09 Aug, 2013
1 commit
-
With GRO/LRO processing, there is a problem because Ip[6]InReceives SNMP
counters do not count the number of frames, but number of aggregated
segments.Its probably too late to change this now.
This patch adds four new counters, tracking number of frames, regardless
of LRO/GRO, and on a per ECN status basis, for IPv4 and IPv6.Ip[6]NoECTPkts : Number of packets received with NOECT
Ip[6]ECT1Pkts : Number of packets received with ECT(1)
Ip[6]ECT0Pkts : Number of packets received with ECT(0)
Ip[6]CEPkts : Number of packets received with Congestion Experiencedlph37:~# nstat | egrep "Pkts|InReceive"
IpInReceives 1634137 0.0
Ip6InReceives 3714107 0.0
Ip6InNoECTPkts 19205 0.0
Ip6InECT0Pkts 52651828 0.0
IpExtInNoECTPkts 33630 0.0
IpExtInECT0Pkts 15581379 0.0
IpExtInCEPkts 6 0.0Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
04 Aug, 2013
2 commits
-
Merge net into net-next to setup some infrastructure Eric
Dumazet needs for usbnet changes.Signed-off-by: David S. Miller
-
This change brings the suppressor attribute names into line; it also changes
the data types to provide a more consistent interface.While -1 indicates that the suppressor is not enabled, values >= 0 for
suppress_prefixlen or suppress_ifgroup reject routing decisions violating the
constraint.This changes the previously presented behaviour of suppress_prefixlen, where a
prefix length _less_ than the attribute value was rejected. After this change,
a prefix length less than *or* equal to the value is considered a violation of
the rule constraint.It also changes the default values for default and newly added rules (disabling
any suppression for those).Signed-off-by: Stefan Tomanek
Signed-off-by: David S. Miller
03 Aug, 2013
3 commits
-
This change adds the ability to suppress a routing decision based upon the
interface group the selected interface belongs to. This allows it to
exclude specific devices from a routing decision.Signed-off-by: Stefan Tomanek
Signed-off-by: David S. Miller -
By using sizeof(_hdr), net/ipv6/raw.c:icmpv6_filter implicitly assumes
that any valid ICMPv6 message is at least eight bytes long, i.e., that
the message body is at least four bytes.The DIS message of RPL (RFC 6550 section 6.2, from the 6LoWPAN world),
has a minimum length of only six bytes, and is thus blocked by
icmpv6_filter.RFC 4443 seems to allow even a zero-sized body, making the minimum
allowable message size four bytes.Signed-off-by: Werner Almesberger
Signed-off-by: David S. Miller -
"_hdr" should hold the ICMPv6 header while "hdr" is the pointer to it.
This worked by accident.Signed-off-by: Werner Almesberger
Signed-off-by: David S. Miller
02 Aug, 2013
5 commits
-
Server Client
2001:1::803/64 2001:1::805/64
2001:2::804/64 2001:2::806/64Server side fib binary tree looks like this:
(2001:/64)
/
/
ffff88002103c380
/ \
(2) / \
(2001::803/128) ffff880037ac07c0
/ \
/ \ (3)
ffff880037ac0640 (2001::806/128)
/ \
(1) / \
(2001::804/128) (2001::805/128)Delete 2001::804/64 won't cause prefix route deleted as well as rt in (3)
destinate to 2001::806 with source address as 2001::804/64. That's because
2001::803/64 is still alive, which make onlink=1 in ipv6_del_addr, this is
where the substantial difference between same prefix configuration and
different prefix configuration :) So packet are still transmitted out to
2001::806 with source address as 2001::804/64.So bump genid will clear rt in (3), and up layer protocol will eventually
find the right one for themselves.This problem arised from the discussion in here:
http://marc.info/?l=linux-netdev&m=137404469219410&w=4Signed-off-by: Fan Du
Signed-off-by: David S. Miller -
There's a race in IPv6 automatic addess assignment. The address is created
with zero lifetime when it's added to various address lists. Before it gets
assigned the correct lifetime, there's a window where a new address may be
configured. This causes the semi-initiated address to be deleted in
addrconf_verify.This was discovered as a reference leak caused by concurrent run of
__ipv6_ifa_notify for both RTM_NEWADDR and RTM_DELADDR with the same
address.Fix this by setting the lifetime before the address is added to
inet6_addr_lst.A few notes:
1. In addrconf_prefix_rcv, by setting update_lft to zero, the
if (update_lft) { ... } condition is no longer executed for newly
created addresses. This is okay, as the ifp fields are set in
ipv6_add_addr now and ipv6_ifa_notify is called (and has been called)
through addrconf_dad_start.2. The removal of the whole block under ifp->lock in inet6_addr_add is okay,
too, as tstamp is initialized to jiffies in ipv6_add_addr.Signed-off-by: Jiri Benc
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller -
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller -
As pointed out by Eric Dumazet, net->ipv6.ip6_rt_last_gc should
hold the last time garbage collector was run so that we should
update it whenever fib6_run_gc() calls fib6_clean_all(), not only
if we got there from ip6_dst_gc().Signed-off-by: Michal Kubecek
Signed-off-by: David S. Miller -
On a high-traffic router with many processors and many IPv6 dst
entries, soft lockup in fib6_run_gc() can occur when number of
entries reaches gc_thresh.This happens because fib6_run_gc() uses fib6_gc_lock to allow
only one thread to run the garbage collector but ip6_dst_gc()
doesn't update net->ipv6.ip6_rt_last_gc until fib6_run_gc()
returns. On a system with many entries, this can take some time
so that in the meantime, other threads pass the tests in
ip6_dst_gc() (ip6_rt_last_gc is still not updated) and wait for
the lock. They then have to run the garbage collector one after
another which blocks them for quite long.Resolve this by replacing special value ~0UL of expire parameter
to fib6_run_gc() by explicit "force" parameter to choose between
spin_lock_bh() and spin_trylock_bh() and call fib6_run_gc() with
force=false if gc_thresh is reached but not max_size.Signed-off-by: Michal Kubecek
Signed-off-by: David S. Miller
01 Aug, 2013
3 commits
-
With the addition of the suppress operation
