1. 01 11月, 2007 1 次提交
  2. 11 10月, 2007 3 次提交
    • D
      [IPV4]: Add ICMPMsgStats MIB (RFC 4293) · 96793b48
      David L Stevens 提交于
      Background: RFC 4293 deprecates existing individual, named ICMP
      type counters to be replaced with the ICMPMsgStatsTable. This table
      includes entries for both IPv4 and IPv6, and requires counting of all
      ICMP types, whether or not the machine implements the type.
      
      These patches "remove" (but not really) the existing counters, and
      replace them with the ICMPMsgStats tables for v4 and v6.
      It includes the named counters in the /proc places they were, but gets the
      values for them from the new tables. It also counts packets generated
      from raw socket output (e.g., OutEchoes, MLD queries, RA's from
      radvd, etc).
      
      Changes:
      1) create icmpmsg_statistics mib
      2) create icmpv6msg_statistics mib
      3) modify existing counters to use these
      4) modify /proc/net/snmp to add "IcmpMsg" with all ICMP types
              listed by number for easy SNMP parsing
      5) modify /proc/net/snmp printing for "Icmp" to get the named data
              from new counters.
      Signed-off-by: NDavid L Stevens <dlstevens@us.ibm.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      96793b48
    • D
      c40f6fff
    • E
      [NET]: Make socket creation namespace safe. · 1b8d7ae4
      Eric W. Biederman 提交于
      This patch passes in the namespace a new socket should be created in
      and has the socket code do the appropriate reference counting.  By
      virtue of this all socket create methods are touched.  In addition
      the socket create methods are modified so that they will fail if
      you attempt to create a socket in a non-default network namespace.
      
      Failing if we attempt to create a socket outside of the default
      network namespace ensures that as we incrementally make the network stack
      network namespace aware we will not export functionality that someone
      has not audited and made certain is network namespace safe.
      Allowing us to partially enable network namespaces before all of the
      exotic protocols are supported.
      
      Any protocol layers I have missed will fail to compile because I now
      pass an extra parameter into the socket creation code.
      
      [ Integrated AF_IUCV build fixes from Andrew Morton... -DaveM ]
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1b8d7ae4
  3. 03 8月, 2007 1 次提交
    • D
      [TCP]: Invoke tcp_sendmsg() directly, do not use inet_sendmsg(). · 3516ffb0
      David S. Miller 提交于
      As discovered by Evegniy Polyakov, if we try to sendmsg after
      a connection reset, we can do incredibly stupid things.
      
      The core issue is that inet_sendmsg() tries to autobind the
      socket, but we should never do that for TCP.  Instead we should
      just go straight into TCP's sendmsg() code which will do all
      of the necessary state and pending socket error checks.
      
      TCP's sendpage already directly vectors to tcp_sendpage(), so this
      merely brings sendmsg() in line with that.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      3516ffb0
  4. 11 7月, 2007 1 次提交
    • S
      [NET]: IPV6 checksum offloading in network devices · d212f87b
      Stephen Hemminger 提交于
      The existing model for checksum offload does not correctly handle
      devices that can offload IPV4 and IPV6 only. The NETIF_F_HW_CSUM flag
      implies device can do any arbitrary protocol.
      
      This patch:
       * adds NETIF_F_IPV6_CSUM for those devices
       * fixes bnx2 and tg3 devices that need it
       * add NETIF_F_IPV6_CSUM to ipv6 output (incl GSO)
       * fixes assumptions about NETIF_F_ALL_CSUM in nat
       * adjusts bridge union of checksumming computation
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d212f87b
  5. 09 5月, 2007 1 次提交
  6. 26 4月, 2007 9 次提交
  7. 11 2月, 2007 1 次提交
  8. 09 2月, 2007 1 次提交
  9. 10 1月, 2007 1 次提交
  10. 09 1月, 2007 1 次提交
  11. 03 12月, 2006 3 次提交
    • A
      [IPV6]: Assorted trivial endianness annotations. · 714e85be
      Al Viro 提交于
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      714e85be
    • G
      [NET]: Supporting UDP-Lite (RFC 3828) in Linux · ba4e58ec
      Gerrit Renker 提交于
      This is a revision of the previously submitted patch, which alters
      the way files are organized and compiled in the following manner:
      
      	* UDP and UDP-Lite now use separate object files
      	* source file dependencies resolved via header files
      	  net/ipv{4,6}/udp_impl.h
      	* order of inclusion files in udp.c/udplite.c adapted
      	  accordingly
      
      [NET/IPv4]: Support for the UDP-Lite protocol (RFC 3828)
      
      This patch adds support for UDP-Lite to the IPv4 stack, provided as an
      extension to the existing UDPv4 code:
              * generic routines are all located in net/ipv4/udp.c
              * UDP-Lite specific routines are in net/ipv4/udplite.c
              * MIB/statistics support in /proc/net/snmp and /proc/net/udplite
              * shared API with extensions for partial checksum coverage
      
      [NET/IPv6]: Extension for UDP-Lite over IPv6
      
      It extends the existing UDPv6 code base with support for UDP-Lite
      in the same manner as per UDPv4. In particular,
              * UDPv6 generic and shared code is in net/ipv6/udp.c
              * UDP-Litev6 specific extensions are in net/ipv6/udplite.c
              * MIB/statistics support in /proc/net/snmp6 and /proc/net/udplite6
              * support for IPV6_ADDRFORM
              * aligned the coding style of protocol initialisation with af_inet6.c
              * made the error handling in udpv6_queue_rcv_skb consistent;
                to return `-1' on error on all error cases
              * consolidation of shared code
      
      [NET]: UDP-Lite Documentation and basic XFRM/Netfilter support
      
      The UDP-Lite patch further provides
              * API documentation for UDP-Lite
              * basic xfrm support
              * basic netfilter support for IPv4 and IPv6 (LOG target)
      Signed-off-by: NGerrit Renker <gerrit@erg.abdn.ac.uk>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      ba4e58ec
    • E
      [NET]: Size listen hash tables using backlog hint · 72a3effa
      Eric Dumazet 提交于
      We currently allocate a fixed size (TCP_SYNQ_HSIZE=512) slots hash table for
      each LISTEN socket, regardless of various parameters (listen backlog for
      example)
      
      On x86_64, this means order-1 allocations (might fail), even for 'small'
      sockets, expecting few connections. On the contrary, a huge server wanting a
      backlog of 50000 is slowed down a bit because of this fixed limit.
      
      This patch makes the sizing of listen hash table a dynamic parameter,
      depending of :
      - net.core.somaxconn tunable (default is 128)
      - net.ipv4.tcp_max_syn_backlog tunable (default : 256, 1024 or 128)
      - backlog value given by user application  (2nd parameter of listen())
      
      For large allocations (bigger than PAGE_SIZE), we use vmalloc() instead of
      kmalloc().
      
      We still limit memory allocation with the two existing tunables (somaxconn &
      tcp_max_syn_backlog). So for standard setups, this patch actually reduce RAM
      usage.
      Signed-off-by: NEric Dumazet <dada1@cosmosbay.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      72a3effa
  12. 29 9月, 2006 3 次提交
  13. 23 9月, 2006 4 次提交
  14. 09 7月, 2006 1 次提交
  15. 04 7月, 2006 1 次提交
  16. 30 6月, 2006 1 次提交
    • H
      [NET]: Added GSO header verification · 576a30eb
      Herbert Xu 提交于
      When GSO packets come from an untrusted source (e.g., a Xen guest domain),
      we need to verify the header integrity before passing it to the hardware.
      
      Since the first step in GSO is to verify the header, we can reuse that
      code by adding a new bit to gso_type: SKB_GSO_DODGY.  Packets with this
      bit set can only be fed directly to devices with the corresponding bit
      NETIF_F_GSO_ROBUST.  If the device doesn't have that bit, then the skb
      is fed to the GSO engine which will allow the packet to be sent to the
      hardware if it passes the header check.
      
      This patch changes the sg flag to a full features flag.  The same method
      can be used to implement TSO ECN support.  We simply have to mark packets
      with CWR set with SKB_GSO_ECN so that only hardware with a corresponding
      NETIF_F_TSO_ECN can accept them.  The GSO engine can either fully segment
      the packet, or segment the first MTU and pass the rest to the hardware for
      further segmentation.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      576a30eb
  17. 23 6月, 2006 1 次提交
  18. 30 4月, 2006 1 次提交
  19. 21 3月, 2006 2 次提交
  20. 12 1月, 2006 1 次提交
  21. 04 1月, 2006 2 次提交