Netdev List
 help / color / mirror / Atom feed
* Re: [RFC net-next v2 2/8] net: add netif_is_geneve()
From: Jiri Pirko @ 2018-10-25 12:54 UTC (permalink / raw)
  To: John Hurley
  Cc: netdev, oss-drivers, gerlitz.or, ozsh, jakub.kicinski,
	simon.horman, avivh
In-Reply-To: <1540470417-14803-3-git-send-email-john.hurley@netronome.com>

Thu, Oct 25, 2018 at 02:26:51PM CEST, john.hurley@netronome.com wrote:
>Add a helper function to determine if the type of a netdev is geneve based
>on its rtnl_link_ops. This allows drivers that may wish to ofload tunnels
>to check the underlying type of the device.
>
>A recent patch added a similar helper to vxlan.h
>
>Signed-off-by: John Hurley <john.hurley@netronome.com>
>Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com>

I don't understand why this and the next patch are part of this
patchset. They don't seem directly related.

^ permalink raw reply

* Re: [RFC PATCH v2 01/10] udp: implement complete book-keeping for encap_needed
From: Paolo Abeni @ 2018-10-25 13:00 UTC (permalink / raw)
  To: Willem de Bruijn; +Cc: Network Development, Willem de Bruijn, steffen.klassert
In-Reply-To: <CAF=yD-KoNqqujRQ_BgDjX8R0qp+arf3fGqdRGVV+wdhX7rFYrw@mail.gmail.com>

Hi,

I'm sorry for lagging behind, this one felt outside my radar.

On Mon, 2018-10-22 at 12:06 -0400, Willem de Bruijn wrote:
> @@ -2431,7 +2435,9 @@ int udp_lib_setsockopt(struct sock *sk, int level, int optname,
> >                         /* FALLTHROUGH */
> >                 case UDP_ENCAP_L2TPINUDP:
> >                         up->encap_type = val;
> > -                       udp_encap_enable();
> > +                       if (!up->encap_enabled)
> > +                               udp_encap_enable();
> > +                       up->encap_enabled = 1;
> 
> nit: no need for the branch: udp_encap_enable already has a branch and
> is static inline.

Uhm... I think it's needed, so that we call udp_encap_enable() at most
once per socket. If up->encap_enabled we also call static_key_disable
at socket destruction time (once per socket, again) and hopefully we
don't "leak" static_key_enable invocation.

> Perhaps it makes sense to convert that to take the udp_sock and handle
> the state change within, to avoid having to open code at multiple
> locations.

Possibly calling directly udp_tunnel_encap_enable()? that additionally
cope with ipv6, which is not needed here, but should not hurt.

Cheers,

Paolo

^ permalink raw reply

* Re: [PATCH v1] net: ipv6: fix racey clock check in route cache aging logic
From: Eric Dumazet @ 2018-10-25 21:40 UTC (permalink / raw)
  To: Brendan Higgins, davem, kuznet, yoshfuji; +Cc: netdev, linux-kernel
In-Reply-To: <20181025211352.112096-1-brendanhiggins@google.com>



On 10/25/2018 02:13 PM, Brendan Higgins wrote:
> Fix a bug where, with certain settings, the aging logic does not use the
> time passed in as the current time, but instead directly checks jiffies.
> 
> This bug can be reproduced with (and this fix verified with) the test
> at: https://kunit-review.googlesource.com/c/linux/+/1156
> 
> Fixes: 31afeb425f7f ("ipv6: change route cache aging logic")
> Discovered-by-KUnit: https://kunit-review.googlesource.com/c/linux/+/1156
> Signed-off-by: Brendan Higgins <brendanhiggins@google.com>
> ---
>  net/ipv6/route.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> index 2a7423c394560..54d28b91fd840 100644
> --- a/net/ipv6/route.c
> +++ b/net/ipv6/route.c
> @@ -1734,7 +1734,7 @@ static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
>  			rt6_remove_exception(bucket, rt6_ex);
>  			return;
>  		}
> -	} else if (time_after(jiffies, rt->dst.expires)) {
> +	} else if (time_after(now, rt->dst.expires)) {
>  		RT6_TRACE("purging expired route %p\n", rt);
>  		rt6_remove_exception(bucket, rt6_ex);
>  		return;
> 


I do not think there is a bug here ?

As a matter of fact, using the latest value of jiffies is probably better,
since in some cases the @now variable could be quite in the past.

^ permalink raw reply

* Re: [PATCH v1] net: ipv6: fix racey clock check in route cache aging logic
From: Brendan Higgins @ 2018-10-25 21:46 UTC (permalink / raw)
  To: eric.dumazet
  Cc: David S . Miller, kuznet, yoshfuji, netdev,
	Linux Kernel Mailing List
In-Reply-To: <d787249c-0679-065a-62cb-ee9f87b1fba3@gmail.com>

On Thu, Oct 25, 2018 at 2:40 PM Eric Dumazet <eric.dumazet@gmail.com> wrote:
> On 10/25/2018 02:13 PM, Brendan Higgins wrote:
<snip>
> >
> > diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> > index 2a7423c394560..54d28b91fd840 100644
> > --- a/net/ipv6/route.c
> > +++ b/net/ipv6/route.c
> > @@ -1734,7 +1734,7 @@ static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
> >                       rt6_remove_exception(bucket, rt6_ex);
> >                       return;
> >               }
> > -     } else if (time_after(jiffies, rt->dst.expires)) {
> > +     } else if (time_after(now, rt->dst.expires)) {
> >               RT6_TRACE("purging expired route %p\n", rt);
> >               rt6_remove_exception(bucket, rt6_ex);
> >               return;
> >
>
>
> I do not think there is a bug here ?
>
> As a matter of fact, using the latest value of jiffies is probably better,
> since in some cases the @now variable could be quite in the past.

Then why do we pass the `now` parameter in at all and use it at all,
like here: https://elixir.bootlin.com/linux/latest/source/net/ipv6/route.c#L1764
?

I am still skeptical that we should check jiffies in each check, but
we should at least be consistent.

Cheers

^ permalink raw reply

* [PATCH net-next] net/ncsi: Add NCSI Mellanox OEM command
From: Vijay Khemka @ 2018-10-25 22:04 UTC (permalink / raw)
  To: Samuel Mendoza-Jonas, David S. Miller, netdev, linux-kernel
  Cc: vijaykhemka, openbmc @ lists . ozlabs . org, Justin.Lee1, joel,
	linux-aspeed

This patch adds OEM Mellanox commands and response handling. It also
defines OEM Get MAC Address handler to get and configure the device.

ncsi_oem_gma_handler_mlx: This handler send NCSI mellanox command for
getting mac address.
ncsi_rsp_handler_oem_mlx: This handles response received for all
mellanox OEM commands.
ncsi_rsp_handler_oem_mlx_gma: This handles get mac address response and
set it to device.

Signed-off-by: Vijay Khemka <vijaykhemka@fb.com>
---
 net/ncsi/internal.h    |  5 +++++
 net/ncsi/ncsi-manage.c | 25 ++++++++++++++++++++++++-
 net/ncsi/ncsi-pkt.h    |  9 +++++++++
 net/ncsi/ncsi-rsp.c    | 41 ++++++++++++++++++++++++++++++++++++++++-
 4 files changed, 78 insertions(+), 2 deletions(-)

diff --git a/net/ncsi/internal.h b/net/ncsi/internal.h
index 1dae77c54009..7f3eb1360b9b 100644
--- a/net/ncsi/internal.h
+++ b/net/ncsi/internal.h
@@ -73,10 +73,15 @@ enum {
 #define NCSI_OEM_MFR_BCM_ID             0x113d
 /* Broadcom specific OEM Command */
 #define NCSI_OEM_BCM_CMD_GMA            0x01   /* CMD ID for Get MAC */
+/* Mellanox specific OEM Command */
+#define NCSI_OEM_MLX_CMD_GMA            0x00   /* CMD ID for Get MAC */
+#define NCSI_OEM_MLX_CMD_GMA_PARAM      0x1b   /* Parameter for GMA  */
 /* OEM Command payload lengths*/
 #define NCSI_OEM_BCM_CMD_GMA_LEN        12
+#define NCSI_OEM_MLX_CMD_GMA_LEN        8
 /* Mac address offset in OEM response */
 #define BCM_MAC_ADDR_OFFSET             28
+#define MLX_MAC_ADDR_OFFSET             8
 
 
 struct ncsi_channel_version {
diff --git a/net/ncsi/ncsi-manage.c b/net/ncsi/ncsi-manage.c
index bfc43b28c7a6..eacb653ff987 100644
--- a/net/ncsi/ncsi-manage.c
+++ b/net/ncsi/ncsi-manage.c
@@ -675,12 +675,35 @@ static int ncsi_oem_gma_handler_bcm(struct ncsi_cmd_arg *nca)
 	return ret;
 }
 
+static int ncsi_oem_gma_handler_mlx(struct ncsi_cmd_arg *nca)
+{
+	unsigned char data[NCSI_OEM_MLX_CMD_GMA_LEN];
+	int ret = 0;
+
+	nca->payload = NCSI_OEM_MLX_CMD_GMA_LEN;
+
+	memset(data, 0, NCSI_OEM_MLX_CMD_GMA_LEN);
+	*(unsigned int *)data = ntohl(NCSI_OEM_MFR_MLX_ID);
+	data[5] = NCSI_OEM_MLX_CMD_GMA;
+	data[6] = NCSI_OEM_MLX_CMD_GMA_PARAM;
+
+	nca->data = data;
+
+	ret = ncsi_xmit_cmd(nca);
+	if (ret)
+		netdev_err(nca->ndp->ndev.dev,
+			   "NCSI: Failed to transmit cmd 0x%x during configure\n",
+			   nca->type);
+	return ret;
+}
+
 /* OEM Command handlers initialization */
 static struct ncsi_oem_gma_handler {
 	unsigned int	mfr_id;
 	int		(*handler)(struct ncsi_cmd_arg *nca);
 } ncsi_oem_gma_handlers[] = {
-	{ NCSI_OEM_MFR_BCM_ID, ncsi_oem_gma_handler_bcm }
+	{ NCSI_OEM_MFR_BCM_ID, ncsi_oem_gma_handler_bcm },
+	{ NCSI_OEM_MFR_MLX_ID, ncsi_oem_gma_handler_mlx }
 };
 
 static int ncsi_gma_handler(struct ncsi_cmd_arg *nca, unsigned int mf_id)
diff --git a/net/ncsi/ncsi-pkt.h b/net/ncsi/ncsi-pkt.h
index 4d3f06be38bd..2a6d83a596c9 100644
--- a/net/ncsi/ncsi-pkt.h
+++ b/net/ncsi/ncsi-pkt.h
@@ -165,6 +165,15 @@ struct ncsi_rsp_oem_pkt {
 	unsigned char           data[];      /* Payload data      */
 };
 
+/* Mellanox Response Data */
+struct ncsi_rsp_oem_mlx_pkt {
+	unsigned char           cmd_rev;     /* Command Revision  */
+	unsigned char           cmd;         /* Command ID        */
+	unsigned char           param;       /* Parameter         */
+	unsigned char           optional;    /* Optional data     */
+	unsigned char           data[];      /* Data              */
+};
+
 /* Broadcom Response Data */
 struct ncsi_rsp_oem_bcm_pkt {
 	unsigned char           ver;         /* Payload Version   */
diff --git a/net/ncsi/ncsi-rsp.c b/net/ncsi/ncsi-rsp.c
index 77e07ba3f493..ba9a4ba97c64 100644
--- a/net/ncsi/ncsi-rsp.c
+++ b/net/ncsi/ncsi-rsp.c
@@ -611,6 +611,45 @@ static int ncsi_rsp_handler_snfc(struct ncsi_request *nr)
 	return 0;
 }
 
+/* Response handler for Mellanox command Get Mac Address */
+static int ncsi_rsp_handler_oem_mlx_gma(struct ncsi_request *nr)
+{
+	struct ncsi_dev_priv *ndp = nr->ndp;
+	struct net_device *ndev = ndp->ndev.dev;
+	const struct net_device_ops *ops = ndev->netdev_ops;
+	struct ncsi_rsp_oem_pkt *rsp;
+	struct sockaddr saddr;
+	int ret = 0;
+
+	/* Get the response header */
+	rsp = (struct ncsi_rsp_oem_pkt *)skb_network_header(nr->rsp);
+
+	saddr.sa_family = ndev->type;
+	ndev->priv_flags |= IFF_LIVE_ADDR_CHANGE;
+	memcpy(saddr.sa_data, &rsp->data[MLX_MAC_ADDR_OFFSET], ETH_ALEN);
+	ret = ops->ndo_set_mac_address(ndev, &saddr);
+	if (ret < 0)
+		netdev_warn(ndev, "NCSI: 'Writing mac address to device failed\n");
+
+	return ret;
+}
+
+/* Response handler for Mellanox card */
+static int ncsi_rsp_handler_oem_mlx(struct ncsi_request *nr)
+{
+	struct ncsi_rsp_oem_mlx_pkt *mlx;
+	struct ncsi_rsp_oem_pkt *rsp;
+
+	/* Get the response header */
+	rsp = (struct ncsi_rsp_oem_pkt *)skb_network_header(nr->rsp);
+	mlx = (struct ncsi_rsp_oem_mlx_pkt *)(rsp->data);
+
+	if (mlx->cmd == NCSI_OEM_MLX_CMD_GMA &&
+	    mlx->param == NCSI_OEM_MLX_CMD_GMA_PARAM)
+		return ncsi_rsp_handler_oem_mlx_gma(nr);
+	return 0;
+}
+
 /* Response handler for Broadcom command Get Mac Address */
 static int ncsi_rsp_handler_oem_bcm_gma(struct ncsi_request *nr)
 {
@@ -655,7 +694,7 @@ static struct ncsi_rsp_oem_handler {
 	unsigned int	mfr_id;
 	int		(*handler)(struct ncsi_request *nr);
 } ncsi_rsp_oem_handlers[] = {
-	{ NCSI_OEM_MFR_MLX_ID, NULL },
+	{ NCSI_OEM_MFR_MLX_ID, ncsi_rsp_handler_oem_mlx },
 	{ NCSI_OEM_MFR_BCM_ID, ncsi_rsp_handler_oem_bcm }
 };
 
-- 
2.17.1

^ permalink raw reply related

* Re: [PATCH v1] net: ipv6: fix racey clock check in route cache aging logic
From: Eric Dumazet @ 2018-10-25 22:15 UTC (permalink / raw)
  To: Brendan Higgins
  Cc: David S . Miller, kuznet, yoshfuji, netdev,
	Linux Kernel Mailing List
In-Reply-To: <CAFd5g44jmpDyeh--=Hd2fAexzik4gMYLMdNhAMqxWqnjSh4KeA@mail.gmail.com>



On 10/25/2018 02:46 PM, Brendan Higgins wrote:
> On Thu, Oct 25, 2018 at 2:40 PM Eric Dumazet <eric.dumazet@gmail.com> wrote:
>> On 10/25/2018 02:13 PM, Brendan Higgins wrote:
> <snip>
>>>
>>> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
>>> index 2a7423c394560..54d28b91fd840 100644
>>> --- a/net/ipv6/route.c
>>> +++ b/net/ipv6/route.c
>>> @@ -1734,7 +1734,7 @@ static void rt6_age_examine_exception(struct rt6_exception_bucket *bucket,
>>>                       rt6_remove_exception(bucket, rt6_ex);
>>>                       return;
>>>               }
>>> -     } else if (time_after(jiffies, rt->dst.expires)) {
>>> +     } else if (time_after(now, rt->dst.expires)) {
>>>               RT6_TRACE("purging expired route %p\n", rt);
>>>               rt6_remove_exception(bucket, rt6_ex);
>>>               return;
>>>
>>
>>
>> I do not think there is a bug here ?
>>
>> As a matter of fact, using the latest value of jiffies is probably better,
>> since in some cases the @now variable could be quite in the past.
> 
> Then why do we pass the `now` parameter in at all and use it at all,
> like here: https://elixir.bootlin.com/linux/latest/source/net/ipv6/route.c#L1764
> ?
> 
> I am still skeptical that we should check jiffies in each check, but
> we should at least be consistent.

Well, this is a case where we do not really care.

When a bug is fixed (you added a Fixes: tag which is good), we want
to understand the real problem that needs to be fixed on stable kernels.

Since this does not seem to be a real issue, I would suggest you send a cleanup
patch when net-next is open (few days after linux-4.20-rc1 is release)

^ permalink raw reply

* [PATCH net] drivers: net: remove <net/busy_poll.h> inclusion when not needed
From: Eric Dumazet @ 2018-10-25 13:42 UTC (permalink / raw)
  To: David S . Miller; +Cc: netdev, Eric Dumazet, Eric Dumazet

Drivers using generic NAPI interface no longer need to include
<net/busy_poll.h>, since busy polling was moved to core networking
stack long ago.

See commit 79e7fff47b7b ("net: remove support for per driver
ndo_busy_poll()") for reference.

Signed-off-by: Eric Dumazet <edumazet@google.com>
---
 drivers/net/ethernet/amd/xgbe/xgbe-drv.c         | 1 -
 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c  | 1 -
 drivers/net/ethernet/intel/i40e/i40e_txrx.c      | 1 -
 drivers/net/ethernet/intel/iavf/iavf_txrx.c      | 1 -
 drivers/net/ethernet/intel/ixgbe/ixgbe.h         | 1 -
 drivers/net/ethernet/mellanox/mlx4/en_netdev.c   | 1 -
 drivers/net/ethernet/mellanox/mlx4/en_rx.c       | 1 -
 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c  | 1 -
 drivers/net/ethernet/myricom/myri10ge/myri10ge.c | 1 -
 9 files changed, 9 deletions(-)

diff --git a/drivers/net/ethernet/amd/xgbe/xgbe-drv.c b/drivers/net/ethernet/amd/xgbe/xgbe-drv.c
index d96a84a62d78dff9625ce78d15779a05df8b510c..0cc911f928b143c5e511b83f3e1a4494443a1f2e 100644
--- a/drivers/net/ethernet/amd/xgbe/xgbe-drv.c
+++ b/drivers/net/ethernet/amd/xgbe/xgbe-drv.c
@@ -119,7 +119,6 @@
 #include <linux/tcp.h>
 #include <linux/if_vlan.h>
 #include <linux/interrupt.h>
-#include <net/busy_poll.h>
 #include <linux/clk.h>
 #include <linux/if_ether.h>
 #include <linux/net_tstamp.h>
diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c
index 5a727d4729da7348075b75101154cca3cf515073..686899d7e555e84a4c78459e1780765b9794b913 100644
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c
+++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c
@@ -27,7 +27,6 @@
 #include <net/tcp.h>
 #include <net/ipv6.h>
 #include <net/ip6_checksum.h>
-#include <net/busy_poll.h>
 #include <linux/prefetch.h>
 #include "bnx2x_cmn.h"
 #include "bnx2x_init.h"
diff --git a/drivers/net/ethernet/intel/i40e/i40e_txrx.c b/drivers/net/ethernet/intel/i40e/i40e_txrx.c
index 740ea58ba938d412d87048eb2b109a2a5d358170..aef3c89ee79c4e7384e0713c55b12090c1c36f60 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_txrx.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_txrx.c
@@ -2,7 +2,6 @@
 /* Copyright(c) 2013 - 2018 Intel Corporation. */
 
 #include <linux/prefetch.h>
-#include <net/busy_poll.h>
 #include <linux/bpf_trace.h>
 #include <net/xdp.h>
 #include "i40e.h"
diff --git a/drivers/net/ethernet/intel/iavf/iavf_txrx.c b/drivers/net/ethernet/intel/iavf/iavf_txrx.c
index edc349f4974827d6a09afe2f650c6327357f591e..fb9bfad96daff5f57f079a24d47be0d55cb8f96c 100644
--- a/drivers/net/ethernet/intel/iavf/iavf_txrx.c
+++ b/drivers/net/ethernet/intel/iavf/iavf_txrx.c
@@ -2,7 +2,6 @@
 /* Copyright(c) 2013 - 2018 Intel Corporation. */
 
 #include <linux/prefetch.h>
-#include <net/busy_poll.h>
 
 #include "iavf.h"
 #include "iavf_trace.h"
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe.h b/drivers/net/ethernet/intel/ixgbe/ixgbe.h
index 7a7679e7be84c548c091452bdcea736567fffc66..ec1b87cc44100904bf7b486692bc1d06b256fc80 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe.h
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe.h
@@ -30,7 +30,6 @@
 #include "ixgbe_ipsec.h"
 
 #include <net/xdp.h>
-#include <net/busy_poll.h>
 
 /* common prefix used by pr_<> macros */
 #undef pr_fmt
diff --git a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c
index fe49384eba48cb3f75bd33f5bfb9cf1fa15af791..b744cd49a7856e97917bcdce93e7d5ee205f09cd 100644
--- a/drivers/net/ethernet/mellanox/mlx4/en_netdev.c
+++ b/drivers/net/ethernet/mellanox/mlx4/en_netdev.c
@@ -39,7 +39,6 @@
 #include <linux/slab.h>
 #include <linux/hash.h>
 #include <net/ip.h>
-#include <net/busy_poll.h>
 #include <net/vxlan.h>
 #include <net/devlink.h>
 
diff --git a/drivers/net/ethernet/mellanox/mlx4/en_rx.c b/drivers/net/ethernet/mellanox/mlx4/en_rx.c
index a1aeeb8094c376f9fac9610b7a4606e92860d4fc..5a6d0919533d6e0e619927abd753c5d07ed95dac 100644
--- a/drivers/net/ethernet/mellanox/mlx4/en_rx.c
+++ b/drivers/net/ethernet/mellanox/mlx4/en_rx.c
@@ -31,7 +31,6 @@
  *
  */
 
-#include <net/busy_poll.h>
 #include <linux/bpf.h>
 #include <linux/bpf_trace.h>
 #include <linux/mlx4/cq.h>
diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
index 2f7fb8de6967293f26d9ee72b96a66807fdfdde9..94224c22ecc310a87b6715051e335446f29bec03 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_rx.c
@@ -34,7 +34,6 @@
 #include <linux/ip.h>
 #include <linux/ipv6.h>
 #include <linux/tcp.h>
-#include <net/busy_poll.h>
 #include <net/ip6_checksum.h>
 #include <net/page_pool.h>
 #include <net/inet_ecn.h>
diff --git a/drivers/net/ethernet/myricom/myri10ge/myri10ge.c b/drivers/net/ethernet/myricom/myri10ge/myri10ge.c
index b2d2ec8c11e2d15e0562ca89c2f76d58bc4e69c3..5f384f73007daf478b25dc529159d9d9da062419 100644
--- a/drivers/net/ethernet/myricom/myri10ge/myri10ge.c
+++ b/drivers/net/ethernet/myricom/myri10ge/myri10ge.c
@@ -70,7 +70,6 @@
 #include <net/tcp.h>
 #include <asm/byteorder.h>
 #include <asm/processor.h>
-#include <net/busy_poll.h>
 
 #include "myri10ge_mcp.h"
 #include "myri10ge_mcp_gen_header.h"
-- 
2.19.1.568.g152ad8e336-goog

^ permalink raw reply related

* Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel
From: Andrew Lunn @ 2018-10-25 22:37 UTC (permalink / raw)
  To: Jason A. Donenfeld
  Cc: LKML, Netdev, Linux Crypto Mailing List, David Miller,
	Greg Kroah-Hartman
In-Reply-To: <CAHmME9qMf=n7mnE-bsx86SVFBs1LrvHoc+nWrpr12vtYAgze+g@mail.gmail.com>

> > > +             net_dbg_ratelimited("%s: Could not decrypt invalid cookie response\n",
> > > +                                 wg->dev->name);
> >
> > It might be worth adding a netdev_dbg_ratelimited(), which takes a
> > netdev as its first parameter, just line netdev_dbg().
> 
> That sounds like it could be useful. Though, I'm trying hard to make
> the first patch submission _not_ need to touch any of the rest of the
> networking stack. I've actually got a small list of interesting
> networking stack changes that might be useful for WireGuard, but I
> think I'd prefer to submit these after this is all merged, and each
> one separately for a separate discussion, if that's okay with you.

Hi Jason

I can understand that. But on the flip side, CAKE reached something
like version 19 before it got merged. Wireguard is looking similar.
An addition like the above, is not controversial. You could submit
such a single patch in a weeks time when net-next reopens, and
probably version 1 or 2 will get accepted.

	 Andrew

^ permalink raw reply

* YOUR DIPLOMATIC PACKAGE
From: lewis251666 @ 2018-10-25 15:13 UTC (permalink / raw)
  To: netdev

Attention : 

I'm Lewis Edward, I have been instructed to notify you of the 
availability of a package deposited by your relative (our client) 
in your name at the event of demise. We are entrusted and 
empowered with diplomatic immunity and status to safe keep 
valuable packages and baggage in trust for our reputable clients.

We work in collaboration with top firms and government bodies of 
various countries as we have earned a reputation as a service 
whose hallmarks in reliability and confidentiality are revered. 
Our clienteles also includes international missions, fellow 
diplomats as well as embassies of different countries.

A financial security package was deposited by a benefactor whose 
identity can not be disclosed due to a binding Non-Disclosure 
Agreement, specifically instructing us to contact you in the 
event of demise. The Non Circumvention and Non Disclosure 
Agreement signed with the benefactor  mandates and authorises us 
to fully divulge and disclose the benefactor's identity 18 months 
after the beneficiary has received the funds. We confirm that 
these funds are fully free of any liens or encumbrances and are 
clean, clear and non-criminal origin and are available in the 
form of
CASH.

By this notice, you are hereby advised to send your Full Contact 
Information as well as the name of the closest airport to your 
city in the format stated below. The funds with the 
documentations of origin will be brought to your country of 
residence by 3 Diplomats. You will be accompanied to your bank 
(solely by your request) to deposit the funds in your name with 
the documentations of its origin which authenticates the facts 
that the funds are clean with no link to terrorism or drugs as 
well as exonerates you from any form of investigations and 
interrogation.


Kindly ensure that no mistake or error is made in the information 
provide below and it should be forwarded in the manner stated 
below:

Your Full Name: ______________________________

Your cell number:______________________________

Your Complete Address: ________________________________

Name of City of Residence: ____________________

Name of Closest Airport to your city of 
Residence:_________________________________

I hereby confirm the the information provided above is correct 
and accurate to the best of my knowledge.
Congratulations in advance.

Thank you and I sincerely Remain,


Lewis Edward
Email: opendoorssecurities1@webmail.co.za

^ permalink raw reply

* Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel
From: Andrew Lunn @ 2018-10-25 22:44 UTC (permalink / raw)
  To: Jason A. Donenfeld
  Cc: LKML, Netdev, Linux Crypto Mailing List, David Miller,
	Greg Kroah-Hartman
In-Reply-To: <CAHmME9qMf=n7mnE-bsx86SVFBs1LrvHoc+nWrpr12vtYAgze+g@mail.gmail.com>

> > > +#if defined(CONFIG_PM_SLEEP) && !defined(CONFIG_ANDROID)
> >
> > I don't see any other code which uses this combination. Why is this
> > needed?
> 
> WireGuard clears private key material before going to sleep, so that
> ephemeral keys never live longer in ram than their expiration date.
> This works well for mostly everything, except Android devices where
> crazy out-of-tree wireless drivers (such as qcacld) will actually wake
> and sleep the phone constantly

Hi Jason

Out of tree is important here. To some degree, mainline does not care
about out of tree drivers. Putting in a bandaid for them does not help
get them fixed.

I would drop this bandaid. If the Android community decides to move
wireguard from mainline into their fork, they can put the bandaid back
in again, or get the driver fixed.

   Andrew

^ permalink raw reply

* Re: Regression: kernel 4.14 an later very slow with many ipsec tunnels
From: Florian Westphal @ 2018-10-25 22:45 UTC (permalink / raw)
  To: Wolfgang Walter
  Cc: netdev, Florian Westphal, Steffen Klassert, David Miller,
	linux-kernel, torvalds, christophe.gouault, Greg KH
In-Reply-To: <2766296.15tpkxTHJV@stwm.de>

Wolfgang Walter <linux@stwm.de> wrote:
> there is now a new 4.19 which still has the big performance regression when 
> many ipsec tunnels are configured (throughput and latency get worse by 10 to 
> 50 times) which makes any kernel > 4.9 unusable for our routers.

https://git.breakpoint.cc/cgit/fw/net-next.git/log/?h=xfrm_pol_18

This is mostly untested, if you want to test this anyway and
find bugs please feel free to report them to me.

Improvements to test script in patch #1 welcome as well (its what
i've been using so far to test this).

^ permalink raw reply

* Re: [PATCH net-next] net/ncsi: Add NCSI Mellanox OEM command
From: David Miller @ 2018-10-25 22:53 UTC (permalink / raw)
  To: vijaykhemka
  Cc: sam, netdev, linux-kernel, openbmc, Justin.Lee1, joel,
	linux-aspeed
In-Reply-To: <20181025220413.2936698-1-vijaykhemka@fb.com>

From: Vijay Khemka <vijaykhemka@fb.com>
Date: Thu, 25 Oct 2018 15:04:13 -0700

> This patch adds OEM Mellanox commands and response handling. It also
> defines OEM Get MAC Address handler to get and configure the device.
> 
> ncsi_oem_gma_handler_mlx: This handler send NCSI mellanox command for
> getting mac address.
> ncsi_rsp_handler_oem_mlx: This handles response received for all
> mellanox OEM commands.
> ncsi_rsp_handler_oem_mlx_gma: This handles get mac address response and
> set it to device.
> 
> Signed-off-by: Vijay Khemka <vijaykhemka@fb.com>

net-next is closed, please resubmit this when the net-next tree opens
back up.

Thank you.

^ permalink raw reply

* Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel
From: Andrew Lunn @ 2018-10-25 22:53 UTC (permalink / raw)
  To: Jason A. Donenfeld
  Cc: LKML, Netdev, Linux Crypto Mailing List, David Miller,
	Greg Kroah-Hartman
In-Reply-To: <CAHmME9qMf=n7mnE-bsx86SVFBs1LrvHoc+nWrpr12vtYAgze+g@mail.gmail.com>

> > > +static void kdf(u8 *first_dst, u8 *second_dst, u8 *third_dst, const u8 *data,
> > > +             size_t first_len, size_t second_len, size_t third_len,
> > > +             size_t data_len, const u8 chaining_key[NOISE_HASH_LEN])
> > > +{
> > > +     u8 output[BLAKE2S_HASH_SIZE + 1];
> > > +     u8 secret[BLAKE2S_HASH_SIZE];
> > > +
> > > +     WARN_ON(IS_ENABLED(DEBUG) &&
> > > +             (first_len > BLAKE2S_HASH_SIZE ||
> > > +              second_len > BLAKE2S_HASH_SIZE ||
> > > +              third_len > BLAKE2S_HASH_SIZE ||
> > > +              ((second_len || second_dst || third_len || third_dst) &&
> > > +               (!first_len || !first_dst)) ||
> > > +              ((third_len || third_dst) && (!second_len || !second_dst))));
> >
> > Maybe split this up into a number of WARN_ON()s. At the moment, if it
> > fires, you have little idea why, there are so many comparisons. Also,
> > is this on the hot path? I guess not, since this is keys, not
> > packets. Do you need to care about DEBUG here?
> 
> This is on the hot path, actually. Well, it's not on path of data
> packets, but I do consider handshake packets to be fairly "warm".

Hi Jason

So for me, hot path is something called 10 million timers per
second. How often do handshake packets happen?

> I'm not especially keen on splitting that up into multiple warn_ons,
> mostly because if that is ever hint, something is seriously wrong,
> and the whole flow would likely then need auditing anyway.

On the flip side, if you think this is so unlikely, it probably means
it is hard to reproduce. And then you will wish you knew exactly which
triggered. If you can get the disassembly and stack trace you might be
able to figure it out, but have a print could be a lot easier.

Anyway, it was just a suggestion. No worries.

	Andrew

^ permalink raw reply

* Re: [PATCH v2] bpf: btf: Fix a missing-check bug
From: Daniel Borkmann @ 2018-10-25 22:58 UTC (permalink / raw)
  To: Martin Lau, Wenwen Wang
  Cc: Kangjie Lu, Alexei Starovoitov,
	open list:BPF (Safe dynamic programs and tools),
	open list:BPF (Safe dynamic programs and tools)
In-Reply-To: <20181024203548.glxgu3bqd47minmg@kafai-mbp>

On 10/24/2018 10:42 PM, Martin Lau wrote:
> On Wed, Oct 24, 2018 at 06:22:46PM +0000, Martin Lau wrote:
>> On Wed, Oct 24, 2018 at 05:26:23PM +0000, Martin Lau wrote:
>>> On Wed, Oct 24, 2018 at 08:00:19AM -0500, Wenwen Wang wrote:
>>>> In btf_parse(), the header of the user-space btf data 'btf_data' is firstly
>>>> parsed and verified through btf_parse_hdr(). In btf_parse_hdr(), the header
>>>> is copied from user-space 'btf_data' to kernel-space 'btf->hdr' and then
>>>> verified. If no error happens during the verification process, the whole
>>>> data of 'btf_data', including the header, is then copied to 'data' in
>>>> btf_parse(). It is obvious that the header is copied twice here. More
>>>> importantly, no check is enforced after the second copy to make sure the
>>>> headers obtained in these two copies are same. Given that 'btf_data'
>>>> resides in the user space, a malicious user can race to modify the header
>>>> between these two copies. By doing so, the user can inject inconsistent
>>>> data, which can cause undefined behavior of the kernel and introduce
>>>> potential security risk.
>> btw, I am working on a patch that copies the btf_data before parsing/verifying
>> the header.  That should avoid this from happening but that will
>> require a bit more code churns for the bpf branch.
>>
> It is what I have in mind:
> 
> It is not a good idea to check the BTF header before copying the
> user btf_data.  The verified header may not be the one actually
> copied to btf->data (e.g. userspace may modify the passed in
> btf_data in between).  Like the one fixed in
> commit 8af03d1ae2e1 ("bpf: btf: Fix a missing check bug").
> 
> This patch copies the user btf_data before parsing/verifying
> the BTF header.
> 
> Fixes: 69b693f0aefa ("bpf: btf: Introduce BPF Type Format (BTF)")
> Signed-off-by: Martin KaFai Lau <kafai@fb.com>

I've added Co-developed-by tag and applied it to bpf tree, thanks everyone!

^ permalink raw reply

* Re: [PATCH] dp83867: fix speed 10 in sgmii mode
From: Andrew Lunn @ 2018-10-25 23:06 UTC (permalink / raw)
  To: Max Uvarov; +Cc: linux-kernel, f.fainelli, netdev
In-Reply-To: <20181025110530.22826-1-muvarov@gmail.com>

On Thu, Oct 25, 2018 at 02:05:30PM +0300, Max Uvarov wrote:

Hi Max

> For support 10Mps sped in SGMII mode DP83867_10M_SGMII_RATE_ADAPT bit

speed.

> of DP83867_10M_SGMII_CFG register has to be cleared by software.
> That does not affect speeds 100 and 1000 so can be done on init.

It would be good to add a Fixes: tag. Has this always been broken?

Thanks
	Andrew

^ permalink raw reply

* [PATCH] selftests/bpf: add config fragments BPF_STREAM_PARSER and XDP_SOCKETS
From: Naresh Kamboju @ 2018-10-25 14:47 UTC (permalink / raw)
  To: netdev; +Cc: bhole_prashant_q7, daniel, davem

BPF sockmap and hashmap are dependent on CONFIG_BPF_STREAM_PARSER and
xskmap is dependent on CONFIG_XDP_SOCKETS

Signed-off-by: Naresh Kamboju <naresh.kamboju@linaro.org>
---
 tools/testing/selftests/bpf/config | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tools/testing/selftests/bpf/config b/tools/testing/selftests/bpf/config
index dd49df5e2df4..7f90d3645af8 100644
--- a/tools/testing/selftests/bpf/config
+++ b/tools/testing/selftests/bpf/config
@@ -20,3 +20,5 @@ CONFIG_VXLAN=y
 CONFIG_GENEVE=y
 CONFIG_NET_CLS_FLOWER=m
 CONFIG_LWTUNNEL=y
+CONFIG_BPF_STREAM_PARSER=y
+CONFIG_XDP_SOCKETS=y
-- 
2.17.1

^ permalink raw reply related

* for your images 15
From: Kate @ 2018-10-24 11:42 UTC (permalink / raw)
  To: netdev

We are an imaging team who can process 300+ images daily.

If you need any image editing service, please contact us today.

We do mainly images cut out and clipping path, masking.
Such as for your ecommerce photos, jewelry photos retouching, also it is
for beauty portraits and skin images
and wedding photos.

We provide test editing if you send some photos.

Thanks,
Kate

^ permalink raw reply

* for your images 15
From: Kate @ 2018-10-24 11:38 UTC (permalink / raw)
  To: netdev

We are an imaging team who can process 300+ images daily.

If you need any image editing service, please contact us today.

We do mainly images cut out and clipping path, masking.
Such as for your ecommerce photos, jewelry photos retouching, also it is
for beauty portraits and skin images
and wedding photos.

We provide test editing if you send some photos.

Thanks,
Kate

^ permalink raw reply

* Re: [RFC net-next v2 0/8] indirect tc block cb registration
From: John Hurley @ 2018-10-25 14:56 UTC (permalink / raw)
  To: Jiri Pirko
  Cc: Linux Netdev List, oss-drivers, Or Gerlitz, ozsh, Jakub Kicinski,
	Simon Horman, avivh
In-Reply-To: <20181025125241.GD2143@nanopsycho>

On Thu, Oct 25, 2018 at 1:58 PM Jiri Pirko <jiri@resnulli.us> wrote:
>
> Thu, Oct 25, 2018 at 02:26:49PM CEST, john.hurley@netronome.com wrote:
> >This patchset introduces an alternative to egdev offload by allowing a
> >driver to register for block updates when an external device (e.g. tunnel
> >netdev) is bound to a TC block. Drivers can track new netdevs or register
> >to existing ones to receive information on such events. Based on this,
> >they may register for block offload rules using already existing
> >functions.
> >
> >The patchset also implements this new indirect block registration in the
> >NFP driver to allow the offloading of tunnel rules. The use of egdev
> >offload (which is currently only used for tunnel offload) is subsequently
> >removed.
>
> John, I'm missing v1->v2 changelog. Could you please add it?
>
> Thanks!

Hi Jiri,
There's little change outside the NFP in v2 but here's short changelog:

v1->v2:
- free allocated owner struct in block_owner_clean function
- add geneve type helper function
- move test stub in NFP (v1 patch 2) to full tunnel offload
implementation via indirect blocks (v2 patches 3-8)

^ permalink raw reply

* Re: [RFC net-next v2 2/8] net: add netif_is_geneve()
From: John Hurley @ 2018-10-25 14:59 UTC (permalink / raw)
  To: Jiri Pirko
  Cc: Linux Netdev List, oss-drivers, Or Gerlitz, ozsh, Jakub Kicinski,
	Simon Horman, avivh
In-Reply-To: <20181025125416.GE2143@nanopsycho>

On Thu, Oct 25, 2018 at 2:00 PM Jiri Pirko <jiri@resnulli.us> wrote:
>
> Thu, Oct 25, 2018 at 02:26:51PM CEST, john.hurley@netronome.com wrote:
> >Add a helper function to determine if the type of a netdev is geneve based
> >on its rtnl_link_ops. This allows drivers that may wish to ofload tunnels
> >to check the underlying type of the device.
> >
> >A recent patch added a similar helper to vxlan.h
> >
> >Signed-off-by: John Hurley <john.hurley@netronome.com>
> >Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com>
>
> I don't understand why this and the next patch are part of this
> patchset. They don't seem directly related.

This is used in later patches that implement the indirect block
offload but I suppose it is not directly related.
We can probably move it to a separate patchset.
Thanks

^ permalink raw reply

* Re: [PATCH v2 2/3] tools: sync linux/bpf.h
From: Lorenz Bauer @ 2018-10-25 15:07 UTC (permalink / raw)
  To: liu.song.a23; +Cc: Alexei Starovoitov, Daniel Borkmann, netdev, linux-api
In-Reply-To: <CAPhsuW5fbhQ1SBurL2q6hm=yV0a_Vw-_gjsz8LHJ76QwcqVXsQ@mail.gmail.com>

On Tue, 9 Oct 2018 at 01:12, Song Liu <liu.song.a23@gmail.com> wrote:
>
> On Mon, Oct 8, 2018 at 3:34 AM Lorenz Bauer <lmb@cloudflare.com> wrote:
> >
> > Synchronize changes to linux/bpf.h from
> > commit 88db241b34bf ("bpf: allow zero-initializing hash map seed").
> I guess we cannot keep this hash during git-am? We probably don't
> need this hash anyway, as the two patches will be applied back to back.

I copied what was done in one of the previous commits that synced the
header. I'm a bit at a
loss what to put in the commit message otherwise.

-- 
Lorenz Bauer  |  Systems Engineer
25 Lavington St., London SE1 0NZ

www.cloudflare.com

^ permalink raw reply

* Re: [PATCH v2 1/3] bpf: allow zero-initializing hash map seed
From: Lorenz Bauer @ 2018-10-25 15:12 UTC (permalink / raw)
  To: liu.song.a23; +Cc: Alexei Starovoitov, Daniel Borkmann, netdev, linux-api
In-Reply-To: <CAPhsuW5_1LRw=tjaNWfgrPKaS_Rs12BYAHPOjmXwEs8C9YSy1Q@mail.gmail.com>

On Tue, 9 Oct 2018 at 01:08, Song Liu <liu.song.a23@gmail.com> wrote:
>
> > --- a/include/uapi/linux/bpf.h
> > +++ b/include/uapi/linux/bpf.h
> > @@ -253,6 +253,8 @@ enum bpf_attach_type {
> >  #define BPF_F_NO_COMMON_LRU    (1U << 1)
> >  /* Specify numa node during map creation */
> >  #define BPF_F_NUMA_NODE                (1U << 2)
> > +/* Zero-initialize hash function seed. This should only be used for testing. */
> > +#define BPF_F_ZERO_SEED                (1U << 6)
>
> Please add this line after
> #define BPF_F_STACK_BUILD_ID    (1U << 5)

I wanted to keep the flags for BPF_MAP_CREATE grouped together.
Maybe the correct value is (1U << 3)? It seemed like the other flags
were allocated to avoid
overlap between different BPF commands, however, so I tried to follow suit.

-- 
Lorenz Bauer  |  Systems Engineer
25 Lavington St., London SE1 0NZ

www.cloudflare.com

^ permalink raw reply

* Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel
From: Jason A. Donenfeld @ 2018-10-25 23:47 UTC (permalink / raw)
  To: Andrew Lunn
  Cc: LKML, Netdev, Linux Crypto Mailing List, David Miller,
	Greg Kroah-Hartman
In-Reply-To: <20181025224426.GC6276@lunn.ch>

Hi Andrew,

On Fri, Oct 26, 2018 at 12:44 AM Andrew Lunn <andrew@lunn.ch> wrote:
> Out of tree is important here. To some degree, mainline does not care
> about out of tree drivers. Putting in a bandaid for them does not help
> get them fixed.
>
> I would drop this bandaid. If the Android community decides to move
> wireguard from mainline into their fork, they can put the bandaid back
> in again, or get the driver fixed.

No out-of-tree is really not important here, and sorry if mentioning
that in my explanation was distracting and caused you to
misunderstand. The issue isn't the crazy wireless driver; the issue is
that suspend on Android happens all the time, and the entire Android
way of using Linux is centered around non-stop suspending, with
triggers to wake up (wifi drivers, for example, like the out-of-tree
qcacld one, but presumably in tree ones too), and ways of controlling
when it goes to sleep (screen blanking, wakelocks, etc). The Android
model of Linux revolves around this, and hence the suspend semantics
for WireGuard respect this model and adjust accordingly, using the
appropriate CONFIG_ANDROID to determine which model we're operating
under. This is not a bandaid, and it doesn't have to do with forks of
the Linux kernel.

Jason

^ permalink raw reply

* Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel
From: Jason A. Donenfeld @ 2018-10-25 23:59 UTC (permalink / raw)
  To: Andrew Lunn
  Cc: LKML, Netdev, Linux Crypto Mailing List, David Miller,
	Greg Kroah-Hartman
In-Reply-To: <20181025223746.GB6276@lunn.ch>

Hi Andrew,

On Fri, Oct 26, 2018 at 12:37 AM Andrew Lunn <andrew@lunn.ch> wrote:
> I can understand that. But on the flip side, CAKE reached something
> like version 19 before it got merged. Wireguard is looking similar.
> An addition like the above, is not controversial. You could submit
> such a single patch in a weeks time when net-next reopens, and
> probably version 1 or 2 will get accepted.

Alright, maybe I'll give it a try that way. Previously, every time I
wanted to send things upstream for WireGuard, I'd be sure to find
other users in the tree of what I was adding, since WireGuard wasn't
ready for patchsets yet. But I guess now that some series have begun,
it's more acceptable to add APIs here and there as you described.

Jason

^ permalink raw reply

* Re: [PATCH net-next v8 28/28] net: WireGuard secure network tunnel
From: Jason A. Donenfeld @ 2018-10-26  0:00 UTC (permalink / raw)
  To: Andrew Lunn
  Cc: LKML, Netdev, Linux Crypto Mailing List, David Miller,
	Greg Kroah-Hartman
In-Reply-To: <20181025225344.GD6276@lunn.ch>

Hi Andrew,

On Fri, Oct 26, 2018 at 12:53 AM Andrew Lunn <andrew@lunn.ch> wrote:
> > This is on the hot path, actually. Well, it's not on path of data
> > packets, but I do consider handshake packets to be fairly "warm".
>
> So for me, hot path is something called 10 million timers per
> second. How often do handshake packets happen?

I can actually imagine situations in which this rate might happen.
Handshake performance is important.

Jason

^ permalink raw reply


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox