Eric Dumazet [Tue, 26 Jun 2012 23:14:15 +0000 (23:14 +0000)]
ipv4: tcp: dont cache unconfirmed intput dst
DDOS synflood attacks hit badly IP route cache.
On typical machines, this cache is allowed to hold up to 8 Millions dst
entries, 256 bytes for each, for a total of 2GB of memory.
rt_garbage_collect() triggers and tries to cleanup things.
Eventually route cache is disabled but machine is under fire and might
OOM and crash.
This patch exploits the new TCP early demux, to set a nocache
boolean in case incoming TCP frame is for a not yet ESTABLISHED or
TIMEWAIT socket.
This 'nocache' boolean is then used in case dst entry is not found in
route cache, to create an unhashed dst entry (DST_NOCACHE)
SYN-cookie-ACK sent use a similar mechanism (ipv4: tcp: dont cache
output dst for syncookies), so after this patch, a machine is able to
absorb a DDOS synflood attack without polluting its IP route cache.
Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Hans Schillstrom <hans.schillstrom@ericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Somnath Kotur [Tue, 26 Jun 2012 22:32:10 +0000 (22:32 +0000)]
be2net: Fix to trim skb for padded vlan packets to workaround an ASIC Bug
Fixed spelling error in a comment as pointed out by DaveM.
Also refactored existing code a bit to provide placeholders for another ASIC
Bug workaround that will be checked-in soon after this.
Signed-off-by: Somnath Kotur <somnath.kotur@emulex.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Merav Sicron [Tue, 26 Jun 2012 06:11:03 +0000 (06:11 +0000)]
bnx2x: Change bnx2x_tests_str_arr to static char
This patch changes the definition of bnx2x_tests_str_arr from char to static
char. This correction will also eliminate the sparse warning created in commit cf2c1df62e065bfc15e38daf2d3479a56b320f29.
Signed-off-by: Merav Sicron <meravs@broadcom.com> Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Barak Witkowski [Tue, 26 Jun 2012 01:31:19 +0000 (01:31 +0000)]
bnx2x, bnx2fc, bnx2i, cnic: Add statistics support and FCoE capabilities advertisement
1. When FCoE offload driver is registered, copy its capabilities to the chip
scratchpad.
2. Copy FCoE/iSCSI MAC addresses in aligned manner to chip scratchpad.
3. Add FCoE/iSCSI statistics collection support
Signed-off-by: Barak Witkowski <barak@broadcom.com> Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: Eddie Wai <eddie.wai@broadcom.com> Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: Bhanu Prakash Gollapudi <bprakash@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Dan Carpenter [Tue, 26 Jun 2012 20:53:09 +0000 (20:53 +0000)]
6lowpan: double unlock on an error path
We already unlocked a few lines earlier here, so we can go directly to
drop without passing through unlock. This was introduced recently in c5d3687f6c ('6lowpan: read data from skb safely').
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Alexander Smirnov <alex.bluesman.smirnov@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/ieee802154: add support for the at86rf230/231 transceivers
The AT86RF231 is a feature rich, low-power 2.4 GHz radio transceiver
designed for industrial and consumer ZigBee/IEEE 802.15.4, 6LoWPAN,
RF4CE and high data rate 2.4 GHz ISM band applications.
This patch adds support for the Atmel RF230/231 radio transceivers.
Signed-off-by: Alexander Smirnov <alex.bluesman.smirnov@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Every real 802.15.4 transceiver, which works with software MAC layer,
can be classified as a wpan device in this stack. So the wpan device
implementation provides missing link in datapath between the device
drivers and the Linux network queue.
According to the IEEE 802.15.4 standard each packet can be one of the
following types:
- beacon
- MAC layer command
- ACK
- data
This patch adds support for the data packet-type only, but this is
enough to perform data transmission and receiving over radio.
Signed-off-by: Alexander Smirnov <alex.bluesman.smirnov@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
During the last conflict resolution involving translation-table.c something went
wrong and a condition in the AP isolation code was reversed. This patch fixes
this problem.
Signed-off-by: Antonio Quartulli <ordex@autistici.org> Signed-off-by: David S. Miller <davem@davemloft.net>
net/sh-eth: Add support selecting MII function for SH7734 and R8A7740
Ethernet IP of SH7734 and R8A7740 has selecting MII register.
The user needs to change a value according to MII to be used.
This adds the function to change the value of this register.
Signed-off-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: David S. Miller <davem@davemloft.net>
David McCullough [Mon, 25 Jun 2012 15:42:26 +0000 (15:42 +0000)]
net/ipv6/route.c: packets originating on device match lo
Fix to allow IPv6 packets originating locally to match rules with the "iff"
set to "lo". This allows IPv6 rule matching work the same as it does for
IPv4. From the iproute2 man page:
iif NAME
select the incoming device to match. If the interface is loop‐
back, the rule only matches packets originating from this host.
This means that you may create separate routing tables for for‐
warded and local packets and, hence, completely segregate them.
Signed-off-by: David McCullough <david_mccullough@mcafee.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Sjur Brændeland [Mon, 25 Jun 2012 07:49:42 +0000 (07:49 +0000)]
caif-hsi: Replace platform device with ops structure.
Remove use of struct platform_device, and replace it with
struct cfhsi_ops. Updated variable names in the same
spirit:
cfhsi_get_dev to cfhsi_get_ops,
cfhsi->dev to cfhsi->ops and,
cfhsi->dev.drv to cfhsi->ops->cb_ops.
Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Sjur Brændeland [Mon, 25 Jun 2012 07:49:41 +0000 (07:49 +0000)]
caif-hsi: Add rtnl support
Add RTNL support for managing the caif hsi interface.
The HSI HW interface is no longer registering as a device,
instead we use symbol_get to get hold of the HSI API.
Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Update drawing and remove description of old features.
Add HSI and USB link layers to the drawing.
Reported-by: Joerg Reisenweber <joerg.reisenweber@stericssion.com> Signed-off-by: Sjur Brændeland <sjur.brandeland@stericssion.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Aggregation_timeout is an unsigned long,
a test for less than zero can never become true,
compare with zero instead.
Signed-off-by: Kim Lilliestierna <kim.xx.lilliestierna@stericsson.com> Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Kim Lilliestierna <kim.xx.lilliestierna@stericsson.com> Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Rearranged the allocation and packet creations to
avoid potential leaks in error path.
Signed-off-by: Kim Lilliestierna <kim.xx.lilliestierna@stericsson.com> Signed-off-by: Sjur Brændeland <sjur.brandeland@stericssion.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Kim Lilliestierna <Kim.xx.Lilliestierna@stericsson.com> Signed-off-by: Sjur Brændeland <sjur.brandeland@stericssion.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Removed surplus call to caif_device_list() in caif_dev.c
Signed-off-by: Kim Lilliestierna <kim.xx.lilliestierna@stericsson.com> Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Alexander Smirnov <alex.bluesman.smirnov@gmail.com> Cc: Tony Cheneau <tony.cheneau+zigbeedev@amnesiak.org> Signed-off-by: David S. Miller <davem@davemloft.net>
net: Remove 'unlikely' qualifier in skb_steal_sock()
With early demux enabled by default for TCP flows, there is high chance that
skb->sk will be non-null. 'unlikely()' was removed from __inet_lookup_skb() but
maybe it can be removed from skb_steal_sock() as well.
Note: skb_steal_sock() is also called by __inet6_lookup_skb() and
__udp4_lib_lookup_skb() but they are protected by their own 'unlikely' calls.
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Mon, 25 Jun 2012 22:37:19 +0000 (15:37 -0700)]
ipv6: fib: fix fib dump restart
Commit 2bec5a369ee79576a3 (ipv6: fib: fix crash when changing large fib
while dumping it) introduced ability to restart the dump at tree root,
but failed to skip correctly a count of already dumped entries. Code
didn't match Patrick intent.
We must skip exactly the number of already dumped entries.
Note that like other /proc/net files or netlink producers, we could
still dump some duplicates entries.
Reported-by: Debabrata Banerjee <dbavatar@gmail.com> Reported-by: Josh Hunt <johunt@akamai.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Santosh Nayak [Tue, 19 Jun 2012 21:27:39 +0000 (21:27 +0000)]
netxen: Error return off by one in 'netxen_nic_set_pauseparam()'.
There are 'NETXEN_NIU_MAX_GBE_PORTS' GBE ports. Port indexing starts
from zero.
Hence we should also return error for "port == NETXEN_NIU_MAX_GBE_PORTS"
Sven Eckelmann [Wed, 16 May 2012 18:23:16 +0000 (20:23 +0200)]
batman-adv: Prefix translation-table local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Wed, 16 May 2012 18:23:15 +0000 (20:23 +0200)]
batman-adv: Prefix soft-interface local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Wed, 16 May 2012 18:23:14 +0000 (20:23 +0200)]
batman-adv: Prefix send local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Wed, 16 May 2012 18:23:13 +0000 (20:23 +0200)]
batman-adv: Prefix routing local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:34:00 +0000 (18:34 +0200)]
batman-adv: Prefix originator local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:59 +0000 (18:33 +0200)]
batman-adv: Prefix icmp_socket local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:58 +0000 (18:33 +0200)]
batman-adv: Prefix hash local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:57 +0000 (18:33 +0200)]
batman-adv: Prefix hard-interface local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:56 +0000 (18:33 +0200)]
batman-adv: Prefix gateway_common local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:55 +0000 (18:33 +0200)]
batman-adv: Prefix gateway_client local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:53 +0000 (18:33 +0200)]
batman-adv: Prefix bridge_loop_avoidance local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:52 +0000 (18:33 +0200)]
batman-adv: Prefix bat_sysfs local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:51 +0000 (18:33 +0200)]
batman-adv: Prefix bat_iv_ogm local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 11:48:58 +0000 (13:48 +0200)]
batman-adv: Prefix main static inline functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 11:48:57 +0000 (13:48 +0200)]
batman-adv: Prefix unicast static inline functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 11:48:56 +0000 (13:48 +0200)]
batman-adv: Prefix originator static inline functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 11:48:55 +0000 (13:48 +0200)]
batman-adv: Prefix hash static inline functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 11:48:54 +0000 (13:48 +0200)]
batman-adv: Prefix hard-interface static inline functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 11:48:53 +0000 (13:48 +0200)]
batman-adv: Prefix bitarray static inline functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 12 May 2012 16:33:50 +0000 (18:33 +0200)]
batman-adv: Prefix bat_debugfs local static functions with batadv_
All non-static symbols of batman-adv were prefixed with batadv_ to avoid
collisions with other symbols of the kernel. Other symbols of batman-adv
should use the same prefix to keep the naming scheme consistent.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The dest port for the call to __inet_lookup_established() in TCP early demux
code is passed with the wrong endian-ness. This causes the lookup to fail
leading to early demux not being used.
Signed-off-by: Vijay Subramanian <subramanian.vijay@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
In the current TT code, when a TT_Response containing a full table is received
from an originator, first the node purges all the clients for that originator in
the global translation-table and then merges the newly received table.
During the purging phase each client deletion is done by means of a call_rcu()
invocation and at the end of this phase the global entry counter for that
originator is set to 0. However the invoked rcu function decreases the global
entry counter for that originator by one too and since the rcu invocation is
likely to be postponed, the node will end up in first setting the counter to 0
and then decreasing it one by one for each deleted client.
This bug leads to having a wrong global entry counter for the related node, say
X. Then when the node with the broken counter will answer to a TT_REQUEST on
behalf of node X, it will create faulty TT_RESPONSE that will generate an
unrecoverable situation on the node that asked for the full table recover.
The non-recoverability is given by the fact that the node with the broken
counter will keep answering on behalf of X because its knowledge about X's state
(ttvn + tt_crc) is correct.
To solve this problem the counter is not explicitly set to 0 anymore and the
counter decrement is performed right before the invocation of call_rcu().
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
If the source or destination mac address of an ethernet packet
could not be found in the translation table the packet was
dropped if AP isolation was turned on. This behavior would
make it impossible to send broadcast packets over the mesh as
the broadcast address will never enter the translation table.
Signed-off-by: Marek Lindner <lindner_marek@yahoo.de> Acked-by: Antonio Quartulli <ordex@autistici.org>