[PATCH net v2 2/2] ipv6: properly check return value in inet6_dump_all()

id error when dumping all families") Signed-off-by: Alexey Kodanev --- v2: a new patch in v2 net/ipv6/ip6_fib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c index 1b8bc00..ae37861 100644 --- a/net/ipv6/ip6_fib.c +++ b/ne

[PATCH net v2 1/2] rtnetlink: restore handling of dumpit return value in rtnl_dump_all()

8c1b786f>] __sys_sendto+0x1e4/0x330 [<19587b3f>] __x64_sys_sendto+0xe1/0x1a0 [<071f4d56>] do_syscall_64+0x9f/0x300 [<2737577f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [<57587684>] 0xffff Fixes: c63586dc9b3e ("net:

Re: [PATCH net] rtnetlink: invoke 'cb->done' destructor before 'cb->args' reset

On 11/01/2018 04:11 PM, Alexey Kodanev wrote: > On 10/31/2018 08:35 PM, David Ahern wrote: >> On 10/31/18 10:55 AM, David Ahern wrote: >>> I think the simplest fix for 4.20 is to break the loop if ret is non-0 - >>> restore the previous behavior. >> >> th

Re: [PATCH net] rtnetlink: invoke 'cb->done' destructor before 'cb->args' reset

On 10/31/2018 08:35 PM, David Ahern wrote: > On 10/31/18 10:55 AM, David Ahern wrote: >> I think the simplest fix for 4.20 is to break the loop if ret is non-0 - >> restore the previous behavior. > > that is the only recourse. It has to bail if ret is non-0. Do you want > to send a patch with

Re: [PATCH net] rtnetlink: invoke 'cb->done' destructor before 'cb->args' reset

On 31.10.2018 09:42, Alexey Kodanev wrote: > cb->args[2] can store the pointer to the struct fib6_walker, > allocated in inet6_dump_fib(). On the next loop iteration in > rtnl_dump_all(), 'memset(, 0, sizeof(cb->args))' can reset > that pointer, leaking the memory [1]. > On

[PATCH net] rtnetlink: invoke 'cb->done' destructor before 'cb->args' reset

;] sock_sendmsg+0xba/0xf0 [<8c1b786f>] __sys_sendto+0x1e4/0x330 [<19587b3f>] __x64_sys_sendto+0xe1/0x1a0 [<071f4d56>] do_syscall_64+0x9f/0x300 [<2737577f>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [<57587684>] 0xfffff

Re: [PATCH net] ipv6: don't get lwtstate twice in ip6_rt_copy_init()

On 30.08.2018 19:10, David Ahern wrote: > On 8/30/18 10:11 AM, Alexey Kodanev wrote: ... >> unreferenced object 0x880b6aaa14e0 (size 64): >> comm "ip", pid 10577, jiffies 4295149341 (age 1273.903s) >> hex dump (first 32 bytes): >> 01 00 04 0

[PATCH net] ipv6: don't get lwtstate twice in ip6_rt_copy_init()

4_after_hwframe+0x49/0xbe [<6d21f353>] 0xffffffff Fixes: 6edb3c96a5f0 ("net/ipv6: Defer initialization of dst to data path") Signed-off-by: Alexey Kodanev --- net/ipv6/route.c | 1 - 1 file changed, 1 deletion(-) diff --git a/net/ipv6/route.c b/net/ipv

[PATCH net] vti6: remove !skb->ignore_df check from vti6_xmit()

P test script: udp_ipsec_vti.sh -6 -p ah -m tunnel -s 2000 Fixes: ccd740cbc6e0 ("vti6: Add pmtu handling to vti6_xmit.") Signed-off-by: Alexey Kodanev --- Not sure about xfrmi_xmit2(), it has a similar check for ignore_df... net/ipv6/ip6_vti.c | 2 +- 1 file changed, 1 insertion(

[PATCH net v2] dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()

[dccp] [40852.254833] ? sched_clock+0x5/0x10 [40852.298508] ? sched_clock+0x5/0x10 [40852.342194] ? inet_create+0xdf0/0xdf0 [40852.388988] sock_sendmsg+0xd9/0x160 ... Fixes: 113ced1f52e5 ("dccp ccid-2: Perform congestion-window validation") Signed-off-by: Alexey Kodanev --- v2: instead of ch

[PATCH net] dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()

x200/0x200 [dccp] [40852.254833] ? sched_clock+0x5/0x10 [40852.298508] ? sched_clock+0x5/0x10 [40852.342194] ? inet_create+0xdf0/0xdf0 [40852.388988] sock_sendmsg+0xd9/0x160 ... Fixes: 113ced1f52e5 ("dccp ccid-2: Perform congestion-window validation") Signed-off-by: Alexey Kodanev ---

