* Re: am3359 (cpsw): unable to get gigabit link working (PHY: ICPlus IP1001)
From: Yegor Yefremov @ 2012-06-14 8:28 UTC (permalink / raw)
To: N, Mugunthan V; +Cc: netdev, Chemparathy, Cyril, Govindarajan, Sriramakrishnan
In-Reply-To: <EB1619762EAF8B4E97A227FB77B7E0293E9B6D3B@DBDE01.ent.ti.com>
On Thu, Jun 14, 2012 at 10:16 AM, N, Mugunthan V <mugunthanvnm@ti.com> wrote:
>> -----Original Message-----
>> From: Yegor Yefremov [mailto:yegorslists@googlemail.com]
>> Sent: Wednesday, June 13, 2012 5:59 PM
>> To: netdev
>> Cc: Chemparathy, Cyril; Govindarajan, Sriramakrishnan; N, Mugunthan V
>> Subject: am3359 (cpsw): unable to get gigabit link working (PHY: ICPlus
>> IP1001)
>>
>> I'm using a custom am3359 based board. The first CPSW ports is
>> connected to ICPlus IP1001 phy via RGMII interface. I have no problem
>> with 100mbit link, but as soon as I connect my board to a 1Gbit switch
>> the communication fails. I can see that some data goes on wire, but
>> switch refuses to forward it. I can't receive anything either. Phy
>>. detects 1Gbit link correctly
>>
>> My kernel: https://github.com/koenkooi/linux
>>
>> I also define phy interface as RGMII:
>>
>> static struct cpsw_slave_data am33xx_cpsw_slaves[] = {
>> {
>> .slave_reg_ofs = 0x208,
>> .sliver_reg_ofs = 0xd80,
>> .phy_id = "0:02",
>> .phy_if = PHY_INTERFACE_MODE_RGMII,
>> },
>> {
>> .slave_reg_ofs = 0x308,
>> .sliver_reg_ofs = 0xdc0,
>> .phy_id = "0:01",
>> },
>> };
>>
>> As far as I can see in the mainline cpsw driver
>> PHY_INTERFACE_MODE_RGMII will be ignored. Why? In the current driver
>> it sets two bits in mac_control register:
>>
>> if (phy->interface == PHY_INTERFACE_MODE_RGMII) /* RGMII */
>> mac_control |= (BIT(15)|BIT(16));
>>
>> Any idea where should I look to solve the problem?
>
> Phy interface in cpsw is always MII, there is an external gasket to convert from MII/GMII to RMII/RGMII. So this is a dead code resides in current driver and will be removed, that's why this part of code is not up streamed.
>
> Can you verify the design/board layout with hardware engineer; also look for cpsw statistics counters for errors.
Thanks for the quick reply.
I have just fixed the problem. In this thread
http://e2e.ti.com/support/dsp/sitara_arm174_microprocessors/f/791/p/172049/685105.aspx#685105
Paul suggests to disable internal delay. I followed his suggestion and
now it works.
#define RGMII_MODE_ENABLE 0x3A
__raw_writel(RGMII_MODE_ENABLE,
AM33XX_CTRL_REGADDR(MAC_MII_SEL));
Yegor
^ permalink raw reply
* Re: include/net/netlink.h:497:41: warning: ‘reply_nlh’ may be used uninitialized in this function [-Wuninitialized]
From: Thomas Graf @ 2012-06-14 8:30 UTC (permalink / raw)
To: wfg; +Cc: netdev, David S. Miller
In-Reply-To: <4fd9474c.wdaRvq8n+Xh/6wOA%wfg@linux.intel.com>
On Thu, Jun 14, 2012 at 10:07:08AM +0800, wfg@linux.intel.com wrote:
> FYI: there are new compile warnings show up in
>
> tree: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git master
> head: 0450243096de90ff51c3a6c605410c5e28d79f8d
> commit: 33a03aadb52fa05d28aba6d8f0c03c7b3b905897 [464/472] dcbnl: Prepare framework to shorten handling functions
> config: x86_64-randconfig-net3 (attached as .config)
>
> All related error/warning messages are:
>
> net/dcb/dcbnl.c: In function ‘dcb_doit’:
> include/net/netlink.h:497:41: warning: ‘reply_nlh’ may be used uninitialized in this function [-Wuninitialized]
> net/dcb/dcbnl.c:1975:19: note: ‘reply_nlh’ was declared here
gcc 4.6.3 on my system doesn't complain about this. I'm sending a patch.
^ permalink raw reply
* [PATCH] dcbnl: Silence harmless gcc warning about uninitialized reply_nlh
From: Thomas Graf @ 2012-06-14 8:34 UTC (permalink / raw)
To: davem; +Cc: netdev, wfg
In-Reply-To: <4fd9474c.wdaRvq8n+Xh/6wOA%wfg@linux.intel.com>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
---
net/dcb/dcbnl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c
index 70bba3e..da6ee81 100644
--- a/net/dcb/dcbnl.c
+++ b/net/dcb/dcbnl.c
@@ -1664,7 +1664,7 @@ static int dcb_doit(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg)
u32 pid = skb ? NETLINK_CB(skb).pid : 0;
int ret = -EINVAL;
struct sk_buff *reply_skb;
- struct nlmsghdr *reply_nlh;
+ struct nlmsghdr *reply_nlh = NULL;
const struct reply_func *fn;
if (!net_eq(net, &init_net))
^ permalink raw reply related
* [PATCH] net: remove my future former mail address
From: Rémi Denis-Courmont @ 2012-06-14 8:29 UTC (permalink / raw)
To: netdev; +Cc: Rémi Denis-Courmont, Rémi Denis-Courmont, Sakari Ailus
From: Rémi Denis-Courmont <remi.denis-courmont@nokia.com>
Signed-off-by: Rémi Denis-Courmont <remi@remlab.net>
Cc: Sakari Ailus <sakari.ailus@nokia.com>
---
include/net/phonet/gprs.h | 2 +-
net/caif/caif_dev.c | 3 +--
net/phonet/af_phonet.c | 4 ++--
net/phonet/datagram.c | 4 ++--
net/phonet/pep-gprs.c | 2 +-
net/phonet/pep.c | 2 +-
net/phonet/pn_dev.c | 4 ++--
net/phonet/pn_netlink.c | 4 ++--
net/phonet/socket.c | 4 ++--
net/phonet/sysctl.c | 2 +-
10 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/include/net/phonet/gprs.h b/include/net/phonet/gprs.h
index 928daf5..bcd525e 100644
--- a/include/net/phonet/gprs.h
+++ b/include/net/phonet/gprs.h
@@ -5,7 +5,7 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Author: Rémi Denis-Courmont <remi.denis-courmont@nokia.com>
+ * Author: Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/caif/caif_dev.c b/net/caif/caif_dev.c
index aa6f716..554b312 100644
--- a/net/caif/caif_dev.c
+++ b/net/caif/caif_dev.c
@@ -4,8 +4,7 @@
* Author: Sjur Brendeland/sjur.brandeland@stericsson.com
* License terms: GNU General Public License (GPL) version 2
*
- * Borrowed heavily from file: pn_dev.c. Thanks to
- * Remi Denis-Courmont <remi.denis-courmont@nokia.com>
+ * Borrowed heavily from file: pn_dev.c. Thanks to Remi Denis-Courmont
* and Sakari Ailus <sakari.ailus@nokia.com>
*/
diff --git a/net/phonet/af_phonet.c b/net/phonet/af_phonet.c
index 779ce4f..5a940db 100644
--- a/net/phonet/af_phonet.c
+++ b/net/phonet/af_phonet.c
@@ -5,8 +5,8 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Contact: Remi Denis-Courmont <remi.denis-courmont@nokia.com>
- * Original author: Sakari Ailus <sakari.ailus@nokia.com>
+ * Authors: Sakari Ailus <sakari.ailus@nokia.com>
+ * Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/datagram.c b/net/phonet/datagram.c
index bf35b4e..12c30f3 100644
--- a/net/phonet/datagram.c
+++ b/net/phonet/datagram.c
@@ -5,8 +5,8 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Contact: Remi Denis-Courmont <remi.denis-courmont@nokia.com>
- * Original author: Sakari Ailus <sakari.ailus@nokia.com>
+ * Authors: Sakari Ailus <sakari.ailus@nokia.com>
+ * Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/pep-gprs.c b/net/phonet/pep-gprs.c
index d012089..a2fba7e 100644
--- a/net/phonet/pep-gprs.c
+++ b/net/phonet/pep-gprs.c
@@ -5,7 +5,7 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Author: Rémi Denis-Courmont <remi.denis-courmont@nokia.com>
+ * Author: Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/pep.c b/net/phonet/pep.c
index 9dd4f92..576f22c 100644
--- a/net/phonet/pep.c
+++ b/net/phonet/pep.c
@@ -5,7 +5,7 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Author: Rémi Denis-Courmont <remi.denis-courmont@nokia.com>
+ * Author: Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/pn_dev.c b/net/phonet/pn_dev.c
index 36f75a9..5bf6341 100644
--- a/net/phonet/pn_dev.c
+++ b/net/phonet/pn_dev.c
@@ -5,8 +5,8 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Contact: Remi Denis-Courmont <remi.denis-courmont@nokia.com>
- * Original author: Sakari Ailus <sakari.ailus@nokia.com>
+ * Authors: Sakari Ailus <sakari.ailus@nokia.com>
+ * Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/pn_netlink.c b/net/phonet/pn_netlink.c
index cfdf135..7dd762a 100644
--- a/net/phonet/pn_netlink.c
+++ b/net/phonet/pn_netlink.c
@@ -5,8 +5,8 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Contact: Remi Denis-Courmont <remi.denis-courmont@nokia.com>
- * Original author: Sakari Ailus <sakari.ailus@nokia.com>
+ * Authors: Sakari Ailus <sakari.ailus@nokia.com>
+ * Remi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/socket.c b/net/phonet/socket.c
index 89cfa9c..0acc943 100644
--- a/net/phonet/socket.c
+++ b/net/phonet/socket.c
@@ -5,8 +5,8 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Contact: Remi Denis-Courmont <remi.denis-courmont@nokia.com>
- * Original author: Sakari Ailus <sakari.ailus@nokia.com>
+ * Authors: Sakari Ailus <sakari.ailus@nokia.com>
+ * Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
diff --git a/net/phonet/sysctl.c b/net/phonet/sysctl.c
index 696348f..d6bbbbd 100644
--- a/net/phonet/sysctl.c
+++ b/net/phonet/sysctl.c
@@ -5,7 +5,7 @@
*
* Copyright (C) 2008 Nokia Corporation.
*
- * Contact: Remi Denis-Courmont <remi.denis-courmont@nokia.com>
+ * Author: Rémi Denis-Courmont
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
--
1.7.9.5
^ permalink raw reply related
* [PATCH] dcbnl: Use BUG_ON() instead of BUG()
From: Thomas Graf @ 2012-06-14 8:40 UTC (permalink / raw)
To: David Miller; +Cc: netdev, lucy.liu, john.r.fastabend, alexander.h.duyck
In-Reply-To: <20120613.155541.26513304496438357.davem@davemloft.net>
Signed-off-by: Thomas Graf <tgraf@suug.ch>
---
net/dcb/dcbnl.c | 5 +----
1 files changed, 1 insertions(+), 4 deletions(-)
diff --git a/net/dcb/dcbnl.c b/net/dcb/dcbnl.c
index da6ee81..0a36007 100644
--- a/net/dcb/dcbnl.c
+++ b/net/dcb/dcbnl.c
@@ -208,10 +208,7 @@ static struct sk_buff *dcbnl_newmsg(int type, u8 cmd, u32 port, u32 seq,
return NULL;
nlh = nlmsg_put(skb, port, seq, type, sizeof(*dcb), flags);
- if (!nlh) {
- /* header should always fit, allocation must be buggy */
- BUG();
- }
+ BUG_ON(!nlh);
dcb = nlmsg_data(nlh);
dcb->dcb_family = AF_UNSPEC;
^ permalink raw reply related
* Re: [PATCH] dcbnl: Silence harmless gcc warning about uninitialized reply_nlh
From: David Miller @ 2012-06-14 8:46 UTC (permalink / raw)
To: tgraf; +Cc: netdev, wfg
In-Reply-To: <20120614083403.GB29738@canuck.infradead.org>
From: Thomas Graf <tgraf@suug.ch>
Date: Thu, 14 Jun 2012 04:34:03 -0400
> Signed-off-by: Thomas Graf <tgraf@suug.ch>
Applied.
^ permalink raw reply
* Re: [PATCH] dcbnl: Use BUG_ON() instead of BUG()
From: David Miller @ 2012-06-14 8:46 UTC (permalink / raw)
To: tgraf; +Cc: netdev, lucy.liu, john.r.fastabend, alexander.h.duyck
In-Reply-To: <20120614084015.GC29738@canuck.infradead.org>
From: Thomas Graf <tgraf@suug.ch>
Date: Thu, 14 Jun 2012 04:40:15 -0400
> Signed-off-by: Thomas Graf <tgraf@suug.ch>
Applied.
^ permalink raw reply
* Regression on TX throughput when using bonding
From: Jean-Michel Hautbois @ 2012-06-14 8:58 UTC (permalink / raw)
To: netdev; +Cc: Eric Dumazet
Hi all,
I have bisected a regression which concerns TX throughput when using bonding.
I tested only with 10Gbps cards, as it appears when bandwidth need is
over 1Gbps on my machine.
I send UDP multicast packets over bonding and observe the tc result.
When KO :
$>tc -s -d qdisc show dev eth1
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1
1 1 1 1 1 1
Sent 1106527591 bytes 273802 pkt (dropped 306419, overlimits 0 requeues 223)
backlog 0b 0p requeues 223
Ok course, when OK, dropped is 0.
$>tc -s -d qdisc show dev eth1
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1
1 1 1 1 1 1
Sent 1648662087 bytes 408009 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
Here is the incriminated commit:
fc6055a5ba31e2c14e36e8939f9bf2b6d586a7f5 is the first bad commit
commit fc6055a5ba31e2c14e36e8939f9bf2b6d586a7f5
Author: Eric Dumazet <eric.dumazet@gmail.com>
Date: Fri Apr 16 12:18:22 2010 +0000
net: Introduce skb_orphan_try()
Transmitted skb might be attached to a socket and a destructor, for
memory accounting purposes.
Traditionally, this destructor is called at tx completion time, when skb
is freed.
When tx completion is performed by another cpu than the sender, this
forces some cache lines to change ownership. XPS was an attempt to give
tx completion to initial cpu.
David idea is to call destructor right before giving skb to device (call
to ndo_start_xmit()). Because device queues are usually small, orphaning
skb before tx completion is not a big deal. Some drivers already do
this, we could do it in upper level.
There is one known exception to this early orphaning, called tx
timestamping. It needs to keep a reference to socket until device can
give a hardware or software timestamp.
This patch adds a skb_orphan_try() helper, to centralize all exceptions
to early orphaning in one spot, and use it in dev_hard_start_xmit().
"tbench 16" results on a Nehalem machine (2 X5570 @ 2.93GHz)
before: Throughput 4428.9 MB/sec 16 procs
after: Throughput 4448.14 MB/sec 16 procs
UDP should get even better results, its destructor being more complex,
since SOCK_USE_WRITE_QUEUE is not set (four atomic ops instead of one)
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
JM
^ permalink raw reply
* Re: [net-next PATCH 02/02] net/ipv4: VTI support new module for ip_vti.
From: Steffen Klassert @ 2012-06-14 9:12 UTC (permalink / raw)
To: Saurabh; +Cc: netdev
In-Reply-To: <20120608173253.GA11962@debian-saurabh-64.vyatta.com>
On Fri, Jun 08, 2012 at 10:32:53AM -0700, Saurabh wrote:
>
>
> New VTI tunnel kernel module, Kconfig and Makefile changes.
It is an interesting feature, do you plan for an IPv6
version too?
I made some comments on the code below.
Thanks.
>
> Signed-off-by: Saurabh Mohan <saurabh.mohan@vyatta.com>
> Reviewed-by: Stephen Hemminger <shemminger@vyatta.com>
>
> ---
> diff --git a/include/linux/if_tunnel.h b/include/linux/if_tunnel.h
> index 16b92d0..4b4ce17 100644
> --- a/include/linux/if_tunnel.h
> +++ b/include/linux/if_tunnel.h
> @@ -80,4 +80,15 @@ enum {
>
> #define IFLA_GRE_MAX (__IFLA_GRE_MAX - 1)
>
> +enum {
> + IFLA_VTI_UNSPEC,
> + IFLA_VTI_LINK,
> + IFLA_VTI_IKEY,
> + IFLA_VTI_OKEY,
> + IFLA_VTI_LOCAL,
> + IFLA_VTI_REMOTE,
> + __IFLA_VTI_MAX,
> +};
> +
> +#define IFLA_VTI_MAX (__IFLA_VTI_MAX - 1)
> #endif /* _IF_TUNNEL_H_ */
> diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
> index 20f1cb5..3a95308 100644
> --- a/net/ipv4/Kconfig
> +++ b/net/ipv4/Kconfig
> @@ -310,6 +310,20 @@ config SYN_COOKIES
>
> If unsure, say N.
>
> +config NET_IPVTI
> + tristate "Virtual (secure) IP: tunneling"
> + select INET_TUNNEL
You added your register/deregister functions to net/ipv4/xfrm4_mode_tunnel.c,
so this should somehow select or depend on INET_XFRM_MODE_TUNNEL.
> + ---help---
> + Tunneling means encapsulating data of one protocol type within
> + another protocol and sending it over a channel that understands the
> + Pencapsulating protocol. This particular tunneling driver implements
> + encapsulation of IP within IP-ESP. This can be used with xfrm to give
> + the notion of a secure tunnel and then use routing protocol on top.
> +
> + Saying Y to this option will produce one module ( = code which can
> + be inserted in and removed from the running kernel whenever you
> + want). Most people won't need this and can say N.
> +
> config INET_AH
> tristate "IP: AH transformation"
> select XFRM_ALGO
> diff --git a/net/ipv4/Makefile b/net/ipv4/Makefile
> index ff75d3b..3999ce9 100644
> --- a/net/ipv4/Makefile
> +++ b/net/ipv4/Makefile
> @@ -20,6 +20,7 @@ obj-$(CONFIG_IP_MROUTE) += ipmr.o
> obj-$(CONFIG_NET_IPIP) += ipip.o
> obj-$(CONFIG_NET_IPGRE_DEMUX) += gre.o
> obj-$(CONFIG_NET_IPGRE) += ip_gre.o
> +obj-$(CONFIG_NET_IPVTI) += ip_vti.o
> obj-$(CONFIG_SYN_COOKIES) += syncookies.o
> obj-$(CONFIG_INET_AH) += ah4.o
> obj-$(CONFIG_INET_ESP) += esp4.o
> diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
> new file mode 100644
> index 0000000..3eaa47c
> --- /dev/null
> +++ b/net/ipv4/ip_vti.c
> @@ -0,0 +1,980 @@
> +/*
> + * Linux NET3: IP/IP protocol decoder modified to support virtual tunnel interface
> + *
> + * Authors:
> + * Sam Lantinga (slouken@cs.ucdavis.edu) 02/01/95
> + * Saurabh Mohan (saurabh.mohan@vyatta.com) 05/07/2012
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License
> + * as published by the Free Software Foundation; either version
> + * 2 of the License, or (at your option) any later version.
> + *
> + */
> +
> +/*
> + This version of net/ipv4/ip_vti.c is cloned of net/ipv4/ipip.c
> +
> + For comments look at net/ipv4/ip_gre.c --ANK
> + */
> +
> +
> +#include <linux/capability.h>
> +#include <linux/module.h>
> +#include <linux/types.h>
> +#include <linux/kernel.h>
> +#include <linux/uaccess.h>
> +#include <linux/skbuff.h>
> +#include <linux/netdevice.h>
> +#include <linux/in.h>
> +#include <linux/tcp.h>
> +#include <linux/udp.h>
> +#include <linux/if_arp.h>
> +#include <linux/mroute.h>
> +#include <linux/init.h>
> +#include <linux/netfilter_ipv4.h>
> +#include <linux/if_ether.h>
> +
> +#include <net/sock.h>
> +#include <net/ip.h>
> +#include <net/icmp.h>
> +#include <net/ipip.h>
> +#include <net/inet_ecn.h>
> +#include <net/xfrm.h>
> +#include <net/net_namespace.h>
> +#include <net/netns/generic.h>
> +
> +#define HASH_SIZE 16
> +#define HASH(addr) (((__force u32)addr^((__force u32)addr>>4))&0xF)
> +
> +static struct rtnl_link_ops vti_link_ops __read_mostly;
> +
> +static int vti_net_id __read_mostly;
> +struct vti_net {
> + struct ip_tunnel __rcu *tunnels_r_l[HASH_SIZE];
> + struct ip_tunnel __rcu *tunnels_r[HASH_SIZE];
> + struct ip_tunnel __rcu *tunnels_l[HASH_SIZE];
> + struct ip_tunnel __rcu *tunnels_wc[1];
> + struct ip_tunnel **tunnels[4];
> +
> + struct net_device *fb_tunnel_dev;
> +};
> +
> +static int vti_fb_tunnel_init(struct net_device *dev);
> +static int vti_tunnel_init(struct net_device *dev);
> +static void vti_tunnel_setup(struct net_device *dev);
> +static void vti_dev_free(struct net_device *dev);
> +static int vti_tunnel_bind_dev(struct net_device *dev);
> +
> +/*
> + * Locking : hash tables are protected by RCU and RTNL
> + */
> +
> +#define for_each_ip_tunnel_rcu(start) \
> + for (t = rcu_dereference(start); t; t = rcu_dereference(t->next))
> +
> +/* often modified stats are per cpu, other are shared (netdev->stats) */
> +struct pcpu_tstats {
> + u64 rx_packets;
> + u64 rx_bytes;
> + u64 tx_packets;
> + u64 tx_bytes;
> + struct u64_stats_sync syncp;
> +};
> +
> +#define VTI_XMIT(stats1, stats2) do { \
> + int err; \
> + int pkt_len = skb->len; \
> + err = dst_output(skb); \
> + if (net_xmit_eval(err) == 0) { \
> + (stats1)->tx_bytes += pkt_len; \
> + (stats1)->tx_packets++; \
> + } else { \
> + (stats2)->tx_errors++; \
> + (stats2)->tx_aborted_errors++; \
> + } \
> +} while (0)
> +
> +
> +static struct rtnl_link_stats64 *vti_get_stats64(struct net_device *dev,
> + struct rtnl_link_stats64 *tot)
> +{
> + int i;
> +
> + for_each_possible_cpu(i) {
> + const struct pcpu_tstats *tstats = per_cpu_ptr(dev->tstats, i);
> + u64 rx_packets, rx_bytes, tx_packets, tx_bytes;
> + unsigned int start;
> +
> + do {
> + start = u64_stats_fetch_begin_bh(&tstats->syncp);
> + rx_packets = tstats->rx_packets;
> + tx_packets = tstats->tx_packets;
> + rx_bytes = tstats->rx_bytes;
> + tx_bytes = tstats->tx_bytes;
> + } while (u64_stats_fetch_retry_bh(&tstats->syncp, start));
> +
> + tot->rx_packets += rx_packets;
> + tot->tx_packets += tx_packets;
> + tot->rx_bytes += rx_bytes;
> + tot->tx_bytes += tx_bytes;
> + }
> +
> + tot->multicast = dev->stats.multicast;
> + tot->rx_crc_errors = dev->stats.rx_crc_errors;
> + tot->rx_fifo_errors = dev->stats.rx_fifo_errors;
> + tot->rx_length_errors = dev->stats.rx_length_errors;
> + tot->rx_errors = dev->stats.rx_errors;
> + tot->tx_fifo_errors = dev->stats.tx_fifo_errors;
> + tot->tx_carrier_errors = dev->stats.tx_carrier_errors;
> + tot->tx_dropped = dev->stats.tx_dropped;
> + tot->tx_aborted_errors = dev->stats.tx_aborted_errors;
> + tot->tx_errors = dev->stats.tx_errors;
> +
> + return tot;
> +}
> +
> +static struct ip_tunnel *vti_tunnel_lookup(struct net *net,
> + __be32 remote, __be32 local)
> +{
> + unsigned h0 = HASH(remote);
> + unsigned h1 = HASH(local);
> + struct ip_tunnel *t;
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> +
> + for_each_ip_tunnel_rcu(ipn->tunnels_r_l[h0 ^ h1])
> + if (local == t->parms.iph.saddr &&
> + remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
> + return t;
> + for_each_ip_tunnel_rcu(ipn->tunnels_r[h0])
> + if (remote == t->parms.iph.daddr && (t->dev->flags&IFF_UP))
> + return t;
> +
> + for_each_ip_tunnel_rcu(ipn->tunnels_l[h1])
> + if (local == t->parms.iph.saddr && (t->dev->flags&IFF_UP))
> + return t;
> +
> + for_each_ip_tunnel_rcu(ipn->tunnels_wc[0])
> + if (t && (t->dev->flags&IFF_UP))
> + return t;
> + return NULL;
> +}
> +
> +static struct ip_tunnel **__vti_bucket(struct vti_net *ipn,
> + struct ip_tunnel_parm *parms)
> +{
> + __be32 remote = parms->iph.daddr;
> + __be32 local = parms->iph.saddr;
> + unsigned h = 0;
> + int prio = 0;
> +
> + if (remote) {
> + prio |= 2;
> + h ^= HASH(remote);
> + }
> + if (local) {
> + prio |= 1;
> + h ^= HASH(local);
> + }
> + return &ipn->tunnels[prio][h];
> +}
> +
> +static inline struct ip_tunnel **vti_bucket(struct vti_net *ipn,
> + struct ip_tunnel *t)
> +{
> + return __vti_bucket(ipn, &t->parms);
> +}
> +
> +static void vti_tunnel_unlink(struct vti_net *ipn, struct ip_tunnel *t)
> +{
> + struct ip_tunnel __rcu **tp;
> + struct ip_tunnel *iter;
> +
> + for (tp = vti_bucket(ipn, t);
> + (iter = rtnl_dereference(*tp)) != NULL;
> + tp = &iter->next) {
> + if (t == iter) {
> + rcu_assign_pointer(*tp, t->next);
> + break;
> + }
> + }
> +}
> +
> +static void vti_tunnel_link(struct vti_net *ipn, struct ip_tunnel *t)
> +{
> + struct ip_tunnel __rcu **tp = vti_bucket(ipn, t);
> +
> + rcu_assign_pointer(t->next, rtnl_dereference(*tp));
> + rcu_assign_pointer(*tp, t);
> +}
> +
> +static struct ip_tunnel *vti_tunnel_locate(struct net *net,
> + struct ip_tunnel_parm *parms,
> + int create)
> +{
> + __be32 remote = parms->iph.daddr;
> + __be32 local = parms->iph.saddr;
> + struct ip_tunnel *t, *nt;
> + struct ip_tunnel __rcu **tp;
> + struct net_device *dev;
> + char name[IFNAMSIZ];
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> +
> + for (tp = __vti_bucket(ipn, parms);
> + (t = rtnl_dereference(*tp)) != NULL;
> + tp = &t->next) {
> + if (local == t->parms.iph.saddr && remote == t->parms.iph.daddr)
> + return t;
> + }
> + if (!create)
> + return NULL;
> +
> + if (parms->name[0])
> + strlcpy(name, parms->name, IFNAMSIZ);
> + else
> + strcpy(name, "vti%d");
> +
> + dev = alloc_netdev(sizeof(*t), name, vti_tunnel_setup);
> + if (dev == NULL)
> + return NULL;
> +
> + dev_net_set(dev, net);
> +
> + nt = netdev_priv(dev);
> + nt->parms = *parms;
> + dev->rtnl_link_ops = &vti_link_ops;
> +
> + vti_tunnel_bind_dev(dev);
> +
> + if (register_netdevice(dev) < 0)
> + goto failed_free;
> +
> + dev_hold(dev);
> + vti_tunnel_link(ipn, nt);
> + return nt;
> +
> + failed_free:
> + free_netdev(dev);
> + return NULL;
> +}
> +
> +static void vti_tunnel_uninit(struct net_device *dev)
> +{
> + struct net *net = dev_net(dev);
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> +
> + if (dev == ipn->fb_tunnel_dev)
> + RCU_INIT_POINTER(ipn->tunnels_wc[0], NULL);
> + else
> + vti_tunnel_unlink(ipn, netdev_priv(dev));
> + dev_put(dev);
> +}
> +
> +static int vti_err(struct sk_buff *skb, u32 info)
> +{
> +
> + /* All the routers (except for Linux) return only
> + * 8 bytes of packet payload. It means, that precise relaying of
> + * ICMP in the real Internet is absolutely infeasible.
> + */
> + struct iphdr *iph = (struct iphdr *)skb->data;
> + const int type = icmp_hdr(skb)->type;
> + const int code = icmp_hdr(skb)->code;
> + struct ip_tunnel *t;
> + int err;
> +
> + switch (type) {
> + default:
> + case ICMP_PARAMETERPROB:
> + return 0;
> +
> + case ICMP_DEST_UNREACH:
> + switch (code) {
> + case ICMP_SR_FAILED:
> + case ICMP_PORT_UNREACH:
> + /* Impossible event. */
> + return 0;
> + case ICMP_FRAG_NEEDED:
> + /* Soft state for pmtu is maintained by IP core. */
> + return 0;
> + default:
> + /* All others are translated to HOST_UNREACH. */
> + break;
> + }
> + break;
> + case ICMP_TIME_EXCEEDED:
> + if (code != ICMP_EXC_TTL)
> + return 0;
> + break;
> + }
> +
> + err = -ENOENT;
> +
> + rcu_read_lock();
> + t = vti_tunnel_lookup(dev_net(skb->dev), iph->daddr, iph->saddr);
> + if (t == NULL || t->parms.iph.daddr == 0)
> + goto out;
> +
> + err = 0;
> + if (t->parms.iph.ttl == 0 && type == ICMP_TIME_EXCEEDED)
> + goto out;
> +
> + if (time_before(jiffies, t->err_time + IPTUNNEL_ERR_TIMEO))
> + t->err_count++;
> + else
> + t->err_count = 1;
> + t->err_time = jiffies;
> +out:
> + rcu_read_unlock();
> + return err;
> +}
> +
> +static inline void vti_ecn_decapsulate(const struct iphdr *outer_iph,
> + struct sk_buff *skb)
> +{
> + struct iphdr *inner_iph = ip_hdr(skb);
> +
> + if (INET_ECN_is_ce(outer_iph->tos))
> + IP_ECN_set_ce(inner_iph);
> +}
vti_ecn_decapsulate is unused.
> +
> +/*
> + * We dont digest the packet therefore let the packet pass.
> + */
> +static int vti_rcv(struct sk_buff *skb)
> +{
> + struct ip_tunnel *tunnel;
> + const struct iphdr *iph = ip_hdr(skb);
> +
> + rcu_read_lock();
> + tunnel = vti_tunnel_lookup(dev_net(skb->dev), iph->saddr, iph->daddr);
> + if (tunnel != NULL) {
> + struct pcpu_tstats *tstats;
> +
> + tstats = this_cpu_ptr(tunnel->dev->tstats);
> + tstats->rx_packets++;
> + tstats->rx_bytes += skb->len;
> +
> + skb->dev = tunnel->dev;
> + skb_dst_drop(skb);
Really need to drop a refcount here? xfrm_input() does that too before
it reinjects the packet into layer 2.
> + nf_reset(skb);
Same here.
> + rcu_read_unlock();
> + /* We do not eat the packet here therefore return 1 */
> + return 1;
> + }
> + rcu_read_unlock();
> +
> + return -1;
> +}
> +
> +/*
> + * This function assumes it is being called from dev_queue_xmit()
> + * and that skb is filled properly by that function.
> + */
> +
> +static netdev_tx_t vti_tunnel_xmit(struct sk_buff *skb, struct net_device *dev)
> +{
> + struct ip_tunnel *tunnel = netdev_priv(dev);
> + struct pcpu_tstats *tstats;
> + struct net_device_stats *stats = &tunnel->dev->stats;
> + struct iphdr *tiph = &tunnel->parms.iph;
> + u8 tos = tunnel->parms.iph.tos;
> + struct rtable *rt; /* Route to the other host */
> + struct net_device *tdev; /* Device to other host */
> + struct iphdr *old_iph = ip_hdr(skb);
> + __be32 dst = tiph->daddr;
> + struct flowi4 fl4;
> +
> + if (skb->protocol != htons(ETH_P_IP))
> + goto tx_error;
> +
> + if (tos&1)
> + tos = old_iph->tos;
> +
> + if (!dst) {
> + /* NBMA tunnel */
> + rt = skb_rtable(skb);
> + if (rt == NULL) {
> + stats->tx_fifo_errors++;
> + goto tx_error;
> + }
> + dst = rt->rt_gateway;
> + if (dst == 0)
> + goto tx_error_icmp;
> + }
> +
> + memset(&fl4, 0, sizeof(fl4));
> + flowi4_init_output(&fl4, tunnel->parms.link,
> + htonl(tunnel->parms.i_key), RT_TOS(tos), RT_SCOPE_UNIVERSE,
> + IPPROTO_IPIP, 0,
> + dst, tiph->saddr, 0, 0);
> + rt = ip_route_output_key(dev_net(dev), &fl4);
> + if (IS_ERR(rt)) {
> + dev->stats.tx_carrier_errors++;
> + goto tx_error_icmp;
> + }
> +#ifdef CONFIG_XFRM
> + /* if there is no transform then this tunnel is not functional. */
> + if (!rt->dst.xfrm) {
> + stats->tx_carrier_errors++;
> + goto tx_error_icmp;
> + }
> +#endif
> + tdev = rt->dst.dev;
> +
> + if (tdev == dev) {
> + ip_rt_put(rt);
> + stats->collisions++;
> + goto tx_error;
> +
> + }
> +
> +
> + if (tunnel->err_count > 0) {
> + if (time_before(jiffies,
> + tunnel->err_time + IPTUNNEL_ERR_TIMEO)) {
> + tunnel->err_count--;
> + dst_link_failure(skb);
> + } else
> + tunnel->err_count = 0;
> + }
> +
> +
> + IPCB(skb)->flags &= ~(IPSKB_XFRM_TUNNEL_SIZE | IPSKB_XFRM_TRANSFORMED |
> + IPSKB_REROUTED);
> + skb_dst_drop(skb);
> + skb_dst_set(skb, &rt->dst);
> + nf_reset(skb);
> + skb->dev = skb_dst(skb)->dev;
> +
> + tstats = this_cpu_ptr(dev->tstats);
> + VTI_XMIT(tstats, &dev->stats);
> + return NETDEV_TX_OK;
> +
> +tx_error_icmp:
> + dst_link_failure(skb);
> +tx_error:
> + stats->tx_errors++;
> + dev_kfree_skb(skb);
> + return NETDEV_TX_OK;
> +}
> +
> +static int vti_tunnel_bind_dev(struct net_device *dev)
> +{
> + struct net_device *tdev = NULL;
> + struct ip_tunnel *tunnel;
> + struct iphdr *iph;
> +
> + tunnel = netdev_priv(dev);
> + iph = &tunnel->parms.iph;
> +
> + if (iph->daddr) {
> + struct rtable *rt;
> + struct flowi4 fl4;
> + memset(&fl4, 0, sizeof(fl4));
> + flowi4_init_output(&fl4, tunnel->parms.link,
> + htonl(tunnel->parms.i_key), RT_TOS(iph->tos), RT_SCOPE_UNIVERSE,
> + IPPROTO_IPIP, 0,
> + iph->daddr, iph->saddr, 0, 0);
> + rt = ip_route_output_key(dev_net(dev), &fl4);
> + if (!IS_ERR(rt)) {
> + tdev = rt->dst.dev;
> + ip_rt_put(rt);
> + }
> + dev->flags |= IFF_POINTOPOINT;
> + }
> +
> + if (!tdev && tunnel->parms.link)
> + tdev = __dev_get_by_index(dev_net(dev), tunnel->parms.link);
> +
> + if (tdev) {
> + dev->hard_header_len = tdev->hard_header_len + sizeof(struct iphdr);
> + dev->mtu = tdev->mtu;
> + }
> + dev->iflink = tunnel->parms.link;
> + return dev->mtu;
> +}
> +
> +static int
> +vti_tunnel_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
> +{
> + int err = 0;
> + struct ip_tunnel_parm p;
> + struct ip_tunnel *t;
> + struct net *net = dev_net(dev);
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> +
> + switch (cmd) {
> + case SIOCGETTUNNEL:
> + t = NULL;
> + if (dev == ipn->fb_tunnel_dev) {
> + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p))) {
> + err = -EFAULT;
> + break;
> + }
> + t = vti_tunnel_locate(net, &p, 0);
> + }
> + if (t == NULL)
> + t = netdev_priv(dev);
> + memcpy(&p, &t->parms, sizeof(p));
> + p.i_flags |= GRE_KEY;
> + p.o_flags |= GRE_KEY;
> + if (copy_to_user(ifr->ifr_ifru.ifru_data, &p, sizeof(p)))
> + err = -EFAULT;
> + break;
> +
> + case SIOCADDTUNNEL:
> + case SIOCCHGTUNNEL:
> + err = -EPERM;
> + if (!capable(CAP_NET_ADMIN))
> + goto done;
> +
> + err = -EFAULT;
> + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
> + goto done;
> +
> + err = -EINVAL;
> + if (p.iph.version != 4 || p.iph.protocol != IPPROTO_ESP ||
> + p.iph.ihl != 5 || (p.iph.frag_off&htons(~IP_DF)))
> + goto done;
> + if (p.iph.ttl)
> + p.iph.frag_off |= htons(IP_DF);
> +
> + t = vti_tunnel_locate(net, &p, cmd == SIOCADDTUNNEL);
> +
> + if (dev != ipn->fb_tunnel_dev && cmd == SIOCCHGTUNNEL) {
> + if (t != NULL) {
> + if (t->dev != dev) {
> + err = -EEXIST;
> + break;
> + }
> + } else {
> + if (((dev->flags&IFF_POINTOPOINT) && !p.iph.daddr) ||
> + (!(dev->flags&IFF_POINTOPOINT) && p.iph.daddr)) {
> + err = -EINVAL;
> + break;
> + }
> + t = netdev_priv(dev);
> + vti_tunnel_unlink(ipn, t);
> + synchronize_net();
> + t->parms.iph.saddr = p.iph.saddr;
> + t->parms.iph.daddr = p.iph.daddr;
> + t->parms.i_key = p.i_key;
> + t->parms.o_key = p.o_key;
> + t->parms.iph.protocol = IPPROTO_ESP;
> + memcpy(dev->dev_addr, &p.iph.saddr, 4);
> + memcpy(dev->broadcast, &p.iph.daddr, 4);
> + vti_tunnel_link(ipn, t);
> + netdev_state_change(dev);
> + }
> + }
> +
> + if (t) {
> + err = 0;
> + if (cmd == SIOCCHGTUNNEL) {
> + t->parms.iph.ttl = p.iph.ttl;
> + t->parms.iph.tos = p.iph.tos;
> + t->parms.iph.frag_off = p.iph.frag_off;
> + t->parms.i_key = p.i_key;
> + t->parms.o_key = p.o_key;
> + if (t->parms.link != p.link) {
> + t->parms.link = p.link;
> + vti_tunnel_bind_dev(dev);
> + netdev_state_change(dev);
> + }
> + }
> + if (copy_to_user(ifr->ifr_ifru.ifru_data, &t->parms, sizeof(p)))
> + err = -EFAULT;
> + } else
> + err = (cmd == SIOCADDTUNNEL ? -ENOBUFS : -ENOENT);
> + break;
> +
> + case SIOCDELTUNNEL:
> + err = -EPERM;
> + if (!capable(CAP_NET_ADMIN))
> + goto done;
> +
> + if (dev == ipn->fb_tunnel_dev) {
> + err = -EFAULT;
> + if (copy_from_user(&p, ifr->ifr_ifru.ifru_data, sizeof(p)))
> + goto done;
> + err = -ENOENT;
> +
> + t = vti_tunnel_locate(net, &p, 0);
> + if (t == NULL)
> + goto done;
> + err = -EPERM;
> + if (t->dev == ipn->fb_tunnel_dev)
> + goto done;
> + dev = t->dev;
> + }
> + unregister_netdevice(dev);
> + err = 0;
> + break;
> +
> + default:
> + err = -EINVAL;
> + }
> +
> +done:
> + return err;
> +}
> +
> +static int vti_tunnel_change_mtu(struct net_device *dev, int new_mtu)
> +{
> + if (new_mtu < 68 || new_mtu > 0xFFF8)
> + return -EINVAL;
> + dev->mtu = new_mtu;
> + return 0;
> +}
> +
> +static const struct net_device_ops vti_netdev_ops = {
> + .ndo_init = vti_tunnel_init,
> + .ndo_uninit = vti_tunnel_uninit,
> + .ndo_start_xmit = vti_tunnel_xmit,
> + .ndo_do_ioctl = vti_tunnel_ioctl,
> + .ndo_change_mtu = vti_tunnel_change_mtu,
> + .ndo_get_stats64 = vti_get_stats64,
> +};
> +
> +static void vti_dev_free(struct net_device *dev)
> +{
> + free_percpu(dev->tstats);
> + free_netdev(dev);
> +}
> +
> +static void vti_tunnel_setup(struct net_device *dev)
> +{
> + dev->netdev_ops = &vti_netdev_ops;
> + dev->destructor = vti_dev_free;
> +
> + dev->type = ARPHRD_TUNNEL;
> + dev->hard_header_len = LL_MAX_HEADER + sizeof(struct iphdr);
> + dev->mtu = ETH_DATA_LEN;
> + dev->flags = IFF_NOARP;
> + dev->iflink = 0;
> + dev->addr_len = 4;
> + dev->features |= NETIF_F_NETNS_LOCAL;
> + dev->features |= NETIF_F_LLTX;
> + dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
> +}
> +
> +static int vti_tunnel_init(struct net_device *dev)
> +{
> + struct ip_tunnel *tunnel = netdev_priv(dev);
> +
> + tunnel->dev = dev;
> + strcpy(tunnel->parms.name, dev->name);
> +
> + memcpy(dev->dev_addr, &tunnel->parms.iph.saddr, 4);
> + memcpy(dev->broadcast, &tunnel->parms.iph.daddr, 4);
> +
> + dev->tstats = alloc_percpu(struct pcpu_tstats);
> + if (!dev->tstats)
> + return -ENOMEM;
> +
> + return 0;
> +}
> +
> +static int __net_init vti_fb_tunnel_init(struct net_device *dev)
> +{
> + struct ip_tunnel *tunnel = netdev_priv(dev);
> + struct iphdr *iph = &tunnel->parms.iph;
> + struct vti_net *ipn = net_generic(dev_net(dev), vti_net_id);
> +
> + tunnel->dev = dev;
> + strcpy(tunnel->parms.name, dev->name);
> +
> + iph->version = 4;
> + iph->protocol = IPPROTO_ESP;
Why IPPROTO_ESP? What's with the other IPsec protocols?
Shouldn't this be IPPROTO_IPIP?
> + iph->ihl = 5;
> +
> + dev->tstats = alloc_percpu(struct pcpu_tstats);
> + if (!dev->tstats)
> + return -ENOMEM;
> +
> + dev_hold(dev);
> + rcu_assign_pointer(ipn->tunnels_wc[0], tunnel);
> + return 0;
> +}
> +
> +static struct xfrm_tunnel vti_handler __read_mostly = {
> + .handler = vti_rcv,
> + .err_handler = vti_err,
> + .priority = 1,
> +};
> +
> +static void vti_destroy_tunnels(struct vti_net *ipn, struct list_head *head)
> +{
> + int prio;
> +
> + for (prio = 1; prio < 4; prio++) {
> + int h;
> + for (h = 0; h < HASH_SIZE; h++) {
> + struct ip_tunnel *t;
> +
> + t = rtnl_dereference(ipn->tunnels[prio][h]);
> + while (t != NULL) {
> + unregister_netdevice_queue(t->dev, head);
> + t = rtnl_dereference(t->next);
> + }
> + }
> + }
> +}
> +
> +static int __net_init vti_init_net(struct net *net)
> +{
> + int err;
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> +
> + ipn->tunnels[0] = ipn->tunnels_wc;
> + ipn->tunnels[1] = ipn->tunnels_l;
> + ipn->tunnels[2] = ipn->tunnels_r;
> + ipn->tunnels[3] = ipn->tunnels_r_l;
> +
> + ipn->fb_tunnel_dev = alloc_netdev(sizeof(struct ip_tunnel),
> + "ip_vti0",
> + vti_tunnel_setup);
> + if (!ipn->fb_tunnel_dev) {
> + err = -ENOMEM;
> + goto err_alloc_dev;
> + }
> + dev_net_set(ipn->fb_tunnel_dev, net);
> +
> + err = vti_fb_tunnel_init(ipn->fb_tunnel_dev);
> + if (err)
> + goto err_reg_dev;
> + ipn->fb_tunnel_dev->rtnl_link_ops = &vti_link_ops;
> +
> + err = register_netdev(ipn->fb_tunnel_dev);
> + if (err)
> + goto err_reg_dev;
> + return 0;
> +
> +err_reg_dev:
> + vti_dev_free(ipn->fb_tunnel_dev);
> +err_alloc_dev:
> + /* nothing */
> + return err;
> +}
> +
> +static void __net_exit vti_exit_net(struct net *net)
> +{
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> + LIST_HEAD(list);
> +
> + rtnl_lock();
> + vti_destroy_tunnels(ipn, &list);
> + unregister_netdevice_many(&list);
> + rtnl_unlock();
> +}
> +
> +static struct pernet_operations vti_net_ops = {
> + .init = vti_init_net,
> + .exit = vti_exit_net,
> + .id = &vti_net_id,
> + .size = sizeof(struct vti_net),
> +};
> +
> +static int vti_tunnel_validate(struct nlattr *tb[], struct nlattr *data[])
> +{
> + return 0;
> +}
> +
> +static void vti_netlink_parms(struct nlattr *data[],
> + struct ip_tunnel_parm *parms)
> +{
> + memset(parms, 0, sizeof(*parms));
> +
> + parms->iph.protocol = IPPROTO_ESP;
> +
> + if (!data)
> + return;
> +
> + if (data[IFLA_VTI_LINK])
> + parms->link = nla_get_u32(data[IFLA_VTI_LINK]);
> +
> + if (data[IFLA_VTI_IKEY])
> + parms->i_key = nla_get_be32(data[IFLA_VTI_IKEY]);
> +
> + if (data[IFLA_VTI_OKEY])
> + parms->o_key = nla_get_be32(data[IFLA_VTI_OKEY]);
> +
> + if (data[IFLA_VTI_LOCAL])
> + parms->iph.saddr = nla_get_be32(data[IFLA_VTI_LOCAL]);
> +
> + if (data[IFLA_VTI_REMOTE])
> + parms->iph.daddr = nla_get_be32(data[IFLA_VTI_REMOTE]);
> +
> +}
> +
> +static int vti_newlink(struct net *src_net, struct net_device *dev, struct nlattr *tb[],
> + struct nlattr *data[])
> +{
> + struct ip_tunnel *nt;
> + struct net *net = dev_net(dev);
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> + int mtu;
> + int err;
> +
> + nt = netdev_priv(dev);
> + vti_netlink_parms(data, &nt->parms);
> +
> + if (vti_tunnel_locate(net, &nt->parms, 0))
> + return -EEXIST;
> +
> + mtu = vti_tunnel_bind_dev(dev);
> + if (!tb[IFLA_MTU])
> + dev->mtu = mtu;
> +
> + err = register_netdevice(dev);
> + if (err)
> + goto out;
> +
> + dev_hold(dev);
> + vti_tunnel_link(ipn, nt);
> +
> +out:
> + return err;
> + return 0;
> +}
> +
> +static int vti_changelink(struct net_device *dev, struct nlattr *tb[],
> + struct nlattr *data[])
> +{
> + struct ip_tunnel *t, *nt;
> + struct net *net = dev_net(dev);
> + struct vti_net *ipn = net_generic(net, vti_net_id);
> + struct ip_tunnel_parm p;
> + int mtu;
> +
> + if (dev == ipn->fb_tunnel_dev)
> + return -EINVAL;
> +
> + nt = netdev_priv(dev);
> + vti_netlink_parms(data, &p);
> +
> + t = vti_tunnel_locate(net, &p, 0);
> +
> + if (t) {
> + if (t->dev != dev)
> + return -EEXIST;
> + } else {
> + t = nt;
> +
> + vti_tunnel_unlink(ipn, t);
> + t->parms.iph.saddr = p.iph.saddr;
> + t->parms.iph.daddr = p.iph.daddr;
> + t->parms.i_key = p.i_key;
> + t->parms.o_key = p.o_key;
> + if (dev->type != ARPHRD_ETHER) {
> + memcpy(dev->dev_addr, &p.iph.saddr, 4);
> + memcpy(dev->broadcast, &p.iph.daddr, 4);
> + }
> + vti_tunnel_link(ipn, t);
> + netdev_state_change(dev);
> + }
> +
> + if (t->parms.link != p.link) {
> + t->parms.link = p.link;
> + mtu = vti_tunnel_bind_dev(dev);
> + if (!tb[IFLA_MTU])
> + dev->mtu = mtu;
> + netdev_state_change(dev);
> + }
> +
> + return 0;
> +}
> +
> +static size_t vti_get_size(const struct net_device *dev)
> +{
> + return
> + /* IFLA_VTI_LINK */
> + nla_total_size(4) +
> + /* IFLA_VTI_IKEY */
> + nla_total_size(4) +
> + /* IFLA_VTI_OKEY */
> + nla_total_size(4) +
> + /* IFLA_VTI_LOCAL */
> + nla_total_size(4) +
> + /* IFLA_VTI_REMOTE */
> + nla_total_size(4) +
> + 0;
> +}
> +
> +static int vti_fill_info(struct sk_buff *skb, const struct net_device *dev)
> +{
> + struct ip_tunnel *t = netdev_priv(dev);
> + struct ip_tunnel_parm *p = &t->parms;
> +
> + nla_put_u32(skb, IFLA_VTI_LINK, p->link);
> + nla_put_be32(skb, IFLA_VTI_IKEY, p->i_key);
> + nla_put_be32(skb, IFLA_VTI_OKEY, p->o_key);
> + nla_put_be32(skb, IFLA_VTI_LOCAL, p->iph.saddr);
> + nla_put_be32(skb, IFLA_VTI_REMOTE, p->iph.daddr);
> +
> + return 0;
> +}
> +
> +static const struct nla_policy vti_policy[IFLA_VTI_MAX + 1] = {
> + [IFLA_VTI_LINK] = { .type = NLA_U32 },
> + [IFLA_VTI_IKEY] = { .type = NLA_U32 },
> + [IFLA_VTI_OKEY] = { .type = NLA_U32 },
> + [IFLA_VTI_LOCAL] = { .len = FIELD_SIZEOF(struct iphdr, saddr) },
> + [IFLA_VTI_REMOTE] = { .len = FIELD_SIZEOF(struct iphdr, daddr) },
> +};
> +
> +static struct rtnl_link_ops vti_link_ops __read_mostly = {
> + .kind = "vti",
> + .maxtype = IFLA_VTI_MAX,
> + .policy = vti_policy,
> + .priv_size = sizeof(struct ip_tunnel),
> + .setup = vti_tunnel_setup,
> + .validate = vti_tunnel_validate,
> + .newlink = vti_newlink,
> + .changelink = vti_changelink,
> + .get_size = vti_get_size,
> + .fill_info = vti_fill_info,
> +};
> +
> +static int __init vti_init(void)
> +{
> + int err;
> +
> + pr_info("IPv4 over ESP tunneling driver v4\n");
> +
> + err = register_pernet_device(&vti_net_ops);
> + if (err < 0)
> + return err;
> + err = xfrm4_mode_tunnel_input_register(&vti_handler);
> + if (err < 0) {
> + unregister_pernet_device(&vti_net_ops);
> + pr_info(KERN_INFO "vti init: can't register tunnel\n");
> + }
> +
> + err = rtnl_link_register(&vti_link_ops);
> + if (err < 0)
> + goto rtnl_link_failed;
> +
> + return err;
> +
> +rtnl_link_failed:
> + xfrm4_mode_tunnel_input_deregister(&vti_handler);
> + unregister_pernet_device(&vti_net_ops);
> + return err;
> +}
> +
> +static void __exit vti_fini(void)
> +{
> + rtnl_link_unregister(&vti_link_ops);
> + if (xfrm4_mode_tunnel_input_deregister(&vti_handler))
> + pr_info("vti close: can't deregister tunnel\n");
> +
> + unregister_pernet_device(&vti_net_ops);
> +}
> +
> +module_init(vti_init);
> +module_exit(vti_fini);
> +MODULE_LICENSE("GPL");
> +MODULE_ALIAS_RTNL_LINK("vti");
> +MODULE_ALIAS_NETDEV("ip_vti0");
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: Regression on TX throughput when using bonding
From: Eric Dumazet @ 2012-06-14 9:21 UTC (permalink / raw)
To: Jean-Michel Hautbois; +Cc: netdev
In-Reply-To: <CAL8zT=j8pEVc7AHwJzk+4skj=1tfRYZ_C7CuXD_08T_VmkwoFg@mail.gmail.com>
On Thu, 2012-06-14 at 10:58 +0200, Jean-Michel Hautbois wrote:
> Hi all,
>
> I have bisected a regression which concerns TX throughput when using bonding.
> I tested only with 10Gbps cards, as it appears when bandwidth need is
> over 1Gbps on my machine.
> I send UDP multicast packets over bonding and observe the tc result.
>
> When KO :
> $>tc -s -d qdisc show dev eth1
> qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1
> 1 1 1 1 1 1
> Sent 1106527591 bytes 273802 pkt (dropped 306419, overlimits 0 requeues 223)
> backlog 0b 0p requeues 223
>
> Ok course, when OK, dropped is 0.
> $>tc -s -d qdisc show dev eth1
> qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1
> 1 1 1 1 1 1
> Sent 1648662087 bytes 408009 pkt (dropped 0, overlimits 0 requeues 0)
> backlog 0b 0p requeues 0
>
>
> Here is the incriminated commit:
>
> fc6055a5ba31e2c14e36e8939f9bf2b6d586a7f5 is the first bad commit
> commit fc6055a5ba31e2c14e36e8939f9bf2b6d586a7f5
> net: Introduce skb_orphan_try()
So you are saying that if you make skb_orphan_try() doing nothing, it
solves your problem ?
diff --git a/net/core/dev.c b/net/core/dev.c
index cd09819..6df40dd 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2096,6 +2096,7 @@ static int dev_gso_segment(struct sk_buff *skb, netdev_features_t features)
*/
static inline void skb_orphan_try(struct sk_buff *skb)
{
+#if 0
struct sock *sk = skb->sk;
if (sk && !skb_shinfo(skb)->tx_flags) {
@@ -2106,6 +2107,7 @@ static inline void skb_orphan_try(struct sk_buff *skb)
skb->rxhash = sk->sk_hash;
skb_orphan(skb);
}
+#endif
}
static bool can_checksum_protocol(netdev_features_t features, __be16 protocol)
^ permalink raw reply related
* Re: [net-next PATCH 01/02] net/ipv4: VTI support rx-path hook in xfrm4_mode_tunnel.
From: Steffen Klassert @ 2012-06-14 9:25 UTC (permalink / raw)
To: Saurabh; +Cc: netdev
In-Reply-To: <20120608173246.GA11945@debian-saurabh-64.vyatta.com>
On Fri, Jun 08, 2012 at 10:32:46AM -0700, Saurabh wrote:
>
>
> Add hook for rx-path xfmr4_mode_tunnel for VTI tunnel module.
>
> Signed-off-by: Saurabh Mohan <saurabh.mohan@vyatta.com>
> Reviewed-by: Stephen Hemminger <shemminger@vyatta.com>
>
> ---
> diff --git a/include/net/xfrm.h b/include/net/xfrm.h
> index e0a55df..04214c0 100644
> --- a/include/net/xfrm.h
> +++ b/include/net/xfrm.h
> @@ -1475,6 +1475,8 @@ extern int xfrm4_output(struct sk_buff *skb);
> extern int xfrm4_output_finish(struct sk_buff *skb);
> extern int xfrm4_tunnel_register(struct xfrm_tunnel *handler, unsigned short family);
> extern int xfrm4_tunnel_deregister(struct xfrm_tunnel *handler, unsigned short family);
> +extern int xfrm4_mode_tunnel_input_register(struct xfrm_tunnel *handler);
> +extern int xfrm4_mode_tunnel_input_deregister(struct xfrm_tunnel *handler);
> extern int xfrm6_extract_header(struct sk_buff *skb);
> extern int xfrm6_extract_input(struct xfrm_state *x, struct sk_buff *skb);
> extern int xfrm6_rcv_spi(struct sk_buff *skb, int nexthdr, __be32 spi);
> diff --git a/net/ipv4/xfrm4_mode_tunnel.c b/net/ipv4/xfrm4_mode_tunnel.c
> index ed4bf11..4fc2944 100644
> --- a/net/ipv4/xfrm4_mode_tunnel.c
> +++ b/net/ipv4/xfrm4_mode_tunnel.c
> @@ -15,6 +15,68 @@
> #include <net/ip.h>
> #include <net/xfrm.h>
>
> +/*
> + * Informational hook. The decap is still done here.
> + */
> +static struct xfrm_tunnel __rcu *rcv_notify_handlers __read_mostly;
> +static DEFINE_MUTEX(xfrm4_mode_tunnel_input_mutex);
> +
> +int xfrm4_mode_tunnel_input_register(struct xfrm_tunnel *handler)
> +{
> + struct xfrm_tunnel __rcu **pprev;
> + struct xfrm_tunnel *t;
> +
> + int ret = -EEXIST;
> + int priority = handler->priority;
> +
> + mutex_lock(&xfrm4_mode_tunnel_input_mutex);
> +
> + for (pprev = &rcv_notify_handlers;
> + (t = rcu_dereference_protected(*pprev,
> + lockdep_is_held(&xfrm4_mode_tunnel_input_mutex))) != NULL;
> + pprev = &t->next) {
> + if (t->priority > priority)
> + break;
> + if (t->priority == priority)
> + goto err;
> +
> + }
> +
> + handler->next = *pprev;
> + rcu_assign_pointer(*pprev, handler);
> +
> + ret = 0;
> +
> +err:
> + mutex_unlock(&xfrm4_mode_tunnel_input_mutex);
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(xfrm4_mode_tunnel_input_register);
> +
> +int xfrm4_mode_tunnel_input_deregister(struct xfrm_tunnel *handler)
> +{
> + struct xfrm_tunnel __rcu **pprev;
> + struct xfrm_tunnel *t;
> + int ret = -ENOENT;
> +
> + mutex_lock(&xfrm4_mode_tunnel_input_mutex);
> + for (pprev = &rcv_notify_handlers;
> + (t = rcu_dereference_protected(*pprev,
> + lockdep_is_held(&xfrm4_mode_tunnel_input_mutex))) != NULL;
> + pprev = &t->next) {
> + if (t == handler) {
> + *pprev = handler->next;
> + ret = 0;
> + break;
> + }
> + }
> + mutex_unlock(&xfrm4_mode_tunnel_input_mutex);
> + synchronize_net();
> +
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(xfrm4_mode_tunnel_input_deregister);
> +
> static inline void ipip_ecn_decapsulate(struct sk_buff *skb)
> {
> struct iphdr *inner_iph = ipip_hdr(skb);
> @@ -64,8 +126,14 @@ static int xfrm4_mode_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
> return 0;
> }
>
> +#define for_each_input_rcu(head, handler) \
> + for (handler = rcu_dereference(head); \
> + handler != NULL; \
> + handler = rcu_dereference(handler->next)) \
> +
> static int xfrm4_mode_tunnel_input(struct xfrm_state *x, struct sk_buff *skb)
> {
> + struct xfrm_tunnel *handler;
> int err = -EINVAL;
>
> if (XFRM_MODE_SKB_CB(skb)->protocol != IPPROTO_IPIP)
> @@ -74,6 +142,10 @@ static int xfrm4_mode_tunnel_input(struct xfrm_state *x, struct sk_buff *skb)
> if (!pskb_may_pull(skb, sizeof(struct iphdr)))
> goto out;
>
> + /* The handlers do not consume the skb. */
> + for_each_input_rcu(rcv_notify_handlers, handler)
> + handler->handler(skb);
I'm not sure if this is the right place to add your handler.
My understanding of an IPsec tunnel device would be to
receive the packet first and then do IPsec processing.
Here it happens the other way arround.
Why didn't you register a tunnel handler and call the
xfrm tunnel handler from that?
> +
> if (skb_cloned(skb) &&
> (err = pskb_expand_head(skb, 0, 0, GFP_ATOMIC)))
> goto out;
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
* Re: [PATCH 2/5] drivers/net/ethernet/dec/tulip: Use standard __set_bit_le() function
From: Akinobu Mita @ 2012-06-14 9:36 UTC (permalink / raw)
To: Takuya Yoshikawa
Cc: Grant Grundler, Takuya Yoshikawa, akpm, bhutchings, grundler,
arnd, benh, avi, mtosatti, linux-net-drivers, netdev,
linux-kernel, linux-arch, kvm
In-Reply-To: <20120614072831.63845f6ddf024ece28e49f5e@gmail.com>
2012/6/14 Takuya Yoshikawa <takuya.yoshikawa@gmail.com>:
> On Wed, 13 Jun 2012 08:21:18 -0700
> Grant Grundler <grantgrundler@gmail.com> wrote:
>
>> >> >> Should this hash_table be converted from u16 hash_table[32] to
>> >> >> DECLARE_BITMAP(hash_table, 16 * 32) to ensure that it is aligned
>> >> >> on long-word boundary?
>> >> >
>> >> > I think hash_table is already long-word aligned because it is placed
>> >> > right after a pointer.
>> >>
>> >> I recommend converting to proper bitmap. Because such an implicit
>> >> assumption is easily broken by someone touching this function.
>> >
>> > Do you mean something like:
>> > DECLARE_BITMAP(__hash_table, 16 * 32);
>> > u16 *hash_table = (u16 *)__hash_table;
>> > ?
>> >
>> > Grant, what do you think about this?
>>
>> Hi Takuya,
>> two thoughts:
>> 1) while I agree with Akinobu and thank him for pointing out a
>> _potential_ alignment problem, this is a separate issue and your
>> existing patch should go in anyway. There are probably other drivers
>> with _potential_ alignment issues. Akinobu could get credit for
>> finding them by submitting patches after reviewing calls to set_bit
>> and set_bit_le() - similar to what you are doing now.
>
> I prefer approach 1.
>
> hash_table is local in build_setup_frame_hash(), so if further
> improvement is also required, we can do that locally there later.
This potential alignment problem is introduced by this patch. Because
the original set_bit_le() in tulip driver can handle unaligned bitmap.
This is why I recommended it should be fixed in this patch.
But please just ignore me if I'm too much paranoid. And I'll handle
this issue if no one wants to do it.
^ permalink raw reply
* Re: Regression on TX throughput when using bonding
From: Jean-Michel Hautbois @ 2012-06-14 9:40 UTC (permalink / raw)
To: Eric Dumazet; +Cc: netdev
In-Reply-To: <1339665719.22704.692.camel@edumazet-glaptop>
2012/6/14 Eric Dumazet <eric.dumazet@gmail.com>:
> On Thu, 2012-06-14 at 10:58 +0200, Jean-Michel Hautbois wrote:
>> Hi all,
>>
>> I have bisected a regression which concerns TX throughput when using bonding.
>> I tested only with 10Gbps cards, as it appears when bandwidth need is
>> over 1Gbps on my machine.
>> I send UDP multicast packets over bonding and observe the tc result.
>>
>> When KO :
>> $>tc -s -d qdisc show dev eth1
>> qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1
>> 1 1 1 1 1 1
>> Sent 1106527591 bytes 273802 pkt (dropped 306419, overlimits 0 requeues 223)
>> backlog 0b 0p requeues 223
>>
>> Ok course, when OK, dropped is 0.
>> $>tc -s -d qdisc show dev eth1
>> qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1
>> 1 1 1 1 1 1
>> Sent 1648662087 bytes 408009 pkt (dropped 0, overlimits 0 requeues 0)
>> backlog 0b 0p requeues 0
>>
>>
>> Here is the incriminated commit:
>>
>> fc6055a5ba31e2c14e36e8939f9bf2b6d586a7f5 is the first bad commit
>> commit fc6055a5ba31e2c14e36e8939f9bf2b6d586a7f5
>
>> net: Introduce skb_orphan_try()
>
> So you are saying that if you make skb_orphan_try() doing nothing, it
> solves your problem ?
>
> diff --git a/net/core/dev.c b/net/core/dev.c
> index cd09819..6df40dd 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -2096,6 +2096,7 @@ static int dev_gso_segment(struct sk_buff *skb, netdev_features_t features)
> */
> static inline void skb_orphan_try(struct sk_buff *skb)
> {
> +#if 0
> struct sock *sk = skb->sk;
>
> if (sk && !skb_shinfo(skb)->tx_flags) {
> @@ -2106,6 +2107,7 @@ static inline void skb_orphan_try(struct sk_buff *skb)
> skb->rxhash = sk->sk_hash;
> skb_orphan(skb);
> }
> +#endif
> }
>
> static bool can_checksum_protocol(netdev_features_t features, __be16 protocol)
>
Yes :
[09:44:46]root@debian:~# uname -r
3.2.0
[09:44:50]root@debian:~# tc -s -d qdisc show dev eth1
qdisc mq 0: root
Sent 11786861758 bytes 2916943 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
JM
^ permalink raw reply
* Re: Regression on TX throughput when using bonding
From: Eric Dumazet @ 2012-06-14 9:50 UTC (permalink / raw)
To: Jean-Michel Hautbois; +Cc: netdev
In-Reply-To: <1339665719.22704.692.camel@edumazet-glaptop>
On Thu, 2012-06-14 at 11:22 +0200, Eric Dumazet wrote:
> So you are saying that if you make skb_orphan_try() doing nothing, it
> solves your problem ?
It probably does, if your application does an UDP flood, trying to send
more than the link bandwidth. I guess only benchmarks workloads ever try
to do that.
bonding has no way to give congestion back, it has no Qdisc by default.
We probably can defer the skb_orphan_try() for bonding master, a bit
like the IFF_XMIT_DST_RELEASE
drivers/net/bonding/bond_main.c | 2 +-
include/linux/if.h | 3 +++
net/core/dev.c | 5 +++--
3 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
index 2ee8cf9..1b1e9c8 100644
--- a/drivers/net/bonding/bond_main.c
+++ b/drivers/net/bonding/bond_main.c
@@ -4343,7 +4343,7 @@ static void bond_setup(struct net_device *bond_dev)
bond_dev->tx_queue_len = 0;
bond_dev->flags |= IFF_MASTER|IFF_MULTICAST;
bond_dev->priv_flags |= IFF_BONDING;
- bond_dev->priv_flags &= ~(IFF_XMIT_DST_RELEASE | IFF_TX_SKB_SHARING);
+ bond_dev->priv_flags &= ~(IFF_XMIT_DST_RELEASE | IFF_TX_SKB_SHARING | IFF_XMIT_ORPHAN);
/* At first, we block adding VLANs. That's the only way to
* prevent problems that occur when adding VLANs over an
diff --git a/include/linux/if.h b/include/linux/if.h
index f995c66..a788e7b 100644
--- a/include/linux/if.h
+++ b/include/linux/if.h
@@ -81,6 +81,9 @@
#define IFF_UNICAST_FLT 0x20000 /* Supports unicast filtering */
#define IFF_TEAM_PORT 0x40000 /* device used as team port */
#define IFF_SUPP_NOFCS 0x80000 /* device supports sending custom FCS */
+#define IFF_XMIT_ORPHAN 0x100000 /* dev_hard_start_xmit() is allowed to
+ * orphan skb
+ */
#define IF_GET_IFACE 0x0001 /* for querying only */
diff --git a/net/core/dev.c b/net/core/dev.c
index cd09819..3435463 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2193,7 +2193,8 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
if (!list_empty(&ptype_all))
dev_queue_xmit_nit(skb, dev);
- skb_orphan_try(skb);
+ if (dev->priv_flags & IFF_XMIT_ORPHAN)
+ skb_orphan_try(skb);
features = netif_skb_features(skb);
@@ -5929,7 +5930,7 @@ struct net_device *alloc_netdev_mqs(int sizeof_priv, const char *name,
INIT_LIST_HEAD(&dev->napi_list);
INIT_LIST_HEAD(&dev->unreg_list);
INIT_LIST_HEAD(&dev->link_watch_list);
- dev->priv_flags = IFF_XMIT_DST_RELEASE;
+ dev->priv_flags = IFF_XMIT_DST_RELEASE | IFF_XMIT_ORPHAN;
setup(dev);
dev->num_tx_queues = txqs;
^ permalink raw reply related
* Re: Regression on TX throughput when using bonding
From: David Miller @ 2012-06-14 10:00 UTC (permalink / raw)
To: eric.dumazet; +Cc: jhautbois, netdev
In-Reply-To: <1339667417.22704.707.camel@edumazet-glaptop>
From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Thu, 14 Jun 2012 11:50:17 +0200
> On Thu, 2012-06-14 at 11:22 +0200, Eric Dumazet wrote:
>
>> So you are saying that if you make skb_orphan_try() doing nothing, it
>> solves your problem ?
>
> It probably does, if your application does an UDP flood, trying to send
> more than the link bandwidth. I guess only benchmarks workloads ever try
> to do that.
Eric, I just want to point out that back when this early orphaning
idea were being proposed I warned about this, and specifically I
mentioned that, for datagram sockets, the socket send buffer limits
are what provide proper rate control and fairness.
It also, therefore, protects the system from one datagram spammer
being able to essentially take over the network interface and blocking
out all other users.
Early orphaning breaks this completely.
I guess we decided that moving an atomic operation earlier is worth
all of this?
Now we are so addicted to the increased performance from early
orphaning that I fear we'll never be allowed back into that sane
state of affairs ever again.
^ permalink raw reply
* [PATCH 01/10] netfilter: fix problem with proto register
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
commit 2c352f444ccfa966a1aa4fd8e9ee29381c467448
(netfilter: nf_conntrack: prepare namespace support for
l4 protocol trackers) register proto before register sysctl.
it changes the behavior that when register sysctl failed, the
proto should not be registered too.
so change to register sysctl before register protos.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto.c | 37 ++++++++++++++++++++++-------------
1 files changed, 23 insertions(+), 14 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 1ea9194..a434dd7 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -253,18 +253,23 @@ int nf_conntrack_l3proto_register(struct net *net,
{
int ret = 0;
- if (net == &init_net)
- ret = nf_conntrack_l3proto_register_net(proto);
+ if (proto->init_net) {
+ ret = proto->init_net(net);
+ if (ret < 0)
+ return ret;
+ }
+ ret = nf_ct_l3proto_register_sysctl(net, proto);
if (ret < 0)
return ret;
- if (proto->init_net) {
- ret = proto->init_net(net);
+ if (net == &init_net) {
+ ret = nf_conntrack_l3proto_register_net(proto);
if (ret < 0)
- return ret;
+ nf_ct_l3proto_unregister_sysctl(net, proto);
}
- return nf_ct_l3proto_register_sysctl(net, proto);
+
+ return ret;
}
EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_register);
@@ -454,19 +459,23 @@ int nf_conntrack_l4proto_register(struct net *net,
struct nf_conntrack_l4proto *l4proto)
{
int ret = 0;
- if (net == &init_net)
- ret = nf_conntrack_l4proto_register_net(l4proto);
-
- if (ret < 0)
- return ret;
-
- if (l4proto->init_net)
+ if (l4proto->init_net) {
ret = l4proto->init_net(net);
+ if (ret < 0)
+ return ret;
+ }
+ ret = nf_ct_l4proto_register_sysctl(net, l4proto);
if (ret < 0)
return ret;
- return nf_ct_l4proto_register_sysctl(net, l4proto);
+ if (net == &init_net) {
+ ret = nf_conntrack_l4proto_register_net(l4proto);
+ if (ret < 0)
+ nf_ct_l4proto_unregister_sysctl(net, l4proto);
+ }
+
+ return ret;
}
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_register);
--
1.7.7.6
^ permalink raw reply related
* [PATCH 02/10] netfilter: add parameter proto for l4proto.init_net
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
there are redundancy codes in l4proto's init_net functions.
we can use one init_net function and l3proto to impletment
the same thing.
So we should add l3proto as a parameter for init_net function.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_l4proto.h | 2 +-
net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 2 +-
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 2 +-
net/netfilter/nf_conntrack_proto.c | 6 ++++--
net/netfilter/nf_conntrack_proto_dccp.c | 2 +-
net/netfilter/nf_conntrack_proto_generic.c | 2 +-
net/netfilter/nf_conntrack_proto_gre.c | 2 +-
net/netfilter/nf_conntrack_proto_sctp.c | 4 ++--
net/netfilter/nf_conntrack_proto_tcp.c | 4 ++--
net/netfilter/nf_conntrack_proto_udp.c | 4 ++--
net/netfilter/nf_conntrack_proto_udplite.c | 2 +-
11 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h
index 81c52b5..5dd60f2 100644
--- a/include/net/netfilter/nf_conntrack_l4proto.h
+++ b/include/net/netfilter/nf_conntrack_l4proto.h
@@ -97,7 +97,7 @@ struct nf_conntrack_l4proto {
#endif
int *net_id;
/* Init l4proto pernet data */
- int (*init_net)(struct net *net);
+ int (*init_net)(struct net *net, u_int16_t proto);
/* Protocol name */
const char *name;
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 041923c..76f7a2f 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -337,7 +337,7 @@ static struct ctl_table icmp_compat_sysctl_table[] = {
#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
#endif /* CONFIG_SYSCTL */
-static int icmp_init_net(struct net *net)
+static int icmp_init_net(struct net *net, u_int16_t proto)
{
struct nf_icmp_net *in = icmp_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)in;
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 63ed012..807ae09 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -333,7 +333,7 @@ static struct ctl_table icmpv6_sysctl_table[] = {
};
#endif /* CONFIG_SYSCTL */
-static int icmpv6_init_net(struct net *net)
+static int icmpv6_init_net(struct net *net, u_int16_t proto)
{
struct nf_icmp_net *in = icmpv6_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)in;
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index a434dd7..8fc0332 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -193,6 +193,7 @@ static int nf_ct_l3proto_register_sysctl(struct net *net,
l3proto->ctl_table_path,
in->ctl_table,
NULL);
+
if (err < 0) {
kfree(in->ctl_table);
in->ctl_table = NULL;
@@ -460,7 +461,7 @@ int nf_conntrack_l4proto_register(struct net *net,
{
int ret = 0;
if (l4proto->init_net) {
- ret = l4proto->init_net(net);
+ ret = l4proto->init_net(net, l4proto->l3proto);
if (ret < 0)
return ret;
}
@@ -514,7 +515,8 @@ int nf_conntrack_proto_init(struct net *net)
{
unsigned int i;
int err;
- err = nf_conntrack_l4proto_generic.init_net(net);
+ err = nf_conntrack_l4proto_generic.init_net(net,
+ nf_conntrack_l4proto_generic.l3proto);
if (err < 0)
return err;
err = nf_ct_l4proto_register_sysctl(net,
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index c33f76a..52da8f0 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -815,7 +815,7 @@ static struct ctl_table dccp_sysctl_table[] = {
};
#endif /* CONFIG_SYSCTL */
-static int dccp_init_net(struct net *net)
+static int dccp_init_net(struct net *net, u_int16_t proto)
{
struct dccp_net *dn = dccp_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)dn;
diff --git a/net/netfilter/nf_conntrack_proto_generic.c b/net/netfilter/nf_conntrack_proto_generic.c
index bb0e74f..d1ed7b4 100644
--- a/net/netfilter/nf_conntrack_proto_generic.c
+++ b/net/netfilter/nf_conntrack_proto_generic.c
@@ -135,7 +135,7 @@ static struct ctl_table generic_compat_sysctl_table[] = {
#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
#endif /* CONFIG_SYSCTL */
-static int generic_init_net(struct net *net)
+static int generic_init_net(struct net *net, u_int16_t proto)
{
struct nf_generic_net *gn = generic_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)gn;
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index 25ba5a2..851b93b 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -348,7 +348,7 @@ gre_timeout_nla_policy[CTA_TIMEOUT_GRE_MAX+1] = {
};
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
-static int gre_init_net(struct net *net)
+static int gre_init_net(struct net *net, u_int16_t proto)
{
struct netns_proto_gre *net_gre = gre_pernet(net);
int i;
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 8fb0582..1e7836c 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -767,7 +767,7 @@ static int sctp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
return 0;
}
-static int sctpv4_init_net(struct net *net)
+static int sctpv4_init_net(struct net *net, u_int16_t proto)
{
int ret;
struct sctp_net *sn = sctp_pernet(net);
@@ -793,7 +793,7 @@ static int sctpv4_init_net(struct net *net)
return ret;
}
-static int sctpv6_init_net(struct net *net)
+static int sctpv6_init_net(struct net *net, u_int16_t proto)
{
struct sctp_net *sn = sctp_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)sn;
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index 99caa13..6db9d3c 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -1593,7 +1593,7 @@ static int tcp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
return 0;
}
-static int tcpv4_init_net(struct net *net)
+static int tcpv4_init_net(struct net *net, u_int16_t proto)
{
int i;
int ret = 0;
@@ -1631,7 +1631,7 @@ static int tcpv4_init_net(struct net *net)
return ret;
}
-static int tcpv6_init_net(struct net *net)
+static int tcpv6_init_net(struct net *net, u_int16_t proto)
{
int i;
struct nf_tcp_net *tn = tcp_pernet(net);
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index a83cf93..2b978e6 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -283,7 +283,7 @@ static void udp_init_net_data(struct nf_udp_net *un)
}
}
-static int udpv4_init_net(struct net *net)
+static int udpv4_init_net(struct net *net, u_int16_t proto)
{
int ret;
struct nf_udp_net *un = udp_pernet(net);
@@ -307,7 +307,7 @@ static int udpv4_init_net(struct net *net)
return ret;
}
-static int udpv6_init_net(struct net *net)
+static int udpv6_init_net(struct net *net, u_int16_t proto)
{
struct nf_udp_net *un = udp_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)un;
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index b32e700..d33e511 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -234,7 +234,7 @@ static struct ctl_table udplite_sysctl_table[] = {
};
#endif /* CONFIG_SYSCTL */
-static int udplite_init_net(struct net *net)
+static int udplite_init_net(struct net *net, u_int16_t proto)
{
int i;
struct udplite_net *un = udplite_pernet(net);
--
1.7.7.6
^ permalink raw reply related
* [PATCH 03/10] netfilter: add nf_ct_kfree_compat_sysctl_table to make codes clear
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
add function nf_ct_kfree_compat_sysctl_table to kfree l4proto's
compat sysctl table and set the sysctl table point to NULL.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_l4proto.h | 8 ++++++++
net/netfilter/nf_conntrack_proto.c | 4 +---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h
index 5dd60f2..889b717 100644
--- a/include/net/netfilter/nf_conntrack_l4proto.h
+++ b/include/net/netfilter/nf_conntrack_l4proto.h
@@ -132,6 +132,14 @@ extern int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
extern int nf_ct_port_nlattr_tuple_size(void);
extern const struct nla_policy nf_ct_port_nla_policy[];
+static inline void nf_ct_kfree_compat_sysctl_table(struct nf_proto_net *pn)
+{
+#if defined(CONFIG_SYSCTL) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
+ kfree(pn->ctl_compat_table);
+ pn->ctl_compat_table = NULL;
+#endif
+}
+
#ifdef CONFIG_SYSCTL
#ifdef DEBUG_INVALID_PACKETS
#define LOG_INVALID(net, proto) \
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 8fc0332..c9df1b4 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -361,9 +361,7 @@ int nf_ct_l4proto_register_sysctl(struct net *net,
NULL);
if (err == 0)
goto out;
-
- kfree(pn->ctl_compat_table);
- pn->ctl_compat_table = NULL;
+ nf_ct_kfree_compat_sysctl_table(pn);
nf_ct_unregister_sysctl(&pn->ctl_table_header,
&pn->ctl_table,
&pn->users);
--
1.7.7.6
^ permalink raw reply related
* [PATCH 06/10] merge udpv[4,6]_net_init into udp_net_init
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
merge udpv4_net_init and udpv6_net_init into udp_net_init to
reduce the redundancy codes.
and use nf_proto_net.users to identify if it's the first time
we use the nf_proto_net. when it's the first time,we will
initialized it.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_udp.c | 60 ++++++++++++--------------------
1 files changed, 22 insertions(+), 38 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index 2b978e6..480126e 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -239,13 +239,16 @@ static int udp_kmemdup_sysctl_table(struct nf_proto_net *pn)
{
#ifdef CONFIG_SYSCTL
struct nf_udp_net *un = (struct nf_udp_net *)pn;
+
if (pn->ctl_table)
return 0;
+
pn->ctl_table = kmemdup(udp_sysctl_table,
sizeof(udp_sysctl_table),
GFP_KERNEL);
if (!pn->ctl_table)
return -ENOMEM;
+
pn->ctl_table[0].data = &un->timeouts[UDP_CT_UNREPLIED];
pn->ctl_table[1].data = &un->timeouts[UDP_CT_REPLIED];
#endif
@@ -257,6 +260,7 @@ static int udp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
#ifdef CONFIG_SYSCTL
#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
struct nf_udp_net *un = (struct nf_udp_net *)pn;
+
pn->ctl_compat_table = kmemdup(udp_compat_sysctl_table,
sizeof(udp_compat_sysctl_table),
GFP_KERNEL);
@@ -270,52 +274,32 @@ static int udp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
return 0;
}
-static void udp_init_net_data(struct nf_udp_net *un)
+static int udp_init_net(struct net *net, u_int16_t proto)
{
- int i;
-#ifdef CONFIG_SYSCTL
- if (!un->pn.ctl_table) {
-#else
- if (!un->pn.users++) {
-#endif
+ int ret = 0;
+ struct nf_udp_net *un = udp_pernet(net);
+ struct nf_proto_net *pn = (struct nf_proto_net *)un;
+
+ if (pn->users) {
+ int i = 0;
for (i = 0; i < UDP_CT_MAX; i++)
un->timeouts[i] = udp_timeouts[i];
}
-}
-static int udpv4_init_net(struct net *net, u_int16_t proto)
-{
- int ret;
- struct nf_udp_net *un = udp_pernet(net);
- struct nf_proto_net *pn = (struct nf_proto_net *)un;
+ if (proto == AF_INET) {
+ ret = udp_kmemdup_compat_sysctl_table(pn);
+ if (ret < 0)
+ return ret;
- udp_init_net_data(un);
+ ret = udp_kmemdup_sysctl_table(pn);
+ if (ret < 0)
+ nf_ct_kfree_compat_sysctl_table(pn);
+ } else
+ ret = udp_kmemdup_sysctl_table(pn);
- ret = udp_kmemdup_compat_sysctl_table(pn);
- if (ret < 0)
- return ret;
-
- ret = udp_kmemdup_sysctl_table(pn);
-#ifdef CONFIG_SYSCTL
-#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
- if (ret < 0) {
- kfree(pn->ctl_compat_table);
- pn->ctl_compat_table = NULL;
- }
-#endif
-#endif
return ret;
}
-static int udpv6_init_net(struct net *net, u_int16_t proto)
-{
- struct nf_udp_net *un = udp_pernet(net);
- struct nf_proto_net *pn = (struct nf_proto_net *)un;
-
- udp_init_net_data(un);
- return udp_kmemdup_sysctl_table(pn);
-}
-
struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 __read_mostly =
{
.l3proto = PF_INET,
@@ -343,7 +327,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 __read_mostly =
.nla_policy = udp_timeout_nla_policy,
},
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
- .init_net = udpv4_init_net,
+ .init_net = udp_init_net,
};
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_udp4);
@@ -374,6 +358,6 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 __read_mostly =
.nla_policy = udp_timeout_nla_policy,
},
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
- .init_net = udpv6_init_net,
+ .init_net = udp_init_net,
};
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_udp6);
--
1.7.7.6
^ permalink raw reply related
* [PATCH 07/10] netfilter: nf_conntrack_l4proto_udplite[4,6] cleanup
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
some cleanup for nf_conntrack_l4proto_udplite[4,6],
make codes more clearer and ready for moving the
sysctl code to nf_conntrack_proto_*_sysctl.c to
reduce the ifdef pollution.
and use nf_proto_net.users to identify if it's the first time
we use the nf_proto_net. when it's the first time,we will
initialized it.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_udplite.c | 42 +++++++++++++++++----------
1 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index d33e511..f6a789a 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -234,29 +234,39 @@ static struct ctl_table udplite_sysctl_table[] = {
};
#endif /* CONFIG_SYSCTL */
+static int udplite_kmemdup_sysctl_table(struct nf_proto_net *pn)
+{
+#ifdef CONFIG_SYSCTL
+ struct udplite_net *un = (struct udplite_net *)pn;
+
+ if (pn->ctl_table)
+ return 0;
+
+ pn->ctl_table = kmemdup(udplite_sysctl_table,
+ sizeof(udplite_sysctl_table),
+ GFP_KERNEL);
+ if (!pn->ctl_table)
+ return -ENOMEM;
+
+ pn->ctl_table[0].data = &un->timeouts[UDPLITE_CT_UNREPLIED];
+ pn->ctl_table[1].data = &un->timeouts[UDPLITE_CT_REPLIED];
+#endif
+ return 0;
+}
+
+
static int udplite_init_net(struct net *net, u_int16_t proto)
{
- int i;
struct udplite_net *un = udplite_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)un;
-#ifdef CONFIG_SYSCTL
- if (!pn->ctl_table) {
-#else
- if (!pn->users++) {
-#endif
+
+ if (!pn->users) {
+ int i;
for (i = 0 ; i < UDPLITE_CT_MAX; i++)
un->timeouts[i] = udplite_timeouts[i];
-#ifdef CONFIG_SYSCTL
- pn->ctl_table = kmemdup(udplite_sysctl_table,
- sizeof(udplite_sysctl_table),
- GFP_KERNEL);
- if (!pn->ctl_table)
- return -ENOMEM;
- pn->ctl_table[0].data = &un->timeouts[UDPLITE_CT_UNREPLIED];
- pn->ctl_table[1].data = &un->timeouts[UDPLITE_CT_REPLIED];
-#endif
}
- return 0;
+
+ return udplite_kmemdup_sysctl_table(pn);
}
static struct nf_conntrack_l4proto nf_conntrack_l4proto_udplite4 __read_mostly =
--
1.7.7.6
^ permalink raw reply related
* [PATCH 08/10] netfilter: merge sctpv[4,6]_net_init into sctp_net_init
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
merge sctpv4_net_init and sctpv6_net_init into sctp_net_init to
reduce the redundancy codes.
