23 May, 2013
1 commit
-
The error exit path needs err explicitly set. Otherwise it
returns success and the only caller, xfrm_output_resume(),
would oops in skb_dst(skb)->ops derefence as skb_dst(skb) is
NULL.Bug introduced in commit bb65a9cb (xfrm: removes a superfluous
check and add a statistic).Signed-off-by: Timo Teräs
Cc: Li RongQing
Cc: Steffen Klassert
Signed-off-by: David S. Miller
01 Feb, 2013
1 commit
-
Signed-off-by: Li RongQing
Signed-off-by: Steffen Klassert
07 Jan, 2013
1 commit
-
Remove the check if x->km.state equal to XFRM_STATE_VALID in
xfrm_state_check_expire(), which will be done before call
xfrm_state_check_expire().add a LINUX_MIB_XFRMOUTSTATEINVALID statistic to record the
outbound error due to invalid xfrm state.Signed-off-by: Li RongQing
Signed-off-by: Steffen Klassert
23 Mar, 2012
1 commit
-
The xfrm_state argument is unused in this function, so remove it.
Also the name xfrm_state_check_space does not really match what this
function does. It actually checks if we have enough head and tailroom
on the skb. So we rename the function to xfrm_skb_check_space.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller
28 Mar, 2011
2 commits
-
We clone the child entry in skb_dst_pop before we call
skb_dst_drop(). Otherwise we might kill the child right
before we return it to the caller.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller -
Crypto requests might return asynchronous. In this case we leave
the rcu protected region, so force a refcount on the skb's
destination entry before we enter the xfrm type input/output
handlers.This fixes a crash when a route is deleted whilst sending IPsec
data that is transformed by an asynchronous algorithm.Signed-off-by: Steffen Klassert
Signed-off-by: David S. Miller
14 Mar, 2011
2 commits
-
To support multiple versions of replay detection, we move the replay
detection functions to a separate file and make them accessible
via function pointers contained in the struct xfrm_replay.Signed-off-by: Steffen Klassert
Acked-by: Herbert Xu
Signed-off-by: David S. Miller -
To support IPsec extended sequence numbers, we split the
output sequence numbers of xfrm_skb_cb in low and high order 32 bits
and we add the high order 32 bits to the input sequence numbers.
All users are updated accordingly.Signed-off-by: Steffen Klassert
Acked-by: Herbert Xu
Signed-off-by: David S. Miller
17 Sep, 2010
1 commit
-
ip_local_out() is called with rcu_read_lock() held from ip_queue_xmit()
but not from other call sites.Reported-and-bisected-by: Nick Bowler
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
05 Jun, 2010
1 commit
-
xfrm triggers a warning if dst_pop() drops a refcount
on a noref dst. This patch changes dst_pop() to
skb_dst_pop(). skb_dst_pop() drops the refcnt only
on a refcounted dst. Also we don't clone the child
dst_entry, so it is not refcounted and we can use
skb_dst_set_noref() in xfrm_output_one().Signed-off-by: Steffen Klassert
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
30 Mar, 2010
1 commit
-
…it slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
03 Jun, 2009
1 commit
-
Define three accessors to get/set dst attached to a skb
struct dst_entry *skb_dst(const struct sk_buff *skb)
void skb_dst_set(struct sk_buff *skb, struct dst_entry *dst)
void skb_dst_drop(struct sk_buff *skb)
This one should replace occurrences of :
dst_release(skb->dst)
skb->dst = NULL;Delete skb->dst field
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
26 Nov, 2008
2 commits
-
Signed-off-by: Alexey Dobriyan
Signed-off-by: David S. Miller -
Stub senders to init_net's one temporarily.
Signed-off-by: Alexey Dobriyan
Signed-off-by: David S. Miller
30 Sep, 2008
1 commit
-
We're never supposed to shrink the headroom or tailroom. In fact,
shrinking the headroom is a fatal action.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
14 Aug, 2008
1 commit
-
Small fix removing an unnecessary intermediate variable.
Signed-off-by: Jean-Christophe DUBOIS
Signed-off-by: David S. Miller
13 May, 2008
1 commit
-
This patch adds needed_headroom/needed_tailroom members to struct
net_device and updates many places that allocate sbks to use them. Not
all of them can be converted though, and I'm sure I missed some (I
mostly grepped for LL_RESERVED_SPACE)Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller
29 Apr, 2008
1 commit
-
Some drivers have duplicated unlikely() macros. IS_ERR() already has
unlikely() in itself.This patch cleans up such pointless code.
Signed-off-by: Hirofumi Nakagawa
Acked-by: David S. Miller
Acked-by: Jeff Garzik
Cc: Paul Clements
Cc: Richard Purdie
Cc: Alessandro Zummo
Cc: David Brownell
Cc: James Bottomley
Cc: Michael Halcrow
Cc: Anton Altaparmakov
Cc: Al Viro
Cc: Carsten Otte
Cc: Patrick McHardy
Cc: Paul Mundt
Cc: Jaroslav Kysela
Cc: Takashi Iwai
Acked-by: Mike Frysinger
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
25 Mar, 2008
1 commit
-
Signed-off-by: Kazunori MIYAZAWA
Signed-off-by: David S. Miller
13 Feb, 2008
1 commit
-
Al Viro spotted a bogus use of u64 on the input sequence number which
is big-endian. This patch fixes it by giving the input sequence number
its own member in the xfrm_skb_cb structure.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
01 Feb, 2008
1 commit
-
o Outbound sequence number overflow error status
is counted as XfrmOutStateSeqError.
o Additionaly, it changes inbound sequence number replay
error name from XfrmInSeqOutOfWindow to XfrmInStateSeqError
to apply name scheme above.
o Inbound IPv4 UDP encapsuling type mismatch error is wrongly
mapped to XfrmInStateInvalid then this patch fiex the error
to XfrmInStateMismatch.Signed-off-by: Masahide NAKAMURA
Signed-off-by: David S. Miller
29 Jan, 2008
12 commits
-
Previously we made it an error on the output path if the sequence number
overflowed. However we did not set the err variable accordingly. This
patch sets err to -EOVERFLOW in that case.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
When the output transform returns EINPROGRESS due to async operation we'll
free the skb the straight away as if it were an error. This patch fixes
that so that the skb is freed when the async operation completes.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Signed-off-by: Masahide NAKAMURA
Signed-off-by: David S. Miller -
According to RFC4303, section 3.3.3 we need to drop outgoing packets which
cause the replay counter to overflow:3.3.3. Sequence Number Generation
The sender's counter is initialized to 0 when an SA is established.
The sender increments the sequence number (or ESN) counter for this
SA and inserts the low-order 32 bits of the value into the Sequence
Number field. Thus, the first packet sent using a given SA will
contain a sequence number of 1.If anti-replay is enabled (the default), the sender checks to ensure
that the counter has not cycled before inserting the new value in the
Sequence Number field. In other words, the sender MUST NOT send a
packet on an SA if doing so would cause the sequence number to cycle.
An attempt to transmit a packet that would result in sequence number
overflow is an auditable event. The audit log entry for this event
SHOULD include the SPI value, current date/time, Source Address,
Destination Address, and (in IPv6) the cleartext Flow ID.Signed-off-by: Paul Moore
Acked-by: James Morris
Signed-off-by: David S. Miller -
This patch adds a number of new IPsec audit events to meet the auditing
requirements of RFC4303. This includes audit hooks for the following events:* Could not find a valid SA [sections 2.1, 3.4.2]
. xfrm_audit_state_notfound()
. xfrm_audit_state_notfound_simple()* Sequence number overflow [section 3.3.3]
. xfrm_audit_state_replay_overflow()* Replayed packet [section 3.4.3]
. xfrm_audit_state_replay()* Integrity check failure [sections 3.4.4.1, 3.4.4.2]
. xfrm_audit_state_icvfail()While RFC4304 deals only with ESP most of the changes in this patch apply to
IPsec in general, i.e. both AH and ESP. The one case, integrity check
failure, where ESP specific code had to be modified the same was done to the
AH code for the sake of consistency.Signed-off-by: Paul Moore
Acked-by: James Morris
Signed-off-by: David S. Miller -
Signed-off-by: Masahide NAKAMURA
Signed-off-by: David S. Miller -
While merging the IPsec output path I moved the encapsulation output
operation to the top of the loop so that it sits outside of the locked
section. Unfortunately in doing so it now sits in front of the space
check as well which could be a fatal error.This patch rearranges the calls so that the space check happens as
the thing on the output path.This patch also fixes an incorrect goto should the encapsulation output
fail.Thanks to Kazunori MIYAZAWA for finding this bug.
Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
After changeset:
[NETFILTER]: Introduce NF_INET_ hook values
It always evaluates to NF_INET_POST_ROUTING.
Signed-off-by: David S. Miller
-
This patch adds support for async resumptions on output. To do so,
the transform would return -EINPROGRESS and subsequently invoke the
function xfrm_output_resume to resume processing.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
As part of the work on asynchrnous cryptographic operations, we need
to be able to resume from the spot where they occur. As such, it
helps if we isolate them to one spot.This patch moves most of the remaining family-specific processing into
the common output code.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
RO mode is the only one that requires a locked output function. So
it's easier to move the lock into that function rather than requiring
everyone else to run under the lock.In particular, this allows us to move the size check into the output
function without causing a potential dead-lock should the ICMP error
somehow hit the same SA on transmission.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Currently we use x->props.header_len when resizing on output.
However, if we're resizing at all we might as well go the whole hog
and do it for the whole dst.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
18 Oct, 2007
2 commits
-
This patch adds a new field to xfrm states called inner_mode. The existing
mode object is renamed to outer_mode.This is the first part of an attempt to fix inter-family transforms. As it
is we always use the outer family when determining which mode to use. As a
result we may end up shoving IPv4 packets into netfilter6 and vice versa.What we really want is to use the inner family for the first part of outbound
processing and the outer family for the second part. For inbound processing
we'd use the opposite pairing.I've also added a check to prevent silly combinations such as transport mode
with inter-family transforms.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Currently BEET mode does not reinject the packet back into the stack
like tunnel mode does. Since BEET should behave just like tunnel mode
this is incorrect.This patch fixes this by introducing a flags field to xfrm_mode that
tells the IPsec code whether it should terminate and reinject the packet
back into the stack.It then sets the flag for BEET and tunnel mode.
I've also added a number of missing BEET checks elsewhere where we check
whether a given mode is a tunnel or not.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
11 Oct, 2007
5 commits
-
This patch releases the lock on the state before calling x->type->output.
It also adds the lock to the spots where they're currently needed.Most of those places (all except mip6) are expected to disappear with
async crypto.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Current the x->mode->output functions store the IPv6 nh pointer in the
skb network header. This is inconvenient because the network header then
has to be fixed up before the packet can leave the IPsec stack. The mac
header field is unused on output so we can use that to store this instead.This patch does that and removes the network header fix-up in xfrm_output.
It also uses ipv6_hdr where appropriate in the x->type->output functions.
There is also a minor clean-up in esp4 to make it use the same code as
esp6 to help any subsequent effort to merge the two.Lastly it kills two redundant skb_set_* statements in BEET that were
simply copied over from transport mode.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
The lastused update check in xfrm_output can be done just as well in
the mode output function which is specific to RO.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Now that the only callers of xfrm_replay_notify are in xfrm, we can remove
the export.This patch also removes xfrm_aevent_doreplay since it's now called in just
one spot.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
The replay counter is one of only two remaining things in the output code
that requires a lock on the xfrm state (the other being the crypto). This
patch moves it into the generic xfrm_output so we can remove the lock from
the transforms themselves.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller