- 22 Jul, 2010 1 commit
-
-
Brian Haley authored
If the interface has IPv6 disabled, don't add a multicast or link-local route since we won't be adding a link-local address. Reported-by:
Mahesh Kelkar <maheshkelkar@gmail.com> Signed-off-by:
Brian Haley <brian.haley@hp.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
- 18 Jul, 2010 1 commit
-
-
Arnaud Ebalard authored
The input handler for Type 2 Routing Header (mip6_rthdr_input()) checks if the CoA in the packet matches the CoA in the XFRM state. Current check is buggy: it compares the adddress in the Type 2 Routing Header, i.e. the HoA, against the expected CoA in the state. The comparison should be made against the address in the destination field of the IPv6 header. The bug remained unnoticed because the main (and possibly only current) user of the code (UMIP MIPv6 Daemon) initializes the XFRM state with the unspecified address, i.e. explicitly allows everything. Yoshifuji-san, can you ack that one? Signed-off-by:
Arnaud Ebalard <arno@natisbad.org> Signed-off-by:
-
- 04 Jul, 2010 1 commit
-
-
Peter Kosyh authored
While using xfrm by MARK feature in 2.6.34 - 2.6.35 kernels, the mark is always cleared in flowi structure via memset in _decode_session4 (net/ipv4/xfrm4_policy.c), so the policy lookup fails. IPv6 code is affected by this bug too. Signed-off-by:
Peter Kosyh <p.kosyh@gmail.com> Acked-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
-
- 02 Jul, 2010 1 commit
-
-
Eric Dumazet authored
We should release dst if dst->error is set. Bug introduced in 2.6.14 by commit e104411b ([XFRM]: Always release dst_entry on error in xfrm_lookup) Signed-off-by:
Patrick McHardy <kaber@trash.net>
-
- 26 Jun, 2010 1 commit
-
-
stephen hemminger authored
The addition of TLLAO option created a kernel OOPS regression for the case where neighbor advertisement is being sent via proxy path. When using proxy, ipv6_get_ifaddr() returns NULL causing the NULL dereference. Change causing the bug was: commit f7734fdf Author: Octavian Purdila <opurdila@ixiacom.com> Date: Fri Oct 2 11:39:15 2009 +0000 make TLLAO option for NA packets configurable Signed-off-by:
Stephen Hemminger <shemminger@vyatta.com> Acked-by:
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by:
-
- 09 Jun, 2010 1 commit
-
-
Eric Dumazet authored
In commit 1f8438a8 (icmp: Account for ICMP out errors), I did a typo on IPV6 side, using ICMP6_MIB_OUTMSGS instead of ICMP6_MIB_OUTERRORS Signed-off-by:
-
- 07 Jun, 2010 1 commit
-
-
Eric Dumazet authored
ipmr_rules_exit() and ip6mr_rules_exit() free a list of items, but forget to properly remove these items from list. List head is not changed and still points to freed memory. This can trigger a fault later when icmpv6_sk_exit() is called. Fix is to either reinit list, or use list_del() to properly remove items from list before freeing them. bugzilla report : https://bugzilla.kernel.org/show_bug.cgi?id=16120 Introduced by commit d1db275d (ipv6: ip6mr: support multiple tables) and commit f0ad0860 (ipv4: ipmr: support multiple tables) Reported-by:
Alex Zhavnerchik <alex.vizor@gmail.com> Signed-off-by:
-
- 06 Jun, 2010 1 commit
-
-
Eric Dumazet authored
Signed-off-by:
-
- 05 Jun, 2010 1 commit
-
-
Eric Dumazet authored
With mtu=9000, mld_newpack() use order-2 GFP_ATOMIC allocations, that are very unreliable, on machines where PAGE_SIZE=4K Limit allocated skbs to be at most one page. (order-0 allocations) Signed-off-by:
-
- 01 Jun, 2010 1 commit
-
-
Eric Dumazet authored
Correct sk_forward_alloc handling for error_queue would need to use a backlog of frames that softirq handler could not deliver because socket is owned by user thread. Or extend backlog processing to be able to process normal and error packets. Another possibility is to not use mem charge for error queue, this is what I implemented in this patch. Note: this reverts commit 29030374 (net: fix sk_forward_alloc corruptions), since we dont need to lock socket anymore. Signed-off-by:
-
- 31 May, 2010 1 commit
-
-
Eric Dumazet authored
commit f3c5c1bf (netfilter: xtables: make ip_tables reentrant) introduced a performance regression, because stackptr array is shared by all cpus, adding cache line ping pongs. (16 cpus share a 64 bytes cache line) Fix this using alloc_percpu() Signed-off-by:
Jan Engelhardt <jengelh@medozas.de> Signed-off-by:
-
- 29 May, 2010 2 commits
-
-
Eric Dumazet authored
As David found out, sock_queue_err_skb() should be called with socket lock hold, or we risk sk_forward_alloc corruption, since we use non atomic operations to update this field. This patch adds bh_lock_sock()/bh_unlock_sock() pair to three spots. (BH already disabled) 1) skb_tstamp_tx() 2) Before calling ip_icmp_error(), in __udp4_lib_err() 3) Before calling ipv6_icmp_error(), in __udp6_lib_err() Reported-by:
Anton Blanchard <anton@samba.org> Signed-off-by:
-
Brian Haley authored
Commit f4f914b5 (net: ipv6 bind to device issue) caused a regression with Mobile IPv6 when it changed the meaning of fl->oif to become a strict requirement of the route lookup. Instead, only force strict mode when sk->sk_bound_dev_if is set on the calling socket, getting the intended behavior and fixing the regression. Tested-by:
-
- 28 May, 2010 1 commit
-
-
Herbert Xu authored
Currently we disallow GSO packets on the IPv6 forward path. This patch fixes this. Note that I discovered that our existing GSO MTU checks (e.g., IPv4 forwarding) are buggy in that they skip the check altogether, when they really should be checking gso_size + header instead. I have also been lazy here in that I haven't bothered to segment the GSO packet by hand before generating an ICMP message. Someone should add that to be 100% correct. Reported-by:
Ralf Baechle <ralf@linux-mips.org> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
-
- 27 May, 2010 1 commit
-
-
Eric Dumazet authored
This new sock lock primitive was introduced to speedup some user context socket manipulation. But it is unsafe to protect two threads, one using regular lock_sock/release_sock, one using lock_sock_bh/unlock_sock_bh This patch changes lock_sock_bh to be careful against 'owned' state. If owned is found to be set, we must take the slow path. lock_sock_bh() now returns a boolean to say if the slow path was taken, and this boolean is used at unlock_sock_bh time to call the appropriate unlock function. After this change, BH are either disabled or enabled during the lock_sock_bh/unlock_sock_bh protected section. This might be misleading, so we rename these functions to lock_sock_fast()/unlock_sock_fast(). Reported-by:
-
- 26 May, 2010 1 commit
-
-
Dan Carpenter authored
This fixes a smatch warning: net/ipv4/ipmr.c +1917 __ipmr_fill_mroute(12) error: buffer overflow '(mrt)->vif_table' 32 <= 32 The ipv6 version had the same issue. Signed-off-by:
Dan Carpenter <error27@gmail.com> Signed-off-by:
-
- 18 May, 2010 7 commits
-
-
Herbert Xu authored
This patch ensures that all places that schedule the DAD timer look at the address state in a safe manner before scheduling the timer. This ensures that we don't end up with pending timers after deleting an address. Signed-off-by:
-
Herbert Xu authored
This patch makes use of the new POSTDAD state. This prevents a race between DAD completion and failure. Signed-off-by:
-
Herbert Xu authored
This patch makes use of the new state_lock to synchronise between updates to the ifa state. This fixes the issue where a remotely triggered address deletion (through DAD failure) coincides with a local administrative address deletion, causing certain actions to be performed twice incorrectly. Signed-off-by:
-
Herbert Xu authored
This patch replaces the boolean dead flag on inet6_ifaddr with a state enum. This allows us to roll back changes when deleting an address according to whether DAD has completed or not. This patch only adds the state field and does not change the logic. Signed-off-by:
-
Joe Perches authored
This patch removes from net/ (but not any netfilter files) all the unnecessary return; statements that precede the last closing brace of void functions. It does not remove the returns that are immediately preceded by a label as gcc doesn't like that. Done via: $ grep -rP --include=*.[ch] -l "return;\n}" net/ | \ xargs perl -i -e 'local $/ ; while (<>) { s/\n[ \t\n]+return;\n}/\n}/g; print; }' Signed-off-by:Joe Perches <joe@perches.com> Signed-off-by:
-
Eric Dumazet authored
skb rxhash should be cleared when a skb is handled by a tunnel before being delivered again, so that correct packet steering can take place. There are other cleanups and accounting that we can factorize in a new helper, skb_tunnel_rx() Signed-off-by:
-
Stephen Hemminger authored
The duplicate address check code got broken in the conversion to hlist (2.6.35). The earlier patch did not fix the case where two addresses match same hash value. Use two exit paths, rather than depending on state of loop variables (from macro). Based on earlier fix by Shan Wei. Signed-off-by:
Shan Wei <shanwei@cn.fujitsu.com> Signed-off-by:
-
- 17 May, 2010 1 commit
-
-
Florian Westphal authored
as addrlabels with an interface index are left alone when the interface gets removed this results in addrlabels that can no longer be removed. Restrict validation of index to adding new addrlabels. Signed-off-by:
Florian Westphal <fw@strlen.de> Signed-off-by:
-
- 16 May, 2010 1 commit
-
-
Eric Dumazet authored
TCP-MD5 sessions have intermittent failures, when route cache is invalidated. ip_queue_xmit() has to find a new route, calls sk_setup_caps(sk, &rt->u.dst), destroying the sk->sk_route_caps &= ~NETIF_F_GSO_MASK that MD5 desperately try to make all over its way (from tcp_transmit_skb() for example) So we send few bad packets, and everything is fine when tcp_transmit_skb() is called again for this socket. Since ip_queue_xmit() is at a lower level than TCP-MD5, I chose to use a socket field, sk_route_nocaps, containing bits to mask on sk_route_caps. Reported-by:
Bhaskar Dutta <bhaskie@gmail.com> Signed-off-by:
-
- 13 May, 2010 3 commits
-
-
Joe Perches authored
This patch removes from net/ netfilter files all the unnecessary return; statements that precede the last closing brace of void functions. It does not remove the returns that are immediately preceded by a label as gcc doesn't like that. Done via: $ grep -rP --include=*.[ch] -l "return;\n}" net/ | \ xargs perl -i -e 'local $/ ; while (<>) { s/\n[ \t\n]+return;\n}/\n}/g; print; }' Signed-off-by: -
Stephen Hemminger authored
Make sure all printk messages have a severity level. Signed-off-by:
-
Stephen Hemminger authored
Change netfilter asserts to standard WARN_ON. This has the benefit of backtrace info and also causes netfilter errors to show up on kerneloops.org. Signed-off-by:
-
- 11 May, 2010 11 commits
-
-
Jan Engelhardt authored
Prepare the arrays for use with the multiregister function. The future layer-3 xt matches can then be easily added to it without needing more (un)register code. Signed-off-by: -
Jan Engelhardt authored
Since xt_action_param is writable, let's use it. The pointer to 'bool hotdrop' always worried (8 bytes (64-bit) to write 1 byte!). Surprisingly results in a reduction in size: text data bss filename 5457066 692730 357892 vmlinux.o-prev 5456554 692730 357892 vmlinux.o Signed-off-by: -
Jan Engelhardt authored
In future, layer-3 matches will be an xt module of their own, and need to set the fragoff and thoff fields. Adding more pointers would needlessy increase memory requirements (esp. so for 64-bit, where pointers are wider). Signed-off-by: -
Jan Engelhardt authored
Signed-off-by: -
Jan Engelhardt authored
The structures carried - besides match/target - almost the same data. It is possible to combine them, as extensions are evaluated serially, and so, the callers end up a little smaller. text data bss filename -15318 740 104 net/ipv4/netfilter/ip_tables.o +15286 740 104 net/ipv4/netfilter/ip_tables.o -15333 540 152 net/ipv6/netfilter/ip6_tables.o +15269 540 152 net/ipv6/netfilter/ip6_tables.o Signed-off-by: -
Patrick McHardy authored
The ip6mr /proc interface (ip6_mr_cache) can't be extended to dump routes from any tables but the main table in a backwards compatible fashion since the output format ends in a variable amount of output interfaces. Introduce a new netlink interface to dump multicast routes from all tables, similar to the netlink interface for regular routes. Signed-off-by: -
Patrick McHardy authored
This patch adds support for multiple independant multicast routing instances, named "tables". Userspace multicast routing daemons can bind to a specific table instance by issuing a setsockopt call using a new option MRT6_TABLE. The table number is stored in the raw socket data and affects all following ip6mr setsockopt(), getsockopt() and ioctl() calls. By default, a single table (RT6_TABLE_DFLT) is created with a default routing rule pointing to it. Newly created pim6reg devices have the table number appended ("pim6regX"), with the exception of devices created in the default table, which are named just "pim6reg" for compatibility reasons. Packets are directed to a specific table instance using routing rules, similar to how regular routing rules work. Currently iif, oif and mark are supported as keys, source and destination addresses could be supported additionally. Example usage: - bind pimd/xorp/... to a specific table: uint32_t table = 123; setsockopt(fd, SOL_IPV6, MRT6_TABLE, &table, sizeof(table)); - create routing rules directing packets to the new table: # ip -6 mrule add iif eth0 lookup 123 # ip -6 mrule add oif eth0 lookup 123 Signed-off-by: -
Patrick McHardy authored
Signed-off-by: -
Patrick McHardy authored
Signed-off-by: -
Patrick McHardy authored
Now that cache entries in unres_queue don't need to be distinguished by their network namespace pointer anymore, we can remove it from struct mfc6_cache add pass the namespace as function argument to the functions that need it. Signed-off-by: -
Patrick McHardy authored
The unres_queue is currently shared between all namespaces. Following patches will additionally allow to create multiple multicast routing tables in each namespace. Having a single shared queue for all these users seems to excessive, move the queue and the cleanup timer to the per-namespace data to unshare it. As a side-effect, this fixes a bug in the seq file iteration functions: the first entry returned is always from the current namespace, entries returned after that may belong to any namespace. Signed-off-by:
-
- 07 May, 2010 1 commit
-
-
Bjørn Mork authored
Adding addresses and ports to the short packet log message, like ipv4/udp.c does it, makes these messages a lot more useful: [ 822.182450] UDPv6: short packet: From [2001:db8:ffb4:3::1]:47839 23715/178 to [2001:db8:ffb4:3:5054:ff:feff:200]:1234 This requires us to drop logging in case pskb_may_pull() fails, which also is consistent with ipv4/udp.c Signed-off-by:
Bjørn Mork <bjorn@mork.no> Acked-by:
-
