aboutsummaryrefslogtreecommitdiffstats
path: root/net/openvswitch
Commit message (Collapse)AuthorAge
* Revert "openvswitch: potential NULL deref in sample()"Jesse Gross2012-07-27
| | | | | | | | | | | | | This reverts commit 5b3e7e6cb5771bedda51cdb6f715d1da8cd9e644. The problem that the original commit was attempting to fix can never happen in practice because validation is done one a per-flow basis rather than a per-packet basis. Adding additional checks at runtime is unnecessary and inconsistent with the rest of the code. CC: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* openvswitch: potential NULL deref in sample()Dan Carpenter2012-07-23
| | | | | | | | | If there is no OVS_SAMPLE_ATTR_ACTIONS set then "acts_list" is NULL and it leads to a NULL dereference when we call nla_len(acts_list). This is a static checker fix, not something I have seen in testing. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge branch 'master' of ↵David S. Miller2012-07-20
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jesse/openvswitch Jesse Gross says: ==================== A few bug fixes and small enhancements for net-next/3.6. ... Ansis Atteka (1): openvswitch: Do not send notification if ovs_vport_set_options() failed Ben Pfaff (1): openvswitch: Check gso_type for correct sk_buff in queue_gso_packets(). Jesse Gross (2): openvswitch: Enable retrieval of TCP flags from IPv6 traffic. openvswitch: Reset upper layer protocol info on internal devices. Leo Alterman (1): openvswitch: Fix typo in documentation. Pravin B Shelar (1): openvswitch: Check currect return value from skb_gso_segment() Raju Subramanian (1): openvswitch: Replace Nicira Networks. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
| * openvswitch: Check gso_type for correct sk_buff in queue_gso_packets().Ben Pfaff2012-07-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At the point where it was used, skb_shinfo(skb)->gso_type referred to a post-GSO sk_buff. Thus, it would always be 0. We want to know the pre-GSO gso_type, so we need to obtain it before segmenting. Before this change, the kernel would pass inconsistent data to userspace: packets for UDP fragments with nonzero offset would be passed along with flow keys that indicate a zero offset (that is, the flow key for "later" fragments claimed to be "first" fragments). This inconsistency tended to confuse Open vSwitch userspace, causing it to log messages about "failed to flow_del" the flows with "later" fragments. Signed-off-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Check currect return value from skb_gso_segment()Pravin B Shelar2012-07-20
| | | | | | | | | | | | | | Fix return check typo. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Reset upper layer protocol info on internal devices.Jesse Gross2012-05-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It's possible that packets that are sent on internal devices (from the OVS perspective) have already traversed the local IP stack. After they go through the internal device, they will again travel through the IP stack which may get confused by the presence of existing information in the skb. The problem can be observed when switching between namespaces. This clears out that information to avoid problems but deliberately leaves other metadata alone. This is to provide maximum flexibility in chaining together OVS and other Linux components. Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Replace Nicira Networks.Raju Subramanian2012-05-03
| | | | | | | | | | | | | | | | Replaced all instances of Nicira Networks(, Inc) to Nicira, Inc. Signed-off-by: Raju Subramanian <rsubramanian@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Do not send notification if ovs_vport_set_options() failedAnsis Atteka2012-04-09
| | | | | | | | | | | | | | | | There is no need to send a notification if ovs_vport_set_options() failed and ovs_vport_cmd_set() did not change anything. Signed-off-by: Ansis Atteka <aatteka@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Enable retrieval of TCP flags from IPv6 traffic.Jesse Gross2012-04-02
| | | | | | | | | | | | | | | | We currently check that a packet is IPv4 and TCP before fetching the TCP flags. This enables fetching from IPv6 packets as well. Reported-by: Michael Mao <mmao@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2012-05-16
|\ \
| * | openvswitch: checking wrong variable in queue_userspace_packet()Dan Carpenter2012-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | "skb" is non-NULL here, for example we dereference it in skb_clone(). The intent was to test "nskb" which was just set. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | openvswitch: Validation of IPv6 set port action uses IPv4 headerPravin B Shelar2012-05-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the kernel validates set TCP/UDP port actions, it looks at the ports in the existing flow to make sure that the L4 header exists. However, these actions always use the IPv4 version of the struct. Following patch fixes this by checking for flow ip protocol first. Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
| * | openvswitch: Release rtnl_lock if ovs_vport_cmd_build_info() failed.Ansis Atteka2012-05-03
| |/ | | | | | | | | | | | | | | This patch fixes a possible lock-up bug where rtnl_lock might not get released. Signed-off-by: Ansis Atteka <aatteka@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Add length check when retrieving TCP flags.Jesse Gross2012-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | When collecting TCP flags we check that the IP header indicates that a TCP header is present but not that the packet is actually long enough to contain the header. This adds a check to prevent reading off the end of the packet. In practice, this is only likely to result in reading of bad data and not a crash due to the presence of struct skb_shared_info at the end of the packet. Signed-off-by: Jesse Gross <jesse@nicira.com>
* | net: Convert net_ratelimit uses to net_<level>_ratelimitedJoe Perches2012-05-15
| | | | | | | | | | | | | | | | | | | | Standardize the net core ratelimited logging functions. Coalesce formats, align arguments. Change a printk then vprintk sequence to use printf extension %pV. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | net: cleanup unsigned to unsigned intEric Dumazet2012-04-15
| | | | | | | | | | | | | | Use of "unsigned int" is preferred to bare "unsigned" in net tree. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2012-04-10
|\|
| * Remove all #inclusions of asm/system.hDavid Howells2012-03-28
| | | | | | | | | | | | | | | | | | Remove all #inclusions of asm/system.h preparatory to splitting and killing it. Performed with the following command: perl -p -i -e 's!^#\s*include\s*<asm/system[.]h>.*\n!!' `grep -Irl '^#\s*include\s*<asm/system[.]h>' *` Signed-off-by: David Howells <dhowells@redhat.com>
* | openvswitch: Stop using NLA_PUT*().David S. Miller2012-04-01
|/ | | | | | | These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller <davem@davemloft.net>
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller2012-03-09
|\
| * openvswitch: Fix checksum update for actions on UDP packets.Jesse Gross2012-03-07
| | | | | | | | | | | | | | | | | | | | When modifying IP addresses or ports on a UDP packet we don't correctly follow the rules for unchecksummed packets. This meant that packets without a checksum can be given a incorrect new checksum and packets with a checksum can become marked as being unchecksummed. This fixes it to handle those requirements. Signed-off-by: Jesse Gross <jesse@nicira.com>
| * openvswitch: Honor dp_ifindex, when specified, for vport lookup by name.Ben Pfaff2012-03-06
| | | | | | | | | | | | | | | | | | | | When OVS_VPORT_ATTR_NAME is specified and dp_ifindex is nonzero, the logical behavior would be for the vport name lookup scope to be limited to the specified datapath, but in fact the dp_ifindex value was ignored. This commit causes the search scope to be honored. Signed-off-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
* | net: use eth_hw_addr_random() and reset addr_assign_typeDanny Kukawka2012-02-15
|/ | | | | | | | | | | | | Use eth_hw_addr_random() instead of calling random_ether_addr() to set addr_assign_type correctly to NET_ADDR_RANDOM. Reset the state to NET_ADDR_PERM as soon as the MAC get changed via .ndo_set_mac_address. v2: adapt to renamed eth_hw_addr_random() Signed-off-by: Danny Kukawka <danny.kukawka@bisect.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* openvswitch: Fix multipart datapath dumps.Ben Pfaff2012-01-17
| | | | | | | | | | | | The logic to split up the list of datapaths into multiple Netlink messages was simply wrong, causing the list to be terminated after the first part. Only about the first 50 datapaths would be dumped. This fixes the problem. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: kill duplicate included headerShan Wei2012-01-17
| | | | | | | For net part, remove duplicate included header. Signed-off-by: Shan Wei <davidshan@tencent.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: remove version.h includes in net/openvswitch/Devendra Naga2012-01-17
| | | | | | | remove version.h includes in net/openswitch/ as reported by make versioncheck. Signed-off-by: Devendra Naga <devendra.aaru@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* openvswitch: small potential memory leak in ovs_vport_alloc()Dan Carpenter2011-12-06
| | | | | | | | | We're unlikely to hit this leak, but the static checkers complain if we don't take care of it. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: Add Open vSwitch kernel components.Jesse Gross2011-12-03
Open vSwitch is a multilayer Ethernet switch targeted at virtualized environments. In addition to supporting a variety of features expected in a traditional hardware switch, it enables fine-grained programmatic extension and flow-based control of the network. This control is useful in a wide variety of applications but is particularly important in multi-server virtualization deployments, which are often characterized by highly dynamic endpoints and the need to maintain logical abstractions for multiple tenants. The Open vSwitch datapath provides an in-kernel fast path for packet forwarding. It is complemented by a userspace daemon, ovs-vswitchd, which is able to accept configuration from a variety of sources and translate it into packet processing rules. See http://openvswitch.org for more information and userspace utilities. Signed-off-by: Jesse Gross <jesse@nicira.com>