1. 03 Sep, 2017 1 commit
    • Guillaume Nault's avatar
      l2tp: pass tunnel pointer to ->session_create() · f026bc29
      Guillaume Nault authored
      Using l2tp_tunnel_find() in pppol2tp_session_create() and
      l2tp_eth_create() is racy, because no reference is held on the
      returned session. These functions are only used to implement the
      ->session_create callback which is run by l2tp_nl_cmd_session_create().
      Therefore searching for the parent tunnel isn't necessary because
      l2tp_nl_cmd_session_create() already has a pointer to it and holds a
      This patch modifies ->session_create()'s prototype to directly pass the
      the parent tunnel as parameter, thus avoiding searching for it in
      pppol2tp_session_create() and l2tp_eth_create().
      Since we have to touch the ->session_create() call in
      l2tp_nl_cmd_session_create(), let's also remove the useless conditional:
      we know that ->session_create isn't NULL at this point because it's
      already been checked earlier in this same function.
      Finally, one might be tempted to think that the removed
      l2tp_tunnel_find() calls were harmless because they would return the
      same tunnel as the one held by l2tp_nl_cmd_session_create() anyway.
      But that tunnel might be removed and a new one created with same tunnel
      Id before the l2tp_tunnel_find() call. In this case l2tp_tunnel_find()
      would return the new tunnel which wouldn't be protected by the
      reference held by l2tp_nl_cmd_session_create().
      Fixes: 309795f4 ("l2tp: Add netlink control API for L2TP")
      Fixes: d9e31d17 ("l2tp: Add L2TP ethernet pseudowire support")
      Signed-off-by: default avatarGuillaume Nault <g.nault@alphalink.fr>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  2. 28 Aug, 2017 5 commits
  3. 11 Apr, 2017 1 commit
  4. 04 Apr, 2017 1 commit
    • Guillaume Nault's avatar
      l2tp: take reference on sessions being dumped · e08293a4
      Guillaume Nault authored
      Take a reference on the sessions returned by l2tp_session_find_nth()
      (and rename it l2tp_session_get_nth() to reflect this change), so that
      caller is assured that the session isn't going to disappear while
      processing it.
      For procfs and debugfs handlers, the session is held in the .start()
      callback and dropped in .show(). Given that pppol2tp_seq_session_show()
      dereferences the associated PPPoL2TP socket and that
      l2tp_dfs_seq_session_show() might call pppol2tp_show(), we also need to
      call the session's .ref() callback to prevent the socket from going
      away from under us.
      Fixes: fd558d18 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts")
      Fixes: 0ad66140 ("l2tp: Add debugfs files for dumping l2tp debug info")
      Fixes: 309795f4 ("l2tp: Add netlink control API for L2TP")
      Signed-off-by: default avatarGuillaume Nault <g.nault@alphalink.fr>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  5. 02 Apr, 2017 2 commits
    • Guillaume Nault's avatar
      l2tp: take a reference on sessions used in genetlink handlers · 2777e2ab
      Guillaume Nault authored
      Callers of l2tp_nl_session_find() need to hold a reference on the
      returned session since there's no guarantee that it isn't going to
      disappear from under them.
      Relying on the fact that no l2tp netlink message may be processed
      concurrently isn't enough: sessions can be deleted by other means
      (e.g. by closing the PPPOL2TP socket of a ppp pseudowire).
      l2tp_nl_cmd_session_delete() is a bit special: it runs a callback
      function that may require a previous call to session->ref(). In
      particular, for ppp pseudowires, the callback is l2tp_session_delete(),
      which then calls pppol2tp_session_close() and dereferences the PPPOL2TP
      socket. The socket might already be gone at the moment
      l2tp_session_delete() calls session->ref(), so we need to take a
      reference during the session lookup. So we need to pass the do_ref
      variable down to l2tp_session_get() and l2tp_session_get_by_ifname().
      Since all callers have to be updated, l2tp_session_find_by_ifname() and
      l2tp_nl_session_find() are renamed to reflect their new behaviour.
      Fixes: 309795f4 ("l2tp: Add netlink control API for L2TP")
      Signed-off-by: default avatarGuillaume Nault <g.nault@alphalink.fr>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Guillaume Nault's avatar
      l2tp: hold session while sending creation notifications · 5e6a9e5a
      Guillaume Nault authored
      l2tp_session_find() doesn't take any reference on the returned session.
      Therefore, the session may disappear while sending the notification.
      Use l2tp_session_get() instead and decrement session's refcount once
      the notification is sent.
      Fixes: 33f72e6f ("l2tp : multicast notification to the registered listeners")
      Signed-off-by: default avatarGuillaume Nault <g.nault@alphalink.fr>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  6. 09 Nov, 2016 3 commits
  7. 27 Oct, 2016 3 commits
    • Johannes Berg's avatar
      genetlink: mark families as __ro_after_init · 56989f6d
      Johannes Berg authored
      Now genl_register_family() is the only thing (other than the
      users themselves, perhaps, but I didn't find any doing that)
      writing to the family struct.
      In all families that I found, genl_register_family() is only
      called from __init functions (some indirectly, in which case
      I've add __init annotations to clarifly things), so all can
      actually be marked __ro_after_init.
      This protects the data structure from accidental corruption.
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Johannes Berg's avatar
      genetlink: statically initialize families · 489111e5
      Johannes Berg authored
      Instead of providing macros/inline functions to initialize
      the families, make all users initialize them statically and
      get rid of the macros.
      This reduces the kernel code size by about 1.6k on x86-64
      (with allyesconfig).
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Johannes Berg's avatar
      genetlink: no longer support using static family IDs · a07ea4d9
      Johannes Berg authored
      Static family IDs have never really been used, the only
      use case was the workaround I introduced for those users
      that assumed their family ID was also their multicast
      group ID.
      Additionally, because static family IDs would never be
      reserved by the generic netlink code, using a relatively
      low ID would only work for built-in families that can be
      registered immediately after generic netlink is started,
      which is basically only the control family (apart from
      the workaround code, which I also had to add code for so
      it would reserve those IDs)
      Thus, anything other than GENL_ID_GENERATE is flawed and
      luckily not used except in the cases I mentioned. Move
      those workarounds into a few lines of code, and then get
      rid of GENL_ID_GENERATE entirely, making it more robust.
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  8. 01 Sep, 2016 1 commit
  9. 25 Apr, 2016 1 commit
  10. 24 Apr, 2016 1 commit
  11. 17 Feb, 2016 1 commit
  12. 25 Sep, 2015 1 commit
  13. 31 Mar, 2015 2 commits
  14. 18 Jan, 2015 1 commit
    • Johannes Berg's avatar
      netlink: make nlmsg_end() and genlmsg_end() void · 053c095a
      Johannes Berg authored
      Contrary to common expectations for an "int" return, these functions
      return only a positive value -- if used correctly they cannot even
      return 0 because the message header will necessarily be in the skb.
      This makes the very common pattern of
        if (genlmsg_end(...) < 0) { ... }
      be a whole bunch of dead code. Many places also simply do
        return nlmsg_end(...);
      and the caller is expected to deal with it.
      This also commonly (at least for me) causes errors, because it is very
      common to write
        if (my_function(...))
          /* error condition */
      and if my_function() does "return nlmsg_end()" this is of course wrong.
      Additionally, there's not a single place in the kernel that actually
      needs the message length returned, and if anyone needs it later then
      it'll be very easy to just use skb->len there.
      Remove this, and make the functions void. This removes a bunch of dead
      code as described above. The patch adds lines because I did
      -	return nlmsg_end(...);
      +	nlmsg_end(...);
      +	return 0;
      I could have preserved all the function's return values by returning
      skb->len, but instead I've audited all the places calling the affected
      functions and found that none cared. A few places actually compared
      the return value with <= 0 in dump functionality, but that could just
      be changed to < 0 with no change in behaviour, so I opted for the more
      efficient version.
      One instance of the error I've made numerous times now is also present
      in net/phonet/pn_netlink.c in the route_dumpit() function - it didn't
      check for <0 or <=0 and thus broke out of the loop every single time.
      I've preserved this since it will (I think) have caused the messages to
      userspace to be formatted differently with just a single message for
      every SKB returned to userspace. It's possible that this isn't needed
      for the tools that actually use this, but I don't even know what they
      are so couldn't test that changing this behaviour would be acceptable.
      Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  15. 31 Dec, 2014 1 commit
  16. 23 May, 2014 2 commits
  17. 06 Mar, 2014 1 commit
    • Guillaume Nault's avatar
      l2tp: fix manual sequencing (de)activation in L2TPv2 · bb5016ea
      Guillaume Nault authored
      Commit e0d4435f "l2tp: Update PPP-over-L2TP driver to work over L2TPv3"
      broke the PPPOL2TP_SO_SENDSEQ setsockopt. The L2TP header length was
      previously computed by pppol2tp_l2t_header_len() before each call to
      l2tp_xmit_skb(). Now that header length is retrieved from the hdr_len
      session field, this field must be updated every time the L2TP header
      format is modified, or l2tp_xmit_skb() won't push the right amount of
      data for the L2TP header.
      This patch uses l2tp_session_set_header_len() to adjust hdr_len every
      time sequencing is (de)activated from userspace (either by the
      PPPOL2TP_SO_SENDSEQ setsockopt or the L2TP_ATTR_SEND_SEQ netlink
      Signed-off-by: default avatarGuillaume Nault <g.nault@alphalink.fr>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  18. 19 Nov, 2013 1 commit
  19. 14 Nov, 2013 1 commit
  20. 09 Oct, 2013 1 commit
    • Eric Dumazet's avatar
      ipv6: make lookups simpler and faster · efe4208f
      Eric Dumazet authored
      TCP listener refactoring, part 4 :
      To speed up inet lookups, we moved IPv4 addresses from inet to struct
      Now is time to do the same for IPv6, because it permits us to have fast
      lookups for all kind of sockets, including upcoming SYN_RECV.
      Getting IPv6 addresses in TCP lookups currently requires two extra cache
      lines, plus a dereference (and memory stall).
      inet6_sk(sk) does the dereference of inet_sk(__sk)->pinet6
      This patch is way bigger than its IPv4 counter part, because for IPv4,
      we could add aliases (inet_daddr, inet_rcv_saddr), while on IPv6,
      it's not doable easily.
      inet6_sk(sk)->daddr becomes sk->sk_v6_daddr
      inet6_sk(sk)->rcv_saddr becomes sk->sk_v6_rcv_saddr
      And timewait socket also have tw->tw_v6_daddr & tw->tw_v6_rcv_saddr
      at the same offset.
      We get rid of INET6_TW_MATCH() as INET6_MATCH() is now the generic
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  21. 20 Mar, 2013 1 commit
  22. 05 Feb, 2013 1 commit
  23. 26 Oct, 2012 1 commit
  24. 27 Sep, 2012 1 commit
  25. 10 Sep, 2012 1 commit
  26. 29 Jun, 2012 1 commit
    • Thomas Graf's avatar
      net: Use NLMSG_DEFAULT_SIZE in combination with nlmsg_new() · 58050fce
      Thomas Graf authored
      Using NLMSG_GOODSIZE results in multiple pages being used as
      nlmsg_new() will automatically add the size of the netlink
      header to the payload thus exceeding the page limit.
      NLMSG_DEFAULT_SIZE takes this into account.
      Signed-off-by: default avatarThomas Graf <tgraf@suug.ch>
      Cc: Jiri Pirko <jpirko@redhat.com>
      Cc: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
      Cc: Sergey Lapin <slapin@ossfans.org>
      Cc: Johannes Berg <johannes@sipsolutions.net>
      Cc: Lauro Ramos Venancio <lauro.venancio@openbossa.org>
      Cc: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
      Cc: Samuel Ortiz <sameo@linux.intel.com>
      Reviewed-by: default avatarJiri Pirko <jpirko@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  27. 30 May, 2012 1 commit
    • Neil Horman's avatar
      genetlink: Build a generic netlink family module alias · e9412c37
      Neil Horman authored
      Generic netlink searches for -type- formatted aliases when requesting a module to
      fulfill a protocol request (i.e. net-pf-16-proto-16-type-<x>, where x is a type
      value).  However generic netlink protocols have no well defined type numbers,
      they have string names.  Modify genl_ctrl_getfamily to request an alias in the
      format net-pf-16-proto-16-family-<x> instead, where x is a generic string, and
      add a macro that builds on the previously added MODULE_ALIAS_NET_PF_PROTO_NAME
      macro to allow modules to specifify those generic strings.
      Note, l2tp previously hacked together an net-pf-16-proto-16-type-l2tp alias
      using the MODULE_ALIAS macro, with these updates we can convert that to use the
      PROTO_NAME macro.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: Eric Dumazet <eric.dumazet@gmail.com>
      CC: James Chapman <jchapman@katalix.com>
      CC: David Miller <davem@davemloft.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  28. 17 May, 2012 1 commit
  29. 01 May, 2012 1 commit