lab.nexedi.com will be down from Thursday, 20 March 2025, 07:30:00 UTC for a duration of approximately 2 hours

  1. 16 Jun, 2014 32 commits
  2. 13 Jun, 2014 8 commits
    • Eric Dumazet's avatar
      ipv6: Limit mtu to 65575 bytes · 8ffa52da
      Eric Dumazet authored
      [ Upstream commit 30f78d8e ]
      
      Francois reported that setting big mtu on loopback device could prevent
      tcp sessions making progress.
      
      We do not support (yet ?) IPv6 Jumbograms and cook corrupted packets.
      
      We must limit the IPv6 MTU to (65535 + 40) bytes in theory.
      
      Tested:
      
      ifconfig lo mtu 70000
      netperf -H ::1
      
      Before patch : Throughput :   0.05 Mbits
      
      After patch : Throughput : 35484 Mbits
      Reported-by: default avatarFrancois WELLENREITER <f.wellenreiter@gmail.com>
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
      Acked-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      8ffa52da
    • Thomas Richter's avatar
      bonding: Remove debug_fs files when module init fails · f3fd2c40
      Thomas Richter authored
      [ Upstream commit db298686 ]
      
      Remove the bonding debug_fs entries when the
      module initialization fails. The debug_fs
      entries should be removed together with all other
      already allocated resources.
      Signed-off-by: default avatarThomas Richter <tmricht@linux.vnet.ibm.com>
      Signed-off-by: default avatarJay Vosburgh <j.vosburgh@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      f3fd2c40
    • Florian Westphal's avatar
      net: core: don't account for udp header size when computing seglen · 119af96a
      Florian Westphal authored
      [ Upstream commit 6d39d589 ]
      
      In case of tcp, gso_size contains the tcpmss.
      
      For UFO (udp fragmentation offloading) skbs, gso_size is the fragment
      payload size, i.e. we must not account for udp header size.
      
      Otherwise, when using virtio drivers, a to-be-forwarded UFO GSO packet
      will be needlessly fragmented in the forward path, because we think its
      individual segments are too large for the outgoing link.
      
      Fixes: fe6cc55f ("net: ip, ipv6: handle gso skbs in forwarding path")
      Cc: Eric Dumazet <eric.dumazet@gmail.com>
      Reported-by: default avatarTobias Brunner <tobias@strongswan.org>
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      119af96a
    • Dmitry Petukhov's avatar
      l2tp: take PMTU from tunnel UDP socket · b3772eed
      Dmitry Petukhov authored
      [ Upstream commit f34c4a35 ]
      
      When l2tp driver tries to get PMTU for the tunnel destination, it uses
      the pointer to struct sock that represents PPPoX socket, while it
      should use the pointer that represents UDP socket of the tunnel.
      Signed-off-by: default avatarDmitry Petukhov <dmgenp@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      b3772eed
    • Daniel Borkmann's avatar
      net: sctp: test if association is dead in sctp_wake_up_waiters · 845d149a
      Daniel Borkmann authored
      [ Upstream commit 1e1cdf8a ]
      
      In function sctp_wake_up_waiters(), we need to involve a test
      if the association is declared dead. If so, we don't have any
      reference to a possible sibling association anymore and need
      to invoke sctp_write_space() instead, and normally walk the
      socket's associations and notify them of new wmem space. The
      reason for special casing is that otherwise, we could run
      into the following issue when a sctp_primitive_SEND() call
      from sctp_sendmsg() fails, and tries to flush an association's
      outq, i.e. in the following way:
      
      sctp_association_free()
      `-> list_del(&asoc->asocs)         <-- poisons list pointer
          asoc->base.dead = true
          sctp_outq_free(&asoc->outqueue)
          `-> __sctp_outq_teardown()
           `-> sctp_chunk_free()
            `-> consume_skb()
             `-> sctp_wfree()
              `-> sctp_wake_up_waiters() <-- dereferences poisoned pointers
                                             if asoc->ep->sndbuf_policy=0
      
      Therefore, only walk the list in an 'optimized' way if we find
      that the current association is still active. We could also use
      list_del_init() in addition when we call sctp_association_free(),
      but as Vlad suggests, we want to trap such bugs and thus leave
      it poisoned as is.
      
      Why is it safe to resolve the issue by testing for asoc->base.dead?
      Parallel calls to sctp_sendmsg() are protected under socket lock,
      that is lock_sock()/release_sock(). Only within that path under
      lock held, we're setting skb/chunk owner via sctp_set_owner_w().
      Eventually, chunks are freed directly by an association still
      under that lock. So when traversing association list on destruction
      time from sctp_wake_up_waiters() via sctp_wfree(), a different
      CPU can't be running sctp_wfree() while another one calls
      sctp_association_free() as both happens under the same lock.
      Therefore, this can also not race with setting/testing against
      asoc->base.dead as we are guaranteed for this to happen in order,
      under lock. Further, Vlad says: the times we check asoc->base.dead
      is when we've cached an association pointer for later processing.
      In between cache and processing, the association may have been
      freed and is simply still around due to reference counts. We check
      asoc->base.dead under a lock, so it should always be safe to check
      and not race against sctp_association_free(). Stress-testing seems
      fine now, too.
      
      Fixes: cd253f9f357d ("net: sctp: wake up all assocs if sndbuf policy is per socket")
      Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Cc: Vlad Yasevich <vyasevic@redhat.com>
      Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Acked-by: default avatarVlad Yasevich <vyasevic@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      845d149a
    • Daniel Borkmann's avatar
      net: sctp: wake up all assocs if sndbuf policy is per socket · c622f913
      Daniel Borkmann authored
      [ Upstream commit 52c35bef ]
      
      SCTP charges chunks for wmem accounting via skb->truesize in
      sctp_set_owner_w(), and sctp_wfree() respectively as the
      reverse operation. If a sender runs out of wmem, it needs to
      wait via sctp_wait_for_sndbuf(), and gets woken up by a call
      to __sctp_write_space() mostly via sctp_wfree().
      
      __sctp_write_space() is being called per association. Although
      we assign sk->sk_write_space() to sctp_write_space(), which
      is then being done per socket, it is only used if send space
      is increased per socket option (SO_SNDBUF), as SOCK_USE_WRITE_QUEUE
      is set and therefore not invoked in sock_wfree().
      
      Commit 4c3a5bda ("sctp: Don't charge for data in sndbuf
      again when transmitting packet") fixed an issue where in case
      sctp_packet_transmit() manages to queue up more than sndbuf
      bytes, sctp_wait_for_sndbuf() will never be woken up again
      unless it is interrupted by a signal. However, a still
      remaining issue is that if net.sctp.sndbuf_policy=0, that is
      accounting per socket, and one-to-many sockets are in use,
      the reclaimed write space from sctp_wfree() is 'unfairly'
      handed back on the server to the association that is the lucky
      one to be woken up again via __sctp_write_space(), while
      the remaining associations are never be woken up again
      (unless by a signal).
      
      The effect disappears with net.sctp.sndbuf_policy=1, that
      is wmem accounting per association, as it guarantees a fair
      share of wmem among associations.
      
      Therefore, if we have reclaimed memory in case of per socket
      accounting, wake all related associations to a socket in a
      fair manner, that is, traverse the socket association list
      starting from the current neighbour of the association and
      issue a __sctp_write_space() to everyone until we end up
      waking ourselves. This guarantees that no association is
      preferred over another and even if more associations are
      taken into the one-to-many session, all receivers will get
      messages from the server and are not stalled forever on
      high load. This setting still leaves the advantage of per
      socket accounting in touch as an association can still use
      up global limits if unused by others.
      
      Fixes: 4eb701df ("[SCTP] Fix SCTP sendbuffer accouting.")
      Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
      Cc: Thomas Graf <tgraf@suug.ch>
      Cc: Neil Horman <nhorman@tuxdriver.com>
      Cc: Vlad Yasevich <vyasevic@redhat.com>
      Acked-by: default avatarVlad Yasevich <vyasevic@redhat.com>
      Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      c622f913
    • Oleg Nesterov's avatar
      list: introduce list_next_entry() and list_prev_entry() · b8238ded
      Oleg Nesterov authored
      [ Upstream commit 008208c6 ]
      
      Add two trivial helpers list_next_entry() and list_prev_entry(), they
      can have a lot of users including list.h itself.  In fact the 1st one is
      already defined in events/core.c and bnx2x_sp.c, so the patch simply
      moves the definition to list.h.
      Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
      Cc: Eilon Greenstein <eilong@broadcom.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      b8238ded
    • Bjørn Mork's avatar
      usb: option: add and update a number of CMOTech devices · 76197290
      Bjørn Mork authored
      commit 34f972d6 upstream.
      
      A number of older CMOTech modems are based on Qualcomm
      chips.  The blacklisted interfaces are QMI/wwan.
      Reported-by: default avatarLars Melin <larsm17@gmail.com>
      Signed-off-by: default avatarBjørn Mork <bjorn@mork.no>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
      76197290