korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-14 17:55:42 +08:00
Code Issues Packages Projects Releases Wiki Activity
e8ed77dfa9
linux/include/net
History
David S. Miller e8ed77dfa9 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 
Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

The following large patchset contains Netfilter updates for your
net-next tree. My initial intention was to send you this in two goes but
when I looked back twice I already had this burden on top of me.

Several updates for IPVS from Marco Angaroni:

1) Allow SIP connections originating from real-servers to be load
   balanced by the SIP persistence engine as is already implemented
   in the other direction.

2) Release connections immediately for One-packet-scheduling (OPS)
   in IPVS, instead of making it via timer and rcu callback.

3) Skip deleting conntracks for each one packet in OPS, and don't call
   nf_conntrack_alter_reply() since no reply is expected.

4) Enable drop on exhaustion for OPS + SIP persistence.

Miscelaneous conntrack updates from Florian Westphal, including fix for
hash resize:

5) Move conntrack generation counter out of conntrack pernet structure
   since this is only used by the init_ns to allow hash resizing.

6) Use get_random_once() from packet path to collect hash random seed
    instead of our compound.

7) Don't disable BH from ____nf_conntrack_find() for statistics,
   use NF_CT_STAT_INC_ATOMIC() instead.

8) Fix lookup race during conntrack hash resizing.

9) Introduce clash resolution on conntrack insertion for connectionless
   protocol.

Then, Florian's netns rework to get rid of per-netns conntrack table,
thus we use one single table for them all. There was consensus on this
change during the NFWS 2015 and, on top of that, it has recently been
pointed as a source of multiple problems from unpriviledged netns:

11) Use a single conntrack hashtable for all namespaces. Include netns
    in object comparisons and make it part of the hash calculation.
    Adapt early_drop() to consider netns.

12) Use single expectation and NAT hashtable for all namespaces.

13) Use a single slab cache for all namespaces for conntrack objects.

14) Skip full table scanning from nf_ct_iterate_cleanup() if the pernet
    conntrack counter tells us the table is empty (ie. equals zero).

Fixes for nf_tables interval set element handling, support to set
conntrack connlabels and allow set names up to 32 bytes.

15) Parse element flags from element deletion path and pass it up to the
    backend set implementation.

16) Allow adjacent intervals in the rbtree set type for dynamic interval
    updates.

17) Add support to set connlabel from nf_tables, from Florian Westphal.

18) Allow set names up to 32 bytes in nf_tables.

Several x_tables fixes and updates:

19) Fix incorrect use of IS_ERR_VALUE() in x_tables, original patch
    from Andrzej Hajda.

And finally, miscelaneous netfilter updates such as:

20) Disable automatic helper assignment by default. Note this proc knob
    was introduced by a900689264 ("netfilter: nf_ct_helper: allow to
    disable automatic helper assignment") 4 years ago to start moving
    towards explicit conntrack helper configuration via iptables CT
    target.

21) Get rid of obsolete and inconsistent debugging instrumentation
    in x_tables.

