34666d467cbf1e2e3c7bb15a63eccfb582cdd71f |
|
18-Sep-2014 |
Pablo Neira Ayuso <pablo@netfilter.org> |
netfilter: bridge: move br_netfilter out of the core Jesper reported that br_netfilter always registers the hooks since this is part of the bridge core. This harms performance for people that don't need this. This patch modularizes br_netfilter so it can be rmmod'ed, thus, the hooks can be unregistered. I think the bridge netfilter should have been a separated module since the beginning, Patrick agreed on that. Note that this is breaking compatibility for users that expect that bridge netfilter is going to be available after explicitly 'modprobe bridge' or via automatic load through brctl. However, the damage can be easily undone by modprobing br_netfilter. The bridge core also spots a message to provide a clue to people that didn't notice that this has been deprecated. On top of that, the plan is that nftables will not rely on this software layer, but integrate the connection tracking into the bridge layer to enable stateful filtering and NAT, which is was bridge netfilter users seem to require. This patch still keeps the fake_dst_ops in the bridge core, since this is required by when the bridge port is initialized. So we can safely modprobe/rmmod br_netfilter anytime. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Florian Westphal <fw@strlen.de>
|
b1282726d53465c7362eb134eb335173e8cd5b8c |
|
21-May-2014 |
Cong Wang <xiyou.wangcong@gmail.com> |
bridge: make br_device_notifier static Merge net/bridge/br_notify.c into net/bridge/br.c, since it has only br_device_event() and br.c is small. Cc: Stephen Hemminger <stephen@networkplumber.org> Cc: David S. Miller <davem@davemloft.net> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
b86f81cca9442ce6cfbe76d10fb8d2c61122ae12 |
|
10-Jan-2014 |
WANG Cong <xiyou.wangcong@gmail.com> |
bridge: move br_net_exit() to br.c And it can become static. Cc: Stephen Hemminger <stephen@networkplumber.org> Cc: David S. Miller <davem@davemloft.net> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
e6373c4c0ecb3a944c34117a3daeac315d641b5f |
|
12-Dec-2011 |
Igor Maravić <igorm@etf.rs> |
net:bridge: use IS_ENABLED Use IS_ENABLED(CONFIG_FOO) instead of defined(CONFIG_FOO) || defined (CONFIG_FOO_MODULE) Signed-off-by: Igor Maravić <igorm@etf.rs> Signed-off-by: David S. Miller <davem@davemloft.net>
|
bb900b27a2f49b37bc38c08e656ea13048fee13b |
|
04-Apr-2011 |
stephen hemminger <shemminger@vyatta.com> |
bridge: allow creating bridge devices with netlink Add netlink device ops to allow creating bridge device via netlink. This works in a manner similar to vlan, macvlan and bonding. Example: # ip link add link dev br0 type bridge # ip link del dev br0 The change required rearranging initializtion code to deal with being called by create link. Most of the initialization happens in br_dev_setup, but allocation of stats is done in ndo_init callback to deal with allocation failure. Sysfs setup has to wait until after the network device kobject is registered. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
a386f99025f13b32502fe5dedf223c20d7283826 |
|
15-Nov-2010 |
Eric Dumazet <eric.dumazet@gmail.com> |
bridge: add proper RCU annotation to should_route_hook Add br_should_route_hook_t typedef, this is the only way we can get a clean RCU implementation for function pointer. Move route_hook to location where it is used. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
ab95bfe01f9872459c8678572ccadbf646badad0 |
|
01-Jun-2010 |
Jiri Pirko <jpirko@redhat.com> |
net: replace hooks in __netif_receive_skb V5 What this patch does is it removes two receive frame hooks (for bridge and for macvlan) from __netif_receive_skb. These are replaced them with a single hook for both. It only supports one hook per device because it makes no sense to do bridging and macvlan on the same device. Then a network driver (of virtual netdev like macvlan or bridge) can register an rx_handler for needed net device. Signed-off-by: Jiri Pirko <jpirko@redhat.com> Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
28a16c97963d3bc36a2c192859f6d8025ef2967a |
|
10-May-2010 |
stephen hemminger <shemminger@vyatta.com> |
bridge: change console message interface Use one set of macro's for all bridge messages. Note: can't use netdev_XXX macro's because bridge is purely virtual and has no device parent. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
473c22d759e73cbbe604f41105b497817cc2ee8e |
|
26-Jun-2009 |
Jesper Dangaard Brouer <hawk@comx.dk> |
bridge: Use rcu_barrier() instead of syncronize_net() on unload. When unloading modules that uses call_rcu() callbacks, then we must use rcu_barrier(). This module uses syncronize_net() which is not enough to be sure that all callback has been completed. Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Jesper Dangaard Brouer <hawk@comx.dk> Signed-off-by: David S. Miller <davem@davemloft.net>
|
da6782927de809d9d427bd4bd6a4024243e41f13 |
|
05-Jun-2009 |
Michał Mirosław <mirq-linux@rere.qmqm.pl> |
bridge: Simplify interface for ATM LANE This patch changes FDB entry check for ATM LANE bridge integration. There's no point in holding a FDB entry around SKB building. br_fdb_get()/br_fdb_put() pair are changed into single br_fdb_test_addr() hook that checks if the addr has FDB entry pointing to other port to the one the request arrived on. FDB entry refcounting is removed as it's not used anywhere else. Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl> Acked-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
