced
Luis R. Rodriguez (1):
wireless: default CONFIG_WLAN to y
Mark Smith (1):
Have atalk_route_packet() return NET_RX_SUCCESS not NET_XMIT_SUCCESS
Martin Decky (1):
hostap: Revert a toxic part of the conversion to net_device_ops
Michael Buesch (3):
b43: Force-wake queues on init
ssb: Disable verbose SDIO coreswitch
b43: Fix resume failure
Michael Hennerich (1):
netdev: smc91x: drop Blackfin cruft
Moni Shoua (1):
bonding: remap muticast addresses without using dev_close() and dev_open()
Oliver Hartkopp (1):
can: fix NOHZ local_softirq_pending 08 warning
Pavel Roskin (1):
rc80211_minstrel: fix contention window calculation
Peter P Waskiewicz Jr (3):
ixgbe: Properly disable packet split per-ring when globally disabled
ixgbe: Add support for 82599-based CX4 adapters
ixgbe: Create separate media type for CX4 adapters
Randy Dunlap (1):
ssb/sdio: fix printk format warnings
Reinette Chatre (1):
iwlwifi: fix potential rx buffer loss
Robert Varga (1):
tcp: fix CONFIG_TCP_MD5SIG + CONFIG_PREEMPT timer BUG()
Rémi Denis-Courmont (2):
Phonet: Netlink event for autoconfigured addresses
cdc-phonet: remove noisy debug statement
Sathya Perla (1):
be2net: fix some cmds to use mccq instead of mbox
Stephen Hemminger (2):
sky2: transmit ring accounting
sky2: Make sure both ports initialize correctly
Sujith (1):
ath9k: Fix bug in ANI channel handling
Ursula Braun (1):
iucv: suspend/resume error msg for left over pathes
Vitaliy Gusev (1):
mlx4: Fix access to freed memory
Wey-Yi Guy (1):
iwlwifi: find the correct first antenna
drivers/net/atl1e/atl1e.h | 9 +
drivers/net/atl1e/atl1e_main.c | 15 +-
drivers/net/b44.c | 7 +-
drivers/net/benet/be.h | 1 +
drivers/net/benet/be_cmds.c | 412 +++++++-----
drivers/net/benet/be_cmds.h | 5 +-
drivers/net/benet/be_main.c | 42 +-
drivers/net/bonding/bond_main.c | 131 ++---
drivers/net/can/vcan.c | 2 +-
drivers/net/igb/e1000_82575.c | 198 +++---
drivers/net/igb/e1000_82575.h | 2 +-
drivers/net/igb/e1000_defines.h | 2 +-
drivers/net/igb/e1000_phy.c | 5 +-
drivers/net/igb/igb_main.c | 2 +-
drivers/net/ixgbe/ixgbe_82598.c | 6 +-
drivers/net/ixgbe/ixgbe_82599.c | 3 +
drivers/net/ixgbe/ixgbe_main.c | 4 +
drivers/net/ixgbe/ixgbe_type.h | 2 +
drivers/net/mlx4/catas.c | 11 +-
drivers/net/pcmcia/pcnet_cs.c | 10 +-
drivers/net/pppol2tp.c | 4 +-
drivers/net/sky2.c | 24 +-
drivers/net/smc91x.h | 28 -
drivers/net/usb/cdc-phonet.c | 1 -
drivers/net/wireless/Kconfig | 1 +
drivers/net/wireless/ath/ath9k/ani.c | 6 +-
drivers/net/wireless/b43/main.c | 8 +-
drivers/net/wireless/hostap/hostap_main.c | 3 +-
drivers/net/wireless/iwlwifi/iwl-4965.c | 1 +
drivers/net/wireless/iwlwifi/iwl-agn-rs.c | 10 +-
drivers/net/wireless/iwlwifi/iwl-core.c | 9 +-
drivers/net/wireless/iwlwifi/iwl-core.h | 1 +
drivers/net/wireless/iwlwifi/iwl-power.c | 5 +-
drivers/net/wireless/iwlwifi/iwl-rx.c | 24 +-
drivers/net/wireless/iwlwifi/iwl3945-base.c | 24 +-
drivers/net/wireless/p54/p54usb.c | 1 +
drivers/net/wireless/wl12xx/wl1271_main.c | 5 +-
drivers/serial/serial_cs.c | 14 +-
drivers/ssb/pci.c | 1 +
drivers/ssb/sdio.c | 6 +-
firmware/Makefile | 3 +-
firmware/WHENCE | 12 +
firmware/cis/MT5634ZLX.cis.ihex | 11 +
firmware/cis/PCMLM28.cis.ihex | 18 +
firmware/cis/RS-COM-2P.cis.ihex | 10 +
include/keys/rxrpc-type.h | 107 ++++
include/linux/igmp.h | 2 +
include/linux/net.h | 5 +
include/linux/netdevice.h | 3 +-
include/linux/netlink.h | 4 +
include/linux/notifier.h | 2 +
include/linux/rxrpc.h | 7 +
include/net/addrconf.h | 2 +
include/net/protocol.h | 13 +-
include/net/sch_generic.h | 2 +-
include/net/tcp.h | 7 +
net/appletalk/ddp.c | 2 +-
net/can/af_can.c | 4 +-
net/core/dev.c | 4 +-
net/dccp/ccids/Kconfig | 6 +-
net/dccp/ccids/ccid2.c | 2 -
net/dccp/ccids/ccid2.h | 8 +-
net/dccp/ccids/ccid3.c | 5 +-
net/dccp/ccids/ccid3.h | 50 +-
net/dccp/ccids/lib/loss_interval.c | 7 +-
net/dccp/ccids/lib/loss_interval.h | 2 -
net/dccp/ccids/lib/packet_history.c | 4 +-
net/dccp/ccids/lib/packet_history.h | 1 -
net/dccp/ccids/lib/tfrc.h | 4 +-
net/dccp/ccids/lib/tfrc_equation.c | 26 +-
net/dccp/ipv4.c | 2 +-
net/dccp/ipv6.c | 4 +-
net/ieee802154/dgram.c | 2 +-
net/ieee802154/netlink.c | 4 +
net/ieee802154/raw.c | 2 +-
net/ipv4/af_inet.c | 18 +-
net/ipv4/ah4.c | 2 +-
net/ipv4/devinet.c | 6 +
net/ipv4/esp4.c | 2 +-
net/ipv4/icmp.c | 2 +-
net/ipv4/igmp.c | 22 +
net/ipv4/ip_gre.c | 2 +-
net/ipv4/ip_input.c | 2 +-
net/ipv4/ipcomp.c | 2 +-
net/ipv4/ipmr.c | 6 +-
net/ipv4/protocol.c | 6 +-
net/ipv4/tcp.c | 2 +-
net/ipv4/tcp_input.c | 2 +-
net/ipv4/tcp_ipv4.c | 4 +-
net/ipv4/tcp_minisocks.c | 4 +-
net/ipv4/tunnel4.c | 4 +-
net/ipv4/udplite.c | 2 +-
net/ipv6/addrconf.c | 23 +-
net/ipv6/af_inet6.c | 10 +-
net/ipv6/ah6.c | 2 +-
net/ipv6/esp6.c | 2 +-
net/ipv6/exthdrs.c | 6 +-
net/ipv6/icmp.c | 4 +-
net/ipv6/ip6_input.c | 2 +-
net/ipv6/ip6mr.c | 6 +-
net/ipv6/ipcomp6.c | 2 +-
net/ipv6/mcast.c | 19 +
net/ipv6/protocol.c | 6 +-
net/ipv6/reassembly.c | 2 +-
net/ipv6/route.c | 2 +-
net/ipv6/tcp_ipv6.c | 7 +-
net/ipv6/tunnel6.c | 4 +-
net/ipv6/udp.c | 2 +-
net/ipv6/udplite.c | 2 +-
net/iucv/af_iucv.c | 33 +-
net/iucv/iucv.c | 38 +-
net/mac80211/rc80211_minstrel.c | 2 +-
net/netlink/af_netlink.c | 51 +-
net/netlink/genetlink.c | 5 +-
net/phonet/pn_dev.c | 9 +-
net/rds/af_rds.c | 2 +-
net/rose/af_rose.c | 4 +-
net/rxrpc/ar-ack.c | 6 +-
net/rxrpc/ar-internal.h | 32 +-
net/rxrpc/ar-key.c | 914 +++++++++++++++++++++++++--
net/rxrpc/ar-security.c | 8 +-
net/rxrpc/rxkad.c | 47 +-
net/sched/sch_api.c | 29 +-
net/sched/sch_drr.c | 4 +-
net/sched/sch_mq.c | 14 +-
net/sched/sch_multiq.c | 1 +
net/sched/sch_prio.c | 1 +
net/sctp/ipv6.c | 2 +-
net/sctp/protocol.c | 2 +-
net/socket.c | 1 +
net/wireless/scan.c | 7 +-
net/wireless/sme.c | 21 +-
132 files changed, 2009 insertions(+), 805 deletions(-)
create mode 100644 firmware/cis/MT5634ZLX.cis.ihex
create mode 100644 firmware/cis/PCMLM28.cis.ihex
create mode 100644 firmware/cis/RS-COM-2P.cis.ihex
^ permalink raw reply
* Re: fanotify as syscalls
From: Eric Paris @ 2009-09-17 18:53 UTC (permalink / raw)
To: Linus Torvalds
Cc: Jamie Lokier, Evgeniy Polyakov, David Miller, linux-kernel,
linux-fsdevel, netdev, viro, alan, hch
In-Reply-To: <alpine.LFD.2.01.0909170934450.4950@localhost.localdomain>
On Thu, 2009-09-17 at 09:40 -0700, Linus Torvalds wrote:
>
> On Wed, 16 Sep 2009, Jamie Lokier wrote:
> >
> > I'd forgotten about Linus' strace argument. That's a good one.
> >
> > Of course everything should be a syscall by that argument :-)
>
> Oh yes, everything _should_ be a syscall.
I rewrote the interface and prototyped out a working fanotify like so:
SYSCALL_DEFINE4(fanotify_init, unsigned int, flags, int, event_f_flags,
__u64, mask, int, priority)
int flags indicates - things like global or directed, fd's or wd's,
could include fail allow vs fail deny, O_CLOEXEC, O_NONBLOCK, etc
int event_f_flags - flags used when opening an fd for the listener
__u64 mask - in global mode the events of interest
int priority - the order fanotify listeners should be checked (so HSM
can be before AV scanners)
Do we need a timeout for access decisions? I left room for that in the
bind address, but we can't just leave room to spare with a syscall...
SYSCALL_DEFINE6(fanotify_modify_mark, int, fanotify_fd,
unsigned int, flags, int, fd,
const char __user *, pathname, __u64, mask,
__u64, ignored_mask)
int fanotify_fd - duh
int flags - add, remove, flush, events on child, event on subtree?
int fd - either fd to object or fd to dir for relative pathname
const char __user * pathname - either pathname or null if only use fd
__u64 mask - events this inode cares about
__u64 ignored_mask - events this inode does NOT care about
(not yet done, would someone like to comment?)
fanotify_response(int fanotify_fd, __u64 cookie, __u32 response);
__u64 cookie - which of our permission requests we are waiting on
__u32 response - allow, deny, wait longer
Could be done using write(), but I think the strace argument clearly
says that this should be a syscall that can be easily found and reported
(not settled in my mind)
int fanotify_ignore_sb(int fanotify_fd, unsigned int flags,
long f_type, fsid_t f_fsid)
int fanotify_fd - duh
unsigned int flags - f_type or fsid?
long f_type - statfs(2) f_type
fsid_t f_fsid - statfs(2) f_fsid
Reads from the fd would return data of this structure:
struct fanotify_event_metadata {
__u32 event_len;
__u32 vers;
__s32 fd;
__u32 mask;
__u32 f_flags;
__s32 pid;
__s32 uid;
__s32 tgid;
__u64 cookie;
} __attribute__((packed));
Thanks to event_len and vers, we could extend it to include
__u32 filename1_len,
char filename1[filename1_len]
__u32 filename2_len,
char filename2[filename2_len]
This can all take shape as that work is completed and I don't believe
should block merging.
Do my syscalls look pretty enough? I'm down to 3 or 4.
Jamie, you tend to agree that the interface and the event types are nice
enough that we can build out (if we get the right hooks in the right
places) everywhere we need to go?
-Eric
^ permalink raw reply
* RE: [PATCH] ks8851_ml ethernet network driver
From: Choi, David @ 2009-09-17 19:11 UTC (permalink / raw)
To: Stephen Hemminger, Li, Charles
Cc: Greg KH, netdev, David S. Miller, Choi, Jeff Garzik
In-Reply-To: <20090916210315.04dc743e@s6510>
Hello Stephen Hemminger,
My fix up is as followings;
Even if the irq is not shared, it is safe not to process
when there is no interrupt status change in the hardware.
