Re: [PATCH] net: neigh: disallow state transition DELAY->STALE in neigh_update()
Hi, Chunhui He wrote: > Hi, > > On Fri, 22 Jul 2016 10:20:01 +0300 (EEST), Julian Anastasov> wrote: >> >> Hello, >> >> On Thu, 21 Jul 2016, Chunhui He wrote: >> >>> If neigh entry was CONNECTED and address is not changed, and if new state is >>> STALE, entry state will not change. Because DELAY is not in CONNECTED, it's >>> possible to change state from DELAY to STALE. >>> >>> That is bad. Consider a host in IPv4 nerwork, a neigh entry in STALE state >>> is referenced to send packets, so goes to DELAY state. If the entry is not >>> confirmed by upper layer, it goes to PROBE state, and sends ARP request. >>> The neigh host sends ARP reply, then the entry goes to REACHABLE state. >>> But the entry state may be reseted to STALE by broadcast ARP packets, before >>> the entry goes to PROBE state. So it's possible that the entry will never go >>> to REACHABLE state, without external confirmation. >>> >>> In my case, the gateway refuses to send unicast packets to me, before it >>> sees >>> my ARP request. So it's critical to enter REACHABLE state by sending ARP >>> request, but not by external confirmation. >>> >>> This fixes neigh_update() not to change to STALE if old state is CONNECTED >>> or >>> DELAY. >>> >>> Signed-off-by: Chunhui He >>> --- >>> net/core/neighbour.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/net/core/neighbour.c b/net/core/neighbour.c >>> index 510cd62..29429eb 100644 >>> --- a/net/core/neighbour.c >>> +++ b/net/core/neighbour.c >>> @@ -1152,7 +1152,7 @@ int neigh_update(struct neighbour *neigh, const u8 >>> *lladdr, u8 new, >>> } else { >>> if (lladdr == neigh->ha && new == NUD_STALE && >>> ((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) || >>> -(old & NUD_CONNECTED)) >>> +(old & (NUD_CONNECTED | NUD_DELAY))) >>> ) >>> new = old; >>> } >> >> You change looks correct to me. But this place >> has more problems. There is no good reason to set NUD_STALE >> for any state that is NUD_VALID if address is not changed. >> This matches perfectly the comment above this code: >> NUD_STALE should change a NUD_VALID state only when >> address changes. It also means that IPv6 does not need >> to provide NEIGH_UPDATE_F_WEAK_OVERRIDE anymore when >> NEIGH_UPDATE_F_OVERRIDE is also present. >> > > The NEIGH_UPDATE_F_WEAK_OVERRIDE is confusing to me, so I choose not to deal > with the flag. IPv6 depends on WEAK_OVERRIDE. Please do not change. > >> By this way the state machine can continue with >> the resolving: NUD_STALE -> NUD_DELAY (traffic) -> >> NUD_PROBE (retries) -> NUD_REACHABLE (unicast reply) >> while the address is not changed. Your change covers only >> NUD_DELAY, not NUD_PROBE, so it is better to allow more >> retries to send. We should not give up until success (NUD_REACHABLE). >> > > I have thought about this. > The origin code allows NUD_DELAY -> NUD_STALE and NUD_PROBE -> NUD_STALE. > This part was imported to kernel since v2.1.79, I don't know clearly why it > allows that. > > My analysis: > (1) As shown in my previous mail, NUD_DELAY -> NUD_STALE may cause "dead > loop", > so it should be fixed. > > (2) But NUD_PROBE -> NUD_STALE is acceptable, because in NUD_PROBE, ARP > request > has been sent, it is sufficient to break the "dead loop". > More attempts are accomplished by the following sequence: > NUD_STALE --> NUD_DELAY -(sent req)-> NUD_PROBE -(reset by neigh_update())-> > NUD_STALE --> NUD_DELAY -(send req again)-> ... --> > NUD_REACHABLE > > > But I also agree your change. > >> Second problem: NEIGH_UPDATE_F_WEAK_OVERRIDE has no >> priority over NEIGH_UPDATE_F_ADMIN. For example, now I can not >> change from NUD_PERMANENT to NUD_STALE: >> >> # ip neigh add 192.168.168.111 lladdr 00:11:22:33:44:55 nud perm dev wlan0 >> # ip neigh show to 192.168.168.111 >> 192.168.168.111 dev wlan0 lladdr 00:11:22:33:44:55 PERMANENT >> # ip neigh change 192.168.168.111 lladdr 00:11:22:33:44:55 nud stale dev >> wlan0 >> # ip neigh show to 192.168.168.111 >> 192.168.168.111 dev wlan0 lladdr 00:11:22:33:44:55 PERMANENT >> >> IMHO, here is how this place should look: >> >> diff --git a/net/core/neighbour.c b/net/core/neighbour.c >> index 5cdc62a..2b1cb91 100644 >> --- a/net/core/neighbour.c >> +++ b/net/core/neighbour.c >> @@ -1151,10 +1151,8 @@ int neigh_update(struct neighbour *neigh, const u8 >> *lladdr, u8 new, >> goto out; >> } else { >> if (lladdr == neigh->ha && new == NUD_STALE && >> -((flags & NEIGH_UPDATE_F_WEAK_OVERRIDE) || >> - (old & NUD_CONNECTED)) >> -) >> -new = old; >> +!(flags & NEIGH_UPDATE_F_ADMIN)) >> +
Re: [PATCHv3 net-next 08/12] ipv6: introduce neighbour discovery ops
Alexander Aring wrote: > This patch introduces neighbour discovery ops callback structure. The > idea is to separate the handling for 6LoWPAN into the 6lowpan module. > > These callback offers 6lowpan different handling, such as 802.15.4 short > address handling or RFC6775 (Neighbor Discovery Optimization for IPv6 > over 6LoWPANs). > > Cc: David S. Miller> Cc: Alexey Kuznetsov > Cc: James Morris > Cc: Hideaki YOSHIFUJI > Cc: Patrick McHardy > Signed-off-by: Alexander Aring Acked-by: YOSHIFUJI Hideaki > --- > include/linux/netdevice.h | 5 ++ > include/net/ndisc.h | 197 > +- > net/ipv6/addrconf.c | 13 ++- > net/ipv6/ndisc.c | 101 > net/ipv6/route.c | 8 +- > 5 files changed, 284 insertions(+), 40 deletions(-) > > diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h > index 36e43bd..890158e 100644 > --- a/include/linux/netdevice.h > +++ b/include/linux/netdevice.h > @@ -1456,6 +1456,8 @@ enum netdev_priv_flags { > * @netdev_ops:Includes several pointers to callbacks, > * if one wants to override the ndo_*() functions > * @ethtool_ops: Management operations > + * @ndisc_ops: Includes callbacks for different IPv6 neighbour > + * discovery handling. Necessary for e.g. 6LoWPAN. > * @header_ops:Includes callbacks for creating,parsing,caching,etc > * of Layer 2 headers. > * > @@ -1672,6 +1674,9 @@ struct net_device { > #ifdef CONFIG_NET_L3_MASTER_DEV > const struct l3mdev_ops *l3mdev_ops; > #endif > +#if IS_ENABLED(CONFIG_IPV6) > + const struct ndisc_ops *ndisc_ops; > +#endif > > const struct header_ops *header_ops; > > diff --git a/include/net/ndisc.h b/include/net/ndisc.h > index c8962ad..a5e2767 100644 > --- a/include/net/ndisc.h > +++ b/include/net/ndisc.h > @@ -58,6 +58,7 @@ struct inet6_dev; > struct net_device; > struct net_proto_family; > struct sk_buff; > +struct prefix_info; > > extern struct neigh_table nd_tbl; > > @@ -110,9 +111,182 @@ struct ndisc_options { > > #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7) > > -struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len, > +struct ndisc_options *ndisc_parse_options(const struct net_device *dev, > + u8 *opt, int opt_len, > struct ndisc_options *ndopts); > > +#define NDISC_OPS_REDIRECT_DATA_SPACE2 > + > +/* > + * This structure defines the hooks for IPv6 neighbour discovery. > + * The following hooks can be defined; unless noted otherwise, they are > + * optional and can be filled with a null pointer. > + * > + * int (*is_useropt)(u8 nd_opt_type): > + * This function is called when IPv6 decide RA userspace options. if > + * this function returns 1 then the option given by nd_opt_type will > + * be handled as userspace option additional to the IPv6 options. > + * > + * int (*parse_options)(const struct net_device *dev, > + * struct nd_opt_hdr *nd_opt, > + * struct ndisc_options *ndopts): > + * This function is called while parsing ndisc ops and put each position > + * as pointer into ndopts. If this function return unequal 0, then this > + * function took care about the ndisc option, if 0 then the IPv6 ndisc > + * option parser will take care about that option. > + * > + * void (*update)(const struct net_device *dev, struct neighbour *n, > + * u32 flags, u8 icmp6_type, > + * const struct ndisc_options *ndopts): > + * This function is called when IPv6 ndisc updates the neighbour cache > + * entry. Additional options which can be updated may be previously > + * parsed by parse_opts callback and accessible over ndopts parameter. > + * > + * int (*opt_addr_space)(const struct net_device *dev, u8 icmp6_type, > + *struct neighbour *neigh, u8 *ha_buf, > + *u8 **ha): > + * This function is called when the necessary option space will be > + * calculated before allocating a skb. The parameters neigh, ha_buf > + * abd ha are available on NDISC_REDIRECT messages only. > + * > + * void (*fill_addr_option)(const struct net_device *dev, > + * struct sk_buff *skb, u8 icmp6_type, > + * const u8 *ha): > + * This function is called when the skb will finally fill the option > + * fields inside skb. NOTE: this callback should fill the option > + * fields to the skb which are previously indicated by opt_space > + * parameter. That means the decision to add such option should > + * not lost between these two callbacks, e.g. protected by interface > + * up state. > + *
Re: [PATCH 1/4] kernel: time: Add current_nw_timestamp() for network timestamps
Hi, Deepa Dinamani wrote: >>> include/linux/ip.h | 2 ++ >>> include/linux/time64.h | 3 +++ >>> kernel/time/time.c | 26 ++ >>> 3 files changed, 31 insertions(+) >>> >> Since net/ipv4/* are the only users, it is enough to put >> it in under net/ipv4/. > > time.c hosts functions that are used by individual subsystems like > current_fs_time() used by filesystems > (sometimes used by other subsystems also). > > The network timestamp function is used for both source route ip option > and timestamp icmp messages. > So it makes it difficult for it to be owned by a single layer. > This is the reason it was chosen to include here. > > Another option is to include it in the lowest layer its used: > af_inet.c. Is this what you were suggesting? > Yes, that's right. --yoshfuji > -Deepa >
Re: [RFCv3 bluetooth-next 3/4] ipv6: add ipv6_addr_prefix_copy
Hannes Frederic Sowa wrote: > > > On Sun, Nov 29, 2015, at 12:34, Alexander Aring wrote: >> This patch adds a static inline function ipv6_addr_prefix_copy which >> copies a ipv6 address prefix(argument pfx) into the ipv6 address prefix. >> The prefix len is given by plen as bits. This function mainly based on >> ipv6_addr_prefix which copies one address prefix from address into a new >> ipv6 address destination and zero all other address bits. >> >> The difference is that ipv6_addr_prefix_copy don't get a prefix from an >> ipv6 address, it sets a prefix to an ipv6 address with keeping other >> address bits. The use case is for context based address compression >> inside 6LoWPAN IPHC header which keeping ipv6 prefixes inside a context >> table to lookup address-bits without sending them. >> >> Cc: David S. Miller>> Cc: Alexey Kuznetsov >> Cc: James Morris >> Cc: Hideaki YOSHIFUJI >> Cc: Patrick McHardy >> Signed-off-by: Alexander Aring >> --- >> include/net/ipv6.h | 15 +++ >> 1 file changed, 15 insertions(+) >> >> diff --git a/include/net/ipv6.h b/include/net/ipv6.h >> index e1a10b0..cd3881e6 100644 >> --- a/include/net/ipv6.h >> +++ b/include/net/ipv6.h >> @@ -382,6 +382,21 @@ static inline void ipv6_addr_prefix(struct in6_addr >> *pfx, >> pfx->s6_addr[o] = addr->s6_addr[o] & (0xff00 >> b); >> } >> >> +static inline void ipv6_addr_prefix_copy(struct in6_addr *addr, >> +const struct in6_addr *pfx, >> +int plen) >> +{ >> + /* caller must guarantee 0 <= plen <= 128 */ >> + int o = plen >> 3, >> + b = plen & 0x7; >> + >> + memcpy(addr->s6_addr, pfx, o); >> + if (b != 0) { >> + addr->s6_addr[o] &= ~(0xff00 >> b); >> + addr->s6_addr[o] |= (pfx->s6_addr[o] & (0xff00 >> b)); >> + } >> +} >> + > > Acked-by: Hannes Frederic Sowa Acked-by: YOSHIFUJI Hideaki > -- > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- 吉藤英明 ミラクル・リナックス株式会社 技術本部 サポート部 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v4 1/2] geneve: implement support for IPv6-based tunnels
Hi, John W. Linville wrote: > Signed-off-by: John W. Linville> --- > v4: > - treat mode field of ip_tunnel_info as flags > - add a missing IS_ENABLED(CONFIG_IPV6) to geneve_rx > - remove unneeded flags field in geneve_dev > - NULL-check parameter for __geneve_sock_release > - check remote socket family for AF_UNSPEC in geneve_configure > - rename geneve_get_{rt,dst} as geneve_get_{v4_rt,v6_dst} > - refactor some error handling in the xmit paths > > v3: > - declare geneve_remote_unspec as static > > v2: > - do not require remote address for tx on metadata tunnels > - pass correct sockaddr family to udp_tun_rx_dst in geneve_rx > - accommodate both ipv4 and ipv6 sockets open on same tunnel > - move declaration of geneve_get_dst for aesthetic purposes > > drivers/net/geneve.c | 459 > +++ > include/uapi/linux/if_link.h | 1 + > 2 files changed, 377 insertions(+), 83 deletions(-) > > diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c > index 8f5c02eed47d..217b472ab9e7 100644 > --- a/drivers/net/geneve.c > +++ b/drivers/net/geneve.c > @@ -46,16 +46,25 @@ struct geneve_net { > > static int geneve_net_id; > > +union geneve_addr { > + struct sockaddr_in sin; > + struct sockaddr_in6 sin6; > + struct sockaddr sa; > +}; > + > +static union geneve_addr geneve_remote_unspec = { .sa.sa_family = AF_UNSPEC, > }; > + > /* Pseudo network device */ > struct geneve_dev { > struct hlist_node hlist; /* vni hash table */ > struct net *net;/* netns for packet i/o */ > struct net_device *dev;/* netdev for geneve tunnel */ > - struct geneve_sock *sock; /* socket used for geneve tunnel */ > + struct geneve_sock *sock4; /* IPv4 socket used for geneve tunnel */ > + struct geneve_sock *sock6; /* IPv6 socket used for geneve tunnel */ > u8 vni[3]; /* virtual network ID for tunnel */ > u8 ttl; /* TTL override */ > u8 tos; /* TOS override */ > - struct sockaddr_in remote; /* IPv4 address for link partner */ > + union geneve_addr remote; /* IP address for link partner */ > struct list_head next;/* geneve's per namespace list */ > __be16 dst_port; > bool collect_md; > @@ -103,11 +112,32 @@ static struct geneve_dev *geneve_lookup(struct > geneve_sock *gs, > vni_list_head = >vni_list[hash]; > hlist_for_each_entry_rcu(geneve, vni_list_head, hlist) { > if (!memcmp(vni, geneve->vni, sizeof(geneve->vni)) && > - addr == geneve->remote.sin_addr.s_addr) > + addr == geneve->remote.sin.sin_addr.s_addr) > + return geneve; > + } > + return NULL; > +} > + > +#if IS_ENABLED(CONFIG_IPV6) > +static struct geneve_dev *geneve6_lookup(struct geneve_sock *gs, > + struct in6_addr addr6, u8 vni[]) > +{ > + struct hlist_head *vni_list_head; > + struct geneve_dev *geneve; > + __u32 hash; > + > + /* Find the device for this VNI */ > + hash = geneve_net_vni_hash(vni); > + vni_list_head = >vni_list[hash]; > + hlist_for_each_entry_rcu(geneve, vni_list_head, hlist) { > + if (!memcmp(vni, geneve->vni, sizeof(geneve->vni)) && > + !memcmp(, >remote.sin6.sin6_addr, > + sizeof(addr6))) Please use ipv6_addr_equal(). How do you handle link-local addresses here? > return geneve; > } > return NULL; > } > +#endif > > static inline struct genevehdr *geneve_hdr(const struct sk_buff *skb) > { > @@ -121,24 +151,49 @@ static void geneve_rx(struct geneve_sock *gs, struct > sk_buff *skb) > struct metadata_dst *tun_dst = NULL; > struct geneve_dev *geneve = NULL; > struct pcpu_sw_netstats *stats; > - struct iphdr *iph; > - u8 *vni; > + struct iphdr *iph = NULL; > __be32 addr; > - int err; > + static u8 zero_vni[3]; > + u8 *vni; > + int err = 0; > + sa_family_t sa_family; > +#if IS_ENABLED(CONFIG_IPV6) > + struct ipv6hdr *ip6h = NULL; > + struct in6_addr addr6; > + static struct in6_addr zero_addr6; > +#endif > > - iph = ip_hdr(skb); /* outer IP header... */ > + sa_family = gs->sock->sk->sk_family; > > - if (gs->collect_md) { > - static u8 zero_vni[3]; > + if (sa_family == AF_INET) { > + iph = ip_hdr(skb); /* outer IP header... */ > > - vni = zero_vni; > - addr = 0; > - } else { > - vni = gnvh->vni; > - addr = iph->saddr; > - } > + if (gs->collect_md) { > + vni = zero_vni; > + addr = 0; > + } else { > + vni = gnvh->vni; > + > + addr =
Re: [PATCH net-next v2 1/2] ipv6: Re-arrange code in rt6_probe()
Martin KaFai Lau wrote: It is a prep work for the next patch to remove write_lock from rt6_probe(). 1. Reduce the number of if(neigh) check. From 4 to 1. 2. Bring the write_(un)lock() closer to the operations that the lock is protecting. Hopefully, the above make rt6_probe() more readable. Signed-off-by: Martin KaFai Lau ka...@fb.com Cc: Hannes Frederic Sowa han...@stressinduktion.org Cc: Julian Anastasov j...@ssi.bg Cc: YOSHIFUJI Hideaki hideaki.yoshif...@miraclelinux.com Acked-by: YOSHIFUJI Hideaki hideaki.yoshif...@miraclelinux.com --yoshfuji --- net/ipv6/route.c | 44 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 7f2214f..6d503db 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -545,6 +545,7 @@ static void rt6_probe_deferred(struct work_struct *w) static void rt6_probe(struct rt6_info *rt) { + struct __rt6_probe_work *work; struct neighbour *neigh; /* * Okay, this does not seem to be appropriate @@ -559,34 +560,29 @@ static void rt6_probe(struct rt6_info *rt) rcu_read_lock_bh(); neigh = __ipv6_neigh_lookup_noref(rt-dst.dev, rt-rt6i_gateway); if (neigh) { + work = NULL; write_lock(neigh-lock); - if (neigh-nud_state NUD_VALID) - goto out; - } - - if (!neigh || - time_after(jiffies, neigh-updated + rt-rt6i_idev-cnf.rtr_probe_interval)) { - struct __rt6_probe_work *work; - - work = kmalloc(sizeof(*work), GFP_ATOMIC); - - if (neigh work) - __neigh_set_probe_once(neigh); - - if (neigh) - write_unlock(neigh-lock); - - if (work) { - INIT_WORK(work-work, rt6_probe_deferred); - work-target = rt-rt6i_gateway; - dev_hold(rt-dst.dev); - work-dev = rt-dst.dev; - schedule_work(work-work); + if (!(neigh-nud_state NUD_VALID) + time_after(jiffies, +neigh-updated + +rt-rt6i_idev-cnf.rtr_probe_interval)) { + work = kmalloc(sizeof(*work), GFP_ATOMIC); + if (work) + __neigh_set_probe_once(neigh); } - } else { -out: write_unlock(neigh-lock); + } else { + work = kmalloc(sizeof(*work), GFP_ATOMIC); + } + + if (work) { + INIT_WORK(work-work, rt6_probe_deferred); + work-target = rt-rt6i_gateway; + dev_hold(rt-dst.dev); + work-dev = rt-dst.dev; + schedule_work(work-work); } + rcu_read_unlock_bh(); } #else -- 吉藤英明 hideaki.yoshif...@miraclelinux.com ミラクル・リナックス株式会社 技術本部 サポート部 -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCHv2] net/ipv6: add sysctl option accept_ra_hop_limit
