1. 24 9月, 2009 1 次提交
  2. 17 9月, 2009 1 次提交
  3. 02 9月, 2009 1 次提交
    • A
      netns: embed ip6_dst_ops directly · 86393e52
      Alexey Dobriyan 提交于
      struct net::ipv6.ip6_dst_ops is separatedly dynamically allocated,
      but there is no fundamental reason for it. Embed it directly into
      struct netns_ipv6.
      
      For that:
      * move struct dst_ops into separate header to fix circular dependencies
      	I honestly tried not to, it's pretty impossible to do other way
      * drop dynamical allocation, allocate together with netns
      
      For a change, remove struct dst_ops::dst_net, it's deducible
      by using container_of() given dst_ops pointer.
      Signed-off-by: NAlexey Dobriyan <adobriyan@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      86393e52
  4. 23 6月, 2009 1 次提交
  5. 03 6月, 2009 1 次提交
  6. 21 5月, 2009 1 次提交
    • J
      IPv6: set RTPROT_KERNEL to initial route · 4f724279
      Jean-Mickael Guerin 提交于
      The use of unspecified protocol in IPv6 initial route prevents quagga to
      install IPv6 default route:
      # show ipv6 route
      S   ::/0 [1/0] via fe80::1, eth1_0
      K>* ::/0 is directly connected, lo, rej
      C>* ::1/128 is directly connected, lo
      C>* fe80::/64 is directly connected, eth1_0
      
      # ip -6 route
      fe80::/64 dev eth1_0  proto kernel  metric 256  mtu 1500 advmss 1440
      hoplimit -1
      ff00::/8 dev eth1_0  metric 256  mtu 1500 advmss 1440 hoplimit -1
      unreachable default dev lo  proto none  metric -1  error -101 hoplimit 255
      
      The attached patch ensures RTPROT_KERNEL to the default initial route
      and fixes the problem for quagga.
      This is similar to "ipv6: protocol for address routes"
      f410a1fb.
      
      # show ipv6 route
      S>* ::/0 [1/0] via fe80::1, eth1_0
      C>* ::1/128 is directly connected, lo
      C>* fe80::/64 is directly connected, eth1_0
      
      # ip -6 route
      fe80::/64 dev eth1_0  proto kernel  metric 256  mtu 1500 advmss 1440
      hoplimit -1
      fe80::/64 dev eth1_0  proto kernel  metric 256  mtu 1500 advmss 1440
      hoplimit -1
      ff00::/8 dev eth1_0  metric 256  mtu 1500 advmss 1440 hoplimit -1
      default via fe80::1 dev eth1_0  proto zebra  metric 1024  mtu 1500
      advmss 1440 hoplimit -1
      unreachable default dev lo  proto kernel  metric -1  error -101 hoplimit 255
      Signed-off-by: NJean-Mickael Guerin <jean-mickael.guerin@6wind.com>
      Signed-off-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4f724279
  7. 25 2月, 2009 1 次提交
    • P
      netlink: change nlmsg_notify() return value logic · 1ce85fe4
      Pablo Neira Ayuso 提交于
      This patch changes the return value of nlmsg_notify() as follows:
      
      If NETLINK_BROADCAST_ERROR is set by any of the listeners and
      an error in the delivery happened, return the broadcast error;
      else if there are no listeners apart from the socket that
      requested a change with the echo flag, return the result of the
      unicast notification. Thus, with this patch, the unicast
      notification is handled in the same way of a broadcast listener
      that has set the NETLINK_BROADCAST_ERROR socket flag.
      
      This patch is useful in case that the caller of nlmsg_notify()
      wants to know the result of the delivery of a netlink notification
      (including the broadcast delivery) and take any action in case
      that the delivery failed. For example, ctnetlink can drop packets
      if the event delivery failed to provide reliable logging and
      state-synchronization at the cost of dropping packets.
      
      This patch also modifies the rtnetlink code to ignore the return
      value of rtnl_notify() in all callers. The function rtnl_notify()
      (before this patch) returned the error of the unicast notification
      which makes rtnl_set_sk_err() reports errors to all listeners. This
      is not of any help since the origin of the change (the socket that
      requested the echoing) notices the ENOBUFS error if the notification
      fails and should resync itself.
      Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
      Acked-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1ce85fe4
  8. 01 2月, 2009 1 次提交
  9. 28 1月, 2009 1 次提交
    • T
      IPv6: Fix multicast routing bugs. · 1d6e55f1
      Thomas Goff 提交于
      This patch addresses the IPv6 multicast routing issues described
      below.  It was tested with XORP 1.4/1.5 as the IPv6 PIM-SM routing
      daemon against FreeBSD peers.
      
      net/ipv6/ip6_input.c:
      
        - Don't try to forward link-local multicast packets.
      
        - Don't reset skb2->dev before calling ip6_mr_input() so packets can
          be identified as coming from the PIM register vif properly.
      
      net/ipv6/ip6mr.c:
      
        - Fix incoming PIM register messages processing:
      
          * The IPv6 pseudo-header should be included when checksumming PIM
            messages (RFC 4601 section 4.9; RFC 3973 section 4.7.1).
      
          * Packets decapsulated from PIM register messages should have
            skb->protocol ETH_P_IPV6.
      
        - Enable/disable IPv6 multicast forwarding on the corresponding
          interface when a routing daemon adds/removes a multicast virtual
          interface.
      
        - Remove incorrect skb_pull() to fix userspace signaling.
      
        - Enable/disable global IPv6 multicast forwarding when an IPv6
          multicast routing socket is opened/closed.
      
      net/ipv6/route.c:
      
        - Don't use strict routing logic for packets decapsulated from PIM
          register messages (similar to disabling rp_filter for the IPv4
          case).
      Signed-off-by: NThomas Goff <thomas.goff@boeing.com>
      Reviewed-by: NFred Templin <fred.l.templin@boeing.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1d6e55f1
  10. 09 1月, 2009 1 次提交
  11. 05 1月, 2009 1 次提交
    • D
      ipv6: Fix sporadic sendmsg -EINVAL when sending to multicast groups. · 14deae41
      David S. Miller 提交于
      Thanks to excellent diagnosis by Eduard Guzovsky.
      
      The core problem is that on a network with lots of active
      multicast traffic, the neighbour cache can fill up.  If
      we try to allocate a new route and thus neighbour cache
      entry, the bog-standard GC attempt the neighbour layer does
      in ineffective because route entries hold a reference
      to the existing neighbour entries and GC can only liberate
      entries with no references.
      
      IPV4 already has a way to handle this, by doing a route cache
      GC in such situations (when neigh attach returns -ENOBUFS).
      
      So simply mimick this on the ipv6 side.
      Tested-by: NEduard Guzovsky <eguzovsky@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      14deae41
  12. 11 12月, 2008 1 次提交
    • B
      netns: ip6mr: enable namespace support in ipv6 multicast forwarding code · 8229efda
      Benjamin Thery 提交于
      This last patch makes the appropriate changes to use and propagate the
      network namespace where needed in IPv6 multicast forwarding code.
      
      This consists mainly in replacing all the remaining init_net occurences
      with current netns pointer retrieved from sockets, net devices or 
      mfc6_caches depending on the routines' contexts.
      
      Some routines receive a new 'struct net' parameter to propagate the current
      netns:
      * ip6mr_get_route
      * ip6mr_cache_report
      * ip6mr_cache_find
      * ip6mr_cache_unresolved
      * mif6_add/mif6_delete
      * ip6mr_mfc_add/ip6mr_mfc_delete
      * ip6mr_reg_vif
      
      All the IPv6 multicast forwarding variables moved to struct netns_ipv6 by
      the previous patches are now referenced in the correct namespace.
      
      Changelog:
      ==========
      * Take into account the net associated to mfc6_cache when matching entries in
        mfc_unres_queue list.
      * Call mroute_clean_tables() in ip6mr_net_exit() to free memory allocated
        per-namespace.
      * Call dev_net_set() in ip6mr_reg_vif() to initialize dev->nd_net 
        correctly.
      Signed-off-by: NBenjamin Thery <benjamin.thery@bull.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8229efda
  13. 12 11月, 2008 1 次提交
  14. 04 11月, 2008 1 次提交
    • A
      net: '&' redux · 6d9f239a
      Alexey Dobriyan 提交于
      I want to compile out proc_* and sysctl_* handlers totally and
      stub them to NULL depending on config options, however usage of &
      will prevent this, since taking adress of NULL pointer will break
      compilation.
      
      So, drop & in front of every ->proc_handler and every ->strategy
      handler, it was never needed in fact.
      Signed-off-by: NAlexey Dobriyan <adobriyan@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6d9f239a
  15. 30 10月, 2008 1 次提交
  16. 29 10月, 2008 1 次提交
  17. 09 10月, 2008 1 次提交
  18. 08 10月, 2008 2 次提交
  19. 01 10月, 2008 1 次提交
    • A
      XFRM,IPv6: initialize ip6_dst_blackhole_ops.kmem_cachep · 5dc121e9
      Arnaud Ebalard 提交于
      ip6_dst_blackhole_ops.kmem_cachep is not expected to be NULL (i.e. to
      be initialized) when dst_alloc() is called from ip6_dst_blackhole().
      Otherwise, it results in the following (xfrm_larval_drop is now set to
      1 by default):
      
      [   78.697642] Unable to handle kernel paging request for data at address 0x0000004c
      [   78.703449] Faulting instruction address: 0xc0097f54
      [   78.786896] Oops: Kernel access of bad area, sig: 11 [#1]
      [   78.792791] PowerMac
      [   78.798383] Modules linked in: btusb usbhid bluetooth b43 mac80211 cfg80211 ehci_hcd ohci_hcd sungem sungem_phy usbcore ssb
      [   78.804263] NIP: c0097f54 LR: c0334a28 CTR: c002d430
      [   78.809997] REGS: eef19ad0 TRAP: 0300   Not tainted  (2.6.27-rc5)
      [   78.815743] MSR: 00001032 <ME,IR,DR>  CR: 22242482  XER: 20000000
      [   78.821550] DAR: 0000004c, DSISR: 40000000
      [   78.827278] TASK = eef0df40[3035] 'mip6d' THREAD: eef18000
      [   78.827408] GPR00: 00001032 eef19b80 eef0df40 00000000 00008020 eef19c30 00000001 00000000
      [   78.833249] GPR08: eee5101c c05a5c10 ef9ad500 00000000 24242422 1005787c 00000000 1004f960
      [   78.839151] GPR16: 00000000 10024e90 10050040 48030018 0fe44150 00000000 00000000 eef19c30
      [   78.845046] GPR24: eef19e44 00000000 eef19bf8 efb37c14 eef19bf8 00008020 00009032 c0596064
      [   78.856671] NIP [c0097f54] kmem_cache_alloc+0x20/0x94
      [   78.862581] LR [c0334a28] dst_alloc+0x40/0xc4
      [   78.868451] Call Trace:
      [   78.874252] [eef19b80] [c03c1810] ip6_dst_lookup_tail+0x1c8/0x1dc (unreliable)
      [   78.880222] [eef19ba0] [c0334a28] dst_alloc+0x40/0xc4
      [   78.886164] [eef19bb0] [c03cd698] ip6_dst_blackhole+0x28/0x1cc
      [   78.892090] [eef19be0] [c03d9be8] rawv6_sendmsg+0x75c/0xc88
      [   78.897999] [eef19cb0] [c038bca4] inet_sendmsg+0x4c/0x78
      [   78.903907] [eef19cd0] [c03207c8] sock_sendmsg+0xac/0xe4
      [   78.909734] [eef19db0] [c03209e4] sys_sendmsg+0x1e4/0x2a0
      [   78.915540] [eef19f00] [c03220a8] sys_socketcall+0xfc/0x210
      [   78.921406] [eef19f40] [c0014b3c] ret_from_syscall+0x0/0x38
      [   78.927295] --- Exception: c01 at 0xfe2d730
      [   78.927297]     LR = 0xfe2d71c
      [   78.939019] Instruction dump:
      [   78.944835] 91640018 9144001c 900a0000 4bffff44 9421ffe0 7c0802a6 bf810010 7c9d2378
      [   78.950694] 90010024 7fc000a6 57c0045e 7c000124 <83e3004c> 8383005c 2f9f0000 419e0050
      [   78.956464] ---[ end trace 05fa1ed7972487a1 ]---
      
      As commented by Benjamin Thery, the bug was introduced by
      f2fc6a54, while adding network
      namespaces support to ipv6 routes.
      Signed-off-by: NArnaud Ebalard <arno@natisbad.org>
      Acked-by: NBenjamin Thery <benjamin.thery@bull.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5dc121e9
  20. 11 9月, 2008 1 次提交
    • D
      ipv6: On interface down/unregister, purge icmp routes too. · 1e493d19
      David S. Miller 提交于
      Johannes Berg reported that occaisionally, bringing an interface
      down or unregistering it would hang for up to 30 seconds.  Using
      debugging output he provided it became clear that ICMP6 routes
      were the culprit.
      
      The problem is that ICMP6 routes live in their own world totally
      separate from normal ipv6 routes.  So there are all kinds of special
      cases throughout the ipv6 code to handle this.
      
      While we should really try to unify all of this stuff somehow,
      for the time being let's fix this by purging the ICMP6 routes
      that match the device in question during rt6_ifdown().
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1e493d19
  21. 15 8月, 2008 1 次提交
  22. 13 8月, 2008 1 次提交
    • B
      ipv6: Fix OOPS, ip -f inet6 route get fec0::1, linux-2.6.26, ip6_route_output, rt6_fill_node+0x175 · 5e0115e5
      Brian Haley 提交于
      Alexey Dobriyan wrote:
      > On Thu, Aug 07, 2008 at 07:00:56PM +0200, John Gumb wrote:
      >> Scenario: no ipv6 default route set.
      > 
      >> # ip -f inet6 route get fec0::1
      >>
      >> BUG: unable to handle kernel NULL pointer dereference at 00000000
      >> IP: [<c0369b85>] rt6_fill_node+0x175/0x3b0
      >> EIP is at rt6_fill_node+0x175/0x3b0
      > 
      > 0xffffffff80424dd3 is in rt6_fill_node (net/ipv6/route.c:2191).
      > 2186                    } else
      > 2187    #endif
      > 2188                            NLA_PUT_U32(skb, RTA_IIF, iif);
      > 2189            } else if (dst) {
      > 2190                    struct in6_addr saddr_buf;
      > 2191      ====>         if (ipv6_dev_get_saddr(ip6_dst_idev(&rt->u.dst)->dev,
      >					       ^^^^^^^^^^^^^^^^^^^^^^^^
      >											NULL
      > 
      > 2192                                           dst, 0, &saddr_buf) == 0)
      > 2193                            NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
      > 2194            }
      
      The commit that changed this can't be reverted easily, but the patch
      below works for me.
      
      Fix NULL de-reference in rt6_fill_node() when there's no IPv6 input
      device present in the dst entry.
      Signed-off-by: NBrian Haley <brian.haley@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5e0115e5
  23. 06 8月, 2008 1 次提交
  24. 23 7月, 2008 1 次提交
  25. 20 7月, 2008 1 次提交
  26. 18 7月, 2008 2 次提交
  27. 03 7月, 2008 2 次提交
  28. 28 6月, 2008 1 次提交
  29. 12 6月, 2008 2 次提交
  30. 05 6月, 2008 1 次提交
  31. 21 5月, 2008 1 次提交
    • H
      ipsec: Use the correct ip_local_out function · 1ac06e03
      Herbert Xu 提交于
      Because the IPsec output function xfrm_output_resume does its
      own dst_output call it should always call __ip_local_output
      instead of ip_local_output as the latter may invoke dst_output
      directly.  Otherwise the return values from nf_hook and dst_output
      may clash as they both use the value 1 but for different purposes.
      
      When that clash occurs this can cause a packet to be used after
      it has been freed which usually leads to a crash.  Because the
      offending value is only returned from dst_output with qdiscs
      such as HTB, this bug is normally not visible.
      
      Thanks to Marco Berizzi for his perseverance in tracking this
      down.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1ac06e03
  32. 20 5月, 2008 3 次提交
  33. 05 5月, 2008 1 次提交
  34. 22 4月, 2008 1 次提交