* Re: [PATCH] netfilter: unregister nf hooks, matches and targets in the reverse order
From: Jan Engelhardt @ 2010-10-01 23:57 UTC (permalink / raw)
To: Changli Gao; +Cc: Patrick McHardy, David S. Miller, netfilter-devel, netdev
In-Reply-To: <AANLkTi=AhK0jDM8WEf5tHhervKUpB6f4MR+mNx2moYuC@mail.gmail.com>
On Sunday 2010-09-19 07:58, Changli Gao wrote:
>On Thu, Sep 16, 2010 at 1:32 AM, Patrick McHardy <kaber@trash.net> wrote:
>> Am 02.09.2010 16:15, schrieb Changli Gao:
>>> Since we register nf hooks, matches and targets in order, we'd better
>>> unregister them in the reverse order.
>>
>> Why? Is there a specific bug you've noticed?
>>
>
>No, there isn't any bug. I just think unregistering them in the
>reverse order is more resonable, like the rollback when failing. And
>the code patched generates less object:
I support this.
^ permalink raw reply
* Re: problem with flowi structure
From: Jan Engelhardt @ 2010-10-01 23:46 UTC (permalink / raw)
To: Nicola Padovano; +Cc: Eric Dumazet, AIJAZ BAIG, netfilter-devel, netdev
In-Reply-To: <AANLkTi=hXc_ijNgxW+Q6jkRP_T1zjyy2mvKAdTSgeh7w@mail.gmail.com>
On Friday 2010-09-17 20:25, Nicola Padovano wrote:
>
>[CODE]
>if (hooknumber == NF_INET_LOCAL_IN) fl.nl_u.ip4_u.saddr = niph->saddr;
> //niph is the pointer to ip header of the packet to send
>if (hooknumber == NF_INET_FORWARD) fl.nl_u.ip4_u.saddr = 0;
>[/CODE]
>
>so, i don't understand why saddr = 0 when the hooknumber is NF_INET_FORWARD....
>
>this is the real problem.
0 is automatic address selection.
^ permalink raw reply
* Re: [patch v2 03/12] [PATCH 03/12] IPVS: compact ip_vs_sched_persist()
From: Julian Anastasov @ 2010-10-01 22:35 UTC (permalink / raw)
To: Simon Horman
Cc: lvs-devel, netdev, netfilter, netfilter-devel, Jan Engelhardt,
Stephen Hemminger, Wensong Zhang, Patrick McHardy
In-Reply-To: <20101001143941.949669349@akiko.akashicho.tokyo.vergenet.net>
Hello,
On Fri, 1 Oct 2010, Simon Horman wrote:
> Compact ip_vs_sched_persist() by setting up parameters
> and calling functions once.
>
> Signed-off-by: Simon Horman <horms@verge.net.au>
> ---
>
> v2
> * Make "union nf_inet_addr fwmark" const
> * Don't remove the comment next to the declaration of dport
> * Add a comment to the declaration of vport
>
> Index: lvs-test-2.6/net/netfilter/ipvs/ip_vs_core.c
> ===================================================================
> --- lvs-test-2.6.orig/net/netfilter/ipvs/ip_vs_core.c 2010-10-01 21:56:39.000000000 +0900
> +++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_core.c 2010-10-01 22:02:41.000000000 +0900
> @@ -193,10 +193,14 @@ ip_vs_sched_persist(struct ip_vs_service
> struct ip_vs_iphdr iph;
> struct ip_vs_dest *dest;
> struct ip_vs_conn *ct;
> - __be16 dport; /* destination port to forward */
> + int protocol = iph.protocol;
> + __be16 dport = 0; /* destination port to forward */
> + __be16 vport = 0; /* virtual service port */
> unsigned int flags;
> union nf_inet_addr snet; /* source network of the client,
> after masking */
> + const union nf_inet_addr fwmark = { .ip = htonl(svc->fwmark) };
> + const union nf_inet_addr *vaddr = &iph.daddr;
>
> ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph);
>
> @@ -227,119 +231,58 @@ ip_vs_sched_persist(struct ip_vs_service
> * service, and a template like <caddr, 0, vaddr, vport, daddr, dport>
> * is created for other persistent services.
> */
> - if (ports[1] == svc->port) {
> - /* Check if a template already exists */
> - if (svc->port != FTPPORT)
> - ct = ip_vs_ct_in_get(svc->af, iph.protocol, &snet, 0,
> - &iph.daddr, ports[1]);
> - else
> - ct = ip_vs_ct_in_get(svc->af, iph.protocol, &snet, 0,
> - &iph.daddr, 0);
> -
> - if (!ct || !ip_vs_check_template(ct)) {
> - /*
> - * No template found or the dest of the connection
> - * template is not available.
> - */
> - dest = svc->scheduler->schedule(svc, skb);
> - if (dest == NULL) {
> - IP_VS_DBG(1, "p-schedule: no dest found.\n");
> - return NULL;
> - }
> -
> - /*
> - * Create a template like <protocol,caddr,0,
> - * vaddr,vport,daddr,dport> for non-ftp service,
> - * and <protocol,caddr,0,vaddr,0,daddr,0>
> - * for ftp service.
> + {
> + if (ports[1] == svc->port) {
> + /* non-FTP template:
> + * <protocol, caddr, 0, vaddr, vport, daddr, dport>
> + * FTP template:
> + * <protocol, caddr, 0, vaddr, 0, daddr, 0>
> */
> if (svc->port != FTPPORT)
> - ct = ip_vs_conn_new(svc->af, iph.protocol,
> - &snet, 0,
> - &iph.daddr,
> - ports[1],
> - &dest->addr, dest->port,
> - IP_VS_CONN_F_TEMPLATE,
> - dest);
> - else
> - ct = ip_vs_conn_new(svc->af, iph.protocol,
> - &snet, 0,
> - &iph.daddr, 0,
> - &dest->addr, 0,
> - IP_VS_CONN_F_TEMPLATE,
> - dest);
> - if (ct == NULL)
> - return NULL;
> -
> - ct->timeout = svc->timeout;
> + vport = ports[1];
> } else {
> - /* set destination with the found template */
> - dest = ct->dest;
> - }
> - dport = dest->port;
> - } else {
> - /*
> - * Note: persistent fwmark-based services and persistent
> - * port zero service are handled here.
> - * fwmark template: <IPPROTO_IP,caddr,0,fwmark,0,daddr,0>
> - * port zero template: <protocol,caddr,0,vaddr,0,daddr,0>
> - */
> - if (svc->fwmark) {
> - union nf_inet_addr fwmark = {
> - .ip = htonl(svc->fwmark)
> - };
> -
> - ct = ip_vs_ct_in_get(svc->af, IPPROTO_IP, &snet, 0,
> - &fwmark, 0);
> - } else
> - ct = ip_vs_ct_in_get(svc->af, iph.protocol, &snet, 0,
> - &iph.daddr, 0);
> -
> - if (!ct || !ip_vs_check_template(ct)) {
> - /*
> - * If it is not persistent port zero, return NULL,
> - * otherwise create a connection template.
> + /* Note: persistent fwmark-based services and
> + * persistent port zero service are handled here.
> + * fwmark template:
> + * <IPPROTO_IP,caddr,0,fwmark,0,daddr,0>
> + * port zero template:
> + * <protocol,caddr,0,vaddr,0,daddr,0>
> */
> - if (svc->port)
> - return NULL;
> -
> - dest = svc->scheduler->schedule(svc, skb);
> - if (dest == NULL) {
> - IP_VS_DBG(1, "p-schedule: no dest found.\n");
> - return NULL;
> + if (svc->fwmark) {
> + protocol = IPPROTO_IP;
> + vaddr = &fwmark;
> }
> + }
> + }
>
> - /*
> - * Create a template according to the service
> - */
> - if (svc->fwmark) {
> - union nf_inet_addr fwmark = {
> - .ip = htonl(svc->fwmark)
> - };
> -
> - ct = ip_vs_conn_new(svc->af, IPPROTO_IP,
> - &snet, 0,
> - &fwmark, 0,
> - &dest->addr, 0,
> - IP_VS_CONN_F_TEMPLATE,
> - dest);
> - } else
> - ct = ip_vs_conn_new(svc->af, iph.protocol,
> - &snet, 0,
> - &iph.daddr, 0,
> - &dest->addr, 0,
> - IP_VS_CONN_F_TEMPLATE,
> - dest);
> - if (ct == NULL)
> - return NULL;
> + /* Check if a template already exists */
> + ct = ip_vs_ct_in_get(svc->af, protocol, &snet, 0, vaddr, vport);
>
> - ct->timeout = svc->timeout;
> - } else {
> - /* set destination with the found template */
> - dest = ct->dest;
> + if (!ct || !ip_vs_check_template(ct)) {
> + /* No template found or the dest of the connection
> + * template is not available.
> + */
> + dest = svc->scheduler->schedule(svc, skb);
> + if (!dest) {
> + IP_VS_DBG(1, "p-schedule: no dest found.\n");
> + return NULL;
> }
> - dport = ports[1];
> - }
> +
> + if (ports[1] == svc->port && svc->port != FTPPORT)
> + dport = dest->port;
> +
> + /* Create a template */
> + ct = ip_vs_conn_new(svc->af, protocol, &snet, 0,vaddr, vport,
> + &dest->addr, dport,
> + IP_VS_CONN_F_TEMPLATE, dest);
> + if (ct == NULL)
> + return NULL;
> +
> + ct->timeout = svc->timeout;
> + } else
> + /* set destination with the found template */
> + dest = ct->dest;
Here dport:
> + dport = dest->port;
should be:
dport = ports[1];
if (dport == svc->port && dest->port)
dport = dest->port;
> flags = (svc->flags & IP_VS_SVC_F_ONEPACKET
> && iph.protocol == IPPROTO_UDP)?
