Compare commits
No commits in common. 'c9' and 'c8' have entirely different histories.
@ -1,69 +0,0 @@
|
||||
From ad96352bfdc2865237beca32fd7d50cfef3e75c7 Mon Sep 17 00:00:00 2001
|
||||
From: Wen Liang <wenliang@redhat.com>
|
||||
Date: Thu, 1 Jun 2023 10:33:46 -0400
|
||||
Subject: [PATCH] mptcp: add support for implicit flag
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2109135
|
||||
Upstream Status: iproute2-next.git commit 3a2535a4
|
||||
|
||||
commit 3a2535a41854d481c1a052e267d1fe5d83f9493c
|
||||
Author: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue May 16 11:48:04 2023 +0200
|
||||
|
||||
mptcp: add support for implicit flag
|
||||
|
||||
Kernel supports implicit flag since commit d045b9eb95a9 ("mptcp:
|
||||
introduce implicit endpoints"), included in v5.18.
|
||||
|
||||
Let's add support for displaying it to iproute2.
|
||||
|
||||
Before this change:
|
||||
$ ip mptcp endpoint show
|
||||
10.0.2.2 id 1 rawflags 10
|
||||
|
||||
After this change:
|
||||
$ ip mptcp endpoint show
|
||||
10.0.2.2 id 1 implicit
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
---
|
||||
ip/ipmptcp.c | 1 +
|
||||
man/man8/ip-mptcp.8 | 9 +++++++++
|
||||
2 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/ip/ipmptcp.c b/ip/ipmptcp.c
|
||||
index beba7a41..9847f95b 100644
|
||||
--- a/ip/ipmptcp.c
|
||||
+++ b/ip/ipmptcp.c
|
||||
@@ -58,6 +58,7 @@ static const struct {
|
||||
{ "subflow", MPTCP_PM_ADDR_FLAG_SUBFLOW },
|
||||
{ "backup", MPTCP_PM_ADDR_FLAG_BACKUP },
|
||||
{ "fullmesh", MPTCP_PM_ADDR_FLAG_FULLMESH },
|
||||
+ { "implicit", MPTCP_PM_ADDR_FLAG_IMPLICIT },
|
||||
{ "nobackup", MPTCP_PM_ADDR_FLAG_NONE },
|
||||
{ "nofullmesh", MPTCP_PM_ADDR_FLAG_NONE }
|
||||
};
|
||||
diff --git a/man/man8/ip-mptcp.8 b/man/man8/ip-mptcp.8
|
||||
index 72762f49..b427065c 100644
|
||||
--- a/man/man8/ip-mptcp.8
|
||||
+++ b/man/man8/ip-mptcp.8
|
||||
@@ -176,6 +176,15 @@ endpoint. When the peer does announce addresses, each received ADD_ADDR
|
||||
sub-option will trigger creation of an additional subflow to generate a
|
||||
full mesh topology.
|
||||
|
||||
+.TP
|
||||
+.BR implicit
|
||||
+In some scenarios, an MPTCP
|
||||
+.BR subflow
|
||||
+can use a local address mapped by a implicit endpoint created by the
|
||||
+in-kernel path manager. Once set, the implicit flag cannot be removed, but
|
||||
+other flags can be added to the endpoint. Implicit endpoints cannot be
|
||||
+created from user-space.
|
||||
+
|
||||
.sp
|
||||
.PP
|
||||
The
|
||||
--
|
||||
2.38.1
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
From 8bc9a4f3855d28ae718f14875dd78d49d53c4349 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <8bc9a4f3855d28ae718f14875dd78d49d53c4349.1686076455.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1686076455.git.aclaudi@redhat.com>
|
||||
References: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1686076455.git.aclaudi@redhat.com>
|
||||
From 4c2e1768c0d446345796dc058d1e114147a1029a Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <4c2e1768c0d446345796dc058d1e114147a1029a.1686090191.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1686090191.git.aclaudi@redhat.com>
|
||||
References: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1686090191.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue, 6 Jun 2023 20:08:25 +0200
|
||||
Date: Wed, 7 Jun 2023 00:15:59 +0200
|
||||
Subject: [PATCH] tc: add missing separator
|
||||
|
||||
Jira: https://issues.redhat.com/browse/RHEL-586
|
||||
Jira: https://issues.redhat.com/browse/RHEL-487
|
||||
Upstream Status: iproute2-next.git commit 4e0e56e0
|
||||
|
||||
commit 4e0e56e0ef05387f7f5d8ab41fe6ec6a1897b26d
|
||||
@ -0,0 +1,55 @@
|
||||
From dcff6d4c73cd9c33b4103a4505ecebe6852f63df Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <dcff6d4c73cd9c33b4103a4505ecebe6852f63df.1695227714.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
References: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue, 5 Sep 2023 12:44:19 +0200
|
||||
Subject: [PATCH] ss: make is_selinux_enabled stub work like in SELinux
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1780023
|
||||
Upstream Status: iproute2-next.git commit c8970828
|
||||
|
||||
commit c8970828b6509af3ab0f2982da335fb6a6c846af
|
||||
Author: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Wed Aug 23 19:29:59 2023 +0200
|
||||
|
||||
ss: make is_selinux_enabled stub work like in SELinux
|
||||
|
||||
From the is_selinux_enabled() manpage:
|
||||
|
||||
is_selinux_enabled() returns 1 if SELinux is running or 0 if it is not.
|
||||
|
||||
This makes the is_selinux_enabled() stub functions works exactly like
|
||||
the SELinux function it is supposed to replace.
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
---
|
||||
misc/ss.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/misc/ss.c b/misc/ss.c
|
||||
index de02fccb..d2dffbf8 100644
|
||||
--- a/misc/ss.c
|
||||
+++ b/misc/ss.c
|
||||
@@ -77,7 +77,7 @@
|
||||
/* Stubs for SELinux functions */
|
||||
static int is_selinux_enabled(void)
|
||||
{
|
||||
- return -1;
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
static int getpidcon(pid_t pid, char **context)
|
||||
@@ -5684,7 +5684,7 @@ int main(int argc, char *argv[])
|
||||
show_sock_ctx++;
|
||||
/* fall through */
|
||||
case 'Z':
|
||||
- if (is_selinux_enabled() <= 0) {
|
||||
+ if (!is_selinux_enabled()) {
|
||||
fprintf(stderr, "ss: SELinux is not enabled.\n");
|
||||
exit(1);
|
||||
}
|
||||
--
|
||||
2.41.0
|
||||
|
||||
@ -1,65 +0,0 @@
|
||||
From 80e59389e93bf3f45204a38536f3f228adf153c7 Mon Sep 17 00:00:00 2001
|
||||
Message-Id: <80e59389e93bf3f45204a38536f3f228adf153c7.1686076455.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1686076455.git.aclaudi@redhat.com>
|
||||
References: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1686076455.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue, 6 Jun 2023 20:05:15 +0200
|
||||
Subject: [PATCH] u32: fix TC_U32_TERMINAL printing
|
||||
|
||||
Jira: https://issues.redhat.com/browse/RHEL-337
|
||||
Upstream Status: iproute2-next.git commit 2854d69a
|
||||
|
||||
commit 2854d69a99f6e38d0d2426bd641a56d7a85bc61b
|
||||
Author: Hangbin Liu <liuhangbin@gmail.com>
|
||||
Date: Wed Mar 1 22:21:00 2023 +0800
|
||||
|
||||
u32: fix TC_U32_TERMINAL printing
|
||||
|
||||
We previously printed an asterisk if there was no 'sel' or
|
||||
'TC_U32_TERMINAL' flag. However,
|
||||
commit 1ff227545ce1 ("u32: fix json formatting of flowid")
|
||||
changed the logic to print an asterisk only if there is a
|
||||
'TC_U32_TERMINAL' flag. Therefore, we need to fix this
|
||||
regression.
|
||||
|
||||
Before the fix, the tdc u32 test failed:
|
||||
|
||||
1..11
|
||||
not ok 1 afa9 - Add u32 with source match
|
||||
Could not match regex pattern. Verify command output:
|
||||
filter protocol ip pref 1 u32 chain 0
|
||||
filter protocol ip pref 1 u32 chain 0 fh 800: ht divisor 1
|
||||
filter protocol ip pref 1 u32 chain 0 fh 800::800 order 2048 key ht 800 bkt 0 *flowid 1:1 not_in_hw
|
||||
match 7f000001/ffffffff at 12
|
||||
action order 1: gact action pass
|
||||
random type none pass val 0
|
||||
index 1 ref 1 bind 1
|
||||
|
||||
After fix, the test passed:
|
||||
1..11
|
||||
ok 1 afa9 - Add u32 with source match
|
||||
|
||||
Fixes: 1ff227545ce1 ("u32: fix json formatting of flowid")
|
||||
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
||||
Reviewed-by: Victor Nogueira <victor@mojatatu.com>
|
||||
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
|
||||
---
|
||||
tc/f_u32.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tc/f_u32.c b/tc/f_u32.c
|
||||
index bfe9e5f9..de2d0c9e 100644
|
||||
--- a/tc/f_u32.c
|
||||
+++ b/tc/f_u32.c
|
||||
@@ -1273,7 +1273,7 @@ static int u32_print_opt(struct filter_util *qu, FILE *f, struct rtattr *opt,
|
||||
if (tb[TCA_U32_CLASSID]) {
|
||||
__u32 classid = rta_getattr_u32(tb[TCA_U32_CLASSID]);
|
||||
SPRINT_BUF(b1);
|
||||
- if (sel && (sel->flags & TC_U32_TERMINAL))
|
||||
+ if (!sel || !(sel->flags & TC_U32_TERMINAL))
|
||||
print_string(PRINT_FP, NULL, "*", NULL);
|
||||
|
||||
print_string(PRINT_ANY, "flowid", "flowid %s ",
|
||||
--
|
||||
2.40.1
|
||||
|
||||
@ -0,0 +1,52 @@
|
||||
From d59fc35f66f5d0d6e7b3209c21f2c891a2ba0768 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <d59fc35f66f5d0d6e7b3209c21f2c891a2ba0768.1695227714.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
References: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue, 5 Sep 2023 12:44:19 +0200
|
||||
Subject: [PATCH] ss: make SELinux stub functions conformant to API definitions
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1780023
|
||||
Upstream Status: iproute2-next.git commit 61c6882c
|
||||
|
||||
commit 61c6882ce21c1247c06cd61783120be0a2e2019c
|
||||
Author: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Wed Aug 23 19:30:00 2023 +0200
|
||||
|
||||
ss: make SELinux stub functions conformant to API definitions
|
||||
|
||||
getfilecon() and security_get_initial_context() use the const qualifier
|
||||
for their first paramater in SELinux APIs.
|
||||
|
||||
This commit adds the const qualifier to these functions, making them
|
||||
conformant to API definitions.
