08 Aug, 2011
1 commit
-
Make sure skb dst has reference when moving to
another context. Currently, I don't see protocols that can
hit it when sending broadcasts/multicasts to loopback using
noref dsts, so it is just a precaution.Signed-off-by: Julian Anastasov
Signed-off-by: David S. Miller
03 Aug, 2011
1 commit
-
Gergely Kalman reported crashes in check_peer_redir().
It appears commit f39925dbde778 (ipv4: Cache learned redirect
information in inetpeer.) added a race, leading to possible NULL ptr
dereference.Since we can now change dst neighbour, we should make sure a reader can
safely use a neighbour.Add RCU protection to dst neighbour, and make sure check_peer_redir()
can be called safely by different cpus in parallel.As neighbours are already freed after one RCU grace period, this patch
should not add typical RCU penalty (cache cold effects)Many thanks to Gergely for providing a pretty report pointing to the
bug.Reported-by: Gergely Kalman
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
22 Jul, 2011
1 commit
-
Because the ip fragment offset field counts 8-byte chunks, ip
fragments other than the last must contain a multiple of 8 bytes of
payload. ip_ufo_append_data wasn't respecting this constraint and,
depending on the MTU and ip option sizes, could create malformed
non-final fragments.Google-Bug-Id: 5009328
Signed-off-by: Bill Sommerfeld
Signed-off-by: David S. Miller
18 Jul, 2011
1 commit
-
dst_{get,set}_neighbour()
Signed-off-by: David S. Miller
17 Jul, 2011
2 commits
-
Signed-off-by: David S. Miller
-
Signed-off-by: David S. Miller
14 Jul, 2011
1 commit
-
Now that there is a one-to-one correspondance between neighbour
and hh_cache entries, we no longer need:1) dynamic allocation
2) attachment to dst->hh
3) refcountingInitialization of the hh_cache entry is indicated by hh_len
being non-zero, and such initialization is always done with
the neighbour's lock held as a writer.Signed-off-by: David S. Miller
06 Jul, 2011
1 commit
02 Jul, 2011
1 commit
-
We might call ip_ufo_append_data() for packets that will be IPsec
transformed later. This function should be used just for real
udp packets. So we check for rt->dst.header_len which is only
nonzero on IPsec handling and call ip_ufo_append_data() just
if rt->dst.header_len is zero.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller
28 Jun, 2011
2 commits
-
ip_append_data() builds packets based on the mtu from dst_mtu(rt->dst.path).
On IPsec the effective mtu is lower because we need to add the protocol
headers and trailers later when we do the IPsec transformations. So after
the IPsec transformations the packet might be too big, which leads to a
slowpath fragmentation then. This patch fixes this by building the packets
based on the lower IPsec mtu from dst_mtu(&rt->dst) and adapts the exthdr
handling to this.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller -
Git commit 59104f06 (ip: take care of last fragment in ip_append_data)
added a check to see if we exceed the mtu when we add trailer_len.
However, the mtu is already subtracted by the trailer length when the
xfrm transfomation bundles are set up. So IPsec packets with mtu
size get fragmented, or if the DF bit is set the packets will not
be send even though they match the mtu perfectly fine. This patch
actually reverts commit 59104f06.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller
22 Jun, 2011
1 commit
-
There are enough instances of this:
iph->frag_off & htons(IP_MF | IP_OFFSET)
that a helper function is probably warranted.
Signed-off-by: Paul Gortmaker
Signed-off-by: David S. Miller
10 Jun, 2011
1 commit
-
We assume that transhdrlen is positive on the first fragment
which is wrong for raw packets. So we don't add exthdrlen to the
packet size for raw packets. This leads to a reallocation on IPsec
because we have not enough headroom on the skb to place the IPsec
headers. This patch fixes this by adding exthdrlen to the packet
size whenever the send queue of the socket is empty. This issue was
introduced with git commit 1470ddf7 (inet: Remove explicit write
references to sk/inet in ip_append_data)Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller
14 May, 2011
1 commit
-
This will allow ip_options_build() to reliably look at the values of
iph->{daddr,saddr}Signed-off-by: David S. Miller
11 May, 2011
1 commit
-
This eliminates an access to rt->rt_src.
Signed-off-by: David S. Miller
09 May, 2011
5 commits
-
This way rt->rt_dst accesses are unnecessary.
Signed-off-by: David S. Miller
-
This way ip_output.c no longer needs rt->rt_{src,dst}.
We already have these keys sitting, ready and waiting, on the stack or
in a socket structure.Signed-off-by: David S. Miller
-
Now we can pick it out of the provided flow key.
Signed-off-by: David S. Miller
-
This allows us to acquire the exact route keying information from the
protocol, however that might be managed.It handles all of the possibilities, from the simplest case of storing
the key in inet->cork.fl to the more complex setup SCTP has where
individual transports determine the flow.Signed-off-by: David S. Miller
-
All invokers of ip_queue_xmit() must make certain that the
socket is locked. All of SCTP, TCP, DCCP, and L2TP now make
sure this is the case.Therefore we can use the cork flow during output route lookup in
ip_queue_xmit() when the socket route check fails.Signed-off-by: David S. Miller
07 May, 2011
3 commits
-
Noticed by Joe Perches.
Signed-off-by: David S. Miller
-
ip_setup_cork() explicitly initializes every member of
inet_cork except flags, addr, and opt. So we can simply
set those three members to zero instead of using a
memset() via an empty struct assignment.Signed-off-by: David S. Miller
Acked-by: Eric Dumazet -
When we fast path datagram sends to avoid locking by putting
the inet_cork on the stack we use up lots of space that isn't
necessary.This is because inet_cork contains a "struct flowi" which isn't
used in these code paths.Split inet_cork to two parts, "inet_cork" and "inet_cork_full".
Only the latter of which has the "struct flowi" and is what is
stored in inet_sock.Signed-off-by: David S. Miller
Acked-by: Eric Dumazet
05 May, 2011
1 commit
-
Instead of rt->rt_{dst,src}
The only tricky part is source route option handling.
If the source route option is enabled we can't just use plain 'daddr',
we have to use opt->opt.faddr.Signed-off-by: David S. Miller
04 May, 2011
1 commit
-
Signed-off-by: David S. Miller
29 Apr, 2011
1 commit
-
We lack proper synchronization to manipulate inet->opt ip_options
Problem is ip_make_skb() calls ip_setup_cork() and
ip_setup_cork() possibly makes a copy of ipc->opt (struct ip_options),
without any protection against another thread manipulating inet->opt.Another thread can change inet->opt pointer and free old one under us.
Use RCU to protect inet->opt (changed to inet->inet_opt).
Instead of handling atomic refcounts, just copy ip_options when
necessary, to avoid cache line dirtying.We cant insert an rcu_head in struct ip_options since its included in
skb->cb[], so this patch is large because I had to introduce a new
ip_options_rcu structure.Signed-off-by: Eric Dumazet
Cc: Herbert Xu
Signed-off-by: David S. Miller
12 Apr, 2011
1 commit
-
Conflicts:
drivers/net/smsc911x.c
31 Mar, 2011
2 commits
-
Fixes generated by 'codespell' and manually reviewed.
Signed-off-by: Lucas De Marchi
-
Signed-off-by: David S. Miller
13 Mar, 2011
5 commits
-
Signed-off-by: David S. Miller
-
Signed-off-by: David S. Miller
-
Create two sets of port member accessors, one set prefixed by fl4_*
and the other prefixed by fl6_*This will let us to create AF optimal flow instances.
It will work because every context in which we access the ports,
we have to be fully aware of which AF the flowi is anyways.Signed-off-by: David S. Miller
-
I intend to turn struct flowi into a union of AF specific flowi
structs. There will be a common structure that each variant includes
first, much like struct sock_common.This is the first step to move in that direction.
Signed-off-by: David S. Miller
-
The idea here is this minimizes the number of places one has to edit
in order to make changes to how flows are defined and used.Signed-off-by: David S. Miller
03 Mar, 2011
1 commit
-
Instead of on the stack.
Signed-off-by: David S. Miller
02 Mar, 2011
5 commits
-
The patch to replace inet->cork with cork left out two spots in
__ip_append_data that can result in bogus packet construction.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
This boolean state is now available in the flow flags.
Signed-off-by: David S. Miller
-
Since that is what the current vague "flags" argument means.
Signed-off-by: David S. Miller
-
This patch adds the helper ip_make_skb which is like ip_append_data
and ip_push_pending_frames all rolled into one, except that it does
not send the skb produced. The sending part is carried out by
ip_send_skb, which the transport protocol can call after it has
tweaked the skb.It is meant to be called in cases where corking is not used should
have a one-to-one correspondence to sendmsg.This patch also adds the helper ip_finish_skb which is meant to
be replace ip_push_pending_frames when corking is required.
Previously the protocol stack would peek at the socket write
queue and add its header to the first packet. With ip_finish_skb,
the protocol stack can directly operate on the final skb instead,
just like the non-corking case with ip_make_skb.Signed-off-by: Herbert Xu
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller -
In order to allow simultaneous calls to ip_append_data on the same
socket, it must not modify any shared state in sk or inet (other
than those that are designed to allow that such as atomic counters).This patch abstracts out write references to sk and inet_sk in
ip_append_data and its friends so that we may use the underlying
code in parallel.Signed-off-by: Herbert Xu
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller
