1. 22 Jun, 2021 40 commits
    • David S. Miller's avatar
      Merge branch 'mptcp-C-flag-and-fixes' · 38f75922
      David S. Miller authored
      Mat Martineau says:
      
      ====================
      mptcp: Connection-time 'C' flag and two fixes
      
      Here are six more patches from the MPTCP tree.
      
      Most of them add support for the 'C' flag in the MPTCP connection-time
      option headers. This flag affects how the initial address and port are
      treated by each peer. Normally one peer may send MP_JOIN requests to the
      remote address and port that were used when initiating the MPTCP
      connection. The 'C' bit indicates that MP_JOINs should only be sent to
      remote addresses that have been advertised with ADD_ADDR.
      
      The other two patches are unrelated improvements.
      
      Patches 1-4: Add the 'C' flag feature, a sysctl to optionally enable it,
      and a selftest.
      
      Patch 5: Adjust rp_filter settings in a selftest.
      
      Patch 6: Improve rbuf cleanup for MPTCP sockets.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      38f75922
    • Paolo Abeni's avatar
      mptcp: refine mptcp_cleanup_rbuf · fde56eea
      Paolo Abeni authored
      The current cleanup rbuf tries a bit too hard to avoid acquiring
      the subflow socket lock. We may end-up delaying the needed ack,
      or skip acking a blocked subflow.
      
      Address the above extending the conditions used to trigger the cleanup
      to reflect more closely what TCP does and invoking tcp_cleanup_rbuf()
      on all the active subflows.
      
      Note that we can't replicate the exact tests implemented in
      tcp_cleanup_rbuf(), as MPTCP lacks some of the required info - e.g.
      ping-pong mode.
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fde56eea
    • Yonglong Li's avatar
      selftests: mptcp: turn rp_filter off on each NIC · d8e336f7
      Yonglong Li authored
      To turn rp_filter off we should:
      
        echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter
      
      and
      
        echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
      
      before NIC created.
      Co-developed-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarYonglong Li <liyonglong@chinatelecom.cn>
      Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d8e336f7
    • Geliang Tang's avatar
      selftests: mptcp: add deny_join_id0 testcases · 0cddb4a6
      Geliang Tang authored
      This patch added a new argument '-d' for mptcp_join.sh script, to invoke
      the testcases for the MP_CAPABLE 'C' flag.
      Acked-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarGeliang Tang <geliangtang@gmail.com>
      Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0cddb4a6
    • Geliang Tang's avatar
      mptcp: add deny_join_id0 in mptcp_options_received · df377be3
      Geliang Tang authored
      This patch added a new flag named deny_join_id0 in struct
      mptcp_options_received. Set it when MP_CAPABLE with the flag
      MPTCP_CAP_DENYJOIN_ID0 is received.
      
      Also add a new flag remote_deny_join_id0 in struct mptcp_pm_data. When the
      flag deny_join_id0 is set, set this remote_deny_join_id0 flag.
      
      In mptcp_pm_create_subflow_or_signal_addr, if the remote_deny_join_id0 flag
      is set, and the remote address id is zero, stop this connection.
      Suggested-by: default avatarFlorian Westphal <fw@strlen.de>
      Acked-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarGeliang Tang <geliangtang@gmail.com>
      Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      df377be3
    • Geliang Tang's avatar
      mptcp: add allow_join_id0 in mptcp_out_options · bab6b88e
      Geliang Tang authored
      This patch defined a new flag MPTCP_CAP_DENY_JOIN_ID0 for the third bit,
      labeled "C" of the MP_CAPABLE option.
      
      Add a new flag allow_join_id0 in struct mptcp_out_options. If this flag is
      set, send out the MP_CAPABLE option with the flag MPTCP_CAP_DENY_JOIN_ID0.
      Acked-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarGeliang Tang <geliangtang@gmail.com>
      Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bab6b88e
    • Geliang Tang's avatar
      mptcp: add sysctl allow_join_initial_addr_port · d2f77960
      Geliang Tang authored
      This patch added a new sysctl, named allow_join_initial_addr_port, to
      control whether allow peers to send join requests to the IP address and
      port number used by the initial subflow.
      Suggested-by: default avatarFlorian Westphal <fw@strlen.de>
      Acked-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarGeliang Tang <geliangtang@gmail.com>
      Signed-off-by: default avatarMat Martineau <mathew.j.martineau@linux.intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d2f77960
    • David S. Miller's avatar
      Merge branch 'sctp-packetization-path-MTU' · a432c771
      David S. Miller authored
      Xin Long says:
      
      ====================
      sctp: implement RFC8899: Packetization Layer Path MTU Discovery for SCTP transport
      
      Overview(From RFC8899):
      
        In contrast to PMTUD, Packetization Layer Path MTU Discovery
        (PLPMTUD) [RFC4821] introduces a method that does not rely upon
        reception and validation of PTB messages.  It is therefore more
        robust than Classical PMTUD.  This has become the recommended
        approach for implementing discovery of the PMTU [BCP145].
      
        It uses a general strategy in which the PL sends probe packets to
        search for the largest size of unfragmented datagram that can be sent
        over a network path.  Probe packets are sent to explore using a
        larger packet size.  If a probe packet is successfully delivered (as
        determined by the PL), then the PLPMTU is raised to the size of the
        successful probe.  If a black hole is detected (e.g., where packets
        of size PLPMTU are consistently not received), the method reduces the
        PLPMTU.
      
      SCTP Probe Packets:
      
        As the RFC suggested, the probe packets consist of an SCTP common header
        followed by a HEARTBEAT chunk and a PAD chunk. The PAD chunk is used to
        control the length of the probe packet.  The HEARTBEAT chunk is used to
        trigger the sending of a HEARTBEAT ACK chunk to confirm this probe on
        the HEARTBEAT sender.
      
        The HEARTBEAT chunk also carries a Heartbeat Information parameter that
        includes the probe size to help an implementation associate a HEARTBEAT
        ACK with the size of probe that was sent. The sender use the nonce and
        the probe size to verify the information returned.
      
      Detailed Implementation on SCTP:
      
                             +------+
                    +------->| Base |-----------------+ Connectivity
                    |        +------+                 | or BASE_PLPMTU
                    |           |                     | confirmation failed
                    |           |                     v
                    |           | Connectivity    +-------+
                    |           | and BASE_PLPMTU | Error |
                    |           | confirmed       +-------+
                    |           |                     | Consistent
                    |           v                     | connectivity
         Black Hole |       +--------+                | and BASE_PLPMTU
          detected  |       | Search |<---------------+ confirmed
                    |       +--------+
                    |          ^  |
                    |          |  |
                    |    Raise |  | Search
                    |    timer |  | algorithm
                    |  expired |  | completed
                    |          |  |
                    |          |  v
                    |   +-----------------+
                    +---| Search Complete |
                        +-----------------+
      
        When PLPMTUD is enabled, it's in Base state, and starts to probe with
        BASE_PLPMTU (1200). If this probe succeeds, it goes to Search state;
        If this probe fails, it goes to Error state under which pl.pmtu goes
        down to MIN_PLPMTU (512) and keeps probing with BASE_PLPMTU until it
        succeeds and goes to Search state.
      
        During the Search state, the probe size is growing by a Big step (32)
        every time when the last probe succeeds at the beginning. Once a probe
        (such as 1420) fails after trying MAX_PROBES (3) times, the probe_size
        goes back to the last one (1420 - 32 = 1388), meanwhile 'probe_high'
        is set to 1420 and the growing step becomes a Small one (4). Then the
        probe is continuing with a Small step grown each round. Until it gets
        the optimal size (such as 1400) when probe with its next probe size
        (1404) fails, it sync this size to pathmtu and goes to Complete state.
      
        In Complete state, it will only does a probe check for the pathmtu just
        set, if it fails, which means a Black Hole is detected and it goes back
        to Base state. If it succeeds, it goes back to Search state again, and
        probe is continuing with growing a Small step (1400 + 4). If this probe
        fails, probe_high is set and goes back to 1388 and then Complete state,
        which is kind of a loop normally. However if the env's pathmtu changes
        to a big size somehow, this probe will succeed and then probe continues
        with growing a Big step (1400 + 32) each round until another probe fails.
      
      PTB Messages Process:
      
        PLPMTUD doesn't rely on these package to find the pmtu, and shouldn't
        trust it either. When processing them, it only changes the probe_size
        to PL_PTB_SIZE(info - hlen) if 'pl.pmtu < PL_PTB_SIZE < the current
        probe_size' druing Search state. As this could help probe_size to get
        to the optimal size faster, for exmaple:
      
        pl.pmtu = 1388, probe_size = 1420, while the env's pathmtu = 1400.
        When probe_size is 1420, a Toobig packet with 1400 comes back. If probe
        size changes to use 1400, it will save quite a few rounds to get there.
        But of course after having this value, PLPMTUD will still verify it on
        its own before using it.
      
      Patches:
      
        - Patch 1-6: introduce some new constants/variables from the RFC, systcl
          and members in transport, APIs for the following patches, chunks and
          a timer for the probe sending and some codes for the probe receiving.
      
        - Patch 7-9: implement the state transition on the tx path, rx path and
          toobig ICMP packet processing. This is the main algorithm part.
      
        - Patch 10: activate this feature
      
        - Patch 11-14: improve the process for ICMP packets for SCTP over UDP,
          so that it can also be covered by this feature.
      
      Tests:
      
        - do sysctl and setsockopt tests for this feature's enabling and disabling.
      
        - get these pr_debug points for this feature by
            # cat /sys/kernel/debug/dynamic_debug/control | grep PLP
          and enable them on kernel dynamic debug, then play with the pathmtu and
          check if the state transition and plpmtu change match the RFC.
      
        - do the above tests for SCTP over IPv4/IPv6 and SCTP over UDP.
      
      v1->v2:
        - See Patch 06/14.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a432c771
    • Xin Long's avatar
      sctp: process sctp over udp icmp err on sctp side · 9e47df00
      Xin Long authored
      Previously, sctp over udp was using udp tunnel's icmp err process, which
      only does sk lookup on sctp side. However for sctp's icmp error process,
      there are more things to do, like syncing assoc pmtu/retransmit packets
      for toobig type err, and starting proto_unreach_timer for unreach type
      err etc.
      
      Now after adding PLPMTUD, which also requires to process toobig type err
      on sctp side. This patch is to process icmp err on sctp side by parsing
      the type/code/info in .encap_err_lookup and call sctp's icmp processing
      functions. Note as the 'redirect' err process needs to know the outer
      ip(v6) header's, we have to leave it to udp(v6)_err to handle it.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      9e47df00
    • Xin Long's avatar
      sctp: extract sctp_v4_err_handle function from sctp_v4_err · d8306075
      Xin Long authored
      This patch is to extract sctp_v4_err_handle() from sctp_v4_err() to
      only handle the icmp err after the sock lookup, and it also makes
      the code clearer.
      
      sctp_v4_err_handle() will be used in sctp over udp's err handling
      in the following patch.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d8306075
    • Xin Long's avatar
      sctp: extract sctp_v6_err_handle function from sctp_v6_err · f6549bd3
      Xin Long authored
      This patch is to extract sctp_v6_err_handle() from sctp_v6_err() to
      only handle the icmp err after the sock lookup, and it also makes
      the code clearer.
      
      sctp_v6_err_handle() will be used in sctp over udp's err handling
      in the following patch.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f6549bd3
    • Xin Long's avatar
      sctp: remove the unessessary hold for idev in sctp_v6_err · 237a6a2e
      Xin Long authored
      Same as in tcp_v6_err() and __udp6_lib_err(), there's no need to
      hold idev in sctp_v6_err(), so just call __in6_dev_get() instead.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      237a6a2e
    • Xin Long's avatar
      sctp: enable PLPMTUD when the transport is ready · 7307e4fa
      Xin Long authored
      sctp_transport_pl_reset() is called whenever any of these 3 members in
      transport is changed:
      
        - probe_interval
        - param_flags & SPP_PMTUD_ENABLE
        - state == ACTIVE
      
      If all are true, start the PLPMTUD when it's not yet started. If any of
      these is false, stop the PLPMTUD when it's already running.
      
      sctp_transport_pl_update() is called when the transport dst has changed.
      It will restart the PLPMTUD probe. Again, the pathmtu won't change but
      use the dst's mtu until the Search phase is done.
      
      Note that after using PLPMTUD, the pathmtu is only initialized with the
      dst mtu when the transport dst changes. At other time it is updated by
      pl.pmtu. So sctp_transport_pmtu_check() will be called only when PLPMTUD
      is disabled in sctp_packet_config().
      
      After this patch, the PLPMTUD feature from RFC8899 will be activated
      and can be used by users.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7307e4fa
    • Xin Long's avatar
      sctp: do state transition when receiving an icmp TOOBIG packet · 83696408
      Xin Long authored
      PLPMTUD will short-circuit the old process for icmp TOOBIG packets.
      This part is described in rfc8899#section-4.6.2 (PL_PTB_SIZE =
      PTB_SIZE - other_headers_len). Note that from rfc8899#section-5.2
      State Machine, each case below is for some specific states only:
      
        a) PL_PTB_SIZE < MIN_PLPMTU || PL_PTB_SIZE >= PROBED_SIZE,
           discard it, for any state
      
        b) MIN_PLPMTU < PL_PTB_SIZE < BASE_PLPMTU,
           Base -> Error, for Base state
      
        c) BASE_PLPMTU <= PL_PTB_SIZE < PLPMTU,
           Search -> Base or Complete -> Base, for Search and Complete states.
      
        d) PLPMTU < PL_PTB_SIZE < PROBED_SIZE,
           set pl.probe_size to PL_PTB_SIZE then verify it, for Search state.
      
      The most important one is case d), which will help find the optimal
      fast during searching. Like when pathmtu = 1392 for SCTP over IPv4,
      the search will be (20 is iphdr_len):
      
        1. probe with 1200 - 20
        2. probe with 1232 - 20
        3. probe with 1264 - 20
        ...
        7. probe with 1388 - 20
        8. probe with 1420 - 20
      
      When sending the probe with 1420 - 20, TOOBIG may come with PL_PTB_SIZE =
      1392 - 20. Then it matches case d), and saves some rounds to try with the
      1392 - 20 probe. But of course, PLPMTUD doesn't trust TOOBIG packets, and
      it will go back to the common searching once the probe with the new size
      can't be verified.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      83696408
    • Xin Long's avatar
      sctp: do state transition when a probe succeeds on HB ACK recv path · b87641af
      Xin Long authored
      As described in rfc8899#section-5.2, when a probe succeeds, there might
      be the following state transitions:
      
        - Base -> Search, occurs when probe succeeds with BASE_PLPMTU,
          pl.pmtu is not changing,
          pl.probe_size increases by SCTP_PL_BIG_STEP,
      
        - Error -> Search, occurs when probe succeeds with BASE_PLPMTU,
          pl.pmtu is changed from SCTP_MIN_PLPMTU to SCTP_BASE_PLPMTU,
          pl.probe_size increases by SCTP_PL_BIG_STEP.
      
        - Search -> Search Complete, occurs when probe succeeds with the probe
          size SCTP_MAX_PLPMTU less than pl.probe_high,
          pl.pmtu is not changing, but update *pathmtu* with it,
          pl.probe_size is set back to pl.pmtu to double check it.
      
        - Search Complete -> Search, occurs when probe succeeds with the probe
          size equal to pl.pmtu,
          pl.pmtu is not changing,
          pl.probe_size increases by SCTP_PL_MIN_STEP.
      
      So search process can be described as:
      
       1. When it just enters 'Search' state, *pathmtu* is not updated with
          pl.pmtu, and probe_size increases by a big step (SCTP_PL_BIG_STEP)
          each round.
      
       2. Until pl.probe_high is set when a probe fails, and probe_size
          decreases back to pl.pmtu, as described in the last patch.
      
       3. When the probe with the new size succeeds, probe_size changes to
          increase by a small step (SCTP_PL_MIN_STEP) due to pl.probe_high
          is set.
      
       4. Until probe_size is next to pl.probe_high, the searching finishes and
          it goes to 'Complete' state and updates *pathmtu* with pl.pmtu, and
          then probe_size is set to pl.pmtu to confirm by once more probe.
      
       5. This probe occurs after "30 * probe_inteval", a much longer time than
          that in Search state. Once it is done it goes to 'Search' state again
          with probe_size increased by SCTP_PL_MIN_STEP.
      
      As we can see above, during the searching, pl.pmtu changes while *pathmtu*
      doesn't. *pathmtu* is only updated when the search finishes by which it
      gets an optimal value for it. A big step is used at the beginning until
      it gets close to the optimal value, then it changes to a small step until
      it has this optimal value.
      
      The small step is also used in 'Complete' until it goes to 'Search' state
      again and the probe with 'pmtu + the small step' succeeds, which means a
      higher size could be used. Then probe_size changes to increase by a big
      step again until it gets close to the next optimal value.
      
      Note that anytime when black hole is detected, it goes directly to 'Base'
      state with pl.pmtu set to SCTP_BASE_PLPMTU, as described in the last patch.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b87641af
    • Xin Long's avatar
      sctp: do state transition when PROBE_COUNT == MAX_PROBES on HB send path · 1dc68c19
      Xin Long authored
      The state transition is described in rfc8899#section-5.2,
      PROBE_COUNT == MAX_PROBES means the probe fails for MAX times, and the
      state transition includes:
      
        - Base -> Error, occurs when BASE_PLPMTU Confirmation Fails,
          pl.pmtu is set to SCTP_MIN_PLPMTU,
          probe_size is still SCTP_BASE_PLPMTU;
      
        - Search -> Base, occurs when Black Hole Detected,
          pl.pmtu is set to SCTP_BASE_PLPMTU,
          probe_size is set back to SCTP_BASE_PLPMTU;
      
        - Search Complete -> Base, occurs when Black Hole Detected
          pl.pmtu is set to SCTP_BASE_PLPMTU,
          probe_size is set back to SCTP_BASE_PLPMTU;
      
      Note a black hole is encountered when a sender is unaware that packets
      are not being delivered to the destination endpoint. So it includes the
      probe failures with equal probe_size to pl.pmtu, and definitely not
      include that with greater probe_size than pl.pmtu. The later one is the
      normal probe failure where probe_size should decrease back to pl.pmtu
      and pl.probe_high is set.  pl.probe_high would be used on HB ACK recv
      path in the next patch.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1dc68c19
    • Xin Long's avatar
      sctp: do the basic send and recv for PLPMTUD probe · fe59379b
      Xin Long authored
      This patch does exactly what rfc8899#section-6.2.1.2 says:
      
         The SCTP sender needs to be able to determine the total size of a
         probe packet.  The HEARTBEAT chunk could carry a Heartbeat
         Information parameter that includes, besides the information
         suggested in [RFC4960], the probe size to help an implementation
         associate a HEARTBEAT ACK with the size of probe that was sent.  The
         sender could also use other methods, such as sending a nonce and
         verifying the information returned also contains the corresponding
         nonce.  The length of the PAD chunk is computed by reducing the
         probing size by the size of the SCTP common header and the HEARTBEAT
         chunk.
      
      Note that HB ACK chunk will carry back whatever HB chunk carried, including
      the probe_size we put it in; We also check hbinfo->probe_size in the HB ACK
      against link->pl.probe_size to validate this HB ACK chunk.
      
      v1->v2:
        - Remove the unused 'sp' and add static for sctp_packet_bundle_pad().
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fe59379b
    • Xin Long's avatar
      sctp: add the probe timer in transport for PLPMTUD · 92548ec2
      Xin Long authored
      There are 3 timers described in rfc8899#section-5.1.1:
      
        PROBE_TIMER, PMTU_RAISE_TIMER, CONFIRMATION_TIMER
      
      This patches adds a 'probe_timer' in transport, and it works as either
      PROBE_TIMER or PMTU_RAISE_TIMER. At most time, it works as PROBE_TIMER
      and expires every a 'probe_interval' time to send the HB probe packet.
      When transport pl enters COMPLETE state, it works as PMTU_RAISE_TIMER
      and expires in 'probe_interval * 30' time to go back to SEARCH state
      and do searching again.
      
      SCTP HB is an acknowledged packet, CONFIRMATION_TIMER is not needed.
      
      The timer will start when transport pl enters BASE state and stop
      when it enters DISABLED state.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      92548ec2
    • Xin Long's avatar
      sctp: add the constants/variables and states and some APIs for transport · d9e2e410
      Xin Long authored
      These are 4 constants described in rfc8899#section-5.1.2:
      
        MAX_PROBES, MIN_PLPMTU, MAX_PLPMTU, BASE_PLPMTU;
      
      And 2 variables described in rfc8899#section-5.1.3:
      
        PROBED_SIZE, PROBE_COUNT;
      
      And 5 states described in rfc8899#section-5.2:
      
        DISABLED, BASE, SEARCH, SEARCH_COMPLETE, ERROR;
      
      And these 4 APIs are used to reset/update PLPMTUD, check if PLPMTUD is
      enabled, and calculate the additional headers length for a transport.
      
      Note the member 'probe_high' in transport will be set to the probe
      size when a probe fails with this probe size in the next patches.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d9e2e410
    • Xin Long's avatar
      sctp: add SCTP_PLPMTUD_PROBE_INTERVAL sockopt for sock/asoc/transport · 3190b649
      Xin Long authored
      With this socket option, users can change probe_interval for
      a transport, asoc or sock after it's created.
      
      Note that if the change is for an asoc, also apply the change
      to each transport in this asoc.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3190b649
    • Xin Long's avatar
      sctp: add probe_interval in sysctl and sock/asoc/transport · d1e462a7
      Xin Long authored
      PLPMTUD can be enabled by doing 'sysctl -w net.sctp.probe_interval=n'.
      'n' is the interval for PLPMTUD probe timer in milliseconds, and it
      can't be less than 5000 if it's not 0.
      
      All asoc/transport's PLPMTUD in a new socket will be enabled by default.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d1e462a7
    • Xin Long's avatar
      sctp: add pad chunk and its make function and event table · 745a3211
      Xin Long authored
      This chunk is defined in rfc4820#section-3, and used to pad an
      SCTP packet. The receiver must discard this chunk and continue
      processing the rest of the chunks in the packet.
      
      Add it now, as it will be bundled with a heartbeat chunk to probe
      pmtu in the following patches.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      745a3211
    • Lorenzo Bianconi's avatar
      net: marvell: return csum computation result from mvneta_rx_csum/mvpp2_rx_csum · aff0824d
      Lorenzo Bianconi authored
      This is a preliminary patch to add hw csum hint support to
      mvneta/mvpp2 xdp implementation
      Tested-by: default avatarMatteo Croce <mcroce@linux.microsoft.com>
      Signed-off-by: default avatarLorenzo Bianconi <lorenzo@kernel.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      aff0824d
    • David S. Miller's avatar
      Merge branch 'tc-testing-dnat-tuple-collision' · f84974e7
      David S. Miller authored
      Marcelo Ricardo Leitner says:
      
      ====================
      tc-testing: add test for ct DNAT tuple collision
      
      That was fixed in 13c62f53 ("net/sched: act_ct: handle DNAT tuple
      collision").
      
      For that, it requires that tdc is able to send diverse packets with
      scapy, which is then done on the 2nd patch of this series.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f84974e7
    • Marcelo Ricardo Leitner's avatar
      tc-testing: add test for ct DNAT tuple collision · e4690564
      Marcelo Ricardo Leitner authored
      When this test fails, /proc/net/nf_conntrack gets only 1 entry:
      ipv4     2 tcp      6 119 SYN_SENT src=10.0.0.10 dst=10.0.0.10 sport=5000 dport=10 [UNREPLIED] src=20.0.0.1 dst=10.0.0.10 sport=10 dport=5000 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
      
      When it works, it gets 2 entries:
      ipv4     2 tcp      6 119 SYN_SENT src=10.0.0.10 dst=10.0.0.20 sport=5000 dport=10 [UNREPLIED] src=20.0.0.1 dst=10.0.0.10 sport=10 dport=58203 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
      ipv4     2 tcp      6 119 SYN_SENT src=10.0.0.10 dst=10.0.0.10 sport=5000 dport=10 [UNREPLIED] src=20.0.0.1 dst=10.0.0.10 sport=10 dport=5000 mark=0 secctx=system_u:object_r:unlabeled_t:s0 zone=0 use=2
      
      The missing entry is because the 2nd packet hits a tuple collusion and the
      conntrack entry doesn't get allocated.
      Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e4690564
    • Marcelo Ricardo Leitner's avatar
      tc-testing: add support for sending various scapy packets · 11f04de9
      Marcelo Ricardo Leitner authored
      It can be worth sending different scapy packets on a given test, as in the
      last patch of this series. For that, lets listify the scapy attribute and
      simply iterate over it.
      Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      11f04de9
    • Marcelo Ricardo Leitner's avatar
      tc-testing: fix list handling · b4fd096c
      Marcelo Ricardo Leitner authored
      python lists don't have an 'add' method, but 'append'.
      
      Fixes: 14e5175e ("tc-testing: introduce scapyPlugin for basic traffic")
      Signed-off-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b4fd096c
    • Loic Poulain's avatar
      MAINTAINERS: network: add entry for WWAN · 1b134d8d
      Loic Poulain authored
      This patch adds maintainer info for drivers/net/wwan subdir, including
      WWAN core and drivers. Adding Sergey and myself as maintainers and
      Johannes as reviewer.
      Signed-off-by: default avatarLoic Poulain <loic.poulain@linaro.org>
      Acked-by: default avatarSergey Ryazanov <ryazanov.s.a@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1b134d8d
    • Aaron Conole's avatar
      openvswitch: add trace points · c4ab7b56
      Aaron Conole authored
      This makes openvswitch module use the event tracing framework
      to log the upcall interface and action execution pipeline.  When
      using openvswitch as the packet forwarding engine, some types of
      debugging are made possible simply by using the ovs-vswitchd's
      ofproto/trace command.  However, such a command has some
      limitations:
      
        1. When trying to trace packets that go through the CT action,
           the state of the packet can't be determined, and probably
           would be potentially wrong.
      
        2. Deducing problem packets can sometimes be difficult as well
           even if many of the flows are known
      
        3. It's possible to use the openvswitch module even without
           the ovs-vswitchd (although, not common use).
      
      Introduce the event tracing points here to make it possible for
      working through these problems in kernel space.  The style is
      copied from the mac80211 driver-trace / trace code for
      consistency - this creates some checkpatch splats, but the
      official 'guide' for adding tracepoints, as well as the existing
      examples all add the same splats so it seems acceptable.
      Signed-off-by: default avatarAaron Conole <aconole@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c4ab7b56
    • Dan Carpenter's avatar
      stmmac: dwmac-loongson: fix uninitialized variable in loongson_dwmac_probe() · b0e03950
      Dan Carpenter authored
      The "mdio" variable is never set to false.  Also it should be a bool
      type instead of int.
      
      Fixes: 30bba69d ("stmmac: pci: Add dwmac support for Loongson")
      Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b0e03950
    • David S. Miller's avatar
      Merge branch 'ethtool-eeprom' · a4bdf76f
      David S. Miller authored
      Ido Schimmel says:
      
      ====================
      ethtool: Module EEPROM API improvements
      
      This patchset contains various improvements to recently introduced
      module EEPROM netlink API. Noticed these while adding module EEPROM
      write support.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a4bdf76f
    • Ido Schimmel's avatar
      ethtool: Validate module EEPROM offset as part of policy · 88f9a87a
      Ido Schimmel authored
      Validate the offset to read from module EEPROM as part of the netlink
      policy and remove the corresponding check from the code.
      
      This also makes it possible to query the offset range from user space:
      
       $ genl ctrl policy name ethtool
       ...
       ID: 0x14  policy[32]:attr[2]: type=U32 range:[0,255]
       ...
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      88f9a87a
    • Ido Schimmel's avatar
      ethtool: Validate module EEPROM length as part of policy · 0dc7dd02
      Ido Schimmel authored
      Validate the number of bytes to read from the module EEPROM as part of
      the netlink policy and remove the corresponding check from the code.
      
      This also makes it possible to query the length range from user space:
      
       $ genl ctrl policy name ethtool
       ...
       ID: 0x14  policy[32]:attr[3]: type=U32 range:[1,128]
       ...
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0dc7dd02
    • Ido Schimmel's avatar
      ethtool: Use kernel data types for internal EEPROM struct · b8c48be2
      Ido Schimmel authored
      The struct is not visible to user space and therefore should not use the
      user visible data types.
      
      Instead, use internal data types like other structures in the file.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b8c48be2
    • Ido Schimmel's avatar
      ethtool: Document behavior when module EEPROM bank attribute is omitted · 37a025e8
      Ido Schimmel authored
      The kernel assumes bank 0 when 'ETHTOOL_MSG_MODULE_EEPROM_GET' is sent
      without 'ETHTOOL_A_MODULE_EEPROM_BANK'.
      
      Document it as part of the interface documentation.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      37a025e8
    • Ido Schimmel's avatar
      ethtool: Decrease size of module EEPROM get policy array · f5fe211d
      Ido Schimmel authored
      The 'ETHTOOL_A_MODULE_EEPROM_DATA' attribute is not part of the get
      request.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f5fe211d
    • Ido Schimmel's avatar
      ethtool: Document correct attribute type · 913d026f
      Ido Schimmel authored
      'ETHTOOL_A_MODULE_EEPROM_DATA' is a binary attribute, not a nested one.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      913d026f
    • Ido Schimmel's avatar
      ethtool: Use correct command name in title · 78c57f22
      Ido Schimmel authored
      The command is called 'ETHTOOL_MSG_MODULE_EEPROM_GET', not
      'ETHTOOL_MSG_MODULE_EEPROM'.
      Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      78c57f22
    • gushengxian's avatar
      bridge: cfm: remove redundant return · 98534fce
      gushengxian authored
      Return statements are not needed in Void function.
      Signed-off-by: default avatargushengxian <gushengxian@yulong.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      98534fce
    • Kees Cook's avatar
      hv_netvsc: Avoid field-overflowing memcpy() · f2fcffe3
      Kees Cook authored
      In preparation for FORTIFY_SOURCE performing compile-time and run-time
      field bounds checking for memcpy(), memmove(), and memset(), avoid
      intentionally writing across neighboring fields.
      
      Add flexible array to represent start of buf_info, improving readability
      and avoid future warning where memcpy() thinks it is writing past the
      end of the structure.
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f2fcffe3