Michał Łyszczek [Thu, 24 Oct 2019 21:20:43 +0000 (23:20 +0200)]
rdma/sys.c: fix possible out-of-bound array access
netns_modes_str[] array has 2 elements, when netns_mode is 2,
condition (2 <= 2) will be true and `mode_str = netns_modes_str[2]'
will be executed, which will result in out-of-bound read.
Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Michał Łyszczek [Tue, 22 Oct 2019 20:09:23 +0000 (22:09 +0200)]
ipnetns: do not check netns NAME when -all is specified
When `-all' argument is specified netns runs cmd on all namespaces
and NAME is not used, but netns nevertheless checks if argv[1] is a
valid namespace name ignoring the fact that argv[1] contains cmd
and not NAME. This results in bug where user cannot specify
absolute path to command.
# ip -all netns exec /usr/bin/whoami
Invalid netns name "/usr/bin/whoami"
This forces user to have his command in PATH.
Solution is simply to not validate argv[1] when `-all' argument is
specified.
Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Nicolas Dichtel [Mon, 7 Oct 2019 13:44:47 +0000 (15:44 +0200)]
ipnetns: enable to dump nsid conversion table
This patch enables to dump/get nsid from a netns into another netns.
Example:
$ ./test.sh
+ ip netns add foo
+ ip netns add bar
+ touch /var/run/netns/init_net
+ mount --bind /proc/1/ns/net /var/run/netns/init_net
+ ip netns set init_net 11
+ ip netns set foo 12
+ ip netns set bar 13
+ ip netns
init_net (id: 11)
bar (id: 13)
foo (id: 12)
+ ip -n foo netns set init_net 21
+ ip -n foo netns set foo 22
+ ip -n foo netns set bar 23
+ ip -n foo netns
init_net (id: 21)
bar (id: 23)
foo (id: 22)
+ ip -n bar netns set init_net 31
+ ip -n bar netns set foo 32
+ ip -n bar netns set bar 33
+ ip -n bar netns
init_net (id: 31)
bar (id: 33)
foo (id: 32)
+ ip netns list-id target-nsid 12
nsid 21 current-nsid 11 (iproute2 netns name: init_net)
nsid 22 current-nsid 12 (iproute2 netns name: foo)
nsid 23 current-nsid 13 (iproute2 netns name: bar)
+ ip -n foo netns list-id target-nsid 21
nsid 11 current-nsid 21 (iproute2 netns name: init_net)
nsid 12 current-nsid 22 (iproute2 netns name: foo)
nsid 13 current-nsid 23 (iproute2 netns name: bar)
+ ip -n bar netns list-id target-nsid 33 nsid 32
nsid 32 current-nsid 32 (iproute2 netns name: foo)
+ ip -n bar netns list-id target-nsid 31 nsid 32
nsid 12 current-nsid 32 (iproute2 netns name: foo)
+ ip netns list-id nsid 13
nsid 13 (iproute2 netns name: bar)
CC: Petr Oros <poros@redhat.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Tested-by: Petr Oros <poros@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Aya Levin [Wed, 2 Oct 2019 14:35:16 +0000 (17:35 +0300)]
devlink: Fix inconsistency between command input and output
In devlink health show command the reporter's name parameter is called
reporter, but in the output the reporter's name is referred to as name
Before this patch:
$ devlink health show pci/0000:04:00.0 reporter tx
pci/0000:04:00.0:
name tx
state healthy error 0 recover 0 grace_period 500 auto_recover true
After this patch:
$ devlink health show pci/0000:04:00.0 reporter tx
pci/0000:04:00.0:
reporter tx
state healthy error 0 recover 0 grace_period 500 auto_recover true
Reported-by: Jiri Pirko <jiri@mellanox.com> Fixes: 2f1242efe9d0 ("devlink: Add devlink health show command") Signed-off-by: Aya Levin <ayal@mellanox.com> Acked-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Tariq Toukan <tariqt@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Aya Levin [Wed, 2 Oct 2019 14:35:15 +0000 (17:35 +0300)]
devlink: Left justification on FMSG output
FMSG output is dynamic, space separator must be on the left hand side of
the value. Otherwise output has redundant left indentation regardless
the hierarchy.
Fixes: 844a61764c6f ("devlink: Add helper functions for name and value separately") Signed-off-by: Aya Levin <ayal@mellanox.com> Acked-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Tariq Toukan <tariqt@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Tue, 1 Oct 2019 10:32:17 +0000 (12:32 +0200)]
tc: fix segmentation fault on gact action
tc segfaults if gact action is used without action or index:
$ ip link add type dummy
$ tc actions add action pipe index 1
$ tc filter add dev dummy0 parent ffff: protocol ip \
pref 10 u32 match ip src 127.0.0.2 flowid 1:10 action gact
Segmentation fault
We expect tc to fail gracefully with an error message.
This happens if gact is the last argument of the incomplete
command. In this case the "gact" action is parsed, the macro
NEXT_ARG_FWD() is executed and the next matches() crashes
because of null argv pointer.
To avoid this, simply use NEXT_ARG() instead.
With this change in place:
$ ip link add type dummy
$ tc actions add action pipe index 1
$ tc filter add dev dummy0 parent ffff: protocol ip \
pref 10 u32 match ip src 127.0.0.2 flowid 1:10 action gact
Command line is not complete. Try option "help"
Fixes: fa4958897314 ("tc: Fix binding of gact action by index.") Reported-by: Davide Caratti <dcaratti@redhat.com> Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Damien Robert [Mon, 30 Sep 2019 21:11:37 +0000 (23:11 +0200)]
man: add reference to `ip route add encap ... src`
The ability to specify the source adresse for 'encap ip' / 'encap ip6'
was added in commit 94a8722f2f78f04c47678cf864ac234a38366709 but the man
page was not updated.
Also fixes a missing page in ip-route.8.in.
Signed-off-by: Damien Robert <damien.olivier.robert+git@gmail.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Thomas Haller [Wed, 25 Sep 2019 10:24:03 +0000 (12:24 +0200)]
man: add note to ip-macsec manual about necessary key management
The man page of ip-macsec and the existance of the tool makes it seem like
the user could just configure static keys once, and be done with it. That is
not the case. Some form or key management must be done in user space.
Add a note about that.
Signed-off-by: Thomas Haller <thaller@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Joe Stringer [Fri, 20 Sep 2019 02:04:47 +0000 (19:04 -0700)]
bpf: Fix race condition with map pinning
If two processes attempt to invoke bpf_map_attach() at the same time,
then they will both create maps, then the first will successfully pin
the map to the filesystem and the second will not pin the map, but will
continue operating with a reference to its own copy of the map. As a
result, the sharing of the same map will be broken from the two programs
that were concurrently loaded via loaders using this library.
Fix this by adding a retry in the case where the pinning fails because
the map already exists on the filesystem. In that case, re-attempt
opening a fd to the map on the filesystem as it shows that another
program already created and pinned a map at that location.
Signed-off-by: Joe Stringer <joe@wand.net.nz> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Mon, 16 Sep 2019 13:00:55 +0000 (15:00 +0200)]
bpf: replace snprintf with asprintf when dealing with long buffers
This reduces stack usage, as asprintf allocates memory on the heap.
This indirectly fixes a snprintf truncation warning (from gcc v9.2.1):
bpf.c: In function ‘bpf_get_work_dir’:
bpf.c:784:49: warning: ‘snprintf’ output may be truncated before the last format character [-Wformat-truncation=]
784 | snprintf(bpf_wrk_dir, sizeof(bpf_wrk_dir), "%s/", mnt);
| ^
bpf.c:784:2: note: ‘snprintf’ output between 2 and 4097 bytes into a destination of size 4096
784 | snprintf(bpf_wrk_dir, sizeof(bpf_wrk_dir), "%s/", mnt);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes: e42256699cac ("bpf: make tc's bpf loader generic and move into lib") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: David Ahern <dsahern@gmail.com>
Nicolas Dichtel [Mon, 16 Sep 2019 15:36:27 +0000 (17:36 +0200)]
link_xfrm: don't force to set phydev
Since linux commit 22d6552f827e ("xfrm interface: fix management of
phydev"), phydev is not mandatory anymore.
Note that it also could be useful before the above commit to not force the
user to put a phydev (the kernel was checking it anyway).
For example, it was useful to not set it in case of x-netns, because the
phydev is not available in the current netns:
Before the patch:
$ ip netns add foo
$ ip link add xfrm1 type xfrm dev eth1 if_id 1
$ ip link set xfrm1 netns foo
$ ip -n foo link set xfrm1 type xfrm dev eth1 if_id 2
Cannot find device "eth1"
$ ip -n foo link set xfrm1 type xfrm if_id 2
must specify physical device
Fixes: 286446c1e8c7 ("ip: support for xfrm interfaces") Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Acked-by: Matt Ellison <matt@arroyo.io> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The 'fw_load_policy' devlink parameter now supports an unknown value.
Suggested-by: Jakub Kicinski <jakub.kicinski@netronome.com> Signed-off-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David Ahern <dsahern@gmail.com>
Add support for the new devlink parameter along with string to uint
conversion.
Signed-off-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David Ahern <dsahern@gmail.com>
David Dai [Wed, 4 Sep 2019 15:06:51 +0000 (10:06 -0500)]
iproute2-next: police: support 64bit rate and peakrate in tc utility
For high speed adapter like Mellanox CX-5 card, it can reach upto
100 Gbits per second bandwidth. Currently htb already supports 64bit rate
in tc utility. However police action rate and peakrate are still limited
to 32bit value (upto 32 Gbits per second). Taking advantage of the 2 new
attributes TCA_POLICE_RATE64 and TCA_POLICE_PEAKRATE64 from kernel,
tc can use them to break the 32bit limit, and still keep the backward
binary compatibility.
Tested-by: David Dai <zdai@linux.vnet.ibm.com> Signed-off-by: David Dai <zdai@linux.vnet.ibm.com> Signed-off-by: David Ahern <dsahern@gmail.com>
David Ahern [Wed, 4 Sep 2019 15:09:52 +0000 (08:09 -0700)]
nexthop: Add space after blackhole
Add a space after 'blackhole' is missing to properly separate the
protocol when it is given.
Fixes: 63df8e8543b0 ("Add support for nexthop objects") Signed-off-by: David Ahern <dsahern@gmail.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Wed, 4 Sep 2019 17:26:14 +0000 (19:26 +0200)]
devlink: fix segfault on health command
devlink segfaults when using grace_period without reporter
$ devlink health set pci/0000:00:09.0 grace_period 3500
Segmentation fault
devlink is instead supposed to gracefully fail printing a warning
message
$ devlink health set pci/0000:00:09.0 grace_period 3500
Reporter's name is expected.
This happens because DL_OPT_HEALTH_REPORTER_NAME and
DL_OPT_HEALTH_REPORTER_GRACEFUL_PERIOD are both defined as BIT(27).
When dl_opts_put() parse options and grace_period is set, it erroneously
tries to set reporter name to null.
This is fixed simply shifting by 1 bit enumeration starting with
DL_OPT_HEALTH_REPORTER_GRACEFUL_PERIOD.
Fixes: b18d89195b16 ("devlink: Add devlink health set command") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Donald Sharp [Sat, 10 Aug 2019 00:18:43 +0000 (20:18 -0400)]
ip nexthop: Allow flush|list operations to specify a specific protocol
In the case where we have a large number of nexthops from a specific
protocol, allow the flush and list operations to take a protocol
to limit the commands scopes.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Signed-off-by: David Ahern <dsahern@gmail.com>
Ido Schimmel [Tue, 13 Aug 2019 08:31:41 +0000 (11:31 +0300)]
devlink: Add devlink trap set and show commands
The trap set command allows the user to set the action of an individual
trap. Example:
# devlink trap set netdevsim/netdevsim10 trap blackhole_route action trap
The trap show command allows the user to get the current status of an
individual trap or a dump of all traps in case one is not specified.
When '-s' is specified the trap's statistics are shown. When '-v' is
specified the metadata types the trap can provide are shown. Example:
Donald Sharp [Sat, 10 Aug 2019 00:18:42 +0000 (20:18 -0400)]
ip nexthop: Add space to display properly when showing a group
When displaying a nexthop group made up of other nexthops, the display
line shows this when you have additional data at the end:
id 42 group 43/44/45/46/47/48/49/50/51/52/53/54/55/56/57/58/59/60/61/62/63/64/65/66/67/68/69/70/71/72/73/74proto zebra
Modify code so that it shows:
id 42 group 43/44/45/46/47/48/49/50/51/52/53/54/55/56/57/58/59/60/61/62/63/64/65/66/67/68/69/70/71/72/73/74 proto zebra
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Reviewed-by: David Ahern <dsahern@gmail.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Ido Schimmel [Mon, 12 Aug 2019 10:17:06 +0000 (13:17 +0300)]
tc: Fix block-handle support for filter operations
The revert of batchsize accidently reverted more than it should
and broke shared block functionality. Fix this by restoring the
original functionality.
To reproduce:
dst_ip 192.0.2.0/24 action drop
Unknown filter "block", hence option "10" is unparsable
Fixes: e991c04d64c0 ("Revert "tc: Add batchsize feature for filter and actions"") Signed-off-by: Ido Schimmel <idosch@mellanox.com> Acked-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Jiri Pirko [Mon, 5 Aug 2019 09:56:56 +0000 (11:56 +0200)]
devlink: finish queue.h to list.h transition
Loose the "q" from the names and name the structure fields in the same
way rest of the code does. Also, fix list_add arg order which leads
to segfault.
Fixes: 33267017faf1 ("iproute2: devlink: port from sys/queue.h to list.h") Signed-off-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Kurt Kanzenbach [Thu, 4 Jul 2019 12:24:27 +0000 (14:24 +0200)]
utils: Fix get_s64() function
get_s64() uses internally strtoll() to parse the value out of a given
string. strtoll() returns a long long. However, the intermediate variable is
long only which might be 32 bit on some systems. So, fix it.
Signed-off-by: Kurt Kanzenbach <kurt@linutronix.de> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Antonio Borneo [Fri, 26 Jul 2019 13:06:09 +0000 (15:06 +0200)]
iplink_can: fix format output of clock with flag -details
The command
ip -details link show can0
prints in the last line the value of the clock frequency attached
to the name of the following value "numtxqueues", e.g.
clock 49500000numtxqueues 1 numrxqueues 1 gso_max_size
65536 gso_max_segs 65535
Add the missing space after the clock value.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Mark Zhang [Wed, 17 Jul 2019 14:31:56 +0000 (17:31 +0300)]
rdma: Document counter statistic
Add document of accessing the QP counter, including bind/unbind a QP
to a counter manually or automatically, and dump counter statistics.
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Mark Zhang [Wed, 17 Jul 2019 14:31:54 +0000 (17:31 +0300)]
rdma: Add stat manual mode support
In manual mode a QP can be manually bound to a counter. If the counter
id(cntn) is not specified that kernel will allocate one. After a
successful bind, the cntn can be seen through "rdma statistic qp show".
And in unbind if lqpn is not specified then all QPs on this counter will
be unbound.
The manual and auto mode are mutual-exclusive.
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Mark Zhang [Wed, 17 Jul 2019 14:31:53 +0000 (17:31 +0300)]
rdma: Make get_port_from_argv() returns valid port in strict port mode
When strict_port is set, make get_port_from_argv() returns failure if
no valid port is specified.
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Mark Zhang [Wed, 17 Jul 2019 14:31:52 +0000 (17:31 +0300)]
rdma: Add rdma statistic counter per-port auto mode support
With per-QP statistic counter support, a user is allowed to monitor
specific QPs categories, which are bound to/unbound from counters
dynamically allocated/deallocated.
In per-port "auto" mode, QPs are bound to counters automatically
according to common criteria. For example a per "type"(qp type)
scheme, where in each process all QPs have same qp type are bind
automatically to a single counter.
Currently only "type" (qp type) is supported. Examples:
$ rdma statistic qp set link mlx5_2/1 auto type on
$ rdma statistic qp set link mlx5_2/1 auto off
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Mark Zhang [Wed, 17 Jul 2019 14:31:51 +0000 (17:31 +0300)]
rdma: Add get per-port counter mode support
Add an interface to show which mode is active. Two modes are supported:
- "auto": In this mode all QPs belong to one category are bind automatically
to a single counter set. Currently only "qp type" is supported;
- "manual": In this mode QPs are bound to a counter manually.
Examples:
$ rdma statistic qp mode
0/1: mlx5_0/1: qp auto off
1/1: mlx5_1/1: qp auto off
2/1: mlx5_2/1: qp auto type on
3/1: mlx5_3/1: qp auto off
$ rdma statistic qp mode link mlx5_0
0/1: mlx5_0/1: qp auto off
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Mark Zhang [Wed, 17 Jul 2019 14:31:50 +0000 (17:31 +0300)]
rdma: Add "stat qp show" support
This patch presents link, id, task name, lqpn, as well as all sub
counters of a QP counter.
A QP counter is a dynamically allocated statistic counter that is
bound with one or more QPs. It has several sub-counters, each is
used for a different purpose.
Signed-off-by: Mark Zhang <markz@mellanox.com> Signed-off-by: Leon Romanovsky <leonro@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Ivan Delalande [Thu, 18 Jul 2019 01:15:31 +0000 (18:15 -0700)]
json: fix backslash escape typo in jsonw_puts
Fixes: fcc16c22 ("provide common json output formatter") Signed-off-by: Ivan Delalande <colona@arista.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This allows a new parameter, flags, to be passed to taprio. Currently, it
only supports enabling the txtime-assist mode. But, we plan to add
different modes for taprio (e.g. hardware offloading) and this parameter
will be useful in enabling those modes.
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@intel.com> Signed-off-by: Vedang Patel <vedang.patel@intel.com> Signed-off-by: David Ahern <dsahern@gmail.com>
ETF Qdisc currently checks for a socket with SO_TXTIME socket option. If
either is not present, the packet is dropped. In the future commits, we
want other Qdiscs to add packet with launchtime to the ETF Qdisc. Also,
there are some packets (e.g. ICMP packets) which may not have a socket
associated with them. So, add an option to skip this check.
Signed-off-by: Vedang Patel <vedang.patel@intel.com> Signed-off-by: David Ahern <dsahern@gmail.com>
David Ahern [Thu, 18 Jul 2019 22:42:13 +0000 (15:42 -0700)]
Merge branch 'tc-conntrack' into next
Paul Blakey says:
====================
This patch series add connection tracking capabilities in tc.
It does so via a new tc action, called act_ct, and new tc flower classifier matching.
Act ct and relevant flower matches, are still under review in net-next mailing list.
Usage is as follows:
$ tc qdisc add dev ens1f0_0 ingress
$ tc qdisc add dev ens1f0_1 ingress
$ tc filter add dev ens1f0_0 ingress \
prio 1 chain 0 proto ip \
flower ip_proto tcp ct_state -trk \
action ct zone 2 pipe \
action goto chain 2
$ tc filter add dev ens1f0_0 ingress \
prio 1 chain 2 proto ip \
flower ct_state +trk+new \
action ct zone 2 commit mark 0xbb nat src addr 5.5.5.7 pipe \
action mirred egress redirect dev ens1f0_1
$ tc filter add dev ens1f0_0 ingress \
prio 1 chain 2 proto ip \
flower ct_zone 2 ct_mark 0xbb ct_state +trk+est \
action ct nat pipe \
action mirred egress redirect dev ens1f0_1
$ tc filter add dev ens1f0_1 ingress \
prio 1 chain 0 proto ip \
flower ip_proto tcp ct_state -trk \
action ct zone 2 pipe \
action goto chain 1
$ tc filter add dev ens1f0_1 ingress \
prio 1 chain 1 proto ip \
flower ct_zone 2 ct_mark 0xbb ct_state +trk+est \
action ct nat pipe \
action mirred egress redirect dev ens1f0_0
Andrea Claudi [Tue, 9 Jul 2019 13:16:51 +0000 (15:16 +0200)]
ip tunnel: warn when changing IPv6 tunnel without tunnel name
Tunnel change fails if a tunnel name is not specified while using
'ip -6 tunnel change'. However, no warning message is printed and
no error code is returned.
$ ip -6 tunnel add ip6tnl1 mode ip6gre local fd::1 remote fd::2 tos inherit ttl 127 encaplimit none dev dummy0
$ ip -6 tunnel change dev dummy0 local 2001:1234::1 remote 2001:1234::2
$ ip -6 tunnel show ip6tnl1
ip6tnl1: gre/ipv6 remote fd::2 local fd::1 dev dummy0 encaplimit none hoplimit 127 tclass inherit flowlabel 0x00000 (flowinfo 0x00000000)
This commit checks if tunnel interface name is equal to an empty
string: in this case, it prints a warning message to the user.
It intentionally avoids to return an error to not break existing
script setup.
This is the output after this commit:
$ ip -6 tunnel add ip6tnl1 mode ip6gre local fd::1 remote fd::2 tos inherit ttl 127 encaplimit none dev dummy0
$ ip -6 tunnel change dev dummy0 local 2001:1234::1 remote 2001:1234::2
Tunnel interface name not specified
$ ip -6 tunnel show ip6tnl1
ip6tnl1: gre/ipv6 remote fd::2 local fd::1 dev dummy0 encaplimit none hoplimit 127 tclass inherit flowlabel 0x00000 (flowinfo 0x00000000)
Reviewed-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
$ ip link add type dummy
$ ip -6 tunnel add ip6tnl1 mode ip6ip6 remote 2001:db8:ffff:100::2 local 2001:db8:ffff:100::1 hoplimit 1 tclass 0x0 dev dummy0
add tunnel "ip6tnl0" failed: File exists
dev parameter must be used to specify the device to which
the tunnel is binded, and not the tunnel itself.
