1. 06 Mar, 2022 1 commit
  2. 01 Mar, 2022 1 commit
    • Lina Wang's avatar
      xfrm: fix tunnel model fragmentation behavior · 4ff2980b
      Lina Wang authored
      in tunnel mode, if outer interface(ipv4) is less, it is easily to let
      inner IPV6 mtu be less than 1280. If so, a Packet Too Big ICMPV6 message
      is received. When send again, packets are fragmentized with 1280, they
      are still rejected with ICMPV6(Packet Too Big) by xfrmi_xmit2().
      
      According to RFC4213 Section3.2.2:
      if (IPv4 path MTU - 20) is less than 1280
      	if packet is larger than 1280 bytes
      		Send ICMPv6 "packet too big" with MTU=1280
                      Drop packet
              else
      		Encapsulate but do not set the Don't Fragment
                      flag in the IPv4 header.  The resulting IPv4
                      packet might be fragmented by the IPv4 layer
                      on the encapsulator or by some router along
                      the IPv4 path.
      	endif
      else
      	if packet is larger than (IPv4 path MTU - 20)
              	Send ICMPv6 "packet too big" with
                      MTU = (IPv4 path MTU - 20).
                      Drop packet.
              else
                      Encapsulate and set the Don't Fragment flag
                      in the IPv4 header.
              endif
      endif
      Packets should be fragmentized with ipv4 outer interface, so change it.
      
      After it is fragemtized with ipv4, there will be double fragmenation.
      No.48 & No.51 are ipv6 fragment packets, No.48 is double fragmentized,
      then tunneled with IPv4(No.49& No.50), which obey spec. And received peer
      cannot decrypt it rightly.
      
      48              2002::10        2002::11 1296(length) IPv6 fragment (off=0 more=y ident=0xa20da5bc nxt=50)
      49   0x0000 (0) 2002::10        2002::11 1304         IPv6 fragment (off=0 more=y ident=0x7448042c nxt=44)
      50   0x0000 (0) 2002::10        2002::11 200          ESP (SPI=0x00035000)
      51              2002::10        2002::11 180          Echo (ping) request
      52   0x56dc     2002::10        2002::11 248          IPv6 fragment (off=1232 more=n ident=0xa20da5bc nxt=50)
      
      xfrm6_noneed_fragment has fixed above issues. Finally, it acted like below:
      1   0x6206 192.168.1.138   192.168.1.1 1316 Fragmented IP protocol (proto=Encap Security Payload 50, off=0, ID=6206) [Reassembled in #2]
      2   0x6206 2002::10        2002::11    88   IPv6 fragment (off=0 more=y ident=0x1f440778 nxt=50)
      3   0x0000 2002::10        2002::11    248  ICMPv6    Echo (ping) request
      Signed-off-by: default avatarLina Wang <lina.wang@mediatek.com>
      Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
      4ff2980b
  3. 26 Feb, 2022 1 commit
    • David S. Miller's avatar
      Merge branch '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue · 519ca6fa
      David S. Miller authored
      Tony Nguyen says:
      
      ====================
      Intel Wired LAN Driver Updates 2022-02-25
      
      This series contains updates to iavf driver only.
      
      Slawomir fixes stability issues that can be seen when stressing the
      driver using a large number of VFs with a multitude of operations.
      Among the fixes are reworking mutexes to provide more effective locking,
      ensuring initialization is complete before teardown, preventing
      operations which could race while removing the driver, stopping certain
      tasks from being queued when the device is down, and adding a missing
      mutex unlock.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      519ca6fa
  4. 25 Feb, 2022 35 commits
  5. 24 Feb, 2022 2 commits
    • Linus Torvalds's avatar
      Merge tag 'pci-v5.17-fixes-5' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci · d8152cfe
      Linus Torvalds authored
      Pull pci fixes from Bjorn Helgaas:
      
       - Fix a merge error that broke PCI device enumeration on mvebu
         platforms, including Turris Omnia (Armada 385) (Pali Rohár)
      
       - Avoid using ATS on all AMD Navi10 and Navi14 GPUs because some
         VBIOSes don't account for "harvested" (disabled) parts of the chip
         when initializing caches (Alex Deucher)
      
      * tag 'pci-v5.17-fixes-5' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
        PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken
        PCI: mvebu: Fix device enumeration regression
      d8152cfe
    • Linus Torvalds's avatar
      Merge tag 'net-5.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · f672ff91
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Including fixes from bpf and netfilter.
      
        Current release - regressions:
      
         - bpf: fix crash due to out of bounds access into reg2btf_ids
      
         - mvpp2: always set port pcs ops, avoid null-deref
      
         - eth: marvell: fix driver load from initrd
      
         - eth: intel: revert "Fix reset bw limit when DCB enabled with 1 TC"
      
        Current release - new code bugs:
      
         - mptcp: fix race in overlapping signal events
      
        Previous releases - regressions:
      
         - xen-netback: revert hotplug-status changes causing devices to not
           be configured
      
         - dsa:
            - avoid call to __dev_set_promiscuity() while rtnl_mutex isn't
              held
            - fix panic when removing unoffloaded port from bridge
      
         - dsa: microchip: fix bridging with more than two member ports
      
        Previous releases - always broken:
      
         - bpf:
            - fix crash due to incorrect copy_map_value when both spin lock
              and timer are present in a single value
            - fix a bpf_timer initialization issue with clang
            - do not try bpf_msg_push_data with len 0
            - add schedule points in batch ops
      
         - nf_tables:
            - unregister flowtable hooks on netns exit
            - correct flow offload action array size
            - fix a couple of memory leaks
      
         - vsock: don't check owner in vhost_vsock_stop() while releasing
      
         - gso: do not skip outer ip header in case of ipip and net_failover
      
         - smc: use a mutex for locking "struct smc_pnettable"
      
         - openvswitch: fix setting ipv6 fields causing hw csum failure
      
         - mptcp: fix race in incoming ADD_ADDR option processing
      
         - sysfs: add check for netdevice being present to speed_show
      
         - sched: act_ct: fix flow table lookup after ct clear or switching
           zones
      
         - eth: intel: fixes for SR-IOV forwarding offloads
      
         - eth: broadcom: fixes for selftests and error recovery
      
         - eth: mellanox: flow steering and SR-IOV forwarding fixes
      
        Misc:
      
         - make __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor
           friends not report freed skbs as drops
      
         - force inlining of checksum functions in net/checksum.h"
      
      * tag 'net-5.17-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (85 commits)
        net: mv643xx_eth: process retval from of_get_mac_address
        ping: remove pr_err from ping_lookup
        Revert "i40e: Fix reset bw limit when DCB enabled with 1 TC"
        openvswitch: Fix setting ipv6 fields causing hw csum failure
        ipv6: prevent a possible race condition with lifetimes
        net/smc: Use a mutex for locking "struct smc_pnettable"
        bnx2x: fix driver load from initrd
        Revert "xen-netback: Check for hotplug-status existence before watching"
        Revert "xen-netback: remove 'hotplug-status' once it has served its purpose"
        net/mlx5e: Fix VF min/max rate parameters interchange mistake
        net/mlx5e: Add missing increment of count
        net/mlx5e: MPLSoUDP decap, fix check for unsupported matches
        net/mlx5e: Fix MPLSoUDP encap to use MPLS action information
        net/mlx5e: Add feature check for set fec counters
        net/mlx5e: TC, Skip redundant ct clear actions
        net/mlx5e: TC, Reject rules with forward and drop actions
        net/mlx5e: TC, Reject rules with drop and modify hdr action
        net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
        net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
        net/mlx5: Fix possible deadlock on rule deletion
        ...
      f672ff91