On Mon, Feb 1, 2021 at 9:58 AM Eric Dumazet wrote:
>
> On Mon, Feb 1, 2021 at 6:34 PM Marco Elver wrote:
> >
> > On Mon, 1 Feb 2021 at 17:50, Christoph Paasch
>
> > > just a few days ago we found out that this also fixes a syzkaller
> > > issue on MPTCP
skb->truesize = save_truesize;
> + }
> + return ret;
just a few days ago we found out that this also fixes a syzkaller
issue on MPTCP (https://github.com/multipath-tcp/mptcp_net-next/issues/136).
I confirmed that this patch fixes the issue for us as well:
Tested-by: Christoph Paasch
> }
>
> /**
>
> base-commit: 14e8e0f6008865d823a8184a276702a6c3cbef3d
> --
> 2.30.0.365.g02bc693789-goog
>
st
picks a random configuration. However, currently it is always initialized
and thus the random config won't be picked up.
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/6
Reported-and-reviewed-by: Matthieu Baerts
Signed-off-by: Christoph Paasch
---
.../selftests/net/mptcp/m
listeners). For those who use AF_UNSPEC to
reuse a socket, tcp_disconnect() is changed to cleanup afterwards.
(The issue can be reproduced at least down to v4.4.x.)
Cc: Wei Wang
Cc: Eric Dumazet
Fixes: 2b0a8c9eee81 ("tcp: add CDG congestion control")
Signed-off-by: Christoph Paasch
On 07/07/20 - 21:51, Eric Dumazet wrote:
> On Tue, Jul 7, 2020 at 9:43 PM Eric Dumazet wrote:
> >
>
> > Could this be done instead in tcp_disconnect() ?
> >
>
> Note this might need to extend one of the change done in commit 4d4d3d1e8807d6
> ("[TCP]: Congestion control initialization.")
>
> dif
On 07/08/20 - 10:19, Christoph Paasch wrote:
> On 07/07/20 - 21:51, Eric Dumazet wrote:
> > On Tue, Jul 7, 2020 at 9:43 PM Eric Dumazet wrote:
> > >
> >
> > > Could this be done instead in tcp_disconnect() ?
> > >
> >
> > Note this
.)
Cc: Wei Wang
Cc: Eric Dumazet
Fixes: 2b0a8c9ee ("tcp: add CDG congestion control")
Signed-off-by: Christoph Paasch
---
net/ipv4/inet_connection_sock.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index afa
Hello,
On Sun, Jun 7, 2020 at 3:00 AM Florian Westphal wrote:
>
> Eric Dumazet wrote:
> > > Sure! TCP_DEFER_ACCEPT delays the creation of the socket until data
> > > has been sent by the client *or* the specified time has expired upon
> > > which a last SYN/ACK is sent and if the client replies
On Thu, Jun 4, 2020 at 6:28 PM Eric Dumazet wrote:
>
>
>
> On 6/4/20 4:18 PM, Christoph Paasch wrote:
> > +Eric & Leif
> >
> > Hello,
> >
> >
> > (digging out an old thread ... ;-) )
> >
>
> Is there a tldr; ?
Sure! TCP_DEFER_ACCE
+Eric & Leif
Hello,
(digging out an old thread ... ;-) )
On Wed, Jun 11, 2014 at 11:05 PM Julian Anastasov wrote:
>
>
> Hello,
>
> On Tue, 10 Jun 2014, Wayne Badger wrote:
>
> > On 6/7/14, 10:41 AM, Julian Anastasov wrote:
> > >
> > > This discussion (http://marc.info/?t=1255410629
Hello,
On Mon, May 25, 2020 at 3:19 PM Florian Westphal wrote:
>
> From: Paolo Abeni
>
> Place receive window tuning in the recvmsg path.
> This makes sure the size is only increased when userspace consumes data.
>
> Previously we would grow the sk receive buffer towards tcp_rmem[2], now we
> so
Signed-off-by: Paolo Abeni
> ---
> include/linux/tcp.h | 3 +++
> include/net/mptcp.h | 17 ++---
> net/ipv4/tcp_minisocks.c | 2 +-
> net/mptcp/protocol.c | 7 ---
> net/mptcp/subflow.c | 3 +++
> 5 files changed, 17 insertions(+), 15 deletions(-)
Reviewed-by: Christoph Paasch
when the DSN and DATA_ACK are both either
32 or 64-bit.
