* RE: [Intel-wired-lan] [next-queue PATCH v7 02/10] igb: Fix queue selection on MAC filters on i210
From: Brown, Aaron F @ 2018-04-17 0:52 UTC (permalink / raw)
To: Gomes, Vinicius, intel-wired-lan@lists.osuosl.org
Cc: netdev@vger.kernel.org, Sanchez-Palencia, Jesus
In-Reply-To: <20180410174959.18757-3-vinicius.gomes@intel.com>
> From: Brown, Aaron F
> Sent: Friday, April 13, 2018 7:18 PM
> To: 'Vinicius Costa Gomes' <vinicius.gomes@intel.com>; intel-wired-
> lan@lists.osuosl.org
> Cc: netdev@vger.kernel.org; Sanchez-Palencia, Jesus <jesus.sanchez-
> palencia@intel.com>
> Subject: RE: [Intel-wired-lan] [next-queue PATCH v7 02/10] igb: Fix queue
> selection on MAC filters on i210
>
> > From: Intel-wired-lan [mailto:intel-wired-lan-bounces@osuosl.org] On
> > Behalf Of Vinicius Costa Gomes
> > Sent: Tuesday, April 10, 2018 10:50 AM
> > To: intel-wired-lan@lists.osuosl.org
> > Cc: netdev@vger.kernel.org; Sanchez-Palencia, Jesus <jesus.sanchez-
> > palencia@intel.com>
> > Subject: [Intel-wired-lan] [next-queue PATCH v7 02/10] igb: Fix queue
> > selection on MAC filters on i210
> >
> > On the RAH registers there are semantic differences on the meaning of
> > the "queue" parameter for traffic steering depending on the controller
> > model: there is the 82575 meaning, which "queue" means a RX Hardware
> > Queue, and the i350 meaning, where it is a reception pool.
> >
> > The previous behaviour was having no effect for i210 based controllers
> > because the QSEL bit of the RAH register wasn't being set.
> >
> > This patch separates the condition in discrete cases, so the different
> > handling is clearer.
> >
> > Fixes: 83c21335c876 ("igb: improve MAC filter handling")
> > Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@intel.com>
> > ---
> > drivers/net/ethernet/intel/igb/igb_main.c | 13 +++++++++----
> > 1 file changed, 9 insertions(+), 4 deletions(-)
> >
>
> Tested by: Aaron Brown <aaron.f.brown@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
^ permalink raw reply
* RE: [next-queue PATCH v7 01/10] igb: Fix not adding filter elements to the list
From: Brown, Aaron F @ 2018-04-17 0:52 UTC (permalink / raw)
To: Gomes, Vinicius, intel-wired-lan@lists.osuosl.org
Cc: Gomes, Vinicius, Kirsher, Jeffrey T, netdev@vger.kernel.org,
Sanchez-Palencia, Jesus
In-Reply-To: <20180410174959.18757-2-vinicius.gomes@intel.com>
> From: Brown, Aaron F
> Sent: Friday, April 13, 2018 7:17 PM
> To: 'Vinicius Costa Gomes' <vinicius.gomes@intel.com>; intel-wired-
> lan@lists.osuosl.org
> Cc: Gomes, Vinicius <vinicius.gomes@intel.com>; Kirsher, Jeffrey T
> <jeffrey.t.kirsher@intel.com>; netdev@vger.kernel.org; Sanchez-Palencia,
> Jesus <jesus.sanchez-palencia@intel.com>
> Subject: RE: [next-queue PATCH v7 01/10] igb: Fix not adding filter elements
> to the list
>
> > From: netdev-owner@vger.kernel.org [mailto:netdev-
> > owner@vger.kernel.org] On Behalf Of Vinicius Costa Gomes
> > Sent: Tuesday, April 10, 2018 10:50 AM
> > To: intel-wired-lan@lists.osuosl.org
> > Cc: Gomes, Vinicius <vinicius.gomes@intel.com>; Kirsher, Jeffrey T
> > <jeffrey.t.kirsher@intel.com>; netdev@vger.kernel.org; Sanchez-Palencia,
> > Jesus <jesus.sanchez-palencia@intel.com>
> > Subject: [next-queue PATCH v7 01/10] igb: Fix not adding filter elements to
> > the list
> >
> > Because the order of the parameters passes to 'hlist_add_behind()' was
> > inverted, the 'parent' node was added "behind" the 'input', as input
> > is not in the list, this causes the 'input' node to be lost.
> >
> > Fixes: 0e71def25281 ("igb: add support of RX network flow classification")
> > Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@intel.com>
> > ---
> > drivers/net/ethernet/intel/igb/igb_ethtool.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
>
> Tested by: Aaron Brown <aaron.f.brown@intel.com>
Resending with "Tested-by..." rather then "Tested by..." so that patchwork actually picks it up. What I get for signing off on the mails late Friday.
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
^ permalink raw reply
* Re: [PATCH 08/10] net: ax88796: Make reset more robust on AX88796B
From: Michael Schmitz @ 2018-04-17 0:14 UTC (permalink / raw)
To: Andrew Lunn
Cc: netdev, Linux/m68k, Michael Karcher, John Paul Adrian Glaubitz,
Michael Karcher
In-Reply-To: <20180416231223.GB23474@lunn.ch>
Hi Andrew,
On Tue, Apr 17, 2018 at 11:12 AM, Andrew Lunn <andrew@lunn.ch> wrote:
> On Tue, Apr 17, 2018 at 10:04:43AM +1200, Michael Schmitz wrote:
>> From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
>>
>> The AX88796B as installed on the X-Surf-100 does not recognize a MII reset
>> request if the previous write to the MII control register also was a reset
>> request. So a dummy write to the control register makes the soft reset in
>> the PHY initialization code work.
>>
>> Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
>> ---
>> drivers/net/ethernet/8390/ax88796.c | 4 ++++
>> 1 files changed, 4 insertions(+), 0 deletions(-)
>>
>> diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c
>> index 6af9aca..a2f9a09 100644
>> --- a/drivers/net/ethernet/8390/ax88796.c
>> +++ b/drivers/net/ethernet/8390/ax88796.c
>> @@ -374,6 +374,10 @@ static int ax_mii_probe(struct net_device *dev)
>> return -ENODEV;
>> }
>>
>> + /* write a non-reset pattern to the control register to
>> + * re-arm the reset request detection logic (needed on AX88796B)
>> + */
>> + phy_write(phy_dev, MII_BMCR, 0);
>
> This should really be fixed in the PHY driver, not the MAC.
OK - do you want this separate, or as part of this series? Might have
a few side effects on more commonly used hardware, perhaps?
Cheers,
Michael
>
> Andrew
^ permalink raw reply
* Re: [PATCH iproute2] utils: Do not reset family for default, any, all addresses
From: Stephen Hemminger @ 2018-04-17 0:01 UTC (permalink / raw)
To: David Ahern; +Cc: netdev, whissi, Serhey Popovych
In-Reply-To: <20180413163633.1844-1-dsahern@gmail.com>
On Fri, 13 Apr 2018 09:36:33 -0700
David Ahern <dsahern@gmail.com> wrote:
> Thomas reported a change in behavior with respect to autodectecting
> address families. Specifically, 'ip ro add default via fe80::1'
> syntax was failing to treat fe80::1 as an IPv6 address as it did in
> prior releases. The root causes appears to be a change in family when
> the default keyword is parsed.
>
> 'default', 'any' and 'all' are relevant outside of AF_INET. Leave the
> family arg as is for these when setting addr.
>
> Fixes: 93fa12418dc6 ("utils: Always specify family and ->bytelen in get_prefix_1()")
> Reported-by: Thomas Deutschmann <whissi@gentoo.org>
> Signed-off-by: David Ahern <dsahern@gmail.com>
> Cc: Serhey Popovych <serhe.popovych@gmail.com>
Looks good, thanks for fixing.
Applied
^ permalink raw reply
* Re: [PATCH net-next 2/2] openvswitch: Support conntrack zone limit
From: Gregory Rose @ 2018-04-17 0:00 UTC (permalink / raw)
To: Yi-Hung Wei, netdev
In-Reply-To: <1523902550-10767-3-git-send-email-yihung.wei@gmail.com>
On 4/16/2018 11:15 AM, Yi-Hung Wei wrote:
> Currently, nf_conntrack_max is used to limit the maximum number of
> conntrack entries in the conntrack table for every network namespace.
> For the VMs and containers that reside in the same namespace,
> they share the same conntrack table, and the total # of conntrack entries
> for all the VMs and containers are limited by nf_conntrack_max. In this
> case, if one of the VM/container abuses the usage the conntrack entries,
> it blocks the others to commit valid conntrack entry into the conntrack
s/to commit/from committing/
s/entry/entries/
> table. Even if we can possibly put the VM in different network namespace,
> the current nf_conntrack_max configuration is kind of rigid that we cannot
> limit different VM/container to have different # conntrack entries.