22) Remove unnecessary check for null after ip6_route_output().
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2016-05-09 15:02:58 -04:00
..
9p 9p: switch p9_client_read() to passing struct iov_iter * 2015-04-11 22:28:27 -04:00
bluetooth Bluetooth: Add defines for SPI and I2C 2016-04-22 15:02:21 +02:00
caif caif: fix a signedness bug in cfpkt_iterate() 2015-02-20 17:35:14 -05:00
irda irda: Convert function pointer arrays and uses to const 2014-12-10 15:33:16 -05:00
iucv s390/iucv: do not use arrays as argument 2015-09-21 16:03:04 -07:00
netfilter netfilter: conntrack: use a single expectation table for all namespaces 2016-05-06 11:50:01 +02:00
netns netfilter: conntrack: use single slab cache 2016-05-09 16:45:50 +02:00
nfc nfc: netlink: HCI event connectivity implementation 2015-12-29 19:06:20 +01:00
phonet sock: struct proto hash function may error 2016-02-11 03:54:14 -05:00
sctp sctp: signal sk_data_ready earlier on data chunks reception 2016-05-01 21:06:10 -04:00
tc_act net_sched: act_mirred: add helper inlines to access tcf_mirred info 2016-05-04 00:24:27 -07:00
6lowpan.h 6lowpan: move mac802154 header 2016-04-13 10:41:10 +02:00
act_api.h net_sched: fix a memory leak in tc action 2016-04-06 16:04:29 -04:00
addrconf.h inet: refactor inet[6]_lookup functions to take skb 2016-02-11 03:54:14 -05:00
af_ieee802154.h ieee802154: af_ieee802154: fix typo in comment. 2015-09-17 13:20:05 +02:00
af_rxrpc.h rxrpc: Differentiate local and remote abort codes in structs 2016-04-11 15:34:40 -04:00
af_unix.h unix: correctly track in-flight fds in sending process user_struct 2016-02-08 10:30:42 -05:00
af_vsock.h Revert "Merge branch 'vsock-virtio'" 2015-12-08 21:55:49 -05:00
ah.h ipsec: Remove obsolete MAX_AH_AUTH_LEN 2014-09-18 10:54:36 +02:00
arp.h neigh: Factor out ___neigh_lookup_noref 2015-03-04 00:23:23 -05:00
atmclip.h
ax25.h ax25: Stop using sock->sk_protinfo. 2015-06-28 16:55:44 -07:00
ax88796.h
bond_3ad.h bonding: 3ad: apply ad_actor settings changes immediately 2016-02-09 04:45:49 -05:00
bond_alb.h net: Move bonding headers under include/net 2014-11-10 13:27:49 -05:00
bond_options.h bonding: convert num_grat_arp to the new bonding option API 2015-07-27 01:05:24 -07:00
bonding.h bonding: fix bond_get_stats() 2016-03-18 23:14:15 -04:00
busy_poll.h net: un-inline sk_busy_loop() 2015-11-18 16:17:38 -05:00
cfg80211-wext.h
cfg80211.h cfg80211: remove enum ieee80211_band 2016-04-12 15:56:15 +02:00
cfg802154.h nl802154: add support for security layer 2015-09-30 13:16:44 +02:00
checksum.h csum: Update csum_block_add to use rotate instead of byteswap 2016-03-13 15:01:00 -04:00
cipso_ipv4.h cipso: don't use IPCB() to locate the CIPSO IP option 2015-02-11 14:46:37 -05:00
cls_cgroup.h cls_cgroup: get sk_classid only from full sockets 2016-04-19 20:09:25 -04:00
codel_impl.h codel: split into multiple files 2016-04-25 16:44:27 -04:00
codel_qdisc.h codel: split into multiple files 2016-04-25 16:44:27 -04:00
codel.h codel: split into multiple files 2016-04-25 16:44:27 -04:00
compat.h net: switch importing msghdr from userland to {compat_,}import_iovec() 2015-04-09 00:02:26 -04:00
datalink.h net: Move prototype declaration to header file include/net/datalink.h from net/ipx/af_ipx.c 2014-02-09 17:32:50 -08:00
dcbevent.h include/net/: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
dcbnl.h net/dcb: Add IEEE QCN attribute 2015-03-06 21:50:02 -05:00
devlink.h devlink: fix sb register stub in case devlink is disabled 2016-04-15 12:57:29 -04:00
dn_dev.h dn_dev: add support for IFA_FLAGS nl attribute 2013-12-10 21:50:00 -05:00
dn_fib.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_neigh.h netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
dn_nsp.h decnet (dn*.h): Remove extern from function prototypes 2013-09-20 14:49:32 -04:00
dn_route.h net: Move prototype declaration to appropriate header file from decnet/af_decnet.c 2014-02-09 17:32:49 -08:00
dn.h net: Move prototype declaration to header file include/net/dn.h from net/decnet/af_decnet.c 2014-02-09 17:32:49 -08:00
dsa.h net: dsa: Provide CPU port statistics to master netdev 2016-04-28 17:16:17 -04:00
dsfield.h ipv6: Optimize ipv6_change_dsfield(). 2013-01-09 23:59:53 -08:00
dst_cache.h net: add dst_cache support 2016-02-16 20:21:48 -05:00
dst_metadata.h ip_tunnel: add support for setting flow label via collect metadata 2016-03-11 15:14:26 -05:00
dst_ops.h ipv4, ipv6: Pass net into __ip_local_out and __ip6_local_out 2015-10-08 04:27:02 -07:00
dst.h route: move lwtunnel state to a single place 2016-04-25 16:20:09 -04:00
esp.h net: move pskb_put() to core code 2013-11-07 19:28:58 -05:00
ethoc.h net/ethoc: support big-endian register layout 2015-09-23 15:33:15 -07:00
fib_rules.h net: ipv6: use common fib_default_rule_pref 2015-09-09 14:19:50 -07:00
firewire.h firewire net, ipv4 arp: Extend hardware address and remove driver-level packet inspection. 2013-03-26 12:32:13 -04:00
flow_dissector.h net/flow_dissector: Make dissector_uses_key() and skb_flow_dissector_target() public 2016-03-10 16:24:02 -05:00
flow.h ipv6, trace: fix tos reporting on fib6_table_lookup 2016-03-20 13:44:34 -04:00
flowcache.h flowcache: Make flow cache name space aware 2014-02-12 07:02:11 +01:00
fou.h ip_tunnel: Ops registration for secondary encap (fou, gue) 2014-11-12 15:01:35 -05:00
fq_impl.h fq: split out backlog update logic 2016-04-28 17:03:38 -04:00
fq.h fq: add fair queuing framework 2016-04-25 16:45:53 -04:00
garp.h garp.h: Remove extern from function prototypes 2013-09-20 14:49:33 -04:00
gen_stats.h sched: align nlattr properly when needed 2016-04-26 12:00:49 -04:00
genetlink.h Revert "genl: Add genlmsg_new_unicast() for unicast message allocation" 2016-02-18 11:42:19 -05:00
geneve.h geneve: break dependency with netdev drivers 2016-04-21 15:35:44 -04:00
gre.h gre: change gre_parse_header to return the header length 2016-05-04 12:44:45 -04:00
gro_cells.h gro_cells: remove spinlock protecting receive queues 2015-08-31 15:17:17 -07:00
gue.h gue: Protocol constants for remote checksum offload 2014-11-05 16:30:03 -05:00
hwbm.h net: add a hardware buffer management helper API 2016-03-14 12:19:46 -04:00
icmp.h net: snmp: kill STATS_BH macros 2016-04-27 22:48:25 -04:00
ieee80211_radiotap.h mac80211: propagate STBC / LDPC flags to radiotap 2014-02-06 09:34:58 +01:00
ieee802154_netdev.h mac802154: constify ieee802154_llsec_ops structure 2016-01-04 20:40:41 +01:00
if_inet6.h ipv6: do retries on stable privacy addresses 2015-03-23 22:12:09 -04:00
ila.h ila: Add generic ILA translation facility 2015-12-15 23:25:20 -05:00
inet6_connection_sock.h ipv6: remove unused in6_addr struct 2016-03-22 15:45:44 -04:00
inet6_hashtables.h tcp/dccp: do not touch listener sk_refcnt under synflood 2016-04-04 22:11:20 -04:00
inet_common.h net: avoid NULL deref in inet_ctl_sock_destroy() 2015-11-02 22:46:09 -05:00
inet_connection_sock.h tcp/dccp: fix another race at listener dismantle 2016-02-18 11:35:51 -05:00
inet_ecn.h ipv6: update skb->csum when CE mark is propagated 2016-01-15 15:07:23 -05:00
inet_frag.h ipv4: namespacify ip fragment max dist sysctl knob 2016-02-16 20:42:54 -05:00
inet_hashtables.h tcp/dccp: do not touch listener sk_refcnt under synflood 2016-04-04 22:11:20 -04:00
inet_sock.h net: Allow accepted sockets to be bound to l3mdev domain 2015-12-18 14:43:38 -05:00
inet_timewait_sock.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-10-20 06:08:27 -07:00
inetpeer.h inet: tcp: fix inetpeer_set_addr_v4() 2015-12-16 00:14:12 -05:00
ip6_checksum.h ipv6: Pass proto to csum_ipv6_magic as __u8 instead of unsigned short 2016-03-13 23:55:13 -04:00
ip6_fib.h ipv6: Check rt->dst.from for the DST_NOCACHE route 2015-11-15 17:12:37 -05:00
ip6_route.h net: vrf: Fix dst reference counting 2016-04-11 15:56:20 -04:00
ip6_tunnel.h ipv6: Generic tunnel cleanup 2016-05-02 19:23:32 -04:00
ip_fib.h route: check and remove route cache when we get route 2016-02-18 11:31:36 -05:00
ip_tunnels.h gre: receive also TEB packets for lwtunnels 2016-05-04 14:11:32 -04:00
ip_vs.h ipvs: handle connections started by real-servers 2016-04-20 12:34:17 +10:00
ip.h net: snmp: kill STATS_BH macros 2016-04-27 22:48:25 -04:00
ipcomp.h
ipconfig.h
ipv6.h ipv6: add new struct ipcm6_cookie 2016-05-03 16:08:14 -04:00
ipx.h switch ipxrtr_route_packet() from iovec to msghdr 2014-11-24 04:28:49 -05:00
iw_handler.h cfg80211/wext: fix message ordering 2016-01-29 17:13:43 +01:00
kcm.h kcm: mark helper functions inline 2016-03-10 14:42:03 -05:00
l3mdev.h net: l3mdev: address selection should only consider devices in L3 domain 2016-02-26 14:22:26 -05:00
lapb.h lapb.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
lib80211.h lib80211: remove unused print_ssid() 2014-10-14 02:18:27 +02:00
llc_c_ac.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_c_ev.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_c_st.h llc: Make llc_conn_ev_qfyr_t function pointer arrays const 2014-12-10 15:21:24 -05:00
llc_conn.h net: Pass kern from net_proto_family.create to sk_alloc 2015-05-11 10:50:17 -04:00
llc_if.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_pdu.h net: llc: fix order of evaluation in llc_conn_ac_inc_vr_by_1 2014-01-01 22:22:43 -05:00
llc_s_ac.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_s_ev.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc_s_st.h llc: Make llc_sap_action_t function pointer arrays const 2014-12-10 15:21:24 -05:00
llc_sap.h llc*.h: Remove extern from function prototypes 2013-09-21 14:01:38 -04:00
llc.h llc: make lock static 2014-01-03 20:56:48 -05:00
lwtunnel.h lwtunnel: autoload of lwt modules 2016-02-21 22:00:28 -05:00
mac80211.h cfg80211: remove enum ieee80211_band 2016-04-12 15:56:15 +02:00
mac802154.h ieee802154: add short address helpers 2016-04-13 10:41:08 +02:00
mip6.h include/net/: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
mld.h ipv6: mld: answer mldv2 queries with mldv1 reports in mldv1 fallback 2014-09-22 16:23:15 -04:00
mpls_iptunnel.h mpls: multipath route support 2015-10-23 06:26:42 -07:00
mpls.h openvswitch: Add basic MPLS support to kernel 2014-11-05 23:52:33 -08:00
mrp.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-10-01 17:06:14 -04:00
ndisc.h Revert "ipv6: ndisc: inherit metadata dst when creating ndisc requests" 2015-12-01 15:07:59 -05:00
neighbour.h net: add explicit logging and stat for neighbour table overflow 2015-08-10 13:46:21 -07:00
net_namespace.h netfilter: cttimeout: add netns support 2015-12-14 12:48:58 +01:00
net_ratelimit.h
netevent.h netevent/netlink.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
netlabel.h netlabel: fix the netlbl_catmap_setlong() dummy function 2014-08-07 20:55:21 -04:00
netlink.h libnl: add nla_put_u64_64bit() helper 2016-04-23 20:13:25 -04:00
netprio_cgroup.h net: wrap sock->sk_cgrp_prioidx and ->sk_classid inside a struct 2015-12-08 22:02:33 -05:00
netrom.h netrom.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
nexthop.h
nl802154.h libnl: nla_put_le64(): align on a 64-bit area 2016-04-23 20:13:24 -04:00
p8022.h p8022.h: Remove extern from function prototypes 2013-09-21 14:01:39 -04:00
ping.h net: ping: make ping_v6_sendmsg static 2016-03-23 22:09:58 -04:00
pkt_cls.h net/flower: Fix pointer cast 2016-03-11 12:04:37 -05:00
pkt_sched.h net: sched: consolidate tc_classify{,_compat} 2015-08-27 14:18:48 -07:00
protocol.h udp: Remove udp_offloads 2016-04-07 16:53:30 -04:00
psnap.h psnap.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
raw.h sock: struct proto hash function may error 2016-02-11 03:54:14 -05:00
rawv6.h raw/rawv6.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
red.h reciprocal_divide: update/correction of the algorithm 2014-01-21 23:17:20 -08:00
regulatory.h cfg80211: allow wiphy specific regdomain management 2014-12-17 11:49:55 +01:00
request_sock.h inet: reqsk_alloc() needs to take care of dead listeners 2016-04-04 22:11:19 -04:00
rose.h rose.h: Remove extern from function prototypes 2013-09-23 01:51:08 -04:00
route.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-04-23 18:51:33 -04:00
rtnetlink.h net: rtnetlink: add linkxstats callbacks and attribute 2016-05-02 22:27:06 -04:00
sch_generic.h net: sched: use pfifo_fast for non real queues 2016-03-03 17:38:46 -05:00
scm.h unix: correctly track in-flight fds in sending process user_struct 2016-02-08 10:30:42 -05:00
secure_seq.h inetpeer: get rid of ip_id_count 2014-06-02 11:00:41 -07:00
slhc_vj.h
snmp.h net: snmp: fix 64bit stats on 32bit arches 2016-04-28 11:49:45 -04:00
sock_reuseport.h soreuseport: fix NULL ptr dereference SO_REUSEPORT after bind 2016-01-19 14:44:23 -05:00
sock.h tcp: fix lockdep splat in tcp_snd_una_update() 2016-05-04 16:55:11 -04:00
Space.h drivers: net: Include new header file in sbni.c 2013-12-19 18:51:20 -05:00
stp.h stp.h: Remove extern from function prototypes 2013-09-23 01:51:09 -04:00
switchdev.h switchdev: Adding complete operation to deferred switchdev ops 2016-04-24 14:23:32 -04:00
tcp_states.h inet: add TCP_NEW_SYN_RECV state 2015-03-12 22:58:12 -04:00
tcp.h tcp: refactor struct tcp_skb_cb 2016-05-09 00:03:26 -04:00
timewait_sock.h inet: remove BUG_ON() in twsk_destructor() 2015-07-09 15:12:20 -07:00
transp_v6.h ipv6: add new struct ipcm6_cookie 2016-05-03 16:08:14 -04:00
tso.h net: tso: add support for IPv6 2015-10-26 22:24:22 -07:00
udp_tunnel.h ip_tunnel_core: iptunnel_handle_offloads returns int and doesn't free skb 2016-04-16 19:09:13 -04:00
udp.h net: snmp: kill STATS_BH macros 2016-04-27 22:48:25 -04:00
udplite.h net: switch memcpy_fromiovec()/memcpy_fromiovecend() users to copy_from_iter() 2015-02-04 01:34:15 -05:00
vsock_addr.h VSOCK: Move af_vsock.h and vsock_addr.h to include/net 2013-07-27 22:14:06 -07:00
vxlan.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-05-04 00:52:29 -04:00
wext.h wext.h: Remove extern from function prototypes 2013-09-23 16:29:40 -04:00
wimax.h net: treewide: Fix typo found in DocBook/networking.xml 2014-09-05 17:35:28 -07:00
x25.h x25.h: Remove extern from function prototypes 2013-09-23 16:29:41 -04:00
x25device.h
xfrm.h net: xfrm: kill XFRM_INC_STATS_BH() 2016-04-27 22:48:23 -04:00