[PATCH net] dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()

c91a6f15db...@syzkaller.appspotmail.com Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/dccp/proto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/net/dccp/proto.c b/net/dccp/proto.c index 84cd4e3..0d56e36 100644 --- a/net/dccp/proto.c +++ b/net/dccp/proto.c @@ -283

[PATCH v2 3/3] selinux: correctly handle sa_family cases in selinux_sctp_bind_connect()

is expected from SCTP protocol in such case. Fixes: d452930fd3b9 ("selinux: Add SCTP support") Suggested-by: Paul Moore <p...@paul-moore.com> Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: new patch in v2 security/selinux/hooks.c | 3 ++- 1 file changed, 2 ins

[PATCH v2 1/3] selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind()

6a20 ("net: ipv4: relax AF_INET check in bind()"), which relaxed AF_INET check for compatibility, add AF_UNSPEC case to AF_INET and make sure that the address is INADDR_ANY. Fixes: d452930fd3b9 ("selinux: Add SCTP support") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.c

[PATCH v2 2/3] selinux: fix address family in bind() and connect() to match address/port

the socket one. The initialization of the data for the audit record is moved above, in selinux_socket_bind(), so that there is no duplicate changes and code. Fixes: d452930fd3b9 ("selinux: Add SCTP support") Suggested-by: Paul Moore <p...@paul-moore.com> Signed-off-by: Alexey Koda

Re: [PATCH] selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind()

On 10.05.2018 01:02, Paul Moore wrote: ... > I just had a better look at this and I believe that Alexey and Stephen > are right: this is the best option. My apologies for the noise > earlier. However, while looking at the code I think there are some > additional necessary changes: > > * In the

[PATCH] selinux: add AF_UNSPEC and INADDR_ANY checks to selinux_socket_bind()

t. Fixes: d452930fd3b9 ("selinux: Add SCTP support") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- security/selinux/hooks.c | 12 +--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index

[PATCH net-next 0/4] geneve: verify user specified MTU or adjust with a lower device

a user specified MTU or, if it finds a lower device, tunes the tunnel MTU using it. Alexey Kodanev (4): geneve: remove white-space before '#if IS_ENABLED(CONFIG_IPV6)' geneve: cleanup hard coded value for Ethernet header length geneve: check MTU for a minimum in geneve_change_mtu() geneve

[PATCH net-next 1/4] geneve: remove white-space before '#if IS_ENABLED(CONFIG_IPV6)'

Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- drivers/net/geneve.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c index b919e89..45acdc9 100644 --- a/drivers/net/geneve.c +++ b/drivers/net/geneve.c @@ -1261,7 +

[PATCH net-next 4/4] geneve: configure MTU based on a lower device

() where it is verified, and MTU adjustments with a lower device is skipped in that case. Prior that change, it was possible to set the invalid MTU values on a new link creation. Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- drivers/net/geneve.

[PATCH net-next 3/4] geneve: check MTU for a minimum in geneve_change_mtu()

geneve_change_mtu() will be used not only as ndo_change_mtu() callback, but also to verify a user specified MTU on a new link creation in the next patch. Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- drivers/net/geneve.c | 5 ++--- 1 file changed, 2 insertions(+), 3 del

[PATCH net-next 2/4] geneve: cleanup hard coded value for Ethernet header length

Use ETH_HLEN instead and introduce two new macros: GENEVE_IPV4_HLEN and GENEVE_IPV6_HLEN that include Ethernet header length, corresponded IP header length and GENEVE_BASE_HLEN. Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- drivers/net/geneve.c | 9 + 1 file chan

[RFC PATCH net] tcp: allow to use TCP Fastopen with MSG_ZEROCOPY

MSG_ZEROCOPY") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- Is there something that I've overlooked and we can't use it here, and we should handle this type of error, while using sendto() + TFO, in userspace? net/ipv4/tcp.c | 5 - 1 file changed, 5 deletions(-) diff -

[PATCH net v6 2/4] ipv6: allow to cache dst for a connected sk in ip6_sk_dst_lookup_flow()

Add 'connected' parameter to ip6_sk_dst_lookup_flow() and update the cache only if ip6_sk_dst_check() returns NULL and a socket is connected. The function is used as before, the new behavior for UDP sockets in udpv6_sendmsg() will be enabled in the next patch. Signed-off-by: Alexey Kodanev

[PATCH net v6 3/4] ipv6: udp: convert 'connected' to bool type in udpv6_sendmsg()

This should make it consistent with ip6_sk_dst_lookup_flow() that is accepting the new 'connected' parameter of type bool. Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/udp.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/ipv6/u

[PATCH net v6 0/4] ipv6: udp: set dst cache for a connected sk if current not valid

ced in 4.1, but starting from 4.2. Add one more 'Fixes:' commit that creates new RTF_CACHE route. Though, it is also mentioned in the first one Alexey Kodanev (4): ipv6: add a wrapper for ip6_dst_store() with flowi6 checks ipv6: allow to cache dst for a connected sk in ip6_sk_dst_lookup_flo

[PATCH net v6 4/4] ipv6: udp: set dst cache for a connected sk if current not valid

ed datagram sk during pmtu update") Fixes: 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after encountering pmtu exception") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/udp.c | 21 ++--- 1 file changed, 2 insertions(+), 19 deletions(-

[PATCH net v6 1/4] ipv6: add a wrapper for ip6_dst_store() with flowi6 checks

, in ip6_sk_dst_lookup_flow(). Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- include/net/ip6_route.h | 3 +++ net/ipv6/datagram.c | 9 + net/ipv6/route.c| 17 + 3 files changed, 21 insertions(+), 8 deletions(-) diff --git a/include/net/ip6_rou

[PATCH net v5 2/3] ipv6: allow to cache dst for a connected sk in ip6_sk_dst_lookup_flow()

Add 'connected' argument to ip6_sk_dst_lookup_flow() and update the cache only if ip6_sk_dst_check() returns NULL and a socket is connected. The function is used as before, the new behavior for UDP sockets in udpv6_sendmsg() will be enabled in the next patch. Signed-off-by: Alexey Kodanev

[PATCH net v5 3/3] ipv6: udp6: set dst cache for a connected sk if current not valid

ed datagram sk during pmtu update") Fixes: 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after encountering pmtu exception") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/udp.c | 21 ++--- 1 file changed, 2 insertions(+), 19 deletions(-

[PATCH net v5 1/3] ipv6: add a wrapper for ip6_dst_store() with flowi6 checks

, in ip6_sk_dst_lookup_flow(). Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- include/net/ip6_route.h | 3 +++ net/ipv6/datagram.c | 9 + net/ipv6/route.c| 17 + 3 files changed, 21 insertions(+), 8 deletions(-) diff --git a/include/net/ip6_rou

[PATCH net v5 0/3] ipv6: udp6: set dst cache for a connected sk if current not valid

it is also mentioned in the first one Alexey Kodanev (3): ipv6: add a wrapper for ip6_dst_store() with flowi6 checks ipv6: allow to cache dst for a connected sk in ip6_sk_dst_lookup_flow() ipv6: udp6: set dst cache for a connected sk if current not valid include/net/ip6_route.h | 3 +++ includ

[PATCH net v4 2/3] ipv6: allow to cache dst for a connected sk in ip6_sk_dst_lookup_flow()

Add 'connected' argument to ip6_sk_dst_lookup_flow() and update the cache only if ip6_sk_dst_check() returns NULL and a socket is connected. The function is used as before, the new behavior for UDP sockets in udpv6_sendmsg() will be enabled in the next patch. Signed-off-by: Alexey Kodanev

[PATCH net v4 0/3] ipv6: udp6: set dst cache for a connected sk if current not valid

the issue not reproduced in 4.1, but starting from 4.2. Add one more 'Fixes:' commit that creates new RTF_CACHE route. Though, it is also mentioned in the first one Alexey Kodanev (3): ipv6: add a wrapper for ip6_dst_store() with flowi6 checks ipv6: allow to cache dst for a co

[PATCH net v4 3/3] ipv6: udp6: set dst cache for a connected sk if current not valid

ed datagram sk during pmtu update") Fixes: 45e4fd26683c ("ipv6: Only create RTF_CACHE routes after encountering pmtu exception") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/udp.c | 21 ++--- 1 file changed, 2 insertions(+), 19 deletions(-

[PATCH net v4 1/3] ipv6: add a wrapper for ip6_dst_store() with flowi6 checks

, in ip6_sk_dst_lookup_flow(). Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- include/net/ipv6.h| 3 ++- net/ipv6/datagram.c | 9 + net/ipv6/ip6_output.c | 17 + 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/include/net/ipv6.h b/include/net/

[PATCH net] ip6_gre: remove redundant 'tunnel' setting in ip6erspan_tap_init()

'tunnel' was already set at the start of ip6erspan_tap_init(). Fixes: 5a963eb61b7c ("ip6_gre: Add ERSPAN native tunnel support") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/ip6_gre.c | 1 - 1 file changed, 1 deletion(-) diff --git a/net/ipv6/ip6_

