1. 29 Mar, 2019 3 commits
  2. 28 Mar, 2019 28 commits
  3. 27 Mar, 2019 9 commits
    • Eric Dumazet's avatar
      inet: switch IP ID generator to siphash · df453700
      Eric Dumazet authored
      According to Amit Klein and Benny Pinkas, IP ID generation is too weak
      and might be used by attackers.
      
      Even with recent net_hash_mix() fix (netns: provide pure entropy for net_hash_mix())
      having 64bit key and Jenkins hash is risky.
      
      It is time to switch to siphash and its 128bit keys.
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarAmit Klein <aksecurity@gmail.com>
      Reported-by: default avatarBenny Pinkas <benny@pinkas.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      df453700
    • Colin Ian King's avatar
      net: phy: mdio-bcm-unimac: remove redundant !timeout check · 180a8c3d
      Colin Ian King authored
      The check for zero timeout is always true at the end of the proceeding
      while loop; the only other exit path in the loop is if the unimac MDIO
      is not busy.  Remove the redundant zero timeout check and always
      return -ETIMEDOUT on this timeout return path.
      Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      180a8c3d
    • Eric Dumazet's avatar
      tcp: fix zerocopy and notsent_lowat issues · 4f661542
      Eric Dumazet authored
      My recent patch had at least three problems :
      
      1) TX zerocopy wants notification when skb is acknowledged,
         thus we need to call skb_zcopy_clear() if the skb is
         cached into sk->sk_tx_skb_cache
      
      2) Some applications might expect precise EPOLLOUT
         notifications, so we need to update sk->sk_wmem_queued
         and call sk_mem_uncharge() from sk_wmem_free_skb()
         in all cases. The SOCK_QUEUE_SHRUNK flag must also be set.
      
      3) Reuse of saved skb should have used skb_cloned() instead
        of simply checking if the fast clone has been freed.
      
      Fixes: 472c2e07 ("tcp: add one skb cache for tx")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: Willem de Bruijn <willemb@google.com>
      Cc: Soheil Hassas Yeganeh <soheil@google.com>
      Acked-by: default avatarSoheil Hassas Yeganeh <soheil@google.com>
      Tested-by: default avatarHolger Hoffstätte <holger@applied-asynchrony.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4f661542
    • Numan Siddique's avatar
      net: openvswitch: Add a new action check_pkt_len · 4d5ec89f
      Numan Siddique authored
      This patch adds a new action - 'check_pkt_len' which checks the
      packet length and executes a set of actions if the packet
      length is greater than the specified length or executes
      another set of actions if the packet length is lesser or equal to.
      
      This action takes below nlattrs
        * OVS_CHECK_PKT_LEN_ATTR_PKT_LEN - 'pkt_len' to check for
      
        * OVS_CHECK_PKT_LEN_ATTR_ACTIONS_IF_GREATER - Nested actions
          to apply if the packet length is greater than the specified 'pkt_len'
      
        * OVS_CHECK_PKT_LEN_ATTR_ACTIONS_IF_LESS_EQUAL - Nested
          actions to apply if the packet length is lesser or equal to the
          specified 'pkt_len'.
      
      The main use case for adding this action is to solve the packet
      drops because of MTU mismatch in OVN virtual networking solution.
      When a VM (which belongs to a logical switch of OVN) sends a packet
      destined to go via the gateway router and if the nic which provides
      external connectivity, has a lesser MTU, OVS drops the packet
      if the packet length is greater than this MTU.
      
      With the help of this action, OVN will check the packet length
      and if it is greater than the MTU size, it will generate an
      ICMP packet (type 3, code 4) and includes the next hop mtu in it
      so that the sender can fragment the packets.
      
      Reported-at:
      https://mail.openvswitch.org/pipermail/ovs-discuss/2018-July/047039.htmlSuggested-by: default avatarBen Pfaff <blp@ovn.org>
      Signed-off-by: default avatarNuman Siddique <nusiddiq@redhat.com>
      CC: Gregory Rose <gvrose8192@gmail.com>
      CC: Pravin B Shelar <pshelar@ovn.org>
      Acked-by: default avatarPravin B Shelar <pshelar@ovn.org>
      Tested-by: default avatarGreg Rose <gvrose8192@gmail.com>
      Reviewed-by: default avatarGreg Rose <gvrose8192@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4d5ec89f
    • David S. Miller's avatar
      Merge branch 'ethtool-add-support-for-Fast-Link-Down-as-new-PHY-tunable' · d7aa0338
      David S. Miller authored
      Heiner Kallweit says:
      
      ====================
      ethtool: add support for Fast Link Down as new PHY tunable
      
      This adds support for Fast Link Down as new PHY tunable.
      Fast Link Down reduces the time until a link down event is reported
      for 1000BaseT. According to the standard it's 750ms what is too long
      for several use cases.
      
      This is the kernel-related series, the ethtool userspace extension
      I'd submit once the kernel part has been applied.
      
      v2:
      - add describing comment in patch 1
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d7aa0338
    • Heiner Kallweit's avatar
      net: phy: marvell: add PHY tunable fast link down support for 88E1540 · 69f42be8
      Heiner Kallweit authored
      1000BaseT standard requires that a link is reported as down earliest
      after 750ms. Several use case however require a much faster detecion
      of a broken link. Fast Link Down supports this by intentionally
      violating a the standard. This patch exposes the Fast Link Down
      feature of 88E1540 and 88E6390. These PHY's can be found as internal
      PHY's in several switches: 88E6352, 88E6240, 88E6176, 88E6172,
      and 88E6390(X). Fast Link Down and EEE are mutually exclusive.
      Signed-off-by: default avatarHeiner Kallweit <hkallweit1@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      69f42be8
    • Heiner Kallweit's avatar
      ethtool: add PHY Fast Link Down support · 3aeb0803
      Heiner Kallweit authored
      This adds support for Fast Link Down as new PHY tunable.
      Fast Link Down reduces the time until a link down event is reported
      for 1000BaseT. According to the standard it's 750ms what is too long
      for several use cases.
      
      v2:
      - add comment describing the constants
      Signed-off-by: default avatarHeiner Kallweit <hkallweit1@gmail.com>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Reviewed-by: default avatarMichal Kubecek <mkubecek@suse.cz>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3aeb0803
    • Bart Van Assche's avatar
      net/core: Allow the compiler to verify declaration and definition consistency · 7b7ed885
      Bart Van Assche authored
      Instead of declaring a function in a .c file, declare it in a header
      file and include that header file from the source files that define
      and that use the function. That allows the compiler to verify
      consistency of declaration and definition. See also commit
      52267790 ("sock: add MSG_ZEROCOPY") # v4.14.
      
      Cc: Willem de Bruijn <willemb@google.com>
      Signed-off-by: default avatarBart Van Assche <bvanassche@acm.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7b7ed885
    • Bart Van Assche's avatar
      net/core: Fix rtnetlink kernel-doc headers · a986967e
      Bart Van Assche authored
      This patch avoids that the following warnings are reported when building
      with W=1:
      
      net/core/rtnetlink.c:3580: warning: Function parameter or member 'ndm' not described in 'ndo_dflt_fdb_add'
      net/core/rtnetlink.c:3580: warning: Function parameter or member 'tb' not described in 'ndo_dflt_fdb_add'
      net/core/rtnetlink.c:3580: warning: Function parameter or member 'dev' not described in 'ndo_dflt_fdb_add'
      net/core/rtnetlink.c:3580: warning: Function parameter or member 'addr' not described in 'ndo_dflt_fdb_add'
      net/core/rtnetlink.c:3580: warning: Function parameter or member 'vid' not described in 'ndo_dflt_fdb_add'
      net/core/rtnetlink.c:3580: warning: Function parameter or member 'flags' not described in 'ndo_dflt_fdb_add'
      net/core/rtnetlink.c:3718: warning: Function parameter or member 'ndm' not described in 'ndo_dflt_fdb_del'
      net/core/rtnetlink.c:3718: warning: Function parameter or member 'tb' not described in 'ndo_dflt_fdb_del'
      net/core/rtnetlink.c:3718: warning: Function parameter or member 'dev' not described in 'ndo_dflt_fdb_del'
      net/core/rtnetlink.c:3718: warning: Function parameter or member 'addr' not described in 'ndo_dflt_fdb_del'
      net/core/rtnetlink.c:3718: warning: Function parameter or member 'vid' not described in 'ndo_dflt_fdb_del'
      net/core/rtnetlink.c:3861: warning: Function parameter or member 'skb' not described in 'ndo_dflt_fdb_dump'
      net/core/rtnetlink.c:3861: warning: Function parameter or member 'cb' not described in 'ndo_dflt_fdb_dump'
      net/core/rtnetlink.c:3861: warning: Function parameter or member 'filter_dev' not described in 'ndo_dflt_fdb_dump'
      net/core/rtnetlink.c:3861: warning: Function parameter or member 'idx' not described in 'ndo_dflt_fdb_dump'
      net/core/rtnetlink.c:3861: warning: Excess function parameter 'nlh' description in 'ndo_dflt_fdb_dump'
      
      Cc: Hubert Sokolowski <hubert.sokolowski@intel.com>
      Signed-off-by: default avatarBart Van Assche <bvanassche@acm.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a986967e