- 26 Mar, 2013 35 commits
-
-
David S. Miller authored
Jason Wang says: ==================== We don't set transport header for untrusted packets in the past, but for the follwoing reasons, we need to do it now. - Better packet length estimation (introduced in 1def9238) needs l4 header for gso packets to compute the header length. - Some driver needs l4 header (e.g. ixgbe needs tcp header to do atr). So this patches tries to set transport header for packets from untrusted source (netback, packet, tuntap, macvtap). Plus a fix for better estimation on packet length for DODGY packet. Tested on tun/macvtap/packet, compile test on netback. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Wang authored
gso_segs were reset to zero when kernel receive packets from untrusted source. But we use this zero value to estimate precise packet len which is wrong. So this patch tries to estimate the correct gso_segs value before using it in qdisc_pkt_len_init(). Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Wang authored
Currently, for the packets receives from netback, before doing header check, kernel just reset the transport header in netif_receive_skb() which pretends non l4 header. This is suboptimal for precise packet length estimation (introduced in 1def9238: net_sched: more precise pkt_len computation) which needs correct l4 header for gso packets. The patch just reuse the header probed by netback for partial checksum packets and tries to use skb_flow_dissect() for other cases, if both fail, just pretend no l4 header. Cc: Eric Dumazet <edumazet@google.com> Cc: Ian Campbell <ian.campbell@citrix.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Wang authored
Set the transport header for 1) some drivers (e.g ixgbe needs l4 header to do atr) 2) precise packet length estimation (introduced in 1def9238) needs l4 header to compute header length. So this patch first tries to get l4 header for packet socket through skb_flow_dissect(), and pretend no l4 header if skb_flow_dissect() fails. Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Wang authored
Currently, for the packets receives from tuntap, before doing header check, kernel just reset the transport header in netif_receive_skb() which pretends no l4 header. This is suboptimal for precise packet length estimation (introduced in 1def9238) which needs correct l4 header for gso packets. So this patch set the transport header to csum_start for partial checksum packets, otherwise it first try skb_flow_dissect(), if it fails, just reset the transport header. Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Wang authored
Set the transport header for 1) some drivers (e.g ixgbe) needs l4 header 2) precise packet length estimation (introduced in 1def9238) needs l4 header to compute header length. For the packets with partial checksum, the patch just set the transport header to csum_start. Otherwise tries to use skb_flow_dissect() to get l4 offset, if it fails, just pretend no l4 header. Cc: Eric Dumazet <edumazet@google.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hong zhi guo authored
NLMSG_HDRLEN is already aligned value. It's for directly reference without extra alignment. The redundant alignment here may confuse the API users. Signed-off-by: Hong Zhiguo <honkiko@gmail.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Tony Cheneau says: ==================== This patchset fixes serious bugs within the 6LoWPAN modules. I wrote a script (available at [1]) to prove the issues are real. One can try and see that without these patches, most of the test fail (e.g. packet dropped by the receiver or node crashing). With all patches applied, all tests succeed. The tests themselves are very basic: sending ICMP packets, sending UDP packets, sending TCP packets, varying size of the packets. This actually triggers some 6LoWPAN specific code, namely fragmentation, packet reassembly and header compression. This code passed the checkpatch.pl tool with a few warnings, that I believe are OK. It should apply cleanly on the latest net-next. [1]: https://github.com/tcheneau/linux802154-regression-tests ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
The previous code would just compress the UDP header and send the compressed UDP header along with the uncompressed one. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
Sets the sequence number in the frame format. Without this fix, the sequence number is always set to 0. This makes trafic analysis very hard. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
Bring-over mac802154_dev_get_dsn() function that was present in the Linux ZigBee kernel. This function is called by the 6LoWPAN code in order to properly set the DSN (Data Sequence Number) value in the IEEE 802.15.4 frame. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
Add pr_debug() call in order to debug 6LoWPAN fragmentation and reassembly. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
The first fragment, FRAG1, must contain some payload according to the specs. However, as it is currently written, the first fragment will remain empty and only contain the 6lowpan headers. This patch also extracts the transport layer information from the first fragment. This information is used later on when uncompressing UDP header. Thanks to Wolf-Bastian Pöttner for noticing that the offset value was not properly initialized. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
The IEEE 802.15.4 standard uses the 0xFFFF short address (2 bytes) for message broadcasting. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
This feature is especially important when using fragmentation, because the reassembly mechanism cannot recover from the loss of a fragment. Note that some hardware ignore this flag and not will not transmit acknowledgments even if this is set. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
This causes a drop of the UDP packet. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tony Cheneau authored
The current test is not RFC6282 compliant. The same issue has been found and fixed in Contiki. This patch is basically a port of their fix. Signed-off-by: Tony Cheneau <tony.cheneau@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Hong zhi guo authored
When the legacy array rtm_min still exists, the length check within these functions is covered by rtm_min[RTM_NEWTFILTER], rtm_min[RTM_NEWQDISC] and rtm_min[RTM_NEWTCLASS]. But after Thomas Graf removed rtm_min several days ago, these checks are missing. Other doit functions should be OK. Signed-off-by: Hong Zhiguo <honkiko@gmail.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
YOSHIFUJI Hideaki says: ==================== This is take 4 of supporting IPv6 over Firewire (IEEE 1394) based on RFC3146. Take 3->4: - Fix receiving 1394 ARP, which comes without arp$tha. - Remove rfc3146 unit directory on module exit. - other minor clean-ups - minimize diffs. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
YOSHIFUJI Hideaki / 吉藤英明 authored
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
YOSHIFUJI Hideaki / 吉藤英明 authored
Inspection of upper layer protocol is considered harmful, especially if it is about ARP or other stateful upper layer protocol; driver cannot (and should not) have full state of them. IPv4 over Firewire module used to inspect ARP (both in sending path and in receiving path), and record peer's GUID, max packet size, max speed and fifo address. This patch removes such inspection by extending our "hardware address" definition to include other information as well: max packet size, max speed and fifo. By doing this, The neighbour module in networking subsystem can cache them. Note: As we have started ignoring sspd and max_rec in ARP/NDP, those information will not be used in the driver when sending. When a packet is being sent, the IP layer fills our pseudo header with the extended "hardware address", including GUID and fifo. The driver can look-up node-id (the real but rather volatile low-level address) by GUID, and then the module can send the packet to the wire using parameters provided in the extendedn hardware address. This approach is realistic because IP over IEEE1394 (RFC2734) and IPv6 over IEEE1394 (RFC3146) share same "hardware address" format in their address resolution protocols. Here, extended "hardware address" is defined as follows: union fwnet_hwaddr { u8 u[16]; struct { __be64 uniq_id; /* EUI-64 */ u8 max_rec; /* max packet size */ u8 sspd; /* max speed */ __be16 fifo_hi; /* hi 16bits of FIFO addr */ __be32 fifo_lo; /* lo 32bits of FIFO addr */ } __packed uc; }; Note that Hardware address is declared as union, so that we can map full IP address into this, when implementing MCAP (Multicast Cannel Allocation Protocol) for IPv6, but IP and ARP subsystem do not need to know this format in detail. One difference between original ARP (RFC826) and 1394 ARP (RFC2734) is that 1394 ARP Request/Reply do not contain the target hardware address field (aka ar$tha). This difference is handled in the ARP subsystem. CC: Stephan Gatzka <stephan.gatzka@gmail.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
YOSHIFUJI Hideaki / 吉藤英明 authored
Stefan Richter <stefanr@s5r6.in-berlin.de> says: | As far as I can tell, it would be best to ignore max_rec and sspd from ARP | and NDP but keep using the respective information from firewire-core | instead (handed over by fwnet_probe()). | | Why? As I noted earlier, RFC 2734:1999 and RFC 3146:2001 were apparently | written with a too simplistic notion of IEEE 1394 bus topology, resulting | in max_rec and sspd in ARP-1394 and NDP-1394 to be useless, IMO. | | Consider a bus like this: | | A ---- B ==== C | | A, B, C are all IP-over-1394 capable nodes. ---- is an S400 cable hop, | and ==== is an S800 cable hop. | | In case of unicasts or multicasts in which node A is involved as | transmitter or receiver, as well as in case of broadcasts, the speeds | S100, S200, S400 work and speed S400 is optimal. | | In case of anything else, IOW in case of unicasts or multicasts in which | only nodes B and C are involved, the speeds S100, S200, S400, S800 work | and speed S800 is optimal. | | Clearly, node A should indicate sspd = S400 in its ARP or NDP packets. | But which sspd should nodes B and C set there? Maybe they set S400, which | would work but would waste half of the available bandwidth in the second | case. Or maybe they set S800, which is OK in the second case but would | prohibit any communication with node A if blindly taken for correct. | | On the other hand, firewire-core *always* gives us the correct and optimum | peer-to-peer speed and asynchronous packet payload, no matter how simple | or complex the bus topology is and no matter in which temporal order nodes | join the bus and are discovered. CC: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
YOSHIFUJI Hideaki / 吉藤英明 authored
Allocate FIFO address before registering net_device. This is preparation to change the pseudo hardware address format for firewire devices to include the offset of the FIFO for receipt of unicast datagrams, instead of mangling ARP/NDP messages in the driver layer. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
YOSHIFUJI Hideaki / 吉藤英明 authored
Send L2 multicast packet via GASP (Global asynchronous stream packet) by seeing the multicast bit in the L2 hardware address, not by seeing upper- layer protocol address. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
YOSHIFUJI Hideaki / 吉藤英明 authored
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Sekhar Nori authored
Use devres APIs where possible to simplify error handling in driver probe. While at it, also rename the goto targets in error path to introduce some consistency in how they are named. Signed-off-by: Sekhar Nori <nsekhar@ti.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Pravin B Shelar says: ==================== Following patch series restructure GRE and IPIP tunneling code to make it modular. It adds ip_tunnel module which acts as generic tunneling layer which has common code. These patches do not change any functionality. v3:v4: - Fixed compilation error in ipv6. - Few coding style fixes. v2-v3: - Use GPL exports for all export symbols. - Set default config NET_IP_TUNNEL to m. v1-v2: - Dropped patch to convert gre_proto_lock to rtnl lock. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
Use common function get calculate rtnl_link_stats64 stats. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
Use common ecn_encap functions from ip_tunnel module. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
Fixes bug in VXLAN code where is iptunnel_xmit() called with NULL dev->tstats. This bug was introduced in commit 6aed0c8b (tunnel: use iptunnel_xmit() again). Following patch fixes bug by setting dev->tstats. It uses ip_tunnel module code to share stats function. CC: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
Reuse common ip-tunneling code which is re-factored from GRE module. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
Following patch refactors GRE code into ip tunneling code and GRE specific code. Common tunneling code is moved to ip_tunnel module. ip_tunnel module is written as generic library which can be used by different tunneling implementations. ip_tunnel module contains following components: - packet xmit and rcv generic code. xmit flow looks like (gre_xmit/ipip_xmit)->ip_tunnel_xmit->ip_local_out. - hash table of all devices. - lookup for tunnel devices. - control plane operations like device create, destroy, ioctl, netlink operations code. - registration for tunneling modules, like gre, ipip etc. - define single pcpu_tstats dev->tstats. - struct tnl_ptk_info added to pass parsed tunnel packet parameters. ipip.h header is renamed to ip_tunnel.h Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 25 Mar, 2013 5 commits
-
-
David S. Miller authored
It's always zero. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
ip-header id needs to be incremented even if IP_DF flag is set. This behaviour was changed in commit 490ab081 (IP_GRE: Fix IP-Identification). Following patch fixes it so that identification is always incremented. Reported-by: Cong Wang <amwang@redhat.com> Acked-by: Cong Wang <amwang@redhat.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
-
Pravin B Shelar authored
This reverts commit d6a8c36d. Next commit makes this commit unnecessary. Acked-by: Cong Wang <amwang@redhat.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pravin B Shelar authored
This reverts commit 10c0d7ed. Next commit makes this commit unnecessary. Acked-by: Cong Wang <amwang@redhat.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Florian Fainelli authored
If we have defined a sparse port allocation which is non-contiguous and contains gaps, the code freeing port_names will just stop when it encouters a first NULL port_names, which is not right, we should iterate over all possible number of ports (DSA_MAX_PORTS) until we are done. Signed-off-by: Florian Fainelli <florian@openwrt.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-