1. 27 Feb, 2019 1 commit
  2. 18 Oct, 2018 2 commits
  3. 04 Oct, 2018 1 commit
  4. 13 Sep, 2018 1 commit
  5. 02 Jul, 2018 1 commit
    • Sabrina Dubroca's avatar
      net: fix use-after-free in GRO with ESP · 603d4cf8
      Sabrina Dubroca authored
      Since the addition of GRO for ESP, gro_receive can consume the skb and
      return -EINPROGRESS. In that case, the lower layer GRO handler cannot
      touch the skb anymore.
      
      Commit 5f114163 ("net: Add a skb_gro_flush_final helper.") converted
      some of the gro_receive handlers that can lead to ESP's gro_receive so
      that they wouldn't access the skb when -EINPROGRESS is returned, but
      missed other spots, mainly in tunneling protocols.
      
      This patch finishes the conversion to using skb_gro_flush_final(), and
      adds a new helper, skb_gro_flush_final_remcsum(), used in VXLAN and
      GUE.
      
      Fixes: 5f114163 ("net: Add a skb_gro_flush_final helper.")
      Signed-off-by: default avatarSabrina Dubroca <sd@queasysnail.net>
      Reviewed-by: default avatarStefano Brivio <sbrivio@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      603d4cf8
  6. 29 Jun, 2018 1 commit
  7. 26 Jun, 2018 1 commit
    • David Miller's avatar
      net: Convert GRO SKB handling to list_head. · d4546c25
      David Miller authored
      Manage pending per-NAPI GRO packets via list_head.
      
      Return an SKB pointer from the GRO receive handlers.  When GRO receive
      handlers return non-NULL, it means that this SKB needs to be completed
      at this time and removed from the NAPI queue.
      
      Several operations are greatly simplified by this transformation,
      especially timing out the oldest SKB in the list when gro_count
      exceeds MAX_GRO_SKBS, and napi_gro_flush() which walks the queue
      in reverse order.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d4546c25
  8. 20 Apr, 2018 4 commits
  9. 27 Mar, 2018 1 commit
  10. 27 Feb, 2018 1 commit
  11. 25 Jan, 2018 1 commit
  12. 02 Jan, 2018 1 commit
    • Xin Long's avatar
      geneve: update skb dst pmtu on tx path · 52a589d5
      Xin Long authored
      Commit a93bf0ff ("vxlan: update skb dst pmtu on tx path") has fixed
      a performance issue caused by the change of lower dev's mtu for vxlan.
      
      The same thing needs to be done for geneve as well.
      
      Note that geneve cannot adjust it's mtu according to lower dev's mtu
      when creating it. The performance is very low later when netperfing
      over it without fixing the mtu manually. This patch could also avoid
      this issue.
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      52a589d5
  13. 19 Dec, 2017 1 commit
  14. 23 Nov, 2017 1 commit
  15. 15 Nov, 2017 1 commit
  16. 14 Nov, 2017 1 commit
  17. 22 Oct, 2017 1 commit
  18. 21 Oct, 2017 1 commit
  19. 11 Aug, 2017 1 commit
    • Girish Moodalbail's avatar
      geneve: use netlink_ext_ack for error reporting in rtnl operations · c5ebc440
      Girish Moodalbail authored
      Add extack error messages for failure paths while creating/modifying
      geneve devices. Once extack support is added to iproute2, more
      meaningful and helpful error messages will be displayed making it easy
      for users to discern what went wrong.
      
      Before:
      
      =======
      $ ip link add gen1 address 0:1:2:3:4:5:6 type geneve id 200 \
        remote 192.168.13.2
      RTNETLINK answers: Invalid argument
      
      After:
      ======
      $ ip link add gen1 address 0:1:2:3:4:5:6 type geneve id 200 \
        remote 192.168.13.2
      Error: Provided link layer address is not Ethernet
      
      Also, netdev_dbg() calls used to log errors associated with Netlink
      request have been removed.
      Signed-off-by: default avatarGirish Moodalbail <girish.moodalbail@oracle.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c5ebc440
  20. 10 Aug, 2017 1 commit
  21. 24 Jul, 2017 3 commits
  22. 03 Jul, 2017 1 commit
  23. 27 Jun, 2017 2 commits
  24. 16 Jun, 2017 1 commit
    • Johannes Berg's avatar
      networking: make skb_push & __skb_push return void pointers · d58ff351
      Johannes Berg authored
      It seems like a historic accident that these return unsigned char *,
      and in many places that means casts are required, more often than not.
      
      Make these functions return void * and remove all the casts across
      the tree, adding a (u8 *) cast only where the unsigned char pointer
      was used directly, all done with the following spatch:
      
          @@
          expression SKB, LEN;
          typedef u8;
          identifier fn = { skb_push, __skb_push, skb_push_rcsum };
          @@
          - *(fn(SKB, LEN))
          + *(u8 *)fn(SKB, LEN)
      
          @@
          expression E, SKB, LEN;
          identifier fn = { skb_push, __skb_push, skb_push_rcsum };
          type T;
          @@
          - E = ((T *)(fn(SKB, LEN)))
          + E = fn(SKB, LEN)
      
          @@
          expression SKB, LEN;
          identifier fn = { skb_push, __skb_push, skb_push_rcsum };
          @@
          - fn(SKB, LEN)[0]
          + *(u8 *)fn(SKB, LEN)
      
      Note that the last part there converts from push(...)[0] to the
      more idiomatic *(u8 *)push(...).
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d58ff351
  25. 09 Jun, 2017 1 commit
  26. 07 Jun, 2017 1 commit
    • David S. Miller's avatar
      net: Fix inconsistent teardown and release of private netdev state. · cf124db5
      David S. Miller authored
      Network devices can allocate reasources and private memory using
      netdev_ops->ndo_init().  However, the release of these resources
      can occur in one of two different places.
      
      Either netdev_ops->ndo_uninit() or netdev->destructor().
      
      The decision of which operation frees the resources depends upon
      whether it is necessary for all netdev refs to be released before it
      is safe to perform the freeing.
      
      netdev_ops->ndo_uninit() presumably can occur right after the
      NETDEV_UNREGISTER notifier completes and the unicast and multicast
      address lists are flushed.
      
      netdev->destructor(), on the other hand, does not run until the
      netdev references all go away.
      
      Further complicating the situation is that netdev->destructor()
      almost universally does also a free_netdev().
      
      This creates a problem for the logic in register_netdevice().
      Because all callers of register_netdevice() manage the freeing
      of the netdev, and invoke free_netdev(dev) if register_netdevice()
      fails.
      
      If netdev_ops->ndo_init() succeeds, but something else fails inside
      of register_netdevice(), it does call ndo_ops->ndo_uninit().  But
      it is not able to invoke netdev->destructor().
      
      This is because netdev->destructor() will do a free_netdev() and
      then the caller of register_netdevice() will do the same.
      
      However, this means that the resources that would normally be released
      by netdev->destructor() will not be.
      
      Over the years drivers have added local hacks to deal with this, by
      invoking their destructor parts by hand when register_netdevice()
      fails.
      
      Many drivers do not try to deal with this, and instead we have leaks.
      
      Let's close this hole by formalizing the distinction between what
      private things need to be freed up by netdev->destructor() and whether
      the driver needs unregister_netdevice() to perform the free_netdev().
      
      netdev->priv_destructor() performs all actions to free up the private
      resources that used to be freed by netdev->destructor(), except for
      free_netdev().
      
      netdev->needs_free_netdev is a boolean that indicates whether
      free_netdev() should be done at the end of unregister_netdevice().
      
      Now, register_netdevice() can sanely release all resources after
      ndo_ops->ndo_init() succeeds, by invoking both ndo_ops->ndo_uninit()
      and netdev->priv_destructor().
      
      And at the end of unregister_netdevice(), we invoke
      netdev->priv_destructor() and optionally call free_netdev().
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      cf124db5
  27. 05 Jun, 2017 1 commit
  28. 25 May, 2017 1 commit
  29. 01 May, 2017 1 commit
  30. 01 Mar, 2017 1 commit
  31. 02 Dec, 2016 1 commit
  32. 28 Nov, 2016 1 commit
  33. 21 Nov, 2016 1 commit