01 Jul, 2020
1 commit
-
Ipip uses skb->protocol to determine packet type, and bails out if it's
not set. For AF_PACKET injection, we need to support its call chain of:packet_sendmsg -> packet_snd -> packet_parse_headers ->
dev_parse_header_protocol -> parse_protocolWithout a valid parse_protocol, this returns zero, and ipip rejects the
skb. So, this wires up the ip_tunnel handler for layer 3 packets for
that case.Signed-off-by: Jason A. Donenfeld
Acked-by: Willem de Bruijn
Signed-off-by: David S. Miller
25 May, 2020
1 commit
-
The MSCC bug fix in 'net' had to be slightly adjusted because the
register accesses are done slightly differently in net-next.Signed-off-by: David S. Miller
22 May, 2020
1 commit
-
In case of error with MPLS support the code is misusing AF_INET
instead of AF_MPLS.Fixes: 1b69e7e6c4da ("ipip: support MPLS over IPv4")
Signed-off-by: Vadim Fedorenko
Signed-off-by: David S. Miller
20 May, 2020
1 commit
-
This method is used to properly allow kernel callers of the IPv4 route
management ioctls. The exsting ip_tunnel_ioctl helper is renamed to
ip_tunnel_ctl to better reflect that it doesn't directly implement ioctls
touching user memory, and is used for the guts of ndo_tunnel_ctl
implementations. A new ip_tunnel_ioctl helper is added that can be wired
up directly to the ndo_do_ioctl method and takes care of the copy to and
from userspace.Signed-off-by: Christoph Hellwig
Signed-off-by: David S. Miller
26 Jul, 2019
1 commit
-
We need the same checks introduced by commit cb9f1b783850
("ip: validate header length on virtual device xmit") for
ipip tunnel.Fixes: cb9f1b783850b ("ip: validate header length on virtual device xmit")
Signed-off-by: Haishuang Yan
Signed-off-by: David S. Miller
31 May, 2019
1 commit
-
Based on 1 normalized pattern(s):
this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license as published by
the free software foundation either version 2 of the license or at
your option any later versionextracted by the scancode license scanner the SPDX license identifier
GPL-2.0-or-later
has been chosen to replace the boilerplate/reference in 3029 file(s).
Signed-off-by: Thomas Gleixner
Reviewed-by: Allison Randal
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de
Signed-off-by: Greg Kroah-Hartman
27 Jan, 2019
1 commit
-
Add tnl_update_pmtu in ip_md_tunnel_xmit to dynamic modify
the pmtu which packet send through collect_metadata mode
ip tunnelSigned-off-by: wenxu
Signed-off-by: David S. Miller
09 Nov, 2018
1 commit
-
We'll need this to handle ICMP errors for tunnels without a sending socket
(i.e. FoU and GUE). There, we might have to look up different types of IP
tunnels, registered as network protocols, before we get a match, so we
want this for the error handlers of IPPROTO_IPIP and IPPROTO_IPV6 in both
inet_protos and inet6_protos. These error codes will be used in the next
patch.For consistency, return sensible error codes in protocol error handlers
whenever handlers can't handle errors because, even if valid, they don't
match a protocol or any of its states.This has no effect on existing error handling paths.
Signed-off-by: Stefano Brivio
Reviewed-by: Sabrina Dubroca
Signed-off-by: David S. Miller
27 Sep, 2018
2 commits
-
(the parameters in question are mark and flow_flags)
Reviewed-by: David Ahern
Signed-off-by: Maciej Żenczykowski
Signed-off-by: David S. Miller -
(the parameters in question are mark and flow_flags)
Reviewed-by: David Ahern
Signed-off-by: Maciej Żenczykowski
Signed-off-by: David S. Miller
30 Oct, 2017
1 commit
-
Several conflicts here.
NFP driver bug fix adding nfp_netdev_is_nfp_repr() check to
nfp_fl_output() needed some adjustments because the code block is in
an else block now.Parallel additions to net/pkt_cls.h and net/sch_generic.h
A bug fix in __tcp_retransmit_skb() conflicted with some of
the rbtree changes in net-next.The tc action RCU callback fixes in 'net' had some overlap with some
of the recent tcf_block reworking.Signed-off-by: David S. Miller
27 Oct, 2017
1 commit
-
t->err_count is used to count the link failure on tunnel and an err
will be reported to user socket in tx path if t->err_count is not 0.
udp socket could even return EHOSTUNREACH to users.Since commit fd58156e456d ("IPIP: Use ip-tunneling code.") removed
the 'switch check' for icmp type in ipip_err(), err_count would be
increased by the icmp packet with ICMP_EXC_FRAGTIME code. an link
failure would be reported out due to this.In Jianlin's case, when receiving ICMP_EXC_FRAGTIME a icmp packet,
udp netperf failed with the err:
send_data: data send error: No route to host (errno 113)We expect this error reported from tunnel to socket when receiving
some certain type icmp, but not ICMP_EXC_FRAGTIME, ICMP_SR_FAILED
or ICMP_PARAMETERPROB ones.This patch is to bring 'switch check' for icmp type back to ipip_err
so that it only reports link failure for the right type icmp, just as
in ipgre_err() and ipip6_err().Fixes: fd58156e456d ("IPIP: Use ip-tunneling code.")
