1. 15 2月, 2018 1 次提交
  2. 13 2月, 2018 2 次提交
  3. 30 1月, 2018 4 次提交
  4. 24 1月, 2018 2 次提交
  5. 23 1月, 2018 1 次提交
    • E
      net: qdisc_pkt_len_init() should be more robust · 7c68d1a6
      Eric Dumazet 提交于
      Without proper validation of DODGY packets, we might very well
      feed qdisc_pkt_len_init() with invalid GSO packets.
      
      tcp_hdrlen() might access out-of-bound data, so let's use
      skb_header_pointer() and proper checks.
      
      Whole story is described in commit d0c081b4 ("flow_dissector:
      properly cap thoff field")
      
      We have the goal of validating DODGY packets earlier in the stack,
      so we might very well revert this fix in the future.
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Willem de Bruijn <willemb@google.com>
      Cc: Jason Wang <jasowang@redhat.com>
      Reported-by: syzbot+9da69ebac7dddd804552@syzkaller.appspotmail.com
      Acked-by: NJason Wang <jasowang@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      7c68d1a6
  6. 13 1月, 2018 1 次提交
  7. 10 1月, 2018 2 次提交
  8. 06 1月, 2018 1 次提交
  9. 03 1月, 2018 1 次提交
  10. 20 12月, 2017 2 次提交
  11. 19 12月, 2017 2 次提交
    • M
      net: Disable GRO_HW when generic XDP is installed on a device. · 56f5aa77
      Michael Chan 提交于
      Hardware should not aggregate any packets when generic XDP is installed.
      
      Cc: Ariel Elior <Ariel.Elior@cavium.com>
      Cc: everest-linux-l2@cavium.com
      Signed-off-by: NMichael Chan <michael.chan@broadcom.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      56f5aa77
    • M
      net: Introduce NETIF_F_GRO_HW. · fb1f5f79
      Michael Chan 提交于
      Introduce NETIF_F_GRO_HW feature flag for NICs that support hardware
      GRO.  With this flag, we can now independently turn on or off hardware
      GRO when GRO is on.  Previously, drivers were using NETIF_F_GRO to
      control hardware GRO and so it cannot be independently turned on or
      off without affecting GRO.
      
      Hardware GRO (just like GRO) guarantees that packets can be re-segmented
      by TSO/GSO to reconstruct the original packet stream.  Logically,
      GRO_HW should depend on GRO since it a subset, but we will let
      individual drivers enforce this dependency as they see fit.
      
      Since NETIF_F_GRO is not propagated between upper and lower devices,
      NETIF_F_GRO_HW should follow suit since it is a subset of GRO.  In other
      words, a lower device can independent have GRO/GRO_HW enabled or disabled
      and no feature propagation is required.  This will preserve the current
      GRO behavior.  This can be changed later if we decide to propagate GRO/
      GRO_HW/RXCSUM from upper to lower devices.
      
      Cc: Ariel Elior <Ariel.Elior@cavium.com>
      Cc: everest-linux-l2@cavium.com
      Signed-off-by: NMichael Chan <michael.chan@broadcom.com>
      Acked-by: NAlexander Duyck <alexander.h.duyck@intel.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      fb1f5f79
  12. 15 12月, 2017 1 次提交
  13. 14 12月, 2017 1 次提交
    • W
      net: avoid skb_warn_bad_offload on IS_ERR · 8d74e9f8
      Willem de Bruijn 提交于
      skb_warn_bad_offload warns when packets enter the GSO stack that
      require skb_checksum_help or vice versa. Do not warn on arbitrary
      bad packets. Packet sockets can craft many. Syzkaller was able to
      demonstrate another one with eth_type games.
      
      In particular, suppress the warning when segmentation returns an
      error, which is for reasons other than checksum offload.
      
      See also commit 36c92474 ("net: WARN if skb_checksum_help() is
      called on skb requiring segmentation") for context on this warning.
      Signed-off-by: NWillem de Bruijn <willemb@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8d74e9f8
  14. 09 12月, 2017 2 次提交
  15. 06 12月, 2017 1 次提交
  16. 03 12月, 2017 2 次提交
  17. 24 11月, 2017 1 次提交
    • W
      net: accept UFO datagrams from tuntap and packet · 0c19f846
      Willem de Bruijn 提交于
      Tuntap and similar devices can inject GSO packets. Accept type
      VIRTIO_NET_HDR_GSO_UDP, even though not generating UFO natively.
      
      Processes are expected to use feature negotiation such as TUNSETOFFLOAD
      to detect supported offload types and refrain from injecting other
      packets. This process breaks down with live migration: guest kernels
      do not renegotiate flags, so destination hosts need to expose all
      features that the source host does.
      
      Partially revert the UFO removal from 182e0b6b~1..d9d30adf.
      This patch introduces nearly(*) no new code to simplify verification.
      It brings back verbatim tuntap UFO negotiation, VIRTIO_NET_HDR_GSO_UDP
      insertion and software UFO segmentation.
      
      It does not reinstate protocol stack support, hardware offload
      (NETIF_F_UFO), SKB_GSO_UDP tunneling in SKB_GSO_SOFTWARE or reception
      of VIRTIO_NET_HDR_GSO_UDP packets in tuntap.
      
      To support SKB_GSO_UDP reappearing in the stack, also reinstate
      logic in act_csum and openvswitch. Achieve equivalence with v4.13 HEAD
      by squashing in commit 93991221 ("net: skb_needs_check() removes
      CHECKSUM_UNNECESSARY check for tx.") and reverting commit 8d63bee6
      ("net: avoid skb_warn_bad_offload false positives on UFO").
      
      (*) To avoid having to bring back skb_shinfo(skb)->ip6_frag_id,
      ipv6_proxy_select_ident is changed to return a __be32 and this is
      assigned directly to the frag_hdr. Also, SKB_GSO_UDP is inserted
      at the end of the enum to minimize code churn.
      
      Tested
        Booted a v4.13 guest kernel with QEMU. On a host kernel before this
        patch `ethtool -k eth0` shows UFO disabled. After the patch, it is
        enabled, same as on a v4.13 host kernel.
      
        A UFO packet sent from the guest appears on the tap device:
          host:
            nc -l -p -u 8000 &
            tcpdump -n -i tap0
      
          guest:
            dd if=/dev/zero of=payload.txt bs=1 count=2000
            nc -u 192.16.1.1 8000 < payload.txt
      
        Direct tap to tap transmission of VIRTIO_NET_HDR_GSO_UDP succeeds,
        packets arriving fragmented:
      
          ./with_tap_pair.sh ./tap_send_ufo tap0 tap1
          (from https://github.com/wdebruij/kerneltools/tree/master/tests)
      
      Changes
        v1 -> v2
          - simplified set_offload change (review comment)
          - documented test procedure
      
      Link: http://lkml.kernel.org/r/<CAF=yD-LuUeDuL9YWPJD9ykOZ0QCjNeznPDr6whqZ9NGMNF12Mw@mail.gmail.com>
      Fixes: fb652fdf ("macvlan/macvtap: Remove NETIF_F_UFO advertisement.")
      Reported-by: NMichal Kubecek <mkubecek@suse.cz>
      Signed-off-by: NWillem de Bruijn <willemb@google.com>
      Acked-by: NJason Wang <jasowang@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0c19f846
  18. 21 11月, 2017 2 次提交
  19. 14 11月, 2017 8 次提交
  20. 05 11月, 2017 2 次提交
  21. 03 11月, 2017 1 次提交