1. 28 Dec, 2012 1 commit
  2. 15 Dec, 2012 1 commit
    • Neil Horman's avatar
      sctp: Change defaults on cookie hmac selection · 0d0863b0
      Neil Horman authored
      Recently I posted commit 3c68198e which made selection of the cookie hmac
      algorithm selectable.  This is all well and good, but Linus noted that it
      changes the default config:
      http://marc.info/?l=linux-netdev&m=135536629004808&w=2
      
      
      
      I've modified the sctp Kconfig file to reflect the recommended way of making
      this choice, using the thermal driver example specified, and brought the
      defaults back into line with the way they were prior to my origional patch
      
      Also, on Linus' suggestion, re-adding ability to select default 'none' hmac
      algorithm, so we don't needlessly bloat the kernel by forcing a non-none
      default.  This also led me to note that we won't honor the default none
      condition properly because of how sctp_net_init is encoded.  Fix that up as
      well.
      
      Tested by myself (allbeit fairly quickly).  All configuration combinations seems
      to work soundly.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: David Miller <davem@davemloft.net>
      CC: Linus Torvalds <torvalds@linux-foundation.org>
      CC: Vlad Yasevich <vyasevich@gmail.com>
      CC: linux-sctp@vger.kernel.org
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0d0863b0
  3. 07 Dec, 2012 1 commit
  4. 26 Oct, 2012 1 commit
    • Neil Horman's avatar
      sctp: Make hmac algorithm selection for cookie generation dynamic · 3c68198e
      Neil Horman authored
      
      
      Currently sctp allows for the optional use of md5 of sha1 hmac algorithms to
      generate cookie values when establishing new connections via two build time
      config options.  Theres no real reason to make this a static selection.  We can
      add a sysctl that allows for the dynamic selection of these algorithms at run
      time, with the default value determined by the corresponding crypto library
      availability.
      This comes in handy when, for example running a system in FIPS mode, where use
      of md5 is disallowed, but SHA1 is permitted.
      
      Note: This new sysctl has no corresponding socket option to select the cookie
      hmac algorithm.  I chose not to implement that intentionally, as RFC 6458
      contains no option for this value, and I opted not to pollute the socket option
      namespace.
      
      Change notes:
      v2)
      	* Updated subject to have the proper sctp prefix as per Dave M.
      	* Replaced deafult selection options with new options that allow
      	  developers to explicitly select available hmac algs at build time
      	  as per suggestion by Vlad Y.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: Vlad Yasevich <vyasevich@gmail.com>
      CC: "David S. Miller" <davem@davemloft.net>
      CC: netdev@vger.kernel.org
      Acked-by: default avatarVlad Yasevich <vyasevich@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3c68198e
  5. 15 Aug, 2012 9 commits
  6. 23 Jul, 2012 1 commit
    • David S. Miller's avatar
      ipv4: Prepare for change of rt->rt_iif encoding. · 92101b3b
      David S. Miller authored
      
      
      Use inet_iif() consistently, and for TCP record the input interface of
      cached RX dst in inet sock.
      
      rt->rt_iif is going to be encoded differently, so that we can
      legitimately cache input routes in the FIB info more aggressively.
      
      When the input interface is "use SKB device index" the rt->rt_iif will
      be set to zero.
      
      This forces us to move the TCP RX dst cache installation into the ipv4
      specific code, and as well it should since doing the route caching for
      ipv6 is pointless at the moment since it is not inspected in the ipv6
      input paths yet.
      
      Also, remove the unlikely on dst->obsolete, all ipv4 dsts have
      obsolete set to a non-zero value to force invocation of the check
      callback.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      92101b3b
  7. 19 Jun, 2012 1 commit
  8. 19 Dec, 2011 1 commit
  9. 11 Dec, 2011 1 commit
  10. 13 Oct, 2011 1 commit
    • Eric Dumazet's avatar
      net: more accurate skb truesize · 87fb4b7b
      Eric Dumazet authored
      
      
      skb truesize currently accounts for sk_buff struct and part of skb head.
      kmalloc() roundings are also ignored.
      
      Considering that skb_shared_info is larger than sk_buff, its time to
      take it into account for better memory accounting.
      
      This patch introduces SKB_TRUESIZE(X) macro to centralize various
      assumptions into a single place.
      
      At skb alloc phase, we put skb_shared_info struct at the exact end of
      skb head, to allow a better use of memory (lowering number of
      reallocations), since kmalloc() gives us power-of-two memory blocks.
      
      Unless SLUB/SLUB debug is active, both skb->head and skb_shared_info are
      aligned to cache lines, as before.
      
      Note: This patch might trigger performance regressions because of
      misconfigured protocol stacks, hitting per socket or global memory
      limits that were previously not reached. But its a necessary step for a
      more accurate memory accounting.
      Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      CC: Andi Kleen <ak@linux.intel.com>
      CC: Ben Hutchings <bhutchings@solarflare.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      87fb4b7b
  11. 07 Jul, 2011 1 commit
  12. 06 Jun, 2011 1 commit
  13. 02 Jun, 2011 2 commits
  14. 10 May, 2011 1 commit
  15. 08 May, 2011 3 commits
  16. 07 May, 2011 1 commit
  17. 03 May, 2011 1 commit
  18. 27 Apr, 2011 3 commits
  19. 30 Mar, 2011 1 commit
  20. 12 Mar, 2011 4 commits
  21. 02 Mar, 2011 1 commit
  22. 10 Nov, 2010 1 commit
  23. 23 Sep, 2010 1 commit
  24. 26 Aug, 2010 1 commit