Lennert Buytenhek [Tue, 7 Oct 2008 13:46:07 +0000 (13:46 +0000)]
dsa: add support for Trailer tagging format
This adds support for the Trailer switch tagging format. This is
another tagging that doesn't explicitly mark tagged packets with a
distinct ethertype, so that we need to add a similar hack in the
receive path as for the Original DSA tagging format.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Tested-by: Byron Bradley <byron.bbradley@gmail.com>
Tested-by: Tim Ellis <tim.ellis@mac.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Tue, 7 Oct 2008 13:45:18 +0000 (13:45 +0000)]
dsa: add support for the Marvell
88E6131 switch chip
Add support for the Marvell
88E6131 switch chip. This chip only
supports the original (ethertype-less) DSA tagging format.
On the
88E6131, there is a PHY Polling Unit (PPU) which has exclusive
access to each of the PHYs's MII management registers. If we want to
talk to the PHYs from software, we have to disable the PPU and wait
for it to complete its current transaction before we can do so, and we
need to re-enable the PPU afterwards to make sure that the switch will
notice changes in link state and speed on the individual ports as they
occur.
Since disabling the PPU is rather slow, and since MII management
accesses are typically done in bursts, this patch keeps the PPU disabled
for 10ms after a software access completes. This makes handling the
PPU slightly more complex, but speeds up something like running ethtool
on one of the switch slave interfaces from ~300ms to ~30ms on typical
hardware.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Tested-by: Nicolas Pitre <nico@marvell.com>
Tested-by: Peter van Valderen <linux@ddcrew.com>
Tested-by: Dirk Teurlings <dirk@upexia.nl>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Tue, 7 Oct 2008 13:45:02 +0000 (13:45 +0000)]
dsa: add support for original DSA tagging format
Most of the DSA switches currently in the field do not support the
Ethertype DSA tagging format that one of the previous patches added
support for, but only the original DSA tagging format.
The original DSA tagging format carries the same information as the
Ethertype DSA tagging format, but with the difference that it does not
have an ethertype field. In other words, when receiving a packet that
is tagged with an original DSA tag, there is no way of telling in
eth_type_trans() that this packet is in fact a DSA-tagged packet.
This patch adds a hook into eth_type_trans() which is only compiled in
if support for a switch chip that doesn't support Ethertype DSA is
selected, and which checks whether there is a DSA switch driver
instance attached to this network device which uses the old tag format.
If so, it sets the protocol field to ETH_P_DSA without looking at the
packet, so that the packet ends up in the right place.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Tested-by: Nicolas Pitre <nico@marvell.com>
Tested-by: Peter van Valderen <linux@ddcrew.com>
Tested-by: Dirk Teurlings <dirk@upexia.nl>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Tue, 7 Oct 2008 13:44:02 +0000 (13:44 +0000)]
net: Distributed Switch Architecture protocol support
Distributed Switch Architecture is a protocol for managing hardware
switch chips. It consists of a set of MII management registers and
commands to configure the switch, and an ethernet header format to
signal which of the ports of the switch a packet was received from
or is intended to be sent to.
The switches that this driver supports are typically embedded in
access points and routers, and a typical setup with a DSA switch
looks something like this:
+-----------+ +-----------+
| | RGMII | |
| +-------+ +------ 1000baseT MDI ("WAN")
| | | 6-port +------ 1000baseT MDI ("LAN1")
| CPU | | ethernet +------ 1000baseT MDI ("LAN2")
| |MIImgmt| switch +------ 1000baseT MDI ("LAN3")
| +-------+ w/5 PHYs +------ 1000baseT MDI ("LAN4")
| | | |
+-----------+ +-----------+
The switch driver presents each port on the switch as a separate
network interface to Linux, polls the switch to maintain software
link state of those ports, forwards MII management interface
accesses to those network interfaces (e.g. as done by ethtool) to
the switch, and exposes the switch's hardware statistics counters
via the appropriate Linux kernel interfaces.
This initial patch supports the MII management interface register
layout of the Marvell
88E6123,
88E6161 and
88E6165 switch chips, and
supports the "Ethertype DSA" packet tagging format.
(There is no officially registered ethertype for the Ethertype DSA
packet format, so we just grab a random one. The ethertype to use
is programmed into the switch, and the switch driver uses the value
of ETH_P_EDSA for this, so this define can be changed at any time in
the future if the one we chose is allocated to another protocol or
if Ethertype DSA gets its own officially registered ethertype, and
everything will continue to work.)
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Tested-by: Nicolas Pitre <nico@marvell.com>
Tested-by: Byron Bradley <byron.bbradley@gmail.com>
Tested-by: Tim Ellis <tim.ellis@mac.com>
Tested-by: Peter van Valderen <linux@ddcrew.com>
Tested-by: Dirk Teurlings <dirk@upexia.nl>
Signed-off-by: David S. Miller <davem@davemloft.net>
Andreas Oberritter [Wed, 8 Oct 2008 06:14:16 +0000 (06:14 +0000)]
8139too: move wmb before TX DMA start
The write barrier should be used before starting a DMA transfer. This fixes
a problem, where almost all packets received on another machine had garbled
content. Tested with an RTL8100C on a MIPS machine.
Signed-off-by: Andreas Oberritter <obi@linuxtv.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Arjan van de Ven [Sun, 5 Oct 2008 07:35:05 +0000 (07:35 +0000)]
netdev: uniquify the tx_timeout name
there's several drivers that have use "tx_timeout" for the .. tx
timeout function. All fine with that, they're static, however for
doing stats on how often which driver hits the timeout it's a tad
unfortunate. The patch below gives the ones I found in the
kerneloops.org database unique names.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David Brownell [Sat, 4 Oct 2008 22:11:12 +0000 (22:11 +0000)]
drivers/net/usb/Makefile - shrink logspam
When building with CONFIG_USB_DEBUG, don't create logspam from
the USB networking drivers.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bruno Prémont [Thu, 9 Oct 2008 00:06:25 +0000 (17:06 -0700)]
r8169: WoL fixes, part 2.
Since recent kernel (2.6.26 or 2.6.27) the PCI wakeup functions are
influenced by generic device ability and configuration when enabling
PCI-device triggered wake-up.
This patch causes WoL setting to enable/disable device's wish to
be permitted to wake-up the host when changing WoL options and
also during device probing.
Without this patch one has write 'enabled' to
/sys/bus/pci/devices/0000:02:08.0/power/wakeup
Signed-off-by: Bruno Prémont <bonbons@linux-vserver.org>
Acked-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bruno Prémont [Thu, 9 Oct 2008 00:05:03 +0000 (17:05 -0700)]
r8169: WoL fixes, part 1.
When probing the chip and handling it's power management settings
also remember wether WoL feature is enabled.
Without this patch one has to call ethtool to change WoL settings
for this flag to be set and any WoL being enabled on suspend to
RAM.
Signed-off-by: Bruno Prémont <bonbons@linux-vserver.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Trent Piepho [Thu, 2 Oct 2008 11:12:24 +0000 (11:12 +0000)]
gianfar: Create net device with carrier down
The device's carrier status is controlled via the functions
netif_carrier_on() and netif_carrier_off(). These set or clear a bit
indicating the carrier (aka lower level link) is down, and if the state
changed, they fire off a routing netlink event.
Add a call to netif_carrier_off() before register_netdev() so that the
newly created device will be set to carrier down. Then when the carrier
comes up for the first time, a netlink event will be generated, as the
carrier changed from down to up. Otherwise the initial carrier up will
appear to be changing the status from up to up, and so no event is
generated since that's not a change.
Signed-off-by: Trent Piepho <tpiepho@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Thu, 2 Oct 2008 00:52:39 +0000 (00:52 +0000)]
mv643xx_eth: include linux/ip.h to fix build
mv643xx_eth uses ip_hdr() (defined in linux/ip.h), but relied on
another header file to include the needed header file indirectly.
In latest net-next this indirect include chain is gone, so the
driver fails to build. Include linux/ip.h explicitly to fix this.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jarek Poplawski [Tue, 30 Sep 2008 20:58:25 +0000 (20:58 +0000)]
lib8390: Fix locking in ei_poll (poll controller)
This lockdep warning:
=================================
[ INFO: inconsistent lock state ]
2.6.27-rc7 #3
---------------------------------
inconsistent {in-softirq-W} -> {softirq-on-W} usage.
syslogd/2474 [HC0[0]:SC0[0]:HE1:SE1] takes:
(_xmit_ETHER#2){-+..}, at: [<
c0265562>] netpoll_send_skb+0x132/0x190
...
is caused by unconditional local_irq_disable()/local_irq_enable() in
disable_irq_lockdep()/enable_irq_lockdep() used by __ei_poll(). Since
netconsole/netpoll always calls dev->poll_controller() with local irqs
disabled, disable_irq()/enable_irq() instead is safe and enough (like
e.g. in 3c509 or 8139xx drivers).
Reported-and-tested-by: Bernard Pidoux F6BVP <f6bvp@free.fr>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Brandeburg, Jesse [Tue, 30 Sep 2008 13:08:48 +0000 (13:08 +0000)]
ixgb: fix bug when freeing resources
It was pointed out by Breno Leitao <leitao@linux.vnet.ibm.com> that
ixgb would crash on PPC when an IOMMU was in use, if change_mtu was
called.
It appears to be a pretty simple issue in the driver that wasn't discovered
because most systems don't run with an IOMMU. The driver needs to only unmap
buffers that are mapped (duh).
CC: Breno Leitao <leitao@linux.vnet.ibm.com>
Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Arthur Jones [Mon, 29 Sep 2008 11:51:09 +0000 (11:51 +0000)]
e1000e: release hw semaphore after successfully writing EEPROM
Since e1000e has been existance in linux-2.6, we've
never released the hardware semaphore after a successful
write to the SPI EEPROM. I guess we don't write to
SPI EEPROM much -- but those few of us that do appreciate
it when we can later read from the EEPROM without having
to reboot.
Found-by: Nick Van Fossen <Nick.VanFossen@riverbed.com>
Signed-off-by: Arthur Jones <ajones@riverbed.com>
Reviewed-by: Auke Kok <auke-jan.h.kok@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Steve Glendinning [Thu, 2 Oct 2008 05:27:57 +0000 (05:27 +0000)]
net: Add SMSC LAN9500 USB2.0 10/100 ethernet adapter driver
Attached is a driver for SMSC's LAN9500 USB2.0 10/100 ethernet
adapter.
Signed-off-by: Steve Glendinning <steve.glendinning@smsc.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Mon, 29 Sep 2008 17:12:35 +0000 (17:12 +0000)]
phylib: add mdiobus_{read,write}
Add mdiobus_{read,write} routines to allow direct reading/writing
of registers on an mii bus without having to go through the PHY
abstraction, and make phy_{read,write} use these primitives.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Wed, 8 Oct 2008 23:33:40 +0000 (16:33 -0700)]
phylib: give mdio buses a device tree presence
Introduce the mdio_bus class, and give each 'struct mii_bus' its own
'struct device', so that mii_bus objects are represented in the device
tree and can be found by querying the device tree.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Acked-by: Andy Fleming <afleming@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Wed, 8 Oct 2008 23:29:57 +0000 (16:29 -0700)]
phylib: move to dynamic allocation of struct mii_bus
This patch introduces mdiobus_alloc() and mdiobus_free(), and
makes all mdio bus drivers use these functions to allocate their
struct mii_bus'es dynamically.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Andy Fleming <afleming@freescale.com>
Lennert Buytenhek [Wed, 1 Oct 2008 15:41:33 +0000 (15:41 +0000)]
phylib: rename mii_bus::dev to mii_bus::parent
In preparation of giving mii_bus objects a device tree presence of
their own, rename struct mii_bus's ->dev argument to ->parent, since
having a 'struct device *dev' that points to our parent device
conflicts with introducing a 'struct device dev' representing our own
device.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Andy Fleming <afleming@freescale.com>
Brice Goglin [Sun, 28 Sep 2008 15:34:21 +0000 (15:34 +0000)]
myri10ge: add multiqueue TX
Add multiqueue TX support to myri10ge.
[ Removed reference to deprecated CONFIG_NETDEVICES_MULTIQUEUE and
NETIF_F_MULTI_QUEUE ]
Signed-off-by: Brice Goglin <brice@myri.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jay Cliburn [Sat, 27 Sep 2008 04:17:23 +0000 (04:17 +0000)]
atl1: update introductory comments
Update the driver's introductory comments.
Signed-off-by: Jay Cliburn <jacliburn@bellsouth.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jay Cliburn [Sat, 27 Sep 2008 04:17:22 +0000 (04:17 +0000)]
atl1: remove EXPERIMENTAL label
Remove the EXPERIMENTAL label from the atl1 driver and change the vendor
name to include Attansic's successor, Atheros. We'll leave Attansic in
the name since Attansic's PCI ID (1969) is encoded in the PCI config and
is what users encounter on their systems.
Signed-off-by: Jay Cliburn <jacliburn@bellsouth.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jay Cliburn [Sat, 27 Sep 2008 04:17:21 +0000 (04:17 +0000)]
atl1: remove LLTX
NETIF_F_LLTX is deprecated. Remove private TX locking from the driver
and remove the NETIF_F_LLTX feature flag.
Signed-off-by: Jay Cliburn <jacliburn@bellsouth.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jay Cliburn [Sat, 27 Sep 2008 04:17:20 +0000 (04:17 +0000)]
atl1: fix transmit timeout bug
See http://marc.info/?l=linux-netdev&m=
121931988219314&w=2
Stop the queue and turn off carrier to prevent transmit timeouts
when the cable is unplugged/replugged.
Signed-off-by: Jay Cliburn <jacliburn@bellsouth.net>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Wang Chen [Fri, 26 Sep 2008 08:20:32 +0000 (16:20 +0800)]
skge: Fix skge_set_ring_param() losing error return
The error return is useful to caller, driver shouldn't miss it.
Signed-off-by: Wang Chen <wangchen@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Xiaoming.Zhang [Thu, 25 Sep 2008 20:28:05 +0000 (20:28 +0000)]
[10/21] driver/net/skge.c: restart the interface when it's options or
pauseparam is set
On Wednesday 24 September 2008 07:47, Stephen Hemminger wrote:
> On Mon, 22 Sep 2008 14:52:17 -0700
>
> akpm@linux-foundation.org wrote:
> > From: "Xiaoming.Zhang" <Xiaoming.Zhang@resilience.com>
> >
> > We have an issue of the skge driver: The card won't work when it's
> > options are changed. Here's the hardware info:
> >
> > # lspci -v
> > 05:04.0 Ethernet controller: Marvell Technology Group Ltd.
88E8001
> > Gigabit Ethernet Controller (rev 13) Subsystem: Marvell Technology Group
> > Ltd. Marvell RDK-8001 Flags: bus master, 66MHz, medium devsel, latency
> > 32, IRQ 16 Memory at
d042c000 (32-bit, non-prefetchable) [size=16K] I/O
> > ports at d000 [size=256]
> > [virtual] Expansion ROM at
20400000 [disabled] [size=128K]
> > Capabilities: [48] Power Management version 2
> > Capabilities: [50] Vital Product Data
> >
> > The happens in both Linux-2.6.26(skge version 1.23) and RHEL5.2(skge
> > version 1.6).
> >
> > For example, at first it is set to "speed 1000 duplex full auto-neg on"
> > and it works, then run
> >
> > ethtool -s <ethx> autoneg off
> > or ethtool -s <ethx> speed 100 duplex full autoneg off
> >
> > Then it will stop working. After that if we restart the interface:
> >
> > ifconifg <ethx> down
> > ifconfig <ethx> up
> >
> > It will work again. And `ethtool -A' has the same issue.
> >
> > So we think after setting the options, the interface should be restarted.
> >
> > Signed-off-by: Zhang Xiaoming <xiaoming.zhang@resilience.com>
> > Cc: Stephen Hemminger <shemminger@vyatta.com>
> > Cc: Jeff Garzik <jeff@garzik.org>
> > Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
> > ---
> >
> > drivers/net/skge.c | 12 ++++++++----
> > 1 file changed, 8 insertions(+), 4 deletions(-)
> >
> > diff -puN
> > drivers/net/skge.c~driver-net-skgec-restart-the-interface-when-its-option
> >s-or-pauseparam-is-set drivers/net/skge.c ---
> > a/drivers/net/skge.c~driver-net-skgec-restart-the-interface-when-its-opti
> >ons-or-pauseparam-is-set +++ a/drivers/net/skge.c
> > @@ -353,8 +353,10 @@ static int skge_set_settings(struct net_
> > skge->autoneg = ecmd->autoneg;
> > skge->advertising = ecmd->advertising;
> >
> > - if (netif_running(dev))
> > - skge_phy_reset(skge);
> > + if (netif_running(dev)) {
> > + skge_down(dev);
> > + skge_up(dev);
> > + }
> >
> > return (0);
> > }
> > @@ -595,8 +597,10 @@ static int skge_set_pauseparam(struct ne
> > skge->flow_control = FLOW_MODE_NONE;
> > }
> >
> > - if (netif_running(dev))
> > - skge_phy_reset(skge);
> > + if (netif_running(dev)) {
> > + skge_down(dev);
> > + skge_up(dev);
> > + }
> >
> > return 0;
> > }
>
> Since skge_up can fail because of out of memory, this code needs to
> check the return value. And then if it fails the "limbo state" needs
> to be handled in skge_down.
How about like this? It is tested.
Thank you.
Signed-off-by: Zhang Xiaoming <xiaoming.zhang@resilience.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Divy Le Ray [Thu, 25 Sep 2008 14:05:28 +0000 (14:05 +0000)]
[2.6.28,1/1] cxgb3 - fix race in EEH
A SGE queue set timer might access registers while in EEH recovery,
triggering an EEH error loop. Stop all timers early in EEH process.
Signed-off-by: Divy Le Ray <divy@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Francois Romieu [Wed, 8 Oct 2008 22:55:15 +0000 (15:55 -0700)]
via-velocity: Fix warnings on sparc64.
As reported by Meelis Roos.
Signed-off-by: David S. Miller <davem@davemloft.net>
Kevin Hao [Thu, 25 Sep 2008 16:20:11 +0000 (16:20 +0000)]
net: remove LLTX in atl2 driver
When NETIF_F_LLTX is set, the atlx driver will use a private lock.
But in recent kernels this implementation seems redundant and
can cause problems where AF_PACKET sees things twice. Since
NETIF_F_LLTX is marked as deprecated and shouldn't be used in
new driver, this patch removes NETIF_F_LLTX and adds a mmiowb
before sending packet. I have tested this driver on a Eee PC.
It works well.
Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Acked-by: Jay Cliburn <jacliburn@bellsouth.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Trent Piepho [Wed, 8 Oct 2008 22:46:57 +0000 (15:46 -0700)]
phylib: Wake PHY state machine on interrupt
This way the phy layer will respond to a change in phy state immediately,
instead of up to one second later when the state machine timer runs.
Signed-off-by: Trent Piepho <tpiepho@freescale.com>
Acked-by: Andy Fleming <afleming@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Trent Piepho [Wed, 24 Sep 2008 10:55:46 +0000 (10:55 +0000)]
PHY: Avoid unnecessary aneg restarts
The PHY's aneg is configured and restarted whenever the link is brought up,
e.g. when DHCP is started after the kernel has booted. This can take the
link down for several seconds while auto-negotiation is redone.
If the advertised features haven't changed, then it shouldn't be necessary
to bring down the link and start auto-negotiation over again.
genphy_config_advert() is enhanced to return 0 when the advertised features
haven't been changed and >0 when they have been.
genphy_config_aneg() then uses this information to not call
genphy_restart_aneg() if there has been no change.
Signed-off-by: Trent Piepho <tpiepho@freescale.com>
Acked-by: Andy Fleming <afleming@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ivan Vecera [Tue, 23 Sep 2008 22:46:29 +0000 (22:46 +0000)]
r8169: read MAC address from EEPROM on init
Reviewed-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
Kevin Hao [Fri, 19 Sep 2008 21:56:44 +0000 (21:56 +0000)]
net: add net poll support for atl2 driver
Add netconsole support for Atheros L2 10/100 network device.
Signed-off-by: Kevin Hao <kexin.hao@windriver.com>
Acked-by: Jay Cliburn <jacliburn@bellsouth.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Victor Gallardo [Thu, 18 Sep 2008 12:41:26 +0000 (12:41 +0000)]
ibm_newemac: Fix EMAC soft reset on 460EX/GT
This patch fixes EMAC soft reset on 460EX/GT when no external clock is
available.
Signed-off-by: Victor Gallardo <vgallardo@amcc.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Lennert Buytenhek [Thu, 18 Sep 2008 03:06:52 +0000 (03:06 +0000)]
phylib: phy_mii_ioctl() fixes
Make the SIOCGMIIPHY case fall through properly (it is supposed
to not only return the ID of the default PHY but also to read from
that PHY), and make phy_mii_ioctl() return the same error code as
generic_mii_ioctl() in case of an unsupported operation.
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
Acked-by: Andy Fleming <afleming@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 8 Oct 2008 21:56:41 +0000 (14:56 -0700)]
Merge branch 'master' of /linux/kernel/git/davem/net-2.6
Conflicts:
drivers/net/e1000e/ich8lan.c
drivers/net/e1000e/netdev.c
Sven Wegener [Wed, 8 Oct 2008 21:41:35 +0000 (14:41 -0700)]
ipvs: Remove stray file left over from ipvs move
Commit
cb7f6a7b716e801097b564dec3ccb58d330aef56 ("IPVS: Move IPVS to
net/netfilter/ipvs") has left a stray file in the old location of ipvs.
Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ilpo Järvinen [Wed, 8 Oct 2008 21:36:33 +0000 (14:36 -0700)]
tcpv6: fix option space offsets with md5
More breakage :-), part of timestamps just were previously
overwritten.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 8 Oct 2008 21:26:36 +0000 (14:26 -0700)]
Merge branch 'lvs-next-2.6' of git://git./linux/kernel/git/horms/lvs-2.6
Conflicts:
net/netfilter/Kconfig
Vlad Yasevich [Wed, 8 Oct 2008 21:19:01 +0000 (14:19 -0700)]
sctp: shrink sctp_tsnmap some more by removing gabs array
The gabs array in the sctp_tsnmap structure is only used
in one place, sctp_make_sack(). As such, carrying the
array around in the sctp_tsnmap and thus directly in
the sctp_association is rather pointless since most
of the time it's just taking up space. Now, let
sctp_make_sack create and populate it and then throw
it away when it's done.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Vlad Yasevich [Wed, 8 Oct 2008 21:18:39 +0000 (14:18 -0700)]
sctp: Rework the tsn map to use generic bitmap.
The tsn map currently use is 4K large and is stuck inside
the sctp_association structure making memory references REALLY
expensive. What we really need is at most 4K worth of bits
so the biggest map we would have is 512 bytes. Also, the
map is only really usefull when we have gaps to store and
report. As such, starting with minimal map of say 32 TSNs (bits)
should be enough for normal low-loss operations. We can grow
the map by some multiple of 32 along with some extra room any
time we receive the TSN which would put us outside of the map
boundry. As we close gaps, we can shift the map to rebase
it on the latest TSN we've seen. This saves 4088 bytes per
association just in the map alone along savings from the now
unnecessary structure members.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Wed, 8 Oct 2008 21:18:04 +0000 (14:18 -0700)]
inet: cleanup of local_port_range
I noticed sysctl_local_port_range[] and its associated seqlock
sysctl_local_port_range_lock were on separate cache lines.
Moreover, sysctl_local_port_range[] was close to unrelated
variables, highly modified, leading to cache misses.
Moving these two variables in a structure can help data
locality and moving this structure to read_mostly section
helps sharing of this data among cpus.
Cleanup of extern declarations (moved in include file where
they belong), and use of inet_get_local_port_range()
accessor instead of direct access to ports values.
Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Wed, 8 Oct 2008 18:44:17 +0000 (11:44 -0700)]
udp: Improve port randomization
Current UDP port allocation is suboptimal.
We select the shortest chain to chose a port (out of 512)
that will hash in this shortest chain.
First, it can lead to give not so ramdom ports and ease
give attackers more opportunities to break the system.
Second, it can consume a lot of CPU to scan all table
in order to find the shortest chain.
Third, in some pathological cases we can fail to find
a free port even if they are plenty of them.
This patch zap the search for a short chain and only
use one random seed. Problem of getting long chains
should be addressed in another way, since we can
obtain long chains with non random ports.
Based on a report and patch from Vitaly Mayatskikh
Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Linus Torvalds [Wed, 8 Oct 2008 18:41:10 +0000 (11:41 -0700)]
Merge branch 'upstream' of git://ftp.linux-mips.org/upstream-linus
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
[MIPS] Sibyte: Register PIO PATA device only for Swarm and Litte Sur
Linus Torvalds [Wed, 8 Oct 2008 18:40:19 +0000 (11:40 -0700)]
Merge git://git./linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
tcp: Fix tcp_hybla zero congestion window growth with small rho and large cwnd.
net: Fix netdev_run_todo dead-lock
tcp: Fix possible double-ack w/ user dma
net: only invoke dev->change_rx_flags when device is UP
netrom: Fix sock_orphan() use in nr_release
ax25: Quick fix for making sure unaccepted sockets get destroyed.
Revert "ax25: Fix std timer socket destroy handling."
[Bluetooth] Add reset quirk for A-Link BlueUSB21 dongle
[Bluetooth] Add reset quirk for new Targus and Belkin dongles
[Bluetooth] Fix double frees on error paths of btusb and bpa10x drivers
Jarek Poplawski [Wed, 8 Oct 2008 18:36:22 +0000 (11:36 -0700)]
pkt_sched: Update qdisc requeue stats in dev_requeue_skb()
After the last change of requeuing there is no info about such
incidents in tc stats. This patch updates the counter, but we should
consider this should differ from previous stats because of additional
checks preventing to repeat this. On the other hand, previous stats
didn't include requeuing of gso_segmented skbs.
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ilpo Järvinen [Wed, 8 Oct 2008 18:34:06 +0000 (11:34 -0700)]
tcp: fix length used for checksum in a reset
While looking for some common code I came across difference
in checksum calculation between tcp_v6_send_(reset|ack) I
couldn't explain. I checked both v4 and v6 and found out that
both seem to have the same "feature". I couldn't find anything
in rfc nor anywhere else which would state that md5 option
should be ignored like it was in case of reset so I came to
a conclusion that this is probably a genuine bug. I suspect
that addition of md5 just was fooled by the excessive
copy-paste code in those functions and the reset part was
never tested well enough to find out the problem.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ralf Baechle [Wed, 8 Oct 2008 18:14:33 +0000 (19:14 +0100)]
[MIPS] Sibyte: Register PIO PATA device only for Swarm and Litte Sur
Symbol name spaghetti which is too complicated to cleanup on this stage
of the release cycle breaks the build on BCM1480 platforms.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Denis V. Lunev [Wed, 8 Oct 2008 17:36:24 +0000 (10:36 -0700)]
ipv6: remove unused not init_ipv6_mibs/cleanup_ipv6_mibs
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:36:03 +0000 (10:36 -0700)]
ipv6: making ip and icmp statistics per/namespace
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:35:11 +0000 (10:35 -0700)]
ipv6: added net argument to _DEVINC/_DEVADD
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:34:54 +0000 (10:34 -0700)]
ipv6: added net argument to ICMP6MSGIN_INC_STATS_BH
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:34:35 +0000 (10:34 -0700)]
ipv6: ICMP6MSGIN_INC_STATS is not used
Removed.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:34:14 +0000 (10:34 -0700)]
ipv6: added net argument to ICMP6MSGOUT_INC_STATS_BH
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:33:50 +0000 (10:33 -0700)]
ipv6: added net argument to ICMP6MSGOUT_INC_STATS
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:33:26 +0000 (10:33 -0700)]
ipv6: added net argument to ICMP6_INC_STATS_BH
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:33:06 +0000 (10:33 -0700)]
ipv6: added net argument to ICMP6_INC_STATS
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:32:43 +0000 (10:32 -0700)]
ipv6: added net argument to IP6_ADD_STATS_BH
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 18:09:27 +0000 (11:09 -0700)]
ipv6: added net argument to IP6_INC_STATS_BH
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:54:51 +0000 (10:54 -0700)]
netns: add net parameter to IP6_INC_STATS
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:31:44 +0000 (10:31 -0700)]
ipv6: consolidate error paths in ipv6_frag_rcv
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 8 Oct 2008 17:31:18 +0000 (10:31 -0700)]
ipv6: local dev is actually unused in ip6_fragment
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 8 Oct 2008 16:50:38 +0000 (09:50 -0700)]
Merge branch 'master' of git://git./linux/kernel/git/kaber/nf-next-2.6
Jan Engelhardt [Wed, 8 Oct 2008 09:35:20 +0000 (11:35 +0200)]
netfilter: xtables: remove bogus mangle table dependency of connmark
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:20 +0000 (11:35 +0200)]
netfilter: xtables: use NFPROTO_UNSPEC in more extensions
Lots of extensions are completely family-independent, so squash some code.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:20 +0000 (11:35 +0200)]
netfilter: xtables: cut down on static data for family-independent extensions
Using ->family in struct xt_*_param, multiple struct xt_{match,target}
can be squashed together.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:20 +0000 (11:35 +0200)]
netfilter: xtables: provide invoked family value to extensions
By passing in the family through which extensions were invoked, a bit
of data space can be reclaimed. The "family" member will be added to
the parameter structures and the check functions be adjusted.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:19 +0000 (11:35 +0200)]
netfilter: xtables: move extension arguments into compound structure (6/6)
This patch does this for target extensions' destroy functions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:19 +0000 (11:35 +0200)]
netfilter: xtables: move extension arguments into compound structure (5/6)
This patch does this for target extensions' checkentry functions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:19 +0000 (11:35 +0200)]
netfilter: xtables: move extension arguments into compound structure (4/6)
This patch does this for target extensions' target functions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:19 +0000 (11:35 +0200)]
netfilter: xtables: move extension arguments into compound structure (3/6)
This patch does this for match extensions' destroy functions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:18 +0000 (11:35 +0200)]
netfilter: xtables: move extension arguments into compound structure (2/6)
This patch does this for match extensions' checkentry functions.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:18 +0000 (11:35 +0200)]
netfilter: xtables: move extension arguments into compound structure (1/6)
The function signatures for Xtables extensions have grown over time.
It involves a lot of typing/replication, and also a bit of stack space
even if they are not used. Realize an NFWS2008 idea and pack them into
structs. The skb remains outside of the struct so gcc can continue to
apply its optimizations.
This patch does this for match extensions' match functions.
A few ambiguities have also been addressed. The "offset" parameter for
example has been renamed to "fragoff" (there are so many different
offsets already) and "protoff" to "thoff" (there is more than just one
protocol here, so clarify).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:18 +0000 (11:35 +0200)]
netfilter: xtables: use "if" blocks in Kconfig
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:17 +0000 (11:35 +0200)]
netfilter: xtables: sort extensions alphabetically in Kconfig
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:17 +0000 (11:35 +0200)]
netfilter: ebtables: make BRIDGE_NF_EBTABLES a menuconfig option
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:17 +0000 (11:35 +0200)]
netfilter: ip6tables: fix Kconfig entry dependency for ip6t_LOG
ip6t_LOG does certainly not depend on the filter table.
(Also, move it so that menuconfig still displays it correctly.)
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:17 +0000 (11:35 +0200)]
netfilter: ip6tables: fix name of hopbyhop in Kconfig
The module is called hbh, not hopbyhop.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:17 +0000 (11:35 +0200)]
netfilter: xtables: do centralized checkentry call (1/2)
It used to be that {ip,ip6,etc}_tables called extension->checkentry
themselves, but this can be moved into the xtables core.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:16 +0000 (11:35 +0200)]
netfilter: ebtables: fix one wrong return value
Usually -EINVAL is used when checkentry fails (see *_tables).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:16 +0000 (11:35 +0200)]
netfilter: remove redundant casts from Ebtables
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:16 +0000 (11:35 +0200)]
netfilter: remove unused Ebtables functions
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:16 +0000 (11:35 +0200)]
netfilter: implement hotdrop for Ebtables
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:15 +0000 (11:35 +0200)]
netfilter: ebtables: use generic table checking
Ebtables ORs (1 << NF_BR_NUMHOOKS) into the hook mask to indicate that
the extension was called from a base chain. So this also needs to be
present in the extensions' ->hooks.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:15 +0000 (11:35 +0200)]
netfilter: x_tables: output bad hook mask in hexadecimal
It is a mask, and masks are most useful in hex.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:15 +0000 (11:35 +0200)]
netfilter: move Ebtables to use Xtables
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:15 +0000 (11:35 +0200)]
netfilter: change Ebtables function signatures to match Xtables's
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:14 +0000 (11:35 +0200)]
netfilter: ebt_among: obtain match size through different means
The function signatures will be changed to match those of Xtables, and
the datalen argument will be gone. ebt_among unfortunately relies on
it, so we need to obtain it somehow.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:14 +0000 (11:35 +0200)]
netfilter: add dummy members to Ebtables code to ease transition to Xtables
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:13 +0000 (11:35 +0200)]
netfilter: Change return types of targets/watchers for Ebtables extensions
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:13 +0000 (11:35 +0200)]
netfilter: change return types of match functions for ebtables extensions
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:13 +0000 (11:35 +0200)]
netfilter: change return types of check functions for Ebtables extensions
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Jan Engelhardt [Wed, 8 Oct 2008 09:35:13 +0000 (11:35 +0200)]
netfilter: ebtables: do centralized size checking
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
KOVACS Krisztian [Wed, 8 Oct 2008 09:35:12 +0000 (11:35 +0200)]
netfilter: Add documentation for tproxy
Add basic usage instructions to Documentation/networking.
Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
KOVACS Krisztian [Wed, 8 Oct 2008 09:35:12 +0000 (11:35 +0200)]
netfilter: iptables TPROXY target
The TPROXY target implements redirection of non-local TCP/UDP traffic to local
sockets. Additionally, it's possible to manipulate the packet mark if and only
if a socket has been found. (We need this because we cannot use multiple
targets in the same iptables rule.)
Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
KOVACS Krisztian [Wed, 8 Oct 2008 09:35:12 +0000 (11:35 +0200)]
netfilter: iptables socket match
Add iptables 'socket' match, which matches packets for which a TCP/UDP
socket lookup succeeds.
Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
KOVACS Krisztian [Wed, 8 Oct 2008 09:35:12 +0000 (11:35 +0200)]
netfilter: iptables tproxy core
The iptables tproxy core is a module that contains the common routines used by
various tproxy related modules (TPROXY target and socket match)
Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
KOVACS Krisztian [Wed, 8 Oct 2008 09:35:12 +0000 (11:35 +0200)]
netfilter: split netfilter IPv4 defragmentation into a separate module
Netfilter connection tracking requires all IPv4 packets to be defragmented.
Both the socket match and the TPROXY target depend on this functionality, so
this patch separates the Netfilter IPv4 defrag hooks into a separate module.
Signed-off-by: KOVACS Krisztian <hidden@sch.bme.hu>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Alexey Dobriyan [Wed, 8 Oct 2008 09:35:11 +0000 (11:35 +0200)]
netfilter: enable netfilter in netns
From kernel perspective, allow entrance in nf_hook_slow().
Stuff which uses nf_register_hook/nf_register_hooks, but otherwise not netns-ready:
DECnet netfilter
ipt_CLUSTERIP
nf_nat_standalone.c together with XFRM (?)
IPVS
several individual match modules (like hashlimit)
ctnetlink
NOTRACK
all sorts of queueing and reporting to userspace
L3 and L4 protocol sysctls, bridge sysctls
probably something else
Anyway critical mass has been achieved, there is no reason to hide netfilter any longer.
From userspace perspective, allow to manipulate all sorts of
iptables/ip6tables/arptables rules.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Alexey Dobriyan [Wed, 8 Oct 2008 09:35:11 +0000 (11:35 +0200)]
netfilter: netns nat: PPTP NAT in netns
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>