- 17 3月, 2018 7 次提交
-
-
由 Karsten Graul 提交于
Introduce functions smc_clc_prfx_set to retrieve IP information for the CLC proposal msg and smc_clc_prfx_match to match the contents of a proposal message against the IP addresses of the net device. The new functions replace the functionality provided by smc_clc_netinfo_by_tcpsk, which is removed by this patch. The match functionality is extended to scan all ipv4 addresses of the net device for a match against the ipv4 subnet from the proposal msg. Signed-off-by: NKarsten Graul <kgraul@linux.vnet.ibm.com> Signed-off-by: NUrsula Braun <ubraun@linux.vnet.ibm.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ganesh Goudar 提交于
notify uld drivers if the adapter encounters fatal error. Signed-off-by: NGanesh Goudar <ganeshgr@chelsio.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Kirill Tkhai says: ==================== Introduce rtnl_lock_killable() rtnl_lock() is widely used mutex in kernel. Some of kernel code does memory allocations under it. In case of memory deficit this may invoke OOM killer, but the problem is a killed task can't exit if it's waiting for the mutex. This may be a reason of deadlock and panic. This patchset adds a new primitive, which responds on SIGKILL, and it allows to use it in the places, where we don't want to sleep forever. Also, the first place is made to use it. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Kirill Tkhai 提交于
This patch adds rtnl_lock_killable() to one of hot path using rtnl_lock(). Signed-off-by: NKirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Kirill Tkhai 提交于
rtnl_lock() is widely used mutex in kernel. Some of kernel code does memory allocations under it. In case of memory deficit this may invoke OOM killer, but the problem is a killed task can't exit if it's waiting for the mutex. This may be a reason of deadlock and panic. This patch adds a new primitive, which responds on SIGKILL, and it allows to use it in the places, where we don't want to sleep forever. Signed-off-by: NKirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Tonghao Zhang 提交于
The SK_MEM_QUANTUM was changed from PAGE_SIZE to 4096. Signed-off-by: NTonghao Zhang <xiangxia.m.yue@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Tonghao Zhang 提交于
This patch moves the udp_rmem_min, udp_wmem_min to namespace and init the udp_l3mdev_accept explicitly. The udp_rmem_min/udp_wmem_min affect udp rx/tx queue, with this patch namespaces can set them differently. Signed-off-by: NTonghao Zhang <xiangxia.m.yue@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 16 3月, 2018 18 次提交
-
-
由 David S. Miller 提交于
David Ahern says: ==================== net/ipv6: Address checks need to consider the L3 domain IPv6 prohibits a local address from being used as a gateway for a route. However, it is ok for the gateway to be a local address in a different L3 domain (e.g., VRF). This allows, for example, veth pairs to connect VRFs. ip6_route_info_create calls ipv6_chk_addr_and_flags for gateway addresses to determine if the address is a local one, but ipv6_chk_addr_and_flags does not currently consider L3 domains. As a result routes can not be added in one VRF with a nexthop that points to a local address in a second VRF. Resolve by comparing the l3mdev for the passed in device and requiring an l3mdev match with the device containing an address. The intent of checking for an address on the specified device versus any device in the domain is mantained by a new argument to skip the check between the passed in device and the device with the address. Patch 1 moves the gateway validation from ip6_route_info_create into a helper; the function is long enough and refactoring drops the indent level. Patch 2 adds a skip_dev_check argument to ipv6_chk_addr_and_flags to allow a device to always be passed yet skip the device check when looking at addresses and fixes up a few ipv6_chk_addr callers that pass a NULL device. Patch 3 adds l3mdev checks to ipv6_chk_addr_and_flags. Patches 4 and 5 do some refactoring to the fib_tests script and then patch 6 adds nexthop validation tests. v4 - separated l3mdev check into a separate patch (patch 3 of this set) as suggested by Kirill - consolidated dev and ipv6_chk_addr_and_flags call into 1 if (Kirill) - added a temp variable for gw type (Kirill) v3 - set skip_dev_check in ipv6_chk_addr based on dev == NULL (per comment from Ido) v2 - handle 2 variations of route spec with sane error path - add test cases ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Add series of tests for valid and invalid nexthop specs for IPv6. $ TEST=fib_nexthop_test ./fib_tests.sh ... IPv6 nexthop tests TEST: Directly connected nexthop, unicast address [ OK ] TEST: Directly connected nexthop, unicast address with device [ OK ] TEST: Gateway is linklocal address [ OK ] TEST: Gateway is linklocal address, no device [ OK ] TEST: Gateway can not be local unicast address [ OK ] TEST: Gateway can not be local unicast address, with device [ OK ] TEST: Gateway can not be a local linklocal address [ OK ] TEST: Gateway can be local address in a VRF [ OK ] TEST: Gateway can be local address in a VRF, with device [ OK ] TEST: Gateway can be local linklocal address in a VRF [ OK ] TEST: Redirect to VRF lookup [ OK ] TEST: VRF route, gateway can be local address in default VRF [ OK ] TEST: VRF route, gateway can not be a local address [ OK ] TEST: VRF route, gateway can not be a local addr with device [ OK ] Signed-off-by: NDavid Ahern <dsahern@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Allow a user to run just a specific fib test by setting the TEST environment variable. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Replace 'ip -netns testns' with the alias IP. Shortens the line lengths and makes running the commands manually a bit easier. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Lookup the L3 master device for the passed in device. Only consider addresses on netdev's with the same master device. If the device is not enslaved or is NULL, then the l3mdev is NULL which means only devices not enslaved (ie, in the default domain) are considered. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
ipv6_chk_addr_and_flags determines if an address is a local address and optionally if it is an address on a specific device. For example, it is called by ip6_route_info_create to determine if a given gateway address is a local address. The address check currently does not consider L3 domains and as a result does not allow a route to be added in one VRF if the nexthop points to an address in a second VRF. e.g., $ ip route add 2001:db8:1::/64 vrf r2 via 2001:db8:102::23 Error: Invalid gateway address. where 2001:db8:102::23 is an address on an interface in vrf r1. ipv6_chk_addr_and_flags needs to allow callers to always pass in a device with a separate argument to not limit the address to the specific device. The device is used used to determine the L3 domain of interest. To that end add an argument to skip the device check and update callers to always pass a device where possible and use the new argument to mean any address in the domain. Update a handful of users of ipv6_chk_addr with a NULL dev argument. This patch handles the change to these callers without adding the domain check. ip6_validate_gw needs to handle 2 cases - one where the device is given as part of the nexthop spec and the other where the device is resolved. There is at least 1 VRF case where deferring the check to only after the route lookup has resolved the device fails with an unintuitive error "RTNETLINK answers: No route to host" as opposed to the preferred "Error: Gateway can not be a local address." The 'no route to host' error is because of the fallback to a full lookup. The check is done twice to avoid this error. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David Ahern 提交于
Move gateway validation code from ip6_route_info_create into ip6_validate_gw. Code move plus adjustments to handle the potential reset of dev and idev and to make checkpatch happy. Signed-off-by: NDavid Ahern <dsahern@gmail.com> Reviewed-by: NIdo Schimmel <idosch@mellanox.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Brad Mouring says: ==================== net: macb: Introduce phy-handle DT functionality Consider the situation where a macb netdev is connected through a phydev that sits on a mii bus other than the one provided to this particular netdev. This situation is what this patchset aims to accomplish through the existing phy-handle optional binding. This optional binding (as described in the ethernet DT bindings doc) directs the netdev to the phydev to use. This is precisely the situation this patchset aims to solve, so it makes sense to introduce the functionality to this driver (where the physical layout discussed was encountered). The devicetree snippet would look something like this: ... ethernet@feedf00d { ... phy-handle = <&phy0> // the first netdev is physically wired to phy0 ... phy0: phy@0 { ... reg = <0x0> // MDIO address 0 ... } phy1: phy@1 { ... reg = <0x1> // MDIO address 1 ... } ... } ethernet@deadbeef { ... phy-handle = <&phy1> // tells the driver to use phy1 on the // first mac's mdio bus (it's wired thusly) ... } ... The work done to add the phy_node in the first place (dacdbb4d: "net: macb: add fixed-link node support") will consume the device_node (if found). v2: Reorganization of mii probe/init functions, suggested by Andrew Lunn v3: Moved some of the bus init code back into init (erroneously moved to probe) some style issues, and an unintialized variable warning addressed. v4: Add Reviewed-by: tags Skip fallback code if phy-handle phandle is found v5: Cleanup formatting issues Fix compile failure introduced in 1/4 "net: macb: Reorganize macb_mii bringup" Fix typo in "Documentation: macb: Document phy-handle binding" ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Brad Mouring 提交于
Document the existence of the optional binding, directing to the general ethernet document that describes this binding. Signed-off-by: NBrad Mouring <brad.mouring@ni.com> Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Brad Mouring 提交于
This optional binding (as described in the ethernet DT bindings doc) directs the netdev to the phydev to use. This is useful for a phy chip that has >1 phy in it, and two netdevs are using the same phy chip (i.e. the second mac's phy lives on the first mac's MDIO bus) The devicetree snippet would look something like this: ethernet@feedf00d { ... phy-handle = <&phy0> // the first netdev is physically wired to phy0 ... phy0: phy@0 { ... reg = <0x0> // MDIO address 0 ... } phy1: phy@1 { ... reg = <0x1> // MDIO address 1 ... } ... } ethernet@deadbeef { ... phy-handle = <&phy1> // tells the driver to use phy1 on the // first mac's mdio bus (it's wired thusly) ... } The work done to add the phy_node in the first place (dacdbb4d: "net: macb: add fixed-link node support") will consume the device_node (if found). Signed-off-by: NBrad Mouring <brad.mouring@ni.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Brad Mouring 提交于
In phy_device's general probe, this device will already be set for phy register polling, rendering this code redundant. Signed-off-by: NBrad Mouring <brad.mouring@ni.com> Suggested-by: NAndrew Lunn <andrew@lunn.ch> Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Brad Mouring 提交于
The macb mii setup (mii_probe() and mii_init()) previously was somewhat interspersed, likely a result of organic growth and hacking. This change moves mii bus registration into mii_init and probing the bus for devices into mii_probe. Signed-off-by: NBrad Mouring <brad.mouring@ni.com> Suggested-by: NAndrew Lunn <andrew@lunn.ch> Reviewed-by: NFlorian Fainelli <f.fainelli@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Stephen Hemminger 提交于
The packet_mmap documentation had links to no longer existing web sites; replace with other site which has similar example. Support for packet mmap has been in mainline versions of libpcap for several years. Signed-off-by: NStephen Hemminger <stephen@networkplumber.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
Commit d1179094 ("enic: Add vxlan offload support for IPv6 pkts") added vxlan offload support for IPv6 pkts. Required change in enic_udp_tunnel_del was not made. This creates a bug where once user adds IPv6 tunnel, hw offload for that cannot be deleted. This patch removes check for IP proto in tunnel delete path. Driver need not check for IP proto since same UDP port cannot be used to create two tunnels. Fixes: d1179094 ("enic: Add vxlan offload support for IPv6 pkts") Signed-off-by: NGovindarajulu Varadarajan <gvaradar@cisco.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Colin Ian King 提交于
The variable 'len' is being initialized with a value that is never read and it is re-assigned later, hence the initialization is redundant and can be removed. Cleans up clang warning: net/rxrpc/recvmsg.c:275:15: warning: Value stored to 'len' during its initialization is never read Signed-off-by: NColin Ian King <colin.king@canonical.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Neil Horman 提交于
syzbot/kasan detected a double free in sctp_sendmsg_to_asoc: BUG: KASAN: use-after-free in sctp_association_free+0x7b7/0x930 net/sctp/associola.c:332 Read of size 8 at addr ffff8801d8006ae0 by task syzkaller914861/4202 CPU: 1 PID: 4202 Comm: syzkaller914861 Not tainted 4.16.0-rc4+ #258 Hardware name: Google Google Compute Engine/Google Compute Engine 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 print_address_description+0x73/0x250 mm/kasan/report.c:256 kasan_report_error mm/kasan/report.c:354 [inline] kasan_report+0x23c/0x360 mm/kasan/report.c:412 __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:433 sctp_association_free+0x7b7/0x930 net/sctp/associola.c:332 sctp_sendmsg+0xc67/0x1a80 net/sctp/socket.c:2075 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:763 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748 SyS_sendto+0x40/0x50 net/socket.c:1716 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 This was introduced by commit: f84af331 sctp: factor out sctp_sendmsg_to_asoc from sctp_sendmsg As the newly refactored function moved the wait_for_sndbuf call to a point after the association was connected, allowing for peeloff events to occur, which in turn caused wait_for_sndbuf to return -EPIPE which was not caught by the logic that determines if an association should be freed or not. Fix it the easy way by returning the ordering of sctp_primitive_ASSOCIATE and sctp_wait_for_sndbuf to the old order, to ensure that EPIPE will not happen. Tested by myself using the syzbot reproducers with positive results Signed-off-by: NNeil Horman <nhorman@tuxdriver.com> CC: davem@davemloft.net CC: Xin Long <lucien.xin@gmail.com> Reported-by: syzbot+a4e4112c3aff00c8cfd8@syzkaller.appspotmail.com Reviewed-by: NXin Long <lucien.xin@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Joe Perches 提交于
skb_copy_expand without __GFP_NOWARN already does a dump_stack on OOM so these messages are redundant. Signed-off-by: NJoe Perches <joe@perches.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue由 David S. Miller 提交于
Jeff Kirsher says: ==================== 40GbE Intel Wired LAN Driver Updates 2018-03-14 This series contains updates to i40e and i40evf only. Corentin Labbe cleans up the left over FCoE files in the i40e driver. Gustavo A R Silva fixes a cut and paste error. Paweł fixes a race condition when the VF driver is loaded on a host and virsh is trying to attach it to the virtual machine and set a MAC address. Resolve the issue by adding polling in i40e_ndo_set_vf_mac() when the VF is in reset mode. Jake cleans up i40e_vlan_rx_register() since this only used in a single location, so just inline the contents of the function. Created a helper function to proper update the per-filter statistics when we delete it. Factored out the re-enabling ATR and SB rules. Fixed an issue when re-enabling ATR after the last TCPv4 filter is removed and ntuple is still active, we were not restoring the TCPv4 filter input set. Filip modifies the permission check function to ensure that it knows how many filters are being requested, which allows the check to ensure that the total number of filters in a single request does not cause us to go over the limit. Mariusz fixed an issue where the wrong calculation of partition id was being done on OCP PHY mezzanine cards, which in turn caused wake on LAN to be disabled on certain ports. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 15 3月, 2018 15 次提交
-
-
由 Jacob Keller 提交于
When we re-enable ATR we need to restore the input set for TCPv4 filters, in order for ATR to function correctly. We already do this for the normal case of re-enabling ATR when disabling ntuple support. However, when re-enabling ATR after the last TCPv4 filter is removed (but when ntuple support is still active), we did not restore the TCPv4 filter input set. This can cause problems if the TCPv4 filters from FDir had changed the input set, as ATR will no longer behave as expected. When clearing the ATR auto-disable flag, make sure we restore the TCPv4 input set to avoid this. Signed-off-by: NJacob Keller <jacob.e.keller@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Mariusz Stachura 提交于
This patch overwrites number of ports for X722 devices with support for OCP PHY mezzanine. The old method with checking if port is disabled in the PRTGEN_CNF register cannot be used in this case. When the OCP is removed, ports were seen as disabled, which resulted in wrong calculation of partition id, that caused WoL to be disabled on certain ports. Signed-off-by: NMariusz Stachura <mariusz.stachura@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Jacob Keller 提交于
A future patch needs to expand on the logic for re-enabling ATR. Doing so would cause some code to break the 80-character line limit. To reduce the level of indentation, factor out helper functions for re-enabling ATR and SB rules. Signed-off-by: NJacob Keller <jacob.e.keller@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Jacob Keller 提交于
When hardware has trouble with a particular filter, we delete it from the list. Unfortunately, we did not properly update the per-filter statistic when doing so. Create a helper function to handle this, and properly reduce the necessary counter so that it tracks the number of active filters properly. Signed-off-by: NJacob Keller <jacob.e.keller@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Filip Sadowski 提交于
When VF requests adding of MAC filters the checking is done against number of already present MAC filters not adding them at the same time. It makes it possible to add a bunch of filters at once possibly exceeding acceptable limit of I40E_VC_MAX_MAC_ADDR_PER_VF filters. This happens because when checking vf->num_mac, we do not check how many filters are being requested at once. Modify the check function to ensure that it knows how many filters are being requested. This allows the check to ensure that the total number of filters in a single request does not cause us to go over the limit. Additionally, move the check to within the lock to ensure that the vf->num_mac is checked while holding the lock to maintain consistency. We could have simply moved the call to i40e_vf_check_permission to within the loop, but this could cause a request to be non-atomic, and add some but not all the addresses, while reporting an error code. We want to avoid this behavior so that users are not confused about which filters have or have not been added. Signed-off-by: NFilip Sadowski <filip.sadowski@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Jacob Keller 提交于
We used to use the function i40e_vlan_rx_register as a way to hook into the now defunct .ndo_vlan_rx_register netdev hook. This was removed but we kept the function around because we still used it internally to control enabling or disabling of VLAN stripping. As pointed out in upstream review, VLAN stripping is only used in a single location and the previous function is quite small, just inline it into i40e_restore_vlan() rather than carrying the function separately. Signed-off-by: NJacob Keller <jacob.e.keller@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Paweł Jabłoński 提交于
Fix for "Resource temporarily unavailable" problem when virsh is trying to attach a device to VM. When the VF driver is loaded on host and virsh is trying to attach it to the VM and set a MAC address, it ends with a race condition between i40e_reset_vf and i40e_ndo_set_vf_mac functions. The bug is fixed by adding polling in i40e_ndo_set_vf_mac function For when the VF is in Reset mode. Signed-off-by: NPaweł Jabłoński <pawel.jablonski@intel.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Gustavo A R Silva 提交于
It seems this is a copy-paste error and that the proper variable to use in this particular case is _src_ instead of _dst_. Addresses-Coverity-ID: 1465282 ("Copy-paste error") Fixes: 0075fa0f ("i40evf: Add support to apply cloud filters") Signed-off-by: NGustavo A R Silva <garsilva@embeddedor.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 Corentin Labbe 提交于
i40e_fcoe support was removed via commit 9eed69a9 ("i40e: Drop FCoE code from core driver files") But this left files in place but un-compilable. Let's finish the cleaning. Signed-off-by: NCorentin Labbe <clabbe@baylibre.com> Tested-by: NAndrew Bowers <andrewx.bowers@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com>
-
由 David S. Miller 提交于
Xin Long says: ==================== sctp: add support for some sctp auth APIs from RFC6458 This patchset mainly adds support for SCTP AUTH Information for sendmsg, described in RFC6458: 5.3.8. SCTP AUTH Information Structure (SCTP_AUTHINFO) and also adds a sockopt described in RFC6458: 8.3.4. Deactivate a Shared Key (SCTP_AUTH_DEACTIVATE_KEY) and two types of events for AUTHENTICATION_EVENT described in RFC6458: 6.1.8. SCTP_AUTHENTICATION_EVENT: - SCTP_AUTH_NO_AUTH - SCTP_AUTH_FREE_KEY After this patchset, we have fully support for sctp_sendv in kernel. Note that this patchset won't touch that sctp options merge conflict. ==================== Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to add SCTP_AUTH_NO_AUTH type for AUTHENTICATION_EVENT, as described in section 6.1.8 of RFC6458. SCTP_AUTH_NO_AUTH: This report indicates that the peer does not support SCTP authentication as defined in [RFC4895]. Note that the implementation is quite similar as that of SCTP_ADAPTATION_INDICATION. Signed-off-by: NXin Long <lucien.xin@gmail.com> Acked-by: NMarcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to add SCTP_AUTH_FREE_KEY type for AUTHENTICATION_EVENT, as described in section 6.1.8 of RFC6458. SCTP_AUTH_FREE_KEY: This report indicates that the SCTP implementation will no longer use the key identifier specified in auth_keynumber. After deactivating a key, it would never be used again, which means it's refcnt can't be held/increased by new chunks. But there may be some chunks in out queue still using it. So only when refcnt is 1, which means no chunk in outqueue is using/holding this key either, this EVENT would be sent. When users receive this notification, they could do DEL_KEY sockopt to remove this shkey, and also tell the peer that this key won't be used in any chunk thoroughly from now on, then the peer can remove it as well safely. Signed-off-by: NXin Long <lucien.xin@gmail.com> Acked-by: NMarcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to add sockopt SCTP_AUTH_DEACTIVATE_KEY, as described in section 8.3.4 of RFC6458. This set option indicates that the application will no longer send user messages using the indicated key identifier. Note that RFC requires that only deactivated keys that are no longer used by an association can be deleted, but for the backward compatibility, it is not to check deactivated when deleting or replacing one sh_key. Signed-off-by: NXin Long <lucien.xin@gmail.com> Acked-by: NMarcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
This patch is to add support for SCTP AUTH Information for sendmsg, as described in section 5.3.8 of RFC6458. With this option, you can provide shared key identifier used for sending the user message. It's also a necessary send info for sctp_sendv. Note that it reuses sinfo->sinfo_tsn to indicate if this option is set and sinfo->sinfo_ssn to save the shkey ID which can be 0. Signed-off-by: NXin Long <lucien.xin@gmail.com> Acked-by: NMarcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Xin Long 提交于
With refcnt support for sh_key, chunks auth sh_keys can be decided before enqueuing it. Changing the active key later will not affect the chunks already enqueued. Furthermore, this is necessary when adding the support for authinfo for sendmsg in next patch. Note that struct sctp_chunk can't be grown due to that performance drop issue on slow cpu, so it just reuses head_skb memory for shkey in sctp_chunk. Signed-off-by: NXin Long <lucien.xin@gmail.com> Acked-by: NMarcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-