initial import (Boeing r1752, NRL r878)
This commit is contained in:
ahrenholz
commit
f8f46d28be
394 changed files with 99738 additions and 0 deletions
|
|
@ -0,0 +1,31 @@
|
|||
Only use the flow cache for the initial network namespace.
|
||||
|
||||
The flow cache is not per netns and its entries do not include what
|
||||
namespace they are valid for. This causes problems when transformed
|
||||
traffic is sent between namespaces.
|
||||
---
|
||||
net/core/flow.c | 4 ++++
|
||||
1 files changed, 4 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/net/core/flow.c b/net/core/flow.c
|
||||
index 127c8a7..890510f 100644
|
||||
--- a/net/core/flow.c
|
||||
+++ b/net/core/flow.c
|
||||
@@ -24,6 +24,7 @@
|
||||
#include <net/flow.h>
|
||||
#include <asm/atomic.h>
|
||||
#include <linux/security.h>
|
||||
+#include <net/net_namespace.h>
|
||||
|
||||
struct flow_cache_entry {
|
||||
union {
|
||||
@@ -227,6 +228,9 @@ flow_cache_lookup(struct net *net, struct flowi *key, u16 family, u8 dir,
|
||||
if (!fcp->hash_table)
|
||||
goto nocache;
|
||||
|
||||
+ if (!net_eq(net, &init_net))
|
||||
+ goto nocache;
|
||||
+
|
||||
if (fcp->hash_rnd_recalc)
|
||||
flow_new_hash_rnd(fc, fcp);
|
||||
|
||||
|
|
@ -0,0 +1,52 @@
|
|||
Make network device ifindex sequential per network namespace.
|
||||
|
||||
---
|
||||
include/net/net_namespace.h | 2 ++
|
||||
net/core/dev.c | 13 ++++++-------
|
||||
2 files changed, 8 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
|
||||
index 1bf812b..6ee0db4 100644
|
||||
--- a/include/net/net_namespace.h
|
||||
+++ b/include/net/net_namespace.h
|
||||
@@ -57,6 +57,8 @@ struct net {
|
||||
struct sock *rtnl; /* rtnetlink socket */
|
||||
struct sock *genl_sock;
|
||||
|
||||
+ int ifindex;
|
||||
+
|
||||
struct list_head dev_base_head;
|
||||
struct hlist_head *dev_name_head;
|
||||
struct hlist_head *dev_index_head;
|
||||
diff --git a/net/core/dev.c b/net/core/dev.c
|
||||
index 6561021..764a190 100644
|
||||
--- a/net/core/dev.c
|
||||
+++ b/net/core/dev.c
|
||||
@@ -4975,12 +4975,11 @@ int dev_ioctl(struct net *net, unsigned int cmd, void __user *arg)
|
||||
*/
|
||||
static int dev_new_index(struct net *net)
|
||||
{
|
||||
- static int ifindex;
|
||||
for (;;) {
|
||||
- if (++ifindex <= 0)
|
||||
- ifindex = 1;
|
||||
- if (!__dev_get_by_index(net, ifindex))
|
||||
- return ifindex;
|
||||
+ if (++net->ifindex <= 0)
|
||||
+ net->ifindex = 1;
|
||||
+ if (!__dev_get_by_index(net, net->ifindex))
|
||||
+ return net->ifindex;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5918,8 +5917,8 @@ int dev_change_net_namespace(struct net_device *dev, struct net *net, const char
|
||||
/* Actually switch the network namespace */
|
||||
dev_net_set(dev, net);
|
||||
|
||||
- /* If there is an ifindex conflict assign a new one */
|
||||
- if (__dev_get_by_index(net, dev->ifindex)) {
|
||||
+ /* Assign a new ifindex */
|
||||
+ {
|
||||
int iflink = (dev->iflink == dev->ifindex);
|
||||
dev->ifindex = dev_new_index(net);
|
||||
if (iflink)
|
||||
1662
kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.nfnetlink.patch
Normal file
1662
kernel/core-kernel-2.6.38/patches/00-linux-2.6.38.nfnetlink.patch
Normal file
File diff suppressed because it is too large
Load diff
Loading…
Add table
Add a link
Reference in a new issue