1. 11 6月, 2012 5 次提交
    • D
      inet: Avoid potential NULL peer dereference. · 7b34ca2a
      David S. Miller 提交于
      We handle NULL in rt{,6}_set_peer but then our caller will try to pass
      that NULL pointer into inet_putpeer() which isn't ready for it.
      
      Fix this by moving the NULL check one level up, and then remove the
      now unnecessary NULL check from inetpeer_ptr_set_peer().
      Reported-by: NEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      7b34ca2a
    • D
      inet: Use FIB table peer roots in routes. · 8b96d22d
      David S. Miller 提交于
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8b96d22d
    • D
      inet: Add family scope inetpeer flushes. · b48c80ec
      David S. Miller 提交于
      This implementation can deal with having many inetpeer roots, which is
      a necessary prerequisite for per-FIB table rooted peer tables.
      
      Each family (AF_INET, AF_INET6) has a sequence number which we bump
      when we get a family invalidation request.
      
      Each peer lookup cheaply checks whether the flush sequence of the
      root we are using is out of date, and if so flushes it and updates
      the sequence number.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b48c80ec
    • D
      ipv4: Kill ip_rt_frag_needed(). · 46517008
      David S. Miller 提交于
      There is zero point to this function.
      
      It's only real substance is to perform an extremely outdated BSD4.2
      ICMP check, which we can safely remove.  If you really have a MTU
      limited link being routed by a BSD4.2 derived system, here's a nickel
      go buy yourself a real router.
      
      The other actions of ip_rt_frag_needed(), checking and conditionally
      updating the peer, are done by the per-protocol handlers of the ICMP
      event.
      
      TCP, UDP, et al. have a handler which will receive this event and
      transmit it back into the associated route via dst_ops->update_pmtu().
      
      This simplification is important, because it eliminates the one place
      where we do not have a proper route context in which to make an
      inetpeer lookup.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      46517008
    • D
      inet: Hide route peer accesses behind helpers. · 97bab73f
      David S. Miller 提交于
      We encode the pointer(s) into an unsigned long with one state bit.
      
      The state bit is used so we can store the inetpeer tree root to use
      when resolving the peer later.
      
      Later the peer roots will be per-FIB table, and this change works to
      facilitate that.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      97bab73f
  2. 10 6月, 2012 3 次提交
  3. 09 6月, 2012 3 次提交
  4. 24 5月, 2012 1 次提交
  5. 20 5月, 2012 1 次提交
  6. 16 5月, 2012 2 次提交
  7. 21 4月, 2012 3 次提交
  8. 19 4月, 2012 1 次提交
  9. 18 4月, 2012 1 次提交
  10. 16 4月, 2012 2 次提交
  11. 05 4月, 2012 1 次提交
  12. 02 4月, 2012 1 次提交
  13. 29 3月, 2012 1 次提交
  14. 28 3月, 2012 1 次提交
    • B
      net/ipv4: fix IPv4 multicast over network namespaces · 4e7b2f14
      Benjamin LaHaise 提交于
      When using multicast over a local bridge feeding a number of LXC guests
      using veth, the LXC guests are unable to get a response from other guests
      when pinging 224.0.0.1.  Multicast packets did not appear to be getting
      delivered to the network namespaces of the guest hosts, and further
      inspection showed that the incoming route was pointing to the loopback
      device of the host, not the guest.  This lead to the wrong network namespace
      being picked up by sockets (like ICMP).  Fix this by using the correct
      network namespace when creating the inbound route entry.
      Signed-off-by: NBenjamin LaHaise <bcrl@kvack.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4e7b2f14
  15. 13 3月, 2012 1 次提交
  16. 12 3月, 2012 1 次提交
    • J
      net: Convert printks to pr_<level> · 058bd4d2
      Joe Perches 提交于
      Use a more current kernel messaging style.
      
      Convert a printk block to print_hex_dump.
      Coalesce formats, align arguments.
      Use %s, __func__ instead of embedding function names.
      
      Some messages that were prefixed with <foo>_close are
      now prefixed with <foo>_fini.  Some ah4 and esp messages
      are now not prefixed with "ip ".
      
      The intent of this patch is to later add something like
        #define pr_fmt(fmt) "IPv4: " fmt.
      to standardize the output messages.
      
      Text size is trivially reduced. (x86-32 allyesconfig)
      
      $ size net/ipv4/built-in.o*
         text	   data	    bss	    dec	    hex	filename
       887888	  31558	 249696	1169142	 11d6f6	net/ipv4/built-in.o.new
       887934	  31558	 249800	1169292	 11d78c	net/ipv4/built-in.o.old
      Signed-off-by: NJoe Perches <joe@perches.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      058bd4d2
  17. 08 3月, 2012 2 次提交
  18. 16 2月, 2012 1 次提交
  19. 27 1月, 2012 1 次提交
    • D
      ipv4/ipv6: Prepare for new route gateway semantics. · 39232973
      David S. Miller 提交于
      In the future the ipv4/ipv6 route gateway will take on two types
      of values:
      
      1) INADDR_ANY/IN6ADDR_ANY, for local network routes, and in this case
         the neighbour must be obtained using the destination address in
         ipv4/ipv6 header as the lookup key.
      