>
> To address the aforementioned issue, this patch proposes to have a
> fine-grained mechanism that could further limit the # of conntrack entries
> per-zone. For example, we can designate different zone to different VM,
> and set conntrack limit to each zone. By providing this isolation, a
> mis-behaved VM only consumes the conntrack entries in its own zone, and
> it will not influence other well-behaved VMs. Moreover, the users can
> set various conntrack limit to different zone based on their preference.
>
> The proposed implementation utilizes Netfilter's nf_conncount backend
> to count the number of connections in a particular zone. If the number of
> connection is above a configured limitation, ovs will return ENOMEM to the
> userspace. If userspace does not configure the zone limit, the limit
> defaults to zero that is no limitation, which is backward compatible to
> the behavior without this patch.
>
> The following high leve APIs are provided to the userspace:
> - OVS_CT_LIMIT_CMD_SET:
> * set default connection limit for all zones
> * set the connection limit for a particular zone
> - OVS_CT_LIMIT_CMD_DEL:
> * remove the connection limit for a particular zone
> - OVS_CT_LIMIT_CMD_GET:
> * get the default connection limit for all zones
> * get the connection limit for a particular zone
>
> Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
I think this is a great idea but I suggest porting to the iproute2 package
so everyone can use it. Then git rid of the OVS specific prefixes.
Presuming of course that the conntrack connection
limit backend works there as well I guess. If it doesn't, then I'd
suggest extending
it. This is a nice feature for all users in my opinion and then OVS
can take advantage of it as well.
Thanks!
- Greg
> ---
> net/openvswitch/Kconfig | 3 +-
> net/openvswitch/conntrack.c | 497 +++++++++++++++++++++++++++++++++++++++++++-
> net/openvswitch/conntrack.h | 9 +-
> net/openvswitch/datapath.c | 7 +-
> net/openvswitch/datapath.h | 1 +
> 5 files changed, 511 insertions(+), 6 deletions(-)
>
> diff --git a/net/openvswitch/Kconfig b/net/openvswitch/Kconfig
> index 2650205cdaf9..89da9512ec1e 100644
> --- a/net/openvswitch/Kconfig
> +++ b/net/openvswitch/Kconfig
> @@ -9,7 +9,8 @@ config OPENVSWITCH
> (NF_CONNTRACK && ((!NF_DEFRAG_IPV6 || NF_DEFRAG_IPV6) && \
> (!NF_NAT || NF_NAT) && \
> (!NF_NAT_IPV4 || NF_NAT_IPV4) && \
> - (!NF_NAT_IPV6 || NF_NAT_IPV6)))
> + (!NF_NAT_IPV6 || NF_NAT_IPV6) && \
> + (!NETFILTER_CONNCOUNT || NETFILTER_CONNCOUNT)))
> select LIBCRC32C
> select MPLS
> select NET_MPLS_GSO
> diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
> index c5904f629091..2f51da91d056 100644
> --- a/net/openvswitch/conntrack.c
> +++ b/net/openvswitch/conntrack.c
> @@ -17,7 +17,9 @@
> #include <linux/udp.h>
> #include <linux/sctp.h>
> #include <net/ip.h>
> +#include <net/genetlink.h>
> #include <net/netfilter/nf_conntrack_core.h>
> +#include <net/netfilter/nf_conntrack_count.h>
> #include <net/netfilter/nf_conntrack_helper.h>
> #include <net/netfilter/nf_conntrack_labels.h>
> #include <net/netfilter/nf_conntrack_seqadj.h>
> @@ -76,6 +78,38 @@ struct ovs_conntrack_info {
> #endif
> };
>
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> +#define OVS_CT_LIMIT_UNLIMITED 0
> +#define OVS_CT_LIMIT_DEFAULT OVS_CT_LIMIT_UNLIMITED
> +#define CT_LIMIT_HASH_BUCKETS 512
> +
> +struct ovs_ct_limit {
> + /* Elements in ovs_ct_limit_info->limits hash table */
> + struct hlist_node hlist_node;
> + struct rcu_head rcu;
> + u16 zone;
> + u32 limit;
> +};
> +
> +struct ovs_ct_limit_info {
> + u32 default_limit;
> + struct hlist_head *limits;
> + struct nf_conncount_data *data __aligned(8);
> +};
> +
> +static const struct nla_policy ct_limit_policy[OVS_CT_LIMIT_ATTR_MAX + 1] = {
> + [OVS_CT_LIMIT_ATTR_OPTION] = { .type = NLA_NESTED, },
> +};
> +
> +static const struct nla_policy
> + ct_zone_limit_policy[OVS_CT_ZONE_LIMIT_ATTR_MAX + 1] = {
> + [OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT] = { .type = NLA_U32, },
> + [OVS_CT_ZONE_LIMIT_ATTR_ZONE] = { .type = NLA_U16, },
> + [OVS_CT_ZONE_LIMIT_ATTR_LIMIT] = { .type = NLA_U32, },
> + [OVS_CT_ZONE_LIMIT_ATTR_COUNT] = { .type = NLA_U32, },
> +};
> +#endif
> +
> static bool labels_nonzero(const struct ovs_key_ct_labels *labels);
>
> static void __ovs_ct_free_action(struct ovs_conntrack_info *ct_info);
> @@ -1036,6 +1070,94 @@ static bool labels_nonzero(const struct ovs_key_ct_labels *labels)
> return false;
> }
>
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> +static struct hlist_head *ct_limit_hash_bucket(
> + const struct ovs_ct_limit_info *info, u16 zone)
> +{
> + return &info->limits[zone & (CT_LIMIT_HASH_BUCKETS - 1)];
> +}
> +
> +/* Call with ovs_mutex */
> +static void ct_limit_set(const struct ovs_ct_limit_info *info,
> + struct ovs_ct_limit *new_ct_limit)
> +{
> + struct ovs_ct_limit *ct_limit;
> + struct hlist_head *head;
> +
> + head = ct_limit_hash_bucket(info, new_ct_limit->zone);
> + hlist_for_each_entry_rcu(ct_limit, head, hlist_node) {
> + if (ct_limit->zone == new_ct_limit->zone) {
> + hlist_replace_rcu(&ct_limit->hlist_node,
> + &new_ct_limit->hlist_node);
> + kfree_rcu(ct_limit, rcu);
> + return;
> + }
> + }
> +
> + hlist_add_head_rcu(&new_ct_limit->hlist_node, head);
> +}
> +
> +/* Call with ovs_mutex */
> +static void ct_limit_del(const struct ovs_ct_limit_info *info, u16 zone)
> +{
> + struct ovs_ct_limit *ct_limit;
> + struct hlist_head *head;
> +
> + head = ct_limit_hash_bucket(info, zone);
> + hlist_for_each_entry_rcu(ct_limit, head, hlist_node) {
> + if (ct_limit->zone == zone) {
> + hlist_del_rcu(&ct_limit->hlist_node);
> + kfree_rcu(ct_limit, rcu);
> + return;
> + }
> + }
> +}
> +
> +/* Call with RCU read lock */
> +static u32 ct_limit_get(const struct ovs_ct_limit_info *info, u16 zone)
> +{
> + struct ovs_ct_limit *ct_limit;
> + struct hlist_head *head;
> +
> + head = ct_limit_hash_bucket(info, zone);
> + hlist_for_each_entry_rcu(ct_limit, head, hlist_node) {
> + if (ct_limit->zone == zone)
> + return ct_limit->limit;
> + }
> +
> + return info->default_limit;
> +}
> +
> +static int ovs_ct_check_limit(struct net *net,
> + const struct ovs_conntrack_info *info,
> + const struct nf_conntrack_tuple *tuple)
> +{
> + struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
> + const struct ovs_ct_limit_info *ct_limit_info = ovs_net->ct_limit_info;
> + u32 per_zone_limit, connections;
> + u32 conncount_key[5];
> +
> + conncount_key[0] = info->zone.id;
> +
> + rcu_read_lock();
> + per_zone_limit = ct_limit_get(ct_limit_info, info->zone.id);
> + if (per_zone_limit == OVS_CT_LIMIT_UNLIMITED) {
> + rcu_read_unlock();
> + return 0;
> + }
> +
> + connections = nf_conncount_count(net, ct_limit_info->data,
> + conncount_key, tuple, &info->zone);
> + if (connections > per_zone_limit) {
> + rcu_read_unlock();
> + return -ENOMEM;
> + }
> +
> + rcu_read_unlock();
> + return 0;
> +}
> +#endif
> +
> /* Lookup connection and confirm if unconfirmed. */
> static int ovs_ct_commit(struct net *net, struct sw_flow_key *key,
> const struct ovs_conntrack_info *info,
> @@ -1054,6 +1176,13 @@ static int ovs_ct_commit(struct net *net, struct sw_flow_key *key,
> if (!ct)
> return 0;
>
