diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-09-03 11:08:17 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-09-03 11:08:17 -0400 |
| commit | dd5cdb48edfd34401799056a9acf61078d773f90 (patch) | |
| tree | 8e251fb4a4c196540fe9b6a6d8b13275f93a057c /net/xfrm | |
| parent | 1e1a4e8f439113b7820bc7150569f685e1cc2b43 (diff) | |
| parent | 62da98656b62a5ca57f22263705175af8ded5aa1 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
Pull networking updates from David Miller:
"Another merge window, another set of networking changes. I've heard
rumblings that the lightweight tunnels infrastructure has been voted
networking change of the year. But what do I know?
1) Add conntrack support to openvswitch, from Joe Stringer.
2) Initial support for VRF (Virtual Routing and Forwarding), which
allows the segmentation of routing paths without using multiple
devices. There are some semantic kinks to work out still, but
this is a reasonably strong foundation. From David Ahern.
3) Remove spinlock fro act_bpf fast path, from Alexei Starovoitov.
4) Ignore route nexthops with a link down state in ipv6, just like
ipv4. From Andy Gospodarek.
5) Remove spinlock from fast path of act_gact and act_mirred, from
Eric Dumazet.
6) Document the DSA layer, from Florian Fainelli.
7) Add netconsole support to bcmgenet, systemport, and DSA. Also
from Florian Fainelli.
8) Add Mellanox Switch Driver and core infrastructure, from Jiri
Pirko.
9) Add support for "light weight tunnels", which allow for
encapsulation and decapsulation without bearing the overhead of a
full blown netdevice. From Thomas Graf, Jiri Benc, and a cast of
others.
10) Add Identifier Locator Addressing support for ipv6, from Tom
Herbert.
11) Support fragmented SKBs in iwlwifi, from Johannes Berg.
12) Allow perf PMUs to be accessed from eBPF programs, from Kaixu Xia.
13) Add BQL support to 3c59x driver, from Loganaden Velvindron.
14) Stop using a zero TX queue length to mean that a device shouldn't
have a qdisc attached, use an explicit flag instead. From Phil
Sutter.
15) Use generic geneve netdevice infrastructure in openvswitch, from
Pravin B Shelar.
16) Add infrastructure to avoid re-forwarding a packet in software
that was already forwarded by a hardware switch. From Scott
Feldman.
17) Allow AF_PACKET fanout function to be implemented in a bpf
program, from Willem de Bruijn"
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1458 commits)
netfilter: nf_conntrack: make nf_ct_zone_dflt built-in
netfilter: nf_dup{4, 6}: fix build error when nf_conntrack disabled
net: fec: clear receive interrupts before processing a packet
ipv6: fix exthdrs offload registration in out_rt path
xen-netback: add support for multicast control
bgmac: Update fixed_phy_register()
sock, diag: fix panic in sock_diag_put_filterinfo
flow_dissector: Use 'const' where possible.
flow_dissector: Fix function argument ordering dependency
ixgbe: Resolve "initialized field overwritten" warnings
ixgbe: Remove bimodal SR-IOV disabling
ixgbe: Add support for reporting 2.5G link speed
ixgbe: fix bounds checking in ixgbe_setup_tc for 82598
ixgbe: support for ethtool set_rxfh
ixgbe: Avoid needless PHY access on copper phys
ixgbe: cleanup to use cached mask value
ixgbe: Remove second instance of lan_id variable
ixgbe: use kzalloc for allocating one thing
flow: Move __get_hash_from_flowi{4,6} into flow_dissector.c
ixgbe: Remove unused PCI bus types
...
Diffstat (limited to 'net/xfrm')
| -rw-r--r-- | net/xfrm/xfrm_policy.c | 24 | ||||
| -rw-r--r-- | net/xfrm/xfrm_user.c | 8 |
2 files changed, 17 insertions, 15 deletions
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 18cead7645be..94af3d065785 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c | |||
| @@ -115,7 +115,8 @@ static void xfrm_policy_put_afinfo(struct xfrm_policy_afinfo *afinfo) | |||
| 115 | rcu_read_unlock(); | 115 | rcu_read_unlock(); |
| 116 | } | 116 | } |
| 117 | 117 | ||
| 118 | static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, | 118 | static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, |
| 119 | int tos, int oif, | ||
| 119 | const xfrm_address_t *saddr, | 120 | const xfrm_address_t *saddr, |
| 120 | const xfrm_address_t *daddr, | 121 | const xfrm_address_t *daddr, |
| 121 | int family) | 122 | int family) |
| @@ -127,14 +128,15 @@ static inline struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, | |||
| 127 | if (unlikely(afinfo == NULL)) | 128 | if (unlikely(afinfo == NULL)) |
| 128 | return ERR_PTR(-EAFNOSUPPORT); | 129 | return ERR_PTR(-EAFNOSUPPORT); |
| 129 | 130 | ||
| 130 | dst = afinfo->dst_lookup(net, tos, saddr, daddr); | 131 | dst = afinfo->dst_lookup(net, tos, oif, saddr, daddr); |
| 131 | 132 | ||
| 132 | xfrm_policy_put_afinfo(afinfo); | 133 | xfrm_policy_put_afinfo(afinfo); |
| 133 | 134 | ||
| 134 | return dst; | 135 | return dst; |
| 135 | } | 136 | } |
| 136 | 137 | ||
| 137 | static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x, int tos, | 138 | static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x, |
| 139 | int tos, int oif, | ||
| 138 | xfrm_address_t *prev_saddr, | 140 | xfrm_address_t *prev_saddr, |
| 139 | xfrm_address_t *prev_daddr, | 141 | xfrm_address_t *prev_daddr, |
| 140 | int family) | 142 | int family) |
| @@ -153,7 +155,7 @@ static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x, int tos, | |||
| 153 | daddr = x->coaddr; | 155 | daddr = x->coaddr; |
| 154 | } | 156 | } |
| 155 | 157 | ||
| 156 | dst = __xfrm_dst_lookup(net, tos, saddr, daddr, family); | 158 | dst = __xfrm_dst_lookup(net, tos, oif, saddr, daddr, family); |
| 157 | 159 | ||
| 158 | if (!IS_ERR(dst)) { | 160 | if (!IS_ERR(dst)) { |
| 159 | if (prev_saddr != saddr) | 161 | if (prev_saddr != saddr) |
| @@ -1373,15 +1375,15 @@ int __xfrm_sk_clone_policy(struct sock *sk) | |||
| 1373 | } | 1375 | } |
| 1374 | 1376 | ||
| 1375 | static int | 1377 | static int |
| 1376 | xfrm_get_saddr(struct net *net, xfrm_address_t *local, xfrm_address_t *remote, | 1378 | xfrm_get_saddr(struct net *net, int oif, xfrm_address_t *local, |
| 1377 | unsigned short family) | 1379 | xfrm_address_t *remote, unsigned short family) |
| 1378 | { | 1380 | { |
| 1379 | int err; | 1381 | int err; |
| 1380 | struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family); | 1382 | struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family); |
| 1381 | 1383 | ||
| 1382 | if (unlikely(afinfo == NULL)) | 1384 | if (unlikely(afinfo == NULL)) |
| 1383 | return -EINVAL; | 1385 | return -EINVAL; |
| 1384 | err = afinfo->get_saddr(net, local, remote); | 1386 | err = afinfo->get_saddr(net, oif, local, remote); |
| 1385 | xfrm_policy_put_afinfo(afinfo); | 1387 | xfrm_policy_put_afinfo(afinfo); |
| 1386 | return err; | 1388 | return err; |
| 1387 | } | 1389 | } |
| @@ -1410,7 +1412,9 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl, | |||
| 1410 | remote = &tmpl->id.daddr; | 1412 | remote = &tmpl->id.daddr; |
| 1411 | local = &tmpl->saddr; | 1413 | local = &tmpl->saddr; |
| 1412 | if (xfrm_addr_any(local, tmpl->encap_family)) { | 1414 | if (xfrm_addr_any(local, tmpl->encap_family)) { |
| 1413 | error = xfrm_get_saddr(net, &tmp, remote, tmpl->encap_family); | 1415 | error = xfrm_get_saddr(net, fl->flowi_oif, |
| 1416 | &tmp, remote, | ||
| 1417 | tmpl->encap_family); | ||
| 1414 | if (error) | 1418 | if (error) |
| 1415 | goto fail; | 1419 | goto fail; |
| 1416 | local = &tmp; | 1420 | local = &tmp; |
| @@ -1690,8 +1694,8 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy, | |||
| 1690 | 1694 | ||
| 1691 | if (xfrm[i]->props.mode != XFRM_MODE_TRANSPORT) { | 1695 | if (xfrm[i]->props.mode != XFRM_MODE_TRANSPORT) { |
| 1692 | family = xfrm[i]->props.family; | 1696 | family = xfrm[i]->props.family; |
| 1693 | dst = xfrm_dst_lookup(xfrm[i], tos, &saddr, &daddr, | 1697 | dst = xfrm_dst_lookup(xfrm[i], tos, fl->flowi_oif, |
| 1694 | family); | 1698 | &saddr, &daddr, family); |
| 1695 | err = PTR_ERR(dst); | 1699 | err = PTR_ERR(dst); |
| 1696 | if (IS_ERR(dst)) | 1700 | if (IS_ERR(dst)) |
| 1697 | goto put_states; | 1701 | goto put_states; |
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index bd16c6c7e1e7..a8de9e300200 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -925,12 +925,10 @@ static int xfrm_dump_sa(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 925 | return err; | 925 | return err; |
| 926 | 926 | ||
| 927 | if (attrs[XFRMA_ADDRESS_FILTER]) { | 927 | if (attrs[XFRMA_ADDRESS_FILTER]) { |
| 928 | filter = kmalloc(sizeof(*filter), GFP_KERNEL); | 928 | filter = kmemdup(nla_data(attrs[XFRMA_ADDRESS_FILTER]), |
| 929 | sizeof(*filter), GFP_KERNEL); | ||
| 929 | if (filter == NULL) | 930 | if (filter == NULL) |
| 930 | return -ENOMEM; | 931 | return -ENOMEM; |
| 931 | |||
| 932 | memcpy(filter, nla_data(attrs[XFRMA_ADDRESS_FILTER]), | ||
| 933 | sizeof(*filter)); | ||
| 934 | } | 932 | } |
| 935 | 933 | ||
| 936 | if (attrs[XFRMA_PROTO]) | 934 | if (attrs[XFRMA_PROTO]) |
| @@ -2048,7 +2046,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
| 2048 | xfrm_audit_policy_delete(xp, 1, true); | 2046 | xfrm_audit_policy_delete(xp, 1, true); |
| 2049 | } else { | 2047 | } else { |
| 2050 | // reset the timers here? | 2048 | // reset the timers here? |
| 2051 | WARN(1, "Dont know what to do with soft policy expire\n"); | 2049 | WARN(1, "Don't know what to do with soft policy expire\n"); |
| 2052 | } | 2050 | } |
| 2053 | km_policy_expired(xp, p->dir, up->hard, nlh->nlmsg_pid); | 2051 | km_policy_expired(xp, p->dir, up->hard, nlh->nlmsg_pid); |
| 2054 | 2052 | ||