Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
Conflicts: MAINTAINERS - keep Chandrasekar drivers/net/ethernet/mellanox/mlx5/core/en_main.c - simple fix + trust the code re-added to param.c in -next is fine include/linux/bpf.h - trivial include/linux/ethtool.h - trivial, fix kdoc while at it include/linux/skmsg.h - move to relevant place in tcp.c, comment re-wrapped net/core/skmsg.c - add the sk = sk // sk = NULL around calls net/tipc/crypto.c - trivial Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
Jakub Kicinski
@@ -216,7 +216,7 @@ static struct nlmsghdr *xfrm_nlmsg_put_compat(struct sk_buff *skb,
|
||||
case XFRM_MSG_GETSADINFO:
|
||||
case XFRM_MSG_GETSPDINFO:
|
||||
default:
|
||||
WARN_ONCE(1, "unsupported nlmsg_type %d", nlh_src->nlmsg_type);
|
||||
pr_warn_once("unsupported nlmsg_type %d\n", nlh_src->nlmsg_type);
|
||||
return ERR_PTR(-EOPNOTSUPP);
|
||||
}
|
||||
|
||||
@@ -277,7 +277,7 @@ static int xfrm_xlate64_attr(struct sk_buff *dst, const struct nlattr *src)
|
||||
return xfrm_nla_cpy(dst, src, nla_len(src));
|
||||
default:
|
||||
BUILD_BUG_ON(XFRMA_MAX != XFRMA_IF_ID);
|
||||
WARN_ONCE(1, "unsupported nla_type %d", src->nla_type);
|
||||
pr_warn_once("unsupported nla_type %d\n", src->nla_type);
|
||||
return -EOPNOTSUPP;
|
||||
}
|
||||
}
|
||||
@@ -315,8 +315,10 @@ static int xfrm_alloc_compat(struct sk_buff *skb, const struct nlmsghdr *nlh_src
|
||||
struct sk_buff *new = NULL;
|
||||
int err;
|
||||
|
||||
if (WARN_ON_ONCE(type >= ARRAY_SIZE(xfrm_msg_min)))
|
||||
if (type >= ARRAY_SIZE(xfrm_msg_min)) {
|
||||
pr_warn_once("unsupported nlmsg_type %d\n", nlh_src->nlmsg_type);
|
||||
return -EOPNOTSUPP;
|
||||
}
|
||||
|
||||
if (skb_shinfo(skb)->frag_list == NULL) {
|
||||
new = alloc_skb(skb->len + skb_tailroom(skb), GFP_ATOMIC);
|
||||
@@ -378,6 +380,10 @@ static int xfrm_attr_cpy32(void *dst, size_t *pos, const struct nlattr *src,
|
||||
struct nlmsghdr *nlmsg = dst;
|
||||
struct nlattr *nla;
|
||||
|
||||
/* xfrm_user_rcv_msg_compat() relies on fact that 32-bit messages
|
||||
* have the same len or shorted than 64-bit ones.
|
||||
* 32-bit translation that is bigger than 64-bit original is unexpected.
|
||||
*/
|
||||
if (WARN_ON_ONCE(copy_len > payload))
|
||||
copy_len = payload;
|
||||
|
||||
|
||||
@@ -134,8 +134,6 @@ struct sk_buff *validate_xmit_xfrm(struct sk_buff *skb, netdev_features_t featur
|
||||
return skb;
|
||||
}
|
||||
|
||||
xo->flags |= XFRM_XMIT;
|
||||
|
||||
if (skb_is_gso(skb) && unlikely(x->xso.dev != dev)) {
|
||||
struct sk_buff *segs;
|
||||
|
||||
|
||||
@@ -306,6 +306,8 @@ xfrmi_xmit2(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
|
||||
|
||||
icmpv6_ndo_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
|
||||
} else {
|
||||
if (!(ip_hdr(skb)->frag_off & htons(IP_DF)))
|
||||
goto xmit;
|
||||
icmp_ndo_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
|
||||
htonl(mtu));
|
||||
}
|
||||
@@ -314,6 +316,7 @@ xfrmi_xmit2(struct sk_buff *skb, struct net_device *dev, struct flowi *fl)
|
||||
return -EMSGSIZE;
|
||||
}
|
||||
|
||||
xmit:
|
||||
xfrmi_scrub_packet(skb, !net_eq(xi->net, dev_net(dev)));
|
||||
skb_dst_set(skb, dst);
|
||||
skb->dev = tdev;
|
||||
|
||||
@@ -503,22 +503,22 @@ out:
|
||||
return err;
|
||||
}
|
||||
|
||||
int xfrm_output_resume(struct sk_buff *skb, int err)
|
||||
int xfrm_output_resume(struct sock *sk, struct sk_buff *skb, int err)
|
||||
{
|
||||
struct net *net = xs_net(skb_dst(skb)->xfrm);
|
||||
|
||||
while (likely((err = xfrm_output_one(skb, err)) == 0)) {
|
||||
nf_reset_ct(skb);
|
||||
|
||||
err = skb_dst(skb)->ops->local_out(net, skb->sk, skb);
|
||||
err = skb_dst(skb)->ops->local_out(net, sk, skb);
|
||||
if (unlikely(err != 1))
|
||||
goto out;
|
||||
|
||||
if (!skb_dst(skb)->xfrm)
|
||||
return dst_output(net, skb->sk, skb);
|
||||
return dst_output(net, sk, skb);
|
||||
|
||||
err = nf_hook(skb_dst(skb)->ops->family,
|
||||
NF_INET_POST_ROUTING, net, skb->sk, skb,
|
||||
NF_INET_POST_ROUTING, net, sk, skb,
|
||||
NULL, skb_dst(skb)->dev, xfrm_output2);
|
||||
if (unlikely(err != 1))
|
||||
goto out;
|
||||
@@ -534,7 +534,7 @@ EXPORT_SYMBOL_GPL(xfrm_output_resume);
|
||||
|
||||
static int xfrm_output2(struct net *net, struct sock *sk, struct sk_buff *skb)
|
||||
{
|
||||
return xfrm_output_resume(skb, 1);
|
||||
return xfrm_output_resume(sk, skb, 1);
|
||||
}
|
||||
|
||||
static int xfrm_output_gso(struct net *net, struct sock *sk, struct sk_buff *skb)
|
||||
@@ -660,6 +660,12 @@ static int xfrm4_extract_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
int err;
|
||||
|
||||
if (x->outer_mode.encap == XFRM_MODE_BEET &&
|
||||
ip_is_fragment(ip_hdr(skb))) {
|
||||
net_warn_ratelimited("BEET mode doesn't support inner IPv4 fragments\n");
|
||||
return -EAFNOSUPPORT;
|
||||
}
|
||||
|
||||
err = xfrm4_tunnel_check_size(skb);
|
||||
if (err)
|
||||
return err;
|
||||
@@ -705,8 +711,15 @@ out:
|
||||
static int xfrm6_extract_output(struct xfrm_state *x, struct sk_buff *skb)
|
||||
{
|
||||
#if IS_ENABLED(CONFIG_IPV6)
|
||||
unsigned int ptr = 0;
|
||||
int err;
|
||||
|
||||
if (x->outer_mode.encap == XFRM_MODE_BEET &&
|
||||
ipv6_find_hdr(skb, &ptr, NEXTHDR_FRAGMENT, NULL, NULL) >= 0) {
|
||||
net_warn_ratelimited("BEET mode doesn't support inner IPv6 fragments\n");
|
||||
return -EAFNOSUPPORT;
|
||||
}
|
||||
|
||||
err = xfrm6_tunnel_check_size(skb);
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
@@ -44,7 +44,6 @@ static void xfrm_state_gc_task(struct work_struct *work);
|
||||
*/
|
||||
|
||||
static unsigned int xfrm_state_hashmax __read_mostly = 1 * 1024 * 1024;
|
||||
static __read_mostly seqcount_t xfrm_state_hash_generation = SEQCNT_ZERO(xfrm_state_hash_generation);
|
||||
static struct kmem_cache *xfrm_state_cache __ro_after_init;
|
||||
|
||||
static DECLARE_WORK(xfrm_state_gc_work, xfrm_state_gc_task);
|
||||
@@ -140,7 +139,7 @@ static void xfrm_hash_resize(struct work_struct *work)
|
||||
}
|
||||
|
||||
spin_lock_bh(&net->xfrm.xfrm_state_lock);
|
||||
write_seqcount_begin(&xfrm_state_hash_generation);
|
||||
write_seqcount_begin(&net->xfrm.xfrm_state_hash_generation);
|
||||
|
||||
nhashmask = (nsize / sizeof(struct hlist_head)) - 1U;
|
||||
odst = xfrm_state_deref_prot(net->xfrm.state_bydst, net);
|
||||
@@ -156,7 +155,7 @@ static void xfrm_hash_resize(struct work_struct *work)
|
||||
rcu_assign_pointer(net->xfrm.state_byspi, nspi);
|
||||
net->xfrm.state_hmask = nhashmask;
|
||||
|
||||
write_seqcount_end(&xfrm_state_hash_generation);
|
||||
write_seqcount_end(&net->xfrm.xfrm_state_hash_generation);
|
||||
spin_unlock_bh(&net->xfrm.xfrm_state_lock);
|
||||
|
||||
osize = (ohashmask + 1) * sizeof(struct hlist_head);
|
||||
@@ -1063,7 +1062,7 @@ xfrm_state_find(const xfrm_address_t *daddr, const xfrm_address_t *saddr,
|
||||
|
||||
to_put = NULL;
|
||||
|
||||
sequence = read_seqcount_begin(&xfrm_state_hash_generation);
|
||||
sequence = read_seqcount_begin(&net->xfrm.xfrm_state_hash_generation);
|
||||
|
||||
rcu_read_lock();
|
||||
h = xfrm_dst_hash(net, daddr, saddr, tmpl->reqid, encap_family);
|
||||
@@ -1176,7 +1175,7 @@ out:
|
||||
if (to_put)
|
||||
xfrm_state_put(to_put);
|
||||
|
||||
if (read_seqcount_retry(&xfrm_state_hash_generation, sequence)) {
|
||||
if (read_seqcount_retry(&net->xfrm.xfrm_state_hash_generation, sequence)) {
|
||||
*err = -EAGAIN;
|
||||
if (x) {
|
||||
xfrm_state_put(x);
|
||||
@@ -2666,6 +2665,8 @@ int __net_init xfrm_state_init(struct net *net)
|
||||
net->xfrm.state_num = 0;
|
||||
INIT_WORK(&net->xfrm.state_hash_work, xfrm_hash_resize);
|
||||
spin_lock_init(&net->xfrm.xfrm_state_lock);
|
||||
seqcount_spinlock_init(&net->xfrm.xfrm_state_hash_generation,
|
||||
&net->xfrm.xfrm_state_lock);
|
||||
return 0;
|
||||
|
||||
out_byspi:
|
||||
|
||||
Reference in New Issue
Block a user