====================
@@ -818,6 +811,11 @@ static irqreturn_t ks_irq(int irq, void
ks_save_cmd_reg(ks);
status = ks_rdreg16(ks, KS_ISR);
+ if (unlikely(!status)) {
+ ks_restore_cmd_reg(ks);
+ return IRQ_NONE;
+ }
+
ks_wrreg16(ks, KS_ISR, status);
if (likely(status & IRQ_RXI))
Regards,
David J. Choi
-----Original Message-----
From: Stephen Hemminger [mailto:shemminger@vyatta.com]
Sent: Wednesday, September 16, 2009 9:03 PM
To: Li, Charles
Cc: Greg KH; netdev@vger.kernel.org; David S. Miller; Choi@kroah.com;
Choi, David; Jeff Garzik
Subject: Re: [PATCH] ks8851_ml ethernet network driver
On Wed, 16 Sep 2009 19:38:36 -0700
Greg KH <greg@kroah.com> wrote:
> /**
> + * ks_irq - device interrupt handler
> + * @irq: Interrupt number passed from the IRQ hnalder.
> + * @pw: The private word passed to register_irq(), our struct ks_net.
> + *
> + * This is the handler invoked to find out what happened
> + *
> + * Read the interrupt status, work out what needs to be done and then
clear
> + * any of the interrupts that are not needed.
> + */
> +
> +static irqreturn_t ks_irq(int irq, void *pw)
> +{
> + struct ks_net *ks = pw;
> + struct net_device *netdev = ks->netdev;
> + u16 status;
> +
> + /*this should be the first in IRQ handler */
> + ks_save_cmd_reg(ks);
> +
> + status = ks_rdreg16(ks, KS_ISR);
> + ks_wrreg16(ks, KS_ISR, status);
if status == 0 or status == ~0 then device should not return
IRQ_HANDLED.
In the former case, the IRQ is shared, in later case the device is not
present
on the bus (hotplug).
^ permalink raw reply
* RE: [PATCH] ks8851_ml ethernet network driver
From: Choi, David @ 2009-09-17 19:06 UTC (permalink / raw)
To: David Miller, greg; +Cc: netdev, Li, Charles, Choi, jgarzik, shemminger
In-Reply-To: <20090916.204801.190052862.davem@davemloft.net>
Hello David Miller,
My fix ups are as followings;
-Remove DEBUG definition
-Remove MALLOC definition
-Intent to fix compile warnings, which I can not reproduce
in my test environment(linux-2.6.31-rc3 source tree and
gcc4.2.1.)
If you have still warnings with my fix ups, give me brief
description
To reproduce the warnings.
=================
--- linux-2.6.31-rc3/drivers/net/ks8851_mll.c.orig 2009-09-17
10:18:56.000000000 -0700
+++ linux-2.6.31-rc3/drivers/net/ks8851_mll.c 2009-09-17
10:09:37.000000000 -0700
@@ -21,8 +21,6 @@
* KS8851 16bit MLL chip from Micrel Inc.
*/
-#define DEBUG
-
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netdevice.h>
@@ -419,7 +417,6 @@ union ks_tx_hdr {
* or one of the work queues.
*
*/
-#define MALLOC(x) kmalloc(x, GFP_KERNEL)
/* Receive multiplex framer header info */
struct type_frame_head {
@@ -552,11 +549,9 @@ static void ks_wrreg16(struct ks_net *ks
*/
static inline void ks_inblk(struct ks_net *ks, u16 *wptr, u32 len)
{
- u32 data_port = (u32)ks->hw_addr;
len >>= 1;
- do {
- *wptr++ = (u16)ioread16(data_port);
- } while (--len);
+ while (len--)
+ *wptr++ = (u16)ioread16(ks->hw_addr);
}
/**
@@ -568,11 +563,9 @@ static inline void ks_inblk(struct ks_ne
*/
static inline void ks_outblk(struct ks_net *ks, u16 *wptr, u32 len)
{
- u32 data_port = (u32)ks->hw_addr;
len >>= 1;
- do {
- iowrite16(*wptr++, data_port);
- } while (--len);
+ while (len--)
+ iowrite16(*wptr++, ks->hw_addr);
}
/**
Regards,
David J. Choi
-----Original Message-----
From: David Miller [mailto:davem@davemloft.net]
Sent: Wednesday, September 16, 2009 8:48 PM
To: greg@kroah.com
Cc: netdev@vger.kernel.org; Li, Charles; Choi@kroah.com; Choi, David;
jgarzik@redhat.com; shemminger@vyatta.com
Subject: Re: [PATCH] ks8851_ml ethernet network driver
From: Greg KH <greg@kroah.com>
Date: Wed, 16 Sep 2009 19:38:36 -0700
> From: Choi, David <David.Choi@Micrel.Com>
>
> This is a network driver for the ks8851 16bit MLL ethernet device.
>
> Signed-off-by: David J. Choi <david.choi@micrel.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This doesn't even build cleanly:
drivers/net/ks8851_mll.c: In function 'ks_inblk':
drivers/net/ks8851_mll.c:555: warning: cast from pointer to integer of
different size
drivers/net/ks8851_mll.c:558: warning: passing argument 1 of '_readw'
makes pointer from integer without a cast
drivers/net/ks8851_mll.c: In function 'ks_outblk':
drivers/net/ks8851_mll.c:571: warning: cast from pointer to integer of
different size
drivers/net/ks8851_mll.c:574: warning: passing argument 2 of '_writew'
makes pointer from integer without a cast
It also has a big "#define DEBUG" at the beginning of the driver.
And it also has stuff like:
+#define MALLOC(x) kmalloc(x, GFP_KERNEL)
which actually decreases the readability of this driver.
Please fix this up.
^ permalink raw reply
* RE: [PATCH] ks8851_ml ethernet network driver
From: Choi, David @ 2009-09-17 19:20 UTC (permalink / raw)
To: Stephen Hemminger, Greg KH, Li, Charles
Cc: netdev, David S. Miller, Choi, Jeff Garzik
In-Reply-To: <20090916210702.617b5069@s6510>
Hello Stephen Hemminger,
Here is my fix ups.
-mutex_lock is intended to gurantee to access the hardware
registers
exclusively. But as you mentioned, this mutex is redundancy in
ks_net_open() because this function does not access the hardware. So I
remove it.
================
@@ -858,7 +856,6 @@ static int ks_net_open(struct net_device
/* lock the card, even if we may not actually do anything
* else at the moment.
*/
- mutex_lock(&ks->lock);
if (netif_msg_ifup(ks))
ks_dbg(ks, "%s - entry\n", __func__);
@@ -875,8 +872,6 @@ static int ks_net_open(struct net_device
if (netif_msg_ifup(ks))
ks_dbg(ks, "network device %s up\n", netdev->name);
- mutex_unlock(&ks->lock);
-
return 0;
}
Regards,
David J. Choi
-----Original Message-----
From: Stephen Hemminger [mailto:shemminger@vyatta.com]
Sent: Wednesday, September 16, 2009 9:07 PM
To: Greg KH; Li, Charles
Cc: netdev@vger.kernel.org; David S. Miller; Choi@kroah.com; Choi,
David; Jeff Garzik
Subject: Re: [PATCH] ks8851_ml ethernet network driver
On Wed, 16 Sep 2009 19:38:36 -0700
Greg KH <greg@kroah.com> wrote:
> +
> +/**
> + * ks_net_open - open network device
> + * @netdev: The network device being opened.
> + *
> + * Called when the network device is marked active, such as a user
executing
> + * 'ifconfig up' on the device.
> + */
> +static int ks_net_open(struct net_device *netdev)
> +{
> + struct ks_net *ks = netdev_priv(netdev);
> + int err;
> +
> +#define KS_INT_FLAGS (IRQF_DISABLED|IRQF_TRIGGER_LOW)
> + /* lock the card, even if we may not actually do anything
> + * else at the moment.
> + */
> + mutex_lock(&ks->lock);
> +
I don't understand the purpose of ks->lock mutex. What is it
really protecting? open/close are already protected by rtnl_mutex,
is it really only for the PHY?
^ permalink raw reply
* RE: [PATCH] ks8851_ml ethernet network driver
From: Choi, David @ 2009-09-17 19:30 UTC (permalink / raw)
To: David Miller, greg; +Cc: netdev, Li, Charles, Choi, jgarzik, shemminger
In-Reply-To: <20090916.204801.190052862.davem@davemloft.net>
Hello David Miller,
Sorry to resend it. In my previous e-mail, I included a part of patch,
not a complete patch.
My fix ups are as followings;
-Remove DEBUG definition
-Remove MALLOC definition
-Intent to fix compile warnings, which I can not reproduce
in my test environment(linux-2.6.31-rc3 source tree and
gcc4.2.1.)
If you have still warnings with my fix ups, give me brief
description
To reproduce the warnings.
===================
--- linux-2.6.31-rc3/drivers/net/ks8851_mll.c.orig 2009-09-17
10:18:56.000000000 -0700
+++ linux-2.6.31-rc3/drivers/net/ks8851_mll.c 2009-09-17
10:09:37.000000000 -0700
@@ -21,8 +21,6 @@
* KS8851 16bit MLL chip from Micrel Inc.
*/
-#define DEBUG
-
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netdevice.h>
@@ -419,7 +417,6 @@ union ks_tx_hdr {
* or one of the work queues.
*
*/
-#define MALLOC(x) kmalloc(x, GFP_KERNEL)
/* Receive multiplex framer header info */
struct type_frame_head {
@@ -552,11 +549,9 @@ static void ks_wrreg16(struct ks_net *ks
*/
static inline void ks_inblk(struct ks_net *ks, u16 *wptr, u32 len)
{
- u32 data_port = (u32)ks->hw_addr;
len >>= 1;
- do {
- *wptr++ = (u16)ioread16(data_port);
- } while (--len);
+ while (len--)
+ *wptr++ = (u16)ioread16(ks->hw_addr);
}
/**
@@ -568,11 +563,9 @@ static inline void ks_inblk(struct ks_ne
*/
static inline void ks_outblk(struct ks_net *ks, u16 *wptr, u32 len)
{
- u32 data_port = (u32)ks->hw_addr;
len >>= 1;
- do {
- iowrite16(*wptr++, data_port);
- } while (--len);
+ while (len--)
+ iowrite16(*wptr++, ks->hw_addr);
}
@@ -1515,12 +1510,13 @@ void ks_enable(struct ks_net *ks)
static int ks_hw_init(struct ks_net *ks)
{
+#define MHEADER_SIZE (sizeof(struct type_frame_head) *
MAX_RECV_FRAMES)
ks->promiscuous = 0;
ks->all_mcast = 0;
ks->mcast_lst_size = 0;
ks->frame_head_info = (struct type_frame_head *) \
- MALLOC(sizeof(struct type_frame_head) *
MAX_RECV_FRAMES);
+ kmalloc(MHEADER_SIZE, GFP_KERNEL);
if (!ks->frame_head_info) {
printk(KERN_ERR "Error: Fail to allocate frame
memory\n");
return false;
Regards,
David J. Choi
-----Original Message-----
From: David Miller [mailto:davem@davemloft.net]
Sent: Wednesday, September 16, 2009 8:48 PM
To: greg@kroah.com
Cc: netdev@vger.kernel.org; Li, Charles; Choi@kroah.com; Choi, David;
jgarzik@redhat.com; shemminger@vyatta.com
Subject: Re: [PATCH] ks8851_ml ethernet network driver
From: Greg KH <greg@kroah.com>
Date: Wed, 16 Sep 2009 19:38:36 -0700
> From: Choi, David <David.Choi@Micrel.Com>
>
> This is a network driver for the ks8851 16bit MLL ethernet device.
>
> Signed-off-by: David J. Choi <david.choi@micrel.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This doesn't even build cleanly:
drivers/net/ks8851_mll.c: In function 'ks_inblk':
drivers/net/ks8851_mll.c:555: warning: cast from pointer to integer of
different size
drivers/net/ks8851_mll.c:558: warning: passing argument 1 of '_readw'
makes pointer from integer without a cast
drivers/net/ks8851_mll.c: In function 'ks_outblk':
drivers/net/ks8851_mll.c:571: warning: cast from pointer to integer of
different size
drivers/net/ks8851_mll.c:574: warning: passing argument 2 of '_writew'
makes pointer from integer without a cast
It also has a big "#define DEBUG" at the beginning of the driver.
And it also has stuff like:
+#define MALLOC(x) kmalloc(x, GFP_KERNEL)
which actually decreases the readability of this driver.
Please fix this up.
^ permalink raw reply
* [ANNOUNCE] new iptables module match large amount of ip addresses
From: Mikulas Patocka @ 2009-09-17 19:15 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev
Hi
Here I submit an iptables module that can match large amounts (millions)
of ip addresses efficiently using binary search. I needed it to protect my
home network from spam. It may be useful for other people too, so if you
want it, you can take it and add it to the kernel.
Get the patches for netfilter and kernel at:
http://artax.karlin.mff.cuni.cz/~mikulas/xt_ipfile/
(you need to copy the file include/linux/netfilter/xt_ipfile.h from kernel
sources to /usr/include/linux/netfilter/ to compile the userspace)
The main features:
- fast matching of large amount of ip addresses using binary search.
- an ability to match ranges of addresses or address/mask subnets.
