Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix trailing whitespaces and pr_* messages | Jozsef Kadlecsik | 2011-01-21 | 12 | -69/+67 |
| | | | | | | Some trailing whitespace slipped in, those are removed. With the deleted ip_set_kernel.h, the pr_* messages lost the trailing "\n" character. The messages were completed with it. | ||||
* | Un-inline functions which are not small enough | Jozsef Kadlecsik | 2011-01-20 | 12 | -161/+42 |
| | |||||
* | Fix module loading at create/header commands | Jozsef Kadlecsik | 2011-01-20 | 2 | -50/+37 |
| | | | | | While holding the nfnl_mutex, module loading is not allowed. Bug spotted by Patrick McHardy in his reviewing. | ||||
* | Fix wrong kzalloc flag in type_pf_expire | Jozsef Kadlecsik | 2011-01-20 | 1 | -1/+1 |
| | | | | | The expire functions of the hash types are called while locked, so kzalloc must be called with GFP_ATOMIC. | ||||
* | The get_ip*_port functions are too large to be inlined, moved into the core. | Jozsef Kadlecsik | 2011-01-20 | 8 | -138/+160 |
| | |||||
* | Add missing __GFP_HIGHMEM flag to __vmalloc | Jozsef Kadlecsik | 2011-01-20 | 1 | -1/+2 |
| | | | | | We may call ip_set_alloc with GFP_ATOMIC, so we cannot replace __vmalloc with vzalloc. Missing flag was noticed by Eric Dumazet. | ||||
* | Enforce network-order data in the netlink protocol | Jozsef Kadlecsik | 2011-01-20 | 12 | -86/+214 |
| | | | | | | Allow only network-order data, with NLA_F_NET_BYTEORDER flag. Sanity checks also added to prevent processing broken messages where mandatory attributes are missing. (Patrick McHardy's review) | ||||
* | Use annotated types and fix sparse warnings | Jozsef Kadlecsik | 2011-01-20 | 14 | -123/+110 |
| | | | | | | Annotated types are introduced and sparse warnings fixed. Two warnings remained in ip_set_core.c but those are false ones. (Patrick McHardy's review) | ||||
* | Move ip_set_alloc, ip_set_free and ip_set_get_ipaddr* into core | Jozsef Kadlecsik | 2011-01-20 | 2 | -77/+88 |
| | | | | | | The functions are too large to be inlined, so move them into the core. Also, fix the unnecessary initializations in ip_set_get_ipaddr*. (Patrick McHardy's review) | ||||
* | NETMASK*, HOSTMASK* macros are too generic | Jozsef Kadlecsik | 2011-01-20 | 10 | -55/+74 |
| | | | | | NETMASK*, HOSTMASK* macros are rewritten to small inline functions ip_set_netmask* and ip_set_hostmask* (Patrick McHardy's review) | ||||
* | Use static LIST_HEAD() for ip_set_type_list | Jozsef Kadlecsik | 2011-01-20 | 1 | -3/+1 |
| | | | | | Avoid the need for explicit initialization during runtime (Patrick McHardy's review) | ||||
* | Move NLA_PUT_NET* macros to include/net/netlink.h | Jozsef Kadlecsik | 2011-01-20 | 1 | -6/+0 |
| | | | | These macros can be useful in general (Patrick McHardy's review) | ||||
* | The module parameter max_sets should be unsigned int | Jozsef Kadlecsik | 2011-01-20 | 1 | -1/+1 |
| | | | | Negative set numbers are strange :-) (Patrick McHardy's review) | ||||
* | Get rid of ip_set_kernel.h | Jozsef Kadlecsik | 2011-01-20 | 12 | -26/+0 |
| | | | | | The header file was useful at deep debugging only, we can get rid of now. (Patrick McHardy's review) | ||||
* | Fix the placement style of boolean operators at continued lines | Jozsef Kadlecsik | 2011-01-20 | 14 | -219/+219 |
| | | | | Fix "&&" and "||" continuation style (Patrick McHardy's review) | ||||
* | ipset 5.3 releasedv5.3 | Jozsef Kadlecsik | 2011-01-18 | 1 | -0/+9 |
| | |||||
* | There is no need to call synchronize_net() at swapping. | Jozsef Kadlecsik | 2011-01-14 | 1 | -4/+0 |
| | | | | | | Ongoing add/del can happen to referenced sets and delete can be issued to unreferenced sets. So the bogus call to synchronize_net() can safely be removed. | ||||
* | Replace strncpy with strlcpy at creating a set. | Jozsef Kadlecsik | 2011-01-14 | 1 | -1/+1 |
| | | | | Better add more safety nets against user input. | ||||
* | Update copyright date and some style changes. | Jozsef Kadlecsik | 2011-01-14 | 14 | -16/+16 |
| | |||||
* | Use jhash.h accepted in kernel, with backward compatibility. | Jozsef Kadlecsik | 2011-01-13 | 9 | -9/+9 |
| | |||||
* | Separate prefixlens from ip_set core. | Jozsef Kadlecsik | 2011-01-13 | 13 | -297/+314 |
| | | | | | | Separate prefixlens from ip_set core for better readibility and honoring the independence. Also, comment that prefixlens were borrowed from Jan Engelhardt. | ||||
* | kernel: remove unused ctnl parameter from call_ad | Jan Engelhardt | 2011-01-03 | 1 | -6/+5 |
| | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de> | ||||
* | Comment the possible return values of the add/del/test type-functions | Jozsef Kadlecsik | 2010-12-23 | 1 | -2/+8 |
| | |||||
* | ipset 5.2 releasedv5.2 | Jozsef Kadlecsik | 2010-12-23 | 1 | -0/+3 |
| | |||||
* | Kernel version check at minimal supported version is mistyped, now fixed. | Jozsef Kadlecsik | 2010-12-22 | 1 | -2/+2 |
| | |||||
* | ipset 5.1 releasedv5.1 | Jozsef Kadlecsik | 2010-12-22 | 1 | -0/+13 |
| | |||||
* | Kernel version compatibility: support from 2.6.34 | Jozsef Kadlecsik | 2010-12-21 | 4 | -38/+42 |
| | | | | | The basic kernel compatibility issues are verified back to 2.6.24. The minimal supported kernel version had to be bumped from 2.6.31 to 2.6.34. | ||||
* | kernel: use EXPORT_SYMBOL_GPL | Jan Engelhardt | 2010-12-19 | 1 | -13/+13 |
| | |||||
* | kernel: const annotations | Jan Engelhardt | 2010-12-19 | 13 | -71/+71 |
| | |||||
* | kernel: use __read_mostly for registration-type structures | Jan Engelhardt | 2010-12-19 | 9 | -10/+10 |
| | | | | Here is where __read_mostly goes :-) | ||||
* | kernel: do not mix const and __read_mostly | Jan Engelhardt | 2010-12-19 | 14 | -51/+40 |
| | | | | | It makes no sense to mix these two. Either it is writable-plus-read-mostly, or it is constant. | ||||
* | xt_set: avoid user types in exported kernel headers | Jan Engelhardt | 2010-12-19 | 1 | -6/+6 |
| | | | | Within isolated code it would be ok, but not so in exported headers. | ||||
* | Prevent calling Makefile directly in the kernel/ subdirectory | Jozsef Kadlecsik | 2010-12-19 | 1 | -0/+4 |
| | |||||
* | Fix Kbuild for me to delete backup files | Jozsef Kadlecsik | 2010-12-17 | 1 | -1/+1 |
| | |||||
* | Support adding/deleting multiple entries, kernel part. | Jozsef Kadlecsik | 2010-12-17 | 4 | -16/+261 |
| | | | | | | Support adding/deleting multiple entries in the kernel side of the hash:ip,port, hash:ip,port,ip, hash:ip,port,net and hash:net,port types. | ||||
* | Remove unnecessary gfp_flags arguments | Jozsef Kadlecsik | 2010-12-16 | 10 | -70/+58 |
| | | | | | Where the argument was used, the set lock was already activated, therefore the argument value was always GFP_ATOMIC. | ||||
* | Mistypeing in the hbucket() macro fixed. | Jozsef Kadlecsik | 2010-12-16 | 1 | -2/+6 |
| | |||||
* | Document which elements cannot be stored in the different hash types. | Jozsef Kadlecsik | 2010-12-14 | 1 | -2/+2 |
| | | | | And enforce from kernel side as well... | ||||
* | Convert last printks to pr_debug in ip_set_ahash.h | Jozsef Kadlecsik | 2010-12-13 | 1 | -4/+2 |
| | |||||
* | Remove remnants of slist from ip_set_ahash.h | Jozsef Kadlecsik | 2010-12-13 | 1 | -3/+2 |
| | |||||
* | Add proper RCU protection to resizing | Jozsef Kadlecsik | 2010-12-10 | 1 | -18/+38 |
| | | | | | | | Resizing can be triggered by userspace command only, and those are serialized by the nfnl mutex. During resizing the set is read-locked, so the only possible concurrent operations are the kernel side readers. Those must be protected by proper RCU locking. | ||||
* | Convert hash types from chash to ahash. | Jozsef Kadlecsik | 2010-12-10 | 7 | -94/+1127 |
| | | | | | | Instead of the cache friendly hashing, use the array based hashing. According to my tests the latter uses less memory, faster at lookup and deletion, and only slower at insertion. | ||||
* | Strip off ip_set_ prefix from non-ipset specific header files. | Jozsef Kadlecsik | 2010-12-08 | 9 | -8/+8 |
| | |||||
* | Update ip_set_jhash.h | Jozsef Kadlecsik | 2010-12-08 | 1 | -33/+81 |
| | | | | | Update ip_set_jhash.h with the version which was submitted for kernel inclusion. | ||||
* | Create include/linux/netfilter/ipset/ directory | Jozsef Kadlecsik | 2010-12-07 | 22 | -69/+69 |
| | | | | Separate the ipset header files from netfilter header files. | ||||
* | Complete Kconfig.ipset with hash:net,port type. | Jozsef Kadlecsik | 2010-12-07 | 1 | -8/+16 |
| | |||||
* | Remove include/net/pfxlen.h | Jozsef Kadlecsik | 2010-12-07 | 12 | -311/+305 |
| | | | | | Spare some memory by moving the static prefixlen maps to the ipset core. Thus we can get rid of include/net/pfxlen.h too. | ||||
* | Remove command MODIFY | Jozsef Kadlecsik | 2010-12-07 | 1 | -17/+16 |
| | | | | | Modifying a set can be performed by save/modify/restore/swap, without adding kernel part support. | ||||
* | Whitespace, checkpatch.pl cleanups. | Jozsef Kadlecsik | 2010-12-07 | 20 | -375/+376 |
| | |||||
* | The protocol extended with the command MODIFY. | Jozsef Kadlecsik | 2010-11-05 | 1 | -18/+19 |
| | | | | The command is not used yet, but better to reserve it already. |