Re: [PATCH net v3 1/3] ipv6: move ip6_dst_store() calls with flowi6 checks to a wrapper

On 03/30/2018 01:14 PM, kbuild test robot wrote: > Hi Alexey, > > I love your patch! Perhaps something to improve: > > [auto build test WARNING on net/master] > > url: > https://github.com/0day-ci/linux/commits/Alexey-Kodanev/ipv6-move-ip6_dst_store-calls-with-fl

[PATCH net v3 3/3] ipv6: udp6: set dst cache for a connected sk if current not valid

ountering pmtu exception") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/udp.c | 21 ++--- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index e49dac4..da13c90 100644 --- a/net/ipv6/udp.c +++ b/net/

[PATCH net v3 0/3] ipv6: udp6: set dst cache for a connected sk if current not valid

the issue not reproduced in 4.1, but starting from 4.2. Add one more 'Fixes:' commit that creates new RTF_CACHE route. Though, it is also mentioned in the first one. Alexey Kodanev (3): ipv6: move ip6_dst_store() calls with flowi6 checks to a wrapper ipv6: allow to cache dst for co

[PATCH net v3 1/3] ipv6: move ip6_dst_store() calls with flowi6 checks to a wrapper

-by: Alexey Kodanev <alexey.koda...@oracle.com> --- include/net/ip6_route.h | 17 + net/ipv6/datagram.c | 9 + 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h index ac0866b..36c3946 100644 --- a/i

[PATCH net v3 2/3] ipv6: allow to cache dst for connected sk in ip6_sk_dst_lookup_flow()

Add 'connected' argument to ip6_sk_dst_lookup_flow() and update the cache only if ip6_sk_dst_check() returns NULL and a socket is connected. The function is used as before, the new behavior for UDP sockets in udpv6_sendmsg() will be enabled in the next patch. Signed-off-by: Alexey Kodanev

Re: [PATCH net v2] udp6: set dst cache for a connected sk before udp_v6_send_skb

On 27.03.2018 22:00, Martin KaFai Lau wrote: > On Tue, Mar 27, 2018 at 04:27:30PM +0300, Alexey Kodanev wrote: >> On 26.03.2018 20:02, Martin KaFai Lau wrote: >>> On Mon, Mar 26, 2018 at 05:48:47PM +0300, Alexey Kodanev wrote: >>>> After commit 33c162a980fe (&qu

Re: [PATCH net v2] udp6: set dst cache for a connected sk before udp_v6_send_skb

On 26.03.2018 20:02, Martin KaFai Lau wrote: > On Mon, Mar 26, 2018 at 05:48:47PM +0300, Alexey Kodanev wrote: >> After commit 33c162a980fe ("ipv6: datagram: Update dst cache of a >> connected datagram sk during pmtu update"), when the error occurs on >> sending

[PATCH net v2] udp6: set dst cache for a connected sk before udp_v6_send_skb

nt for dst, when passing it to ip6_dst_store() because after that the dst cache can be released by other calls to ip6_dst_store() with the same socket. Fixes: 33c162a980fe ("ipv6: datagram: Update dst cache of a connected datagram sk during pmtu update") Signed-off-by: Alexey Kodanev <al

Re: [PATCH net] udp6: set dst cache for a connected sk before udp_v6_send_skb

On 03/23/2018 08:13 PM, Alexey Kodanev wrote: > On 03/23/2018 06:50 PM, Eric Dumazet wrote: ... >>> + if (connected) >>> + ip6_dst_store(sk, dst, >>> + ipv6_addr_equal(, >sk_v6_daddr) ? >>> +

Re: [PATCH net] udp6: set dst cache for a connected sk before udp_v6_send_skb

On 03/23/2018 06:50 PM, Eric Dumazet wrote: > > > On 03/23/2018 07:39 AM, Alexey Kodanev wrote: >> After commit 33c162a980fe ("ipv6: datagram: Update dst cache of a >> connected datagram sk during pmtu update"), when the error occurs on >> se

[PATCH net] udp6: set dst cache for a connected sk before udp_v6_send_skb

estination release, as a result, the last one changes dst to the old one, preventing getting updated dst cache on the next udpv6_sendmsg() call. This patch moves ip6_dst_store() in udpv6_sendmsg(), so that it is invoked after ip6_sk_dst_lookup_flow() and before udp_v6_send_skb(). Signed-off-by: Alex

[PATCH net] dccp: check sk for closed state in dccp_sendmsg()

ced if commit 69c64866ce07 ("dccp: CVE-2017-8824: use-after-free in DCCP code") is applied. Reported-by: syzbot+f99ab3887ab65d70f...@syzkaller.appspotmail.com Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/dccp/proto.c | 5 + 1 file changed, 5 insertions(+) di

[PATCH net v3] sch_netem: fix skb leak in netem_enqueue()

o skb 'to_free' list. Add new __qdisc_drop_all() and qdisc_drop_all() functions because they can be useful in the future if we need to drop segmented GSO packets in other places. Fixes: 6071bd1aa13e ("netem: Segment GSO packets on enqueue") Signed-off-by: Alexey Kodanev <alexey.koda..

