* Re: [PATCH net-next] tun: do not compute the rxhash, if not needed
From: Jason Wang @ 2018-04-20 12:19 UTC (permalink / raw)
To: Paolo Abeni, netdev; +Cc: David S. Miller
In-Reply-To: <1c43f8bc63407239c91df916b149d4fdbf26bed3.1524222969.git.pabeni@redhat.com>
On 2018年04月20日 19:18, Paolo Abeni wrote:
> Currently, the tun driver, in absence of an eBPF steering program,
> always compute the rxhash in its rx path, even when such value
> is later unused due to additional checks (
>
> This changeset moves the all the related checks just before the
> __skb_get_hash_symmetric(), so that the latter is no more computed
> when unneeded.
>
> Also replace an unneeded RCU section with rcu_access_pointer().
>
> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
> ---
> drivers/net/tun.c | 15 ++++++---------
> 1 file changed, 6 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/net/tun.c b/drivers/net/tun.c
> index 1e58be152d5c..091ace726763 100644
> --- a/drivers/net/tun.c
> +++ b/drivers/net/tun.c
> @@ -525,11 +525,6 @@ static void tun_flow_update(struct tun_struct *tun, u32 rxhash,
>
> rcu_read_lock();
>
> - /* We may get a very small possibility of OOO during switching, not
> - * worth to optimize.*/
> - if (tun->numqueues == 1 || tfile->detached)
> - goto unlock;
> -
> e = tun_flow_find(head, rxhash);
> if (likely(e)) {
> /* TODO: keep queueing to old queue until it's empty? */
> @@ -548,7 +543,6 @@ static void tun_flow_update(struct tun_struct *tun, u32 rxhash,
> spin_unlock_bh(&tun->lock);
> }
>
> -unlock:
> rcu_read_unlock();
> }
>
> @@ -1937,10 +1931,13 @@ static ssize_t tun_get_user(struct tun_struct *tun, struct tun_file *tfile,
> rcu_read_unlock();
> }
>
> - rcu_read_lock();
> - if (!rcu_dereference(tun->steering_prog))
> + /* Compute the costly rx hash only if needed for flow updates.
> + * We may get a very small possibility of OOO during switching, not
> + * worth to optimize.
> + */
> + if (!rcu_access_pointer(tun->steering_prog) && tun->numqueues > 1 &&
> + !tfile->detached)
> rxhash = __skb_get_hash_symmetric(skb);
> - rcu_read_unlock();
>
> if (frags) {
> /* Exercise flow dissector code path. */
Acked-by: Jason Wang <jasowang@redhat.com>
^ permalink raw reply
* Re: [PATCH] kvmalloc: always use vmalloc if CONFIG_DEBUG_VM
From: Mikulas Patocka @ 2018-04-20 12:16 UTC (permalink / raw)
To: Andrew Morton
Cc: David Miller, linux-mm, eric.dumazet, edumazet, bhutchings,
netdev, linux-kernel, mst, jasowang, virtualization, dm-devel,
Vlastimil Babka
In-Reply-To: <20180419162250.00bf82e2c40b4960a7e23cdc@linux-foundation.org>
On Thu, 19 Apr 2018, Andrew Morton wrote:
> On Thu, 19 Apr 2018 17:19:20 -0400 (EDT) Mikulas Patocka <mpatocka@redhat.com> wrote:
>
> > > > In order to detect these bugs reliably I submit this patch that changes
> > > > kvmalloc to always use vmalloc if CONFIG_DEBUG_VM is turned on.
> > > >
> > > > ...
> > > >
> > > > --- linux-2.6.orig/mm/util.c 2018-04-18 15:46:23.000000000 +0200
> > > > +++ linux-2.6/mm/util.c 2018-04-18 16:00:43.000000000 +0200
> > > > @@ -395,6 +395,7 @@ EXPORT_SYMBOL(vm_mmap);
> > > > */
> > > > void *kvmalloc_node(size_t size, gfp_t flags, int node)
> > > > {
> > > > +#ifndef CONFIG_DEBUG_VM
> > > > gfp_t kmalloc_flags = flags;
> > > > void *ret;
> > > >
> > > > @@ -426,6 +427,7 @@ void *kvmalloc_node(size_t size, gfp_t f
> > > > */
> > > > if (ret || size <= PAGE_SIZE)
> > > > return ret;
> > > > +#endif
> > > >
> > > > return __vmalloc_node_flags_caller(size, node, flags,
> > > > __builtin_return_address(0));
> > >
> > > Well, it doesn't have to be done at compile-time, does it? We could
> > > add a knob (in debugfs, presumably) which enables this at runtime.
> > > That's far more user-friendly.
> >
> > But who will turn it on in debugfs?
>
> But who will turn it on in Kconfig? Just a handful of developers. We
So, it won't receive much testing.
I've never played with those debugfs files (because I didn't need it), and
most users also won't play with it. Having a debugfs option is like having
no option at all.
> could add SONFIG_DEBUG_SG to the list in
> Documentation/process/submit-checklist.rst, but nobody reads that.
>
> Also, a whole bunch of defconfigs set CONFIG_DEBUG_SG=y and some
> googling indicates that they aren't the only ones...
>
> > It should be default for debugging
> > kernels, so that users using them would report the error.
>
> Well. This isn't the first time we've wanted to enable expensive (or
> noisy) debugging things in debug kernels, by any means.
>
> So how could we define a debug kernel in which it's OK to enable such
> things?
Debug kernel is what distributions distribute as debug kernel - i.e. RHEL
or Fedora have debugging kernels. So it needs to be bound to an option
that is turned on in these kernels - so that any user who boots the
debugging kernel triggers the bug.
> - Could be "it's an -rc kernel". But then we'd be enabling a bunch of
> untested code when Linus cuts a release.
>
> - Could be "it's an -rc kernel with SUBLEVEL <= 5". But then we risk
> unexpected things happening when Linux cuts -rc6, which still isn't
> good.
>
> - How about "it's an -rc kernel with odd-numbered SUBLEVEL and
> SUBLEVEL <= 5". That way everybody who runs -rc1, -rc3 and -rc5 will
> have kvmalloc debugging enabled. That's potentially nasty because
> vmalloc is much slower than kmalloc. But kvmalloc() is only used for
> large and probably infrequent allocations, so it's probably OK.
>
> I wonder how we get at SUBLEVEL from within .c.
Don't bind it to rc level, bind it to some debugging configuration option.
Mikulas
^ permalink raw reply
* Re: Q: force netif ON even when there is no real link ?
From: Ran Shalit @ 2018-04-20 12:14 UTC (permalink / raw)
To: Andrew Lunn; +Cc: netdev
In-Reply-To: <20180420120516.GC20256@lunn.ch>
On Fri, Apr 20, 2018 at 3:05 PM, Andrew Lunn <andrew@lunn.ch> wrote:
> On Fri, Apr 20, 2018 at 03:01:09PM +0300, Ran Shalit wrote:
>> On Fri, Apr 20, 2018 at 2:55 PM, Andrew Lunn <andrew@lunn.ch> wrote:
>> > On Fri, Apr 20, 2018 at 11:44:14AM +0300, Ran Shalit wrote:
>> >> Hello,
>> >>
>> >> We configure external switch in u-boot.
>> >> The configuration is through mdio (cpu is mac and switch is phy).
>> >>
>> >> But in Linux we rather not implement any communication in mdio to
>> >> switch, but it means that we then don't have the information of link
>> >> state.
>> >>
>> >> Is it possible to force in Linux (by default in startup) Ethernet
>> >> connectivity (netif_carrier_on, netif_wake_queue) even if there is no
>> >> information of real link state ?
>> >
>> > Hi Ran
>> >
>> > Use a fixed-phy.
>> >
>>
>> Hi Andrew,
>>
>> I'll check about fixed phy,
>> but in general, is it a problem to have always netif_carrier_on, even
>> when there is no link ?
>
> The link between the CPU and the switch should be up all the
> time. That is the point of fixed-link.
>
I understand.
But what about the mac driver, does it just do netif_start_queue ?
Thanks
> Andrew
^ permalink raw reply
* Re: [PATCH bpf-next 1/5] samples/bpf: Fix typo in comment
From: Jesper Dangaard Brouer @ 2018-04-20 12:10 UTC (permalink / raw)
To: Leo Yan; +Cc: brouer, Alexei Starovoitov, Daniel Borkmann, netdev, linux-kernel
In-Reply-To: <1524101646-6544-2-git-send-email-leo.yan@linaro.org>
On Thu, 19 Apr 2018 09:34:02 +0800 Leo Yan <leo.yan@linaro.org> wrote:
> Fix typo by replacing 'iif' with 'if'.
>
> Signed-off-by: Leo Yan <leo.yan@linaro.org>
> ---
> samples/bpf/bpf_load.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/samples/bpf/bpf_load.c b/samples/bpf/bpf_load.c
> index bebe418..28e4678 100644
> --- a/samples/bpf/bpf_load.c
> +++ b/samples/bpf/bpf_load.c
> @@ -393,7 +393,7 @@ static int load_elf_maps_section(struct bpf_map_data *maps, int maps_shndx,
> continue;
> if (sym[nr_maps].st_shndx != maps_shndx)
> continue;
> - /* Only increment iif maps section */
> + /* Only increment if maps section */
> nr_maps++;
> }
This was actually not a typo from my side.
With 'iif' I mean 'if and only if' ... but it doesn't matter much.
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
^ permalink raw reply
* Re: Q: force netif ON even when there is no real link ?
From: Andrew Lunn @ 2018-04-20 12:05 UTC (permalink / raw)
To: Ran Shalit; +Cc: netdev
In-Reply-To: <CAJ2oMhJKOyFceuNwxVb4zPtF9Dm34s=JGfnp0AnP=c2zu7VWAA@mail.gmail.com>
On Fri, Apr 20, 2018 at 03:01:09PM +0300, Ran Shalit wrote:
> On Fri, Apr 20, 2018 at 2:55 PM, Andrew Lunn <andrew@lunn.ch> wrote:
> > On Fri, Apr 20, 2018 at 11:44:14AM +0300, Ran Shalit wrote:
> >> Hello,
> >>
> >> We configure external switch in u-boot.
> >> The configuration is through mdio (cpu is mac and switch is phy).
> >>
> >> But in Linux we rather not implement any communication in mdio to
> >> switch, but it means that we then don't have the information of link
> >> state.
> >>
> >> Is it possible to force in Linux (by default in startup) Ethernet
> >> connectivity (netif_carrier_on, netif_wake_queue) even if there is no
> >> information of real link state ?
> >
> > Hi Ran
> >
> > Use a fixed-phy.
> >
>
> Hi Andrew,
>
> I'll check about fixed phy,
> but in general, is it a problem to have always netif_carrier_on, even
> when there is no link ?
The link between the CPU and the switch should be up all the
time. That is the point of fixed-link.
Andrew
^ permalink raw reply
* Re: Q: force netif ON even when there is no real link ?
From: Ran Shalit @ 2018-04-20 12:01 UTC (permalink / raw)
To: Andrew Lunn; +Cc: netdev
In-Reply-To: <20180420115556.GB20256@lunn.ch>
On Fri, Apr 20, 2018 at 2:55 PM, Andrew Lunn <andrew@lunn.ch> wrote:
> On Fri, Apr 20, 2018 at 11:44:14AM +0300, Ran Shalit wrote:
>> Hello,
>>
>> We configure external switch in u-boot.
>> The configuration is through mdio (cpu is mac and switch is phy).
>>
>> But in Linux we rather not implement any communication in mdio to
>> switch, but it means that we then don't have the information of link
>> state.
>>
>> Is it possible to force in Linux (by default in startup) Ethernet
>> connectivity (netif_carrier_on, netif_wake_queue) even if there is no
>> information of real link state ?