Regards
--
Julian Anastasov <ja@ssi.bg>
^ permalink raw reply
* Re: [PATCH] Fix out-of-bounds reading in sctp_asoc_get_hmac()
From: Vlad Yasevich @ 2010-10-01 22:13 UTC (permalink / raw)
To: Dan Rosenberg; +Cc: sri, linux-sctp, linux-kernel, security, stable, netdev
In-Reply-To: <1285969907.2814.49.camel@Dan>
On 10/01/2010 05:51 PM, Dan Rosenberg wrote:
> The sctp_asoc_get_hmac() function iterates through a peer's hmac_ids
> array and attempts to ensure that only a supported hmac entry is
> returned. The current code fails to do this properly - if the last id
> in the array is out of range (greater than SCTP_AUTH_HMAC_ID_MAX), the
> id integer remains set after exiting the loop, and the address of an
> out-of-bounds entry will be returned and subsequently used in the parent
> function, causing potentially ugly memory corruption. This patch resets
> the id integer to 0 on encountering an invalid id so that NULL will be
> returned after finishing the loop if no valid ids are found.
>
> Signed-off-by: Dan Rosenberg<drosenberg@vsecurity.com>
Good catch.
Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com>
-vlad
>
> --- linux-2.6.35.5.orig/net/sctp/auth.c 2010-09-20 16:59:09.000000000 -0400
> +++ linux-2.6.35.5/net/sctp/auth.c 2010-10-01 16:48:58.000000000 -0400
> @@ -543,16 +543,20 @@ struct sctp_hmac *sctp_auth_asoc_get_hma
> id = ntohs(hmacs->hmac_ids[i]);
>
> /* Check the id is in the supported range */
> - if (id> SCTP_AUTH_HMAC_ID_MAX)
> + if (id> SCTP_AUTH_HMAC_ID_MAX) {
> + id = 0;
> continue;
> + }
>
> /* See is we support the id. Supported IDs have name and
> * length fields set, so that we can allocated and use
> * them. We can safely just check for name, for without the
> * name, we can't allocate the TFM.
> */
> - if (!sctp_hmac_list[id].hmac_name)
> + if (!sctp_hmac_list[id].hmac_name) {
> + id = 0;
> continue;
> + }
>
> break;
> }
>
>
^ permalink raw reply
* [PATCH] Fix out-of-bounds reading in sctp_asoc_get_hmac()
From: Dan Rosenberg @ 2010-10-01 21:51 UTC (permalink / raw)
To: vladislav.yasevich, sri
Cc: linux-sctp, linux-kernel, security, stable, netdev
The sctp_asoc_get_hmac() function iterates through a peer's hmac_ids
array and attempts to ensure that only a supported hmac entry is
returned. The current code fails to do this properly - if the last id
in the array is out of range (greater than SCTP_AUTH_HMAC_ID_MAX), the
id integer remains set after exiting the loop, and the address of an
out-of-bounds entry will be returned and subsequently used in the parent
function, causing potentially ugly memory corruption. This patch resets
the id integer to 0 on encountering an invalid id so that NULL will be
returned after finishing the loop if no valid ids are found.
Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
--- linux-2.6.35.5.orig/net/sctp/auth.c 2010-09-20 16:59:09.000000000 -0400
+++ linux-2.6.35.5/net/sctp/auth.c 2010-10-01 16:48:58.000000000 -0400
@@ -543,16 +543,20 @@ struct sctp_hmac *sctp_auth_asoc_get_hma
id = ntohs(hmacs->hmac_ids[i]);
/* Check the id is in the supported range */
- if (id > SCTP_AUTH_HMAC_ID_MAX)
+ if (id > SCTP_AUTH_HMAC_ID_MAX) {
+ id = 0;
continue;
+ }
/* See is we support the id. Supported IDs have name and
* length fields set, so that we can allocated and use
* them. We can safely just check for name, for without the
* name, we can't allocate the TFM.
*/
- if (!sctp_hmac_list[id].hmac_name)
+ if (!sctp_hmac_list[id].hmac_name) {
+ id = 0;
continue;
+ }
break;
}
^ permalink raw reply
* Re: [patch v2 08/12] [PATCH 08/12] IPVS: Add persistence engine data to /proc/net/ip_vs_conn
From: Julian Anastasov @ 2010-10-01 21:50 UTC (permalink / raw)
To: Simon Horman
Cc: lvs-devel, netdev, netfilter, netfilter-devel, Jan Engelhardt,
Stephen Hemminger, Wensong Zhang, Patrick McHardy
In-Reply-To: <20101001143942.382352880@akiko.akashicho.tokyo.vergenet.net>
Hello,
On Fri, 1 Oct 2010, Simon Horman wrote:
> Index: lvs-test-2.6/net/netfilter/ipvs/ip_vs_conn.c
> ===================================================================
> --- lvs-test-2.6.orig/net/netfilter/ipvs/ip_vs_conn.c 2010-10-01 22:27:17.000000000 +0900
> +++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_conn.c 2010-10-01 22:27:32.000000000 +0900
> @@ -938,30 +938,44 @@ static int ip_vs_conn_seq_show(struct se
>
> if (v == SEQ_START_TOKEN)
> seq_puts(seq,
> - "Pro FromIP FPrt ToIP TPrt DestIP DPrt State Expires\n");
> + "Pro FromIP FPrt ToIP TPrt DestIP DPrt State Expires PEName PEData\n");
> else {
> const struct ip_vs_conn *cp = v;
> + char pe_data[IP_VS_PENAME_MAXLEN + IP_VS_PEDATA_MAXLEN + 3];
> + size_t len = 0;
> +
Add check for cp->dest, it is optional:
> + if (cp->dest->svc->pe && cp->dest->svc->pe->show_pe_data) {
> + pe_data[0] = ' ';
> + len = strlen(cp->dest->svc->pe->name);
> + memcpy(pe_data + 1, cp->dest->svc->pe->name, len);
> + pe_data[len + 1] = ' ';
> + len += 2;
> + len += cp->dest->svc->pe->show_pe_data(cp,
> + pe_data + len);
> + }
> + pe_data[len] = '\0';
Regards
--
Julian Anastasov <ja@ssi.bg>
^ permalink raw reply
* Re: [patch v2 07/12] [PATCH 07/12] IPVS: Add struct ip_vs_pe
From: Julian Anastasov @ 2010-10-01 21:45 UTC (permalink / raw)
To: Simon Horman
Cc: lvs-devel, netdev, netfilter, netfilter-devel, Jan Engelhardt,
Stephen Hemminger, Wensong Zhang, Patrick McHardy
In-Reply-To: <20101001143942.297844368@akiko.akashicho.tokyo.vergenet.net>
Hello,
On Fri, 1 Oct 2010, Simon Horman wrote:
> ===================================================================
> --- lvs-test-2.6.orig/net/netfilter/ipvs/ip_vs_conn.c 2010-10-01 22:48:42.000000000 +0900
> +++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_conn.c 2010-10-01 22:49:15.000000000 +0900
> @@ -148,6 +148,29 @@ static unsigned int ip_vs_conn_hashkey(i
> & ip_vs_conn_tab_mask;
> }
>
> +static unsigned int ip_vs_conn_hashkey_param(const struct ip_vs_conn_param *p)
> +{
> + if (p->pe && p->pe->hashkey_raw)
> + return p->pe->hashkey_raw(p, ip_vs_conn_rnd) &
> + ip_vs_conn_tab_mask;
> + return ip_vs_conn_hashkey(p->af, p->protocol, p->caddr, p->cport);
> +}
> +
> +static unsigned int ip_vs_conn_hashkey_conn(const struct ip_vs_conn *cp)
> +{
> + struct ip_vs_conn_param p;
> +
> + ip_vs_conn_fill_param(cp->af, cp->protocol, &cp->caddr, cp->cport,
> + NULL, 0, &p);
> +
cp->dest is optional, line should be
'if (cp->dest && cp->dest->svc->pe) {':
> + if (cp->dest->svc->pe) {
> + p.pe = cp->dest->svc->pe;
> + p.pe_data = cp->pe_data;
> + p.pe_data_len = cp->pe_data_len;
> + }
> +
> + return ip_vs_conn_hashkey_param(&p);
> +}
>
> @@ -359,7 +387,7 @@ struct ip_vs_conn *ip_vs_conn_out_get(co
> /*
> * Check for "full" addressed entries
> */
Here ip_vs_conn_out_get expects client data in
p->vaddr and p->vport (was daddr before) but ip_vs_conn_hashkey_param
hashes client data from p->caddr and p->cport:
> - hash = ip_vs_conn_hashkey(p->af, p->protocol, p->vaddr, p->vport);
> + hash = ip_vs_conn_hashkey_param(p);
>
> ct_read_lock(hash);
Regards
--
Julian Anastasov <ja@ssi.bg>
^ permalink raw reply
* [patch 2/2] drivers/net/stmmac/: add HAS_IOMEM dependency
From: akpm @ 2010-10-01 21:17 UTC (permalink / raw)
To: davem; +Cc: netdev, akpm, schwidefsky, heiko.carstens, peppe.cavallaro
From: Martin Schwidefsky <schwidefsky@de.ibm.com>
The stmmac driver does not compile on s390:
drivers/net/stmmac/stmmac_main.c: In function 'stmmac_adjust_link':
drivers/net/stmmac/stmmac_main.c:210: error: implicit declaration of function 'readl'
drivers/net/stmmac/stmmac_main.c:263: error: implicit declaration of function 'writel'
drivers/net/stmmac/stmmac_main.c: In function 'stmmac_dvr_probe':
drivers/net/stmmac/stmmac_main.c:1674: error: implicit declaration of function 'ioremap'
drivers/net/stmmac/stmmac_main.c:1674: warning: assignment makes pointer from integer without a cast
drivers/net/stmmac/stmmac_main.c:1761: error: implicit declaration of function 'iounmap'
make[3]: *** [drivers/net/stmmac/stmmac_main.o] Error 1
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Giuseppe CAVALLARO <peppe.cavallaro@st.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
drivers/net/stmmac/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -puN drivers/net/stmmac/Kconfig~drivers-net-stmmac-add-has_iomem-dependency drivers/net/stmmac/Kconfig
--- a/drivers/net/stmmac/Kconfig~drivers-net-stmmac-add-has_iomem-dependency
+++ a/drivers/net/stmmac/Kconfig
@@ -3,7 +3,7 @@ config STMMAC_ETH
select MII
select PHYLIB
select CRC32
- depends on NETDEVICES
+ depends on NETDEVICES && HAS_IOMEM
help
This is the driver for the Ethernet IPs are built around a
Synopsys IP Core and only tested on the STMicroelectronics
_
^ permalink raw reply
* [patch 1/2] drivers-net-tulip-de4x5c-fix-copy-length-in-de4x5_ioctl-checkpatch-fixes
From: akpm @ 2010-10-01 21:17 UTC (permalink / raw)
To: davem; +Cc: netdev, akpm, dan.j.rosenberg, grundler, jeffm
From: Andrew Morton <akpm@linux-foundation.org>
ERROR: trailing statements should be on next line
#23: FILE: drivers/net/tulip/de4x5.c:5477:
+ if (copy_to_user(ioc->data, tmp.lval, ioc->len)) return -EFAULT;
total: 1 errors, 0 warnings, 8 lines checked
./patches/drivers-net-tulip-de4x5c-fix-copy-length-in-de4x5_ioctl.patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Please run checkpatch prior to sending patches
Cc: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Cc: Grant Grundler <grundler@parisc-linux.org>
Cc: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
drivers/net/tulip/de4x5.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff -puN drivers/net/tulip/de4x5.c~drivers-net-tulip-de4x5c-fix-copy-length-in-de4x5_ioctl-checkpatch-fixes drivers/net/tulip/de4x5.c
--- a/drivers/net/tulip/de4x5.c~drivers-net-tulip-de4x5c-fix-copy-length-in-de4x5_ioctl-checkpatch-fixes
+++ a/drivers/net/tulip/de4x5.c
@@ -5474,7 +5474,8 @@ de4x5_ioctl(struct net_device *dev, stru
tmp.lval[6] = inl(DE4X5_STRR); j+=4;
tmp.lval[7] = inl(DE4X5_SIGR); j+=4;
ioc->len = j;
- if (copy_to_user(ioc->data, tmp.lval, ioc->len)) return -EFAULT;
+ if (copy_to_user(ioc->data, tmp.lval, ioc->len))
+ return -EFAULT;
break;
#define DE4X5_DUMP 0x0f /* Dump the DE4X5 Status */
_
^ permalink raw reply
* [patch 1/1] sctp: prevent reading out-of-bounds memory
From: akpm @ 2010-10-01 21:16 UTC (permalink / raw)
To: davem; +Cc: netdev, akpm, dan.j.rosenberg, vladislav.yasevich
From: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Two user-controlled allocations in SCTP are subsequently dereferenced as
sockaddr structs, without checking if the dereferenced struct members fall
beyond the end of the allocated chunk. There doesn't appear to be any
information leakage here based on how these members are used and
additional checking, but it's still worth fixing.