(7764a45a8f1fe74d4f7d301eaca2e558e7e2831a ("fib_rules: add .suppress
operation") we rely on accurate error reporting of the fib_rules.actions.fib6_rule_action always returned -EAGAIN in case we could not find a
matching route and 0 if a rule was matched. This also included a match
for blackhole or prohibited rule actions which could get suppressed by
the new logic.So adapt fib6_rule_action to always return the correct error code as
its counterpart fib4_rule_action does. This also fixes a possiblity of
nullptr-deref where we don't find a table, thus rt == NULL. Because
the condition rt != ip6_null_entry still holdes it seems we could later
get a nullptr bug on dereference rt->dst.v2:
a) Fixed a brain fart in the commit msg (the rule => a table, etc). No
changes to the patch.Cc: Stefan Tomanek
Cc: Hideaki YOSHIFUJI
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
This change adds a new operation to the fib_rules_ops struct; it allows the
suppression of routing decisions if certain criteria are not met by its
results.The first implemented constraint is a minimum prefix length added to the
structures of routing rules. If a rule is added with a minimum prefix length
>0, only routes meeting this threshold will be considered. Any other (more
general) routing table entries will be ignored.When configuring a system with multiple network uplinks and default routes, it
is often convinient to reference the main routing table multiple times - but
omitting the default route. Using this patch and a modified "ip" utility, this
can be achieved by using the following command sequence:$ ip route add table secuplink default via 10.42.23.1
$ ip rule add pref 100 table main prefixlength 1
$ ip rule add pref 150 fwmark 0xA table secuplinkWith this setup, packets marked 0xA will be processed by the additional routing
table "secuplink", but only if no suitable route in the main routing table can
be found. By using a minimal prefixlength of 1, the default route (/0) of the
table "main" is hidden to packets processed by rule 100; packets traveling to
destinations with more specific routing entries are processed as usual.Signed-off-by: Stefan Tomanek
Signed-off-by: David S. Miller -
Current net name space has only one genid for both IPv4 and IPv6, it has below
drawbacks:- Add/delete an IPv4 address will invalidate all IPv6 routing table entries.
- Insert/remove XFRM policy will also invalidate both IPv4/IPv6 routing table
entries even when the policy is only applied for one address family.Thus, this patch attempt to split one genid for two to cater for IPv4 and IPv6
separately in a fine granularity.Signed-off-by: Fan Du
Acked-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
31 Jul, 2013
1 commit
-
| If you want to test which effects syncookies have to your
| network connections you can set this knob to 2 to enable
| unconditionally generation of syncookies.Original idea and first implementation by Eric Dumazet.
Cc: Florian Westphal
Cc: David Miller
Signed-off-by: Eric Dumazet
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
29 Jul, 2013
1 commit
-
v2:
a) Also send ipv4 igmp messages with TC_PRIO_CONTROLCc: William Manley
Cc: Lukas Tribus
Acked-by: Benjamin LaHaise
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
25 Jul, 2013
4 commits
-
Idea of this patch is to add optional limitation of number of
unsent bytes in TCP sockets, to reduce usage of kernel memory.TCP receiver might announce a big window, and TCP sender autotuning
might allow a large amount of bytes in write queue, but this has little
performance impact if a large part of this buffering is wasted :Write queue needs to be large only to deal with large BDP, not
necessarily to cope with scheduling delays (incoming ACKS make room
for the application to queue more bytes)For most workloads, using a value of 128 KB or less is OK to give
applications enough time to react to POLLOUT events in time
(or being awaken in a blocking sendmsg())This patch adds two ways to set the limit :
1) Per socket option TCP_NOTSENT_LOWAT
2) A sysctl (/proc/sys/net/ipv4/tcp_notsent_lowat) for sockets
not using TCP_NOTSENT_LOWAT socket option (or setting a zero value)
Default value being UINT_MAX (0xFFFFFFFF), meaning this has no effect.This changes poll()/select()/epoll() to report POLLOUT
only if number of unsent bytes is below tp->nosent_lowatNote this might increase number of sendmsg()/sendfile() calls
when using non blocking sockets,
and increase number of context switches for blocking sockets.Note this is not related to SO_SNDLOWAT (as SO_SNDLOWAT is
defined as :
Specify the minimum number of bytes in the buffer until
the socket layer will pass the data to the protocol)Tested:
netperf sessions, and watching /proc/net/protocols "memory" column for TCP
With 200 concurrent netperf -t TCP_STREAM sessions, amount of kernel memory
used by TCP buffers shrinks by ~55 % (20567 pages instead of 45458)lpq83:~# echo -1 >/proc/sys/net/ipv4/tcp_notsent_lowat
lpq83:~# (super_netperf 200 -t TCP_STREAM -H remote -l 90 &); sleep 60 ; grep TCP /proc/net/protocols
TCPv6 1880 2 45458 no 208 yes ipv6 y y y y y y y y y y y y y n y y y y y
TCP 1696 508 45458 no 208 yes kernel y y y y y y y y y y y y y n y y y y ylpq83:~# echo 131072 >/proc/sys/net/ipv4/tcp_notsent_lowat
lpq83:~# (super_netperf 200 -t TCP_STREAM -H remote -l 90 &); sleep 60 ; grep TCP /proc/net/protocols
TCPv6 1880 2 20567 no 208 yes ipv6 y y y y y y y y y y y y y n y y y y y
TCP 1696 508 20567 no 208 yes kernel y y y y y y y y y y y y y n y y y y yUsing 128KB has no bad effect on the throughput or cpu usage
of a single flow, although there is an increase of context switches.A bonus is that we hold socket lock for a shorter amount
of time and should improve latencies of ACK processing.lpq83:~# echo -1 >/proc/sys/net/ipv4/tcp_notsent_lowat
lpq83:~# perf stat -e context-switches ./netperf -H 7.7.7.84 -t omni -l 20 -c -i10,3
OMNI Send TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 7.7.7.84 () port 0 AF_INET : +/-2.500% @ 99% conf.
Local Remote Local Elapsed Throughput Throughput Local Local Remote Remote Local Remote Service
Send Socket Recv Socket Send Time Units CPU CPU CPU CPU Service Service Demand
Size Size Size (sec) Util Util Util Util Demand Demand Units
Final Final % Method % Method
1651584 6291456 16384 20.00 17447.90 10^6bits/s 3.13 S -1.00 U 0.353 -1.000 usec/KBPerformance counter stats for './netperf -H 7.7.7.84 -t omni -l 20 -c -i10,3':
412,514 context-switches
200.034645535 seconds time elapsed
lpq83:~# echo 131072 >/proc/sys/net/ipv4/tcp_notsent_lowat
lpq83:~# perf stat -e context-switches ./netperf -H 7.7.7.84 -t omni -l 20 -c -i10,3
OMNI Send TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 7.7.7.84 () port 0 AF_INET : +/-2.500% @ 99% conf.
Local Remote Local Elapsed Throughput Throughput Local Local Remote Remote Local Remote Service
Send Socket Recv Socket Send Time Units CPU CPU CPU CPU Service Service Demand
Size Size Size (sec) Util Util Util Util Demand Demand Units
Final Final % Method % Method
1593240 6291456 16384 20.00 17321.16 10^6bits/s 3.35 S -1.00 U 0.381 -1.000 usec/KBPerformance counter stats for './netperf -H 7.7.7.84 -t omni -l 20 -c -i10,3':
2,675,818 context-switches
200.029651391 seconds time elapsed
Signed-off-by: Eric Dumazet
Cc: Neal Cardwell
Cc: Yuchung Cheng
Acked-By: Yuchung Cheng
Signed-off-by: David S. Miller -
Otherwise we end up dereferencing the already freed net->ipv6.mrt pointer
which leads to a panic (from Srivatsa S. Bhat):BUG: unable to handle kernel paging request at ffff882018552020
IP: [] ip6mr_sk_done+0x32/0xb0 [ipv6]
PGD 290a067 PUD 207ffe0067 PMD 207ff1d067 PTE 8000002018552060
Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
Modules linked in: ebtable_nat ebtables nfs fscache nf_conntrack_ipv4 nf_defrag_ipv4 ipt_REJECT xt_CHECKSUM iptable_mangle iptable_filter ip_tables nfsd lockd nfs_acl exportfs auth_rpcgss autofs4 sunrpc 8021q garp bridge stp llc ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter
+ip6_tables ipv6 vfat fat vhost_net macvtap macvlan vhost tun kvm_intel kvm uinput iTCO_wdt iTCO_vendor_support cdc_ether usbnet mii microcode i2c_i801 i2c_core lpc_ich mfd_core shpchp ioatdma dca mlx4_core be2net wmi acpi_cpufreq mperf ext4 jbd2 mbcache dm_mirror dm_region_hash dm_log dm_mod
CPU: 0 PID: 7 Comm: kworker/u33:0 Not tainted 3.11.0-rc1-ea45e-a #4
Hardware name: IBM -[8737R2A]-/00Y2738, BIOS -[B2E120RUS-1.20]- 11/30/2012
Workqueue: netns cleanup_net
task: ffff8810393641c0 ti: ffff881039366000 task.ti: ffff881039366000
RIP: 0010:[] [] ip6mr_sk_done+0x32/0xb0 [ipv6]
RSP: 0018:ffff881039367bd8 EFLAGS: 00010286
RAX: ffff881039367fd8 RBX: ffff882018552000 RCX: dead000000200200
RDX: 0000000000000000 RSI: ffff881039367b68 RDI: ffff881039367b68
RBP: ffff881039367bf8 R08: ffff881039367b68 R09: 2222222222222222
R10: 2222222222222222 R11: 2222222222222222 R12: ffff882015a7a040
R13: ffff882014eb89c0 R14: ffff8820289e2800 R15: 0000000000000000
FS: 0000000000000000(0000) GS:ffff88103fc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff882018552020 CR3: 0000000001c0b000 CR4: 00000000000407f0
Stack:
ffff881039367c18 ffff882014eb89c0 ffff882015e28c00 0000000000000000
ffff881039367c18 ffffffffa034d9d1 ffff8820289e2800 ffff882014eb89c0
ffff881039367c58 ffffffff815bdecb ffffffff815bddf2 ffff882014eb89c0
Call Trace:
[] rawv6_close+0x21/0x40 [ipv6]
[] inet_release+0xfb/0x220
[] ? inet_release+0x22/0x220
[] inet6_release+0x3f/0x50 [ipv6]
[] sock_release+0x29/0xa0
[] sk_release_kernel+0x30/0x70
[] icmpv6_sk_exit+0x3b/0x80 [ipv6]
[] ops_exit_list+0x39/0x60
[] cleanup_net+0xfb/0x1a0
[] process_one_work+0x1da/0x610
[] ? process_one_work+0x169/0x610
[] worker_thread+0x120/0x3a0
[] ? process_one_work+0x610/0x610
[] kthread+0xee/0x100
[] ? __init_kthread_worker+0x70/0x70
[] ret_from_fork+0x7c/0xb0
[] ? __init_kthread_worker+0x70/0x70
Code: 20 48 89 5d e8 4c 89 65 f0 4c 89 6d f8 66 66 66 66 90 4c 8b 67 30 49 89 fd e8 db 3c 1e e1 49 8b 9c 24 90 08 00 00 48 85 db 74 06 39 6b 20 74 20 bb f3 ff ff ff e8 8e 3c 1e e1 89 d8 4c 8b 65
RIP [] ip6mr_sk_done+0x32/0xb0 [ipv6]
RSP
CR2: ffff882018552020Reported-by: Srivatsa S. Bhat
Tested-by: Srivatsa S. Bhat
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
The "int addrlen" in fib6_add_1 is rebundant, as we can get it from
parameter "struct in6_addr *addr" once we modified its type.
And also fix some coding style issues in fib6_add_1Signed-off-by: Fan Du
Acked-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
Seting rt->rt6i_nsiblings to zero is rebundant, because above memset
zeroed the rest of rt excluding the first dst memember.Signed-off-by: Fan Du
Acked-by: Nicolas Dichtel
Acked-by: Hannes Frederic Sowa
Cc: Hideaki YOSHIFUJI
Cc: James Morris
Signed-off-by: David S. Miller
24 Jul, 2013
1 commit
-
This patch changes the prototpye of the ip6_mr_forward() method to return void
instead of int.The ip6_mr_forward() method always returns 0; moreover, the return value of this
method is not checked anywhere.Signed-off-by: Rami Rosen
Acked-by: Nicolas Dichtel
Signed-off-by: David S. Miller
23 Jul, 2013
1 commit
-
The first patch consolidates SYNACK and other RTT measurement to use a
central function tcp_ack_update_rtt(). A (small) bonus is now SYNACK
RTT measurement happens after PAWS check, potentially reducing the
impact of RTO seeding on bad TCP timestamps values.Signed-off-by: Yuchung Cheng
Signed-off-by: David S. Miller
17 Jul, 2013
1 commit
-
Signed-off-by: Daniel Baluta
Signed-off-by: David S. Miller
13 Jul, 2013
1 commit
-
Static routes in this case are non-expiring routes which did not get
configured by autoconf or by icmpv6 redirects.To make sure we actually get an ecmp route while searching for the first
one in this fib6_node's leafs, also make sure it matches the ecmp route
assumptions.v2:
a) Removed RTF_EXPIRE check in dst.from chain. The check of RTF_ADDRCONF
already ensures that this route, even if added again without
RTF_EXPIRES (in case of a RA announcement with infinite timeout),
does not cause the rt6i_nsiblings logic to go wrong if a later RA
updates the expiration time later.v3:
a) Allow RTF_EXPIRES routes to enter the ecmp route set. We have to do so,
because an pmtu event could update the RTF_EXPIRES flag and we would
not count this route, if another route joins this set. We now filter
only for RTF_GATEWAY|RTF_ADDRCONF|RTF_DYNAMIC, which are flags that
don't get changed after rt6_info construction.Cc: Nicolas Dichtel
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
12 Jul, 2013
1 commit
-
This is a follow-up patch to 3630d40067a21d4dfbadc6002bb469ce26ac5d52
("ipv6: rt6_check_neigh should successfully verify neigh if no NUD
information are available").Since the removal of rt->n in rt6_info we can end up with a dst ==
NULL in rt6_check_neigh. In case the kernel is not compiled with
CONFIG_IPV6_ROUTER_PREF we should also select a route with unkown
NUD state but we must not avoid doing round robin selection on routes
with the same target. So introduce and pass down a boolean ``do_rr'' to
indicate when we should update rt->rr_ptr. As soon as no route is valid
we do backtracking and do a lookup on a higher level in the fib trie.v2:
a) Improved rt6_check_neigh logic (no need to create neighbour there)
and documented return values.v3:
a) Introduce enum rt6_nud_state to get rid of the magic numbers
(thanks to David Miller).
b) Update and shorten commit message a bit to actualy reflect
the source.Reported-by: Pierre Emeriaud
Cc: YOSHIFUJI Hideaki
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
11 Jul, 2013
3 commits
-
We could end up expiring a route which is part of an ecmp route set. Doing
so would invalidate the rt->rt6i_nsiblings calculations and could provoke
the following panic:[ 80.144667] ------------[ cut here ]------------
[ 80.145172] kernel BUG at net/ipv6/ip6_fib.c:733!
[ 80.145172] invalid opcode: 0000 [#1] SMP
[ 80.145172] Modules linked in: 8021q nf_conntrack_netbios_ns nf_conntrack_broadcast ipt_MASQUERADE ip6table_mangle ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 iptable_nat nf_nat_ipv4 nf_nat iptable_mangle nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ebtable_filter ebtables ip6table_filter ip6_tables
+snd_hda_intel snd_hda_codec snd_hwdep snd_seq snd_seq_device snd_pcm snd_page_alloc snd_timer virtio_balloon snd soundcore i2c_piix4 i2c_core virtio_net virtio_blk
[ 80.145172] CPU: 1 PID: 786 Comm: ping6 Not tainted 3.10.0+ #118
[ 80.145172] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 80.145172] task: ffff880117fa0000 ti: ffff880118770000 task.ti: ffff880118770000
[ 80.145172] RIP: 0010:[] [] fib6_add+0x75d/0x830
[ 80.145172] RSP: 0018:ffff880118771798 EFLAGS: 00010202
[ 80.145172] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88011350e480
[ 80.145172] RDX: ffff88011350e238 RSI: 0000000000000004 RDI: ffff88011350f738
[ 80.145172] RBP: ffff880118771848 R08: ffff880117903280 R09: 0000000000000001
[ 80.145172] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88011350f680
[ 80.145172] R13: ffff880117903280 R14: ffff880118771890 R15: ffff88011350ef90
[ 80.145172] FS: 00007f02b5127740(0000) GS:ffff88011fd00000(0000) knlGS:0000000000000000
[ 80.145172] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 80.145172] CR2: 00007f981322a000 CR3: 00000001181b1000 CR4: 00000000000006e0
[ 80.145172] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 80.145172] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 80.145172] Stack:
[ 80.145172] 0000000000000001 ffff880100000000 ffff880100000000 ffff880117903280
[ 80.145172] 0000000000000000 ffff880119a4cf00 0000000000000400 00000000000007fa
[ 80.145172] 0000000000000000 0000000000000000 0000000000000000 ffff88011350f680
[ 80.145172] Call Trace:
[ 80.145172] [] ? rt6_bind_peer+0x4b/0x90
[ 80.145172] [] __ip6_ins_rt+0x45/0x70
[ 80.145172] [] ip6_ins_rt+0x35/0x40
[ 80.145172] [] ip6_pol_route.isra.44+0x3a4/0x4b0
[ 80.145172] [] ip6_pol_route_output+0x2a/0x30
[ 80.145172] [] fib6_rule_action+0xd7/0x210
[ 80.145172] [] ? ip6_pol_route_input+0x30/0x30
[ 80.145172] [] fib_rules_lookup+0xc6/0x140
[ 80.145172] [] fib6_rule_lookup+0x44/0x80
[ 80.145172] [] ? ip6_pol_route_input+0x30/0x30
[ 80.145172] [] ip6_route_output+0x73/0xb0
[ 80.145172] [] ip6_dst_lookup_tail+0x2c3/0x2e0
[ 80.145172] [] ? list_del+0x11/0x40
[ 80.145172] [] ? remove_wait_queue+0x3c/0x50
[ 80.145172] [] ip6_dst_lookup_flow+0x3d/0xa0
[ 80.145172] [] rawv6_sendmsg+0x267/0xc20
[ 80.145172] [] inet_sendmsg+0x63/0xb0
[ 80.145172] [] ? selinux_socket_sendmsg+0x23/0x30
[ 80.145172] [] sock_sendmsg+0xa6/0xd0
[ 80.145172] [] SYSC_sendto+0x128/0x180
[ 80.145172] [] ? update_curr+0xec/0x170
[ 80.145172] [] ? kvm_clock_get_cycles+0x9/0x10
[ 80.145172] [] ? __getnstimeofday+0x3e/0xd0
[ 80.145172] [] SyS_sendto+0xe/0x10
[ 80.145172] [] system_call_fastpath+0x16/0x1b
[ 80.145172] Code: fe ff ff 41 f6 45 2a 06 0f 85 ca fe ff ff 49 8b 7e 08 4c 89 ee e8 94 ef ff ff e9 b9 fe ff ff 48 8b 82 28 05 00 00 e9 01 ff ff ff 0b 49 8b 54 24 30 0d 00 00 40 00 89 83 14 01 00 00 48 89 53
[ 80.145172] RIP [] fib6_add+0x75d/0x830
[ 80.145172] RSP
[ 80.387413] ---[ end trace 02f20b7a8b81ed95 ]---
[ 80.390154] Kernel panic - not syncing: Fatal exception in interruptCc: Nicolas Dichtel
Cc: YOSHIFUJI Hideaki
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
Rename ndo_ll_poll to ndo_busy_poll.
Rename sk_mark_ll to sk_mark_napi_id.
Rename skb_mark_ll to skb_mark_napi_id.
Correct all useres of these functions.
Update comments and defines in include/net/busy_poll.hSigned-off-by: Eliezer Tamir
Signed-off-by: David S. Miller -
Rename the file and correct all the places where it is included.
Signed-off-by: Eliezer Tamir
Signed-off-by: David S. Miller
05 Jul, 2013
1 commit
-
The device can stand in another netns, hence we need to do the lookup in netns
tunnel->net.Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
04 Jul, 2013
4 commits
-
After the removal of rt->n we do not create a neighbour entry at route
insertion time (rt6_bind_neighbour is gone). As long as no neighbour is
created because of "useful traffic" we skip this routing entry because
rt6_check_neigh cannot pick up a valid neighbour (neigh == NULL) and
thus returns false.This change was introduced by commit
887c95cc1da53f66a5890fdeab13414613010097 ("ipv6: Complete neighbour
entry removal from dst_entry.")To quote RFC4191:
"If the host has no information about the router's reachability, then
the host assumes the router is reachable."and also:
"A host MUST NOT probe a router's reachability in the absence of useful
traffic that the host would have sent to the router if it were reachable."So, just assume the router is reachable and let's rt6_probe do the
rest. We don't need to create a neighbour on route insertion time.If we don't compile with CONFIG_IPV6_ROUTER_PREF (RFC4191 support)
a neighbour is only valid if its nud_state is NUD_VALID. I did not find
any references that we should probe the router on route insertion time
via the other RFCs. So skip this route in that case.v2:
a) use IS_ENABLED instead of #ifdefs (thanks to Sergei Shtylyov)Reported-by: Pierre Emeriaud
Cc: YOSHIFUJI Hideaki
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
ping_v6_sendmsg currently returns 0 on success. It should return
the number of bytes written instead.Signed-off-by: Lorenzo Colitti
Signed-off-by: David S. Miller -
Signed-off-by: Lorenzo Colitti
Signed-off-by: David S. Miller -
Conflicts:
drivers/net/ethernet/freescale/fec_main.c
drivers/net/ethernet/renesas/sh_eth.c
net/ipv4/gre.cThe GRE conflict is between a bug fix (kfree_skb --> kfree_skb_list)
and the splitting of the gre.c code into seperate files.The FEC conflict was two sets of changes adding ethtool support code
in an "!CONFIG_M5272" CPP protected block.Finally the sh_eth.c conflict was between one commit add bits set
in the .eesr_err_check mask whilst another commit removed the
.tx_error_check member and assignments.Signed-off-by: David S. Miller
03 Jul, 2013
2 commits
-
If the socket had an IPV6_MTU value set, ip6_append_data_mtu lost track
of this when appending the second frame on a corked socket. This results
in the following splat:[37598.993962] ------------[ cut here ]------------
[37598.994008] kernel BUG at net/core/skbuff.c:2064!
[37598.994008] invalid opcode: 0000 [#1] SMP
[37598.994008] Modules linked in: tcp_lp uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_core videodev media vfat fat usb_storage fuse ebtable_nat xt_CHECKSUM bridge stp llc ipt_MASQUERADE nf_conntrack_netbios_ns nf_conntrack_broadcast ip6table_mangle ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 iptable_nat
+nf_nat_ipv4 nf_nat iptable_mangle nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ebtable_filter ebtables ip6table_filter ip6_tables be2iscsi iscsi_boot_sysfs bnx2i cnic uio cxgb4i cxgb4 cxgb3i cxgb3 mdio libcxgbi ib_iser rdma_cm ib_addr iw_cm ib_cm ib_sa ib_mad ib_core iscsi_tcp libiscsi_tcp libiscsi
+scsi_transport_iscsi rfcomm bnep iTCO_wdt iTCO_vendor_support snd_hda_codec_conexant arc4 iwldvm mac80211 snd_hda_intel acpi_cpufreq mperf coretemp snd_hda_codec microcode cdc_wdm cdc_acm
[37598.994008] snd_hwdep cdc_ether snd_seq snd_seq_device usbnet mii joydev btusb snd_pcm bluetooth i2c_i801 e1000e lpc_ich mfd_core ptp iwlwifi pps_core snd_page_alloc mei cfg80211 snd_timer thinkpad_acpi snd tpm_tis soundcore rfkill tpm tpm_bios vhost_net tun macvtap macvlan kvm_intel kvm uinput binfmt_misc
+dm_crypt i915 i2c_algo_bit drm_kms_helper drm i2c_core wmi video
[37598.994008] CPU 0
[37598.994008] Pid: 27320, comm: t2 Not tainted 3.9.6-200.fc18.x86_64 #1 LENOVO 27744PG/27744PG
[37598.994008] RIP: 0010:[] [] skb_copy_and_csum_bits+0x325/0x330
[37598.994008] RSP: 0018:ffff88003670da18 EFLAGS: 00010202
[37598.994008] RAX: ffff88018105c018 RBX: 0000000000000004 RCX: 00000000000006c0
[37598.994008] RDX: ffff88018105a6c0 RSI: ffff88018105a000 RDI: ffff8801e1b0aa00
[37598.994008] RBP: ffff88003670da78 R08: 0000000000000000 R09: ffff88018105c040
[37598.994008] R10: ffff8801e1b0aa00 R11: 0000000000000000 R12: 000000000000fff8
[37598.994008] R13: 00000000000004fc R14: 00000000ffff0504 R15: 0000000000000000
[37598.994008] FS: 00007f28eea59740(0000) GS:ffff88023bc00000(0000) knlGS:0000000000000000
[37598.994008] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[37598.994008] CR2: 0000003d935789e0 CR3: 00000000365cb000 CR4: 00000000000407f0
[37598.994008] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[37598.994008] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[37598.994008] Process t2 (pid: 27320, threadinfo ffff88003670c000, task ffff88022c162ee0)
[37598.994008] Stack:
[37598.994008] ffff88022e098a00 ffff88020f973fc0 0000000000000008 00000000000004c8
[37598.994008] ffff88020f973fc0 00000000000004c4 ffff88003670da78 ffff8801e1b0a200
[37598.994008] 0000000000000018 00000000000004c8 ffff88020f973fc0 00000000000004c4
[37598.994008] Call Trace:
[37598.994008] [] ip6_append_data+0xccf/0xfe0
[37598.994008] [] ? ip_copy_metadata+0x1a0/0x1a0
[37598.994008] [] ? _raw_spin_lock_bh+0x16/0x40
[37598.994008] [] udpv6_sendmsg+0x1ed/0xc10
[37598.994008] [] ? sock_has_perm+0x75/0x90
[37598.994008] [] inet_sendmsg+0x63/0xb0
[37598.994008] [] ? selinux_socket_sendmsg+0x23/0x30
[37598.994008] [] sock_sendmsg+0xb0/0xe0
[37598.994008] [] ? __switch_to+0x181/0x4a0
[37598.994008] [] sys_sendto+0x12d/0x180
[37598.994008] [] ? __audit_syscall_entry+0x94/0xf0
[37598.994008] [] ? syscall_trace_enter+0x231/0x240
[37598.994008] [] tracesys+0xdd/0xe2
[37598.994008] Code: fe 07 00 00 48 c7 c7 04 28 a6 81 89 45 a0 4c 89 4d b8 44 89 5d a8 e8 1b ac b1 ff 44 8b 5d a8 4c 8b 4d b8 8b 45 a0 e9 cf fe ff ff 0b 66 0f 1f 84 00 00 00 00 00 66 66 66 66 90 55 48 89 e5 48
[37598.994008] RIP [] skb_copy_and_csum_bits+0x325/0x330
[37598.994008] RSP
[37599.007323] ---[ end trace d69f6a17f8ac8eee ]---While there, also check if path mtu discovery is activated for this
socket. The logic was adapted from ip6_append_data when first writing
on the corked socket.This bug was introduced with commit
0c1833797a5a6ec23ea9261d979aa18078720b74 ("ipv6: fix incorrect ipsec
fragment").v2:
a) Replace IPV6_PMTU_DISC_DO with IPV6_PMTUDISC_PROBE.
b) Don't pass ipv6_pinfo to ip6_append_data_mtu (suggestion by Gao
feng, thanks!).
c) Change mtu to unsigned int, else we get a warning about
non-matching types because of the min()-macro type-check.Acked-by: Gao feng
Cc: YOSHIFUJI Hideaki
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
We accidentally call down to ip6_push_pending_frames when uncorking
pending AF_INET data on a ipv6 socket. This results in the following
splat (from Dave Jones):skbuff: skb_under_panic: text:ffffffff816765f6 len:48 put:40 head:ffff88013deb6df0 data:ffff88013deb6dec tail:0x2c end:0xc0 dev:
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:126!
invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
Modules linked in: dccp_ipv4 dccp 8021q garp bridge stp dlci mpoa snd_seq_dummy sctp fuse hidp tun bnep nfnetlink scsi_transport_iscsi rfcomm can_raw can_bcm af_802154 appletalk caif_socket can caif ipt_ULOG x25 rose af_key pppoe pppox ipx phonet irda llc2 ppp_generic slhc p8023 psnap p8022 llc crc_ccitt atm bluetooth
+netrom ax25 nfc rfkill rds af_rxrpc coretemp hwmon kvm_intel kvm crc32c_intel snd_hda_codec_realtek ghash_clmulni_intel microcode pcspkr snd_hda_codec_hdmi snd_hda_intel snd_hda_codec snd_hwdep usb_debug snd_seq snd_seq_device snd_pcm e1000e snd_page_alloc snd_timer ptp snd pps_core soundcore xfs libcrc32c
CPU: 2 PID: 8095 Comm: trinity-child2 Not tainted 3.10.0-rc7+ #37
task: ffff8801f52c2520 ti: ffff8801e6430000 task.ti: ffff8801e6430000
RIP: 0010:[] [] skb_panic+0x63/0x65
RSP: 0018:ffff8801e6431de8 EFLAGS: 00010282
RAX: 0000000000000086 RBX: ffff8802353d3cc0 RCX: 0000000000000006
RDX: 0000000000003b90 RSI: ffff8801f52c2ca0 RDI: ffff8801f52c2520
RBP: ffff8801e6431e08 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000001 R12: ffff88022ea0c800
R13: ffff88022ea0cdf8 R14: ffff8802353ecb40 R15: ffffffff81cc7800
FS: 00007f5720a10740(0000) GS:ffff880244c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000005862000 CR3: 000000022843c000 CR4: 00000000001407e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Stack:
ffff88013deb6dec 000000000000002c 00000000000000c0 ffffffff81a3f6e4
ffff8801e6431e18 ffffffff8159a9aa ffff8801e6431e90 ffffffff816765f6
ffffffff810b756b 0000000700000002 ffff8801e6431e40 0000fea9292aa8c0
Call Trace:
[] skb_push+0x3a/0x40
[] ip6_push_pending_frames+0x1f6/0x4d0
[] ? mark_held_locks+0xbb/0x140
[] udp_v6_push_pending_frames+0x2b9/0x3d0
[] ? udplite_getfrag+0x20/0x20
[] udp_lib_setsockopt+0x1aa/0x1f0
[] ? fget_light+0x387/0x4f0
[] udpv6_setsockopt+0x34/0x40
[] sock_common_setsockopt+0x14/0x20
[] SyS_setsockopt+0x71/0xd0
[] tracesys+0xdd/0xe2
Code: 00 00 48 89 44 24 10 8b 87 d8 00 00 00 48 89 44 24 08 48 8b 87 e8 00 00 00 48 c7 c7 c0 04 aa 81 48 89 04 24 31 c0 e8 e1 7e ff ff 0b 55 48 89 e5 0f 0b 55 48 89 e5 0f 0b 55 48 89 e5 0f 0b 55
RIP [] skb_panic+0x63/0x65
RSPThis patch adds a check if the pending data is of address family AF_INET
and directly calls udp_push_ending_frames from udp_v6_push_pending_frames
if that is the case.This bug was found by Dave Jones with trinity.
(Also move the initialization of fl6 below the AF_INET check, even if
not strictly necessary.)Cc: Dave Jones
Cc: YOSHIFUJI Hideaki
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
02 Jul, 2013
3 commits
-
dingtianhong reported the following deadlock detected by lockdep:
======================================================
[ INFO: possible circular locking dependency detected ]
3.4.24.05-0.1-default #1 Not tainted
-------------------------------------------------------
ksoftirqd/0/3 is trying to acquire lock:
(&ndev->lock){+.+...}, at: [] ipv6_get_lladdr+0x74/0x120but task is already holding lock:
(&mc->mca_lock){+.+...}, at: [] mld_send_report+0x40/0x150which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #1 (&mc->mca_lock){+.+...}:
[] validate_chain+0x637/0x730
[] __lock_acquire+0x2f7/0x500
[] lock_acquire+0x114/0x150
[] rt_spin_lock+0x4a/0x60
[] igmp6_group_added+0x3b/0x120
[] ipv6_mc_up+0x38/0x60
[] ipv6_find_idev+0x3d/0x80
[] addrconf_notify+0x3d5/0x4b0
[] notifier_call_chain+0x3f/0x80
[] raw_notifier_call_chain+0x11/0x20
[] call_netdevice_notifiers+0x32/0x60
[] __dev_notify_flags+0x34/0x80
[] dev_change_flags+0x40/0x70
[] do_setlink+0x237/0x8a0
[] rtnl_newlink+0x3ec/0x600
[] rtnetlink_rcv_msg+0x160/0x310
[] netlink_rcv_skb+0x89/0xb0
[] rtnetlink_rcv+0x27/0x40
[] netlink_unicast+0x140/0x180
[] netlink_sendmsg+0x33e/0x380
[] sock_sendmsg+0x112/0x130
[] __sys_sendmsg+0x44e/0x460
[] sys_sendmsg+0x44/0x70
[] system_call_fastpath+0x16/0x1b-> #0 (&ndev->lock){+.+...}:
[] check_prev_add+0x3de/0x440
[] validate_chain+0x637/0x730
[] __lock_acquire+0x2f7/0x500
[] lock_acquire+0x114/0x150
[] rt_read_lock+0x42/0x60
[] ipv6_get_lladdr+0x74/0x120
[] mld_newpack+0xb6/0x160
[] add_grhead+0xab/0xc0
[] add_grec+0x3ab/0x460
[] mld_send_report+0x5a/0x150
[] igmp6_timer_handler+0x4e/0xb0
[] call_timer_fn+0xca/0x1d0
[] run_timer_softirq+0x1df/0x2e0
[] handle_pending_softirqs+0xf7/0x1f0
[] __do_softirq_common+0x7b/0xf0
[] __thread_do_softirq+0x1af/0x210
[] run_ksoftirqd+0xe1/0x1f0
[] kthread+0xae/0xc0
[] kernel_thread_helper+0x4/0x10actually we can just hold idev->lock before taking pmc->mca_lock,
and avoid taking idev->lock again when iterating idev->addr_list,
since the upper callers of mld_newpack() already take
read_lock_bh(&idev->lock).Reported-by: dingtianhong
Cc: dingtianhong
Cc: Hideaki YOSHIFUJI
Cc: David S. Miller
Cc: Hannes Frederic Sowa
Tested-by: Ding Tianhong
Tested-by: Chen Weilong
Signed-off-by: Cong Wang
Acked-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller -
There is no reason to skip ECMP lookup when oif is specified, but this implies
to check oif given by user when selecting another route.
When the new route does not match oif requirement, we simply keep the initial
one.Spotted-by: dingzhi
Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller -
Because of commit 218774dc341f219bfcf940304a081b121a0e8099 ("ipv6: add
anti-spoofing checks for 6to4 and 6rd") the sit driver dropped packets
for 2002::/16 destinations and sources even when configured to work as a
tunnel with fixed endpoint. We may only apply the 6rd/6to4 anti-spoofing
checks if the device is not in pointopoint mode.This was an oversight from me in the above commit, sorry. Thanks to
Roman Mamedov for reporting this!Reported-by: Roman Mamedov
Cc: David Miller
Cc: YOSHIFUJI Hideaki
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: David S. Miller
29 Jun, 2013
2 commits
-
RFC3590/RFC3810 specifies we should resend MLD reports as soon as a
valid link-local address is available.We now use the valid_ll_addr_cnt to check if it is necessary to resend
a new report.Changes since Flavio Leitner's version:
a) adapt for valid_ll_addr_cnt
b) resend first reports directly in the path and just arm the timer for
mc_qrv-1 resends.Reported-by: Flavio Leitner
Cc: Hideaki YOSHIFUJI
Cc: David Stevens
Signed-off-by: Hannes Frederic Sowa
Signed-off-by: Flavio Leitner
Signed-off-by: David S. Miller -
To reduce the number of unnecessary router solicitations, MLDv2 and IGMPv3
messages we need to track the number of valid (as in non-optimistic,
no-dad-failed and non-tentative) link-local addresses. Therefore, this
patch implements a valid_ll_addr_cnt in struct inet6_dev.We now only emit router solicitations if the first link-local address
finishes duplicate address detection.The changes for MLDv2 and IGMPv3 are in a follow-up patch.
While there, also simplify one if statement(one minor nit I made in one
of my previous patches):if (!...)
do();
else
return;<>
if (...)
return;
do();Cc: Flavio Leitner
Cc: YOSHIFUJI Hideaki
Cc: David Stevens
Suggested-by: David Stevens
Signed-off-by: Hannes Frederic Sowa
Acked-by: Flavio Leitner
Signed-off-by: David S. Miller