1. 05 Sep, 2012 3 commits
  2. 04 Sep, 2012 8 commits
  3. 03 Sep, 2012 16 commits
  4. 01 Sep, 2012 2 commits
  5. 31 Aug, 2012 11 commits
    • David S. Miller's avatar
      Merge branch 'tcp_fastopen_server' · 1bed966c
      David S. Miller authored
      Jerry Chu says:
      
      ====================
      This patch series provides the server (passive open) side code
      for TCP Fast Open. Together with the earlier client side patches
      it completes the TCP Fast Open implementation.
      
      The server side Fast Open code accepts data carried in the SYN
      packet with a valid Fast Open cookie, and passes it to the
      application right away, allowing application to send back response
      data, all before TCP's 3-way handshake finishes.
      
      A simple cookie scheme together with capping the number of
      outstanding TFO requests (still in TCP_SYN_RECV state) to a limit
      per listener forms the main line of defense against spoofed SYN
      attacks.
      
      For more details about TCP Fast Open see our IETF internet draft
      at http://www.ietf.org/id/draft-ietf-tcpm-fastopen-01.txt
      and a research paper at
      http://conferences.sigcomm.org/co-next/2011/papers/1569470463.pdf
      
      
      
      A prototype implementation was first developed by Sivasankar
      Radhakrishnan (sivasankar@cs.ucsd.edu).
      
      A patch based on an older version of Linux kernel has been
      undergoing internal tests at Google for the past few months.
      
      Jerry Chu (3):
        tcp: TCP Fast Open Server - header & support functions
        tcp: TCP Fast Open Server - support TFO listeners
        tcp: TCP Fast Open Server - main code path
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      1bed966c
    • Jerry Chu's avatar
      tcp: TCP Fast Open Server - main code path · 168a8f58
      Jerry Chu authored
      
      
      This patch adds the main processing path to complete the TFO server
      patches.
      
      A TFO request (i.e., SYN+data packet with a TFO cookie option) first
      gets processed in tcp_v4_conn_request(). If it passes the various TFO
      checks by tcp_fastopen_check(), a child socket will be created right
      away to be accepted by applications, rather than waiting for the 3WHS
      to finish.
      
      In additon to the use of TFO cookie, a simple max_qlen based scheme
      is put in place to fend off spoofed TFO attack.
      
      When a valid ACK comes back to tcp_rcv_state_process(), it will cause
      the state of the child socket to switch from either TCP_SYN_RECV to
      TCP_ESTABLISHED, or TCP_FIN_WAIT1 to TCP_FIN_WAIT2. At this time
      retransmission will resume for any unack'ed (data, FIN,...) segments.
      Signed-off-by: default avatarH.K. Jerry Chu <hkchu@google.com>
      Cc: Yuchung Cheng <ycheng@google.com>
      Cc: Neal Cardwell <ncardwell@google.com>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Tom Herbert <therbert@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      168a8f58
    • Jerry Chu's avatar
      tcp: TCP Fast Open Server - support TFO listeners · 8336886f
      Jerry Chu authored
      
      
      This patch builds on top of the previous patch to add the support
      for TFO listeners. This includes -
      
      1. allocating, properly initializing, and managing the per listener
      fastopen_queue structure when TFO is enabled
      
      2. changes to the inet_csk_accept code to support TFO. E.g., the
      request_sock can no longer be freed upon accept(), not until 3WHS
      finishes
      
      3. allowing a TCP_SYN_RECV socket to properly poll() and sendmsg()
      if it's a TFO socket
      
      4. properly closing a TFO listener, and a TFO socket before 3WHS
      finishes
      
      5. supporting TCP_FASTOPEN socket option
      
      6. modifying tcp_check_req() to use to check a TFO socket as well
      as request_sock
      
      7. supporting TCP's TFO cookie option
      
      8. adding a new SYN-ACK retransmit handler to use the timer directly
      off the TFO socket rather than the listener socket. Note that TFO
      server side will not retransmit anything other than SYN-ACK until
      the 3WHS is completed.
      
      The patch also contains an important function
      "reqsk_fastopen_remove()" to manage the somewhat complex relation
      between a listener, its request_sock, and the corresponding child
      socket. See the comment above the function for the detail.
      Signed-off-by: default avatarH.K. Jerry Chu <hkchu@google.com>
      Cc: Yuchung Cheng <ycheng@google.com>
      Cc: Neal Cardwell <ncardwell@google.com>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Tom Herbert <therbert@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8336886f
    • Jerry Chu's avatar
      tcp: TCP Fast Open Server - header & support functions · 10467163
      Jerry Chu authored
      
      
      This patch adds all the necessary data structure and support
      functions to implement TFO server side. It also documents a number
      of flags for the sysctl_tcp_fastopen knob, and adds a few Linux
      extension MIBs.
      
      In addition, it includes the following:
      
      1. a new TCP_FASTOPEN socket option an application must call to
      supply a max backlog allowed in order to enable TFO on its listener.
      
      2. A number of key data structures:
      "fastopen_rsk" in tcp_sock - for a big socket to access its
      request_sock for retransmission and ack processing purpose. It is
      non-NULL iff 3WHS not completed.
      
      "fastopenq" in request_sock_queue - points to a per Fast Open
      listener data structure "fastopen_queue" to keep track of qlen (# of
      outstanding Fast Open requests) and max_qlen, among other things.
      
      "listener" in tcp_request_sock - to point to the original listener
      for book-keeping purpose, i.e., to maintain qlen against max_qlen
      as part of defense against IP spoofing attack.
      
      3. various data structure and functions, many in tcp_fastopen.c, to
      support server side Fast Open cookie operations, including
      /proc/sys/net/ipv4/tcp_fastopen_key to allow manual rekeying.
      Signed-off-by: default avatarH.K. Jerry Chu <hkchu@google.com>
      Cc: Yuchung Cheng <ycheng@google.com>
      Cc: Neal Cardwell <ncardwell@google.com>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Tom Herbert <therbert@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      10467163
    • Francois Romieu's avatar
      r8169: add D-Link DGE-560T identifiers. · 2a35cfa5
      Francois Romieu authored
      
      
      This one includes a 8168. Not to be confused with the sky2 driven
      one whose PCI vendor and device ID are the same.
      Reported-by: default avatarNeyuki Inaya <in@joblog.ru>
      Signed-off-by: default avatarFrancois Romieu <romieu@fr.zoreil.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2a35cfa5
    • Jiri Bohac's avatar
      bonding: add some slack to arp monitoring time limits · da210f55
      Jiri Bohac authored
      
      
      Currently, all the time limits in the bonding ARP monitor are in
      multiples of arp_interval -- the time interval at which the ARP
      monitor is periodically scheduled.
      
      With a fast network round-trip and a little scheduling latency
      of the ARP monitor work, a limit of n*delta_in_ticks may
      effectively mean (n-1)*delta_in_ticks.
      
      This is fatal in case of n==1  (the link will stay down
      forever) and makes the behaviour non-deterministic in all the
      other cases.
      
      Add a delta_in_ticks/2 time slack to all the time limits.
      Signed-off-by: default avatarJiri Bohac <jbohac@suse.cz>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      da210f55
    • Sorin Dumitru's avatar
      ipv6: remove some deadcode · eb7e0575
      Sorin Dumitru authored
      
      
      __ipv6_regen_rndid no longer returns anything other than 0
      so there's no point in verifying what it returns
      Signed-off-by: default avatarSorin Dumitru <sdumitru@ixiacom.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      eb7e0575
    • Rami Rosen's avatar
      net: fix documentation of skb_needs_linearize(). · d1a53dfd
      Rami Rosen authored
      skb_needs_linearize() does not check highmem DMA as it does not call
      illegal_highdma() anymore, so there is no need to mention highmem DMA here.
      
      (Indeed, ~NETIF_F_SG flag, which is checked in skb_needs_linearize(), can
      be set when illegal_highdma() returns true, and we are assured that
      illegal_highdma() is invoked prior to skb_needs_linearize() as
      skb_needs_linearize() is a static method called only once.
      But ~NETIF_F_SG can be set not only there in this same invocation path.
      It can also be set when can_checksum_protocol() returns false).
      
      see commit 02932ce9
      
      ,
      Convert skb_need_linearize() to use precomputed features.
      Signed-off-by: default avatarRami Rosen <rosenr@marvell.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d1a53dfd
    • Alexander Duyck's avatar
      ipv4: Minor logic clean-up in ipv4_mtu · 98d75c37
      Alexander Duyck authored
      
      
      In ipv4_mtu there is some logic where we are testing for a non-zero value
      and a timer expiration, then setting the value to zero, and then testing if
      the value is zero we set it to a value based on the dst.  Instead of
      bothering with the extra steps it is easier to just cleanup the logic so
      that we set it to the dst based value if it is zero or if the timer has
      expired.
      Signed-off-by: default avatarAlexander Duyck <alexander.h.duyck@intel.com>
      98d75c37
    • Wanlong Gao's avatar
      net:atm:fix up ENOIOCTLCMD error handling · 4a2c2406
      Wanlong Gao authored
      At commit 07d106d0
      
      , Linus pointed out that ENOIOCTLCMD should be
      translated as ENOTTY to user mode.
      
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: netdev@vger.kernel.org
      Signed-off-by: default avatarWanlong Gao <gaowanlong@cn.fujitsu.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4a2c2406
    • Srinivas Kandagatla's avatar
      net:stmmac: convert driver to use devm_request_and_ioremap. · 3f8bdecd
      Srinivas Kandagatla authored
      
      
      This patch moves calls to ioremap and request_mem_region to
      devm_request_and_ioremap call.
      Signed-off-by: default avatarSrinivas Kandagatla <srinivas.kandagatla@st.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3f8bdecd