The initializers are simply not needed.
These if-blocks are outright dead code, because '0 > unsigned' is always
false, so only else clause triggers and regardless of which clause triggers
it only updates 'ind' which is later unconditionally written to before
being used anyway.
Otherwise we get errors from clang:
m_pedit.c:166:8: error: comparison of 0 > unsigned expression is always false [-Werror,-Wtautological-compare]
if (0 > tkey->off) {
~ ^ ~~~~~~~~~
m_pedit.c:209:8: error: comparison of 0 > unsigned expression is always false [-Werror,-Wtautological-compare]
if (0 > tkey->off) {
~ ^ ~~~~~~~~~
2 errors generated.
Change-Id: I3c9e9092915088fc56f992e5df736851541a4458
The command "ip mroute show" is not showing routes when "to" and/or "from"
filter is applied.
root@mazhar:~# ip mroute show
(10.202.30.101, 235.1.2.3) Iif: eth0 Oifs: eth1
But When I applied filter, it does not show anything.
root@mazhar:~# ip mroute show 235.1.2.3 from 10.202.30.101
root@mazhar:~#
Signed-off-by: Mazhar Rana <ranamazharp@gmail.com>
If a tunnel is created with a local address, you can't change it to any.
# ip tunnel add tunl1 mode ipip remote 10.16.42.37 local 10.16.42.214 ttl 64
# ip tunnel show tunl1
tunl1: ip/ip remote 10.16.42.37 local 10.16.42.214 ttl 64
# ip tunnel change tunl1 local any
# echo $?
0
# ip tunnel show tunl1
tunl1: ip/ip remote 10.16.42.37 local 10.16.42.214 ttl 64
It happens that parse_args zeroes ip_tunnel_parm, and when creating the
tunnel, it is OK to leave it as is if the address is any. However, when
changing the tunnel, the current parameters will be read from
ip_tunnel_parm, and local and remote address won't be zeroes anymore, so
it needs to be explicitly set to any.
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Added possibility to check command output by grep from the testing
script.
Now TMP_OUT & TMP_ERR are passed from Makefile and changed to
STD_ERR & STD_OUT.
Also changed some existing tests to make output testing.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
The for loop should only probe up to G[i]bit rates, so that we
end up with T[i]bit as the last max units[] slot for snprintf(3),
and not possibly an invalid pointer in case rate is multiple of
kilo.
Fixes: 8cecdc2837 ("tc: more user friendly rates")
Reported-by: Jose R. Guzman Mosqueda <jose.r.guzman.mosqueda@intel.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
ss currently dumps IPv4 sockets, then IPv6 sockets from the kernel,
even if -4 or -6 option was given. Filtering in user space then has to
drop all sockets of wrong family. Such a waste of time...
Before :
$ time ss -tn -4 | wc -l
251659
real 0m1.241s
user 0m0.423s
sys 0m0.806s
After:
$ time ss -tn -4 | wc -l
251672
real 0m0.779s
user 0m0.412s
sys 0m0.386s
Signed-off-by: Eric Dumazet <edumazet@google.com>
Lets implement a full cache with proper hash table, memory got cheaper
these days.
Before :
$ time ss -t | wc -l
529678
real 0m22.708s
user 0m19.591s
sys 0m2.969s
After :
$ time ss -t | wc -l
528291
real 0m5.078s
user 0m4.099s
sys 0m0.985s
Signed-off-by: Eric Dumazet <edumazet@google.com>
On Fri, 2015-05-29 at 13:30 +0300, Vadim Kochan wrote:
> From: Vadim Kochan <vadim4j@gmail.com>
>
> Use strdup instead of malloc, and get rid of bad strcpy.
>
> Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
> ---
> misc/ss.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/misc/ss.c b/misc/ss.c
> index 347e3a1..a719466 100644
> --- a/misc/ss.c
> +++ b/misc/ss.c
> @@ -1908,8 +1908,7 @@ static void tcp_show_info(const struct nlmsghdr *nlh, struct inet_diag_msg *r,
>
> if (tb[INET_DIAG_CONG]) {
> const char *cong_attr = rta_getattr_str(tb[INET_DIAG_CONG]);
> - s.cong_alg = malloc(strlen(cong_attr + 1));
> - strcpy(s.cong_alg, cong_attr);
> + s.cong_alg = strdup(cong_attr);
> }
>
> if (TCPI_HAS_OPT(info, TCPI_OPT_WSCALE)) {
I doubt TCP_CA_NAME_MAX will ever change in the kernel : 16 bytes.
Its typically "cubic" and less than 8 bytes.
Using 8 bytes to point to a malloc(8) is a waste.
Please remove the memory allocation, or store the pointer, since
tcp_show_info() does the malloc()/free() before return.
Make sure we use 64-bit filesystem functions everywhere. This applies not
only to being able to read large files (which generally doesn't apply to
us), but also being able to simply stat them (as they might be using large
inodes).
Signed-off-by: Mike Frysinger <vapier@chromium.org>
There have been several instances where response from kernel
has overrun the stack buffer from the caller. Avoid future problems
by passing a size argument.
Also drop the unused peer and group arguments to rtnl_talk.
tipc is a user-space configuration tool for TIPC (Transparent
Inter-process Communication). It utilizes the TIPC netlink API in the
kernel to fetch data or perform actions.
The tipc tool has somewhat similar syntax to the ip tool meaning that
users of the ip tool should not feel that unfamiliar with this tool.
Signed-off-by: Richard Alpe <richard.alpe@ericsson.com>
Reviewed-by: Erik Hugne <erik.hugne@ericsson.com>
Reviewed-by: Ying Xue <ying.xue@windriver.com>
Reviewed-by: Jon Maloy <jon.maloy@ericsson.com>
In the GRED kernel source code, both of the terms "drop parameters"
(DP) and "virtual queue" (VQ) are used to refer to the same thing.
Each "DP" is better understood as a "set of drop parameters", since
it has values for limit, min, max, avpkt, etc. This terminology can
result in confusion when creating a GRED qdisc having multiple DPs.
Netlink attributes and struct members with the DP name seem to have
been left intact for compatibility, while the term VQ was otherwise
adopted in the code, which is more intuitive.
Use the VQ term in the tc command syntax and output (but maintain
compatibility with the old syntax).
Rewrite the usage text to be concise and similar to other qdiscs.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
DPs, def_DP, and DP are unsigned values that are sent and received
in TCA_GRED_* netlink attributes; handle them properly when they
are parsed or printed. Use MAX_DPs as the initial value for def_DP
and DP, and fix the operator used for bounds checking them.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
Make the output more consistent with the RED qdisc, and only show
details/statistics if the appropriate flag is set when calling tc.
Show the parameters used with "gred setup". Add missing statistics
"pdrop" and "other". Fix format specifiers for unsigned values.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
This is more helpful to the user, since the command takes two forms,
and the message that would otherwise appear about missing parameters
assumes one of those forms.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
The "bandwidth" parameter is optional, but ensure the user is aware
of its default value, to proactively avoid configuration problems.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
It is used when parsing three different parameters, only one of
which is Wlog. Change the name to make the code less confusing.
Signed-off-by: David Ward <david.ward@ll.mit.edu>
Missing space before dctcp: markers.
With dctcp, cwnd=2 is pretty common, just display cwnd value even
if cwnd has this value, it makes parsing easier.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Kernel can give us smaller tcp_info than our.
We copy the kernel provided structure and fill with 0
the remaining part.
Lets clear only the missing part to save some cycles, as we intend to
slightly increase tcp_info size in the future.
Signed-off-by: Eric Dumazet <edumazet@google.com>
When deleting a specific basic filter with handle,
tc command always ignores the 'handle' option, so
tcm_handle is always 0 and kernel deletes all filters
in the selected group. This is wrong, we should respect
'handle' in cmdline.
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Fixes a typo in get_prefix_1() which broke the prefix default
names { default | any | all }.
The most obvious fallout from this bug was:
$ ip route add default via 1.1.1.1
Error: an inet prefix is expected rather than "default".
Fixes: dacc5d4197 ("add basic mpls support to iproute")
Signed-off-by: Thomas Graf <tgraf@suug.ch>
If ip rule command fails talking to kernel, exit code should be 2.
The sub-command is called by cmd loop and the exit code is negative
of return value from the command callback.
If kernel complains about ip route request, exit status should be
2 not 1.
This fixes regression introduced by:
commit 42ecedd4ba
Author: Roopa Prabhu <roopa@cumulusnetworks.com>
Date: Tue Mar 17 19:26:32 2015 -0700
fix ip -force -batch to continue on errors
Add a new option to toggle the ability of querying the RSS configuration of a specific VF.
VF RSS information like RSS hash key may be considered sensitive on some devices where
this information is shared between VF and PF and thus its querying may be prohibited by default.
This new option allows a system administrator with privileges to modify a PF state
to control if the above VF querying is allowed or not.
For example:
To enable RSS querying of VF[0] of ethX:
>> ip link set dev ethX vf 0 query_rss on
Signed-off-by: Vlad Zolotarov <vladz@cloudius-systems.com>
Show deleting by group in 'ip link help' output:
...
ip link delete { DEVICE | dev DEVICE | group DEVGROUP } type TYPE [ ARGS ]
...
Also show separately DEVICE option in { } list.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Indicate possibility deleting virtual links by group.
Also changed the alignment of 'ip link delete' args
descriptions, to look like similary to 'ip link set'.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Fixed applying family & socket type filters.
It was not possible to select UDP & UNIX sockets together.
Now selected families are ORed.
The problem was that filters were combined by AND.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reported-By: Mihai Moldovan <ionic@ionic.de>
Currently, only on error we get a log dump, but I found it useful when
working with eBPF to have an option to also dump the log on success.
Also spotted a typo in a header comment, which is fixed here as well.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
It is hard to quickly find what you are looking for in the output of the
ip command. Color helps.
This patch adds a '-c' flag to highlight these with individual colors:
- interface name
- ip address
- mac address
- up/down state
Signed-off-by: Mathias Nyman <m.nyman@iki.fi>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Fix up the eBPF example program to match our kernel fix in a166151cbe33 ("bpf:
fix bpf helpers to use skb->mac_header relative offsets"). Tested on ingress
and egress paths.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@plumgrid.com>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
This work follows upon commit 6256f8c9e4 ("tc, bpf: finalize eBPF
support for cls and act front-end") and takes up the idea proposed by
Hannes Frederic Sowa to spawn a shell (or any other command) that holds
generated eBPF map file descriptors.
File descriptors, based on their id, are being fetched from the same
unix domain socket as demonstrated in the bpf_agent, the shell spawned
via execvpe(2) and the map fds passed over the environment, and thus
are made available to applications in the fashion of std{in,out,err}
for read/write access, for example in case of iproute2's examples/bpf/:
# env | grep BPF
BPF_NUM_MAPS=3
BPF_MAP1=6 <- BPF_MAP_ID_QUEUE (id 1)
BPF_MAP0=5 <- BPF_MAP_ID_PROTO (id 0)
BPF_MAP2=7 <- BPF_MAP_ID_DROPS (id 2)
# ls -la /proc/self/fd
[...]
lrwx------. 1 root root 64 Apr 14 16:46 0 -> /dev/pts/4
lrwx------. 1 root root 64 Apr 14 16:46 1 -> /dev/pts/4
lrwx------. 1 root root 64 Apr 14 16:46 2 -> /dev/pts/4
[...]
lrwx------. 1 root root 64 Apr 14 16:46 5 -> anon_inode:bpf-map
lrwx------. 1 root root 64 Apr 14 16:46 6 -> anon_inode:bpf-map
lrwx------. 1 root root 64 Apr 14 16:46 7 -> anon_inode:bpf-map
The advantage (as opposed to the direct/native usage) is that now the
shell is map fd owner and applications can terminate and easily reattach
to descriptors w/o any kernel changes. Moreover, multiple applications
can easily read/write eBPF maps simultaneously.
To further allow users for experimenting with that, next step is to add
a small helper that can get along with simple data types, so that also
shell scripts can make use of bpf syscall, f.e to read/write into maps.
Generally, this allows for prepopulating maps, or any runtime altering
which could influence eBPF program behaviour (f.e. different run-time
classifications, skb modifications, ...), dumping of statistics, etc.
Reference: http://thread.gmane.org/gmane.linux.network/357471/focus=357860
Suggested-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
This flag is only for the netlink protocol (multi-part messages), no reason
to reject messages without it.
Note that this flag was removed by the following kernel patches (v3.14)
65886f439ab0 ipmr: fix mfc notification flags
f518338b1603 ip6mr: fix mfc notification flags
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Maciej Żenczykowski
Mazhar Rana
Thadeu Lima de Souza Cascardo
Vadim Kochan
Daniel Borkmann
Eric Dumazet
Eric Dumazet
Mike Frysinger
Stephen Hemminger
Jetchko Jekov
Richard Alpe
David Ward
Lennert Buytenhek
Thomas Graf
WANG Cong
Vlad Zolotarov
Mathias Nyman
Nicolas Dichtel