Re: [Cake] [PATCH net-next v14 4/7] sch_cake: Add NAT awareness to packet classifier

[Cc'ing netfilter-devel@ for awareness] On Mon, May 21, 2018 at 10:35:58PM +0200, Toke Høiland-Jørgensen wrote: > When CAKE is deployed on a gateway that also performs NAT (which is a > common deployment mode), the host fairness mechanism cannot distinguish > internal hosts from each other, and

Re: [PATCH 13/14] net: sched: use unique idr insert function in unlocked actions

On Mon, May 21, 2018 at 12:40:54AM +0300, Or Gerlitz wrote: > On Mon, May 21, 2018 at 12:33 AM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > On Mon, May 21, 2018 at 12:13:06AM +0300, Or Gerlitz wrote: > >> On Sun, May 20, 2018 at 1:20

Re: [PATCH 13/14] net: sched: use unique idr insert function in unlocked actions

On Mon, May 21, 2018 at 12:13:06AM +0300, Or Gerlitz wrote: > On Sun, May 20, 2018 at 1:20 AM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > On Mon, May 14, 2018 at 05:27:14PM +0300, Vlad Buslov wrote: > >> Substitute calls to action insert function

Re: [PATCH 14/14] net: sched: implement delete for all actions

On Wed, May 16, 2018 at 12:58:38PM +0300, Vlad Buslov wrote: > > On Wed 16 May 2018 at 09:48, Jiri Pirko wrote: > > Mon, May 14, 2018 at 04:27:15PM CEST, vla...@mellanox.com wrote: > >>Implement delete function that is required to delete actions without > >>holding rtnl lock.

Re: [PATCH 12/14] net: sched: retry action check-insert on concurrent modification

On Wed, May 16, 2018 at 03:21:35PM +0200, Jiri Pirko wrote: ... > int tcf_idr_check_alloc(struct tc_action_net *tn, u32 *index, > struct tc_action **a, int bind) Considering we don't have any other variant of it, maybe just "tcf_idr_alloc()" instead? -- To unsubscribe from

Re: [PATCH 13/14] net: sched: use unique idr insert function in unlocked actions

On Mon, May 14, 2018 at 05:27:14PM +0300, Vlad Buslov wrote: > Substitute calls to action insert function with calls to action insert > unique function that warns if insertion overwrites index in idr. I know this patch may be gone on V2, but a general comment, please use the function names

Re: [PATCH 10/14] net: sched: extend act API for lockless actions

Please use a more meaningful patch summary. This one is too generic. On Mon, May 14, 2018 at 05:27:11PM +0300, Vlad Buslov wrote: ... > +int tcf_idr_find_delete(struct tc_action_net *tn, u32 index) What about naming it tcf_idr_delete_index() instead? The find operation is always implicit when

Re: [PATCH 09/14] net: sched: don't release reference on action overwrite

On Mon, May 14, 2018 at 05:27:10PM +0300, Vlad Buslov wrote: > Return from action init function with reference to action taken, > even when overwriting existing action. Isn't this patch necessary before patch 7, to not break things up? AFAICU after patchset 7 it assumes the action init function

Re: [PATCH 06/14] net: sched: implement reference counted action release

On Mon, May 14, 2018 at 05:27:07PM +0300, Vlad Buslov wrote: ... > @@ -1052,6 +1088,36 @@ static int tca_action_flush(struct net *net, struct > nlattr *nla, > return err; > } > > +static int tcf_action_delete(struct net *net, struct list_head *actions, > + struct

Re: [PATCH 04/14] net: sched: implement unlocked action init API

On Mon, May 14, 2018 at 05:16:41PM +0200, Jiri Pirko wrote: > Mon, May 14, 2018 at 04:27:05PM CEST, vla...@mellanox.com wrote: > >Add additional 'unlocked' argument to act API init functions. > >Argument is true when rtnl lock is not taken and false otherwise. > >It is required to implement

Re: [PATCH 02/14] net: sched: change type of reference and bind counters

On Mon, May 14, 2018 at 05:27:03PM +0300, Vlad Buslov wrote: > Change type of action reference counter to refcount_t. > > Change type of action bind counter to atomic_t. > This type is used to allow decrementing bind counter without testing > for 0 result. ... and in what does not testing for 0

Re: [PATCH nf-next 1/2] netfilter: select LIBCRC32C together with SCTP conntrack

> kernel support for crc32c so that it is selected when NF_CT_PROTO_SCTP=y. > > Signed-off-by: Davide Caratti <dcara...@redhat.com> Reviewed-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > --- > net/netfilter/Kconfig | 2 +- > 1 file changed, 1 insertion(

[PATCH v2] netfilter: avoid warn and OOM killer on vmalloc call

; Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/netfilter/x_tables.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index fc4977456c30e098197b4f987b758072c9cf60d9..dece525bf83a0098dad607fce665cd

Re: [PATCH] netfilter: avoid warn and OOM on vmalloc call

On Thu, Dec 01, 2016 at 10:42:22AM +0100, Andrey Konovalov wrote: > On Wed, Nov 30, 2016 at 8:42 PM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > Hi Andrey, > > > > Please let me know how this works for you. It seems good here, though > > yo

[PATCH] netfilter: avoid warn and OOM on vmalloc call

ver, that under such stress situation, other places may trigger OOM invocation. Reported-by: Andrey Konovalov <andreyk...@google.com> Cc: Florian Westphal <f...@strlen.de> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/netfilter/x_tables.c | 4 +++- 1 file

Re: net/sctp: vmalloc allocation failure in sctp_setsockopt/xt_alloc_table_info

On Mon, Nov 28, 2016 at 07:09:25PM +0100, Florian Westphal wrote: > Neil Horman wrote: > > [ trimming CCs ] > > > On Mon, Nov 28, 2016 at 06:47:10PM +0100, Florian Westphal wrote: > > > Neil Horman wrote: > > > > I'm not sure I agree with that.

Re: net/sctp: vmalloc allocation failure in sctp_setsockopt/xt_alloc_table_info

On Mon, Nov 28, 2016 at 09:39:31AM -0500, Neil Horman wrote: > On Mon, Nov 28, 2016 at 03:33:40PM +0100, Andrey Konovalov wrote: > > On Mon, Nov 28, 2016 at 3:13 PM, Neil Horman wrote: > > > On Mon, Nov 28, 2016 at 02:00:19PM +0100, Andrey Konovalov wrote: > > >> Hi! > > >>

Re: [PACTH nf-next] netfilter: nf_reject_ipv4: don't send tcp RST if the packet is non-TCP

On Tue, Jun 21, 2016 at 09:35:55AM +0800, Liping Zhang wrote: > Hi Marcelo, > > 2016-06-20 23:48 GMT+08:00 Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com>: > > > > A different check/log is made for ip6: > > nf_reject_ip6_tcphdr_get(): > >