Reported-by: Jianwen Ji <jiji@redhat.com> Reviewed-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Aya Levin [Wed, 10 Jul 2019 11:03:21 +0000 (14:03 +0300)]
devlink: Remove enclosing array brackets binary print with json format
Keep pr_out_binary_value function only for printing. Inner relations
like array grouping should be done outside the function.
Fixes: 844a61764c6f ("devlink: Add helper functions for name and value separately") Signed-off-by: Aya Levin <ayal@mellanox.com> Signed-off-by: Tariq Toukan <tariqt@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Aya Levin [Wed, 10 Jul 2019 11:03:20 +0000 (14:03 +0300)]
devlink: Fix binary values print
Fix function pr_out_binary_value() to start printing the binary buffer
from offset 0 instead of offset 1. Remove redundant new line at the
beginning of the output
Fixes: 844a61764c6f ("devlink: Add helper functions for name and value separately") Signed-off-by: Aya Levin <ayal@mellanox.com> Signed-off-by: Tariq Toukan <tariqt@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Aya Levin [Wed, 10 Jul 2019 11:03:19 +0000 (14:03 +0300)]
devlink: Change devlink health dump show command to dumpit
Although devlink health dump show command is given per reporter, it
returns large amounts of data. Trying to use the doit cb results in
OUT-OF-BUFFER error. This complementary patch raises the DUMP flag in
order to invoke the dumpit cb. We're safe as no existing drivers
implement the dump health reporter option yet.
Fixes: 041e6e651a8e ("devlink: Add devlink health dump show command") Signed-off-by: Aya Levin <ayal@mellanox.com> Signed-off-by: Tariq Toukan <tariqt@mellanox.com> Acked-by: Jiri Pirko <jiri@mellanox.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
iproute has an utility function which checks if a string is a prefix for
another one, to allow use of abbreviated commands, e.g. 'addr' or 'a'
instead of 'address'.
This routine unfortunately considers an empty string as prefix
of any pattern, leading to undefined behaviour when an empty
argument is passed to ip:
# ip ''
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
# tc ''
qdisc noqueue 0: dev lo root refcnt 2
# ip address add 192.0.2.0/24 '' 198.51.100.1 dev dummy0
# ip addr show dev dummy0
6: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 02:9d:5e:e9:3f:c0 brd ff:ff:ff:ff:ff:ff
inet 192.0.2.0/24 brd 198.51.100.1 scope global dummy0
valid_lft forever preferred_lft forever
Rewrite matches() so it takes care of an empty input, and doesn't
scan the input strings three times: the actual implementation
does 2 strlen and a memcpy to accomplish the same task.
Signed-off-by: Matteo Croce <mcroce@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Sat, 13 Jul 2019 09:44:07 +0000 (11:44 +0200)]
tc: util: constrain percentage in 0-100 interval
parse_percent() currently allows to specify negative percentages
or value above 100%. However this does not seems to make sense,
as the function is used for probabilities or bandiwidth rates.
Moreover, using negative values leads to erroneous results
(using Bernoulli loss model as example):
$ ip link add test type dummy
$ ip link set test up
$ tc qdisc add dev test root netem loss gemodel -10% limit 10
$ tc qdisc show dev test
qdisc netem 800c: root refcnt 2 limit 10 loss gemodel p 90% r 10% 1-h 100% 1-k 0%
Using values above 100% we have instead:
$ ip link add test type dummy
$ ip link set test up
$ tc qdisc add dev test root netem loss gemodel 140% limit 10
$ tc qdisc show dev test
qdisc netem 800f: root refcnt 2 limit 10 loss gemodel p 40% r 60% 1-h 100% 1-k 0%
This commit changes parse_percent() with a check to ensure
percentage values stay between 1.0 and 0.0.
parse_percent_rate() function, which already employs a similar
check, is adjusted accordingly.
With this check in place, we have:
$ ip link add test type dummy
$ ip link set test up
$ tc qdisc add dev test root netem loss gemodel -10% limit 10
Illegal "loss gemodel p"
Fixes: 927e3cfb52b58 ("tc: B.W limits can now be specified in %.") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
projects / mirror_iproute2.git / log