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
---
|
||||
misc/ss.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/misc/ss.c b/misc/ss.c
|
||||
index d2dffbf8..fe19f489 100644
|
||||
--- a/misc/ss.c
|
||||
+++ b/misc/ss.c
|
||||
@@ -86,13 +86,13 @@ static int getpidcon(pid_t pid, char **context)
|
||||
return -1;
|
||||
}
|
||||
|
||||
-static int getfilecon(char *path, char **context)
|
||||
+static int getfilecon(const char *path, char **context)
|
||||
{
|
||||
*context = NULL;
|
||||
return -1;
|
||||
}
|
||||
|
||||
-static int security_get_initial_context(char *name, char **context)
|
||||
+static int security_get_initial_context(const char *name, char **context)
|
||||
{
|
||||
*context = NULL;
|
||||
return -1;
|
||||
--
|
||||
2.41.0
|
||||
|
||||
@ -0,0 +1,156 @@
|
||||
From 0e71f7774a764c0a19037b79b71d7146769082ac Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <0e71f7774a764c0a19037b79b71d7146769082ac.1695227714.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
References: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue, 5 Sep 2023 12:44:19 +0200
|
||||
Subject: [PATCH] lib: add SELinux include and stub functions
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1780023
|
||||
Upstream Status: iproute2-next.git commit e246ebc3
|
||||
|
||||
commit e246ebc3b7f1f438310ad6fd1d5976ba6ccf7a69
|
||||
Author: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Wed Aug 23 19:30:01 2023 +0200
|
||||
|
||||
lib: add SELinux include and stub functions
|
||||
|
||||
ss provides some selinux stub functions, useful when iproute2 is
|
||||
compiled without selinux support.
|
||||
|
||||
Move them to lib/ so we can use them in other iproute2 tools.
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
---
|
||||
include/selinux.h | 9 +++++++++
|
||||
lib/Makefile | 4 ++++
|
||||
lib/selinux.c | 32 ++++++++++++++++++++++++++++++++
|
||||
misc/ss.c | 34 +---------------------------------
|
||||
4 files changed, 46 insertions(+), 33 deletions(-)
|
||||
create mode 100644 include/selinux.h
|
||||
create mode 100644 lib/selinux.c
|
||||
|
||||
diff --git a/include/selinux.h b/include/selinux.h
|
||||
new file mode 100644
|
||||
index 00000000..499aa966
|
||||
--- /dev/null
|
||||
+++ b/include/selinux.h
|
||||
@@ -0,0 +1,9 @@
|
||||
+#if HAVE_SELINUX
|
||||
+#include <selinux/selinux.h>
|
||||
+#else
|
||||
+int is_selinux_enabled(void);
|
||||
+void freecon(char *context);
|
||||
+int getpidcon(pid_t pid, char **context);
|
||||
+int getfilecon(const char *path, char **context);
|
||||
+int security_get_initial_context(const char *name, char **context);
|
||||
+#endif
|
||||
diff --git a/lib/Makefile b/lib/Makefile
|
||||
index ddedd37f..aa7bbd2e 100644
|
||||
--- a/lib/Makefile
|
||||
+++ b/lib/Makefile
|
||||
@@ -13,6 +13,10 @@ UTILOBJ += bpf_libbpf.o
|
||||
endif
|
||||
endif
|
||||
|
||||
+ifneq ($(HAVE_SELINUX),y)
|
||||
+UTILOBJ += selinux.o
|
||||
+endif
|
||||
+
|
||||
NLOBJ=libgenl.o libnetlink.o
|
||||
ifeq ($(HAVE_MNL),y)
|
||||
NLOBJ += mnl_utils.o
|
||||
diff --git a/lib/selinux.c b/lib/selinux.c
|
||||
new file mode 100644
|
||||
index 00000000..4e6805fc
|
||||
--- /dev/null
|
||||
+++ b/lib/selinux.c
|
||||
@@ -0,0 +1,32 @@
|
||||
+#include <stdlib.h>
|
||||
+#include <unistd.h>
|
||||
+#include "selinux.h"
|
||||
+
|
||||
+/* Stubs for SELinux functions */
|
||||
+int is_selinux_enabled(void)
|
||||
+{
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+void freecon(char *context)
|
||||
+{
|
||||
+ free(context);
|
||||
+}
|
||||
+
|
||||
+int getpidcon(pid_t pid, char **context)
|
||||
+{
|
||||
+ *context = NULL;
|
||||
+ return -1;
|
||||
+}
|
||||
+
|
||||
+int getfilecon(const char *path, char **context)
|
||||
+{
|
||||
+ *context = NULL;
|
||||
+ return -1;
|
||||
+}
|
||||
+
|
||||
+int security_get_initial_context(const char *name, char **context)
|
||||
+{
|
||||
+ *context = NULL;
|
||||
+ return -1;
|
||||
+}
|
||||
diff --git a/misc/ss.c b/misc/ss.c
|
||||
index fe19f489..6e18bf0c 100644
|
||||
--- a/misc/ss.c
|
||||
+++ b/misc/ss.c
|
||||
@@ -33,6 +33,7 @@
|
||||
#include "version.h"
|
||||
#include "rt_names.h"
|
||||
#include "cg_map.h"
|
||||
+#include "selinux.h"
|
||||
|
||||
#include <linux/tcp.h>
|
||||
#include <linux/unix_diag.h>
|
||||
@@ -71,39 +72,6 @@
|
||||
#define BUF_CHUNKS_MAX 5 /* Maximum number of allocated buffer chunks */
|
||||
#define LEN_ALIGN(x) (((x) + 1) & ~1)
|
||||
|
||||
-#if HAVE_SELINUX
|
||||
-#include <selinux/selinux.h>
|
||||
-#else
|
||||
-/* Stubs for SELinux functions */
|
||||
-static int is_selinux_enabled(void)
|
||||
-{
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-static int getpidcon(pid_t pid, char **context)
|
||||
-{
|
||||
- *context = NULL;
|
||||
- return -1;
|
||||
-}
|
||||
-
|
||||
-static int getfilecon(const char *path, char **context)
|
||||
-{
|
||||
- *context = NULL;
|
||||
- return -1;
|
||||
-}
|
||||
-
|
||||
-static int security_get_initial_context(const char *name, char **context)
|
||||
-{
|
||||
- *context = NULL;
|
||||
- return -1;
|
||||
-}
|
||||
-
|
||||
-static void freecon(char *context)
|
||||
-{
|
||||
- free(context);
|
||||
-}
|
||||
-#endif
|
||||
-
|
||||
int preferred_family = AF_UNSPEC;
|
||||
static int show_options;
|
||||
int show_details;
|
||||
--
|
||||
2.41.0
|
||||
|
||||
@ -1,233 +0,0 @@
|
||||
From 92a7cd1de2b2137d8d3279ee32f9b0548d6f4894 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <92a7cd1de2b2137d8d3279ee32f9b0548d6f4894.1709652372.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1709652372.git.aclaudi@redhat.com>
|
||||
References: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1709652372.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Mon, 4 Mar 2024 23:37:51 +0100
|
||||
Subject: [PATCH] Update kernel headers
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-579
|
||||
Upstream Status: iproute2.git commit 94aeaf9cb12c88afa8fba8027a0e714aa4fec841
|
||||
|
||||
commit 94aeaf9cb12c88afa8fba8027a0e714aa4fec841
|
||||
Author: David Ahern <dsahern@kernel.org>
|
||||
Date: Tue Feb 7 09:09:29 2023 -0700
|
||||
|
||||
Update kernel headers
|
||||
|
||||
Update kernel headers to commit:
|
||||
61d731e6538d ("Merge tag 'linux-can-next-for-6.3-20230206' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next")
|
||||
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
---
|
||||
include/uapi/linux/bpf.h | 12 ++++++++
|
||||
include/uapi/linux/fou.h | 54 ++++++++++++++++------------------
|
||||
include/uapi/linux/if_bridge.h | 2 ++
|
||||
include/uapi/linux/if_link.h | 5 ++++
|
||||
include/uapi/linux/if_packet.h | 1 +
|
||||
include/uapi/linux/in.h | 1 +
|
||||
include/uapi/linux/snmp.h | 3 ++
|
||||
7 files changed, 50 insertions(+), 28 deletions(-)
|
||||
|
||||
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
|
||||
index a667908d..4abb4c73 100644
|
||||
--- a/include/uapi/linux/bpf.h
|
||||
+++ b/include/uapi/linux/bpf.h
|
||||
@@ -1156,6 +1156,11 @@ enum bpf_link_type {
|
||||
*/
|
||||
#define BPF_F_XDP_HAS_FRAGS (1U << 5)
|
||||
|
||||
+/* If BPF_F_XDP_DEV_BOUND_ONLY is used in BPF_PROG_LOAD command, the loaded
|
||||
+ * program becomes device-bound but can access XDP metadata.
|
||||
+ */
|
||||
+#define BPF_F_XDP_DEV_BOUND_ONLY (1U << 6)
|
||||
+
|
||||
/* link_create.kprobe_multi.flags used in LINK_CREATE command for
|
||||
* BPF_TRACE_KPROBE_MULTI attach type to create return probe.
|
||||
*/
|
||||
@@ -2644,6 +2649,11 @@ union bpf_attr {
|
||||
* Use with BPF_F_ADJ_ROOM_ENCAP_L2 flag to further specify the
|
||||
* L2 type as Ethernet.
|
||||
*
|
||||
+ * * **BPF_F_ADJ_ROOM_DECAP_L3_IPV4**,
|
||||
+ * **BPF_F_ADJ_ROOM_DECAP_L3_IPV6**:
|
||||
+ * Indicate the new IP header version after decapsulating the outer
|
||||
+ * IP header. Used when the inner and outer IP versions are different.
|
||||
+ *
|
||||
* A call to this helper is susceptible to change the underlying
|
||||
* packet buffer. Therefore, at load time, all checks on pointers
|
||||
* previously done by the verifier are invalidated and must be
|
||||
@@ -5803,6 +5813,8 @@ enum {
|
||||
BPF_F_ADJ_ROOM_ENCAP_L4_UDP = (1ULL << 4),
|
||||
BPF_F_ADJ_ROOM_NO_CSUM_RESET = (1ULL << 5),
|
||||
BPF_F_ADJ_ROOM_ENCAP_L2_ETH = (1ULL << 6),
|
||||
+ BPF_F_ADJ_ROOM_DECAP_L3_IPV4 = (1ULL << 7),
|
||||
+ BPF_F_ADJ_ROOM_DECAP_L3_IPV6 = (1ULL << 8),
|
||||
};
|
||||
|
||||
enum {
|
||||
diff --git a/include/uapi/linux/fou.h b/include/uapi/linux/fou.h
|
||||
index 9f915118..5a7b959b 100644
|
||||
--- a/include/uapi/linux/fou.h
|
||||
+++ b/include/uapi/linux/fou.h
|
||||
@@ -1,32 +1,37 @@
|
||||
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
|
||||
-/* fou.h - FOU Interface */
|
||||
+/* Do not edit directly, auto-generated from: */
|
||||
+/* Documentation/netlink/specs/fou.yaml */
|
||||
+/* YNL-GEN uapi header */
|
||||
|
||||
#ifndef _LINUX_FOU_H
|
||||
#define _LINUX_FOU_H
|
||||
|
||||
-/* NETLINK_GENERIC related info
|
||||
- */
|
||||
#define FOU_GENL_NAME "fou"
|
||||
-#define FOU_GENL_VERSION 0x1
|
||||
+#define FOU_GENL_VERSION 1
|
||||
|
||||
enum {
|
||||
- FOU_ATTR_UNSPEC,
|
||||
- FOU_ATTR_PORT, /* u16 */
|
||||
- FOU_ATTR_AF, /* u8 */
|
||||
- FOU_ATTR_IPPROTO, /* u8 */
|
||||
- FOU_ATTR_TYPE, /* u8 */
|
||||
- FOU_ATTR_REMCSUM_NOPARTIAL, /* flag */
|
||||
- FOU_ATTR_LOCAL_V4, /* u32 */
|
||||
- FOU_ATTR_LOCAL_V6, /* in6_addr */
|
||||
- FOU_ATTR_PEER_V4, /* u32 */
|
||||
- FOU_ATTR_PEER_V6, /* in6_addr */
|
||||
- FOU_ATTR_PEER_PORT, /* u16 */
|
||||
- FOU_ATTR_IFINDEX, /* s32 */
|
||||
-
|
||||
- __FOU_ATTR_MAX,
|
||||
+ FOU_ENCAP_UNSPEC,
|
||||
+ FOU_ENCAP_DIRECT,
|
||||
+ FOU_ENCAP_GUE,
|
||||
};
|
||||
|
||||
-#define FOU_ATTR_MAX (__FOU_ATTR_MAX - 1)
|
||||
+enum {
|
||||
+ FOU_ATTR_UNSPEC,
|
||||
+ FOU_ATTR_PORT,
|
||||
+ FOU_ATTR_AF,
|
||||
+ FOU_ATTR_IPPROTO,
|
||||
+ FOU_ATTR_TYPE,
|
||||
+ FOU_ATTR_REMCSUM_NOPARTIAL,
|
||||
+ FOU_ATTR_LOCAL_V4,
|
||||
+ FOU_ATTR_LOCAL_V6,
|
||||
+ FOU_ATTR_PEER_V4,
|
||||
+ FOU_ATTR_PEER_V6,
|
||||
+ FOU_ATTR_PEER_PORT,
|
||||
+ FOU_ATTR_IFINDEX,
|
||||
+
|
||||
+ __FOU_ATTR_MAX
|
||||
+};
|
||||
+#define FOU_ATTR_MAX (__FOU_ATTR_MAX - 1)
|
||||
|
||||
enum {
|
||||
FOU_CMD_UNSPEC,
|
||||
@@ -34,15 +39,8 @@ enum {
|
||||
FOU_CMD_DEL,
|
||||
FOU_CMD_GET,
|
||||
|
||||
- __FOU_CMD_MAX,
|
||||
+ __FOU_CMD_MAX
|
||||
};
|
||||
-
|
||||
-enum {
|
||||
- FOU_ENCAP_UNSPEC,
|
||||
- FOU_ENCAP_DIRECT,
|
||||
- FOU_ENCAP_GUE,
|
||||
-};
|
||||
-
|
||||
-#define FOU_CMD_MAX (__FOU_CMD_MAX - 1)
|
||||
+#define FOU_CMD_MAX (__FOU_CMD_MAX - 1)
|
||||
|
||||
#endif /* _LINUX_FOU_H */
|
||||
diff --git a/include/uapi/linux/if_bridge.h b/include/uapi/linux/if_bridge.h
|
||||
index 4a887cf4..921b212d 100644
|
||||
--- a/include/uapi/linux/if_bridge.h
|
||||
+++ b/include/uapi/linux/if_bridge.h
|
||||
@@ -523,6 +523,8 @@ enum {
|
||||
BRIDGE_VLANDB_ENTRY_TUNNEL_INFO,
|
||||
BRIDGE_VLANDB_ENTRY_STATS,
|
||||
BRIDGE_VLANDB_ENTRY_MCAST_ROUTER,
|
||||
+ BRIDGE_VLANDB_ENTRY_MCAST_N_GROUPS,
|
||||
+ BRIDGE_VLANDB_ENTRY_MCAST_MAX_GROUPS,
|
||||
__BRIDGE_VLANDB_ENTRY_MAX,
|
||||
};
|
||||
#define BRIDGE_VLANDB_ENTRY_MAX (__BRIDGE_VLANDB_ENTRY_MAX - 1)
|
||||
diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
|
||||
index 644d3554..71ddffc6 100644
|
||||
--- a/include/uapi/linux/if_link.h
|
||||
+++ b/include/uapi/linux/if_link.h
|
||||
@@ -374,6 +374,9 @@ enum {
|
||||
|
||||
IFLA_DEVLINK_PORT,
|
||||
|
||||
+ IFLA_GSO_IPV4_MAX_SIZE,
|
||||
+ IFLA_GRO_IPV4_MAX_SIZE,
|
||||
+
|
||||
__IFLA_MAX
|
||||
};
|
||||
|
||||
@@ -562,6 +565,8 @@ enum {
|
||||
IFLA_BRPORT_MCAST_EHT_HOSTS_CNT,
|
||||
IFLA_BRPORT_LOCKED,
|
||||
IFLA_BRPORT_MAB,
|
||||
+ IFLA_BRPORT_MCAST_N_GROUPS,
|
||||
+ IFLA_BRPORT_MCAST_MAX_GROUPS,
|
||||
__IFLA_BRPORT_MAX
|
||||
};
|
||||
#define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1)
|
||||
diff --git a/include/uapi/linux/if_packet.h b/include/uapi/linux/if_packet.h
|
||||
index a8516b35..78c981d6 100644
|
||||
--- a/include/uapi/linux/if_packet.h
|
||||
+++ b/include/uapi/linux/if_packet.h
|
||||
@@ -115,6 +115,7 @@ struct tpacket_auxdata {
|
||||
#define TP_STATUS_BLK_TMO (1 << 5)
|
||||
#define TP_STATUS_VLAN_TPID_VALID (1 << 6) /* auxdata has valid tp_vlan_tpid */
|
||||
#define TP_STATUS_CSUM_VALID (1 << 7)
|
||||
+#define TP_STATUS_GSO_TCP (1 << 8)
|
||||
|
||||
/* Tx ring - header status */
|
||||
#define TP_STATUS_AVAILABLE 0
|
||||
diff --git a/include/uapi/linux/in.h b/include/uapi/linux/in.h
|
||||
index dccf0791..c087f0a2 100644
|
||||
--- a/include/uapi/linux/in.h
|
||||
+++ b/include/uapi/linux/in.h
|
||||
@@ -162,6 +162,7 @@ struct in_addr {
|
||||
#define MCAST_MSFILTER 48
|
||||
#define IP_MULTICAST_ALL 49
|
||||
#define IP_UNICAST_IF 50
|
||||
+#define IP_LOCAL_PORT_RANGE 51
|
||||
|
||||
#define MCAST_EXCLUDE 0
|
||||
#define MCAST_INCLUDE 1
|
||||
diff --git a/include/uapi/linux/snmp.h b/include/uapi/linux/snmp.h
|
||||
index 6600cb01..26f33a4c 100644
|
||||
--- a/include/uapi/linux/snmp.h
|
||||
+++ b/include/uapi/linux/snmp.h
|
||||
@@ -95,6 +95,8 @@ enum
|
||||
ICMP_MIB_OUTADDRMASKS, /* OutAddrMasks */
|
||||
ICMP_MIB_OUTADDRMASKREPS, /* OutAddrMaskReps */
|
||||
ICMP_MIB_CSUMERRORS, /* InCsumErrors */
|
||||
+ ICMP_MIB_RATELIMITGLOBAL, /* OutRateLimitGlobal */
|
||||
+ ICMP_MIB_RATELIMITHOST, /* OutRateLimitHost */
|
||||
__ICMP_MIB_MAX
|
||||
};
|
||||
|
||||
@@ -112,6 +114,7 @@ enum
|
||||
ICMP6_MIB_OUTMSGS, /* OutMsgs */
|
||||
ICMP6_MIB_OUTERRORS, /* OutErrors */
|
||||
ICMP6_MIB_CSUMERRORS, /* InCsumErrors */
|
||||
+ ICMP6_MIB_RATELIMITHOST, /* OutRateLimitHost */
|
||||
__ICMP6_MIB_MAX
|
||||
};
|
||||
|
||||
--
|
||||
2.44.0
|
||||
|
||||
@ -0,0 +1,81 @@
|
||||
From 6bfcc5679d601c393e7d6ca6c78c2d7680c3e4f2 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <6bfcc5679d601c393e7d6ca6c78c2d7680c3e4f2.1695227714.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
References: <6a3ecf4fd80f7dcecb72b6c83781f5aed463a75b.1695227714.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Tue, 5 Sep 2023 12:44:19 +0200
|
||||
Subject: [PATCH] ip vrf: make ipvrf_exec SELinux-aware
|
||||
|
||||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1780023
|
||||
Upstream Status: iproute2-next.git commit 0d0eeaa6
|
||||
|
||||
commit 0d0eeaa6cb9218e57ce910fc3a8991b80da6393e
|
||||
Author: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Wed Aug 23 19:30:02 2023 +0200
|
||||
|
||||
ip vrf: make ipvrf_exec SELinux-aware
|
||||
|
||||
When using ip vrf and SELinux is enabled, make sure to set the exec file
|
||||
context before calling cmd_exec.
|
||||
|
||||
This ensures that the command is executed with the right context,
|
||||
falling back to the ifconfig_t context when needed.
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
---
|
||||
include/selinux.h | 1 +
|
||||
ip/ipvrf.c | 6 ++++++
|
||||
lib/selinux.c | 5 +++++
|
||||
3 files changed, 12 insertions(+)
|
||||
|
||||
diff --git a/include/selinux.h b/include/selinux.h
|
||||
index 499aa966..592c7680 100644
|
||||
--- a/include/selinux.h
|
||||
+++ b/include/selinux.h
|
||||
@@ -6,4 +6,5 @@ void freecon(char *context);
|
||||
int getpidcon(pid_t pid, char **context);
|
||||
int getfilecon(const char *path, char **context);
|
||||
int security_get_initial_context(const char *name, char **context);
|
||||
+int setexecfilecon(const char *filename, const char *fallback_type);
|
||||
#endif
|
||||
diff --git a/ip/ipvrf.c b/ip/ipvrf.c
|
||||
index 0718bea8..b0dd2abe 100644
|
||||
--- a/ip/ipvrf.c
|
||||
+++ b/ip/ipvrf.c
|
||||
@@ -24,6 +24,7 @@
|
||||
#include "utils.h"
|
||||
#include "ip_common.h"
|
||||
#include "bpf_util.h"
|
||||
+#include "selinux.h"
|
||||
|
||||
#define CGRP_PROC_FILE "/cgroup.procs"
|
||||
|
||||
@@ -455,6 +456,11 @@ static int ipvrf_exec(int argc, char **argv)
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (is_selinux_enabled() && setexecfilecon(argv[1], "ifconfig_t")) {
|
||||
+ fprintf(stderr, "setexecfilecon for \"%s\" failed\n", argv[1]);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
return -cmd_exec(argv[1], argv + 1, !!batch_mode, do_switch, argv[0]);
|
||||
}
|
||||
|
||||
diff --git a/lib/selinux.c b/lib/selinux.c
|
||||
index 4e6805fc..7e5dd16d 100644
|
||||
--- a/lib/selinux.c
|
||||
+++ b/lib/selinux.c
|
||||
@@ -30,3 +30,8 @@ int security_get_initial_context(const char *name, char **context)
|
||||
*context = NULL;
|
||||
return -1;
|
||||
}
|
||||
+
|
||||
+int setexecfilecon(const char *filename, const char *fallback_type)
|
||||
+{
|
||||
+ return -1;
|
||||
+}
|
||||
--
|
||||
2.41.0
|
||||
|
||||
@ -1,175 +0,0 @@
|
||||
From 7ef7c73bc3a271e3e5ccb8b1525c6e9152b99c9a Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <7ef7c73bc3a271e3e5ccb8b1525c6e9152b99c9a.1709652372.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1709652372.git.aclaudi@redhat.com>
|
||||
References: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1709652372.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Mon, 4 Mar 2024 23:37:51 +0100
|
||||
Subject: [PATCH] iplink: add gso and gro max_size attributes for ipv4
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-579
|
||||
Upstream Status: iproute2.git commit 1dafe448c7a2f2be5dfddd8da250980708a48c41
|
||||
|
||||
commit 1dafe448c7a2f2be5dfddd8da250980708a48c41
|
||||
Author: Xin Long <lucien.xin@gmail.com>
|
||||
Date: Thu Feb 9 18:44:24 2023 -0500
|
||||
|
||||
iplink: add gso and gro max_size attributes for ipv4
|
||||
|
||||
This patch adds two attributes gso/gro_ipv4_max_size in iplink for the
|
||||
user space support of the BIG TCP for IPv4:
|
||||
|
||||
https://lore.kernel.org/netdev/de811bf3-e2d8-f727-72bc-c8a754a9d929@tessares.net/T/
|
||||
|
||||
Note that after this kernel patchset, "gso/gro_max_size" are used for IPv6
|
||||
packets while "gso/gro_ipv4_max_size" are for IPv4 patckets. To not break
|
||||
these old applications using "gso/gro_ipv4_max_size" for IPv4 GSO packets,
|
||||
the new size will also be set on "gso/gro_ipv4_max_size" in kernel when
|
||||
"gso/gro_max_size" changes to a value <= 65536.
