1. 13 Sep, 2012 3 commits
  2. 12 Sep, 2012 1 commit
  3. 10 Sep, 2012 5 commits
  4. 09 Sep, 2012 2 commits
  5. 08 Sep, 2012 2 commits
  6. 07 Sep, 2012 5 commits
  7. 06 Sep, 2012 1 commit
    • Eric Dumazet's avatar
      tcp: fix TFO regression · 7ab4551f
      Eric Dumazet authored
      Fengguang Wu reported various panics and bisected to commit
      8336886f
      
       (tcp: TCP Fast Open Server - support TFO listeners)
      
      Fix this by making sure socket is a TCP socket before accessing TFO data
      structures.
      
      [  233.046014] kfree_debugcheck: out of range ptr ea6000000bb8h.
      [  233.047399] ------------[ cut here ]------------
      [  233.048393] kernel BUG at /c/kernel-tests/src/stable/mm/slab.c:3074!
      [  233.048393] invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC
      [  233.048393] Modules linked in:
      [  233.048393] CPU 0
      [  233.048393] Pid: 3929, comm: trinity-watchdo Not tainted 3.6.0-rc3+
      #4192 Bochs Bochs
      [  233.048393] RIP: 0010:[<ffffffff81169653>]  [<ffffffff81169653>]
      kfree_debugcheck+0x27/0x2d
      [  233.048393] RSP: 0018:ffff88000facbca8  EFLAGS: 00010092
      [  233.048393] RAX: 0000000000000031 RBX: 0000ea6000000bb8 RCX:
      00000000a189a188
      [  233.048393] RDX: 000000000000a189 RSI: ffffffff8108ad32 RDI:
      ffffffff810d30f9
      [  233.048393] RBP: ffff88000facbcb8 R08: 0000000000000002 R09:
      ffffffff843846f0
      [  233.048393] R10: ffffffff810ae37c R11: 0000000000000908 R12:
      0000000000000202
      [  233.048393] R13: ffffffff823dbd5a R14: ffff88000ec5bea8 R15:
      ffffffff8363c780
      [  233.048393] FS:  00007faa6899c700(0000) GS:ffff88001f200000(0000)
      knlGS:0000000000000000
      [  233.048393] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
      [  233.048393] CR2: 00007faa6841019c CR3: 0000000012c82000 CR4:
      00000000000006f0
      [  233.048393] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
      0000000000000000
      [  233.048393] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
      0000000000000400
      [  233.048393] Process trinity-watchdo (pid: 3929, threadinfo
      ffff88000faca000, task ffff88000faec600)
      [  233.048393] Stack:
      [  233.048393]  0000000000000000 0000ea6000000bb8 ffff88000facbce8
      ffffffff8116ad81
      [  233.048393]  ffff88000ff588a0 ffff88000ff58850 ffff88000ff588a0
      0000000000000000
      [  233.048393]  ffff88000facbd08 ffffffff823dbd5a ffffffff823dbcb0
      ffff88000ff58850
      [  233.048393] Call Trace:
      [  233.048393]  [<ffffffff8116ad81>] kfree+0x5f/0xca
      [  233.048393]  [<ffffffff823dbd5a>] inet_sock_destruct+0xaa/0x13c
      [  233.048393]  [<ffffffff823dbcb0>] ? inet_sk_rebuild_header
      +0x319/0x319
      [  233.048393]  [<ffffffff8231c307>] __sk_free+0x21/0x14b
      [  233.048393]  [<ffffffff8231c4bd>] sk_free+0x26/0x2a
      [  233.048393]  [<ffffffff825372db>] sctp_close+0x215/0x224
      [  233.048393]  [<ffffffff810d6835>] ? lock_release+0x16f/0x1b9
      [  233.048393]  [<ffffffff823daf12>] inet_release+0x7e/0x85
      [  233.048393]  [<ffffffff82317d15>] sock_release+0x1f/0x77
      [  233.048393]  [<ffffffff82317d94>] sock_close+0x27/0x2b
      [  233.048393]  [<ffffffff81173bbe>] __fput+0x101/0x20a
      [  233.048393]  [<ffffffff81173cd5>] ____fput+0xe/0x10
      [  233.048393]  [<ffffffff810a3794>] task_work_run+0x5d/0x75
      [  233.048393]  [<ffffffff8108da70>] do_exit+0x290/0x7f5
      [  233.048393]  [<ffffffff82707415>] ? retint_swapgs+0x13/0x1b
      [  233.048393]  [<ffffffff8108e23f>] do_group_exit+0x7b/0xba
      [  233.048393]  [<ffffffff8108e295>] sys_exit_group+0x17/0x17
      [  233.048393]  [<ffffffff8270de10>] tracesys+0xdd/0xe2
      [  233.048393] Code: 59 01 5d c3 55 48 89 e5 53 41 50 0f 1f 44 00 00 48
      89 fb e8 d4 b0 f0 ff 84 c0 75 11 48 89 de 48 c7 c7 fc fa f7 82 e8 0d 0f
      57 01 <0f> 0b 5f 5b 5d c3 55 48 89 e5 0f 1f 44 00 00 48 63 87 d8 00 00
      [  233.048393] RIP  [<ffffffff81169653>] kfree_debugcheck+0x27/0x2d
      [  233.048393]  RSP <ffff88000facbca8>
      Reported-by: default avatarFengguang Wu <wfg@linux.intel.com>
      Tested-by: default avatarFengguang Wu <wfg@linux.intel.com>
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: "H.K. Jerry Chu" <hkchu@google.com>
      Acked-by: default avatarNeal Cardwell <ncardwell@google.com>
      Acked-by: default avatarH.K. Jerry Chu <hkchu@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7ab4551f
  8. 05 Sep, 2012 6 commits
    • Nicolas Dichtel's avatar
      ipv6: fix handling of blackhole and prohibit routes · ef2c7d7b
      Nicolas Dichtel authored
      When adding a blackhole or a prohibit route, they were handling like classic
      routes. Moreover, it was only possible to add this kind of routes by specifying
      an interface.
      
      Bug already reported here:
        http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498498
      
      
      
      Before the patch:
        $ ip route add blackhole 2001::1/128
        RTNETLINK answers: No such device
        $ ip route add blackhole 2001::1/128 dev eth0
        $ ip -6 route | grep 2001
        2001::1 dev eth0  metric 1024
      
      After:
        $ ip route add blackhole 2001::1/128
        $ ip -6 route | grep 2001
        blackhole 2001::1 dev lo  metric 1024  error -22
      
      v2: wrong patch
      v3: add a field fc_type in struct fib6_config to store RTN_* type
      Signed-off-by: default avatarNicolas Dichtel <nicolas.dichtel@6wind.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ef2c7d7b
    • Eric Dumazet's avatar
      net: qdisc busylock needs lockdep annotations · 23d3b8bf
      Eric Dumazet authored
      
      
      It seems we need to provide ability for stacked devices
      to use specific lock_class_key for sch->busylock
      
      We could instead default l2tpeth tx_queue_len to 0 (no qdisc), but
      a user might use a qdisc anyway.
      
      (So same fixes are probably needed on non LLTX stacked drivers)
      
      Noticed while stressing L2TPV3 setup :
      
      ======================================================
       [ INFO: possible circular locking dependency detected ]
       3.6.0-rc3+ #788 Not tainted
       -------------------------------------------------------
       netperf/4660 is trying to acquire lock:
        (l2tpsock){+.-...}, at: [<ffffffffa0208db2>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
      
       but task is already holding lock:
        (&(&sch->busylock)->rlock){+.-...}, at: [<ffffffff81596595>] dev_queue_xmit+0xd75/0xe00
      
       which lock already depends on the new lock.
      
       the existing dependency chain (in reverse order) is:
      
       -> #1 (&(&sch->busylock)->rlock){+.-...}:
              [<ffffffff810a5df0>] lock_acquire+0x90/0x200
              [<ffffffff817499fc>] _raw_spin_lock_irqsave+0x4c/0x60
              [<ffffffff81074872>] __wake_up+0x32/0x70
              [<ffffffff8136d39e>] tty_wakeup+0x3e/0x80
              [<ffffffff81378fb3>] pty_write+0x73/0x80
              [<ffffffff8136cb4c>] tty_put_char+0x3c/0x40
              [<ffffffff813722b2>] process_echoes+0x142/0x330
              [<ffffffff813742ab>] n_tty_receive_buf+0x8fb/0x1230
              [<ffffffff813777b2>] flush_to_ldisc+0x142/0x1c0
              [<ffffffff81062818>] process_one_work+0x198/0x760
              [<ffffffff81063236>] worker_thread+0x186/0x4b0
              [<ffffffff810694d3>] kthread+0x93/0xa0
              [<ffffffff81753e24>] kernel_thread_helper+0x4/0x10
      
       -> #0 (l2tpsock){+.-...}:
              [<ffffffff810a5288>] __lock_acquire+0x1628/0x1b10
              [<ffffffff810a5df0>] lock_acquire+0x90/0x200
              [<ffffffff817498c1>] _raw_spin_lock+0x41/0x50
              [<ffffffffa0208db2>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
              [<ffffffffa021a802>] l2tp_eth_dev_xmit+0x32/0x60 [l2tp_eth]
              [<ffffffff815952b2>] dev_hard_start_xmit+0x502/0xa70
              [<ffffffff815b63ce>] sch_direct_xmit+0xfe/0x290
              [<ffffffff81595a05>] dev_queue_xmit+0x1e5/0xe00
              [<ffffffff815d9d60>] ip_finish_output+0x3d0/0x890
              [<ffffffff815db019>] ip_output+0x59/0xf0
              [<ffffffff815da36d>] ip_local_out+0x2d/0xa0
              [<ffffffff815da5a3>] ip_queue_xmit+0x1c3/0x680
              [<ffffffff815f4192>] tcp_transmit_skb+0x402/0xa60
              [<ffffffff815f4a94>] tcp_write_xmit+0x1f4/0xa30
              [<ffffffff815f5300>] tcp_push_one+0x30/0x40
              [<ffffffff815e6672>] tcp_sendmsg+0xe82/0x1040
              [<ffffffff81614495>] inet_sendmsg+0x125/0x230
              [<ffffffff81576cdc>] sock_sendmsg+0xdc/0xf0
              [<ffffffff81579ece>] sys_sendto+0xfe/0x130
              [<ffffffff81752c92>] system_call_fastpath+0x16/0x1b
        Possible unsafe locking scenario:
      
              CPU0                    CPU1
              ----                    ----
         lock(&(&sch->busylock)->rlock);
                                      lock(l2tpsock);
                                      lock(&(&sch->busylock)->rlock);
         lock(l2tpsock);
      
        *** DEADLOCK ***
      
       5 locks held by netperf/4660:
        #0:  (sk_lock-AF_INET){+.+.+.}, at: [<ffffffff815e581c>] tcp_sendmsg+0x2c/0x1040
        #1:  (rcu_read_lock){.+.+..}, at: [<ffffffff815da3e0>] ip_queue_xmit+0x0/0x680
        #2:  (rcu_read_lock_bh){.+....}, at: [<ffffffff815d9ac5>] ip_finish_output+0x135/0x890
        #3:  (rcu_read_lock_bh){.+....}, at: [<ffffffff81595820>] dev_queue_xmit+0x0/0xe00
        #4:  (&(&sch->busylock)->rlock){+.-...}, at: [<ffffffff81596595>] dev_queue_xmit+0xd75/0xe00
      
       stack backtrace:
       Pid: 4660, comm: netperf Not tainted 3.6.0-rc3+ #788
       Call Trace:
        [<ffffffff8173dbf8>] print_circular_bug+0x1fb/0x20c
        [<ffffffff810a5288>] __lock_acquire+0x1628/0x1b10
        [<ffffffff810a334b>] ? check_usage+0x9b/0x4d0
        [<ffffffff810a3f44>] ? __lock_acquire+0x2e4/0x1b10
        [<ffffffff810a5df0>] lock_acquire+0x90/0x200
        [<ffffffffa0208db2>] ? l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
        [<ffffffff817498c1>] _raw_spin_lock+0x41/0x50
        [<ffffffffa0208db2>] ? l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
        [<ffffffffa0208db2>] l2tp_xmit_skb+0x172/0xa50 [l2tp_core]
        [<ffffffffa021a802>] l2tp_eth_dev_xmit+0x32/0x60 [l2tp_eth]
        [<ffffffff815952b2>] dev_hard_start_xmit+0x502/0xa70
        [<ffffffff81594e0e>] ? dev_hard_start_xmit+0x5e/0xa70
        [<ffffffff81595961>] ? dev_queue_xmit+0x141/0xe00
        [<ffffffff815b63ce>] sch_direct_xmit+0xfe/0x290
        [<ffffffff81595a05>] dev_queue_xmit+0x1e5/0xe00
        [<ffffffff81595820>] ? dev_hard_start_xmit+0xa70/0xa70
        [<ffffffff815d9d60>] ip_finish_output+0x3d0/0x890
        [<ffffffff815d9ac5>] ? ip_finish_output+0x135/0x890
        [<ffffffff815db019>] ip_output+0x59/0xf0
        [<ffffffff815da36d>] ip_local_out+0x2d/0xa0
        [<ffffffff815da5a3>] ip_queue_xmit+0x1c3/0x680
        [<ffffffff815da3e0>] ? ip_local_out+0xa0/0xa0
        [<ffffffff815f4192>] tcp_transmit_skb+0x402/0xa60
        [<ffffffff815fa25e>] ? tcp_md5_do_lookup+0x18e/0x1a0
        [<ffffffff815f4a94>] tcp_write_xmit+0x1f4/0xa30
        [<ffffffff815f5300>] tcp_push_one+0x30/0x40
        [<ffffffff815e6672>] tcp_sendmsg+0xe82/0x1040
        [<ffffffff81614495>] inet_sendmsg+0x125/0x230
        [<ffffffff81614370>] ? inet_create+0x6b0/0x6b0
        [<ffffffff8157e6e2>] ? sock_update_classid+0xc2/0x3b0
        [<ffffffff8157e750>] ? sock_update_classid+0x130/0x3b0
        [<ffffffff81576cdc>] sock_sendmsg+0xdc/0xf0
        [<ffffffff81162579>] ? fget_light+0x3f9/0x4f0
        [<ffffffff81579ece>] sys_sendto+0xfe/0x130
        [<ffffffff810a69ad>] ? trace_hardirqs_on+0xd/0x10
        [<ffffffff8174a0b0>] ? _raw_spin_unlock_irq+0x30/0x50
        [<ffffffff810757e3>] ? finish_task_switch+0x83/0xf0
        [<ffffffff810757a6>] ? finish_task_switch+0x46/0xf0
        [<ffffffff81752cb7>] ? sysret_check+0x1b/0x56
        [<ffffffff81752c92>] system_call_fastpath+0x16/0x1b
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      23d3b8bf
    • Stephen Rothwell's avatar
      netfilter: ipv6: using csum_ipv6_magic requires net/ip6_checksum.h · 2c969322
      Stephen Rothwell authored
      
      
      Fixes this build error:
      
      net/ipv6/netfilter/nf_nat_l3proto_ipv6.c: In function 'nf_nat_ipv6_csum_recalc':
      net/ipv6/netfilter/nf_nat_l3proto_ipv6.c:144:4: error: implicit declaration of function 'csum_ipv6_magic' [-Werror=implicit-function-declaration]
      Signed-off-by: default avatarStephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2c969322
    • Nikolay Aleksandrov's avatar
      net: add unknown state to sysfs NIC duplex export · c6c13965
      Nikolay Aleksandrov authored
      
      
      Currently when the NIC duplex state is DUPLEX_UNKNOWN it is exported as
      full through sysfs, this patch adds support for DUPLEX_UNKNOWN. It is
      handled the same way as in ethtool.
      Signed-off-by: default avatarNikolay Aleksandrov <naleksan@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c6c13965
    • Julian Anastasov's avatar
      tcp: add generic netlink support for tcp_metrics · d23ff701
      Julian Anastasov authored
      
      
      Add support for genl "tcp_metrics". No locking
      is changed, only that now we can unlink and delete
      entries after grace period. We implement get/del for
      single entry and dump to support show/flush filtering
      in user space. Del without address attribute causes
      flush for all addresses, sadly under genl_mutex.
      
      v2:
      - remove rcu_assign_pointer as suggested by Eric Dumazet,
      it is not needed because there are no other writes under lock
      - move the flushing code in tcp_metrics_flush_all
      
      v3:
      - remove synchronize_rcu on flush as suggested by Eric Dumazet
      Signed-off-by: default avatarJulian Anastasov <ja@ssi.bg>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d23ff701
    • Pablo Neira Ayuso's avatar
      netfilter: fix crash during boot if NAT has been compiled built-in · 00545bec
      Pablo Neira Ayuso authored
      (c7232c99
      
       netfilter: add protocol independent NAT core) introduced a
      problem that leads to crashing during boot due to NULL pointer
      dereference. It seems that xt_nat calls xt_register_target() before
      xt_init():
      
      net/netfilter/x_tables.c:static struct xt_af *xt; is NULL and we crash on
      xt_register_target(struct xt_target *target)
      {
              u_int8_t af = target->family;
              int ret;
      
              ret = mutex_lock_interruptible(&xt[af].mutex);
      ...
      
      Fix this by changing the linking order, to make sure that x_tables
      comes before xt_nat.
      Reported-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      00545bec
  9. 04 Sep, 2012 3 commits
    • Masatake YAMATO's avatar
      net: Providing protocol type via system.sockprotoname xattr of /proc/PID/fd entries · 600e1779
      Masatake YAMATO authored
      
      
      lsof reports some of socket descriptors as "can't identify protocol" like:
      
          [yamato@localhost]/tmp% sudo lsof | grep dbus | grep iden
          dbus-daem   652          dbus    6u     sock ... 17812 can't identify protocol
          dbus-daem   652          dbus   34u     sock ... 24689 can't identify protocol
          dbus-daem   652          dbus   42u     sock ... 24739 can't identify protocol
          dbus-daem   652          dbus   48u     sock ... 22329 can't identify protocol
          ...
      
      lsof cannot resolve the protocol used in a socket because procfs
      doesn't provide the map between inode number on sockfs and protocol
      type of the socket.
      
      For improving the situation this patch adds an extended attribute named
      'system.sockprotoname' in which the protocol name for
      /proc/PID/fd/SOCKET is stored. So lsof can know the protocol for a
      given /proc/PID/fd/SOCKET with getxattr system call.
      
      A few weeks ago I submitted a patch for the same purpose. The patch
      was introduced /proc/net/sockfs which enumerates inodes and protocols
      of all sockets alive on a system. However, it was rejected because (1)
      a global lock was needed, and (2) the layout of struct socket was
      changed with the patch.
      
      This patch doesn't use any global lock; and doesn't change the layout
      of any structs.
      
      In this patch, a protocol name is stored to dentry->d_name of sockfs
      when new socket is associated with a file descriptor. Before this
      patch dentry->d_name was not used; it was just filled with empty
      string. lsof may use an extended attribute named
      'system.sockprotoname' to retrieve the value of dentry->d_name.
      
      It is nice if we can see the protocol name with ls -l
      /proc/PID/fd. However, "socket:[#INODE]", the name format returned
      from sockfs_dname() was already defined. To keep the compatibility
      between kernel and user land, the extended attribute is used to
      prepare the value of dentry->d_name.
      Signed-off-by: default avatarMasatake YAMATO <yamato@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      600e1779
    • David S. Miller's avatar
      net: Add INET dependency on aes crypto for the sake of TCP fastopen. · 798b2cbf
      David S. Miller authored
      Stephen Rothwell says:
      
      ====================
      After merging the final tree, today's linux-next build (powerpc
      ppc44x_defconfig) failed like this:
      
      net/built-in.o: In function `tcp_fastopen_ctx_free':
      tcp_fastopen.c:(.text+0x5cc5c): undefined reference to `crypto_destroy_tfm'
      net/built-in.o: In function `tcp_fastopen_reset_cipher':
      (.text+0x5cccc): undefined reference to `crypto_alloc_base'
      net/built-in.o: In function `tcp_fastopen_reset_cipher':
      (.text+0x5cd6c): undefined reference to `crypto_destroy_tfm'
      
      Presumably caused by commit 10467163 ("tcp: TCP Fast Open Server -
      header & support functions") from the net-next tree.  I assume that some
      dependency on the CRYPTO infrastructure is missing.
      
      I have reverted commit 1bed966c
      
       ("Merge branch
      'tcp_fastopen_server'") for today.
      ====================
      Reported-by: default avatarStephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      798b2cbf
    • Wei Yongjun's avatar
      sctp: use list_move_tail instead of list_del/list_add_tail · 54a27924
      Wei Yongjun authored
      Using list_move_tail() instead of list_del() + list_add_tail().
      
      spatch with a semantic match is used to found this problem.
      (http://coccinelle.lip6.fr/
      
      )
      Signed-off-by: default avatarWei Yongjun <yongjun_wei@trendmicro.com.cn>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      54a27924
  10. 03 Sep, 2012 11 commits
    • Pravin B Shelar's avatar
      openvswitch: Increase maximum number of datapath ports. · 15eac2a7
      Pravin B Shelar authored
      
      
      Use hash table to store ports of datapath. Allow 64K ports per switch.
      Signed-off-by: default avatarPravin B Shelar <pshelar@nicira.com>
      Signed-off-by: default avatarJesse Gross <jesse@nicira.com>
      15eac2a7
    • Yuchung Cheng's avatar
      tcp: use PRR to reduce cwin in CWR state · 684bad11
      Yuchung Cheng authored
      
      
      Use proportional rate reduction (PRR) algorithm to reduce cwnd in CWR state,
      in addition to Recovery state. Retire the current rate-halving in CWR.
      When losses are detected via ACKs in CWR state, the sender enters Recovery
      state but the cwnd reduction continues and does not restart.
      
      Rename and refactor cwnd reduction functions since both CWR and Recovery
      use the same algorithm:
      tcp_init_cwnd_reduction() is new and initiates reduction state variables.
      tcp_cwnd_reduction() is previously tcp_update_cwnd_in_recovery().
      tcp_ends_cwnd_reduction() is previously  tcp_complete_cwr().
      
      The rate halving functions and logic such as tcp_cwnd_down(), tcp_min_cwnd(),
      and the cwnd moderation inside tcp_enter_cwr() are removed. The unused
      parameter, flag, in tcp_cwnd_reduction() is also removed.
      Signed-off-by: default avatarYuchung Cheng <ycheng@google.com>
      Acked-by: default avatarNeal Cardwell <ncardwell@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      684bad11
    • Yuchung Cheng's avatar
      tcp: move tcp_update_cwnd_in_recovery · fb4d3d1d
      Yuchung Cheng authored
      
      
      To prepare replacing rate halving with PRR algorithm in CWR state.
      Signed-off-by: default avatarYuchung Cheng <ycheng@google.com>
      Acked-by: default avatarNeal Cardwell <ncardwell@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fb4d3d1d
    • Yuchung Cheng's avatar
      tcp: move tcp_enter_cwr() · 09484d1f
      Yuchung Cheng authored
      
      
      To prepare replacing rate halving with PRR algorithm in CWR state.
      Signed-off-by: default avatarYuchung Cheng <ycheng@google.com>
      Acked-by: default avatarNeal Cardwell <ncardwell@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      09484d1f
    • Jan Beulich's avatar
      netfilter: properly annotate ipv4_netfilter_{init,fini}() · ce9f3f31
      Jan Beulich authored
      
      
      Despite being just a few bytes of code, they should still have proper
      annotations.
      Signed-off-by: default avatarJan Beulich <jbeulich@suse.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      ce9f3f31
    • Michael Wang's avatar
      netfilter: pass 'nf_hook_ops' instead of 'list_head' to nf_queue() · 1c15b677
      Michael Wang authored
      
      
      Since 'list_for_each_continue_rcu' has already been replaced by
      'list_for_each_entry_continue_rcu', pass 'list_head' to nf_queue() as a
      parameter can not benefit us any more.
      
      This patch will replace 'list_head' with 'nf_hook_ops' as the parameter of
      nf_queue() and __nf_queue() to save code.
      Signed-off-by: default avatarMichael Wang <wangyun@linux.vnet.ibm.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      1c15b677
    • Michael Wang's avatar
      netfilter: pass 'nf_hook_ops' instead of 'list_head' to nf_iterate() · 2a6decfd
      Michael Wang authored
      
      
      Since 'list_for_each_continue_rcu' has already been replaced by
      'list_for_each_entry_continue_rcu', pass 'list_head' to nf_iterate() as a
      parameter can not benefit us any more.
      
      This patch will replace 'list_head' with 'nf_hook_ops' as the parameter of
      nf_iterate() to save code.
      Signed-off-by: default avatarMichael Wang <wangyun@linux.vnet.ibm.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      2a6decfd
    • Cong Wang's avatar
      netfilter: remove xt_NOTRACK · 96550501
      Cong Wang authored
      
      
      It was scheduled to be removed for a long time.
      
      Cc: Pablo Neira Ayuso <pablo@netfilter.org>
      Cc: Patrick McHardy <kaber@trash.net>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: netfilter@vger.kernel.org
      Signed-off-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      96550501
    • Pablo Neira Ayuso's avatar
      netfilter: nf_conntrack: add nf_ct_timeout_lookup · 84b5ee93
      Pablo Neira Ayuso authored
      
      
      This patch adds the new nf_ct_timeout_lookup function to encapsulate
      the timeout policy attachment that is called in the nf_conntrack_in
      path.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      84b5ee93
    • Pablo Neira Ayuso's avatar
      netfilter: xt_CT: refactorize xt_ct_tg_check · 236df005
      Pablo Neira Ayuso authored
      
      
      This patch adds xt_ct_set_helper and xt_ct_set_timeout to reduce
      the size of xt_ct_tg_check.
      
      This aims to improve code mantainability by splitting xt_ct_tg_check
      in smaller chunks.
      
      Suggested by Eric Dumazet.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      236df005
    • Pablo Neira Ayuso's avatar
      netfilter: xt_socket: fix compilation warnings with gcc 4.7 · 6703aa74
      Pablo Neira Ayuso authored
      
      
      This patch fixes compilation warnings in xt_socket with gcc-4.7.
      
      In file included from net/netfilter/xt_socket.c:22:0:
      net/netfilter/xt_socket.c: In function ‘socket_mt6_v1’:
      include/net/netfilter/nf_tproxy_core.h:175:23: warning: ‘sport’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:265:16: note: ‘sport’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:175:23: warning: ‘dport’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:265:9: note: ‘dport’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:175:6: warning: ‘saddr’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:264:27: note: ‘saddr’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:175:6: warning: ‘daddr’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:264:19: note: ‘daddr’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      net/netfilter/xt_socket.c: In function ‘socket_match.isra.4’:
      include/net/netfilter/nf_tproxy_core.h:75:2: warning: ‘protocol’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:113:5: note: ‘protocol’ was declared here
      In file included from include/net/tcp.h:37:0,
                       from net/netfilter/xt_socket.c:17:
      include/net/inet_hashtables.h:356:45: warning: ‘sport’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:112:16: note: ‘sport’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:106:23: warning: ‘dport’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:112:9: note: ‘dport’ was declared here
      In file included from include/net/tcp.h:37:0,
                       from net/netfilter/xt_socket.c:17:
      include/net/inet_hashtables.h:356:15: warning: ‘saddr’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:111:16: note: ‘saddr’ was declared here
      In file included from include/net/tcp.h:37:0,
                       from net/netfilter/xt_socket.c:17:
      include/net/inet_hashtables.h:356:15: warning: ‘daddr’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:111:9: note: ‘daddr’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      net/netfilter/xt_socket.c: In function ‘socket_mt6_v1’:
      include/net/netfilter/nf_tproxy_core.h:175:23: warning: ‘sport’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:268:16: note: ‘sport’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:175:23: warning: ‘dport’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:268:9: note: ‘dport’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:175:6: warning: ‘saddr’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:267:27: note: ‘saddr’ was declared here
      In file included from net/netfilter/xt_socket.c:22:0:
      include/net/netfilter/nf_tproxy_core.h:175:6: warning: ‘daddr’ may be used uninitialized in this function [-Wmaybe-uninitialized]
      net/netfilter/xt_socket.c:267:19: note: ‘daddr’ was declared here
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      6703aa74
  11. 01 Sep, 2012 1 commit