1. 28 Sep, 2013 1 commit
  2. 31 Aug, 2013 3 commits
  3. 31 Jul, 2013 1 commit
  4. 02 Jul, 2013 1 commit
    • Amerigo Wang's avatar
      ipv6,mcast: always hold idev->lock before mca_lock · 8965779d
      Amerigo Wang authored
      dingtianhong reported the following deadlock detected by lockdep:
       [ INFO: possible circular locking dependency detected ] #1 Not tainted
       ksoftirqd/0/3 is trying to acquire lock:
        (&ndev->lock){+.+...}, at: [<ffffffff8147f804>] ipv6_get_lladdr+0x74/0x120
       but task is already holding lock:
        (&mc->mca_lock){+.+...}, at: [<ffffffff8149d130>] mld_send_report+0x40/0x150
       which lock already depends on the new lock.
       the existing dependency chain (in reverse order) is:
       -> #1 (&mc->mca_lock){+.+...}:
              [<ffffffff810a8027>] validate_chain+0x637/0x730
              [<ffffffff810a8417>] __lock_acquire+0x2f7/0x500
              [<ffffffff810a8734>] lock_acquire+0x114/0x150
              [<ffffffff814f691a>] rt_spin_lock+0x4a/0x60
              [<ffffffff8149e4bb>] igmp6_group_added+0x3b/0x120
              [<ffffffff8149e5d8>] ipv6_mc_up+0x38/0x60
              [<ffffffff81480a4d>] ipv6_find_idev+0x3d/0x80
              [<ffffffff81483175>] addrconf_notify+0x3d5/0x4b0
              [<ffffffff814fae3f>] notifier_call_chain+0x3f/0x80
              [<ffffffff81073471>] raw_notifier_call_chain+0x11/0x20
              [<ffffffff813d8722>] call_netdevice_notifiers+0x32/0x60
              [<ffffffff813d92d4>] __dev_notify_flags+0x34/0x80
              [<ffffffff813d9360>] dev_change_flags+0x40/0x70
              [<ffffffff813ea627>] do_setlink+0x237/0x8a0
              [<ffffffff813ebb6c>] rtnl_newlink+0x3ec/0x600
              [<ffffffff813eb4d0>] rtnetlink_rcv_msg+0x160/0x310
              [<ffffffff814040b9>] netlink_rcv_skb+0x89/0xb0
              [<ffffffff813eb357>] rtnetlink_rcv+0x27/0x40
              [<ffffffff81403e20>] netlink_unicast+0x140/0x180
              [<ffffffff81404a9e>] netlink_sendmsg+0x33e/0x380
              [<ffffffff813c4252>] sock_sendmsg+0x112/0x130
              [<ffffffff813c537e>] __sys_sendmsg+0x44e/0x460
              [<ffffffff813c5544>] sys_sendmsg+0x44/0x70
              [<ffffffff814feab9>] system_call_fastpath+0x16/0x1b
       -> #0 (&ndev->lock){+.+...}:
              [<ffffffff810a798e>] check_prev_add+0x3de/0x440
              [<ffffffff810a8027>] validate_chain+0x637/0x730
              [<ffffffff810a8417>] __lock_acquire+0x2f7/0x500
              [<ffffffff810a8734>] lock_acquire+0x114/0x150
              [<ffffffff814f6c82>] rt_read_lock+0x42/0x60
              [<ffffffff8147f804>] ipv6_get_lladdr+0x74/0x120
              [<ffffffff8149b036>] mld_newpack+0xb6/0x160
              [<ffffffff8149b18b>] add_grhead+0xab/0xc0
              [<ffffffff8149d03b>] add_grec+0x3ab/0x460
              [<ffffffff8149d14a>] mld_send_report+0x5a/0x150
              [<ffffffff8149f99e>] igmp6_timer_handler+0x4e/0xb0
              [<ffffffff8105705a>] call_timer_fn+0xca/0x1d0
              [<ffffffff81057b9f>] run_timer_softirq+0x1df/0x2e0
              [<ffffffff8104e8c7>] handle_pending_softirqs+0xf7/0x1f0
              [<ffffffff8104ea3b>] __do_softirq_common+0x7b/0xf0
              [<ffffffff8104f07f>] __thread_do_softirq+0x1af/0x210
              [<ffffffff8104f1c1>] run_ksoftirqd+0xe1/0x1f0
              [<ffffffff8106c7de>] kthread+0xae/0xc0
              [<ffffffff814fff74>] kernel_thread_helper+0x4/0x10
      actually we can just hold idev->lock before taking pmc->mca_lock,
      and avoid taking idev->lock again when iterating idev->addr_list,
      since the upper callers of mld_newpack() already take
      Reported-by: default avatardingtianhong <dingtianhong@huawei.com>
      Cc: dingtianhong <dingtianhong@huawei.com>
      Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
      Tested-by: default avatarDing Tianhong <dingtianhong@huawei.com>
      Tested-by: default avatarChen Weilong <chenweilong@huawei.com>
      Signed-off-by: default avatarCong Wang <amwang@redhat.com>
      Acked-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  5. 28 Jun, 2013 1 commit
  6. 23 May, 2013 1 commit
    • Florian Westphal's avatar
      netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6 · 2a7851bf
      Florian Westphal authored
      Quoting https://bugzilla.netfilter.org/show_bug.cgi?id=812:
      [ ip6tables -m addrtype ]
      When I tried to use in the nat/PREROUTING it messes up the
      routing cache even if the rule didn't matched at all.
      If I remove the --limit-iface-in from the non-working scenario, so just
      use the -m addrtype --dst-type LOCAL it works!
      This happens when LOCAL type matching is requested with --limit-iface-in,
      and the default ipv6 route is via the interface the packet we test
      arrived on.
      Because xt_addrtype uses ip6_route_output, the ipv6 routing implementation
      creates an unwanted cached entry, and the packet won't make it to the
      real/expected destination.
      Silently ignoring --limit-iface-in makes the routing work but it breaks
      rule matching (--dst-type LOCAL with limit-iface-in is supposed to only
      match if the dst address is configured on the incoming interface;
      without --limit-iface-in it will match if the address is reachable
      via lo).
      The test should call ipv6_chk_addr() instead.  However, this would add
      a link-time dependency on ipv6.
      There are two possible solutions:
      1) Revert the commit that moved ipt_addrtype to xt_addrtype,
         and put ipv6 specific code into ip6t_addrtype.
      2) add new "nf_ipv6_ops" struct to register pointers to ipv6 functions.
      While the former might seem preferable, Pablo pointed out that there
      are more xt modules with link-time dependeny issues regarding ipv6,
      so lets go for 2).
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
  7. 14 Apr, 2013 1 commit
    • Cong Wang's avatar
      ipv6: statically link register_inet6addr_notifier() · f88c91dd
      Cong Wang authored
      Tomas reported the following build error:
      net/built-in.o: In function `ieee80211_unregister_hw':
      (.text+0x10f0e1): undefined reference to `unregister_inet6addr_notifier'
      net/built-in.o: In function `ieee80211_register_hw':
      (.text+0x10f610): undefined reference to `register_inet6addr_notifier'
      make: *** [vmlinux] Error 1
      when built IPv6 as a module.
      So we have to statically link these symbols.
      Reported-by: default avatarTomas Melin <tomas.melin@iki.fi>
      Cc: Tomas Melin <tomas.melin@iki.fi>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: YOSHIFUJI Hidaki <yoshfuji@linux-ipv6.org>
      Signed-off-by: default avatarCong Wang <amwang@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  8. 29 Jan, 2013 1 commit
    • Jiri Pirko's avatar
      ipv4: introduce address lifetime · 5c766d64
      Jiri Pirko authored
      There are some usecase when lifetime of ipv4 addresses might be helpful.
      For example:
      1) initramfs networkmanager uses a DHCP daemon to learn network
      configuration parameters
      2) initramfs networkmanager addresses, routes and DNS configuration
      3) initramfs networkmanager is requested to stop
      4) initramfs networkmanager stops all daemons including dhclient
      5) there are addresses and routes configured but no daemon running. If
      the system doesn't start networkmanager for some reason, addresses and
      routes will be used forever, which violates RFC 2131.
      This patch is essentially a backport of ivp6 address lifetime mechanism
      for ipv4 addresses.
      Current "ip" tool supports this without any patch (since it does not
      distinguish between ipv4 and ipv6 addresses in this perspective.
      Also, this should be back-compatible with all current netlink users.
      Reported-by: default avatarPavel Šimerda <psimerda@redhat.com>
      Signed-off-by: default avatarJiri Pirko <jiri@resnulli.us>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  9. 20 Jan, 2013 4 commits
  10. 13 Jan, 2013 1 commit
  11. 04 Dec, 2012 1 commit
  12. 29 Aug, 2012 1 commit
  13. 18 Jul, 2012 1 commit
    • Eric Dumazet's avatar
      ipv6: add ipv6_addr_hash() helper · ddbe5032
      Eric Dumazet authored
      Introduce ipv6_addr_hash() helper doing a XOR on all bits
      of an IPv6 address, with an optimized x86_64 version.
      Use it in flow dissector, as suggested by Andrew McGregor,
      to reduce hash collision probabilities in fq_codel (and other
      users of flow dissector)
      Use it in ip6_tunnel.c and use more bit shuffling, as suggested
      by David Laight, as existing hash was ignoring most of them.
      Use it in sunrpc and use more bit shuffling, using hash_32().
      Use it in net/ipv6/addrconf.c, using hash_32() as well.
      As a cleanup, use it in net/ipv4/tcp_metrics.c
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarAndrew McGregor <andrewmcgr@gmail.com>
      Cc: Dave Taht <dave.taht@gmail.com>
      Cc: Tom Herbert <therbert@google.com>
      Cc: David Laight <David.Laight@ACULAB.COM>
      Cc: Joe Perches <joe@perches.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  14. 18 May, 2012 1 commit
  15. 15 Apr, 2012 1 commit
  16. 01 Feb, 2012 1 commit
  17. 04 Jan, 2012 1 commit
    • Neil Horman's avatar
      ipv6: Check RA for sllao when configuring optimistic ipv6 address (v2) · e6bff995
      Neil Horman authored
      Recently Dave noticed that a test we did in ipv6_add_addr to see if we next hop
      route for the interface we're adding an addres to was wrong (see commit
      7ffbcecb).  for one, it never triggers, and two,
      it was completely wrong to begin with.  This test was meant to cover this
      section of RFC 4429:
      3.3 Modifications to RFC 2462 Stateless Address Autoconfiguration
         * (modifies section 5.5) A host MAY choose to configure a new address
              as an Optimistic Address.  A host that does not know the SLLAO
              of its router SHOULD NOT configure a new address as Optimistic.
              A router SHOULD NOT configure an Optimistic Address.
      This patch should bring us into proper compliance with the above clause.  Since
      we only add a SLAAC address after we've received a RA which may or may not
      contain a source link layer address option, we can pass a pointer to that option
      to addrconf_prefix_rcv (which may be null if the option is not present), and
      only set the optimistic flag if the option was found in the RA.
      Change notes:
      (v2) modified the new parameter to addrconf_prefix_rcv to be a bool rather than
      a pointer to make its use more clear as per request from davem.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: "David S. Miller" <davem@davemloft.net>
      CC: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  18. 01 Aug, 2011 1 commit
    • Lorenzo Colitti's avatar
      ipv6: updates to privacy addresses per RFC 4941. · 76f793e3
      Lorenzo Colitti authored
      Update the code to handle some of the differences between
      RFC 3041 and RFC 4941, which obsoletes it. Also a couple
      of janitorial fixes.
      - Allow router advertisements to increase the lifetime of
        temporary addresses. This was not allowed by RFC 3041,
        but is specified by RFC 4941. It is useful when RA
        lifetimes are lower than TEMP_{VALID,PREFERRED}_LIFETIME:
        in this case, the previous code would delete or deprecate
        addresses prematurely.
      - Change the default of MAX_RETRY to 3 per RFC 4941.
      - Add a comment to clarify that the preferred and valid
        lifetimes in inet6_ifaddr are relative to the timestamp.
      - Shorten lines to 80 characters in a couple of places.
      Signed-off-by: default avatarLorenzo Colitti <lorenzo@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  19. 24 Apr, 2011 1 commit
  20. 22 Apr, 2011 1 commit
  21. 02 Dec, 2010 1 commit
  22. 05 Oct, 2010 1 commit
  23. 26 Sep, 2010 1 commit
    • Neil Horman's avatar
      ipv6: add a missing unregister_pernet_subsys call · 2cc6d2bf
      Neil Horman authored
      Clean up a missing exit path in the ipv6 module init routines.  In
      addrconf_init we call ipv6_addr_label_init which calls register_pernet_subsys
      for the ipv6_addr_label_ops structure.  But if module loading fails, or if the
      ipv6 module is removed, there is no corresponding unregister_pernet_subsys call,
      which leaves a now-bogus address on the pernet_list, leading to oopses in
      subsequent registrations.  This patch cleans up both the failed load path and
      the unload path.  Tested by myself with good results.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
       include/net/addrconf.h |    1 +
       net/ipv6/addrconf.c    |   11 ++++++++---
       net/ipv6/addrlabel.c   |    5 +++++
       3 files changed, 14 insertions(+), 3 deletions(-)
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  24. 21 Sep, 2010 1 commit
  25. 25 Feb, 2010 1 commit
    • Paul E. McKenney's avatar
      net: Add checking to rcu_dereference() primitives · a898def2
      Paul E. McKenney authored
      Update rcu_dereference() primitives to use new lockdep-based
      checking. The rcu_dereference() in __in6_dev_get() may be
      protected either by rcu_read_lock() or RTNL, per Eric Dumazet.
      The rcu_dereference() in __sk_free() is protected by the fact
      that it is never reached if an update could change it.  Check
      for this by using rcu_dereference_check() to verify that the
      struct sock's ->sk_wmem_alloc counter is zero.
      Acked-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarPaul E. McKenney <paulmck@linux.vnet.ibm.com>
      Cc: laijs@cn.fujitsu.com
      Cc: dipankar@in.ibm.com
      Cc: mathieu.desnoyers@polymtl.ca
      Cc: josh@joshtriplett.org
      Cc: dvhltc@us.ibm.com
      Cc: niv@us.ibm.com
      Cc: peterz@infradead.org
      Cc: rostedt@goodmis.org
      Cc: Valdis.Kletnieks@vt.edu
      Cc: dhowells@redhat.com
      LKML-Reference: <1266887105-1528-5-git-send-email-paulmck@linux.vnet.ibm.com>
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
  26. 15 Sep, 2009 1 commit
    • Moni Shoua's avatar
      bonding: remap muticast addresses without using dev_close() and dev_open() · 75c78500
      Moni Shoua authored
      This patch fixes commit e36b9d16. The approach
      there is to call dev_close()/dev_open() whenever the device type is changed in
      order to remap the device IP multicast addresses to HW multicast addresses.
      This approach suffers from 2 drawbacks:
      *. It assumes tha the device is UP when calling dev_close(), or otherwise
         dev_close() has no affect. It is worth to mention that initscripts (Redhat)
         and sysconfig (Suse) doesn't act the same in this matter. 
      *. dev_close() has other side affects, like deleting entries from the routing
         table, which might be unnecessary.
      The fix here is to directly remap the IP multicast addresses to HW multicast
      addresses for a bonding device that changes its type, and nothing else.
      Reported-by: default avatarJason Gunthorpe <jgunthorpe@obsidianresearch.com>
      Signed-off-by: default avatarMoni Shoua <monis@voltaire.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  27. 24 Mar, 2009 1 commit
  28. 14 Aug, 2008 1 commit
  29. 11 Jun, 2008 1 commit
    • Benjamin Thery's avatar
      ipv6 netns: Address labels per namespace · 3de23255
      Benjamin Thery authored
      This pacth makes IPv6 address labels per network namespace.
      It keeps the global label tables, ip6addrlbl_table, but
      adds a 'net' member to each ip6addrlbl_entry.
      This new member is taken into account when matching labels.
      * v1: Initial version
      * v2:
        * Minize the penalty when network namespaces are not configured:
            *  the 'net' member is added only if CONFIG_NET_NS is
               defined. This saves space when network namespaces are not
            * 'net' value is retrieved with the inlined function
               ip6addrlbl_net() that always return &init_net when
               CONFIG_NET_NS is not defined.
        * 'net' member in ip6addrlbl_entry renamed to the less generic
          'lbl_net' name (helps code search).
      Signed-off-by: default avatarBenjamin Thery <benjamin.thery@bull.net>
      Signed-off-by: default avatarYOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
  30. 04 Jun, 2008 1 commit
  31. 11 Apr, 2008 5 commits