1. 15 12月, 2010 1 次提交
  2. 14 12月, 2010 1 次提交
    • D
      net: Abstract default ADVMSS behind an accessor. · 0dbaee3b
      David S. Miller 提交于
      Make all RTAX_ADVMSS metric accesses go through a new helper function,
      dst_metric_advmss().
      
      Leave the actual default metric as "zero" in the real metric slot,
      and compute the actual default value dynamically via a new dst_ops
      AF specific callback.
      
      For stacked IPSEC routes, we use the advmss of the path which
      preserves existing behavior.
      
      Unlike ipv4/ipv6, DecNET ties the advmss to the mtu and thus updates
      advmss on pmtu updates.  This inconsistency in advmss handling
      results in more raw metric accesses than I wish we ended up with.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0dbaee3b
  3. 10 12月, 2010 1 次提交
    • D
      net: Abstract away all dst_entry metrics accesses. · defb3519
      David S. Miller 提交于
      Use helper functions to hide all direct accesses, especially writes,
      to dst_entry metrics values.
      
      This will allow us to:
      
      1) More easily change how the metrics are stored.
      
      2) Implement COW for metrics.
      
      In particular this will help us put metrics into the inetpeer
      cache if that is what we end up doing.  We can make the _metrics
      member a pointer instead of an array, initially have it point
      at the read-only metrics in the FIB, and then on the first set
      grab an inetpeer entry and point the _metrics member there.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      Acked-by: NEric Dumazet <eric.dumazet@gmail.com>
      defb3519
  4. 21 10月, 2010 1 次提交
  5. 21 9月, 2010 1 次提交
    • T
      xfrm: Allow different selector family in temporary state · 8444cf71
      Thomas Egerer 提交于
      The family parameter xfrm_state_find is used to find a state matching a
      certain policy. This value is set to the template's family
      (encap_family) right before xfrm_state_find is called.
      The family parameter is however also used to construct a temporary state
      in xfrm_state_find itself which is wrong for inter-family scenarios
      because it produces a selector for the wrong family. Since this selector
      is included in the xfrm_user_acquire structure, user space programs
      misinterpret IPv6 addresses as IPv4 and vice versa.
      This patch splits up the original init_tempsel function into a part that
      initializes the selector respectively the props and id of the temporary
      state, to allow for differing ip address families whithin the state.
      Signed-off-by: NThomas Egerer <thomas.egerer@secunet.com>
      Signed-off-by: NSteffen Klassert <steffen.klassert@secunet.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8444cf71
  6. 15 7月, 2010 1 次提交
  7. 26 6月, 2010 1 次提交
    • E
      snmp: add align parameter to snmp_mib_init() · 1823e4c8
      Eric Dumazet 提交于
      In preparation for 64bit snmp counters for some mibs,
      add an 'align' parameter to snmp_mib_init(), instead
      of assuming mibs only contain 'unsigned long' fields.
      
      Callers can use __alignof__(type) to provide correct
      alignment.
      Signed-off-by: NEric Dumazet <eric.dumazet@gmail.com>
      CC: Herbert Xu <herbert@gondor.apana.org.au>
      CC: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
      CC: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
      CC: Vlad Yasevich <vladislav.yasevich@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1823e4c8
  8. 25 6月, 2010 1 次提交
  9. 02 6月, 2010 1 次提交
  10. 18 5月, 2010 1 次提交
  11. 16 5月, 2010 1 次提交
    • T
      xfrm: fix policy unreferencing on larval drop · a1aa3483
      Timo Teras 提交于
      I mistakenly had the error path to use num_pols to decide how
      many policies we need to drop (cruft from earlier patch set
      version which did not handle socket policies right).
      
      This is wrong since normally we do not keep explicit references
      (instead we hold reference to the cache entry which holds references
      to policies). drop_pols is set to num_pols if we are holding the
      references, so use that. Otherwise we eventually BUG_ON inside
      xfrm_policy_destroy due to premature policy deletion.
      Signed-off-by: NTimo Teras <timo.teras@iki.fi>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      a1aa3483
  12. 01 5月, 2010 1 次提交
  13. 07 4月, 2010 3 次提交
  14. 02 4月, 2010 1 次提交
    • T
      xfrm: remove policy lock when accessing policy->walk.dead · ea2dea9d
      Timo Teräs 提交于
      All of the code considers ->dead as a hint that the cached policy
      needs to get refreshed. The read side can just drop the read lock
      without any side effects.
      
      The write side needs to make sure that it's written only exactly
      once. Only possible race is at xfrm_policy_kill(). This is fixed
      by checking result of __xfrm_policy_unlink() when needed. It will
      always succeed if the policy object is looked up from the hash
      list (so some checks are removed), but it needs to be checked if
      we are trying to unlink policy via a reference (appropriate
      checks added).
      
      Since policy->walk.dead is written exactly once, it no longer
      needs to be protected with a write lock.
      Signed-off-by: NTimo Teras <timo.teras@iki.fi>
      Acked-by: NHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ea2dea9d
  15. 03 3月, 2010 1 次提交
  16. 24 2月, 2010 1 次提交
  17. 23 2月, 2010 2 次提交
  18. 20 2月, 2010 1 次提交
  19. 19 2月, 2010 1 次提交
  20. 18 2月, 2010 1 次提交
    • D
      xfrm: Revert false event eliding commits. · 069c474e
      David S. Miller 提交于
      As reported by Alexey Dobriyan:
      
      --------------------
      setkey now takes several seconds to run this simple script
      and it spits "recv: Resource temporarily unavailable" messages.
      
      #!/usr/sbin/setkey -f
      flush;
      spdflush;
      
      add A B ipcomp 44 -m tunnel -C deflate;
      add B A ipcomp 45 -m tunnel -C deflate;
      
      spdadd A B any -P in ipsec
              ipcomp/tunnel/192.168.1.2-192.168.1.3/use;
      spdadd B A any -P out ipsec
              ipcomp/tunnel/192.168.1.3-192.168.1.2/use;
      --------------------
      
      Obviously applications want the events even when the table
      is empty.  So we cannot make this behavioral change.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      069c474e
  21. 17 2月, 2010 1 次提交
    • T
      percpu: add __percpu sparse annotations to net · 7d720c3e
      Tejun Heo 提交于
      Add __percpu sparse annotations to net.
      
      These annotations are to make sparse consider percpu variables to be
      in a different address space and warn if accessed without going
      through percpu accessors.  This patch doesn't affect normal builds.
      
      The macro and type tricks around snmp stats make things a bit
      interesting.  DEFINE/DECLARE_SNMP_STAT() macros mark the target field
      as __percpu and SNMP_UPD_PO_STATS() macro is updated accordingly.  All
      snmp_mib_*() users which used to cast the argument to (void **) are
      updated to cast it to (void __percpu **).
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Acked-by: NDavid S. Miller <davem@davemloft.net>
      Cc: Patrick McHardy <kaber@trash.net>
      Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
      Cc: Vlad Yasevich <vladislav.yasevich@hp.com>
      Cc: netdev@vger.kernel.org
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      7d720c3e
  22. 16 2月, 2010 1 次提交
    • J
      xfrm: Flushing empty SPD generates false events · 0dca3a84
      jamal 提交于
      Observed similar behavior on SPD as previouly seen on SAD flushing..
      This fixes it.
      
      cheers,
      jamal
      commit 428b20432dc31bc2e01a94cd451cf5a2c00d2bf4
      Author: Jamal Hadi Salim <hadi@cyberus.ca>
      Date:   Thu Feb 11 05:49:38 2010 -0500
      
          xfrm: Flushing empty SPD generates false events
      
          To see the effect make sure you have an empty SPD.
          On window1 "ip xfrm mon" and on window2 issue "ip xfrm policy flush"
          You get prompt back in window1 and you see the flush event on window2.
          With this fix, you still get prompt on window1 but no event on window2.
      Signed-off-by: NJamal Hadi Salim <hadi@cyberus.ca>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      0dca3a84
  23. 25 1月, 2010 1 次提交
  24. 24 1月, 2010 1 次提交
  25. 27 12月, 2009 1 次提交
  26. 03 6月, 2009 1 次提交
  27. 03 12月, 2008 2 次提交
    • W
      xfrm: Cleanup for unlink SPD entry · 29fa0b30
      Wei Yongjun 提交于
      Used __xfrm_policy_unlink() to instead of the dup codes when unlink
      SPD entry.
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      29fa0b30
    • W
      xfrm: Fix kernel panic when flush and dump SPD entries · d5654efd
      Wei Yongjun 提交于
      After flush the SPD entries, dump the SPD entries will cause kernel painc.
      
      Used the following commands to reproduct:
      
      - echo 'spdflush;' | setkey -c
      - echo 'spdadd 3ffe:501:ffff:ff01::/64 3ffe:501:ffff:ff04::/64  any -P out ipsec \
        ah/tunnel/3ffe:501:ffff:ff00:200:ff:fe00:b0b0-3ffe:501:ffff:ff02:200:ff:fe00:a1a1/require;\
        spddump;' | setkey -c
      - echo 'spdflush; spddump;' | setkey -c
      - echo 'spdadd 3ffe:501:ffff:ff01::/64 3ffe:501:ffff:ff04::/64  any -P out ipsec \
        ah/tunnel/3ffe:501:ffff:ff00:200:ff:fe00:b0b0-3ffe:501:ffff:ff02:200:ff:fe00:a1a1/require;\
        spddump;' | setkey -c
      
      This is because when flush the SPD entries, the SPD entry is not remove
      from the list.
      
      This patch fix the problem by remove the SPD entry from the list.
      Signed-off-by: NWei Yongjun <yjwei@cn.fujitsu.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d5654efd
  28. 26 11月, 2008 9 次提交