Eric Lee / smarc-fsl-linux-kernel

21 Oct, 2020

1 commit

  • b7c24497b   mpls: load mpls_gso after mpls_iptunnel ... Browse Code »

    mpls_iptunnel is used only for mpls encapsuation, and if encaplusated
    packet is larger than MTU we need mpls_gso for segmentation.

    Signed-off-by: Alexander Ovechkin
    Acked-by: Dmitry Yakunin
    Reviewed-by: David Ahern
    Link: https://lore.kernel.org/r/20201020114333.26866-1-ovov@yandex-team.ru
    Signed-off-by: Jakub Kicinski

    Alexander Ovechkin
     

24 Aug, 2020

1 commit

  • df561f668   treewide: Use fallthrough pseudo-keyword ... Browse Code »

    Replace the existing /* fall through */ comments and its variants with
    the new pseudo-keyword macro fallthrough[1]. Also, remove unnecessary
    fall-through markings when it is the case.

    [1] https://www.kernel.org/doc/html/v5.7/process/deprecated.html?highlight=fallthrough#implicit-switch-case-fall-through

    Signed-off-by: Gustavo A. R. Silva

    Gustavo A. R. Silva
     

28 Jul, 2020

1 commit

14 Jun, 2020

1 commit

  • a7f7f6248   treewide: replace '---help---' in Kconfig files with 'help' ... Browse Code »

    Since commit 84af7a6194e4 ("checkpatch: kconfig: prefer 'help' over
    '---help---'"), the number of '---help---' has been gradually
    decreasing, but there are still more than 2400 instances.

    This commit finishes the conversion. While I touched the lines,
    I also fixed the indentation.

    There are a variety of indentation styles found.

    a) 4 spaces + '---help---'
    b) 7 spaces + '---help---'
    c) 8 spaces + '---help---'
    d) 1 space + 1 tab + '---help---'
    e) 1 tab + '---help---' (correct indentation)
    f) 1 tab + 1 space + '---help---'
    g) 1 tab + 2 spaces + '---help---'

    In order to convert all of them to 1 tab + 'help', I ran the
    following commend:

    $ find . -name 'Kconfig*' | xargs sed -i 's/^[[:space:]]*---help---/\thelp/'

    Signed-off-by: Masahiro Yamada

    Masahiro Yamada
     

30 May, 2020

1 commit

23 May, 2020

1 commit

27 Apr, 2020

1 commit

  • 32927393d   sysctl: pass kernel pointers to ->proc_handler ... Browse Code »

    Instead of having all the sysctl handlers deal with user pointers, which
    is rather hairy in terms of the BPF interaction, copy the input to and
    from userspace in common code. This also means that the strings are
    always NUL-terminated by the common code, making the API a little bit
    safer.

    As most handler just pass through the data to one of the common handlers
    a lot of the changes are mechnical.

    Signed-off-by: Christoph Hellwig
    Acked-by: Andrey Ignatov
    Signed-off-by: Al Viro

    Christoph Hellwig
     

30 Mar, 2020

1 commit

  • faee67694   net: add net available in build_state ... Browse Code »

    The build_state callback of lwtunnel doesn't contain the net namespace
    structure yet. This patch will add it so we can check on specific
    address configuration at creation time of rpl source routes.

    Signed-off-by: Alexander Aring
    Signed-off-by: David S. Miller

    Alexander Aring
     

29 Feb, 2020

1 commit

  • 680a93166   net: mpls: Replace zero-length array with flexible-array member ... Browse Code »

    The current codebase makes use of the zero-length array language
    extension to the C90 standard, but the preferred mechanism to declare
    variable-length types such as these ones is a flexible array member[1][2],
    introduced in C99:

    struct foo {
    int stuff;
    struct boo array[];
    };

    By making use of the mechanism above, we will get a compiler warning
    in case the flexible array does not occur last in the structure, which
    will help us prevent some kind of undefined behavior bugs from being
    inadvertently introduced[3] to the codebase from now on.

    Also, notice that, dynamic memory allocations won't be affected by
    this change:

    "Flexible array members have incomplete type, and so the sizeof operator
    may not be applied. As a quirk of the original implementation of
    zero-length arrays, sizeof evaluates to zero."[1]

    This issue was found with the help of Coccinelle.

    [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
    [2] https://github.com/KSPP/linux/issues/21
    [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")

    Signed-off-by: Gustavo A. R. Silva
    Signed-off-by: David S. Miller

    Gustavo A. R. Silva
     

05 Dec, 2019

1 commit

  • 6c8991f41   net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup ... Browse Code »

    ipv6_stub uses the ip6_dst_lookup function to allow other modules to
    perform IPv6 lookups. However, this function skips the XFRM layer
    entirely.

    All users of ipv6_stub->ip6_dst_lookup use ip_route_output_flow (via the
    ip_route_output_key and ip_route_output helpers) for their IPv4 lookups,
    which calls xfrm_lookup_route(). This patch fixes this inconsistent
    behavior by switching the stub to ip6_dst_lookup_flow, which also calls
    xfrm_lookup_route().

    This requires some changes in all the callers, as these two functions
    take different arguments and have different return types.

    Fixes: 5f81bd2e5d80 ("ipv6: export a stub for IPv6 symbols used by vxlan")
    Reported-by: Xiumei Mu
    Signed-off-by: Sabrina Dubroca
    Signed-off-by: David S. Miller

    Sabrina Dubroca
     

26 Aug, 2019

1 commit

  • 803f3e22a   ipv4: mpls: fix mpls_xmit for iptunnel ... Browse Code »

    When using mpls over gre/gre6 setup, rt->rt_gw4 address is not set, the
    same for rt->rt_gw_family. Therefore, when rt->rt_gw_family is checked
    in mpls_xmit(), neigh_xmit() call is skipped. As a result, such setup
    doesn't work anymore.

    This issue was found with LTP mpls03 tests.

    Fixes: 1550c171935d ("ipv4: Prepare rtable for IPv6 gateway")
    Signed-off-by: Alexey Kodanev
    Reviewed-by: David Ahern
    Signed-off-by: David S. Miller

    Alexey Kodanev
     

19 Jul, 2019

1 commit

  • eec4844fa   proc/sysctl: add shared variables for range check ... Browse Code »

    In the sysctl code the proc_dointvec_minmax() function is often used to
    validate the user supplied value between an allowed range. This
    function uses the extra1 and extra2 members from struct ctl_table as
    minimum and maximum allowed value.

    On sysctl handler declaration, in every source file there are some
    readonly variables containing just an integer which address is assigned
    to the extra1 and extra2 members, so the sysctl range is enforced.

    The special values 0, 1 and INT_MAX are very often used as range
    boundary, leading duplication of variables like zero=0, one=1,
    int_max=INT_MAX in different source files:

    $ git grep -E '\.extra[12].*&(zero|one|int_max)' |wc -l
    248

    Add a const int array containing the most commonly used values, some
    macros to refer more easily to the correct array member, and use them
    instead of creating a local one for every object file.

    This is the bloat-o-meter output comparing the old and new binary
    compiled with the default Fedora config:

    # scripts/bloat-o-meter -d vmlinux.o.old vmlinux.o
    add/remove: 2/2 grow/shrink: 0/2 up/down: 24/-188 (-164)
    Data old new delta
    sysctl_vals - 12 +12
    __kstrtab_sysctl_vals - 12 +12
    max 14 10 -4
    int_max 16 - -16
    one 68 - -68
    zero 128 28 -100
    Total: Before=20583249, After=20583085, chg -0.00%

    [mcroce@redhat.com: tipc: remove two unused variables]
    Link: http://lkml.kernel.org/r/20190530091952.4108-1-mcroce@redhat.com
    [akpm@linux-foundation.org: fix net/ipv6/sysctl_net_ipv6.c]
    [arnd@arndb.de: proc/sysctl: make firmware loader table conditional]
    Link: http://lkml.kernel.org/r/20190617130014.1713870-1-arnd@arndb.de
    [akpm@linux-foundation.org: fix fs/eventpoll.c]
    Link: http://lkml.kernel.org/r/20190430180111.10688-1-mcroce@redhat.com
    Signed-off-by: Matteo Croce
    Signed-off-by: Arnd Bergmann
    Acked-by: Kees Cook
    Reviewed-by: Aaron Tomlin
    Cc: Matthew Wilcox
    Cc: Stephen Rothwell
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Matteo Croce
     

13 Jun, 2019

1 commit

  • ec66854c8   mpls: fix af_mpls dependencies for real ... Browse Code »

    Randy reported that selecting MPLS_ROUTING without PROC_FS breaks
    the build, because since commit c1a9d65954c6 ("mpls: fix af_mpls
    dependencies"), MPLS_ROUTING selects PROC_SYSCTL, but Kconfig's select
    doesn't recursively handle dependencies.
    Change the select into a dependency.

    Fixes: c1a9d65954c6 ("mpls: fix af_mpls dependencies")
    Reported-by: Randy Dunlap
    Signed-off-by: Matteo Croce
    Signed-off-by: David S. Miller

    Matteo Croce
     

10 Jun, 2019

2 commits

  • c1a9d6595   mpls: fix af_mpls dependencies ... Browse Code »

    MPLS routing code relies on sysctl to work, so let it select PROC_SYSCTL.

    Reported-by: Randy Dunlap
    Suggested-by: David Ahern
    Signed-off-by: Matteo Croce
    Signed-off-by: David S. Miller

    Matteo Croce
     
  • 2f3f7d1fa   mpls: fix warning with multi-label encap ... Browse Code »

    If you configure a route with multiple labels, e.g.
    ip route add 10.10.3.0/24 encap mpls 16/100 via 10.10.2.2 dev ens4
    A warning is logged:
    kernel: [ 130.561819] netlink: 'ip': attribute type 1 has an invalid
    length.

    This happens because mpls_iptunnel_policy has set the type of
    MPLS_IPTUNNEL_DST to fixed size NLA_U32.
    Change it to a minimum size.
    nla_get_labels() does the remaining validation.

    Fixes: e3e4712ec096 ("mpls: ip tunnel support")
    Signed-off-by: George Wilkie
    Reviewed-by: David Ahern
    Signed-off-by: David S. Miller

    George Wilkie
     

31 May, 2019

1 commit

  • 2874c5fd2   treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 ... Browse Code »

    Based on 1 normalized pattern(s):

    this program is free software you can redistribute it and or modify
    it under the terms of the gnu general public license as published by
    the free software foundation either version 2 of the license or at
    your option any later version

    extracted by the scancode license scanner the SPDX license identifier

    GPL-2.0-or-later

    has been chosen to replace the boilerplate/reference in 3029 file(s).

    Signed-off-by: Thomas Gleixner
    Reviewed-by: Allison Randal
    Cc: linux-spdx@vger.kernel.org
    Link: https://lkml.kernel.org/r/20190527070032.746973796@linutronix.de
    Signed-off-by: Greg Kroah-Hartman

    Thomas Gleixner
     

21 May, 2019

2 commits

28 Apr, 2019

2 commits

  • 8cb081746   netlink: make validation more configurable for future strictness ... Browse Code »

    We currently have two levels of strict validation:

    1) liberal (default)
    - undefined (type >= max) & NLA_UNSPEC attributes accepted
    - attribute length >= expected accepted
    - garbage at end of message accepted
    2) strict (opt-in)
    - NLA_UNSPEC attributes accepted
    - attribute length >= expected accepted

    Split out parsing strictness into four different options:
    * TRAILING - check that there's no trailing data after parsing
    attributes (in message or nested)
    * MAXTYPE - reject attrs > max known type
    * UNSPEC - reject attributes with NLA_UNSPEC policy entries
    * STRICT_ATTRS - strictly validate attribute size

    The default for future things should be *everything*.
    The current *_strict() is a combination of TRAILING and MAXTYPE,
    and is renamed to _deprecated_strict().
    The current regular parsing has none of this, and is renamed to
    *_parse_deprecated().

    Additionally it allows us to selectively set one of the new flags
    even on old policies. Notably, the UNSPEC flag could be useful in
    this case, since it can be arranged (by filling in the policy) to
    not be an incompatible userspace ABI change, but would then going
    forward prevent forgetting attribute entries. Similar can apply
    to the POLICY flag.

    We end up with the following renames:
    * nla_parse -> nla_parse_deprecated
    * nla_parse_strict -> nla_parse_deprecated_strict
    * nlmsg_parse -> nlmsg_parse_deprecated
    * nlmsg_parse_strict -> nlmsg_parse_deprecated_strict
    * nla_parse_nested -> nla_parse_nested_deprecated
    * nla_validate_nested -> nla_validate_nested_deprecated

    Using spatch, of course:
    @@
    expression TB, MAX, HEAD, LEN, POL, EXT;
    @@
    -nla_parse(TB, MAX, HEAD, LEN, POL, EXT)
    +nla_parse_deprecated(TB, MAX, HEAD, LEN, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, TB, MAX, POL, EXT;
    @@
    -nlmsg_parse_strict(NLH, HDRLEN, TB, MAX, POL, EXT)
    +nlmsg_parse_deprecated_strict(NLH, HDRLEN, TB, MAX, POL, EXT)

    @@
    expression TB, MAX, NLA, POL, EXT;
    @@
    -nla_parse_nested(TB, MAX, NLA, POL, EXT)
    +nla_parse_nested_deprecated(TB, MAX, NLA, POL, EXT)

    @@
    expression START, MAX, POL, EXT;
    @@
    -nla_validate_nested(START, MAX, POL, EXT)
    +nla_validate_nested_deprecated(START, MAX, POL, EXT)

    @@
    expression NLH, HDRLEN, MAX, POL, EXT;
    @@
    -nlmsg_validate(NLH, HDRLEN, MAX, POL, EXT)
    +nlmsg_validate_deprecated(NLH, HDRLEN, MAX, POL, EXT)

    For this patch, don't actually add the strict, non-renamed versions
    yet so that it breaks compile if I get it wrong.

    Also, while at it, make nla_validate and nla_parse go down to a
    common __nla_validate_parse() function to avoid code duplication.

    Ultimately, this allows us to have very strict validation for every
    new caller of nla_parse()/nlmsg_parse() etc as re-introduced in the
    next patch, while existing things will continue to work as is.

    In effect then, this adds fully strict validation for any new command.

    Signed-off-by: Johannes Berg
    Signed-off-by: David S. Miller

    Johannes Berg
     
  • ae0be8de9   netlink: make nla_nest_start() add NLA_F_NESTED flag ... Browse Code »

    Even if the NLA_F_NESTED flag was introduced more than 11 years ago, most
    netlink based interfaces (including recently added ones) are still not
    setting it in kernel generated messages. Without the flag, message parsers
    not aware of attribute semantics (e.g. wireshark dissector or libmnl's
    mnl_nlmsg_fprintf()) cannot recognize nested attributes and won't display
    the structure of their contents.

    Unfortunately we cannot just add the flag everywhere as there may be
    userspace applications which check nlattr::nla_type directly rather than
    through a helper masking out the flags. Therefore the patch renames
    nla_nest_start() to nla_nest_start_noflag() and introduces nla_nest_start()
    as a wrapper adding NLA_F_NESTED. The calls which add NLA_F_NESTED manually
    are rewritten to use nla_nest_start().

    Except for changes in include/net/netlink.h, the patch was generated using
    this semantic patch:

    @@ expression E1, E2; @@
    -nla_nest_start(E1, E2)
    +nla_nest_start_noflag(E1, E2)

    @@ expression E1, E2; @@
    -nla_nest_start_noflag(E1, E2 | NLA_F_NESTED)
    +nla_nest_start(E1, E2)

    Signed-off-by: Michal Kubecek
    Acked-by: Jiri Pirko
    Acked-by: David Ahern
    Signed-off-by: David S. Miller

    Michal Kubecek
     

23 Apr, 2019

1 commit

09 Apr, 2019

2 commits

  • 0f5f7d7bf   ipv4: Add support to rtable for ipv6 gateway ... Browse Code »

    Add support for an IPv6 gateway to rtable. Since a gateway is either
    IPv4 or IPv6, make it a union with rt_gw4 where rt_gw_family decides
    which address is in use.

    When dumping the route data, encode an ipv6 nexthop using RTA_VIA.

    Signed-off-by: David Ahern
    Reviewed-by: Ido Schimmel
    Signed-off-by: David S. Miller

    David Ahern
     
  • 1550c1719   ipv4: Prepare rtable for IPv6 gateway ... Browse Code »

    To allow the gateway to be either an IPv4 or IPv6 address, remove
    rt_uses_gateway from rtable and replace with rt_gw_family. If
    rt_gw_family is set it implies rt_uses_gateway. Rename rt_gateway
    to rt_gw4 to represent the IPv4 version.

    Signed-off-by: David Ahern
    Reviewed-by: Ido Schimmel
    Signed-off-by: David S. Miller

    David Ahern
     

30 Mar, 2019

1 commit

  • 3616d08bc   ipv6: Move ipv6 stubs to a separate header file ... Browse Code »

    The number of stubs is growing and has nothing to do with addrconf.
    Move the definition of the stubs to a separate header file and update
    users. In the move, drop the vxlan specific comment before ipv6_stub.

    Code move only; no functional change intended.

    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     

20 Mar, 2019

1 commit

  • f84532ce5   mpls: Fix 6PE forwarding ... Browse Code »

    This patch adds support for 6PE (RFC 4798) which uses IPv4-mapped IPv6
    nexthop to connect IPv6 islands over IPv4 only MPLS network core.

    Prior to this fix, to find the link-layer destination mac address, 6PE
    enabled host/router was sending IPv6 ND requests for IPv4-mapped IPv6
    nexthop address over the interface facing the IPv4 only core which
    wouldn't success as the core is IPv6 free.

    This fix changes that behavior on 6PE host to treat the nexthop as IPv4
    address and send ARP requests whenever the next-hop address is an
    IPv4-mapped IPv6 address.

    Below topology illustrates the issue and how the patch addresses it.

    abcd::1.1.1.1 (lo) abcd::2.2.2.2 (lo)
    R0 (PE/host)------------------------R1--------------------------------R2 (PE/host)

    eth1 eth2 eth3 eth4
    172.18.0.10 172.18.0.11 172.19.0.11 172.19.0.12
    ffff::172.18.0.10 ffff::172.19.0.12

    R0 and R2 act as 6PE routers of IPv6 islands. R1 is IPv4 only with MPLS tunnels
    between R0,R1 and R1,R2.

    docker exec r0 ip -f inet6 route add abcd::2.2.2.2/128 nexthop encap mpls 100 via ::ffff:172.18.0.11 dev eth1
    docker exec r2 ip -f inet6 route add abcd::1.1.1.1/128 nexthop encap mpls 200 via ::ffff:172.19.0.11 dev eth4

    docker exec r1 ip -f mpls route add 100 via inet 172.19.0.12 dev eth3
    docker exec r1 ip -f mpls route add 200 via inet 172.18.0.10 dev eth2

    With the change, when R0 sends an IPv6 packet over MPLS tunnel to abcd::2.2.2.2,
    using ::ffff:172.18.0.11 as the nexthop, it does neighbor discovery for
    172.18.18.0.11.

    Signed-off-by: Vinay K Nallamothu
    Tested-by: Avinash Lingala
    Tested-by: Aravind Srinivas Srinivasa Prabhakar
    Signed-off-by: David S. Miller

    Vinay K Nallamothu
     

03 Mar, 2019

1 commit

27 Feb, 2019

1 commit

  • be48220ed   mpls: Return error for RTA_GATEWAY attribute ... Browse Code »

    MPLS does not support nexthops with an MPLS address family.
    Specifically, it does not handle RTA_GATEWAY attribute. Make it
    clear by returning an error.

    Fixes: 03c0566542f4c ("mpls: Netlink commands to add, remove, and dump routes")
    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     

09 Feb, 2019

1 commit

  • b4ba9354c   mpls_iptunnel: use struct_size() helper ... Browse Code »

    One of the more common cases of allocation size calculations is finding
    the size of a structure that has a zero-sized array at the end, along
    with memory for some number of elements for that array. For example:

    struct foo {
    int stuff;
    struct boo entry[];
    };

    instance = alloc(sizeof(struct foo) + count * sizeof(struct boo));

    Instead of leaving these open-coded and prone to type mistakes, we can
    now use the new struct_size() helper:

    instance = alloc(struct_size(instance, entry, count));

    This code was detected with the help of Coccinelle.

    Signed-off-by: Gustavo A. R. Silva
    Signed-off-by: David S. Miller

    Gustavo A. R. Silva
     

20 Jan, 2019

2 commits

16 Oct, 2018

4 commits

  • 196cfebf8   net/mpls: Handle kernel side filtering of route dumps ... Browse Code »

    Update the dump request parsing in MPLS for the non-INET case to
    enable kernel side filtering. If INET is disabled the only filters
    that make sense for MPLS are protocol and nexthop device.

    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     
  • effe67926   net: Enable kernel side filtering of route dumps ... Browse Code »

    Update parsing of route dump request to enable kernel side filtering.
    Allow filtering results by protocol (e.g., which routing daemon installed
    the route), route type (e.g., unicast), table id and nexthop device. These
    amount to the low hanging fruit, yet a huge improvement, for dumping
    routes.

    ip_valid_fib_dump_req is called with RTNL held, so __dev_get_by_index can
    be used to look up the device index without taking a reference. From
    there filter->dev is only used during dump loops with the lock still held.

    Set NLM_F_DUMP_FILTERED in the answer_flags so the user knows the results
    have been filtered should no entries be returned.

    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     
  • bae9a78b1   net/mpls: Plumb support for filtering route dumps ... Browse Code »

    Implement kernel side filtering of routes by egress device index and
    protocol. MPLS uses only a single table and route type.

    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     
  • 4724676d5   net: Add struct for fib dump filter ... Browse Code »

    Add struct fib_dump_filter for options on limiting which routes are
    returned in a dump request. The current list is table id, protocol,
    route type, rtm_flags and nexthop device index. struct net is needed
    to lookup the net_device from the index.

    Declare the filter for each route dump handler and plumb the new
    arguments from dump handlers to ip_valid_fib_dump_req.

    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     

11 Oct, 2018

1 commit

  • d8a66aa25   net/mpls: Implement handler for strict data checking on dumps ... Browse Code »

    Without CONFIG_INET enabled compiles fail with:

    net/mpls/af_mpls.o: In function `mpls_dump_routes':
    af_mpls.c:(.text+0xed0): undefined reference to `ip_valid_fib_dump_req'

    The preference is for MPLS to use the same handler as ipv4 and ipv6
    to allow consistency when doing a dump for AF_UNSPEC which walks
    all address families invoking the route dump handler. If INET is
    disabled then fallback to an MPLS version which can be tighter on
    the data checks.

    Fixes: e8ba330ac0c5 ("rtnetlink: Update fib dumps for strict data checking")
    Reported-by: Randy Dunlap
    Reported-by: Arnd Bergmann
    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     

09 Oct, 2018

3 commits

  • addd383f5   net: Update netconf dump handlers for strict data checking ... Browse Code »

    Update inet_netconf_dump_devconf, inet6_netconf_dump_devconf, and
    mpls_netconf_dump_devconf for strict data checking. If the flag is set,
    the dump request is expected to have an netconfmsg struct as the header.
    The struct only has the family member and no attributes can be appended.

    Signed-off-by: David Ahern
    Acked-by: Christian Brauner
    Signed-off-by: David S. Miller

    David Ahern
     
  • e8ba330ac   rtnetlink: Update fib dumps for strict data checking ... Browse Code »

    Add helper to check netlink message for route dumps. If the strict flag
    is set the dump request is expected to have an rtmsg struct as the header.
    All elements of the struct are expected to be 0 with the exception of
    rtm_flags (which is used by both ipv4 and ipv6 dumps) and no attributes
    can be appended. rtm_flags can only have RTM_F_CLONED and RTM_F_PREFIX
    set.

    Update inet_dump_fib, inet6_dump_fib, mpls_dump_routes, ipmr_rtm_dumproute,
    and ip6mr_rtm_dumproute to call this helper if strict data checking is
    enabled.

    Signed-off-by: David Ahern
    Signed-off-by: David S. Miller

    David Ahern
     
  • dac9c9790   net: Add extack to nlmsg_parse ... Browse Code »

    Make sure extack is passed to nlmsg_parse where easy to do so.
    Most of these are dump handlers and leveraging the extack in
    the netlink_callback.

    Signed-off-by: David Ahern
    Acked-by: Christian Brauner
    Signed-off-by: David S. Miller

    David Ahern
     

25 Sep, 2018

1 commit

  • d8e2262a5   mpls: allow routes on ip6gre devices ... Browse Code »

    Summary:

    This appears to be necessary and sufficient change to enable `MPLS` on
    `ip6gre` tunnels (RFC4023).

    This diff allows IP6GRE devices to be recognized by MPLS kernel module
    and hence user can configure interface to accept packets with mpls
    headers as well setup mpls routes on them.

    Test Plan:

    Test plan consists of multiple containers connected via GRE-V6 tunnel.
    Then carrying out testing steps as below.

    - Carry out necessary sysctl settings on all containers

    ```
    sysctl -w net.mpls.platform_labels=65536
    sysctl -w net.mpls.ip_ttl_propagate=1
    sysctl -w net.mpls.conf.lo.input=1
    ```

    - Establish IP6GRE tunnels

    ```
    ip -6 tunnel add name if_1_2_1 mode ip6gre \
    local 2401:db00:21:6048:feed:0::1 \
    remote 2401:db00:21:6048:feed:0::2 key 1
    ip link set dev if_1_2_1 up
    sysctl -w net.mpls.conf.if_1_2_1.input=1
    ip -4 addr add 169.254.0.2/31 dev if_1_2_1 scope link

    ip -6 tunnel add name if_1_3_1 mode ip6gre \
    local 2401:db00:21:6048:feed:0::1 \
    remote 2401:db00:21:6048:feed:0::3 key 1
    ip link set dev if_1_3_1 up
    sysctl -w net.mpls.conf.if_1_3_1.input=1
    ip -4 addr add 169.254.0.4/31 dev if_1_3_1 scope link
    ```

    - Install MPLS encap rules on node-1 towards node-2

    ```
    ip route add 192.168.0.11/32 nexthop encap mpls 32/64 \
    via inet 169.254.0.3 dev if_1_2_1
    ```

    - Install MPLS forwarding rules on node-2 and node-3
    ```
    // node2
    ip -f mpls route add 32 via inet 169.254.0.7 dev if_2_4_1

    // node3
    ip -f mpls route add 64 via inet 169.254.0.12 dev if_4_3_1
    ```

    - Ping 192.168.0.11 (node4) from 192.168.0.1 (node1) (where routing
    towards 192.168.0.1 is via IP route directly towards node1 from node4)
    ```
    ping 192.168.0.11
    ```

    - tcpdump on interface to capture ping packets wrapped within MPLS
    header which inturn wrapped within IP6GRE header

    ```
    16:43:41.121073 IP6
    2401:db00:21:6048:feed::1 > 2401:db00:21:6048:feed::2:
    DSTOPT GREv0, key=0x1, length 100:
    MPLS (label 32, exp 0, ttl 255) (label 64, exp 0, [S], ttl 255)
    IP 192.168.0.1 > 192.168.0.11:
    ICMP echo request, id 1208, seq 45, length 64

    0x0000: 6000 2cdb 006c 3c3f 2401 db00 0021 6048 `.,..l
    Signed-off-by: David S. Miller

    Saif Hasan
     

25 Jul, 2018

1 commit