Re: [PATCH net] sch_netem: fix skb leak in netem_enqueue()

On 03/05/2018 06:13 PM, Eric Dumazet wrote: > On Mon, 2018-03-05 at 15:57 +0300, Alexey Kodanev wrote: >> >> +static inline void __qdisc_drop_all(struct sk_buff *skb, >> +   struct sk_buff **to_free) >> +{ >> + 

[PATCH net v2] sch_netem: fix skb leak in netem_enqueue()

o skb 'to_free' list. Add new __qdisc_drop_all() and qdisc_drop_all() functions because they can be useful in the future if we should drop segmented GSO packets in other places. Fixes: 6071bd1aa13e ("netem: Segment GSO packets on enqueue") Signed-off-by: Alexey Kodanev <alexey.koda...@or

Re: [PATCH net] sch_netem: fix skb leak in netem_enqueue()

On 03/03/2018 03:20 PM, Neil Horman wrote: > On Fri, Mar 02, 2018 at 09:16:48PM +0300, Alexey Kodanev wrote: >> When we exceed current packets limit and have more than one >> segment in the list returned by skb_gso_segment(), netem drops >> only the first one, skipping the

[PATCH net] sch_netem: fix skb leak in netem_enqueue()

skb 'to_free' list in that case. Fixes: 6071bd1aa13e ("netem: Segment GSO packets on enqueue") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/sched/sch_netem.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/net/sched/sch_netem.c b/net

[PATCH net] macvlan: fix use-after-free in macvlan_common_newlink()

: Fix one possible double free") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- drivers/net/macvlan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c index a0f2be8..8fc02d9 100644 --- a/drivers/net/macvlan.

[PATCH net] udplite: fix partial checksum initialization

eck() and only set the required pseudo header checksum for UDP-Lite with partial checksum before udp4_csum_init()/udp6_csum_init() functions return. Fixes: ed70fcfcee95 ("net: Call skb_checksum_init in IPv4") Fixes: e4f45b7f40bd ("net: Call skb_checksum_init in IPv6") Signed

[PATCH net v2] sctp: verify size of a new chunk in _sctp_make_chunk()

rying to allocate skb for it and discard a chunk if its size bigger than SCTP_MAX_CHUNK_LEN. Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: account for padding before checking chunklen net/sctp/sm_make_chunk.c | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/net

Re: [PATCH] sctp: verify size of a new chunk in _sctp_make_chunk()

On 09.02.2018 16:27, Marcelo Ricardo Leitner wrote: > On Fri, Feb 09, 2018 at 04:02:31PM +0300, Alexey Kodanev wrote: >> >> --- >> net/sctp/sm_make_chunk.c |7 ++- >> 1 files changed, 6 insertions(+), 1 deletions(-) >> >> diff --git a/net/sctp/sm_

[PATCH] sctp: verify size of a new chunk in _sctp_make_chunk()

rying to allocate skb for it and discard a chunk if its size bigger than SCTP_MAX_CHUNK_LEN. Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/sctp/sm_make_chunk.c |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chu

sctp: skb_over_panic on INIT/INIT_ACK packet sending

Hi, Got the following panic when the received INIT packet has a lot of address parameters, so that the INIT_ACK chunksize exceeds SCTP_MAX_CHUNK_LEN: [ 597.804948] skbuff: skb_over_panic: text:ffae06e4 len:120168 put:120156 head:7aa47635 data:d991c2de

[PATCH] sctp: fix dst refcnt leak in sctp_v6_get_dst()

for ipv6") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/sctp/ipv6.c | 10 +++--- 1 files changed, 7 insertions(+), 3 deletions(-) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index 5d4c15b..e35d4f7 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -326,8 +32

Re: sctp netns "unregister_netdevice: waiting for lo to become free. Usage count = 1"

On 02.02.2018 11:27, Tommi Rantala wrote: > 2018-02-02 1:57 GMT+02:00 Alexey Kodanev <alexey.koda...@oracle.com>: >> For ipv6 part, shouldn't we release 'bdst' there if the previous address >> match is better and we continue to the next iteration? > > Good catch! &

Re: sctp netns "unregister_netdevice: waiting for lo to become free. Usage count = 1"

On 01.02.2018 21:02, Tommi Rantala wrote: > 2018-01-31 19:51 GMT+02:00 Tommi Rantala : >> On 31.01.2018 14:31, Neil Horman wrote: >>> >>> On Wed, Jan 31, 2018 at 11:42:24AM +0200, Tommi Rantala wrote: I think there's a problem in the dst refcounting in

[PATCH net v2] dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state

_netdevice: waiting for bond0 to become free. Usage count = 148 Fixes: 2a91aa396739 ("[DCCP] CCID2: Initial CCID2 (TCP-Like) implementation") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: * corrected bug origin commit id * clarified commit message about sk_sto

Re: [PATCH net] dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state

On 01/25/2018 09:03 PM, Eric Dumazet wrote: > On Thu, 2018-01-25 at 20:43 +0300, Alexey Kodanev wrote: >> ccid2_hc_tx_rto_expire() timer callback always restarts the timer >> again and can run indefinitely (unless it is stopped outside), and >> after commit 120e9

[PATCH net] dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state

148 Fixes: 120e9dabaf55 ("dccp: defer ccid_hc_tx_delete() at dismantle time") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/dccp/ccids/ccid2.c |3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/net/dccp/ccids/ccid2.c b/net/dccp/ccids/ccid

[PATCH net v2] ip6_gre: init dev->mtu and dev->hard_header_len correctly

ixes: b05229f44228 ("gre6: Cleanup GREv6 transmit path, call common GRE functions") Fixes: db2ec95d1ba4 ("ip6_gre: Fix MTU setting") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: Instead of checking whether dev->mtu equals zero or not in ip6gre

Re: [PATCH net] ip6_gre: init dev->mtu and dev->hard_header_len correctly

On 01/16/2018 07:32 PM, David Miller wrote: > From: Alexey Kodanev <alexey.koda...@oracle.com> > Date: Thu, 11 Jan 2018 16:02:54 +0300 > >> For ip6gretap, reset dev->mtu to zero in ip6gre_tap_setup() >> after ether_setup(), in order for

[PATCH net] ip6_gre: init dev->mtu and dev->hard_header_len correctly

ip6gretap, reset dev->mtu to zero in ip6gre_tap_setup() after ether_setup(), in order for it to work with the new check in ip6gre_tunnel_init_common(). Fixes: b05229f44228 ("gre6: Cleanup GREv6 transmit path, call common GRE functions") Fixes: db2ec95d1ba4 ("ip6_gre: Fix

[PATCH net] ip6_gre: fix device features for ioctl setup

RES on NETIF_F_HIGHDMA line. * fixed the issue reported by checkpatch: "Unnecessary parentheses around 'nt->encap.type == TUNNEL_ENCAP_NONE'" Fixes: ac4eb009e477 ("ip6gre: Add support for basic offloads offloads excluding GSO") Signed-off-by: Alexey Kodanev <alexey.koda

[PATCH net-next v4] ip6_vti: adjust vti mtu according to mtu of lower device

li add vti6 type vti6 local fd00::2 remote fd00::1 # ip li show vti6 vti6@NONE: <POINTOPOINT,NOARP> mtu 8832 ... link/tunnel6 fd00::2 peer fd00::1 Reported-by: Petr Vorel <pvo...@suse.cz> Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v4: * remove

[PATCH v2] vxlan: restore dev->mtu setting based on lower device

tion. Since max_mtu can be negative and we update dev->mtu directly, also check it for valid minimum. Reported-by: Junhan Yan <ju...@redhat.com> Fixes: a985343ba906 ("vxlan: refactor verification and application of configuration") Signed-off-by: Alexey Kodanev <alexey.koda...@or

Re: [PATCH net] vxlan: Restore initial MTU setting based on lower device

On 12/14/2017 03:36 PM, Stefano Brivio wrote: > On Thu, 14 Dec 2017 14:23:36 +0300 > Alexey Kodanev <alexey.koda...@oracle.com> wrote: > >> On 12/14/2017 03:31 AM, Stefano Brivio wrote: ... >> >> if we move it up in "if (lowerdev) { ..." branch we will b

[PATCH net-next v3] ip6_vti: adjust vti mtu according to mtu of output device

ip li show vti6 vti6@NONE: <POINTOPOINT,NOARP> mtu 8832 ... link/tunnel6 fd00::2 peer fd00::1 Regarding ip_vti, it already tunes MTU with ip_tunnel_bind_dev(). Reported-by: Petr Vorel <pvo...@suse.cz> Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> Acke

Re: [PATCH net] vxlan: Restore initial MTU setting based on lower device

On 12/14/2017 03:31 AM, Stefano Brivio wrote: > On Thu, 14 Dec 2017 01:25:40 +0100 > Matthias Schiffer wrote: > >> On 12/14/2017 01:10 AM, Stefano Brivio wrote: >>> On Thu, 14 Dec 2017 00:57:32 +0100 >>> Matthias Schiffer wrote:

[PATCH net-next v2] ip6_vti: adjust vti mtu according to mtu of output device

ip li show vti6 vti6@NONE: <POINTOPOINT,NOARP> mtu 8832 ... link/tunnel6 fd00::2 peer fd00::1 Regarding ip_vti, it already tunes MTU with ip_tunnel_bind_dev(). Reported-by: Petr Vorel <pvo...@suse.cz> Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: * clea

[PATCH net-next] ip6_vti: adjust vti mtu according to mtu of output device

10.0.0.1 Reported-by: Petr Vorel <pvo...@suse.cz> Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- ip6_vti mtu offset is the same (168) as in ip_vti because ip_vti offset includes two sizes of struct iphdr: in dev->hard_header_len and in t_hlen in ip_tunnel_bind_dev()

Re: ipsec: ipcomp alg problem on vti interface

On 11/27/2017 03:07 PM, Steffen Klassert wrote: > On Wed, Nov 22, 2017 at 07:06:13PM +0300, Alexey Kodanev wrote: >> Hi Steffen, >> >> LTP has vti test-cases which fail on ipcomp alg, e.g. >> "tcp_ipsec_vti.sh -p comp -m tunnel -s 100" >> >> Basic

ipsec: ipcomp alg problem on vti interface

Hi Steffen, LTP has vti test-cases which fail on ipcomp alg, e.g. "tcp_ipsec_vti.sh -p comp -m tunnel -s 100" Basically, the setupconsists of the following commands: ip li add ltp_vti0 type vti local 10.0.0.2 remote 10.0.0.1 key 10 dev ltp_ns_veth2 ip li set ltp_vti0 up ip -4 xf st add src

Re: [PATCH 2/2] ip6_tunnel: pass tun_dst arg from ip6_tnl_rcv() to __ip6_tnl_rcv()

On 11/19/2017 06:22 AM, David Miller wrote: > From: Alexey Kodanev <alexey.koda...@oracle.com> > Date: Fri, 17 Nov 2017 19:16:18 +0300 > >> Otherwise tun_dst argument is unused there. Currently, ip6_tnl_rcv() >> invoked with tun_dst set to NULL, so there is no a

[PATCH 1/2] gre6: use log_ecn_error module parameter in ip6_tnl_rcv()

After commit 308edfdf1563 ("gre6: Cleanup GREv6 receive path, call common GRE functions") it's not used anywhere in the module, but previously was used in ip6gre_rcv(). Fixes: 308edfdf1563 ("gre6: Cleanup GREv6 receive path, call common GRE functions") Signed-off-by: Alexey

[PATCH 2/2] ip6_tunnel: pass tun_dst arg from ip6_tnl_rcv() to __ip6_tnl_rcv()

Otherwise tun_dst argument is unused there. Currently, ip6_tnl_rcv() invoked with tun_dst set to NULL, so there is no actual functional changes introduced in this patch. Fixes: 0d3c703a9d17 ("ipv6: Cleanup IPv6 tunnel receive path") Signed-off-by: Alexey Kodanev <alexey.koda.

[PATCH v2] gso: fix payload length when gso_size is zero

. The issue was found with LTP vxlan & gre tests over ixgbe NIC. Fixes: 07b26c9454a2 ("gso: Support partial splitting at the frag_list pointer") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: also added skb_is_gso to gre_gso_segment() and __skb_udp_tunnel_

Re: [PATCH] ipv6: gso: fix payload length when gso_size is zero

On 10/05/2017 09:58 PM, Duyck, Alexander H wrote: > On Thu, 2017-10-05 at 20:06 +0300, Alexey Kodanev wrote: >> When gso_size reset to zero for the tail segment in skb_segment(), later >> in ipv6_gso_segment(), we will get incorrect payload_len for that segment. >> inet_gso_

[PATCH] ipv6: gso: fix payload length when gso_size is zero

gre tests over ixgbe NIC. Fixes: 07b26c9454a2 ("gso: Support partial splitting at the frag_list pointer") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv6/ip6_offload.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv6/ip6_

[PATCH] vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit

") Fixes: 22e1b23dafa8 ("vti6: Support inter address family tunneling.") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv4/ip_vti.c |3 ++- net/ipv6/ip6_vti.c |3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/net/ipv4/ip_vt

[PATCH] vti: fix NULL dereference in xfrm_input()

t NULL. Fixes: 7e9e9202bccc ("xfrm: Clear RX SKB secpath xfrm_offload") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/xfrm/xfrm_input.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c

[PATCH net-next] tcp: rename *_sequence_number() to *_seq_and_tsoff()

The functions that are returning tcp sequence number also setup TS offset value, so rename them to better describe their purpose. No functional changes in this patch. Suggested-by: Eric Dumazet <eduma...@google.com> Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> ---

[PATCH v2] udp: avoid ufo handling on IP payload compression packets

inter to 'xfrm_state' struct, skip UFO if xfrm is set. So the new check will include both cases: IPcomp and IPsec. Fixes: c146066ab802 ("ipv4: Don't use ufo handling on later transformed packets") Fixes: f89c56ce710a ("ipv6: Don't use ufo handling on later transformed packets")

[PATCH] udp: avoid ufo handling on IP payload compression packets

inter to 'xfrm_state' struct, skip UFO if xfrm is set. So the new check will include both cases: IPcomp and IPsec. Fixes: c146066ab802 ("ipv4: Don't use ufo handling on later transformed packets") Fixes: f89c56ce710a ("ipv6: Don't use ufo handling on later transformed packets")

Re: [PATCH v2 1/2] tcp: setup timestamp offset when write_seq already set

On 02/22/2017 04:17 PM, Eric Dumazet wrote: > On Wed, 2017-02-22 at 13:23 +0300, Alexey Kodanev wrote: >> ... >> >> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c >> index fe9da4f..c5169b8 100644 >> --- a/net/ipv4/tcp_ipv4.c >> +++ b/net/ipv

[PATCH v2 2/2] tcp: account for ts offset only if tsecr not zero

We can get SYN with zero tsecr, don't apply offset in this case. Fixes: ee684b6f2830 ("tcp: send packets with a socket timestamp") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- v2: no changes from the previous version net/ipv4/tcp_minisocks.c |3 ++- 1

[PATCH v2 1/2] tcp: setup timestamp offset when write_seq already set

459967184 ecr 1547117608 < R seq 1956911535 win 0 length 0 +1. < S seq 1956977072 win 43690 TS val 296640 ecr 459956970 > S. seq 657450664 ack 1956977073 win 43690 TS val 459968205 ecr 296640 Fixes: 95a22caee396 ("tcp: randomize tcp timestamp offsets for each connection

Re: [PATCH 1/2] tcp: setup random timestamp offset when write_seq already set

On 20.02.2017 18:18, David Miller wrote: > This would be so much easier to understand if it were coded as: > if (!tp->repair) { > seq = secure_tcp_sequence_number(...); > if (!tp->write_seq) > tp->write_seq = seq; > } Hi David,

Re: [PATCH 1/2] tcp: setup random timestamp offset when write_seq already set

Hi, On 18.02.2017 3:56, Alexey Kodanev wrote: > Found that when random offset enabled (default) TCP client can > still start new connections with and without random offsets. Later, > if server does active close and re-use sockets in TIME-WAIT state, > new SYN from client can be reje

[PATCH 1/2] tcp: setup random timestamp offset when write_seq already set

+1. < S seq 1956977072 win 43690 TS val 296640 ecr 459956970 > S. seq 657450664 ack 1956977073 win 43690 TS val 459968205 ecr 296640 Fixes: 95a22caee396 ("tcp: randomize tcp timestamp offsets for each connection") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com&

[PATCH 2/2] tcp: account for ts offset only if tsecr not zero

We can get SYN with zero tsecr, don't apply offset in this case. Fixes: ee684b6f2830 ("tcp: send packets with a socket timestamp") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv4/tcp_minisocks.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-)

[PATCH] tcp: initialize max window for a new fastopen socket

quot;tcp: TCP Fast Open Server - main code path") Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> --- net/ipv4/tcp_fastopen.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c index f519195..dd2560c 100644 --- a

Re: resend: tcp: performance issue with fastopen connections (mss > window)

Hi Eric, On 01/13/2017 08:07 PM, Alexey Kodanev wrote: Hi Eric, On 13.01.2017 18:35, Eric Dumazet wrote: I would suggest to clamp MSS to half the initial window, but I guess this is impractical since window in SYN/SYNACK are not scaled. Looks like max_window not correctly initialized

Re: resend: tcp: performance issue with fastopen connections (mss > window)

Hi Eric, On 13.01.2017 18:35, Eric Dumazet wrote: > On Fri, 2017-01-13 at 18:01 +0300, Alexey Kodanev wrote: >> Hi, >> >> Got the issue when running LTP/netstress test on localhost with mss >> greater than the send window advertised by client (right after 3WHS).

  1   2   >