Signed-off-by: Christoph Paasch
---
include/net/mptcp.h | 5 -
net/mptcp/options.c | 33 -
net/mptcp/protocol.h | 1 +
net/mptcp/subflow.c | 2 ++
4 files changed, 31 insertions(+), 10 deletions
| 2 +-
> net/mptcp/protocol.c | 7 ---
> net/mptcp/subflow.c| 17 +++--
> 7 files changed, 34 insertions(+), 26 deletions(-)
Reviewed-by: Christoph Paasch
Christoph
ix this by initializing map_seq upon subflow establishment time.
Fixes: f296234c98a8 ("mptcp: Add handling of incoming MP_JOIN requests")
Signed-off-by: Christoph Paasch
---
net/mptcp/protocol.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.
gt;>> after at least 1 additional SYN was sent (without data). It may be the
> >>> case
> >>> that a middle-box is dropping data-in-SYN packets. Thus, it would be more
> >>> efficient to not use TFO on this connection to avoid extra retransmits
> >>
On Thu, Sep 19, 2019 at 1:07 PM Greg Kroah-Hartman
wrote:
>
> On Thu, Sep 19, 2019 at 08:21:43AM -0700, Christoph Paasch wrote:
> > Hello Greg & Sasha,
> >
> > On Sat, Sep 14, 2019 at 12:20 AM Christoph Paasch wrote:
> > >
> > >
> > > The a
Hello Greg & Sasha,
On Sat, Sep 14, 2019 at 12:20 AM Christoph Paasch wrote:
>
>
> The above referenced commit has problems on older non-rbTree kernels.
>
> AFAICS, the commit has only been backported to 4.14 up to now, but the
> commit that fdfc5c8594c2 is fixing (nam
sas Yeganeh
Cc: Neal Cardwell
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index efe767e20d01..c1f59a53f68f 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -922,7 +922,8 @@ static in
ot;)
Cc: Eric Dumazet
Cc: Jason Baron
Cc: Vladimir Rutsky
Cc: Soheil Hassas Yeganeh
Cc: Neal Cardwell
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 5ce069ce2a97..efe767e20d01 100644
-
The above referenced commit has problems on older non-rbTree kernels.
AFAICS, the commit has only been backported to 4.14 up to now, but the
commit that fdfc5c8594c2 is fixing (namely ce5ec440994b ("tcp: ensure epoll
edge trigger wakeup when write queue is empty"), is in v4.2.
Christ
Hello,
On Mon, Aug 26, 2019 at 11:04 AM Eric Dumazet wrote:
>
> Vladimir Rutsky reported stuck TCP sessions after memory pressure
> events. Edge Trigger epoll() user would never receive an EPOLLOUT
> notification allowing them to retry a sendmsg().
>
> Jason tested the case of sk_stream_alloc_skb
> On Jul 10, 2019, at 9:26 PM, Eric Dumazet wrote:
>
>
>
> On 7/10/19 8:53 PM, Prout, Andrew - LLSC - MITLL wrote:
>>
>> Our initial rollout was v4.14.130, but I reproduced it with v4.14.132 as
>> well, reliably for the samba test and once (not reliably) with synthetic
>> test I was tryin
acb5 ("tcp: add tcpi_bytes_received to tcp_info")
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 7dc9ab84bb69..2eebd092c3c1 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -2
sure tcp_fragment() wont punish applications
> that might have setup very low SO_SNDBUF values.
>
> Fixes: f070ef2ac667 ("tcp: tcp_fragment() should apply sane memory limits")
> Signed-off-by: Eric Dumazet
> Reported-by: Christoph Paasch
> ---
> net/ipv4/tcp_output.
On Mon, Jun 17, 2019 at 8:44 PM Eric Dumazet wrote:
>
>
>
> On 6/17/19 8:19 PM, Christoph Paasch wrote:
> >
> > Yes, this does the trick for my packetdrill-test.
> >
> > I wonder, is there a way we could end up in a situation where we can't
> > retr
On Mon, Jun 17, 2019 at 7:28 PM Eric Dumazet wrote:
>
>
>
> On 6/17/19 5:18 PM, Christoph Paasch wrote:
> >
> > Hi Eric, I now have a packetdrill test that started failing (see
> > below). Admittedly, a bit weird test with the SO_SNDBUF forced so low.