and use nf_proto_net.users to identify if it's the first time
we use the nf_proto_net. when it's the first time,we will
initialized it.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_sctp.c | 60 ++++++++++--------------------
1 files changed, 20 insertions(+), 40 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 1e7836c..49ea3c0 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -707,23 +707,11 @@ static struct ctl_table sctp_compat_sysctl_table[] = {
#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
#endif
-static void sctp_init_net_data(struct sctp_net *sn)
-{
- int i;
-#ifdef CONFIG_SYSCTL
- if (!sn->pn.ctl_table) {
-#else
- if (!sn->pn.users++) {
-#endif
- for (i = 0; i < SCTP_CONNTRACK_MAX; i++)
- sn->timeouts[i] = sctp_timeouts[i];
- }
-}
-
static int sctp_kmemdup_sysctl_table(struct nf_proto_net *pn)
{
#ifdef CONFIG_SYSCTL
struct sctp_net *sn = (struct sctp_net *)pn;
+
if (pn->ctl_table)
return 0;
@@ -749,6 +737,7 @@ static int sctp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
#ifdef CONFIG_SYSCTL
#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
struct sctp_net *sn = (struct sctp_net *)pn;
+
pn->ctl_compat_table = kmemdup(sctp_compat_sysctl_table,
sizeof(sctp_compat_sysctl_table),
GFP_KERNEL);
@@ -767,41 +756,32 @@ static int sctp_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
return 0;
}
-static int sctpv4_init_net(struct net *net, u_int16_t proto)
+static int sctp_init_net(struct net *net, u_int16_t proto)
{
- int ret;
+ int ret = 0;
struct sctp_net *sn = sctp_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)sn;
- sctp_init_net_data(sn);
-
- ret = sctp_kmemdup_compat_sysctl_table(pn);
- if (ret < 0)
- return ret;
+ if (!sn->pn.users) {
+ int i = 0;
+ for (i = 0; i < SCTP_CONNTRACK_MAX; i++)
+ sn->timeouts[i] = sctp_timeouts[i];
+ }
- ret = sctp_kmemdup_sysctl_table(pn);
+ if (proto == AF_INET) {
+ ret = sctp_kmemdup_compat_sysctl_table(pn);
+ if (ret < 0)
+ return ret;
-#ifdef CONFIG_SYSCTL
-#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
- if (ret < 0) {
+ ret = sctp_kmemdup_sysctl_table(pn);
+ if (ret < 0)
+ nf_ct_kfree_compat_sysctl_table(pn);
+ } else
+ ret = sctp_kmemdup_sysctl_table(pn);
- kfree(pn->ctl_compat_table);
- pn->ctl_compat_table = NULL;
- }
-#endif
-#endif
return ret;
}
-static int sctpv6_init_net(struct net *net, u_int16_t proto)
-{
- struct sctp_net *sn = sctp_pernet(net);
- struct nf_proto_net *pn = (struct nf_proto_net *)sn;
-
- sctp_init_net_data(sn);
- return sctp_kmemdup_sysctl_table(pn);
-}
-
static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
.l3proto = PF_INET,
.l4proto = IPPROTO_SCTP,
@@ -833,7 +813,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
},
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
.net_id = &sctp_net_id,
- .init_net = sctpv4_init_net,
+ .init_net = sctp_init_net,
};
static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
@@ -867,7 +847,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
#endif /* CONFIG_NF_CT_NETLINK_TIMEOUT */
#endif
.net_id = &sctp_net_id,
- .init_net = sctpv6_init_net,
+ .init_net = sctp_init_net,
};
static int sctp_net_init(struct net *net)
--
1.7.7.6
^ permalink raw reply related
* [PATCH 09/10] netfilter: nf_conntrack_l4proto_generic cleanup
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
some cleanup of nf_conntrack_l4proto_generic,
split the code to make it more clearer.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_generic.c | 41 ++++++++++++++++++++++-----
1 files changed, 33 insertions(+), 8 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_generic.c b/net/netfilter/nf_conntrack_proto_generic.c
index d1ed7b4..5e3c0ea 100644
--- a/net/netfilter/nf_conntrack_proto_generic.c
+++ b/net/netfilter/nf_conntrack_proto_generic.c
@@ -135,34 +135,59 @@ static struct ctl_table generic_compat_sysctl_table[] = {
#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
#endif /* CONFIG_SYSCTL */
-static int generic_init_net(struct net *net, u_int16_t proto)
+static int generic_kmemdup_sysctl_table(struct nf_proto_net *pn)
{
- struct nf_generic_net *gn = generic_pernet(net);
- struct nf_proto_net *pn = (struct nf_proto_net *)gn;
- gn->timeout = nf_ct_generic_timeout;
#ifdef CONFIG_SYSCTL
+ struct nf_generic_net *gn = (struct nf_generic_net *)pn;
+
pn->ctl_table = kmemdup(generic_sysctl_table,
sizeof(generic_sysctl_table),
GFP_KERNEL);
if (!pn->ctl_table)
return -ENOMEM;
+
pn->ctl_table[0].data = &gn->timeout;
+#endif
+ return 0;
+}
+static int generic_kmemdup_compat_sysctl_table(struct nf_proto_net *pn)
+{
+#ifdef CONFIG_SYSCTL
#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
+ struct nf_generic_net *gn = (struct nf_generic_net *)pn;
+
pn->ctl_compat_table = kmemdup(generic_compat_sysctl_table,
sizeof(generic_compat_sysctl_table),
GFP_KERNEL);
- if (!pn->ctl_compat_table) {
- kfree(pn->ctl_table);
- pn->ctl_table = NULL;
+ if (!pn->ctl_compat_table)
return -ENOMEM;
- }
+
pn->ctl_compat_table[0].data = &gn->timeout;
#endif
#endif
return 0;
}
+static int generic_init_net(struct net *net, u_int16_t proto)
+{
+ int ret = 0;
+ struct nf_generic_net *gn = generic_pernet(net);
+ struct nf_proto_net *pn = (struct nf_proto_net *)gn;
+
+ gn->timeout = nf_ct_generic_timeout;
+
+ ret = generic_kmemdup_compat_sysctl_table(pn);
+ if (ret < 0)
+ return ret;
+
+ ret = generic_kmemdup_sysctl_table(pn);
+ if (ret < 0)
+ nf_ct_kfree_compat_sysctl_table(pn);
+
+ return ret;
+}
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_generic __read_mostly =
{
.l3proto = PF_UNSPEC,
--
1.7.7.6
^ permalink raw reply related
* [PATCH 10/10] netfilter: nf_conntrack_l4proto_dccp[4,6] cleanup
From: Gao feng @ 2012-06-14 10:07 UTC (permalink / raw)
To: pablo; +Cc: netdev, netfilter-devel, Gao feng
In-Reply-To: <1339668445-23848-1-git-send-email-gaofeng@cn.fujitsu.com>
some cleanup of nf_conntrack_l4proto_dccp[4,6],
make codes more clearer and ready for moving the
sysctl code to nf_conntrack_proto_*_sysctl.c to
reduce the ifdef pollution.
and use nf_proto_net.users to identify if it's the first time
we use the nf_proto_net. when it's the first time,we will
initialized it.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_dccp.c | 51 +++++++++++++++++-------------
1 files changed, 29 insertions(+), 22 deletions(-)
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index 52da8f0..ef044ef 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -815,16 +815,38 @@ static struct ctl_table dccp_sysctl_table[] = {
};
#endif /* CONFIG_SYSCTL */
+static int dccp_kmemdup_sysctl_table(struct nf_proto_net *pn)
+{
+#ifdef CONFIG_SYSCTL
+ struct dccp_net *dn = (struct dccp_net *)pn;
+
+ if (pn->ctl_table)
+ return 0;
+
+ pn->ctl_table = kmemdup(dccp_sysctl_table,
+ sizeof(dccp_sysctl_table),
+ GFP_KERNEL);
+ if (!pn->ctl_table)
+ return -ENOMEM;
+
+ pn->ctl_table[0].data = &dn->dccp_timeout[CT_DCCP_REQUEST];
+ pn->ctl_table[1].data = &dn->dccp_timeout[CT_DCCP_RESPOND];
+ pn->ctl_table[2].data = &dn->dccp_timeout[CT_DCCP_PARTOPEN];
+ pn->ctl_table[3].data = &dn->dccp_timeout[CT_DCCP_OPEN];
+ pn->ctl_table[4].data = &dn->dccp_timeout[CT_DCCP_CLOSEREQ];
+ pn->ctl_table[5].data = &dn->dccp_timeout[CT_DCCP_CLOSING];
+ pn->ctl_table[6].data = &dn->dccp_timeout[CT_DCCP_TIMEWAIT];
+ pn->ctl_table[7].data = &dn->dccp_loose;
+#endif
+ return 0;
+}
+
static int dccp_init_net(struct net *net, u_int16_t proto)
{
struct dccp_net *dn = dccp_pernet(net);
struct nf_proto_net *pn = (struct nf_proto_net *)dn;
-#ifdef CONFIG_SYSCTL
- if (!pn->ctl_table) {
-#else
- if (!pn->users++) {
-#endif
+ if (!pn->users) {
/* default values */
dn->dccp_loose = 1;
dn->dccp_timeout[CT_DCCP_REQUEST] = 2 * DCCP_MSL;
@@ -834,24 +856,9 @@ static int dccp_init_net(struct net *net, u_int16_t proto)
dn->dccp_timeout[CT_DCCP_CLOSEREQ] = 64 * HZ;
dn->dccp_timeout[CT_DCCP_CLOSING] = 64 * HZ;
dn->dccp_timeout[CT_DCCP_TIMEWAIT] = 2 * DCCP_MSL;
-#ifdef CONFIG_SYSCTL
- pn->ctl_table = kmemdup(dccp_sysctl_table,
- sizeof(dccp_sysctl_table),
- GFP_KERNEL);
- if (!pn->ctl_table)
- return -ENOMEM;
-
- pn->ctl_table[0].data = &dn->dccp_timeout[CT_DCCP_REQUEST];
- pn->ctl_table[1].data = &dn->dccp_timeout[CT_DCCP_RESPOND];
- pn->ctl_table[2].data = &dn->dccp_timeout[CT_DCCP_PARTOPEN];
- pn->ctl_table[3].data = &dn->dccp_timeout[CT_DCCP_OPEN];
- pn->ctl_table[4].data = &dn->dccp_timeout[CT_DCCP_CLOSEREQ];
- pn->ctl_table[5].data = &dn->dccp_timeout[CT_DCCP_CLOSING];
- pn->ctl_table[6].data = &dn->dccp_timeout[CT_DCCP_TIMEWAIT];
- pn->ctl_table[7].data = &dn->dccp_loose;
-#endif
}
- return 0;
+
+ return dccp_kmemdup_sysctl_table(pn);
}
static struct nf_conntrack_l4proto dccp_proto4 __read_mostly = {
--
1.7.7.6
^ permalink raw reply related
* Re: Regression on TX throughput when using bonding
From: Eric Dumazet @ 2012-06-14 10:07 UTC (permalink / raw)
To: David Miller; +Cc: jhautbois, netdev
In-Reply-To: <20120614.030021.2291563831943273331.davem@davemloft.net>
On Thu, 2012-06-14 at 03:00 -0700, David Miller wrote:
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Thu, 14 Jun 2012 11:50:17 +0200
>
> > On Thu, 2012-06-14 at 11:22 +0200, Eric Dumazet wrote:
> >
> >> So you are saying that if you make skb_orphan_try() doing nothing, it
> >> solves your problem ?
> >
> > It probably does, if your application does an UDP flood, trying to send
> > more than the link bandwidth. I guess only benchmarks workloads ever try
> > to do that.
>
> Eric, I just want to point out that back when this early orphaning
> idea were being proposed I warned about this, and specifically I
> mentioned that, for datagram sockets, the socket send buffer limits
> are what provide proper rate control and fairness.
If I remember well, the argument was that if workload was using thousand
of sockets, the per socket limitation of in-flight packet would not save
you anyway. We would drop packets.
> It also, therefore, protects the system from one datagram spammer
> being able to essentially take over the network interface and blocking
> out all other users.
>
> Early orphaning breaks this completely.
>
> I guess we decided that moving an atomic operation earlier is worth
> all of this?
It was, but with BQL, we should have far less packets in TX rings, so it
might be different today (on BQL enabled NICS only)
>
> Now we are so addicted to the increased performance from early
> orphaning that I fear we'll never be allowed back into that sane
> state of affairs ever again.
bonding (or other virtual devices) is special in the sense the
dev_hard_start_xmit() is called twice.
We should have a way to properly park packets in Qdiscs, and only do the
orphaning once skb given to real device for 'immediate or so'
transmission.
The pppoe thread is only another manifestation of the same problem.
^ permalink raw reply
* Re: Regression on TX throughput when using bonding
From: Jean-Michel Hautbois @ 2012-06-14 10:15 UTC (permalink / raw)
To: Eric Dumazet; +Cc: netdev
In-Reply-To: <1339667417.22704.707.camel@edumazet-glaptop>
2012/6/14 Eric Dumazet <eric.dumazet@gmail.com>:
> On Thu, 2012-06-14 at 11:22 +0200, Eric Dumazet wrote:
>
>> So you are saying that if you make skb_orphan_try() doing nothing, it
>> solves your problem ?
>
> It probably does, if your application does an UDP flood, trying to send
> more than the link bandwidth. I guess only benchmarks workloads ever try
> to do that.
>
> bonding has no way to give congestion back, it has no Qdisc by default.
>
> We probably can defer the skb_orphan_try() for bonding master, a bit
> like the IFF_XMIT_DST_RELEASE
>
> drivers/net/bonding/bond_main.c | 2 +-
> include/linux/if.h | 3 +++
> net/core/dev.c | 5 +++--
> 3 files changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
> index 2ee8cf9..1b1e9c8 100644
> --- a/drivers/net/bonding/bond_main.c
> +++ b/drivers/net/bonding/bond_main.c
> @@ -4343,7 +4343,7 @@ static void bond_setup(struct net_device *bond_dev)
> bond_dev->tx_queue_len = 0;
> bond_dev->flags |= IFF_MASTER|IFF_MULTICAST;
> bond_dev->priv_flags |= IFF_BONDING;
> - bond_dev->priv_flags &= ~(IFF_XMIT_DST_RELEASE | IFF_TX_SKB_SHARING);
> + bond_dev->priv_flags &= ~(IFF_XMIT_DST_RELEASE | IFF_TX_SKB_SHARING | IFF_XMIT_ORPHAN);
>
> /* At first, we block adding VLANs. That's the only way to
> * prevent problems that occur when adding VLANs over an
> diff --git a/include/linux/if.h b/include/linux/if.h
> index f995c66..a788e7b 100644
> --- a/include/linux/if.h
> +++ b/include/linux/if.h
> @@ -81,6 +81,9 @@
> #define IFF_UNICAST_FLT 0x20000 /* Supports unicast filtering */
> #define IFF_TEAM_PORT 0x40000 /* device used as team port */
> #define IFF_SUPP_NOFCS 0x80000 /* device supports sending custom FCS */
> +#define IFF_XMIT_ORPHAN 0x100000 /* dev_hard_start_xmit() is allowed to
> + * orphan skb
> + */
>
>
> #define IF_GET_IFACE 0x0001 /* for querying only */
> diff --git a/net/core/dev.c b/net/core/dev.c
> index cd09819..3435463 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -2193,7 +2193,8 @@ int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
> if (!list_empty(&ptype_all))
> dev_queue_xmit_nit(skb, dev);
>
> - skb_orphan_try(skb);
> + if (dev->priv_flags & IFF_XMIT_ORPHAN)
> + skb_orphan_try(skb);
>
> features = netif_skb_features(skb);
>
> @@ -5929,7 +5930,7 @@ struct net_device *alloc_netdev_mqs(int sizeof_priv, const char *name,
> INIT_LIST_HEAD(&dev->napi_list);
> INIT_LIST_HEAD(&dev->unreg_list);
> INIT_LIST_HEAD(&dev->link_watch_list);
> - dev->priv_flags = IFF_XMIT_DST_RELEASE;
> + dev->priv_flags = IFF_XMIT_DST_RELEASE | IFF_XMIT_ORPHAN;
> setup(dev);
>
> dev->num_tx_queues = txqs;
>
>
It works
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox