18 Feb, 2017
1 commit
-
[ Upstream commit 217e6fa24ce28ec87fca8da93c9016cb78028612 ]
The stack must not pass packets to device drivers that are shorter
than the minimum link layer header length.Previously, packet sockets would drop packets smaller than or equal
to dev->hard_header_len, but this has false positives. Zero length
payload is used over Ethernet. Other link layer protocols support
variable length headers. Support for validation of these protocols
removed the min length check for all protocols.Introduce an explicit dev->min_header_len parameter and drop all
packets below this value. Initially, set it to non-zero only for
Ethernet and loopback. Other protocols can follow in a patch to
net-next.Fixes: 9ed988cd5915 ("packet: validate variable length ll headers")
Reported-by: Sowmini Varadhan
Signed-off-by: Willem de Bruijn
Acked-by: Eric Dumazet
Acked-by: Sowmini Varadhan
Signed-off-by: David S. Miller
Signed-off-by: Greg Kroah-Hartman
21 Oct, 2016
1 commit
-
Currently, GRO can do unlimited recursion through the gro_receive
handlers. This was fixed for tunneling protocols by limiting tunnel GRO
to one level with encap_mark, but both VLAN and TEB still have this
problem. Thus, the kernel is vulnerable to a stack overflow, if we
receive a packet composed entirely of VLAN headers.This patch adds a recursion counter to the GRO layer to prevent stack
overflow. When a gro_receive function hits the recursion limit, GRO is
aborted for this skb and it is processed normally. This recursion
counter is put in the GRO CB, but could be turned into a percpu counter
if we run out of space in the CB.Thanks to Vladimír Beneš for the initial bug report.
Fixes: CVE-2016-7039
Fixes: 9b174d88c257 ("net: Add Transparent Ethernet Bridging GRO support.")
Fixes: 66e5133f19e9 ("vlan: Add GRO support for non hardware accelerated vlan")
Signed-off-by: Sabrina Dubroca
Reviewed-by: Jiri Benc
Acked-by: Hannes Frederic Sowa
Acked-by: Tom Herbert
Signed-off-by: David S. Miller
25 Feb, 2016
1 commit
-
We want to try and pull the L4 header in if it is available in the first
fragment. As such add the flag to indicate we want to pull the headers on
the first fragment in.Signed-off-by: Alexander Duyck
Acked-by: Tom Herbert
Signed-off-by: David S. Miller
07 Jan, 2016
1 commit
-
A repeating pattern in drivers has become to use OF node information
and, if not found, platform specific host information to extract the
ethernet address for a given device.Currently this is done with a call to of_get_mac_address() and then
some ifdef'd stuff for SPARC.Consolidate this into a portable routine, and provide the
arch_get_platform_mac_address() weak function hook for all
architectures to implement if they want.Signed-off-by: David S. Miller
29 Sep, 2015
1 commit
-
Noticed that the compiler (gcc version 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC))
generated suboptimal assembler code in eth_get_headlen().This early return coding style is usually not an issue, on super scalar CPUs,
but the compiler choose to put the return statement after this very unlikely
branch, thus creating larger jump down to the likely code path.Performance wise, I could measure slightly less L1-icache-load-misses
and less branch-misses, and an improvement of 1 nanosec with an IP-forwarding
use-case with 257 bytes packets with ixgbe (CPU i7-4790K @ 4.00GHz).Signed-off-by: Jesper Dangaard Brouer
Signed-off-by: David S. Miller
02 Sep, 2015
1 commit
-
The flags argument will allow control of the dissection process (for
instance whether to parse beyond L3).Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller
10 Aug, 2015
1 commit
-
This patch fix double word "the the" in
Documentation/DocBook/networking/API-eth-get-headlen.html
Documentation/DocBook/networking/netdev.html
Documentation/DocBook/networking.xmlThese files are generated from comment in source,
so I have to fix comment in net/ethernet/eth.c.Signed-off-by: Masanari Iida
Signed-off-by: David S. Miller
05 Jun, 2015
1 commit
-
This patch adds full IPv6 addresses into flow_keys and uses them as
input to the flow hash function. The implementation supports either
IPv4 or IPv6 addresses in a union, and selector is used to determine
how may words to input to jhash2.We also add flow_get_u32_dst and flow_get_u32_src functions which are
used to get a u32 representation of the source and destination
addresses. For IPv6, ipv6_addr_hash is called. These functions retain
getting the legacy values of src and dst in flow_keys.With this patch, Ethertype and IP protocol are now included in the
flow hash input.Signed-off-by: Tom Herbert
Signed-off-by: David S. Miller
02 Jun, 2015
1 commit
-
When we scan a packet for GRO processing, we want to see the most
common packet types in the front of the offload_base list.So add a priority field so we can handle this properly.
IPv4/IPv6 get the highest priority with the implicit zero priority
field.Next comes ethernet with a priority of 10, and then we have the MPLS
types with a priority of 15.Suggested-by: Eric Dumazet
Suggested-by: Toshiaki Makita
Signed-off-by: David S. Miller
14 May, 2015
2 commits
-
Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller -
Since these functions are defined in flow_dissector.c, move header
declarations from skbuff.h into flow_dissector.hSigned-off-by: Jiri Pirko
Signed-off-by: David S. Miller
06 May, 2015
1 commit
-
This change does two things. First it fixes a sparse error for the fact
that the __be16 degrades to an integer. Since that is actually what I am
kind of doing I am simply working around that by forcing both sides of the
comparison to u16.Also I realized on some compilers I was generating another instruction for
big endian systems such as PowerPC since it was masking the value before
doing the comparison. So to resolve that I have simply pulled the mask out
and wrapped it in an #ifndef __BIG_ENDIAN.Lastly I pulled this all out into its own function. I notices there are
similar checks in a number of other places so this function can be reused
there to help reduce overhead in these paths as well.Signed-off-by: Alexander Duyck
Signed-off-by: David S. Miller
04 May, 2015
3 commits
-
Avoid recomputing the Ethernet header location and instead just use the
pointer provided by skb->data. The problem with using eth_hdr is that the
compiler wasn't smart enough to realize that skb->head + skb->mac_header
was the same thing as skb->data before it added ETH_HLEN. By just caching
it off before calling skb_pull_inline we can avoid a few unnecessary
instructions.Signed-off-by: Alexander Duyck
Signed-off-by: David S. Miller -
This change makes it so that we process the address in
is_multicast_ether_addr at the same size as the other calls. This allows
us to avoid duplicate reads when used with other calls such as
is_zero_ether_addr or eth_addr_copy. In addition I have added a 64 bit
version of the function so in eth_type_trans we can process the destination
address as a 64 bit value throughout.Signed-off-by: Alexander Duyck
Signed-off-by: David S. Miller -
This change takes advantage of the fact that ETH_P_802_3_MIN is aligned to
512 so as a result we can actually ignore the lower 8b when comparing the
Ethertype to ETH_P_802_3_MIN. This allows us to avoid a byte swap by simply
masking the value and comparing it to the byte swapped value for
ETH_P_802_3_MIN.Signed-off-by: Alexander Duyck
Signed-off-by: David S. Miller
04 Mar, 2015
1 commit
-
Use the built-in function instead of memset.
Signed-off-by: Joe Perches
Signed-off-by: David S. Miller
03 Mar, 2015
1 commit
-
Now that there are no more users kill dev_rebuild_header and all of it's
implementations.This is long overdue.
Signed-off-by: "Eric W. Biederman"
Signed-off-by: David S. Miller
03 Jan, 2015
1 commit
-
Currently the only tunnel protocol that supports GRO with encapsulated
Ethernet is VXLAN. This pulls out the Ethernet code into a proper layer
so that it can be used by other tunnel protocols such as GRE and Geneve.Signed-off-by: Jesse Gross
Signed-off-by: David S. Miller
06 Sep, 2014
1 commit
-
This patch updates some of the flow_dissector api so that it can be used to
parse the length of ethernet buffers stored in fragments. Most of the
changes needed were to __skb_get_poff as it needed to be updated to support
sending a linear buffer instead of a skb.I have split __skb_get_poff into two functions, the first is skb_get_poff
and it retains the functionality of the original __skb_get_poff. The other
function is __skb_get_poff which now works much like __skb_flow_dissect in
relation to skb_flow_dissect in that it provides the same functionality but
works with just a data buffer and hlen instead of needing an skb.Signed-off-by: Alexander Duyck
Acked-by: Alexei Starovoitov
Signed-off-by: David S. Miller
28 Aug, 2014
1 commit
-
DSA is currently registering one packet_type function per EtherType it
needs to intercept in the receive path of a DSA-enabled Ethernet device.
Right now we have three of them: trailer, DSA and eDSA, and there might
be more in the future, this will not scale to the addition of new
protocols.This patch proceeds with adding a new layer of abstraction and two new
functions:dsa_switch_rcv() which will dispatch into the tag-protocol specific
receive function implemented by net/dsa/tag_*.cdsa_slave_xmit() which will dispatch into the tag-protocol specific
transmit function implemented by net/dsa/tag_*.cWhen we do create the per-port slave network devices, we iterate over
the switch protocol to assign the DSA-specific receive and transmit
operations.A new fake ethertype value is used: ETH_P_XDSA to illustrate the fact
that this is no longer going to look like ETH_P_DSA or ETH_P_TRAILER
like it used to be.This allows us to greatly simplify the check in eth_type_trans() and
always override the skb->protocol with ETH_P_XDSA for Ethernet switches
tagged protocol, while also reducing the number repetitive slave
netdevice_ops assignments.Signed-off-by: Florian Fainelli
Signed-off-by: David S. Miller
16 Jul, 2014
1 commit
-
Extend alloc_netdev{,_mq{,s}}() to take name_assign_type as argument, and convert
all users to pass NET_NAME_UNKNOWN.Coccinelle patch:
@@
expression sizeof_priv, name, setup, txqs, rxqs, count;
@@(
-alloc_netdev_mqs(sizeof_priv, name, setup, txqs, rxqs)
+alloc_netdev_mqs(sizeof_priv, name, NET_NAME_UNKNOWN, setup, txqs, rxqs)
|
-alloc_netdev_mq(sizeof_priv, name, setup, count)
+alloc_netdev_mq(sizeof_priv, name, NET_NAME_UNKNOWN, setup, count)
|
-alloc_netdev(sizeof_priv, name, setup)
+alloc_netdev(sizeof_priv, name, NET_NAME_UNKNOWN, setup)
)v9: move comments here from the wrong commit
Signed-off-by: Tom Gundersen
Reviewed-by: David Herrmann
Signed-off-by: David S. Miller
17 Jan, 2014
1 commit
-
eth_type_trans() can read uninitialized memory as drivers
do not necessarily pull more than 14 bytes in skb->head before
calling it.As David suggested, we can use skb_header_pointer() to
fix this without breaking some drivers that might not expect
eth_type_trans() pulling 2 additional bytes.Signed-off-by: Eric Dumazet
Cc: Ben Hutchings
Signed-off-by: David S. Miller
01 Oct, 2013
2 commits
-
Mark code path's likely/unlikely based on most common usage.
* Very few devices use dsa tags.
* Most traffic is Ethernet (not 802.2)
* No sane person uses trailer type or Novell encapsulationSigned-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
Remove old legacy comment and weird if condition.
The comment has outlived it's stay and is throwback to some
early net code (before my time). Maybe Dave remembers what it meant.Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller
21 Sep, 2013
1 commit
-
removed these checkpatch.pl warnings:
net/ethernet/eth.c:61: WARNING: Use #include instead of
net/ethernet/eth.c:136: WARNING: Prefer netdev_dbg(netdev, ... then dev_dbg(dev, ... then pr_debug(... to printk(KERN_DEBUG ...
net/ethernet/eth.c:181: ERROR: space prohibited before that close parenthesis ')'Signed-off-by: Avinash Kumar
Signed-off-by: David S. Miller
17 Jul, 2013
1 commit
-
It's just a duplicate implementation of "%*phC". Thanks to Joe
Perches for showing that we had exactly this support in the
lib/vsprintf.c code already.Signed-off-by: David S. Miller
28 Mar, 2013
1 commit
-
Add a new constant ETH_P_802_3_MIN, the minimum ethernet type for
an 802.3 frame. Frames with a lower value in the ethernet type field
are Ethernet II.Also update all the users of this value that David Miller and
I could find to use the new constant.Also correct a bug in util.c. The comparison with ETH_P_802_3_MIN
should be >= not >.As suggested by Jesse Gross.
Compile tested only.
Cc: David Miller
Cc: Jesse Gross
Cc: Karsten Keil
Cc: John W. Linville
Cc: Johannes Berg
Cc: Bart De Schuymer
Cc: Stephen Hemminger
Cc: Patrick McHardy
Cc: Marcel Holtmann
Cc: Gustavo Padovan
Cc: Johan Hedberg
Cc: linux-bluetooth@vger.kernel.org
Cc: netfilter-devel@vger.kernel.org
Cc: bridge@lists.linux-foundation.org
Cc: linux-wireless@vger.kernel.org
Cc: linux1394-devel@lists.sourceforge.net
Cc: linux-media@vger.kernel.org
Cc: netdev@vger.kernel.org
Cc: dev@openvswitch.org
Acked-by: Mauro Carvalho Chehab
Acked-by: Stefan Richter
Signed-off-by: Simon Horman
Signed-off-by: David S. Miller
22 Jan, 2013
1 commit
-
When we set mac address, software mac address in system and hardware mac
address all need to be updated. Current eth_mac_addr() doesn't allow
callers to implement error handling nicely.This patch split eth_mac_addr() to prepare part and real commit part,
then we can prepare first, and try to change hardware address, then do
the real commit if hardware address is set successfully.Signed-off-by: Stefan Hajnoczi
Signed-off-by: Amos Kong
Signed-off-by: David S. Miller
04 Jan, 2013
1 commit
-
NET_ADDR_SET is set in dev_set_mac_address() no need to alter
dev->addr_assign_type value in drivers.Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
20 Jul, 2012
1 commit
-
The Ethernet II wrapper is only used by IPX protocol, may have once
been used by Appletalk but not currently. Therefore it makes sense to
move it to the IPX dust bin and drop the exports.Build tested only.
Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller
11 Jul, 2012
1 commit
-
Fix incorrect start markers, wrapped summary lines, missing section
breaks, incorrect separators, and some name mismatches.Signed-off-by: Ben Hutchings
Signed-off-by: David S. Miller
30 Jun, 2012
1 commit
-
Introduce IFF_LIVE_ADDR_CHANGE priv_flag and use it to disable
netif_running() check in eth_mac_addr()Signed-off-by: Jiri Pirko
Signed-off-by: David S. Miller
11 May, 2012
1 commit
-
Use the new bool function ether_addr_equal_64bits to add
some clarity and reduce the likelihood for misuse of
compare_ether_addr_64bits for sorting.Done via cocci script:
$ cat compare_ether_addr_64bits.cocci
@@
expression a,b;
@@
- !compare_ether_addr_64bits(a, b)
+ ether_addr_equal_64bits(a, b)@@
expression a,b;
@@
- compare_ether_addr_64bits(a, b)
+ !ether_addr_equal_64bits(a, b)@@
expression a,b;
@@
- !ether_addr_equal_64bits(a, b) == 0
+ ether_addr_equal_64bits(a, b)@@
expression a,b;
@@
- !ether_addr_equal_64bits(a, b) != 0
+ !ether_addr_equal_64bits(a, b)@@
expression a,b;
@@
- ether_addr_equal_64bits(a, b) == 0
+ !ether_addr_equal_64bits(a, b)@@
expression a,b;
@@
- ether_addr_equal_64bits(a, b) != 0
+ ether_addr_equal_64bits(a, b)@@
expression a,b;
@@
- !!ether_addr_equal_64bits(a, b)
+ ether_addr_equal_64bits(a, b)Signed-off-by: Joe Perches
Signed-off-by: David S. Miller
16 Apr, 2012
1 commit
-
Use of "unsigned int" is preferred to bare "unsigned" in net tree.
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
29 Mar, 2012
1 commit
-
Remove all #inclusions of asm/system.h preparatory to splitting and killing
it. Performed with the following command:perl -p -i -e 's!^#\s*include\s*.*\n!!' `grep -Irl '^#\s*include\s*' *`
Signed-off-by: David Howells
13 Feb, 2012
1 commit
-
If eth_mac_addr() get called, usually if SIOCSIFHWADDR was
used to change the MAC of a ethernet device, reset the
addr_assign_type to NET_ADDR_PERM if the state was
NET_ADDR_RANDOM before. Reset the state since the MAC is
no longer random at least not from the kernel side.v2: changed to bitops, removed if()
Signed-off-by: Danny Kukawka
Signed-off-by: David S. Miller
16 Sep, 2011
1 commit
-
d88733150 introduced the IFF_SKB_TX_SHARING flag, which I unilaterally set in
ether_setup. In doing this I didn't realize that other flags (such as
IFF_XMIT_DST_RELEASE) might be set prior to calling the ether_setup routine.
This patch changes ether_setup to or in SKB_TX_SHARING so as not to
inadvertently clear other existing flags. Thanks to Pekka Riikonen for pointing
out my errorSigned-off-by: Neil Horman
Reported-by: Pekka Riikonen
CC: "David S. Miller"
Acked-by: Eric Dumazet
Signed-off-by: David S. Miller
28 Jul, 2011
1 commit
-
Pktgen attempts to transmit shared skbs to net devices, which can't be used by
some drivers as they keep state information in skbs. This patch adds a flag
marking drivers as being able to handle shared skbs in their tx path. Drivers
are defaulted to being unable to do so, but calling ether_setup enables this
flag, as 90% of the drivers calling ether_setup touch real hardware and can
handle shared skbs. A subsequent patch will audit drivers to ensure that the
flag is set properlySigned-off-by: Neil Horman
Reported-by: Jiri Pirko
CC: Robert Olsson
CC: Eric Dumazet
CC: Alexey Dobriyan
CC: David S. Miller
Signed-off-by: David S. Miller
26 Jul, 2011
1 commit
-
From: Randy Dunlap
Fix new kernel-doc warning in eth.c:
Warning(net/ethernet/eth.c:237): No description found for parameter 'type'
Signed-off-by: Randy Dunlap
Signed-off-by: David S. Miller
13 Jul, 2011
1 commit
-
Signed-off-by: David S. Miller