> >
&g
On Mon, Jun 17, 2019 at 10:05 AM Eric Dumazet wrote:
>
> Jonathan Looney reported that a malicious peer can force a sender
> to fragment its retransmit queue into tiny skbs, inflating memory
> usage and/or overflow 32bit counters.
>
> TCP allows an application to queue up to sk_sndbuf bytes,
> so
roduce native tunnel support for ERSPAN")) made it into 4.14.
Thus, the fix needs to be backported to 4.14 as well.
Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
Cc: William Tu
Signed-off-by: Christoph Paasch
---
Notes:
This should *only* go into 4.14.
On 28/05/19 - 17:07:44, Greg KH wrote:
> On Tue, May 28, 2019 at 05:01:13PM -0700, Christoph Paasch wrote:
> > When building the erspan header for either v1 or v2, the eth_hdr()
> > does not point to the right inner packet's eth_hdr,
> > causing kasan report use-after-
[ 21.130182] entry_SYSCALL_64_after_hwframe+0x49/0xbe
We should allocate with __GFP_NOWARN to handle this.
Cc: Kal Conley
Cc: Andrey Konovalov
Fixes: fc62814d690c ("net/packet: fix 4gb buffer limit due to overflow check")
Signed-off-by: Christoph Paasch
---
net/packet/af_packet.c | 2 +-
1 file cha
necessary in tcp_filter as it gets
initialized later on in tcp_vX_fill_cb.
Cc: Eric Dumazet
Fixes: eeea10b83a13 ("tcp: add tcp_v4_fill_cb()/tcp_v4_restore_cb()")
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp_ipv4.c | 9 +
1 file changed, 1 insertion(+), 8 deletions(-)
diff --
Hello,
On Sun, Jan 6, 2019 at 3:12 AM Saeed Mahameed wrote:
>
> On Sat, Jan 5, 2019 at 8:35 PM Nikola Ciprich
> wrote:
> >
> > Hi Saeed,
> >
> >
> > > Most likely the same issue, we are finalizing the patch initially
> > > proposed by Cong, you can find it here, I plan to submit it next week,
>
On 16/12/18 - 22:33:52, Eric Dumazet wrote:
>
>
> On 12/14/2018 02:40 PM, Christoph Paasch wrote:
> > We can actually easily reuse __tcp_fastopen_cookie_gen_with_ctx to
> > generate the cookie based on a give TFO-context.
> >
>
> s/give/given/
Thanks! Will be fixed in the v2.
Christoph
On 17/12/18 - 08:52:22, Yuchung Cheng wrote:
> On Sun, Dec 16, 2018 at 10:32 PM Eric Dumazet wrote:
> >
> >
> >
> > On 12/14/2018 02:40 PM, Christoph Paasch wrote:
> > > Print the list of the TFO-keys with a comma separated. For setting the
> > > key
On 16/12/18 - 22:30:51, Eric Dumazet wrote:
>
>
> On 12/14/2018 02:40 PM, Christoph Paasch wrote:
> > This change allows to search for the right cookie and accepts old ones
> > (announcing a new one if it has changed).
> >
> > __tcp_fastopen_cookie_gen_with_
On 17/12/18 - 14:01:41, Eric Dumazet wrote:
> On Mon, Dec 17, 2018 at 1:57 PM Christoph Paasch wrote:
> >
> > On 17/12/18 - 08:04:08, Eric Dumazet wrote:
> > > On Fri, Dec 14, 2018 at 2:40 PM Christoph Paasch
> > > wrote:
> > > >
> > >
On 17/12/18 - 08:04:08, Eric Dumazet wrote:
> On Fri, Dec 14, 2018 at 2:40 PM Christoph Paasch wrote:
> >
>
> ...
>
> > int tcp_fastopen_reset_cipher(struct net *net, struct sock *sk,
> > void *key, unsigned int len)
> &g
On 16/12/18 - 22:31:41, Eric Dumazet wrote:
>
>
> On 12/14/2018 02:40 PM, Christoph Paasch wrote:
> > Instead of having a single TFO-context, we now have a list of
> > tcp_fastopen_context, bounded by TCP_FASTOPEN_CTXT_LEN (set to 2).
> >
> > This enables us to
Allow to get the full list of the listener's keypool through a
getsockopt.
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 27e2f6837062..cdb317392138 100644
---
This change allows to search for the right cookie and accepts old ones
(announcing a new one if it has changed).
__tcp_fastopen_cookie_gen_with_ctx() allows to generate a cookie based
on a given TFO-context. A later patch will cleanup the duplicate code.
Signed-off-by: Christoph Paasch
e announce a new TFO-cookie to the client.
We have seen a significant reduction of LINUX_MIB_TCPFASTOPENPASSIVEFAIL
thanks to these patches. Invalid cookies are now solely observed when
clients behind a NAT are getting a new public IP.
Christoph Paasch (5):
tcp: Create list of TFO-contexts
Print the list of the TFO-keys with a comma separated. For setting the
keys, we still only allow a single one to be set.
Signed-off-by: Christoph Paasch
---
net/ipv4/sysctl_net_ipv4.c | 41 ++---
1 file changed, 30 insertions(+), 11 deletions(-)
diff --git a
).
Signed-off-by: Christoph Paasch
---
include/net/tcp.h | 2 ++
net/ipv4/tcp_fastopen.c | 52 +
2 files changed, 50 insertions(+), 4 deletions(-)
diff --git a/include/net/tcp.h b/include/net/tcp.h
index e0a65c067662..e629ea2e6c9d 100644
--- a
We can actually easily reuse __tcp_fastopen_cookie_gen_with_ctx to
generate the cookie based on a give TFO-context.
This cleans up some of the code.
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp_fastopen.c | 51 +++--
1 file changed, 11 insertions
On 13/12/18 - 11:39:18, Florian Westphal wrote:
> Eric Dumazet wrote:
> > > If its going to be used as I expect, then the extension could be
> > > discarded after the DSS mapping has been written to the tcp option
> > > space, i.e. before cloning occurs.
> >
> > I do not see how this would work,
On 29/11/18 - 14:59:36, Eric Dumazet wrote:
> On Thu, Nov 29, 2018 at 2:47 PM Christoph Paasch wrote:
>
> > Indeed, the UDP-stack is not fully 4-tuple ready.
> >
> >
> > What are your thoughts on getting it there?
>
> This would request an additional lookup
net: gro: properly remove skb from list")
Suggested-by: Eric Dumazet
Signed-off-by: Christoph Paasch
---
Notes:
v2: - Set skb->prev to NULL in netem_enqueue instead.
net/sched/sch_netem.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/sched/sch_netem.c b/net/sched/sch_n
On Thu, Nov 29, 2018 at 3:54 PM David Miller wrote:
>
> From: Eric Dumazet
> Date: Thu, 29 Nov 2018 15:09:18 -0800
>
> > diff --git a/net/sched/sch_netem.c b/net/sched/sch_netem.c
> > index
> > 2c38e3d0792468162ee0dc4137f1400160ab9276..22cd46a600576f286803536d45875cd9d537cdca
> > 100644
> > ---
On 29/11/18 - 15:09:18, Eric Dumazet wrote:
>
>
> On 11/29/2018 02:55 PM, Christoph Paasch wrote:
> > On 29/11/18 - 14:44:44, Eric Dumazet wrote:
> >>
> >>
> >> On 11/29/2018 02:27 PM, Christoph Paasch wrote:
> >>> There are place
On 29/11/18 - 14:44:44, Eric Dumazet wrote:
>
>
> On 11/29/2018 02:27 PM, Christoph Paasch wrote:
> > There are places in the stack, where we access skb->prev directly and
> > modify it. Namely, __qdisc_drop_all().
> >
> > With commit 68d2f84a1368 (&quo
Hello,
On 28/11/18 - 19:15:12, Eric Dumazet wrote:
> On Wed, Nov 28, 2018 at 7:09 PM Jana Iyengar wrote:
> >
> >
> > On Wed, Nov 28, 2018 at 6:19 PM Eric Dumazet wrote:
> >>
> >> On Wed, Nov 28, 2018 at 5:57 PM Christoph Paasch wrote:
> >> >
&
h can't be backported easily.
I can post a follow-up for that.
Cc: Prashant Bhole
Cc: Tyler Hicks
Fixes: 68d2f84a1368 ("net: gro: properly remove skb from list")
Signed-off-by: Christoph Paasch
---
include/linux/skbuff.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/in
will match in the lookup for all incoming UDP-traffic
that has the specific IP/port.
This patch prevents any incoming traffic until the connect() system-call
is called whenever the app sets the UDP socket-option
UDP_WAIT_FOR_CONNECT.
Signed-off-by: Christoph Paasch
---
Notes:
Changes
On 01/11/18 - 17:51:39, Willem de Bruijn wrote:
> On Wed, Oct 31, 2018 at 7:30 PM Christoph Paasch wrote:
> >
> > Implementations of Quic might want to create a separate socket for each
> > Quic-connection by creating a connected UDP-socket.
> >
> > To achieve t
On 31/10/18 - 17:53:22, Eric Dumazet wrote:
> On 10/31/2018 04:26 PM, Christoph Paasch wrote:
> > Implementations of Quic might want to create a separate socket for each
> > Quic-connection by creating a connected UDP-socket.
> >
>
> Nice proposal, but I doubt a QUIC s
> On Oct 31, 2018, at 10:04 PM, Eric Dumazet wrote:
>
>
>
>> On 10/31/2018 08:50 PM, Christoph Paasch wrote:
>>
>> What we had here is that we wanted to let a server initiate more than 64K
>> connections *while* binding also to a source-IP.
>> Wi
And store it as a flag in the sk_flags.
Signed-off-by: Christoph Paasch
---
arch/alpha/include/uapi/asm/socket.h | 2 ++
arch/ia64/include/uapi/asm/socket.h | 2 ++
arch/mips/include/uapi/asm/socket.h | 2 ++
arch/parisc/include/uapi/asm/socket.h | 2 ++
arch/s390/include/uapi/asm
TCP wants to better use the full 4-tuple space
by binding to the source-IP and the destination-IP at the same time.
Feedback is very welcome!
Christoph Paasch (2):
net: Add new socket-option SO_DELAYED_BIND
udp: Support SO_DELAYED_BIND
arch/alpha/include/uapi/asm/socket.h | 2 ++
a
For UDP, there is only a single socket-hash table, the udptable.
We want to prevent incoming segments to match on this socket when
SO_DELAYED_BIND is set. Thus, when computing the score for unconnected
sockets, we simply prevent the match as long as the flag is set.
Signed-off-by: Christoph
f_skb_features+0x24/0x230 RSP: 88043fd83e70
[ 15.458933] CR2: 00d0
[ 15.459352] ---[ end trace 083925903ae60570 ]---
Fixes: 6b921536f170 ("net: sk_buff rbnode reorg")
Cc: Stephen Hemminger
Cc: Eric Dumazet
Cc: Soheil Hassas Yeganeh
Cc: Wei Wang
Cc: Willem de Bruijn
Sign
Hello,
On Thu, Sep 13, 2018 at 8:00 AM Stephen Hemminger
wrote:
>
> From: Eric Dumazet
>
> commit bffa72cf7f9df842f0016ba03586039296b4caaf upstream
>
> skb->rbnode shares space with skb->next, skb->prev and skb->tstamp
>
> Current uses (TCP receive ofo queue and netem) need to save/restore
> tst
Hello,
On Sun, Jun 3, 2018 at 10:47 AM, Maciej Żenczykowski
wrote:
> From: Maciej Żenczykowski
>
> It is not safe to do so because such sockets are already in the
> hash tables and changing these options can result in invalidating
> the tb->fastreuse(port) caching.
>
> This can have later far re
Hello,
On 01/02/18 - 10:15:46, David Miller wrote:
> From: Christoph Paasch
> Date: Wed, 31 Jan 2018 16:07:02 -0800
>
> > TCP-options like TCP_MD5 and SMC are rather rare use-cases, but their
> > implementation is rather intrusive to the TCP-stack. Other, more recent
> &
or not and check this state in the relevant
functions.
Cc: Ursula Braun
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp.h | 3 +-
include/net/inet_sock.h | 3 +-
include/net/tcp.h| 4 -
net/ipv4/tcp.c | 5 --
net/ipv4/tcp_input.c
s to the buildbot when certain configs
are disabled (Patch 5 and 12)
* Add spdx-header in the new files (Patch 11)
* Added Ivan Delande to the CC-list as he did some TCP-MD5
changes in the past.
Christoph Paasch (13):
tcp: Write options after the header has been
tcp_md5.c to handle these address-families at the
benefit of getting rid of these callbacks in tcp_sock, together with its
assignments in tcp_v4/6_connect,...
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp.h | 5 -
include/linux/tcp_md5.h
As we allow a generic TCP-option parser that also parses experimental
TCP options, we need to add a return-value to smc_parse_options() that
indicates whether the option actually matched or not.
Cc: Ursula Braun
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4
An upcoming patch adds a configurable, per-socket list of TCP options to
populate in the TCP header. This requires tcp_options_write() to know the
socket (to use the options list) and the skb (to provide visibility to the
packet data for options like TCP_MD5SIG).
Signed-off-by: Christoph Paasch
tion.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
Notes:
v2: * Fix compiler warning about unused variable when RCU-debugging is
disabled
include/linux/tcp.h | 10 +-
include/linux/tcp_md5.h | 62 -
net/ipv4/tcp_ipv4.c | 55
net/i
adapt the latter so that it can handle the case where we
want to exit without sending anything.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv6/tcp_ipv6.c | 119 +---
1 file changed, 57 insertions(+), 62
It really does not matter, because we never use TCP timestamps when
TCP_MD5 is enabled (see tcp_syn_options).
Moving TCP_MD5 a bit lower allows for easier adoption of the
tcp_extra_option framework.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4
This will simplify to consolidate the TCP_MD5-code into a single place.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4/tcp_ipv4.c | 18 ++
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4
This is all just copy-pasting the TCP_MD5-code into functions that are
placed in net/ipv4/tcp_md5.c.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
Notes:
v2: * Add SPDX-identifier (Mat Martineau's feedback)
include/linux/inet_diag.h |1 +
in
The generic TCP-option framework will need to have access to the full
TCP-header (e.g., if we want to compute a checksum for TCP-MD5).
Thus, we move the call to tcp_options_write() to after all the fields in
the header have been filled out.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat
The checks are now being done through the extra-option framework. For
TCP MD5 this means that the check happens a bit later than usual.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp_md5.h | 23 +--
net/ipv4/tcp_input.c
_sock.
The list is copied from the listener to the request-socket (calling into
the 'copy' callback). Then, moved from the request-socket to the
TCP-socket and finally to the time-wait socket.
Signed-off-by: Mat Martineau
Signed-off-by: Christoph Paasch
---
Notes:
v2: * Fix a compil
s a drop of the segment.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4/tcp_input.c | 15 ++-
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index cfa51cfd2d99..1fbabcc99b62 100644
--- a/net/i
It is much cleaner to store the key-pointer in tcp_out_options. It
allows to remove some MD5-specific code out of the function-arguments
and paves the way to adopting the TCP-option framework with TCP-MD5.
Cc: Ivan Delalande
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
On Sun, Jan 28, 2018 at 8:48 PM, Christoph Paasch wrote:
> Commit 03aef17bb79b ("devinet_ioctl(): take copyin/copyout to caller")
> introduced a regression when using ifconfig. ifconfig doesn't show the
> address anymore. The reason is that the above patch changed the
ller")
Signed-off-by: Christoph Paasch
---
net/ipv4/devinet.c | 4
1 file changed, 4 insertions(+)
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index e056c0067f2c..942dbc73def0 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -1049,18 +1049,22 @@ int devinet_ioctl(stru
Hello Mat,
On 02/01/18 - 11:39:23, Mat Martineau wrote:
>
> Hi Christoph -
>
> On Mon, 18 Dec 2017, Christoph Paasch wrote:
>
> > This is all just copy-pasting the TCP_MD5-code into functions that are
> > placed in net/ipv4/tcp_md5.c.
> >
> > Signed-of
/* Clean up the MD5 key list, if any */
> if (tp->md5sig_info) {
> tcp_clear_md5_list(sk);
> - kfree_rcu(tp->md5sig_info, rcu);
> + kfree_rcu(rcu_dereference_protected(tp->md5sig_info, 1), rcu);
Acked-by: Christoph Paasch
D5 option.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp.h | 10 +-
include/linux/tcp_md5.h | 64 -
net/ipv4/tcp_ipv4.c | 55
net/ipv4/tcp_md5.c | 696 +--
net/ipv4/tcp_minisocks.c | 12 -
net/i
_sock.
The list is copied from the listener to the request-socket (calling into
the 'copy' callback). Then, moved from the request-socket to the
TCP-socket and finally to the time-wait socket.
Signed-off-by: Mat Martineau
Signed-off-by: Christoph Paasch
---
drivers/infiniband/hw
or not and check this state in the relevant
functions.
Cc: Ursula Braun
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp.h | 3 +-
include/net/inet_sock.h | 3 +-
include/net/tcp.h| 4 -
net/ipv4/tcp.c | 5 --
net/ipv4/tcp_input.c
As we allow a generic TCP-option parser that also parses experimental
TCP options, we need to add a return-value to smc_parse_options() that
indicates whether the option actually matched or not.
Cc: Ursula Braun
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4
tcp_md5.c to handle these address-families at the
benefit of getting rid of these callbacks in tcp_sock, together with its
assignments in tcp_v4/6_connect,...
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp.h | 5 -
include/linux/tcp_md5.h | 18 +--
include
This is all just copy-pasting the TCP_MD5-code into functions that are
placed in net/ipv4/tcp_md5.c.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/inet_diag.h |1 +
include/linux/tcp_md5.h | 138 ++
include/net/tcp.h | 77
net/ipv4
This will simplify to consolidate the TCP_MD5-code into a single place.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4/tcp_ipv4.c | 18 ++
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index
It really does not matter, because we never use TCP timestamps when
TCP_MD5 is enabled (see tcp_syn_options).
Moving TCP_MD5 a bit lower allows for easier adoption of the
tcp_extra_option framework.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4/tcp_output.c | 14
An upcoming patch adds a configurable, per-socket list of TCP options to
populate in the TCP header. This requires tcp_options_write() to know the
socket (to use the options list) and the skb (to provide visibility to the
packet data for options like TCP_MD5SIG).
Signed-off-by: Christoph Paasch
The checks are now being done through the extra-option framework. For
TCP MD5 this means that the check happens a bit later than usual.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp_md5.h | 23 +--
net/ipv4/tcp_input.c| 8
adapt the latter so that it can handle the case where we
want to exit without sending anything.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv6/tcp_ipv6.c | 119 +---
1 file changed, 57 insertions(+), 62 deletions(-)
diff
s a drop of the segment.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
net/ipv4/tcp_input.c | 15 ++-
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 4d55c4b338ee..eb97ee24c601 100644
--- a/net/i
It is much cleaner to store the key-pointer in tcp_out_options. It
allows to remove some MD5-specific code out of the function-arguments
and paves the way to adopting the TCP-option framework with TCP-MD5.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat Martineau
---
include/linux/tcp.h
ally a big overhead to update all the
jump-labels.
For now we opted for a simple if (unlikely(!hlist_empty(...)) check.
Feedback is very welcome!
Thanks,
Mat & Christoph
Christoph Paasch (13):
tcp: Write options after the header has been fully done
tcp: Pass sock and skb to tcp_options_writ
The generic TCP-option framework will need to have access to the full
TCP-header (e.g., if we want to compute a checksum for TCP-MD5).
Thus, we move the call to tcp_options_write() to after all the fields in
the header have been filled out.
Signed-off-by: Christoph Paasch
Reviewed-by: Mat
;tcp md5sig: Let the caller pass appropriate key for
tcp_v{4,6}_do_calc_md5_hash().")
Signed-off-by: Christoph Paasch
---
net/ipv4/tcp_ipv4.c | 2 +-
net/ipv6/tcp_ipv6.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 7
ne)
>
> Lets use net->ipv4.tcp_fastopen_ctx_lock to protect ctx access.
>
> Fixes: 1fba70e5b6be ("tcp: socket option to set TCP fast open key")
> Signed-off-by: Eric Dumazet
> Cc: Yuchung Cheng
> Cc: Christoph Paasch
> ---
> net/ipv4/tcp_fastopen.c |
1 - 100 of 125 matches
Mail list logo
