Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.6.132 2023-08-15T21:54:44+00:00 2023-08-15T21:54:44+00:00 Jakub Kicinski kuba@kernel.org 2023-08-14T21:47:16+00:00 urn:sha1:bffcc6882a1bb2be8c9420184966f4c2c822078e Only three families use info->userhdr today and going forward we discourage using fixed headers in new families. So having the pointer to user header in struct genl_info is an overkill. Compute the header pointer at runtime. Reviewed-by: Johannes Berg <johannes@sipsolutions.net> Reviewed-by: Jiri Pirko <jiri@nvidia.com> Reviewed-by: Aaron Conole <aconole@redhat.com> Link: https://lore.kernel.org/r/20230814214723.2924989-4-kuba@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org> 2023-05-18T04:25:46+00:00 Christophe JAILLET christophe.jaillet@wanadoo.fr 2023-05-06T16:04:16+00:00 urn:sha1:b50a8b0d57ab1ef11492171e98a030f48682eac3 Use struct_size() instead of hand writing it. This is less verbose and more informative. Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Acked-by: Eelco Chaudron <echaudro@redhat.com> Link: https://lore.kernel.org/r/e7746fbbd62371d286081d5266e88bbe8d3fe9f0.1683388991.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jakub Kicinski <kuba@kernel.org> 2023-02-13T09:38:25+00:00 Hangyu Hua hbh25y@gmail.com 2023-02-10T02:05:51+00:00 urn:sha1:2fa28f5c6fcbfc794340684f36d2581b4f2d20b5 old_meter needs to be free after it is detached regardless of whether the new meter is successfully attached. Fixes: c7c4c44c9a95 ("net: openvswitch: expand the meters supported number") Signed-off-by: Hangyu Hua <hbh25y@gmail.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Reviewed-by: Simon Horman <simon.horman@corigine.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2022-09-27T09:31:36+00:00 Michael Weiß michael.weiss@aisec.fraunhofer.de 2022-09-23T13:38:19+00:00 urn:sha1:8039371847174ff37dc3d02e83cd789dbb6140b0 The Netlink interface for metering was restricted to global CAP_NET_ADMIN by using GENL_ADMIN_PERM. To allow metring in a non-inital user namespace, e.g., a container, this is changed to GENL_UNS_ADMIN_PERM. Signed-off-by: Michael Weiß <michael.weiss@aisec.fraunhofer.de> Signed-off-by: Paolo Abeni <pabeni@redhat.com> 2022-08-29T11:47:15+00:00 Jakub Kicinski kuba@kernel.org 2022-08-25T00:18:30+00:00 urn:sha1:9c5d03d362519f36cd551aec596388f895c93d2d We had historically not checked that genlmsghdr.reserved is 0 on input which prevents us from using those precious bytes in the future. One use case would be to extend the cmd field, which is currently just 8 bits wide and 256 is not a lot of commands for some core families. To make sure that new families do the right thing by default put the onus of opting out of validation on existing families. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Acked-by: Paul Moore <paul@paul-moore.com> (NetLabel) Signed-off-by: David S. Miller <davem@davemloft.net> 2021-11-06T20:30:43+00:00 Mianhan Liu liumh1@shanghaitech.edu.cn 2021-11-05T20:45:21+00:00 urn:sha1:a1554c002699cbc9ced2e9f44f9c1357181bead3 nr_free_buffer_pages could be exposed through mm.h instead of swap.h. The advantage of this change is that it can reduce the obsolete includes. For example, net/ipv4/tcp.c wouldn't need swap.h any more since it has already included mm.h. Similarly, after checking all the other files, it comes that tcp.c, udp.c meter.c ,... follow the same rule, so these files can have swap.h removed too. Moreover, after preprocessing all the files that use nr_free_buffer_pages, it turns out that those files have already included mm.h.Thus, we can move nr_free_buffer_pages from swap.h to mm.h safely. This change will not affect the compilation of other files. Link: https://lkml.kernel.org/r/20210912133640.1624-1-liumh1@shanghaitech.edu.cn Signed-off-by: Mianhan Liu <liumh1@shanghaitech.edu.cn> Cc: Jakub Kicinski <kuba@kernel.org> CC: Ulf Hansson <ulf.hansson@linaro.org> Cc: "David S . Miller" <davem@davemloft.net> Cc: Simon Horman <horms@verge.net.au> Cc: Pravin B Shelar <pshelar@ovn.org> Cc: Vlad Yasevich <vyasevich@gmail.com> Cc: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Cc: Matthew Wilcox <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2021-05-13T22:54:59+00:00 Tao Liu thomas.liu@ucloud.cn 2021-05-13T13:08:00+00:00 urn:sha1:e4df1b0c24350a0f00229ff895a91f1072bd850d We have observed meters working unexpected if traffic is 3+Gbit/s with multiple connections. now_ms is not pretected by meter->lock, we may get a negative long_delta_ms when another cpu updated meter->used, then: delta_ms = (u32)long_delta_ms; which will be a large value. band->bucket += delta_ms * band->rate; then we get a wrong band->bucket. OpenVswitch userspace datapath has fixed the same issue[1] some time ago, and we port the implementation to kernel datapath. [1] https://patchwork.ozlabs.org/project/openvswitch/patch/20191025114436.9746-1-i.maximets@ovn.org/ Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure") Signed-off-by: Tao Liu <thomas.liu@ucloud.cn> Suggested-by: Ilya Maximets <i.maximets@ovn.org> Reviewed-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2021-04-23T20:08:47+00:00 Ilya Maximets i.maximets@ovn.org 2021-04-21T13:57:47+00:00 urn:sha1:7d742b509dd773f6ae2f32ffe3d2c0f3ea598a6d Implementation of meters supposed to be a classic token bucket with 2 typical parameters: rate and burst size. Burst size in this schema is the maximum number of bytes/packets that could pass without being rate limited. Recent changes to userspace datapath made meter implementation to be in line with the kernel one, and this uncovered several issues. The main problem is that maximum bucket size for unknown reason accounts not only burst size, but also the numerical value of rate. This creates a lot of confusion around behavior of meters. For example, if rate is configured as 1000 pps and burst size set to 1, this should mean that meter will tolerate bursts of 1 packet at most, i.e. not a single packet above the rate should pass the meter. However, current implementation calculates maximum bucket size as (rate + burst size), so the effective bucket size will be 1001. This means that first 1000 packets will not be rate limited and average rate might be twice as high as the configured rate. This also makes it practically impossible to configure meter that will have burst size lower than the rate, which might be a desirable configuration if the rate is high. Inability to configure low values of a burst size and overall inability for a user to predict what will be a maximum and average rate from the configured parameters of a meter without looking at the OVS and kernel code might be also classified as a security issue, because drop meters are frequently used as a way of protection from DoS attacks. This change removes rate from the calculation of a bucket size, making it in line with the classic token bucket algorithm and essentially making the rate and burst tolerance being predictable from a users' perspective. Same change proposed for the userspace implementation. Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure") Signed-off-by: Ilya Maximets <i.maximets@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2020-11-03T01:34:26+00:00 YueHaibing yuehaibing@huawei.com 2020-10-31T06:01:53+00:00 urn:sha1:92f9e238c909ef9b4a138f47bdca856fc0c8b78a Fix smatch warning: net/openvswitch/meter.c:427 ovs_meter_cmd_set() warn: passing zero to 'PTR_ERR' dp_meter_create() never returns NULL, use IS_ERR instead of IS_ERR_OR_NULL to fix this. Signed-off-by: YueHaibing <yuehaibing@huawei.com> Acked-by: Tonghao Zhang <xiangxia.m.yue@gmail.com> Link: https://lore.kernel.org/r/20201031060153.39912-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> 2020-10-05T04:13:36+00:00 Rikard Falkeborn rikard.falkeborn@gmail.com 2020-10-04T23:44:17+00:00 urn:sha1:b980b313e5a2ace214322af9f3183c269b5c55ae The only usage of these is to assign their address to the small_ops field in the genl_family struct, which is a const pointer, and applying ARRAY_SIZE() on them. Make them const to allow the compiler to put them in read-only memory. Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>