1. 18 Feb, 2016 6 commits
    • Florian Westphal's avatar
      Revert "genl: Add genlmsg_new_unicast() for unicast message allocation" · 263ea090
      Florian Westphal authored
      This reverts commit bb9b18fb ("genl: Add genlmsg_new_unicast() for
      unicast message allocation")'.
      Nothing wrong with it; its no longer needed since this was only for
      mmapped netlink support.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Florian Westphal's avatar
      openvswitch: Revert: "Enable memory mapped Netlink i/o" · 551ddc05
      Florian Westphal authored
      revert commit 795449d8 ("openvswitch: Enable memory mapped Netlink i/o").
      Following the mmaped netlink removal this code can be removed.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Florian Westphal's avatar
      netlink: remove mmapped netlink support · d1b4c689
      Florian Westphal authored
      mmapped netlink has a number of unresolved issues:
      - TX zerocopy support had to be disabled more than a year ago via
        commit 4682a035 ("netlink: Always copy on mmap TX.")
        because the content of the mmapped area can change after netlink
        attribute validation but before message processing.
      - RX support was implemented mainly to speed up nfqueue dumping packet
        payload to userspace.  However, since commit ae08ce00
        ("netfilter: nfnetlink_queue: zero copy support") we avoid one copy
        with the socket-based interface too (via the skb_zerocopy helper).
      The other problem is that skbs attached to mmaped netlink socket
      behave different from normal skbs:
      - they don't have a shinfo area, so all functions that use skb_shinfo()
      (e.g. skb_clone) cannot be used.
      - reserving headroom prevents userspace from seeing the content as
      it expects message to start at skb->head.
      See for instance
      commit aa3a0220 ("netlink: not trim skb for mmaped socket when dump").
      - skbs handed e.g. to netlink_ack must have non-NULL skb->sk, else we
      crash because it needs the sk to check if a tx ring is attached.
      Also not obvious, leads to non-intuitive bug fixes such as 7c7bdf35
      ("netfilter: nfnetlink: use original skbuff when acking batches").
      mmaped netlink also didn't play nicely with the skb_zerocopy helper
      used by nfqueue and openvswitch.  Daniel Borkmann fixed this via
      commit 6bb0fef4 ("netlink, mmap: fix edge-case leakages in nf queue
      zero-copy")' but at the cost of also needing to provide remaining
      length to the allocation function.
      nfqueue also has problems when used with mmaped rx netlink:
      - mmaped netlink doesn't allow use of nfqueue batch verdict messages.
        Problem is that in the mmap case, the allocation time also determines
        the ordering in which the frame will be seen by userspace (A
        allocating before B means that A is located in earlier ring slot,
        but this also means that B might get a lower sequence number then A
        since seqno is decided later.  To fix this we would need to extend the
        spinlocked region to also cover the allocation and message setup which
        isn't desirable.
      - nfqueue can now be configured to queue large (GSO) skbs to userspace.
        Queing GSO packets is faster than having to force a software segmentation
        in the kernel, so this is a desirable option.  However, with a mmap based
        ring one has to use 64kb per ring slot element, else mmap has to fall back
        to the socket path (NL_MMAP_STATUS_COPY) for all large packets.
      To use the mmap interface, userspace not only has to probe for mmap netlink
      support, it also has to implement a recv/socket receive path in order to
      handle messages that exceed the size of an rx ring element.
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Ken-ichirou MATSUZAWA <chamaken@gmail.com>
      Cc: Pablo Neira Ayuso <pablo@netfilter.org>
      Cc: Patrick McHardy <kaber@trash.net>
      Cc: Thomas Graf <tgraf@suug.ch>
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Jamal Hadi Salim's avatar
    • Ido Schimmel's avatar
      bridge: switchdev: Offload VLAN flags to hardware bridge · 7fbac984
      Ido Schimmel authored
      When VLANs are created / destroyed on a VLAN filtering bridge (MASTER
      flag set), the configuration is passed down to the hardware. However,
      when only the flags (e.g. PVID) are toggled, the configuration is done
      in the software bridge alone.
      While it is possible to pass these flags to hardware when invoked with
      the SELF flag set, this creates inconsistency with regards to the way
      the VLANs are initially configured.
      Pass the flags down to the hardware even when the VLAN already exists
      and only the flags are toggled.
      Signed-off-by: default avatarIdo Schimmel <idosch@mellanox.com>
      Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Colin Ian King's avatar
      net-sysfs: remove unused fmt_long_hex · fbbef866
      Colin Ian King authored
      Ever since commit 04ed3e74
      ("net: change netdev->features to u32") the format string
      fmt_long_hex has not been used, so we may as well remove it.
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  2. 17 Feb, 2016 11 commits
  3. 16 Feb, 2016 15 commits
  4. 12 Feb, 2016 7 commits
  5. 11 Feb, 2016 1 commit