of IPv6 SR.
[1] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-05
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/uapi/linux/seg6.h | 9 +++--
net/ipv6/exthdrs.c| 31 +++
net/ipv6/seg6_hmac.c | 8 -
cpu_to_node(cpu));
> if (!shash)
> return -ENOMEM;
> *per_cpu_ptr(algo->shashs, cpu) = shash;
>
>
Thanks
Acked-by: David Lebrun <david.leb...@uclouvain.be>
signature.asc
Description: OpenPGP digital signature
Add missing IPv6-SR header files in include/uapi/linux/Kbuild.
Also, prevent seg6_lwt_headroom() from being exported and add
missing linux/types.h include.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/uapi/linux/Kbuild | 4
include/uapi/linux/
0 ("ipv6: sr: add code base for control plane support of
> SR-IPv6")
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Cc: David Lebrun <david.leb...@uclouvain.be>
> ---
> net/ipv6/seg6.c |2 ++
> 1 file changed, 2 insert
On 08/31/2016 07:10 PM, Stephen Hemminger wrote:
> Since these are for control operations why a mutex?
I am not sure to understand the question. The spinlock is used on the
RCU write side of the namespace-wide parameters to prevent concurrent
writes.
David
signature.asc
Description: OpenPGP
On 08/31/2016 04:51 PM, Nicolas Dichtel wrote:
> Thanks for proposing this feature. It would be great to have it upstream.
>
Thanks for the feedback :)
> [snip]
>> +config IPV6_SEG6
>> +bool "IPv6: Segment Routing support"
>> +depends on IPV6
>> +---help---
>> + Experimental
On 08/29/2016 05:31 PM, Roopa Prabhu wrote:
> This looks fine. But, i am just trying to see if this can be rtnetlink.
> Have you considered it already ?.
> We would like to keep the API consistent or abstracted to accommodate SR-MPLS
> in the
> future too. so, any abstraction there will help.
>
On 08/29/2016 04:52 PM, Roopa Prabhu wrote:
> You will need to account for lwtunnel headroom ?
> https://patchwork.ozlabs.org/patch/662632/
>
> thanks,
> Roopa
Indeed, thanks
David
signature.asc
Description: OpenPGP digital signature
This patch adds support for per-socket SRH injection with the setsockopt
system call through the IPPROTO_IPV6, IPV6_RTHDR options.
The SRH is pushed through the ipv6_push_nfrag_opts function.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/Kconfig | 5 ++--
ne
.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_hmac.h | 6 +
include/net/seg6_hmac.h| 61 ++
include/uapi/linux/seg6_hmac.h | 20 ++
net/ipv6/seg6_hmac.c | 432 +
4 files changed, 519 inse
This patch prepares for insertion of SRH through setsockopt().
The new source address argument is used when an HMAC field is
present in the SRH, which must be filled. The HMAC signature
process requires the source address as input text.
Signed-off-by: David Lebrun <david.leb...@uclouvain
This patch enables the verification of the HMAC signature for transiting
SR-enabled packets, and its insertion on encapsulated/injected SRH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c | 10 ++
net/ipv6/seg6_iptunnel.c | 17 ++
The function ip6_route_input() is used in the seg6_iptunnel module
and thus needs to be exported when CONFIG_IPV6_SEG6_IPTUNNEL=m
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/route.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv6/route.c b/net/ipv6/r
signature is incorrect will be dropped.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 3 +
include/net/seg6.h| 10 +++
include/net/seg6_hmac.h | 1 +
include/uapi/linux/ipv6.h | 1 +
net/ipv6/Kconfig | 7 ++
net/ipv6/Ma
ode encap', then the SRH would be directly inserted
after the IPv6 header without outer encapsulation.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_iptunnel.h | 6 +
include/net/seg6.h | 11 ++
include/uapi/linux/lwtunnel.h | 1 +
return ENOTSUPP and will be implemented
in a future patch.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_genl.h | 6 ++
include/net/netns/ipv6.h | 3 +
include/net/seg6.h | 43 +
include/uapi/linux/seg6_genl.h | 32 +++
ne
tps://tools.ietf.org/html/draft-ietf-spring-segment-routing-09
[2] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-01
Any comment on the architecture, API and implementation would be very welcome.
Regards,
David Lebrun (9):
ipv6: implement dataplane support for rthdr type 4 (Segment Rout
.
This patch does not provide support for HMAC-signed packets.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 3 +
include/linux/seg6.h | 6 ++
include/uapi/linux/ipv6.h | 2 +
include/uapi/linux/seg6.h | 46 +++
net/ipv6/K
On 10/26/2016 05:54 PM, David Lebrun wrote:
> struct ipv6_sr_hdr {
> __u8nexthdr;
> __u8hdrlen;
> __u8type;
> __u8segments_left;
> __u8first_segment;
> __be16 flags;
> __u8reserved;
>
.
This patch does not provide support for HMAC-signed packets.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 1 +
include/linux/seg6.h | 6 ++
include/uapi/linux/ipv6.h | 2 +
include/uapi/linux/seg6.h | 48
net/ipv6/addr
return ENOTSUPP and will be implemented
in a future patch.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_genl.h | 6 ++
include/net/netns/ipv6.h | 1 +
include/net/seg6.h | 30 ++
include/uapi/linux/seg6_genl.h | 32 ++
ne
ode encap', then the SRH would be directly inserted
after the IPv6 header without outer encapsulation.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_iptunnel.h | 6 +
include/net/seg6.h | 1 +
include/uapi/linux/lwtunnel.h
-256 as required by the IETF draft), but
additional algorithms can be easily supported by simply adding an
entry into an array.
[1] https://tools.ietf.org/html/draft-ietf-spring-segment-routing-09
[2] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-02
David Le
.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_hmac.h | 6 +
include/net/seg6_hmac.h| 61 ++
include/uapi/linux/seg6_hmac.h | 20 ++
net/ipv6/Kconfig | 12 ++
net/ipv6/seg6_hmac.c
This patch adds support for per-socket SRH injection with the setsockopt
system call through the IPPROTO_IPV6, IPV6_RTHDR options.
The SRH is pushed through the ipv6_push_nfrag_opts function.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c
This patch enables the verification of the HMAC signature for transiting
SR-enabled packets, and its insertion on encapsulated/injected SRH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c | 10 ++
net/ipv6/seg6_iptunnel.c | 18 +++
signature is incorrect will be dropped.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 3 +
include/net/seg6.h| 10 +++
include/net/seg6_hmac.h | 1 +
include/uapi/linux/ipv6.h | 1 +
net/ipv6/Makefile | 1 +
net/ipv6/addr
This patch adds documentation for some SR-related per-interface
sysctls.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
Documentation/networking/seg6-sysctl.txt | 18 ++
1 file changed, 18 insertions(+)
create mode 100644 Documentation/networking/seg6-sysc
This patch prepares for insertion of SRH through setsockopt().
The new source address argument is used when an HMAC field is
present in the SRH, which must be filled. The HMAC signature
process requires the source address as input text.
Signed-off-by: David Lebrun <david.leb...@uclouvain
/html/draft-ietf-6man-segment-routing-header-02
David Lebrun (9):
ipv6: implement dataplane support for rthdr type 4 (Segment Routing
Header)
ipv6: sr: add code base for control plane support of SR-IPv6
ipv6: sr: add support for SRH encapsulation and injection with
lwtunnels
ipv6: sr
.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_hmac.h | 6 +
include/net/seg6_hmac.h| 61 ++
include/uapi/linux/seg6_hmac.h | 20 ++
net/ipv6/Kconfig | 12 ++
net/ipv6/seg6_hmac.c
.
This patch does not provide support for HMAC-signed packets.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 1 +
include/linux/seg6.h | 6 ++
include/uapi/linux/ipv6.h | 2 +
include/uapi/linux/seg6.h | 48
net/ipv6/addr
On 11/04/2016 05:26 PM, Tom Herbert wrote:
>> +
>> +int seg6_output(struct net *net, struct sock *sk, struct sk_buff *skb)
>> +{
>> + struct dst_entry *orig_dst = skb_dst(skb);
>> + struct dst_entry *dst = NULL;
>> + struct seg6_lwt *slwt;
>> + int err = -EINVAL;
>> +
>> +
.
This patch does not provide support for HMAC-signed packets.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 1 +
include/linux/seg6.h | 6 ++
include/net/seg6.h| 36 ++
include/uapi/linux/ipv6.h | 2 +
include/uapi/linu
This patch adds documentation for some SR-related per-interface
sysctls.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
Documentation/networking/seg6-sysctl.txt | 18 ++
1 file changed, 18 insertions(+)
create mode 100644 Documentation/networking/seg6-sysc
AH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_iptunnel.h | 6 +
include/net/seg6.h | 6 +
include/uapi/linux/lwtunnel.h | 1 +
include/uapi/linux/seg6_iptunnel.h | 44
net/core/lwtunnel.c| 2 +
net/ipv
This patch provides an implementation of the genetlink commands
to associate a given HMAC key identifier with an hashing algorithm
and a secret.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/seg6.c | 229
This patch prepares for insertion of SRH through setsockopt().
The new source address argument is used when an HMAC field is
present in the SRH, which must be filled. The HMAC signature
process requires the source address as input text.
Signed-off-by: David Lebrun <david.leb...@uclouvain
This patch adds support for per-socket SRH injection with the setsockopt
system call through the IPPROTO_IPV6, IPV6_RTHDR options.
The SRH is pushed through the ipv6_push_nfrag_opts function.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c
This patch enables the verification of the HMAC signature for transiting
SR-enabled packets, and its insertion on encapsulated/injected SRH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c | 10 ++
net/ipv6/seg6_iptunnel.
is dropped is the signature is incorrect).
Finally, a value of 1 means that any SR-enabled packet that does not
contain an HMAC signature or whose signature is incorrect will be dropped.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 3 +
include
outing-09
[2] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-02
David Lebrun (9):
ipv6: implement dataplane support for rthdr type 4 (Segment Routing
Header)
ipv6: sr: add code base for control plane support of SR-IPv6
ipv6: sr: add support for SRH encapsulation and injection
return ENOTSUPP and will be implemented
in a future patch.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_genl.h | 6 ++
include/net/netns/ipv6.h | 1 +
include/net/seg6.h | 16 +++
include/uapi/linux/seg6_genl.h | 32 ++
ne
On 11/10/2016 09:35 AM, Lorenzo Colitti wrote:
> Not sure how to fix this. The following makes IPv6 work again, but I
> suspect it mostly defeats the purpose of having SRH on by default:
>
> +#ifdef CONFIG_LWTUNNEL
> err = seg6_iptunnel_init();
> if (err)
> goto
;)
Tested with various combinations of CONFIG_IPV6 and CONFIG_LWTUNNEL.
Reported-by: Lorenzo Colitti <lore...@google.com>
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/Kconfig | 1 +
net/ipv6/Makefile | 3 ++-
net/ipv6/seg6.c | 8
3 files changed, 11 ins
pport for SRH encapsulation and
injection with lwtunnels")
Tested with various combinations of CONFIG_IPV6 and CONFIG_LWTUNNEL.
Reported-by: Lorenzo Colitti <lore...@google.com>
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/Kconfig | 1 +
net/ipv6/Makefile
On 11/10/2016 10:14 AM, Lorenzo Colitti wrote:
> So you'd split SRH functionality in three parts? Core (default on),
> lwtunnel (default off) and inline?
>
> It seems to me that once you've done the work to enable the core code
> to work when CONFIG_LWTUNNEL is off, you can just enable/disable
On 11/10/2016 02:40 AM, David Miller wrote:
> Series applied, but I wonder if using a Kconfig knob for the INLINE thing
> is overkill.
Thanks :)
The Kconfig knob was a response to the concern that direct header
insertion breaks things. Moreover, if the IETF decides that direct
header insertion
On 10/17/2016 07:17 PM, Tom Herbert wrote:
>> > + err = ip6_dst_lookup(net, sk, , );
> Please look at the use of dst_cache that I added in ila_lwt.c, I think
> the SR has similar properties and might be able to use dst_cache which
> is a significant performance improvement when source
On 10/17/2016 07:07 PM, Tom Herbert wrote:
>> +static inline void seg6_pernet_lock(struct net *net)
>> +{
>> + mutex_lock(_pernet(net)->lock);
>> +}
>> +
>> +static inline void seg6_pernet_unlock(struct net *net)
>> +{
>> + mutex_unlock(_pernet(net)->lock);
>> +}
>> +
> IMO it's better
On 10/17/2016 07:01 PM, Tom Herbert wrote:
>> +struct ipv6_sr_hdr {
>> + __u8nexthdr;
>> + __u8hdrlen;
>> + __u8type;
>> + __u8segments_left;
>> + __u8first_segment;
>> + __be16 flags;
>
> Bad alignment for 16 bit field could be unpleasant
On 10/17/2016 07:24 PM, Tom Herbert wrote:
> A lot of this looks generic and potentially useful in other cases
> where we we want to do HMAC over some headers (I'm thinking GUE can
> probably use some of this for header authentication). Might be nice to
> split out the generic pieces at some
On 10/17/2016 07:01 PM, Tom Herbert wrote:
>> > +
>> > + if (skb->ip_summed == CHECKSUM_COMPLETE)
>> > + skb->ip_summed = CHECKSUM_NONE;
>> > +
> Because the packet is being changed? Would it make sense to update the
> checksum complete value based on the changes being made.
On 11/14/2016 03:22 PM, Roopa Prabhu wrote:
> I prefer option b). most LWTUNNEL encaps are done this way.
>
> seg6 and seg6_iptunnel is new segment routing code and can be under
> CONFIG_IPV6_SEG6 which depends on CONFIG_LWTUNNEL and CONFIG_IPV6.
> CONFIG_IPV6_SEG6_HMAC could then depend on
On 11/23/2016 08:34 AM, Roopa Prabhu wrote:
> I can't seem to reproduce the problem you are seeing. still trying..
> I don't have CONFIG_LWTUNNEL set nor any of the other SEG6 configs.
> My CONFIG_IPV6 is on and compiled as a module. I have also tried disabling it.
> If you can send me the config,
CONFIG_IPV6_MPCONSIST_BUCKETSIZE.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/net/ip6_fib.h | 20
net/ipv6/Kconfig | 26 +
net/ipv6/Makefile | 1 +
net/ipv6/ip6_ecmp.c | 263 ++
net/ipv6/ip6_fib.c| 18 +++
On 11/28/2016 05:22 PM, David Miller wrote:
> Thanks for trying to solve this problem.
>
> But we really don't want this to be Kconfig gated. If we decide to
> support this it should be a run-time selectable option. Every
> distribution on the planet is going to turn your Kconfig option on, so
On 11/28/2016 09:32 PM, David Miller wrote:
> When I was working on the routing cache removal in ipv4 I compared
> using a stupid O(1) hash lookup of the FIB entries vs. the O(log n)
> fib_trie stuff actually in use.
>
> It did make a difference.
>
> This is a lookup that can be invoked 20
UNNEL={y,n}.
Reported-by: Lorenzo Colitti <lore...@google.com>
Suggested-by: Roopa Prabhu <ro...@cumulusnetworks.com>
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/Kconfig | 13 -
net/ipv6/Makefile | 5 +++--
net/ipv6/seg6.c | 8
3 files
Prabhu <ro...@cumulusnetworks.com>
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/net/lwtunnel.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/net/lwtunnel.h b/include/net/lwtunnel.h
index 82e76fe..d4c1c75 100644
--- a/include/net/lwtu
: enable CONFIG_LWTUNNEL or apply patch in attachment
David
From 51775d7223b6d5bd16cb5d09df9ba494fac8ffda Mon Sep 17 00:00:00 2001
From: David Lebrun <david.leb...@uclouvain.be>
Date: Tue, 15 Nov 2016 14:57:52 +0100
Subject: [PATCH net-next 1/1] ipv6: sr: add option to control lwtunne
On 11/13/2016 06:23 AM, David Miller wrote:
> This seems like such a huge mess, quite frankly.
>
> IPV6-SR has so many strange dependencies, a weird Kconfig option that is
> simply controlling what a responsible sysadmin should be allow to do if
> he chooses anyways.
>
> Every distribution is
return ENOTSUPP and will be implemented
in a future patch.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_genl.h | 6 ++
include/net/netns/ipv6.h | 1 +
include/net/seg6.h | 33 +++
include/uapi/linux/seg6_genl.h | 32 +++
ne
ode encap', then the SRH would be directly inserted
after the IPv6 header without outer encapsulation.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_iptunnel.h | 6 +
include/net/seg6.h | 3 +
include/uapi/linux/lwtunnel.h
This patch adds documentation for some SR-related per-interface
sysctls.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
Documentation/networking/seg6-sysctl.txt | 18 ++
1 file changed, 18 insertions(+)
create mode 100644 Documentation/networking/seg6-sysc
This patch prepares for insertion of SRH through setsockopt().
The new source address argument is used when an HMAC field is
present in the SRH, which must be filled. The HMAC signature
process requires the source address as input text.
Signed-off-by: David Lebrun <david.leb...@uclouvain
This patch adds support for per-socket SRH injection with the setsockopt
system call through the IPPROTO_IPV6, IPV6_RTHDR options.
The SRH is pushed through the ipv6_push_nfrag_opts function.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c
This patch enables the verification of the HMAC signature for transiting
SR-enabled packets, and its insertion on encapsulated/injected SRH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c | 10 ++
net/ipv6/seg6_iptunnel.c | 18 +++
signature is incorrect will be dropped.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 3 +
include/net/seg6.h| 6 ++
include/net/seg6_hmac.h | 1 +
include/uapi/linux/ipv6.h | 1 +
net/ipv6/Makefile | 1 +
net/ipv6/addr
.
This patch does not provide support for HMAC-signed packets.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 1 +
include/linux/seg6.h | 6 ++
include/net/seg6.h| 36 ++
include/uapi/linux/ipv6.h | 2 +
include/uapi/linu
f-spring-segment-routing-09
[2] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-02
David Lebrun (9):
ipv6: implement dataplane support for rthdr type 4 (Segment Routing
Header)
ipv6: sr: add code base for control plane support of SR-IPv6
ipv6: sr: add support for S
return ENOTSUPP and will be implemented
in a future patch.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_genl.h | 6 ++
include/net/netns/ipv6.h | 1 +
include/net/seg6.h | 16 +++
include/uapi/linux/seg6_genl.h | 32 ++
ne
ode encap', then the SRH would be directly inserted
after the IPv6 header without outer encapsulation.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_iptunnel.h | 6 +
include/net/seg6.h | 3 +
include/uapi/linux/lwtunnel.h
This patch adds support for per-socket SRH injection with the setsockopt
system call through the IPPROTO_IPV6, IPV6_RTHDR options.
The SRH is pushed through the ipv6_push_nfrag_opts function.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c
This patch enables the verification of the HMAC signature for transiting
SR-enabled packets, and its insertion on encapsulated/injected SRH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c | 10 ++
net/ipv6/seg6_iptunnel.
This patch provides an implementation of the genetlink commands
to associate a given HMAC key identifier with an hashing algorithm
and a secret.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/seg6.c | 229
This patch adds documentation for some SR-related per-interface
sysctls.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
Documentation/networking/seg6-sysctl.txt | 18 ++
1 file changed, 18 insertions(+)
create mode 100644 Documentation/networking/seg6-sysc
This patch prepares for insertion of SRH through setsockopt().
The new source address argument is used when an HMAC field is
present in the SRH, which must be filled. The HMAC signature
process requires the source address as input text.
Signed-off-by: David Lebrun <david.leb...@uclouvain
.
This patch does not provide support for HMAC-signed packets.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 3 +
include/linux/seg6.h | 6 ++
include/uapi/linux/ipv6.h | 2 +
include/uapi/linux/seg6.h | 46 +++
net/ipv6/K
On 10/17/2016 05:00 PM, David Miller wrote:
> Please ordre local variables from longest to shortest line (AKA reverse
> christmas tree layout).
>
> Please audit your entire submission for this problem.
>
>> +val = (struct in6_addr *)nla_data(info->attrs[SEG6_ATTR_DST]);
>
> Please remove
tps://tools.ietf.org/html/draft-ietf-spring-segment-routing-09
[2] https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-02
David Lebrun (9):
ipv6: implement dataplane support for rthdr type 4 (Segment Routing
Header)
ipv6: sr: add code base for control plane support of SR-IPv6
ipv6: sr:
ode encap', then the SRH would be directly inserted
after the IPv6 header without outer encapsulation.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_iptunnel.h | 6 +
include/net/seg6.h | 7 +
include/uapi/linux/lwtunnel.h | 1 +
return ENOTSUPP and will be implemented
in a future patch.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_genl.h | 6 ++
include/net/netns/ipv6.h | 3 +
include/net/seg6.h | 41
include/uapi/linux/seg6_genl.h | 33 +++
ne
.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6_hmac.h | 6 +
include/net/seg6_hmac.h| 61 ++
include/uapi/linux/seg6_hmac.h | 20 ++
net/ipv6/seg6_hmac.c | 432 +
4 files changed, 519 inse
signature is incorrect will be dropped.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/ipv6.h | 1 +
include/net/seg6.h| 5 +-
include/net/seg6_hmac.h | 1 +
include/uapi/linux/ipv6.h | 1 +
net/ipv6/Makefile | 2 +-
net/ipv6/addr
This patch prepares for insertion of SRH through setsockopt().
The new source address argument is used when an HMAC field is
present in the SRH, which must be filled. The HMAC signature
process requires the source address as input text.
Signed-off-by: David Lebrun <david.leb...@uclouvain
On 10/17/2016 04:57 PM, David Miller wrote:
> Please don't use packed, it results in extremely inefficient code on
> several architectures.
>
> You can simply declare the flags as two 8-bit pieces and all will work
> out fine.
Noted, will do
signature.asc
Description: OpenPGP digital
This patch adds support for per-socket SRH injection with the setsockopt
system call through the IPPROTO_IPV6, IPV6_RTHDR options.
The SRH is pushed through the ipv6_push_nfrag_opts function.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c
This patch enables the verification of the HMAC signature for transiting
SR-enabled packets, and its insertion on encapsulated/injected SRH.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/exthdrs.c | 6 ++
net/ipv6/seg6_iptunnel.c | 13 +
2
This patch adds documentation for some SR-related per-interface
sysctls.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
Documentation/networking/seg6-sysctl.txt | 18 ++
1 file changed, 18 insertions(+)
create mode 100644 Documentation/networking/seg6-sysc
This patch add commands to support the tunnel source properties
("ip sr tunsrc") and the HMAC key -> secret, algorithm binding
("ip sr hmac").
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
ip/Makefile| 2 +-
ip/ip.c| 3 +-
ip/ip_
This patch adds support for SEG6 encapsulation type
("ip route add ... encap seg6 ...").
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
ip/iproute.c | 6 +-
ip/iproute_lwtunnel.c | 160 ++
2 files changed
Control of internal SR structures: tunnel source ("ip sr tunsrc") and
HMAC ("ip sr hmac"). HMAC support enables to map an HMAC Key ID to
a pair of algorithm + secret.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
David Lebrun (3):
sr: add header files for
This patch add the necessary header files to interface with the SR-IPv6 kernel
implementation.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
include/linux/seg6.h | 54 +++
include/linux/seg6_genl.h
in seg6_hmac_init() and seg6_hmac_exit(). BHs are
re-enabled for the call to crypto_alloc_shash. Indeed, this function might
call try_module_get(), which cannot be called in atomic context.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/seg6_hmac.c | 15 ---
On 01/12/2017 09:26 PM, David Lebrun wrote:
> From: Vivien Didelot <vivien.dide...@savoirfairelinux.com>
No idea where does that come from, resending patch. Sorry about that Vivien.
David
signature.asc
Description: OpenPGP digital signature
also call smp_processor_id(), generating
a similar trace.
This patch uses raw_cpu_ptr() in seg6_hmac_init() rather than this_cpu_ptr()
and disable preemption when using dst_cache_* functions.
Signed-off-by: David Lebrun <david.leb...@uclouvain.be>
---
net/ipv6/seg6_hmac.c | 2 +-
ne
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Cc: David Lebrun <david.leb...@uclouvain.be>
> ---
> net/ipv6/seg6_hmac.c | 43 ++---
> 1 file changed, 3 insertions(+), 40 deletions(-)
>
> d
460260] [] entry_SYSCALL64_slow_path+0x25/0x25
Moreover, dst_cache_* functions also call smp_processor_id(), generating
a similar trace.
This patch uses raw_cpu_ptr() in seg6_hmac_init() rather than this_cpu_ptr()
and disable preemption when using dst_cache_* functions.
Signed-off-by: David Lebrun <
On 01/10/2017 07:33 PM, Stephen Hemminger wrote:
> I get all headers from santized kernel headers generated by
> $ make headers_install
> but the segmentation stuff is missing.
>
> When you added segment routing headers you forgot to export them.
> Please send a patch to
1 - 100 of 193 matches
Mail list logo