Reported-by: Jianlin Shi
Signed-off-by: Xin Long
Signed-off-by: David S. Miller
20 Sep, 2017
1 commit
-
Implement exit_batch() method to dismantle more devices
per round.(rtnl_lock() ...
unregister_netdevice_many() ...
rtnl_unlock())Tested:
$ cat add_del_unshare.sh
for i in `seq 1 40`
do
(for j in `seq 1 100` ; do unshare -n /bin/true >/dev/null ; done) &
done
wait ; grep net_namespace /proc/slabinfoBefore patch :
$ time ./add_del_unshare.sh
net_namespace 126 282 5504 1 2 : tunables 8 4 0 : slabdata 126 282 0real 1m38.965s
user 0m0.688s
sys 0m37.017sAfter patch:
$ time ./add_del_unshare.sh
net_namespace 135 291 5504 1 2 : tunables 8 4 0 : slabdata 135 291 0real 0m22.117s
user 0m0.728s
sys 0m35.328sSigned-off-by: Eric Dumazet
Signed-off-by: David S. Miller
27 Jun, 2017
3 commits
-
Add support for extended error reporting.
Signed-off-by: Matthias Schiffer
Acked-by: David Ahern
Signed-off-by: David S. Miller -
Add support for extended error reporting.
Signed-off-by: Matthias Schiffer
Acked-by: David Ahern
Signed-off-by: David S. Miller -
Add support for extended error reporting.
Signed-off-by: Matthias Schiffer
Acked-by: David Ahern
Signed-off-by: David S. Miller
22 Apr, 2017
1 commit
-
This feature allows the administrator to set an fwmark for
packets traversing a tunnel. This allows the use of independent
routing tables for tunneled packets without the use of iptables.There is no concept of per-packet routing decisions through IPv4
tunnels, so this implementation does not need to work with
per-packet route lookups as the v6 implementation may
(with IP6_TNL_F_USE_ORIG_FWMARK).Further, since the v4 tunnel ioctls share datastructures
(which can not be trivially modified) with the kernel's internal
tunnel configuration structures, the mark attribute must be stored
in the tunnel structure itself and passed as a parameter when
creating or changing tunnel attributes.Signed-off-by: Craig Gallek
Signed-off-by: David S. Miller
25 Dec, 2016
1 commit
-
This was entirely automated, using the script by Al:
PATT='^[[:blank:]]*#[[:blank:]]*include[[:blank:]]*'
sed -i -e "s!$PATT!#include !" \
$(git grep -l "$PATT"|grep -v ^include/linux/uaccess.h)to do the replacement at the end of the merge window.
Requested-by: Al Viro
Signed-off-by: Linus Torvalds
18 Nov, 2016
1 commit
-
Make struct pernet_operations::id unsigned.
There are 2 reasons to do so:
1)
This field is really an index into an zero based array and
thus is unsigned entity. Using negative value is out-of-bound
access by definition.2)
On x86_64 unsigned 32-bit data which are mixed with pointers
via array indexing or offsets added or subtracted to pointers
are preffered to signed 32-bit data."int" being used as an array index needs to be sign-extended
to 64-bit before being used.void f(long *p, int i)
{
g(p[i]);
}roughly translates to
movsx rsi, esi
mov rdi, [rsi+...]
call gMOVSX is 3 byte instruction which isn't necessary if the variable is
unsigned because x86_64 is zero extending by default.Now, there is net_generic() function which, you guessed it right, uses
"int" as an array index:static inline void *net_generic(const struct net *net, int id)
{
...
ptr = ng->ptr[id - 1];
...
}And this function is used a lot, so those sign extensions add up.
Patch snipes ~1730 bytes on allyesconfig kernel (without all junk
messing with code generation):add/remove: 0/0 grow/shrink: 70/598 up/down: 396/-2126 (-1730)
Unfortunately some functions actually grow bigger.
This is a semmingly random artefact of code generation with register
allocator being used differently. gcc decides that some variable
needs to live in new r8+ registers and every access now requires REX
prefix. Or it is shifted into r12, so [r12+0] addressing mode has to be
used which is longer than [r8]However, overall balance is in negative direction:
add/remove: 0/0 grow/shrink: 70/598 up/down: 396/-2126 (-1730)
function old new delta
nfsd4_lock 3886 3959 +73
tipc_link_build_proto_msg 1096 1140 +44
mac80211_hwsim_new_radio 2776 2808 +32
tipc_mon_rcv 1032 1058 +26
svcauth_gss_legacy_init 1413 1429 +16
tipc_bcbase_select_primary 379 392 +13
nfsd4_exchange_id 1247 1260 +13
nfsd4_setclientid_confirm 782 793 +11
...
put_client_renew_locked 494 480 -14
ip_set_sockfn_get 730 716 -14
geneve_sock_add 829 813 -16
nfsd4_sequence_done 721 703 -18
nlmclnt_lookup_host 708 686 -22
nfsd4_lockt 1085 1063 -22
nfs_get_client 1077 1050 -27
tcf_bpf_init 1106 1076 -30
nfsd4_encode_fattr 5997 5930 -67
Total: Before=154856051, After=154854321, chg -0.00%Signed-off-by: Alexey Dobriyan
Signed-off-by: David S. Miller
17 Sep, 2016
1 commit
-
Similar to gre, vxlan, geneve tunnels allow IPIP tunnels to
operate in 'collect metadata' mode.
bpf_skb_[gs]et_tunnel_key() helpers can make use of it right away.
ovs can use it as well in the future (once appropriate ovs-vport
abstractions and user apis are added).
Note that just like in other tunnels we cannot cache the dst,
since tunnel_info metadata can be different for every packet.Signed-off-by: Alexei Starovoitov
Acked-by: Thomas Graf
Acked-by: Daniel Borkmann
Signed-off-by: David S. Miller
10 Jul, 2016
1 commit
-
Extend the IPIP driver to support MPLS over IPv4. The implementation is an
extension of existing support for IPv4 over IPv4 and is based of multiple
inner-protocol support for the SIT driver.Signed-off-by: Simon Horman
Reviewed-by: Dinan Gunawardena
Signed-off-by: David S. Miller
21 May, 2016
1 commit
-
This patch defines two new GSO definitions SKB_GSO_IPXIP4 and
SKB_GSO_IPXIP6 along with corresponding NETIF_F_GSO_IPXIP4 and
NETIF_F_GSO_IPXIP6. These are used to described IP in IP
tunnel and what the outer protocol is. The inner protocol
can be deduced from other GSO types (e.g. SKB_GSO_TCPV4 and
SKB_GSO_TCPV6). The GSO types of SKB_GSO_IPIP and SKB_GSO_SIT
are removed (these are both instances of SKB_GSO_IPXIP4).
SKB_GSO_IPXIP6 will be used when support for GSO with IP
encapsulation over IPv6 is added.Signed-off-by: Tom Herbert
Acked-by: Jeff Kirsher
Signed-off-by: David S. Miller
17 Apr, 2016
1 commit
-
This patch updates the IP tunnel core function iptunnel_handle_offloads so
that we return an int and do not free the skb inside the function. This
actually allows us to clean up several paths in several tunnels so that we
can free the skb at one point in the path without having to have a
secondary path if we are supporting tunnel offloads.In addition it should resolve some double-free issues I have found in the
tunnels paths as I believe it is possible for us to end up triggering such
an event in the case of fou or gue.Signed-off-by: Alexander Duyck
Signed-off-by: David S. Miller
19 Feb, 2016
1 commit
-
Part of skb_scrub_packet was open coded in iptunnel_pull_header. Let it call
skb_scrub_packet directly instead.Signed-off-by: Jiri Benc
Signed-off-by: David S. Miller
12 Feb, 2016
1 commit
-
All users now pass false, so we can remove it, and remove the code that
was conditional upon it.Signed-off-by: Edward Cree
Signed-off-by: David S. Miller
01 Jan, 2016
1 commit
19 Dec, 2015
1 commit
-
IP-TTL case is already handled in ip_tunnel_ioctl() API.
Signed-off-by: Pravin B Shelar
Signed-off-by: David S. Miller
01 Dec, 2015
1 commit
-
It looks like many files are including mroute.h unnecessarily, so remove
the include. Most importantly remove it from ipv6.CC: Hideaki YOSHIFUJI
CC: Steffen Klassert
CC: Herbert Xu
Signed-off-by: Nikolay Aleksandrov
Signed-off-by: David S. Miller
11 Aug, 2015
1 commit
-
Following patch create new tunnel flag which enable
tunnel metadata collection on given device.Signed-off-by: Pravin B Shelar
Acked-by: Thomas Graf
Signed-off-by: David S. Miller
18 May, 2015
1 commit
-
make C=2 CF=-D__CHECK_ENDIAN__ net/ipv4/ipip.o
CHECK net/ipv4/ipip.c
net/ipv4/ipip.c:254:27: warning: incorrect type in assignment (different base types)
net/ipv4/ipip.c:254:27: expected restricted __be32 [addressable] [usertype] o_key
net/ipv4/ipip.c:254:27: got restricted __be16 [addressable] [usertype] i_flagsFixes: 3b7b514f44bf ("ipip: fix a regression in ioctl")
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
04 Apr, 2015
1 commit
-
The ipv4 code uses a mixture of coding styles. In some instances check
for NULL pointer is done as x == NULL and sometimes as !x. !x is
preferred according to checkpatch and this patch makes the code
consistent by adopting the latter form.No changes detected by objdiff.
Signed-off-by: Ian Morris
Signed-off-by: David S. Miller
03 Apr, 2015
1 commit
-
Don't use dev->iflink anymore.
CC: Steffen Klassert
Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
01 Apr, 2015
2 commits
-
Those are counterparts to nla_put_in_addr and nla_put_in6_addr.
Signed-off-by: Jiri Benc
Signed-off-by: David S. Miller -
IP addresses are often stored in netlink attributes. Add generic functions
to do that.For nla_put_in_addr, it would be nicer to pass struct in_addr but this is
not used universally throughout the kernel, in way too many places __be32 is
used to store IPv4 address.Signed-off-by: Jiri Benc
Signed-off-by: David S. Miller
09 Feb, 2015
1 commit
-
encap.sport and encap.dport are __be16, use nla_{get,put}_be16 instead
of nla_{get,put}_u16.Fixes the sparse warnings:
warning: incorrect type in assignment (different base types)
expected restricted __be32 [addressable] [usertype] o_key
got restricted __be16 [addressable] [usertype] i_flags
warning: incorrect type in assignment (different base types)
expected restricted __be16 [usertype] sport
got unsigned short
warning: incorrect type in assignment (different base types)
expected restricted __be16 [usertype] dport
got unsigned short
warning: incorrect type in argument 3 (different base types)
expected unsigned short [unsigned] [usertype] value
got restricted __be16 [usertype] sport
warning: incorrect type in argument 3 (different base types)
expected unsigned short [unsigned] [usertype] value
got restricted __be16 [usertype] dportSigned-off-by: Sabrina Dubroca
Signed-off-by: David S. Miller
20 Jan, 2015
1 commit
-
Implement rtnl_link_ops->get_link_net() callback so that IFLA_LINK_NETNSID is
added to rtnetlink messages.Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
06 Nov, 2014
1 commit
-
When filling netlink info, dport is being returned as flags. Fix
instances to return correct value.Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller
08 Oct, 2014
1 commit
-
Testing xmit_more support with netperf and connected UDP sockets,
I found strange dst refcount false sharing.Current handling of IFF_XMIT_DST_RELEASE is not optimal.
Dropping dst in validate_xmit_skb() is certainly too late in case
packet was queued by cpu X but dequeued by cpu YThe logical point to take care of drop/force is in __dev_queue_xmit()
before even taking qdisc lock.As Julian Anastasov pointed out, need for skb_dst() might come from some
packet schedulers or classifiers.This patch adds new helper to cleanly express needs of various drivers
or qdiscs/classifiers.Drivers that need skb_dst() in their ndo_start_xmit() should call
following helper in their setup instead of the prior :dev->priv_flags &= ~IFF_XMIT_DST_RELEASE;
->
netif_keep_dst(dev);Instead of using a single bit, we use two bits, one being
eventually rebuilt in bonding/team drivers.The other one, is permanent and blocks IFF_XMIT_DST_RELEASE being
rebuilt in bonding/team. Eventually, we could add something
smarter later.Signed-off-by: Eric Dumazet
Cc: Julian Anastasov
Signed-off-by: David S. Miller
02 Oct, 2014
1 commit
-
Call skb_set_inner_ipproto to set inner IP protocol to IPPROTO_IPV4
before tunnel_xmit. This is needed if UDP encapsulation (fou) is
being done.Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller
20 Sep, 2014
1 commit
-
Add netlink handling for IP tunnel encapsulation parameters and
and adjustment of MTU for encapsulation. ip_tunnel_encap is called
from ip_tunnel_xmit to actually perform FOU encapsulation.Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller