1. 10 9月, 2016 8 次提交
  2. 09 9月, 2016 10 次提交
    • E
      ipv4: accept u8 in IP_TOS ancillary data · e895cdce
      Eric Dumazet 提交于
      In commit f02db315 ("ipv4: IP_TOS and IP_TTL can be specified as
      ancillary data") Francesco added IP_TOS values specified as integer.
      
      However, kernel sends to userspace (at recvmsg() time) an IP_TOS value
      in a single byte, when IP_RECVTOS is set on the socket.
      
      It can be very useful to reflect all ancillary options as given by the
      kernel in a subsequent sendmsg(), instead of aborting the sendmsg() with
      EINVAL after Francesco patch.
      
      So this patch extends IP_TOS ancillary to accept an u8, so that an UDP
      server can simply reuse same ancillary block without having to mangle
      it.
      
      Jesper can then augment
      https://github.com/netoptimizer/network-testing/blob/master/src/udp_example02.c
      to add TOS reflection ;)
      
      Fixes: f02db315 ("ipv4: IP_TOS and IP_TTL can be specified as ancillary data")
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Francesco Fusco <ffusco@redhat.com>
      Cc: Jesper Dangaard Brouer <brouer@redhat.com>
      Acked-by: NJesper Dangaard Brouer <brouer@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e895cdce
    • D
      bpf: fix range propagation on direct packet access · 2d2be8ca
      Daniel Borkmann 提交于
      LLVM can generate code that tests for direct packet access via
      skb->data/data_end in a way that currently gets rejected by the
      verifier, example:
      
        [...]
         7: (61) r3 = *(u32 *)(r6 +80)
         8: (61) r9 = *(u32 *)(r6 +76)
         9: (bf) r2 = r9
        10: (07) r2 += 54
        11: (3d) if r3 >= r2 goto pc+12
         R1=inv R2=pkt(id=0,off=54,r=0) R3=pkt_end R4=inv R6=ctx
         R9=pkt(id=0,off=0,r=0) R10=fp
        12: (18) r4 = 0xffffff7a
        14: (05) goto pc+430
        [...]
      
        from 11 to 24: R1=inv R2=pkt(id=0,off=54,r=0) R3=pkt_end R4=inv
                       R6=ctx R9=pkt(id=0,off=0,r=0) R10=fp
        24: (7b) *(u64 *)(r10 -40) = r1
        25: (b7) r1 = 0
        26: (63) *(u32 *)(r6 +56) = r1
        27: (b7) r2 = 40
        28: (71) r8 = *(u8 *)(r9 +20)
        invalid access to packet, off=20 size=1, R9(id=0,off=0,r=0)
      
      The reason why this gets rejected despite a proper test is that we
      currently call find_good_pkt_pointers() only in case where we detect
      tests like rX > pkt_end, where rX is of type pkt(id=Y,off=Z,r=0) and
      derived, for example, from a register of type pkt(id=Y,off=0,r=0)
      pointing to skb->data. find_good_pkt_pointers() then fills the range
      in the current branch to pkt(id=Y,off=0,r=Z) on success.
      
      For above case, we need to extend that to recognize pkt_end >= rX
      pattern and mark the other branch that is taken on success with the
      appropriate pkt(id=Y,off=0,r=Z) type via find_good_pkt_pointers().
      Since eBPF operates on BPF_JGT (>) and BPF_JGE (>=), these are the
      only two practical options to test for from what LLVM could have
      generated, since there's no such thing as BPF_JLT (<) or BPF_JLE (<=)
      that we would need to take into account as well.
      
      After the fix:
      
        [...]
         7: (61) r3 = *(u32 *)(r6 +80)
         8: (61) r9 = *(u32 *)(r6 +76)
         9: (bf) r2 = r9
        10: (07) r2 += 54
        11: (3d) if r3 >= r2 goto pc+12
         R1=inv R2=pkt(id=0,off=54,r=0) R3=pkt_end R4=inv R6=ctx
         R9=pkt(id=0,off=0,r=0) R10=fp
        12: (18) r4 = 0xffffff7a
        14: (05) goto pc+430
        [...]
      
        from 11 to 24: R1=inv R2=pkt(id=0,off=54,r=54) R3=pkt_end R4=inv
                       R6=ctx R9=pkt(id=0,off=0,r=54) R10=fp
        24: (7b) *(u64 *)(r10 -40) = r1
        25: (b7) r1 = 0
        26: (63) *(u32 *)(r6 +56) = r1
        27: (b7) r2 = 40
        28: (71) r8 = *(u8 *)(r9 +20)
        29: (bf) r1 = r8
        30: (25) if r8 > 0x3c goto pc+47
         R1=inv56 R2=imm40 R3=pkt_end R4=inv R6=ctx R8=inv56
         R9=pkt(id=0,off=0,r=54) R10=fp
        31: (b7) r1 = 1
        [...]
      
      Verifier test cases are also added in this work, one that demonstrates
      the mentioned example here and one that tries a bad packet access for
      the current/fall-through branch (the one with types pkt(id=X,off=Y,r=0),
      pkt(id=X,off=0,r=0)), then a case with good and bad accesses, and two
      with both test variants (>, >=).
      
      Fixes: 969bf05e ("bpf: direct packet access")
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      2d2be8ca
    • Y
      tcp: use an RB tree for ooo receive queue · 9f5afeae
      Yaogong Wang 提交于
      Over the years, TCP BDP has increased by several orders of magnitude,
      and some people are considering to reach the 2 Gbytes limit.
      
      Even with current window scale limit of 14, ~1 Gbytes maps to ~740,000
      MSS.
      
      In presence of packet losses (or reorders), TCP stores incoming packets
      into an out of order queue, and number of skbs sitting there waiting for
      the missing packets to be received can be in the 10^5 range.
      
      Most packets are appended to the tail of this queue, and when
      packets can finally be transferred to receive queue, we scan the queue
      from its head.
      
      However, in presence of heavy losses, we might have to find an arbitrary
      point in this queue, involving a linear scan for every incoming packet,
      throwing away cpu caches.
      
      This patch converts it to a RB tree, to get bounded latencies.
      
      Yaogong wrote a preliminary patch about 2 years ago.
      Eric did the rebase, added ofo_last_skb cache, polishing and tests.
      
      Tested with network dropping between 1 and 10 % packets, with good
      success (about 30 % increase of throughput in stress tests)
      
      Next step would be to also use an RB tree for the write queue at sender
      side ;)
      Signed-off-by: NYaogong Wang <wygivan@google.com>
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Cc: Yuchung Cheng <ycheng@google.com>
      Cc: Neal Cardwell <ncardwell@google.com>
      Cc: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
      Acked-By: NIlpo Järvinen <ilpo.jarvinen@helsinki.fi>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9f5afeae
    • D
      Merge branch 'ovs-802.1ad' · 3b61075b
      David S. Miller 提交于
      Eric Garver says:
      
      ====================
      openvswitch: add 802.1ad support
      
      This series adds 802.1ad support to openvswitch. It is a continuation of the
      work originally started by Thomas F Herbert - hence the large rev number.
      
      The extra VLAN is implemented by using an additional level of the
      OVS_KEY_ATTR_ENCAP netlink attribute.
      In OVS flow speak, this looks like
      
         eth_type(0x88a8),vlan(vid=100),encap(eth_type(0x8100), vlan(vid=200),
                                              encap(eth_type(0x0800), ...))
      
      The userspace counterpart has also seen recent activity on the ovs-dev mailing
      lists. There are some new 802.1ad OVS tests being added - also on the ovs-dev
      list. This patch series has been tested using the most recent version of
      userspace (v3) and tests (v2).
      
      v22 changes:
        - merge patch 4 into patch 3
        - fix checkpatch.pl errors
          - Still some 80 char warnings for long string literals
        - refresh pointer after pskb_may_pull()
        - refactor vlan nlattr parsing to remove some double checks
        - introduce ovs_nla_put_vlan()
        - move triple VLAN check to after ethertype serialization
        - WARN_ON_ONCE() on triple VLAN and unexpected encap values
      
      v21 changes:
        - Fix (and simplify) netlink attribute parsing
        - re-add handling of truncated VLAN tags
        - fix if/else dangling assignment in {push,pop}_vlan()
        - simplify parse_vlan()
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      3b61075b
    • E
      openvswitch: 802.1AD Flow handling, actions, vlan parsing, netlink attributes · 018c1dda
      Eric Garver 提交于
      Add support for 802.1ad including the ability to push and pop double
      tagged vlans. Add support for 802.1ad to netlink parsing and flow
      conversion. Uses double nested encap attributes to represent double
      tagged vlan. Inner TPID encoded along with ctci in nested attributes.
      
      This is based on Thomas F Herbert's original v20 patch. I made some
      small clean ups and bug fixes.
      Signed-off-by: NThomas F Herbert <thomasfherbert@gmail.com>
      Signed-off-by: NEric Garver <e@erig.me>
      Acked-by: NPravin B Shelar <pshelar@ovn.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      018c1dda
    • E
      vlan: Check for vlan ethernet types for 8021.q or 802.1ad · fe19c4f9
      Eric Garver 提交于
      This is to simplify using double tagged vlans. This function allows all
      valid vlan ethertypes to be checked in a single function call.
      Also replace some instances that check for both ETH_P_8021Q and
      ETH_P_8021AD.
      
      Patch based on one originally by Thomas F Herbert.
      Signed-off-by: NThomas F Herbert <thomasfherbert@gmail.com>
      Signed-off-by: NEric Garver <e@erig.me>
      Acked-by: NPravin B Shelar <pshelar@ovn.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      fe19c4f9
    • T
      openvswitch: 802.1ad uapi changes. · 8c146bb9
      Thomas F Herbert 提交于
      openvswitch: Add support for 8021.AD
      
      Change the description of the VLAN tpid field.
      Signed-off-by: NThomas F Herbert <thomasfherbert@gmail.com>
      Acked-by: NPravin B Shelar <pshelar@ovn.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8c146bb9
    • L
      net: inet: diag: expose the socket mark to privileged processes. · d545caca
      Lorenzo Colitti 提交于
      This adds the capability for a process that has CAP_NET_ADMIN on
      a socket to see the socket mark in socket dumps.
      
      Commit a52e95ab ("net: diag: allow socket bytecode filters to
      match socket marks") recently gave privileged processes the
      ability to filter socket dumps based on mark. This patch is
      complementary: it ensures that the mark is also passed to
      userspace in the socket's netlink attributes.  It is useful for
      tools like ss which display information about sockets.
      
      Tested: https://android-review.googlesource.com/270210Signed-off-by: NLorenzo Colitti <lorenzo@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d545caca
    • Z
      net: ethernet: xilinx: Enable emaclite for MIPS · 74f13c80
      Zubair Lutfullah Kakakhel 提交于
      The MIPS based xilfpga platform uses this driver.
      Enable it for MIPS
      Signed-off-by: NZubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      74f13c80
    • D
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next · 575f9c43
      David S. Miller 提交于
      Steffen Klassert says:
      
      ====================
      ipsec-next 2016-09-08
      
      1) Constify the xfrm_replay structures. From Julia Lawall
      
      2) Protect xfrm state hash tables with rcu, lookups
         can be done now without acquiring xfrm_state_lock.
         From Florian Westphal.
      
      3) Protect xfrm policy hash tables with rcu, lookups
         can be done now without acquiring xfrm_policy_lock.
         From Florian Westphal.
      
      4) We don't need to have a garbage collector list per
         namespace anymore, so use a global one instead.
         From Florian Westphal.
      ====================
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      575f9c43
  3. 08 9月, 2016 19 次提交
  4. 07 9月, 2016 3 次提交
    • D
      rxrpc: Add tracepoint for working out where aborts happen · 5a42976d
      David Howells 提交于
      Add a tracepoint for working out where local aborts happen.  Each
      tracepoint call is labelled with a 3-letter code so that they can be
      distinguished - and the DATA sequence number is added too where available.
      
      rxrpc_kernel_abort_call() also takes a 3-letter code so that AFS can
      indicate the circumstances when it aborts a call.
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      5a42976d
    • D
      rxrpc: Fix returns of call completion helpers · e8d6bbb0
      David Howells 提交于
      rxrpc_set_call_completion() returns bool, not int, so the ret variable
      should match this.
      
      rxrpc_call_completed() and __rxrpc_call_completed() should return the value
      of rxrpc_set_call_completion().
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      e8d6bbb0
    • D
      rxrpc: Calls shouldn't hold socket refs · 8d94aa38
      David Howells 提交于
      rxrpc calls shouldn't hold refs on the sock struct.  This was done so that
      the socket wouldn't go away whilst the call was in progress, such that the
      call could reach the socket's queues.
      
      However, we can mark the socket as requiring an RCU release and rely on the
      RCU read lock.
      
      To make this work, we do:
      
       (1) rxrpc_release_call() removes the call's call user ID.  This is now
           only called from socket operations and not from the call processor:
      
      	rxrpc_accept_call() / rxrpc_kernel_accept_call()
      	rxrpc_reject_call() / rxrpc_kernel_reject_call()
      	rxrpc_kernel_end_call()
      	rxrpc_release_calls_on_socket()
      	rxrpc_recvmsg()
      
           Though it is also called in the cleanup path of
           rxrpc_accept_incoming_call() before we assign a user ID.
      
       (2) Pass the socket pointer into rxrpc_release_call() rather than getting
           it from the call so that we can get rid of uninitialised calls.
      
       (3) Fix call processor queueing to pass a ref to the work queue and to
           release that ref at the end of the processor function (or to pass it
           back to the work queue if we have to requeue).
      
       (4) Skip out of the call processor function asap if the call is complete
           and don't requeue it if the call is complete.
      
       (5) Clean up the call immediately that the refcount reaches 0 rather than
           trying to defer it.  Actual deallocation is deferred to RCU, however.
      
       (6) Don't hold socket refs for allocated calls.
      
       (7) Use the RCU read lock when queueing a message on a socket and treat
           the call's socket pointer according to RCU rules and check it for
           NULL.
      
           We also need to use the RCU read lock when viewing a call through
           procfs.
      
       (8) Transmit the final ACK/ABORT to a client call in rxrpc_release_call()
           if this hasn't been done yet so that we can then disconnect the call.
           Once the call is disconnected, it won't have any access to the
           connection struct and the UDP socket for the call work processor to be
           able to send the ACK.  Terminal retransmission will be handled by the
           connection processor.
      
       (9) Release all calls immediately on the closing of a socket rather than
           trying to defer this.  Incomplete calls will be aborted.
      
      The call refcount model is much simplified.  Refs are held on the call by:
      
       (1) A socket's user ID tree.
      
       (2) A socket's incoming call secureq and acceptq.
      
       (3) A kernel service that has a call in progress.
      
       (4) A queued call work processor.  We have to take care to put any call
           that we failed to queue.
      
       (5) sk_buffs on a socket's receive queue.  A future patch will get rid of
           this.
      
      Whilst we're at it, we can do:
      
       (1) Get rid of the RXRPC_CALL_EV_RELEASE event.  Release is now done
           entirely from the socket routines and never from the call's processor.
      
       (2) Get rid of the RXRPC_CALL_DEAD state.  Calls now end in the
           RXRPC_CALL_COMPLETE state.
      
       (3) Get rid of the rxrpc_call::destroyer work item.  Calls are now torn
           down when their refcount reaches 0 and then handed over to RCU for
           final cleanup.
      
       (4) Get rid of the rxrpc_call::deadspan timer.  Calls are cleaned up
           immediately they're finished with and don't hang around.
           Post-completion retransmission is handled by the connection processor
           once the call is disconnected.
      
       (5) Get rid of the dead call expiry setting as there's no longer a timer
           to set.
      
       (6) rxrpc_destroy_all_calls() can just check that the call list is empty.
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      8d94aa38