- 26 2月, 2013 1 次提交
-
-
由 Pravin B Shelar 提交于
GRE-GSO generates ip fragments with id 0,2,3,4... for every GSO packet, which is not correct. Following patch fixes it by setting ip-header id unique id of fragments are allowed. As Eric Dumazet suggested it is optimized by using inner ip-header whenever inner packet is ipv4. Signed-off-by: NPravin B Shelar <pshelar@nicira.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 24 2月, 2013 2 次提交
-
-
由 Mathias Krause 提交于
The sock_diag_lock_handler() and sock_diag_unlock_handler() actually make the code less readable. Get rid of them and make the lock usage and access to sock_diag_handlers[] clear on the first sight. Signed-off-by: NMathias Krause <minipli@googlemail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Mathias Krause 提交于
Userland can send a netlink message requesting SOCK_DIAG_BY_FAMILY with a family greater or equal then AF_MAX -- the array size of sock_diag_handlers[]. The current code does not test for this condition therefore is vulnerable to an out-of-bound access opening doors for a privilege escalation. Signed-off-by: NMathias Krause <minipli@googlemail.com> Acked-by: NEric Dumazet <edumazet@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 23 2月, 2013 4 次提交
-
-
由 Yuchung Cheng 提交于
In fast open the sender unncessarily reduces the space available for data in SYN by 12 bytes. This is because in the sender incorrectly reserves space for TS option twice in tcp_send_syn_data(): tcp_mtu_to_mss() already accounts for TS option space. But it further reserves MAX_TCP_OPTION_SPACE when computing the payload space. Signed-off-by: NYuchung Cheng <ycheng@google.com> Acked-by: NEric Dumazet <edumazet@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 stephen hemminger 提交于
The mem cgroup socket limit is only used if the config option is enabled. Found with sparse Signed-off-by: NStephen Hemminger <stephen@networkplumber.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Alexander Duyck 提交于
Smatch found a locking bug in netif_set_xps_queue in which we were not releasing the lock in the case of an allocation failure. This change corrects that so that we release the xps_map_mutex before returning -ENOMEM in the case of an allocation failure. Signed-off-by: NAlexander Duyck <alexander.h.duyck@intel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Li Wei 提交于
Now we handle icmp errors in each transport protocol's err_handler, for icmp protocols, that is ping_err. Since this handler only care of those icmp errors triggered by echo request, errors triggered by echo reply(which sent by kernel) are sliently ignored. So wrap ping_err() with icmp_err() to deal with those icmp errors. Signed-off-by: NLi Wei <lw@cn.fujitsu.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 22 2月, 2013 2 次提交
-
-
由 Eric Dumazet 提交于
It looks like its possible to open thousands of TCP IPv6 sessions on a server, all landing in a single slot of TCP hash table. Incoming packets have to lookup sockets in a very long list. We should hash all bits from foreign IPv6 addresses, using a salt and hash mix, not a simple XOR. inet6_ehashfn() can also separately use the ports, instead of xoring them. Reported-by: NNeal Cardwell <ncardwell@google.com> Signed-off-by: NEric Dumazet <edumazet@google.com> Cc: Yuchung Cheng <ycheng@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Li Wei 提交于
We should get 'type' and 'code' from the outer ICMP header. Signed-off-by: NLi Wei <lw@cn.fujitsu.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 21 2月, 2013 2 次提交
-
-
由 YOSHIFUJI Hideaki / 吉藤英明 提交于
Eric Dumazet wrote: | Some strange crashes happen in rt6_check_expired(), with access | to random addresses. | | At first glance, it looks like the RTF_EXPIRES and | stuff added in commit 1716a961 | (ipv6: fix problem with expired dst cache) | are racy : same dst could be manipulated at the same time | on different cpus. | | At some point, our stack believes rt->dst.from contains a dst pointer, | while its really a jiffie value (as rt->dst.expires shares the same area | of memory) | | rt6_update_expires() should be fixed, or am I missing something ? | | CC Neil because of https://bugzilla.redhat.com/show_bug.cgi?id=892060 Because we do not have any locks for dst_entry, we cannot change essential structure in the entry; e.g., we cannot change reference to other entity. To fix this issue, split 'from' and 'expires' field in dst_entry out of union. Once it is 'from' is assigned in the constructor, keep the reference until the very last stage of the life time of the object. Of course, it is unsafe to change 'from', so make rt6_set_from simple just for fresh entries. Reported-by: NEric Dumazet <eric.dumazet@gmail.com> Reported-by: NNeil Horman <nhorman@tuxdriver.com> CC: Gao Feng <gaofeng@cn.fujitsu.com> Signed-off-by: NYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Reviewed-by: NEric Dumazet <edumazet@google.com> Reported-by: NSteinar H. Gunderson <sesse@google.com> Reviewed-by: NNeil Horman <nhorman@tuxdriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Amerigo Wang 提交于
commit c9af6db4 (net: Fix possible wrong checksum generation) has a suspicous piece: - skb_shinfo(skb1)->gso_type = skb_shinfo(skb)->gso_type; - + skb_shinfo(skb)->tx_flags = skb_shinfo(skb1)->tx_flags & SKBTX_SHARED_FRAG; skb1 is the new skb, therefore should be on the left side of the assignment. This patch fixes it. Cc: Pravin B Shelar <pshelar@nicira.com> Cc: David S. Miller <davem@davemloft.net> Signed-off-by: NCong Wang <amwang@redhat.com> Acked-by: NPravin B Shelar <pshelar@nicira.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 20 2月, 2013 3 次提交
-
-
由 Eric Dumazet 提交于
commit 68c33163 (v4 GRE: Add TCP segmentation offload for GRE) introduced a bug in error path. dst is attached to skb, so will be released when skb is freed. Signed-off-by: NEric Dumazet <edumazet@google.com> Cc: Pravin B Shelar <pshelar@nicira.com> Acked-by: NPravin B Shelar <pshelar@nicira.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Cong Wang 提交于
When !CONFIG_PROC_FS dev_mcast_init() is not defined, actually we can just merge dev_mcast_init() into dev_proc_init(). Reported-by: NGao feng <gaofeng@cn.fujitsu.com> Cc: Gao feng <gaofeng@cn.fujitsu.com> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: NCong Wang <xiyou.wangcong@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Gao feng 提交于
the vars ip_rt_gc_timeout is used only when CONFIG_SYSCTL is selected. move these vars into CONFIG_SYSCTL. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 19 2月, 2013 16 次提交
-
-
由 Cong Wang 提交于
Similar to net/core/net-sysfs.c, group procfs code to a single unit. Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: NCong Wang <xiyou.wangcong@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Dmitry Kravkov 提交于
Signed-off-by: NDmitry Kravkov <dmitry@broadcom.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Dmitry Kravkov 提交于
If device is not able to handle checksumming it will be handled in dev_xmit Signed-off-by: NDmitry Kravkov <dmitry@broadcom.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Pablo Neira Ayuso 提交于
Connection tracking helpers have to drop packets under exceptional situations. Currently, the user gets the following logging message in case that happens: nf_ct_%s: dropping packet ... However, depending on the helper, there are different reasons why a packet can be dropped. This patch modifies the existing code to provide more specific error message in the scope of each helper to help users to debug the reason why the packet has been dropped, ie: nf_ct_%s: dropping packet: reason ... Thanks to Joe Perches for many formatting suggestions. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
-
由 Eric Dumazet 提交于
net/ipv6/reassembly.c:82:72: warning: incorrect type in argument 3 (different base types) net/ipv6/reassembly.c:82:72: expected unsigned int [unsigned] [usertype] c net/ipv6/reassembly.c:82:72: got restricted __be32 [usertype] id Signed-off-by: NEric Dumazet <edumazet@google.com> Reported-by: NFengguang Wu <fengguang.wu@intel.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Andy King 提交于
Allow our own family as the protocol value for socket creation. Reported-by: NGerd Hoffmann <kraxel@redhat.com> Signed-off-by: NAndy King <acking@vmware.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Dmitry Torokhov 提交于
There isn't really a need to have a separate file for it. Acked-by: NAndy King <acking@vmware.com> Signed-off-by: NDmitry Torokhov <dtor@vmware.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Dmitry Torokhov 提交于
This is the default behavior for a looooooong time. Acked-by: NAndy King <acking@vmware.com> Signed-off-by: NDmitry Torokhov <dtor@vmware.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Romain KUNTZ 提交于
Neighbor is cloned in xfrm6_fill_dst but seems to never be released. Neighbor entry should be released when XFRM6 dst entry is destroyed in xfrm6_dst_destroy, otherwise references may be kept forever on the device pointed by the neighbor entry. I may not have understood all the subtleties of XFRM & dst so I would be happy to receive comments on this patch. Signed-off-by: NRomain Kuntz <r.kuntz@ipflavors.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Gao feng 提交于
proc_net_remove is only used to remove proc entries that under /proc/net,it's not a general function for removing proc entries of netns. if we want to remove some proc entries which under /proc/net/stat/, we still need to call remove_proc_entry. this patch use remove_proc_entry to replace proc_net_remove. we can remove proc_net_remove after this patch. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Gao feng 提交于
Right now, some modules such as bonding use proc_create to create proc entries under /proc/net/, and other modules such as ipv4 use proc_net_fops_create. It looks a little chaos.this patch changes all of proc_net_fops_create to proc_create. we can remove proc_net_fops_create after this patch. Signed-off-by: NGao feng <gaofeng@cn.fujitsu.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 stephen hemminger 提交于
Same problem as IPv6 Signed-off-by: NStephen Hemminger <stephen@networkplumber.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 stephen hemminger 提交于
Should not use assignment in conditional: warning: suggest parentheses around assignment used as truth value [-Wparentheses] Problem introduced by: commit 14bbd6a5 Author: Pravin B Shelar <pshelar@nicira.com> Date: Thu Feb 14 09:44:49 2013 +0000 net: Add skb_unclone() helper function. Signed-off-by: NStephen Hemminger <stephen@networkplumber.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Cong Wang 提交于
They well deserve a separated unit. Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: NCong Wang <xiyou.wangcong@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Johannes Berg 提交于
Larry noticed (and bisected) that commit df881293 "cfg80211: Pass TDLS peer's QoS/HT/VHT information during set_station" broke secure connections. This is is the case only for drivers that don't support TDLS, where any kind of change, even just the change of authorized flag that is required for normal operation, was rejected now. To fix this, remove the checks. I have some patches that will add proper verification for all the different cases later. Cc: Jouni Malinen <j@w1.fi> Bisected-by: NLarry Finger <Larry.Finger@lwfinger.net> Tested-by: NLarry Finger <Larry.Finger@lwfinger.net> Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
由 Eric Dumazet 提交于
Use ipv6_addr_hash() and a single jhash invocation. Signed-off-by: NEric Dumazet <edumazet@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 18 2月, 2013 4 次提交
-
-
由 Thomas Pedersen 提交于
If mesh plink debugging is enabled, this gets annoying in a crowded environment, fast. Signed-off-by: NThomas Pedersen <thomas@cozybit.com> Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
由 Thomas Pedersen 提交于
Convert mesh peering events into strings and make the debug output a little easier to read. Also stop printing the llid and plid since these don't change across peering states and are random numbers anyway so they just amount to noise. Signed-off-by: NThomas Pedersen <thomas@cozybit.com> Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
由 Thomas Pedersen 提交于
ieee80211_ht_cap_ie_to_sta_ht_cap() will clean up the ht_supported flag and station bandwidth field for us if the peer beacon doesn't have an HT capability element (is operating as non-HT). Also, we don't really need a special station ch_width member to track the station operating mode any more so use sta.bandwidth instead. Signed-off-by: NThomas Pedersen <thomas@cozybit.com> Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
由 Johannes Berg 提交于
If an interface is set down while authenticating or associating, there's a station entry that will be removed by the flushing in do_stop() and that will cause a warning. It's otherwise harmless, but avoid the warning by calling ieee80211_mgd_stop() first. Signed-off-by: NJohannes Berg <johannes.berg@intel.com>
-
- 16 2月, 2013 6 次提交
-
-
由 Ying Xue 提交于
As the number of iovecs in a send request is already limited within UIO_MAXIOV(i.e. 1024) in __sys_sendmsg(), it's unnecessary to check it again in TIPC stack. Signed-off-by: NYing Xue <ying.xue@windriver.com> Signed-off-by: NJon Maloy <jon.maloy@ericsson.com> Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>
-
由 Ying Xue 提交于
Change overload control to be purely byte-based, using sk->sk_rmem_alloc as byte counter, and compare it to a calculated upper limit for the socket receive queue. For all connection messages, irrespective of message importance, the overload limit is set to a constant value (i.e, 67MB). This limit should normally never be reached because of the lower limit used by the flow control algorithm, and is there only as a last resort in case a faulty peer doesn't respect the send window limit. For datagram messages, message importance is taken into account when calculating the overload limit. The calculation is based on sk->sk_rcvbuf, and is hence configurable via the socket option SO_RCVBUF. Cc: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: NYing Xue <ying.xue@windriver.com> Signed-off-by: NJon Maloy <jon.maloy@ericsson.com> Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>
-
由 Ying Xue 提交于
The tipc function discard_rx_queue() is just a duplicated implementation of __skb_queue_purge(). Remove the former and directly invoke __skb_queue_purge(). In doing so, the underscores convey to the code reader, more information about the current locking state that is assumed. Signed-off-by: NYing Xue <ying.xue@windriver.com> Signed-off-by: NJon Maloy <jon.maloy@ericsson.com> Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>
-
由 Erik Hugne 提交于
After commit 3c294cb3 "tipc: remove the bearer congestion mechanism", we try to grab the broadcast bearer lock when sending multicast messages over the broadcast link. This will cause an oops because the lock is never initialized. This is an old bug, but the lock was never actually used before commit 3c294cb3, so that why it was not visible until now. The oops will look something like: BUG: spinlock bad magic on CPU#2, daemon/147 lock: bcast_bearer+0x48/0xffffffffffffd19a [tipc], .magic: 00000000, .owner: <none>/-1, .owner_cpu: 0 Pid: 147, comm: daemon Not tainted 3.8.0-rc3+ #206 Call Trace: spin_dump+0x8a/0x8f spin_bug+0x21/0x26 do_raw_spin_lock+0x114/0x150 _raw_spin_lock_bh+0x19/0x20 tipc_bearer_blocked+0x1f/0x40 [tipc] tipc_link_send_buf+0x82/0x280 [tipc] ? __alloc_skb+0x9f/0x2b0 tipc_bclink_send_msg+0x77/0xa0 [tipc] tipc_multicast+0x11b/0x1b0 [tipc] send_msg+0x225/0x530 [tipc] sock_sendmsg+0xca/0xe0 The above can be triggered by running the multicast demo program. Signed-off-by: NErik Hugne <erik.hugne@ericsson.com> Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Eric Dumazet 提交于
We no longer need to use mac_len, lets cleanup things. Signed-off-by: NEric Dumazet <edumazet@google.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Pravin B Shelar 提交于
Following patch adds GRE protocol offload handler so that skb_gso_segment() can segment GRE packets. SKB GSO CB is added to keep track of total header length so that skb_segment can push entire header. e.g. in case of GRE, skb_segment need to push inner and outer headers to every segment. New NETIF_F_GRE_GSO feature is added for devices which support HW GRE TSO offload. Currently none of devices support it therefore GRE GSO always fall backs to software GSO. [ Compute pkt_len before ip_local_out() invocation. -DaveM ] Signed-off-by: NPravin B Shelar <pshelar@nicira.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-