Hi, Hangbin Liu wrote: Commit 6fd99094de2b (ipv6: Don't reduce hop limit for an interface) disabled accept hop limit from RA if it is higher than the current hop limit for security stuff. But this behavior kind of break the RFC definition. RFC 4861, 6.3.4. Processing Received Router Advertisements If the received Cur Hop Limit value is non-zero, the host SHOULD set its CurHopLimit variable to the received value. So add sysctl option accept_ra_hop_limit to let user choose whether accept hop limit info in RA. How about introducing minimum hop limit, instead? |commit 6fd99094de2b83d1d4c8457f2c83483b2828e75a |Author: D.S. Ljungmark ljungm...@modio.se |Date: Wed Mar 25 09:28:15 2015 +0100 | |ipv6: Don't reduce hop limit for an interface : |RFC 3756, Section 4.2.7, Parameter Spoofing | : | As an example, one possible approach to mitigate this threat is to | ignore very small hop limits. The nodes could implement a | configurable minimum hop limit, and ignore attempts to set it below | said limit. --yoshfuji Signed-off-by: Hangbin Liu liuhang...@gmail.com --- Documentation/networking/ip-sysctl.txt | 11 +++ include/linux/ipv6.h | 1 + include/uapi/linux/ipv6.h | 1 + net/ipv6/addrconf.c| 10 ++ net/ipv6/ndisc.c | 17 +++-- 5 files changed, 34 insertions(+), 6 deletions(-) diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 5fae770..778c479 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt @@ -1346,6 +1346,17 @@ accept_ra_pinfo - BOOLEAN Functional default: enabled if accept_ra is enabled. disabled if accept_ra is disabled. +accept_ra_hop_limit - INTEGER + Learn hop limit in Router Advertisement. + + Possible values are: + 0 Do not accept hop limit in Router Advertisements. + 1 Accept hop limit in Router Advertisements if it is higher + than the current hop limit. + 2 Accept hop limit in Router Advertisements anyway. + + Default: 1 + accept_ra_rt_info_max_plen - INTEGER Maximum prefix length of Route Information in RA. diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h index 82806c6..a21a9c6 100644 --- a/include/linux/ipv6.h +++ b/include/linux/ipv6.h @@ -30,6 +30,7 @@ struct ipv6_devconf { __s32 max_addresses; __s32 accept_ra_defrtr; __s32 accept_ra_pinfo; + __s32 accept_ra_hop_limit; #ifdef CONFIG_IPV6_ROUTER_PREF __s32 accept_ra_rtr_pref; __s32 rtr_probe_interval; diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h index 5efa54a..a8c1083 100644 --- a/include/uapi/linux/ipv6.h +++ b/include/uapi/linux/ipv6.h @@ -171,6 +171,7 @@ enum { DEVCONF_USE_OPTIMISTIC, DEVCONF_ACCEPT_RA_MTU, DEVCONF_STABLE_SECRET, + DEVCONF_ACCEPT_RA_HOP_LIMIT, DEVCONF_MAX }; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 21c2c81..486a7a5 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -196,6 +196,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { .accept_ra_defrtr = 1, .accept_ra_from_local = 0, .accept_ra_pinfo= 1, + .accept_ra_hop_limit= 1, #ifdef CONFIG_IPV6_ROUTER_PREF .accept_ra_rtr_pref = 1, .rtr_probe_interval = 60 * HZ, @@ -237,6 +238,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { .accept_ra_defrtr = 1, .accept_ra_from_local = 0, .accept_ra_pinfo= 1, + .accept_ra_hop_limit= 1, #ifdef CONFIG_IPV6_ROUTER_PREF .accept_ra_rtr_pref = 1, .rtr_probe_interval = 60 * HZ, @@ -4561,6 +4563,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, array[DEVCONF_MAX_ADDRESSES] = cnf-max_addresses; array[DEVCONF_ACCEPT_RA_DEFRTR] = cnf-accept_ra_defrtr; array[DEVCONF_ACCEPT_RA_PINFO] = cnf-accept_ra_pinfo; + array[DEVCONF_ACCEPT_RA_HOP_LIMIT] = cnf-accept_ra_hop_limit; #ifdef CONFIG_IPV6_ROUTER_PREF array[DEVCONF_ACCEPT_RA_RTR_PREF] = cnf-accept_ra_rtr_pref; array[DEVCONF_RTR_PROBE_INTERVAL] = @@ -5462,6 +5465,13 @@ static struct addrconf_sysctl_table .mode = 0644, .proc_handler = proc_dointvec, }, + { + .procname = accept_ra_hop_limit, + .data = ipv6_devconf.accept_ra_hop_limit, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec, + }, #ifdef
Re: [RFC PATCH v3 net-next 2/3] tcp: add in_flight to tcp_skb_cb
Hi, Lawrence Brakmo wrote: Based on comments by Neal Cardwell to tcp_nv patch: AFAICT this patch would not require an increase in the size of sk_buff cb[] if it were to take advantage of the fact that the tcp_skb_cb header.h4 and header.h6 fields are only used in the packet reception code path, and this in_flight field is only used on the transmit side. So the in_flight field could be placed in a struct that is itself placed in a union with the header union. Please make another patch only for this. That way the sender code can remember the in_flight value without requiring any extra space. And in the future other sender-side info could be stored in the tx struct, if needed. Signed-off-by: Lawrence Brakmo bra...@fb.com --- include/net/tcp.h | 13 ++--- net/ipv4/tcp_input.c | 5 - net/ipv4/tcp_output.c | 4 +++- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/include/net/tcp.h b/include/net/tcp.h index 1e6c5b04..b98d79a 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -755,11 +755,17 @@ struct tcp_skb_cb { /* 1 byte hole */ __u32 ack_seq;/* Sequence number ACK'd*/ union { - struct inet_skb_parmh4; + struct { + /* bytes in flight when this packet was sent */ + __u32 in_flight; + } tx; /* only used for outgoing skbs */ + union { + struct inet_skb_parmh4; #if IS_ENABLED(CONFIG_IPV6) - struct inet6_skb_parm h6; + struct inet6_skb_parm h6; #endif - } header; /* For incoming frames */ + } header; /* For incoming skbs */ + }; }; #define TCP_SKB_CB(__skb)((struct tcp_skb_cb *)((__skb)-cb[0])) @@ -837,6 +843,7 @@ union tcp_cc_info; struct ack_sample { u32 pkts_acked; s32 rtt_us; + u32 in_flight; }; struct tcp_congestion_ops { diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 423d3af..3ab4178 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -3068,6 +3068,7 @@ static int tcp_clean_rtx_queue(struct sock *sk, int prior_fackets, long ca_rtt_us = -1L; struct sk_buff *skb; u32 pkts_acked = 0; + u32 last_in_flight = 0; bool rtt_update; int flag = 0; @@ -3107,6 +3108,7 @@ static int tcp_clean_rtx_queue(struct sock *sk, int prior_fackets, if (!first_ackt.v64) first_ackt = last_ackt; + last_in_flight = TCP_SKB_CB(skb)-tx.in_flight; reord = min(pkts_acked, reord); if (!after(scb-end_seq, tp-high_seq)) flag |= FLAG_ORIG_SACK_ACKED; @@ -3196,7 +3198,8 @@ static int tcp_clean_rtx_queue(struct sock *sk, int prior_fackets, } if (icsk-icsk_ca_ops-pkts_acked) { - struct ack_sample sample = {pkts_acked, ca_rtt_us}; + struct ack_sample sample = {pkts_acked, ca_rtt_us, + last_in_flight}; icsk-icsk_ca_ops-pkts_acked(sk, sample); } diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 7105784..e9deab5 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -920,9 +920,12 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, int err; BUG_ON(!skb || !tcp_skb_pcount(skb)); + tp = tcp_sk(sk); if (clone_it) { skb_mstamp_get(skb-skb_mstamp); + TCP_SKB_CB(skb)-tx.in_flight = TCP_SKB_CB(skb)-end_seq + - tp-snd_una; if (unlikely(skb_cloned(skb))) skb = pskb_copy(skb, gfp_mask); @@ -933,7 +936,6 @@ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, } inet = inet_sk(sk); - tp = tcp_sk(sk); tcb = TCP_SKB_CB(skb); memset(opts, 0, sizeof(opts)); -- 吉藤英明 hideaki.yoshif...@miraclelinux.com ミラクル・リナックス株式会社 技術本部 サポート部 -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] ipv6: Fix finding best source address in ipv6_dev_get_saddr().
Hi, Tom Herbert wrote: I am testing this patch which may be a little simpler. Also idev needs to be checked after __in6_dev_get We have to select source address on *given* interface for link-local/ multicast destinations. Tom diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 4ab74d5..d631ac3 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1363,9 +1363,10 @@ static void __ipv6_dev_get_saddr(struct net *net, unsigned int prefs, const struct in6_addr *saddr, struct inet6_dev *idev, -struct ipv6_saddr_score *scores) +struct ipv6_saddr_score **in_score, +struct ipv6_saddr_score **in_hiscore) { - struct ipv6_saddr_score *score = scores[0], *hiscore = scores[1]; + struct ipv6_saddr_score *score = *in_score, *hiscore = *in_hiscore; read_lock_bh(idev-lock); list_for_each_entry(score-ifa, idev-addr_list, if_list) { @@ -1434,13 +1435,16 @@ static void __ipv6_dev_get_saddr(struct net *net, } out: read_unlock_bh(idev-lock); + *in_hiscore = hiscore; + *in_score = score; } int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, const struct in6_addr *daddr, unsigned int prefs, struct in6_addr *saddr) { - struct ipv6_saddr_score scores[2], *hiscore = scores[1]; + struct ipv6_saddr_score scores[2]; + struct ipv6_saddr_score *score = scores[0], *hiscore = scores[1]; struct ipv6_saddr_dst dst; struct inet6_dev *idev; struct net_device *dev; @@ -1475,18 +1479,19 @@ int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, if ((dst_type IPV6_ADDR_MULTICAST) || dst.scope = IPV6_ADDR_SCOPE_LINKLOCAL) { idev = __in6_dev_get(dst_dev); - use_oif_addr = true; + if (idev) + use_oif_addr = true; } } if (use_oif_addr) { - __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, scores); + __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, score, hiscore); } else { for_each_netdev_rcu(net, dev) { idev = __in6_dev_get(dev); if (!idev) continue; - __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, scores); + __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, score, hiscore); } } rcu_read_unlock(); On Mon, Jul 13, 2015 at 7:28 AM, YOSHIFUJI Hideaki/吉藤英明 hideaki.yoshif...@miraclelinux.com wrote: Commit 9131f3de2 (ipv6: Do not iterate over all interfaces when finding source address on specific interface.) did not properly update best source address available. Plus, it introduced possible NULL pointer dereference. Bug was reported by Erik Kline e...@google.com. Based on patch proposed by Hajime Tazaki thehaj...@gmail.com. Fixes: 9131f3de24db4dc12199aede7d931e6703e97f3b (ipv6: Do not iterate over all interfaces when finding source address on specific interface.) Signed-off-by: YOSHIFUJI Hideaki hideaki.yoshif...@miraclelinux.com --- net/ipv6/addrconf.c | 30 ++ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 4ab74d5..4c9a024 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1358,14 +1358,15 @@ out: return ret; } -static void __ipv6_dev_get_saddr(struct net *net, -struct ipv6_saddr_dst *dst, -unsigned int prefs, -const struct in6_addr *saddr, -struct inet6_dev *idev, -struct ipv6_saddr_score *scores) +static int __ipv6_dev_get_saddr(struct net *net, + struct ipv6_saddr_dst *dst, + unsigned int prefs, + const struct in6_addr *saddr, + struct inet6_dev *idev, + struct ipv6_saddr_score *scores, + int hiscore_idx) { - struct ipv6_saddr_score *score = scores[0], *hiscore = scores[1]; + struct ipv6_saddr_score *score = scores[1 - hiscore_idx], *hiscore = scores[hiscore_idx]; read_lock_bh(idev-lock); list_for_each_entry(score-ifa, idev-addr_list, if_list) { @@ -1424,6 +1425,7 @@ static void __ipv6_dev_get_saddr(struct net *net, in6_ifa_hold(score
[PATCH] ipv6: Fix finding best source address in ipv6_dev_get_saddr().
Commit 9131f3de2 (ipv6: Do not iterate over all interfaces when finding source address on specific interface.) did not properly update best source address available. Plus, it introduced possible NULL pointer dereference. Bug was reported by Erik Kline e...@google.com. Based on patch proposed by Hajime Tazaki thehaj...@gmail.com. Fixes: 9131f3de24db4dc12199aede7d931e6703e97f3b (ipv6: Do not iterate over all interfaces when finding source address on specific interface.) Signed-off-by: YOSHIFUJI Hideaki hideaki.yoshif...@miraclelinux.com --- net/ipv6/addrconf.c | 30 ++ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 4ab74d5..4c9a024 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1358,14 +1358,15 @@ out: return ret; } -static void __ipv6_dev_get_saddr(struct net *net, -struct ipv6_saddr_dst *dst, -unsigned int prefs, -const struct in6_addr *saddr, -struct inet6_dev *idev, -struct ipv6_saddr_score *scores) +static int __ipv6_dev_get_saddr(struct net *net, + struct ipv6_saddr_dst *dst, + unsigned int prefs, + const struct in6_addr *saddr, + struct inet6_dev *idev, + struct ipv6_saddr_score *scores, + int hiscore_idx) { - struct ipv6_saddr_score *score = scores[0], *hiscore = scores[1]; + struct ipv6_saddr_score *score = scores[1 - hiscore_idx], *hiscore = scores[hiscore_idx]; read_lock_bh(idev-lock); list_for_each_entry(score-ifa, idev-addr_list, if_list) { @@ -1424,6 +1425,7 @@ static void __ipv6_dev_get_saddr(struct net *net, in6_ifa_hold(score-ifa); swap(hiscore, score); + hiscore_idx = 1 - hiscore_idx; /* restore our iterator */ score-ifa = hiscore-ifa; @@ -1434,18 +1436,20 @@ static void __ipv6_dev_get_saddr(struct net *net, } out: read_unlock_bh(idev-lock); + return hiscore_idx; } int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, const struct in6_addr *daddr, unsigned int prefs, struct in6_addr *saddr) { - struct ipv6_saddr_score scores[2], *hiscore = scores[1]; + struct ipv6_saddr_score scores[2], *hiscore; struct ipv6_saddr_dst dst; struct inet6_dev *idev; struct net_device *dev; int dst_type; bool use_oif_addr = false; + int hiscore_idx = 0; dst_type = __ipv6_addr_type(daddr); dst.addr = daddr; @@ -1454,8 +1458,8 @@ int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, dst.label = ipv6_addr_label(net, daddr, dst_type, dst.ifindex); dst.prefs = prefs; - hiscore-rule = -1; - hiscore-ifa = NULL; + scores[hiscore_idx].rule = -1; + scores[hiscore_idx].ifa = NULL; rcu_read_lock(); @@ -1480,17 +1484,19 @@ int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, } if (use_oif_addr) { - __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, scores); + if (idev) + hiscore_idx = __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, scores, hiscore_idx); } else { for_each_netdev_rcu(net, dev) { idev = __in6_dev_get(dev); if (!idev) continue; - __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, scores); + hiscore_idx = __ipv6_dev_get_saddr(net, dst, prefs, saddr, idev, scores, hiscore_idx); } } rcu_read_unlock(); + hiscore = scores[hiscore_idx]; if (!hiscore-ifa) return -EADDRNOTAVAIL; -- 1.9.1 -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH net-next] ipv6: Do not iterate over all interfaces when finding source address on specific interface.
If outgoing interface is specified and the candidate addresses are restricted to the outgoing interface, it is enough to iterate over that given interface only. Signed-off-by: YOSHIFUJI Hideaki hideaki.yoshif...@miraclelinux.com --- net/ipv6/addrconf.c | 201 +--- 1 file changed, 111 insertions(+), 90 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 21c2c81..b4c82d8 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1358,15 +1358,94 @@ out: return ret; } +static void __ipv6_dev_get_saddr(struct net *net, +struct ipv6_saddr_dst *dst, +unsigned int prefs, +const struct in6_addr *saddr, +struct inet6_dev *idev, +struct ipv6_saddr_score *scores) +{ + struct ipv6_saddr_score *score = scores[0], *hiscore = scores[1]; + + read_lock_bh(idev-lock); + list_for_each_entry(score-ifa, idev-addr_list, if_list) { + int i; + + /* +* - Tentative Address (RFC2462 section 5.4) +* - A tentative address is not considered +*assigned to an interface in the traditional +*sense, unless it is also flagged as optimistic. +* - Candidate Source Address (section 4) +* - In any case, anycast addresses, multicast +*addresses, and the unspecified address MUST +*NOT be included in a candidate set. +*/ + if ((score-ifa-flags IFA_F_TENTATIVE) + (!(score-ifa-flags IFA_F_OPTIMISTIC))) + continue; + + score-addr_type = __ipv6_addr_type(score-ifa-addr); + + if (unlikely(score-addr_type == IPV6_ADDR_ANY || +score-addr_type IPV6_ADDR_MULTICAST)) { + net_dbg_ratelimited(ADDRCONF: unspecified / multicast address assigned as unicast address on %s, + idev-dev-name); + continue; + } + + score-rule = -1; + bitmap_zero(score-scorebits, IPV6_SADDR_RULE_MAX); + + for (i = 0; i IPV6_SADDR_RULE_MAX; i++) { + int minihiscore, miniscore; + + minihiscore = ipv6_get_saddr_eval(net, hiscore, dst, i); + miniscore = ipv6_get_saddr_eval(net, score, dst, i); + + if (minihiscore miniscore) { + if (i == IPV6_SADDR_RULE_SCOPE + score-scopedist 0) { + /* +* special case: +* each remaining entry +* has too small (not enough) +* scope, because ifa entries +* are sorted by their scope +* values. +*/ + goto out; + } + break; + } else if (minihiscore miniscore) { + if (hiscore-ifa) + in6_ifa_put(hiscore-ifa); + + in6_ifa_hold(score-ifa); + + swap(hiscore, score); + + /* restore our iterator */ + score-ifa = hiscore-ifa; + + break; + } + } + } +out: + read_unlock_bh(idev-lock); +} + int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, const struct in6_addr *daddr, unsigned int prefs, struct in6_addr *saddr) { - struct ipv6_saddr_score scores[2], - *score = scores[0], *hiscore = scores[1]; + struct ipv6_saddr_score scores[2], *hiscore = scores[1]; struct ipv6_saddr_dst dst; + struct inet6_dev *idev; struct net_device *dev; int dst_type; + bool use_oif_addr = false; dst_type = __ipv6_addr_type(daddr); dst.addr = daddr; @@ -1380,97 +1459,39 @@ int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, rcu_read_lock(); - for_each_netdev_rcu(net, dev) { - struct inet6_dev *idev; - - /* Candidate Source Address (section 4) -* - multicast and link-local destination address, -*the set of candidate source address MUST only -*include addresses assigned
[PATCH net-next v2] ipv6: Do not iterate over all interfaces when finding source address on specific interface.
If outgoing interface is specified and the candidate address is restricted to the outgoing interface, it is enough to iterate over that given interface only. Signed-off-by: YOSHIFUJI Hideaki hideaki.yoshif...@miraclelinux.com Acked-by: Erik Kline e...@google.com --- net/ipv6/addrconf.c | 197 1 file changed, 107 insertions(+), 90 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 21c2c81..4ab74d5 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -1358,15 +1358,94 @@ out: return ret; } +static void __ipv6_dev_get_saddr(struct net *net, +struct ipv6_saddr_dst *dst, +unsigned int prefs, +const struct in6_addr *saddr, +struct inet6_dev *idev, +struct ipv6_saddr_score *scores) +{ + struct ipv6_saddr_score *score = scores[0], *hiscore = scores[1]; + + read_lock_bh(idev-lock); + list_for_each_entry(score-ifa, idev-addr_list, if_list) { + int i; + + /* +* - Tentative Address (RFC2462 section 5.4) +* - A tentative address is not considered +*assigned to an interface in the traditional +*sense, unless it is also flagged as optimistic. +* - Candidate Source Address (section 4) +* - In any case, anycast addresses, multicast +*addresses, and the unspecified address MUST +*NOT be included in a candidate set. +*/ + if ((score-ifa-flags IFA_F_TENTATIVE) + (!(score-ifa-flags IFA_F_OPTIMISTIC))) + continue; + + score-addr_type = __ipv6_addr_type(score-ifa-addr); + + if (unlikely(score-addr_type == IPV6_ADDR_ANY || +score-addr_type IPV6_ADDR_MULTICAST)) { + net_dbg_ratelimited(ADDRCONF: unspecified / multicast address assigned as unicast address on %s, + idev-dev-name); + continue; + } + + score-rule = -1; + bitmap_zero(score-scorebits, IPV6_SADDR_RULE_MAX); + + for (i = 0; i IPV6_SADDR_RULE_MAX; i++) { + int minihiscore, miniscore; + + minihiscore = ipv6_get_saddr_eval(net, hiscore, dst, i); + miniscore = ipv6_get_saddr_eval(net, score, dst, i); + + if (minihiscore miniscore) { + if (i == IPV6_SADDR_RULE_SCOPE + score-scopedist 0) { + /* +* special case: +* each remaining entry +* has too small (not enough) +* scope, because ifa entries +* are sorted by their scope +* values. +*/ + goto out; + } + break; + } else if (minihiscore miniscore) { + if (hiscore-ifa) + in6_ifa_put(hiscore-ifa); + + in6_ifa_hold(score-ifa); + + swap(hiscore, score); + + /* restore our iterator */ + score-ifa = hiscore-ifa; + + break; + } + } + } +out: + read_unlock_bh(idev-lock); +} + int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, const struct in6_addr *daddr, unsigned int prefs, struct in6_addr *saddr) { - struct ipv6_saddr_score scores[2], - *score = scores[0], *hiscore = scores[1]; + struct ipv6_saddr_score scores[2], *hiscore = scores[1]; struct ipv6_saddr_dst dst; + struct inet6_dev *idev; struct net_device *dev; int dst_type; + bool use_oif_addr = false; dst_type = __ipv6_addr_type(daddr); dst.addr = daddr; @@ -1380,97 +1459,35 @@ int ipv6_dev_get_saddr(struct net *net, const struct net_device *dst_dev, rcu_read_lock(); - for_each_netdev_rcu(net, dev) { - struct inet6_dev *idev; - - /* Candidate Source Address (section 4) -* - multicast and link-local destination address, -*the set of candidate source address MUST only -
Re: [PATCH] ipv6: Fixed source specific default route handling.
Matthias Schiffer wrote: On 06/22/2015 07:58 AM, Steven Barth wrote: On 22.06.2015 00:35, Matthias Schiffer wrote: Could you explain in detail what you mean with If you want specific SA, add same route with higher metric and/or (more) specific src match.? Routes aren't bound to specific addresses except via the src attribute (which is called prefsrc in the kernel), which is exactly what it not working. I can't control the chosen source address at all when source-specific routes are involved. Except that prefsrc and src are two different beasts and usually ip route from transates to RTA_SRC instead of RTA_PREFSOURCE when used with a prefix length. Try adding two routes to the same destination with the same metric but different source values with PREFSRC (e.g. IPv4) and then try doing the same with SRC (e.g. IPv6). The former will fail but the latter will succeed. Ah sorry, I didn't know that src and prefsrc were distinct concepts. I meant to refer to src whenever I wrote prefsrc. What are the precise semantics of the src attribute? Any RFC I can read, or is this a Linux-specific concept? src is long-lived feature which is usually used with mutiple routing tables by ip rule. --yoshfuji https://tools.ietf.org/html/draft-troan-homenet-sadr-01 was the original draft for source-address dependent routing IIRC so might be a good read. Thanks for the link, that helps a bit. Even though the source-specific route has a higher metric than the generic one, the source-specific one shadows the generic route. (was a bit ago since I read into this so please correct me if I am wrong) IIRC this is intentional since longest-prefix-match beats metric here and the source-address match counts to being more-specific here. See also above difference between PREFSRC and SRC. Ah, that would explain the metric issue. I looks like the source of my confusion is that for source-specific routes *all* addresses are in the candidate set, not only the addresses of the outgoing interface (which makes sense as ip6_route_get_saddr() is called with a NULL rt6_info in the source-specific case). I'm not sure if this can be fixed in a sane way (as there seems to be a dependency cycle: source address should depend on outgoing interface, which depends on the chosen route, which depends on the source address), but it leads to highly unintuitive source address selection :( Markus suggested in the commit message not to call ip6_route_output at all before the source address has been selected. Wouldn't this make it impossible to choose the source address depending on the outgoing interface in the non-source-specific case as well? Cheers, Steven Thanks for the explanation, Matthias -- 吉藤英明 hideaki.yoshif...@miraclelinux.com ミラクル・リナックス株式会社 技術本部 サポート部 -- To unsubscribe from this list: send the line unsubscribe netdev in
Re: [PATCH] neighbour: Convert if statment in the function, neigh_add_timer to a WARN_ON
Nicholas Krause wrote: This converts the if statement for dumping the stack into a WARN_ON in order to make this function's debugging check simpler and have a cleaner output when this condition occurs inside this function for when bugs related to adding a duplicate neighbour table timer arise. Signed-off-by: Nicholas Krause xerofo...@gmail.com --- net/core/neighbour.c | 6 +- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 3de6542..0bf71da 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -165,11 +165,7 @@ static int neigh_forced_gc(struct neigh_table *tbl) static void neigh_add_timer(struct neighbour *n, unsigned long when) { neigh_hold(n); - if (unlikely(mod_timer(n-timer, when))) { - printk(NEIGH: BUG, double timer add, state is %x\n, -n-nud_state); - dump_stack(); - } + WARN_ON(unlikely(mod_timer(n-timer, when))); } NACK, please do not use WARN_ON for things with side effects. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH][KEY] fix bug in spdadd
In article [EMAIL PROTECTED] (at Thu, 14 Feb 2008 20:55:40 +0900), Kazunori MIYAZAWA [EMAIL PROTECTED] says: This patch fix a BUG when adding spds which have same selector. Signed-off-by: Kazunori MIYAZAWA [EMAIL PROTECTED] I think we need to fix xfrm_user side as well. --- [PATCH] [XFRM]: Avoid bogus BUG() when throwing new policy away. When we destory a new policy entry, we need to tell xfrm_policy_destroy() explicitly that the entry is not alive yet. --- diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 7833807..f971ca5 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -1105,6 +1105,7 @@ static struct xfrm_policy *xfrm_policy_construct(struct xfrm_userpolicy_info *p, return xp; error: *errp = err; + xp-dead = 1; xfrm_policy_destroy(xp); return NULL; } -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[RFC PATCH] [XFRM]: Fix ordering issue in xfrm_dst_hash_transfer().
Keep ordering of policy entries with same selector in xfrm_dst_hash_transfer(). Issue should not appear in usual cases because multiple policy entries with same selector are basically not allowed so far. Bug was pointed out by Sebastien Decugis [EMAIL PROTECTED]. We could convert bydst from hlist to list and use list_add_tail() instead. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 47219f9..9fc4c31 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -331,15 +331,31 @@ static void xfrm_dst_hash_transfer(struct hlist_head *list, struct hlist_head *ndsttable, unsigned int nhashmask) { - struct hlist_node *entry, *tmp; + struct hlist_node *entry, *tmp, *entry0 = NULL; struct xfrm_policy *pol; + unsigned int h0 = 0; +redo: hlist_for_each_entry_safe(pol, entry, tmp, list, bydst) { unsigned int h; h = __addr_hash(pol-selector.daddr, pol-selector.saddr, pol-family, nhashmask); - hlist_add_head(pol-bydst, ndsttable+h); + if (!entry0) { + hlist_del(entry); + hlist_add_head(pol-bydst, ndsttable+h); + h0 = h; + } else { + if (h != h0) + continue; + hlist_del(entry); + hlist_add_after(entry0, pol-bydst); + } + entry0 = entry; + } + if (!hlist_empty(list)) { + entry0 = NULL; + goto redo; } } -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCh TAKE 2] [IPROUTE2] Add addrlabel sub-command.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- diff --git a/ip/Makefile b/ip/Makefile index b427d58..d908817 100644 --- a/ip/Makefile +++ b/ip/Makefile @@ -1,4 +1,4 @@ -IPOBJ=ip.o ipaddress.o iproute.o iprule.o \ +IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o \ rtm_map.o iptunnel.o ip6tunnel.o tunnel.o ipneigh.o ipntable.o iplink.o \ ipmaddr.o ipmonitor.o ipmroute.o ipprefix.o \ ipxfrm.o xfrm_state.o xfrm_policy.o xfrm_monitor.o \ diff --git a/ip/ip.c b/ip/ip.c index aeb8c68..c4c773f 100644 --- a/ip/ip.c +++ b/ip/ip.c @@ -46,8 +46,8 @@ static void usage(void) fprintf(stderr, Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }\n ip [ -force ] [-batch filename\n -where OBJECT := { link | addr | route | rule | neigh | ntable | tunnel |\n - maddr | mroute | monitor | xfrm }\n +where OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |\n + tunnel | maddr | mroute | monitor | xfrm }\n OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n -f[amily] { inet | inet6 | ipx | dnet | link } |\n -o[neline] | -t[imestamp] }\n); @@ -64,6 +64,7 @@ static const struct cmd { int (*func)(int argc, char **argv); } cmds[] = { { address,do_ipaddr }, + { addrlabel, do_ipaddrlabel }, { maddress, do_multiaddr }, { route, do_iproute }, { rule, do_iprule }, diff --git a/ip/ip_common.h b/ip/ip_common.h index 39f2507..1bbd50d 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -4,6 +4,9 @@ extern int print_linkinfo(const struct sockaddr_nl *who, extern int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); +extern int print_addrlabelinfo(const struct sockaddr_nl *who, + struct nlmsghdr *n, + void *arg); extern int print_neigh(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); extern int print_ntable(const struct sockaddr_nl *who, @@ -23,6 +26,7 @@ extern int print_prefix(const struct sockaddr_nl *who, extern int print_rule(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); extern int do_ipaddr(int argc, char **argv); +extern int do_ipaddrlabel(int argc, char **argv); extern int do_iproute(int argc, char **argv); extern int do_iprule(int argc, char **argv); extern int do_ipneigh(int argc, char **argv); diff --git a/ip/ipaddrlabel.c b/ip/ipaddrlabel.c new file mode 100644 index 000..1c873e9 --- /dev/null +++ b/ip/ipaddrlabel.c @@ -0,0 +1,260 @@ +/* + * ipaddrlabel.c ip addrlabel + * + * Copyright (C)2007 USAGI/WIDE Project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * + * Based on iprule.c. + * + * Authors:YOSHIFUJI Hideaki [EMAIL PROTECTED] + * + */ + +#include stdio.h +#include stdlib.h +#include unistd.h +#include syslog.h +#include fcntl.h +#include sys/socket.h +#include netinet/in.h +#include netinet/ip.h +#include arpa/inet.h +#include string.h +#include linux/types.h +#include linux/if_addrlabel.h + +#include rt_names.h +#include utils.h +#include ip_common.h + +#define IFAL_RTA(r)((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrlblmsg +#define IFAL_PAYLOAD(n)NLMSG_PAYLOAD(n,sizeof(struct ifaddrlblmsg)) + +extern struct rtnl_handle rth; + +static void usage(void) __attribute__((noreturn)); + +static void usage(void) +{ + fprintf(stderr, Usage: ip addrlabel [ list | add | del | flush ] prefix PREFIX [ dev DEV ] [ label LABEL ]\n); + exit(-1); +} + +int print_addrlabel(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) +{ + FILE *fp = (FILE*)arg; + struct ifaddrlblmsg *ifal = NLMSG_DATA(n); + int len = n-nlmsg_len; + int host_len = -1; + struct rtattr *tb[IFAL_MAX+1]; + char abuf[256]; + + if (n-nlmsg_type != RTM_NEWADDRLABEL n-nlmsg_type != RTM_DELADDRLABEL) + return 0; + + len -= NLMSG_LENGTH(sizeof(*ifal)); + if (len 0) + return -1; + + parse_rtattr(tb, IFAL_MAX, IFAL_RTA(ifal), len); + + if (ifal-ifal_family == AF_INET) + host_len
Re: [PATCH] Add IPv6 support to TCP SYN cookies
In article [EMAIL PROTECTED] (at Thu, 07 Feb 2008 10:40:19 +0100), Eric Dumazet [EMAIL PROTECTED] says: [NET] IPV4: lower stack usage in cookie_hash() function 400 bytes allocated on stack might be a litle bit too much. Using a per_cpu var is more friendly. Signed-off-by: Eric Dumazet [EMAIL PROTECTED] Applied to my inet6-2.6.26 tree. Thanks. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] Add IPv6 support to TCP SYN cookies
In article [EMAIL PROTECTED] (at Thu, 7 Feb 2008 21:49:26 -0800), Glenn Griffin [EMAIL PROTECTED] says: Updated to incorporate Eric's suggestion of using a per cpu buffer rather than allocating on the stack. Just a two line change, but will resend in it's entirety. Signed-off-by: Glenn Griffin [EMAIL PROTECTED] Applied in my linux-2.6-dev tree. Thanks. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [patch 14/14] replace __inline__ by inline in include/linux (net related)
In article [EMAIL PROTECTED] (at Wed, 06 Feb 2008 10:14:19 +0100), Daniel Lezcano [EMAIL PROTECTED] says: replace __inline__ by inline in include/linux (net related) Signed-off-by: Daniel Lezcano [EMAIL PROTECTED] --- include/linux/atm.h|4 ++-- include/linux/atmsap.h |2 +- include/linux/hdlc.h | 13 +++-- include/linux/inetdevice.h | 14 ++ include/linux/netlink.h|5 +++-- include/linux/rtnetlink.h |2 +- 6 files changed, 20 insertions(+), 20 deletions(-) Please do this change within the #ifdef __KERNEL__ .. #endif only. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 6/6][NETNS]: Udp sockets per-net lookup.
In article [EMAIL PROTECTED] (at Thu, 31 Jan 2008 15:41:58 +0300), Pavel Emelyanov [EMAIL PROTECTED] says: Add the net parameter to udp_get_port family of calls and udp_lookup one and use it to filter sockets. I may miss something, but I'm afraid that I have to disagree. Port is identified only by family, address, protocol and port, and should not be split by name space. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 6/6][NETNS]: Udp sockets per-net lookup.
In article [EMAIL PROTECTED] (at Thu, 31 Jan 2008 05:20:07 -0800 (PST)), David Miller [EMAIL PROTECTED] says: The networking devices are even per-namespace already, so you can even say that each namespace is even physically different. Ah, okay, we are splitting weak domains... --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] Add addrlabel subsystem.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- include/linux/if_addrlabel.h | 32 + ip/Makefile |2 +- ip/ip.c |5 +- ip/ip_common.h |4 + ip/ipaddrlabel.c | 260 ++ ip/ipmonitor.c |4 + 6 files changed, 304 insertions(+), 3 deletions(-) diff --git a/include/linux/if_addrlabel.h b/include/linux/if_addrlabel.h new file mode 100644 index 000..9fe79c9 --- /dev/null +++ b/include/linux/if_addrlabel.h @@ -0,0 +1,32 @@ +/* + * if_addrlabel.h - netlink interface for address labels + * + * Copyright (C)2007 USAGI/WIDE Project, All Rights Reserved. + * + * Authors: + * YOSHIFUJI Hideaki @ USAGI/WIDE [EMAIL PROTECTED] + */ + +#ifndef __LINUX_IF_ADDRLABEL_H +#define __LINUX_IF_ADDRLABEL_H + +struct ifaddrlblmsg +{ + __u8ifal_family;/* Address family */ + __u8__ifal_reserved;/* Reserved */ + __u8ifal_prefixlen; /* Prefix length */ + __u8ifal_flags; /* Flags */ + __u32 ifal_index; /* Link index */ + __u32 ifal_seq; /* sequence number */ +}; + +enum +{ + IFAL_ADDRESS = 1, + IFAL_LABEL = 2, + __IFAL_MAX +}; + +#define IFAL_MAX (__IFAL_MAX - 1) + +#endif diff --git a/ip/Makefile b/ip/Makefile index b427d58..d908817 100644 --- a/ip/Makefile +++ b/ip/Makefile @@ -1,4 +1,4 @@ -IPOBJ=ip.o ipaddress.o iproute.o iprule.o \ +IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o \ rtm_map.o iptunnel.o ip6tunnel.o tunnel.o ipneigh.o ipntable.o iplink.o \ ipmaddr.o ipmonitor.o ipmroute.o ipprefix.o \ ipxfrm.o xfrm_state.o xfrm_policy.o xfrm_monitor.o \ diff --git a/ip/ip.c b/ip/ip.c index aeb8c68..c4c773f 100644 --- a/ip/ip.c +++ b/ip/ip.c @@ -46,8 +46,8 @@ static void usage(void) fprintf(stderr, Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }\n ip [ -force ] [-batch filename\n -where OBJECT := { link | addr | route | rule | neigh | ntable | tunnel |\n - maddr | mroute | monitor | xfrm }\n +where OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |\n + tunnel | maddr | mroute | monitor | xfrm }\n OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n -f[amily] { inet | inet6 | ipx | dnet | link } |\n -o[neline] | -t[imestamp] }\n); @@ -64,6 +64,7 @@ static const struct cmd { int (*func)(int argc, char **argv); } cmds[] = { { address,do_ipaddr }, + { addrlabel, do_ipaddrlabel }, { maddress, do_multiaddr }, { route, do_iproute }, { rule, do_iprule }, diff --git a/ip/ip_common.h b/ip/ip_common.h index 39f2507..1bbd50d 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -4,6 +4,9 @@ extern int print_linkinfo(const struct sockaddr_nl *who, extern int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); +extern int print_addrlabelinfo(const struct sockaddr_nl *who, + struct nlmsghdr *n, + void *arg); extern int print_neigh(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); extern int print_ntable(const struct sockaddr_nl *who, @@ -23,6 +26,7 @@ extern int print_prefix(const struct sockaddr_nl *who, extern int print_rule(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); extern int do_ipaddr(int argc, char **argv); +extern int do_ipaddrlabel(int argc, char **argv); extern int do_iproute(int argc, char **argv); extern int do_iprule(int argc, char **argv); extern int do_ipneigh(int argc, char **argv); diff --git a/ip/ipaddrlabel.c b/ip/ipaddrlabel.c new file mode 100644 index 000..1c873e9 --- /dev/null +++ b/ip/ipaddrlabel.c @@ -0,0 +1,260 @@ +/* + * ipaddrlabel.c ip addrlabel + * + * Copyright (C)2007 USAGI/WIDE Project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * + * Based on iprule.c. + * + * Authors:YOSHIFUJI Hideaki [EMAIL PROTECTED] + * + */ + +#include stdio.h
[PATCH] IPROUTE2: Add addrlabel subsystem.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- include/linux/if_addrlabel.h | 32 + ip/Makefile |2 +- ip/ip.c |5 +- ip/ip_common.h |4 + ip/ipaddrlabel.c | 260 ++ ip/ipmonitor.c |4 + 6 files changed, 304 insertions(+), 3 deletions(-) diff --git a/include/linux/if_addrlabel.h b/include/linux/if_addrlabel.h new file mode 100644 index 000..9fe79c9 --- /dev/null +++ b/include/linux/if_addrlabel.h @@ -0,0 +1,32 @@ +/* + * if_addrlabel.h - netlink interface for address labels + * + * Copyright (C)2007 USAGI/WIDE Project, All Rights Reserved. + * + * Authors: + * YOSHIFUJI Hideaki @ USAGI/WIDE [EMAIL PROTECTED] + */ + +#ifndef __LINUX_IF_ADDRLABEL_H +#define __LINUX_IF_ADDRLABEL_H + +struct ifaddrlblmsg +{ + __u8ifal_family;/* Address family */ + __u8__ifal_reserved;/* Reserved */ + __u8ifal_prefixlen; /* Prefix length */ + __u8ifal_flags; /* Flags */ + __u32 ifal_index; /* Link index */ + __u32 ifal_seq; /* sequence number */ +}; + +enum +{ + IFAL_ADDRESS = 1, + IFAL_LABEL = 2, + __IFAL_MAX +}; + +#define IFAL_MAX (__IFAL_MAX - 1) + +#endif diff --git a/ip/Makefile b/ip/Makefile index b427d58..d908817 100644 --- a/ip/Makefile +++ b/ip/Makefile @@ -1,4 +1,4 @@ -IPOBJ=ip.o ipaddress.o iproute.o iprule.o \ +IPOBJ=ip.o ipaddress.o ipaddrlabel.o iproute.o iprule.o \ rtm_map.o iptunnel.o ip6tunnel.o tunnel.o ipneigh.o ipntable.o iplink.o \ ipmaddr.o ipmonitor.o ipmroute.o ipprefix.o \ ipxfrm.o xfrm_state.o xfrm_policy.o xfrm_monitor.o \ diff --git a/ip/ip.c b/ip/ip.c index aeb8c68..c4c773f 100644 --- a/ip/ip.c +++ b/ip/ip.c @@ -46,8 +46,8 @@ static void usage(void) fprintf(stderr, Usage: ip [ OPTIONS ] OBJECT { COMMAND | help }\n ip [ -force ] [-batch filename\n -where OBJECT := { link | addr | route | rule | neigh | ntable | tunnel |\n - maddr | mroute | monitor | xfrm }\n +where OBJECT := { link | addr | addrlabel | route | rule | neigh | ntable |\n + tunnel | maddr | mroute | monitor | xfrm }\n OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n -f[amily] { inet | inet6 | ipx | dnet | link } |\n -o[neline] | -t[imestamp] }\n); @@ -64,6 +64,7 @@ static const struct cmd { int (*func)(int argc, char **argv); } cmds[] = { { address,do_ipaddr }, + { addrlabel, do_ipaddrlabel }, { maddress, do_multiaddr }, { route, do_iproute }, { rule, do_iprule }, diff --git a/ip/ip_common.h b/ip/ip_common.h index 39f2507..1bbd50d 100644 --- a/ip/ip_common.h +++ b/ip/ip_common.h @@ -4,6 +4,9 @@ extern int print_linkinfo(const struct sockaddr_nl *who, extern int print_addrinfo(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); +extern int print_addrlabelinfo(const struct sockaddr_nl *who, + struct nlmsghdr *n, + void *arg); extern int print_neigh(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); extern int print_ntable(const struct sockaddr_nl *who, @@ -23,6 +26,7 @@ extern int print_prefix(const struct sockaddr_nl *who, extern int print_rule(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg); extern int do_ipaddr(int argc, char **argv); +extern int do_ipaddrlabel(int argc, char **argv); extern int do_iproute(int argc, char **argv); extern int do_iprule(int argc, char **argv); extern int do_ipneigh(int argc, char **argv); diff --git a/ip/ipaddrlabel.c b/ip/ipaddrlabel.c new file mode 100644 index 000..1c873e9 --- /dev/null +++ b/ip/ipaddrlabel.c @@ -0,0 +1,260 @@ +/* + * ipaddrlabel.c ip addrlabel + * + * Copyright (C)2007 USAGI/WIDE Project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * + * Based on iprule.c. + * + * Authors:YOSHIFUJI Hideaki [EMAIL PROTECTED] + * + */ + +#include stdio.h
Re: [PATCH] Add addrlabel subsystem.
In article [EMAIL PROTECTED] (at Fri, 01 Feb 2008 06:56:10 +1100 (EST)), YOSHIFUJI Hideaki / 吉藤英明 [EMAIL PROTECTED] says: Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- include/linux/if_addrlabel.h | 32 + ip/Makefile |2 +- ip/ip.c |5 +- ip/ip_common.h |4 + ip/ipaddrlabel.c | 260 ++ ip/ipmonitor.c |4 + 6 files changed, 304 insertions(+), 3 deletions(-) Sorry, iproute2 was missing in the subject...resent. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH net-2.6.25] [IPV6] ADDRLABEL: Fix double free on label deletion.
If an entry is being deleted because it has only one reference, we immediately delete it and blindly register the rcu handler for it, This results in oops by double freeing that object. This patch fixes it by consolidating the code paths for the deletion; let its rcu handler delete the object if it has no more reference. Bug was found by Mitsuru Chinen [EMAIL PROTECTED] Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- diff --git a/net/ipv6/addrlabel.c b/net/ipv6/addrlabel.c index 6f1ca60..7a706c4 100644 --- a/net/ipv6/addrlabel.c +++ b/net/ipv6/addrlabel.c @@ -106,6 +106,11 @@ static inline void ip6addrlbl_free(struct ip6addrlbl_entry *p) kfree(p); } +static void ip6addrlbl_free_rcu(struct rcu_head *h) +{ + ip6addrlbl_free(container_of(h, struct ip6addrlbl_entry, rcu)); +} + static inline int ip6addrlbl_hold(struct ip6addrlbl_entry *p) { return atomic_inc_not_zero(p-refcnt); @@ -114,12 +119,7 @@ static inline int ip6addrlbl_hold(struct ip6addrlbl_entry *p) static inline void ip6addrlbl_put(struct ip6addrlbl_entry *p) { if (atomic_dec_and_test(p-refcnt)) - ip6addrlbl_free(p); -} - -static void ip6addrlbl_free_rcu(struct rcu_head *h) -{ - ip6addrlbl_free(container_of(h, struct ip6addrlbl_entry, rcu)); + call_rcu(p-rcu, ip6addrlbl_free_rcu); } /* Find label */ @@ -240,7 +240,6 @@ int __ip6addrlbl_add(struct ip6addrlbl_entry *newp, int replace) } hlist_replace_rcu(p-list, newp-list); ip6addrlbl_put(p); - call_rcu(p-rcu, ip6addrlbl_free_rcu); goto out; } else if ((p-prefixlen == newp-prefixlen !p-ifindex) || (p-prefixlen newp-prefixlen)) { @@ -300,7 +299,6 @@ int __ip6addrlbl_del(const struct in6_addr *prefix, int prefixlen, ipv6_addr_equal(p-prefix, prefix)) { hlist_del_rcu(p-list); ip6addrlbl_put(p); - call_rcu(p-rcu, ip6addrlbl_free_rcu); ret = 0; break; } -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [patch net-2.6.25][IPV6][SYSCTL] fix sysctl compilation error
In article [EMAIL PROTECTED] (at Fri, 25 Jan 2008 14:32:23 +0100), Daniel Lezcano [EMAIL PROTECTED] says: Move ipv6_icmp_sysctl_init and ipv6_route_sysctl_init into the right ifdef section otherwise that does not compile when CONFIG_SYSCTL=yes and CONFIG_PROC_FS=no Signed-off-by: Daniel Lezcano [EMAIL PROTECTED] My bad Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 12/12 net-2.6.25] [NETNS]: Add namespace for ICMP replying code.
In article [EMAIL PROTECTED] (at Wed, 23 Jan 2008 10:16:29 +0100), Mathieu Lacage [EMAIL PROTECTED] says: I have been following the netns patches on this ML for a while but I still have not figured out in which tree the patches fed to David Miller are applied. I have attempted to grep the public trees 'davem/net-2.6' and 'davem/net-2.6.25' but without much success so far. Is there a public git tree I can clone which contains all the netns patches which David Miller state are 'Applied' ? I'm cloning from git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.25.git There may be some time-lag. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[GIT PULL] [IPV6,IPV4]: Fix several sparse warnings.
Dave, please consider pulling following changes on top of net-2.6.25 tree: git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-dev.git net-2.6-dev-20080122 Thank you. HEADLINES - [IPV4] UDP,UDPLITE: Sparse: {__udp4_lib,udp,udplite}_err() are of void. [IPV6] UDP,UDPLITE: Sparse: {__udp6_lib,udp,udplite}_err() are of void. [IPV6] UDPLITE: Sparse: Declare non-static symbols in header. [IPV6] ADDRLABEL: Sparse: Make several functions static. [IPV6]: Sparse: Declare non-static ipv6_{route,icmp,frag}_sysctl_init() in header. [IPV6] ADDRCONF: Sparse: Make inet6_dump_addr() code paths more straight-forward. [IPV6] NDISC: Sparse: Use different variable name for local use. DIFFSTAT include/net/ipv6.h |4 net/ipv4/udp.c |2 +- net/ipv4/udplite.c |2 +- net/ipv6/addrconf.c| 38 ++ net/ipv6/addrlabel.c | 20 ++-- net/ipv6/af_inet6.c|2 -- net/ipv6/ndisc.c | 10 +- net/ipv6/sysctl_net_ipv6.c |3 --- net/ipv6/udp.c |2 +- net/ipv6/udp_impl.h|1 + net/ipv6/udplite.c |2 +- 11 files changed, 42 insertions(+), 44 deletions(-) CHANGESETS -- commit 9c14555fec7d209c90ae5079c59dc9a338620fd7 Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Tue Jan 22 17:05:31 2008 +0900 [IPV4] UDP,UDPLITE: Sparse: {__udp4_lib,udp,udplite}_err() are of void. Fix following sparse warnings: | net/ipv4/udp.c:421:2: warning: returning void-valued expression | net/ipv4/udplite.c:38:2: warning: returning void-valued expression Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index cb2411c..ecd9d91 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c @@ -418,7 +418,7 @@ out: void udp_err(struct sk_buff *skb, u32 info) { - return __udp4_lib_err(skb, info, udp_hash); + __udp4_lib_err(skb, info, udp_hash); } /* diff --git a/net/ipv4/udplite.c b/net/ipv4/udplite.c index f5baeb3..001b881 100644 --- a/net/ipv4/udplite.c +++ b/net/ipv4/udplite.c @@ -35,7 +35,7 @@ static int udplite_rcv(struct sk_buff *skb) static void udplite_err(struct sk_buff *skb, u32 info) { - return __udp4_lib_err(skb, info, udplite_hash); + __udp4_lib_err(skb, info, udplite_hash); } static struct net_protocol udplite_protocol = { --- commit feafbe254cd11496370192a08dbdc1d0ddda226f Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Tue Jan 22 17:09:55 2008 +0900 [IPV6] UDP,UDPLITE: Sparse: {__udp6_lib,udp,udplite}_err() are of void. Fix following sparse warnings: | net/ipv6/udp.c:262:2: warning: returning void-valued expression | net/ipv6/udplite.c:29:2: warning: returning void-valued expression Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index bf58aca..bd4b9df 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c @@ -259,7 +259,7 @@ static __inline__ void udpv6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, int type, int code, int offset, __be32 info ) { - return __udp6_lib_err(skb, opt, type, code, offset, info, udp_hash); + __udp6_lib_err(skb, opt, type, code, offset, info, udp_hash); } int udpv6_queue_rcv_skb(struct sock * sk, struct sk_buff *skb) diff --git a/net/ipv6/udplite.c b/net/ipv6/udplite.c index 39f0705..87d4202 100644 --- a/net/ipv6/udplite.c +++ b/net/ipv6/udplite.c @@ -26,7 +26,7 @@ static void udplitev6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, int type, int code, int offset, __be32 info) { - return __udp6_lib_err(skb, opt, type, code, offset, info, udplite_hash); + __udp6_lib_err(skb, opt, type, code, offset, info, udplite_hash); } static struct inet6_protocol udplitev6_protocol = { --- commit ce97db1c7fa125b3f24a3d424a6373824a0bca37 Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Tue Jan 22 17:25:46 2008 +0900 [IPV6] UDPLITE: Sparse: Declare non-static symbols in header. Fix the following sparse warnings: | net/ipv6/udplite.c:45:14: warning: symbol 'udplitev6_prot' was not declared. Should it be static? | net/ipv6/udplite.c:80:12: warning: symbol 'udplitev6_init' was not declared. Should it be static? | net/ipv6/udplite.c:99:6: warning: symbol 'udplitev6_exit' was not declared. Should it be static? Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ipv6/udp_impl.h b/net/ipv6/udp_impl.h index 2d3fda6..21be3a8 100644 --- a/net/ipv6/udp_impl.h +++ b/net/ipv6/udp_impl.h @@ -5,6 +5,7 @@ #include net/protocol.h #include net/addrconf.h #include net/inet_common.h +#include net/transp_v6.h extern int __udp6_lib_rcv(struct sk_buff *, struct hlist_head [], int ); extern void
Re: [PATCH 1/2] IPV6: ICMP6_MIB_OUTMSGS increment duplicated
In article [EMAIL PROTECTED] (at Mon, 21 Jan 2008 17:46:32 +0800), Wang Chen [EMAIL PROTECTED] says: [IPV6]: ICMP6_MIB_OUTMSGS increment duplicated icmpv6_send() calls ip6_push_pending_frames() indirectly. Both ip6_push_pending_frames() and icmpv6_send() increment counter ICMP6_MIB_OUTMSGS. This patch remove the increment from icmpv6_send. Signed-off-by: Wang Chen [EMAIL PROTECTED] Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2/2] IPV6: RFC 2011 compatibility broken
In article [EMAIL PROTECTED] (at Mon, 21 Jan 2008 17:46:44 +0800), Wang Chen [EMAIL PROTECTED] says: The snmp6 entry name was changed, and it broke compatibility to RFC 2011. Signed-off-by: Wang Chen [EMAIL PROTECTED] Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] IPv4: Enable use of 240/4 address space
In article [EMAIL PROTECTED] (at Sat, 19 Jan 2008 14:44:13 +0100 (CET)), Jan Engelhardt [EMAIL PROTECTED] says: From 84bccef295aa9754ee662191e32ba1d64edce2ba Mon Sep 17 00:00:00 2001 From: Jan Engelhardt [EMAIL PROTECTED] Date: Fri, 18 Jan 2008 02:10:44 +0100 Subject: [PATCH] IPv4: enable use of 240/4 address space This short patch modifies the IPv4 networking to enable use of the 240.0.0.0/4 (aka class-E) address space as propsed in the internet draft draft-fuller-240space-00.txt. Signed-off-by: Jan Engelhardt [EMAIL PROTECTED] Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] [IPV6] ROUTE: Make sending algorithm more friendly with RFC 4861.
We omit (or delay) sending NSes for known-to-unreachable routers (in NUD_FAILED state) according to RFC 4191 (Default Router Preferences and More-Specific Routes). But this is not fully compatible with RFC 4861 (Neighbor Discovery Protocol for IPv6), which does not remember unreachability of neighbors. So, let's avoid mixing sending algorithm of RFC 4191 and that of RFC 4861, and make the algorithm more friendly with RFC 4861 if RFC 4191 is disabled. Issue was found by IPv6 Ready Logo Core Self_Test 1.5.0b2 (by TAHI Project), and has been tracked down by Mitsuru Chinen [EMAIL PROTECTED]. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] -- diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 6ecb5e6..20083e0 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -329,7 +329,7 @@ static inline int rt6_check_dev(struct rt6_info *rt, int oif) static inline int rt6_check_neigh(struct rt6_info *rt) { struct neighbour *neigh = rt-rt6i_nexthop; - int m = 0; + int m; if (rt-rt6i_flags RTF_NONEXTHOP || !(rt-rt6i_flags RTF_GATEWAY)) m = 1; @@ -337,10 +337,15 @@ static inline int rt6_check_neigh(struct rt6_info *rt) read_lock_bh(neigh-lock); if (neigh-nud_state NUD_VALID) m = 2; - else if (!(neigh-nud_state NUD_FAILED)) +#ifdef CONFIG_IPV6_ROUTER_PREF + else if (neigh-nud_state NUD_FAILED) + m = 0; +#endif + else m = 1; read_unlock_bh(neigh-lock); - } + } else + m = 0; return m; } -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] IPv4: Enable use of 240/4 address space
In article [EMAIL PROTECTED] (at Fri, 18 Jan 2008 02:13:52 +0100 (CET)), Jan Engelhardt [EMAIL PROTECTED] says: diff --git a/include/linux/in.h b/include/linux/in.h index 27d8a5a..b01bf75 100644 --- a/include/linux/in.h +++ b/include/linux/in.h @@ -216,9 +216,6 @@ struct sockaddr_in { #define IN_MULTICAST(a) IN_CLASSD(a) #define IN_MULTICAST_NET 0xF000 -#define IN_EXPERIMENTAL(a) long int) (a)) 0xf000) == 0xf000) -#define IN_BADCLASS(a) IN_EXPERIMENTAL((a)) - /* Address to accept any incoming messages. */ #define INADDR_ANY ((unsigned long int) 0x) No, please keep these macros. @@ -264,7 +261,7 @@ static inline bool ipv4_is_local_multicast(__be32 addr) static inline bool ipv4_is_badclass(__be32 addr) { - return (addr htonl(0xf000)) == htonl(0xf000); + return addr == 0x; } To (un)align the IN_BADCLASS macro and ipv6_is_badclass() definition, you should change the name anyway, e.g., ipv6_is_limited_broadcast() or some something alike. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] IPv4: Enable use of 240/4 address space
In article [EMAIL PROTECTED] (at Fri, 18 Jan 2008 02:52:08 +0100 (CET)), Jan Engelhardt [EMAIL PROTECTED] says: On Jan 18 2008 10:26, YOSHIFUJI Hideaki / 吉藤英明 wrote: -#define IN_EXPERIMENTAL(a) long int) (a)) 0xf000) == 0xf000) -#define IN_BADCLASS(a) IN_EXPERIMENTAL((a)) No, please keep these macros. @@ -264,7 +261,7 @@ static inline bool ipv4_is_local_multicast(__be32 addr) static inline bool ipv4_is_badclass(__be32 addr) { - return (addr htonl(0xf000)) == htonl(0xf000); + return addr == 0x; } To (un)align the IN_BADCLASS macro and ipv6_is_badclass() definition, Unalign? IPv6? Limited broadcast? Sorry, ipv4_is_badclass(). Assuming IN_BADCLASS() is still there, we should not reuse the name of ipv6_is_badclass because the their meanings are different. -static inline bool ipv4_is_badclass(__be32 addr) +static inline bool ipv4_is_broadcast(__be32 addr) { I'm just afraid that people might think ipv4_is_broadcast is for testing subnet broadcast address. 255.255.255.255 is limited broadcast address (vs subnet broadcast address, which can be forwarded by routers). --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] IPv4: Enable use of 240/4 address space
In article [EMAIL PROTECTED] (at Fri, 18 Jan 2008 11:13:19 +0900 (JST)), YOSHIFUJI Hideaki / 吉藤英明 [EMAIL PROTECTED] says: Assuming IN_BADCLASS() is still there, we should not reuse the name of ipv6_is_badclass because the their meanings are different. Again, ipv4_is_badclass() My hands almost automatically type 6 after ipv... --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Netconf at conf.au 2008?
In article [EMAIL PROTECTED] (at Sun, 13 Jan 2008 19:17:51 +0100), martin f krafft [EMAIL PROTECTED] says: also sprach Andy Johnson [EMAIL PROTECTED] [2008.01.12.0752 +0100]: I saw somewhere (maybe in this mailing list a while ago) that there might be a Linux Kernel Developers' Netconf conference at conf.au 2008. I think you may be mixing things up, and it may be my fault in ways. I am developing netconf: http://netconf.alioth.debian.org. I am aware of the NETCONF protocol and have considered renaming my project, but looking around, it seemed to me that NETCONF isn't really all that active, and so I chose to keep the name. If people think that wasn't wise, I'm willing to listen... Very confusing to me... --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 001/001] ipv4: enable use of 240/4 address space
In article [EMAIL PROTECTED] (at Fri, 11 Jan 2008 12:17:02 +0100), Andi Kleen [EMAIL PROTECTED] says: Vince Fuller [EMAIL PROTECTED] writes: from Vince Fuller [EMAIL PROTECTED] This set of diffs modify the 2.6.20 kernel to enable use of the 240/4 (aka class-E) address space as consistent with the Internet Draft draft-fuller-240space-00.txt. Wouldn't it be wise to at least wait for it becoming an RFC first? I do think so, too. There is no positive consesus on this draft at the intarea meeting in Vancouver, right? We cannot / should not enable that space until we have reached a consensus on it. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 001/001] ipv4: enable use of 240/4 address space
In article [EMAIL PROTECTED] (at Fri, 11 Jan 2008 17:48:57 -0800 (PST)), David Miller [EMAIL PROTECTED] says: From: YOSHIFUJI Hideaki / 吉藤英明 [EMAIL PROTECTED] Date: Fri, 11 Jan 2008 21:41:20 +0900 (JST) There is no positive consesus on this draft at the intarea meeting in Vancouver, right? We cannot / should not enable that space until we have reached a consensus on it. This is so incredibly incorrect. There is consensus on making network stacks able to use this address space. And that is all that the patch does. No, we did never make consensus on it. The consensus is only missing on whether to make the address space public or private. This is also clearly spelled out in the draft. It is important to get as large of a head start on this as possible because of how long it takes to deploy something like this. Okay, though I am afraid this space will not be used widely, we should be ready for it. I'll make some more comments on the patch itself from another point view. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 001/001] ipv4: enable use of 240/4 address space
Hello. In article [EMAIL PROTECTED] (at Mon, 7 Jan 2008 17:10:57 -0800), Vince Fuller [EMAIL PROTECTED] says: #define IN_MULTICAST_NET 0xF000 +#define IN_CLASSE(a) long int) (a)) 0xf000) == 0xf000) +#define IN_CLASSE_NET 0xff00 +#define IN_CLASSE_NSHIFT8 +#define IN_CLASSE_HOST (0x ~IN_CLASSE_NET) + +/* + * these are no longer used #define IN_EXPERIMENTAL(a) long int) (a)) 0xf000) == 0xf000) #define IN_BADCLASS(a) IN_EXPERIMENTAL((a)) +*/ Please do not remove this, but have these instead: #define IN_EXPERIMENTAL(a) IN_CLASSE((a)) #define IN_BADCASS(a) IN_CLASSE((a)) And, I think it is good to remove BADCLASS() (inside #ifdef __KERNEL__ .. #endif) because we do not have its users any longer, right? Regards, --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Linux IPv6 DAD not full conform to RFC 4862 ?
In article [EMAIL PROTECTED] (at Wed, 9 Jan 2008 16:36:56 +0100), Karsten Keil [EMAIL PROTECTED] says: So I think we should disable the interface now, if DAD fails on a hardware based LLA. I don't want to do this, at least, unconditionally. Options (not exclusive): - we could have enable_ipv6 interface flag and check it in input/output paths - we could have dad_reaction interface variable and 1: disable interface = 1: disable IPv6 0: ignore (as we do now) --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Linux IPv6 DAD not full conform to RFC 4862 ?
In article [EMAIL PROTECTED] (at Thu, 10 Jan 2008 01:38:57 +0900 (JST)), YOSHIFUJI Hideaki / 吉藤英明 [EMAIL PROTECTED] says: - we could have dad_reaction interface variable and 1: disable interface = 1: disable IPv6 0: ignore (as we do now) Argh, 0, 0 and 0, maybe. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Linux IPv6 DAD not full conform to RFC 4862 ?
In article [EMAIL PROTECTED] (at Wed, 09 Jan 2008 15:32:12 -0800 (PST)), David Miller [EMAIL PROTECTED] says: I question any RFC mandate that shuts down IP communication on a node because of packets received from remote systems. RFC4862 tell us that we SHOULD disable IP communication. (IP means IPv6 here; IPv4 is out of scope.) In IETF term, a SHOULD is almost a MUST. We are required to follow unless we have very good reason to ignore it. If the TAHI test can trigger this, so can a compromised system on your network and won't that be fun? :-) So, I know the specification, but I have ignored it. I think it is fine to implent in some way, but I do think we must have a switch not to do this. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: Linux IPv6 DAD not full conform to RFC 4862 ?
In article [EMAIL PROTECTED] (at Wed, 09 Jan 2008 15:55:44 -0800 (PST)), David Miller [EMAIL PROTECTED] says: Because of the above, the existing behavior must still stay the default. I hope this is your plan. By default Linux will not implement this SHOULD, it's a security issue. Yes so far, though we may have more things to consider. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH net-2.6][NEIGH] Updating affected neighbours when about MAC address change
In article [EMAIL PROTECTED] (at Sun, 23 Dec 2007 13:41:36 +0200), David Shwatrz [EMAIL PROTECTED] says: I had written a small patch to neigh_changeaddr() in net/core/neighbour.c against the 2.6 git net tree, which sends a gratuitous ARP to update the list of all the involved neighbours with the change of MAC address. The patch is for neigh_changeaddr() only. Though I can see no patch, but I disagree. ;-) I do think you should change arp_netdev_event() and ndisc_netdev_event(). --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH net-2.6][NEIGH] Updating affected neighbours when about MAC address change
In article [EMAIL PROTECTED] (at Sun, 23 Dec 2007 14:24:00 +0200), David Shwatrz [EMAIL PROTECTED] says: Regarding your answer; I accept it and I will soon send a revised version of this patch (making changes to arp_netdev_event() and ndisc_netdev_event().) I had IPv4 in mind, there is no reason that it will no be also in IPv6. You should iterate all of ifa_list (for IPv4) / addr_list (for IPv6). For IPv6, we also have anycast (maintained by ac_list) as well. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH net-2.6][NEIGH] Updating affected neighbours when about MAC address change
In article [EMAIL PROTECTED] (at Sun, 23 Dec 2007 07:46:15 -0500), jamal [EMAIL PROTECTED] says: On Sun, 2007-23-12 at 21:38 +0900, YOSHIFUJI Hideaki / 吉藤英明 wrote: In article [EMAIL PROTECTED] (at Sun, 23 Dec 2007 14:24:00 +0200), David Shwatrz [EMAIL PROTECTED] says: Regarding your answer; I accept it and I will soon send a revised version of this patch (making changes to arp_netdev_event() and ndisc_netdev_event().) I had IPv4 in mind, there is no reason that it will no be also in IPv6. You should iterate all of ifa_list (for IPv4) / addr_list (for IPv6). For IPv6, we also have anycast (maintained by ac_list) as well. Hrm, how is this going to work for the case of multiple MACs on a device? Changing one MAC address doesnt equate to issuing a grat arp with _the new MAC_ for all ifa (given each MAC may be map to a different ifa) If the secondary MACs are used with ARP/NDP, we should take care of that, but I think we use the primary MAC for ARP/NDP, no? (In other words, we always use primary MAC for ARP reply / NA, no?) --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH net-2.6][NEIGH] Updating affected neighbours when about MAC address change
In article [EMAIL PROTECTED] (at Sun, 23 Dec 2007 15:04:37 +0200), David Shwatrz [EMAIL PROTECTED] says: Hello, You should iterate all of ifa_list (for IPv4) / addr_list (for IPv6). For IPv6, we also have anycast (maintained by ac_list) as well. I am not sure that we need to iterate all of ifa_list in IPv4. The reason is that we end with arp_send, and it initiates a broadcast. So all neighbours will receive it and update their arp tables accordingly. The dest hw in the arp_send is NULL according to this patch ; this means that we will assign dev-broadcast to dest_hw in apr_create(). It seems to me there's no reason to send more than one broadcast. Urgh? what is happend if you have multiple IPv4 addresses on the device? In IPv6, I need to check, since it is multicast. Please read RFC2461 Section 7.2.6. In short we should send a few unsolicited NA, but I think you can start from sending once per an address. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] [IPROUTE]: A workaround to make larger rto_min printed correctly
In article [EMAIL PROTECTED] (at Fri, 21 Dec 2007 11:24:54 +0900), Satoru SATOH [EMAIL PROTECTED] says: 2007/12/21, Jarek Poplawski [EMAIL PROTECTED]: Jarek Poplawski wrote, On 12/20/2007 09:24 PM: ... but since it's your patch, I hope you do some additional checking if it's always like this... ...or maybe only changing this all a little bit will make it look safer! Jarek P. OK, how about this? Signed-off-by: Satoru SATOH [EMAIL PROTECTED] ip/iproute.c | 12 1 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ip/iproute.c b/ip/iproute.c index f4200ae..c771b34 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -510,16 +510,20 @@ int print_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) fprintf(fp, %u, *(unsigned*)RTA_DATA(mxrta[i])); else { unsigned val = *(unsigned*)RTA_DATA(mxrta[i]); + unsigned hz1 = hz; + if (hz1 1000) Why don't you simply use unsigned long long (or maybe uint64_t) here? Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- diff --git a/ip/iproute.c b/ip/iproute.c index f4200ae..db9a3b6 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -509,16 +509,21 @@ int print_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) i != RTAX_RTO_MIN) fprintf(fp, %u, *(unsigned*)RTA_DATA(mxrta[i])); else { - unsigned val = *(unsigned*)RTA_DATA(mxrta[i]); + unsigned long long val = *(unsigned*)RTA_DATA(mxrta[i]); + unsigned div = 1; - val *= 1000; if (i == RTAX_RTT) - val /= 8; + div = 8; else if (i == RTAX_RTTVAR) - val /= 4; - if (val = hz) - fprintf(fp, %ums, val/hz); + div = 4; else + div = 1; + + val = val * 1000ULL / div; + + if (val = hz) { + fprintf(fp, %llums, val/hz); + } else fprintf(fp, %.2fms, (float)val/hz); } } --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] [IPROUTE]: A workaround to make larger rto_min printed correctly
In article [EMAIL PROTECTED] (at Fri, 21 Dec 2007 22:49:59 +0900), Satoru SATOH [EMAIL PROTECTED] says: I agree. I mistakenly thought hz in that context must be larger than 1000.. As it's uncertain, your's looks much simpler and better. (btw, the lines else div = 1 is not needed, is it?) Simplest fix is as follows: Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] -- diff --git a/ip/iproute.c b/ip/iproute.c index f4200ae..7a885b0 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -509,7 +509,7 @@ int print_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) i != RTAX_RTO_MIN) fprintf(fp, %u, *(unsigned*)RTA_DATA(mxrta[i])); else { - unsigned val = *(unsigned*)RTA_DATA(mxrta[i]); + unsigned long long val = *(unsigned*)RTA_DATA(mxrta[i]); val *= 1000; if (i == RTAX_RTT) @@ -517,7 +517,7 @@ int print_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) else if (i == RTAX_RTTVAR) val /= 4; if (val = hz) - fprintf(fp, %ums, val/hz); + fprintf(fp, %llums, val/hz); else fprintf(fp, %.2fms, (float)val/hz); } -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] [IPROUTE]: A workaround to make larger rto_min printed correctly
In article [EMAIL PROTECTED] (at Thu, 20 Dec 2007 12:31:27 +0900), Satoru SATOH [EMAIL PROTECTED] says: diff --git a/ip/iproute.c b/ip/iproute.c index f4200ae..fa722c6 100644 --- a/ip/iproute.c +++ b/ip/iproute.c @@ -510,16 +510,16 @@ int print_route(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) fprintf(fp, %u, *(unsigned*)RTA_DATA(mxrta[i])); else { unsigned val = *(unsigned*)RTA_DATA(mxrta[i]); + unsigned hz1 = hz / 1000; - val *= 1000; if (i == RTAX_RTT) I think this is incorrect; hz might not be 1000; e.g. 250 etc. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [TCP] IPV6 : Change a divide into a right shift in tcp_v6_send_ack()
In article [EMAIL PROTECTED] (at Fri, 21 Dec 2007 07:03:58 +0100), Eric Dumazet [EMAIL PROTECTED] says: Because tot_len is signed in tcp_v6_send_ack(), tot_len/4 forces compiler to emit an integer divide, while we can help it to use a right shift, less expensive. Are you really sure? At least, gcc-4.1.2-20061115 (debian) does not make any difference. And, IMHO, because shift for signed variable is fragile, so we should avoid using it. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [TCP] IPV6 : Change a divide into a right shift in tcp_v6_send_ack()
In article [EMAIL PROTECTED] (at Fri, 21 Dec 2007 08:39:24 +0100), Eric Dumazet [EMAIL PROTECTED] says: Okay, anyway, I'll convert them to unsigned int, which is more appropriate. I didnt chose this path, because David was against changing some fields from 'int' to 'unsigned'. If you look in other parts of networking, we have many 1 or 2 already there. I do think it is safe to convert them here. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[TCP]: Convert several length variable to unsigned.
Several length variables cannot be negative, so convert int to unsigned int. This also allows us to do sane shift operations on those variables. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] -- diff --git a/include/net/tcp.h b/include/net/tcp.h index cb5b033..f663a85 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -1153,7 +1153,8 @@ extern int tcp_v4_calc_md5_hash(char *md5_hash, struct dst_entry *dst, struct request_sock *req, struct tcphdr *th, -int protocol, int tcplen); +int protocol, +unsigned int tcplen); extern struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk, struct sock *addr_sk); @@ -1359,7 +1360,8 @@ struct tcp_sock_af_ops { struct dst_entry *dst, struct request_sock *req, struct tcphdr *th, - int protocol, int len); + int protocol, + unsigned int len); int (*md5_add) (struct sock *sk, struct sock *addr_sk, u8 *newkey, diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 652c323..601b4ca 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -99,7 +99,7 @@ static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk, static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, __be32 saddr, __be32 daddr, struct tcphdr *th, int protocol, - int tcplen); + unsigned int tcplen); #endif struct inet_hashinfo __cacheline_aligned tcp_hashinfo = { @@ -1020,7 +1020,7 @@ static int tcp_v4_parse_md5_keys(struct sock *sk, char __user *optval, static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, __be32 saddr, __be32 daddr, struct tcphdr *th, int protocol, - int tcplen) + unsinged int tcplen) { struct scatterlist sg[4]; __u16 data_len; @@ -1113,7 +1113,7 @@ int tcp_v4_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, struct dst_entry *dst, struct request_sock *req, struct tcphdr *th, int protocol, -int tcplen) +unsigned int tcplen) { __be32 saddr, daddr; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 93980c3..3b4169c 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -733,7 +733,7 @@ static int tcp_v6_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, struct in6_addr *saddr, struct in6_addr *daddr, struct tcphdr *th, int protocol, - int tcplen) + unsigned int tcplen) { struct scatterlist sg[4]; __u16 data_len; @@ -818,7 +818,7 @@ static int tcp_v6_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key, struct dst_entry *dst, struct request_sock *req, struct tcphdr *th, int protocol, - int tcplen) + unsigned int tcplen) { struct in6_addr *saddr, *daddr; @@ -985,7 +985,7 @@ static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb) struct tcphdr *th = tcp_hdr(skb), *t1; struct sk_buff *buff; struct flowi fl; - int tot_len = sizeof(*th); + unsigned int tot_len = sizeof(*th); #ifdef CONFIG_TCP_MD5SIG struct tcp_md5sig_key *key; #endif @@ -1085,7 +1085,7 @@ static void tcp_v6_send_ack(struct tcp_timewait_sock *tw, struct tcphdr *th = tcp_hdr(skb), *t1; struct sk_buff *buff; struct flowi fl; - int tot_len = sizeof(struct tcphdr); + unsigned int tot_len = sizeof(struct tcphdr); __be32 *topt; #ifdef CONFIG_TCP_MD5SIG struct tcp_md5sig_key *key; -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at
[GIT PULL] [NET]: Use {hton{s,l},cpu_to_be{16,32}}() where appropriate.
Hello. Please consider pulling the following changes from the branch net-2.6-dev-20071214 available at git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-dev.git which is on top of your net-2.6-devel tree. Regards, --- HEADLINES - [BRIDGE]: Use cpu_to_be16() where appropriate. [DECNET]: Use htons() where appropriate. [IEEE80211]: Use htons() where appropriate. [IPVS]: Use htons() where appropriate. [IRDA]: Use htons() where appropriate. [MAC80211]: Use htons() where appropriate. [RXRPC]: Use cpu_to_be32() where appropriate. [SUNRPC]: Use htonl() where appropriate. DIFFSTAT net/bridge/br_input.c |2 +- net/decnet/af_decnet.c |2 +- net/decnet/dn_nsp_out.c |2 +- net/decnet/dn_route.c |2 +- net/ieee80211/ieee80211_rx.c|4 ++-- net/ipv4/ipvs/ip_vs_proto.c |2 +- net/ipv4/ipvs/ip_vs_proto_esp.c | 16 net/irda/iriap.c|2 +- net/mac80211/rx.c |2 +- net/mac80211/wme.c |2 +- net/rxrpc/ar-connection.c |2 +- net/rxrpc/ar-input.c|4 ++-- net/rxrpc/rxkad.c |4 ++-- net/sunrpc/xprtrdma/rpc_rdma.c |6 +++--- 14 files changed, 26 insertions(+), 26 deletions(-) CHANGESETS -- commit 8979a93df4ca6b9b411296265ad3591d9f780569 Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Wed Dec 12 03:51:03 2007 +0900 [BRIDGE]: Use cpu_to_be16() where appropriate. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c index 0ee79a7..255c00f 100644 --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c @@ -109,7 +109,7 @@ static inline int is_link_local(const unsigned char *dest) { __be16 *a = (__be16 *)dest; static const __be16 *b = (const __be16 *)br_group_address; - static const __be16 m = __constant_cpu_to_be16(0xfff0); + static const __be16 m = cpu_to_be16(0xfff0); return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | ((a[2] ^ b[2]) m)) == 0; } --- commit c60e701fabb6c2371a9fab2aa6a71b00bfa3cc1d Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Wed Dec 12 03:51:49 2007 +0900 [DECNET]: Use htons() where appropriate. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/decnet/af_decnet.c b/net/decnet/af_decnet.c index 57d5749..acd48ee 100644 --- a/net/decnet/af_decnet.c +++ b/net/decnet/af_decnet.c @@ -1904,7 +1904,7 @@ static inline struct sk_buff *dn_alloc_send_pskb(struct sock *sk, struct sk_buff *skb = sock_alloc_send_skb(sk, datalen, noblock, errcode); if (skb) { - skb-protocol = __constant_htons(ETH_P_DNA_RT); + skb-protocol = htons(ETH_P_DNA_RT); skb-pkt_type = PACKET_OUTGOING; } return skb; diff --git a/net/decnet/dn_nsp_out.c b/net/decnet/dn_nsp_out.c index 7404653..1964faf 100644 --- a/net/decnet/dn_nsp_out.c +++ b/net/decnet/dn_nsp_out.c @@ -124,7 +124,7 @@ struct sk_buff *dn_alloc_skb(struct sock *sk, int size, gfp_t pri) if ((skb = alloc_skb(size + hdr, pri)) == NULL) return NULL; - skb-protocol = __constant_htons(ETH_P_DNA_RT); + skb-protocol = htons(ETH_P_DNA_RT); skb-pkt_type = PACKET_OUTGOING; if (sk) diff --git a/net/decnet/dn_route.c b/net/decnet/dn_route.c index 2d95cf1..20263d9 100644 --- a/net/decnet/dn_route.c +++ b/net/decnet/dn_route.c @@ -1551,7 +1551,7 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void kfree_skb(skb); return -ENODEV; } - skb-protocol = __constant_htons(ETH_P_DNA_RT); + skb-protocol = htons(ETH_P_DNA_RT); skb-dev = dev; cb-src = fl.fld_src; cb-dst = fl.fld_dst; --- commit 6a29ce9b3427655b4e54e64d156199262dc08078 Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Wed Dec 12 03:52:26 2007 +0900 [IEEE80211]: Use htons() where appropriate. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ieee80211/ieee80211_rx.c b/net/ieee80211/ieee80211_rx.c index 21c0fad..13b12a6 100644 --- a/net/ieee80211/ieee80211_rx.c +++ b/net/ieee80211/ieee80211_rx.c @@ -45,7 +45,7 @@ static void ieee80211_monitor_rx(struct ieee80211_device *ieee, skb_reset_mac_header(skb); skb_pull(skb, ieee80211_get_hdrlen(fc)); skb-pkt_type = PACKET_OTHERHOST; - skb-protocol = __constant_htons(ETH_P_80211_RAW); + skb-protocol = htons(ETH_P_80211_RAW); memset(skb-cb, 0, sizeof(skb-cb)); netif_rx(skb); } @@ -800,7 +800,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb, if (skb2 != NULL) { /* send to wireless media */ skb2-dev = dev;
Re: ip neigh show not showing arp cache entries?
In article [EMAIL PROTECTED] (at Wed, 12 Dec 2007 15:57:08 -0600), Chris Friesen [EMAIL PROTECTED] says: You may try other versions of this command http://devresources.linux-foundation.org/dev/iproute2/download/ They appear to be numbered by kernel version, and the above version is the most recent one for 2.6.14. Will more recent ones (for newer kernels) work with my kernel? It should work; if it doesn't, please make a report. Thanks. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2] XFRM: assorted IPsec fixups
In article [EMAIL PROTECTED] (at Tue, 11 Dec 2007 11:30:19 -0500), Paul Moore [EMAIL PROTECTED] says: diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 5b860b6..e2a3dd1 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c : @@ -1994,67 +1995,59 @@ void __init xfrm_state_init(void) static inline void xfrm_audit_common_stateinfo(struct xfrm_state *x, struct audit_buffer *audit_buf) { - if (x-security) - audit_log_format(audit_buf, sec_alg=%u sec_doi=%u sec_obj=%s, - x-security-ctx_alg, x-security-ctx_doi, - x-security-ctx_str); + struct xfrm_sec_ctx *ctx = x-security; + u32 spi = ntohl(x-id.spi); - switch(x-props.family) { - case AF_INET: - audit_log_format(audit_buf, src=%u.%u.%u.%u dst=%u.%u.%u.%u, - NIPQUAD(x-props.saddr.a4), - NIPQUAD(x-id.daddr.a4)); - break; - case AF_INET6: - { - struct in6_addr saddr6, daddr6; - - memcpy(saddr6, x-props.saddr.a6, - sizeof(struct in6_addr)); - memcpy(daddr6, x-id.daddr.a6, - sizeof(struct in6_addr)); - audit_log_format(audit_buf, - src= NIP6_FMT dst= NIP6_FMT, - NIP6(saddr6), NIP6(daddr6)); - } - break; - } +if (ctx) +audit_log_format(audit_buf, sec_alg=%u sec_doi=%u sec_obj=%s, + ctx-ctx_alg, ctx-ctx_doi, ctx-ctx_str); + +switch(x-props.family) { +case AF_INET: +audit_log_format(audit_buf, + src= NIPQUAD_FMT dst= NIPQUAD_FMT, + NIPQUAD(x-props.saddr.a4), + NIPQUAD(x-id.daddr.a4)); +break; +case AF_INET6: + audit_log_format(audit_buf, + src= NIP6_FMT dst= NIP6_FMT, + NIP6(*(struct in6_addr *)x-props.saddr.a6), + NIP6(*(struct in6_addr *)x-id.daddr.a6)); +break; +} + + audit_log_format(audit_buf, spi=%u(0x%x), spi, spi); } Please do not mangle tabs into spaces. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] IPv6 support for NFS server
In article [EMAIL PROTECTED] (at Tue, 11 Dec 2007 19:00:08 +0100), Aurélien Charbon [EMAIL PROTECTED] says: --- linux-2.6.24-rc4/include/net/ipv6.h 2007-12-10 16:11:38.0 +0100 +++ linux-2.6.24-rc4-IPv6-cache-based/include/net/ipv6.h 2007-12-11 17:52:39.0 +0100 @@ -400,6 +400,15 @@ static inline int ipv6_addr_v4mapped(con a-s6_addr32[2] == htonl(0x)); } +static inline void ipv6_addr_set_v4mapped(const __be32 addr, + struct in6_addr *v4mapped) +{ + ipv6_addr_set(v4mapped, + 0, 0, + __constant_htonl(0x), + addr); +} + /* * find the first different bit between two addresses * length of address must be a multiple of 32bits Use htonl() here, not __constant_htonl(). --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] NETLINK : kzalloc() conversion
In article [EMAIL PROTECTED] (at Tue, 11 Dec 2007 06:40:18 +0100), Eric Dumazet [EMAIL PROTECTED] says: nl_pid_hash_alloc() is renamed to nl_pid_hash_zalloc(). It is now returning zeroed memory to its callers. I do think you do not need (and you should not) rename it because XXX_zalloc() would imply we have raw XXX_alloc(). --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] [NET]: Remove unused mibalign argument for snmp_mib_init().
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- diff --git a/include/net/ip.h b/include/net/ip.h index 840dd91..7f18819 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -169,7 +169,7 @@ DECLARE_SNMP_STAT(struct linux_mib, net_statistics); #define NET_ADD_STATS_USER(field, adnd) SNMP_ADD_STATS_USER(net_statistics, field, adnd) extern unsigned long snmp_fold_field(void *mib[], int offt); -extern int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign); +extern int snmp_mib_init(void *ptr[2], size_t mibsize); extern void snmp_mib_free(void *ptr[2]); extern void inet_get_local_port_range(int *low, int *high); diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index d2f22e7..afee63e 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -1237,7 +1237,7 @@ unsigned long snmp_fold_field(void *mib[], int offt) } EXPORT_SYMBOL_GPL(snmp_fold_field); -int snmp_mib_init(void *ptr[2], size_t mibsize, size_t mibalign) +int snmp_mib_init(void *ptr[2], size_t mibsize) { BUG_ON(ptr == NULL); ptr[0] = __alloc_percpu(mibsize); @@ -1291,32 +1291,25 @@ static struct net_protocol icmp_protocol = { static int __init init_ipv4_mibs(void) { if (snmp_mib_init((void **)net_statistics, - sizeof(struct linux_mib), - __alignof__(struct linux_mib)) 0) + sizeof(struct linux_mib)) 0) goto err_net_mib; if (snmp_mib_init((void **)ip_statistics, - sizeof(struct ipstats_mib), - __alignof__(struct ipstats_mib)) 0) + sizeof(struct ipstats_mib)) 0) goto err_ip_mib; if (snmp_mib_init((void **)icmp_statistics, - sizeof(struct icmp_mib), - __alignof__(struct icmp_mib)) 0) + sizeof(struct icmp_mib)) 0) goto err_icmp_mib; if (snmp_mib_init((void **)icmpmsg_statistics, - sizeof(struct icmpmsg_mib), - __alignof__(struct icmpmsg_mib)) 0) + sizeof(struct icmpmsg_mib)) 0) goto err_icmpmsg_mib; if (snmp_mib_init((void **)tcp_statistics, - sizeof(struct tcp_mib), - __alignof__(struct tcp_mib)) 0) + sizeof(struct tcp_mib)) 0) goto err_tcp_mib; if (snmp_mib_init((void **)udp_statistics, - sizeof(struct udp_mib), - __alignof__(struct udp_mib)) 0) + sizeof(struct udp_mib)) 0) goto err_udp_mib; if (snmp_mib_init((void **)udplite_statistics, - sizeof(struct udp_mib), - __alignof__(struct udp_mib)) 0) + sizeof(struct udp_mib)) 0) goto err_udplite_mib; tcp_mib_init(); diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index d9a59e0..9d4896f 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -257,16 +257,13 @@ static void addrconf_mod_timer(struct inet6_ifaddr *ifp, static int snmp6_alloc_dev(struct inet6_dev *idev) { if (snmp_mib_init((void **)idev-stats.ipv6, - sizeof(struct ipstats_mib), - __alignof__(struct ipstats_mib)) 0) + sizeof(struct ipstats_mib)) 0) goto err_ip; if (snmp_mib_init((void **)idev-stats.icmpv6, - sizeof(struct icmpv6_mib), - __alignof__(struct icmpv6_mib)) 0) + sizeof(struct icmpv6_mib)) 0) goto err_icmp; if (snmp_mib_init((void **)idev-stats.icmpv6msg, - sizeof(struct icmpv6msg_mib), - __alignof__(struct icmpv6msg_mib)) 0) + sizeof(struct icmpv6msg_mib)) 0) goto err_icmpmsg; return 0; -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: 'default' vs. 'all'
In article [EMAIL PROTECTED] (at Sat, 08 Dec 2007 00:04:29 -0800 (PST)), David Miller [EMAIL PROTECTED] says: Herbert, Yoshifuji and I were just discussing the sysfs device attribute issue. It's seems sane to me that if we had some kind of 'dirty' bit per attribute we could propagate default settings everywhere except where the dirty bit had been set. One good event to propagate is the NETDEV_UP; if the dirty bit is not set when the device is brought up, copy the default values to the device. Regards, --yoshfuji @ Seattle -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH][NET]: Finish removing unused mibalign argument for snmp_mib_init().
Hello. In article [EMAIL PROTECTED] (at Sat, 8 Dec 2007 15:55:34 -0200), Arnaldo Carvalho de Melo [EMAIL PROTECTED] says: Signed-off-by: Arnaldo Carvalho de Melo [EMAIL PROTECTED] diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index 5ab8ba7..90d2f72 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -714,20 +714,19 @@ EXPORT_SYMBOL_GPL(ipv6_opt_accepted); static int __init init_ipv6_mibs(void) { - if (snmp_mib_init((void **)ipv6_statistics, sizeof (struct ipstats_mib), - __alignof__(struct ipstats_mib)) 0) + if (snmp_mib_init((void **)ipv6_statistics, + sizeof(struct ipstats_mib)) 0) goto err_ip_mib; Oops... thanks. Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [patch 0/3][IPV6]: remove ifdef in route6 init/fini functions
In article [EMAIL PROTECTED] (at Fri, 07 Dec 2007 14:13:25 +0100), Daniel Lezcano [EMAIL PROTECTED] says: The route6 init function is a little difficult to read because it contains a lot of ifdef. The patchset redefines the usual static inline functions when the code is to be disabled by configuration, so we can call the code without taking care of the config option in the init function. Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] [IPV6] XFRM: Fix auditing rt6i_flags; use RTF_xxx flags instead of RTCF_xxx.
RTCF_xxx flags, defined in include/linux/in_route.h) are available for IPv4 route (rtable) entries only. Use RTF_xxx flags instead, defined in include/linux/ipv6_route.h, for IPv6 route entries (rt6_info). Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] -- diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c index 82e27b8..b8e9eb4 100644 --- a/net/ipv6/xfrm6_policy.c +++ b/net/ipv6/xfrm6_policy.c @@ -233,7 +233,7 @@ __xfrm6_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int dst_prev-output = dst_prev-xfrm-outer_mode-afinfo-output; /* Sheit... I remember I did this right. Apparently, * it was magically lost, so this code needs audit */ - x-u.rt6.rt6i_flags= rt0-rt6i_flags(RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL); + x-u.rt6.rt6i_flags= rt0-rt6i_flags(RTF_ANYCAST|RTF_LOCAL); x-u.rt6.rt6i_metric = rt0-rt6i_metric; x-u.rt6.rt6i_node = rt0-rt6i_node; x-u.rt6.rt6i_gateway = rt0-rt6i_gateway; -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: XFRM and IPv6 raw sockets and multicast
Hello. In article [EMAIL PROTECTED] (at Tue, 4 Dec 2007 16:27:50 +0100), Hugo Santos [EMAIL PROTECTED] says: The behavior is the same as in UDP, but ipv6_pinfo-saddr is not usually set for these kind of sockets. I would say that if fl6_src is any, it should be copied from the ipv6 header. What do you mean by ipv6 header? Another question is why does raw.c require a msg_name? If inet-hdrincl was set, it could use the ipv6 header destination address in the absense of msg_name. I think hdrincl is broken (and even, say, deprecated) on IPv6. If we do really support it, if hdcincl is set, XFRM and other all extension header processes should be skipped, but they are not very clear at all so far. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: XFRM and IPv6 raw sockets and multicast
Hello. In article [EMAIL PROTECTED] (at Tue, 4 Dec 2007 17:01:43 +0100), Hugo Santos [EMAIL PROTECTED] says: If we do really support it, if hdcincl is set, XFRM and other all extension header processes should be skipped, but they are not very clear at all so far. I understand how some users of IPPROTO_RAW would want xfrm to be skipped, but on the other hand i also see the interoperation between the two as useful, to for instance allowing a ESP tunnel to be used by such packets. I do think all extension header, including fragment and/or XFRM, process should be skipped if hdrincl is set. --yoshfuji -- To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.5)
In article [EMAIL PROTECTED] (at Thu, 29 Nov 2007 21:29:40 +1100), Herbert Xu [EMAIL PROTECTED] says: On Mon, Nov 26, 2007 at 05:16:16PM +, Templin, Fred L wrote: From: Fred L. Templin [EMAIL PROTECTED] This patch includes support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using extensions to the iproute2 utility. The diffs are specific to the Linux 2.6.24-rc2 kernel distribution. This version includes the diff for ./include/linux/if.h which was missing in the v2.4 submission and is needed to make the patch compile. The patch has been installed, compiled and tested in a clean 2.6.24-rc2 kernel build area. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] Sorry, the patch doesn't apply to net-2.6.25. $ git apply --check --whitespace=error-all ~/p Space in indent is followed by a tab. /home/gondolin/herbert/p:101: %s: Disabled Multicast RS\n, Space in indent is followed by a tab. /home/gondolin/herbert/p:216: } Space in indent is followed by a tab. /home/gondolin/herbert/p:252: printk(KERN_DEBUG sit: nexthop == NULL\n); Space in indent is followed by a tab. /home/gondolin/herbert/p:254: } fatal: corrupt patch at line 269 $ There seems to be a line missing at the end. Please fix the white space errors and resend. I've fixed up those errors. -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA Subject: [PATCH] IPv6: RFC4214 Support (v2.5) Date: Mon, 26 Nov 2007 09:16:16 -0800 From: Fred L. Templin [EMAIL PROTECTED] This patch includes support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using extensions to the iproute2 utility. The diffs are specific to the Linux 2.6.24-rc2 kernel distribution. This version includes the diff for ./include/linux/if.h which was missing in the v2.4 submission and is needed to make the patch compile. The patch has been installed, compiled and tested in a clean 2.6.24-rc2 kernel build area. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- diff --git a/include/linux/if.h b/include/linux/if.h index 186070d..5c9d1fa 100644 --- a/include/linux/if.h +++ b/include/linux/if.h @@ -63,6 +63,7 @@ #define IFF_MASTER_ALB 0x10/* bonding master, balance-alb. */ #define IFF_BONDING0x20/* bonding master or slave */ #define IFF_SLAVE_NEEDARP 0x40 /* need ARPs for validation */ +#define IFF_ISATAP 0x80/* ISATAP interface (RFC4214) */ #define IF_GET_IFACE 0x0001 /* for querying only */ #define IF_GET_PROTO 0x0002 diff --git a/include/linux/if_tunnel.h b/include/linux/if_tunnel.h index 660b501..228eb4e 100644 --- a/include/linux/if_tunnel.h +++ b/include/linux/if_tunnel.h @@ -17,6 +17,9 @@ #define GRE_FLAGS __constant_htons(0x00F8) #define GRE_VERSION__constant_htons(0x0007) +/* i_flags values for SIT mode */ +#defineSIT_ISATAP 0x0001 + struct ip_tunnel_parm { charname[IFNAMSIZ]; diff --git a/include/linux/in.h b/include/linux/in.h index 3975cbf..a8f00ca 100644 --- a/include/linux/in.h +++ b/include/linux/in.h @@ -253,6 +253,14 @@ struct sockaddr_in { #define ZERONET(x) (((x) htonl(0xff00)) == htonl(0x)) #define LOCAL_MCAST(x) (((x) htonl(0xFF00)) == htonl(0xE000)) +/* Special-Use IPv4 Addresses (RFC3330) */ +#define PRIVATE_10(x) (((x) htonl(0xff00)) == htonl(0x0A00)) +#define LINKLOCAL_169(x) (((x) htonl(0x)) == htonl(0xA9FE)) +#define PRIVATE_172(x) (((x) htonl(0xfff0)) == htonl(0xAC10)) +#define TEST_192(x)(((x) htonl(0xff00)) == htonl(0xC200)) +#define ANYCAST_6TO4(x)(((x) htonl(0xff00)) == htonl(0xC0586300)) +#define PRIVATE_192(x) (((x) htonl(0x)) == htonl(0xC0A8)) +#define TEST_198(x)(((x) htonl(0xfffe)) == htonl(0xC612)) #endif #endif /* _LINUX_IN_H */ diff --git a/include/net/addrconf.h b/include/net/addrconf.h index bccc2fe..c56827d 100644 --- a/include/net/addrconf.h +++ b/include/net/addrconf.h @@ -17,6 +17,7 @@ #define IPV6_MAX_ADDRESSES 16 +#include linux/in.h #include linux/in6.h struct prefix_info { @@ -249,6 +250,24 @@ static inline int ipv6_addr_is_ll_all_routers(const struct in6_addr *addr) addr-s6_addr32[3] == htonl(0x0002)); } +static inline int ipv6_isatap_eui64(u8 *eui, __be32 addr) +{ + eui[0] = (ZERONET(addr) || PRIVATE_10(addr) || LOOPBACK(addr) || + LINKLOCAL_169(addr) || PRIVATE_172(addr) || TEST_192(addr) || + ANYCAST_6TO4(addr) || PRIVATE_192(addr) || TEST_198(addr) || + MULTICAST(addr) || BADCLASS(addr)) ? 0x00 :
Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.5)
In article [EMAIL PROTECTED] (at Mon, 26 Nov 2007 09:16:16 -0800), Templin, Fred L [EMAIL PROTECTED] says: From: Fred L. Templin [EMAIL PROTECTED] This patch includes support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using extensions to the iproute2 utility. The diffs are specific to the Linux 2.6.24-rc2 kernel distribution. This version includes the diff for ./include/linux/if.h which was missing in the v2.4 submission and is needed to make the patch compile. The patch has been installed, compiled and tested in a clean 2.6.24-rc2 kernel build area. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] Acked-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] Note: With linux-2.6: | % patch -p1 /tmp/isatap.patch | patching file include/linux/if.h | patching file include/linux/if_tunnel.h | patching file include/linux/in.h | patching file include/net/addrconf.h | patching file net/ipv6/addrconf.c | patching file net/ipv6/route.c | Hunk #1 succeeded at 1660 (offset -8 lines). | patching file net/ipv6/sit.c With net-2.6.24: | % patch -p1 /tmp/isatap.patch | % patch -p1 /tmp/isatap.patch | patching file include/linux/if.h | patching file include/linux/if_tunnel.h | patching file include/linux/in.h | patching file include/net/addrconf.h | patching file net/ipv6/addrconf.c | Hunk #1 succeeded at 378 (offset -1 lines). | Hunk #2 succeeded at 1441 (offset -1 lines). | Hunk #3 succeeded at 1479 (offset -1 lines). | Hunk #4 succeeded at 2210 (offset -1 lines). | patching file net/ipv6/route.c | Hunk #1 succeeded at 1727 (offset 59 lines). | patching file net/ipv6/sit.c --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC/PATCH] SO_NO_CHECK for IPv6
In article [EMAIL PROTECTED] (at Wed, 21 Nov 2007 07:45:32 -0500), Jeff Garzik [EMAIL PROTECTED] says: SO_NO_CHECK support for IPv6 appeared to be missing. This is presented, based on a reading of net/ipv4/udp.c. Disagree. UDP checksum is mandatory in IPv6. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC/PATCH] SO_NO_CHECK for IPv6
In article [EMAIL PROTECTED] (at Thu, 22 Nov 2007 10:34:03 +0800), Herbert Xu [EMAIL PROTECTED] says: On Wed, Nov 21, 2007 at 07:17:40PM -0500, Jeff Garzik wrote: For those interested, I am dealing with a UDP app that already does very strong checksumming and encryption, so additional software checksumming at the lower layers is quite simply a waste of CPU cycles. Hardware checksumming is fine, as long as its free. No matter how strong your underlying checksumming is it's not going to protect the IPv6 header is it :) In that sense, we should use AH. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
PATCH 1/4] [IPV4] TCPMD5: Omit redundant NULL check for kfree() argument.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- net/ipv4/tcp_ipv4.c |3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index e566f3c..ff36096 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -900,8 +900,7 @@ int tcp_v4_md5_do_add(struct sock *sk, __be32 addr, sizeof(*keys) * md5sig-entries4); /* Free old key list, and reference new one */ - if (md5sig-keys4) - kfree(md5sig-keys4); + kfree(md5sig-keys4); md5sig-keys4 = keys; md5sig-alloced4++; } -- 1.4.4.4 -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 2/4] [IPV4] TCPMD5: Use memmove() instead of memcpy() because we have overlaps.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- net/ipv4/tcp_ipv4.c |8 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index ff36096..652c323 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -938,10 +938,10 @@ int tcp_v4_md5_do_del(struct sock *sk, __be32 addr) tp-md5sig_info-alloced4 = 0; } else if (tp-md5sig_info-entries4 != i) { /* Need to do some manipulation */ - memcpy(tp-md5sig_info-keys4[i], - tp-md5sig_info-keys4[i+1], - (tp-md5sig_info-entries4 - i) * - sizeof(struct tcp4_md5sig_key)); + memmove(tp-md5sig_info-keys4[i], + tp-md5sig_info-keys4[i+1], + (tp-md5sig_info-entries4 - i) * +sizeof(struct tcp4_md5sig_key)); } tcp_free_md5sig_pool(); return 0; -- 1.4.4.4 - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 3/4] [IPV6] TCPMD5: Check return value of tcp_alloc_md5sig_pool().
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- net/ipv6/tcp_ipv6.c |5 - 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 3aad861..b1bfbdd 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -581,7 +581,10 @@ static int tcp_v6_md5_do_add(struct sock *sk, struct in6_addr *peer, } sk-sk_route_caps = ~NETIF_F_GSO_MASK; } - tcp_alloc_md5sig_pool(); + if (tcp_alloc_md5sig_pool() == NULL) { + kfree(newkey); + return -ENOMEM; + } if (tp-md5sig_info-alloced6 == tp-md5sig_info-entries6) { keys = kmalloc((sizeof (tp-md5sig_info-keys6[0]) * (tp-md5sig_info-entries6 + 1)), GFP_ATOMIC); -- 1.4.4.4 - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 4/4] [IPV6] TCPMD5: Fix deleting key operation.
Due to the bug, refcnt for md5sig pool was leaked when an user try to delete a key if we have more than one key. In addition to the leakage, we returned incorrect return result value for userspace. This fix should close Bug #9418, reported by [EMAIL PROTECTED]. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- net/ipv6/tcp_ipv6.c |6 ++ 1 files changed, 2 insertions(+), 4 deletions(-) diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index b1bfbdd..93980c3 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -637,10 +637,6 @@ static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer) kfree(tp-md5sig_info-keys6); tp-md5sig_info-keys6 = NULL; tp-md5sig_info-alloced6 = 0; - - tcp_free_md5sig_pool(); - - return 0; } else { /* shrink the database */ if (tp-md5sig_info-entries6 != i) @@ -649,6 +645,8 @@ static int tcp_v6_md5_do_del(struct sock *sk, struct in6_addr *peer) (tp-md5sig_info-entries6 - i) * sizeof (tp-md5sig_info-keys6[0])); } + tcp_free_md5sig_pool(); + return 0; } } return -ENOENT; -- 1.4.4.4 -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.4)
Hello. I'll take care of this. Regards, --yoshfuji In article [EMAIL PROTECTED] (at Tue, 20 Nov 2007 09:36:26 -0800), Templin, Fred L [EMAIL PROTECTED] says: From: Fred L. Templin [EMAIL PROTECTED] This patch includes support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using extensions to the iproute2 utility. The diffs are specific to the Linux 2.6.24-rc2 kernel distribution. This version reflects changes based on netdev list discussions on 11/14/07 thru 11/15/07. It does away with in-the-kernel RS/RA pinging and now asks that the task be performed by an application. The application will essentially entail a port of the FreeBSD 'rtsold' daemon, and will use the standard socket API. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] --- --- linux-2.6.24-rc2/include/linux/if_tunnel.h.orig 2007-11-19 03:54:12.0 -0800 +++ linux-2.6.24-rc2/include/linux/if_tunnel.h2007-11-19 03:55:58.0 -0800 @@ -17,6 +17,9 @@ #define GRE_FLAGS__constant_htons(0x00F8) #define GRE_VERSION __constant_htons(0x0007) +/* i_flags values for SIT mode */ +#define SIT_ISATAP 0x0001 + struct ip_tunnel_parm { charname[IFNAMSIZ]; --- linux-2.6.24-rc2/include/linux/in.h.orig 2007-11-09 08:00:32.0 -0800 +++ linux-2.6.24-rc2/include/linux/in.h 2007-11-12 07:37:05.0 -0800 @@ -253,6 +253,14 @@ struct sockaddr_in { #define ZERONET(x) (((x) htonl(0xff00)) == htonl(0x)) #define LOCAL_MCAST(x) (((x) htonl(0xFF00)) == htonl(0xE000)) +/* Special-Use IPv4 Addresses (RFC3330) */ +#define PRIVATE_10(x)(((x) htonl(0xff00)) == htonl(0x0A00)) +#define LINKLOCAL_169(x) (((x) htonl(0x)) == htonl(0xA9FE)) +#define PRIVATE_172(x) (((x) htonl(0xfff0)) == htonl(0xAC10)) +#define TEST_192(x) (((x) htonl(0xff00)) == htonl(0xC200)) +#define ANYCAST_6TO4(x) (((x) htonl(0xff00)) == htonl(0xC0586300)) +#define PRIVATE_192(x) (((x) htonl(0x)) == htonl(0xC0A8)) +#define TEST_198(x) (((x) htonl(0xfffe)) == htonl(0xC612)) #endif #endif /* _LINUX_IN_H */ --- linux-2.6.24-rc2/include/net/addrconf.h.orig 2007-11-08 12:06:17.0 -0800 +++ linux-2.6.24-rc2/include/net/addrconf.h 2007-11-19 05:47:48.0 -0800 @@ -17,6 +17,7 @@ #define IPV6_MAX_ADDRESSES 16 +#include linux/in.h #include linux/in6.h struct prefix_info { @@ -241,6 +242,24 @@ static inline int ipv6_addr_is_ll_all_ro addr-s6_addr32[3] == htonl(0x0002)); } +static inline int ipv6_isatap_eui64(u8 *eui, __be32 addr) +{ + eui[0] = (ZERONET(addr) || PRIVATE_10(addr) || LOOPBACK(addr) || + LINKLOCAL_169(addr) || PRIVATE_172(addr) || TEST_192(addr) || + ANYCAST_6TO4(addr) || PRIVATE_192(addr) || TEST_198(addr) || + MULTICAST(addr) || BADCLASS(addr)) ? 0x00 : 0x02; + eui[1] = 0; + eui[2] = 0x5E; + eui[3] = 0xFE; + memcpy (eui+4, addr, 4); + return 0; +} + +static inline int ipv6_addr_is_isatap(const struct in6_addr *addr) +{ + return ((addr-s6_addr32[2] | htonl(0x0200)) == htonl(0x02005EFE)); +} + #ifdef CONFIG_PROC_FS extern int if6_proc_init(void); extern void if6_proc_exit(void); --- linux-2.6.24-rc2/net/ipv6/addrconf.c.orig 2007-11-19 03:43:06.0 -0800 +++ linux-2.6.24-rc2/net/ipv6/addrconf.c 2007-11-19 13:29:36.0 -0800 @@ -379,6 +379,13 @@ static struct inet6_dev * ipv6_add_dev(s %s: Disabled Privacy Extensions\n, dev-name); ndev-cnf.use_tempaddr = -1; + + if (dev-type == ARPHRD_SIT (dev-priv_flags IFF_ISATAP)) { + printk(KERN_INFO +%s: Disabled Multicast RS\n, +dev-name); + ndev-cnf.rtr_solicits = 0; + } } else { in6_dev_hold(ndev); ipv6_regen_rndid((unsigned long) ndev); @@ -1435,6 +1442,9 @@ static int ipv6_generate_eui64(u8 *eui, return addrconf_ifid_arcnet(eui, dev); case ARPHRD_INFINIBAND: return addrconf_ifid_infiniband(eui, dev); + case ARPHRD_SIT: + if (dev-priv_flags IFF_ISATAP) + return ipv6_isatap_eui64(eui, *(__be32 *)dev-dev_addr); } return -1; } @@ -1470,7 +1480,7 @@ regen: * * - Reserved subnet anycast (RFC 2526) * 1101 1111 1xxx - * - ISATAP (draft-ietf-ngtrans-isatap-13.txt) 5.1 + * - ISATAP (RFC4214) 6.1 * 00-00-5E-FE-xx-xx-xx-xx * - value 0 * - XXX: already assigned to an address on the device @@ -2201,6 +2211,16 @@ static void
Re: [PATCH 6/6 net-2.6.25][RAW] Consolidate proc interface
NAK. In article [EMAIL PROTECTED] (at Fri, 16 Nov 2007 17:19:27 +0300), Pavel Emelyanov [EMAIL PROTECTED] says: @@ -858,7 +852,7 @@ static struct sock *raw_get_first(struct seq_file *seq) ++state-bucket) { struct hlist_node *node; - sk_for_each(sk, node, raw_v4_hashinfo.ht[state-bucket]) + sk_for_each(sk, node, state-h-ht[state-bucket]) if (sk-sk_family == PF_INET) goto found; } This and -static struct sock *raw6_get_first(struct seq_file *seq) -{ - struct sock *sk; - struct hlist_node *node; - struct raw6_iter_state* state = raw6_seq_private(seq); - - for (state-bucket = 0; state-bucket RAW_HTABLE_SIZE; - ++state-bucket) - sk_for_each(sk, node, raw_v6_hashinfo.ht[state-bucket]) - if (sk-sk_family == PF_INET6) - goto out; - sk = NULL; -out: - return sk; -} - this are different. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.2)
In article [EMAIL PROTECTED] (at Wed, 14 Nov 2007 22:44:17 -0800), Templin, Fred L [EMAIL PROTECTED] says: --- linux-2.6.24-rc2/net/ipv6/addrconf.c.orig 2007-11-08 11:59:35.0 -0800 +++ linux-2.6.24-rc2/net/ipv6/addrconf.c 2007-11-14 22:17:28.0 -0800 @@ -1424,6 +1424,21 @@ static int addrconf_ifid_infiniband(u8 * return 0; } +static int addrconf_ifid_isatap(u8 *eui, __be32 addr) +{ + + eui[0] = 0x02; eui[1] = 0; eui[2] = 0x5E; eui[3] = 0xFE; + memcpy (eui+4, addr, 4); + + if (ZERONET(addr) || PRIVATE_10(addr) || LOOPBACK(addr) || + LINKLOCAL_169(addr) || PRIVATE_172(addr) || TEST_192(addr) || + ANYCAST_6TO4(addr) || PRIVATE_192(addr) || TEST_198(addr) || + MULTICAST(addr) || BADCLASS(addr)) + eui[0] = ~0x02; + + return 0; +} + static int ipv6_generate_eui64(u8 *eui, struct net_device *dev) { switch (dev-type) { { eui[0] = (ZERONET(addr) || PRIVATE_10(addr) || LOOPBACK(addr) || LINKLOCAL_169(addr) || PRIVATE_172(addr) || TEST_192(addr) || ANYCAST_6TO4(addr) || PRIVATE_192(addr) || TEST_198(addr) || MULTICAST(addr) || BADCLASS(addr)) ? 0 : 2; eui[1] = 0; eui[2] = 0x5E; eui[3] = 0xFE; memcpy (eui+4, addr, 4); } @@ -2167,7 +2185,8 @@ static void addrconf_dev_config(struct n (dev-type != ARPHRD_FDDI) (dev-type != ARPHRD_IEEE802_TR) (dev-type != ARPHRD_ARCNET) - (dev-type != ARPHRD_INFINIBAND)) { + (dev-type != ARPHRD_INFINIBAND) + !(dev-priv_flags IFF_ISATAP)) { /* Alas, we support only Ethernet autoconfiguration. */ return; } Because priv_flags are local to device type, you need to check dev-type: (dev-type == ARPHRD_SIT !(dev-priv_flags IFF_ISATAP)) or something like this. + struct ip_tunnel *t = netdev_priv(ifp-idev-dev); + if (t-parms.i_key != INADDR_NONE) { + spin_lock(ifp-lock); I guess INADDR_ANY. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.2)
In article [EMAIL PROTECTED] (at Wed, 14 Nov 2007 22:44:17 -0800), Templin, Fred L [EMAIL PROTECTED] says: From: Fred L. Templin [EMAIL PROTECTED] This patch includes support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using extensions to the iproute2 utility. The following diffs are specific to the Linux 2.6.24-rc2 kernel distribution. This message includes the full and patchable diff text; please use this version to apply patches. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] BTW, how will we handle DNS name (and TTL) and/or multiple PRL entries in RFC4214? I'm doubting if we really need to handle PRL refresh in kernel. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.2)
In article [EMAIL PROTECTED] (at Thu, 15 Nov 2007 10:11:16 -0800), Templin, Fred L [EMAIL PROTECTED] says: Yoshifuji, -Original Message- From: YOSHIFUJI Hideaki / 吉藤英明 [mailto:[EMAIL PROTECTED] Sent: Thursday, November 15, 2007 3:48 AM To: Templin, Fred L Cc: netdev@vger.kernel.org; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [PATCH 01/01] ipv6: RFC4214 Support (v2.2) In article [EMAIL PROTECTED] eing.com (at Wed, 14 Nov 2007 22:44:17 -0800), Templin, Fred L [EMAIL PROTECTED] says: From: Fred L. Templin [EMAIL PROTECTED] This patch includes support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using extensions to the iproute2 utility. The following diffs are specific to the Linux 2.6.24-rc2 kernel distribution. This message includes the full and patchable diff text; please use this version to apply patches. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] BTW, how will we handle DNS name (and TTL) and/or multiple PRL entries in RFC4214? I'm doubting if we really need to handle PRL refresh in kernel. DNS name and PRL refresh are done in a daemon that either exec's 'ip' or issues the device ioctl's directly. When there are multiple default router IPv4 addresses, the daemon picks one as the primary and writes it to the kernel. It can then change to a different primary later if it wants to. Also possible is something like VRRP to allow several routers for fault tolerance even though there is only a single default router address. Why? All PRLs should be installed in kernel so that standard router selection can be used. For this, I think we should have just one isatap interface per set of PRLs provideing virtual link, especially if each of them provides the same prefix. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 05/25] NFS: eliminate NIPQUAD(clp-cl_addr.sin_addr)
In article [EMAIL PROTECTED] (at Tue, 13 Nov 2007 13:31:27 -0500), Chuck Lever [EMAIL PROTECTED] says: clp-rpc_ops-version, -NIPQUAD(clp-cl_addr.sin_addr), -ntohs(clp-cl_addr.sin_port), +rpc_peeraddr2str(clp-cl_rpcclient, RPC_DISPLAY_HEX_ADDR), +rpc_peeraddr2str(clp-cl_rpcclient, RPC_DISPLAY_HEX_PORT), atomic_read(clp-cl_count), Is this really safe? --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[GIT PULL] RFC3484 Configurable Policy Table.
David, Please consider pulling from inet6-2.6.25 branch at git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-dev.git which contains the following commits on top of your net-2.6.25 tree. Regards, -- HEADLINES - [IPV6] ADDRCONF: Rename ipv6_saddr_label() to ipv6_addr_label(). [IPV6] ADDRCONF: Allow address selection policy with ifindex. [IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table. DIFFSTAT include/linux/if_addrlabel.h | 32 ++ include/linux/rtnetlink.h|7 + include/net/addrconf.h |8 + net/ipv6/Makefile|1 net/ipv6/addrconf.c | 50 +--- net/ipv6/addrlabel.c | 551 ++ 6 files changed, 616 insertions(+), 33 deletions(-) CHANGESETS -- commit d4e85a45763d572e39f3c040253a4d7b45ca67aa Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Wed Nov 14 15:55:29 2007 +0900 [IPV6] ADDRCONF: Rename ipv6_saddr_label() to ipv6_addr_label(). This patch renames ipv6_saddr_label() to ipv6_addr_label() because address label is used for both of source address and destination address. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index f825b92..a30f4e3 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -875,7 +875,7 @@ static inline int ipv6_saddr_preferred(int type) } /* static matching label */ -static inline int ipv6_saddr_label(const struct in6_addr *addr, int type) +static inline int ipv6_addr_label(const struct in6_addr *addr, int type) { /* *prefix (longest match) label @@ -910,7 +910,7 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, struct inet6_ifaddr *ifa_result = NULL; int daddr_type = __ipv6_addr_type(daddr); int daddr_scope = __ipv6_addr_src_scope(daddr_type); - u32 daddr_label = ipv6_saddr_label(daddr, daddr_type); + u32 daddr_label = ipv6_addr_label(daddr, daddr_type); struct net_device *dev; memset(hiscore, 0, sizeof(hiscore)); @@ -1083,11 +1083,13 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, /* Rule 6: Prefer matching label */ if (hiscore.rule 6) { - if (ipv6_saddr_label(ifa_result-addr, hiscore.addr_type) == daddr_label) + if (ipv6_addr_label(ifa_result-addr, + hiscore.addr_type) == daddr_label) hiscore.attrs |= IPV6_SADDR_SCORE_LABEL; hiscore.rule++; } - if (ipv6_saddr_label(ifa-addr, score.addr_type) == daddr_label) { + if (ipv6_addr_label(ifa-addr, + score.addr_type) == daddr_label) { score.attrs |= IPV6_SADDR_SCORE_LABEL; if (!(hiscore.attrs IPV6_SADDR_SCORE_LABEL)) { score.rule = 6; --- commit 010ae4d3b1209c724050f10e1832fd8a54d40ef2 Author: YOSHIFUJI Hideaki [EMAIL PROTECTED] Date: Wed Nov 14 15:56:15 2007 +0900 [IPV6] ADDRCONF: Allow address selection policy with ifindex. Think patch allows ifindex to be a key for address selection policy table. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index a30f4e3..0076010 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -875,7 +875,8 @@ static inline int ipv6_saddr_preferred(int type) } /* static matching label */ -static inline int ipv6_addr_label(const struct in6_addr *addr, int type) +static inline int ipv6_addr_label(const struct in6_addr *addr, int type, + int ifindex) { /* *prefix (longest match) label @@ -910,7 +911,8 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, struct inet6_ifaddr *ifa_result = NULL; int daddr_type = __ipv6_addr_type(daddr); int daddr_scope = __ipv6_addr_src_scope(daddr_type); - u32 daddr_label = ipv6_addr_label(daddr, daddr_type); + int daddr_ifindex = daddr_dev ? daddr_dev-ifindex : 0; + u32 daddr_label = ipv6_addr_label(daddr, daddr_type, daddr_ifindex); struct net_device *dev; memset(hiscore, 0, sizeof(hiscore)); @@ -1084,12 +1086,14 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, /* Rule 6: Prefer matching label */ if (hiscore.rule 6) { if (ipv6_addr_label(ifa_result-addr, - hiscore.addr_type) == daddr_label) + hiscore.addr_type, + ifa_result-idev-dev-ifindex) ==
Re: [patch 1/1][NETNS][IPV6] protect addrconf from loopback registration
In article [EMAIL PROTECTED] (at Mon, 12 Nov 2007 12:50:53 -0700), [EMAIL PROTECTED] (Eric W. Biederman) says: My opinion is that both your analysis is slightly off (as to the cause of your problems) and that your approach to fix your problem is wrong because you don't untangle the knot you keep it. : I have register_pernet_subsys and register_per_net_device to ensure that when we create a new network namespace all of the subsystems are initialized before the network devices are initialize. So ipv6 should be ready before we initialize the new loopback device comes into existence. User may not load ipv6.ko at boot, and then do modprobe ipv6. Do you take this into account? --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: UDP-Lite and /proc/net/snmp
In article [EMAIL PROTECTED] (at Sat, 10 Nov 2007 21:14:29 +0800), Herbert Xu [EMAIL PROTECTED] says: It looks like the addition of UDP-Lite has upset netstat: $ netstat -s Ip: : Udp: 30 packets received 0 packets to unknown port received. 0 packet receive errors 17 packets sent UdpLite: error parsing /proc/net/snmp: Success $ Should we remove it again or let it stay this time? Hmm? netstat 1.42 (net-tools 1.60) seems fine. Which netstat are you using? --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: UDP-Lite and /proc/net/snmp
In article [EMAIL PROTECTED] (at Sat, 10 Nov 2007 22:33:25 +0800), Herbert Xu [EMAIL PROTECTED] says: On Sat, Nov 10, 2007 at 10:32:43PM +0900, YOSHIFUJI Hideaki / 吉藤英明 wrote: Hmm? netstat 1.42 (net-tools 1.60) seems fine. Which netstat are you using? The one from Debian etch: Hmm. netstat -s from etch (i386) and etch (x86_64) work fine for me. Same version, same architecture. Strange... --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 05/05] ipv6: RFC4214 Support (3)
In article [EMAIL PROTECTED] (at Fri, 09 Nov 2007 16:35:59 -0800), osprey67 [EMAIL PROTECTED] says: --- linux-2.6.24-rc2/include/linux/if_tunnel.h.orig 2007-11-09 09:06:16.0 -0800 +++ linux-2.6.24-rc2/include/linux/if_tunnel.h2007-11-09 15:49:54.0 -0800 @@ -25,6 +25,8 @@ struct ip_tunnel_parm __be16 o_flags; __be32 i_key; __be32 o_key; + __be32 router; + __be32 lifetime; struct iphdriph; }; No, you cannot simply change this. If you change ioctl structure, you need to change constants for SIOC{GET,ADD,CHG,DEL}TUNNEL. Rename ole ones to OSIOxxx and assign new values. If possible, new iproute2 should work with old kernels, and old iproute2 should work with new kernels (without new features). --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 04/05] ipv6: RFC4214 Support
In article [EMAIL PROTECTED] (at Wed, 7 Nov 2007 11:12:47 -0800), Templin, Fred L [EMAIL PROTECTED] says: The goal was to avoid requiring changes to applications such as 'iproute2', i.e., the intention was for a standalone code insertion point within the kernel itself. What do you suggest? Agreed, magic names are evil. Change iproute2 utilities, if it is more logical for administration. This being an experimental release, I would prefer to go forward with a standalone kernel solution for the first iteration then come back with the iproute2 changes at a later time. IMHO, we should only touch iproute2 once, and it should be an architected solution - not just a quick hack. For the short term, timeliness of interoperability testing with the other major OS's should be the highest priority, IMHO. Hmm, what is missing from API POV? Since even if you do not change iproute2 now, users may need to change their configuration script twice anyway, we should be careful. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 02/05] ipv6: RFC4214 Support (2)
In article [EMAIL PROTECTED] (at Thu, 08 Nov 2007 12:41:39 -0800), osprey67 [EMAIL PROTECTED] says: From: Fred L. Templin [EMAIL PROTECTED] This is experimental support for the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) per RFC4214. It uses the SIT module, and is configured using the unmodified ip utility with device names beginning with: isatap. The following diffs are specific to the Linux 2.6.24-rc2 kernel distribution. Signed-off-by: Fred L. Templin [EMAIL PROTECTED] Hmm...tabs are still mangled, and it's better to have your official address. Anyway... --- linux-2.6.24-rc2/include/net/addrconf.h.orig2007-11-08 12:06:17.0 -0800 +++ linux-2.6.24-rc2/include/net/addrconf.h 2007-11-08 08:27:24.0 -0800 @@ -241,6 +241,37 @@ static inline int ipv6_addr_is_ll_all_ro addr-s6_addr32[3] == htonl(0x0002)); } +#if defined(CONFIG_IPV6_ISATAP) +static inline int ipv6_isatap_eui64(u8 *eui, __be32 addr) +{ + + /* RFC3330 Special-Use IPv4 Addresses */ + eui[0] = (((addr htonl(0xFF00)) == htonl(0x)) || + ((addr htonl(0xFF00)) == htonl(0x0A00)) || + ((addr htonl(0xFF00)) == htonl(0x0D00)) || + ((addr htonl(0xFF00)) == htonl(0x1800)) || + ((addr htonl(0xFF00)) == htonl(0x7F00)) || + ((addr htonl(0x)) == htonl(0xA9FE)) || + ((addr htonl(0xFFF0)) == htonl(0xAC10)) || + ((addr htonl(0xFF00)) == htonl(0xC200)) || + ((addr htonl(0xFF00)) == htonl(0xC0586300)) || + ((addr htonl(0x)) == htonl(0xC0A8)) || + ((addr htonl(0xFFFE)) == htonl(0xC612)) || + ((addr htonl(0xF000)) == htonl(0xE000)) || + ((addr htonl(0xF000)) == htonl(0xF000))) ? + 0x00 : 0x02; + + eui[1] = 0; eui[2] = 0x5E; eui[3] = 0xFE; + memcpy (eui+4, addr, 4); + return 0; +} + Please put this function in net/ipv6/addrconf.c as addrconf_ifid_isatap(). Please use MULTICAST, LOCALNET etc. (and probaly introduce new macro for others). IMHO, it's better to add a comment for each entry, e.g., MULTICAST(addr) || /* 224.0.0.0/4 */ instead of ((addr htonl(0xF000)) == htonl(0xE000)) || +static inline int ipv6_addr_is_isatap(const struct in6_addr *addr) +{ + return ((addr-s6_addr32[2] | htonl(0x0200)) == htonl(0x02005EFE)); +} +#endif + ipv6_addr_isatap(), maybe (to align with ipv6_addr_any() etc.). --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 02/05] ipv6: RFC4214 Support
In article [EMAIL PROTECTED] (at Wed, 7 Nov 2007 10:24:50 -0800), Templin, Fred L [EMAIL PROTECTED] says: -Original Message- From: YOSHIFUJI Hideaki / 吉藤英明 [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 07, 2007 10:12 AM To: [EMAIL PROTECTED] Cc: Templin, Fred L; netdev@vger.kernel.org; [EMAIL PROTECTED] Subject: Re: [PATCH 02/05] ipv6: RFC4214 Support Hello. In article [EMAIL PROTECTED] (at Wed, 7 Nov 2007 16:58:59 +0100), Ingo Oeser [EMAIL PROTECTED] says: + eui[0] = 0; + + /* Check for RFC3330 global address ranges */ + if (((ipv4 = 0x0100) (ipv4 0x0a00)) || + ((ipv4 = 0x0b00) (ipv4 0x7f00)) || + ((ipv4 = 0x8000) (ipv4 0xa9fe)) || + ((ipv4 = 0xa9ff) (ipv4 0xac10)) || + ((ipv4 = 0xac20) (ipv4 0xc0a8)) || + ((ipv4 = 0xc0a9) (ipv4 0xc612)) || + ((ipv4 = 0xc614) (ipv4 0xe000))) eui[0] |= 0x2; + Instead of converting network to host byte order at runtime and comparing the results to constants, let the compiler convert the constants to network byte order and compare in network order. so use: if (((*addr = htonl(0x0100)) (*addr htonl(0x0a00))) || instead. The compiler will notice that 0x0100 is a constant and will use _constant_htonl() automatically. No, you cannot do this. When you check the range, you need to use host-byte order. I think the original poster was correct on this one; the addr comes in in network byte order, and the constants are depicted in host byte order. So, the suggested fix was to have htonl(const) to make all of the constants into network byte order while leaving addr alone. I don't understand. For example, 1.0.0.11 is valid IPv4 global address. In little-endian, this is not in the range of 0x0001 = addr = 0x000a (addr is 0x0b01). --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 02/05] ipv6: RFC4214 Support
Hello. In article [EMAIL PROTECTED] (at Wed, 7 Nov 2007 16:58:59 +0100), Ingo Oeser [EMAIL PROTECTED] says: + eui[0] = 0; + + /* Check for RFC3330 global address ranges */ + if (((ipv4 = 0x0100) (ipv4 0x0a00)) || + ((ipv4 = 0x0b00) (ipv4 0x7f00)) || + ((ipv4 = 0x8000) (ipv4 0xa9fe)) || + ((ipv4 = 0xa9ff) (ipv4 0xac10)) || + ((ipv4 = 0xac20) (ipv4 0xc0a8)) || + ((ipv4 = 0xc0a9) (ipv4 0xc612)) || + ((ipv4 = 0xc614) (ipv4 0xe000))) eui[0] |= 0x2; + Instead of converting network to host byte order at runtime and comparing the results to constants, let the compiler convert the constants to network byte order and compare in network order. so use: if (((*addr = htonl(0x0100)) (*addr htonl(0x0a00))) || instead. The compiler will notice that 0x0100 is a constant and will use _constant_htonl() automatically. No, you cannot do this. When you check the range, you need to use host-byte order. + +static inline int ipv6_addr_is_isatap(const struct in6_addr *addr) +{ + return (addr-s6_addr32[2] == __constant_htonl(0x02005EFE) || + addr-s6_addr32[2] == __constant_htonl(0x5EFE)); +} +#endif The compiler will notice that 0x0100 is a constant and will use _constant_htonl() automatically. Please use simply htonl(). Right. And, maybe, you can write as follows: return ((addr-s6_addr32[2] | htonl(0x0200)) == htonl(0x02005EFE)); --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 04/05] ipv6: RFC4214 Support
Hello. In article [EMAIL PROTECTED] (at Tue, 6 Nov 2007 17:16:11 -0800), Templin, Fred L [EMAIL PROTECTED] says: @@ -154,6 +155,14 @@ static struct ip_tunnel * ipip6_tunnel_l struct net_device *dev; char name[IFNAMSIZ]; +#if defined(CONFIG_IPV6_ISATAP) + /* ISATAP (RFC4214) - router address in daddr */ + if (!strncmp(parms-name, isatap, 6)) { + parms-i_key = parms-iph.daddr; + parms-iph.daddr = remote = 0; + } +#endif + for (tp = __ipip6_bucket(parms); (t = *tp) != NULL; tp = t-next) { if (local == t-parms.iph.saddr remote == t-parms.iph.daddr) return t; I do not think it is a good idea to change the behavior based on the interface name. @@ -182,6 +191,11 @@ static struct ip_tunnel * ipip6_tunnel_l dev-init = ipip6_tunnel_init; nt-parms = *parms; +#if defined(CONFIG_IPV6_ISATAP) + if (!strncmp(dev-name, isatap, 6)) + dev-priv_flags |= IFF_ISATAP; +#endif + ditto. + if (!(ipv6_addr_is_isatap(addr6)) || + (addr6-s6_addr32[3] != iph-saddr)) { +drop: + tunnel-stat.rx_errors++; you can unlock here. + dst_release(dst); + kfree_skb(skb); + read_unlock(ipip6_lock); + return 0; + } + dst_release(dst); + } +accept: +#endif --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 00/05] ipv6: RFC4214 Support
In article [EMAIL PROTECTED] (at Tue, 06 Nov 2007 21:37:50 -0800 (PST)), David Miller [EMAIL PROTECTED] says: From: David Stevens [EMAIL PROTECTED] Date: Tue, 6 Nov 2007 21:26:15 -0800 Last I heard, there are Intellectual Property claims with ISATAP, which is why the RFC is not standards track and which makes it effectively a proprietary protocol. Unless that's been resolved, I think the claim by the IP owner is that it can't be distributed without a license from them. So, maybe not worth the effort for an experimental RFC. If this is the case, I agree, we cannot include ISATAP support in the kernel. I guess license is no longer required for implementers of ISATAP. Is it right, Fred? https://datatracker.ietf.org/ipr/550/ --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [BUG] in inet6_create
In article [EMAIL PROTECTED] (at Thu, 01 Nov 2007 21:07:52 +0100), Roel Kluin [EMAIL PROTECTED] says: I got this bug recently, I am not sure whether this is related to any previously reported ones. It was a recently pulled git kernel. Also I have been hacking my kernel a bit lately, but I think that I haven't got any changes in the currently running kernel. Please try this. - [IPV6]: Ensure to initialize inetsw6 array before we start accepting socket. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index ecbd388..9ecd41b 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -789,6 +789,7 @@ static int __init inet6_init(void) /* Register the socket-side information for inet6_create. */ for(r = inetsw6[0]; r inetsw6[SOCK_MAX]; ++r) INIT_LIST_HEAD(r); + synchronize_net(); /* We MUST register RAW sockets before we create the ICMP6, * IGMP6, or NDISC control sockets. -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[RFC 1/2] [IPV6] ADDRCONF: Preparation for configurable address selection policy with ifindex.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- net/ipv6/addrconf.c | 14 ++ 1 files changed, 10 insertions(+), 4 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 348bd8d..8b408b7 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -877,7 +877,8 @@ static inline int ipv6_saddr_preferred(int type) } /* static matching label */ -static inline int ipv6_saddr_label(const struct in6_addr *addr, int type) +static inline int ipv6_addr_label(const struct in6_addr *addr, int type, + int ifindex) { /* *prefix (longest match) label @@ -912,7 +913,8 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, struct inet6_ifaddr *ifa_result = NULL; int daddr_type = __ipv6_addr_type(daddr); int daddr_scope = __ipv6_addr_src_scope(daddr_type); - u32 daddr_label = ipv6_saddr_label(daddr, daddr_type); + int daddr_ifindex = daddr_dev ? daddr_dev-ifindex : 0; + u32 daddr_label = ipv6_addr_label(daddr, daddr_type, daddr_ifindex); struct net_device *dev; memset(hiscore, 0, sizeof(hiscore)); @@ -1085,11 +1087,15 @@ int ipv6_dev_get_saddr(struct net_device *daddr_dev, /* Rule 6: Prefer matching label */ if (hiscore.rule 6) { - if (ipv6_saddr_label(ifa_result-addr, hiscore.addr_type) == daddr_label) + if (ipv6_addr_label(ifa_result-addr, + hiscore.addr_type, + ifa_result-idev-dev-ifindex) == daddr_label) hiscore.attrs |= IPV6_SADDR_SCORE_LABEL; hiscore.rule++; } - if (ipv6_saddr_label(ifa-addr, score.addr_type) == daddr_label) { + if (ipv6_addr_label(ifa-addr, + score.addr_type, + ifa-idev-dev-ifindex) == daddr_label) { score.attrs |= IPV6_SADDR_SCORE_LABEL; if (!(hiscore.attrs IPV6_SADDR_SCORE_LABEL)) { score.rule = 6; -- 1.4.4.4 - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[RFC 0/2] [IPV6] ADDRCONF: IPv6 configurable Default Address Selection support (TAKE 2)
This is the 2nd RFC for supporting configurable IPv6 Default Address Selection policy (RFC3484) based on 2.6.24-rc1. This is intended for 2.6.25. Major changes: - Use rtnetlink instead of ioctl/procfs. - Use RCU. Git tree is available at the branch named 2.6.24-rc1-addrlabel-20071030 at git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-dev.git iproute2 is available at the branch named addrlabel-20071030 at git://git.linux-ipv6.org/gitroot/yoshfuji/iproute2-dev.git -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
[RFC 2/2] [IPV6] ADDRCONF: Support RFC3484 configurable address selection policy table.
Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- include/linux/if_addrlabel.h | 55 include/linux/rtnetlink.h|7 + include/net/addrconf.h |8 + net/ipv6/Makefile|1 + net/ipv6/addrconf.c | 40 +--- net/ipv6/addrlabel.c | 566 ++ 6 files changed, 646 insertions(+), 31 deletions(-) diff --git a/include/linux/if_addrlabel.h b/include/linux/if_addrlabel.h new file mode 100644 index 000..66978a5 --- /dev/null +++ b/include/linux/if_addrlabel.h @@ -0,0 +1,55 @@ +/* + * ifaddrlabel.h - netlink interface for address labels + * + * Copyright (C)2007 USAGI/WIDE Project, All Rights Reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + *may be used to endorse or promote products derived from this software + *without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#ifndef __LINUX_IF_ADDRLABEL_H +#define __LINUX_IF_ADDRLABEL_H + +struct ifaddrlblmsg +{ + __u8ifal_family;/* Address family */ + __u8__ifal_reserved;/* Reserved */ + __u8ifal_prefixlen; /* Prefix length */ + __u8ifal_flags; /* Flags */ + __u32 ifal_index; /* Link index */ + __u32 ifal_seq; /* sequence number */ +}; + +enum +{ + IFAL_ADDRESS = 1, + IFAL_LABEL = 2, + __IFAL_MAX +}; + +#define IFAL_MAX (__IFAL_MAX - 1) + +#endif diff --git a/include/linux/rtnetlink.h b/include/linux/rtnetlink.h index 5bf6182..9a8bf01 100644 --- a/include/linux/rtnetlink.h +++ b/include/linux/rtnetlink.h @@ -100,6 +100,13 @@ enum { RTM_NEWNDUSEROPT = 68, #define RTM_NEWNDUSEROPT RTM_NEWNDUSEROPT + RTM_NEWADDRLABEL = 72, +#define RTM_NEWADDRLABEL RTM_NEWADDRLABEL + RTM_DELADDRLABEL, +#define RTM_NEWADDRLABEL RTM_NEWADDRLABEL + RTM_GETADDRLABEL, +#define RTM_GETADDRLABEL RTM_GETADDRLABEL + __RTM_MAX, #define RTM_MAX(((__RTM_MAX + 3) ~3) - 1) }; diff --git a/include/net/addrconf.h b/include/net/addrconf.h index 33b593e..bccc2fe 100644 --- a/include/net/addrconf.h +++ b/include/net/addrconf.h @@ -84,6 +84,14 @@ extern void addrconf_leave_solict(struct inet6_dev *idev, struct in6_addr *addr); /* + * IPv6 Address Label subsystem (addrlabel.c) + */ +extern int ipv6_addr_label_init(void); +extern voidipv6_addr_label_rtnl_register(void); +extern u32 ipv6_addr_label(const struct in6_addr *addr, + int type, int ifindex); + +/* * multicast prototypes (mcast.c) */ extern int ipv6_sock_mc_join(struct sock *sk, int ifindex, diff --git a/net/ipv6/Makefile b/net/ipv6/Makefile index 87c23a7..5ffa980 100644 --- a/net/ipv6/Makefile +++ b/net/ipv6/Makefile @@ -5,6 +5,7 @@ obj-$(CONFIG_IPV6) += ipv6.o ipv6-objs := af_inet6.o anycast.o ip6_output.o ip6_input.o addrconf.o \ + addrlabel.o \ route.o ip6_fib.o ipv6_sockglue.o ndisc.o udp.o udplite.o \ raw.o protocol.o icmp.o mcast.o reassembly.o tcp_ipv6.o \ exthdrs.o sysctl_net_ipv6.o datagram.o \ diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 8b408b7..5b6553f 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -876,36 +876,6 @@ static inline int ipv6_saddr_preferred(int type) return 0; } -/* static matching label */ -static inline int ipv6_addr_label(const struct in6_addr *addr, int type, -
[PATCH 2.6.24-rc] [IPV6] NDISC: Fix setting base_reachable_time_ms variable.
This bug was introduced by the commit d12af679bcf8995a237560bdf7a4d734f8df5dbb. Signed-off-by: YOSHIFUJI Hideaki [EMAIL PROTECTED] --- diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index 20cfc90..36f7dbf 100644 --- a/net/ipv6/ndisc.c +++ b/net/ipv6/ndisc.c @@ -1670,7 +1670,7 @@ int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, struct file * f filp, buffer, lenp, ppos); else if ((strcmp(ctl-procname, retrans_time_ms) == 0) || -(strcmp(ctl-procname, base_reacable_time_ms) == 0)) +(strcmp(ctl-procname, base_reachable_time_ms) == 0)) ret = proc_dointvec_ms_jiffies(ctl, write, filp, buffer, lenp, ppos); else -- YOSHIFUJI Hideaki @ USAGI Project [EMAIL PROTECTED] GPG-FP : 9022 65EB 1ECF 3AD1 0BDF 80D8 4807 F894 E062 0EEA - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [UDP6]: Restore sk_filter optimisation
In article [EMAIL PROTECTED] (at Mon, 29 Oct 2007 15:33:20 +0900), Mitsuru Chinen [EMAIL PROTECTED] says: Hello Herbert, Let me ask a question about this patch. After this patch was applied, 2 of the protocol stack behaviors were changed when it receives a UDP datagram with broken checksum: 1. udp6InDatagrams is incremented instead of udpInErrors 2. In userland, recvfrom() replies an error with EAGAIN. recvfrom() wasn't aware of such a packet before. Are these changes intentional? And, we're not sure how much the optimization's benefit is. It is even worse when we are handling multicast packets. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [Bugme-new] [Bug 9224] New: Settings to /proc/sys/net/ipv[46]/conf/all are not propagated
In article [EMAIL PROTECTED] (at Thu, 25 Oct 2007 09:16:52 -0700), Andrew Morton [EMAIL PROTECTED] says: Most recent kernel where this bug did not occur: 2.6.22 (not sure) Apparently a regression. I would say it is a bug, but it is not a regression. I mean, I believe this bug lives since 2.2. --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC][PATCH 0/3][XFRM]: Support packet processing error statistics.
In article [EMAIL PROTECTED] (at Tue, 23 Oct 2007 16:08:34 +0900), Masahide NAKAMURA [EMAIL PROTECTED] says: Monday 22 October 2007 21:28, jamal wrote: On Mon, 2007-22-10 at 15:11 +0900, Masahide NAKAMURA wrote: : This point is one of what I want to hear comment. My patch uses XFRM_MIB_XXX because I found LINUX_MIB_XXX definition at include/linux/snmp.h for TCP extended statistics at /proc/net/netstat and it does not seem to be defined by any RFC specification. Then I feel it is not so bad to use _MIB_ for them. Maybe we have another idea to merge them into LINUX_MIB. Now we have the following candidates: (1) my patch XFRM_MIB_INHDRERROR (2) some extender XFRM_XXX_INHDRERROR (XXX is requested) (3) not-mib extender XFRM_NOTMIB_INHDRERROR (4) no extender XFRM_INHDRERROR (5) merge linux-mib LINUX_MIB_XFRMINHDRERROR Comments? I would support (5) or (1). --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2/3] Lost locking in fl6_sock_lookup
In article [EMAIL PROTECTED] (at Thu, 18 Oct 2007 15:53:52 +0400), Pavel Emelyanov [EMAIL PROTECTED] says: This routine scans the ipv6_fl_list whose update is protected with the socket lock and the ip6_sk_fl_lock. struct ip6_flowlabel *fl = sfl-fl; if (fl-label == label) { + read_unlock_bh(ip6_sk_fl_lock); fl-lastuse = jiffies; atomic_inc(fl-users); return fl; We should increment fl-users within the critical section, shouldn't we? --yoshfuji - To unsubscribe from this list: send the line unsubscribe netdev in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html