aboutsummaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAge
* net/mac80211/Kconfig: whitespace correctionsJohn W. Linville2008-01-28
| | | | | Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net/wireless/Kconfig: whitespace correctionsJohn W. Linville2008-01-28
| | | | | Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: don't read ERP information from (re)association responseJohannes Berg2008-01-28
| | | | | | | | | | According to the standard, the field cannot be present, so don't try to interpret it either. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Cc: Daniel Drake <dsd@gentoo.org> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: move tx crypto decisionJohannes Berg2008-01-28
| | | | | | | | | | | | | | This patch moves the decision making about whether a frame is encrypted with a certain algorithm up into the TX handlers rather than having it in the crypto algorithm implementation. This fixes a problem with the radiotap injection code where injecting a non-data packet and requesting encryption could end up asking the driver to encrypt a packet without giving it a key. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: implement station stats retrievalJohannes Berg2008-01-28
| | | | | | | | | This implements the required cfg80211 callback in mac80211 to allow userspace to get station statistics. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* cfg80211/nl80211: implement station attribute retrievalJohannes Berg2008-01-28
| | | | | | | | | | | After a station is added to the kernel's structures, userspace has to be able to retrieve statistics about that station, especially whether the station was idle and how much bytes were transferred to and from it. This adds the necessary code to nl80211. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* cfg80211/nl80211: station handlingJohannes Berg2008-01-28
| | | | | | | | This patch adds station handling to cfg80211/nl80211. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* cfg80211/nl80211: add beacon settingsJohannes Berg2008-01-28
| | | | | | | | | This adds the necessary API to cfg80211/nl80211 to allow changing beaconing settings. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: support getting key sequence counters via cfg80211Johannes Berg2008-01-28
| | | | | | | | | | This implements cfg80211's get_key() to allow retrieving the sequence counter for a TKIP or CCMP key from userspace. It also cleans up and documents the associated low-level driver interface. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: support adding/removing keys via cfg80211Johannes Berg2008-01-28
| | | | | | | | | This adds the necessary hooks to mac80211 to allow userspace to edit keys with cfg80211 (through nl80211.) Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* cfg80211/nl80211: introduce key handlingJohannes Berg2008-01-28
| | | | | | | | | | This introduces key handling to cfg80211/nl80211. Default and group keys can be added, changed and removed; sequence counters for each key can be retrieved. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: allow easier multicast/broadcast buffering in hardwareJohannes Berg2008-01-28
| | | | | | | | | | | | | | | | | There are various decisions influencing the decision whether to buffer a frame for after the next DTIM beacon. The "do we have stations in PS mode" condition cannot be tested by the driver so mac80211 has to do that. To ease driver writing for hardware that can buffer frames until after the next DTIM beacon, introduce a new txctl flag telling the driver to buffer a specific frame. While at it, restructure and comment the code for multicast buffering and remove spurious "inline" directives. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Cc: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: make ieee80211_rx_mgmt_action staticJohannes Berg2008-01-28
| | | | | | | | The function is only used locally. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: clean up eapol handling in TX pathJohannes Berg2008-01-28
| | | | | | | | | | | | | | The previous patch left only one user of the ieee80211_is_eapol() function and that user can be eliminated easily by introducing a new "frame is EAPOL" flag to handle the frame specially (we already have this information) instead of doing the (expensive) ieee80211_is_eapol() all the time. Also, allow unencrypted frames to be sent when they are injected. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: clean up eapol frame handling/port controlJohannes Berg2008-01-28
| | | | | | | | | | | | | | | | | This cleans up the eapol frame handling and some related code in the receive and transmit paths. After this patch * EAPOL frames addressed to us or the EAPOL group address are always accepted regardless of whether they are encrypted or not * other frames from a station are dropped if PAE is enabled and the station is not authorized * unencrypted frames (except the EAPOL frames above) are dropped if drop_unencrypted is enabled * some superfluous code that eth_type_trans handles anyway is gone * port control is done for transmitted packets Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* rc80211-pid: export tuning parameters through debugfsMattias Nissler2008-01-28
| | | | | | | | | | This adds all the tunable parameters used by rc80211_pid to debugfs for easy testing and tuning. Signed-off-by: Mattias Nissler <mattias.nissler@gmx.de> Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* rc80211-pid: add debuggingMattias Nissler2008-01-28
| | | | | | | | | | | | | This adds a new debugfs file from which rate control relevant events can be read one event per line. The output includes the current time, so graphs can be created showing the rate control parameters. This helps in evaluating and tuning rate control parameters. While at it, we split headers and code for better readability. Signed-off-by: Mattias Nissler <mattias.nissler@gmx.de> Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* rc80211-pid: add sharpening factorStefano Brivio2008-01-28
| | | | | | | | | | This patch introduces a PID sharpening factor for faster response after association and low activity events. Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: Mattias Nissler <mattias.nissler@gmx.de> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* rc80211-pid: add rate behaviour learning algorithmStefano Brivio2008-01-28
| | | | | | | | | | This patch introduces a learning algorithm in order for the PID controller to learn how to map adjustment values to rates. This is better described in code comments. Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: make PID rate control algorithm the defaultStefano Brivio2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | This makes the new PID TX rate control algorithm the default instead of the rc80211_simple rate control algorithm. The simple algorithm was flawed in several ways: it wasn't responsive at all and didn't age the information it was relying on properly. The PID algorithm allows us to tune characteristics such as responsiveness by adjusting parameters and was found to generally behave better. The default algorithm can be overridden to select simple instead. Which ever algorithm is the default is included as part of the mac80211 module automatically. The other algorithm (simple vs. pid) can be selected for inclusion as well. If EMBEDDED is selected then the choice is available to have no default specified and neither algorithm included in mac80211. The default algorithm can be set through a modparam. While at it, mark rc80211-simple as deprecated, and schedule it for removal. Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP] Avoid two divides in tcp_output.cEric Dumazet2008-01-28
| | | | | | | | | | Because 'free_space' variable in __tcp_select_window() is signed, expression (free_space / 2) forces compiler to emit an integer divide. This can be changed to a plain right shift, less expensive. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Assorted IPsec fixupsPaul Moore2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes a number of small but potentially troublesome things in the XFRM/IPsec code: * Use the 'audit_enabled' variable already in include/linux/audit.h Removed the need for extern declarations local to each XFRM audit fuction * Convert 'sid' to 'secid' everywhere we can The 'sid' name is specific to SELinux, 'secid' is the common naming convention used by the kernel when refering to tokenized LSM labels, unfortunately we have to leave 'ctx_sid' in 'struct xfrm_sec_ctx' otherwise we risk breaking userspace * Convert address display to use standard NIP* macros Similar to what was recently done with the SPD audit code, this also also includes the removal of some unnecessary memcpy() calls * Move common code to xfrm_audit_common_stateinfo() Code consolidation from the "less is more" book on software development * Proper spacing around commas in function arguments Minor style tweak since I was already touching the code Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Add packet processing statistics option.Masahide NAKAMURA2008-01-28
| | | | | Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Support to increment packet dropping statistics.Masahide NAKAMURA2008-01-28
| | | | | Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM]: Define packet dropping statistics.Masahide NAKAMURA2008-01-28
| | | | | | | | | | | | This statistics is shown factor dropped by transformation at /proc/net/xfrm_stat for developer. It is a counter designed from current transformation source code and defined as linux private MIB. See Documentation/networking/xfrm_proc.txt for the detail. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM] MIPv6: Fix to input RO state correctly.Masahide NAKAMURA2008-01-28
| | | | | | | | Disable spin_lock during xfrm_type.input() function. Follow design as IPsec inbound does. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [XFRM] IPv6: Fix dst/routing check at transformation.Masahide NAKAMURA2008-01-28
| | | | | | | | | | | | | | | IPv6 specific thing is wrongly removed from transformation at net-2.6.25. This patch recovers it with current design. o Update "path" of xfrm_dst since IPv6 transformation should care about routing changes. It is required by MIPv6 and off-link destined IPsec. o Rename nfheader_len which is for non-fragment transformation used by MIPv6 to rt6i_nfheader_len as IPv6 name space. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [TCP]: Fix TSO deferringIlpo Järvinen2008-01-28
| | | | | | | | I'd say that most of what tcp_tso_should_defer had in between there was dead code because of this. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NEIGH]: Make neigh_add_timer symmetrical to neigh_del_timer.Pavel Emelyanov2008-01-28
| | | | | | | | | | | | | | The neigh_del_timer() looks sane - it removes the timer and (conditionally) puts the neighbor. I expected, that the neigh_add_timer() is symmetrical to the del one - i.e. it holds the neighbor and arms the timer - but it turned out that it was not so. I think, that making them look symmetrical makes the code more readable. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: Uninline the inet_twsk_put function.Pavel Emelyanov2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | This one is not that big, but is widely used: saves 1200 bytes from net/ipv4/built-in.o add/remove: 1/0 grow/shrink: 1/12 up/down: 97/-1300 (-1203) function old new delta inet_twsk_put - 87 +87 __inet_lookup_listener 274 284 +10 tcp_sacktag_write_queue 2255 2254 -1 tcp_time_wait 482 411 -71 __inet_check_established 796 722 -74 tcp_v4_err 973 898 -75 __inet_twsk_kill 230 154 -76 inet_twsk_deschedule 180 103 -77 tcp_v4_do_rcv 462 384 -78 inet_hash_connect 686 607 -79 inet_twdr_do_twkill_work 236 150 -86 inet_twdr_twcal_tick 395 307 -88 tcp_v4_rcv 1744 1480 -264 tcp_timewait_state_process 975 644 -331 Export it for ipv6 module. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: Uninline the __inet_lookup_established function.Pavel Emelyanov2008-01-28
| | | | | | | | | | | | | | | | | This is -700 bytes from the net/ipv4/built-in.o add/remove: 1/0 grow/shrink: 1/3 up/down: 340/-1040 (-700) function old new delta __inet_lookup_established - 339 +339 tcp_sacktag_write_queue 2254 2255 +1 tcp_v4_err 1304 973 -331 tcp_v4_rcv 2089 1744 -345 tcp_v4_do_rcv 826 462 -364 Exporting is for dccp module (used via e.g. inet_lookup). Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [INET]: Uninline the __inet_hash function.Pavel Emelyanov2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | This one is used in quite many places in the networking code and seems to big to be inline. After the patch net/ipv4/build-in.o loses ~650 bytes: add/remove: 2/0 grow/shrink: 0/5 up/down: 461/-1114 (-653) function old new delta __inet_hash_nolisten - 282 +282 __inet_hash - 179 +179 tcp_sacktag_write_queue 2255 2254 -1 __inet_lookup_listener 284 274 -10 tcp_v4_syn_recv_sock 755 493 -262 tcp_v4_hash 389 35 -354 inet_hash_connect 1086 599 -487 This version addresses the issue pointed by Eric, that while being inline this function was optimized by gcc in respect to the 'listen_possible' argument. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Follow Add-IP security consideratiosn wrt INIT/INIT-ACKVlad Yasevich2008-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | The Security Considerations section of RFC 5061 has the following text: If an SCTP endpoint that supports this extension receives an INIT that indicates that the peer supports the ASCONF extension but does NOT support the [RFC4895] extension, the receiver of such an INIT MUST send an ABORT in response. Note that an implementation is allowed to silently discard such an INIT as an option as well, but under NO circumstance is an implementation allowed to proceed with the association setup by sending an INIT-ACK in response. An implementation that receives an INIT-ACK that indicates that the peer does not support the [RFC4895] extension MUST NOT send the COOKIE-ECHO to establish the association. Instead, the implementation MUST discard the INIT-ACK and report to the upper- layer user that an association cannot be established destroying the Transmission Control Block (TCB). Follow the recomendations. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Implement ADD-IP special case processing for ABORT chunkVlad Yasevich2008-01-28
| | | | | | | | | | | | | ADD-IP spec has a special case for processing ABORTs: F4) ... One special consideration is that ABORT Chunks arriving destined to the IP address being deleted MUST be ignored (see Section 5.3.1 for further details). Check if the address we received on is in the DEL state, and if so, ignore the ABORT. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Change use_as_src into a full address stateVlad Yasevich2008-01-28
| | | | | Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Update ASCONF processing to conform to spec.Vlad Yasevich2008-01-28
| | | | | | | | | | | The processing of the ASCONF chunks has changed a lot in the spec. New items are: 1. A list of ASCONF-ACK chunks is now cached 2. The source of the packet is used in response. 3. New handling for unexpect ASCONF chunks. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: ADD-IP updates the states where ASCONFs can be sentVlad Yasevich2008-01-28
| | | | | | | | | C4) Both ASCONF and ASCONF-ACK Chunks MUST NOT be sent in any SCTP state except ESTABLISHED, SHUTDOWN-PENDING, SHUTDOWN-RECEIVED, and SHUTDOWN-SENT. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Update association lookup to look at ASCONF chunks as wellVlad Yasevich2008-01-28
