This project is mirrored from The repository failed to update .
Repository mirroring has been paused due to too many failed attempts, and can be resumed by a project maintainer.
Last successful update .
  1. 19 Jun, 2012 1 commit
  2. 15 May, 2012 1 commit
  3. 11 May, 2012 1 commit
  4. 24 Apr, 2012 1 commit
    • Eric Dumazet's avatar
      net: add a limit parameter to sk_add_backlog() · f545a38f
      Eric Dumazet authored
      sk_add_backlog() & sk_rcvqueues_full() hard coded sk_rcvbuf as the
      memory limit. We need to make this limit a parameter for TCP use.
      No functional change expected in this patch, all callers still using the
      old sk_rcvbuf limit.
      Signed-off-by: default avatarEric Dumazet <>
      Cc: Neal Cardwell <>
      Cc: Tom Herbert <>
      Cc: Maciej Żenczykowski <>
      Cc: Yuchung Cheng <>
      Cc: Ilpo Järvinen <>
      Cc: Rick Jones <>
      Signed-off-by: default avatarDavid S. Miller <>
  5. 21 Apr, 2012 2 commits
  6. 15 Apr, 2012 1 commit
  7. 04 Apr, 2012 1 commit
    • Thomas Graf's avatar
      sctp: Allow struct sctp_event_subscribe to grow without breaking binaries · acdd5985
      Thomas Graf authored
      getsockopt(..., SCTP_EVENTS, ...) performs a length check and returns
      an error if the user provides less bytes than the size of struct
      Struct sctp_event_subscribe needs to be extended by an u8 for every
      new event or notification type that is added.
      This obviously makes getsockopt fail for binaries that are compiled
      against an older versions of <net/sctp/user.h> which do not contain
      all event types.
      This patch changes getsockopt behaviour to no longer return an error
      if not enough bytes are being provided by the user. Instead, it
      returns as much of sctp_event_subscribe as fits into the provided buffer.
      This leads to the new behavior that users see what they have been aware
      of at compile time.
      The setsockopt(..., SCTP_EVENTS, ...) API is already behaving like this.
      Signed-off-by: default avatarThomas Graf <>
      Acked-by: default avatarVlad Yasevich <>
      Signed-off-by: default avatarDavid S. Miller <>
  8. 08 Mar, 2012 1 commit
  9. 20 Dec, 2011 1 commit
    • Thomas Graf's avatar
      sctp: Do not account for sizeof(struct sk_buff) in estimated rwnd · a76c0adf
      Thomas Graf authored
      When checking whether a DATA chunk fits into the estimated rwnd a
      full sizeof(struct sk_buff) is added to the needed chunk size. This
      quickly exhausts the available rwnd space and leads to packets being
      sent which are much below the PMTU limit. This can lead to much worse
      The reason for this behaviour was to avoid putting too much memory
      pressure on the receiver. The concept is not completely irational
      because a Linux receiver does in fact clone an skb for each DATA chunk
      delivered. However, Linux also reserves half the available socket
      buffer space for data structures therefore usage of it is already
      accounted for.
      When proposing to change this the last time it was noted that this
      behaviour was introduced to solve a performance issue caused by rwnd
      overusage in combination with small DATA chunks.
      Trying to reproduce this I found that with the sk_buff overhead removed,
      the performance would improve significantly unless socket buffer limits
      are increased.
      The following numbers have been gathered using a patched iperf
      supporting SCTP over a live 1 Gbit ethernet network. The -l option
      was used to limit DATA chunk sizes. The numbers listed are based on
      the average of 3 test runs each. Default values have been used for
      Size    Unpatched     No Overhead
         4    15.2 Kbit [!]   12.2 Mbit [!]
         8    35.8 Kbit [!]   26.0 Mbit [!]
        16    95.5 Kbit [!]   54.4 Mbit [!]
        32   106.7 Mbit      102.3 Mbit
        64   189.2 Mbit      188.3 Mbit
       128   331.2 Mbit      334.8 Mbit
       256   537.7 Mbit      536.0 Mbit
       512   766.9 Mbit      766.6 Mbit
      1024   810.1 Mbit      808.6 Mbit
      Signed-off-by: default avatarThomas Graf <>
      Signed-off-by: default avatarDavid S. Miller <>
  10. 19 Dec, 2011 1 commit
  11. 11 Dec, 2011 1 commit
  12. 02 Dec, 2011 1 commit
  13. 29 Nov, 2011 1 commit
    • Xi Wang's avatar
      sctp: better integer overflow check in sctp_auth_create_key() · c89304b8
      Xi Wang authored
      The check from commit 30c2235c is incomplete and cannot prevent
      cases like key_len = 0x80000000 (INT_MAX + 1).  In that case, the
      left-hand side of the check (INT_MAX - key_len), which is unsigned,
      becomes 0xffffffff (UINT_MAX) and bypasses the check.
      However this shouldn't be a security issue.  The function is called
      from the following two code paths:
       1) setsockopt()
       2) sctp_auth_asoc_set_secret()
      In case (1), sca_keylength is never going to exceed 65535 since it's
      bounded by a u16 from the user API.  As such, the key length will
      never overflow.
      In case (2), sca_keylength is computed based on the user key (1 short)
      and 2 * key_vector (3 shorts) for a total of 7 * USHRT_MAX, which still
      will not overflow.
      In other words, this overflow check is not really necessary.  Just
      make it more correct.
      Signed-off-by: Xi Wang's avatarXi Wang <>
      Cc: Vlad Yasevich <>
      Signed-off-by: default avatarDavid S. Miller <>
  14. 22 Nov, 2011 1 commit
  15. 08 Nov, 2011 2 commits
  16. 31 Oct, 2011 1 commit
  17. 27 Oct, 2011 1 commit
  18. 13 Oct, 2011 1 commit
    • Eric Dumazet's avatar
      net: more accurate skb truesize · 87fb4b7b
      Eric Dumazet authored
      skb truesize currently accounts for sk_buff struct and part of skb head.
      kmalloc() roundings are also ignored.
      Considering that skb_shared_info is larger than sk_buff, its time to
      take it into account for better memory accounting.
      This patch introduces SKB_TRUESIZE(X) macro to centralize various
      assumptions into a single place.
      At skb alloc phase, we put skb_shared_info struct at the exact end of
      skb head, to allow a better use of memory (lowering number of
      reallocations), since kmalloc() gives us power-of-two memory blocks.
      Unless SLUB/SLUB debug is active, both skb->head and skb_shared_info are
      aligned to cache lines, as before.
      Note: This patch might trigger performance regressions because of
      misconfigured protocol stacks, hitting per socket or global memory
      limits that were previously not reached. But its a necessary step for a
      more accurate memory accounting.
      Signed-off-by: default avatarEric Dumazet <>
      CC: Andi Kleen <>
      CC: Ben Hutchings <>
      Signed-off-by: default avatarDavid S. Miller <>
  19. 16 Sep, 2011 1 commit
    • Max Matveev's avatar
      sctp: deal with multiple COOKIE_ECHO chunks · d5ccd496
      Max Matveev authored
      Attempt to reduce the number of IP packets emitted in response to single
      SCTP packet (2e3216cd) introduced a complication - if a packet contains
      two COOKIE_ECHO chunks and nothing else then SCTP state machine corks the
      socket while processing first COOKIE_ECHO and then loses the association
      and forgets to uncork the socket. To deal with the issue add new SCTP
      command which can be used to set association explictly. Use this new
      command when processing second COOKIE_ECHO chunk to restore the context
      for SCTP state machine.
      Signed-off-by: default avatarMax Matveev <>
      Signed-off-by: default avatarDavid S. Miller <>
  20. 25 Aug, 2011 2 commits
  21. 14 Jul, 2011 1 commit
    • Michał Mirosław's avatar
      net: sctp: fix checksum marking for outgoing packets · b73c43f8
      Michał Mirosław authored
      Packets to devices without NETIF_F_SCTP_CSUM (including NETIF_F_NO_CSUM)
      should be properly checksummed because the packets can be diverted or
      rerouted after construction. This still leaves packets diverted from
      NETIF_F_SCTP_CSUM-enabled devices with broken checksums. Fixing this
      needs implementing software offload fallback in networking core.
      For users of sctp_checksum_disable, skb->ip_summed should be left as
      CHECKSUM_NONE and not CHECKSUM_UNNECESSARY as per include/linux/skbuff.h.
      Signed-off-by: default avatarMichał Mirosław <>
      Signed-off-by: default avatarDavid S. Miller <>
  22. 08 Jul, 2011 1 commit
  23. 07 Jul, 2011 3 commits
    • Thomas Graf's avatar
      sctp: Enforce retransmission limit during shutdown · f8d96052
      Thomas Graf authored
      When initiating a graceful shutdown while having data chunks
      on the retransmission queue with a peer which is in zero
      window mode the shutdown is never completed because the
      retransmission error count is reset periodically by the
      following two rules:
       - Do not timeout association while doing zero window probe.
       - Reset overall error count when a heartbeat request has
         been acknowledged.
      The graceful shutdown will wait for all outstanding TSN to
      be acknowledged before sending the SHUTDOWN request. This
      never happens due to the peer's zero window not acknowledging
      the continuously retransmitted data chunks. Although the
      error counter is incremented for each failed retransmission,
      the receiving of the SACK announcing the zero window clears
      the error count again immediately. Also heartbeat requests
      continue to be sent periodically. The peer acknowledges these
      requests causing the error counter to be reset as well.
      This patch changes behaviour to only reset the overall error
      counter for the above rules while not in shutdown. After
      reaching the maximum number of retransmission attempts, the
      T5 shutdown guard timer is scheduled to give the receiver
      some additional time to recover. The timer is stopped as soon
      as the receiver acknowledges any data.
      The issue can be easily reproduced by establishing a sctp
      association over the loopback device, constantly queueing
      data at the sender while not reading any at the receiver.
      Wait for the window to reach zero, then initiate a shutdown
      by killing both processes simultaneously. The association
      will never be freed and the chunks on the retransmission
      queue will be retransmitted indefinitely.
      Signed-off-by: default avatarThomas Graf <>
      Acked-by: default avatarVlad Yasevich <>
      Signed-off-by: default avatarDavid S. Miller <>
    • Wei Yongjun's avatar
      sctp: fix missing send up SCTP_SENDER_DRY_EVENT when subscribe it · 94912301
      Wei Yongjun authored
      We forgot to send up SCTP_SENDER_DRY_EVENT notification when
      user app subscribes to this event, and there is no data to be
      sent or retransmit.
      This is required by the Socket API and used by the DTLS/SCTP
      Reported-by: default avatarMichael Tüxen <>
      Signed-off-by: default avatarWei Yongjun <>
      Tested-by: default avatarRobin Seggelmann <>
      Signed-off-by: default avatarDavid S. Miller <>
    • Eric Dumazet's avatar
      net: refine {udp|tcp|sctp}_mem limits · f03d78db
      Eric Dumazet authored
      Current tcp/udp/sctp global memory limits are not taking into account
      hugepages allocations, and allow 50% of ram to be used by buffers of a
      single protocol [ not counting space used by sockets / inodes ...]
      Lets use nr_free_buffer_pages() and allow a default of 1/8 of kernel ram
      per protocol, and a minimum of 128 pages.
      Heavy duty machines sysadmins probably need to tweak limits anyway.
      References: default avatarstarlight <>
      Suggested-by: default avatarAndrew Morton <>
      Signed-off-by: default avatarEric Dumazet <>
      Signed-off-by: default avatarDavid S. Miller <>
  24. 01 Jul, 2011 1 commit
  25. 17 Jun, 2011 1 commit
  26. 11 Jun, 2011 1 commit
  27. 06 Jun, 2011 1 commit
  28. 02 Jun, 2011 5 commits
  29. 31 May, 2011 1 commit
  30. 25 May, 2011 1 commit
  31. 24 May, 2011 1 commit
    • Dan Rosenberg's avatar
      net: convert %p usage to %pK · 71338aa7
      Dan Rosenberg authored
      The %pK format specifier is designed to hide exposed kernel pointers,
      specifically via /proc interfaces.  Exposing these pointers provides an
      easy target for kernel write vulnerabilities, since they reveal the
      locations of writable structures containing easily triggerable function
      pointers.  The behavior of %pK depends on the kptr_restrict sysctl.
      If kptr_restrict is set to 0, no deviation from the standard %p behavior
      occurs.  If kptr_restrict is set to 1, the default, if the current user
      (intended to be a reader via seq_printf(), etc.) does not have CAP_SYSLOG
      (currently in the LSM tree), kernel pointers using %pK are printed as 0's.
       If kptr_restrict is set to 2, kernel pointers using %pK are printed as
      0's regardless of privileges.  Replacing with 0's was chosen over the
      default "(null)", which cannot be parsed by userland %p, which expects
      The supporting code for kptr_restrict and %pK are currently in the -mm
      tree.  This patch converts users of %p in net/ to %pK.  Cases of printing
      pointers to the syslog are not covered, since this would eliminate useful
      information for postmortem debugging and the reading of the syslog is
      already optionally protected by the dmesg_restrict sysctl.
      Signed-off-by: default avatarDan Rosenberg <>
      Cc: James Morris <>
      Cc: Eric Dumazet <>
      Cc: Thomas Graf <>
      Cc: Eugene Teo <>
      Cc: Kees Cook <>
      Cc: Ingo Molnar <>
      Cc: David S. Miller <>
      Cc: Peter Zijlstra <>
      Cc: Eric Paris <>
      Signed-off-by: default avatarAndrew Morton <>
      Signed-off-by: default avatarDavid S. Miller <>