712d6954e3998d0de2840d8130941e8042541246 |
|
09-Sep-2008 |
Alexey Dobriyan <adobriyan@gmail.com> |
netns bridge: cleanup bridges during netns stop Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Stephen Hemminger <shemming@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
7c85fbf0657f216557b0c9c4a2e4e07f37d8bb8c |
|
06-Jul-2008 |
Patrick McHardy <kaber@trash.net> |
bridge: Use STP demux Use the STP demux layer for receiving STP PDUs instead of directly registering with LLC. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
0b040829952d84bf2a62526f0e24b624e0699447 |
|
11-Jun-2008 |
Adrian Bunk <bunk@kernel.org> |
net: remove CVS keywords This patch removes CVS keywords that weren't updated for a long time from comments. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
d69efb16891ddfa6c0b527f912a7193054d50281 |
|
29-Apr-2008 |
Bodo Stroesser <bstroesser@fujitsu-siemens.com> |
bridge: kernel panic when unloading bridge module There is a race condition when unloading bridge and netfilter. The problem happens if __fake_rtable is in use by a skb coming in, while someone starts to unload bridge.ko. br_netfilter_fini() is called at the beginning of unload in br_deinit() while skbs still are being forwarded and transferred to local ip stack. Thus there is a possibility of the __fake_rtable pointer not being removed in a skb that goes up to ip stack. This results in a kernel panic, as ip_rcv() calls the input-function of __fake_rtable, which is NULL. Moving the call of br_netfilter_fini() to the end of br_deinit() solves the problem. Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com> Signed-off-by: Stephen Hemminger <stephen.hemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
17efdd45755c0eb8d1418a1368ef7c7ebbe98c6e |
|
29-Nov-2007 |
Pavel Emelyanov <xemul@openvz.org> |
[BRIDGE]: Lost call to br_fdb_fini() in br_init() error path In case the br_netfilter_init() (or any subsequent call) fails, the br_fdb_fini() must be called to free the allocated in br_fdb_init() br_fdb_cache kmem cache. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
3db05fea51cdb162cfa8f69e9cfb9e228919d2a9 |
|
15-Oct-2007 |
Herbert Xu <herbert@gondor.apana.org.au> |
[NETFILTER]: Replace sk_buff ** with sk_buff * With all the users of the double pointers removed, this patch mops up by finally replacing all occurances of sk_buff ** in the netfilter API by sk_buff *. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
|
87a596e0b8bc344bd6bfebe83b56d11fb79ee23a |
|
07-Apr-2007 |
Akinobu Mita <akinobu.mita@gmail.com> |
bridge: check kmem_cache_create() error This patch checks kmem_cache_create() error and aborts loading module on failure. Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
|
32fe21c0c0a3091552fea8f2f7e4905f547a3433 |
|
22-Mar-2007 |
Thomas Graf <tgraf@suug.ch> |
[BRIDGE]: Use rtnl registration interface Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
|
6ab3d5624e172c553004ecc862bfeac16d9d68b7 |
|
30-Jun-2006 |
Jörn Engel <joern@wohnheim.fh-wedel.de> |
Remove obsolete #include <linux/config.h> Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de> Signed-off-by: Adrian Bunk <bunk@stusta.de>
|
11dc1f36a6701b502ecb695f308aae46ede8bac6 |
|
26-May-2006 |
Stephen Hemminger <shemminger@osdl.org> |
[BRIDGE]: netlink interface for link management Add basic netlink support to the Ethernet bridge. Including: * dump interfaces in bridges * monitor link status changes * change state of bridge port For some demo programs see: http://developer.osdl.org/shemminger/prototypes/brnl.tar.gz These are to allow building a daemon that does alternative implementations of Spanning Tree Protocol. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
c090971326db094ed702c1f8f2dbe04b7e3b8f27 |
|
26-May-2006 |
Stephen Hemminger <shemminger@osdl.org> |
[BRIDGE]: fix module startup error handling Return address in use, if some other kernel code has the SAP. Propogate out error codes from netfilter registration and unwind. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
387e2b0439026aa738a9edca15a57e5c0bcb4dfc |
|
24-May-2006 |
Stephen Hemminger <shemminger@osdl.org> |
[BRIDGE]: need to ref count the LLC sap Bridge will OOPS on removal if other application has the SAP open. The bridge SAP might be shared with other usages, so need to do reference counting on module removal rather than explicit close/delete. Since packet might arrive after or during removal, need to clear the receive function handle, so LLC only hands it to user (if any). Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
cf0f02d04a830c8202e6a8f8bb37acc6c1629a91 |
|
21-Mar-2006 |
Stephen Hemminger <shemminger@osdl.org> |
[BRIDGE]: use llc for receiving STP packets Use LLC for the receive path of Spanning Tree Protocol packets. This allows link local multicast packets to be received by other protocols (if they care), and uses the existing LLC code to get STP packets back into bridge code. The bridge multicast address is also checked, so bridges using other link local multicast addresses are ignored. This allows for use of different multicast addresses to define separate STP domains. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
8cbb512e50fb702b5b1d444f76ebcdb53577b2ec |
|
22-Dec-2005 |
Stephen Hemminger <shemminger@osdl.org> |
[BRIDGE]: add version number Add version info to bridge module. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
|
17-Apr-2005 |
Linus Torvalds <torvalds@ppc970.osdl.org> |
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
|