fd129f8941
Daniel Borkmann says: ==================== pull-request: bpf-next 2018-06-05 The following pull-request contains BPF updates for your *net-next* tree. The main changes are: 1) Add a new BPF hook for sendmsg similar to existing hooks for bind and connect: "This allows to override source IP (including the case when it's set via cmsg(3)) and destination IP:port for unconnected UDP (slow path). TCP and connected UDP (fast path) are not affected. This makes UDP support complete, that is, connected UDP is handled by connect hooks, unconnected by sendmsg ones.", from Andrey. 2) Rework of the AF_XDP API to allow extending it in future for type writer model if necessary. In this mode a memory window is passed to hardware and multiple frames might be filled into that window instead of just one that is the case in the current fixed frame-size model. With the new changes made this can be supported without having to add a new descriptor format. Also, core bits for the zero-copy support for AF_XDP have been merged as agreed upon, where i40e bits will be routed via Jeff later on. Various improvements to documentation and sample programs included as well, all from Björn and Magnus. 3) Given BPF's flexibility, a new program type has been added to implement infrared decoders. Quote: "The kernel IR decoders support the most widely used IR protocols, but there are many protocols which are not supported. [...] There is a 'long tail' of unsupported IR protocols, for which lircd is need to decode the IR. IR encoding is done in such a way that some simple circuit can decode it; therefore, BPF is ideal. [...] user-space can define a decoder in BPF, attach it to the rc device through the lirc chardev.", from Sean. 4) Several improvements and fixes to BPF core, among others, dumping map and prog IDs into fdinfo which is a straight forward way to correlate BPF objects used by applications, removing an indirect call and therefore retpoline in all map lookup/update/delete calls by invoking the callback directly for 64 bit archs, adding a new bpf_skb_cgroup_id() BPF helper for tc BPF programs to have an efficient way of looking up cgroup v2 id for policy or other use cases. Fixes to make sure we zero tunnel/xfrm state that hasn't been filled, to allow context access wrt pt_regs in 32 bit archs for tracing, and last but not least various test cases for fixes that landed in bpf earlier, from Daniel. 5) Get rid of the ndo_xdp_flush API and extend the ndo_xdp_xmit with a XDP_XMIT_FLUSH flag instead which allows to avoid one indirect call as flushing is now merged directly into ndo_xdp_xmit(), from Jesper. 6) Add a new bpf_get_current_cgroup_id() helper that can be used in tracing to retrieve the cgroup id from the current process in order to allow for e.g. aggregation of container-level events, from Yonghong. 7) Two follow-up fixes for BTF to reject invalid input values and related to that also two test cases for BPF kselftests, from Martin. 8) Various API improvements to the bpf_fib_lookup() helper, that is, dropping MPLS bits which are not fully hashed out yet, rejecting invalid helper flags, returning error for unsupported address families as well as renaming flowlabel to flowinfo, from David. 9) Various fixes and improvements to sockmap BPF kselftests in particular in proper error detection and data verification, from Prashant. 10) Two arm32 BPF JIT improvements. One is to fix imm range check with regards to whether immediate fits into 24 bits, and a naming cleanup to get functions related to rsh handling consistent to those handling lsh, from Wang. 11) Two compile warning fixes in BPF, one for BTF and a false positive to silent gcc in stack_map_get_build_id_offset(), from Arnd. 12) Add missing seg6.h header into tools include infrastructure in order to fix compilation of BPF kselftests, from Mathieu. 13) Several formatting cleanups in the BPF UAPI helper description that also fix an error during rst2man compilation, from Quentin. 14) Hide an unused variable in sk_msg_convert_ctx_access() when IPv6 is not built into the kernel, from Yue. 15) Remove a useless double assignment in dev_map_enqueue(), from Colin. ==================== Signed-off-by: David S. Miller <davem@davemloft.net> |
||
---|---|---|
.. | ||
caif | ||
dpaa2 | ||
dsa | ||
mac80211_hwsim | ||
3c509.txt | ||
6lowpan.txt | ||
6pack.txt | ||
00-INDEX | ||
af_xdp.rst | ||
alias.txt | ||
altera_tse.txt | ||
arcnet-hardware.txt | ||
arcnet.txt | ||
atm.txt | ||
ax25.txt | ||
batman-adv.rst | ||
baycom.txt | ||
bonding.txt | ||
bridge.txt | ||
can.rst | ||
cdc_mbim.txt | ||
checksum-offloads.txt | ||
conf.py | ||
cops.txt | ||
cs89x0.txt | ||
cxacru-cf.py | ||
cxacru.txt | ||
cxgb.txt | ||
dccp.txt | ||
dctcp.txt | ||
de4x5.txt | ||
decnet.txt | ||
dl2k.txt | ||
dm9000.txt | ||
dmfe.txt | ||
dns_resolver.txt | ||
dpaa.txt | ||
driver.txt | ||
e100.rst | ||
e1000.rst | ||
e1000e.txt | ||
ena.txt | ||
eql.txt | ||
failover.rst | ||
fib_trie.txt | ||
filter.txt | ||
fore200e.txt | ||
framerelay.txt | ||
gen_stats.txt | ||
generic_netlink.txt | ||
generic-hdlc.txt | ||
gianfar.txt | ||
gtp.txt | ||
hinic.txt | ||
i40e.txt | ||
i40evf.txt | ||
ice.txt | ||
ieee802154.txt | ||
igb.txt | ||
igbvf.txt | ||
ila.txt | ||
index.rst | ||
ip_dynaddr.txt | ||
ip-sysctl.txt | ||
ipddp.txt | ||
iphase.txt | ||
ipsec.txt | ||
ipv6.txt | ||
ipvlan.txt | ||
ipvs-sysctl.txt | ||
ixgb.txt | ||
ixgbe.txt | ||
ixgbevf.txt | ||
kapi.rst | ||
kcm.txt | ||
l2tp.txt | ||
lapb-module.txt | ||
LICENSE.qla3xxx | ||
LICENSE.qlcnic | ||
LICENSE.qlge | ||
ltpc.txt | ||
mac80211-auth-assoc-deauth.txt | ||
mac80211-injection.txt | ||
mpls-sysctl.txt | ||
msg_zerocopy.rst | ||
multiqueue.txt | ||
net_dim.txt | ||
net_failover.rst | ||
netconsole.txt | ||
netdev-FAQ.txt | ||
netdev-features.txt | ||
netdevices.txt | ||
netfilter-sysctl.txt | ||
netif-msg.txt | ||
netvsc.txt | ||
nf_conntrack-sysctl.txt | ||
nf_flowtable.txt | ||
nfc.txt | ||
openvswitch.txt | ||
operstates.txt | ||
packet_mmap.txt | ||
phonet.txt | ||
phy.txt | ||
pktgen.txt | ||
PLIP.txt | ||
ppp_generic.txt | ||
proc_net_tcp.txt | ||
radiotap-headers.txt | ||
ray_cs.txt | ||
rds.txt | ||
README.ipw2100 | ||
README.ipw2200 | ||
README.sb1000 | ||
regulatory.txt | ||
rmnet.txt | ||
rxrpc.txt | ||
s2io.txt | ||
scaling.txt | ||
sctp.txt | ||
secid.txt | ||
seg6-sysctl.txt | ||
segmentation-offloads.txt | ||
skfp.txt | ||
smc9.txt | ||
spider_net.txt | ||
stmmac.txt | ||
strparser.txt | ||
switchdev.txt | ||
tc-actions-env-rules.txt | ||
tcp-thin.txt | ||
tcp.txt | ||
team.txt | ||
timestamping.txt | ||
tlan.txt | ||
tls.txt | ||
tproxy.txt | ||
tuntap.txt | ||
udplite.txt | ||
vortex.txt | ||
vrf.txt | ||
vxge.txt | ||
vxlan.txt | ||
x25-iface.txt | ||
x25.txt | ||
xfrm_device.txt | ||
xfrm_proc.txt | ||
xfrm_sync.txt | ||
xfrm_sysctl.txt | ||
z8530book.rst | ||
z8530drv.txt |
sb1000 is a module network device driver for the General Instrument (also known as NextLevel) SURFboard1000 internal cable modem board. This is an ISA card which is used by a number of cable TV companies to provide cable modem access. It's a one-way downstream-only cable modem, meaning that your upstream net link is provided by your regular phone modem. This driver was written by Franco Venturi <fventuri@mediaone.net>. He deserves a great deal of thanks for this wonderful piece of code! ----------------------------------------------------------------------------- Support for this device is now a part of the standard Linux kernel. The driver source code file is drivers/net/sb1000.c. In addition to this you will need: 1.) The "cmconfig" program. This is a utility which supplements "ifconfig" to configure the cable modem and network interface (usually called "cm0"); and 2.) Several PPP scripts which live in /etc/ppp to make connecting via your cable modem easy. These utilities can be obtained from: http://www.jacksonville.net/~fventuri/ in Franco's original source code distribution .tar.gz file. Support for the sb1000 driver can be found at: http://web.archive.org/web/*/http://home.adelphia.net/~siglercm/sb1000.html http://web.archive.org/web/*/http://linuxpower.cx/~cable/ along with these utilities. 3.) The standard isapnp tools. These are necessary to configure your SB1000 card at boot time (or afterwards by hand) since it's a PnP card. If you don't have these installed as a standard part of your Linux distribution, you can find them at: http://www.roestock.demon.co.uk/isapnptools/ or check your Linux distribution binary CD or their web site. For help with isapnp, pnpdump, or /etc/isapnp.conf, go to: http://www.roestock.demon.co.uk/isapnptools/isapnpfaq.html ----------------------------------------------------------------------------- To make the SB1000 card work, follow these steps: 1.) Run `make config', or `make menuconfig', or `make xconfig', whichever you prefer, in the top kernel tree directory to set up your kernel configuration. Make sure to say "Y" to "Prompt for development drivers" and to say "M" to the sb1000 driver. Also say "Y" or "M" to all the standard networking questions to get TCP/IP and PPP networking support. 2.) *BEFORE* you build the kernel, edit drivers/net/sb1000.c. Make sure to redefine the value of READ_DATA_PORT to match the I/O address used by isapnp to access your PnP cards. This is the value of READPORT in /etc/isapnp.conf or given by the output of pnpdump. 3.) Build and install the kernel and modules as usual. 4.) Boot your new kernel following the usual procedures. 5.) Set up to configure the new SB1000 PnP card by capturing the output of "pnpdump" to a file and editing this file to set the correct I/O ports, IRQ, and DMA settings for all your PnP cards. Make sure none of the settings conflict with one another. Then test this configuration by running the "isapnp" command with your new config file as the input. Check for errors and fix as necessary. (As an aside, I use I/O ports 0x110 and 0x310 and IRQ 11 for my SB1000 card and these work well for me. YMMV.) Then save the finished config file as /etc/isapnp.conf for proper configuration on subsequent reboots. 6.) Download the original file sb1000-1.1.2.tar.gz from Franco's site or one of the others referenced above. As root, unpack it into a temporary directory and do a `make cmconfig' and then `install -c cmconfig /usr/local/sbin'. Don't do `make install' because it expects to find all the utilities built and ready for installation, not just cmconfig. 7.) As root, copy all the files under the ppp/ subdirectory in Franco's tar file into /etc/ppp, being careful not to overwrite any files that are already in there. Then modify ppp@gi-on to set the correct login name, phone number, and frequency for the cable modem. Also edit pap-secrets to specify your login name and password and any site-specific information you need. 8.) Be sure to modify /etc/ppp/firewall to use ipchains instead of the older ipfwadm commands from the 2.0.x kernels. There's a neat utility to convert ipfwadm commands to ipchains commands: http://users.dhp.com/~whisper/ipfwadm2ipchains/ You may also wish to modify the firewall script to implement a different firewalling scheme. 9.) Start the PPP connection via the script /etc/ppp/ppp@gi-on. You must be root to do this. It's better to use a utility like sudo to execute frequently used commands like this with root permissions if possible. If you connect successfully the cable modem interface will come up and you'll see a driver message like this at the console: cm0: sb1000 at (0x110,0x310), csn 1, S/N 0x2a0d16d8, IRQ 11. sb1000.c:v1.1.2 6/01/98 (fventuri@mediaone.net) The "ifconfig" command should show two new interfaces, ppp0 and cm0. The command "cmconfig cm0" will give you information about the cable modem interface. 10.) Try pinging a site via `ping -c 5 www.yahoo.com', for example. You should see packets received. 11.) If you can't get site names (like www.yahoo.com) to resolve into IP addresses (like 204.71.200.67), be sure your /etc/resolv.conf file has no syntax errors and has the right nameserver IP addresses in it. If this doesn't help, try something like `ping -c 5 204.71.200.67' to see if the networking is running but the DNS resolution is where the problem lies. 12.) If you still have problems, go to the support web sites mentioned above and read the information and documentation there. ----------------------------------------------------------------------------- Common problems: 1.) Packets go out on the ppp0 interface but don't come back on the cm0 interface. It looks like I'm connected but I can't even ping any numerical IP addresses. (This happens predominantly on Debian systems due to a default boot-time configuration script.) Solution -- As root `echo 0 > /proc/sys/net/ipv4/conf/cm0/rp_filter' so it can share the same IP address as the ppp0 interface. Note that this command should probably be added to the /etc/ppp/cablemodem script *right*between* the "/sbin/ifconfig" and "/sbin/cmconfig" commands. You may need to do this to /proc/sys/net/ipv4/conf/ppp0/rp_filter as well. If you do this to /proc/sys/net/ipv4/conf/default/rp_filter on each reboot (in rc.local or some such) then any interfaces can share the same IP addresses. 2.) I get "unresolved symbol" error messages on executing `insmod sb1000.o'. Solution -- You probably have a non-matching kernel source tree and /usr/include/linux and /usr/include/asm header files. Make sure you install the correct versions of the header files in these two directories. Then rebuild and reinstall the kernel. 3.) When isapnp runs it reports an error, and my SB1000 card isn't working. Solution -- There's a problem with later versions of isapnp using the "(CHECK)" option in the lines that allocate the two I/O addresses for the SB1000 card. This first popped up on RH 6.0. Delete "(CHECK)" for the SB1000 I/O addresses. Make sure they don't conflict with any other pieces of hardware first! Then rerun isapnp and go from there. 4.) I can't execute the /etc/ppp/ppp@gi-on file. Solution -- As root do `chmod ug+x /etc/ppp/ppp@gi-on'. 5.) The firewall script isn't working (with 2.2.x and higher kernels). Solution -- Use the ipfwadm2ipchains script referenced above to convert the /etc/ppp/firewall script from the deprecated ipfwadm commands to ipchains. 6.) I'm getting *tons* of firewall deny messages in the /var/kern.log, /var/messages, and/or /var/syslog files, and they're filling up my /var partition!!! Solution -- First, tell your ISP that you're receiving DoS (Denial of Service) and/or portscanning (UDP connection attempts) attacks! Look over the deny messages to figure out what the attack is and where it's coming from. Next, edit /etc/ppp/cablemodem and make sure the ",nobroadcast" option is turned on to the "cmconfig" command (uncomment that line). If you're not receiving these denied packets on your broadcast interface (IP address xxx.yyy.zzz.255 typically), then someone is attacking your machine in particular. Be careful out there.... 7.) Everything seems to work fine but my computer locks up after a while (and typically during a lengthy download through the cable modem)! Solution -- You may need to add a short delay in the driver to 'slow down' the SURFboard because your PC might not be able to keep up with the transfer rate of the SB1000. To do this, it's probably best to download Franco's sb1000-1.1.2.tar.gz archive and build and install sb1000.o manually. You'll want to edit the 'Makefile' and look for the 'SB1000_DELAY' define. Uncomment those 'CFLAGS' lines (and comment out the default ones) and try setting the delay to something like 60 microseconds with: '-DSB1000_DELAY=60'. Then do `make' and as root `make install' and try it out. If it still doesn't work or you like playing with the driver, you may try other numbers. Remember though that the higher the delay, the slower the driver (which slows down the rest of the PC too when it is actively used). Thanks to Ed Daiga for this tip! ----------------------------------------------------------------------------- Credits: This README came from Franco Venturi's original README file which is still supplied with his driver .tar.gz archive. I and all other sb1000 users owe Franco a tremendous "Thank you!" Additional thanks goes to Carl Patten and Ralph Bonnell who are now managing the Linux SB1000 web site, and to the SB1000 users who reported and helped debug the common problems listed above. Clemmitt Sigler csigler@vt.edu