]> git.proxmox.com Git - mirror_iproute2.git/log
mirror_iproute2.git
4 years agoman: mptcp man page
Paolo Abeni [Thu, 23 Apr 2020 13:37:10 +0000 (15:37 +0200)]
man: mptcp man page

describe the mptcp subcommands implemented so far.

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoss: allow dumping MPTCP subflow information
Davide Caratti [Thu, 23 Apr 2020 13:37:09 +0000 (15:37 +0200)]
ss: allow dumping MPTCP subflow information

 [root@f31 packetdrill]# ss -tni

 ESTAB    0        0           192.168.82.247:8080           192.0.2.1:35273
          cubic wscale:7,8 [...] tcp-ulp-mptcp flags:Mec token:0000(id:0)/5f856c60(id:0) seq:b810457db34209a5 sfseq:1 ssnoff:0 maplen:190

Additionally extends ss manpage to describe the new entry layout.

Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoadd support for mptcp netlink interface
Paolo Abeni [Thu, 23 Apr 2020 13:37:08 +0000 (15:37 +0200)]
add support for mptcp netlink interface

Implement basic commands to:
- manipulate MPTCP endpoints list
- manipulate MPTCP connection limits

Examples:
1. Allows multiple subflows per MPTCP connection
   $ ip mptcp limits set subflows 2

2. Accept ADD_ADDR announcement from the peer (server):
   $ ip mptcp limits set add_addr_accepted 2

3. Add a ipv4 address to be annunced for backup subflows:
   $ ip mptcp endpoint add 10.99.1.2 signal backup

4. Add an ipv6 address used as source for additional subflows:
   $ ip mptcp endpoint add 2001::2 subflow

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers and import mptcp.h
David Ahern [Wed, 29 Apr 2020 16:41:39 +0000 (16:41 +0000)]
Update kernel headers and import mptcp.h

Update kernel headers to commit
    790ab249b55d ("net: ethernet: fec: Prevent MII event after MII_SPEED write")

and import mptcp.h

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoMerge branch 'macsec-offload' into next
David Ahern [Sun, 26 Apr 2020 18:32:20 +0000 (18:32 +0000)]
Merge branch 'macsec-offload' into next

Igor Russkikh  says:

====================

From: Mark Starovoytov <mstarovoitov@marvell.com>

This series adds support for selecting the offloading mode of a MACsec
interface at link creation time.
Available modes are for now 'off', 'phy' and 'mac', 'off' being the default
when an interface is created.

First patch adds support for MAC offloading.

Last patch allows a user to change the offloading mode at runtime
through a new attribute, `ip link add link ... offload`:

  # ip link add link enp1s0 type macsec encrypt on offload off
  # ip link add link enp1s0 type macsec encrypt on offload phy
  # ip link add link enp1s0 type macsec encrypt on offload mac

====================

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agomacsec: add support for specifying offload at link add time
Mark Starovoytov [Fri, 24 Apr 2020 08:38:57 +0000 (11:38 +0300)]
macsec: add support for specifying offload at link add time

This patch adds support for configuring offload mode upon MACsec
device creation.

If offload mode is not specified, then netlink attribute is not
added. Default behavior on the kernel side in this case is
backward-compatible (offloading is disabled by default).

Example:
$ ip link add link eth0 macsec0 type macsec port 11 encrypt on offload mac

Signed-off-by: Mark Starovoytov <mstarovoitov@marvell.com>
Signed-off-by: Igor Russkikh <irusskikh@marvell.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agomacsec: add support for MAC offload
Mark Starovoytov [Fri, 24 Apr 2020 08:38:56 +0000 (11:38 +0300)]
macsec: add support for MAC offload

This patch enables MAC HW offload usage in iproute, since MACSec
implementation supports it now.

Signed-off-by: Mark Starovoytov <mstarovoitov@marvell.com>
Signed-off-by: Igor Russkikh <irusskikh@marvell.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agodevlink: Add devlink health auto_dump command support
Eran Ben Elisha [Tue, 14 Apr 2020 06:57:52 +0000 (09:57 +0300)]
devlink: Add devlink health auto_dump command support

Add support for configuring auto_dump attribute per reporter.
With this attribute, one can indicate whether the devlink kernel core
should execute automatic dump on error.

The change will be reflected in show, set and man commands.

Signed-off-by: Eran Ben Elisha <eranbe@mellanox.com>
Reviewed-by: Aya Levin <ayal@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoMerge branch 'master' into next
David Ahern [Sun, 19 Apr 2020 22:26:27 +0000 (22:26 +0000)]
Merge branch 'master' into next

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoman: tc-htb.8: fix class prio is not mandatory
Benjamin Lee [Thu, 9 Apr 2020 05:12:15 +0000 (22:12 -0700)]
man: tc-htb.8: fix class prio is not mandatory

Fix description for htb class prio parameter to indicate it's not
mandatory.

Signed-off-by: Benjamin Lee <ben@b1c1l1.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoman: tc-htb.8: add missing class parameter quantum
Benjamin Lee [Thu, 9 Apr 2020 05:12:14 +0000 (22:12 -0700)]
man: tc-htb.8: add missing class parameter quantum

Add description for htb class parameter quantum.

Signed-off-by: Benjamin Lee <ben@b1c1l1.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoman: tc-htb.8: add missing qdisc parameter r2q
Benjamin Lee [Thu, 9 Apr 2020 05:12:13 +0000 (22:12 -0700)]
man: tc-htb.8: add missing qdisc parameter r2q

Add description for htb qdisc parameter r2q.

Signed-off-by: Benjamin Lee <ben@b1c1l1.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoip: link_gre: Do not send ERSPAN attributes to GRE tunnels
Petr Machata [Fri, 3 Apr 2020 22:55:34 +0000 (01:55 +0300)]
ip: link_gre: Do not send ERSPAN attributes to GRE tunnels

In the commit referenced below, ip link started sending ERSPAN-specific
attributes even for GRE and gretap tunnels. Fix by more carefully
distinguishing between the GRE/tap and ERSPAN modes. Do not show
ERSPAN-related help in GRE/tap mode, likewise do not accept ERSPAN
arguments, or send ERSPAN attributes.

Fixes: 83c543af872e ("erspan: set erspan_ver to 1 by default")
Signed-off-by: Petr Machata <petrm@mellanox.com>
Acked-by: William Tu <u9012063@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: fix JSON output of mon command
Jiri Pirko [Thu, 9 Apr 2020 18:29:51 +0000 (20:29 +0200)]
devlink: fix JSON output of mon command

The current JSON output of mon command is broken. Fix it and make sure
that the output is a valid JSON. Also, handle SIGINT gracefully to allow
to end the JSON properly.

Example:
$ devlink mon -j -p
{
    "mon": [ {
            "command": "new",
            "dev": {
                "netdevsim/netdevsim10": {}
            }
        },{
            "command": "new",
            "port": {
                "netdevsim/netdevsim10/0": {
                    "type": "notset",
                    "flavour": "physical",
                    "port": 1
                }
            }
        },{
            "command": "new",
            "port": {
                "netdevsim/netdevsim10/0": {
                    "type": "eth",
                    "netdev": "eth0",
                    "flavour": "physical",
                    "port": 1
                }
            }
        },{
            "command": "new",
            "port": {
                "netdevsim/netdevsim10/0": {
                    "type": "notset",
                    "flavour": "physical",
                    "port": 1
                }
            }
        },{
            "command": "del",
            "port": {
                "netdevsim/netdevsim10/0": {
                    "type": "notset",
                    "flavour": "physical",
                    "port": 1
                }
            }
        },{
            "command": "del",
            "dev": {
                "netdevsim/netdevsim10": {}
            }
        } ]
}

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoMerge branch 'master' into next
David Ahern [Thu, 9 Apr 2020 14:42:33 +0000 (14:42 +0000)]
Merge branch 'master' into next

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoman: tc-pedit: Drop the claim that pedit ex is only for IPv4
Petr Machata [Fri, 3 Apr 2020 23:05:31 +0000 (02:05 +0300)]
man: tc-pedit: Drop the claim that pedit ex is only for IPv4

This sentence predates addition of extended pedit for IPv6 packets.

Reported-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoman: tc-pedit: Add examples for dsfield and retain
Petr Machata [Fri, 3 Apr 2020 23:05:30 +0000 (02:05 +0300)]
man: tc-pedit: Add examples for dsfield and retain

Describe a way to update just the DSCP and just the ECN part of the
dsfield. That is useful on its own, but also it shows how retain works.

Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: p_ip6: Support pedit of IPv6 dsfield
Petr Machata [Fri, 3 Apr 2020 23:05:29 +0000 (02:05 +0300)]
tc: p_ip6: Support pedit of IPv6 dsfield

Support keywords dsfield, traffic_class and tos in the IPv6 context.

Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agodevlink: remove unused "jw" field
Jiri Pirko [Thu, 2 Apr 2020 09:55:39 +0000 (11:55 +0200)]
devlink: remove unused "jw" field

This field is not used. Remove it.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoman/tc-actions: fix formatting
Stephen Hemminger [Mon, 6 Apr 2020 17:07:54 +0000 (10:07 -0700)]
man/tc-actions: fix formatting

Fix error from make check.
n-old.tmac: <standard input>: line 86: 'R' is a string (producing the registered sign), not a macro.
Error in tc-actions.8

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoman: add man page for devlink dpipe
Jiri Pirko [Sat, 4 Apr 2020 16:16:21 +0000 (18:16 +0200)]
man: add man page for devlink dpipe

Add simple man page for devlink dpipe.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: remove "dev" object sub help messages
Jiri Pirko [Sat, 4 Apr 2020 16:16:20 +0000 (18:16 +0200)]
devlink: remove "dev" object sub help messages

Remove duplicate sub help messages for "dev" object and have them all
show help message for "dev".

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Fix help message for dpipe
Jiri Pirko [Sat, 4 Apr 2020 16:16:19 +0000 (18:16 +0200)]
devlink: Fix help message for dpipe

Have one help message for all dpipe commands, as it is done for the rest
of the devlink object. Possible and required options to the help.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: rename dpipe_counters_enable struct field to dpipe_counters_enabled
Jiri Pirko [Sat, 4 Apr 2020 16:16:18 +0000 (18:16 +0200)]
devlink: rename dpipe_counters_enable struct field to dpipe_counters_enabled

To be consistent with the rest of the code and name of netlink
attribute, rename the dpipe_counters_enable struct fielt
to dpipe_counters_enabled.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Add alias "counters_enabled" for "counters" option
Jiri Pirko [Sat, 4 Apr 2020 16:16:17 +0000 (18:16 +0200)]
devlink: Add alias "counters_enabled" for "counters" option

To be consistent with netlink attribute name and also with the
"dpipe table show" output, add "counters_enabled" for "counters" in
"dpipe table set" command.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: fix encap mode manupulation
Jiri Pirko [Sat, 4 Apr 2020 16:16:16 +0000 (18:16 +0200)]
devlink: fix encap mode manupulation

DEVLINK_ATTR_ESWITCH_ENCAP_MODE netlink attribute carries enum. But the
code assumes bool value. Fix this by treating the encap mode in the same
way as other eswitch mode attributes, switching from "enable"/"disable"
to "basic"/"none", according to the enum. Maintain the backward
compatibility to allow user to pass "enable"/"disable" too. Also to be
in-sync with the rest of the "mode" commands, rename to "encap-mode".
Adjust the help and man page accordingly.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Fix help and man of "devlink health set" command
Jiri Pirko [Sat, 4 Apr 2020 16:16:15 +0000 (18:16 +0200)]
devlink: Fix help and man of "devlink health set" command

Fix the help and man page of "devlink health set" command to be aligned
with the rest of helps and man pages.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: remove custom bool command line options parsing
Jiri Pirko [Sat, 4 Apr 2020 16:16:14 +0000 (18:16 +0200)]
devlink: remove custom bool command line options parsing

Change the code that is doing custom processing of boolean command line
options to use dl_argv_bool(). Extend strtobool() to accept
"enable"/"disable" to maintain current behavior.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoMerge ../iproute2-next
Stephen Hemminger [Mon, 6 Apr 2020 17:00:12 +0000 (10:00 -0700)]
Merge ../iproute2-next

4 years agotc: show used HW stats types
Jiri Pirko [Tue, 31 Mar 2020 08:50:31 +0000 (10:50 +0200)]
tc: show used HW stats types

If kernel provides the attribute, show the used HW stats types.

Example:

$ tc filter add dev enp3s0np1 ingress proto ip handle 1 pref 1 flower dst_ip 192.168.1.1 action drop
$ tc -s filter show dev enp3s0np1 ingress
filter protocol ip pref 1 flower chain 0
filter protocol ip pref 1 flower chain 0 handle 0x1
  eth_type ipv4
  dst_ip 192.168.1.1
  in_hw in_hw_count 2
        action order 1: gact action drop
         random type none pass val 0
         index 1 ref 1 bind 1 installed 10 sec used 10 sec
        Action statistics:
        Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
        backlog 0b 0p requeues 0
        used_hw_stats immediate     <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agobash-completion: devlink: Extend bash-completion for new commands
Ido Schimmel [Tue, 31 Mar 2020 08:42:53 +0000 (11:42 +0300)]
bash-completion: devlink: Extend bash-completion for new commands

Extend bash-completion for two new commands:

devlink trap policer set DEV policer POLICER [ rate RATE ] [ burst BURST ]
devlink trap policer show DEV policer POLICER

And for "policer" / "nopolicer" parameters in existing command:

devlink trap group set DEV group GROUP [ action { trap | drop } ]
                       [ policer POLICER ] [ nopolicer ]

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agodevlink: Add ability to bind policer to trap group
Ido Schimmel [Tue, 31 Mar 2020 08:42:52 +0000 (11:42 +0300)]
devlink: Add ability to bind policer to trap group

Add ability to associate a policer with a trap group. The policer can be
unbound by using the 'nopolicer' keyword. In which case, the value
encoded in the 'DEVLINK_ATTR_TRAP_POLICER_ID' attribute will be '0'.
This is consistent with ip-link 'nomaster' keyword and the 'IFLA_MASTER'
attribute.

Example:

# devlink trap group set netdevsim/netdevsim10 group l3_drops policer 2
# devlink -jp trap group show netdevsim/netdevsim10 group l3_drops
{
    "trap_group": {
        "netdevsim/netdevsim10": [ {
                "name": "l3_drops",
                "generic": true,
                "policer": 2
            } ]
    }
}

# devlink trap group set netdevsim/netdevsim10 group l3_drops nopolicer
# devlink -jp trap group show netdevsim/netdevsim10 group l3_drops
{
    "trap_group": {
        "netdevsim/netdevsim10": [ {
                "name": "l3_drops",
                "generic": true
            } ]
    }
}

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agodevlink: Add devlink trap policer set and show commands
Ido Schimmel [Tue, 31 Mar 2020 08:42:51 +0000 (11:42 +0300)]
devlink: Add devlink trap policer set and show commands

The trap policer set command allows the user to set the parameters of
the packet trap policer, such as rate and burst size. Example:

# devlink trap policer set netdevsim/netdevsim10 policer 1 rate 1000 burst 32

The trap policer show command allows the user to get the current
parameters of an individual policer or a dump of all policers in case
one is not specified. When '-s' is specified the policer's statistics
are shown. Example:

# devlink -jps trap policer show netdevsim/netdevsim10 policer 1
{
    "trap_policer": {
        "netdevsim/netdevsim10": [ {
                "policer": 1,
                "rate": 1000,
                "burst": 32,
                "stats": {
                    "rx": {
                        "dropped": 53
                    }
                }
            } ]
    }
}

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers
David Ahern [Tue, 31 Mar 2020 23:23:28 +0000 (23:23 +0000)]
Update kernel headers

Update kernel headers to commit:
    7f80ccfe9968 ("net: ipv6: rpl_iptunnel: Fix potential memory leak in rpl_do_srh_inline")

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agov5.6.0
Stephen Hemminger [Mon, 30 Mar 2020 15:06:08 +0000 (08:06 -0700)]
v5.6.0

4 years agoman: bridge.8: fix bridge link show description
Andrea Claudi [Fri, 27 Mar 2020 10:45:12 +0000 (11:45 +0100)]
man: bridge.8: fix bridge link show description

When multiple bridges are present, 'bridge link show' diplays ports
for all bridges. Make this clear in the command description, and
point out the user to the ip command to display ports for a specific
bridge.

Reported-by: Marc Muehlfeld <mmuehlfe@redhat.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agobash-completion: devlink: add bash-completion function
Danielle Ratson [Wed, 25 Mar 2020 09:25:34 +0000 (11:25 +0200)]
bash-completion: devlink: add bash-completion function

Add function for command completion for devlink in bash, and update Makefile
to install it under /usr/share/bash-completion/completions/.

Signed-off-by: Danielle Ratson <danieller@mellanox.com>
Tested-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: q_red: Support 'nodrop' flag
Petr Machata [Mon, 23 Mar 2020 16:12:21 +0000 (18:12 +0200)]
tc: q_red: Support 'nodrop' flag

Recognize the new configuration option of the RED Qdisc, "nodrop". Add
support for passing flags through TCA_RED_FLAGS, and use it when passing
TC_RED_NODROP flag.

Signed-off-by: Petr Machata <petrm@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: m_action: rename hw stats type uAPI
Jakub Kicinski [Fri, 20 Mar 2020 20:21:45 +0000 (13:21 -0700)]
tc: m_action: rename hw stats type uAPI

Follow the kernel rename to shorten the identifiers.
Rename hw_stats_type to hw_stats.

Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers
David Ahern [Wed, 25 Mar 2020 16:41:49 +0000 (16:41 +0000)]
Update kernel headers

Update kernel headers to commit:
    cd556e40fdf3 ("devlink: expand the devlink-info documentation")

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agouapi: update linux/in.h
Stephen Hemminger [Fri, 20 Mar 2020 18:05:26 +0000 (11:05 -0700)]
uapi: update linux/in.h

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agotc: m_action: introduce support for hw stats type
Jiri Pirko [Sat, 14 Mar 2020 09:25:48 +0000 (10:25 +0100)]
tc: m_action: introduce support for hw stats type

Introduce support for per-action hw stats type config.

This patch allows user to specify one of the following types of HW
stats for added action:
immediate - queried during dump time
delayed - polled from HW periodically or sent by HW in async manner
disabled - no stats needed

Note that if "hw_stats" option is not passed, user does not care about
the type, just expects any type of stats.

Examples:
$ tc filter add dev enp0s16np28 ingress proto ip handle 1 pref 1 flower skip_sw dst_ip 192.168.1.1 action drop hw_stats disabled
$ tc -s filter show dev enp0s16np28 ingress
filter protocol ip pref 1 flower chain 0
filter protocol ip pref 1 flower chain 0 handle 0x1
  eth_type ipv4
  dst_ip 192.168.1.1
  skip_sw
  in_hw in_hw_count 2
        action order 1: gact action drop
         random type none pass val 0
         index 1 ref 1 bind 1 installed 7 sec used 2 sec
        Action statistics:
        Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
        backlog 0b 0p requeues 0
        hw_stats disabled

$ tc filter add dev enp0s16np28 ingress proto ip handle 1 pref 1 flower skip_sw dst_ip 192.168.1.1 action drop hw_stats immediate
$ tc -s filter show dev enp0s16np28 ingress
filter protocol ip pref 1 flower chain 0
filter protocol ip pref 1 flower chain 0 handle 0x1
  eth_type ipv4
  dst_ip 192.168.1.1
  skip_sw
  in_hw in_hw_count 2
        action order 1: gact action drop
         random type none pass val 0
         index 1 ref 1 bind 1 installed 11 sec used 4 sec
        Action statistics:
        Sent 102 bytes 1 pkt (dropped 1, overlimits 0 requeues 0)
        Sent software 0 bytes 0 pkt
        Sent hardware 102 bytes 1 pkt
        backlog 0b 0p requeues 0
        hw_stats immediate

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers
David Ahern [Fri, 20 Mar 2020 16:17:55 +0000 (16:17 +0000)]
Update kernel headers

Update kernel headers to commit:
    3fd177cb2b47 ("net: stmmac: dwmac_lib: remove unnecessary checks in dwmac_dma_reset()")

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoiproute2: fix MPLS label parsing
Guillaume Nault [Wed, 11 Mar 2020 15:16:36 +0000 (16:16 +0100)]
iproute2: fix MPLS label parsing

The initial value of "label" in parse_mpls() is 0xffffffff. Therefore
we should test for this value, and not 0, to detect if a label has been
provided. The "!label" test not only fails to detect a missing label
parameter, it also prevents the use of the IPv4 explicit NULL label,
which actually equals 0.

Reproducer:
  $ ip link add name dm0 type dummy
  $ tc qdisc add dev dm0 ingress

  $ tc filter add dev dm0 parent ffff: matchall action mpls push
  Error: act_mpls: Label is required for MPLS push.
  We have an error talking to the kernel
  --> Filter was pushed to the kernel, where it got rejected.

  $ tc filter add dev dm0 parent ffff: matchall action mpls push label 0
  Error: argument "label" is required
  --> Label 0 was rejected by iproute2.

Expected result:
  $ tc filter add dev dm0 parent ffff: matchall action mpls push
  Error: argument "label" is required
  --> Filter was directly rejected by iproute2.

  $ tc filter add dev dm0 parent ffff: matchall action mpls push label 0
  --> Filter is accepted.

Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agonexthop: fix error reporting in filter dump
Andrea Claudi [Tue, 10 Mar 2020 12:15:17 +0000 (13:15 +0100)]
nexthop: fix error reporting in filter dump

nh_dump_filter is missing a return value check in two cases.
Fix this simply adding an assignment to the proper variable.

Fixes: 63df8e8543b03 ("Add support for nexthop objects")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoRevert "tc: pie: change maximum integer value of tc_pie_xstats->prob"
Leslie Monis [Tue, 10 Mar 2020 18:15:49 +0000 (23:45 +0530)]
Revert "tc: pie: change maximum integer value of tc_pie_xstats->prob"

This reverts commit 92cfe3260e9110c3d33627847b6eaa153664c79c.

Kernel commit 3f95f55eb55d ("net: sched: pie: change tc_pie_xstats->prob")
removes the need to change the maximum integer value of
tc_pie_stats->prob here.

Suggested-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Leslie Monis <lesliemonis@gmail.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: pie: change maximum integer value of tc_pie_xstats->prob
Leslie Monis [Thu, 5 Mar 2020 16:25:40 +0000 (21:55 +0530)]
tc: pie: change maximum integer value of tc_pie_xstats->prob

Kernel commit 105e808c1da2 ("pie: remove pie_vars->accu_prob_overflows"),
changes the maximum value of tc_pie_xstats->prob from (2^64 - 1) to
(2^56 - 1).

Signed-off-by: Mohit P. Tahiliani <tahiliani@nitk.edu.in>
Signed-off-by: Gautam Ramakrishnan <gautamramk@gmail.com>
Signed-off-by: Leslie Monis <lesliemonis@gmail.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoMerge branch 'macsec-offload' into next
David Ahern [Wed, 4 Mar 2020 19:58:31 +0000 (19:58 +0000)]
Merge branch 'macsec-offload' into next

Antoine Tenart  says:

====================

This series adds support for selecting and reporting the offloading mode
of a MACsec interface. Available modes are for now 'off' and 'phy',
'off' being the default when an interface is created. Modes are not only
'off' and 'on' as the MACsec operations can be offloaded to multiple
kinds of specialized hardware devices, at least to PHYs and Ethernet
MACs. The later isn't currently supported in the kernel though.

The first patch adds support for reporting the offloading mode currently
selected for a given MACsec interface through the `ip macsec show`
command:

   # ip macsec show
   18: macsec0: protect on validate strict sc off sa off encrypt on send_sci on end_station off scb off replay off
       cipher suite: GCM-AES-128, using ICV length 16
       TXSC: 3e5035b67c860001 on SA 0
           0: PN 1, state on, key 00000000000000000000000000000000
       RXSC: b4969112700f0001, state on
           0: PN 1, state on, key 01000000000000000000000000000000
->     offload: phy
   19: macsec1: protect on validate strict sc off sa off encrypt on send_sci on end_station off scb off replay off
       cipher suite: GCM-AES-128, using ICV length 16
       TXSC: 3e5035b67c880001 on SA 0
           1: PN 1, state on, key 00000000000000000000000000000000
       RXSC: b4969112700f0001, state on
           1: PN 1, state on, key 01000000000000000000000000000000
->     offload: off

The second patch allows an user to change the offloading mode at runtime
through a new subcommand, `ip macsec offload`:

  # ip macsec offload macsec0 phy
  # ip macsec offload macsec0 off

If a mode isn't supported, `ip macsec offload` will report an issue
(-EOPNOTSUPP).

Giving the offloading mode when a macsec interface is created was
discussed; it is not implemented in this series. It could come later
on, when needed, as we'll still want to support updating the offloading
mode at runtime (what's implemented in this series).
====================

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agomacsec: add an accessor for validate_str
Antoine Tenart [Tue, 3 Mar 2020 10:36:19 +0000 (11:36 +0100)]
macsec: add an accessor for validate_str

This patch adds an accessor for the validate_str array, to handle future
changes adding a member.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoman: document the ip macsec offload command
Antoine Tenart [Tue, 3 Mar 2020 10:36:18 +0000 (11:36 +0100)]
man: document the ip macsec offload command

Add a description of the `ip macsec offload` command used to select the
offloading mode on a macsec interface when the underlying device
supports it.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agomacsec: add support for changing the offloading mode
Antoine Tenart [Tue, 3 Mar 2020 10:36:17 +0000 (11:36 +0100)]
macsec: add support for changing the offloading mode

MacSEC can now be offloaded to specialized hardware devices. Offloading
is off by default when creating a new MACsec interface, but the mode can
be updated at runtime. This patch adds a new subcommand,
`ip macsec offload`, to allow users to select the offloading mode of a
MACsec interface. It takes the mode to switch to as an argument, which
can for now either be 'off' or 'phy':

  # ip macsec offload macsec0 phy
  # ip macsec offload macsec0 off

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agomacsec: report the offloading mode currently selected
Antoine Tenart [Tue, 3 Mar 2020 10:36:16 +0000 (11:36 +0100)]
macsec: report the offloading mode currently selected

This patch adds support to report the MACsec offloading mode currently
being enabled, which as of now can either be 'off' or 'phy'. This
information is reported through the `ip macsec show` command:

  # ip macsec show
  18: macsec0: protect on validate strict sc off sa off encrypt on send_sci on end_station off scb off replay off
      cipher suite: GCM-AES-128, using ICV length 16
      TXSC: 3e5035b67c860001 on SA 0
          0: PN 1, state on, key 00000000000000000000000000000000
      RXSC: b4969112700f0001, state on
          0: PN 1, state on, key 01000000000000000000000000000000
      offload: phy
  19: macsec1: protect on validate strict sc off sa off encrypt on send_sci on end_station off scb off replay off
      cipher suite: GCM-AES-128, using ICV length 16
      TXSC: 3e5035b67c880001 on SA 0
          1: PN 1, state on, key 00000000000000000000000000000000
      RXSC: b4969112700f0001, state on
          1: PN 1, state on, key 01000000000000000000000000000000
      offload: off

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agodevlink: Introduce devlink port flavour virtual
Parav Pandit [Wed, 4 Mar 2020 04:06:26 +0000 (22:06 -0600)]
devlink: Introduce devlink port flavour virtual

Currently PCI PF and VF devlink devices register their ports as
physical port in non-representors mode.

Introduce a new port flavour as virtual so that virtual devices can
register 'virtual' flavour to make it more clear to users.

An example of one PCI PF and 2 PCI virtual functions, each having
one devlink port.

$ devlink port show
pci/0000:06:00.0/1: type eth netdev ens2f0 flavour physical port 0
pci/0000:06:00.2/1: type eth netdev ens2f2 flavour virtual port 0
pci/0000:06:00.3/1: type eth netdev ens2f3 flavour virtual port 0

Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Parav Pandit <parav@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agodevlink: add trap metadata type for flow action cookie
Jiri Pirko [Tue, 3 Mar 2020 13:27:42 +0000 (14:27 +0100)]
devlink: add trap metadata type for flow action cookie

Flow action cookie has been recently added to kernel, print it out.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers
David Ahern [Wed, 4 Mar 2020 19:44:21 +0000 (19:44 +0000)]
Update kernel headers

Update kernel headers to commit
ef71037047b0 ("Merge branch 'act_ct-software-offload-of-established-flows-fixes'")

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoMerge branch 'master' into next
David Ahern [Fri, 28 Feb 2020 22:42:49 +0000 (22:42 +0000)]
Merge branch 'master' into next

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agouapi: update bpf.h
Stephen Hemminger [Fri, 28 Feb 2020 21:55:38 +0000 (13:55 -0800)]
uapi: update bpf.h

Updated upstream

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoman: rdma-statistic: Add filter description
Andrea Claudi [Fri, 28 Feb 2020 17:36:25 +0000 (18:36 +0100)]
man: rdma-statistic: Add filter description

Add description for filters on rdma statistics show command.
Also add a filter description on the help message of the command.
Additionally, fix some whitespace issue in the man page.

Reported-by: Zhaojuan Guo <zguo@redhat.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoman: rdma.8: Add missing resource subcommand description
Andrea Claudi [Fri, 28 Feb 2020 17:36:24 +0000 (18:36 +0100)]
man: rdma.8: Add missing resource subcommand description

Add resource subcommand in the OBJECT section and a short
description for it.

Reported-by: Zhaojuan Guo <zguo@redhat.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoxfrm: not try to delete ipcomp states when using deleteall
Xin Long [Mon, 24 Feb 2020 14:57:01 +0000 (09:57 -0500)]
xfrm: not try to delete ipcomp states when using deleteall

In kernel space, ipcomp(sub) states used by main states are not
allowed to be deleted by users, they would be freed only when
all main states are destroyed and no one uses them.

In user space, ip xfrm sta deleteall doesn't filter these ipcomp
states out, and it causes errors:

  # ip xfrm state add src 192.168.0.1 dst 192.168.0.2 spi 0x1000 \
      proto comp comp deflate mode tunnel sel src 192.168.0.1 dst \
      192.168.0.2 proto gre
  # ip xfrm sta deleteall
  Failed to send delete-all request
  : Operation not permitted

This patch is to fix it by filtering ipcomp states with a check
xsinfo->id.proto == IPPROTO_IPIP.

Fixes: c7699875bee0 ("Import patch ipxfrm-20040707_2.diff")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoman: ip.8: Add missing vrf subcommand description
Andrea Claudi [Thu, 27 Feb 2020 16:45:43 +0000 (17:45 +0100)]
man: ip.8: Add missing vrf subcommand description

Add description to the vrf subcommand and a reference to the
dedicated man page.

Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoip route: Do not imply pref and ttl-propagate are per nexthop
Donald Sharp [Tue, 25 Feb 2020 13:12:13 +0000 (08:12 -0500)]
ip route: Do not imply pref and ttl-propagate are per nexthop

Currently `ip -6 route show` gives us this output:

sharpd@eva ~/i/ip (master)> ip -6 route show
::1 dev lo proto kernel metric 256 pref medium
4:5::6:7 nhid 18 proto static metric 20
        nexthop via fe80::99 dev enp39s0 weight 1
        nexthop via fe80::44 dev enp39s0 weight 1 pref medium

Displaying `pref medium` as the last bit of output implies
that the RTA_PREF is a per nexthop value, when it is infact
a per route piece of data.

Change the output to display RTA_PREF and RTA_TTL_PROPAGATE
before the RTA_MULTIPATH data is shown:

sharpd@eva ~/i/ip (master)> ./ip -6 route show
::1 dev lo proto kernel metric 256 pref medium
4:5::6:7 nhid 18 proto static metric 20 pref medium
        nexthop via fe80::99 dev enp39s0 weight 1
        nexthop via fe80::44 dev enp39s0 weight 1

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Andrea Claudi <aclaudi@redhat.com>
Acked-by: Roopa Prabhu <roopa@cumulusnetworks.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agonstat: print useful error messages in abort() cases
Andrea Claudi [Mon, 17 Feb 2020 13:46:18 +0000 (14:46 +0100)]
nstat: print useful error messages in abort() cases

When nstat temporary file is corrupted or in some other corner cases,
nstat use abort() to stop its execution. This can puzzle some users,
wondering what is the reason for the crash.

This commit replaces abort() with some meaningful error messages and exit()

Reported-by: Renaud Métrich <rmetrich@redhat.com>
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoerspan: set erspan_ver to 1 by default
Xin Long [Tue, 18 Feb 2020 03:50:20 +0000 (11:50 +0800)]
erspan: set erspan_ver to 1 by default

Commit 289763626721 ("erspan: add erspan version II support")
breaks the command:

 # ip link add erspan1 type erspan key 1 seq erspan 123 \
    local 10.1.0.2 remote 10.1.0.1

as erspan_ver is set to 0 by default, then IFLA_GRE_ERSPAN_INDEX
won't be set in gre_parse_opt().

  # ip -d link show erspan1
    ...
    erspan remote 10.1.0.1 local 10.1.0.2 ... erspan_index 0 erspan_ver 1
                                              ^^^^^^^^^^^^^^

This patch is to change to set erspan_ver to 1 by default.

Fixes: 289763626721 ("erspan: add erspan version II support")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: William Tu <u9012063@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agouapi: update magic.h
Stephen Hemminger [Tue, 11 Feb 2020 16:16:42 +0000 (08:16 -0800)]
uapi: update magic.h

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Add health error recovery status monitoring
Moshe Shemesh [Tue, 4 Feb 2020 21:37:02 +0000 (23:37 +0200)]
devlink: Add health error recovery status monitoring

Add support for devlink health error recovery status monitoring.
Update devlink-monitor man page accordingly.

Signed-off-by: Moshe Shemesh <moshe@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: add support for FQ-PIE packet scheduler
Mohit P. Tahiliani [Tue, 4 Feb 2020 10:49:19 +0000 (16:19 +0530)]
tc: add support for FQ-PIE packet scheduler

This patch adds support for the FQ-PIE packet Scheduler

Principles:
  - Packets are classified on flows.
  - This is a Stochastic model (as we use a hash, several flows might
                                be hashed to the same slot)
  - Each flow has a PIE managed queue.
  - Flows are linked onto two (Round Robin) lists,
    so that new flows have priority on old ones.
  - For a given flow, packets are not reordered.
  - Drops during enqueue only.
  - ECN capability is off by default.
  - ECN threshold (if ECN is enabled) is at 10% by default.
  - Uses timestamps to calculate queue delay by default.

Usage:
tc qdisc ... fq_pie [ limit PACKETS ] [ flows NUMBER ]
                    [ target TIME ] [ tupdate TIME ]
                    [ alpha NUMBER ] [ beta NUMBER ]
                    [ quantum BYTES ] [ memory_limit BYTES ]
                    [ ecn_prob PERCENTAGE ] [ [no]ecn ]
                    [ [no]bytemode ] [ [no_]dq_rate_estimator ]

defaults:
  limit: 10240 packets, flows: 1024
  target: 15 ms, tupdate: 15 ms (in jiffies)
  alpha: 1/8, beta : 5/4
  quantum: device MTU, memory_limit: 32 Mb
  ecnprob: 10%, ecn: off
  bytemode: off, dq_rate_estimator: off

Signed-off-by: Mohit P. Tahiliani <tahiliani@nitk.edu.in>
Signed-off-by: Sachin D. Patil <sdp.sachin@gmail.com>
Signed-off-by: V. Saicharan <vsaicharan1998@gmail.com>
Signed-off-by: Mohit Bhasi <mohitbhasi1998@gmail.com>
Signed-off-by: Leslie Monis <lesliemonis@gmail.com>
Signed-off-by: Gautam Ramakrishnan <gautamramk@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoss: fix tests to reflect compact output
Peter Junos [Wed, 29 Jan 2020 22:33:48 +0000 (23:33 +0100)]
ss: fix tests to reflect compact output

This fixes broken tests in commit c4f5862994589 ("ss: use compact output
for undetected screen width")

It also escapes stars as grep is used and more bugs could sneak under
the radar with the previous solution.

Signed-off-by: Peter Junos <petoju@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: fix warning from unchecked write
Stephen Hemminger [Sun, 2 Feb 2020 12:20:58 +0000 (04:20 -0800)]
devlink: fix warning from unchecked write

Warning seen on Ubuntu

devlink.c: In function ‘cmd_dev_flash’:
devlink.c:3071:3: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result [-Wunused-result]
 3071 |   write(pipe_w, &err, sizeof(err));
      |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixes: 9b13cddfe268 ("devlink: implement flash status monitoring")
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoip link: xstats: fix TX IGMP reports string
Andrea Claudi [Wed, 29 Jan 2020 14:31:11 +0000 (15:31 +0100)]
ip link: xstats: fix TX IGMP reports string

This restore the string format we have before jsonification, adding a
missing space between v2 and v3 on TX IGMP reports string.

Fixes: a9bc23a79227a ("ip: bridge: add xstats json support")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoip-xfrm: Fix help messages
Andrea Claudi [Wed, 29 Jan 2020 14:56:40 +0000 (15:56 +0100)]
ip-xfrm: Fix help messages

After commit 8589eb4efdf2a ("treewide: refactor help messages") help
messages for xfrm state and policy are broken, printing many times the
same protocol in UPSPEC section:

$ ip xfrm state help
[...]
UPSPEC := proto { { tcp | tcp | tcp | tcp } [ sport PORT ] [ dport PORT ] |
                  { icmp | icmp | icmp } [ type NUMBER ] [ code NUMBER ] |
                  gre [ key { DOTTED-QUAD | NUMBER } ] | PROTO }

This happens because strxf_proto function is non-reentrant and gets called
multiple times in the same fprintf instruction.

This commit fix the issue avoiding calls to strxf_proto() with a constant
param, just hardcoding strings for protocol names.

Fixes: 8589eb4efdf2a ("treewide: refactor help messages")
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoMerge branch 'master' into next
David Ahern [Wed, 29 Jan 2020 15:16:54 +0000 (15:16 +0000)]
Merge branch 'master' into next

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agouapi: updates to tcp.h, snmp.h and if_bridge.h
Stephen Hemminger [Wed, 29 Jan 2020 13:48:19 +0000 (05:48 -0800)]
uapi: updates to tcp.h, snmp.h and if_bridge.h

Upstream changes

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agouapi/pkt_sched: upstream changes from fq_pie
Stephen Hemminger [Wed, 29 Jan 2020 13:46:43 +0000 (05:46 -0800)]
uapi/pkt_sched: upstream changes from fq_pie

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agouapi: update bpf.h and btf.h
Stephen Hemminger [Wed, 29 Jan 2020 13:45:53 +0000 (05:45 -0800)]
uapi: update bpf.h and btf.h

Upstream headers from 5.6 pre rc1

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoMerge branch 'master' of git://git.kernel.org/pub/scm/network/iproute2/iproute2-next
Stephen Hemminger [Wed, 29 Jan 2020 13:44:53 +0000 (05:44 -0800)]
Merge branch 'master' of git://git.kernel.org/pub/scm/network/iproute2/iproute2-next

Resolved conflict in tc/f_flower.c

4 years agov5.5.0
Stephen Hemminger [Mon, 27 Jan 2020 13:53:09 +0000 (05:53 -0800)]
v5.5.0

4 years agodevlink: Replace pr_out_bool/uint() wrappers with common print functions
Ron Diskin [Thu, 23 Jan 2020 10:32:31 +0000 (12:32 +0200)]
devlink: Replace pr_out_bool/uint() wrappers with common print functions

Replace calls for pr_out_bool() and pr_out_uint() with direct calls
to common json_print library function print_bool() and print_uint().

Signed-off-by: Ron Diskin <rondi@mellanox.com>
Reviewed-by: Moshe Shemesh <moshe@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Replace pr_#type_value wrapper functions with common functions
Ron Diskin [Thu, 23 Jan 2020 10:32:30 +0000 (12:32 +0200)]
devlink: Replace pr_#type_value wrapper functions with common functions

Replace calls for pr_bool/uint/uint64_value with direct calls for the
matching common json_print library function: print_bool(), print_uint()
and print_u64()

Signed-off-by: Ron Diskin <rondi@mellanox.com>
Reviewed-by: Moshe Shemesh <moshe@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Replace pr_out_str wrapper function with common function
Ron Diskin [Thu, 23 Jan 2020 10:32:29 +0000 (12:32 +0200)]
devlink: Replace pr_out_str wrapper function with common function

Replace calls for pr_out_str() and pr_out_str_value() with direct calls to
common json_print library functions.

Signed-off-by: Ron Diskin <rondi@mellanox.com>
Reviewed-by: Moshe Shemesh <moshe@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agodevlink: Replace json prints by common library functions
Ron Diskin [Thu, 23 Jan 2020 10:32:28 +0000 (12:32 +0200)]
devlink: Replace json prints by common library functions

Substitute json prints to use json_print.c common library functions,
instead of directly calling jsonw_functions.

Signed-off-by: Ron Diskin <rondi@mellanox.com>
Reviewed-by: Moshe Shemesh <moshe@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agojson_print: Add new json object function not as array item
Ron Diskin [Thu, 23 Jan 2020 10:32:27 +0000 (12:32 +0200)]
json_print: Add new json object function not as array item

Currently new json object opens (and delete_json_obj closes) the object as
an array, what adds prints for the matching bracket '[' ']' at the
start/end of the object. This patch adds new_json_obj_plain() and the
matching delete_json_obj_plain() to enable opening and closing json object,
not as array and leave it to the using function to decide which type of
object to open/close as the main object.

Signed-off-by: Ron Diskin <rondi@mellanox.com>
Reviewed-by: Moshe Shemesh <moshe@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agojson_print: Introduce print_#type_name_value
Ron Diskin [Thu, 23 Jan 2020 10:32:26 +0000 (12:32 +0200)]
json_print: Introduce print_#type_name_value

Until now print_#type functions supported printing constant names and
unknown (variable) values only.
Add functions to allow printing when the name is also sent to the
function as a variable.

Signed-off-by: Ron Diskin <rondi@mellanox.com>
Reviewed-by: Moshe Shemesh <moshe@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agotc: parse attributes with NLA_F_NESTED flag
Leslie Monis [Thu, 16 Jan 2020 15:57:01 +0000 (21:27 +0530)]
tc: parse attributes with NLA_F_NESTED flag

The kernel now requires all new nested attributes to set the
NLA_F_NESTED flag. Enable tc {qdisc,class,filter} to parse
attributes that have the NLA_F_NESTED flag set.

Signed-off-by: Leslie Monis <lesliemonis@gmail.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoip: xfrm: add espintcp encapsulation
Sabrina Dubroca [Sun, 19 Jan 2020 10:32:09 +0000 (11:32 +0100)]
ip: xfrm: add espintcp encapsulation

While at it, convert xfrm_xfrma_print and xfrm_encap_type_parse to use
the UAPI macros for encap_type as suggested by David Ahern, and add the
UAPI udp.h header (sync'd from ipsec-next to get the TCP_ENCAP_ESPINTCP
definition).

Co-developed-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers and import udp.h
David Ahern [Wed, 22 Jan 2020 03:40:26 +0000 (03:40 +0000)]
Update kernel headers and import udp.h

Update kernel headers to commit:
    4f2c17e0f332 ("Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next")

and import udp.h for the next patch.

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: flower: fix print with oneline option
Roi Dayan [Tue, 21 Jan 2020 08:53:30 +0000 (10:53 +0200)]
tc: flower: fix print with oneline option

This commit fix all location in flower to use _SL_ instead of \n for
newline to allow support for oneline option.

Example before this commit:

filter protocol ip pref 2 flower chain 0 handle 0x1
  indev ens1f0
  dst_mac 11:22:33:44:55:66
  eth_type ipv4
  ip_proto tcp
  src_ip 2.2.2.2
  src_port 99
  dst_port 1-10\  tcp_flags 0x5/5
  ip_flags frag
  ct_state -trk\  ct_zone 4\  ct_mark 255
  ct_label 00000000000000000000000000000000
  skip_hw
  not_in_hw\    action order 1: ct zone 5 pipe
         index 1 ref 1 bind 1 installed 287 sec used 287 sec
        Action statistics:\     Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
        backlog 0b 0p requeues 0\

Example output after this commit:

filter protocol ip pref 2 flower chain 0 handle 0x1 \  indev ens1f0\  dst_mac 11:22:33:44:55:66\  eth_type ipv4\  ip_proto tcp\  src_ip 2.2.2.2\  src_port 99\  dst_port 1-10\  tcp_flags 0x5/5\  ip_flags frag\  ct_state -trk\  ct_zone 4\  ct_mark 255\  ct_label 00000000000000000000000000000000\  skip_hw\  not_in_hw\action order 1: ct zone 5 pipe
         index 1 ref 1 bind 1 installed 346 sec used 346 sec
        Action statistics:\     Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
        backlog 0b 0p requeues 0\

Signed-off-by: Roi Dayan <roid@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agomake yacc usage POSIX compatible
Ethan Sommer [Wed, 8 Jan 2020 19:57:05 +0000 (14:57 -0500)]
make yacc usage POSIX compatible

config: put YACC in config.mk and use environmental variable if present

ss:
use YACC variable instead of hardcoding bison
place options before source file argument
use -b to specify file prefix instead of output file, as -o isn't POSIX
compatible, this generates ssfilter.tab.c instead of ssfilter.c
replace any references to ssfilter.c with references to ssfilter.tab.c

tc:
use -p flag to set name prefix instead of bison-specific api.prefix
directive
remove unneeded bison-specific directives
use -b instead of -o, replace references to previously generated
emp_ematch.yacc.[ch] with references to newly generated
emp_ematch.tab.[ch]

Signed-off-by: Ethan Sommer <e5ten.arch@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agobuild: fix build failure with -fno-common
Jan Engelhardt [Wed, 8 Jan 2020 10:04:24 +0000 (11:04 +0100)]
build: fix build failure with -fno-common

$ make CCOPTS=-fno-common
gcc ... -o ip
ld: rt_names.o (symbol from plugin): in function "rtnl_rtprot_n2a":
(.text+0x0): multiple definition of "numeric"; ip.o (symbol from plugin):(.text+0x0): first defined here

gcc ... -o tipc
ld: ../lib/libutil.a(utils.o):(.bss+0xc): multiple definition of `pretty';
tipc.o:tipc.c:28: first defined here

References: https://bugzilla.opensuse.org/1160244
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoip: use print_nl() to handle one line mode
Stephen Hemminger [Mon, 20 Jan 2020 17:29:05 +0000 (09:29 -0800)]
ip: use print_nl() to handle one line mode

The helper function print_nl() does the right thing and prints
the newline or backslash.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoip: fix link type and vlan oneline output
Vladis Dronov [Sun, 19 Jan 2020 01:12:51 +0000 (02:12 +0100)]
ip: fix link type and vlan oneline output

Move link type printing in print_linkinfo() so multiline output does not
break link options line. Add oneline support for vlan's ingress and egress
qos maps.

Before the fix:

5: veth90.4000@veth90: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 26:9a:05:af:db:00 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535
    vlan protocol 802.1Q id 4000 <REORDER_HDR>               the option line is broken ^^^
      ingress-qos-map { 1:2 }
      egress-qos-map { 2:1 } addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

5: veth90.4000@veth90: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000\    link/ether 26:9a:05:af:db:00 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535 \    vlan protocol 802.1Q id 4000 <REORDER_HDR>
      ingress-qos-map { 1:2 }   <<< a multiline output despite -oneline
      egress-qos-map { 2:1 } addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535

After the fix:

5: veth90.4000@veth90: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 26:9a:05:af:db:00 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    vlan protocol 802.1Q id 4000 <REORDER_HDR>
      ingress-qos-map { 1:2 }
      egress-qos-map { 2:1 }

5: veth90.4000@veth90: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000\    link/ether 26:9a:05:af:db:00 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 0 maxmtu 65535 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 \    vlan protocol 802.1Q id 4000 <REORDER_HDR> \      ingress-qos-map { 1:2 } \      egress-qos-map { 2:1 }

Fixes: 5c302d518f10 ("vlan support")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206241
Reported-by: George Shuklin <george.shuklin@gmail.com>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoMerge branch 'tc-ets-qdisc' into next
David Ahern [Sat, 18 Jan 2020 21:54:42 +0000 (21:54 +0000)]
Merge branch 'tc-ets-qdisc' into next

Petr Machata  says:

====================

A new Qdisc, "ETS", has been accepted into Linux at kernel commit
6bff00170277 ("Merge branch 'ETS-qdisc'"). Add iproute2 support for this
Qdisc.

Patch #1, changes libnetlink to admit NLA_F_NESTED in nested attributes.
Patch #2 then adds ETS support as such.

Examples (taken from the kernel patchset):

- Add a Qdisc with 6 bands, 3 strict and 3 ETS with 45%-30%-25% weights:

    # tc qdisc add dev swp1 root handle 1: \
ets strict 3 quanta 4500 3000 2500 priomap 0 1 1 1 2 3 4 5
    # tc qdisc sh dev swp1
    qdisc ets 1: root refcnt 2 bands 6 strict 3 quanta 4500 3000 2500 priomap 0 1 1 1 2 3 4 5 5 5 5 5 5 5 5 5

- Tweak quantum of one of the classes of the previous Qdisc:

    # tc class ch dev swp1 classid 1:4 ets quantum 1000
    # tc qdisc sh dev swp1
    qdisc ets 1: root refcnt 2 bands 6 strict 3 quanta 1000 3000 2500 priomap 0 1 1 1 2 3 4 5 5 5 5 5 5 5 5 5
    # tc class ch dev swp1 classid 1:3 ets quantum 1000
    Error: Strict bands do not have a configurable quantum.

- Purely strict Qdisc with 1:1 mapping between priorities and TCs:

    # tc qdisc add dev swp1 root handle 1: \
ets strict 8 priomap 7 6 5 4 3 2 1 0
    # tc qdisc sh dev swp1
    qdisc ets 1: root refcnt 2 bands 8 strict 8 priomap 7 6 5 4 3 2 1 0 7 7 7 7 7 7 7 7

- Use "bands" to specify number of bands explicitly. Underspecified bands
  are implicitly ETS and their quantum is taken from MTU. The following
  thus gives each band the same weight:

    # tc qdisc add dev swp1 root handle 1: \
ets bands 8 priomap 7 6 5 4 3 2 1 0
    # tc qdisc sh dev swp1
    qdisc ets 1: root refcnt 2 bands 8 quanta 1514 1514 1514 1514 1514 1514 1514 1514 priomap 7 6 5 4 3 2 1 0 7 7 7 7 7 7 7 7

====================

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotc: Add support for ETS Qdisc
Petr Machata [Mon, 13 Jan 2020 14:16:29 +0000 (15:16 +0100)]
tc: Add support for ETS Qdisc

Add a new module to generate and parse options specific to the ETS Qdisc.

Example output:

    bands 8 strict 3 priomap 0 1 2 3 4 5 6 7
qdisc ets 1: root refcnt 2 offloaded bands 8 strict 3 quanta 1514 1514 1514 1514 1514 priomap 0 1 2 3 4 5 6 7 7 7 7 7 7 7 7 7
[
  {
    "kind": "ets",
    "handle": "1:",
    "root": true,
    "refcnt": 2,
    "offloaded": true,
    "options": {
      "bands": 8,
      "strict": 3,
      "quanta": [1514, 1514, 1514, 1514, 1514],
      "priomap": [0, 1, 2, 3, 4, 5, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7]
    }
  }
]

Signed-off-by: Petr Machata <petrm@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agolibnetlink: parse_rtattr_nested should allow NLA_F_NESTED flag
Petr Machata [Mon, 13 Jan 2020 14:16:28 +0000 (15:16 +0100)]
libnetlink: parse_rtattr_nested should allow NLA_F_NESTED flag

In kernel commit 8cb081746c03 ("netlink: make validation more configurable
for future strictness"), Linux started implicitly flagging nests with
NLA_F_NESTED, unless the nest is created with nla_nest_start_noflag().

The ETS code uses nla_nest_start() where possible, so it does not work with
the current iproute2 code. Have libnetlink catch up by admitting the flag
in the attribute.

Signed-off-by: Petr Machata <petrm@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoip route: Print "rt_offload" and "rt_trap" indication
Ido Schimmel [Thu, 16 Jan 2020 18:43:48 +0000 (20:43 +0200)]
ip route: Print "rt_offload" and "rt_trap" indication

The kernel now signals the offload state of a route using the
'RTM_F_OFFLOAD' and 'RTM_F_TRAP' flags. Print these to help users
understand the offload state of each route. The "rt_" prefix is used in
order to distinguish it from the offload state of nexthops.

Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agoUpdate kernel headers
David Ahern [Sat, 18 Jan 2020 21:39:15 +0000 (21:39 +0000)]
Update kernel headers

Update kernel headers to commit
    9aaa29494030 ("Merge branch '1GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue")

Signed-off-by: David Ahern <dsahern@gmail.com>
4 years agotipc: fix clang warning in tipc/node.c
Tuong Lien [Mon, 30 Dec 2019 03:03:33 +0000 (10:03 +0700)]
tipc: fix clang warning in tipc/node.c

When building tipc with clang, the following warning is found:

tipc
    CC       bearer.o
    CC       cmdl.o
    CC       link.o
    CC       media.o
    CC       misc.o
    CC       msg.o
    CC       nametable.o
    CC       node.o
node.c:182:24: warning: field 'key' with variable sized type 'struct tipc_aead_key' not at the end of a struct or class is a GNU extension [-Wgnu-variable-sized-type-not-at-end]
                struct tipc_aead_key key;

This commit fixes it by putting the memory area allocated for the user
input key along with the variable-sized 'key' structure in the 'union'
form instead.

Fixes: 24bee3bf9752 ("tipc: add new commands to set TIPC AEAD key")
Reported-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Tuong Lien <tuong.t.lien@dektech.com.au>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agotc: skbprio: add support for JSON output
Stephen Hemminger [Sun, 29 Dec 2019 18:07:18 +0000 (10:07 -0800)]
tc: skbprio: add support for JSON output

Print limit in JSON

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agotc: prio: fix space in JSON tag
Stephen Hemminger [Sun, 29 Dec 2019 18:58:13 +0000 (10:58 -0800)]
tc: prio: fix space in JSON tag

The priomap should not have extra space in the tag.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
4 years agoss: use compact output for undetected screen width
Peter Junos [Thu, 26 Dec 2019 13:07:09 +0000 (14:07 +0100)]
ss: use compact output for undetected screen width

This change fixes calculation of width in case user pipes the output.

SS output output works correctly when stdout is a terminal. When one
pipes the output, it tries to use 80 or 160 columns. That adds a
line-break if user has terminal width of 100 chars and output is of
the similar width. No width is assumed here.

To reproduce the issue, call
ss | less
and see every other line empty if your screen is between 80 and 160
columns wide.

This second version of the patch fixes screen_width being set to arbitrary
value.

Signed-off-by: Peter Junos <petoju@gmail.com>
Signed-off-by: David Ahern <dsahern@gmail.com>