      2) Everything else, the actual nexthop route address.
      
      So if the gateway is not inaddr-any we use it, otherwise we must use
      the packet's destination address.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      39232973
  20. 23 12月, 2011 2 次提交
    • E
      net: introduce DST_NOPEER dst flag · e688a604
      Eric Dumazet 提交于
      Chris Boot reported crashes occurring in ipv6_select_ident().
      
      [  461.457562] RIP: 0010:[<ffffffff812dde61>]  [<ffffffff812dde61>]
      ipv6_select_ident+0x31/0xa7
      
      [  461.578229] Call Trace:
      [  461.580742] <IRQ>
      [  461.582870]  [<ffffffff812efa7f>] ? udp6_ufo_fragment+0x124/0x1a2
      [  461.589054]  [<ffffffff812dbfe0>] ? ipv6_gso_segment+0xc0/0x155
      [  461.595140]  [<ffffffff812700c6>] ? skb_gso_segment+0x208/0x28b
      [  461.601198]  [<ffffffffa03f236b>] ? ipv6_confirm+0x146/0x15e
      [nf_conntrack_ipv6]
      [  461.608786]  [<ffffffff81291c4d>] ? nf_iterate+0x41/0x77
      [  461.614227]  [<ffffffff81271d64>] ? dev_hard_start_xmit+0x357/0x543
      [  461.620659]  [<ffffffff81291cf6>] ? nf_hook_slow+0x73/0x111
      [  461.626440]  [<ffffffffa0379745>] ? br_parse_ip_options+0x19a/0x19a
      [bridge]
      [  461.633581]  [<ffffffff812722ff>] ? dev_queue_xmit+0x3af/0x459
      [  461.639577]  [<ffffffffa03747d2>] ? br_dev_queue_push_xmit+0x72/0x76
      [bridge]
      [  461.646887]  [<ffffffffa03791e3>] ? br_nf_post_routing+0x17d/0x18f
      [bridge]
      [  461.653997]  [<ffffffff81291c4d>] ? nf_iterate+0x41/0x77
      [  461.659473]  [<ffffffffa0374760>] ? br_flood+0xfa/0xfa [bridge]
      [  461.665485]  [<ffffffff81291cf6>] ? nf_hook_slow+0x73/0x111
      [  461.671234]  [<ffffffffa0374760>] ? br_flood+0xfa/0xfa [bridge]
      [  461.677299]  [<ffffffffa0379215>] ?
      nf_bridge_update_protocol+0x20/0x20 [bridge]
      [  461.684891]  [<ffffffffa03bb0e5>] ? nf_ct_zone+0xa/0x17 [nf_conntrack]
      [  461.691520]  [<ffffffffa0374760>] ? br_flood+0xfa/0xfa [bridge]
      [  461.697572]  [<ffffffffa0374812>] ? NF_HOOK.constprop.8+0x3c/0x56
      [bridge]
      [  461.704616]  [<ffffffffa0379031>] ?
      nf_bridge_push_encap_header+0x1c/0x26 [bridge]
      [  461.712329]  [<ffffffffa037929f>] ? br_nf_forward_finish+0x8a/0x95
      [bridge]
      [  461.719490]  [<ffffffffa037900a>] ?
      nf_bridge_pull_encap_header+0x1c/0x27 [bridge]
      [  461.727223]  [<ffffffffa0379974>] ? br_nf_forward_ip+0x1c0/0x1d4 [bridge]
      [  461.734292]  [<ffffffff81291c4d>] ? nf_iterate+0x41/0x77
      [  461.739758]  [<ffffffffa03748cc>] ? __br_deliver+0xa0/0xa0 [bridge]
      [  461.746203]  [<ffffffff81291cf6>] ? nf_hook_slow+0x73/0x111
      [  461.751950]  [<ffffffffa03748cc>] ? __br_deliver+0xa0/0xa0 [bridge]
      [  461.758378]  [<ffffffffa037533a>] ? NF_HOOK.constprop.4+0x56/0x56
      [bridge]
      
      This is caused by bridge netfilter special dst_entry (fake_rtable), a
      special shared entry, where attaching an inetpeer makes no sense.
      
      Problem is present since commit 87c48fa3 (ipv6: make fragment
      identifications less predictable)
      
      Introduce DST_NOPEER dst flag and make sure ipv6_select_ident() and
      __ip_select_ident() fallback to the 'no peer attached' handling.
      Reported-by: NChris Boot <bootc@bootc.net>
      Tested-by: NChris Boot <bootc@bootc.net>
      Signed-off-by: NEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e688a604
    • S
  21. 22 12月, 2011 1 次提交
  22. 06 12月, 2011 2 次提交
  23. 03 12月, 2011 1 次提交
  24. 02 12月, 2011 1 次提交
  25. 01 12月, 2011 1 次提交