|
||||
|
||||
Signed-off-by: Xin Long <lucien.xin@gmail.com>
|
||||
Signed-off-by: David Ahern <dsahern@kernel.org>
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
---
|
||||
ip/ipaddress.c | 12 ++++++++++++
|
||||
ip/iplink.c | 22 ++++++++++++++++++++--
|
||||
man/man8/ip-link.8.in | 30 +++++++++++++++++++++++++++---
|
||||
3 files changed, 59 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/ip/ipaddress.c b/ip/ipaddress.c
|
||||
index c7553bcd..9ba81438 100644
|
||||
--- a/ip/ipaddress.c
|
||||
+++ b/ip/ipaddress.c
|
||||
@@ -1264,6 +1264,18 @@ int print_linkinfo(struct nlmsghdr *n, void *arg)
|
||||
"gro_max_size %u ",
|
||||
rta_getattr_u32(tb[IFLA_GRO_MAX_SIZE]));
|
||||
|
||||
+ if (tb[IFLA_GSO_IPV4_MAX_SIZE])
|
||||
+ print_uint(PRINT_ANY,
|
||||
+ "gso_ipv4_max_size",
|
||||
+ "gso_ipv4_max_size %u ",
|
||||
+ rta_getattr_u32(tb[IFLA_GSO_IPV4_MAX_SIZE]));
|
||||
+
|
||||
+ if (tb[IFLA_GRO_IPV4_MAX_SIZE])
|
||||
+ print_uint(PRINT_ANY,
|
||||
+ "gro_ipv4_max_size",
|
||||
+ "gro_ipv4_max_size %u ",
|
||||
+ rta_getattr_u32(tb[IFLA_GRO_IPV4_MAX_SIZE]));
|
||||
+
|
||||
if (tb[IFLA_PHYS_PORT_NAME])
|
||||
print_string(PRINT_ANY,
|
||||
"phys_port_name",
|
||||
diff --git a/ip/iplink.c b/ip/iplink.c
|
||||
index 4ec9e370..a8da52f9 100644
|
||||
--- a/ip/iplink.c
|
||||
+++ b/ip/iplink.c
|
||||
@@ -114,8 +114,8 @@ void iplink_usage(void)
|
||||
" [ addrgenmode { eui64 | none | stable_secret | random } ]\n"
|
||||
" [ protodown { on | off } ]\n"
|
||||
" [ protodown_reason PREASON { on | off } ]\n"
|
||||
- " [ gso_max_size BYTES ] | [ gso_max_segs PACKETS ]\n"
|
||||
- " [ gro_max_size BYTES ]\n"
|
||||
+ " [ gso_max_size BYTES ] [ gso_ipv4_max_size BYTES ] [ gso_max_segs PACKETS ]\n"
|
||||
+ " [ gro_max_size BYTES ] [ gro_ipv4_max_size BYTES ]\n"
|
||||
"\n"
|
||||
" ip link show [ DEVICE | group GROUP ] [up] [master DEV] [vrf NAME] [type TYPE]\n"
|
||||
" [nomaster]\n"
|
||||
@@ -948,6 +948,24 @@ int iplink_parse(int argc, char **argv, struct iplink_req *req, char **type)
|
||||
*argv);
|
||||
addattr32(&req->n, sizeof(*req),
|
||||
IFLA_GRO_MAX_SIZE, max_size);
|
||||
+ } else if (strcmp(*argv, "gso_ipv4_max_size") == 0) {
|
||||
+ unsigned int max_size;
|
||||
+
|
||||
+ NEXT_ARG();
|
||||
+ if (get_unsigned(&max_size, *argv, 0))
|
||||
+ invarg("Invalid \"gso_ipv4_max_size\" value\n",
|
||||
+ *argv);
|
||||
+ addattr32(&req->n, sizeof(*req),
|
||||
+ IFLA_GSO_IPV4_MAX_SIZE, max_size);
|
||||
+ } else if (strcmp(*argv, "gro_ipv4_max_size") == 0) {
|
||||
+ unsigned int max_size;
|
||||
+
|
||||
+ NEXT_ARG();
|
||||
+ if (get_unsigned(&max_size, *argv, 0))
|
||||
+ invarg("Invalid \"gro_ipv4_max_size\" value\n",
|
||||
+ *argv);
|
||||
+ addattr32(&req->n, sizeof(*req),
|
||||
+ IFLA_GRO_IPV4_MAX_SIZE, max_size);
|
||||
} else if (strcmp(*argv, "parentdev") == 0) {
|
||||
NEXT_ARG();
|
||||
addattr_l(&req->n, sizeof(*req), IFLA_PARENT_DEV_NAME,
|
||||
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
|
||||
index 62aebabd..bec1b78b 100644
|
||||
--- a/man/man8/ip-link.8.in
|
||||
+++ b/man/man8/ip-link.8.in
|
||||
@@ -38,11 +38,16 @@ ip-link \- network device configuration
|
||||
.br
|
||||
.RB "[ " gso_max_size
|
||||
.IR BYTES " ]"
|
||||
+.RB "[ " gso_ipv4_max_size
|
||||
+.IR BYTES " ]"
|
||||
.RB "[ " gso_max_segs
|
||||
.IR SEGMENTS " ]"
|
||||
.br
|
||||
.RB "[ " gro_max_size
|
||||
.IR BYTES " ]"
|
||||
+.RB "[ " gro_ipv4_max_size
|
||||
+.IR BYTES " ]"
|
||||
+.br
|
||||
.RB "[ " netns " {"
|
||||
.IR PID " | " NETNSNAME " } ]"
|
||||
.br
|
||||
@@ -90,10 +95,15 @@ ip-link \- network device configuration
|
||||
.br
|
||||
.RB "[ " gso_max_size
|
||||
.IR BYTES " ]"
|
||||
+.RB "[ " gso_ipv4_max_size
|
||||
+.IR BYTES " ]"
|
||||
.RB "[ " gso_max_segs
|
||||
.IR SEGMENTS " ]"
|
||||
+.br
|
||||
.RB "[ " gro_max_size
|
||||
.IR BYTES " ]"
|
||||
+.RB "[ " gro_ipv4_max_size
|
||||
+.IR BYTES " ]"
|
||||
.br
|
||||
.RB "[ " name
|
||||
.IR NEWNAME " ]"
|
||||
@@ -423,7 +433,14 @@ specifies the number of receive queues for new device.
|
||||
.TP
|
||||
.BI gso_max_size " BYTES "
|
||||
specifies the recommended maximum size of a Generic Segment Offload
|
||||
-packet the new device should accept.
|
||||
+packet the new device should accept. This is also used to enable BIG
|
||||
+TCP for IPv6 on this device when the size is greater than 65536.
|
||||
+
|
||||
+.TP
|
||||
+.BI gso_ipv4_max_size " BYTES "
|
||||
+specifies the recommended maximum size of a IPv4 Generic Segment Offload
|
||||
+packet the new device should accept. This is especially used to enable
|
||||
+BIG TCP for IPv4 on this device by setting to a size greater than 65536.
|
||||
|
||||
.TP
|
||||
.BI gso_max_segs " SEGMENTS "
|
||||
@@ -432,8 +449,15 @@ segments the new device should accept.
|
||||
|
||||
.TP
|
||||
.BI gro_max_size " BYTES "
|
||||
-specifies the maximum size of a packet built by GRO stack
|
||||
-on this device.
|
||||
+specifies the maximum size of a packet built by GRO stack on this
|
||||
+device. This is also used for BIG TCP to allow the size of a
|
||||
+merged IPv6 GSO packet on this device greater than 65536.
|
||||
+
|
||||
+.TP
|
||||
+.BI gro_ipv4_max_size " BYTES "
|
||||
+specifies the maximum size of a IPv4 packet built by GRO stack on this
|
||||
+device. This is especially used for BIG TCP to allow the size of a
|
||||
+merged IPv4 GSO packet on this device greater than 65536.
|
||||
|
||||
.TP
|
||||
.BI index " IDX "
|
||||
--
|
||||
2.44.0
|
||||
|
||||
@ -1,54 +0,0 @@
|
||||
From c7160bde79189ba8674acb6355771fb91b6eca28 Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <c7160bde79189ba8674acb6355771fb91b6eca28.1709652372.git.aclaudi@redhat.com>
|
||||
In-Reply-To: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1709652372.git.aclaudi@redhat.com>
|
||||
References: <d60a7ac3c0f6aa2a933f48a69ab31e3637f6906c.1709652372.git.aclaudi@redhat.com>
|
||||
From: Andrea Claudi <aclaudi@redhat.com>
|
||||
Date: Mon, 4 Mar 2024 23:37:51 +0100
|
||||
Subject: [PATCH] man: ip-link.8: add a note for gso_ipv4_max_size
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-579
|
||||
Upstream Status: iproute2-next.git commit 1d7f908103be90e8ac836ef0ce03b72997664b5a
|
||||
|
||||
commit 1d7f908103be90e8ac836ef0ce03b72997664b5a
|
||||
Author: Xin Long <lucien.xin@gmail.com>
|
||||
Date: Mon Feb 19 14:16:04 2024 -0500
|
||||
|
||||
man: ip-link.8: add a note for gso_ipv4_max_size
|
||||
|
||||
As Paolo noticed, a skb->len check against gso_max_size was added in:
|
||||
|
||||
https://lore.kernel.org/netdev/20231219125331.4127498-1-edumazet@google.com/
|
||||
|
||||
gso_max_size needs to be set to a value greater than or equal to
|
||||
gso_ipv4_max_size to make BIG TCP IPv4 work properly.
|
||||
|
||||
To not break the current setup, this patch just adds a note into its
|
||||
man doc for this.
|
||||
|
||||
Reported-by: Xiumei Mu <xmu@redhat.com>
|
||||
Signed-off-by: Xin Long <lucien.xin@gmail.com>
|
||||
|
||||
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
|
||||
---
|
||||
man/man8/ip-link.8.in | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
|
||||
index bec1b78b..b90d56c2 100644
|
||||
--- a/man/man8/ip-link.8.in
|
||||
+++ b/man/man8/ip-link.8.in
|
||||
@@ -441,6 +441,11 @@ TCP for IPv6 on this device when the size is greater than 65536.
|
||||
specifies the recommended maximum size of a IPv4 Generic Segment Offload
|
||||
packet the new device should accept. This is especially used to enable
|
||||
BIG TCP for IPv4 on this device by setting to a size greater than 65536.
|
||||
+Note that
|
||||
+.B gso_max_size
|
||||
+needs to be set to a size greater than or equal to
|
||||
+.B gso_ipv4_max_size
|
||||
+to really enable BIG TCP for IPv4.
|
||||
|
||||
.TP
|
||||
.BI gso_max_segs " SEGMENTS "
|
||||
--
|
||||
2.44.0
|
||||
|
||||
Loading…
Reference in new issue