02 Nov, 2017
1 commit
-
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.By default all files without license information are under the default
license of the kernel, which is GPL version 2.Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if
Reviewed-by: Philippe Ombredanne
Reviewed-by: Thomas Gleixner
Signed-off-by: Greg Kroah-Hartman
01 Jul, 2017
1 commit
-
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.Signed-off-by: Elena Reshetova
Signed-off-by: Hans Liljestrand
Signed-off-by: Kees Cook
Signed-off-by: David Windsor
Signed-off-by: David S. Miller
10 Jun, 2017
1 commit
-
The ipvlan code already knows how to detect when a duplicate address is
about to be assigned to an ipvlan device. However, that failure is not
propogated outward and leads to a silent failure.Introduce a validation step at ip address creation time and allow device
drivers to register to validate the incoming ip addresses. The ipvlan
code is the first consumer. If it detects an address in use, we can
return an error to the user before beginning to commit the new ifa in
the networking code.This can be especially useful if it is necessary to provision many
ipvlans in containers. The provisioning software (or operator) can use
this to detect situations where an ip address is unexpectedly in use.Signed-off-by: Krister Johansen
Signed-off-by: David S. Miller
29 Mar, 2017
1 commit
-
Refactor inet_netconf_notify_devconf to take the event as an input arg.
Signed-off-by: David Ahern
Signed-off-by: David S. Miller
09 Oct, 2015
2 commits
-
This patch makes bad_mask return bool due to this particular function
only using either one or zero as its return value.No functional change.
Signed-off-by: Yaowei Bai
Signed-off-by: David S. Miller -
This patch makes inet_ifa_match return bool due to this
particular function only using either one or zero as its return
value.No functional change.
Signed-off-by: Yaowei Bai
Signed-off-by: David S. Miller
24 Jun, 2015
1 commit
-
This feature is only enabled with the new per-interface or ipv4 global
sysctls called 'ignore_routes_with_linkdown'.net.ipv4.conf.all.ignore_routes_with_linkdown = 0
net.ipv4.conf.default.ignore_routes_with_linkdown = 0
net.ipv4.conf.lo.ignore_routes_with_linkdown = 0
...When the above sysctls are set, will report to userspace that a route is
dead and will no longer resolve to this nexthop when performing a fib
lookup. This will signal to userspace that the route will not be
selected. The signalling of a RTNH_F_DEAD is only passed to userspace
if the sysctl is enabled and link is down. This was done as without it
the netlink listeners would have no idea whether or not a nexthop would
be selected. The kernel only sets RTNH_F_DEAD internally if the
interface has IFF_UP cleared.With the new sysctl set, the following behavior can be observed
(interface p8p1 is link-down):default via 10.0.5.2 dev p9p1
10.0.5.0/24 dev p9p1 proto kernel scope link src 10.0.5.15
70.0.0.0/24 dev p7p1 proto kernel scope link src 70.0.0.1
80.0.0.0/24 dev p8p1 proto kernel scope link src 80.0.0.1 dead linkdown
90.0.0.0/24 via 80.0.0.2 dev p8p1 metric 1 dead linkdown
90.0.0.0/24 via 70.0.0.2 dev p7p1 metric 2
90.0.0.1 via 70.0.0.2 dev p7p1 src 70.0.0.1
cache
local 80.0.0.1 dev lo src 80.0.0.1
cache
80.0.0.2 via 10.0.5.2 dev p9p1 src 10.0.5.15
cacheWhile the route does remain in the table (so it can be modified if
needed rather than being wiped away as it would be if IFF_UP was
cleared), the proper next-hop is chosen automatically when the link is
down. Now interface p8p1 is linked-up:default via 10.0.5.2 dev p9p1
10.0.5.0/24 dev p9p1 proto kernel scope link src 10.0.5.15
70.0.0.0/24 dev p7p1 proto kernel scope link src 70.0.0.1
80.0.0.0/24 dev p8p1 proto kernel scope link src 80.0.0.1
90.0.0.0/24 via 80.0.0.2 dev p8p1 metric 1
90.0.0.0/24 via 70.0.0.2 dev p7p1 metric 2
192.168.56.0/24 dev p2p1 proto kernel scope link src 192.168.56.2
90.0.0.1 via 80.0.0.2 dev p8p1 src 80.0.0.1
cache
local 80.0.0.1 dev lo src 80.0.0.1
cache
80.0.0.2 dev p8p1 src 80.0.0.1
cacheand the output changes to what one would expect.
If the sysctl is not set, the following output would be expected when
p8p1 is down:default via 10.0.5.2 dev p9p1
10.0.5.0/24 dev p9p1 proto kernel scope link src 10.0.5.15
70.0.0.0/24 dev p7p1 proto kernel scope link src 70.0.0.1
80.0.0.0/24 dev p8p1 proto kernel scope link src 80.0.0.1 linkdown
90.0.0.0/24 via 80.0.0.2 dev p8p1 metric 1 linkdown
90.0.0.0/24 via 70.0.0.2 dev p7p1 metric 2Since the dead flag does not appear, there should be no expectation that
the kernel would skip using this route due to link being down.v2: Split kernel changes into 2 patches, this actually makes a
behavioral change if the sysctl is set. Also took suggestion from Alex
to simplify code by only checking sysctl during fib lookup and
suggestion from Scott to add a per-interface sysctl.v3: Code clean-ups to make it more readable and efficient as well as a
reverse path check fix.v4: Drop binary sysctl
v5: Whitespace fixups from Dave
v6: Style changes from Dave and checkpatch suggestions
v7: One more checkpatch fixup
Signed-off-by: Andy Gospodarek
Signed-off-by: Dinesh Dutt
Acked-by: Scott Feldman
Signed-off-by: David S. Miller
15 Nov, 2014
1 commit
-
There could be a signed overflow in the following code.
The expression, (32-logmask) is comprised between 0 and 31 included.
It may be equal to 31.
In such a case the left shift will produce a signed integer overflow.
According to the C99 Standard, this is an undefined behavior.
A simple fix is to replace the signed int 1 with the unsigned int 1U.Signed-off-by: Vincent BENAYOUN
Signed-off-by: David S. Miller
12 Dec, 2013
1 commit
-
Help of this function says: "in_dev: only on this interface, 0=any interface",
but since commit 39a6d0630012 ("[NETNS]: Process inet_confirm_addr in the
correct namespace."), the code supposes that it will never be NULL. This
function is never called with in_dev == NULL, but it's exported and may be used
by an external module.Because this patch restore the ability to call inet_confirm_addr() with in_dev
== NULL, I partially revert the above commit, as suggested by Julian.CC: Julian Anastasov
Signed-off-by: Nicolas Dichtel
Reviewed-by: Julian Anastasov
Signed-off-by: David S. Miller
11 Dec, 2013
1 commit
-
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
10 Dec, 2013
1 commit
-
Previously inet devices were only constructed when addresses are added.
Therefore the default neigh parms values they get are the ones at the
time of these operations.Now that we're creating inet devices earlier, this changes the behaviour
of default neigh parms values in an incompatible way (see bug #8519).This patch creates a compromise by setting the default values at the
same point as before but only for those that have not been explicitly
set by the user since the inet device's creation.Introduced by:
commit 8030f54499925d073a88c09f30d5d844fb1b3190
Author: Herbert Xu
Date: Thu Feb 22 01:53:47 2007 +0900[IPV4] devinet: Register inetdev earlier.
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
27 Sep, 2013
1 commit
-
There are a mix of function prototypes with and without extern
in the kernel sources. Standardize on not using extern for
function prototypes.Function prototypes don't need to be written with extern.
extern is assumed by the compiler. Its use is as unnecessary as
using auto to declare automatic/local variables in a block.Signed-off-by: Joe Perches
23 Aug, 2013
1 commit
-
IP sends device configuration (see inet_fill_link_af) as an array
in the netlink information, but the indices in that array are not
exposed to userspace through any current santized header file.It was available back in 2.6.32 (in /usr/include/linux/sysctl.h)
but was broken by:
commit 02291680ffba92e5b5865bc0c5e7d1f3056b80ec
Author: Eric W. Biederman
Date: Sun Feb 14 03:25:51 2010 +0000net ipv4: Decouple ipv4 interface parameters from binary sysctl numbers
Eric was solving the sysctl problem but then the indices were re-exposed
by a later addition of devconf support for IPV4commit 9f0f7272ac9506f4c8c05cc597b7e376b0b9f3e4
Author: Thomas Graf
Date: Tue Nov 16 04:32:48 2010 +0000ipv4: AF_INET link address family
Putting them in /usr/include/linux/ip.h seemed the logical match
for the DEVCONF_ definitions for IPV6 in /usr/include/linux/ip6.hSigned-off-by: Stephen Hemminger
Signed-off-by: David S. Miller
12 Jun, 2013
1 commit
-
After IP route cache removal, multicast applications using
a lot of multicast addresses hit a O(N) behavior in ip_check_mc_rcu()Add a per in_device hash table to get faster lookup.
This hash table is created only if the number of items in mc_list is
above 4.Reported-by: Shawn Bohrer
Signed-off-by: Eric Dumazet
Tested-by: Shawn Bohrer
Reviewed-by: Cong Wang
Signed-off-by: David S. Miller
30 Jan, 2013
1 commit
-
There are some usecase when lifetime of ipv4 addresses might be helpful.
For example:
1) initramfs networkmanager uses a DHCP daemon to learn network
configuration parameters
2) initramfs networkmanager addresses, routes and DNS configuration
3) initramfs networkmanager is requested to stop
4) initramfs networkmanager stops all daemons including dhclient
5) there are addresses and routes configured but no daemon running. If
the system doesn't start networkmanager for some reason, addresses and
routes will be used forever, which violates RFC 2131.This patch is essentially a backport of ivp6 address lifetime mechanism
for ipv4 addresses.Current "ip" tool supports this without any patch (since it does not
distinguish between ipv4 and ipv6 addresses in this perspective.Also, this should be back-compatible with all current netlink users.
Reported-by: Pavel Šimerda
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
05 Dec, 2012
1 commit
-
This patch advertise the MC_FORWARDING status for IPv4 and IPv6.
This field is readonly, only multicast engine in the kernel updates it.Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
04 Aug, 2012
1 commit
-
performance profiles show a high cost in the IN_DEV_ROUTE_LOCALNET()
call done in ip_route_input_slow(), because of multiple dereferences,
even if cache lines are clean and available in cpu caches.Since we already have the 'net' pointer, introduce
IN_DEV_NET_ROUTE_LOCALNET() macro avoiding two dereferences
(dev_net(in_dev->dev))Also change the tests to use IN_DEV_NET_ROUTE_LOCALNET() only if saddr
or/and daddr are loopback addresse.Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
13 Jun, 2012
1 commit
-
Routing of 127/8 is tradtionally forbidden, we consider
packets from that address block martian when routing and do
not process corresponding ARP requests.This is a sane default but renders a huge address space
practically unuseable.The RFC states that no address within the 127/8 block should
ever appear on any network anywhere but it does not forbid
the use of such addresses outside of the loopback device in
particular. For example to address a pool of virtual guests
behind a load balancer.This patch adds a new interface option 'route_localnet'
enabling routing of the 127/8 address block and processing
of ARP requests on a specific interface.Note that for the feature to work, the default local route
covering 127/8 dev lo needs to be removed.Example:
$ sysctl -w net.ipv4.conf.eth0.route_localnet=1
$ ip route del 127.0.0.0/8 dev lo table local
$ ip addr add 127.1.0.1/16 dev eth0
$ ip route flush cacheV2: Fix invalid check to auto flush cache (thanks davem)
Signed-off-by: Thomas Graf
Acked-by: Neil Horman
Signed-off-by: David S. Miller
17 Mar, 2012
1 commit
-
I found recently that the arp_process function which handles all of our received
arp frames, is using IPV4_DEVCONF_ALL macro to check the state of the arp_process
flag. This seems wrong, as it implies that either none or all of the network
interfaces accept gratuitous arps. This patch corrects that, allowing
per-interface arp_accept configuration to deviate from the all setting. Note
this also brings us into line with the way the arp_filter setting is handled
during arp_process execution.Tested this myself on my home network, and confirmed it works as expected.
Signed-off-by: Neil Horman
CC: "David S. Miller"
Signed-off-by: David S. Miller
19 Feb, 2011
1 commit
-
This will be used to optimize __ip_dev_find() and friends.
With help from Eric Dumazet.
Signed-off-by: David S. Miller
07 Dec, 2010
1 commit
-
If caller holds RTNL, we dont need a memory barrier
(smp_read_barrier_depends) included in rcu_dereference().Just use rtnl_dereference() to properly document the assertions.
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
18 Nov, 2010
1 commit
-
Define IPV4_DEVCONF_MAX to get rid of MAX - 1 notation.
Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller
13 Nov, 2010
1 commit
-
in_dev->mc_list is protected by one rwlock (in_dev->mc_list_lock).
This can easily be converted to a RCU protection.
Writers hold RTNL, so mc_list_lock is removed, not replaced by a
spinlock.Signed-off-by: Eric Dumazet
Cc: Cypher Wu
Cc: Américo Wang
Signed-off-by: David S. Miller
01 Oct, 2010
1 commit
-
ip_dev_find(net, addr) finds a device given an IPv4 source address and
takes a reference on it.Introduce __ip_dev_find(), taking a third argument, to optionally take
the device reference. Callers not asking the reference to be taken
should be in an rcu_read_lock() protected section.Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
16 Sep, 2010
1 commit
-
dev->ip_ptr is protected by rtnl and rcu.
Yet some places dont use appropriate primitives and/or locking rules.
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
17 Feb, 2010
1 commit
-
Stop using the binary sysctl enumeartion in sysctl.h as an index into
a per interface array. This leads to unnecessary binary sysctl number
allocation, and a fragility in data structure and implementation
because of unnecessary coupling.Signed-off-by: Eric W. Biederman
Signed-off-by: David S. Miller
11 Jan, 2010
1 commit
-
Conflicts:
drivers/net/benet/be_cmds.h
include/linux/sysctl.h
07 Jan, 2010
1 commit
-
This is to be used together with switch technologies, like RFC3069,
that where the individual ports are not allowed to communicate with
each other, but they are allowed to talk to the upstream router. As
described in RFC 3069, it is possible to allow these hosts to
communicate through the upstream router by proxy_arp'ing.This patch basically allow proxy arp replies back to the same
interface (from which the ARP request/solicitation was received).Tunable per device via proc "proxy_arp_pvlan":
/proc/sys/net/ipv4/conf/*/proxy_arp_pvlanThis switch technology is known by different vendor names:
- In RFC 3069 it is called VLAN Aggregation.
- Cisco and Allied Telesyn call it Private VLAN.
- Hewlett-Packard call it Source-Port filtering or port-isolation.
- Ericsson call it MAC-Forced Forwarding (RFC Draft).Signed-off-by: Jesper Dangaard Brouer
Signed-off-by: David S. Miller
26 Dec, 2009
1 commit
-
when using policy routing and the skb mark:
there are cases where a back path validation requires us
to use a different routing table for src ip validation than
the one used for mapping ingress dst ip.
One such a case is transparent proxying where we pretend to be
the destination system and therefore the local table
is used for incoming packets but possibly a main table would
be used on outbound.
Make the default behavior to allow the above and if users
need to turn on the symmetry via sysctl src_valid_markSigned-off-by: Jamal Hadi Salim
Signed-off-by: David S. Miller
04 Dec, 2009
1 commit
-
commit 8ec1e0ebe26087bfc5c0394ada5feb5758014fc8
Author: Patrick McHardy
Date: Thu Dec 3 12:16:35 2009 +0100ipv4: add sysctl to accept packets with local source addresses
Change fib_validate_source() to accept packets with a local source address when
the "accept_local" sysctl is set for the incoming inet device. Combined with the
previous patches, this allows to communicate between multiple local interfaces
over the wire.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
05 Nov, 2009
1 commit
-
This cleanup patch puts struct/union/enum opening braces,
in first line to ease grep games.struct something
{becomes :
struct something {
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
28 Jul, 2009
1 commit
-
Even though reverse path filter was changed from simple boolean to
trinary control, the loose mode only works if both all and device are
configured because of this logic error.Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller
01 Feb, 2009
1 commit
-
This adds another inet device option to enable gratuitous ARP
when device is brought up or address change. This is handy for
clusters or virtualization.Signed-off-by: Stephen Hemminger
Signed-off-by: Jeremy Fitzhardinge
Signed-off-by: David S. Miller
08 Oct, 2008
1 commit
-
This patch add mc_count to struct in_device and updates
increment/decrement/initilaize of this field in IPv4 and in IPv6.- Also printing the vfs /proc entry (/proc/net/igmp) is adjusted to
use the new mc_count.Signed-off-by: Rami Rosen
Signed-off-by: David S. Miller
04 Jun, 2008
1 commit
-
The field was supposed to allow the creation of an anycast route by
assigning an anycast address to an address prefix. It was never
implemented so this field is unused and serves no purpose. Remove it.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller
26 Mar, 2008
1 commit
-
Introduce per-net_device inlines: dev_net(), dev_net_set().
Without CONFIG_NET_NS, no namespace other than &init_net exists.
Let's explicitly define them to help compiler optimizations.Signed-off-by: YOSHIFUJI Hideaki
29 Feb, 2008
1 commit
-
Add namespace parameter to devinet_ioctl and locate device inside it for
state changes.Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller
01 Feb, 2008
1 commit
-
struct ipv4_devconf can now become static.
Signed-off-by: Adrian Bunk
Acked-by: Pavel Emelyanov
Signed-off-by: David S. Miller
29 Jan, 2008
2 commits
-
in_dev_find() need a namespace to pass it to fib_get_table(), so add
an argument.Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller -
Signed-off-by: Denis V. Lunev
Signed-off-by: David S. Miller