- fast loading of the addresses (on Pentium 3 850, 2 million addresses
load in 5.5s, if they are already sorted in the file, the load time is
just 1.5s).
- memory efficient --- consumes only 8 bytes per address.
USAGE:
prepare a file with addreses, in this example /root/firewall/bad-ips. One
entry per line, the allowed formats are:
1.2.3.4
1.2.3.0/24
1.2.3.4-1.2.3.8
insert it into iptables with:
iptables -A SPAM -m ipfile --src-file /root/firewall/bad-ips -j DROP
The module doesn't support ipv6 because I don't use it, but it's generic
enough that it could be extended for it. It could be also extended to
match ethernet MAC addresses.
Mikulas
^ permalink raw reply
* Re: [ANNOUNCE] new iptables module match large amount of ip addresses
From: Eric Leblond @ 2009-09-17 20:03 UTC (permalink / raw)
To: Mikulas Patocka; +Cc: netfilter-devel, netdev
In-Reply-To: <Pine.LNX.4.64.0909172100220.27299@artax.karlin.mff.cuni.cz>
[-- Attachment #1: Type: text/plain, Size: 1900 bytes --]
Hi,
Le jeudi 17 septembre 2009 à 21:15 +0200, Mikulas Patocka a écrit :
> Hi
>
> Here I submit an iptables module that can match large amounts (millions)
> of ip addresses efficiently using binary search.
What are the differences with ipset ? (http://ipset.netfilter.org/)
BR,
> I needed it to protect my
> home network from spam. It may be useful for other people too, so if you
> want it, you can take it and add it to the kernel.
>
> Get the patches for netfilter and kernel at:
> http://artax.karlin.mff.cuni.cz/~mikulas/xt_ipfile/
> (you need to copy the file include/linux/netfilter/xt_ipfile.h from kernel
> sources to /usr/include/linux/netfilter/ to compile the userspace)
>
> The main features:
> - fast matching of large amount of ip addresses using binary search.
> - an ability to match ranges of addresses or address/mask subnets.
> - fast loading of the addresses (on Pentium 3 850, 2 million addresses
> load in 5.5s, if they are already sorted in the file, the load time is
> just 1.5s).
> - memory efficient --- consumes only 8 bytes per address.
>
> USAGE:
>
> prepare a file with addreses, in this example /root/firewall/bad-ips. One
> entry per line, the allowed formats are:
> 1.2.3.4
> 1.2.3.0/24
> 1.2.3.4-1.2.3.8
>
> insert it into iptables with:
> iptables -A SPAM -m ipfile --src-file /root/firewall/bad-ips -j DROP
>
> The module doesn't support ipv6 because I don't use it, but it's generic
> enough that it could be extended for it. It could be also extended to
> match ethernet MAC addresses.
>
> Mikulas
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Eric Leblond <eric@inl.fr>
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/
[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply
* [PATCH] i2400m: minimal ethtool support
From: Dan Williams @ 2009-09-17 20:06 UTC (permalink / raw)
To: Inaky Perez-Gonzalez; +Cc: wimax@linuxwimax.org, netdev
Add minimal ethtool support for carrier detection.
Signed-off-by: Dan Williams <dcbw@redhat.com>
diff --git a/drivers/net/wimax/i2400m/netdev.c b/drivers/net/wimax/i2400m/netdev.c
index 9653f47..c915775 100644
--- a/drivers/net/wimax/i2400m/netdev.c
+++ b/drivers/net/wimax/i2400m/netdev.c
@@ -74,6 +74,7 @@
*/
#include <linux/if_arp.h>
#include <linux/netdevice.h>
+#include <linux/ethtool.h>
#include "i2400m.h"
@@ -559,6 +560,22 @@ static const struct net_device_ops i2400m_netdev_ops = {
.ndo_change_mtu = i2400m_change_mtu,
};
+static void i2400m_get_drvinfo(struct net_device *net_dev,
+ struct ethtool_drvinfo *info)
+{
+ struct i2400m *i2400m = net_dev_to_i2400m(net_dev);
+
+ strncpy(info->driver, KBUILD_MODNAME, sizeof(info->driver) - 1);
+ strncpy(info->fw_version, i2400m->fw_name, sizeof(info->fw_version) - 1);
+ if (net_dev->dev.parent)
+ strncpy(info->bus_info, dev_name(net_dev->dev.parent),
+ sizeof(info->bus_info) - 1);
+}
+
+static const struct ethtool_ops i2400m_ethtool_ops = {
+ .get_drvinfo = i2400m_get_drvinfo,
+ .get_link = ethtool_op_get_link,
+};
/**
* i2400m_netdev_setup - Setup setup @net_dev's i2400m private data
@@ -580,6 +597,7 @@ void i2400m_netdev_setup(struct net_device *net_dev)
& ~IFF_MULTICAST);
net_dev->watchdog_timeo = I2400M_TX_TIMEOUT;
net_dev->netdev_ops = &i2400m_netdev_ops;
+ net_dev->ethtool_ops = &i2400m_ethtool_ops;
d_fnend(3, NULL, "(net_dev %p) = void\n", net_dev);
}
EXPORT_SYMBOL_GPL(i2400m_netdev_setup);
^ permalink raw reply related
* Re: fanotify as syscalls
From: Andreas Gruenbacher @ 2009-09-17 20:07 UTC (permalink / raw)
To: Jamie Lokier
Cc: Eric Paris, Linus Torvalds, Evgeniy Polyakov, David Miller,
linux-kernel, linux-fsdevel, netdev, viro, alan, hch
In-Reply-To: <20090916121708.GD29359@shareable.org>
On Wednesday, 16 September 2009 14:17:08 Jamie Lokier wrote:
> Eric Paris wrote:
> > On Wed, 2009-09-16 at 08:52 +0100, Jamie Lokier wrote:
> > > Seriously, what does system-wide fanotify do when run from a
> > > chroot/namespace/cgroup, and a file outside them is accessed?
> >
> > At the moment an fanotify global listener is system wide. Truely system
> > wide. A gentleman from suse is looking rectify the problem so that if
> > run inside a namespace it stays inside the namespace. Note that this
> > particular little tidbit is not in the 8 patches I proposed. At the
> > moment those just include the UI and basic notification.
>
> I'll be really interested in the gentleman's solution.
I guess Eric meant me.
>From my point of view, "global" events make no sense, and fanotify listeners
should register which directories they are interested in (e.g., include "/",
exclude "/proc"). This takes care of chroots and namespaces as well.
I think we want to register for events on objects rather than in the
namespace, i.e., for inodes visible in multiple places because of hardlinks
or bind mounts, we get the same kinds of events no matter which path is used.
(The path actually used would still show up in /proc/self/fd/x.) When moving
registered inodes, the registrations would move with them. This is how
inotify works, except that inotify watches are not recursive.
The difficulty with this is that in the worst case, this would require walking
the entire namespace and all cached inodes. I don't see how this could be
done for two reasons:
* First, we can't take the vfsmount_lock and dcache_lock for the entire time.
* Second, we would need to pin almost all the inodes, which is a clear no-go.
[Why pin? At least we would need to remember which objects a listener has
registered interest in, so we need to pin the inodes. We could still
allow unregistered directory inodes to be thrown out because we can
recreate their registration status from the parent. We can't recreate the
registration status of non-directories because of hardlinks, though.]
The only other idea I could come up with is to only allow recursive
registrations at mount points: instead of inodes, the vfsmounts would be
included or excluded (probably automatically including bind mounts). This has
one big drawback though: users would no longer be able to watch arbitrary
subtrees anymore. Privileged users could still arrange to watch almost all
subtrees with bind mounts (mount --bind /foo/bar /foo/bar).
Any ideas?
Thanks,
Andreas
^ permalink raw reply
* Re: [ANNOUNCE] new iptables module match large amount of ip addresses
From: Mikulas Patocka @ 2009-09-17 20:36 UTC (permalink / raw)
To: Eric Leblond; +Cc: netfilter-devel, netdev
In-Reply-To: <1253217817.21074.9.camel@ice-age>
[-- Attachment #1: Type: TEXT/PLAIN, Size: 736 bytes --]
On Thu, 17 Sep 2009, Eric Leblond wrote:
> Hi,
>
> Le jeudi 17 septembre 2009 a 21:15 +0200, Mikulas Patocka a écrit :
> > Hi
> >
> > Here I submit an iptables module that can match large amounts (millions)
> > of ip addresses efficiently using binary search.
>
> What are the differences with ipset ? (http://ipset.netfilter.org/)
>
> BR,
What I wrote is static --- once loaded, then used. The only way to update
the addresses is to reload it. Ipset is dynamic (and has more memory
consumption because of it). In my implementation, the kernel reads the ip
addresses, in ipset, the userspace tool reads them.
I didn't know about ipset before because it is not in the kernel (will it
ever be?)
Mikulas
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox