CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_win... [chromiumos/third_party/kernel : chromeos-3.14]

[Stephen Wang (Gerrit)]

Stephen Wang has uploaded a new change for review.

https://chromium-review.googlesource.com/245092

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=36182
TEST=build/boot on storm.

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)



diff --git a/net/netfilter/nf_conntrack_proto_tcp.c
b/net/netfilter/nf_conntrack_proto_tcp.c
index 44d1ea3..99ffd42 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -33,6 +33,9 @@
#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
#include <net/netfilter/ipv6/nf_conntrack_ipv6.h>

+/* Do not check the TCP window for incoming packets */
+static int nf_ct_tcp_no_window_check __read_mostly = 1;
+
/* "Be conservative in what you do,
be liberal in what you accept from others."
If it's non-zero, we mark only out of window RST segments as INVALID.
*/
@@ -514,6 +517,9 @@
__u32 seq, ack, sack, end, win, swin;
s32 receiver_offset;
bool res, in_recv_win;
+
+ if (nf_ct_tcp_no_window_check)
+ return true;

/*
* Get the required data from the packet.
@@ -1452,6 +1458,13 @@
.mode = 0644,
.proc_handler = proc_dointvec,
},
+ {
+ .procname = "nf_conntrack_tcp_no_window_check",
+ .data = &nf_ct_tcp_no_window_check,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec,
+ },
{ }
};


--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 1
Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>

[Stephen Wang (Gerrit)]

Stephen Wang has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 1: Verified+1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment

Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 1
Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@qca.qualcomm.com>
Gerrit-HasComments: No

[Stephen Wang (Gerrit)]

Stephen Wang has uploaded a new patch set (#2).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 2

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Kees Cook (Gerrit)]

Kees Cook has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 1:

(1 comment)

https://chromium-review.googlesource.com/#/c/245092/1/net/netfilter/nf_conntrack_proto_tcp.c
File net/netfilter/nf_conntrack_proto_tcp.c:

Line 522: return true;
This defaults to 1, short-circuiting this check on all architectures. This
seems like it should default to 0, and the systems that need it can flip
the nf_conntrack-tcp_no_window_check sysctl themselves.

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment

Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 1
Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>

Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@qca.qualcomm.com>

Gerrit-HasComments: Yes

[Kees Cook (Gerrit)]

Kees Cook has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 2: Code-Review-1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 2

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@qca.qualcomm.com>

Gerrit-HasComments: No

[Stephen Wang (Gerrit)]

Stephen Wang has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 1:

(1 comment)

https://chromium-review.googlesource.com/#/c/245092/1/net/netfilter/nf_conntrack_proto_tcp.c
File net/netfilter/nf_conntrack_proto_tcp.c:

Line 522: return true;
> This defaults to 1, short-circuiting this check on all architectures. This

Yes, will update and change it to 0 by default

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment

Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 1
Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@qca.qualcomm.com>

Gerrit-HasComments: Yes

[Stephen Wang (Gerrit)]

Hello Kees Cook,

I'd like you to reexamine a change. Please visit

https://chromium-review.googlesource.com/245092

to look at the new patch set (#3).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 3

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Grant Grundler (Gerrit)]

Grant Grundler has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 3:

When did you plan on updating the default nf_ct_tcp_no_window_check value
to 0?

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 3

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@qca.qualcomm.com>

Gerrit-HasComments: No

[Stephen Wang (Gerrit)]

Stephen Wang has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 3:

Sorry for the delay, the corresponding change is merged in our internal
git, but it takes a while for our legal to approve for the changes to
appear on codeaura git. I'll update this and other gerrits as soon as the
legal process is completed

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 3

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Stephen Wang (Gerrit)]

Hello Kees Cook,

I'd like you to reexamine a change. Please visit

https://chromium-review.googlesource.com/245092

to look at the new patch set (#4).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 4

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>

Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>

Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>

Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

[Stephen Wang (Gerrit)]

Stephen Wang has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 4:

Sorry this take this long, I've updated nf_conntrack_tcp_no_window_check to
be 0 as default.

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 4

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

Gerrit-HasComments: No

[Kevin Hayes (Gerrit)]

Kevin Hayes has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 5: Code-Review+1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 5

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>

Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>

[Kishan Kunduru (Gerrit)]

Kishan Kunduru has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 6: Verified+1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 6

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>

Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>

[Kishan Kunduru (Gerrit)]

Kishan Kunduru has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 6: Commit-Queue+1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 6

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Kishan Kunduru (Gerrit)]

Kishan Kunduru has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 6: -Commit-Queue

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 6

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Eric Dumazet (Gerrit)]

Eric Dumazet has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 6: Code-Review+1

Although changelog should _explain_ why no window check is requested.

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 6

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Eric Dumazet <edum...@google.com>

[Sameer Nanda (Gerrit)]

Sameer Nanda has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 6:

Agreed. Can we update the changelog with additional details?

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 6

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Dmitry Torokhov <dt...@chromium.org>

Gerrit-Reviewer: Eric Dumazet <edum...@google.com>
Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>
Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>

Gerrit-Reviewer: Sameer Nanda <sna...@chromium.org>

[Stephen Wang (Gerrit)]

Hello Kishan Kunduru, Eric Dumazet, Kevin Hayes, Kees Cook,

I'd like you to reexamine a change. Please visit

https://chromium-review.googlesource.com/245092

to look at the new patch set (#7).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

This change is taken from OpenWRT for performance tuning
https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-2.6.39/613-netfilter_optional_tcp_window_check.patch?rev=27840

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 7

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Dmitry Torokhov (Gerrit)]

Dmitry Torokhov has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 7:

> Uploaded patch set 7: Commit message was updated.

Was this message change in response to Sameer's and Eric's requests? Then
it is not helpful: it still does not provide justification/explains why it
improves performance. To say "it is taken from some $random_repo and they
claim it is better for performance" is not good enough.

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 7

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Dmitry Torokhov <dt...@chromium.org>
Gerrit-Reviewer: Eric Dumazet <edum...@google.com>
Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>
Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sameer Nanda <sna...@chromium.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

Gerrit-HasComments: No

[Stephen Wang (Gerrit)]

Hello Kishan Kunduru, Eric Dumazet, Kevin Hayes, Kees Cook,

I'd like you to reexamine a change. Please visit

https://chromium-review.googlesource.com/245092

to look at the new patch set (#8).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

This change is taken from OpenWRT for performance tuning
https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-2.6.39/613-netfilter_optional_tcp_window_check.patch?rev=27840

When nf_ct_tcp_no_window_check is set, netfilter will not perform tcp
window check and returns true directly. ECM also take this setting and
pass it to NSS FW to skip tcp window checking for the offloaded
connection.

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 8

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

[Dmitry Torokhov (Gerrit)]

Dmitry Torokhov has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 8:

(1 comment)

https://chromium-review.googlesource.com/#/c/245092/8//COMMIT_MSG
Commit Message:

Line 12: This change is taken from OpenWRT for performance tuning

:
https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-2.6.39/613-netfilter_optional_tcp_window_check.patch?rev=27840
: When nf_ct_tcp_no_window_check is set, netfilter will not perform
tcp
: window check and returns true directly. ECM also take this setting
and
: pass it to NSS FW to skip tcp window checking for the offloaded
: connection.

Why is this desirable? What kind of speed up and on what tests did you
observe by activating this quirk?

Please imagine you are submitting a change to LKML or netdev and write the
same kind of changelog as you would for submissions there.

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 8

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Dmitry Torokhov <dt...@chromium.org>
Gerrit-Reviewer: Eric Dumazet <edum...@google.com>
Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>
Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sameer Nanda <sna...@chromium.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

Gerrit-HasComments: Yes

[Sameer Nanda (Gerrit)]

Sameer Nanda has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 8: Code-Review+2

+2ing for now. Ideally, either the commit log needs to be updated with data
to show performance improvements and if the performance improvements are
minimal/absent drop this patch completely since it touches core networking
files. Lets revisit this post-commit.

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 8

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: Dmitry Torokhov <dt...@chromium.org>
Gerrit-Reviewer: Eric Dumazet <edum...@google.com>
Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>
Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sameer Nanda <sna...@chromium.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

Gerrit-HasComments: No

[Kishan Kunduru (Gerrit)]

Hello Sameer Nanda, Eric Dumazet, Kevin Hayes, Stephen Wang, Kees Cook,

I'd like you to reexamine a change. Please visit

https://chromium-review.googlesource.com/245092

to look at the new patch set (#9).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

This change is taken from OpenWRT for performance tuning
https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-2.6.39/613-netfilter_optional_tcp_window_check.patch?rev=27840
When nf_ct_tcp_no_window_check is set, netfilter will not perform tcp
window check and returns true directly. ECM also take this setting and
pass it to NSS FW to skip tcp window checking for the offloaded
connection.

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents

CQ-DEPEND=CL:245095, CL:268856, CL:263345

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 9

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: ChromeOS Commit Bot <chromeos-...@chromium.org>

[Kishan Kunduru (Gerrit)]

Kishan Kunduru has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 9: Verified+1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 9

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: ChromeOS Commit Bot <chromeos-...@chromium.org>
Gerrit-Reviewer: Dmitry Torokhov <dt...@chromium.org>
Gerrit-Reviewer: Eric Dumazet <edum...@google.com>
Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>
Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sameer Nanda <sna...@chromium.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

Gerrit-HasComments: No

[Kishan Kunduru (Gerrit)]

Hello Sameer Nanda, Eric Dumazet, Kevin Hayes, Stephen Wang, Kees Cook,

I'd like you to reexamine a change. Please visit

https://chromium-review.googlesource.com/245092

to look at the new patch set (#10).

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

This change is taken from OpenWRT for performance tuning
https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-2.6.39/613-netfilter_optional_tcp_window_check.patch?rev=27840
When nf_ct_tcp_no_window_check is set, netfilter will not perform tcp
window check and returns true directly. ECM also take this setting and
pass it to NSS FW to skip tcp window checking for the offloaded
connection.

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents
CQ-DEPEND=CL:245095, CL:268856

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 10

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: ChromeOS Commit Bot <chromeos-...@chromium.org>

Gerrit-Reviewer: ChromeOS bot
<3su6n15k...@developer.gserviceaccount.com>

[Kishan Kunduru (Gerrit)]

Kishan Kunduru has posted comments on this change.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................

Patch Set 10: Commit-Queue+1 Verified+1

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 10

Gerrit-Project: chromiumos/third_party/kernel
Gerrit-Branch: chromeos-3.14
Gerrit-Owner: Stephen Wang <wste...@codeaurora.org>

Gerrit-Reviewer: ChromeOS Commit Bot <chromeos-...@chromium.org>
Gerrit-Reviewer: ChromeOS bot
<3su6n15k...@developer.gserviceaccount.com>
Gerrit-Reviewer: Dmitry Torokhov <dt...@chromium.org>
Gerrit-Reviewer: Eric Dumazet <edum...@google.com>
Gerrit-Reviewer: Grant Grundler <grun...@chromium.org>
Gerrit-Reviewer: Kees Cook <kees...@chromium.org>
Gerrit-Reviewer: Kevin Hayes <kevin...@google.com>
Gerrit-Reviewer: Kishan Kunduru <kkun...@chromium.org>
Gerrit-Reviewer: Kishan Kunduru <kkun...@google.com>
Gerrit-Reviewer: Mathieu Olivari <mat...@codeaurora.org>
Gerrit-Reviewer: Matthias Kaehlcke <m...@chromium.org>
Gerrit-Reviewer: Murat Sezgin <mse...@codeaurora.org>
Gerrit-Reviewer: Sameer Nanda <sna...@chromium.org>
Gerrit-Reviewer: Sol Kavy <sk...@codeaurora.org>
Gerrit-Reviewer: Stephen Wang <wste...@codeaurora.org>
Gerrit-Reviewer: Toshi Kikuchi <tos...@chromium.org>
Gerrit-Reviewer: sundarajan srinivasan <sund...@codeaurora.org>

Gerrit-HasComments: No

[ChromeOS Commit Bot (Gerrit)]

ChromeOS Commit Bot has submitted this change and it was merged.

Change subject: CHROMIUM: netfilter: Add netfilter optional
nf_ct_tcp_no_window_check
......................................................................


CHROMIUM: netfilter: Add netfilter optional nf_ct_tcp_no_window_check

This change added an option nf_ct_tcp_no_window_check to netfilter.
It will be exported later for qca-nss-ecm driver to use

This change is taken from OpenWRT for performance tuning
https://dev.openwrt.org/browser/trunk/target/linux/generic/patches-2.6.39/613-netfilter_optional_tcp_window_check.patch?rev=27840
When nf_ct_tcp_no_window_check is set, netfilter will not perform tcp
window check and returns true directly. ECM also take this setting and
pass it to NSS FW to skip tcp window checking for the offloaded
connection.

Source: git://codeaurora.org/quic/qsdk/oss/kernel/linux-msm
Branch: coconut_20140924

BUG=chrome-os-partner:36182
TEST=build/boot on storm. And verified
/proc/sys/net/netfilter/nf_conntrack_tcp_no_window_check node presents
CQ-DEPEND=CL:245095, CL:268856

Signed-off-by: Mathieu Olivari <mat...@codeaurora.org>
(cherry picked from commit fe1181ebc0e2ac4f81ff7ef3de3dba69f24174d6)
Signed-off-by: Stephen Wang <wste...@codeaurora.org>

Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12

Reviewed-on: https://chromium-review.googlesource.com/245092
Reviewed-by: Kevin Hayes <kevin...@google.com>
Reviewed-by: Eric Dumazet <edum...@google.com>
Reviewed-by: Sameer Nanda <sna...@chromium.org>
Commit-Queue: Kishan Kunduru <kkun...@chromium.org>
Tested-by: Kishan Kunduru <kkun...@chromium.org>

---
M net/netfilter/nf_conntrack_proto_tcp.c
1 file changed, 13 insertions(+), 0 deletions(-)

Approvals:
Kishan Kunduru: Ready; Verified
Sameer Nanda: Looks good to me, approved
Eric Dumazet: Looks good to me, but someone else must approve
Kevin Hayes: Looks good to me, but someone else must approve



diff --git a/net/netfilter/nf_conntrack_proto_tcp.c
b/net/netfilter/nf_conntrack_proto_tcp.c
index 44d1ea3..8f25d94 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -33,6 +33,9 @@
#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
#include <net/netfilter/ipv6/nf_conntrack_ipv6.h>

+/* Do not check the TCP window for incoming packets */
+static int nf_ct_tcp_no_window_check __read_mostly = 0;
+
/* "Be conservative in what you do,
be liberal in what you accept from others."
If it's non-zero, we mark only out of window RST segments as INVALID.
*/
@@ -514,6 +517,9 @@
__u32 seq, ack, sack, end, win, swin;
s32 receiver_offset;
bool res, in_recv_win;
+
+ if (nf_ct_tcp_no_window_check)
+ return true;

/*
* Get the required data from the packet.
@@ -1452,6 +1458,13 @@
.mode = 0644,
.proc_handler = proc_dointvec,
},
+ {
+ .procname = "nf_conntrack_tcp_no_window_check",
+ .data = &nf_ct_tcp_no_window_check,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec,
+ },
{ }
};

--
To view, visit https://chromium-review.googlesource.com/245092
To unsubscribe, visit https://chromium-review.googlesource.com/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I557ef2d5b312b0a8c1f178310e6dfed6ff16fc12
Gerrit-PatchSet: 11