>
> Hi Ran
>
> Use a fixed-phy.
>
Hi Andrew,
I'll check about fixed phy,
but in general, is it a problem to have always netif_carrier_on, even
when there is no link ?
Thank you,
ranran
^ permalink raw reply
* Re: Q: force netif ON even when there is no real link ?
From: Andrew Lunn @ 2018-04-20 11:55 UTC (permalink / raw)
To: Ran Shalit; +Cc: netdev
In-Reply-To: <CAJ2oMhKJyVFiw_k5eMzQXUbQ8DnUgbgdbCsWsjV+mwHHxPtAag@mail.gmail.com>
On Fri, Apr 20, 2018 at 11:44:14AM +0300, Ran Shalit wrote:
> Hello,
>
> We configure external switch in u-boot.
> The configuration is through mdio (cpu is mac and switch is phy).
>
> But in Linux we rather not implement any communication in mdio to
> switch, but it means that we then don't have the information of link
> state.
>
> Is it possible to force in Linux (by default in startup) Ethernet
> connectivity (netif_carrier_on, netif_wake_queue) even if there is no
> information of real link state ?
Hi Ran
Use a fixed-phy.
Andrew
^ permalink raw reply
* Re: [PATCH] kvmalloc: always use vmalloc if CONFIG_DEBUG_VM
From: Matthew Wilcox @ 2018-04-20 11:47 UTC (permalink / raw)
To: Mikulas Patocka
Cc: dm-devel, eric.dumazet, mst, netdev, linux-kernel, virtualization,
linux-mm, edumazet, bhutchings, Andrew Morton, David Miller,
Vlastimil Babka
In-Reply-To: <alpine.LRH.2.02.1804191207380.31175@file01.intranet.prod.int.rdu2.redhat.com>
On Thu, Apr 19, 2018 at 12:12:38PM -0400, Mikulas Patocka wrote:
> Unfortunatelly, some kernel code has bugs - it uses kvmalloc and then
> uses DMA-API on the returned memory or frees it with kfree. Such bugs were
> found in the virtio-net driver, dm-integrity or RHEL7 powerpc-specific
> code.
Maybe it's time to have the SG code handle vmalloced pages? This is
becoming more and more common with vmapped stacks (and some of our
workarounds are hideous -- allocate 4 bytes with kmalloc because we can't
DMA onto the stack any more?). We already have a few places which do
handle sgs of vmalloced addresses, such as the nx crypto driver:
if (is_vmalloc_addr(start_addr))
sg_addr = page_to_phys(vmalloc_to_page(start_addr))
+ offset_in_page(sg_addr);
else
sg_addr = __pa(sg_addr);
and videobuf:
pg = vmalloc_to_page(virt);
if (NULL == pg)
goto err;
BUG_ON(page_to_pfn(pg) >= (1 << (32 - PAGE_SHIFT)));
sg_set_page(&sglist[i], pg, PAGE_SIZE, 0);
Yes, there's the potential that we have to produce two SG entries for a
virtually contiguous region if it crosses a page boundary, and our APIs
aren't set up right to make it happen. But this is something we should
consider fixing ... otherwise we'll end up with dozens of driver hacks.
The videobuf implementation was already copy-and-pasted into the saa7146
driver, for example.
^ permalink raw reply
* Re: [PATCH 3/3] xen blkback: add fault injection facility
From: Juergen Gross @ 2018-04-20 11:28 UTC (permalink / raw)
To: Stanislav Kinsburskii
Cc: jakub.kicinski, hpa, mcroce, tglx, ggarcia, daniel, x86, mingo,
xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, linux-block, wei.liu2, netdev,
linux-kernel, davem, dwmw, roger.pau
In-Reply-To: <20180420104736.17823.42983.stgit@dev-dsk-staskins-1a-ca5afbf2.eu-west-1.amazon.com>
On 20/04/18 12:47, Stanislav Kinsburskii wrote:
> This patch adds wrapper helpers around generic Xen fault inject
> facility.
> The major reason is to keep all the module fault injection directories
> in a dedicated subdirectory instead of Xen fault inject root.
>
> IOW, when using these helpers, per-device and named by device name
> fault injection control directories will appear under the following
> directory:
> - /sys/kernel/debug/xen/fault_inject/xen-blkback/
> instead of:
> - /sys/kernel/debug/xen/fault_inject/
>
> Signed-off-by: Stanislav Kinsburskii <staskins@amazon.com>
> CC: Jens Axboe <axboe@kernel.dk>
> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> CC: "Roger Pau Monné" <roger.pau@citrix.com>
> CC: linux-kernel@vger.kernel.org
> CC: linux-block@vger.kernel.org
> CC: xen-devel@lists.xenproject.org
> CC: Stanislav Kinsburskii <staskins@amazon.com>
> CC: David Woodhouse <dwmw@amazon.co.uk>
This is an exact copy of the netback patch apart from the names.
I don't like adding multiple copies of the same coding to the tree.
Juergen
^ permalink raw reply
* Re: [PATCH 2/3] xen netback: add fault injection facility
From: Juergen Gross @ 2018-04-20 11:25 UTC (permalink / raw)
To: Stanislav Kinsburskii
Cc: jakub.kicinski, hpa, mcroce, tglx, ggarcia, daniel, x86, mingo,
xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, linux-block, wei.liu2, netdev,
linux-kernel, davem, dwmw, roger.pau
In-Reply-To: <20180420104731.17823.97617.stgit@dev-dsk-staskins-1a-ca5afbf2.eu-west-1.amazon.com>
On 20/04/18 12:47, Stanislav Kinsburskii wrote:
> This patch adds wrapper helpers around generic Xen fault inject facility.
> The major reason is to keep all the module fault injection directories
> in a dedicated subdirectory instead of Xen fault inject root.
>
> IOW, when using these helpers, per-device and named by device name fault
> injection control directories will appear under the following directory:
> - /sys/kernel/debug/xen/fault_inject/xen-netback/
> instead of:
> - /sys/kernel/debug/xen/fault_inject/
>
> Signed-off-by: Stanislav Kinsburskii <staskins@amazon.com>
> CC: Wei Liu <wei.liu2@citrix.com>
> CC: Paul Durrant <paul.durrant@citrix.com>
> CC: "David S. Miller" <davem@davemloft.net>
> CC: Matteo Croce <mcroce@redhat.com>
> CC: Stefan Hajnoczi <stefanha@redhat.com>
> CC: Daniel Borkmann <daniel@iogearbox.net>
> CC: Gerard Garcia <ggarcia@deic.uab.cat>
> CC: David Ahern <dsa@cumulusnetworks.com>
> CC: Juergen Gross <jgross@suse.com>
> CC: Amir Levy <amir.jer.levy@intel.com>
> CC: Jakub Kicinski <jakub.kicinski@netronome.com>
> CC: linux-kernel@vger.kernel.org
> CC: netdev@vger.kernel.org
> CC: xen-devel@lists.xenproject.org
> CC: Stanislav Kinsburskii <staskins@amazon.com>
> CC: David Woodhouse <dwmw@amazon.co.uk>
> ---
> drivers/net/Kconfig | 8 ++
> drivers/net/xen-netback/Makefile | 1
> drivers/net/xen-netback/common.h | 3 +
> drivers/net/xen-netback/netback.c | 3 +
> drivers/net/xen-netback/netback_fi.c | 119 ++++++++++++++++++++++++++++++++++
> drivers/net/xen-netback/netback_fi.h | 35 ++++++++++
> drivers/net/xen-netback/xenbus.c | 6 ++
> 7 files changed, 175 insertions(+)
> create mode 100644 drivers/net/xen-netback/netback_fi.c
> create mode 100644 drivers/net/xen-netback/netback_fi.h
>
> diff --git a/drivers/net/Kconfig b/drivers/net/Kconfig
> index 8918466..5cc9acd 100644
> --- a/drivers/net/Kconfig
> +++ b/drivers/net/Kconfig
> @@ -465,6 +465,14 @@ config XEN_NETDEV_BACKEND
> compile this driver as a module, chose M here: the module
> will be called xen-netback.
>
> +config XEN_NETDEV_BACKEND_FAULT_INJECTION
> + bool "Xen net-device backend driver fault injection"
> + depends on XEN_NETDEV_BACKEND
> + depends on XEN_FAULT_INJECTION
> + default n
> + help
> + Allow to inject errors to Xen backend network driver
> +
> config VMXNET3
> tristate "VMware VMXNET3 ethernet driver"
> depends on PCI && INET
> diff --git a/drivers/net/xen-netback/Makefile b/drivers/net/xen-netback/Makefile
> index d49798a..28abcdc 100644
> --- a/drivers/net/xen-netback/Makefile
> +++ b/drivers/net/xen-netback/Makefile
> @@ -1,3 +1,4 @@
> obj-$(CONFIG_XEN_NETDEV_BACKEND) := xen-netback.o
>
> xen-netback-y := netback.o xenbus.o interface.o hash.o rx.o
> +xen-netback-$(CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION) += netback_fi.o
> diff --git a/drivers/net/xen-netback/common.h b/drivers/net/xen-netback/common.h
> index a46a1e9..30d676d 100644
> --- a/drivers/net/xen-netback/common.h
> +++ b/drivers/net/xen-netback/common.h
> @@ -286,6 +286,9 @@ struct xenvif {
>
> #ifdef CONFIG_DEBUG_FS
> struct dentry *xenvif_dbg_root;
> +#ifdef CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION
> + void *fi_info;
> +#endif
> #endif
>
> struct xen_netif_ctrl_back_ring ctrl;
> diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c
> index a27daa2..ecc416e 100644
> --- a/drivers/net/xen-netback/netback.c
> +++ b/drivers/net/xen-netback/netback.c
> @@ -33,6 +33,7 @@
> */
>
> #include "common.h"
> +#include "netback_fi.h"
>
> #include <linux/kthread.h>
> #include <linux/if_vlan.h>
> @@ -1649,6 +1650,7 @@ static int __init netback_init(void)
> PTR_ERR(xen_netback_dbg_root));
> #endif /* CONFIG_DEBUG_FS */
>
> + (void) xen_netbk_fi_init();
This is the only usage of xen_netbk_fi_init(). Why don't you make it
return void from the beginning?
> return 0;
>
> failed_init:
> @@ -1659,6 +1661,7 @@ module_init(netback_init);
>
> static void __exit netback_fini(void)
> {
> + xen_netbk_fi_fini();
> #ifdef CONFIG_DEBUG_FS
> if (!IS_ERR_OR_NULL(xen_netback_dbg_root))
> debugfs_remove_recursive(xen_netback_dbg_root);
> diff --git a/drivers/net/xen-netback/netback_fi.c b/drivers/net/xen-netback/netback_fi.c
> new file mode 100644
> index 0000000..47541d0
> --- /dev/null
> +++ b/drivers/net/xen-netback/netback_fi.c
> @@ -0,0 +1,119 @@
> +/*
> + * Fault injection interface for Xen backend network driver
> + *
> + * Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License version 2
> + * as published by the Free Software Foundation; or, when distributed
> + * separately from the Linux kernel or incorporated into other
> + * software packages, subject to the following license:
SPDX again.
> + *
> + * Permission is hereby granted, free of charge, to any person obtaining a copy
> + * of this source file (the "Software"), to deal in the Software without
> + * restriction, including without limitation the rights to use, copy, modify,
> + * merge, publish, distribute, sublicense, and/or sell copies of the Software,
> + * and to permit persons to whom the Software is furnished to do so, subject to
> + * the following conditions:
> + *
> + * The above copyright notice and this permission notice shall be included in
> + * all copies or substantial portions of the Software.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
> + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
> + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
> + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
> + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
> + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
> + * IN THE SOFTWARE.
> + */
> +
> +#include "common.h"
> +
> +#include <linux/debugfs.h>
> +
> +#include <xen/fault_inject.h>
> +#include "netback_fi.h"
> +
> +static struct dentry *vif_fi_dir;
> +
> +static const char *xenvif_fi_names[] = {
> +};
> +
> +struct xenvif_fi {
> + struct dentry *dir;
> + struct xen_fi *faults[XENVIF_FI_MAX];
> +};
> +
> +int xen_netbk_fi_init(void)
> +{
> + vif_fi_dir = xen_fi_dir_create("xen-netback");
> + if (!vif_fi_dir)
> + return -ENOMEM;
> + return 0;
> +}
> +
> +void xen_netbk_fi_fini(void)
> +{
> + debugfs_remove_recursive(vif_fi_dir);
> +}
> +
> +void xenvif_fi_fini(struct xenvif *vif)
> +{
> + struct xenvif_fi *vfi = vif->fi_info;
> + int fi;
> +
> + if (!vif->fi_info)
> + return;
> +
> + vif->fi_info = NULL;
> +
> + for (fi = 0; fi < XENVIF_FI_MAX; fi++)
> + xen_fi_del(vfi->faults[fi]);
> + debugfs_remove_recursive(vfi->dir);
> + kfree(vfi);
> +}
> +
> +int xenvif_fi_init(struct xenvif *vif)
> +{
> + struct dentry *parent;
> + struct xenvif_fi *vfi;
> + int fi, err = -ENOMEM;
> +
> + parent = vif_fi_dir;
> + if (!parent)
> + return -ENOMEM;
> +
> + vfi = kmalloc(sizeof(*vfi), GFP_KERNEL);
> + if (!vfi)
> + return -ENOMEM;
> +
> + vfi->dir = debugfs_create_dir(vif->dev->name, parent);
> + if (!vfi->dir)
> + goto err_dir;
> +
> + for (fi = 0; fi < XENVIF_FI_MAX; fi++) {
> + vfi->faults[fi] = xen_fi_dir_add(vfi->dir,
> + xenvif_fi_names[fi]);
How does this work? xenvif_fi_names[] is an empty array and this is the
only reference to it. Who is allocating the memory for that array?
> + if (!vfi->faults[fi])
> + goto err_fault;
> + }
> +
> + vif->fi_info = vfi;
> + return 0;
> +
> +err_fault:
> + for (; fi > 0; fi--)
> + xen_fi_del(vfi->faults[fi]);
What about vfi->faults[0] ?
> + debugfs_remove_recursive(vfi->dir);
> +err_dir:
> + kfree(vfi);
> + return err;
> +}
> +
> +bool xenvif_should_fail(struct xenvif *vif, xenvif_fi_t type)
> +{
> + struct xenvif_fi *vfi = vif->fi_info;
> +
> + return xen_should_fail(vfi->faults[type]);
> +}
> diff --git a/drivers/net/xen-netback/netback_fi.h b/drivers/net/xen-netback/netback_fi.h
> new file mode 100644
> index 0000000..895c6a6
> --- /dev/null
> +++ b/drivers/net/xen-netback/netback_fi.h
> @@ -0,0 +1,35 @@
> +#ifndef _XEN_NETBACK_FI_H
> +#define _XEN_NETBACK_FI_H
> +
> +struct xen_fi;
Why?
> +
> +typedef enum {
> + XENVIF_FI_MAX
> +} xenvif_fi_t;
It would have helped if you had added some users of the stuff you are
adding here. This enum just looks weird this way.
> +
> +#ifdef CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION
> +
> +int xen_netbk_fi_init(void);
> +void xen_netbk_fi_fini(void);
> +
> +void xenvif_fi_fini(struct xenvif *vif);
> +int xenvif_fi_init(struct xenvif *vif);
> +
> +bool xenvif_should_fail(struct xenvif *vif, xenvif_fi_t type);
> +
> +#else
> +
> +static inline int xen_netbk_fi_init(void) { return 0; }
> +static inline void xen_netbk_fi_fini(void) { }
> +
> +static inline void xenvif_fi_fini(struct xenvif *vif) { }
> +static inline int xenvif_fi_init(struct xenvif *vif) { return 0; }
> +
> +static inline bool xenvif_should_fail(struct xenvif *vif, xenvif_fi_t type)
> +{
> + return false;
> +}
> +
> +#endif /* CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION */
> +
> +#endif /* _XEN_NETBACK_FI_H */
> diff --git a/drivers/net/xen-netback/xenbus.c b/drivers/net/xen-netback/xenbus.c
> index e1aef25..c775ee0 100644
> --- a/drivers/net/xen-netback/xenbus.c
> +++ b/drivers/net/xen-netback/xenbus.c
> @@ -21,6 +21,7 @@
> #include "common.h"
> #include <linux/vmalloc.h>
> #include <linux/rtnetlink.h>
> +#include "netback_fi.h"
>
> struct backend_info {
> struct xenbus_device *dev;
> @@ -502,6 +503,7 @@ static void backend_disconnect(struct backend_info *be)
> #ifdef CONFIG_DEBUG_FS
> xenvif_debugfs_delif(vif);
> #endif /* CONFIG_DEBUG_FS */
> + xenvif_fi_fini(vif);
> xenvif_disconnect_data(vif);
>
> /* At this point some of the handlers may still be active
> @@ -1024,6 +1026,10 @@ static void connect(struct backend_info *be)
> }
> }
>
> + err = xenvif_fi_init(be->vif);
> + if (err)
> + goto err;
> +
> #ifdef CONFIG_DEBUG_FS
> xenvif_debugfs_addif(be->vif);
> #endif /* CONFIG_DEBUG_FS */
>
Without any user of that infrastructure I really can't say whether I
want this.
Juergen
^ permalink raw reply
* Re: [PATCH RFC iptables] iptables: Per-net ns lock
From: Kirill Tkhai @ 2018-04-20 11:24 UTC (permalink / raw)
To: Florian Westphal; +Cc: netdev, pablo, rstoyanov1, ptikhomirov, avagin
In-Reply-To: <20180420105034.7qwwr3lrh7w7xlh4@breakpoint.cc>
Hi, Florian,
On 20.04.2018 13:50, Florian Westphal wrote:
> Kirill Tkhai <ktkhai@virtuozzo.com> wrote:
>> Pablo, Florian, could you please provide comments on this?
>>
>> On 09.04.2018 19:55, Kirill Tkhai wrote:
>>> In CRIU and LXC-restore we met the situation,
>>> when iptables in container can't be restored
>>> because of permission denied:
>>>
>>> https://github.com/checkpoint-restore/criu/issues/469
>>>
>>> Containers want to restore their own net ns,
>>> while they may have no their own mnt ns.
>>> This case they share host's /run/xtables.lock
>>> file, but they may not have permission to open
>>> it.
>>>
>>> Patch makes /run/xtables.lock to be per-namespace,
>>> i.e., to refer to the caller task's net ns.
>
> It looks ok to me but then again the entire userspace
> lock thing is a ugly band aid :-/
I'm agree, but I'm not sure there is a possibility
to go away from it in classic iptables...
Kirill
^ permalink raw reply
* [PATCH net-next] tun: do not compute the rxhash, if not needed
From: Paolo Abeni @ 2018-04-20 11:18 UTC (permalink / raw)
To: netdev; +Cc: David S. Miller, Jason Wang
Currently, the tun driver, in absence of an eBPF steering program,
always compute the rxhash in its rx path, even when such value
is later unused due to additional checks (
This changeset moves the all the related checks just before the
__skb_get_hash_symmetric(), so that the latter is no more computed
when unneeded.
Also replace an unneeded RCU section with rcu_access_pointer().
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
drivers/net/tun.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/drivers/net/tun.c b/drivers/net/tun.c
index 1e58be152d5c..091ace726763 100644
--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
@@ -525,11 +525,6 @@ static void tun_flow_update(struct tun_struct *tun, u32 rxhash,
rcu_read_lock();
- /* We may get a very small possibility of OOO during switching, not
- * worth to optimize.*/
- if (tun->numqueues == 1 || tfile->detached)
- goto unlock;
-
e = tun_flow_find(head, rxhash);
if (likely(e)) {
/* TODO: keep queueing to old queue until it's empty? */
@@ -548,7 +543,6 @@ static void tun_flow_update(struct tun_struct *tun, u32 rxhash,
spin_unlock_bh(&tun->lock);
}
-unlock:
rcu_read_unlock();
}
@@ -1937,10 +1931,13 @@ static ssize_t tun_get_user(struct tun_struct *tun, struct tun_file *tfile,
rcu_read_unlock();
}
- rcu_read_lock();
- if (!rcu_dereference(tun->steering_prog))
+ /* Compute the costly rx hash only if needed for flow updates.
+ * We may get a very small possibility of OOO during switching, not
+ * worth to optimize.
+ */
+ if (!rcu_access_pointer(tun->steering_prog) && tun->numqueues > 1 &&
+ !tfile->detached)
rxhash = __skb_get_hash_symmetric(skb);
- rcu_read_unlock();
if (frags) {
/* Exercise flow dissector code path. */
--
2.14.3
^ permalink raw reply related
* Re: [PATCH 1/3] xen: add generic fault injection facility
From: Juergen Gross @ 2018-04-20 10:59 UTC (permalink / raw)
To: Stanislav Kinsburskii
Cc: jakub.kicinski, hpa, mcroce, tglx, ggarcia, daniel, x86, mingo,
xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, linux-block, wei.liu2, netdev,
linux-kernel, davem, dwmw, roger.pau
In-Reply-To: <20180420104726.17823.40147.stgit@dev-dsk-staskins-1a-ca5afbf2.eu-west-1.amazon.com>
On 20/04/18 12:47, Stanislav Kinsburskii wrote:
> The overall idea of this patch is to add a generic fault injection facility
> to Xen, which later can be used in various places by different Xen parts.
>
> Core implementation ideas:
>
> - The facility build is controlled by boolean config
> CONFIG_XEN_FAULT_INJECTION option ("N" by default).
>
> - All fault injection logic is located in an optionally compiled separated
> file.
>
> - Fault injection attribute and control directory creation and destruction
> are wrapped with helpers, producing and accepting a pointer to an opaque
> object thus making all the rest of code independent on fault injection
> engine.
>
> When enabled Xen root fault injection directory appears:
>
> - /sys/kernel/debug/xen/fault_inject/
>
> The falicity provides the following helpers (exported to be accessible in
> modules):
>
> - xen_fi_add(name) - adds fault injection control directory "name" to Xen
> root fault injection directory
>
> - xen_fi_dir_create(name) - allows to create a subdirectory "name" in Xen
> root fault injection directory.
>
> - xen_fi_dir_add(dir, name) - adds fault injection control directory "name"
> to directory "dir"
>
> - xen_should_fail(fi) - check whether fi hav to fail.
>
> Signed-off-by: Stanislav Kinsburskii <staskins@amazon.com>
> CC: Boris Ostrovsky <boris.ostrovsky@oracle.com>
> CC: Juergen Gross <jgross@suse.com>
> CC: Thomas Gleixner <tglx@linutronix.de>
> CC: Ingo Molnar <mingo@redhat.com>
> CC: "H. Peter Anvin" <hpa@zytor.com>
> CC: x86@kernel.org
> CC: xen-devel@lists.xenproject.org
> CC: linux-kernel@vger.kernel.org
> CC: Stanislav Kinsburskii <staskins@amazon.com>
> CC: David Woodhouse <dwmw@amazon.co.uk>
> ---
> arch/x86/xen/Kconfig | 7 +++
> arch/x86/xen/Makefile | 1
> arch/x86/xen/fault_inject.c | 109 +++++++++++++++++++++++++++++++++++++++++++
> include/xen/fault_inject.h | 45 ++++++++++++++++++
> 4 files changed, 162 insertions(+)
> create mode 100644 arch/x86/xen/fault_inject.c
> create mode 100644 include/xen/fault_inject.h
>
> diff --git a/arch/x86/xen/Kconfig b/arch/x86/xen/Kconfig
> index c1f98f3..483fc16 100644
> --- a/arch/x86/xen/Kconfig
> +++ b/arch/x86/xen/Kconfig
> @@ -77,3 +77,10 @@ config XEN_PVH
> bool "Support for running as a PVH guest"
> depends on XEN && XEN_PVHVM && ACPI
> def_bool n
> +
> +config XEN_FAULT_INJECTION
> + bool "Enable Xen fault injection"
> + depends on FAULT_INJECTION_DEBUG_FS
> + default n
> + help
> + Enable Xen fault injection facility
Why for x86 only? I'd rather add this under drivers/xen
> diff --git a/arch/x86/xen/Makefile b/arch/x86/xen/Makefile
> index d83cb54..3158fe1 100644
> --- a/arch/x86/xen/Makefile
> +++ b/arch/x86/xen/Makefile
> @@ -34,3 +34,4 @@ obj-$(CONFIG_XEN_DOM0) += vga.o
> obj-$(CONFIG_SWIOTLB_XEN) += pci-swiotlb-xen.o
> obj-$(CONFIG_XEN_EFI) += efi.o
> obj-$(CONFIG_XEN_PVH) += xen-pvh.o
> +obj-$(CONFIG_XEN_FAULT_INJECTION) += fault_inject.o
> diff --git a/arch/x86/xen/fault_inject.c b/arch/x86/xen/fault_inject.c
> new file mode 100644
> index 0000000..ecf0f7c
> --- /dev/null
> +++ b/arch/x86/xen/fault_inject.c
> @@ -0,0 +1,109 @@
> +/*
> + * Fauit injection interface for Xen virtual block devices
> + *
> + * Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License version 2
> + * as published by the Free Software Foundation; or, when distributed
> + * separately from the Linux kernel or incorporated into other
> + * software packages, subject to the following license:
Please use the appropriate SPDX header instead of the full GPL2
boilerplate.
Juergen
^ permalink raw reply
* Re: [PATCH RFC iptables] iptables: Per-net ns lock
From: Florian Westphal @ 2018-04-20 10:50 UTC (permalink / raw)
To: Kirill Tkhai; +Cc: netdev, pablo, rstoyanov1, fw, ptikhomirov, avagin
In-Reply-To: <5708be4f-d8a1-fb94-67a7-3b447036be80@virtuozzo.com>
Kirill Tkhai <ktkhai@virtuozzo.com> wrote:
> Pablo, Florian, could you please provide comments on this?
>
> On 09.04.2018 19:55, Kirill Tkhai wrote:
> > In CRIU and LXC-restore we met the situation,
> > when iptables in container can't be restored
> > because of permission denied:
> >
> > https://github.com/checkpoint-restore/criu/issues/469
> >
> > Containers want to restore their own net ns,
> > while they may have no their own mnt ns.
> > This case they share host's /run/xtables.lock
> > file, but they may not have permission to open
> > it.
> >
> > Patch makes /run/xtables.lock to be per-namespace,
> > i.e., to refer to the caller task's net ns.
It looks ok to me but then again the entire userspace
lock thing is a ugly band aid :-/
^ permalink raw reply
* [PATCH 3/3] xen blkback: add fault injection facility
From: Stanislav Kinsburskii @ 2018-04-20 10:47 UTC (permalink / raw)
Cc: jakub.kicinski, hpa, mcroce, staskins, tglx, ggarcia, daniel, x86,
mingo, xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, jgross, linux-block, wei.liu2,
netdev, linux-kernel, davem, dwmw, roger.pau
In-Reply-To: <20180420104603.17823.31095.stgit@dev-dsk-staskins-1a-ca5afbf2.eu-west-1.amazon.com>
This patch adds wrapper helpers around generic Xen fault inject
facility.
The major reason is to keep all the module fault injection directories
in a dedicated subdirectory instead of Xen fault inject root.
IOW, when using these helpers, per-device and named by device name
fault injection control directories will appear under the following
directory:
- /sys/kernel/debug/xen/fault_inject/xen-blkback/
instead of:
- /sys/kernel/debug/xen/fault_inject/
Signed-off-by: Stanislav Kinsburskii <staskins@amazon.com>
CC: Jens Axboe <axboe@kernel.dk>
CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
CC: "Roger Pau Monné" <roger.pau@citrix.com>
CC: linux-kernel@vger.kernel.org
CC: linux-block@vger.kernel.org
CC: xen-devel@lists.xenproject.org
CC: Stanislav Kinsburskii <staskins@amazon.com>
CC: David Woodhouse <dwmw@amazon.co.uk>
---
drivers/block/Kconfig | 7 ++
drivers/block/xen-blkback/Makefile | 1
drivers/block/xen-blkback/blkback.c | 9 ++
drivers/block/xen-blkback/blkback_fi.c | 116 ++++++++++++++++++++++++++++++++
drivers/block/xen-blkback/blkback_fi.h | 37 ++++++++++
drivers/block/xen-blkback/common.h | 3 +
drivers/block/xen-blkback/xenbus.c | 5 +
7 files changed, 178 insertions(+)
create mode 100644 drivers/block/xen-blkback/blkback_fi.c
create mode 100644 drivers/block/xen-blkback/blkback_fi.h
diff --git a/drivers/block/Kconfig b/drivers/block/Kconfig
index ad9b687..0ce05fe 100644
--- a/drivers/block/Kconfig
+++ b/drivers/block/Kconfig
@@ -436,6 +436,13 @@ config XEN_BLKDEV_BACKEND
compile this driver as a module, chose M here: the module
will be called xen-blkback.
+config XEN_BLKDEV_BACKEND_FAULT_INJECTION
+ bool "Xen block-device backend driver fault injection"
+ depends on XEN_BLKDEV_BACKEND
+ depends on XEN_FAULT_INJECTION
+ default n
+ help
+ Allow to inject errors to Xen backend block driver
config VIRTIO_BLK
tristate "Virtio block driver"
diff --git a/drivers/block/xen-blkback/Makefile b/drivers/block/xen-blkback/Makefile
index e491c1b..035d134 100644
--- a/drivers/block/xen-blkback/Makefile
+++ b/drivers/block/xen-blkback/Makefile
@@ -1,3 +1,4 @@
obj-$(CONFIG_XEN_BLKDEV_BACKEND) := xen-blkback.o
xen-blkback-y := blkback.o xenbus.o
+xen-blkback-$(CONFIG_XEN_BLKDEV_BACKEND_FAULT_INJECTION) += blkback_fi.o
diff --git a/drivers/block/xen-blkback/blkback.c b/drivers/block/xen-blkback/blkback.c
index 987d665..2933bec 100644
--- a/drivers/block/xen-blkback/blkback.c
+++ b/drivers/block/xen-blkback/blkback.c
@@ -51,6 +51,7 @@
#include <xen/balloon.h>
#include <xen/grant_table.h>
#include "common.h"
+#include "blkback_fi.h"
/*
* Maximum number of unused free pages to keep in the internal buffer.
@@ -1491,11 +1492,19 @@ static int __init xen_blkif_init(void)
if (rc)
goto failed_init;
+ (void) xen_blkbk_fi_init();
failed_init:
return rc;
}
module_init(xen_blkif_init);
+static void __exit xen_blkif_fini(void)
+{
+ xen_blkbk_fi_fini();
+}
+
+module_exit(xen_blkif_fini);
+
MODULE_LICENSE("Dual BSD/GPL");
MODULE_ALIAS("xen-backend:vbd");
diff --git a/drivers/block/xen-blkback/blkback_fi.c b/drivers/block/xen-blkback/blkback_fi.c
new file mode 100644
index 0000000..b7abaea
--- /dev/null
+++ b/drivers/block/xen-blkback/blkback_fi.c
@@ -0,0 +1,116 @@
+/*
+ * Fault injection interface for Xen virtual block devices
+ *
+ * Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation; or, when distributed
+ * separately from the Linux kernel or incorporated into other
+ * software packages, subject to the following license:
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this source file (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy, modify,
+ * merge, publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+ * IN THE SOFTWARE.
+ */
+
+#include <linux/slab.h>
+#include <linux/debugfs.h>
+
+#include <xen/fault_inject.h>
+
+#include "blkback_fi.h"
+#include "common.h"
+
+static struct dentry *blkif_fi_dir;
+
+static const char *xen_blkif_fi_names[XENBLKIF_FI_MAX] = {
+};
+
+struct xen_blkif_fi {
+ struct dentry *dir;
+ struct xen_fi *faults[XENBLKIF_FI_MAX];
+};
+
+int xen_blkbk_fi_init(void)
+{
+ blkif_fi_dir = xen_fi_dir_create("xen-blkback");
+ if (!blkif_fi_dir)
+ return -ENOMEM;
+ return 0;
+}
+
+void xen_blkbk_fi_fini(void)
+{
+ debugfs_remove_recursive(blkif_fi_dir);
+}
+
+void xen_blkif_fi_fini(struct xen_blkif *blkif)
+{
+ struct xen_blkif_fi *bfi = blkif->fi_info;
+ int fi;
+
+ if (!blkif->fi_info)
+ return;
+
+ blkif->fi_info = NULL;
+
+ for (fi = 0; fi < XENBLKIF_FI_MAX; fi++)
+ xen_fi_del(bfi->faults[fi]);
+ debugfs_remove_recursive(bfi->dir);
+ kfree(bfi);
+}
+
+int xen_blkif_fi_init(struct xen_blkif *blkif)
+{
+ struct xen_blkif_fi *bfi;
+ int fi, err = -ENOMEM;
+
+ bfi = kmalloc(sizeof(*bfi), GFP_KERNEL);
+ if (!bfi)
+ return -ENOMEM;
+
+ bfi->dir = debugfs_create_dir(dev_name(&blkif->be->dev->dev),
+ blkif_fi_dir);
+ if (!bfi->dir)
+ goto err_dir;
+
+ for (fi = 0; fi < XENBLKIF_FI_MAX; fi++) {
+ bfi->faults[fi] = xen_fi_dir_add(bfi->dir,
+ xen_blkif_fi_names[fi]);
+ if (!bfi->faults[fi])
+ goto err_fault;
+ }
+
+ blkif->fi_info = bfi;
+ return 0;
+
+err_fault:
+ for (; fi > 0; fi--)
+ xen_fi_del(bfi->faults[fi]);
+ debugfs_remove_recursive(bfi->dir);
+err_dir:
+ kfree(bfi);
+ return err;
+}
+
+bool xenblkif_should_fail(struct xen_blkif *blkif, xen_blkbk_fi_t type)
+{
+ struct xen_blkif_fi *bfi = blkif->fi_info;
+
+ return xen_should_fail(bfi->faults[type]);
+}
diff --git a/drivers/block/xen-blkback/blkback_fi.h b/drivers/block/xen-blkback/blkback_fi.h
new file mode 100644
index 0000000..4e29850
--- /dev/null
+++ b/drivers/block/xen-blkback/blkback_fi.h
@@ -0,0 +1,37 @@
+#ifndef _XEN_BLKBACK_FI_H
+#define _XEN_BLKBACK_FI_H
+
+struct xen_fi;
+struct xen_blkif;
+
+typedef enum {
+ XENBLKIF_FI_MAX
+} xen_blkbk_fi_t;
+
+#ifdef CONFIG_XEN_BLKDEV_BACKEND_FAULT_INJECTION
+
+void xen_blkbk_fi_fini(void);
+int xen_blkbk_fi_init(void);
+
+void xen_blkif_fi_fini(struct xen_blkif *blkif);
+int xen_blkif_fi_init(struct xen_blkif *blkif);
+
+bool xenblkif_should_fail(struct xen_blkif *blkif, xen_blkbk_fi_t type);
+
+#else
+
+static inline void xen_blkbk_fi_fini(void) { }
+static inline int xen_blkbk_fi_init(void) { return 0; }
+
+static inline void xen_blkif_fi_fini(struct xen_blkif *blkif) { }
+static inline int xen_blkif_fi_init(struct xen_blkif *blkif) { return 0; }
+
+static inline bool xenblkif_should_fail(struct xen_blkif *blkif, xen_blkbk_fi_t type)
+{
+ return false;
+}
+
+#endif /* CONFIG_XEN_BLKDEV_BACKEND_FAULT_INJECTION */
+
+#endif /* _XEN_BLKBACK_FI_H */
+
diff --git a/drivers/block/xen-blkback/common.h b/drivers/block/xen-blkback/common.h
index ecb35fe..6d12d4d 100644
--- a/drivers/block/xen-blkback/common.h
+++ b/drivers/block/xen-blkback/common.h
@@ -329,6 +329,9 @@ struct xen_blkif {
/* All rings for this device. */
struct xen_blkif_ring *rings;
unsigned int nr_rings;
+#ifdef CONFIG_XEN_BLKDEV_BACKEND_FAULT_INJECTION
+ void *fi_info;
+#endif
};
struct seg_buf {
diff --git a/drivers/block/xen-blkback/xenbus.c b/drivers/block/xen-blkback/xenbus.c
index 21c1be1..9931fc8 100644
--- a/drivers/block/xen-blkback/xenbus.c
+++ b/drivers/block/xen-blkback/xenbus.c
@@ -22,6 +22,7 @@
#include <xen/events.h>
#include <xen/grant_table.h>
#include "common.h"
+#include "blkback_fi.h"
/* On the XenBus the max length of 'ring-ref%u'. */
#define RINGREF_NAME_LEN (20)
@@ -246,6 +247,8 @@ static int xen_blkif_disconnect(struct xen_blkif *blkif)
unsigned int j, r;
bool busy = false;
+ xen_blkif_fi_fini(blkif);
+
for (r = 0; r < blkif->nr_rings; r++) {
struct xen_blkif_ring *ring = &blkif->rings[r];
unsigned int i = 0;
@@ -998,6 +1001,8 @@ static int read_per_ring_refs(struct xen_blkif_ring *ring, const char *dir)
return err;
}
+ (void) xen_blkif_fi_init(blkif);
+
return 0;
fail:
Amazon Development Center Germany GmbH
Berlin - Dresden - Aachen
main office: Krausenstr. 38, 10117 Berlin
Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger
Ust-ID: DE289237879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
^ permalink raw reply related
* [PATCH 1/3] xen: add generic fault injection facility
From: Stanislav Kinsburskii @ 2018-04-20 10:47 UTC (permalink / raw)
Cc: jakub.kicinski, hpa, mcroce, staskins, tglx, ggarcia, daniel, x86,
mingo, xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, jgross, linux-block, wei.liu2,
netdev, linux-kernel, davem, dwmw, roger.pau
In-Reply-To: <20180420104603.17823.31095.stgit@dev-dsk-staskins-1a-ca5afbf2.eu-west-1.amazon.com>
The overall idea of this patch is to add a generic fault injection facility
to Xen, which later can be used in various places by different Xen parts.
Core implementation ideas:
- The facility build is controlled by boolean config
CONFIG_XEN_FAULT_INJECTION option ("N" by default).
- All fault injection logic is located in an optionally compiled separated
file.
- Fault injection attribute and control directory creation and destruction
are wrapped with helpers, producing and accepting a pointer to an opaque
object thus making all the rest of code independent on fault injection
engine.
When enabled Xen root fault injection directory appears:
- /sys/kernel/debug/xen/fault_inject/
The falicity provides the following helpers (exported to be accessible in
modules):
- xen_fi_add(name) - adds fault injection control directory "name" to Xen
root fault injection directory
- xen_fi_dir_create(name) - allows to create a subdirectory "name" in Xen
root fault injection directory.
- xen_fi_dir_add(dir, name) - adds fault injection control directory "name"
to directory "dir"
- xen_should_fail(fi) - check whether fi hav to fail.
Signed-off-by: Stanislav Kinsburskii <staskins@amazon.com>
CC: Boris Ostrovsky <boris.ostrovsky@oracle.com>
CC: Juergen Gross <jgross@suse.com>
CC: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@redhat.com>
CC: "H. Peter Anvin" <hpa@zytor.com>
CC: x86@kernel.org
CC: xen-devel@lists.xenproject.org
CC: linux-kernel@vger.kernel.org
CC: Stanislav Kinsburskii <staskins@amazon.com>
CC: David Woodhouse <dwmw@amazon.co.uk>
---
arch/x86/xen/Kconfig | 7 +++
arch/x86/xen/Makefile | 1
arch/x86/xen/fault_inject.c | 109 +++++++++++++++++++++++++++++++++++++++++++
include/xen/fault_inject.h | 45 ++++++++++++++++++
4 files changed, 162 insertions(+)
create mode 100644 arch/x86/xen/fault_inject.c
create mode 100644 include/xen/fault_inject.h
diff --git a/arch/x86/xen/Kconfig b/arch/x86/xen/Kconfig
index c1f98f3..483fc16 100644
--- a/arch/x86/xen/Kconfig
+++ b/arch/x86/xen/Kconfig
@@ -77,3 +77,10 @@ config XEN_PVH
bool "Support for running as a PVH guest"
depends on XEN && XEN_PVHVM && ACPI
def_bool n
+
+config XEN_FAULT_INJECTION
+ bool "Enable Xen fault injection"
+ depends on FAULT_INJECTION_DEBUG_FS
+ default n
+ help
+ Enable Xen fault injection facility
diff --git a/arch/x86/xen/Makefile b/arch/x86/xen/Makefile
index d83cb54..3158fe1 100644
--- a/arch/x86/xen/Makefile
+++ b/arch/x86/xen/Makefile
@@ -34,3 +34,4 @@ obj-$(CONFIG_XEN_DOM0) += vga.o
obj-$(CONFIG_SWIOTLB_XEN) += pci-swiotlb-xen.o
obj-$(CONFIG_XEN_EFI) += efi.o
obj-$(CONFIG_XEN_PVH) += xen-pvh.o
+obj-$(CONFIG_XEN_FAULT_INJECTION) += fault_inject.o
diff --git a/arch/x86/xen/fault_inject.c b/arch/x86/xen/fault_inject.c
new file mode 100644
index 0000000..ecf0f7c
--- /dev/null
+++ b/arch/x86/xen/fault_inject.c
@@ -0,0 +1,109 @@
+/*
+ * Fauit injection interface for Xen virtual block devices
+ *
+ * Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation; or, when distributed
+ * separately from the Linux kernel or incorporated into other
+ * software packages, subject to the following license:
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this source file (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy, modify,
+ * merge, publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+ * IN THE SOFTWARE.
+ */
+
+#include <linux/slab.h>
+#include <linux/fault-inject.h>
+
+#include <xen/fault_inject.h>
+
+#include "debugfs.h"
+
+static struct dentry *d_fi_debug;
+
+static DECLARE_FAULT_ATTR(template_attr);
+
+struct xen_fi {
+ struct dentry *dir;
+ struct fault_attr attr;
+};
+
+struct xen_fi *xen_fi_dir_add(struct dentry *parent, const char *name)
+{
+ struct xen_fi *fi;
+ struct dentry *dir;
+
+ fi = kzalloc(sizeof(*fi), GFP_KERNEL);
+ if (!fi)
+ return ERR_PTR(-ENOMEM);
+
+ memcpy(&fi->attr, &template_attr, sizeof(template_attr));
+
+ dir = fault_create_debugfs_attr(name, parent, &fi->attr);
+ if (IS_ERR(dir)) {
+ kfree(fi);
+ return (struct xen_fi *)dir;
+ }
+
+ fi->dir = dir;
+
+ return fi;
+}
+EXPORT_SYMBOL(xen_fi_dir_add);
+
+struct xen_fi *xen_fi_add(const char *name)
+{
+ return xen_fi_dir_add(d_fi_debug, name);
+}
+
+void xen_fi_del(struct xen_fi *fi)
+{
+ debugfs_remove_recursive(fi->dir);
+ kfree(fi);
+}
+EXPORT_SYMBOL(xen_fi_del);
+
+bool xen_should_fail(struct xen_fi *fi)
+{
+ return should_fail(&fi->attr, 0);
+}
+EXPORT_SYMBOL(xen_should_fail);
+
+struct dentry *xen_fi_dir_create(const char *name)
+{
+ return debugfs_create_dir(name, d_fi_debug);
+}
+EXPORT_SYMBOL(xen_fi_dir_create);
+
+static int __init xen_fi_init(void)
+{
+ struct dentry *d_xen;
+
+ d_xen = xen_init_debugfs();
+ if (!d_xen)
+ return -ENOMEM;
+
+ d_fi_debug = debugfs_create_dir("fault_inject", d_xen);
+ if (d_fi_debug == NULL)
+ return -ENOMEM;
+
+ return 0;
+}
+
+fs_initcall(xen_fi_init);
diff --git a/include/xen/fault_inject.h b/include/xen/fault_inject.h
new file mode 100644
index 0000000..e2bf14a
--- /dev/null
+++ b/include/xen/fault_inject.h
@@ -0,0 +1,45 @@
+#ifndef _XEN_FAULT_INJECT_H
+#define _XEN_FAULT_INJECT_H
+
+struct dentry;
+struct xen_fi;
+
+#ifdef CONFIG_FAULT_INJECTION_DEBUG_FS
+
+struct dentry *xen_fi_dir_create(const char *name);
+
+struct xen_fi *xen_fi_dir_add(struct dentry *parent, const char *name);
+struct xen_fi *xen_fi_add(const char *name);
+void xen_fi_del(struct xen_fi *fi);
+
+bool xen_should_fail(struct xen_fi *fi);
+
+#else
+
+static inline struct dentry *xen_fi_dir_create(const char *name)
+{
+ return NULL;
+}
+
+static inline struct xen_fi *xen_fi_dir_add(struct dentry *parent, const char *name)
+{
+ return NULL;
+}
+
+static inline struct xen_fi *xen_fi_add(const char *name)
+{
+ return NULL;
+}
+
+static inline void xen_fi_del(struct xen_fi *fi) { }
+
+static inline bool xen_should_fail(struct xen_fi *fi)
+{
+ return false;
+}
+
+#endif /* CONFIG_FAULT_INJECTION_DEBUG_FS */
+
+#endif /* _XEN_FAULT_INJECT_H */
+
+
Amazon Development Center Germany GmbH
Berlin - Dresden - Aachen
main office: Krausenstr. 38, 10117 Berlin
Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger
Ust-ID: DE289237879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
^ permalink raw reply related
* [PATCH 2/3] xen netback: add fault injection facility
From: Stanislav Kinsburskii @ 2018-04-20 10:47 UTC (permalink / raw)
Cc: jakub.kicinski, hpa, mcroce, staskins, tglx, ggarcia, daniel, x86,
mingo, xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, jgross, linux-block, wei.liu2,
netdev, linux-kernel, davem, dwmw, roger.pau
In-Reply-To: <20180420104603.17823.31095.stgit@dev-dsk-staskins-1a-ca5afbf2.eu-west-1.amazon.com>
This patch adds wrapper helpers around generic Xen fault inject facility.
The major reason is to keep all the module fault injection directories
in a dedicated subdirectory instead of Xen fault inject root.
IOW, when using these helpers, per-device and named by device name fault
injection control directories will appear under the following directory:
- /sys/kernel/debug/xen/fault_inject/xen-netback/
instead of:
- /sys/kernel/debug/xen/fault_inject/
Signed-off-by: Stanislav Kinsburskii <staskins@amazon.com>
CC: Wei Liu <wei.liu2@citrix.com>
CC: Paul Durrant <paul.durrant@citrix.com>
CC: "David S. Miller" <davem@davemloft.net>
CC: Matteo Croce <mcroce@redhat.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
CC: Daniel Borkmann <daniel@iogearbox.net>
CC: Gerard Garcia <ggarcia@deic.uab.cat>
CC: David Ahern <dsa@cumulusnetworks.com>
CC: Juergen Gross <jgross@suse.com>
CC: Amir Levy <amir.jer.levy@intel.com>
CC: Jakub Kicinski <jakub.kicinski@netronome.com>
CC: linux-kernel@vger.kernel.org
CC: netdev@vger.kernel.org
CC: xen-devel@lists.xenproject.org
CC: Stanislav Kinsburskii <staskins@amazon.com>
CC: David Woodhouse <dwmw@amazon.co.uk>
---
drivers/net/Kconfig | 8 ++
drivers/net/xen-netback/Makefile | 1
drivers/net/xen-netback/common.h | 3 +
drivers/net/xen-netback/netback.c | 3 +
drivers/net/xen-netback/netback_fi.c | 119 ++++++++++++++++++++++++++++++++++
drivers/net/xen-netback/netback_fi.h | 35 ++++++++++
drivers/net/xen-netback/xenbus.c | 6 ++
7 files changed, 175 insertions(+)
create mode 100644 drivers/net/xen-netback/netback_fi.c
create mode 100644 drivers/net/xen-netback/netback_fi.h
diff --git a/drivers/net/Kconfig b/drivers/net/Kconfig
index 8918466..5cc9acd 100644
--- a/drivers/net/Kconfig
+++ b/drivers/net/Kconfig
@@ -465,6 +465,14 @@ config XEN_NETDEV_BACKEND
compile this driver as a module, chose M here: the module
will be called xen-netback.
+config XEN_NETDEV_BACKEND_FAULT_INJECTION
+ bool "Xen net-device backend driver fault injection"
+ depends on XEN_NETDEV_BACKEND
+ depends on XEN_FAULT_INJECTION
+ default n
+ help
+ Allow to inject errors to Xen backend network driver
+
config VMXNET3
tristate "VMware VMXNET3 ethernet driver"
depends on PCI && INET
diff --git a/drivers/net/xen-netback/Makefile b/drivers/net/xen-netback/Makefile
index d49798a..28abcdc 100644
--- a/drivers/net/xen-netback/Makefile
+++ b/drivers/net/xen-netback/Makefile
@@ -1,3 +1,4 @@
obj-$(CONFIG_XEN_NETDEV_BACKEND) := xen-netback.o
xen-netback-y := netback.o xenbus.o interface.o hash.o rx.o
+xen-netback-$(CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION) += netback_fi.o
diff --git a/drivers/net/xen-netback/common.h b/drivers/net/xen-netback/common.h
index a46a1e9..30d676d 100644
--- a/drivers/net/xen-netback/common.h
+++ b/drivers/net/xen-netback/common.h
@@ -286,6 +286,9 @@ struct xenvif {
#ifdef CONFIG_DEBUG_FS
struct dentry *xenvif_dbg_root;
+#ifdef CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION
+ void *fi_info;
+#endif
#endif
struct xen_netif_ctrl_back_ring ctrl;
diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c
index a27daa2..ecc416e 100644
--- a/drivers/net/xen-netback/netback.c
+++ b/drivers/net/xen-netback/netback.c
@@ -33,6 +33,7 @@
*/
#include "common.h"
+#include "netback_fi.h"
#include <linux/kthread.h>
#include <linux/if_vlan.h>
@@ -1649,6 +1650,7 @@ static int __init netback_init(void)
PTR_ERR(xen_netback_dbg_root));
#endif /* CONFIG_DEBUG_FS */
+ (void) xen_netbk_fi_init();
return 0;
failed_init:
@@ -1659,6 +1661,7 @@ module_init(netback_init);
static void __exit netback_fini(void)
{
+ xen_netbk_fi_fini();
#ifdef CONFIG_DEBUG_FS
if (!IS_ERR_OR_NULL(xen_netback_dbg_root))
debugfs_remove_recursive(xen_netback_dbg_root);
diff --git a/drivers/net/xen-netback/netback_fi.c b/drivers/net/xen-netback/netback_fi.c
new file mode 100644
index 0000000..47541d0
--- /dev/null
+++ b/drivers/net/xen-netback/netback_fi.c
@@ -0,0 +1,119 @@
+/*
+ * Fault injection interface for Xen backend network driver
+ *
+ * Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation; or, when distributed
+ * separately from the Linux kernel or incorporated into other
+ * software packages, subject to the following license:
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this source file (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy, modify,
+ * merge, publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+ * IN THE SOFTWARE.
+ */
+
+#include "common.h"
+
+#include <linux/debugfs.h>
+
+#include <xen/fault_inject.h>
+#include "netback_fi.h"
+
+static struct dentry *vif_fi_dir;
+
+static const char *xenvif_fi_names[] = {
+};
+
+struct xenvif_fi {
+ struct dentry *dir;
+ struct xen_fi *faults[XENVIF_FI_MAX];
+};
+
+int xen_netbk_fi_init(void)
+{
+ vif_fi_dir = xen_fi_dir_create("xen-netback");
+ if (!vif_fi_dir)
+ return -ENOMEM;
+ return 0;
+}
+
+void xen_netbk_fi_fini(void)
+{
+ debugfs_remove_recursive(vif_fi_dir);
+}
+
+void xenvif_fi_fini(struct xenvif *vif)
+{
+ struct xenvif_fi *vfi = vif->fi_info;
+ int fi;
+
+ if (!vif->fi_info)
+ return;
+
+ vif->fi_info = NULL;
+
+ for (fi = 0; fi < XENVIF_FI_MAX; fi++)
+ xen_fi_del(vfi->faults[fi]);
+ debugfs_remove_recursive(vfi->dir);
+ kfree(vfi);
+}
+
+int xenvif_fi_init(struct xenvif *vif)
+{
+ struct dentry *parent;
+ struct xenvif_fi *vfi;
+ int fi, err = -ENOMEM;
+
+ parent = vif_fi_dir;
+ if (!parent)
+ return -ENOMEM;
+
+ vfi = kmalloc(sizeof(*vfi), GFP_KERNEL);
+ if (!vfi)
+ return -ENOMEM;
+
+ vfi->dir = debugfs_create_dir(vif->dev->name, parent);
+ if (!vfi->dir)
+ goto err_dir;
+
+ for (fi = 0; fi < XENVIF_FI_MAX; fi++) {
+ vfi->faults[fi] = xen_fi_dir_add(vfi->dir,
+ xenvif_fi_names[fi]);
+ if (!vfi->faults[fi])
+ goto err_fault;
+ }
+
+ vif->fi_info = vfi;
+ return 0;
+
+err_fault:
+ for (; fi > 0; fi--)
+ xen_fi_del(vfi->faults[fi]);
+ debugfs_remove_recursive(vfi->dir);
+err_dir:
+ kfree(vfi);
+ return err;
+}
+
+bool xenvif_should_fail(struct xenvif *vif, xenvif_fi_t type)
+{
+ struct xenvif_fi *vfi = vif->fi_info;
+
+ return xen_should_fail(vfi->faults[type]);
+}
diff --git a/drivers/net/xen-netback/netback_fi.h b/drivers/net/xen-netback/netback_fi.h
new file mode 100644
index 0000000..895c6a6
--- /dev/null
+++ b/drivers/net/xen-netback/netback_fi.h
@@ -0,0 +1,35 @@
+#ifndef _XEN_NETBACK_FI_H
+#define _XEN_NETBACK_FI_H
+
+struct xen_fi;
+
+typedef enum {
+ XENVIF_FI_MAX
+} xenvif_fi_t;
+
+#ifdef CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION
+
+int xen_netbk_fi_init(void);
+void xen_netbk_fi_fini(void);
+
+void xenvif_fi_fini(struct xenvif *vif);
+int xenvif_fi_init(struct xenvif *vif);
+
+bool xenvif_should_fail(struct xenvif *vif, xenvif_fi_t type);
+
+#else
+
+static inline int xen_netbk_fi_init(void) { return 0; }
+static inline void xen_netbk_fi_fini(void) { }
+
+static inline void xenvif_fi_fini(struct xenvif *vif) { }
+static inline int xenvif_fi_init(struct xenvif *vif) { return 0; }
+
+static inline bool xenvif_should_fail(struct xenvif *vif, xenvif_fi_t type)
+{
+ return false;
+}
+
+#endif /* CONFIG_XEN_NETDEV_BACKEND_FAULT_INJECTION */
+
+#endif /* _XEN_NETBACK_FI_H */
diff --git a/drivers/net/xen-netback/xenbus.c b/drivers/net/xen-netback/xenbus.c
index e1aef25..c775ee0 100644
--- a/drivers/net/xen-netback/xenbus.c
+++ b/drivers/net/xen-netback/xenbus.c
@@ -21,6 +21,7 @@
#include "common.h"
#include <linux/vmalloc.h>
#include <linux/rtnetlink.h>
+#include "netback_fi.h"
struct backend_info {
struct xenbus_device *dev;
@@ -502,6 +503,7 @@ static void backend_disconnect(struct backend_info *be)
#ifdef CONFIG_DEBUG_FS
xenvif_debugfs_delif(vif);
#endif /* CONFIG_DEBUG_FS */
+ xenvif_fi_fini(vif);
xenvif_disconnect_data(vif);
/* At this point some of the handlers may still be active
@@ -1024,6 +1026,10 @@ static void connect(struct backend_info *be)
}
}
+ err = xenvif_fi_init(be->vif);
+ if (err)
+ goto err;
+
#ifdef CONFIG_DEBUG_FS
xenvif_debugfs_addif(be->vif);
#endif /* CONFIG_DEBUG_FS */
Amazon Development Center Germany GmbH
Berlin - Dresden - Aachen
main office: Krausenstr. 38, 10117 Berlin
Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger
Ust-ID: DE289237879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
^ permalink raw reply related
* [PATCH 0/3] Introduce Xen fault injection facility
From: Stanislav Kinsburskii @ 2018-04-20 10:47 UTC (permalink / raw)
Cc: jakub.kicinski, hpa, mcroce, staskins, tglx, ggarcia, daniel, x86,
mingo, xen-devel, axboe, konrad.wilk, amir.jer.levy, paul.durrant,
stefanha, dsa, boris.ostrovsky, jgross, linux-block, wei.liu2,
netdev, linux-kernel, davem, dwmw, roger.pau
This series adds a facility, which can be used to instrument Xen code with
fault injections.
It is based "Fault injection capabilities infrastructure" described here:
- Documentation/fault-injection/fault-injection.txt
First patch adds a generic facility to use anywhere in Xen.
When using it all the fault injection user land control directories (if
any) will appear here:
- /sys/kernel/debug/xen/fault_inject/
To distinguish with generic (or core) Xen fault injections, next two
patches add additional directories to the root path above for blkback and
netback drivers respectively:
- /sys/kernel/debug/xen/fault_inject/xen-blkback/
- /sys/kernel/debug/xen/fault_inject/xen-netback/
---
Stanislav Kinsburskii (3):
xen: add generic fault injection facility
xen netback: add fault injection facility
xen blkback: add fault injection facility
arch/x86/xen/Kconfig | 7 ++
arch/x86/xen/Makefile | 1
arch/x86/xen/fault_inject.c | 109 +++++++++++++++++++++++++++++
drivers/block/Kconfig | 7 ++
drivers/block/xen-blkback/Makefile | 1
drivers/block/xen-blkback/blkback.c | 9 ++
drivers/block/xen-blkback/blkback_fi.c | 116 +++++++++++++++++++++++++++++++
drivers/block/xen-blkback/blkback_fi.h | 37 ++++++++++
drivers/block/xen-blkback/common.h | 3 +
drivers/block/xen-blkback/xenbus.c | 5 +
drivers/net/Kconfig | 8 ++
drivers/net/xen-netback/Makefile | 1
drivers/net/xen-netback/common.h | 3 +
drivers/net/xen-netback/netback.c | 3 +
drivers/net/xen-netback/netback_fi.c | 119 ++++++++++++++++++++++++++++++++
drivers/net/xen-netback/netback_fi.h | 35 +++++++++
drivers/net/xen-netback/xenbus.c | 6 ++
include/xen/fault_inject.h | 45 ++++++++++++
18 files changed, 515 insertions(+)
create mode 100644 arch/x86/xen/fault_inject.c
create mode 100644 drivers/block/xen-blkback/blkback_fi.c
create mode 100644 drivers/block/xen-blkback/blkback_fi.h
create mode 100644 drivers/net/xen-netback/netback_fi.c
create mode 100644 drivers/net/xen-netback/netback_fi.h
create mode 100644 include/xen/fault_inject.h
Amazon Development Center Germany GmbH
Berlin - Dresden - Aachen
main office: Krausenstr. 38, 10117 Berlin
Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger
Ust-ID: DE289237879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B
^ permalink raw reply
* Re: [PATCH RFC iptables] iptables: Per-net ns lock
From: Kirill Tkhai @ 2018-04-20 10:41 UTC (permalink / raw)
To: netdev, pablo, rstoyanov1, fw, ptikhomirov, avagin
In-Reply-To: <152329277200.18428.18388703172485475447.stgit@localhost.localdomain>
Pablo, Florian, could you please provide comments on this?
On 09.04.2018 19:55, Kirill Tkhai wrote:
> In CRIU and LXC-restore we met the situation,
> when iptables in container can't be restored
> because of permission denied:
>
> https://github.com/checkpoint-restore/criu/issues/469
>
> Containers want to restore their own net ns,
> while they may have no their own mnt ns.
> This case they share host's /run/xtables.lock
> file, but they may not have permission to open
> it.
>
> Patch makes /run/xtables.lock to be per-namespace,
> i.e., to refer to the caller task's net ns.
>
> What you think?
>
> Thanks,
> Kirill
>
> Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
> ---
> iptables/xshared.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/iptables/xshared.c b/iptables/xshared.c
> index 06db72d4..b6dbe4e7 100644
> --- a/iptables/xshared.c
> +++ b/iptables/xshared.c
> @@ -254,7 +254,12 @@ static int xtables_lock(int wait, struct timeval *wait_interval)
> time_left.tv_sec = wait;
> time_left.tv_usec = 0;
>
> - fd = open(XT_LOCK_NAME, O_CREAT, 0600);
> + if (symlink("/proc/self/ns/net", XT_LOCK_NAME) != 0 &&
> + errno != EEXIST) {
> + fprintf(stderr, "Fatal: can't create lock file\n");
> + return XT_LOCK_FAILED;
> + }
> + fd = open(XT_LOCK_NAME, O_RDONLY);
> if (fd < 0) {
> fprintf(stderr, "Fatal: can't open lock file %s: %s\n",
> XT_LOCK_NAME, strerror(errno));
>
^ permalink raw reply
* Re: [bpf-next PATCH 3/3] bpf: add sample program to trace map events
From: Jesper Dangaard Brouer @ 2018-04-20 9:47 UTC (permalink / raw)
To: Alexei Starovoitov
Cc: Sebastiano Miano, netdev, ast, daniel, mingo, rostedt,
fulvio.risso, David S. Miller, brouer
In-Reply-To: <20180420002735.ytmnhzs73rwkwewm@ast-mbp>
On Thu, 19 Apr 2018 17:27:37 -0700
Alexei Starovoitov <alexei.starovoitov@gmail.com> wrote:
> On Wed, Apr 18, 2018 at 05:30:59PM +0200, Sebastiano Miano wrote:
> > This patch adds a sample program, called trace_map_events,
> > that shows how to capture map events and filter them based on
> > the map id.
> ...
> > +struct bpf_map_keyval_ctx {
> > + u64 pad; // First 8 bytes are not accessible by bpf code
> > + u32 type; // offset:8; size:4; signed:0;
> > + u32 key_len; // offset:12; size:4; signed:0;
> > + u32 key; // offset:16; size:4; signed:0;
> > + bool key_trunc; // offset:20; size:1; signed:0;
> > + u32 val_len; // offset:24; size:4; signed:0;
> > + u32 val; // offset:28; size:4; signed:0;
> > + bool val_trunc; // offset:32; size:1; signed:0;
> > + int ufd; // offset:36; size:4; signed:1;
> > + u32 id; // offset:40; size:4; signed:0;
> > +};
> > +
> > +SEC("tracepoint/bpf/bpf_map_lookup_elem")
> > +int trace_bpf_map_lookup_elem(struct bpf_map_keyval_ctx *ctx)
> > +{
> > + struct map_event_data data;
> > + int cpu = bpf_get_smp_processor_id();
> > + bool *filter;
> > + u32 key = 0, map_id = ctx->id;
> > +
> > + filter = bpf_map_lookup_elem(&filter_events, &key);
> > + if (!filter)
> > + return 1;
> > +
> > + if (!*filter)
> > + goto send_event;
> > +
> > + /*
> > + * If the map_id is not in the list of filtered
> > + * ids we immediately return
> > + */
> > + if (!bpf_map_lookup_elem(&filtered_ids, &map_id))
> > + return 0;
> > +
> > +send_event:
> > + data.map_id = map_id;
> > + data.evnt_type = MAP_LOOKUP;
> > + data.map_type = ctx->type;
> > +
> > + bpf_perf_event_output(ctx, &map_event_trace, cpu, &data, sizeof(data));
> > + return 0;
> > +}
>
> looks like the purpose of the series is to create map notify mechanism
> so some external user space daemon can snoop all bpf map operations
> that all other processes and bpf programs are doing.
> I think it would be way better to create a proper mechanism for that
> with permissions.
>
> tracepoints in the bpf core were introduced as introspection mechanism
> for debugging. Right now we have better ways to do introspection
> with ids, queries, etc that bpftool is using, so original purpose of
> those tracepoints is gone and they actually rot.
> Let's not repurpose them into this map notify logic.
> I don't want tracepoints in the bpf core to become a stable interface
> it will stiffen the development.
Well, I need it exactly for introspection and debugging, and just need
the missing ID (as it was introduced later).
Can we just drop the sample program then? I would likely not use the
sample program, because it is missing the PID+comm-name.
For my use, I can simply use perf record to debug what programs are
changing the map ID:
perf record -e bpf:bpf_map_* -a --filter 'id == 2'
This should be a fairly common troubleshooting step. I want to
figure-out if anybody else (another userspace program) is changing my
map. This can easily be caused by two userspace control programs
running at the same time. Sysadm/scripts made a mistake and started two
instances. Without the map ID, I cannot know what map perf is talking
about...
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
^ permalink raw reply
* Q: force netif ON even when there is no real link ?
From: Ran Shalit @ 2018-04-20 8:44 UTC (permalink / raw)
To: netdev
Hello,
We configure external switch in u-boot.
The configuration is through mdio (cpu is mac and switch is phy).
But in Linux we rather not implement any communication in mdio to
switch, but it means that we then don't have the information of link
state.
Is it possible to force in Linux (by default in startup) Ethernet
connectivity (netif_carrier_on, netif_wake_queue) even if there is no
information of real link state ?
Thank you,
ranran
^ permalink raw reply
* [PATCH iproute2-next v2 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags
From: Sabrina Dubroca @ 2018-04-20 8:32 UTC (permalink / raw)
To: netdev; +Cc: dsahern, Sabrina Dubroca
In-Reply-To: <0906394e032f7a11b92c11bf74d0a7b31ffd9c30.1524173201.git.sd@queasysnail.net>
Currently, iproute allows setting those flags, but it's impossible to
clear them, since their current value is fetched from the kernel and
then we OR in the additional flags passed on the command line.
Add no* variants to allow clearing them.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
v2: fixed up okey flag clearing
also reset the actual value of the key, not just the flag
ip/link_gre.c | 30 +++++++++++++++++++++++++++---
ip/link_gre6.c | 30 +++++++++++++++++++++++++++---
man/man8/ip-link.8.in | 27 ++++++++++++++++++---------
3 files changed, 72 insertions(+), 15 deletions(-)
diff --git a/ip/link_gre.c b/ip/link_gre.c
index bc1cee8fbca2..ede761b23a8c 100644
--- a/ip/link_gre.c
+++ b/ip/link_gre.c
@@ -31,9 +31,9 @@ static void gre_print_help(struct link_util *lu, int argc, char **argv, FILE *f)
);
fprintf(f,
" [ local ADDR ]\n"
- " [ [i|o]seq ]\n"
- " [ [i|o]key KEY ]\n"
- " [ [i|o]csum ]\n"
+ " [ [no][i|o]seq ]\n"
+ " [ [i|o]key KEY | no[i|o]key ]\n"
+ " [ [no][i|o]csum ]\n"
" [ ttl TTL ]\n"
" [ tos TOS ]\n"
" [ [no]pmtudisc ]\n"
@@ -210,28 +210,52 @@ get_failed:
iflags |= GRE_KEY;
oflags |= GRE_KEY;
ikey = okey = tnl_parse_key("key", *argv);
+ } else if (!matches(*argv, "nokey")) {
+ iflags &= ~GRE_KEY;
+ oflags &= ~GRE_KEY;
+ ikey = okey = 0;
} else if (!matches(*argv, "ikey")) {
NEXT_ARG();
iflags |= GRE_KEY;
ikey = tnl_parse_key("ikey", *argv);
+ } else if (!matches(*argv, "noikey")) {
+ iflags &= ~GRE_KEY;
+ ikey = 0;
} else if (!matches(*argv, "okey")) {
NEXT_ARG();
oflags |= GRE_KEY;
okey = tnl_parse_key("okey", *argv);
+ } else if (!matches(*argv, "nookey")) {
+ oflags &= ~GRE_KEY;
+ okey = 0;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noseq")) {
+ iflags &= ~GRE_SEQ;
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noiseq")) {
+ iflags &= ~GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "nooseq")) {
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "nocsum")) {
+ iflags &= ~GRE_CSUM;
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noicsum")) {
+ iflags &= ~GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noocsum")) {
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "nopmtudisc")) {
pmtudisc = 0;
} else if (!matches(*argv, "pmtudisc")) {
diff --git a/ip/link_gre6.c b/ip/link_gre6.c
index a6fe0b73d235..181b2eae808b 100644
--- a/ip/link_gre6.c
+++ b/ip/link_gre6.c
@@ -38,9 +38,9 @@ static void gre_print_help(struct link_util *lu, int argc, char **argv, FILE *f)
);
fprintf(f,
" [ local ADDR ]\n"
- " [ [i|o]seq ]\n"
- " [ [i|o]key KEY ]\n"
- " [ [i|o]csum ]\n"
+ " [ [no][i|o]seq ]\n"
+ " [ [i|o]key KEY | no[i|o]key ]\n"
+ " [ [no][i|o]csum ]\n"
" [ hoplimit TTL ]\n"
" [ encaplimit ELIM ]\n"
" [ tclass TCLASS ]\n"
@@ -220,28 +220,52 @@ get_failed:
iflags |= GRE_KEY;
oflags |= GRE_KEY;
ikey = okey = tnl_parse_key("key", *argv);
+ } else if (!matches(*argv, "nokey")) {
+ iflags &= ~GRE_KEY;
+ oflags &= ~GRE_KEY;
+ ikey = okey = 0;
} else if (!matches(*argv, "ikey")) {
NEXT_ARG();
iflags |= GRE_KEY;
ikey = tnl_parse_key("ikey", *argv);
+ } else if (!matches(*argv, "noikey")) {
+ iflags &= ~GRE_KEY;
+ ikey = 0;
} else if (!matches(*argv, "okey")) {
NEXT_ARG();
oflags |= GRE_KEY;
okey = tnl_parse_key("okey", *argv);
+ } else if (!matches(*argv, "nookey")) {
+ oflags &= ~GRE_KEY;
+ okey = 0;
} else if (!matches(*argv, "seq")) {
iflags |= GRE_SEQ;
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noseq")) {
+ iflags &= ~GRE_SEQ;
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "iseq")) {
iflags |= GRE_SEQ;
+ } else if (!matches(*argv, "noiseq")) {
+ iflags &= ~GRE_SEQ;
} else if (!matches(*argv, "oseq")) {
oflags |= GRE_SEQ;
+ } else if (!matches(*argv, "nooseq")) {
+ oflags &= ~GRE_SEQ;
} else if (!matches(*argv, "csum")) {
iflags |= GRE_CSUM;
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "nocsum")) {
+ iflags &= ~GRE_CSUM;
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "icsum")) {
iflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noicsum")) {
+ iflags &= ~GRE_CSUM;
} else if (!matches(*argv, "ocsum")) {
oflags |= GRE_CSUM;
+ } else if (!matches(*argv, "noocsum")) {
+ oflags &= ~GRE_CSUM;
} else if (!matches(*argv, "remote")) {
NEXT_ARG();
get_addr(&daddr, *argv, AF_INET6);
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 77ab8a3b9723..83ef3cae54b9 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -775,12 +775,14 @@ the following additional arguments are supported:
.BR type " { " gre " | " gretap " }"
.BI " remote " ADDR " local " ADDR
[
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
] [
.RB [ i | o ] key
.I KEY
+|
+.BR no [ i | o ] key
] [
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
] [
.BI ttl " TTL "
] [
@@ -816,7 +818,7 @@ the following additional arguments are supported:
It must be an address on another interface on this host.
.sp
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
- serialize packets.
The
.B oseq
@@ -828,6 +830,8 @@ flag requires that all input packets are serialized.
.sp
.RB [ i | o ] key
.I KEY
+|
+.BR no [ i | o ] key
- use keyed GRE with key
.IR KEY ". "KEY
is either a number or an IPv4 address-like dotted quad.
@@ -839,7 +843,7 @@ The
parameters specify different keys for input and output.
.sp
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
- generate/require checksums for tunneled packets.
The
.B ocsum
@@ -920,12 +924,14 @@ the following additional arguments are supported:
.BR type " { " ip6gre " | " ip6gretap " }"
.BI remote " ADDR " local " ADDR"
[
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
] [
.RB [ i | o ] key
.I KEY
+|
+.BR no [ i | o ] key
] [
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
] [
.BI hoplimit " TTL "
] [
@@ -955,7 +961,7 @@ the following additional arguments are supported:
It must be an address on another interface on this host.
.sp
-.RB [ i | o ] seq
+.RB [ no ] "" [ i | o ] seq
- serialize packets.
The
.B oseq
@@ -965,7 +971,10 @@ The
flag requires that all input packets are serialized.
.sp
-.RB [ i | o ] key " \fIKEY"
+.RB [ i | o ] key
+.I KEY
+|
+.BR no [ i | o ] key
- use keyed GRE with key
.IR KEY ". "KEY
is either a number or an IPv4 address-like dotted quad.
@@ -977,7 +986,7 @@ The
parameters specify different keys for input and output.
.sp
-.RB [ i | o ] csum
+.RB [ no ] "" [ i | o ] csum
- generate/require checksums for tunneled packets.
The
.B ocsum
--
2.17.0
^ permalink raw reply related
* [PATCH iproute2-next v2 1/2] man: ip link: document GRE tunnels
From: Sabrina Dubroca @ 2018-04-20 8:31 UTC (permalink / raw)
To: netdev; +Cc: dsahern, Sabrina Dubroca
GRE tunnels are currently only documented together with IPIP and SIT
tunnels, but they actually have very different configuration
options. Let's separate them.
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
---
man/man8/ip-link.8.in | 152 ++++++++++++++++++++++++++++++++++++++++--
1 file changed, 148 insertions(+), 4 deletions(-)
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 5dee9fcd627a..77ab8a3b9723 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8.in
@@ -693,13 +693,13 @@ tunnel.
.in -8
.TP
-GRE, IPIP, SIT Type Support
-For a link of types
-.I GRE/IPIP/SIT
+IPIP, SIT Type Support
+For a link of type
+.IR IPIP or SIT
the following additional arguments are supported:
.BI "ip link add " DEVICE
-.BR type " { " gre " | " ipip " | " sit " }"
+.BR type " { " ipip " | " sit " }"
.BI " remote " ADDR " local " ADDR
[
.BR encap " { " fou " | " gue " | " none " }"
@@ -764,6 +764,150 @@ IPv6-Over-IPv4 is not supported for IPIP.
- make this tunnel externally controlled
.RB "(e.g. " "ip route encap" ).
+.in -8
+.TP
+GRE Type Support
+For a link of type
+.IR GRE " or " GRETAP
+the following additional arguments are supported:
+
+.BI "ip link add " DEVICE
+.BR type " { " gre " | " gretap " }"
+.BI " remote " ADDR " local " ADDR
+[
+.RB [ i | o ] seq
+] [
+.RB [ i | o ] key
+.I KEY
+] [
+.RB [ i | o ] csum
+] [
+.BI ttl " TTL "
+] [
+.BI tos " TOS "
+] [
+.RB [ no ] pmtudisc
+] [
+.RB [ no ] ignore-df
+] [
+.BI dev " PHYS_DEV "
+] [
+.BR encap " { " fou " | " gue " | " none " }"
+] [
+.BR encap-sport " { " \fIPORT " | " auto " }"
+] [
+.BI "encap-dport " PORT
+] [
+.RB [ no ] encap-csum
+] [
+.RB [ no ] encap-remcsum
+] [
+.BR external
+]
+
+.in +8
+.sp
+.BI remote " ADDR "
+- specifies the remote address of the tunnel.
+
+.sp
+.BI local " ADDR "
+- specifies the fixed local address for tunneled packets.
+It must be an address on another interface on this host.
+
+.sp
+.RB [ i | o ] seq
+- serialize packets.
+The
+.B oseq
+flag enables sequencing of outgoing packets.
+The
+.B iseq
+flag requires that all input packets are serialized.
+
+.sp
+.RB [ i | o ] key
+.I KEY
+- use keyed GRE with key
+.IR KEY ". "KEY
+is either a number or an IPv4 address-like dotted quad.
+The
+.B key
+parameter specifies the same key to use in both directions.
+The
+.BR ikey " and " okey
+parameters specify different keys for input and output.
+
+.sp
+.RB [ i | o ] csum
+- generate/require checksums for tunneled packets.
+The
+.B ocsum
+flag calculates checksums for outgoing packets.
+The
+.B icsum
+flag requires that all input packets have the correct
+checksum. The
+.B csum
+flag is equivalent to the combination
+.B "icsum ocsum" .
+
+.sp
+.BI ttl " TTL"
+- specifies the TTL value to use in outgoing packets.
+
+.sp
+.BI tos " TOS"
+- specifies the TOS value to use in outgoing packets.
+
+.sp
+.RB [ no ] pmtudisc
+- enables/disables Path MTU Discovery on this tunnel.
+It is enabled by default. Note that a fixed ttl is incompatible
+with this option: tunneling with a fixed ttl always makes pmtu
+discovery.
+
+.sp
+.RB [ no ] ignore-df
+- enables/disables IPv4 DF suppression on this tunnel.
+Normally datagrams that exceed the MTU will be fragmented; the presence
+of the DF flag inhibits this, resulting instead in an ICMP Unreachable
+(Fragmentation Required) message. Enabling this attribute casues the
+DF flag to be ignored.
+
+.sp
+.BI dev " PHYS_DEV"
+- specifies the physical device to use for tunnel endpoint communication.
+
+.sp
+.BR encap " { " fou " | " gue " | " none " }"
+- specifies type of secondary UDP encapsulation. "fou" indicates
+Foo-Over-UDP, "gue" indicates Generic UDP Encapsulation.
+
+.sp
+.BR encap-sport " { " \fIPORT " | " auto " }"
+- specifies the source port in UDP encapsulation.
+.IR PORT
+indicates the port by number, "auto"
+indicates that the port number should be chosen automatically
+(the kernel picks a flow based on the flow hash of the
+encapsulated packet).
+
+.sp
+.RB [ no ] encap-csum
+- specifies if UDP checksums are enabled in the secondary
+encapsulation.
+
+.sp
+.RB [ no ] encap-remcsum
+- specifies if Remote Checksum Offload is enabled. This is only
+applicable for Generic UDP Encapsulation.
+
+.sp
+.BR external
+- make this tunnel externally controlled
+.RB "(e.g. " "ip route encap" ).
+
.in -8
.TP
--
2.17.0
^ permalink raw reply related
* Re: [PATCH bpf-next] libbpf: fixed build error for samples/bpf/
From: Daniel Borkmann @ 2018-04-20 8:13 UTC (permalink / raw)
To: Björn Töpel, ast, netdev
Cc: Björn Töpel, Martin KaFai Lau
In-Reply-To: <20180420080516.16683-1-bjorn.topel@gmail.com>
On 04/20/2018 10:05 AM, Björn Töpel wrote:
> From: Björn Töpel <bjorn.topel@intel.com>
>
> Commit 8a138aed4a80 ("bpf: btf: Add BTF support to libbpf") did not
> include stdbool.h, so GCC complained when building samples/bpf/.
>
> In file included from /home/btopel/src/ext/linux/samples/bpf/libbpf.h:6:0,
> from /home/btopel/src/ext/linux/samples/bpf/test_lru_dist.c:24:
> /home/btopel/src/ext/linux/tools/lib/bpf/bpf.h:105:4: error: unknown type name ‘bool’; did you mean ‘_Bool’?
> bool do_log);
> ^~~~
> _Bool
>
> Signed-off-by: Björn Töpel <bjorn.topel@intel.com>
Applied to bpf-next, thanks Björn!
^ permalink raw reply
* [PATCH bpf-next] libbpf: fixed build error for samples/bpf/
From: Björn Töpel @ 2018-04-20 8:05 UTC (permalink / raw)
To: ast, daniel, netdev; +Cc: Björn Töpel, Martin KaFai Lau
From: Björn Töpel <bjorn.topel@intel.com>
Commit 8a138aed4a80 ("bpf: btf: Add BTF support to libbpf") did not
include stdbool.h, so GCC complained when building samples/bpf/.
In file included from /home/btopel/src/ext/linux/samples/bpf/libbpf.h:6:0,
from /home/btopel/src/ext/linux/samples/bpf/test_lru_dist.c:24:
/home/btopel/src/ext/linux/tools/lib/bpf/bpf.h:105:4: error: unknown type name ‘bool’; did you mean ‘_Bool’?
bool do_log);
^~~~
_Bool
Signed-off-by: Björn Töpel <bjorn.topel@intel.com>
---
tools/lib/bpf/bpf.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/lib/bpf/bpf.h b/tools/lib/bpf/bpf.h
index 01bda076310f..553b11ad52b3 100644
--- a/tools/lib/bpf/bpf.h
+++ b/tools/lib/bpf/bpf.h
@@ -24,6 +24,7 @@
#define __BPF_BPF_H
#include <linux/bpf.h>
+#include <stdbool.h>
#include <stddef.h>
struct bpf_create_map_attr {
--
2.14.1
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox