summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* mac80211: disconnect TDLS stations on STA CSAArik Nemtsov2015-05-202-0/+32
| | | | | | | | | | | | | | | | When a station does a channel switch, it's not well defined what its TDLS peers would do. Avoid a situation when the local side marks a potentially disconnected peer as a TDLS peer. Keeping peers connected through CSA is doubly problematic with the upcoming TDLS WIDER-BW feature which allows peers to widen the BSS channel. The new channel transitioned-to might not be compatible and would require a re-negotiation anyway. Make sure to disallow new TDLS link during CSA. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: check fast-xmit on station changeMichal Kazior2015-05-201-0/+1
| | | | | | | | | | | | | | | | | | | | | Drivers with fast-xmit (e.g. ath10k) running in AP_VLAN setups would fail to communicate with connected 4addr stations. The reason was when new station associates it first goes into master AP interface. It is not until later that a dedicated AP_VLAN is created for it and the station itself is moved there. After that Tx directed at the station should use 4addr header. However fast-xmit wasn't recalculated and 3addr header remained to be used. This in turn caused the connected 4addr stations to drop packets coming from the AP until some other event would cause fast-xmit to recalculate for that station (which could never come). Signed-off-by: Michal Kazior <michal.kazior@tieto.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* cfg80211: Switch to PM opsLars-Peter Clausen2015-05-201-6/+8
| | | | | | | | Use dev_pm_ops instead of the legacy suspend/resume callbacks for the wiphy class suspend and resume operations. Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* net: rfkill: Switch to PM opsLars-Peter Clausen2015-05-201-3/+9
| | | | | | | | Use dev_pm_ops instead of the legacy suspend/resume callbacks for the rfkill class suspend and resume operations. Signed-off-by: Lars-Peter Clausen <lars@metafoo.de> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: fix memory leakJohannes Berg2015-05-201-1/+3
| | | | | | | | | My recent change here introduced a possible memory leak if the driver registers an invalid cipher schemes. This won't really happen in practice, but fix the leak nonetheless. Fixes: e3a55b5399d55 ("mac80211: validate cipher scheme PN length better") Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: fix throughput LED triggerJohannes Berg2015-05-112-7/+6
| | | | | | | | | | | | | As I was testing with hwsim, I missed that my previous commit to make LED work depend on activation broke the code because I missed removing the old trigger struct and some code was still using it, now erroneously, causing crashes. Fix this by always using the correct struct. Reported-by: Felix Fietkau <nbd@openwrt.org> Tested-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: TDLS: use the BSS chandef for HT/VHT operation IEsArik Nemtsov2015-05-111-19/+8
| | | | | | | | | | | | | The chandef of the current channel context might be wider (though compatible). The TDLS link cares only about the channel of the BSS. In addition make sure to specify the VHT operation IE when VHT is supported on a non-2.4GHz band, as required by IEEE802.11ac-2013. This is not the same as HT-operation, to be specified only if the BSS doesn't support HT. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com> Reviewed-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: check fast-xmit if IBSS STA QoS changedJohannes Berg2015-05-111-1/+4
| | | | | | | | | When an IBSS station gets QoS enabled after having been added, check fast-xmit to make sure the QoS header gets added to the cache properly and frames can go out with QoS and higher rates. Reported-by: Janusz Dziedzic <janusz.dziedzic@tieto.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: adjust reserved chan_ctx when assigned to vifAndrei Otcheretianski2015-05-071-0/+4
| | | | | | | | | | | | When a vif starts using a reserved channel context (during CSA, for example) the required chandef was recalculated, however it was never applied. This could result in using chanctx with narrower width than actually required. Fix this by calling ieee80211_change_chanctx with the recalculated chandef. This both changes the chanctx's width and recalcs min_def. Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com> Reviewed-by: Luciano Coelho <luciano.coelho@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: add missing documentation for rate_ctrl_lockJohannes Berg2015-05-061-0/+2
| | | | | | | This was missed in the previous patch, add some documentation for rate_ctrl_lock to avoid docbook warnings. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* cfg80211: change GO_CONCURRENT to IR_CONCURRENT for STAArik Nemtsov2015-05-063-20/+26
| | | | | | | | | | | | | The GO_CONCURRENT regulatory definition can be extended to station interfaces requesting to IR as part of TDLS off-channel operations. Rename the GO_CONCURRENT flag to IR_CONCURRENT and allow the added use-case. Change internal users of GO_CONCURRENT to use the new definition. Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com> Reviewed-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* cfg80211: Allow GO concurrent relaxation after BSS disconnectionAvraham Stern2015-05-061-10/+19
| | | | | | | | | | | | | | | | | | | | | | If a P2P GO was allowed on a channel because of the GO concurrent relaxation, i.e., another station interface was associated to an AP on the same channel or the same UNII band, and the station interface disconnected from the AP, allow the following use cases unless the channel is marked as indoor only and the device is not operating in an indoor environment: 1. Allow the P2P GO to stay on its current channel. The rationale behind this is that if the channel or UNII band were allowed by the AP they could still be used to continue the P2P GO operation, and avoid connection breakage. 2. Allow another P2P GO to start on the same channel or another channel that is in the same UNII band as the previous instantiated P2P GO. Signed-off-by: Avraham Stern <avraham.stern@intel.com> Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com> Signed-off-by: Ilan Peer <ilan.peer@intel.com> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: validate cipher scheme PN length betterJohannes Berg2015-05-062-5/+10
| | | | | | | | | | | | | | Currently, a cipher scheme can advertise an arbitrarily long sequence counter, but mac80211 only supports up to 16 bytes and the initial value from userspace will be truncated. Fix two things: * don't allow the driver to register anything longer than the 16 bytes that mac80211 reserves space for * require userspace to specify a starting value with the correct length (or none at all) Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: extend get_key() to return PN for all ciphersJohannes Berg2015-05-063-4/+12
| | | | | | | | For ciphers not supported by mac80211, the function currently doesn't return any PN data. Fix this by extending the driver's get_key_seq() a little more to allow moving arbitrary PN data. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: extend get_tkip_seq to all keysJohannes Berg2015-05-063-57/+87
| | | | | | | | Extend the function to read the TKIP IV32/IV16 to read the IV/PN for all ciphers in order to allow drivers with full hardware crypto to properly support this. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: remove useless skb->encapsulation checkJohannes Berg2015-05-051-6/+2
| | | | | | | No current (and planned, as far as I know) wifi devices support encapsulation checksum offload, so remove the useless test here. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: make LED triggering depend on activationJohannes Berg2015-05-054-100/+194
| | | | | | | | | | | | | | | | When LED triggers are compiled in, but not used, mac80211 will still call them to update the status. This isn't really a problem for the assoc and radio ones, but the TX/RX (and to a certain extend TPT) ones can be called very frequently (for every packet.) In order to avoid that when they're not used, track their activation and call the corresponding trigger (and in the TPT case, account for throughput) only when the trigger is actually used by an LED. Additionally, make those trigger functions inlines since theyre only used once in the remaining code. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: make LED trigger names constJohannes Berg2015-05-051-8/+9
| | | | | | | This is just a code cleanup, make the LED trigger names const as they're not expected to be modified by drivers. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: clean up station debugfsJohannes Berg2015-05-051-84/+0
| | | | | | | | | | | | | Remove items that can be retrieved through nl80211. This also removes two items (tx_packets and tx_bytes) where only the VO counter was exposed since they are split up per AC but in the debugfs file only the first AC was shown. Also remove the useless "dev" file - the stations have long been in a sub-directory of the netdev so there's no need for that any more. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: remove sta->tx_fragments counterJohannes Berg2015-05-054-7/+1
| | | | | | | | | | This counter is unsafe with concurrent TX and is only exposed through debugfs and ethtool. Instead of trying to fix it just remove it for now, if it's really needed then it should be exposed through nl80211 and in a way that drivers that do the fragmentation in the device could support it as well. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: move dot11 counters under MAC80211_DEBUG_COUNTERSJohannes Berg2015-05-055-27/+31
| | | | | | | | | | | | | Since these counters can only be read through debugfs, there's very little point in maintaining them all the time. However, even just making them depend on debugfs is pointless - they're not normally used. Additionally a number of them aren't even concurrency safe. Move them under MAC80211_DEBUG_COUNTERS so they're normally not even compiled in. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: clean up global debugfs statisticsJohannes Berg2015-05-053-52/+28
| | | | | | | | | The debugfs statistics macros are pointlessly verbose, so change that macro to just have a single argument. While at it, remove the unused counters and rename rx_expand_skb_head2 to the better rx_expand_skb_head_defrag. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: force off channel transmission for public action framesMatti Gottlieb2015-04-241-1/+7
| | | | | | | | | | | | | | | | | | | | | Currently while associated to an AP and sending a (public) action frame to a different AP on the same channel, the action frame will be sent like a regular tx frame without going off channel. When power save is enabled this can cause problems, since the device can go into power save and miss the response to the action frame that is sent by the other AP. Force off-channel transmission to avoid this issue in case - HW offchannel is used, - the user didn't forbid transmitting frames off channel - the frame is not sent to the AP that we are associated with (if it is we assume the response would be bufferable) Signed-off-by: Matti Gottlieb <matti.gottlieb@intel.com> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> [reword commit message a bit] Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: notify the driver on reordering buffer timeoutEmmanuel Grumbach2015-04-241-0/+9
| | | | | | | | | | | | When frames time out in the reordering buffer, it is a good indication that something went wrong and the driver may want to know about that to take action or trigger debug flows. It is pointless to notify the driver about each frame that is released. Notify each time the timer fires. Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: notify the driver upon BAR RxEmmanuel Grumbach2015-04-241-0/+8
| | | | | | | | | | | | | | | | | | When we receive a BAR, this typically means that our peer doesn't hear our Block-Acks or that we can't hear its frames. Either way, it is a good indication that the link is in a bad condition. This is why it can serve as a probe to the driver. Use the event_callback callback for this. Since more events with the same data will be added in the feature, the structure that describes the data attached to the event is called in a generic name: ieee80211_ba_event. This also means that from now on, the event_callback can't sleep. Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: fix ignored HT/VHT override configsChaya Rachel Ivgi2015-04-241-21/+36
| | | | | | | | | | | | | HT and VHT override configurations were ignored during association and applied only when first beacon recived, or not applied at all. Fix the code to apply HT/VHT overrides during association. This is a bit tricky since the channel was already configured during authentication and we don't want to reconfigure it unless there's really a change. Signed-off-by: Chaya Rachel Ivgi <chaya.rachel.ivgi@intel.com> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* cfg80211: allow the plink state blocking for user managed meshChun-Yeow Yeoh2015-04-241-1/+2
| | | | | | | | | | | | | | wpa_supplicant or authsae handles the mesh peering in user space, but the plink state is still managed in kernel space. Currently, there is no implementation by wpa_supplicant or authsae to block the plink state after it is set to ESTAB. By applying this patch, we can use the "iw mesh0 station set <MAC address> plink_action block" to block the peer mesh STA. This is useful for experimenting purposes. Signed-off-by: Chun-Yeow Yeoh <yeohchunyeow@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: use per-CPU TX/RX statisticsJohannes Berg2015-04-243-12/+70
| | | | | | | | | This isn't all that relevant for RX right now, but TX can be concurrent due to multi-queue and the accounting is therefore broken. Use the standard per-CPU statistics to avoid this. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: don't update dev->trans_startJohannes Berg2015-04-241-2/+0
| | | | | | | This isn't necessary any more as the stack will automatically update the TXQ's trans_start after calling ndo_start_xmit(). Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: OCB: remove pointless check for broadcast BSSIDJohannes Berg2015-04-241-5/+1
| | | | | | | The OCB input path already checked that the BSSID is the broadcast address, so the later check can never fail. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: clean up/rename prepare_for_handlers()Johannes Berg2015-04-241-44/+36
| | | | | | | | The function really shouldn't be called prepare_for_handlers(), all it does is check if the frame should be dropped. Rename it to ieee80211_accept_frame() and clean it up a bit. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: remove IEEE80211_RX_RA_MATCHJohannes Berg2015-04-242-42/+5
| | | | | | | | With promisc support gone, only AP and P2P-Device type interfaces still clear IEEE80211_RX_RA_MATCH. In both cases this isn't really necessary though, so we can remove that flag and the code. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: remove support for IFF_PROMISCJohannes Berg2015-04-244-49/+12
| | | | | | | | | | | This support is essentially useless as typically networks are encrypted, frames will be filtered by hardware, and rate scaling will be done with the intended recipient in mind. For real monitoring of the network, the monitor mode support should be used instead. Removing it removes a lot of corner cases. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: make station hash table max_size configurableJohannes Berg2015-04-232-0/+11
| | | | | | | | | Allow debug builds to configure the station hash table maximum size in order to run with hash collisions in limited scenarios such as hwsim testing. The default remains 0 which effectively means no limit. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: allow segmentation offloadsJohannes Berg2015-04-222-25/+48
| | | | | | | | Implement the necessary software segmentation on the normal TX path so that fast-xmit can use segmentation offload if the hardware (or driver) supports it. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: allow drivers to support S/GJohannes Berg2015-04-222-1/+7
| | | | | | | | | | | | | | | If drivers want to support S/G (really just gather DMA on TX) then we can now easily support this on the fast-xmit path since it just needs to write to the ethernet header (and already has a check for that being possible.) However, disallow this on the regular TX path (which has to handle fragmentation, software crypto, etc.) by calling skb_linearize(). Also allow the related HIGHDMA since that's not interesting to the code in mac80211 at all anyway. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: allow checksum offload only in fast-xmitJohannes Berg2015-04-221-4/+20
| | | | | | | | | | | | | | | | | | | | When we go through the complete TX processing, there are a number of things like fragmentation and software crypto that require the checksum to be calculated already. In favour of maintainability, instead of adding the necessary call to skb_checksum_help() in all the places that need it, just do it once before the regular TX processing. Right now this only affects the TI wlcore and QCA ath10k drivers since they're the only ones using checksum offload. The previous commits enabled fast-xmit for them in almost all cases. For wlcore this even fixes a corner case: when a key fails to be programmed to hardware software encryption gets used, encrypting frames with a bad checksum. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: extend fast-xmit to cover IBSSJohannes Berg2015-04-221-0/+7
| | | | | | | | IBSS can be supported very easily since it uses the standard station authorization state etc. so it just needs to be covered by the header building switch statement. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: extend fast-xmit for more ciphersJohannes Berg2015-04-222-6/+44
| | | | | | | | | When crypto is offloaded then in some cases it's all handled by the device, and in others only some space for the IV must be reserved in the frame. Handle both of these cases in the fast-xmit path, up to a limit of 18 bytes of space for IVs. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: extend fast-xmit to driver fragmentationJohannes Berg2015-04-221-1/+2
| | | | | | | | If the driver handles fragmentation then it wouldn't be done in software so we can still use the fast-xmit path in that case. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: add TX fastpathJohannes Berg2015-04-228-2/+475
| | | | | | | | | | | | In order to speed up mac80211's TX path, add the "fast-xmit" cache that will cache the data frame 802.11 header and other data to be able to build the frame more quickly. This cache is rebuilt when external triggers imply changes, but a lot of the checks done per packet today are simplified away to the check for the cache. There's also a more detailed description in the code. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: lock rate controlJohannes Berg2015-04-204-5/+20
| | | | | | | | | | | | | | | | | | | | | | | | Both minstrel (reported by Sven Eckelmann) and the iwlwifi rate control aren't properly taking concurrency into account. It's likely that the same is true for other rate control algorithms. In the case of minstrel this manifests itself in crashes when an update and other data access are run concurrently, for example when the stations change bandwidth or similar. In iwlwifi, this can cause firmware crashes. Since fixing all rate control algorithms will be very difficult, just provide locking for invocations. This protects the internal data structures the algorithms maintain. I've manipulated hostapd to test this, by having it change its advertised bandwidth roughly ever 150ms. At the same time, I'm running a flood ping between the client and the AP, which causes this race of update vs. get_rate/status to easily happen on the client. With this change, the system survives this test. Reported-by: Sven Eckelmann <sven@open-mesh.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* mac80211: introduce plink lock for plink fieldsBob Copeland2015-04-203-18/+25
| | | | | | | | | | | | The mesh plink code uses sta->lock to serialize access to the plink state fields between the peer link state machine and the peer link timer. Some paths (e.g. those involving mps_qos_null_tx()) unfortunately hold this spinlock across frame tx, which is soon to be disallowed. Add a new spinlock just for plink access. Signed-off-by: Bob Copeland <me@bobcopeland.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com>
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds2015-04-1716-42/+91
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pull networking fixes from David Miller: 1) Fix verifier memory corruption and other bugs in BPF layer, from Alexei Starovoitov. 2) Add a conservative fix for doing BPF properly in the BPF classifier of the packet scheduler on ingress. Also from Alexei. 3) The SKB scrubber should not clear out the packet MARK and security label, from Herbert Xu. 4) Fix oops on rmmod in stmmac driver, from Bryan O'Donoghue. 5) Pause handling is not correct in the stmmac driver because it doesn't take into consideration the RX and TX fifo sizes. From Vince Bridgers. 6) Failure path missing unlock in FOU driver, from Wang Cong. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (44 commits) net: dsa: use DEVICE_ATTR_RW to declare temp1_max netns: remove BUG_ONs from net_generic() IB/ipoib: Fix ndo_get_iflink sfc: Fix memcpy() with const destination compiler warning. altera tse: Fix network-delays and -retransmissions after high throughput. net: remove unused 'dev' argument from netif_needs_gso() act_mirred: Fix bogus header when redirecting from VLAN inet_diag: fix access to tcp cc information tcp: tcp_get_info() should fetch socket fields once net: dsa: mv88e6xxx: Add missing initialization in mv88e6xxx_set_port_state() skbuff: Do not scrub skb mark within the same name space Revert "net: Reset secmark when scrubbing packet" bpf: fix two bugs in verification logic when accessing 'ctx' pointer bpf: fix bpf helpers to use skb->mac_header relative offsets stmmac: Configure Flow Control to work correctly based on rxfifo size stmmac: Enable unicast pause frame detect in GMAC Register 6 stmmac: Read tx-fifo-depth and rx-fifo-depth from the devicetree stmmac: Add defines and documentation for enabling flow control stmmac: Add properties for transmit and receive fifo sizes stmmac: fix oops on rmmod after assigning ip addr ...
| * net: dsa: use DEVICE_ATTR_RW to declare temp1_maxVivien Didelot2015-04-171-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | Since commit da4759c (sysfs: Use only return value from is_visible for the file mode), it is possible to reduce the permissions of a file. So declare temp1_max with the DEVICE_ATTR_RW macro and remove the write permission in dsa_hwmon_attrs_visible if set_temp_limit isn't provided. Signed-off-by: Vivien Didelot <vivien.didelot@savoirfairelinux.com> Reviewed-by: Guenter Roeck <linux@roeck-us.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * net: remove unused 'dev' argument from netif_needs_gso()Johannes Berg2015-04-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In commit 04ffcb255f22 ("net: Add ndo_gso_check") Tom originally added the 'dev' argument to be able to call ndo_gso_check(). Then later, when generalizing this in commit 5f35227ea34b ("net: Generalize ndo_gso_check to ndo_features_check") Jesse removed the call to ndo_gso_check() in netif_needs_gso() by calling the new ndo_features_check() in a different place. This made the 'dev' argument unused. Remove the unused argument and go back to the code as before. Cc: Tom Herbert <therbert@google.com> Cc: Jesse Gross <jesse@nicira.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * act_mirred: Fix bogus header when redirecting from VLANHerbert Xu2015-04-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When you redirect a VLAN device to any device, you end up with crap in af_packet on the xmit path because hard_header_len is not equal to skb->mac_len. So the redirected packet contains four extra bytes at the start which then gets interpreted as part of the MAC address. This patch fixes this by only pushing skb->mac_len. We also need to fix ifb because it tries to undo the pushing done by act_mirred. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Alexei Starovoitov <ast@plumgrid.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * inet_diag: fix access to tcp cc informationEric Dumazet2015-04-176-17/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Two different problems are fixed here : 1) inet_sk_diag_fill() might be called without socket lock held. icsk->icsk_ca_ops can change under us and module be unloaded. -> Access to freed memory. Fix this using rcu_read_lock() to prevent module unload. 2) Some TCP Congestion Control modules provide information but again this is not safe against icsk->icsk_ca_ops change and nla_put() errors were ignored. Some sockets could not get the additional info if skb was almost full. Fix this by returning a status from get_info() handlers and using rcu protection as well. Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * tcp: tcp_get_info() should fetch socket fields onceEric Dumazet2015-04-171-4/+6
| | | | | | | | | | | | | | | | | | | | | | tcp_get_info() can be called without holding socket lock, so any socket fields can change under us. Use READ_ONCE() to fetch sk_pacing_rate and sk_max_pacing_rate Fixes: 977cb0ecf82e ("tcp: add pacing_rate information into tcp_info") Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * skbuff: Do not scrub skb mark within the same name spaceHerbert Xu2015-04-161-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On Wed, Apr 15, 2015 at 05:41:26PM +0200, Nicolas Dichtel wrote: > Le 15/04/2015 15:57, Herbert Xu a écrit : > >On Wed, Apr 15, 2015 at 06:22:29PM +0800, Herbert Xu wrote: > [snip] > >Subject: skbuff: Do not scrub skb mark within the same name space > > > >The commit ea23192e8e577dfc51e0f4fc5ca113af334edff9 ("tunnels: > Maybe add a Fixes tag? > Fixes: ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") > > >harmonize cleanup done on skb on rx path") broke anyone trying to > >use netfilter marking across IPv4 tunnels. While most of the > >fields that are cleared by skb_scrub_packet don't matter, the > >netfilter mark must be preserved. > > > >This patch rearranges skb_scurb_packet to preserve the mark field. > nit: s/scurb/scrub > > Else it's fine for me. Sure. PS I used the wrong email for James the first time around. So let me repeat the question here. Should secmark be preserved or cleared across tunnels within the same name space? In fact, do our security models even support name spaces? ---8<--- The commit ea23192e8e577dfc51e0f4fc5ca113af334edff9 ("tunnels: harmonize cleanup done on skb on rx path") broke anyone trying to use netfilter marking across IPv4 tunnels. While most of the fields that are cleared by skb_scrub_packet don't matter, the netfilter mark must be preserved. This patch rearranges skb_scrub_packet to preserve the mark field. Fixes: ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>