13 Mar, 2020
1 commit
-
Minor overlapping changes, nothing serious.
Signed-off-by: David S. Miller
09 Mar, 2020
1 commit
-
In commit 1ec17dbd90f8 ("inet_diag: fix reporting cgroup classid and
fallback to priority") croup classid reporting was fixed. But this works
only for TCP sockets because for other socket types icsk parameter can
be NULL and classid code path is skipped. This change moves classid
handling to inet_diag_msg_attrs_fill() function.Also inet_diag_msg_attrs_size() helper was added and addends in
nlmsg_new() were reordered to save order from inet_sk_diag_fill().Fixes: 1ec17dbd90f8 ("inet_diag: fix reporting cgroup classid and fallback to priority")
Signed-off-by: Dmitry Yakunin
Reviewed-by: Konstantin Khlebnikov
Signed-off-by: David S. Miller
28 Feb, 2020
2 commits
-
The INET_DIAG_REQ_BYTECODE nlattr is currently re-found every time when
the "dump()" is re-started.In a latter patch, it will also need to parse the new
INET_DIAG_REQ_SK_BPF_STORAGES nlattr to learn the map_fds. Thus, this
patch takes this chance to store the parsed nlattr in cb->data
during the "start" time of a dump.By doing this, the "bc" argument also becomes unnecessary
and is removed. Also, the two copies of the INET_DIAG_REQ_BYTECODE
parsing-audit logic between compat/current version can be
consolidated to one.Signed-off-by: Martin KaFai Lau
Signed-off-by: Alexei Starovoitov
Acked-by: Song Liu
Link: https://lore.kernel.org/bpf/20200225230415.1975555-1-kafai@fb.com -
In a latter patch, there is a need to update "cb->min_dump_alloc"
in inet_sk_diag_fill() as it learns the diffierent bpf_sk_storages
stored in a sk while dumping all sk(s) (e.g. tcp_hashinfo).The inet_sk_diag_fill() currently does not take the "cb" as an argument.
One of the reason is inet_sk_diag_fill() is used by both dump_one()
and dump() (which belong to the "struct inet_diag_handler". The dump_one()
interface does not pass the "cb" along.This patch is to make dump_one() pass a "cb". The "cb" is created in
inet_diag_cmd_exact(). The "nlh" and "in_skb" are stored in "cb" as
the dump() interface does. The total number of args in
inet_sk_diag_fill() is also cut from 10 to 7 and
that helps many callers to pass fewer args.In particular,
"struct user_namespace *user_ns", "u32 pid", and "u32 seq"
can be replaced by accessing "cb->nlh" and "cb->skb".A similar argument reduction is also made to
inet_twsk_diag_fill() and inet_req_diag_fill().inet_csk_diag_dump() and inet_csk_diag_fill() are also removed.
They are mostly equivalent to inet_sk_diag_fill(). Their repeated
usages are very limited. Thus, inet_sk_diag_fill() is directly used
in those occasions.Signed-off-by: Martin KaFai Lau
Signed-off-by: Alexei Starovoitov
Acked-by: Song Liu
Link: https://lore.kernel.org/bpf/20200225230409.1975173-1-kafai@fb.com
31 May, 2019
1 commit
-
Based on 1 normalized pattern(s):
this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license as published by
the free software foundation either version 2 of the license or at
your option any later versionextracted by the scancode license scanner the SPDX license identifier
GPL-2.0-or-later
has been chosen to replace the boilerplate/reference in 3029 file(s).
Signed-off-by: Thomas Gleixner
Reviewed-by: Allison Randal
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de
Signed-off-by: Greg Kroah-Hartman
29 Oct, 2018
1 commit
-
Since its inception, udp_dump_one has had a bug where userspace
needs to swap src and dst addresses and ports in order to find
the socket it wants. This is because it passes the socket source
address to __udp[46]_lib_lookup's saddr argument, but those
functions are intended to find local sockets matching received
packets, so saddr is the remote address, not the local address.This can no longer be fixed for backwards compatibility reasons,
so add a brief comment explaining that this is the case. This
will avoid confusion and help ensure SOCK_DIAG implementations
of new protocols don't have the same problem.Fixes: a925aa00a55 ("udp_diag: Implement the get_exact dumping functionality")
Signed-off-by: Lorenzo Colitti
Signed-off-by: David S. Miller
09 Jun, 2018
1 commit
-
After commit 6b229cf77d68 ("udp: add batching to udp_rmem_release()")
the sk_rmem_alloc field does not measure exactly anymore the
receive queue length, because we batch the rmem release. The issue
is really apparent only after commit 0d4a6608f68c ("udp: do rmem bulk
free even if the rx sk queue is empty"): the user space can easily
check for an empty socket with not-0 queue length reported by the 'ss'
tool or the procfs interface.We need to use a custom UDP helper to report the correct queue length,
taking into account the forward allocation deficit.Reported-by: trevor.francis@46labs.com
Fixes: 6b229cf77d68 ("UDP: add batching to udp_rmem_release()")
Signed-off-by: Paolo Abeni
Signed-off-by: David S. Miller
08 Aug, 2017
2 commits
-
Add a second device index, sdif, to udp socket lookups. sdif is the
index for ingress devices enslaved to an l3mdev. It allows the lookups
to consider the enslaved device as well as the L3 domain when searching
for a socket.Early demux lookups are handled in the next patch as part of INET_MATCH
changes.Signed-off-by: David Ahern
Signed-off-by: David S. Miller -
Add a second device index, sdif, to udp socket lookups. sdif is the
index for ingress devices enslaved to an l3mdev. It allows the lookups
to consider the enslaved device as well as the L3 domain when searching
for a socket.Early demux lookups are handled in the next patch as part of INET_MATCH
changes.Signed-off-by: David Ahern
Signed-off-by: David S. Miller
01 Jul, 2017
1 commit
-
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.This patch uses refcount_inc_not_zero() instead of
atomic_inc_not_zero_hint() due to absense of a _hint()
version of refcount API. If the hint() version must
be used, we might need to revisit API.Signed-off-by: Elena Reshetova
Signed-off-by: Hans Liljestrand
Signed-off-by: Kees Cook
Signed-off-by: David Windsor
Signed-off-by: David S. Miller
09 Sep, 2016
1 commit
-
This adds the capability for a process that has CAP_NET_ADMIN on
a socket to see the socket mark in socket dumps.Commit a52e95abf772 ("net: diag: allow socket bytecode filters to
match socket marks") recently gave privileged processes the
ability to filter socket dumps based on mark. This patch is
complementary: it ensures that the mark is also passed to
userspace in the socket's netlink attributes. It is useful for
tools like ss which display information about sockets.Tested: https://android-review.googlesource.com/270210
Signed-off-by: Lorenzo Colitti
Signed-off-by: David S. Miller
08 Sep, 2016
1 commit
-
udp_diag_destroy does look up the IPv4 UDP hashtable for mapped
addresses, but it gets the IPv4 address to look up from the
beginning of the IPv6 address instead of the end.Tested: https://android-review.googlesource.com/269874
Fixes: 5d77dca82839 ("net: diag: support SOCK_DESTROY for UDP sockets")
Signed-off-by: Lorenzo Colitti
Acked-by: Eric Dumazet
Acked-by: David Ahern
Signed-off-by: David S. Miller
24 Aug, 2016
1 commit
-
This implements SOCK_DESTROY for UDP sockets similar to what was done
for TCP with commit c1e64e298b8ca ("net: diag: Support destroying TCP
sockets.") A process with a UDP socket targeted for destroy is awakened
and recvmsg fails with ECONNABORTED.Signed-off-by: David Ahern
Signed-off-by: David S. Miller
05 Apr, 2016
1 commit
-
Tom Herbert would like not touching UDP socket refcnt for encapsulated
traffic. For this to happen, we need to use normal RCU rules, with a grace
period before freeing a socket. UDP sockets are not short lived in the
high usage case, so the added cost of call_rcu() should not be a concern.This actually removes a lot of complexity in UDP stack.
Multicast receives no longer need to hold a bucket spinlock.
Note that ip early demux still needs to take a reference on the socket.
Same remark for functions used by xt_socket and xt_PROXY netfilter modules,
but this might be changed later.Performance for a single UDP socket receiving flood traffic from
many RX queues/cpus.Simple udp_rx using simple recvfrom() loop :
438 kpps instead of 374 kpps : 17 % increase of the peak rate.v2: Addressed Willem de Bruijn feedback in multicast handling
- keep early demux break in __udp4_lib_demux_lookup()Signed-off-by: Eric Dumazet
Cc: Tom Herbert
Cc: Willem de Bruijn
Tested-by: Tom Herbert
Signed-off-by: David S. Miller
05 Jan, 2016
1 commit
-
Expose socket options for setting a classic or extended BPF program
for use when selecting sockets in an SO_REUSEPORT group. These options
can be used on the first socket to belong to a group before bind or
on any socket in the group after bind.This change includes refactoring of the existing sk_filter code to
allow reuse of the existing BPF filter validation checks.Signed-off-by: Craig Gallek
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
16 Jun, 2015
1 commit
-
Previously, there was no clear distinction between the inet protocols
that used struct tcp_info to report information and those that didn't.
This change adds a specific size attribute to the inet_diag_handler
struct which defines these interfaces. This will make dispatching
sock_diag get_info requests identical for all inet protocols in a
following patch.Tested: ss -au
Tested: ss -at
Signed-off-by: Craig Gallek
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller
04 Apr, 2015
1 commit
-
The ipv4 code uses a mixture of coding styles. In some instances check
for NULL pointer is done as x == NULL and sometimes as !x. !x is
preferred according to checkpatch and this patch makes the code
consistent by adopting the latter form.No changes detected by objdiff.
Signed-off-by: Ian Morris
Signed-off-by: David S. Miller
11 Mar, 2015
1 commit
-
diag dumpers should not modify the request.
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
27 Jan, 2015
1 commit
-
While working on rhashtable walking I noticed that the UDP diag
dumping code is buggy. In particular, the socket skipping within
a chain never happens, even though we record the number of sockets
that should be skipped.As this code was supposedly copied from TCP, this patch does what
TCP does and resets num before we walk a chain.Signed-off-by: Herbert Xu
Acked-by: Pavel Emelyanov
Signed-off-by: David S. Miller
20 Apr, 2013
1 commit
-
Memory mapped netlink needs to store the receiving userspace socket
when sending from the kernel to userspace. Rename 'ssk' to 'sk' to
avoid confusion.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
29 Mar, 2013
1 commit
-
Signed-off-by: Hong Zhiguo
Signed-off-by: David S. Miller
11 Sep, 2012
1 commit
-
It is a frequent mistake to confuse the netlink port identifier with a
process identifier. Try to reduce this confusion by renaming fields
that hold port identifiers portid instead of pid.I have carefully avoided changing the structures exported to
userspace to avoid changing the userspace API.I have successfully built an allyesconfig kernel with this change.
Signed-off-by: "Eric W. Biederman"
Acked-by: Stephen Hemminger
Signed-off-by: David S. Miller
15 Aug, 2012
1 commit
-
Compute the user namespace of the socket that we are replying to
and translate the kuids of reported sockets into that user namespace.Cc: Andrew Vagin
Acked-by: David S. Miller
Acked-by: Pavel Emelyanov
Acked-by: Serge Hallyn
Signed-off-by: Eric W. Biederman
17 Jul, 2012
1 commit
-
Before this patch sock_diag works for init_net only and dumps
information about sockets from all namespaces.This patch expands sock_diag for all name-spaces.
It creates a netlink kernel socket for each netns and filters
data during dumping.v2: filter accoding with netns in all places
remove an unused variable.Cc: "David S. Miller"
Cc: Alexey Kuznetsov
Cc: James Morris
Cc: Hideaki YOSHIFUJI
Cc: Patrick McHardy
Cc: Pavel Emelyanov
CC: Eric Dumazet
Cc: linux-kernel@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Andrew Vagin
Acked-by: Pavel Emelyanov
Signed-off-by: David S. Miller
26 Apr, 2012
1 commit
-
When we use netlink to monitor queue information for udp socket,
idiag_rqueue and idiag_wqueue of inet_diag_msg are returned with 0.Keep consistent with netstat, just return back allocated rmem/wmem size.
Signed-off-by: Shan Wei
Acked-by: Pavel Emelyanov
Signed-off-by: David S. Miller
17 Jan, 2012
1 commit
-
For net part, remove duplicate included header.
Signed-off-by: Shan Wei
Signed-off-by: David S. Miller
12 Jan, 2012
1 commit
-
Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller
17 Dec, 2011
2 commits
-
The sk address is used as a cookie between dump/get_exact calls.
It will be required for unix socket sdumping, so move it from
inet_diag to sock_diag.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller -
I've made a mistake when fixing the sock_/inet_diag aliases :(
1. The sock_diag layer should request the family-based alias,
not just the IPPROTO_IP one;
2. The inet_diag layer should request for AF_INET+protocol alias,
not just the protocol one.Thus fix this.
Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller
11 Dec, 2011
1 commit
-
Wrap the udp6 lookup into the proper ifdef-s.
Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller
10 Dec, 2011
3 commits
-
Do the same as TCP does -- iterate the given udp_table, filter
sockets with bytecode and dump sockets into reply message.The same filtering as for TCP applies, though only some of the
state bits really matter.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller -
Do the same as TCP does -- lookup a socket in the given udp_table,
check cookie, fill the reply message with existing inet socket dumping
helper and send one back.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller -
Introduce the transport level diag handler module for UDP (and UDP-lite)
sockets and register (empty for now) callbacks in the inet_diag module.Signed-off-by: Pavel Emelyanov
Signed-off-by: David S. Miller