1. 20 7月, 2016 2 次提交
    • S
      net: ip_finish_output_gso: If skb_gso_network_seglen exceeds MTU, allow... · b8247f09
      Shmulik Ladkani 提交于
      net: ip_finish_output_gso: If skb_gso_network_seglen exceeds MTU, allow segmentation for local udp tunneled skbs
      
      Given:
       - tap0 and vxlan0 are bridged
       - vxlan0 stacked on eth0, eth0 having small mtu (e.g. 1400)
      
      Assume GSO skbs arriving from tap0 having a gso_size as determined by
      user-provided virtio_net_hdr (e.g. 1460 corresponding to VM mtu of 1500).
      
      After encapsulation these skbs have skb_gso_network_seglen that exceed
      eth0's ip_skb_dst_mtu.
      
      These skbs are accidentally passed to ip_finish_output2 AS IS.
      Alas, each final segment (segmented either by validate_xmit_skb or by
      hardware UFO) would be larger than eth0 mtu.
      As a result, those above-mtu segments get dropped on certain networks.
      
      This behavior is not aligned with the NON-GSO case:
      Assume a non-gso 1500-sized IP packet arrives from tap0. After
      encapsulation, the vxlan datagram is fragmented normally at the
      ip_finish_output-->ip_fragment code path.
      
      The expected behavior for the GSO case would be segmenting the
      "gso-oversized" skb first, then fragmenting each segment according to
      dst mtu, and finally passing the resulting fragments to ip_finish_output2.
      
      'ip_finish_output_gso' already supports this "Slowpath" behavior,
      according to the IPSKB_FRAG_SEGS flag, which is only set during ipv4
      forwarding (not set in the bridged case).
      
      In order to support the bridged case, we'll mark skbs arriving from an
      ingress interface that get udp-encaspulated as "allowed to be fragmented",
      causing their network_seglen to be validated by 'ip_finish_output_gso'
      (and fragment if needed).
      
      Note the TUNNEL_DONT_FRAGMENT tun_flag is still honoured (both in the
      gso and non-gso cases), which serves users wishing to forbid
      fragmentation at the udp tunnel endpoint.
      
      Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
      Cc: Florian Westphal <fw@strlen.de>
      Signed-off-by: NShmulik Ladkani <shmulik.ladkani@gmail.com>
      Acked-by: NHannes Frederic Sowa <hannes@stressinduktion.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b8247f09
    • S
      net/ipv4: Introduce IPSKB_FRAG_SEGS bit to inet_skb_parm.flags · 359ebda2
      Shmulik Ladkani 提交于
      This flag indicates whether fragmentation of segments is allowed.
      
      Formerly this policy was hardcoded according to IPSKB_FORWARDED (set by
      either ip_forward or ipmr_forward).
      
      Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
      Cc: Florian Westphal <fw@strlen.de>
      Signed-off-by: NShmulik Ladkani <shmulik.ladkani@gmail.com>
      Acked-by: NHannes Frederic Sowa <hannes@stressinduktion.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      359ebda2
  2. 17 7月, 2016 7 次提交
  3. 16 7月, 2016 6 次提交
  4. 15 7月, 2016 1 次提交
  5. 14 7月, 2016 6 次提交
  6. 13 7月, 2016 5 次提交
    • J
      Bluetooth: Increment management interface revision · 87510973
      Johan Hedberg 提交于
      Increment the mgmt revision due to the recently added new
      reason code for the Disconnected event.
      Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      87510973
    • S
      Bluetooth: Add Authentication Failed reason to Disconnected Mgmt event · 160b9251
      Szymon Janc 提交于
      If link is disconnected due to Authentication Failure (PIN or Key
      Missing status) userspace will be notified about this with proper error
      code. Many LE profiles define "PIN or Key Missing" status as indication
      of remote lost bond so this allows userspace to take action on this.
      
      @ Device Connected: 88:63:DF:88:0E:83 (1) flags 0x0000
              02 01 1a 05 03 0a 18 0d 18 0b 09 48 65 61 72 74  ...........Heart
              20 52 61 74 65                                    Rate
      > HCI Event: Command Status (0x0f) plen 4
            LE Read Remote Used Features (0x08|0x0016) ncmd 1
              Status: Success (0x00)
      > ACL Data RX: Handle 3585 flags 0x02 dlen 11
            ATT: Read By Group Type Request (0x10) len 6
              Handle range: 0x0001-0xffff
              Attribute group type: Primary Service (0x2800)
      > HCI Event: LE Meta Event (0x3e) plen 12
            LE Read Remote Used Features (0x04)
              Status: Success (0x00)
              Handle: 3585
              Features: 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00
                LE Encryption
      < HCI Command: LE Start Encryption (0x08|0x0019) plen 28
              Handle: 3585
              Random number: 0x0000000000000000
              Encrypted diversifier: 0x0000
              Long term key: 26201cd479a0921b6f949f0b1fa8dc82
      > HCI Event: Command Status (0x0f) plen 4
            LE Start Encryption (0x08|0x0019) ncmd 1
              Status: Success (0x00)
      > HCI Event: Encryption Change (0x08) plen 4
              Status: PIN or Key Missing (0x06)
              Handle: 3585
              Encryption: Disabled (0x00)
      < HCI Command: Disconnect (0x01|0x0006) plen 3
              Handle: 3585
              Reason: Authentication Failure (0x05)
      > HCI Event: Command Status (0x0f) plen 4
            Disconnect (0x01|0x0006) ncmd 1
              Status: Success (0x00)
      > HCI Event: Disconnect Complete (0x05) plen 4
              Status: Success (0x00)
              Handle: 3585
              Reason: Connection Terminated By Local Host (0x16)
      @ Device Disconnected: 88:63:DF:88:0E:83 (1) reason 4
      
      @ Device Connected: C4:43:8F:A3:4D:83 (0) flags 0x0000
              08 09 4e 65 78 75 73 20 35                       ..Nexus 5
      > HCI Event: Command Status (0x0f) plen 4
            Authentication Requested (0x01|0x0011) ncmd 1
              Status: Success (0x00)
      > HCI Event: Link Key Request (0x17) plen 6
              Address: C4:43:8F:A3:4D:83 (LG Electronics)
      < HCI Command: Link Key Request Reply (0x01|0x000b) plen 22
              Address: C4:43:8F:A3:4D:83 (LG Electronics)
              Link key: 080812e4aa97a863d11826f71f65a933
      > HCI Event: Command Complete (0x0e) plen 10
            Link Key Request Reply (0x01|0x000b) ncmd 1
              Status: Success (0x00)
              Address: C4:43:8F:A3:4D:83 (LG Electronics)
      > HCI Event: Auth Complete (0x06) plen 3
              Status: PIN or Key Missing (0x06)
              Handle: 75
      @ Authentication Failed: C4:43:8F:A3:4D:83 (0) status 0x05
      < HCI Command: Disconnect (0x01|0x0006) plen 3
              Handle: 75
              Reason: Remote User Terminated Connection (0x13)
      > HCI Event: Command Status (0x0f) plen 4
            Disconnect (0x01|0x0006) ncmd 1
              Status: Success (0x00)
      > HCI Event: Disconnect Complete (0x05) plen 4
              Status: Success (0x00)
              Handle: 75
              Reason: Connection Terminated By Local Host (0x16)
      @ Device Disconnected: C4:43:8F:A3:4D:83 (0) reason 4
      Signed-off-by: NSzymon Janc <szymon.janc@codecoup.pl>
      Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
      160b9251
    • J
      devlink: add hardware messages tracing facility · e5224f0f
      Jiri Pirko 提交于
      Define a tracepoint and allow user to trace messages going to and from
      hardware associated with devlink instance.
      Signed-off-by: NJiri Pirko <jiri@mellanox.com>
      Acked-by: NSteven Rostedt <rostedt@goodmis.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e5224f0f
    • W
      net: dsa: Fix non static symbol warning · 85c22bad
      Wei Yongjun 提交于
      Fixes the following sparse warning:
      
      net/dsa/dsa2.c:680:6: warning:
       symbol '_dsa_unregister_switch' was not declared. Should it be static?
      Signed-off-by: NWei Yongjun <yongjun_wei@trendmicro.com.cn>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      85c22bad
    • W
      rxrpc: Fix error handling in af_rxrpc_init() · 8addc044
      Wei Yongjun 提交于
      security initialized after alloc workqueue, so we should exit security
      before destroy workqueue in the error handing.
      
      Fixes: 648af7fc ("rxrpc: Absorb the rxkad security module")
      Signed-off-by: NWei Yongjun <yongjun_wei@trendmicro.com.cn>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8addc044
  7. 12 7月, 2016 8 次提交
    • P
      ipv4: af_inet: make it explicitly non-modular · d3fc0353
      Paul Gortmaker 提交于
      The Makefile controlling compilation of this file is obj-y,
      meaning that it currently is never being built as a module.
      
      Since MODULE_ALIAS is a no-op for non-modular code, we can simply
      remove the MODULE_ALIAS_NETPROTO variant used here.
      
      We replace module.h with kmod.h since the file does make use of
      request_module() in order to load other modules from here.
      
      We don't have to worry about init.h coming in via the removed
      module.h since the file explicitly includes init.h already.
      
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
      Cc: James Morris <jmorris@namei.org>
      Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
      Cc: Patrick McHardy <kaber@trash.net>
      Cc: netdev@vger.kernel.org
      Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d3fc0353
    • S
      tunnels: correct conditional build of MPLS and IPv6 · aa9667e7
      Simon Horman 提交于
      Using a combination if #if conditionals and goto labels to unwind
      tunnel4_init seems unwieldy. This patch takes a simpler approach of
      directly unregistering previously registered protocols when an error
      occurs.
      
      This fixes a number of problems with the current implementation
      including the potential presence of labels when they are unused
      and the potential absence of unregister code when it is needed.
      
      Fixes: 8afe97e5 ("tunnels: support MPLS over IPv4 tunnels")
      Signed-off-by: NSimon Horman <simon.horman@netronome.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      aa9667e7
    • X
      sctp: implement prsctp PRIO policy · 8dbdf1f5
      Xin Long 提交于
      prsctp PRIO policy is a policy to abandon lower priority chunks when
      asoc doesn't have enough snd buffer, so that the current chunk with
      higher priority can be queued successfully.
      
      Similar to TTL/RTX policy, we will set the priority of the chunk to
      prsctp_param with sinfo->sinfo_timetolive in sctp_set_prsctp_policy().
      So if PRIO policy is enabled, msg->expire_at won't work.
      
      asoc->sent_cnt_removable will record how many chunks can be checked to
      remove. If priority policy is enabled, when the chunk is queued into
      the out_queue, we will increase sent_cnt_removable. When the chunk is
      moved to abandon_queue or dequeue and free, we will decrease
      sent_cnt_removable.
      
      In sctp_sendmsg, we will check if there is enough snd buffer for current
      msg and if sent_cnt_removable is not 0. Then try to abandon chunks in
      sctp_prune_prsctp when sendmsg from the retransmit/transmited queue, and
      free chunks from out_queue in right order until the abandon+free size >
      msg_len - sctp_wfree. For the abandon size, we have to wait until it
      sends FORWARD TSN, receives the sack and the chunks are really freed.
      Signed-off-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8dbdf1f5
    • X
      sctp: implement prsctp RTX policy · 01aadb3a
      Xin Long 提交于
      prsctp RTX policy is a policy to abandon chunks when they are
      retransmitted beyond the max count.
      
      This patch uses sent_count to count how many times one chunk has
      been sent, and prsctp_param is the max rtx count, which is from
      sinfo->sinfo_timetolive in sctp_set_prsctp_policy(). So similar
      to TTL policy, if RTX policy is enabled, msg->expire_at won't
      work.
      
      Then in sctp_chunk_abandoned, this patch checks if chunk->sent_count
      is bigger than chunk->prsctp_param to abandon this chunk.
      Signed-off-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      01aadb3a
    • X
      sctp: implement prsctp TTL policy · a6c2f792
      Xin Long 提交于
      prsctp TTL policy is a policy to abandon chunks when they expire
      at the specific time in local stack. It's similar with expires_at
      in struct sctp_datamsg.
      
      This patch uses sinfo->sinfo_timetolive to set the specific time for
      TTL policy. sinfo->sinfo_timetolive is also used for msg->expires_at.
      So if prsctp_enable or TTL policy is not enabled, msg->expires_at
      still works as before.
      Signed-off-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a6c2f792
    • X
      sctp: add SCTP_PR_ASSOC_STATUS on sctp sockopt · 826d253d
      Xin Long 提交于
      This patch adds SCTP_PR_ASSOC_STATUS to sctp sockopt, which is used
      to dump the prsctp statistics info from the asoc. The prsctp statistics
      includes abandoned_sent/unsent from the asoc. abandoned_sent is the
      count of the packets we drop packets from retransmit/transmited queue,
      and abandoned_unsent is the count of the packets we drop from out_queue
      according to the policy.
      
      Note: another option for prsctp statistics dump described in rfc is
      SCTP_PR_STREAM_STATUS, which is used to dump the prsctp statistics
      info from each stream. But by now, linux doesn't yet have per stream
      statistics info, it needs rfc6525 to be implemented. As the prsctp
      statistics for each stream has to be based on per stream statistics,
      we will delay it until rfc6525 is done in linux.
      Signed-off-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      826d253d
    • X
      sctp: add SCTP_DEFAULT_PRINFO into sctp sockopt · f959fb44
      Xin Long 提交于
      This patch adds SCTP_DEFAULT_PRINFO to sctp sockopt. It is used
      to set/get sctp Partially Reliable Policies' default params,
      which includes 3 policies (ttl, rtx, prio) and their values.
      
      Still, if we set policy params in sndinfo, we will use the params
      of sndinfo against chunks, instead of the default params.
      
      In this patch, we will use 5-8bit of sp/asoc->default_flags
      to store prsctp policies, and reuse asoc->default_timetolive
      to store their values. It means if we enable and set prsctp
      policy, prior ttl timeout in sctp will not work any more.
      Signed-off-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f959fb44
    • X
      sctp: add SCTP_PR_SUPPORTED on sctp sockopt · 28aa4c26
      Xin Long 提交于
      According to section 4.5 of rfc7496, prsctp_enable should be per asoc.
      We will add prsctp_enable to both asoc and ep, and replace the places
      where it used net.sctp->prsctp_enable with asoc->prsctp_enable.
      
      ep->prsctp_enable will be initialized with net.sctp->prsctp_enable, and
      asoc->prsctp_enable will be initialized with ep->prsctp_enable. We can
      also modify it's value through sockopt SCTP_PR_SUPPORTED.
      Signed-off-by: NXin Long <lucien.xin@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      28aa4c26
  8. 10 7月, 2016 5 次提交