| | | | | | | | | | ADD-IP draft section 5.2 specifies that if an association can not be found using the source and destination of the IP packet, then, if the packet contains ASCONF chunks, the Address Parameter TLV should be used to lookup an association. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Add the handling of "Set Primary IP Address" parameter to INITVlad Yasevich2008-01-28
| | | | | | | | | The ADD-IP "Set Primary IP Address" parameter is allowed in the INIT/INIT-ACK exchange. Allow processing of this parameter during the INIT/INIT-ACK. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Handle the wildcard ADD-IP Address parameterVlad Yasevich2008-01-28
| | | | | | | | | | | | The Address Parameter in the parameter list of the ASCONF chunk may be a wildcard address. In this case special processing is required. For the 'add' case, the source IP of the packet is added. In the 'del' case, all addresses except the source IP of packet are removed. In the "mark primary" case, the source address is marked as primary. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SCTP]: Discard unauthenticated ASCONF and ASCONF ACK chunksVlad Yasevich2008-01-28
| | | | | | | | Now that we support AUTH, discard unauthenticated ASCONF and ASCONF ACK chunks as mandated in the ADD-IP spec. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Rename tunnel-mode functions to avoid collisions with tunnelsHerbert Xu2008-01-28
| | | | | | | | | | | | | It appears that I've managed to create two different functions both called xfrm6_tunnel_output. This is because we have the plain tunnel encapsulation named xfrmX_tunnel as well as the tunnel-mode encapsulation which lives in the files xfrmX_mode_tunnel.c. This patch renames functions from the latter to use the xfrmX_mode_tunnel prefix to avoid name-space conflicts. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: add PID controller based rate control algorithmMattias Nissler2008-01-28
| | | | | | | | | | Add a new rate control algorithm based on a PID controller. It samples the percentage of failed frames over time, feeds the result into the controller and uses its output to control the TX rate. Signed-off-by: Mattias Nissler <mattias.nissler@gmx.de> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: clean up rate selectionMattias Nissler2008-01-28
| | | | | | | | | | Move some code out of rc80211_simple since it's probably needed for all rate selection algorithms, and fix iwlwifi accordingly. While at it, clean up the rate_control_get_rate() interface. Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* mac80211: pass in PS_POLL framesRon Rindjunsky2008-01-28
| | | | | | | | | | | This patch fixes should_drop_frame function to pass in ps poll control frames required for power save functioanlity. Interface types that do not have interest for PS POLL frames now drop it in handler. Signed-off-by: Ron Rindjunsky <ron.rindjunsky@intel.com> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC]: Do xfrm_state_check_space before encapsulationHerbert Xu2008-01-28
| | | | | | | | | | | | | | | | | | While merging the IPsec output path I moved the encapsulation output operation to the top of the loop so that it sits outside of the locked section. Unfortunately in doing so it now sits in front of the space check as well which could be a fatal error. This patch rearranges the calls so that the space check happens as the thing on the output path. This patch also fixes an incorrect goto should the encapsulation output fail. Thanks to Kazunori MIYAZAWA for finding this bug. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Add CONFIG_NETFILTER_ADVANCED optionPatrick McHardy2008-01-28
| | | | | | | | | | | The NETFILTER_ADVANCED option hides lots of the rather obscure netfilter options when disabled and provides defaults (M) that should allow to run a distribution firewall without further thinking. Defaults to 'y' to avoid breaking current configurations. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: non-power-of-two jhash optimizationsPatrick McHardy2008-01-28
| | | | | | | | | | | | | | | Apply Eric Dumazet's jhash optimizations where applicable. Quoting Eric: Thanks to jhash, hash value uses full 32 bits. Instead of returning hash % size (implying a divide) we return the high 32 bits of the (hash * size) that will give results between [0 and size-1] and same hash distribution. On most cpus, a multiply is less expensive than a divide, by an order of magnitude. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: xt_hashlimit: reduce overhead without IPv6Eric Dumazet2008-01-28
| | | | | | | | | | | | This patch generalizes the (CONFIG_IP6_NF_IPTABLES || CONFIG_IP6_NF_IPTABLES_MODULE) test done in hashlimit_init_dst() to all the xt_hashlimit module. This permits a size reduction of "struct dsthash_dst". This saves memory and cpu for IPV4 only hosts. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: xt_hashlimit: speedup hash_dst()Eric Dumazet2008-01-28
| | | | | | | | | | | | | | | | 1) Using jhash2() instead of jhash() is a litle bit faster if applicable. 2) Thanks to jhash, hash value uses full 32 bits. Instead of returning hash % size (implying a divide) we return the high 32 bits of the (hash * size) that will give results between [0 and size-1] and same hash distribution. On most cpus, a multiply is less expensive than a divide, by an order of magnitude. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>