1. 21 Jul, 2015 4 commits
  2. 20 Jul, 2015 6 commits
  3. 16 Jul, 2015 5 commits
  4. 13 Jul, 2015 2 commits
    • Nikolay Aleksandrov's avatar
      bridge: mdb: add vlan support for user entries · 74fe61f1
      Nikolay Aleksandrov authored
      
      
      Until now all user mdb entries were added in vlan 0, this patch adds
      support to allow the user to specify the vlan for the entry.
      About the uapi change a hole in struct br_mdb_entry is used so the size
      and offsets are kept the same (verified with pahole and tested with older
      iproute2).
      
      Example:
      $ bridge mdb
      dev br0 port eth1 grp 239.0.0.1 permanent vlan 2000
      dev br0 port eth1 grp 239.0.0.1 permanent vlan 200
      dev br0 port eth1 grp 239.0.0.1 permanent
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@cumulusnetworks.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      74fe61f1
    • Tom Herbert's avatar
      net: Build IPv6 into kernel by default · de551f2e
      Tom Herbert authored
      This patch makes the default to build IPv6 into the kernel. IPv6
      now has significant traction and any remaining vestiges of IPv6
      not being provided parity with IPv4 should be swept away. IPv6 is now
      core to the Internet and kernel.
      
      Points on IPv6 adoption:
      
      - Per Google statistics, IPv6 usage has reached 7% on the Internet
        and continues to exhibit an exponential growth rate
        https://www.google.com/intl/en/ipv6/statistics.html
      
      
      - Just a few days ago ARIN officially depleted its IPv4 pool
      - IPv6 only data centers are being successfully built
        (e.g. at Facebook)
      
      This patch changes the IPv6 Kconfig for IPV6. Default for CONFIG_IPV6
      is set to "y" and the text has been updated to reflect the maturity of
      IPv6.
      
      Impact:
      
      Under some circumstances building modules in to kernel might have a
      performance advantage. In my testing, I did notice a very slight
      improvement.
      
      This will obviously increase the size of the kernel image. In my
      configuration I see:
      
      IPv6 as module:
      
         text    data     bss     dec     hex filename
      9703666 1899288  933888 12536842         bf4c0a vmlinux
      
      IPv6 built into kernel
      
        text     data     bss     dec     hex filename
      9436490 1879600  913408 12229498         ba9b7a vmlinux
      
      Which increases text size by ~270K (2.8% increase in size for me). If
      image size is an issue, presumably for a device which does not do IP
      networking (IMO we should be discouraging IPv4-only devices), IPV6 can
      be disabled or still built as a module.
      Acked-by: default avatarYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
      Signed-off-by: default avatarTom Herbert <tom@herbertland.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      de551f2e
  5. 12 Jul, 2015 5 commits
  6. 11 Jul, 2015 5 commits
    • Phil Sutter's avatar
      net: inet_diag: always export IPV6_V6ONLY sockopt for listening sockets · 8220ea23
      Phil Sutter authored
      Reconsidering my commit 20462155
      
       "net: inet_diag: export IPV6_V6ONLY
      sockopt", I am not happy with the limitations it causes for socket
      analysing code in userspace. Exporting the value only if it is set makes
      it hard for userspace to decide whether the option is not set or the
      kernel does not support exporting the option at all.
      
      >From an auditor's perspective, the interesting question for listening
      AF_INET6 sockets is: "Does it NOT have IPV6_V6ONLY set?" Because it is
      the unexpected case. This patch allows to answer this question reliably.
      Signed-off-by: default avatarPhil Sutter <phil@nwl.cc>
      Cc: Eric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8220ea23
    • YOSHIFUJI Hideaki/吉藤英明's avatar
      ipv6: Do not iterate over all interfaces when finding source address on specific interface. · 9131f3de
      YOSHIFUJI Hideaki/吉藤英明 authored
      
      
      If outgoing interface is specified and the candidate address is
      restricted to the outgoing interface, it is enough to iterate
      over that given interface only.
      Signed-off-by: default avatarYOSHIFUJI Hideaki <hideaki.yoshifuji@miraclelinux.com>
      Acked-by: default avatarErik Kline <ek@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9131f3de
    • Satish Ashok's avatar
      bridge: mdb: allow the user to delete mdb entry if there's a querier · 51ed7f3e
      Satish Ashok authored
      
      
      Until now when a querier was present static entries couldn't be deleted.
      Fix this and allow the user to manipulate the mdb with or without a
      querier.
      Signed-off-by: default avatarSatish Ashok <sashok@cumulusnetworks.com>
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@cumulusnetworks.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      51ed7f3e
    • Julian Anastasov's avatar
      net: call rcu_read_lock early in process_backlog · 2c17d27c
      Julian Anastasov authored
      Incoming packet should be either in backlog queue or
      in RCU read-side section. Otherwise, the final sequence of
      flush_backlog() and synchronize_net() may miss packets
      that can run without device reference:
      
      CPU 1                  CPU 2
                             skb->dev: no reference
                             process_backlog:__skb_dequeue
                             process_backlog:local_irq_enable
      
      on_each_cpu for
      flush_backlog =>       IPI(hardirq): flush_backlog
                             - packet not found in backlog
      
                             CPU delayed ...
      synchronize_net
      - no ongoing RCU
      read-side sections
      
      netdev_run_todo,
      rcu_barrier: no
      ongoing callbacks
                             __netif_receive_skb_core:rcu_read_lock
                             - too late
      free dev
                             process packet for freed dev
      
      Fixes: 6e583ce5
      
       ("net: eliminate refcounting in backlog queue")
      Cc: Eric W. Biederman <ebiederm@xmission.com>
      Cc: Stephen Hemminger <stephen@networkplumber.org>
      Signed-off-by: default avatarJulian Anastasov <ja@ssi.bg>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2c17d27c
    • Julian Anastasov's avatar
      net: do not process device backlog during unregistration · e9e4dd32
      Julian Anastasov authored
      commit 381c759d
      
       ("ipv4: Avoid crashing in ip_error")
      fixes a problem where processed packet comes from device
      with destroyed inetdev (dev->ip_ptr). This is not expected
      because inetdev_destroy is called in NETDEV_UNREGISTER
      phase and packets should not be processed after
      dev_close_many() and synchronize_net(). Above fix is still
      required because inetdev_destroy can be called for other
      reasons. But it shows the real problem: backlog can keep
      packets for long time and they do not hold reference to
      device. Such packets are then delivered to upper levels
      at the same time when device is unregistered.
      Calling flush_backlog after NETDEV_UNREGISTER_FINAL still
      accounts all packets from backlog but before that some packets
      continue to be delivered to upper levels long after the
      synchronize_net call which is supposed to wait the last
      ones. Also, as Eric pointed out, processed packets, mostly
      from other devices, can continue to add new packets to backlog.
      
      Fix the problem by moving flush_backlog early, after the
      device driver is stopped and before the synchronize_net() call.
      Then use netif_running check to make sure we do not add more
      packets to backlog. We have to do it in enqueue_to_backlog
      context when the local IRQ is disabled. As result, after the
      flush_backlog and synchronize_net sequence all packets
      should be accounted.
      
      Thanks to Eric W. Biederman for the test script and his
      valuable feedback!
      Reported-by: default avatarVittorio Gambaletta <linuxbugs@vittgam.net>
      Fixes: 6e583ce5
      
       ("net: eliminate refcounting in backlog queue")
      Cc: Eric W. Biederman <ebiederm@xmission.com>
      Cc: Stephen Hemminger <stephen@networkplumber.org>
      Signed-off-by: default avatarJulian Anastasov <ja@ssi.bg>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e9e4dd32
  7. 10 Jul, 2015 5 commits
  8. 09 Jul, 2015 8 commits