1. 03 Jun, 2019 1 commit
  2. 30 May, 2019 1 commit
  3. 21 May, 2019 1 commit
  4. 07 May, 2019 1 commit
  5. 06 May, 2019 1 commit
    • Vladimir Oltean's avatar
      net: dsa: Allow drivers to filter packets they can decode source port from · cc1939e4
      Vladimir Oltean authored
      Frames get processed by DSA and redirected to switch port net devices
      based on the ETH_P_XDSA multiplexed packet_type handler found by the
      network stack when calling eth_type_trans().
      
      The running assumption is that once the DSA .rcv function is called, DSA
      is always able to decode the switch tag in order to change the skb->dev
      from its master.
      
      However there are tagging protocols (such as the new DSA_TAG_PROTO_SJA1105,
      user of DSA_TAG_PROTO_8021Q) where this assumption is not completely
      true, since switch tagging piggybacks on the absence of a vlan_filtering
      bridge. Moreover, management traffic (BPDU, PTP) for this switch doesn't
      rely on switch tagging, but on a different mechanism. So it would make
      sense to at least be able to terminate that.
      
      Having DSA receive traffic it can't decode would put it in an impossible
      situation: the eth_type_trans() function would invoke the DSA .rcv(),
      which could not change skb->dev, then eth_type_trans() would be invoked
      again, which again would call the DSA .rcv, and the packet would never
      be able to exit the DSA filter and would spiral in a loop until the
      whole system dies.
      
      This happens because eth_type_trans() doesn't actually look at the skb
      (so as to identify a potential tag) when it deems it as being
      ETH_P_XDSA. It just checks whether skb->dev has a DSA private pointer
      installed (therefore it's a DSA master) and that there exists a .rcv
      callback (everybody except DSA_TAG_PROTO_NONE has that). This is
      understandable as there are many switch tags out there, and exhaustively
      checking for all of them is far from ideal.
      
      The solution lies in introducing a filtering function for each tagging
      protocol. In the absence of a filtering function, all traffic is passed
      to the .rcv DSA callback. The tagging protocol should see the filtering
      function as a pre-validation that it can decode the incoming skb. The
      traffic that doesn't match the filter will bypass the DSA .rcv callback
      and be left on the master netdevice, which wasn't previously possible.
      Signed-off-by: default avatarVladimir Oltean <olteanv@gmail.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      cc1939e4
  6. 23 Apr, 2019 2 commits
  7. 22 Feb, 2019 1 commit
  8. 03 Dec, 2018 1 commit
  9. 15 Nov, 2018 1 commit
    • Li RongQing's avatar
      net: slightly optimize eth_type_trans · 45cf7959
      Li RongQing authored
      netperf udp stream shows that eth_type_trans takes certain cpu,
      so adjust the mac address check order, and firstly check if it
      is device address, and only check if it is multicast address
      only if not the device address.
      
      After this change:
      To unicast, and skb dst mac is device mac, this is most of time
      reduce a comparision
      To unicast, and skb dst mac is not device mac, nothing change
      To multicast, increase a comparision
      
      Before:
      1.03%  [kernel]          [k] eth_type_trans
      
      After:
      0.78%  [kernel]          [k] eth_type_trans
      Signed-off-by: default avatarZhang Yu <zhangyu31@baidu.com>
      Signed-off-by: default avatarLi RongQing <lirongqing@baidu.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      45cf7959
  10. 26 Jun, 2018 1 commit
    • David Miller's avatar
      net: Convert GRO SKB handling to list_head. · d4546c25
      David Miller authored
      Manage pending per-NAPI GRO packets via list_head.
      
      Return an SKB pointer from the GRO receive handlers.  When GRO receive
      handlers return non-NULL, it means that this SKB needs to be completed
      at this time and removed from the NAPI queue.
      
      Several operations are greatly simplified by this transformation,
      especially timing out the oldest SKB in the list when gro_count
      exceeds MAX_GRO_SKBS, and napi_gro_flush() which walks the queue
      in reverse order.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d4546c25
  11. 08 May, 2018 1 commit
    • Paolo Abeni's avatar
      net: core: rework basic flow dissection helper · 72a338bc
      Paolo Abeni authored
      When the core networking needs to detect the transport offset in a given
      packet and parse it explicitly, a full-blown flow_keys struct is used for
      storage.
      This patch introduces a smaller keys store, rework the basic flow dissect
      helper to use it, and apply this new helper where possible - namely in
      skb_probe_transport_header(). The used flow dissector data structures
      are renamed to match more closely the new role.
      
      The above gives ~50% performance improvement in micro benchmarking around
      skb_probe_transport_header() and ~30% around eth_get_headlen(), mostly due
      to the smaller memset. Small, but measurable improvement is measured also
      in macro benchmarking.
      
      v1 -> v2: use the new helper in eth_get_headlen() and skb_get_poff(),
        as per DaveM suggestion
      Suggested-by: default avatarDavid Miller <davem@davemloft.net>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      72a338bc
  12. 16 Jun, 2017 1 commit
    • Johannes Berg's avatar
      networking: make skb_push & __skb_push return void pointers · d58ff351
      Johannes Berg authored
      It seems like a historic accident that these return unsigned char *,
      and in many places that means casts are required, more often than not.
      
      Make these functions return void * and remove all the casts across
      the tree, adding a (u8 *) cast only where the unsigned char pointer
      was used directly, all done with the following spatch:
      
          @@
          expression SKB, LEN;
          typedef u8;
          identifier fn = { skb_push, __skb_push, skb_push_rcsum };
          @@
          - *(fn(SKB, LEN))
          + *(u8 *)fn(SKB, LEN)
      
          @@
          expression E, SKB, LEN;
          identifier fn = { skb_push, __skb_push, skb_push_rcsum };
          type T;
          @@
          - E = ((T *)(fn(SKB, LEN)))
          + E = fn(SKB, LEN)
      
          @@
          expression SKB, LEN;
          identifier fn = { skb_push, __skb_push, skb_push_rcsum };
          @@
          - fn(SKB, LEN)[0]
          + *(u8 *)fn(SKB, LEN)
      
      Note that the last part there converts from push(...)[0] to the
      more idiomatic *(u8 *)push(...).
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d58ff351
  13. 15 Feb, 2017 1 commit
    • Steffen Klassert's avatar
      net: Add a skb_gro_flush_final helper. · 5f114163
      Steffen Klassert authored
      Add a skb_gro_flush_final helper to prepare for  consuming
      skbs in call_gro_receive. We will extend this helper to not
      touch the skb if the skb is consumed by a gro callback with
      a followup patch. We need this to handle the upcomming IPsec
      ESP callbacks as they reinject the skb to the napi_gro_receive
      asynchronous. The handler is used in all gro_receive functions
      that can call the ESP gro handlers.
      Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
      5f114163
  14. 08 Feb, 2017 1 commit
  15. 30 Jan, 2017 1 commit
  16. 08 Nov, 2016 1 commit
  17. 20 Oct, 2016 1 commit
    • Sabrina Dubroca's avatar
      net: add recursion limit to GRO · fcd91dd4
      Sabrina Dubroca authored
      Currently, GRO can do unlimited recursion through the gro_receive
      handlers.  This was fixed for tunneling protocols by limiting tunnel GRO
      to one level with encap_mark, but both VLAN and TEB still have this
      problem.  Thus, the kernel is vulnerable to a stack overflow, if we
      receive a packet composed entirely of VLAN headers.
      
      This patch adds a recursion counter to the GRO layer to prevent stack
      overflow.  When a gro_receive function hits the recursion limit, GRO is
      aborted for this skb and it is processed normally.  This recursion
      counter is put in the GRO CB, but could be turned into a percpu counter
      if we run out of space in the CB.
      
      Thanks to Vladimír Beneš <vbenes@redhat.com> for the initial bug report.
      
      Fixes: CVE-2016-7039
      Fixes: 9b174d88 ("net: Add Transparent Ethernet Bridging GRO support.")
      Fixes: 66e5133f ("vlan: Add GRO support for non hardware accelerated vlan")
      Signed-off-by: default avatarSabrina Dubroca <sd@queasysnail.net>
      Reviewed-by: default avatarJiri Benc <jbenc@redhat.com>
      Acked-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
      Acked-by: default avatarTom Herbert <tom@herbertland.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fcd91dd4
  18. 13 Oct, 2016 1 commit
    • Jarod Wilson's avatar
      net: deprecate eth_change_mtu, remove usage · a52ad514
      Jarod Wilson authored
      With centralized MTU checking, there's nothing productive done by
      eth_change_mtu that isn't already done in dev_set_mtu, so mark it as
      deprecated and remove all usage of it in the kernel. All callers have been
      audited for calls to alloc_etherdev* or ether_setup directly, which means
      they all have a valid dev->min_mtu and dev->max_mtu. Now eth_change_mtu
      prints out a netdev_warn about being deprecated, for the benefit of
      out-of-tree drivers that might be utilizing it.
      
      Of note, dvb_net.c actually had dev->mtu = 4096, while using
      eth_change_mtu, meaning that if you ever tried changing it's mtu, you
      couldn't set it above 1500 anymore. It's now getting dev->max_mtu also set
      to 4096 to remedy that.
      
      v2: fix up lantiq_etop, missed breakage due to drive not compiling on x86
      
      CC: netdev@vger.kernel.org
      Signed-off-by: default avatarJarod Wilson <jarod@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a52ad514
  19. 24 Feb, 2016 1 commit
  20. 06 Jan, 2016 1 commit
    • David S. Miller's avatar
      net: Add eth_platform_get_mac_address() helper. · c7f5d105
      David S. Miller authored
      A repeating pattern in drivers has become to use OF node information
      and, if not found, platform specific host information to extract the
      ethernet address for a given device.
      
      Currently this is done with a call to of_get_mac_address() and then
      some ifdef'd stuff for SPARC.
      
      Consolidate this into a portable routine, and provide the
      arch_get_platform_mac_address() weak function hook for all
      architectures to implement if they want.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c7f5d105
  21. 29 Sep, 2015 1 commit
    • Jesper Dangaard Brouer's avatar
      net: help compiler generate better code in eth_get_headlen · 8a4683a5
      Jesper Dangaard Brouer authored
      Noticed that the compiler (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC))
      generated suboptimal assembler code in eth_get_headlen().
      
      This early return coding style is usually not an issue, on super scalar CPUs,
      but the compiler choose to put the return statement after this very unlikely
      branch, thus creating larger jump down to the likely code path.
      
      Performance wise, I could measure slightly less L1-icache-load-misses
      and less branch-misses, and an improvement of 1 nanosec with an IP-forwarding
      use-case with 257 bytes packets with ixgbe (CPU i7-4790K @ 4.00GHz).
      Signed-off-by: default avatarJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8a4683a5
  22. 01 Sep, 2015 1 commit
  23. 10 Aug, 2015 1 commit
  24. 04 Jun, 2015 1 commit
    • Tom Herbert's avatar
      net: Add full IPv6 addresses to flow_keys · c3f83241
      Tom Herbert authored
      This patch adds full IPv6 addresses into flow_keys and uses them as
      input to the flow hash function. The implementation supports either
      IPv4 or IPv6 addresses in a union, and selector is used to determine
      how may words to input to jhash2.
      
      We also add flow_get_u32_dst and flow_get_u32_src functions which are
      used to get a u32 representation of the source and destination
      addresses. For IPv6, ipv6_addr_hash is called. These functions retain
      getting the legacy values of src and dst in flow_keys.
      
      With this patch, Ethertype and IP protocol are now included in the
      flow hash input.
      Signed-off-by: default avatarTom Herbert <tom@herbertland.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c3f83241
  25. 01 Jun, 2015 1 commit
  26. 13 May, 2015 2 commits
  27. 05 May, 2015 1 commit
    • Alexander Duyck's avatar
      etherdev: Fix sparse error, make test usable by other functions · 2c7a88c2
      Alexander Duyck authored
      This change does two things.  First it fixes a sparse error for the fact
      that the __be16 degrades to an integer.  Since that is actually what I am
      kind of doing I am simply working around that by forcing both sides of the
      comparison to u16.
      
      Also I realized on some compilers I was generating another instruction for
      big endian systems such as PowerPC since it was masking the value before
      doing the comparison.  So to resolve that I have simply pulled the mask out
      and wrapped it in an #ifndef __BIG_ENDIAN.
      
      Lastly I pulled this all out into its own function.  I notices there are
      similar checks in a number of other places so this function can be reused
      there to help reduce overhead in these paths as well.
      Signed-off-by: default avatarAlexander Duyck <alexander.h.duyck@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2c7a88c2
  28. 04 May, 2015 3 commits
  29. 03 Mar, 2015 1 commit
  30. 02 Mar, 2015 1 commit
  31. 02 Jan, 2015 1 commit
  32. 06 Sep, 2014 1 commit
  33. 28 Aug, 2014 1 commit
    • Florian Fainelli's avatar
      net: dsa: reduce number of protocol hooks · 3e8a72d1
      Florian Fainelli authored
      DSA is currently registering one packet_type function per EtherType it
      needs to intercept in the receive path of a DSA-enabled Ethernet device.
      Right now we have three of them: trailer, DSA and eDSA, and there might
      be more in the future, this will not scale to the addition of new
      protocols.
      
      This patch proceeds with adding a new layer of abstraction and two new
      functions:
      
      dsa_switch_rcv() which will dispatch into the tag-protocol specific
      receive function implemented by net/dsa/tag_*.c
      
      dsa_slave_xmit() which will dispatch into the tag-protocol specific
      transmit function implemented by net/dsa/tag_*.c
      
      When we do create the per-port slave network devices, we iterate over
      the switch protocol to assign the DSA-specific receive and transmit
      operations.
      
      A new fake ethertype value is used: ETH_P_XDSA to illustrate the fact
      that this is no longer going to look like ETH_P_DSA or ETH_P_TRAILER
      like it used to be.
      
      This allows us to greatly simplify the check in eth_type_trans() and
      always override the skb->protocol with ETH_P_XDSA for Ethernet switches
      tagged protocol, while also reducing the number repetitive slave
      netdevice_ops assignments.
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3e8a72d1
  34. 15 Jul, 2014 1 commit
    • Tom Gundersen's avatar
      net: set name_assign_type in alloc_netdev() · c835a677
      Tom Gundersen authored
      Extend alloc_netdev{,_mq{,s}}() to take name_assign_type as argument, and convert
      all users to pass NET_NAME_UNKNOWN.
      
      Coccinelle patch:
      
      @@
      expression sizeof_priv, name, setup, txqs, rxqs, count;
      @@
      
      (
      -alloc_netdev_mqs(sizeof_priv, name, setup, txqs, rxqs)
      +alloc_netdev_mqs(sizeof_priv, name, NET_NAME_UNKNOWN, setup, txqs, rxqs)
      |
      -alloc_netdev_mq(sizeof_priv, name, setup, count)
      +alloc_netdev_mq(sizeof_priv, name, NET_NAME_UNKNOWN, setup, count)
      |
      -alloc_netdev(sizeof_priv, name, setup)
      +alloc_netdev(sizeof_priv, name, NET_NAME_UNKNOWN, setup)
      )
      
      v9: move comments here from the wrong commit
      Signed-off-by: default avatarTom Gundersen <teg@jklm.no>
      Reviewed-by: default avatarDavid Herrmann <dh.herrmann@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c835a677
  35. 16 Jan, 2014 1 commit
  36. 01 Oct, 2013 1 commit