[rocky10_0] History Rebuild to kernel-6.12.0-55.37.1.el10_0

Makefile.rhelver

@@ -12,7 +12,7 @@ RHEL_MINOR = 0
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 55.32.1
+RHEL_RELEASE = 55.37.1
 
 #
 # RHEL_REBASE_NUM

ciq/ciq_backports/kernel-6.12.0-55.34.1.el10_0/c353e898.failed

@@ -0,0 +1,306 @@
+net: introduce per netns packet chains
+
+jira LE-4297
+Rebuild_History Non-Buildable kernel-6.12.0-55.34.1.el10_0
+commit-author Paolo Abeni <pabeni@redhat.com>
+commit c353e8983e0dea5dbba7789033326e1ad34135b7
+Empty-Commit: Cherry-Pick Conflicts during history rebuild.
+Will be included in final tarball splat. Ref for failed cherry-pick at:
+ciq/ciq_backports/kernel-6.12.0-55.34.1.el10_0/c353e898.failed
+
+Currently network taps unbound to any interface are linked in the
+global ptype_all list, affecting the performance in all the network
+namespaces.
+
+Add per netns ptypes chains, so that in the mentioned case only
+the netns owning the packet socket(s) is affected.
+
+While at that drop the global ptype_all list: no in kernel user
+registers a tap on "any" type without specifying either the target
+device or the target namespace (and IMHO doing that would not make
+any sense).
+
+Note that this adds a conditional in the fast path (to check for
+per netns ptype_specific list) and increases the dataset size by
+a cacheline (owing the per netns lists).
+
+	Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
+	Signed-off-by: Paolo Abeni <pabeni@redhat.com>
+	Reviewed-by: Eric Dumazet <edumaze@google.com>
+Link: https://patch.msgid.link/ae405f98875ee87f8150c460ad162de7e466f8a7.1742494826.git.pabeni@redhat.com
+	Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+(cherry picked from commit c353e8983e0dea5dbba7789033326e1ad34135b7)
+	Signed-off-by: Jonathan Maple <jmaple@ciq.com>
+
+# Conflicts:
+#	net/core/net_namespace.c
+diff --cc net/core/net_namespace.c
+index 70fea7c1a4b0,b0dfdf791ece..000000000000
+--- a/net/core/net_namespace.c
++++ b/net/core/net_namespace.c
+@@@ -334,6 -334,14 +334,17 @@@ static __net_init void preinit_net(stru
+  	idr_init(&net->netns_ids);
+  	spin_lock_init(&net->nsid_lock);
+  	mutex_init(&net->ipv4.ra_mutex);
+++<<<<<<< HEAD
+++=======
++ 
++ #ifdef CONFIG_DEBUG_NET_SMALL_RTNL
++ 	mutex_init(&net->rtnl_mutex);
++ 	lock_set_cmp_fn(&net->rtnl_mutex, rtnl_net_lock_cmp_fn, NULL);
++ #endif
++ 
++ 	INIT_LIST_HEAD(&net->ptype_all);
++ 	INIT_LIST_HEAD(&net->ptype_specific);
+++>>>>>>> c353e8983e0d (net: introduce per netns packet chains)
+  	preinit_net_sysctl(net);
+  }
+
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
+index 46f144c3aa39..fc78f7ca0aa5 100644
+--- a/include/linux/netdevice.h
++++ b/include/linux/netdevice.h
+@@ -4035,7 +4035,17 @@ static __always_inline int ____dev_forward_skb(struct net_device *dev,
+ 	return 0;
+ }
+
+-bool dev_nit_active(struct net_device *dev);
++bool dev_nit_active_rcu(const struct net_device *dev);
++static inline bool dev_nit_active(const struct net_device *dev)
++{
++	bool ret;
++
++	rcu_read_lock();
++	ret = dev_nit_active_rcu(dev);
++	rcu_read_unlock();
++	return ret;
++}
++
+ void dev_queue_xmit_nit(struct sk_buff *skb, struct net_device *dev);
+
+ static inline void __dev_put(struct net_device *dev)
+diff --git a/include/net/hotdata.h b/include/net/hotdata.h
+index 30e9570beb2a..fda94b2647ff 100644
+--- a/include/net/hotdata.h
++++ b/include/net/hotdata.h
+@@ -23,7 +23,6 @@ struct net_hotdata {
+ 	struct net_offload	udpv6_offload;
+ #endif
+ 	struct list_head	offload_base;
+-	struct list_head	ptype_all;
+ 	struct kmem_cache	*skbuff_cache;
+ 	struct kmem_cache	*skbuff_fclone_cache;
+ 	struct kmem_cache	*skb_small_head_cache;
+diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
+index fffc4b5b50b1..fa814f6a6436 100644
+--- a/include/net/net_namespace.h
++++ b/include/net/net_namespace.h
+@@ -83,6 +83,9 @@ struct net {
+ 	struct llist_node	defer_free_list;
+ 	struct llist_node	cleanup_list;	/* namespaces on death row */
+
++	struct list_head ptype_all;
++	struct list_head ptype_specific;
++
+ #ifdef CONFIG_KEYS
+ 	struct key_tag		*key_domain;	/* Key domain of operation tag */
+ #endif
+diff --git a/net/core/dev.c b/net/core/dev.c
+index 556b8e9eadab..c4ce77e3e29a 100644
+--- a/net/core/dev.c
++++ b/net/core/dev.c
+@@ -570,10 +570,18 @@ static inline void netdev_set_addr_lockdep_class(struct net_device *dev)
+
+ static inline struct list_head *ptype_head(const struct packet_type *pt)
+ {
+-	if (pt->type == htons(ETH_P_ALL))
+-		return pt->dev ? &pt->dev->ptype_all : &net_hotdata.ptype_all;
+-	else
+-		return pt->dev ? &pt->dev->ptype_specific :
++	if (pt->type == htons(ETH_P_ALL)) {
++		if (!pt->af_packet_net && !pt->dev)
++			return NULL;
++
++		return pt->dev ? &pt->dev->ptype_all :
++				 &pt->af_packet_net->ptype_all;
++	}
++
++	if (pt->dev)
++		return &pt->dev->ptype_specific;
++
++	return pt->af_packet_net ? &pt->af_packet_net->ptype_specific :
+ 				 &ptype_base[ntohs(pt->type) & PTYPE_HASH_MASK];
+ }
+
+@@ -594,6 +602,9 @@ void dev_add_pack(struct packet_type *pt)
+ {
+ 	struct list_head *head = ptype_head(pt);
+
++	if (WARN_ON_ONCE(!head))
++		return;
++
+ 	spin_lock(&ptype_lock);
+ 	list_add_rcu(&pt->list, head);
+ 	spin_unlock(&ptype_lock);
+@@ -618,6 +629,9 @@ void __dev_remove_pack(struct packet_type *pt)
+ 	struct list_head *head = ptype_head(pt);
+ 	struct packet_type *pt1;
+
++	if (!head)
++		return;
++
+ 	spin_lock(&ptype_lock);
+
+ 	list_for_each_entry(pt1, head, list) {
+@@ -2271,16 +2285,21 @@ static inline bool skb_loop_sk(struct packet_type *ptype, struct sk_buff *skb)
+ }
+
+ /**
+- * dev_nit_active - return true if any network interface taps are in use
++ * dev_nit_active_rcu - return true if any network interface taps are in use
++ *
++ * The caller must hold the RCU lock
+  *
+  * @dev: network device to check for the presence of taps
+  */
+-bool dev_nit_active(struct net_device *dev)
++bool dev_nit_active_rcu(const struct net_device *dev)
+ {
+-	return !list_empty(&net_hotdata.ptype_all) ||
++	/* Callers may hold either RCU or RCU BH lock */
++	WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_bh_held());
++
++	return !list_empty(&dev_net(dev)->ptype_all) ||
+ 	       !list_empty(&dev->ptype_all);
+ }
+-EXPORT_SYMBOL_GPL(dev_nit_active);
++EXPORT_SYMBOL_GPL(dev_nit_active_rcu);
+
+ /*
+  *	Support routine. Sends outgoing frames to any network
+@@ -2289,11 +2308,12 @@ EXPORT_SYMBOL_GPL(dev_nit_active);
+
+ void dev_queue_xmit_nit(struct sk_buff *skb, struct net_device *dev)
+ {
+-	struct list_head *ptype_list = &net_hotdata.ptype_all;
+ 	struct packet_type *ptype, *pt_prev = NULL;
++	struct list_head *ptype_list;
+ 	struct sk_buff *skb2 = NULL;
+
+ 	rcu_read_lock();
++	ptype_list = &dev_net_rcu(dev)->ptype_all;
+ again:
+ 	list_for_each_entry_rcu(ptype, ptype_list, list) {
+ 		if (READ_ONCE(ptype->ignore_outgoing))
+@@ -2337,7 +2357,7 @@ void dev_queue_xmit_nit(struct sk_buff *skb, struct net_device *dev)
+ 		pt_prev = ptype;
+ 	}
+
+-	if (ptype_list == &net_hotdata.ptype_all) {
++	if (ptype_list != &dev->ptype_all) {
+ 		ptype_list = &dev->ptype_all;
+ 		goto again;
+ 	}
+@@ -3580,7 +3600,7 @@ static int xmit_one(struct sk_buff *skb, struct net_device *dev,
+ 	unsigned int len;
+ 	int rc;
+
+-	if (dev_nit_active(dev))
++	if (dev_nit_active_rcu(dev))
+ 		dev_queue_xmit_nit(skb, dev);
+
+ 	len = skb->len;
+@@ -5514,7 +5534,8 @@ static int __netif_receive_skb_core(struct sk_buff **pskb, bool pfmemalloc,
+ 	if (pfmemalloc)
+ 		goto skip_taps;
+
+-	list_for_each_entry_rcu(ptype, &net_hotdata.ptype_all, list) {
++	list_for_each_entry_rcu(ptype, &dev_net_rcu(skb->dev)->ptype_all,
++				list) {
+ 		if (pt_prev)
+ 			ret = deliver_skb(skb, pt_prev, orig_dev);
+ 		pt_prev = ptype;
+@@ -5626,6 +5647,14 @@ static int __netif_receive_skb_core(struct sk_buff **pskb, bool pfmemalloc,
+ 		deliver_ptype_list_skb(skb, &pt_prev, orig_dev, type,
+ 				       &ptype_base[ntohs(type) &
+ 						   PTYPE_HASH_MASK]);
++
++		/* orig_dev and skb->dev could belong to different netns;
++		 * Even in such case we need to traverse only the list
++		 * coming from skb->dev, as the ptype owner (packet socket)
++		 * will use dev_net(skb->dev) to do namespace filtering.
++		 */
++		deliver_ptype_list_skb(skb, &pt_prev, orig_dev, type,
++				       &dev_net_rcu(skb->dev)->ptype_specific);
+ 	}
+
+ 	deliver_ptype_list_skb(skb, &pt_prev, orig_dev, type,
+diff --git a/net/core/hotdata.c b/net/core/hotdata.c
+index d0aaaaa556f2..0bc893d5f07b 100644
+--- a/net/core/hotdata.c
++++ b/net/core/hotdata.c
+@@ -7,7 +7,6 @@
+
+ struct net_hotdata net_hotdata __cacheline_aligned = {
+ 	.offload_base = LIST_HEAD_INIT(net_hotdata.offload_base),
+-	.ptype_all = LIST_HEAD_INIT(net_hotdata.ptype_all),
+ 	.gro_normal_batch = 8,
+
+ 	.netdev_budget = 300,
+diff --git a/net/core/net-procfs.c b/net/core/net-procfs.c
+index fa6d3969734a..3e92bf0f9060 100644
+--- a/net/core/net-procfs.c
++++ b/net/core/net-procfs.c
+@@ -185,7 +185,13 @@ static void *ptype_get_idx(struct seq_file *seq, loff_t pos)
+ 		}
+ 	}
+
+-	list_for_each_entry_rcu(pt, &net_hotdata.ptype_all, list) {
++	list_for_each_entry_rcu(pt, &seq_file_net(seq)->ptype_all, list) {
++		if (i == pos)
++			return pt;
++		++i;
++	}
++
++	list_for_each_entry_rcu(pt, &seq_file_net(seq)->ptype_specific, list) {
+ 		if (i == pos)
+ 			return pt;
+ 		++i;
+@@ -210,6 +216,7 @@ static void *ptype_seq_start(struct seq_file *seq, loff_t *pos)
+
+ static void *ptype_seq_next(struct seq_file *seq, void *v, loff_t *pos)
+ {
++	struct net *net = seq_file_net(seq);
+ 	struct net_device *dev;
+ 	struct packet_type *pt;
+ 	struct list_head *nxt;
+@@ -232,15 +239,22 @@ static void *ptype_seq_next(struct seq_file *seq, void *v, loff_t *pos)
+ 				goto found;
+ 			}
+ 		}
+-
+-		nxt = net_hotdata.ptype_all.next;
+-		goto ptype_all;
++		nxt = net->ptype_all.next;
++		goto net_ptype_all;
+ 	}
+
+-	if (pt->type == htons(ETH_P_ALL)) {
+-ptype_all:
+-		if (nxt != &net_hotdata.ptype_all)
++	if (pt->af_packet_net) {
++net_ptype_all:
++		if (nxt != &net->ptype_all && nxt != &net->ptype_specific)
+ 			goto found;
++
++		if (nxt == &net->ptype_all) {
++			/* continue with ->ptype_specific if it's not empty */
++			nxt = net->ptype_specific.next;
++			if (nxt != &net->ptype_specific)
++				goto found;
++		}
++
+ 		hash = 0;
+ 		nxt = ptype_base[0].next;
+ 	} else
+* Unmerged path net/core/net_namespace.c

ciq/ciq_backports/kernel-6.12.0-55.34.1.el10_0/rebuild.details.txt

@@ -0,0 +1,22 @@
+Rebuild_History BUILDABLE
+Rebuilding Kernel from rpm changelog with Fuzz Limit: 87.50%
+Number of commits in upstream range v6.12~1..kernel-mainline: 66177
+Number of commits in rpm: 19
+Number of commits matched with upstream: 14 (73.68%)
+Number of commits in upstream but not in rpm: 66163
+Number of commits NOT found in upstream: 5 (26.32%)
+
+Rebuilding Kernel on Branch rocky10_0_rebuild_kernel-6.12.0-55.34.1.el10_0 for kernel-6.12.0-55.34.1.el10_0
+Clean Cherry Picks: 13 (92.86%)
+Empty Cherry Picks: 1 (7.14%)
+_______________________________
+
+__EMPTY COMMITS__________________________
+c353e8983e0dea5dbba7789033326e1ad34135b7 net: introduce per netns packet chains
+
+__CHANGES NOT IN UPSTREAM________________
+Porting to Rocky Linux 10, debranding and Rocky Linux branding'
+Add partial riscv64 support for build root'
+Provide basic VisionFive 2 support'
+redhat: selftests/bpf: Add cpuv4 variant
+net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM JIRA: https://issues.redhat.com/browse/RHEL-109821 Y-JIRA: https://issues.redhat.com/browse/RHEL-79173