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> + err = ovs_ct_check_limit(net, info,
> + &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple);
> + if (err)
> + return err;
> +#endif
> +
> /* Set the conntrack event mask if given. NEW and DELETE events have
> * their own groups, but the NFNLGRP_CONNTRACK_UPDATE group listener
> * typically would receive many kinds of updates. Setting the event
> @@ -1655,7 +1784,363 @@ static void __ovs_ct_free_action(struct ovs_conntrack_info *ct_info)
> nf_ct_tmpl_free(ct_info->ct);
> }
>
> -void ovs_ct_init(struct net *net)
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> +static int ovs_ct_limit_init(struct net *net, struct ovs_net *ovs_net)
> +{
> + int i;
> +
> + ovs_net->ct_limit_info = kmalloc(sizeof *ovs_net->ct_limit_info,
> + GFP_KERNEL);
> + if (!ovs_net->ct_limit_info)
> + return -ENOMEM;
> +
> + ovs_net->ct_limit_info->default_limit = OVS_CT_LIMIT_DEFAULT;
> + ovs_net->ct_limit_info->limits =
> + kmalloc_array(CT_LIMIT_HASH_BUCKETS, sizeof(struct hlist_head),
> + GFP_KERNEL);
> + if (!ovs_net->ct_limit_info->limits) {
> + kfree(ovs_net->ct_limit_info);
> + return -ENOMEM;
> + }
> +
> + for (i = 0; i < CT_LIMIT_HASH_BUCKETS; i++)
> + INIT_HLIST_HEAD(&ovs_net->ct_limit_info->limits[i]);
> +
> + ovs_net->ct_limit_info->data =
> + nf_conncount_init(net, NFPROTO_INET, sizeof(u32));
> +
> + if (IS_ERR(ovs_net->ct_limit_info->data)) {
> + kfree(ovs_net->ct_limit_info->limits);
> + kfree(ovs_net->ct_limit_info);
> + return PTR_ERR(ovs_net->ct_limit_info->data);
> + }
> + return 0;
> +}
> +
> +static void ovs_ct_limit_exit(struct net *net, struct ovs_net *ovs_net)
> +{
> + const struct ovs_ct_limit_info *info = ovs_net->ct_limit_info;
> + int i;
> +
> + nf_conncount_destroy(net, NFPROTO_INET, info->data);
> + for (i = 0; i < CT_LIMIT_HASH_BUCKETS; ++i) {
> + struct hlist_head *head = &info->limits[i];
> + struct ovs_ct_limit *ct_limit;
> +
> + hlist_for_each_entry_rcu(ct_limit, head, hlist_node)
> + kfree_rcu(ct_limit, rcu);
> + }
> + kfree(ovs_net->ct_limit_info->limits);
> + kfree(ovs_net->ct_limit_info);
> +}
> +
> +static struct sk_buff *
> +ovs_ct_limit_cmd_reply_start(struct genl_info *info, u8 cmd,
> + struct ovs_header **ovs_reply_header)
> +{
> + struct sk_buff *skb;
> + struct ovs_header *ovs_header = info->userhdr;
> +
> + skb = genlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
> + if (!skb)
> + return ERR_PTR(-ENOMEM);
> +
> + *ovs_reply_header = genlmsg_put(skb, info->snd_portid,
> + info->snd_seq,
> + &dp_ct_limit_genl_family, 0, cmd);
> +
> + if (!*ovs_reply_header) {
> + nlmsg_free(skb);
> + return ERR_PTR(-EMSGSIZE);
> + }
> + (*ovs_reply_header)->dp_ifindex = ovs_header->dp_ifindex;
> +
> + return skb;
> +}
> +
> +static int ovs_ct_limit_set_zone_limit(struct nlattr *nla_zone_limit,
> + struct ovs_ct_limit_info *info)
> +{
> + struct nlattr *nla;
> + int rem, err;
> +
> + nla_for_each_nested(nla, nla_zone_limit, rem) {
> + struct nlattr *attr[OVS_CT_ZONE_LIMIT_ATTR_MAX + 1];
> + struct ovs_ct_limit *ct_limit;
> +
> + if (nla_type(nla) != OVS_CT_ZONE_LIMIT_ATTR_SET_REQ)
> + return -EINVAL;
> +
> + err = nla_parse((struct nlattr **)&attr,
> + OVS_CT_ZONE_LIMIT_ATTR_MAX, nla_data(nla),
> + nla_len(nla), ct_zone_limit_policy, NULL);
> + if (err)
> + return err;
> +
> + if (attr[OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT]) {
> + u32 default_limit = nla_get_u32(
> + attr[OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT]);
> + ovs_lock();
> + info->default_limit = default_limit;
> + ovs_unlock();
> + } else {
> + if (!attr[OVS_CT_ZONE_LIMIT_ATTR_ZONE] ||
> + !attr[OVS_CT_ZONE_LIMIT_ATTR_LIMIT]) {
> + return -EINVAL;
> + }
> +
> + ct_limit = kmalloc(sizeof(*ct_limit), GFP_KERNEL);
> + if (!ct_limit)
> + return -ENOMEM;
> +
> + ct_limit->zone = nla_get_u16(
> + attr[OVS_CT_ZONE_LIMIT_ATTR_ZONE]);
> + ct_limit->limit = nla_get_u32(
> + attr[OVS_CT_ZONE_LIMIT_ATTR_LIMIT]);
> +
> + ovs_lock();
> + ct_limit_set(info, ct_limit);
> + ovs_unlock();
> + }
> + }
> + return 0;
> +}
> +
> +static int ovs_ct_limit_del_zone_limit(struct nlattr *nla_zone_limit,
> + struct ovs_ct_limit_info *info)
> +{
> + struct nlattr *nla;
> + int rem, err;
> +
> + nla_for_each_nested(nla, nla_zone_limit, rem) {
> + struct nlattr *attr[OVS_CT_ZONE_LIMIT_ATTR_MAX + 1];
> + u16 zone;
> +
> + if (nla_type(nla) != OVS_CT_ZONE_LIMIT_ATTR_DEL_REQ)
> + return -EINVAL;
> +
> + err = nla_parse((struct nlattr **)&attr,
> + OVS_CT_ZONE_LIMIT_ATTR_MAX, nla_data(nla),
> + nla_len(nla), ct_zone_limit_policy, NULL);
> + if (err)
> + return err;
> +
> + if (!attr[OVS_CT_ZONE_LIMIT_ATTR_ZONE])
> + return -EINVAL;
> +
> + zone = nla_get_u16(attr[OVS_CT_ZONE_LIMIT_ATTR_ZONE]);
> +
> + ovs_lock();
> + ct_limit_del(info, zone);
> + ovs_unlock();
> + }
> + return 0;
> +}
> +
> +static int ovs_ct_limit_get_default_limit(struct ovs_ct_limit_info *info,
> + struct sk_buff *reply)
> +{
> + int err;
> + struct nlattr *nla_nested;
> +
> + nla_nested = nla_nest_start(reply, OVS_CT_ZONE_LIMIT_ATTR_GET_RLY);
> +
> + err = nla_put_u32(reply, OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT,
> + info->default_limit);
> + if (err)
> + return err;
> +
> + nla_nest_end(reply, nla_nested);
> + return 0;
> +}
> +
> +static int ovs_ct_limit_get_zone_limit(struct net *net,
> + struct nlattr *nla_zone_limit,
> + struct ovs_ct_limit_info *info,
> + struct sk_buff *reply)
> +{
> + struct nlattr *nla, *nla_nested;
> + int rem, err;
> + u16 zone;
> + u32 limit, count, conncount_key[5];
> + struct nf_conntrack_zone ct_zone;
> +
> + nla_for_each_nested(nla, nla_zone_limit, rem) {
> + struct nlattr *attr[OVS_CT_ZONE_LIMIT_ATTR_MAX + 1];
> +
> + if (nla_type(nla) != OVS_CT_ZONE_LIMIT_ATTR_GET_REQ)
> + return -EINVAL;
> +
> + err = nla_parse((struct nlattr **)&attr,
> + OVS_CT_ZONE_LIMIT_ATTR_MAX, nla_data(nla),
> + nla_len(nla), ct_zone_limit_policy, NULL);
> + if (err)
> + return err;
> +
> + if (!attr[OVS_CT_ZONE_LIMIT_ATTR_ZONE])
> + return -EINVAL;
> +
> + zone = nla_get_u16(attr[OVS_CT_ZONE_LIMIT_ATTR_ZONE]);
> + nf_ct_zone_init(&ct_zone, zone, NF_CT_DEFAULT_ZONE_DIR, 0);
> + rcu_read_lock();
> + limit = ct_limit_get(info, zone);
> + rcu_read_unlock();
> +
> + conncount_key[0] = zone;
> + count = nf_conncount_count(net, info->data, conncount_key,
> + NULL, &ct_zone);
> +
> + nla_nested = nla_nest_start(reply,
> + OVS_CT_ZONE_LIMIT_ATTR_GET_RLY);
> + if (nla_put_u16(reply, OVS_CT_ZONE_LIMIT_ATTR_ZONE, zone) ||
> + nla_put_u32(reply, OVS_CT_ZONE_LIMIT_ATTR_LIMIT, limit) ||
> + nla_put_u32(reply, OVS_CT_ZONE_LIMIT_ATTR_COUNT, count))
> + return -EMSGSIZE;
> + nla_nest_end(reply, nla_nested);
> + }
> +
> + return 0;
> +}
> +
> +static int ovs_ct_limit_cmd_set(struct sk_buff *skb, struct genl_info *info)
> +{
> + struct nlattr **a = info->attrs;
> + struct sk_buff *reply;
> + struct ovs_header *ovs_reply_header;
> + struct ovs_net *ovs_net = net_generic(sock_net(skb->sk), ovs_net_id);
> + struct ovs_ct_limit_info *ct_limit_info = ovs_net->ct_limit_info;
> + int err;
> +
> + reply = ovs_ct_limit_cmd_reply_start(info, OVS_CT_LIMIT_CMD_SET,
> + &ovs_reply_header);
> + if (IS_ERR(reply))
> + return PTR_ERR(reply);
> +
> + if (!a[OVS_CT_LIMIT_ATTR_OPTION])
> + return -EINVAL;
> +
> + err = ovs_ct_limit_set_zone_limit(a[OVS_CT_LIMIT_ATTR_OPTION],
> + ct_limit_info);
> + if (err)
> + goto exit_err;
> +
> + genlmsg_end(reply, ovs_reply_header);
> + return genlmsg_reply(reply, info);
> +
> +exit_err:
> + nlmsg_free(reply);
> + return err;
> +}
> +
> +static int ovs_ct_limit_cmd_del(struct sk_buff *skb, struct genl_info *info)
> +{
> + struct nlattr **a = info->attrs;
> + struct sk_buff *reply;
> + struct ovs_header *ovs_reply_header;
> + struct ovs_net *ovs_net = net_generic(sock_net(skb->sk), ovs_net_id);
> + struct ovs_ct_limit_info *ct_limit_info = ovs_net->ct_limit_info;
> + int err;
> +
> + reply = ovs_ct_limit_cmd_reply_start(info, OVS_CT_LIMIT_CMD_DEL,
> + &ovs_reply_header);
> + if (IS_ERR(reply))
> + return PTR_ERR(reply);
> +
> + if (!a[OVS_CT_LIMIT_ATTR_OPTION])
> + return -EINVAL;
> +
> + err = ovs_ct_limit_del_zone_limit(a[OVS_CT_LIMIT_ATTR_OPTION],
> + ct_limit_info);
> + if (err)
> + goto exit_err;
> +
> + genlmsg_end(reply, ovs_reply_header);
> + return genlmsg_reply(reply, info);
> +
> +exit_err:
> + nlmsg_free(reply);
> + return err;
> +}
> +
> +static int ovs_ct_limit_cmd_get(struct sk_buff *skb, struct genl_info *info)
> +{
> + struct nlattr **a = info->attrs;
> + struct nlattr *nla_reply;
> + struct sk_buff *reply;
> + struct ovs_header *ovs_reply_header;
> + struct net *net = sock_net(skb->sk);
> + struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
> + struct ovs_ct_limit_info *ct_limit_info = ovs_net->ct_limit_info;
> + int err;
> +
> + reply = ovs_ct_limit_cmd_reply_start(info, OVS_CT_LIMIT_CMD_GET,
> + &ovs_reply_header);
> + if (IS_ERR(reply))
> + return PTR_ERR(reply);
> +
> + nla_reply = nla_nest_start(reply, OVS_CT_LIMIT_ATTR_OPTION);
> +
> + err = ovs_ct_limit_get_default_limit(ct_limit_info, reply);
> + if (err)
> + goto exit_err;
> +
> + if (a[OVS_CT_LIMIT_ATTR_OPTION]) {
> + err = ovs_ct_limit_get_zone_limit(
> + net, a[OVS_CT_LIMIT_ATTR_OPTION], ct_limit_info,
> + reply);
> + if (err)
> + goto exit_err;
> + }
> +
> + nla_nest_end(reply, nla_reply);
> + genlmsg_end(reply, ovs_reply_header);
> + return genlmsg_reply(reply, info);
> +
> +exit_err:
> + nlmsg_free(reply);
> + return err;
> +}
> +
> +static struct genl_ops ct_limit_genl_ops[] = {
> + { .cmd = OVS_CT_LIMIT_CMD_SET,
> + .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN
> + * privilege. */
> + .policy = ct_limit_policy,
> + .doit = ovs_ct_limit_cmd_set,
> + },
> + { .cmd = OVS_CT_LIMIT_CMD_DEL,
> + .flags = GENL_ADMIN_PERM, /* Requires CAP_NET_ADMIN
> + * privilege. */
> + .policy = ct_limit_policy,
> + .doit = ovs_ct_limit_cmd_del,
> + },
> + { .cmd = OVS_CT_LIMIT_CMD_GET,
> + .flags = 0, /* OK for unprivileged users. */
> + .policy = ct_limit_policy,
> + .doit = ovs_ct_limit_cmd_get,
> + },
> +};
> +
> +static const struct genl_multicast_group ovs_ct_limit_multicast_group = {
> + .name = OVS_CT_LIMIT_MCGROUP,
> +};
> +
> +struct genl_family dp_ct_limit_genl_family __ro_after_init = {
> + .hdrsize = sizeof(struct ovs_header),
> + .name = OVS_CT_LIMIT_FAMILY,
> + .version = OVS_CT_LIMIT_VERSION,
> + .maxattr = OVS_CT_LIMIT_ATTR_MAX,
> + .netnsok = true,
> + .parallel_ops = true,
> + .ops = ct_limit_genl_ops,
> + .n_ops = ARRAY_SIZE(ct_limit_genl_ops),
> + .mcgrps = &ovs_ct_limit_multicast_group,
> + .n_mcgrps = 1,
> + .module = THIS_MODULE,
> +};
> +#endif
> +
> +int ovs_ct_init(struct net *net)
> {
> unsigned int n_bits = sizeof(struct ovs_key_ct_labels) * BITS_PER_BYTE;
> struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
> @@ -1666,12 +2151,22 @@ void ovs_ct_init(struct net *net)
> } else {
> ovs_net->xt_label = true;
> }
> +
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> + return ovs_ct_limit_init(net, ovs_net);
> +#else
> + return 0;
> +#endif
> }
>
> void ovs_ct_exit(struct net *net)
> {
> struct ovs_net *ovs_net = net_generic(net, ovs_net_id);
>
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> + ovs_ct_limit_exit(net, ovs_net);
> +#endif
> +
> if (ovs_net->xt_label)
> nf_connlabels_put(net);
> }
> diff --git a/net/openvswitch/conntrack.h b/net/openvswitch/conntrack.h
> index 399dfdd2c4f9..900dadd70974 100644
> --- a/net/openvswitch/conntrack.h
> +++ b/net/openvswitch/conntrack.h
> @@ -17,10 +17,11 @@
> #include "flow.h"
>
> struct ovs_conntrack_info;
> +struct ovs_ct_limit_info;
> enum ovs_key_attr;
>
> #if IS_ENABLED(CONFIG_NF_CONNTRACK)
> -void ovs_ct_init(struct net *);
> +int ovs_ct_init(struct net *);
> void ovs_ct_exit(struct net *);
> bool ovs_ct_verify(struct net *, enum ovs_key_attr attr);
> int ovs_ct_copy_action(struct net *, const struct nlattr *,
> @@ -44,7 +45,7 @@ void ovs_ct_free_action(const struct nlattr *a);
> #else
> #include <linux/errno.h>
>
> -static inline void ovs_ct_init(struct net *net) { }
> +static inline int ovs_ct_init(struct net *net) { return 0; }
>
> static inline void ovs_ct_exit(struct net *net) { }
>
> @@ -104,4 +105,8 @@ static inline void ovs_ct_free_action(const struct nlattr *a) { }
>
> #define CT_SUPPORTED_MASK 0
> #endif /* CONFIG_NF_CONNTRACK */
> +
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> +extern struct genl_family dp_ct_limit_genl_family;
> +#endif
> #endif /* ovs_conntrack.h */
> diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
> index 015e24e08909..a61818e94396 100644
> --- a/net/openvswitch/datapath.c
> +++ b/net/openvswitch/datapath.c
> @@ -2288,6 +2288,9 @@ static struct genl_family * const dp_genl_families[] = {
> &dp_flow_genl_family,
> &dp_packet_genl_family,
> &dp_meter_genl_family,
> +#if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
> + &dp_ct_limit_genl_family,
> +#endif
> };
>
> static void dp_unregister_genl(int n_families)
> @@ -2323,8 +2326,7 @@ static int __net_init ovs_init_net(struct net *net)
>
> INIT_LIST_HEAD(&ovs_net->dps);
> INIT_WORK(&ovs_net->dp_notify_work, ovs_dp_notify_wq);
> - ovs_ct_init(net);
> - return 0;
> + return ovs_ct_init(net);
> }
>
> static void __net_exit list_vports_from_net(struct net *net, struct net *dnet,
> @@ -2469,3 +2471,4 @@ MODULE_ALIAS_GENL_FAMILY(OVS_VPORT_FAMILY);
> MODULE_ALIAS_GENL_FAMILY(OVS_FLOW_FAMILY);
> MODULE_ALIAS_GENL_FAMILY(OVS_PACKET_FAMILY);
> MODULE_ALIAS_GENL_FAMILY(OVS_METER_FAMILY);
> +MODULE_ALIAS_GENL_FAMILY(OVS_CT_LIMIT_FAMILY);
> diff --git a/net/openvswitch/datapath.h b/net/openvswitch/datapath.h
> index 523d65526766..51bd4dcb6c8b 100644
> --- a/net/openvswitch/datapath.h
> +++ b/net/openvswitch/datapath.h
> @@ -144,6 +144,7 @@ struct dp_upcall_info {
> struct ovs_net {
> struct list_head dps;
> struct work_struct dp_notify_work;
> + struct ovs_ct_limit_info *ct_limit_info;
>
> /* Module reference for configuring conntrack. */
> bool xt_label;
^ permalink raw reply
* Re: [iproute PATCH] iproute: Abort if nexthop cannot be parsed
From: Stephen Hemminger @ 2018-04-17 0:00 UTC (permalink / raw)
To: Jakub Sitnicki; +Cc: netdev
In-Reply-To: <20180411094311.21097-1-jkbs@redhat.com>
On Wed, 11 Apr 2018 11:43:11 +0200
Jakub Sitnicki <jkbs@redhat.com> wrote:
> Attempt to add a multipath route where a nexthop definition refers to a
> non-existent device causes 'ip' to crash and burn due to stack buffer
> overflow:
>
> # ip -6 route add fd00::1/64 nexthop dev fake1
> Cannot find device "fake1"
> Cannot find device "fake1"
> Cannot find device "fake1"
> ...
> Segmentation fault (core dumped)
>
> Don't ignore errors from the helper routine that parses the nexthop
> definition, and abort immediately if parsing fails.
>
> Signed-off-by: Jakub Sitnicki <jkbs@redhat.com>
Makes sense. Applied
^ permalink raw reply
* Re: [PATCH bpf-next 1/3] bpftool: Add missing prog types and attach types
From: Andrey Ignatov @ 2018-04-16 23:57 UTC (permalink / raw)
To: Jakub Kicinski; +Cc: ast, daniel, netdev, kernel-team
In-Reply-To: <20180416165250.0c907e90@cakuba.netronome.com>
Jakub Kicinski <kubakici@wp.pl> [Mon, 2018-04-16 16:53 -0700]:
> On Mon, 16 Apr 2018 14:41:57 -0700, Andrey Ignatov wrote:
> > diff --git a/tools/bpf/bpftool/cgroup.c b/tools/bpf/bpftool/cgroup.c
> > index cae32a6..8689916 100644
> > --- a/tools/bpf/bpftool/cgroup.c
> > +++ b/tools/bpf/bpftool/cgroup.c
> > @@ -16,15 +16,28 @@
> > #define HELP_SPEC_ATTACH_FLAGS \
> > "ATTACH_FLAGS := { multi | override }"
> >
> > -#define HELP_SPEC_ATTACH_TYPES \
> > - "ATTACH_TYPE := { ingress | egress | sock_create | sock_ops | device }"
> > +#define HELP_SPEC_ATTACH_TYPES \
> > + " ATTACH_TYPE := { ingress | egress | sock_create |\n" \
> > + " sock_ops | stream_parser |\n" \
> > + " stream_verdict | device | msg_verdict |\n" \
> > + " bind4 | bind6 | connect4 | connect6 |\n" \
> > + " post_bind4 | post_bind6 }"
> >
>
> Would you mind updating the man page in Documentation/ as well?
Sure. Will update and send v2.
--
Andrey Ignatov
^ permalink raw reply
* Re: [PATCH 02/10] net: ax88796: Attach MII bus only when open
From: Michael Schmitz @ 2018-04-16 23:53 UTC (permalink / raw)
To: Andrew Lunn
Cc: netdev, Linux/m68k, Michael Karcher, Michael Karcher,
Michael Karcher
In-Reply-To: <20180416225900.GA23474@lunn.ch>
Hi Andrew,
thank you for reviewing this series!
On Tue, Apr 17, 2018 at 10:59 AM, Andrew Lunn <andrew@lunn.ch> wrote:
> On Tue, Apr 17, 2018 at 10:04:37AM +1200, Michael Schmitz wrote:
>> From: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>
>>
>> Call ax_mii_init in ax_open(), and unregister/remove mdiobus resources
>> in ax_close().
>>
>> This is needed to be able to unload the module, as the module is busy
>> while the MII bus is attached.
>>
>> Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
>> Signed-off-by: Michael Schmitz <schmitzmic@gmail.com>
>> ---
>> drivers/net/ethernet/8390/ax88796.c | 13 +++++++++----
>> 1 files changed, 9 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c
>> index 2a256aa..f7b8911 100644
>> --- a/drivers/net/ethernet/8390/ax88796.c
>> +++ b/drivers/net/ethernet/8390/ax88796.c
>> @@ -79,6 +79,8 @@
>>
>> static u32 ax_msg_enable;
>>
>> +static int ax_mii_init(struct net_device *dev);
>
> Hi Michael
>
> We try to avoid forward declarations. Please can you move
> ax_mii_init() so this is not needed.
Done that - had to move the entire bitbang stuff along with
ax_mii_init() though.
>> +
>> /* device private data */
>>
>> struct ax_device {
>> @@ -396,6 +398,10 @@ static int ax_open(struct net_device *dev)
>>
>> netdev_dbg(dev, "open\n");
>>
>> + ret = ax_mii_init(dev);
>> + if (ret)
>> + goto failed_request_irq;
>> +
>> ret = request_irq(dev->irq, ax_ei_interrupt, ax->irqflags,
>> dev->name, dev);
>> if (ret)
>
> You are missing some cleanup on error at the end of ax_open().
> It was also missing before.
Yep, that's addressed in patch 7 of this series. I'll fold that into
this one for clarity.
Cheers,
Michael
>
> Andrew
^ permalink raw reply
* Re: [PATCH bpf-next 1/3] bpftool: Add missing prog types and attach types
From: Jakub Kicinski @ 2018-04-16 23:52 UTC (permalink / raw)
To: Andrey Ignatov; +Cc: ast, daniel, netdev, kernel-team
In-Reply-To: <5dd2cc619f2eed089e7da9bd7f64031278d6b4fe.1523914232.git.rdna@fb.com>
On Mon, 16 Apr 2018 14:41:57 -0700, Andrey Ignatov wrote:
> diff --git a/tools/bpf/bpftool/cgroup.c b/tools/bpf/bpftool/cgroup.c
> index cae32a6..8689916 100644
> --- a/tools/bpf/bpftool/cgroup.c
> +++ b/tools/bpf/bpftool/cgroup.c
> @@ -16,15 +16,28 @@
> #define HELP_SPEC_ATTACH_FLAGS \
> "ATTACH_FLAGS := { multi | override }"
>
> -#define HELP_SPEC_ATTACH_TYPES \
> - "ATTACH_TYPE := { ingress | egress | sock_create | sock_ops | device }"
> +#define HELP_SPEC_ATTACH_TYPES \
> + " ATTACH_TYPE := { ingress | egress | sock_create |\n" \
> + " sock_ops | stream_parser |\n" \
> + " stream_verdict | device | msg_verdict |\n" \
> + " bind4 | bind6 | connect4 | connect6 |\n" \
> + " post_bind4 | post_bind6 }"
>
Would you mind updating the man page in Documentation/ as well?
Thanks!
^ permalink raw reply
* Re: [PATCH net-next 1/2] openvswitch: Add conntrack limit netlink definition
From: Gregory Rose @ 2018-04-16 23:52 UTC (permalink / raw)
To: Yi-Hung Wei, netdev
In-Reply-To: <1523902550-10767-2-git-send-email-yihung.wei@gmail.com>
On 4/16/2018 11:15 AM, Yi-Hung Wei wrote:
> Define netlink messages and attributes to support user kernel
> communication that using conntrack limit feature.
s/using/uses the/
>
> Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
> ---
> include/uapi/linux/openvswitch.h | 62 ++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 62 insertions(+)
>
> diff --git a/include/uapi/linux/openvswitch.h b/include/uapi/linux/openvswitch.h
> index 713e56ce681f..ca63c16375ce 100644
> --- a/include/uapi/linux/openvswitch.h
> +++ b/include/uapi/linux/openvswitch.h
> @@ -937,4 +937,66 @@ enum ovs_meter_band_type {
>
> #define OVS_METER_BAND_TYPE_MAX (__OVS_METER_BAND_TYPE_MAX - 1)
>
> +/* Conntrack limit */
> +#define OVS_CT_LIMIT_FAMILY "ovs_ct_limit"
> +#define OVS_CT_LIMIT_MCGROUP "ovs_ct_limit"
> +#define OVS_CT_LIMIT_VERSION 0x1
> +
> +enum ovs_ct_limit_cmd {
> + OVS_CT_LIMIT_CMD_UNSPEC,
> + OVS_CT_LIMIT_CMD_SET, /* Add or modify ct limit. */
> + OVS_CT_LIMIT_CMD_DEL, /* Delete ct limit. */
> + OVS_CT_LIMIT_CMD_GET /* Get ct limit. */
> +};
> +
> +enum ovs_ct_limit_attr {
> + OVS_CT_LIMIT_ATTR_UNSPEC,
> + OVS_CT_LIMIT_ATTR_OPTION, /* Nested OVS_CT_LIMIT_ATTR_* */
> + __OVS_CT_LIMIT_ATTR_MAX
> +};
> +
> +#define OVS_CT_LIMIT_ATTR_MAX (__OVS_CT_LIMIT_ATTR_MAX - 1)
> +
> +/**
> + * @OVS_CT_ZONE_LIMIT_ATTR_SET_REQ: Contains either
> + * OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT or a pair of
> + * OVS_CT_ZONE_LIMIT_ATTR_ZONE and OVS_CT_ZONE_LIMIT_ATTR_LIMIT.
> + * @OVS_CT_ZONE_LIMIT_ATTR_DEL_REQ: Contains OVS_CT_ZONE_LIMIT_ATTR_ZONE.
> + * @OVS_CT_ZONE_LIMIT_ATTR_GET_REQ: Contains OVS_CT_ZONE_LIMIT_ATTR_ZONE.
> + * @OVS_CT_ZONE_LIMIT_ATTR_GET_RLY: Contains either
> + * OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT or a triple of
> + * OVS_CT_ZONE_LIMIT_ATTR_ZONE, OVS_CT_ZONE_LIMIT_ATTR_LIMIT and
> + * OVS_CT_ZONE_LIMIT_ATTR_COUNT.
> + */
> +enum ovs_ct_limit_option_attr {
> + OVS_CT_LIMIT_OPTION_ATTR_UNSPEC,
> + OVS_CT_ZONE_LIMIT_ATTR_SET_REQ, /* Nested OVS_CT_ZONE_LIMIT_ATTR_*
> + * attributes. */
> + OVS_CT_ZONE_LIMIT_ATTR_DEL_REQ, /* Nested OVS_CT_ZONE_LIMIT_ATTR_*
> + * attributes. */
> + OVS_CT_ZONE_LIMIT_ATTR_GET_REQ, /* Nested OVS_CT_ZONE_LIMIT_ATTR_*
> + * attributes. */
> + OVS_CT_ZONE_LIMIT_ATTR_GET_RLY, /* Nested OVS_CT_ZONE_LIMIT_ATTR_*
> + * attributes. */
> + __OVS_CT_LIMIT_OPTION_ATTR_MAX
> +};
> +
> +#define OVS_CT_LIMIT_OPTION_ATTR_MAX (__OVS_CT_LIMIT_OPTION_ATTR_MAX - 1)
> +
> +enum ovs_ct_zone_limit_attr {
> + OVS_CT_ZONE_LIMIT_ATTR_UNSPEC,
> + OVS_CT_ZONE_LIMIT_ATTR_DEFAULT_LIMIT, /* u32 default conntrack limit
> + * for all zones. */
> + OVS_CT_ZONE_LIMIT_ATTR_ZONE, /* u16 conntrack zone id. */
> + OVS_CT_ZONE_LIMIT_ATTR_LIMIT, /* u32 max number of conntrack
> + * entries allowed in the
> + * corresponding zone. */
> + OVS_CT_ZONE_LIMIT_ATTR_COUNT, /* u32 number of conntrack
> + * entries in the corresponding
> + * zone. */
> + __OVS_CT_ZONE_LIMIT_ATTR_MAX
> +};
> +
> +#define OVS_CT_ZONE_LIMIT_ATTR_MAX (__OVS_CT_ZONE_LIMIT_ATTR_MAX - 1)
> +
> #endif /* _LINUX_OPENVSWITCH_H */
Is this something that other users can use? I searched around and
didn't see any mention
of it for other kernel users but perhaps I missed something?
Thanks,
- Greg
^ permalink raw reply
* Re: [PATCH 1/5] dt-bindings: allow dwmac-sun8i to use other devices' exported regmap
From: Icenowy Zheng @ 2018-04-16 23:17 UTC (permalink / raw)
To: linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r, Rob Herring
Cc: devicetree-u79uwXL29TY76Z2rM5mHXA, Maxime Ripard,
netdev-u79uwXL29TY76Z2rM5mHXA, linux-sunxi-/JYPxA39Uh5TLH3MbocFFw,
linux-kernel-u79uwXL29TY76Z2rM5mHXA, Chen-Yu Tsai, Corentin Labbe,
Giuseppe Cavallaro
In-Reply-To: <20180416184745.tqxyvojtcbage4fu@rob-hp-laptop>
于 2018年4月17日 GMT+08:00 上午2:47:45, Rob Herring <robh-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org> 写到:
>On Wed, Apr 11, 2018 at 10:16:37PM +0800, Icenowy Zheng wrote:
>> On some Allwinner SoCs the EMAC clock register needed by dwmac-sun8i
>is
>> in another device's memory space. In this situation dwmac-sun8i can
>use
>> a regmap exported by the other device with only the EMAC clock
>register.
>
>If this is a clock, then why not use the clock binding?
EMAC clock register is only the datasheet name. It contains
MII mode selection and delay chain configuration.
>
>>
>> Document this situation in the dwmac-sun8i device tree binding
>> documentation.
>>
>> Signed-off-by: Icenowy Zheng <icenowy-h8G6r0blFSE@public.gmane.org>
>> ---
>> Documentation/devicetree/bindings/net/dwmac-sun8i.txt | 5 +++--
>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>
>> diff --git a/Documentation/devicetree/bindings/net/dwmac-sun8i.txt
>b/Documentation/devicetree/bindings/net/dwmac-sun8i.txt
>> index 3d6d5fa0c4d5..0c5f63a80617 100644
>> --- a/Documentation/devicetree/bindings/net/dwmac-sun8i.txt
>> +++ b/Documentation/devicetree/bindings/net/dwmac-sun8i.txt
>> @@ -20,8 +20,9 @@ Required properties:
>> - phy-handle: See ethernet.txt
>> - #address-cells: shall be 1
>> - #size-cells: shall be 0
>> -- syscon: A phandle to the syscon of the SoC with one of the
>following
>> - compatible string:
>> +- syscon: A phandle to a device which exports the EMAC clock
>register as a
>> + regmap or to the syscon of the SoC with one of the following
>compatible
>> + string:
>> - allwinner,sun8i-h3-system-controller
>> - allwinner,sun8i-v3s-system-controller
>> - allwinner,sun50i-a64-system-controller
>> --
>> 2.15.1
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe devicetree"
>in
>> the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>_______________________________________________
>linux-arm-kernel mailing list
>linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org
>http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
--
You received this message because you are subscribed to the Google Groups "linux-sunxi" group.
To unsubscribe from this group and stop receiving emails from it, send an email to linux-sunxi+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
For more options, visit https://groups.google.com/d/optout.
^ permalink raw reply
* Re: [PATCH 08/10] net: ax88796: Make reset more robust on AX88796B
From: Andrew Lunn @ 2018-04-16 23:12 UTC (permalink / raw)
To: Michael Schmitz
Cc: netdev, linux-m68k, Michael.Karcher, John Paul Adrian Glaubitz,
Michael Karcher
In-Reply-To: <1523916285-6057-9-git-send-email-schmitzmic@gmail.com>
On Tue, Apr 17, 2018 at 10:04:43AM +1200, Michael Schmitz wrote:
> From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
>
> The AX88796B as installed on the X-Surf-100 does not recognize a MII reset
> request if the previous write to the MII control register also was a reset
> request. So a dummy write to the control register makes the soft reset in
> the PHY initialization code work.
>
> Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
> ---
> drivers/net/ethernet/8390/ax88796.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c
> index 6af9aca..a2f9a09 100644
> --- a/drivers/net/ethernet/8390/ax88796.c
> +++ b/drivers/net/ethernet/8390/ax88796.c
> @@ -374,6 +374,10 @@ static int ax_mii_probe(struct net_device *dev)
> return -ENODEV;
> }
>
> + /* write a non-reset pattern to the control register to
> + * re-arm the reset request detection logic (needed on AX88796B)
> + */
> + phy_write(phy_dev, MII_BMCR, 0);
This should really be fixed in the PHY driver, not the MAC.
Andrew
^ permalink raw reply
* Re: [PATCH net-next] net: Remove unused tcp_set_state tracepoint
From: David Miller @ 2018-04-16 23:02 UTC (permalink / raw)
To: rdna; +Cc: rostedt, laoar.shao, netdev, kernel-team
In-Reply-To: <20180416220713.3339568-1-rdna@fb.com>
From: Andrey Ignatov <rdna@fb.com>
Date: Mon, 16 Apr 2018 15:07:13 -0700
> This tracepoint was replaced by inet_sock_set_state in 563e0bb and not
> used anywhere in the kernel anymore. Remove it.
>
> Signed-off-by: Andrey Ignatov <rdna@fb.com>
Applied, thank you.
^ permalink raw reply
* Re: [PATCH 02/10] net: ax88796: Attach MII bus only when open
From: Andrew Lunn @ 2018-04-16 22:59 UTC (permalink / raw)
To: Michael Schmitz
Cc: netdev, linux-m68k, Michael.Karcher, Michael Karcher,
Michael Karcher
In-Reply-To: <1523916285-6057-3-git-send-email-schmitzmic@gmail.com>
On Tue, Apr 17, 2018 at 10:04:37AM +1200, Michael Schmitz wrote:
> From: Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>
>
> Call ax_mii_init in ax_open(), and unregister/remove mdiobus resources
> in ax_close().
>
> This is needed to be able to unload the module, as the module is busy
> while the MII bus is attached.
>
> Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
> Signed-off-by: Michael Schmitz <schmitzmic@gmail.com>
> ---
> drivers/net/ethernet/8390/ax88796.c | 13 +++++++++----
> 1 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/net/ethernet/8390/ax88796.c b/drivers/net/ethernet/8390/ax88796.c
> index 2a256aa..f7b8911 100644
> --- a/drivers/net/ethernet/8390/ax88796.c
> +++ b/drivers/net/ethernet/8390/ax88796.c
> @@ -79,6 +79,8 @@
>
> static u32 ax_msg_enable;
>
> +static int ax_mii_init(struct net_device *dev);
Hi Michael
We try to avoid forward declarations. Please can you move
ax_mii_init() so this is not needed.
> +
> /* device private data */
>
> struct ax_device {
> @@ -396,6 +398,10 @@ static int ax_open(struct net_device *dev)
>
> netdev_dbg(dev, "open\n");
>
> + ret = ax_mii_init(dev);
> + if (ret)
> + goto failed_request_irq;
> +
> ret = request_irq(dev->irq, ax_ei_interrupt, ax->irqflags,
> dev->name, dev);
> if (ret)
You are missing some cleanup on error at the end of ax_open().
It was also missing before.
Andrew
^ permalink raw reply
* Re: [PATCH net-next 3/5] ipv4: support sport, dport and ip protocol in RTM_GETROUTE
From: David Miller @ 2018-04-16 22:58 UTC (permalink / raw)
To: roopa; +Cc: netdev, dsa
In-Reply-To: <1523911298-8965-4-git-send-email-roopa@cumulusnetworks.com>
From: Roopa Prabhu <roopa@cumulusnetworks.com>
Date: Mon, 16 Apr 2018 13:41:36 -0700
> diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h
> index 9b15005..7947252 100644
> --- a/include/uapi/linux/rtnetlink.h
> +++ b/include/uapi/linux/rtnetlink.h
> @@ -327,6 +327,9 @@ enum rtattr_type_t {
> RTA_PAD,
> RTA_UID,
> RTA_TTL_PROPAGATE,
> + RTA_SPORT,
> + RTA_DPORT,
> + RTA_IP_PROTO,
> __RTA_MAX
> };
>
> diff --git a/net/ipv4/route.c b/net/ipv4/route.c
> index ccb25d8..ae55711 100644
> --- a/net/ipv4/route.c
> +++ b/net/ipv4/route.c
> @@ -2663,6 +2663,18 @@ static int rt_fill_info(struct net *net, __be32 dst, __be32 src, u32 table_id,
> from_kuid_munged(current_user_ns(), fl4->flowi4_uid)))
> goto nla_put_failure;
>
> + if (fl4->fl4_sport &&
> + nla_put_u16(skb, RTA_SPORT, ntohs(fl4->fl4_sport)))
> + goto nla_put_failure;
The addreeses are given over netlink in network byte order, so let's
be consistent and do the same for the ports et al. as well.
Thanks.
^ permalink raw reply
* Re: [PATCH net-next 0/2] PCI: add two more values for PCIe Max_Read_Request_Size and initially use them in r8169 network driver
From: David Miller @ 2018-04-16 22:55 UTC (permalink / raw)
To: hkallweit1; +Cc: bhelgaas, helgaas, nic_swsd, linux-pci, netdev
In-Reply-To: <00f1255f-acf0-4760-c20f-0b78bda44645@gmail.com>
From: Heiner Kallweit <hkallweit1@gmail.com>
Date: Mon, 16 Apr 2018 21:35:42 +0200
> In r8169 network driver I stumbled across a magic number translating
> to PCI MRRS size 4K. The PCI core is still missing constants for
> values 2K and 4K (as defined in PCI standard).
>
> So let's add these two constants and use the 4K constant in r8169.
>
> Second patch depends on the first one, therefore both patches
> preferrably should go through either PCI or netdev tree.
Series applied, thank you.
^ permalink raw reply
* Re: [PATCH] textsearch: fix kernel-doc warnings and add kernel-api section
From: David Miller @ 2018-04-16 22:53 UTC (permalink / raw)
To: rdunlap; +Cc: netdev, linux-kernel
In-Reply-To: <8f871cc5-dba8-c4d8-9dfb-ea61a2aa35a7@infradead.org>
From: Randy Dunlap <rdunlap@infradead.org>
Date: Mon, 16 Apr 2018 12:32:55 -0700
> From: Randy Dunlap <rdunlap@infradead.org>
>
> Make lib/textsearch.c usable as kernel-doc.
> Add textsearch() function family to kernel-api documentation.
> Fix kernel-doc warnings in <linux/textsearch.h>:
> ../include/linux/textsearch.h:65: warning: Incorrect use of kernel-doc format:
> * get_next_block - fetch next block of data
> ../include/linux/textsearch.h:82: warning: Incorrect use of kernel-doc format:
> * finish - finalize/clean a series of get_next_block() calls
>
> Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Applied, thanks Randy.
^ permalink raw reply
* Re: [PATCH net-next 0/5] net: stmmac: Stop using hard-coded callbacks
From: David Miller @ 2018-04-16 22:50 UTC (permalink / raw)
To: Jose.Abreu; +Cc: netdev, Joao.Pinto, peppe.cavallaro, alexandre.torgue
In-Reply-To: <cover.1523019346.git.joabreu@synopsys.com>
From: Jose Abreu <Jose.Abreu@synopsys.com>
Date: Mon, 16 Apr 2018 16:08:11 +0100
> This a starting point for a cleanup and re-organization of stmmac.
>
> In this series we stop using hard-coded callbacks along the code and use
> instead helpers which are defined in a single place ("hwif.h").
>
> This brings several advantages:
> 1) Less typing :)
> 2) Guaranteed function pointer check
> 3) More flexibility
>
> By 2) we stop using the repeated pattern of:
> if (priv->hw->mac->some_func)
> priv->hw->mac->some_func(...)
>
> I didn't check but I expect the final .ko will be bigger with this series
> because *all* of function pointers are checked.
>
> Anyway, I hope this can make the code more readable and more flexible now.
>
> [resending as per David Miller request]
Series applied, thanks Jose.
^ permalink raw reply
* Re: [PATCH net-next 0/5] tcp: add zero copy receive
From: David Miller @ 2018-04-16 22:48 UTC (permalink / raw)
To: edumazet; +Cc: netdev, ncardwell, ycheng, soheil, eric.dumazet
In-Reply-To: <20180416173339.6310-1-edumazet@google.com>
From: Eric Dumazet <edumazet@google.com>
Date: Mon, 16 Apr 2018 10:33:34 -0700
> This patch series add mmap() support to TCP sockets for RX zero copy.
>
> While tcp_mmap() patch itself is quite small (~100 LOC), optimal support
> for asynchronous mmap() required better SO_RCVLOWAT behavior, and a
> test program to demonstrate how mmap() on TCP sockets can be used.
>
> Note that mmap() (and associated munmap()) calls are adding more
> pressure on per-process VM semaphore, so might not show benefit
> for processus with high number of threads.
Great work. I can see how it is less effective without the rcvlowat
fixes/tweaks.
Series applied, thanks Eric!
^ permalink raw reply
* Re: [PATCH net-next 1/1] tc-testing: add sample action tests
From: David Miller @ 2018-04-16 22:17 UTC (permalink / raw)
To: mrv; +Cc: netdev, kernel, jhs, xiyou.wangcong, jiri
In-Reply-To: <1523894764-7765-1-git-send-email-mrv@mojatatu.com>
From: Roman Mashak <mrv@mojatatu.com>
Date: Mon, 16 Apr 2018 12:06:04 -0400
> Signed-off-by: Roman Mashak <mrv@mojatatu.com>
Applied to net-next.
^ permalink raw reply
* Re: [PATCH] ipv6: remove unnecessary check in addrconf_prefix_rcv_add_addr()
From: David Miller @ 2018-04-16 22:16 UTC (permalink / raw)
To: lorenzo.bianconi; +Cc: netdev
In-Reply-To: <cd402c41ec4a3fb61702ae00115e54cfada4ba1d.1523893788.git.lorenzo.bianconi@redhat.com>
From: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Date: Mon, 16 Apr 2018 17:52:59 +0200
> Remove unnecessary check on update_lft variable in
> addrconf_prefix_rcv_add_addr routine since it is always set to 0.
> Moreover remove update_lft re-initialization to 0
>
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Applied to net-next, thanks.
^ permalink raw reply
* Re: [PATCH v2] net: ipv6: xfrm6_state: remove VLA usage
From: Stefano Brivio @ 2018-04-16 22:13 UTC (permalink / raw)
To: Andreas Christoforou
Cc: keescook, kernel-hardening, Steffen Klassert, Herbert Xu,
David S. Miller, Alexey Kuznetsov, Hideaki YOSHIFUJI, netdev,
linux-kernel
In-Reply-To: <1520667645-21975-1-git-send-email-andreaschristofo@gmail.com>
Andreas,
On Sat, 10 Mar 2018 09:40:44 +0200
Andreas Christoforou <andreaschristofo@gmail.com> wrote:
> The kernel would like to have all stack VLA usage removed[1].
> Instead of dynamic allocation, just use XFRM_MAX_DEPTH
> as already done for the "class" array, but as per feedback,
> I will not drop maxclass because that changes the behavior.
> In one case, it'll do this loop up to 5, the other
> caller up to 6.
>
> [1] https://lkml.org/lkml/2018/3/7/621
>
> Signed-off-by: Andreas Christoforou <andreaschristofo@gmail.com>
> ---
> v2:
> - use XFRM_MAX_DEPTH for "count" array (Steffen and Mathias).
> ---
> net/ipv6/xfrm6_state.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
> index b15075a..270a53a 100644
> --- a/net/ipv6/xfrm6_state.c
> +++ b/net/ipv6/xfrm6_state.c
> @@ -62,7 +62,7 @@ __xfrm6_sort(void **dst, void **src, int n, int (*cmp)(void *p), int maxclass)
> {
> int i;
> int class[XFRM_MAX_DEPTH];
> - int count[maxclass];
> + int count[XFRM_MAX_DEPTH];
>
> memset(count, 0, sizeof(count));
>
I hope this didn't get too confusing. In the end, the change I proposed
for this patch was simply to drop the memset and initialize 'count'
like:
int count[XFRM_MAX_DEPTH] = { };
and perhaps, while at it, move this before 'int i', for coding style
reasons.
When you re-post, please also take care of Steffen's comment. He
proposed to change the subject to:
xfrm: remove VLA usage in __xfrm6_sort()
Note that you should give an indication of which tree this patch should
be applied to, by including this in the subject. The current subject
doesn't specify it, it should have been:
[PATCH v2 ipsec-next] ...
Please see Documentation/networking/netdev-FAQ.txt for the difference
between net and net-next, as the same distinction applies for ipsec and
ipsec-next trees. Thanks.
--
Stefano
^ permalink raw reply
* Re: [PATCH net 0/2] tipc: Better check user provided attributes
From: David Miller @ 2018-04-16 22:13 UTC (permalink / raw)
To: jon.maloy; +Cc: edumazet, netdev, eric.dumazet
In-Reply-To: <BN6PR15MB1553E36BE54D3E8B7ED612F89AB00@BN6PR15MB1553.namprd15.prod.outlook.com>
From: Jon Maloy <jon.maloy@ericsson.com>
Date: Mon, 16 Apr 2018 19:21:44 +0000
> Acked-by: Jon Maloy <jon.maloy@ericsson.com>
>
> Thank you, Eric.
Series applied and patch #1 queued up for -stable, thanks Eric.
^ permalink raw reply
* [PATCH net-next] net: Remove unused tcp_set_state tracepoint
From: Andrey Ignatov @ 2018-04-16 22:07 UTC (permalink / raw)
To: rostedt, laoar.shao; +Cc: Andrey Ignatov, netdev, kernel-team
This tracepoint was replaced by inet_sock_set_state in 563e0bb and not
used anywhere in the kernel anymore. Remove it.
Signed-off-by: Andrey Ignatov <rdna@fb.com>
---
include/trace/events/tcp.h | 47 ----------------------------------------------
1 file changed, 47 deletions(-)
diff --git a/include/trace/events/tcp.h b/include/trace/events/tcp.h
index 878b2be..3dd6802 100644
--- a/include/trace/events/tcp.h
+++ b/include/trace/events/tcp.h
@@ -166,53 +166,6 @@ DEFINE_EVENT(tcp_event_sk, tcp_destroy_sock,
TP_ARGS(sk)
);
-TRACE_EVENT(tcp_set_state,
-
- TP_PROTO(const struct sock *sk, const int oldstate, const int newstate),
-
- TP_ARGS(sk, oldstate, newstate),
-
- TP_STRUCT__entry(
- __field(const void *, skaddr)
- __field(int, oldstate)
- __field(int, newstate)
- __field(__u16, sport)
- __field(__u16, dport)
- __array(__u8, saddr, 4)
- __array(__u8, daddr, 4)
- __array(__u8, saddr_v6, 16)
- __array(__u8, daddr_v6, 16)
- ),
-
- TP_fast_assign(
- struct inet_sock *inet = inet_sk(sk);
- __be32 *p32;
-
- __entry->skaddr = sk;
- __entry->oldstate = oldstate;
- __entry->newstate = newstate;
-
- __entry->sport = ntohs(inet->inet_sport);
- __entry->dport = ntohs(inet->inet_dport);
-
- p32 = (__be32 *) __entry->saddr;
- *p32 = inet->inet_saddr;
-
- p32 = (__be32 *) __entry->daddr;
- *p32 = inet->inet_daddr;
-
- TP_STORE_ADDRS(__entry, inet->inet_saddr, inet->inet_daddr,
- sk->sk_v6_rcv_saddr, sk->sk_v6_daddr);
- ),
-
- TP_printk("sport=%hu dport=%hu saddr=%pI4 daddr=%pI4 saddrv6=%pI6c daddrv6=%pI6c oldstate=%s newstate=%s",
- __entry->sport, __entry->dport,
- __entry->saddr, __entry->daddr,
- __entry->saddr_v6, __entry->daddr_v6,
- show_tcp_state_name(__entry->oldstate),
- show_tcp_state_name(__entry->newstate))
-);
-
TRACE_EVENT(tcp_retransmit_synack,
TP_PROTO(const struct sock *sk, const struct request_sock *req),
--
2.9.5
^ permalink raw reply related
* Re: [PATCH net-next 1/2] PCI: Add two more values for PCIe Max_Read_Request_Size
From: David Miller @ 2018-04-16 22:06 UTC (permalink / raw)
To: helgaas; +Cc: hkallweit1, bhelgaas, nic_swsd, linux-pci, netdev
In-Reply-To: <20180416214204.GD28657@bhelgaas-glaptop.roam.corp.google.com>
From: Bjorn Helgaas <helgaas@kernel.org>
Date: Mon, 16 Apr 2018 16:42:04 -0500
> On Mon, Apr 16, 2018 at 09:37:13PM +0200, Heiner Kallweit wrote:
>> This patch adds missing values for the max read request size.
>> E.g. network driver r8169 uses a value of 4K.
>>
>> Signed-off-by: Heiner Kallweit <hkallweit1@gmail.com>
>
> I'd prefer a subject line with more details, e.g.,
>
> PCI: Add #defines for 2K and 4K Max Read Request Size
>
> Acked-by: Bjorn Helgaas <bhelgaas@google.com>
>
> I suspect conflicts are more likely in r8169.c so it might make more
> sense to route these through the netdev tree. I'd also be happy to
> take them, so let me know if you want me to take them, David.
I'll take them into net-next, thanks Bjorn.
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox