| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Do this by replacing sock_create_kern with inet_ctl_sock_create.
Signed-off-by: Denis V. Lunev <[email protected]>
Acked-by: Arnaldo Carvalho de Melo <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This is a generic requirement, so make inet_ctl_sock_create namespace
aware and create a inet_ctl_sock_destroy wrapper around
sk_release_kernel.
Signed-off-by: Denis V. Lunev <[email protected]>
Acked-by: Arnaldo Carvalho de Melo <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
All upper protocol layers are already use sock internally.
Signed-off-by: Denis V. Lunev <[email protected]>
Acked-by: Arnaldo Carvalho de Melo <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This call is nothing common with INET connection sockets code. It
simply creates an unhashes kernel sockets for protocol messages.
Move the new call into af_inet.c after the rename.
Signed-off-by: Denis V. Lunev <[email protected]>
Acked-by: Arnaldo Carvalho de Melo <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Anycast DST entries allocated inside ipv6_dev_ac_inc are leaked when
network device is stopped without removing IPv6 addresses from it. The
bug has been observed in the reality on 2.6.18-rhel5 kernel.
In the above case addrconf_ifdown marks all entries as obsolete and
ip6_del_rt called from __ipv6_dev_ac_dec returns ENOENT. The
referrence is not dropped.
The fix is simple. DST entry should not keep referrence when stored in
the FIB6 tree.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
In the other case it will be destroyed when last address will be removed
from lo inside a namespace. This will break IPv6 in several places. The
most obvious one is ip6_dst_ifdown.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
addrconf_ifdown is broken in respect to the usage of how
parameter. This function is called with (event != NETDEV_DOWN) and (2)
on the IPv6 stop. It the latter case inet6_dev from loopback device
should be destroyed.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
The ICMP relookup path is only meant to modify behaviour when
appropriate IPsec policies are in place and marked as requiring
relookups. It is certainly not meant to modify behaviour when
IPsec policies don't exist at all.
However, due to an oversight on the error paths existing behaviour
may in fact change should one of the relookup steps fail.
This patch corrects this by redirecting all errors on relookup
failures to the previous code path. That is, if the initial
xfrm_lookup let the packet pass, we will stand by that decision
should the relookup fail due to an error.
This should be safe from a security point-of-view because compliant
systems must install a default deny policy so the packet would'nt
have passed in that case.
Many thanks to Julian Anastasov for pointing out this error.
Signed-off-by: Herbert Xu <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
Conflicts:
drivers/net/s2io.c
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Both are identical, let's create ipv6_chk_prefix() and use it
in both places.
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
To protect PRL list, use ipip6_lock.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
This patch updates the Linux the Intra-Site Automatic Tunnel Addressing
Protocol (ISATAP) implementation. It places the ISATAP potential router
list (PRL) in the kernel and adds three new private ioctls for PRL
management.
[Add several changes of structure name, constant names etc. - yoshfuji]
Signed-off-by: Fred L. Templin <[email protected]>
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
When we encounter an error while looking up the dst the second
time we need to drop the first dst. This patch is pretty much
the same as the one for IPv4.
Signed-off-by: Herbert Xu <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
From RFC341:
A temporary address is created only if this calculated Preferred
Lifetime is greater than REGEN_ADVANCE time units. In particular, an
implementation must not create a temporary address with a zero
Preferred Lifetime.
Signed-off-by: Benoit Boissinot <[email protected]>
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
When receiving a prefix information from a routeur, only update the
lifetimes of the temporary address associated with that prefix.
Otherwise if one deprecated prefix is advertized, all your temporary
addresses will become deprecated.
Signed-off-by: Benoit Boissinot <[email protected]>
Acked-by: YOSHIFUJI Hideaki <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Do with the sockstat6 file what we've already done for the sockstat.
Same good side effect - ipv6 reassembling stats are now shown per-net.
Signed-off-by: Pavel Emelyanov <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Currently they live in init_net only, but now almost all the info
they can provide is available per-net.
Signed-off-by: Pavel Emelyanov <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This counter is about to become per-proto-and-per-net, so we'll need
two arguments to determine which cell in this "table" to work with.
All the places, but proc already pass proper net to it - proc will be
tuned a bit later.
Some indentation with spaces in proc files is done to keep the file
coding style consistent.
Signed-off-by: Pavel Emelyanov <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
In ip6_mc_input(), we need to check whether we have listener(s) for
the packet.
After commit ae7bf20a6316272acfcaef5d265b18aaa54b41e4, all packets
for multicast destinations are delivered to upper layer if
IFF_PROMISC or IFF_ALLMULTI is set.
In fact, bug was rather ancient; the original (before the commit)
intent of the dev->flags check was to skip the ipv6_chk_mcast_addr()
call, assuming L2 filters packets appropriately, but it was even not
true.
Let's explicitly check our multicast list.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
Acked-by: David L Stevens <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Move it to udp_seq_afinfo->seq_fops as should be.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
No need to have separate never-used variable.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
No need to create seq_operations for each instance of 'netstat'.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Based upon a lockdep trace from Dave Jones.
Signed-off-by: David S. Miller <[email protected]>
|
|
An uppercut - do not use the pcounter on struct proto.
Signed-off-by: Pavel Emelyanov <[email protected]>
Acked-by: Eric Dumazet <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
On Fri, 2008-03-28 at 03:24 -0700, Andrew Morton wrote:
> they should all be renamed.
Done for include/net and net
Signed-off-by: Joe Perches <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Our interest is not the whole entry of proxy neighbor but the
NTF_ROUTER flag. Let's test it explicitly.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
Conflicts:
drivers/net/usb/rndis_host.c
drivers/net/wireless/b43/dma.c
net/ipv6/ndisc.c
|
|
This elliminates infamous race during module loading when one could lookup
proc entry without proc_fops assigned.
Signed-off-by: Denis V. Lunev <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
ESP does not account for the IV size when calling pskb_may_pull() to
ensure everything it accesses directly is within the linear part of a
potential fragment. This results in a BUG() being triggered when the
both the IPv4 and IPv6 ESP stack is fed with an skb where the first
fragment ends between the end of the esp header and the end of the IV.
This bug was found by Dirk Nehring <[email protected]> .
Signed-off-by: Thomas Graf <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Make /proc/net/ip6_flowlabel show only flow labels belonging to the
current network namespace.
Signed-off-by: Benjamin Thery <[email protected]>
Signed-off-by: Daniel Lezcano <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This patch introduces a new member, fl_net, in struct ip6_flowlabel.
This allows to create labels with the same value in different namespaces.
Signed-off-by: Benjamin Thery <[email protected]>
Signed-off-by: Daniel Lezcano <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Make use of the network namespace information to have this protocol to
handle several network namespace.
Signed-off-by: Daniel Lezcano <[email protected]>
Signed-off-by: Benjamin Thery <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
The IPv6 BEET output function is incorrectly including the inner
header in the payload to be protected. This causes a crash as
the packet doesn't actually have that many bytes for a second
header.
The IPv4 BEET output on the other hand is broken when it comes
to handling an inner IPv6 header since it always assumes an
inner IPv4 header.
This patch fixes both by making sure that neither BEET output
function touches the inner header at all. All access is now
done through the protocol-independent cb structure. Two new
attributes are added to make this work, the IP header length
and the IPv4 option length. They're filled in by the inner
mode's output function.
Thanks to Joakim Koskela for finding this problem.
Signed-off-by: Herbert Xu <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
The commits f3db4851 ([NETNS][IPV6] ip6_fib - fib6_clean_all handle several
network namespaces) and 69ddb805 ([NETNS][IPV6] route6 - Make proc entry
/proc/net/rt6_stats per namespace) made some proc files per net.
Both of them introduced potential OOPS - get_proc_net can return NULL, but
this check is lost - and a struct net leak - in case single_open() fails the
previously got net is not put.
Kill all these bugs with one patch.
Signed-off-by: Pavel Emelyanov <[email protected]>
Acked-by: Daniel Lezcano <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Introduce an inline net_eq() to compare two namespaces.
Without CONFIG_NET_NS, since no namespace other than &init_net
exists, it is always 1.
We do not need to convert 1) inline vs inline and
2) inline vs &init_net comparisons.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Without CONFIG_NET_NS, no namespace other than &init_net exists,
no need to store net in seq_net_private.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Introduce per-sock inlines: sock_net(), sock_net_set()
and per-inet_timewait_sock inlines: twsk_net(), twsk_net_set().
Without CONFIG_NET_NS, no namespace other than &init_net exists.
Let's explicitly define them to help compiler optimizations.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Introduce per-net_device inlines: dev_net(), dev_net_set().
Without CONFIG_NET_NS, no namespace other than &init_net exists.
Let's explicitly define them to help compiler optimizations.
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Last part of hop-limit determination is always:
hoplimit = dst_metric(dst, RTAX_HOPLIMIT);
if (hoplimit < 0)
hoplimit = ipv6_get_hoplimit(dst->dev).
Let's consolidate it as ip6_dst_hoplimit(dst).
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
old:
| text data bss dec hex filename
| 28599 1416 96 30111 759f net/ipv6/addrconf.o
new:
| text data bss dec hex filename
| 28007 1416 96 29519 734f net/ipv6/addrconf.o
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
| % size old/net/ipv6/xfrm6_tunnel.o new/net/ipv6/xfrm6_tunnel.o
| text data bss dec hex filename
| 1606 40 2080 3726 e8e old/net/ipv6/xfrm6_tunnel.o
| 1574 40 2080 3694 e6e new/net/ipv6/xfrm6_tunnel.o
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
| % size old/net/ipv6/xfrm6_input.o new/net/ipv6/xfrm6_input.o
| text data bss dec hex filename
| 1026 0 0 1026 402 old/net/ipv6/xfrm6_input.o
| 947 0 0 947 3b3 new/net/ipv6/xfrm6_input.o
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|
|
Signed-off-by: YOSHIFUJI Hideaki <[email protected]>
|