[akpm@linux-foundation.org: remove unfashionable newlines, fix gmail tab->space conversion]
Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
net/sctp/socket.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff -puN net/sctp/socket.c~sctp-prevent-reading-out-of-bounds-memory net/sctp/socket.c
--- a/net/sctp/socket.c~sctp-prevent-reading-out-of-bounds-memory
+++ a/net/sctp/socket.c
@@ -918,6 +918,11 @@ SCTP_STATIC int sctp_setsockopt_bindx(st
/* Walk through the addrs buffer and count the number of addresses. */
addr_buf = kaddrs;
while (walk_size < addrs_size) {
+ if (walk_size + sizeof(sa_family_t) > addrs_size) {
+ kfree(kaddrs);
+ return -EINVAL;
+ }
+
sa_addr = (struct sockaddr *)addr_buf;
af = sctp_get_af_specific(sa_addr->sa_family);
@@ -1004,9 +1009,13 @@ static int __sctp_connect(struct sock* s
/* Walk through the addrs buffer and count the number of addresses. */
addr_buf = kaddrs;
while (walk_size < addrs_size) {
+ if (walk_size + sizeof(sa_family_t) > addrs_size) {
+ err = -EINVAL;
+ goto out_free;
+ }
+
sa_addr = (union sctp_addr *)addr_buf;
af = sctp_get_af_specific(sa_addr->sa.sa_family);
- port = ntohs(sa_addr->v4.sin_port);
/* If the address family is not supported or if this address
* causes the address buffer to overflow return EINVAL.
@@ -1016,6 +1025,8 @@ static int __sctp_connect(struct sock* s
goto out_free;
}
+ port = ntohs(sa_addr->v4.sin_port);
+
/* Save current address so we can work with it */
memcpy(&to, sa_addr, af->sockaddr_len);
_
^ permalink raw reply
* Re: [patch v2 04/12] [PATCH 04/12] IPVS: Add struct ip_vs_conn_param
From: Julian Anastasov @ 2010-10-01 20:58 UTC (permalink / raw)
To: Simon Horman
Cc: lvs-devel, netdev, netfilter, netfilter-devel, Jan Engelhardt,
Stephen Hemminger, Wensong Zhang, Patrick McHardy
In-Reply-To: <20101001143942.035496196@akiko.akashicho.tokyo.vergenet.net>
Hello,
On Fri, 1 Oct 2010, Simon Horman wrote:
> +static int
> +ip_vs_conn_fill_param_proto(int af, const struct sk_buff *skb,
> + const struct ip_vs_iphdr *iph,
> + unsigned int proto_off, int inverse,
> + struct ip_vs_conn_param *p)
> +{
> + __be16 _ports[2], *pptr;
> +
> + pptr = skb_header_pointer(skb, proto_off, sizeof(_ports), _ports);
> + if (pptr == NULL)
> + return 1;
> +
> + if (likely(!inverse))
> + ip_vs_conn_fill_param(af, iph->protocol, &iph->saddr, pptr[0],
> + &iph->daddr, pptr[1], p);
> + else
Next line is wrong for inverse=1, must be
&iph->daddr, pptr[1], &iph->saddr, pptr[0]
> + ip_vs_conn_fill_param(af, iph->protocol, &iph->saddr, pptr[0],
> + &iph->daddr, pptr[1], p);
> + return 0;
> +}
> +
May be comments before ip_vs_conn_out_get should be
changed:
> @@ -341,9 +351,7 @@ struct ip_vs_conn *ip_vs_ct_in_get
> * s_addr, s_port: pkt source address (inside host)
> * d_addr, d_port: pkt dest address (foreign host)
> */
> -struct ip_vs_conn *ip_vs_conn_out_get
> -(int af, int protocol, const union nf_inet_addr *s_addr, __be16 s_port,
> - const union nf_inet_addr *d_addr, __be16 d_port)
> +struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p)
> ===================================================================
> --- lvs-test-2.6.orig/net/netfilter/ipvs/ip_vs_core.c 2010-10-01 22:06:23.000000000 +0900
> +++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_core.c 2010-10-01 22:10:46.000000000 +0900
> @@ -193,14 +193,11 @@ ip_vs_sched_persist(struct ip_vs_service
> struct ip_vs_iphdr iph;
> struct ip_vs_dest *dest;
> struct ip_vs_conn *ct;
> - int protocol = iph.protocol;
> __be16 dport = 0; /* destination port to forward */
> - __be16 vport = 0; /* virtual service port */
> unsigned int flags;
> union nf_inet_addr snet; /* source network of the client,
> after masking */
> - const union nf_inet_addr fwmark = { .ip = htonl(svc->fwmark) };
> - const union nf_inet_addr *vaddr = &iph.daddr;
> + struct ip_vs_conn_param param;
>
> ip_vs_fill_iphdr(svc->af, skb_network_header(skb), &iph);
>
> @@ -232,6 +229,11 @@ ip_vs_sched_persist(struct ip_vs_service
> * is created for other persistent services.
> */
> {
> + int protocol = iph.protocol;
> + const union nf_inet_addr *vaddr = &iph.daddr;
> + const union nf_inet_addr fwmark = { .ip = htonl(svc->fwmark) };
> + __be16 vport = 0;
> +
> if (ports[1] == svc->port) {
> /* non-FTP template:
> * <protocol, caddr, 0, vaddr, vport, daddr, dport>
> @@ -253,11 +255,12 @@ ip_vs_sched_persist(struct ip_vs_service
> vaddr = &fwmark;
> }
> }
> + ip_vs_conn_fill_param(svc->af, protocol, &snet, 0,
> + vaddr, vport, ¶m);
> }
>
> /* Check if a template already exists */
> - ct = ip_vs_ct_in_get(svc->af, protocol, &snet, 0, vaddr, vport);
> -
> + ct = ip_vs_ct_in_get(¶m);
> if (!ct || !ip_vs_check_template(ct)) {
> /* No template found or the dest of the connection
> * template is not available.
> @@ -272,8 +275,7 @@ ip_vs_sched_persist(struct ip_vs_service
> dport = dest->port;
>
> /* Create a template */
> - ct = ip_vs_conn_new(svc->af, protocol, &snet, 0,vaddr, vport,
> - &dest->addr, dport,
> + ct = ip_vs_conn_new(¶m, &dest->addr, dport,
> IP_VS_CONN_F_TEMPLATE, dest);
> if (ct == NULL)
> return NULL;
> @@ -291,12 +293,7 @@ ip_vs_sched_persist(struct ip_vs_service
> /*
> * Create a new connection according to the template
> */
Missing ip_vs_conn_fill_param here?
> - cp = ip_vs_conn_new(svc->af, iph.protocol,
> - &iph.saddr, ports[0],
> - &iph.daddr, ports[1],
> - &dest->addr, dport,
> - flags,
> - dest);
> + cp = ip_vs_conn_new(¶m, &dest->addr, dport, flags, dest);
> if (cp == NULL) {
> ip_vs_conn_put(ct);
> return NULL;
> ===================================================================
> --- lvs-test-2.6.orig/net/netfilter/ipvs/ip_vs_proto_ah_esp.c 2010-10-01 21:55:19.000000000 +0900
> +++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_proto_ah_esp.c 2010-10-01 22:23:33.000000000 +0900
> @@ -40,6 +40,19 @@ struct isakmp_hdr {
>
> #define PORT_ISAKMP 500
>
> +static void
> +ah_esp_conn_fill_param_proto(int af, const struct ip_vs_iphdr *iph,
> + int inverse, struct ip_vs_conn_param *p)
> +{
> + if (likely(!inverse))
> + ip_vs_conn_fill_param(af, IPPROTO_UDP,
> + &iph->saddr, htons(PORT_ISAKMP),
> + &iph->daddr, htons(PORT_ISAKMP), p);
> + else
For inverse=1 iph->protocol must be IPPROTO_UDP
and &iph->daddr before &iph->saddr:
> + ip_vs_conn_fill_param(af, iph->protocol,
> + &iph->saddr, htons(PORT_ISAKMP),
> + &iph->daddr, htons(PORT_ISAKMP), p);
> +}
Regards
--
Julian Anastasov <ja@ssi.bg>
^ permalink raw reply
* Re: sysctl_{tcp,udp,sctp}_mem overflow on 16TB system.
From: Willy Tarreau @ 2010-10-01 20:30 UTC (permalink / raw)
To: Robin Holt
Cc: David S. Miller, Alexey Kuznetsov, Pekka Savola (ipv6),
James Morris, Hideaki YOSHIFUJI, Patrick McHardy, Vlad Yasevich,
Sridhar Samudrala, linux-kernel, netdev, linux-decnet-user,
linux-sctp
In-Reply-To: <20101001193958.GP14068@sgi.com>
Hello Robin,
On Fri, Oct 01, 2010 at 02:39:58PM -0500, Robin Holt wrote:
>
> On a 16TB system, we noticed that sysctl_tcp_mem[2] and sysctl_udp_mem[2]
> were negative. Code review indicates that the same should occur with
> sysctl_sctp_mem[2].
>
> There are a couple ways we could address this. The one which appears most
> reasonable would be to change the struct proto defintion for sysctl_mem
> from an int to a long and handle all the associated fallout.
>
> An alternative is to limit the calculation to 1/2 INT_MAX. The downside
> being that the administrator could not tune the system to use more than
> INT_MAX memory when much more is available.
>
> Is there a compelling reason to not change the structure's definition
> over to longs instead of ints and deal with the fallout from that change?
Could we not see it differently ? => is there any reason someone would
want to assign more than 8 TB of RAM to the network buffers in the near
future ? Even at 100 Gbps, that's still 10 minutes of traffic stuck in
buffers. Probably that the day we need that large buffers, Linux won't
support 32-bit systems anymore and all such limits will have switched
to 64-bit.
So probably that limiting the value to INT_MAX/2 sounds reasonable ?
Regards,
Willy
^ permalink raw reply
* sysctl_{tcp,udp,sctp}_mem overflow on 16TB system.
From: Robin Holt @ 2010-10-01 19:39 UTC (permalink / raw)
To: David S. Miller, Alexey Kuznetsov, Pekka Savola (ipv6),
James Morris, Hideaki YOSHIFUJI <yosh
Cc: linux-kernel, netdev, linux-decnet-user, linux-sctp
On a 16TB system, we noticed that sysctl_tcp_mem[2] and sysctl_udp_mem[2]
were negative. Code review indicates that the same should occur with
sysctl_sctp_mem[2].
There are a couple ways we could address this. The one which appears most
reasonable would be to change the struct proto defintion for sysctl_mem
from an int to a long and handle all the associated fallout.
An alternative is to limit the calculation to 1/2 INT_MAX. The downside
being that the administrator could not tune the system to use more than
INT_MAX memory when much more is available.
Is there a compelling reason to not change the structure's definition
over to longs instead of ints and deal with the fallout from that change?
Thanks,
Robin Holt
^ permalink raw reply
* Re: Packet time delays on multi-core systems
From: Jeff Kirsher @ 2010-10-01 18:54 UTC (permalink / raw)
To: Eric Dumazet
Cc: Alexey Vlasov, Linux Kernel Mailing List, netdev, Emil Tantilov
In-Reply-To: <1285946861.21547.24.camel@edumazet-laptop>
On Fri, Oct 1, 2010 at 08:27, Eric Dumazet <eric.dumazet@gmail.com> wrote:
> Le vendredi 01 octobre 2010 à 18:18 +0400, Alexey Vlasov a écrit :
>
>> NIC statistics:
>> rx_packets: 2973717440
>> tx_packets: 3032670910
>> rx_bytes: 1892633650741
>> tx_bytes: 2536130682695
>> rx_broadcast: 118773199
>> tx_broadcast: 68013
>> rx_multicast: 95257
>> tx_multicast: 0
>> rx_errors: 0
>> tx_errors: 0
>> tx_dropped: 0
>> multicast: 95257
>> collisions: 0
>> rx_length_errors: 0
>> rx_over_errors: 0
>> rx_crc_errors: 0
>> rx_frame_errors: 0
>> rx_no_buffer_count: 7939
>> rx_queue_drop_packet_count: 1324025520
>> rx_missed_errors: 146631
>> tx_aborted_errors: 0
>> tx_carrier_errors: 0
>> tx_fifo_errors: 0
>> tx_heartbeat_errors: 0
>> tx_window_errors: 0
>> tx_abort_late_coll: 0
>> tx_deferred_ok: 0
>> tx_single_coll_ok: 0
>> tx_multi_coll_ok: 0
>> tx_timeout_count: 0
>> tx_restart_queue: 50715
>> rx_long_length_errors: 0
>> rx_short_length_errors: 0
>> rx_align_errors: 0
>> tx_tcp_seg_good: 344724062
>> tx_tcp_seg_failed: 0
>> rx_flow_control_xon: 0
>> rx_flow_control_xoff: 0
>> tx_flow_control_xon: 0
>> tx_flow_control_xoff: 0
>> rx_long_byte_count: 1892633650741
>> rx_csum_offload_good: 2973697420
>> rx_csum_offload_errors: 6235
>> tx_dma_out_of_sync: 0
>> alloc_rx_buff_failed: 0
>> tx_smbus: 9327
>> rx_smbus: 118531661
>> dropped_smbus: 0
>> tx_queue_0_packets: 797617475
>> tx_queue_0_bytes: 630191908685
>> tx_queue_1_packets: 719681297
>> tx_queue_1_bytes: 625907304846
>> tx_queue_2_packets: 718841556
>> tx_queue_2_bytes: 620522418855
>> tx_queue_3_packets: 796521255
>> tx_queue_3_bytes: 646196024585
>> rx_queue_0_packets: 788885797
>> rx_queue_0_bytes: 458936338699
>> rx_queue_0_drops: 0
>> rx_queue_1_packets: 701354604
>> rx_queue_1_bytes: 457490536453
>> rx_queue_1_drops: 0
>> rx_queue_2_packets: 791887663
>> rx_queue_2_bytes: 534425333616
>> rx_queue_2_drops: 0
>> rx_queue_3_packets: 691579028
>> rx_queue_3_bytes: 429887244557
>> rx_queue_3_drops: 0
>> 11.111.80: R 1983626201:1983626201(0) win 0
>> > >
>
> OK
>
> IGB stats are wrong... for rx_queue_drop_packet_count field at least
>
> Here is a patch against 2.6.32.23, to get the idea...
>
> Dont trust it unless you patch your kernel ;)
>
> Thanks
>
> Note: current linux-2.6 tree doesnt have this bug.
>
> [PATCH] igb: rx_fifo_errors counter fix
>
> Alexey Vlasov reported insane rx_queue_drop_packet_count
> (rx_fifo_errors) values.
>
> IGB drivers is doing an accumulation for 82575, instead using a zero
> value for rqdpc_total.
>
> Reported-by: Alexey Vlasov <renton@renton.name>
> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
> ---
> linux-2.6.32.23/net/igb/igb_main.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
Thanks Eric! I have added the patch to my queue.
--
Cheers,
Jeff
^ permalink raw reply
* Re: [PATCH 0/2] qcusbnet: Cleanups
From: David Brownell @ 2010-10-01 18:29 UTC (permalink / raw)
To: Joe Perches, Elly Jones
Cc: David Miller, netdev, dbrownell, mjg59, jglasgow, msb, olofj
In-Reply-To: <20101001144231.GC8632@google.com>
I've not noticed this driver before .. can its
name be changed soon? As it is, it's easily
confused with "usbnet", the driver framework.
Please give it a name that just reflects the
hardware it drives, eliminating that confusion.
^ permalink raw reply
* Re: [RFC] bonding: fix workqueue re-arming races
From: Jiri Bohac @ 2010-10-01 18:22 UTC (permalink / raw)
To: Narendra K
Cc: Jay Vosburgh, Jiri Bohac, bonding-devel, markine, jarkao2, chavey,
netdev
In-Reply-To: <20100924112352.GA32716@auslistsprd01.us.dell.com>
On Fri, Sep 24, 2010 at 06:23:53AM -0500, Narendra K wrote:
> On Fri, Sep 17, 2010 at 04:14:33AM +0530, Jay Vosburgh wrote:
> > Jay Vosburgh <fubar@us.ibm.com> wrote:
> The follwing call trace was seen -
>
> 2.6.35.with.upstream.patch-next-20100811-0.7-default+
> [14602.945876] ------------[ cut here ]------------
> [14602.950474] kernel BUG at kernel/workqueue.c:2844!
> [14602.955242] invalid opcode: 0000 [#1] SMP
> [14602.959341] last sysfs file: /sys/class/net/bonding_masters
> [14602.964888] CPU 1
> [14602.966714] Modules linked in: af_packet bonding ipv6 cpufreq_conservative cpufreq_userspace cpufreq_powersave acpi_cpufreq mperf microcode fuse loop dm_mod joydev usbhid hid bnx2 tpm_tis tpm tpm_bios rtc_cmos iTCO_wdt iTCO_vendor_support sr_mod power_meter cdrom sg serio_raw mptctl pcspkr rtc_core usb_storage dcdbas rtc_lib button uhci_hcd ehci_hcd usbcore sd_mod crc_t10dif edd ext3 mbcache jbd fan processor ide_pci_generic ide_core ata_generic ata_piix libata mptsas mptscsih mptbase scsi_transport_sas scsi_mod thermal thermal_sys hwmon
> [14603.015002]
> [14603.016524] Pid: 4006, comm: ifdown-bonding Not tainted 2.6.35.with.upstream.patch-next-20100811-0.7-default+ #2 0M233H/PowerEdge R710
> [14603.028554] RIP: 0010:[<ffffffff81067b50>] [<ffffffff81067b50>] destroy_workqueue+0x1d0/0x1e0
> [14603.037144] RSP: 0018:ffff88022a379d88 EFLAGS: 00010286
> [14603.042432] RAX: 000000000000003c RBX: ffff880228674240 RCX: ffff880228f0e800
> [14603.049534] RDX: 0000000000001000 RSI: 0000000000000002 RDI: 000000000000001a
> [14603.056638] RBP: ffff88022a379da8 R08: ffff88022a379cf8 R09: 0000000000000000
> [14603.063741] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000002
> [14603.070842] R13: ffffffff817b8560 R14: ffff8802299d1480 R15: ffff8802299d1488
> [14603.077944] FS: 00007f8e6a28f700(0000) GS:ffff880001c00000(0000) knlGS:0000000000000000
> [14603.085999] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
> [14603.091719] CR2: 00007f8e6a2c2000 CR3: 0000000127d1c000 CR4: 00000000000006e0
> [14603.098822] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [14603.105924] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> [14603.113026] Process ifdown-bonding (pid: 4006, threadinfo ffff88022a378000, task ffff8802299b0080)
> [14603.121944] Stack:
> [14603.123944] ffff88022a379da8 ffff8802299d1000 ffff8802299d1000 000000010036b6a4
> [14603.131182] <0> ffff88022a379dc8 ffffffffa030a91d ffff8802299d1000 000000010036b6a4
> [14603.138857] <0> ffff88022a379e28 ffffffff812e0a08 ffff88022a379e38 ffff88022a379de8
> [14603.146718] Call Trace:
> [14603.149158] [<ffffffffa030a91d>] bond_destructor+0x1d/0x30 [bonding]
> [14603.155572] [<ffffffff812e0a08>] netdev_run_todo+0x1a8/0x270
> [14603.161293] [<ffffffff812ee859>] rtnl_unlock+0x9/0x10
> [14603.166411] [<ffffffffa0317824>] bonding_store_bonds+0x1c4/0x1f0 [bonding]
> [14603.173342] [<ffffffff810f26be>] ? alloc_pages_current+0x9e/0x110
> [14603.179497] [<ffffffff81285c9e>] class_attr_store+0x1e/0x20
> [14603.185132] [<ffffffff8116e365>] sysfs_write_file+0xc5/0x140
> [14603.190853] [<ffffffff8110a68f>] vfs_write+0xcf/0x190
> [14603.195967] [<ffffffff8110a840>] sys_write+0x50/0x90
> [14603.200996] [<ffffffff81002ec2>] system_call_fastpath+0x16/0x1b
> [14603.206974] Code: 00 7f 14 8b 3b eb 91 3d 00 10 00 00 89 c2 77 10 8b 3b e9 07 ff ff ff 3d 00 10 00 00 89 c2 76 f0 8b 3b e9 a9 fe ff ff 0f 0b eb fe <0f> 0b eb fe 66 66 66 2e 0f 1f 84 00 00 00 00 00 55 48 8b 3d 00
> [14603.226419] RIP [<ffffffff81067b50>] destroy_workqueue+0x1d0/0x1e0
> [14603.232669] RSP <ffff88022a379d88>
> [ 0.000000] Initializing cgroup subsys cpuset
> [ 0.000000] Initializing cgroup subsys cpu
This should be the BUG_ON(cwq->nr_active) in
destroy_workqueue()
This is really strange. bondng_store_bonds() can do two things:
create or delete a bonding device.
I checked the delete path, where I would normally expect such a
problem, but I can't find a way it could fail in this way.
bondng_store_bonds() calls unregister_netdevice(), which
- calls rollback_registered() -> bond_close()
- puts the device on the net_todo_list.
On rtnl_unlock() netdev_run_todo() gets called and that calls
bond_destructor().
bond_close() now makes sure the rearming work items are not
pending, thus, the only work items that may still be pending on
the workqueue are the non-rearming "commit" work items.
flush_workqueue(), called at the beginning of destroy_workqueue()
should have waited for these to finish.
If all of the above is correct, this BUG_ON should never trigger.
Maybe I am overlooking something, or it may be some kind of
failure/race condition in the create path, resulting in
bond_destructor() being called as well.
Narendra, any chance to capture the dmesg lines preceeding the
BUG message? This should show which of the above cases it is.
I will try to come up with a debug patch that will tell us which
work remains active on the work queue.
--
Jiri Bohac <jbohac@suse.cz>
SUSE Labs, SUSE CZ
^ permalink raw reply
* Re: [PATCH net-next 0/8] tg3: Bugfixes and updates
From: Matt Carlson @ 2010-10-01 17:25 UTC (permalink / raw)
To: David Miller; +Cc: Matthew Carlson, netdev@vger.kernel.org, andy@greyhouse.net
In-Reply-To: <20101001.002628.267960834.davem@davemloft.net>
On Fri, Oct 01, 2010 at 12:26:28AM -0700, David Miller wrote:
> From: "Matt Carlson" <mcarlson@broadcom.com>
> Date: Thu, 30 Sep 2010 13:34:29 -0700
>
> > This patchset implements some bugfixes, removes the 5724 device
> > ID and introduces extended rx buffer rings.
>
> All applied....
>
> But really, I want to hear some real justification for a 2048 entry RX
> ring at gigabit speeds. I even think 512 is way too large for gigabit
> parts.
I don't have any personal experience where a larger ring size could
benefit. However, I have heard of situations in the past where people
have said increasing the amount of rx buffers available has smoothed
over some bursty traffic / cpu usage patterns. These people really did
want more than 512 rx buffers.
> Any machine that gets one of these newer 5717 parts does not need that
> much queueing, and too deep queues tend to hurt locality and thus
> performance.
Good point. I'll see if we can scale the BD ring size based on the
number of rx buffers the administrator has configured.
^ permalink raw reply
* [PATCH] selinux: add dcbnl netlink messages to selinux
From: John Fastabend @ 2010-10-01 17:07 UTC (permalink / raw)
To: jmorris; +Cc: john.r.fastabend, netdev, linux-kernel
Add DCBNL netlink msg support to selinux. Without this
'unrecognized netlink message' warnings may be seen.
Signed-off-by: John Fastabend <john.r.fastabend@intel.com>
---
security/selinux/nlmsgtab.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/security/selinux/nlmsgtab.c b/security/selinux/nlmsgtab.c
index 75ec0c6..8b02b21 100644
--- a/security/selinux/nlmsgtab.c
+++ b/security/selinux/nlmsgtab.c
@@ -65,6 +65,8 @@ static struct nlmsg_perm nlmsg_route_perms[] =
{ RTM_NEWADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
{ RTM_DELADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
{ RTM_GETADDRLABEL, NETLINK_ROUTE_SOCKET__NLMSG_READ },
+ { RTM_GETDCB, NETLINK_ROUTE_SOCKET__NLMSG_READ },
+ { RTM_SETDCB, NETLINK_ROUTE_SOCKET__NLMSG_WRITE },
};
static struct nlmsg_perm nlmsg_firewall_perms[] =
^ permalink raw reply related
* pull request: wireless-next-2.6 2010-10-01
From: John W. Linville @ 2010-10-01 16:18 UTC (permalink / raw)
To: davem; +Cc: linux-wireless, netdev
Dave,
Here is the latest round of wireless LAN updates intended for 2.6.37.
Included are some ath5k bits from Bruno Randolf, some carl9170 updates
from Christian Lamparter, some mac80211 updates from Johannes Berg,
some work for supporting multiple VIFs on one device from Ben Greear,
and a smattering of other bits.
Please let me know if there are problems!
Thanks,
John
---
The following changes since commit 94d57c4cfaa43e29ca5fa5ff874048cfc67276f5:
enic: Update MAINTAINERS (2010-10-01 00:36:53 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6.git for-davem
Ben Greear (4):
ath5k: Add bssid mask and rxfilter to debugfs.
mac80211: Support multiple VIFS per AP in debugfs.
mac80211/ath9k: Support AMPDU with multiple VIFs.
mac80211: Support receiving data frames on multiple vifs.
Bruno Randolf (5):
ath5k: Remove unused variable for atim window
ath5k: Check and fix ATIM window
ath5k: Increase "fudge" for beacon timers
ath5k: Disable interrupts in ath5k_hw_get_tsf64
ath5k: Fix bitmasks and typos for PCU Diagnostic register
Christian Lamparter (8):
mac80211: clear txflags for ps-filtered frames
carl9170: remove non-standard ba session teardown
carl9170: angle brackets for wiki link
carl9170: remove lost-frame workaround
carl9170: fix tx_ampdu_upload counter
carl9170: fix WARN_ON triggered by Broadcom HT STAs
carl9170: revamp carl9170_tx_prepare
carl9170: interrupt urbs must not set URB_ZERO_PACKET
Dan Carpenter (1):
airo: remove "basic_rate" module option
Felix Fietkau (3):
ath9k_hw: simplify revision checks for AR9280
ath9k_hw: simplify revision checks for AR9285
ath9k_hw: simplify revision checks for AR9287
Florian Mickler (1):
iwl3945: queue the right work if the scan needs to be aborted
Ido Yariv (1):
wl1271: Fix overflow in wl1271_boot_upload_nvs
Johannes Berg (7):
mac80211: fix use-after-free
mac80211: remove prepare_for_handlers sdata argument
mac80211: consolidate packet processing
mac80211: clean up rx handling wrt. found_sta
mac80211: fix release_reorder_timeout in scan
mac80211: move packet flags into packet
cfg80211: always set IBSS basic rates
John W. Linville (5):
Merge branch 'master' of git://git.kernel.org/.../linville/wireless-2.6
Revert "mac80211: fix use-after-free"
wl12xx: fix separate-object-folder builds
Merge branch 'master' of git://git.kernel.org/.../linville/wireless-2.6
Merge branch 'master' of git://git.kernel.org/.../linville/wireless-next-2.6 into for-davem
Jouni Malinen (2):
mac80211: Filter ProbeReq SuppRates based on TX rate mask
mac80211: Add DS Parameter Set into Probe Request on 2.4 GHz
Juuso Oikarinen (1):
mac80211: Fix WMM driver queue configuration
Luis R. Rodriguez (1):
mac80211: fix offchannel assumption upon association
Rajkumar Manoharan (2):
ath9k_htc: Fix beacon distribution in IBSS mode
ath9k_htc: Fix TKIP disconnect failure with HTC drivers
Teemu Paasikivi (1):
nl80211: Fix exit from nl80211_set_power_save
Vasanthakumar Thiagarajan (1):
ath9k: Fix tx struck state with paprd
drivers/net/wireless/Makefile | 3 +-
drivers/net/wireless/airo.c | 11 -
drivers/net/wireless/ath/ath5k/ath5k.h | 2 +-
drivers/net/wireless/ath/ath5k/attach.c | 1 -
drivers/net/wireless/ath/ath5k/base.c | 16 +-
drivers/net/wireless/ath/ath5k/debug.c | 58 +++++
drivers/net/wireless/ath/ath5k/debug.h | 1 +
drivers/net/wireless/ath/ath5k/dma.c | 4 +-
drivers/net/wireless/ath/ath5k/pcu.c | 99 ++++++++-
drivers/net/wireless/ath/ath5k/phy.c | 4 +-
drivers/net/wireless/ath/ath5k/reg.h | 29 +--
drivers/net/wireless/ath/ath9k/ar5008_phy.c | 22 +-
drivers/net/wireless/ath/ath9k/ar9002_calib.c | 21 +--
drivers/net/wireless/ath/ath9k/ar9002_hw.c | 2 +-
drivers/net/wireless/ath/ath9k/eeprom.h | 2 +-
drivers/net/wireless/ath/ath9k/eeprom_4k.c | 10 +-
drivers/net/wireless/ath/ath9k/eeprom_9287.c | 6 +-
drivers/net/wireless/ath/ath9k/eeprom_def.c | 18 +-
drivers/net/wireless/ath/ath9k/htc_drv_beacon.c | 9 +-
drivers/net/wireless/ath/ath9k/htc_drv_init.c | 3 +
drivers/net/wireless/ath/ath9k/hw.c | 27 +-
drivers/net/wireless/ath/ath9k/init.c | 2 +-
drivers/net/wireless/ath/ath9k/main.c | 6 +-
drivers/net/wireless/ath/ath9k/recv.c | 10 +-
drivers/net/wireless/ath/ath9k/reg.h | 34 +---
drivers/net/wireless/ath/ath9k/xmit.c | 3 +-
drivers/net/wireless/ath/carl9170/Kconfig | 2 +-
drivers/net/wireless/ath/carl9170/carl9170.h | 1 -
drivers/net/wireless/ath/carl9170/debug.c | 4 -
drivers/net/wireless/ath/carl9170/main.c | 20 ++-
drivers/net/wireless/ath/carl9170/tx.c | 192 ++++++---------
drivers/net/wireless/ath/carl9170/usb.c | 2 -
drivers/net/wireless/wl12xx/Makefile | 3 +
drivers/net/wireless/wl12xx/wl1271_boot.c | 17 +-
include/net/mac80211.h | 47 +++--
net/mac80211/debugfs.c | 1 -
net/mac80211/debugfs_netdev.c | 3 +
net/mac80211/debugfs_sta.c | 2 +-
net/mac80211/ieee80211_i.h | 43 +++-
net/mac80211/main.c | 3 +-
net/mac80211/mlme.c | 16 +-
net/mac80211/rx.c | 291 ++++++++++++-----------
net/mac80211/scan.c | 3 +-
net/mac80211/sta_info.c | 15 +-
net/mac80211/status.c | 1 +
net/mac80211/util.c | 47 +++-
net/mac80211/wpa.c | 2 +-
net/wireless/ibss.c | 19 ++
net/wireless/nl80211.c | 20 +--
49 files changed, 671 insertions(+), 486 deletions(-)
Omnibus patch available here:
http://www.kernel.org/pub/linux/kernel/people/linville/wireless-next-2.6-2010-10-01.patch.bz2
--
John W. Linville Someday the world will need a hero, and you
linville@tuxdriver.com might be all we have. Be ready.
^ permalink raw reply
* Re: [PATCH 0/2] qcusbnet: Cleanups
From: Joe Perches @ 2010-10-01 15:56 UTC (permalink / raw)
To: Elly Jones; +Cc: David Miller, netdev, dbrownell, mjg59, jglasgow, msb, olofj
In-Reply-To: <20101001144231.GC8632@google.com>
On Fri, 2010-10-01 at 10:42 -0400, Elly Jones wrote:
> On Thu, Sep 30, 2010 at 05:45:35PM -0700, Joe Perches wrote:
> > These cleanups are meant for Elly Jones on top
> > of the Qualcomm Gobi 2000 driver she submitted.
> Wow, thank you! I'll incorporate your fixes, make sure I have clean
> checkpatch output, and send a v2.
Hi Elly,
I wouldn't go overboard on checkpatch compliance.
I think you can ignore several messages. I did.
Braces around single line statements are ok by me.
80+ column lines don't bother me much.
Probably the extern qcusbnet_debug should go into
some .h file though.
cheers, Joe
^ permalink raw reply
* Re: Packet time delays on multi-core systems
From: Eric Dumazet @ 2010-10-01 15:27 UTC (permalink / raw)
To: Alexey Vlasov
Cc: Linux Kernel Mailing List, netdev, Jeff Kirsher, Emil Tantilov
In-Reply-To: <20101001141858.GE4094@beaver.vrungel.ru>
Le vendredi 01 octobre 2010 à 18:18 +0400, Alexey Vlasov a écrit :
> NIC statistics:
> rx_packets: 2973717440
> tx_packets: 3032670910
> rx_bytes: 1892633650741
> tx_bytes: 2536130682695
> rx_broadcast: 118773199
> tx_broadcast: 68013
> rx_multicast: 95257
> tx_multicast: 0
> rx_errors: 0
> tx_errors: 0
> tx_dropped: 0
> multicast: 95257
> collisions: 0
> rx_length_errors: 0
> rx_over_errors: 0
> rx_crc_errors: 0
> rx_frame_errors: 0
> rx_no_buffer_count: 7939
> rx_queue_drop_packet_count: 1324025520
> rx_missed_errors: 146631
> tx_aborted_errors: 0
> tx_carrier_errors: 0
> tx_fifo_errors: 0
> tx_heartbeat_errors: 0
> tx_window_errors: 0
> tx_abort_late_coll: 0
> tx_deferred_ok: 0
> tx_single_coll_ok: 0
> tx_multi_coll_ok: 0
> tx_timeout_count: 0
> tx_restart_queue: 50715
> rx_long_length_errors: 0
> rx_short_length_errors: 0
> rx_align_errors: 0
> tx_tcp_seg_good: 344724062
> tx_tcp_seg_failed: 0
> rx_flow_control_xon: 0
> rx_flow_control_xoff: 0
> tx_flow_control_xon: 0
> tx_flow_control_xoff: 0
> rx_long_byte_count: 1892633650741
> rx_csum_offload_good: 2973697420
> rx_csum_offload_errors: 6235
> tx_dma_out_of_sync: 0
> alloc_rx_buff_failed: 0
> tx_smbus: 9327
> rx_smbus: 118531661
> dropped_smbus: 0
> tx_queue_0_packets: 797617475
> tx_queue_0_bytes: 630191908685
> tx_queue_1_packets: 719681297
> tx_queue_1_bytes: 625907304846
> tx_queue_2_packets: 718841556
> tx_queue_2_bytes: 620522418855
> tx_queue_3_packets: 796521255
> tx_queue_3_bytes: 646196024585
> rx_queue_0_packets: 788885797
> rx_queue_0_bytes: 458936338699
> rx_queue_0_drops: 0
> rx_queue_1_packets: 701354604
> rx_queue_1_bytes: 457490536453
> rx_queue_1_drops: 0
> rx_queue_2_packets: 791887663
> rx_queue_2_bytes: 534425333616
> rx_queue_2_drops: 0
> rx_queue_3_packets: 691579028
> rx_queue_3_bytes: 429887244557
> rx_queue_3_drops: 0
> 11.111.80: R 1983626201:1983626201(0) win 0
> > >
OK
IGB stats are wrong... for rx_queue_drop_packet_count field at least
Here is a patch against 2.6.32.23, to get the idea...
Dont trust it unless you patch your kernel ;)
Thanks
Note: current linux-2.6 tree doesnt have this bug.
[PATCH] igb: rx_fifo_errors counter fix
Alexey Vlasov reported insane rx_queue_drop_packet_count
(rx_fifo_errors) values.
IGB drivers is doing an accumulation for 82575, instead using a zero
value for rqdpc_total.
Reported-by: Alexey Vlasov <renton@renton.name>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
---
linux-2.6.32.23/net/igb/igb_main.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
--- linux-2.6.32.23/drivers/net/igb/igb_main.c.orig
+++ linux-2.6.32.23/drivers/net/igb/igb_main.c
@@ -3552,6 +3552,7 @@
struct e1000_hw *hw = &adapter->hw;
struct pci_dev *pdev = adapter->pdev;
u16 phy_tmp;
+ unsigned long rqdpc_total = 0;
#define PHY_IDLE_ERROR_COUNT_MASK 0x00FF
@@ -3645,7 +3646,6 @@
if (hw->mac.type != e1000_82575) {
u32 rqdpc_tmp;
- u64 rqdpc_total = 0;
int i;
/* Read out drops stats per RX queue. Notice RQDPC (Receive
* Queue Drop Packet Count) stats only gets incremented, if
@@ -3660,7 +3660,6 @@
adapter->rx_ring[i].rx_stats.drops += rqdpc_tmp;
rqdpc_total += adapter->rx_ring[i].rx_stats.drops;
}
- adapter->net_stats.rx_fifo_errors = rqdpc_total;
}
/* Note RNBC (Receive No Buffers Count) is an not an exact
@@ -3668,7 +3667,7 @@
* one of the reason for saving it in rx_fifo_errors, as its
* potentially not a true drop.
*/
- adapter->net_stats.rx_fifo_errors += adapter->stats.rnbc;
+ adapter->net_stats.rx_fifo_errors = rqdpc_total + adapter->stats.rnbc;
/* RLEC on some newer hardware can be incorrect so build
* our own version based on RUC and ROC */
^ permalink raw reply
* Re: [patch v2 00/12] IPVS: SIP Persistence Engine
From: Simon Horman @ 2010-10-01 15:09 UTC (permalink / raw)
To: lvs-devel, netdev, netfilter, netfilter-devel
Cc: Jan Engelhardt, Stephen Hemminger, Wensong Zhang,
Julian Anastasov, Patrick McHardy
In-Reply-To: <20101001143517.645421976@akiko.akashicho.tokyo.vergenet.net>
On Fri, Oct 01, 2010 at 11:35:17PM +0900, Simon Horman wrote:
> This patch series adds load-balancing of UDP SIP based on Call-ID to
> IPVS as well as a frame-work for extending IPVS to handle alternate
> persistence requirements.
Patrick, I would like these patches considered for inclusion
in nf-next-2.6. There is some minor diffing noise between
this series and "ipvs: Keep track of backlog connections",
which I posted for inclusion in nf-next-2.6 recently. Let
me know if you want me to do something about the noise.
^ permalink raw reply
* [patch v2 10/12] [PATCH 10/12] IPVS: Allow configuration of persistence engines
From: Simon Horman @ 2010-10-01 14:35 UTC (permalink / raw)
To: lvs-devel, netdev, netfilter, netfilter-devel
Cc: Jan Engelhardt, Stephen Hemminger, Wensong Zhang,
Julian Anastasov, Patrick McHardy
In-Reply-To: <20101001143517.645421976@akiko.akashicho.tokyo.vergenet.net>
[-- Attachment #1: 0010-IPVS-Allow-configuration-of-persistence-engines.patch --]
[-- Type: text/plain, Size: 6258 bytes --]
Allow the persistence engine of a virtual service to be set, edited
and unset.
This feature only works with the netlink user-space interface.
Signed-off-by: Simon Horman <horms@verge.net.au>
---
v2
* Dereference persistence engine when a service is deleted.
This allows persistence modules to be removed from the kernel
once they are no longer used.
* Update for the recent "ipvs: changes related to service usecnt" change
* Trivial rediff
Index: lvs-test-2.6/include/linux/ip_vs.h
===================================================================
--- lvs-test-2.6.orig/include/linux/ip_vs.h 2010-10-01 22:41:07.000000000 +0900
+++ lvs-test-2.6/include/linux/ip_vs.h 2010-10-01 22:42:08.000000000 +0900
@@ -336,6 +336,9 @@ enum {
IPVS_SVC_ATTR_NETMASK, /* persistent netmask */
IPVS_SVC_ATTR_STATS, /* nested attribute for service stats */
+
+ IPVS_SVC_ATTR_PE_NAME, /* name of ct retriever */
+
__IPVS_SVC_ATTR_MAX,
};
Index: lvs-test-2.6/include/net/ip_vs.h
===================================================================
--- lvs-test-2.6.orig/include/net/ip_vs.h 2010-10-01 22:41:54.000000000 +0900
+++ lvs-test-2.6/include/net/ip_vs.h 2010-10-01 22:42:08.000000000 +0900
@@ -444,6 +444,7 @@ struct ip_vs_service_user_kern {
/* virtual service options */
char *sched_name;
+ char *pe_name;
unsigned flags; /* virtual service flags */
unsigned timeout; /* persistent timeout in sec */
u32 netmask; /* persistent netmask */
Index: lvs-test-2.6/net/netfilter/ipvs/ip_vs_ctl.c
===================================================================
--- lvs-test-2.6.orig/net/netfilter/ipvs/ip_vs_ctl.c 2010-10-01 22:41:06.000000000 +0900
+++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_ctl.c 2010-10-01 22:44:51.000000000 +0900
@@ -1134,6 +1134,7 @@ ip_vs_add_service(struct ip_vs_service_u
{
int ret = 0;
struct ip_vs_scheduler *sched = NULL;
+ struct ip_vs_pe *pe = NULL;
struct ip_vs_service *svc = NULL;
/* increase the module use count */
@@ -1147,6 +1148,16 @@ ip_vs_add_service(struct ip_vs_service_u
goto out_err;
}
+ if (u->pe_name && *u->pe_name) {
+ pe = ip_vs_pe_get(u->pe_name);
+ if (pe == NULL) {
+ pr_info("persistence engine module ip_vs_pe_%s "
+ "not found\n", u->pe_name);
+ ret = -ENOENT;
+ goto out_err;
+ }
+ }
+
#ifdef CONFIG_IP_VS_IPV6
if (u->af == AF_INET6 && (u->netmask < 1 || u->netmask > 128)) {
ret = -EINVAL;
@@ -1184,6 +1195,10 @@ ip_vs_add_service(struct ip_vs_service_u
goto out_err;
sched = NULL;
+ /* Bind the ct retriever */
+ ip_vs_bind_pe(svc, pe);
+ pe = NULL;
+
/* Update the virtual service counters */
if (svc->port == FTPPORT)
atomic_inc(&ip_vs_ftpsvc_counter);
@@ -1215,6 +1230,7 @@ ip_vs_add_service(struct ip_vs_service_u
kfree(svc);
}
ip_vs_scheduler_put(sched);
+ ip_vs_pe_put(pe);
/* decrease the module use count */
ip_vs_use_count_dec();
@@ -1230,6 +1246,7 @@ static int
ip_vs_edit_service(struct ip_vs_service *svc, struct ip_vs_service_user_kern *u)
{
struct ip_vs_scheduler *sched, *old_sched;
+ struct ip_vs_pe *pe = NULL, *old_pe = NULL;
int ret = 0;
/*
@@ -1242,6 +1259,17 @@ ip_vs_edit_service(struct ip_vs_service
}
old_sched = sched;
+ if (u->pe_name && *u->pe_name) {
+ pe = ip_vs_pe_get(u->pe_name);
+ if (pe == NULL) {
+ pr_info("persistence engine module ip_vs_pe_%s "
+ "not found\n", u->pe_name);
+ ret = -ENOENT;
+ goto out;
+ }
+ old_pe = pe;
+ }
+
#ifdef CONFIG_IP_VS_IPV6
if (u->af == AF_INET6 && (u->netmask < 1 || u->netmask > 128)) {
ret = -EINVAL;
@@ -1293,12 +1321,17 @@ ip_vs_edit_service(struct ip_vs_service
}
}
+ old_pe = svc->pe;
+ if (pe != old_pe) {
+ ip_vs_unbind_pe(svc);
+ ip_vs_bind_pe(svc, pe);
+ }
+
out_unlock:
write_unlock_bh(&__ip_vs_svc_lock);
-#ifdef CONFIG_IP_VS_IPV6
out:
-#endif
ip_vs_scheduler_put(old_sched);
+ ip_vs_pe_put(old_pe);
return ret;
}
@@ -1312,6 +1345,9 @@ static void __ip_vs_del_service(struct i
{
struct ip_vs_dest *dest, *nxt;
struct ip_vs_scheduler *old_sched;
+ struct ip_vs_pe *old_pe;
+
+ pr_info("%s: enter\n", __func__);
/* Count only IPv4 services for old get/setsockopt interface */
if (svc->af == AF_INET)
@@ -1324,6 +1360,11 @@ static void __ip_vs_del_service(struct i
ip_vs_unbind_scheduler(svc);
ip_vs_scheduler_put(old_sched);
+ /* Unbind persistence engine */
+ old_pe = svc->pe;
+ ip_vs_unbind_pe(svc);
+ ip_vs_pe_put(old_pe);
+
/* Unbind app inc */
if (svc->inc) {
ip_vs_app_inc_put(svc->inc);
@@ -2539,6 +2580,8 @@ static const struct nla_policy ip_vs_svc
[IPVS_SVC_ATTR_FWMARK] = { .type = NLA_U32 },
[IPVS_SVC_ATTR_SCHED_NAME] = { .type = NLA_NUL_STRING,
.len = IP_VS_SCHEDNAME_MAXLEN },
+ [IPVS_SVC_ATTR_PE_NAME] = { .type = NLA_NUL_STRING,
+ .len = IP_VS_PENAME_MAXLEN },
[IPVS_SVC_ATTR_FLAGS] = { .type = NLA_BINARY,
.len = sizeof(struct ip_vs_flags) },
[IPVS_SVC_ATTR_TIMEOUT] = { .type = NLA_U32 },
@@ -2615,6 +2658,8 @@ static int ip_vs_genl_fill_service(struc
}
NLA_PUT_STRING(skb, IPVS_SVC_ATTR_SCHED_NAME, svc->scheduler->name);
+ if (svc->pe)
+ NLA_PUT_STRING(skb, IPVS_SVC_ATTR_PE_NAME, svc->pe->name);
NLA_PUT(skb, IPVS_SVC_ATTR_FLAGS, sizeof(flags), &flags);
NLA_PUT_U32(skb, IPVS_SVC_ATTR_TIMEOUT, svc->timeout / HZ);
NLA_PUT_U32(skb, IPVS_SVC_ATTR_NETMASK, svc->netmask);
@@ -2741,11 +2786,12 @@ static int ip_vs_genl_parse_service(stru
/* If a full entry was requested, check for the additional fields */
if (full_entry) {
- struct nlattr *nla_sched, *nla_flags, *nla_timeout,
+ struct nlattr *nla_sched, *nla_flags, *nla_pe, *nla_timeout,
*nla_netmask;
struct ip_vs_flags flags;
nla_sched = attrs[IPVS_SVC_ATTR_SCHED_NAME];
+ nla_pe = attrs[IPVS_SVC_ATTR_PE_NAME];
nla_flags = attrs[IPVS_SVC_ATTR_FLAGS];
nla_timeout = attrs[IPVS_SVC_ATTR_TIMEOUT];
nla_netmask = attrs[IPVS_SVC_ATTR_NETMASK];
@@ -2763,6 +2809,7 @@ static int ip_vs_genl_parse_service(stru
usvc->flags = (usvc->flags & ~flags.mask) |
(flags.flags & flags.mask);
usvc->sched_name = nla_data(nla_sched);
+ usvc->pe_name = nla_pe ? nla_data(nla_pe) : NULL;
usvc->timeout = nla_get_u32(nla_timeout);
usvc->netmask = nla_get_u32(nla_netmask);
}
^ permalink raw reply
* [patch v2 09/12] [PATCH 09/12] IPVS: management of persistence engine modules
From: Simon Horman @ 2010-10-01 14:35 UTC (permalink / raw)
To: lvs-devel, netdev, netfilter, netfilter-devel
Cc: Jan Engelhardt, Stephen Hemminger, Wensong Zhang,
Julian Anastasov, Patrick McHardy
In-Reply-To: <20101001143517.645421976@akiko.akashicho.tokyo.vergenet.net>
[-- Attachment #1: 0009-IPVS-management-of-persistence-engine-modules.patch --]
[-- Type: text/plain, Size: 5704 bytes --]
This is based heavily on the scheduler management code
Signed-off-by: Simon Horman <horms@verge.net.au>
---
v0.4
* Export register_ip_vs_pe and unregister_ip_vs_pe
* Use one line comment format for one line comments.
* Only use at most one blank line consecutively
v1
* As suggested by Stephen Hemminger
- Convert __ip_vs_pe_lock from a rwlock to a spinlock.
This code isn't performance-critical, so there is no need for RCU.
- Rename __ip_vs_pe_lock as ip_vs_pe_lock
* Stephen also suggested open-coding ip_vs_{un,}bind_pe()
as they are very short. But I would prefer to keep them as they are used
along side ip_vs_{un,}bind_scheduler which are too long to be open-coded.
v2
* Update for recent addition of ip_vs_nfct.c
* Trivial rediff
Index: lvs-test-2.6/include/net/ip_vs.h
===================================================================
--- lvs-test-2.6.orig/include/net/ip_vs.h 2010-10-01 22:27:32.000000000 +0900
+++ lvs-test-2.6/include/net/ip_vs.h 2010-10-01 22:30:16.000000000 +0900
@@ -795,6 +795,12 @@ extern int ip_vs_app_pkt_in(struct ip_vs
extern int ip_vs_app_init(void);
extern void ip_vs_app_cleanup(void);
+void ip_vs_bind_pe(struct ip_vs_service *svc, struct ip_vs_pe *pe);
+void ip_vs_unbind_pe(struct ip_vs_service *svc);
+int register_ip_vs_pe(struct ip_vs_pe *pe);
+int unregister_ip_vs_pe(struct ip_vs_pe *pe);
+extern struct ip_vs_pe *ip_vs_pe_get(const char *name);
+extern void ip_vs_pe_put(struct ip_vs_pe *pe);
/*
* IPVS protocol functions (from ip_vs_proto.c)
Index: lvs-test-2.6/net/netfilter/ipvs/ip_vs_pe.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ lvs-test-2.6/net/netfilter/ipvs/ip_vs_pe.c 2010-10-01 22:30:16.000000000 +0900
@@ -0,0 +1,147 @@
+#define KMSG_COMPONENT "IPVS"
+#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
+
+#include <linux/module.h>
+#include <linux/spinlock.h>
+#include <linux/interrupt.h>
+#include <asm/string.h>
+#include <linux/kmod.h>
+#include <linux/sysctl.h>
+
+#include <net/ip_vs.h>
+
+/* IPVS pe list */
+static LIST_HEAD(ip_vs_pe);
+
+/* lock for service table */
+static DEFINE_SPINLOCK(ip_vs_pe_lock);
+
+/* Bind a service with a pe */
+void ip_vs_bind_pe(struct ip_vs_service *svc, struct ip_vs_pe *pe)
+{
+ svc->pe = pe;
+}
+
+/* Unbind a service from its pe */
+void ip_vs_unbind_pe(struct ip_vs_service *svc)
+{
+ svc->pe = NULL;
+}
+
+/* Get pe in the pe list by name */
+static struct ip_vs_pe *
+ip_vs_pe_getbyname(const char *pe_name)
+{
+ struct ip_vs_pe *pe;
+
+ IP_VS_DBG(2, "%s(): pe_name \"%s\"\n", __func__,
+ pe_name);
+
+ spin_lock_bh(&ip_vs_pe_lock);
+
+ list_for_each_entry(pe, &ip_vs_pe, n_list) {
+ /* Test and get the modules atomically */
+ if (pe->module &&
+ !try_module_get(pe->module)) {
+ /* This pe is just deleted */
+ continue;
+ }
+ if (strcmp(pe_name, pe->name)==0) {
+ /* HIT */
+ spin_unlock_bh(&ip_vs_pe_lock);
+ return pe;
+ }
+ if (pe->module)
+ module_put(pe->module);
+ }
+
+ spin_unlock_bh(&ip_vs_pe_lock);
+ return NULL;
+}
+
+/* Lookup pe and try to load it if it doesn't exist */
+struct ip_vs_pe *ip_vs_pe_get(const char *name)
+{
+ struct ip_vs_pe *pe;
+
+ /* Search for the pe by name */
+ pe = ip_vs_pe_getbyname(name);
+
+ /* If pe not found, load the module and search again */
+ if (!pe) {
+ request_module("ip_vs_pe_%s", name);
+ pe = ip_vs_pe_getbyname(name);
+ }
+
+ return pe;
+}
+
+void ip_vs_pe_put(struct ip_vs_pe *pe)
+{
+ if (pe && pe->module)
+ module_put(pe->module);
+}
+
+/* Register a pe in the pe list */
+int register_ip_vs_pe(struct ip_vs_pe *pe)
+{
+ struct ip_vs_pe *tmp;
+
+ /* increase the module use count */
+ ip_vs_use_count_inc();
+
+ spin_lock_bh(&ip_vs_pe_lock);
+
+ if (!list_empty(&pe->n_list)) {
+ spin_unlock_bh(&ip_vs_pe_lock);
+ ip_vs_use_count_dec();
+ pr_err("%s(): [%s] pe already linked\n",
+ __func__, pe->name);
+ return -EINVAL;
+ }
+
+ /* Make sure that the pe with this name doesn't exist
+ * in the pe list.
+ */
+ list_for_each_entry(tmp, &ip_vs_pe, n_list) {
+ if (strcmp(tmp->name, pe->name) == 0) {
+ spin_unlock_bh(&ip_vs_pe_lock);
+ ip_vs_use_count_dec();
+ pr_err("%s(): [%s] pe already existed "
+ "in the system\n", __func__, pe->name);
+ return -EINVAL;
+ }
+ }
+ /* Add it into the d-linked pe list */
+ list_add(&pe->n_list, &ip_vs_pe);
+ spin_unlock_bh(&ip_vs_pe_lock);
+
+ pr_info("[%s] pe registered.\n", pe->name);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(register_ip_vs_pe);
+
+/* Unregister a pe from the pe list */
+int unregister_ip_vs_pe(struct ip_vs_pe *pe)
+{
+ spin_lock_bh(&ip_vs_pe_lock);
+ if (list_empty(&pe->n_list)) {
+ spin_unlock_bh(&ip_vs_pe_lock);
+ pr_err("%s(): [%s] pe is not in the list. failed\n",
+ __func__, pe->name);
+ return -EINVAL;
+ }
+
+ /* Remove it from the d-linked pe list */
+ list_del(&pe->n_list);
+ spin_unlock_bh(&ip_vs_pe_lock);
+
+ /* decrease the module use count */
+ ip_vs_use_count_dec();
+
+ pr_info("[%s] pe unregistered.\n", pe->name);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(unregister_ip_vs_pe);
Index: lvs-test-2.6/net/netfilter/ipvs/Makefile
===================================================================
--- lvs-test-2.6.orig/net/netfilter/ipvs/Makefile 2010-10-01 22:30:26.000000000 +0900
+++ lvs-test-2.6/net/netfilter/ipvs/Makefile 2010-10-01 22:30:59.000000000 +0900
@@ -14,7 +14,7 @@ ip_vs-extra_objs-$(CONFIG_IP_VS_NFCT) +=
ip_vs-objs := ip_vs_conn.o ip_vs_core.o ip_vs_ctl.o ip_vs_sched.o \
ip_vs_xmit.o ip_vs_app.o ip_vs_sync.o \
- ip_vs_est.o ip_vs_proto.o \
+ ip_vs_est.o ip_vs_proto.o ip_vs_pe.o \
$(ip_vs_proto-objs-y) $(ip_vs-extra_objs-y)
^ permalink raw reply
* [patch v2 06/12] [PATCH 06/12] IPVS: ip_vs_{un,}bind_scheduler NULL arguments
From: Simon Horman @ 2010-10-01 14:35 UTC (permalink / raw)
To: lvs-devel, netdev, netfilter, netfilter-devel
Cc: Jan Engelhardt, Stephen Hemminger, Wensong Zhang,
Julian Anastasov, Patrick McHardy
In-Reply-To: <20101001143517.645421976@akiko.akashicho.tokyo.vergenet.net>
[-- Attachment #1: 0006-IPVS-ip_vs_-un-bind_scheduler-NULL-arguments.patch --]
[-- Type: text/plain, Size: 1770 bytes --]
In general NULL arguments aren't passed by the few callers that exist,
so don't test for them.
The exception is to make passing NULL to ip_vs_unbind_scheduler() a noop.
Signed-off-by: Simon Horman <horms@verge.net.au>
v2
* Trivial rediff
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 84dae47..d57cc4a 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -1229,8 +1229,7 @@ ip_vs_add_service(struct ip_vs_service_user_kern *u,
out_err:
if (svc != NULL) {
- if (svc->scheduler)
- ip_vs_unbind_scheduler(svc);
+ ip_vs_unbind_scheduler(svc);
if (svc->inc) {
local_bh_disable();
ip_vs_app_inc_put(svc->inc);
diff --git a/net/netfilter/ipvs/ip_vs_sched.c b/net/netfilter/ipvs/ip_vs_sched.c
index cd77902..be0780a 100644
--- a/net/netfilter/ipvs/ip_vs_sched.c
+++ b/net/netfilter/ipvs/ip_vs_sched.c
@@ -46,15 +46,6 @@ int ip_vs_bind_scheduler(struct ip_vs_service *svc,
{
int ret;
- if (svc == NULL) {
- pr_err("%s(): svc arg NULL\n", __func__);
- return -EINVAL;
- }
- if (scheduler == NULL) {
- pr_err("%s(): scheduler arg NULL\n", __func__);
- return -EINVAL;
- }
-
svc->scheduler = scheduler;
if (scheduler->init_service) {
@@ -74,18 +65,10 @@ int ip_vs_bind_scheduler(struct ip_vs_service *svc,
*/
int ip_vs_unbind_scheduler(struct ip_vs_service *svc)
{
- struct ip_vs_scheduler *sched;
+ struct ip_vs_scheduler *sched = svc->scheduler;
- if (svc == NULL) {
- pr_err("%s(): svc arg NULL\n", __func__);
- return -EINVAL;
- }
-
- sched = svc->scheduler;
- if (sched == NULL) {
- pr_err("%s(): svc isn't bound\n", __func__);
- return -EINVAL;
- }
+ if (!sched)
+ return 0;
if (sched->done_service) {
if (sched->done_service(svc) != 0) {
--
1.7.1
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox