2019-05-27 09:55:01 +03:00
// SPDX-License-Identifier: GPL-2.0-or-later
2005-04-17 02:20:36 +04:00
/*
* INET An implementation of the TCP / IP protocol suite for the LINUX
* operating system . INET is implemented using the BSD Socket
* interface as the means of communication with the user level .
*
* PF_INET protocol family socket handler .
*
2005-05-06 03:16:16 +04:00
* Authors : Ross Biro
2005-04-17 02:20:36 +04:00
* Fred N . van Kempen , < waltje @ uWalt . NL . Mugnet . ORG >
* Florian La Roche , < flla @ stud . uni - sb . de >
* Alan Cox , < A . Cox @ swansea . ac . uk >
*
* Changes ( see also sock . c )
*
* piggy ,
* Karl Knutson : Socket protocol table
* A . N . Kuznetsov : Socket death error in accept ( ) .
* John Richardson : Fix non blocking error in connect ( )
* so sockets that fail to connect
* don ' t return - EINPROGRESS .
* Alan Cox : Asynchronous I / O support
* Alan Cox : Keep correct socket pointer on sock
* structures
* when accept ( ) ed
* Alan Cox : Semantics of SO_LINGER aren ' t state
* moved to close when you look carefully .
* With this fixed and the accept bug fixed
* some RPC stuff seems happier .
* Niibe Yutaka : 4.4 BSD style write async I / O
* Alan Cox ,
* Tony Gale : Fixed reuse semantics .
* Alan Cox : bind ( ) shouldn ' t abort existing but dead
* sockets . Stops FTP netin : . . I hope .
* Alan Cox : bind ( ) works correctly for RAW sockets .
* Note that FreeBSD at least was broken
* in this respect so be careful with
* compatibility tests . . .
* Alan Cox : routing cache support
* Alan Cox : memzero the socket structure for
* compactness .
* Matt Day : nonblock connect error handler
* Alan Cox : Allow large numbers of pending sockets
* ( eg for big web sites ) , but only if
* specifically application requested .
* Alan Cox : New buffering throughout IP . Used
* dumbly .
* Alan Cox : New buffering now used smartly .
* Alan Cox : BSD rather than common sense
* interpretation of listen .
* Germano Caronni : Assorted small races .
* Alan Cox : sendmsg / recvmsg basic support .
* Alan Cox : Only sendmsg / recvmsg now supported .
* Alan Cox : Locked down bind ( see security list ) .
* Alan Cox : Loosened bind a little .
* Mike McLagan : ADD / DEL DLCI Ioctls
* Willy Konynenberg : Transparent proxying support .
* David S . Miller : New socket lookup architecture .
* Some other random speedups .
* Cyrus Durgin : Cleaned up file for kmod hacks .
* Andi Kleen : Fix inet_stream_connect TCP race .
*/
2012-03-12 11:03:32 +04:00
# define pr_fmt(fmt) "IPv4: " fmt
2006-06-22 14:02:40 +04:00
# include <linux/err.h>
2005-04-17 02:20:36 +04:00
# include <linux/errno.h>
# include <linux/types.h>
# include <linux/socket.h>
# include <linux/in.h>
# include <linux/kernel.h>
2016-07-11 23:37:51 +03:00
# include <linux/kmod.h>
2005-04-17 02:20:36 +04:00
# include <linux/sched.h>
# include <linux/timer.h>
# include <linux/string.h>
# include <linux/sockios.h>
# include <linux/net.h>
2006-01-11 23:17:47 +03:00
# include <linux/capability.h>
2005-04-17 02:20:36 +04:00
# include <linux/fcntl.h>
# include <linux/mm.h>
# include <linux/interrupt.h>
# include <linux/stat.h>
# include <linux/init.h>
# include <linux/poll.h>
# include <linux/netfilter_ipv4.h>
2007-03-23 21:40:27 +03:00
# include <linux/random.h>
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 11:04:11 +03:00
# include <linux/slab.h>
2005-04-17 02:20:36 +04:00
2016-12-24 22:46:01 +03:00
# include <linux/uaccess.h>
2005-04-17 02:20:36 +04:00
# include <linux/inet.h>
# include <linux/igmp.h>
2005-12-27 07:43:12 +03:00
# include <linux/inetdevice.h>
2005-04-17 02:20:36 +04:00
# include <linux/netdevice.h>
2008-12-16 10:41:09 +03:00
# include <net/checksum.h>
2005-04-17 02:20:36 +04:00
# include <net/ip.h>
# include <net/protocol.h>
# include <net/arp.h>
# include <net/route.h>
# include <net/ip_fib.h>
2005-08-10 07:11:56 +04:00
# include <net/inet_connection_sock.h>
2021-11-15 20:05:51 +03:00
# include <net/gro.h>
2005-04-17 02:20:36 +04:00
# include <net/tcp.h>
# include <net/udp.h>
2006-11-27 22:10:57 +03:00
# include <net/udplite.h>
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
# include <net/ping.h>
2005-04-17 02:20:36 +04:00
# include <linux/skbuff.h>
# include <net/sock.h>
# include <net/raw.h>
# include <net/icmp.h>
# include <net/inet_common.h>
2015-07-23 11:08:44 +03:00
# include <net/ip_tunnels.h>
2005-04-17 02:20:36 +04:00
# include <net/xfrm.h>
2008-07-18 15:01:44 +04:00
# include <net/net_namespace.h>
2013-04-29 09:58:52 +04:00
# include <net/secure_seq.h>
2005-04-17 02:20:36 +04:00
# ifdef CONFIG_IP_MROUTE
# include <linux/mroute.h>
# endif
2015-09-30 06:07:14 +03:00
# include <net/l3mdev.h>
2020-05-18 09:28:08 +03:00
# include <net/compat.h>
2005-04-17 02:20:36 +04:00
2017-12-20 06:12:51 +03:00
# include <trace/events/sock.h>
2005-04-17 02:20:36 +04:00
/* The inetsw table contains everything that inet_create needs to
* build a new socket .
*/
static struct list_head inetsw [ SOCK_MAX ] ;
static DEFINE_SPINLOCK ( inetsw_lock ) ;
/* New destruction routine */
void inet_sock_destruct ( struct sock * sk )
{
struct inet_sock * inet = inet_sk ( sk ) ;
__skb_queue_purge ( & sk - > sk_receive_queue ) ;
__skb_queue_purge ( & sk - > sk_error_queue ) ;
2021-09-29 20:25:11 +03:00
sk_mem_reclaim_final ( sk ) ;
2007-12-31 11:29:24 +03:00
2005-04-17 02:20:36 +04:00
if ( sk - > sk_type = = SOCK_STREAM & & sk - > sk_state ! = TCP_CLOSE ) {
2009-08-29 10:45:21 +04:00
pr_err ( " Attempt to release TCP socket in state %d %p \n " ,
2005-04-17 02:20:36 +04:00
sk - > sk_state , sk ) ;
return ;
}
if ( ! sock_flag ( sk , SOCK_DEAD ) ) {
2009-08-29 10:45:21 +04:00
pr_err ( " Attempt to release alive inet socket %p \n " , sk ) ;
2005-04-17 02:20:36 +04:00
return ;
}
2022-06-08 19:04:33 +03:00
WARN_ON_ONCE ( atomic_read ( & sk - > sk_rmem_alloc ) ) ;
WARN_ON_ONCE ( refcount_read ( & sk - > sk_wmem_alloc ) ) ;
WARN_ON_ONCE ( sk - > sk_wmem_queued ) ;
WARN_ON_ONCE ( sk_forward_alloc_get ( sk ) ) ;
2005-04-17 02:20:36 +04:00
2011-04-21 13:45:37 +04:00
kfree ( rcu_dereference_protected ( inet - > inet_opt , 1 ) ) ;
2019-03-31 12:03:02 +03:00
dst_release ( rcu_dereference_protected ( sk - > sk_dst_cache , 1 ) ) ;
inet: fully convert sk->sk_rx_dst to RCU rules
syzbot reported various issues around early demux,
one being included in this changelog [1]
sk->sk_rx_dst is using RCU protection without clearly
documenting it.
And following sequences in tcp_v4_do_rcv()/tcp_v6_do_rcv()
are not following standard RCU rules.
[a] dst_release(dst);
[b] sk->sk_rx_dst = NULL;
They look wrong because a delete operation of RCU protected
pointer is supposed to clear the pointer before
the call_rcu()/synchronize_rcu() guarding actual memory freeing.
In some cases indeed, dst could be freed before [b] is done.
We could cheat by clearing sk_rx_dst before calling
dst_release(), but this seems the right time to stick
to standard RCU annotations and debugging facilities.
[1]
BUG: KASAN: use-after-free in dst_check include/net/dst.h:470 [inline]
BUG: KASAN: use-after-free in tcp_v4_early_demux+0x95b/0x960 net/ipv4/tcp_ipv4.c:1792
Read of size 2 at addr ffff88807f1cb73a by task syz-executor.5/9204
CPU: 0 PID: 9204 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_address_description.constprop.0.cold+0x8d/0x320 mm/kasan/report.c:247
__kasan_report mm/kasan/report.c:433 [inline]
kasan_report.cold+0x83/0xdf mm/kasan/report.c:450
dst_check include/net/dst.h:470 [inline]
tcp_v4_early_demux+0x95b/0x960 net/ipv4/tcp_ipv4.c:1792
ip_rcv_finish_core.constprop.0+0x15de/0x1e80 net/ipv4/ip_input.c:340
ip_list_rcv_finish.constprop.0+0x1b2/0x6e0 net/ipv4/ip_input.c:583
ip_sublist_rcv net/ipv4/ip_input.c:609 [inline]
ip_list_rcv+0x34e/0x490 net/ipv4/ip_input.c:644
__netif_receive_skb_list_ptype net/core/dev.c:5508 [inline]
__netif_receive_skb_list_core+0x549/0x8e0 net/core/dev.c:5556
__netif_receive_skb_list net/core/dev.c:5608 [inline]
netif_receive_skb_list_internal+0x75e/0xd80 net/core/dev.c:5699
gro_normal_list net/core/dev.c:5853 [inline]
gro_normal_list net/core/dev.c:5849 [inline]
napi_complete_done+0x1f1/0x880 net/core/dev.c:6590
virtqueue_napi_complete drivers/net/virtio_net.c:339 [inline]
virtnet_poll+0xca2/0x11b0 drivers/net/virtio_net.c:1557
__napi_poll+0xaf/0x440 net/core/dev.c:7023
napi_poll net/core/dev.c:7090 [inline]
net_rx_action+0x801/0xb40 net/core/dev.c:7177
__do_softirq+0x29b/0x9c2 kernel/softirq.c:558
invoke_softirq kernel/softirq.c:432 [inline]
__irq_exit_rcu+0x123/0x180 kernel/softirq.c:637
irq_exit_rcu+0x5/0x20 kernel/softirq.c:649
common_interrupt+0x52/0xc0 arch/x86/kernel/irq.c:240
asm_common_interrupt+0x1e/0x40 arch/x86/include/asm/idtentry.h:629
RIP: 0033:0x7f5e972bfd57
Code: 39 d1 73 14 0f 1f 80 00 00 00 00 48 8b 50 f8 48 83 e8 08 48 39 ca 77 f3 48 39 c3 73 3e 48 89 13 48 8b 50 f8 48 89 38 49 8b 0e <48> 8b 3e 48 83 c3 08 48 83 c6 08 eb bc 48 39 d1 72 9e 48 39 d0 73
RSP: 002b:00007fff8a413210 EFLAGS: 00000283
RAX: 00007f5e97108990 RBX: 00007f5e97108338 RCX: ffffffff81d3aa45
RDX: ffffffff81d3aa45 RSI: 00007f5e97108340 RDI: ffffffff81d3aa45
RBP: 00007f5e97107eb8 R08: 00007f5e97108d88 R09: 0000000093c2e8d9
R10: 0000000000000000 R11: 0000000000000000 R12: 00007f5e97107eb0
R13: 00007f5e97108338 R14: 00007f5e97107ea8 R15: 0000000000000019
</TASK>
Allocated by task 13:
kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38
kasan_set_track mm/kasan/common.c:46 [inline]
set_alloc_info mm/kasan/common.c:434 [inline]
__kasan_slab_alloc+0x90/0xc0 mm/kasan/common.c:467
kasan_slab_alloc include/linux/kasan.h:259 [inline]
slab_post_alloc_hook mm/slab.h:519 [inline]
slab_alloc_node mm/slub.c:3234 [inline]
slab_alloc mm/slub.c:3242 [inline]
kmem_cache_alloc+0x202/0x3a0 mm/slub.c:3247
dst_alloc+0x146/0x1f0 net/core/dst.c:92
rt_dst_alloc+0x73/0x430 net/ipv4/route.c:1613
ip_route_input_slow+0x1817/0x3a20 net/ipv4/route.c:2340
ip_route_input_rcu net/ipv4/route.c:2470 [inline]
ip_route_input_noref+0x116/0x2a0 net/ipv4/route.c:2415
ip_rcv_finish_core.constprop.0+0x288/0x1e80 net/ipv4/ip_input.c:354
ip_list_rcv_finish.constprop.0+0x1b2/0x6e0 net/ipv4/ip_input.c:583
ip_sublist_rcv net/ipv4/ip_input.c:609 [inline]
ip_list_rcv+0x34e/0x490 net/ipv4/ip_input.c:644
__netif_receive_skb_list_ptype net/core/dev.c:5508 [inline]
__netif_receive_skb_list_core+0x549/0x8e0 net/core/dev.c:5556
__netif_receive_skb_list net/core/dev.c:5608 [inline]
netif_receive_skb_list_internal+0x75e/0xd80 net/core/dev.c:5699
gro_normal_list net/core/dev.c:5853 [inline]
gro_normal_list net/core/dev.c:5849 [inline]
napi_complete_done+0x1f1/0x880 net/core/dev.c:6590
virtqueue_napi_complete drivers/net/virtio_net.c:339 [inline]
virtnet_poll+0xca2/0x11b0 drivers/net/virtio_net.c:1557
__napi_poll+0xaf/0x440 net/core/dev.c:7023
napi_poll net/core/dev.c:7090 [inline]
net_rx_action+0x801/0xb40 net/core/dev.c:7177
__do_softirq+0x29b/0x9c2 kernel/softirq.c:558
Freed by task 13:
kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38
kasan_set_track+0x21/0x30 mm/kasan/common.c:46
kasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370
____kasan_slab_free mm/kasan/common.c:366 [inline]
____kasan_slab_free mm/kasan/common.c:328 [inline]
__kasan_slab_free+0xff/0x130 mm/kasan/common.c:374
kasan_slab_free include/linux/kasan.h:235 [inline]
slab_free_hook mm/slub.c:1723 [inline]
slab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1749
slab_free mm/slub.c:3513 [inline]
kmem_cache_free+0xbd/0x5d0 mm/slub.c:3530
dst_destroy+0x2d6/0x3f0 net/core/dst.c:127
rcu_do_batch kernel/rcu/tree.c:2506 [inline]
rcu_core+0x7ab/0x1470 kernel/rcu/tree.c:2741
__do_softirq+0x29b/0x9c2 kernel/softirq.c:558
Last potentially related work creation:
kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38
__kasan_record_aux_stack+0xf5/0x120 mm/kasan/generic.c:348
__call_rcu kernel/rcu/tree.c:2985 [inline]
call_rcu+0xb1/0x740 kernel/rcu/tree.c:3065
dst_release net/core/dst.c:177 [inline]
dst_release+0x79/0xe0 net/core/dst.c:167
tcp_v4_do_rcv+0x612/0x8d0 net/ipv4/tcp_ipv4.c:1712
sk_backlog_rcv include/net/sock.h:1030 [inline]
__release_sock+0x134/0x3b0 net/core/sock.c:2768
release_sock+0x54/0x1b0 net/core/sock.c:3300
tcp_sendmsg+0x36/0x40 net/ipv4/tcp.c:1441
inet_sendmsg+0x99/0xe0 net/ipv4/af_inet.c:819
sock_sendmsg_nosec net/socket.c:704 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:724
sock_write_iter+0x289/0x3c0 net/socket.c:1057
call_write_iter include/linux/fs.h:2162 [inline]
new_sync_write+0x429/0x660 fs/read_write.c:503
vfs_write+0x7cd/0xae0 fs/read_write.c:590
ksys_write+0x1ee/0x250 fs/read_write.c:643
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
The buggy address belongs to the object at ffff88807f1cb700
which belongs to the cache ip_dst_cache of size 176
The buggy address is located 58 bytes inside of
176-byte region [ffff88807f1cb700, ffff88807f1cb7b0)
The buggy address belongs to the page:
page:ffffea0001fc72c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7f1cb
flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000000200 dead000000000100 dead000000000122 ffff8881413bb780
raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 5, ts 108466983062, free_ts 108048976062
prep_new_page mm/page_alloc.c:2418 [inline]
get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4149
__alloc_pages+0x1b2/0x500 mm/page_alloc.c:5369
alloc_pages+0x1a7/0x300 mm/mempolicy.c:2191
alloc_slab_page mm/slub.c:1793 [inline]
allocate_slab mm/slub.c:1930 [inline]
new_slab+0x32d/0x4a0 mm/slub.c:1993
___slab_alloc+0x918/0xfe0 mm/slub.c:3022
__slab_alloc.constprop.0+0x4d/0xa0 mm/slub.c:3109
slab_alloc_node mm/slub.c:3200 [inline]
slab_alloc mm/slub.c:3242 [inline]
kmem_cache_alloc+0x35c/0x3a0 mm/slub.c:3247
dst_alloc+0x146/0x1f0 net/core/dst.c:92
rt_dst_alloc+0x73/0x430 net/ipv4/route.c:1613
__mkroute_output net/ipv4/route.c:2564 [inline]
ip_route_output_key_hash_rcu+0x921/0x2d00 net/ipv4/route.c:2791
ip_route_output_key_hash+0x18b/0x300 net/ipv4/route.c:2619
__ip_route_output_key include/net/route.h:126 [inline]
ip_route_output_flow+0x23/0x150 net/ipv4/route.c:2850
ip_route_output_key include/net/route.h:142 [inline]
geneve_get_v4_rt+0x3a6/0x830 drivers/net/geneve.c:809
geneve_xmit_skb drivers/net/geneve.c:899 [inline]
geneve_xmit+0xc4a/0x3540 drivers/net/geneve.c:1082
__netdev_start_xmit include/linux/netdevice.h:4994 [inline]
netdev_start_xmit include/linux/netdevice.h:5008 [inline]
xmit_one net/core/dev.c:3590 [inline]
dev_hard_start_xmit+0x1eb/0x920 net/core/dev.c:3606
__dev_queue_xmit+0x299a/0x3650 net/core/dev.c:4229
page last free stack trace:
reset_page_owner include/linux/page_owner.h:24 [inline]
free_pages_prepare mm/page_alloc.c:1338 [inline]
free_pcp_prepare+0x374/0x870 mm/page_alloc.c:1389
free_unref_page_prepare mm/page_alloc.c:3309 [inline]
free_unref_page+0x19/0x690 mm/page_alloc.c:3388
qlink_free mm/kasan/quarantine.c:146 [inline]
qlist_free_all+0x5a/0xc0 mm/kasan/quarantine.c:165
kasan_quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:272
__kasan_slab_alloc+0xa2/0xc0 mm/kasan/common.c:444
kasan_slab_alloc include/linux/kasan.h:259 [inline]
slab_post_alloc_hook mm/slab.h:519 [inline]
slab_alloc_node mm/slub.c:3234 [inline]
kmem_cache_alloc_node+0x255/0x3f0 mm/slub.c:3270
__alloc_skb+0x215/0x340 net/core/skbuff.c:414
alloc_skb include/linux/skbuff.h:1126 [inline]
alloc_skb_with_frags+0x93/0x620 net/core/skbuff.c:6078
sock_alloc_send_pskb+0x783/0x910 net/core/sock.c:2575
mld_newpack+0x1df/0x770 net/ipv6/mcast.c:1754
add_grhead+0x265/0x330 net/ipv6/mcast.c:1857
add_grec+0x1053/0x14e0 net/ipv6/mcast.c:1995
mld_send_initial_cr.part.0+0xf6/0x230 net/ipv6/mcast.c:2242
mld_send_initial_cr net/ipv6/mcast.c:1232 [inline]
mld_dad_work+0x1d3/0x690 net/ipv6/mcast.c:2268
process_one_work+0x9b2/0x1690 kernel/workqueue.c:2298
worker_thread+0x658/0x11f0 kernel/workqueue.c:2445
Memory state around the buggy address:
ffff88807f1cb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
ffff88807f1cb680: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
>ffff88807f1cb700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff88807f1cb780: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
ffff88807f1cb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
Fixes: 41063e9dd119 ("ipv4: Early TCP socket demux.")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20211220143330.680945-1-eric.dumazet@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-20 17:33:30 +03:00
dst_release ( rcu_dereference_protected ( sk - > sk_rx_dst , 1 ) ) ;
2005-08-10 06:45:38 +04:00
sk_refcnt_debug_dec ( sk ) ;
2005-04-17 02:20:36 +04:00
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_sock_destruct ) ;
2005-04-17 02:20:36 +04:00
/*
* The routines beyond this point handle the behaviour of an AF_INET
* socket object . Mostly it punts to the subprotocols of IP to do
* the work .
*/
/*
* Automatically bind an unbound socket .
*/
static int inet_autobind ( struct sock * sk )
{
struct inet_sock * inet ;
/* We may need to bind the socket. */
lock_sock ( sk ) ;
inet = inet_sk ( sk ) ;
2009-10-15 10:30:45 +04:00
if ( ! inet - > inet_num ) {
2005-04-17 02:20:36 +04:00
if ( sk - > sk_prot - > get_port ( sk , 0 ) ) {
release_sock ( sk ) ;
return - EAGAIN ;
}
2009-10-15 10:30:45 +04:00
inet - > inet_sport = htons ( inet - > inet_num ) ;
2005-04-17 02:20:36 +04:00
}
release_sock ( sk ) ;
return 0 ;
}
/*
* Move a socket into listening state .
*/
int inet_listen ( struct socket * sock , int backlog )
{
struct sock * sk = sock - > sk ;
unsigned char old_state ;
2017-09-27 06:35:40 +03:00
int err , tcp_fastopen ;
2005-04-17 02:20:36 +04:00
lock_sock ( sk ) ;
err = - EINVAL ;
if ( sock - > state ! = SS_UNCONNECTED | | sock - > type ! = SOCK_STREAM )
goto out ;
old_state = sk - > sk_state ;
if ( ! ( ( 1 < < old_state ) & ( TCPF_CLOSE | TCPF_LISTEN ) ) )
goto out ;
2019-11-06 01:11:54 +03:00
WRITE_ONCE ( sk - > sk_max_ack_backlog , backlog ) ;
2005-04-17 02:20:36 +04:00
/* Really, if the socket is already in listen state
* we can only allow the backlog to be adjusted .
*/
if ( old_state ! = TCP_LISTEN ) {
2016-08-23 03:17:54 +03:00
/* Enable TFO w/o requiring TCP_FASTOPEN socket option.
2012-08-31 16:29:12 +04:00
* Note that only TCP sockets ( SOCK_STREAM ) will reach here .
2016-08-23 03:17:54 +03:00
* Also fastopen backlog may already been set via the option
* because the socket was in TCP_LISTEN state previously but
* was shutdown ( ) rather than close ( ) .
2012-08-31 16:29:12 +04:00
*/
2022-07-15 20:17:54 +03:00
tcp_fastopen = READ_ONCE ( sock_net ( sk ) - > ipv4 . sysctl_tcp_fastopen ) ;
2017-09-27 06:35:40 +03:00
if ( ( tcp_fastopen & TFO_SERVER_WO_SOCKOPT1 ) & &
( tcp_fastopen & TFO_SERVER_ENABLE ) & &
2015-09-29 17:42:52 +03:00
! inet_csk ( sk ) - > icsk_accept_queue . fastopenq . max_qlen ) {
2016-08-23 03:17:54 +03:00
fastopen_queue_tune ( sk , backlog ) ;
2017-09-27 06:35:42 +03:00
tcp_fastopen_init_key_once ( sock_net ( sk ) ) ;
2012-08-31 16:29:12 +04:00
}
2016-08-23 03:17:54 +03:00
2021-11-22 13:16:21 +03:00
err = inet_csk_listen_start ( sk ) ;
2005-04-17 02:20:36 +04:00
if ( err )
goto out ;
2018-07-12 03:33:32 +03:00
tcp_call_bpf ( sk , BPF_SOCK_OPS_TCP_LISTEN_CB , 0 , NULL ) ;
2005-04-17 02:20:36 +04:00
}
err = 0 ;
out :
release_sock ( sk ) ;
return err ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_listen ) ;
2005-04-17 02:20:36 +04:00
/*
* Create an inet socket .
*/
2009-11-06 09:18:14 +03:00
static int inet_create ( struct net * net , struct socket * sock , int protocol ,
int kern )
2005-04-17 02:20:36 +04:00
{
struct sock * sk ;
struct inet_protosw * answer ;
struct inet_sock * inet ;
struct proto * answer_prot ;
unsigned char answer_flags ;
2005-08-10 07:19:14 +04:00
int try_loading_module = 0 ;
2005-12-03 07:43:26 +03:00
int err ;
2005-04-17 02:20:36 +04:00
2015-12-15 00:03:39 +03:00
if ( protocol < 0 | | protocol > = IPPROTO_MAX )
return - EINVAL ;
2005-04-17 02:20:36 +04:00
sock - > state = SS_UNCONNECTED ;
/* Look for the requested type/protocol pair. */
2005-08-10 07:19:14 +04:00
lookup_protocol :
2005-12-03 07:43:26 +03:00
err = - ESOCKTNOSUPPORT ;
2005-04-17 02:20:36 +04:00
rcu_read_lock ( ) ;
2008-07-25 12:45:34 +04:00
list_for_each_entry_rcu ( answer , & inetsw [ sock - > type ] , list ) {
2005-04-17 02:20:36 +04:00
2008-07-25 12:45:34 +04:00
err = 0 ;
2005-04-17 02:20:36 +04:00
/* Check the non-wild match. */
if ( protocol = = answer - > protocol ) {
if ( protocol ! = IPPROTO_IP )
break ;
} else {
/* Check for the two wild cases. */
if ( IPPROTO_IP = = protocol ) {
protocol = answer - > protocol ;
break ;
}
if ( IPPROTO_IP = = answer - > protocol )
break ;
}
2005-12-03 07:43:26 +03:00
err = - EPROTONOSUPPORT ;
2005-04-17 02:20:36 +04:00
}
2008-07-25 12:45:34 +04:00
if ( unlikely ( err ) ) {
2005-08-10 07:19:14 +04:00
if ( try_loading_module < 2 ) {
rcu_read_unlock ( ) ;
/*
* Be more specific , e . g . net - pf - 2 - proto - 132 - type - 1
* ( net - pf - PF_INET - proto - IPPROTO_SCTP - type - SOCK_STREAM )
*/
if ( + + try_loading_module = = 1 )
request_module ( " net-pf-%d-proto-%d-type-%d " ,
PF_INET , protocol , sock - > type ) ;
/*
* Fall back to generic , e . g . net - pf - 2 - proto - 132
* ( net - pf - PF_INET - proto - IPPROTO_SCTP )
*/
else
request_module ( " net-pf-%d-proto-%d " ,
PF_INET , protocol ) ;
goto lookup_protocol ;
} else
goto out_rcu_unlock ;
}
2005-04-17 02:20:36 +04:00
err = - EPERM ;
net: Allow userns root to control ipv4
Allow an unpriviled user who has created a user namespace, and then
created a network namespace to effectively use the new network
namespace, by reducing capable(CAP_NET_ADMIN) and
capable(CAP_NET_RAW) calls to be ns_capable(net->user_ns,
CAP_NET_ADMIN), or capable(net->user_ns, CAP_NET_RAW) calls.
Settings that merely control a single network device are allowed.
Either the network device is a logical network device where
restrictions make no difference or the network device is hardware NIC
that has been explicity moved from the initial network namespace.
In general policy and network stack state changes are allowed
while resource control is left unchanged.
Allow creating raw sockets.
Allow the SIOCSARP ioctl to control the arp cache.
Allow the SIOCSIFFLAG ioctl to allow setting network device flags.
Allow the SIOCSIFADDR ioctl to allow setting a netdevice ipv4 address.
Allow the SIOCSIFBRDADDR ioctl to allow setting a netdevice ipv4 broadcast address.
Allow the SIOCSIFDSTADDR ioctl to allow setting a netdevice ipv4 destination address.
Allow the SIOCSIFNETMASK ioctl to allow setting a netdevice ipv4 netmask.
Allow the SIOCADDRT and SIOCDELRT ioctls to allow adding and deleting ipv4 routes.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting gre tunnels.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting ipip tunnels.
Allow the SIOCADDTUNNEL, SIOCCHGTUNNEL and SIOCDELTUNNEL ioctls for
adding, changing and deleting ipsec virtual tunnel interfaces.
Allow setting the MRT_INIT, MRT_DONE, MRT_ADD_VIF, MRT_DEL_VIF, MRT_ADD_MFC,
MRT_DEL_MFC, MRT_ASSERT, MRT_PIM, MRT_TABLE socket options on multicast routing
sockets.
Allow setting and receiving IPOPT_CIPSO, IP_OPT_SEC, IP_OPT_SID and
arbitrary ip options.
Allow setting IP_SEC_POLICY/IP_XFRM_POLICY ipv4 socket option.
Allow setting the IP_TRANSPARENT ipv4 socket option.
Allow setting the TCP_REPAIR socket option.
Allow setting the TCP_CONGESTION socket option.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-16 07:03:05 +04:00
if ( sock - > type = = SOCK_RAW & & ! kern & &
! ns_capable ( net - > user_ns , CAP_NET_RAW ) )
2005-04-17 02:20:36 +04:00
goto out_rcu_unlock ;
sock - > ops = answer - > ops ;
answer_prot = answer - > prot ;
answer_flags = answer - > flags ;
rcu_read_unlock ( ) ;
2015-04-03 11:17:26 +03:00
WARN_ON ( ! answer_prot - > slab ) ;
2005-04-17 02:20:36 +04:00
2021-06-01 17:14:07 +03:00
err = - ENOMEM ;
2015-05-09 05:09:13 +03:00
sk = sk_alloc ( net , PF_INET , GFP_KERNEL , answer_prot , kern ) ;
2015-04-03 11:17:26 +03:00
if ( ! sk )
2005-04-17 02:20:36 +04:00
goto out ;
err = 0 ;
if ( INET_PROTOSW_REUSE & answer_flags )
2012-04-19 07:39:36 +04:00
sk - > sk_reuse = SK_CAN_REUSE ;
2005-04-17 02:20:36 +04:00
inet = inet_sk ( sk ) ;
2007-01-10 01:37:06 +03:00
inet - > is_icsk = ( INET_PROTOSW_ICSK & answer_flags ) ! = 0 ;
2005-04-17 02:20:36 +04:00
2010-06-15 05:07:31 +04:00
inet - > nodefrag = 0 ;
2005-04-17 02:20:36 +04:00
if ( SOCK_RAW = = sock - > type ) {
2009-10-15 10:30:45 +04:00
inet - > inet_num = protocol ;
2005-04-17 02:20:36 +04:00
if ( IPPROTO_RAW = = protocol )
inet - > hdrincl = 1 ;
}
2022-07-13 23:51:52 +03:00
if ( READ_ONCE ( net - > ipv4 . sysctl_ip_no_pmtu_disc ) )
2005-04-17 02:20:36 +04:00
inet - > pmtudisc = IP_PMTUDISC_DONT ;
else
inet - > pmtudisc = IP_PMTUDISC_WANT ;
2009-10-15 10:30:45 +04:00
inet - > inet_id = 0 ;
2005-04-17 02:20:36 +04:00
sock_init_data ( sock , sk ) ;
sk - > sk_destruct = inet_sock_destruct ;
sk - > sk_protocol = protocol ;
sk - > sk_backlog_rcv = sk - > sk_prot - > backlog_rcv ;
inet - > uc_ttl = - 1 ;
inet - > mc_loop = 1 ;
inet - > mc_ttl = 1 ;
2009-05-28 11:00:46 +04:00
inet - > mc_all = 1 ;
2005-04-17 02:20:36 +04:00
inet - > mc_index = 0 ;
inet - > mc_list = NULL ;
2012-02-09 13:35:49 +04:00
inet - > rcv_tos = 0 ;
2005-04-17 02:20:36 +04:00
2005-08-10 06:45:38 +04:00
sk_refcnt_debug_inc ( sk ) ;
2005-04-17 02:20:36 +04:00
2009-10-15 10:30:45 +04:00
if ( inet - > inet_num ) {
2005-04-17 02:20:36 +04:00
/* It assumes that any protocol which allows
* the user to assign a number at socket
* creation time automatically
* shares .
*/
2009-10-15 10:30:45 +04:00
inet - > inet_sport = htons ( inet - > inet_num ) ;
2005-04-17 02:20:36 +04:00
/* Add to protocol hash chains. */
2016-02-10 19:50:35 +03:00
err = sk - > sk_prot - > hash ( sk ) ;
if ( err ) {
sk_common_release ( sk ) ;
goto out ;
}
2005-04-17 02:20:36 +04:00
}
if ( sk - > sk_prot - > init ) {
err = sk - > sk_prot - > init ( sk ) ;
2016-12-01 19:48:04 +03:00
if ( err ) {
sk_common_release ( sk ) ;
goto out ;
}
}
if ( ! kern ) {
err = BPF_CGROUP_RUN_PROG_INET_SOCK ( sk ) ;
if ( err ) {
2005-04-17 02:20:36 +04:00
sk_common_release ( sk ) ;
2016-12-01 19:48:04 +03:00
goto out ;
}
2005-04-17 02:20:36 +04:00
}
out :
return err ;
out_rcu_unlock :
rcu_read_unlock ( ) ;
goto out ;
}
/*
* The peer socket should always be NULL ( or else ) . When we call this
* function we are destroying the object and from then on nobody
* should refer to it .
*/
int inet_release ( struct socket * sock )
{
struct sock * sk = sock - > sk ;
if ( sk ) {
long timeout ;
2020-07-07 02:01:25 +03:00
if ( ! sk - > sk_kern_sock )
BPF_CGROUP_RUN_PROG_INET_SOCK_RELEASE ( sk ) ;
2005-04-17 02:20:36 +04:00
/* Applications forget to leave groups before exiting */
ip_mc_drop_socket ( sk ) ;
/* If linger is set, we don't return until the close
* is complete . Otherwise we return immediately . The
* actually closing is done the same either way .
*
* If the close is due to the process exiting , we never
* linger . .
*/
timeout = 0 ;
if ( sock_flag ( sk , SOCK_LINGER ) & &
! ( current - > flags & PF_EXITING ) )
timeout = sk - > sk_lingertime ;
sk - > sk_prot - > close ( sk , timeout ) ;
2019-05-30 02:33:23 +03:00
sock - > sk = NULL ;
2005-04-17 02:20:36 +04:00
}
return 0 ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_release ) ;
2005-04-17 02:20:36 +04:00
int inet_bind ( struct socket * sock , struct sockaddr * uaddr , int addr_len )
{
struct sock * sk = sock - > sk ;
2021-01-27 22:31:39 +03:00
u32 flags = BIND_WITH_LOCK ;
2005-04-17 02:20:36 +04:00
int err ;
/* If the socket has its own bind function then use it. (RAW) */
if ( sk - > sk_prot - > bind ) {
2018-03-31 01:08:04 +03:00
return sk - > sk_prot - > bind ( sk , uaddr , addr_len ) ;
2005-04-17 02:20:36 +04:00
}
if ( addr_len < sizeof ( struct sockaddr_in ) )
2018-03-31 01:08:04 +03:00
return - EINVAL ;
2018-03-31 01:08:02 +03:00
/* BPF prog is run before any checks are done so that if the prog
* changes context in a wrong way it will be caught .
*/
2021-01-27 22:31:39 +03:00
err = BPF_CGROUP_RUN_PROG_INET_BIND_LOCK ( sk , uaddr ,
2021-08-19 12:24:20 +03:00
CGROUP_INET4_BIND , & flags ) ;
2018-03-31 01:08:02 +03:00
if ( err )
2018-03-31 01:08:04 +03:00
return err ;
2021-01-27 22:31:39 +03:00
return __inet_bind ( sk , uaddr , addr_len , flags ) ;
2018-03-31 01:08:04 +03:00
}
EXPORT_SYMBOL ( inet_bind ) ;
int __inet_bind ( struct sock * sk , struct sockaddr * uaddr , int addr_len ,
2020-05-08 20:46:10 +03:00
u32 flags )
2018-03-31 01:08:04 +03:00
{
struct sockaddr_in * addr = ( struct sockaddr_in * ) uaddr ;
struct inet_sock * inet = inet_sk ( sk ) ;
struct net * net = sock_net ( sk ) ;
unsigned short snum ;
int chk_addr_ret ;
u32 tb_id = RT_TABLE_LOCAL ;
int err ;
2005-04-17 02:20:36 +04:00
net: bind() fix error return on wrong address family
Hi,
Reinhard Max also pointed out that the error should EAFNOSUPPORT according
to POSIX.
The Linux manpages have it as EINVAL, some other OSes (Minix, HPUX, perhaps BSD) use
EAFNOSUPPORT. Windows uses WSAEFAULT according to MSDN.
Other protocols error values in their af bind() methods in current mainline git as far
as a brief look shows:
EAFNOSUPPORT: atm, appletalk, l2tp, llc, phonet, rxrpc
EINVAL: ax25, bluetooth, decnet, econet, ieee802154, iucv, netlink, netrom, packet, rds, rose, unix, x25,
No check?: can/raw, ipv6/raw, irda, l2tp/l2tp_ip
Ciao, Marcus
Signed-off-by: Marcus Meissner <meissner@suse.de>
Cc: Reinhard Max <max@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-04 05:30:29 +04:00
if ( addr - > sin_family ! = AF_INET ) {
2011-08-31 02:57:00 +04:00
/* Compatibility games : accept AF_UNSPEC (mapped to AF_INET)
* only if s_addr is INADDR_ANY .
*/
net: bind() fix error return on wrong address family
Hi,
Reinhard Max also pointed out that the error should EAFNOSUPPORT according
to POSIX.
The Linux manpages have it as EINVAL, some other OSes (Minix, HPUX, perhaps BSD) use
EAFNOSUPPORT. Windows uses WSAEFAULT according to MSDN.
Other protocols error values in their af bind() methods in current mainline git as far
as a brief look shows:
EAFNOSUPPORT: atm, appletalk, l2tp, llc, phonet, rxrpc
EINVAL: ax25, bluetooth, decnet, econet, ieee802154, iucv, netlink, netrom, packet, rds, rose, unix, x25,
No check?: can/raw, ipv6/raw, irda, l2tp/l2tp_ip
Ciao, Marcus
Signed-off-by: Marcus Meissner <meissner@suse.de>
Cc: Reinhard Max <max@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-04 05:30:29 +04:00
err = - EAFNOSUPPORT ;
2011-08-31 02:57:00 +04:00
if ( addr - > sin_family ! = AF_UNSPEC | |
addr - > sin_addr . s_addr ! = htonl ( INADDR_ANY ) )
goto out ;
net: bind() fix error return on wrong address family
Hi,
Reinhard Max also pointed out that the error should EAFNOSUPPORT according
to POSIX.
The Linux manpages have it as EINVAL, some other OSes (Minix, HPUX, perhaps BSD) use
EAFNOSUPPORT. Windows uses WSAEFAULT according to MSDN.
Other protocols error values in their af bind() methods in current mainline git as far
as a brief look shows:
EAFNOSUPPORT: atm, appletalk, l2tp, llc, phonet, rxrpc
EINVAL: ax25, bluetooth, decnet, econet, ieee802154, iucv, netlink, netrom, packet, rds, rose, unix, x25,
No check?: can/raw, ipv6/raw, irda, l2tp/l2tp_ip
Ciao, Marcus
Signed-off-by: Marcus Meissner <meissner@suse.de>
Cc: Reinhard Max <max@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-04 05:30:29 +04:00
}
2011-06-02 08:05:22 +04:00
2015-09-30 06:07:14 +03:00
tb_id = l3mdev_fib_table_by_index ( net , sk - > sk_bound_dev_if ) ? : tb_id ;
2015-08-13 23:59:05 +03:00
chk_addr_ret = inet_addr_type_table ( net , addr - > sin_addr . s_addr , tb_id ) ;
2005-04-17 02:20:36 +04:00
/* Not specified by any standard per-se, however it breaks too
* many applications when removed . It is unfortunate since
* allowing applications to make a non - local bind solves
* several problems with systems using dynamic addressing .
* ( ie . your servers still start up even if your ISDN link
* is temporarily down )
*/
err = - EADDRNOTAVAIL ;
2021-11-17 12:00:11 +03:00
if ( ! inet_addr_valid_or_nonlocal ( net , inet , addr - > sin_addr . s_addr ,
chk_addr_ret ) )
2005-04-17 02:20:36 +04:00
goto out ;
snum = ntohs ( addr - > sin_port ) ;
err = - EACCES ;
2021-01-27 22:31:39 +03:00
if ( ! ( flags & BIND_NO_CAP_NET_BIND_SERVICE ) & &
snum & & inet_port_requires_bind_service ( net , snum ) & &
2012-11-16 07:03:12 +04:00
! ns_capable ( net - > user_ns , CAP_NET_BIND_SERVICE ) )
2005-04-17 02:20:36 +04:00
goto out ;
/* We keep a pair of addresses. rcv_saddr is the one
* used by hash lookups , and saddr is used for transmit .
*
* In the BSD API these are the same except where it
* would be illegal to use them ( multicast / broadcast ) in
* which case the sending device address is used .
*/
2020-05-08 20:46:10 +03:00
if ( flags & BIND_WITH_LOCK )
2018-03-31 01:08:04 +03:00
lock_sock ( sk ) ;
2005-04-17 02:20:36 +04:00
/* Check these errors (active socket, double bind). */
err = - EINVAL ;
2009-10-15 10:30:45 +04:00
if ( sk - > sk_state ! = TCP_CLOSE | | inet - > inet_num )
2005-04-17 02:20:36 +04:00
goto out_release_sock ;
2009-10-15 10:30:45 +04:00
inet - > inet_rcv_saddr = inet - > inet_saddr = addr - > sin_addr . s_addr ;
2005-04-17 02:20:36 +04:00
if ( chk_addr_ret = = RTN_MULTICAST | | chk_addr_ret = = RTN_BROADCAST )
2009-10-15 10:30:45 +04:00
inet - > inet_saddr = 0 ; /* Use device */
2005-04-17 02:20:36 +04:00
/* Make sure we are allowed to bind here. */
2018-03-31 01:08:07 +03:00
if ( snum | | ! ( inet - > bind_address_no_port | |
2020-05-08 20:46:10 +03:00
( flags & BIND_FORCE_ADDRESS_NO_PORT ) ) ) {
2018-03-31 01:08:07 +03:00
if ( sk - > sk_prot - > get_port ( sk , snum ) ) {
inet - > inet_saddr = inet - > inet_rcv_saddr = 0 ;
err = - EADDRINUSE ;
goto out_release_sock ;
}
2020-05-08 20:46:11 +03:00
if ( ! ( flags & BIND_FROM_BPF ) ) {
err = BPF_CGROUP_RUN_PROG_INET4_POST_BIND ( sk ) ;
if ( err ) {
inet - > inet_saddr = inet - > inet_rcv_saddr = 0 ;
net: bpf: Handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND()
The return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND() in
__inet_bind() is not handled properly. While the return value
is non-zero, it will set inet_saddr and inet_rcv_saddr to 0 and
exit:
err = BPF_CGROUP_RUN_PROG_INET4_POST_BIND(sk);
if (err) {
inet->inet_saddr = inet->inet_rcv_saddr = 0;
goto out_release_sock;
}
Let's take UDP for example and see what will happen. For UDP
socket, it will be added to 'udp_prot.h.udp_table->hash' and
'udp_prot.h.udp_table->hash2' after the sk->sk_prot->get_port()
called success. If 'inet->inet_rcv_saddr' is specified here,
then 'sk' will be in the 'hslot2' of 'hash2' that it don't belong
to (because inet_saddr is changed to 0), and UDP packet received
will not be passed to this sock. If 'inet->inet_rcv_saddr' is not
specified here, the sock will work fine, as it can receive packet
properly, which is wired, as the 'bind()' is already failed.
To undo the get_port() operation, introduce the 'put_port' field
for 'struct proto'. For TCP proto, it is inet_put_port(); For UDP
proto, it is udp_lib_unhash(); For icmp proto, it is
ping_unhash().
Therefore, after sys_bind() fail caused by
BPF_CGROUP_RUN_PROG_INET4_POST_BIND(), it will be unbinded, which
means that it can try to be binded to another port.
Signed-off-by: Menglong Dong <imagedong@tencent.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20220106132022.3470772-2-imagedong@tencent.com
2022-01-06 16:20:20 +03:00
if ( sk - > sk_prot - > put_port )
sk - > sk_prot - > put_port ( sk ) ;
2020-05-08 20:46:11 +03:00
goto out_release_sock ;
}
2018-03-31 01:08:07 +03:00
}
2005-04-17 02:20:36 +04:00
}
2009-10-15 10:30:45 +04:00
if ( inet - > inet_rcv_saddr )
2005-04-17 02:20:36 +04:00
sk - > sk_userlocks | = SOCK_BINDADDR_LOCK ;
if ( snum )
sk - > sk_userlocks | = SOCK_BINDPORT_LOCK ;
2009-10-15 10:30:45 +04:00
inet - > inet_sport = htons ( inet - > inet_num ) ;
inet - > inet_daddr = 0 ;
inet - > inet_dport = 0 ;
2005-04-17 02:20:36 +04:00
sk_dst_reset ( sk ) ;
err = 0 ;
out_release_sock :
2020-05-08 20:46:10 +03:00
if ( flags & BIND_WITH_LOCK )
2018-03-31 01:08:04 +03:00
release_sock ( sk ) ;
2005-04-17 02:20:36 +04:00
out :
return err ;
}
2012-04-15 05:34:41 +04:00
int inet_dgram_connect ( struct socket * sock , struct sockaddr * uaddr ,
2005-04-17 02:20:36 +04:00
int addr_len , int flags )
{
struct sock * sk = sock - > sk ;
2018-03-31 01:08:05 +03:00
int err ;
2005-04-17 02:20:36 +04:00
2010-04-01 02:58:26 +04:00
if ( addr_len < sizeof ( uaddr - > sa_family ) )
return - EINVAL ;
2005-04-17 02:20:36 +04:00
if ( uaddr - > sa_family = = AF_UNSPEC )
return sk - > sk_prot - > disconnect ( sk , flags ) ;
2018-03-31 01:08:05 +03:00
if ( BPF_CGROUP_PRE_CONNECT_ENABLED ( sk ) ) {
err = sk - > sk_prot - > pre_connect ( sk , uaddr , addr_len ) ;
if ( err )
return err ;
}
2021-06-09 10:59:45 +03:00
if ( data_race ( ! inet_sk ( sk ) - > inet_num ) & & inet_autobind ( sk ) )
2005-04-17 02:20:36 +04:00
return - EAGAIN ;
2012-06-03 21:41:40 +04:00
return sk - > sk_prot - > connect ( sk , uaddr , addr_len ) ;
2005-04-17 02:20:36 +04:00
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_dgram_connect ) ;
2005-04-17 02:20:36 +04:00
2012-07-19 10:43:07 +04:00
static long inet_wait_for_connect ( struct sock * sk , long timeo , int writebias )
2005-04-17 02:20:36 +04:00
{
2016-11-02 02:04:36 +03:00
DEFINE_WAIT_FUNC ( wait , woken_wake_function ) ;
2005-04-17 02:20:36 +04:00
2016-11-02 02:04:36 +03:00
add_wait_queue ( sk_sleep ( sk ) , & wait ) ;
2012-07-19 10:43:07 +04:00
sk - > sk_write_pending + = writebias ;
2005-04-17 02:20:36 +04:00
/* Basic assumption: if someone sets sk->sk_err, he _must_
* change state of the socket from TCP_SYN_ * .
* Connect ( ) does not allow to get error notifications
* without closing the socket .
*/
while ( ( 1 < < sk - > sk_state ) & ( TCPF_SYN_SENT | TCPF_SYN_RECV ) ) {
release_sock ( sk ) ;
2016-11-02 02:04:36 +03:00
timeo = wait_woken ( & wait , TASK_INTERRUPTIBLE , timeo ) ;
2005-04-17 02:20:36 +04:00
lock_sock ( sk ) ;
if ( signal_pending ( current ) | | ! timeo )
break ;
}
2016-11-02 02:04:36 +03:00
remove_wait_queue ( sk_sleep ( sk ) , & wait ) ;
2012-07-19 10:43:07 +04:00
sk - > sk_write_pending - = writebias ;
2005-04-17 02:20:36 +04:00
return timeo ;
}
/*
* Connect to a remote host . There is regrettably still a little
* TCP ' magic ' in here .
*/
2012-07-19 10:43:09 +04:00
int __inet_stream_connect ( struct socket * sock , struct sockaddr * uaddr ,
2017-01-25 16:42:46 +03:00
int addr_len , int flags , int is_sendmsg )
2005-04-17 02:20:36 +04:00
{
struct sock * sk = sock - > sk ;
int err ;
long timeo ;
net/tcp-fastopen: Add new API support
This patch adds a new socket option, TCP_FASTOPEN_CONNECT, as an
alternative way to perform Fast Open on the active side (client). Prior
to this patch, a client needs to replace the connect() call with
sendto(MSG_FASTOPEN). This can be cumbersome for applications who want
to use Fast Open: these socket operations are often done in lower layer
libraries used by many other applications. Changing these libraries
and/or the socket call sequences are not trivial. A more convenient
approach is to perform Fast Open by simply enabling a socket option when
the socket is created w/o changing other socket calls sequence:
s = socket()
create a new socket
setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT …);
newly introduced sockopt
If set, new functionality described below will be used.
Return ENOTSUPP if TFO is not supported or not enabled in the
kernel.
connect()
With cookie present, return 0 immediately.
With no cookie, initiate 3WHS with TFO cookie-request option and
return -1 with errno = EINPROGRESS.
write()/sendmsg()
With cookie present, send out SYN with data and return the number of
bytes buffered.
With no cookie, and 3WHS not yet completed, return -1 with errno =
EINPROGRESS.
No MSG_FASTOPEN flag is needed.
read()
Return -1 with errno = EWOULDBLOCK/EAGAIN if connect() is called but
write() is not called yet.
Return -1 with errno = EWOULDBLOCK/EAGAIN if connection is
established but no msg is received yet.
Return number of bytes read if socket is established and there is
msg received.
The new API simplifies life for applications that always perform a write()
immediately after a successful connect(). Such applications can now take
advantage of Fast Open by merely making one new setsockopt() call at the time
of creating the socket. Nothing else about the application's socket call
sequence needs to change.
Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-23 21:59:22 +03:00
/*
* uaddr can be NULL and addr_len can be 0 if :
* sk is a TCP fastopen active socket and
* TCP_FASTOPEN_CONNECT sockopt is set and
* we already have a valid cookie for this socket .
* In this case , user can call write ( ) after connect ( ) .
* write ( ) will invoke tcp_sendmsg_fastopen ( ) which calls
* __inet_stream_connect ( ) .
*/
if ( uaddr ) {
if ( addr_len < sizeof ( uaddr - > sa_family ) )
return - EINVAL ;
2010-04-01 02:58:26 +04:00
net/tcp-fastopen: Add new API support
This patch adds a new socket option, TCP_FASTOPEN_CONNECT, as an
alternative way to perform Fast Open on the active side (client). Prior
to this patch, a client needs to replace the connect() call with
sendto(MSG_FASTOPEN). This can be cumbersome for applications who want
to use Fast Open: these socket operations are often done in lower layer
libraries used by many other applications. Changing these libraries
and/or the socket call sequences are not trivial. A more convenient
approach is to perform Fast Open by simply enabling a socket option when
the socket is created w/o changing other socket calls sequence:
s = socket()
create a new socket
setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT …);
newly introduced sockopt
If set, new functionality described below will be used.
Return ENOTSUPP if TFO is not supported or not enabled in the
kernel.
connect()
With cookie present, return 0 immediately.
With no cookie, initiate 3WHS with TFO cookie-request option and
return -1 with errno = EINPROGRESS.
write()/sendmsg()
With cookie present, send out SYN with data and return the number of
bytes buffered.
With no cookie, and 3WHS not yet completed, return -1 with errno =
EINPROGRESS.
No MSG_FASTOPEN flag is needed.
read()
Return -1 with errno = EWOULDBLOCK/EAGAIN if connect() is called but
write() is not called yet.
Return -1 with errno = EWOULDBLOCK/EAGAIN if connection is
established but no msg is received yet.
Return number of bytes read if socket is established and there is
msg received.
The new API simplifies life for applications that always perform a write()
immediately after a successful connect(). Such applications can now take
advantage of Fast Open by merely making one new setsockopt() call at the time
of creating the socket. Nothing else about the application's socket call
sequence needs to change.
Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-23 21:59:22 +03:00
if ( uaddr - > sa_family = = AF_UNSPEC ) {
err = sk - > sk_prot - > disconnect ( sk , flags ) ;
sock - > state = err ? SS_DISCONNECTING : SS_UNCONNECTED ;
goto out ;
}
2005-04-17 02:20:36 +04:00
}
switch ( sock - > state ) {
default :
err = - EINVAL ;
goto out ;
case SS_CONNECTED :
err = - EISCONN ;
goto out ;
case SS_CONNECTING :
net/tcp-fastopen: Add new API support
This patch adds a new socket option, TCP_FASTOPEN_CONNECT, as an
alternative way to perform Fast Open on the active side (client). Prior
to this patch, a client needs to replace the connect() call with
sendto(MSG_FASTOPEN). This can be cumbersome for applications who want
to use Fast Open: these socket operations are often done in lower layer
libraries used by many other applications. Changing these libraries
and/or the socket call sequences are not trivial. A more convenient
approach is to perform Fast Open by simply enabling a socket option when
the socket is created w/o changing other socket calls sequence:
s = socket()
create a new socket
setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT …);
newly introduced sockopt
If set, new functionality described below will be used.
Return ENOTSUPP if TFO is not supported or not enabled in the
kernel.
connect()
With cookie present, return 0 immediately.
With no cookie, initiate 3WHS with TFO cookie-request option and
return -1 with errno = EINPROGRESS.
write()/sendmsg()
With cookie present, send out SYN with data and return the number of
bytes buffered.
With no cookie, and 3WHS not yet completed, return -1 with errno =
EINPROGRESS.
No MSG_FASTOPEN flag is needed.
read()
Return -1 with errno = EWOULDBLOCK/EAGAIN if connect() is called but
write() is not called yet.
Return -1 with errno = EWOULDBLOCK/EAGAIN if connection is
established but no msg is received yet.
Return number of bytes read if socket is established and there is
msg received.
The new API simplifies life for applications that always perform a write()
immediately after a successful connect(). Such applications can now take
advantage of Fast Open by merely making one new setsockopt() call at the time
of creating the socket. Nothing else about the application's socket call
sequence needs to change.
Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-23 21:59:22 +03:00
if ( inet_sk ( sk ) - > defer_connect )
2017-01-25 16:42:46 +03:00
err = is_sendmsg ? - EINPROGRESS : - EISCONN ;
net/tcp-fastopen: Add new API support
This patch adds a new socket option, TCP_FASTOPEN_CONNECT, as an
alternative way to perform Fast Open on the active side (client). Prior
to this patch, a client needs to replace the connect() call with
sendto(MSG_FASTOPEN). This can be cumbersome for applications who want
to use Fast Open: these socket operations are often done in lower layer
libraries used by many other applications. Changing these libraries
and/or the socket call sequences are not trivial. A more convenient
approach is to perform Fast Open by simply enabling a socket option when
the socket is created w/o changing other socket calls sequence:
s = socket()
create a new socket
setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT …);
newly introduced sockopt
If set, new functionality described below will be used.
Return ENOTSUPP if TFO is not supported or not enabled in the
kernel.
connect()
With cookie present, return 0 immediately.
With no cookie, initiate 3WHS with TFO cookie-request option and
return -1 with errno = EINPROGRESS.
write()/sendmsg()
With cookie present, send out SYN with data and return the number of
bytes buffered.
With no cookie, and 3WHS not yet completed, return -1 with errno =
EINPROGRESS.
No MSG_FASTOPEN flag is needed.
read()
Return -1 with errno = EWOULDBLOCK/EAGAIN if connect() is called but
write() is not called yet.
Return -1 with errno = EWOULDBLOCK/EAGAIN if connection is
established but no msg is received yet.
Return number of bytes read if socket is established and there is
msg received.
The new API simplifies life for applications that always perform a write()
immediately after a successful connect(). Such applications can now take
advantage of Fast Open by merely making one new setsockopt() call at the time
of creating the socket. Nothing else about the application's socket call
sequence needs to change.
Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-23 21:59:22 +03:00
else
err = - EALREADY ;
2005-04-17 02:20:36 +04:00
/* Fall out of switch with err, set for this state */
break ;
case SS_UNCONNECTED :
err = - EISCONN ;
if ( sk - > sk_state ! = TCP_CLOSE )
goto out ;
2018-03-31 01:08:05 +03:00
if ( BPF_CGROUP_PRE_CONNECT_ENABLED ( sk ) ) {
err = sk - > sk_prot - > pre_connect ( sk , uaddr , addr_len ) ;
if ( err )
goto out ;
}
2005-04-17 02:20:36 +04:00
err = sk - > sk_prot - > connect ( sk , uaddr , addr_len ) ;
if ( err < 0 )
goto out ;
2007-02-09 17:24:47 +03:00
sock - > state = SS_CONNECTING ;
2005-04-17 02:20:36 +04:00
net/tcp-fastopen: Add new API support
This patch adds a new socket option, TCP_FASTOPEN_CONNECT, as an
alternative way to perform Fast Open on the active side (client). Prior
to this patch, a client needs to replace the connect() call with
sendto(MSG_FASTOPEN). This can be cumbersome for applications who want
to use Fast Open: these socket operations are often done in lower layer
libraries used by many other applications. Changing these libraries
and/or the socket call sequences are not trivial. A more convenient
approach is to perform Fast Open by simply enabling a socket option when
the socket is created w/o changing other socket calls sequence:
s = socket()
create a new socket
setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT …);
newly introduced sockopt
If set, new functionality described below will be used.
Return ENOTSUPP if TFO is not supported or not enabled in the
kernel.
connect()
With cookie present, return 0 immediately.
With no cookie, initiate 3WHS with TFO cookie-request option and
return -1 with errno = EINPROGRESS.
write()/sendmsg()
With cookie present, send out SYN with data and return the number of
bytes buffered.
With no cookie, and 3WHS not yet completed, return -1 with errno =
EINPROGRESS.
No MSG_FASTOPEN flag is needed.
read()
Return -1 with errno = EWOULDBLOCK/EAGAIN if connect() is called but
write() is not called yet.
Return -1 with errno = EWOULDBLOCK/EAGAIN if connection is
established but no msg is received yet.
Return number of bytes read if socket is established and there is
msg received.
The new API simplifies life for applications that always perform a write()
immediately after a successful connect(). Such applications can now take
advantage of Fast Open by merely making one new setsockopt() call at the time
of creating the socket. Nothing else about the application's socket call
sequence needs to change.
Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-23 21:59:22 +03:00
if ( ! err & & inet_sk ( sk ) - > defer_connect )
goto out ;
2005-04-17 02:20:36 +04:00
/* Just entered SS_CONNECTING state; the only
* difference is that return value in non - blocking
* case is EINPROGRESS , rather than EALREADY .
*/
err = - EINPROGRESS ;
break ;
}
timeo = sock_sndtimeo ( sk , flags & O_NONBLOCK ) ;
if ( ( 1 < < sk - > sk_state ) & ( TCPF_SYN_SENT | TCPF_SYN_RECV ) ) {
2012-07-19 10:43:07 +04:00
int writebias = ( sk - > sk_protocol = = IPPROTO_TCP ) & &
tcp_sk ( sk ) - > fastopen_req & &
tcp_sk ( sk ) - > fastopen_req - > data ? 1 : 0 ;
2005-04-17 02:20:36 +04:00
/* Error code is set above */
2012-07-19 10:43:07 +04:00
if ( ! timeo | | ! inet_wait_for_connect ( sk , timeo , writebias ) )
2005-04-17 02:20:36 +04:00
goto out ;
err = sock_intr_errno ( timeo ) ;
if ( signal_pending ( current ) )
goto out ;
}
/* Connection was closed by RST, timeout, ICMP error
* or another process disconnected us .
*/
if ( sk - > sk_state = = TCP_CLOSE )
goto sock_error ;
/* sk->sk_err may be not zero now, if RECVERR was ordered by user
* and error was received after socket entered established state .
* Hence , it is handled normally after connect ( ) return successfully .
*/
sock - > state = SS_CONNECTED ;
err = 0 ;
out :
return err ;
sock_error :
err = sock_error ( sk ) ? : - ECONNABORTED ;
sock - > state = SS_UNCONNECTED ;
if ( sk - > sk_prot - > disconnect ( sk , flags ) )
sock - > state = SS_DISCONNECTING ;
goto out ;
}
2012-07-19 10:43:09 +04:00
EXPORT_SYMBOL ( __inet_stream_connect ) ;
int inet_stream_connect ( struct socket * sock , struct sockaddr * uaddr ,
int addr_len , int flags )
{
int err ;
lock_sock ( sock - > sk ) ;
2017-01-25 16:42:46 +03:00
err = __inet_stream_connect ( sock , uaddr , addr_len , flags , 0 ) ;
2012-07-19 10:43:09 +04:00
release_sock ( sock - > sk ) ;
return err ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_stream_connect ) ;
2005-04-17 02:20:36 +04:00
/*
* Accept a pending connection . The TCP layer now gives BSD semantics .
*/
2017-03-09 11:09:05 +03:00
int inet_accept ( struct socket * sock , struct socket * newsock , int flags ,
bool kern )
2005-04-17 02:20:36 +04:00
{
struct sock * sk1 = sock - > sk ;
int err = - EINVAL ;
2017-03-09 11:09:05 +03:00
struct sock * sk2 = sk1 - > sk_prot - > accept ( sk1 , flags , & err , kern ) ;
2005-04-17 02:20:36 +04:00
if ( ! sk2 )
goto do_err ;
lock_sock ( sk2 ) ;
net: rfs: enable RFS before first data packet is received
Le jeudi 16 juin 2011 à 23:38 -0400, David Miller a écrit :
> From: Ben Hutchings <bhutchings@solarflare.com>
> Date: Fri, 17 Jun 2011 00:50:46 +0100
>
> > On Wed, 2011-06-15 at 04:15 +0200, Eric Dumazet wrote:
> >> @@ -1594,6 +1594,7 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
> >> goto discard;
> >>
> >> if (nsk != sk) {
> >> + sock_rps_save_rxhash(nsk, skb->rxhash);
> >> if (tcp_child_process(sk, nsk, skb)) {
> >> rsk = nsk;
> >> goto reset;
> >>
> >
> > I haven't tried this, but it looks reasonable to me.
> >
> > What about IPv6? The logic in tcp_v6_do_rcv() looks very similar.
>
> Indeed ipv6 side needs the same fix.
>
> Eric please add that part and resubmit. And in fact I might stick
> this into net-2.6 instead of net-next-2.6
>
OK, here is the net-2.6 based one then, thanks !
[PATCH v2] net: rfs: enable RFS before first data packet is received
First packet received on a passive tcp flow is not correctly RFS
steered.
One sock_rps_record_flow() call is missing in inet_accept()
But before that, we also must record rxhash when child socket is setup.
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
CC: Tom Herbert <therbert@google.com>
CC: Ben Hutchings <bhutchings@solarflare.com>
CC: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: David S. Miller <davem@conan.davemloft.net>
2011-06-17 07:45:15 +04:00
sock_rps_record_flow ( sk2 ) ;
2008-07-26 08:43:18 +04:00
WARN_ON ( ! ( ( 1 < < sk2 - > sk_state ) &
2012-08-31 16:29:12 +04:00
( TCPF_ESTABLISHED | TCPF_SYN_RECV |
TCPF_CLOSE_WAIT | TCPF_CLOSE ) ) ) ;
2005-04-17 02:20:36 +04:00
sock_graft ( sk2 , newsock ) ;
newsock - > state = SS_CONNECTED ;
err = 0 ;
release_sock ( sk2 ) ;
do_err :
return err ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_accept ) ;
2005-04-17 02:20:36 +04:00
/*
* This does both peername and sockname .
*/
int inet_getname ( struct socket * sock , struct sockaddr * uaddr ,
bpf: Add get{peer, sock}name attach types for sock_addr
As stated in 983695fa6765 ("bpf: fix unconnected udp hooks"), the objective
for the existing cgroup connect/sendmsg/recvmsg/bind BPF hooks is to be
transparent to applications. In Cilium we make use of these hooks [0] in
order to enable E-W load balancing for existing Kubernetes service types
for all Cilium managed nodes in the cluster. Those backends can be local
or remote. The main advantage of this approach is that it operates as close
as possible to the socket, and therefore allows to avoid packet-based NAT
given in connect/sendmsg/recvmsg hooks we only need to xlate sock addresses.
This also allows to expose NodePort services on loopback addresses in the
host namespace, for example. As another advantage, this also efficiently
blocks bind requests for applications in the host namespace for exposed
ports. However, one missing item is that we also need to perform reverse
xlation for inet{,6}_getname() hooks such that we can return the service
IP/port tuple back to the application instead of the remote peer address.
The vast majority of applications does not bother about getpeername(), but
in a few occasions we've seen breakage when validating the peer's address
since it returns unexpectedly the backend tuple instead of the service one.
Therefore, this trivial patch allows to customise and adds a getpeername()
as well as getsockname() BPF cgroup hook for both IPv4 and IPv6 in order
to address this situation.
Simple example:
# ./cilium/cilium service list
ID Frontend Service Type Backend
1 1.2.3.4:80 ClusterIP 1 => 10.0.0.10:80
Before; curl's verbose output example, no getpeername() reverse xlation:
# curl --verbose 1.2.3.4
* Rebuilt URL to: 1.2.3.4/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to 1.2.3.4 (10.0.0.10) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.2.3.4
> User-Agent: curl/7.58.0
> Accept: */*
[...]
After; with getpeername() reverse xlation:
# curl --verbose 1.2.3.4
* Rebuilt URL to: 1.2.3.4/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to 1.2.3.4 (1.2.3.4) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.2.3.4
> User-Agent: curl/7.58.0
> Accept: */*
[...]
Originally, I had both under a BPF_CGROUP_INET{4,6}_GETNAME type and exposed
peer to the context similar as in inet{,6}_getname() fashion, but API-wise
this is suboptimal as it always enforces programs having to test for ctx->peer
which can easily be missed, hence BPF_CGROUP_INET{4,6}_GET{PEER,SOCK}NAME split.
Similarly, the checked return code is on tnum_range(1, 1), but if a use case
comes up in future, it can easily be changed to return an error code instead.
Helper and ctx member access is the same as with connect/sendmsg/etc hooks.
[0] https://github.com/cilium/cilium/blob/master/bpf/bpf_sock.c
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Andrii Nakryiko <andriin@fb.com>
Acked-by: Andrey Ignatov <rdna@fb.com>
Link: https://lore.kernel.org/bpf/61a479d759b2482ae3efb45546490bacd796a220.1589841594.git.daniel@iogearbox.net
2020-05-19 01:45:45 +03:00
int peer )
2005-04-17 02:20:36 +04:00
{
struct sock * sk = sock - > sk ;
struct inet_sock * inet = inet_sk ( sk ) ;
2009-10-29 12:59:18 +03:00
DECLARE_SOCKADDR ( struct sockaddr_in * , sin , uaddr ) ;
2005-04-17 02:20:36 +04:00
sin - > sin_family = AF_INET ;
2021-10-27 00:30:14 +03:00
lock_sock ( sk ) ;
2005-04-17 02:20:36 +04:00
if ( peer ) {
2009-10-15 10:30:45 +04:00
if ( ! inet - > inet_dport | |
2005-04-17 02:20:36 +04:00
( ( ( 1 < < sk - > sk_state ) & ( TCPF_CLOSE | TCPF_SYN_SENT ) ) & &
2021-10-27 00:30:14 +03:00
peer = = 1 ) ) {
release_sock ( sk ) ;
2005-04-17 02:20:36 +04:00
return - ENOTCONN ;
2021-10-27 00:30:14 +03:00
}
2009-10-15 10:30:45 +04:00
sin - > sin_port = inet - > inet_dport ;
sin - > sin_addr . s_addr = inet - > inet_daddr ;
2021-10-27 00:30:14 +03:00
BPF_CGROUP_RUN_SA_PROG ( sk , ( struct sockaddr * ) sin ,
CGROUP_INET4_GETPEERNAME ) ;
2005-04-17 02:20:36 +04:00
} else {
2009-10-15 10:30:45 +04:00
__be32 addr = inet - > inet_rcv_saddr ;
2005-04-17 02:20:36 +04:00
if ( ! addr )
2009-10-15 10:30:45 +04:00
addr = inet - > inet_saddr ;
sin - > sin_port = inet - > inet_sport ;
2005-04-17 02:20:36 +04:00
sin - > sin_addr . s_addr = addr ;
2021-10-27 00:30:14 +03:00
BPF_CGROUP_RUN_SA_PROG ( sk , ( struct sockaddr * ) sin ,
CGROUP_INET4_GETSOCKNAME ) ;
2021-01-15 19:35:01 +03:00
}
2021-10-27 00:30:14 +03:00
release_sock ( sk ) ;
2005-04-17 02:20:36 +04:00
memset ( sin - > sin_zero , 0 , sizeof ( sin - > sin_zero ) ) ;
2018-02-12 22:00:20 +03:00
return sizeof ( * sin ) ;
2005-04-17 02:20:36 +04:00
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_getname ) ;
2005-04-17 02:20:36 +04:00
2019-07-03 17:06:52 +03:00
int inet_send_prepare ( struct sock * sk )
2005-04-17 02:20:36 +04:00
{
2010-04-28 02:05:31 +04:00
sock_rps_record_flow ( sk ) ;
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
2005-04-17 02:20:36 +04:00
/* We may need to bind the socket. */
2021-06-09 10:59:45 +03:00
if ( data_race ( ! inet_sk ( sk ) - > inet_num ) & & ! sk - > sk_prot - > no_autobind & &
2010-07-11 00:41:55 +04:00
inet_autobind ( sk ) )
2005-04-17 02:20:36 +04:00
return - EAGAIN ;
2019-07-03 17:06:52 +03:00
return 0 ;
}
EXPORT_SYMBOL_GPL ( inet_send_prepare ) ;
int inet_sendmsg ( struct socket * sock , struct msghdr * msg , size_t size )
{
struct sock * sk = sock - > sk ;
if ( unlikely ( inet_send_prepare ( sk ) ) )
return - EAGAIN ;
2019-07-03 17:06:56 +03:00
return INDIRECT_CALL_2 ( sk - > sk_prot - > sendmsg , tcp_sendmsg , udp_sendmsg ,
sk , msg , size ) ;
2005-04-17 02:20:36 +04:00
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_sendmsg ) ;
2005-04-17 02:20:36 +04:00
2010-07-11 00:41:55 +04:00
ssize_t inet_sendpage ( struct socket * sock , struct page * page , int offset ,
size_t size , int flags )
2005-04-17 02:20:36 +04:00
{
struct sock * sk = sock - > sk ;
2019-07-03 17:06:52 +03:00
if ( unlikely ( inet_send_prepare ( sk ) ) )
2005-04-17 02:20:36 +04:00
return - EAGAIN ;
if ( sk - > sk_prot - > sendpage )
return sk - > sk_prot - > sendpage ( sk , page , offset , size , flags ) ;
return sock_no_sendpage ( sock , page , offset , size , flags ) ;
}
2010-07-11 00:41:55 +04:00
EXPORT_SYMBOL ( inet_sendpage ) ;
2005-04-17 02:20:36 +04:00
2019-07-03 17:06:56 +03:00
INDIRECT_CALLABLE_DECLARE ( int udp_recvmsg ( struct sock * , struct msghdr * ,
net: remove noblock parameter from recvmsg() entities
The internal recvmsg() functions have two parameters 'flags' and 'noblock'
that were merged inside skb_recv_datagram(). As a follow up patch to commit
f4b41f062c42 ("net: remove noblock parameter from skb_recv_datagram()")
this patch removes the separate 'noblock' parameter for recvmsg().
Analogue to the referenced patch for skb_recv_datagram() the 'flags' and
'noblock' parameters are unnecessarily split up with e.g.
err = sk->sk_prot->recvmsg(sk, msg, size, flags & MSG_DONTWAIT,
flags & ~MSG_DONTWAIT, &addr_len);
or in
err = INDIRECT_CALL_2(sk->sk_prot->recvmsg, tcp_recvmsg, udp_recvmsg,
sk, msg, size, flags & MSG_DONTWAIT,
flags & ~MSG_DONTWAIT, &addr_len);
instead of simply using only flags all the time and check for MSG_DONTWAIT
where needed (to preserve for the formerly separated no(n)block condition).
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
Link: https://lore.kernel.org/r/20220411124955.154876-1-socketcan@hartkopp.net
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2022-04-11 15:49:55 +03:00
size_t , int , int * ) ) ;
2015-03-02 10:37:48 +03:00
int inet_recvmsg ( struct socket * sock , struct msghdr * msg , size_t size ,
int flags )
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
{
struct sock * sk = sock - > sk ;
int addr_len = 0 ;
int err ;
2018-01-04 05:47:10 +03:00
if ( likely ( ! ( flags & MSG_ERRQUEUE ) ) )
sock_rps_record_flow ( sk ) ;
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
2019-07-03 17:06:56 +03:00
err = INDIRECT_CALL_2 ( sk - > sk_prot - > recvmsg , tcp_recvmsg , udp_recvmsg ,
net: remove noblock parameter from recvmsg() entities
The internal recvmsg() functions have two parameters 'flags' and 'noblock'
that were merged inside skb_recv_datagram(). As a follow up patch to commit
f4b41f062c42 ("net: remove noblock parameter from skb_recv_datagram()")
this patch removes the separate 'noblock' parameter for recvmsg().
Analogue to the referenced patch for skb_recv_datagram() the 'flags' and
'noblock' parameters are unnecessarily split up with e.g.
err = sk->sk_prot->recvmsg(sk, msg, size, flags & MSG_DONTWAIT,
flags & ~MSG_DONTWAIT, &addr_len);
or in
err = INDIRECT_CALL_2(sk->sk_prot->recvmsg, tcp_recvmsg, udp_recvmsg,
sk, msg, size, flags & MSG_DONTWAIT,
flags & ~MSG_DONTWAIT, &addr_len);
instead of simply using only flags all the time and check for MSG_DONTWAIT
where needed (to preserve for the formerly separated no(n)block condition).
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
Link: https://lore.kernel.org/r/20220411124955.154876-1-socketcan@hartkopp.net
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2022-04-11 15:49:55 +03:00
sk , msg , size , flags , & addr_len ) ;
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
if ( err > = 0 )
msg - > msg_namelen = addr_len ;
return err ;
}
EXPORT_SYMBOL ( inet_recvmsg ) ;
2005-04-17 02:20:36 +04:00
int inet_shutdown ( struct socket * sock , int how )
{
struct sock * sk = sock - > sk ;
int err = 0 ;
/* This should really check to make sure
* the socket is a TCP socket . ( WHY AC . . . )
*/
how + + ; /* maps 0->1 has the advantage of making bit 1 rcvs and
1 - > 2 bit 2 snds .
2 - > 3 */
if ( ( how & ~ SHUTDOWN_MASK ) | | ! how ) /* MAXINT->0 */
return - EINVAL ;
lock_sock ( sk ) ;
if ( sock - > state = = SS_CONNECTING ) {
if ( ( 1 < < sk - > sk_state ) &
( TCPF_SYN_SENT | TCPF_SYN_RECV | TCPF_CLOSE ) )
sock - > state = SS_DISCONNECTING ;
else
sock - > state = SS_CONNECTED ;
}
switch ( sk - > sk_state ) {
case TCP_CLOSE :
err = - ENOTCONN ;
/* Hack to wake up other listeners, who can poll for
2018-02-12 01:34:03 +03:00
EPOLLHUP , even on eg . unconnected UDP sockets - - RR */
2020-03-13 01:50:22 +03:00
fallthrough ;
2005-04-17 02:20:36 +04:00
default :
sk - > sk_shutdown | = how ;
if ( sk - > sk_prot - > shutdown )
sk - > sk_prot - > shutdown ( sk , how ) ;
break ;
/* Remaining two branches are temporary solution for missing
* close ( ) in multithreaded environment . It is _not_ a good idea ,
* but we have no choice until close ( ) is repaired at VFS level .
*/
case TCP_LISTEN :
if ( ! ( how & RCV_SHUTDOWN ) )
break ;
2020-03-13 01:50:22 +03:00
fallthrough ;
2005-04-17 02:20:36 +04:00
case TCP_SYN_SENT :
err = sk - > sk_prot - > disconnect ( sk , O_NONBLOCK ) ;
sock - > state = err ? SS_DISCONNECTING : SS_UNCONNECTED ;
break ;
}
/* Wake up anyone sleeping in poll. */
sk - > sk_state_change ( sk ) ;
release_sock ( sk ) ;
return err ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_shutdown ) ;
2005-04-17 02:20:36 +04:00
/*
* ioctl ( ) calls you can issue on an INET socket . Most of these are
* device configuration and stuff and very rarely used . Some ioctls
* pass on to the socket itself .
*
* NOTE : I like the idea of a module for the config stuff . ie ifconfig
* loads the devconfigure module does its configuring and unloads it .
* There ' s a good 20 K of config code hanging around the kernel .
*/
int inet_ioctl ( struct socket * sock , unsigned int cmd , unsigned long arg )
{
struct sock * sk = sock - > sk ;
int err = 0 ;
2008-03-25 20:26:21 +03:00
struct net * net = sock_net ( sk ) ;
2017-07-01 14:53:12 +03:00
void __user * p = ( void __user * ) arg ;
struct ifreq ifr ;
2017-07-01 15:03:10 +03:00
struct rtentry rt ;
2005-04-17 02:20:36 +04:00
switch ( cmd ) {
2009-08-29 10:45:21 +04:00
case SIOCADDRT :
case SIOCDELRT :
2017-07-01 15:03:10 +03:00
if ( copy_from_user ( & rt , p , sizeof ( struct rtentry ) ) )
return - EFAULT ;
err = ip_rt_ioctl ( net , cmd , & rt ) ;
break ;
2009-08-29 10:45:21 +04:00
case SIOCRTMSG :
2017-07-01 15:03:10 +03:00
err = - EINVAL ;
2009-08-29 10:45:21 +04:00
break ;
case SIOCDARP :
case SIOCGARP :
case SIOCSARP :
err = arp_ioctl ( net , cmd , ( void __user * ) arg ) ;
break ;
case SIOCGIFADDR :
case SIOCGIFBRDADDR :
case SIOCGIFNETMASK :
case SIOCGIFDSTADDR :
2017-07-01 14:53:12 +03:00
case SIOCGIFPFLAGS :
net: socket: rework compat_ifreq_ioctl()
compat_ifreq_ioctl() is one of the last users of copy_in_user() and
compat_alloc_user_space(), as it attempts to convert the 'struct ifreq'
arguments from 32-bit to 64-bit format as used by dev_ioctl() and a
couple of socket family specific interpretations.
The current implementation works correctly when calling dev_ioctl(),
inet_ioctl(), ieee802154_sock_ioctl(), atalk_ioctl(), qrtr_ioctl()
and packet_ioctl(). The ioctl handlers for x25, netrom, rose and x25 do
not interpret the arguments and only block the corresponding commands,
so they do not care.
For af_inet6 and af_decnet however, the compat conversion is slightly
incorrect, as it will copy more data than the native handler accesses,
both of them use a structure that is shorter than ifreq.
Replace the copy_in_user() conversion with a pair of accessor functions
to read and write the ifreq data in place with the correct length where
needed, while leaving the other ones to copy the (already compatible)
structures directly.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-07-22 17:29:03 +03:00
if ( get_user_ifreq ( & ifr , NULL , p ) )
2017-07-01 14:53:12 +03:00
return - EFAULT ;
err = devinet_ioctl ( net , cmd , & ifr ) ;
net: socket: rework compat_ifreq_ioctl()
compat_ifreq_ioctl() is one of the last users of copy_in_user() and
compat_alloc_user_space(), as it attempts to convert the 'struct ifreq'
arguments from 32-bit to 64-bit format as used by dev_ioctl() and a
couple of socket family specific interpretations.
The current implementation works correctly when calling dev_ioctl(),
inet_ioctl(), ieee802154_sock_ioctl(), atalk_ioctl(), qrtr_ioctl()
and packet_ioctl(). The ioctl handlers for x25, netrom, rose and x25 do
not interpret the arguments and only block the corresponding commands,
so they do not care.
For af_inet6 and af_decnet however, the compat conversion is slightly
incorrect, as it will copy more data than the native handler accesses,
both of them use a structure that is shorter than ifreq.
Replace the copy_in_user() conversion with a pair of accessor functions
to read and write the ifreq data in place with the correct length where
needed, while leaving the other ones to copy the (already compatible)
structures directly.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-07-22 17:29:03 +03:00
if ( ! err & & put_user_ifreq ( & ifr , p ) )
2017-07-01 14:53:12 +03:00
err = - EFAULT ;
break ;
case SIOCSIFADDR :
case SIOCSIFBRDADDR :
case SIOCSIFNETMASK :
2009-08-29 10:45:21 +04:00
case SIOCSIFDSTADDR :
case SIOCSIFPFLAGS :
case SIOCSIFFLAGS :
net: socket: rework compat_ifreq_ioctl()
compat_ifreq_ioctl() is one of the last users of copy_in_user() and
compat_alloc_user_space(), as it attempts to convert the 'struct ifreq'
arguments from 32-bit to 64-bit format as used by dev_ioctl() and a
couple of socket family specific interpretations.
The current implementation works correctly when calling dev_ioctl(),
inet_ioctl(), ieee802154_sock_ioctl(), atalk_ioctl(), qrtr_ioctl()
and packet_ioctl(). The ioctl handlers for x25, netrom, rose and x25 do
not interpret the arguments and only block the corresponding commands,
so they do not care.
For af_inet6 and af_decnet however, the compat conversion is slightly
incorrect, as it will copy more data than the native handler accesses,
both of them use a structure that is shorter than ifreq.
Replace the copy_in_user() conversion with a pair of accessor functions
to read and write the ifreq data in place with the correct length where
needed, while leaving the other ones to copy the (already compatible)
structures directly.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-07-22 17:29:03 +03:00
if ( get_user_ifreq ( & ifr , NULL , p ) )
2017-07-01 14:53:12 +03:00
return - EFAULT ;
err = devinet_ioctl ( net , cmd , & ifr ) ;
2009-08-29 10:45:21 +04:00
break ;
default :
if ( sk - > sk_prot - > ioctl )
err = sk - > sk_prot - > ioctl ( sk , cmd , arg ) ;
else
err = - ENOIOCTLCMD ;
break ;
2005-04-17 02:20:36 +04:00
}
return err ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_ioctl ) ;
2005-04-17 02:20:36 +04:00
2011-01-29 19:15:56 +03:00
# ifdef CONFIG_COMPAT
2020-05-18 09:28:08 +03:00
static int inet_compat_routing_ioctl ( struct sock * sk , unsigned int cmd ,
struct compat_rtentry __user * ur )
{
compat_uptr_t rtdev ;
struct rtentry rt ;
if ( copy_from_user ( & rt . rt_dst , & ur - > rt_dst ,
3 * sizeof ( struct sockaddr ) ) | |
get_user ( rt . rt_flags , & ur - > rt_flags ) | |
get_user ( rt . rt_metric , & ur - > rt_metric ) | |
get_user ( rt . rt_mtu , & ur - > rt_mtu ) | |
get_user ( rt . rt_window , & ur - > rt_window ) | |
get_user ( rt . rt_irtt , & ur - > rt_irtt ) | |
get_user ( rtdev , & ur - > rt_dev ) )
return - EFAULT ;
rt . rt_dev = compat_ptr ( rtdev ) ;
return ip_rt_ioctl ( sock_net ( sk ) , cmd , & rt ) ;
}
2011-10-15 13:26:56 +04:00
static int inet_compat_ioctl ( struct socket * sock , unsigned int cmd , unsigned long arg )
2011-01-29 19:15:56 +03:00
{
2020-05-18 09:28:08 +03:00
void __user * argp = compat_ptr ( arg ) ;
2011-01-29 19:15:56 +03:00
struct sock * sk = sock - > sk ;
2020-05-18 09:28:08 +03:00
switch ( cmd ) {
case SIOCADDRT :
case SIOCDELRT :
return inet_compat_routing_ioctl ( sk , cmd , argp ) ;
default :
if ( ! sk - > sk_prot - > compat_ioctl )
return - ENOIOCTLCMD ;
return sk - > sk_prot - > compat_ioctl ( sk , cmd , arg ) ;
}
2011-01-29 19:15:56 +03:00
}
2020-05-18 09:28:08 +03:00
# endif /* CONFIG_COMPAT */
2011-01-29 19:15:56 +03:00
2005-12-22 23:49:22 +03:00
const struct proto_ops inet_stream_ops = {
2006-03-21 09:48:35 +03:00
. family = PF_INET ,
. owner = THIS_MODULE ,
. release = inet_release ,
. bind = inet_bind ,
. connect = inet_stream_connect ,
. socketpair = sock_no_socketpair ,
. accept = inet_accept ,
. getname = inet_getname ,
2018-06-28 19:43:44 +03:00
. poll = tcp_poll ,
2006-03-21 09:48:35 +03:00
. ioctl = inet_ioctl ,
2019-04-17 23:51:48 +03:00
. gettstamp = sock_gettstamp ,
2006-03-21 09:48:35 +03:00
. listen = inet_listen ,
. shutdown = inet_shutdown ,
. setsockopt = sock_common_setsockopt ,
. getsockopt = sock_common_getsockopt ,
2010-07-11 00:41:55 +04:00
. sendmsg = inet_sendmsg ,
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
. recvmsg = inet_recvmsg ,
tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
When adding tcp mmap() implementation, I forgot that socket lock
had to be taken before current->mm->mmap_sem. syzbot eventually caught
the bug.
Since we can not lock the socket in tcp mmap() handler we have to
split the operation in two phases.
1) mmap() on a tcp socket simply reserves VMA space, and nothing else.
This operation does not involve any TCP locking.
2) getsockopt(fd, IPPROTO_TCP, TCP_ZEROCOPY_RECEIVE, ...) implements
the transfert of pages from skbs to one VMA.
This operation only uses down_read(¤t->mm->mmap_sem) after
holding TCP lock, thus solving the lockdep issue.
This new implementation was suggested by Andy Lutomirski with great details.
Benefits are :
- Better scalability, in case multiple threads reuse VMAS
(without mmap()/munmap() calls) since mmap_sem wont be write locked.
- Better error recovery.
The previous mmap() model had to provide the expected size of the
mapping. If for some reason one part could not be mapped (partial MSS),
the whole operation had to be aborted.
With the tcp_zerocopy_receive struct, kernel can report how
many bytes were successfuly mapped, and how many bytes should
be read to skip the problematic sequence.
- No more memory allocation to hold an array of page pointers.
16 MB mappings needed 32 KB for this array, potentially using vmalloc() :/
- skbs are freed while mmap_sem has been released
Following patch makes the change in tcp_mmap tool to demonstrate
one possible use of mmap() and setsockopt(... TCP_ZEROCOPY_RECEIVE ...)
Note that memcg might require additional changes.
Fixes: 93ab6cc69162 ("tcp: implement mmap() for zero copy receive")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Suggested-by: Andy Lutomirski <luto@kernel.org>
Cc: linux-mm@kvack.org
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-04-27 18:58:08 +03:00
# ifdef CONFIG_MMU
tcp: implement mmap() for zero copy receive
Some networks can make sure TCP payload can exactly fit 4KB pages,
with well chosen MSS/MTU and architectures.
Implement mmap() system call so that applications can avoid
copying data without complex splice() games.
Note that a successful mmap( X bytes) on TCP socket is consuming
bytes, as if recvmsg() has been done. (tp->copied += X)
Only PROT_READ mappings are accepted, as skb page frags
are fundamentally shared and read only.
If tcp_mmap() finds data that is not a full page, or a patch of
urgent data, -EINVAL is returned, no bytes are consumed.
Application must fallback to recvmsg() to read the problematic sequence.
mmap() wont block, regardless of socket being in blocking or
non-blocking mode. If not enough bytes are in receive queue,
mmap() would return -EAGAIN, or -EIO if socket is in a state
where no other bytes can be added into receive queue.
An application might use SO_RCVLOWAT, poll() and/or ioctl( FIONREAD)
to efficiently use mmap()
On the sender side, MSG_EOR might help to clearly separate unaligned
headers and 4K-aligned chunks if necessary.
Tested:
mlx4 (cx-3) 40Gbit NIC, with tcp_mmap program provided in following patch.
MTU set to 4168 (4096 TCP payload, 40 bytes IPv6 header, 32 bytes TCP header)
Without mmap() (tcp_mmap -s)
received 32768 MB (0 % mmap'ed) in 8.13342 s, 33.7961 Gbit,
cpu usage user:0.034 sys:3.778, 116.333 usec per MB, 63062 c-switches
received 32768 MB (0 % mmap'ed) in 8.14501 s, 33.748 Gbit,
cpu usage user:0.029 sys:3.997, 122.864 usec per MB, 61903 c-switches
received 32768 MB (0 % mmap'ed) in 8.11723 s, 33.8635 Gbit,
cpu usage user:0.048 sys:3.964, 122.437 usec per MB, 62983 c-switches
received 32768 MB (0 % mmap'ed) in 8.39189 s, 32.7552 Gbit,
cpu usage user:0.038 sys:4.181, 128.754 usec per MB, 55834 c-switches
With mmap() on receiver (tcp_mmap -s -z)
received 32768 MB (100 % mmap'ed) in 8.03083 s, 34.2278 Gbit,
cpu usage user:0.024 sys:1.466, 45.4712 usec per MB, 65479 c-switches
received 32768 MB (100 % mmap'ed) in 7.98805 s, 34.4111 Gbit,
cpu usage user:0.026 sys:1.401, 43.5486 usec per MB, 65447 c-switches
received 32768 MB (100 % mmap'ed) in 7.98377 s, 34.4296 Gbit,
cpu usage user:0.028 sys:1.452, 45.166 usec per MB, 65496 c-switches
received 32768 MB (99.9969 % mmap'ed) in 8.01838 s, 34.281 Gbit,
cpu usage user:0.02 sys:1.446, 44.7388 usec per MB, 65505 c-switches
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-04-16 20:33:38 +03:00
. mmap = tcp_mmap ,
tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
When adding tcp mmap() implementation, I forgot that socket lock
had to be taken before current->mm->mmap_sem. syzbot eventually caught
the bug.
Since we can not lock the socket in tcp mmap() handler we have to
split the operation in two phases.
1) mmap() on a tcp socket simply reserves VMA space, and nothing else.
This operation does not involve any TCP locking.
2) getsockopt(fd, IPPROTO_TCP, TCP_ZEROCOPY_RECEIVE, ...) implements
the transfert of pages from skbs to one VMA.
This operation only uses down_read(¤t->mm->mmap_sem) after
holding TCP lock, thus solving the lockdep issue.
This new implementation was suggested by Andy Lutomirski with great details.
Benefits are :
- Better scalability, in case multiple threads reuse VMAS
(without mmap()/munmap() calls) since mmap_sem wont be write locked.
- Better error recovery.
The previous mmap() model had to provide the expected size of the
mapping. If for some reason one part could not be mapped (partial MSS),
the whole operation had to be aborted.
With the tcp_zerocopy_receive struct, kernel can report how
many bytes were successfuly mapped, and how many bytes should
be read to skip the problematic sequence.
- No more memory allocation to hold an array of page pointers.
16 MB mappings needed 32 KB for this array, potentially using vmalloc() :/
- skbs are freed while mmap_sem has been released
Following patch makes the change in tcp_mmap tool to demonstrate
one possible use of mmap() and setsockopt(... TCP_ZEROCOPY_RECEIVE ...)
Note that memcg might require additional changes.
Fixes: 93ab6cc69162 ("tcp: implement mmap() for zero copy receive")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Suggested-by: Andy Lutomirski <luto@kernel.org>
Cc: linux-mm@kvack.org
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-04-27 18:58:08 +03:00
# endif
2010-07-11 00:41:55 +04:00
. sendpage = inet_sendpage ,
2007-11-07 10:30:13 +03:00
. splice_read = tcp_splice_read ,
2016-08-29 00:43:18 +03:00
. read_sock = tcp_read_sock ,
2022-06-15 19:20:12 +03:00
. read_skb = tcp_read_skb ,
2017-07-29 02:22:41 +03:00
. sendmsg_locked = tcp_sendmsg_locked ,
. sendpage_locked = tcp_sendpage_locked ,
2016-08-29 00:43:18 +03:00
. peek_len = tcp_peek_len ,
2006-03-21 09:45:21 +03:00
# ifdef CONFIG_COMPAT
2011-01-29 19:15:56 +03:00
. compat_ioctl = inet_compat_ioctl ,
2006-03-21 09:45:21 +03:00
# endif
2018-04-16 20:33:35 +03:00
. set_rcvlowat = tcp_set_rcvlowat ,
2005-04-17 02:20:36 +04:00
} ;
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_stream_ops ) ;
2005-04-17 02:20:36 +04:00
2005-12-22 23:49:22 +03:00
const struct proto_ops inet_dgram_ops = {
2006-03-21 09:48:35 +03:00
. family = PF_INET ,
. owner = THIS_MODULE ,
. release = inet_release ,
. bind = inet_bind ,
. connect = inet_dgram_connect ,
. socketpair = sock_no_socketpair ,
. accept = sock_no_accept ,
. getname = inet_getname ,
2018-06-28 19:43:44 +03:00
. poll = udp_poll ,
2006-03-21 09:48:35 +03:00
. ioctl = inet_ioctl ,
2019-04-17 23:51:48 +03:00
. gettstamp = sock_gettstamp ,
2006-03-21 09:48:35 +03:00
. listen = sock_no_listen ,
. shutdown = inet_shutdown ,
. setsockopt = sock_common_setsockopt ,
. getsockopt = sock_common_getsockopt ,
. sendmsg = inet_sendmsg ,
2022-06-15 19:20:12 +03:00
. read_skb = udp_read_skb ,
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
. recvmsg = inet_recvmsg ,
2006-03-21 09:48:35 +03:00
. mmap = sock_no_mmap ,
. sendpage = inet_sendpage ,
2016-04-05 19:41:16 +03:00
. set_peek_off = sk_set_peek_off ,
2006-03-21 09:45:21 +03:00
# ifdef CONFIG_COMPAT
2011-01-29 19:15:56 +03:00
. compat_ioctl = inet_compat_ioctl ,
2006-03-21 09:45:21 +03:00
# endif
2005-04-17 02:20:36 +04:00
} ;
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_dgram_ops ) ;
2005-04-17 02:20:36 +04:00
/*
* For SOCK_RAW sockets ; should be the same as inet_dgram_ops but without
2018-06-28 19:43:44 +03:00
* udp_poll
2005-04-17 02:20:36 +04:00
*/
2005-12-22 23:49:22 +03:00
static const struct proto_ops inet_sockraw_ops = {
2006-03-21 09:48:35 +03:00
. family = PF_INET ,
. owner = THIS_MODULE ,
. release = inet_release ,
. bind = inet_bind ,
. connect = inet_dgram_connect ,
. socketpair = sock_no_socketpair ,
. accept = sock_no_accept ,
. getname = inet_getname ,
2018-06-28 19:43:44 +03:00
. poll = datagram_poll ,
2006-03-21 09:48:35 +03:00
. ioctl = inet_ioctl ,
2019-04-17 23:51:48 +03:00
. gettstamp = sock_gettstamp ,
2006-03-21 09:48:35 +03:00
. listen = sock_no_listen ,
. shutdown = inet_shutdown ,
. setsockopt = sock_common_setsockopt ,
. getsockopt = sock_common_getsockopt ,
. sendmsg = inet_sendmsg ,
rfs: Receive Flow Steering
This patch implements receive flow steering (RFS). RFS steers
received packets for layer 3 and 4 processing to the CPU where
the application for the corresponding flow is running. RFS is an
extension of Receive Packet Steering (RPS).
The basic idea of RFS is that when an application calls recvmsg
(or sendmsg) the application's running CPU is stored in a hash
table that is indexed by the connection's rxhash which is stored in
the socket structure. The rxhash is passed in skb's received on
the connection from netif_receive_skb. For each received packet,
the associated rxhash is used to look up the CPU in the hash table,
if a valid CPU is set then the packet is steered to that CPU using
the RPS mechanisms.
The convolution of the simple approach is that it would potentially
allow OOO packets. If threads are thrashing around CPUs or multiple
threads are trying to read from the same sockets, a quickly changing
CPU value in the hash table could cause rampant OOO packets--
we consider this a non-starter.
To avoid OOO packets, this solution implements two types of hash
tables: rps_sock_flow_table and rps_dev_flow_table.
rps_sock_table is a global hash table. Each entry is just a CPU
number and it is populated in recvmsg and sendmsg as described above.
This table contains the "desired" CPUs for flows.
rps_dev_flow_table is specific to each device queue. Each entry
contains a CPU and a tail queue counter. The CPU is the "current"
CPU for a matching flow. The tail queue counter holds the value
of a tail queue counter for the associated CPU's backlog queue at
the time of last enqueue for a flow matching the entry.
Each backlog queue has a queue head counter which is incremented
on dequeue, and so a queue tail counter is computed as queue head
count + queue length. When a packet is enqueued on a backlog queue,
the current value of the queue tail counter is saved in the hash
entry of the rps_dev_flow_table.
And now the trick: when selecting the CPU for RPS (get_rps_cpu)
the rps_sock_flow table and the rps_dev_flow table for the RX queue
are consulted. When the desired CPU for the flow (found in the
rps_sock_flow table) does not match the current CPU (found in the
rps_dev_flow table), the current CPU is changed to the desired CPU
if one of the following is true:
- The current CPU is unset (equal to RPS_NO_CPU)
- Current CPU is offline
- The current CPU's queue head counter >= queue tail counter in the
rps_dev_flow table. This checks if the queue tail has advanced
beyond the last packet that was enqueued using this table entry.
This guarantees that all packets queued using this entry have been
dequeued, thus preserving in order delivery.
Making each queue have its own rps_dev_flow table has two advantages:
1) the tail queue counters will be written on each receive, so
keeping the table local to interrupting CPU s good for locality. 2)
this allows lockless access to the table-- the CPU number and queue
tail counter need to be accessed together under mutual exclusion
from netif_receive_skb, we assume that this is only called from
device napi_poll which is non-reentrant.
This patch implements RFS for TCP and connected UDP sockets.
It should be usable for other flow oriented protocols.
There are two configuration parameters for RFS. The
"rps_flow_entries" kernel init parameter sets the number of
entries in the rps_sock_flow_table, the per rxqueue sysfs entry
"rps_flow_cnt" contains the number of entries in the rps_dev_flow
table for the rxqueue. Both are rounded to power of two.
The obvious benefit of RFS (over just RPS) is that it achieves
CPU locality between the receive processing for a flow and the
applications processing; this can result in increased performance
(higher pps, lower latency).
The benefits of RFS are dependent on cache hierarchy, application
load, and other factors. On simple benchmarks, we don't necessarily
see improvement and sometimes see degradation. However, for more
complex benchmarks and for applications where cache pressure is
much higher this technique seems to perform very well.
Below are some benchmark results which show the potential benfit of
this patch. The netperf test has 500 instances of netperf TCP_RR
test with 1 byte req. and resp. The RPC test is an request/response
test similar in structure to netperf RR test ith 100 threads on
each host, but does more work in userspace that netperf.
e1000e on 8 core Intel
No RFS or RPS 104K tps at 30% CPU
No RFS (best RPS config): 290K tps at 63% CPU
RFS 303K tps at 61% CPU
RPC test tps CPU% 50/90/99% usec latency Latency StdDev
No RFS/RPS 103K 48% 757/900/3185 4472.35
RPS only: 174K 73% 415/993/2468 491.66
RFS 223K 73% 379/651/1382 315.61
Signed-off-by: Tom Herbert <therbert@google.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-04-17 03:01:27 +04:00
. recvmsg = inet_recvmsg ,
2006-03-21 09:48:35 +03:00
. mmap = sock_no_mmap ,
. sendpage = inet_sendpage ,
2006-03-21 09:45:21 +03:00
# ifdef CONFIG_COMPAT
2011-01-29 19:15:56 +03:00
. compat_ioctl = inet_compat_ioctl ,
2006-03-21 09:45:21 +03:00
# endif
2005-04-17 02:20:36 +04:00
} ;
2009-10-05 09:58:39 +04:00
static const struct net_proto_family inet_family_ops = {
2005-04-17 02:20:36 +04:00
. family = PF_INET ,
. create = inet_create ,
. owner = THIS_MODULE ,
} ;
/* Upon startup we insert all the elements in inetsw_array[] into
* the linked list inetsw .
*/
static struct inet_protosw inetsw_array [ ] =
{
2007-02-09 17:24:47 +03:00
{
. type = SOCK_STREAM ,
. protocol = IPPROTO_TCP ,
. prot = & tcp_prot ,
. ops = & inet_stream_ops ,
. flags = INET_PROTOSW_PERMANENT |
2005-12-14 10:26:10 +03:00
INET_PROTOSW_ICSK ,
2007-02-09 17:24:47 +03:00
} ,
{
. type = SOCK_DGRAM ,
. protocol = IPPROTO_UDP ,
. prot = & udp_prot ,
. ops = & inet_dgram_ops ,
. flags = INET_PROTOSW_PERMANENT ,
2005-04-17 02:20:36 +04:00
} ,
2007-02-09 17:24:47 +03:00
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
{
. type = SOCK_DGRAM ,
. protocol = IPPROTO_ICMP ,
. prot = & ping_prot ,
2017-06-03 19:29:25 +03:00
. ops = & inet_sockraw_ops ,
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
. flags = INET_PROTOSW_REUSE ,
} ,
2005-04-17 02:20:36 +04:00
{
2007-02-09 17:24:47 +03:00
. type = SOCK_RAW ,
. protocol = IPPROTO_IP , /* wild card */
. prot = & raw_prot ,
. ops = & inet_sockraw_ops ,
. flags = INET_PROTOSW_REUSE ,
2005-04-17 02:20:36 +04:00
}
} ;
2007-09-17 03:39:25 +04:00
# define INETSW_ARRAY_LEN ARRAY_SIZE(inetsw_array)
2005-04-17 02:20:36 +04:00
void inet_register_protosw ( struct inet_protosw * p )
{
struct list_head * lh ;
struct inet_protosw * answer ;
int protocol = p - > protocol ;
struct list_head * last_perm ;
spin_lock_bh ( & inetsw_lock ) ;
if ( p - > type > = SOCK_MAX )
goto out_illegal ;
/* If we are trying to override a permanent protocol, bail. */
last_perm = & inetsw [ p - > type ] ;
list_for_each ( lh , & inetsw [ p - > type ] ) {
answer = list_entry ( lh , struct inet_protosw , list ) ;
/* Check only the non-wild match. */
2015-09-18 07:00:05 +03:00
if ( ( INET_PROTOSW_PERMANENT & answer - > flags ) = = 0 )
break ;
if ( protocol = = answer - > protocol )
goto out_permanent ;
last_perm = lh ;
2005-04-17 02:20:36 +04:00
}
/* Add the new entry after the last permanent entry if any, so that
* the new entry does not override a permanent entry when matched with
* a wild - card protocol . But it is allowed to override any existing
2007-02-09 17:24:47 +03:00
* non - permanent entry . This means that when we remove this entry , the
2005-04-17 02:20:36 +04:00
* system automatically returns to the old behavior .
*/
list_add_rcu ( & p - > list , last_perm ) ;
out :
spin_unlock_bh ( & inetsw_lock ) ;
return ;
out_permanent :
2012-03-11 22:36:11 +04:00
pr_err ( " Attempt to override permanent protocol %d \n " , protocol ) ;
2005-04-17 02:20:36 +04:00
goto out ;
out_illegal :
2012-03-11 22:36:11 +04:00
pr_err ( " Ignoring attempt to register invalid socket type %d \n " ,
2005-04-17 02:20:36 +04:00
p - > type ) ;
goto out ;
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_register_protosw ) ;
2005-04-17 02:20:36 +04:00
void inet_unregister_protosw ( struct inet_protosw * p )
{
if ( INET_PROTOSW_PERMANENT & p - > flags ) {
2012-03-11 22:36:11 +04:00
pr_err ( " Attempt to unregister permanent protocol %d \n " ,
2005-04-17 02:20:36 +04:00
p - > protocol ) ;
} else {
spin_lock_bh ( & inetsw_lock ) ;
list_del_rcu ( & p - > list ) ;
spin_unlock_bh ( & inetsw_lock ) ;
synchronize_net ( ) ;
}
}
2009-08-29 10:45:21 +04:00
EXPORT_SYMBOL ( inet_unregister_protosw ) ;
2005-04-17 02:20:36 +04:00
2005-08-10 06:50:02 +04:00
static int inet_sk_reselect_saddr ( struct sock * sk )
{
net: Add a bhash2 table hashed by port and address
The current bind hashtable (bhash) is hashed by port only.
In the socket bind path, we have to check for bind conflicts by
traversing the specified port's inet_bind_bucket while holding the
hashbucket's spinlock (see inet_csk_get_port() and
inet_csk_bind_conflict()). In instances where there are tons of
sockets hashed to the same port at different addresses, the bind
conflict check is time-intensive and can cause softirq cpu lockups,
as well as stops new tcp connections since __inet_inherit_port()
also contests for the spinlock.
This patch adds a second bind table, bhash2, that hashes by
port and sk->sk_rcv_saddr (ipv4) and sk->sk_v6_rcv_saddr (ipv6).
Searching the bhash2 table leads to significantly faster conflict
resolution and less time holding the hashbucket spinlock.
Please note a few things:
* There can be the case where the a socket's address changes after it
has been bound. There are two cases where this happens:
1) The case where there is a bind() call on INADDR_ANY (ipv4) or
IPV6_ADDR_ANY (ipv6) and then a connect() call. The kernel will
assign the socket an address when it handles the connect()
2) In inet_sk_reselect_saddr(), which is called when rebuilding the
sk header and a few pre-conditions are met (eg rerouting fails).
In these two cases, we need to update the bhash2 table by removing the
entry for the old address, and add a new entry reflecting the updated
address.
* The bhash2 table must have its own lock, even though concurrent
accesses on the same port are protected by the bhash lock. Bhash2 must
have its own lock to protect against cases where sockets on different
ports hash to different bhash hashbuckets but to the same bhash2
hashbucket.
This brings up a few stipulations:
1) When acquiring both the bhash and the bhash2 lock, the bhash2 lock
will always be acquired after the bhash lock and released before the
bhash lock is released.
2) There are no nested bhash2 hashbucket locks. A bhash2 lock is always
acquired+released before another bhash2 lock is acquired+released.
* The bhash table cannot be superseded by the bhash2 table because for
bind requests on INADDR_ANY (ipv4) or IPV6_ADDR_ANY (ipv6), every socket
bound to that port must be checked for a potential conflict. The bhash
table is the only source of port->socket associations.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-22 21:10:21 +03:00
struct inet_bind_hashbucket * prev_addr_hashbucket ;
2005-08-10 06:50:02 +04:00
struct inet_sock * inet = inet_sk ( sk ) ;
2009-10-15 10:30:45 +04:00
__be32 old_saddr = inet - > inet_saddr ;
__be32 daddr = inet - > inet_daddr ;
2011-05-07 03:18:04 +04:00
struct flowi4 * fl4 ;
2011-03-03 01:31:35 +03:00
struct rtable * rt ;
__be32 new_saddr ;
2011-04-21 13:45:37 +04:00
struct ip_options_rcu * inet_opt ;
net: Add a bhash2 table hashed by port and address
The current bind hashtable (bhash) is hashed by port only.
In the socket bind path, we have to check for bind conflicts by
traversing the specified port's inet_bind_bucket while holding the
hashbucket's spinlock (see inet_csk_get_port() and
inet_csk_bind_conflict()). In instances where there are tons of
sockets hashed to the same port at different addresses, the bind
conflict check is time-intensive and can cause softirq cpu lockups,
as well as stops new tcp connections since __inet_inherit_port()
also contests for the spinlock.
This patch adds a second bind table, bhash2, that hashes by
port and sk->sk_rcv_saddr (ipv4) and sk->sk_v6_rcv_saddr (ipv6).
Searching the bhash2 table leads to significantly faster conflict
resolution and less time holding the hashbucket spinlock.
Please note a few things:
* There can be the case where the a socket's address changes after it
has been bound. There are two cases where this happens:
1) The case where there is a bind() call on INADDR_ANY (ipv4) or
IPV6_ADDR_ANY (ipv6) and then a connect() call. The kernel will
assign the socket an address when it handles the connect()
2) In inet_sk_reselect_saddr(), which is called when rebuilding the
sk header and a few pre-conditions are met (eg rerouting fails).
In these two cases, we need to update the bhash2 table by removing the
entry for the old address, and add a new entry reflecting the updated
address.
* The bhash2 table must have its own lock, even though concurrent
accesses on the same port are protected by the bhash lock. Bhash2 must
have its own lock to protect against cases where sockets on different
ports hash to different bhash hashbuckets but to the same bhash2
hashbucket.
This brings up a few stipulations:
1) When acquiring both the bhash and the bhash2 lock, the bhash2 lock
will always be acquired after the bhash lock and released before the
bhash lock is released.
2) There are no nested bhash2 hashbucket locks. A bhash2 lock is always
acquired+released before another bhash2 lock is acquired+released.
* The bhash table cannot be superseded by the bhash2 table because for
bind requests on INADDR_ANY (ipv4) or IPV6_ADDR_ANY (ipv6), every socket
bound to that port must be checked for a potential conflict. The bhash
table is the only source of port->socket associations.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-22 21:10:21 +03:00
int err ;
2005-08-10 06:50:02 +04:00
2011-04-21 13:45:37 +04:00
inet_opt = rcu_dereference_protected ( inet - > inet_opt ,
2016-04-05 18:10:15 +03:00
lockdep_sock_is_held ( sk ) ) ;
2011-04-21 13:45:37 +04:00
if ( inet_opt & & inet_opt - > opt . srr )
daddr = inet_opt - > opt . faddr ;
2005-08-10 06:50:02 +04:00
/* Query new route. */
2011-05-07 03:18:04 +04:00
fl4 = & inet - > cork . fl . u . ip4 ;
2022-04-21 02:21:33 +03:00
rt = ip_route_connect ( fl4 , daddr , 0 , sk - > sk_bound_dev_if ,
sk - > sk_protocol , inet - > inet_sport ,
inet - > inet_dport , sk ) ;
2011-03-03 01:31:35 +03:00
if ( IS_ERR ( rt ) )
return PTR_ERR ( rt ) ;
2005-08-10 06:50:02 +04:00
2011-05-07 03:18:04 +04:00
new_saddr = fl4 - > saddr ;
2005-08-10 06:50:02 +04:00
net: Add a bhash2 table hashed by port and address
The current bind hashtable (bhash) is hashed by port only.
In the socket bind path, we have to check for bind conflicts by
traversing the specified port's inet_bind_bucket while holding the
hashbucket's spinlock (see inet_csk_get_port() and
inet_csk_bind_conflict()). In instances where there are tons of
sockets hashed to the same port at different addresses, the bind
conflict check is time-intensive and can cause softirq cpu lockups,
as well as stops new tcp connections since __inet_inherit_port()
also contests for the spinlock.
This patch adds a second bind table, bhash2, that hashes by
port and sk->sk_rcv_saddr (ipv4) and sk->sk_v6_rcv_saddr (ipv6).
Searching the bhash2 table leads to significantly faster conflict
resolution and less time holding the hashbucket spinlock.
Please note a few things:
* There can be the case where the a socket's address changes after it
has been bound. There are two cases where this happens:
1) The case where there is a bind() call on INADDR_ANY (ipv4) or
IPV6_ADDR_ANY (ipv6) and then a connect() call. The kernel will
assign the socket an address when it handles the connect()
2) In inet_sk_reselect_saddr(), which is called when rebuilding the
sk header and a few pre-conditions are met (eg rerouting fails).
In these two cases, we need to update the bhash2 table by removing the
entry for the old address, and add a new entry reflecting the updated
address.
* The bhash2 table must have its own lock, even though concurrent
accesses on the same port are protected by the bhash lock. Bhash2 must
have its own lock to protect against cases where sockets on different
ports hash to different bhash hashbuckets but to the same bhash2
hashbucket.
This brings up a few stipulations:
1) When acquiring both the bhash and the bhash2 lock, the bhash2 lock
will always be acquired after the bhash lock and released before the
bhash lock is released.
2) There are no nested bhash2 hashbucket locks. A bhash2 lock is always
acquired+released before another bhash2 lock is acquired+released.
* The bhash table cannot be superseded by the bhash2 table because for
bind requests on INADDR_ANY (ipv4) or IPV6_ADDR_ANY (ipv6), every socket
bound to that port must be checked for a potential conflict. The bhash
table is the only source of port->socket associations.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-22 21:10:21 +03:00
if ( new_saddr = = old_saddr ) {
sk_setup_caps ( sk , & rt - > dst ) ;
2005-08-10 06:50:02 +04:00
return 0 ;
net: Add a bhash2 table hashed by port and address
The current bind hashtable (bhash) is hashed by port only.
In the socket bind path, we have to check for bind conflicts by
traversing the specified port's inet_bind_bucket while holding the
hashbucket's spinlock (see inet_csk_get_port() and
inet_csk_bind_conflict()). In instances where there are tons of
sockets hashed to the same port at different addresses, the bind
conflict check is time-intensive and can cause softirq cpu lockups,
as well as stops new tcp connections since __inet_inherit_port()
also contests for the spinlock.
This patch adds a second bind table, bhash2, that hashes by
port and sk->sk_rcv_saddr (ipv4) and sk->sk_v6_rcv_saddr (ipv6).
Searching the bhash2 table leads to significantly faster conflict
resolution and less time holding the hashbucket spinlock.
Please note a few things:
* There can be the case where the a socket's address changes after it
has been bound. There are two cases where this happens:
1) The case where there is a bind() call on INADDR_ANY (ipv4) or
IPV6_ADDR_ANY (ipv6) and then a connect() call. The kernel will
assign the socket an address when it handles the connect()
2) In inet_sk_reselect_saddr(), which is called when rebuilding the
sk header and a few pre-conditions are met (eg rerouting fails).
In these two cases, we need to update the bhash2 table by removing the
entry for the old address, and add a new entry reflecting the updated
address.
* The bhash2 table must have its own lock, even though concurrent
accesses on the same port are protected by the bhash lock. Bhash2 must
have its own lock to protect against cases where sockets on different
ports hash to different bhash hashbuckets but to the same bhash2
hashbucket.
This brings up a few stipulations:
1) When acquiring both the bhash and the bhash2 lock, the bhash2 lock
will always be acquired after the bhash lock and released before the
bhash lock is released.
2) There are no nested bhash2 hashbucket locks. A bhash2 lock is always
acquired+released before another bhash2 lock is acquired+released.
* The bhash table cannot be superseded by the bhash2 table because for
bind requests on INADDR_ANY (ipv4) or IPV6_ADDR_ANY (ipv6), every socket
bound to that port must be checked for a potential conflict. The bhash
table is the only source of port->socket associations.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-22 21:10:21 +03:00
}
prev_addr_hashbucket =
2022-09-08 04:10:19 +03:00
inet_bhashfn_portaddr ( tcp_or_dccp_get_hashinfo ( sk ) , sk ,
net: Add a bhash2 table hashed by port and address
The current bind hashtable (bhash) is hashed by port only.
In the socket bind path, we have to check for bind conflicts by
traversing the specified port's inet_bind_bucket while holding the
hashbucket's spinlock (see inet_csk_get_port() and
inet_csk_bind_conflict()). In instances where there are tons of
sockets hashed to the same port at different addresses, the bind
conflict check is time-intensive and can cause softirq cpu lockups,
as well as stops new tcp connections since __inet_inherit_port()
also contests for the spinlock.
This patch adds a second bind table, bhash2, that hashes by
port and sk->sk_rcv_saddr (ipv4) and sk->sk_v6_rcv_saddr (ipv6).
Searching the bhash2 table leads to significantly faster conflict
resolution and less time holding the hashbucket spinlock.
Please note a few things:
* There can be the case where the a socket's address changes after it
has been bound. There are two cases where this happens:
1) The case where there is a bind() call on INADDR_ANY (ipv4) or
IPV6_ADDR_ANY (ipv6) and then a connect() call. The kernel will
assign the socket an address when it handles the connect()
2) In inet_sk_reselect_saddr(), which is called when rebuilding the
sk header and a few pre-conditions are met (eg rerouting fails).
In these two cases, we need to update the bhash2 table by removing the
entry for the old address, and add a new entry reflecting the updated
address.
* The bhash2 table must have its own lock, even though concurrent
accesses on the same port are protected by the bhash lock. Bhash2 must
have its own lock to protect against cases where sockets on different
ports hash to different bhash hashbuckets but to the same bhash2
hashbucket.
This brings up a few stipulations:
1) When acquiring both the bhash and the bhash2 lock, the bhash2 lock
will always be acquired after the bhash lock and released before the
bhash lock is released.
2) There are no nested bhash2 hashbucket locks. A bhash2 lock is always
acquired+released before another bhash2 lock is acquired+released.
* The bhash table cannot be superseded by the bhash2 table because for
bind requests on INADDR_ANY (ipv4) or IPV6_ADDR_ANY (ipv6), every socket
bound to that port must be checked for a potential conflict. The bhash
table is the only source of port->socket associations.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-22 21:10:21 +03:00
sock_net ( sk ) , inet - > inet_num ) ;
inet - > inet_saddr = inet - > inet_rcv_saddr = new_saddr ;
err = inet_bhash2_update_saddr ( prev_addr_hashbucket , sk ) ;
if ( err ) {
inet - > inet_saddr = old_saddr ;
inet - > inet_rcv_saddr = old_saddr ;
ip_rt_put ( rt ) ;
return err ;
}
sk_setup_caps ( sk , & rt - > dst ) ;
2005-08-10 06:50:02 +04:00
2022-07-12 03:15:32 +03:00
if ( READ_ONCE ( sock_net ( sk ) - > ipv4 . sysctl_ip_dynaddr ) > 1 ) {
2012-03-11 22:36:11 +04:00
pr_info ( " %s(): shifting inet->saddr from %pI4 to %pI4 \n " ,
__func__ , & old_saddr , & new_saddr ) ;
2005-08-10 06:50:02 +04:00
}
/*
* XXX The only one ugly spot where we need to
* XXX really change the sockets identity after
* XXX it has entered the hashes . - DaveM
*
* Besides that , it does not check for connection
* uniqueness . Wait for troubles .
*/
2016-02-10 19:50:35 +03:00
return __sk_prot_rehash ( sk ) ;
2005-08-10 06:50:02 +04:00
}
int inet_sk_rebuild_header ( struct sock * sk )
{
struct inet_sock * inet = inet_sk ( sk ) ;
struct rtable * rt = ( struct rtable * ) __sk_dst_check ( sk , 0 ) ;
2006-09-28 05:28:07 +04:00
__be32 daddr ;
2011-04-21 13:45:37 +04:00
struct ip_options_rcu * inet_opt ;
2011-05-07 03:18:04 +04:00
struct flowi4 * fl4 ;
2005-08-10 06:50:02 +04:00
int err ;
/* Route is OK, nothing to do. */
if ( rt )
return 0 ;
/* Reroute. */
2011-04-21 13:45:37 +04:00
rcu_read_lock ( ) ;
inet_opt = rcu_dereference ( inet - > inet_opt ) ;
2009-10-15 10:30:45 +04:00
daddr = inet - > inet_daddr ;
2011-04-21 13:45:37 +04:00
if ( inet_opt & & inet_opt - > opt . srr )
daddr = inet_opt - > opt . faddr ;
rcu_read_unlock ( ) ;
2011-05-07 03:18:04 +04:00
fl4 = & inet - > cork . fl . u . ip4 ;
rt = ip_route_output_ports ( sock_net ( sk ) , fl4 , sk , daddr , inet - > inet_saddr ,
2011-03-12 08:00:52 +03:00
inet - > inet_dport , inet - > inet_sport ,
sk - > sk_protocol , RT_CONN_FLAGS ( sk ) ,
sk - > sk_bound_dev_if ) ;
2011-03-03 01:31:35 +03:00
if ( ! IS_ERR ( rt ) ) {
err = 0 ;
2010-06-11 10:31:35 +04:00
sk_setup_caps ( sk , & rt - > dst ) ;
2011-03-03 01:31:35 +03:00
} else {
err = PTR_ERR ( rt ) ;
2005-08-10 06:50:02 +04:00
/* Routing failed... */
sk - > sk_route_caps = 0 ;
/*
* Other protocols have to map its equivalent state to TCP_SYN_SENT .
* DCCP maps its DCCP_REQUESTING state to TCP_SYN_SENT . - acme
*/
2022-07-12 03:15:32 +03:00
if ( ! READ_ONCE ( sock_net ( sk ) - > ipv4 . sysctl_ip_dynaddr ) | |
2005-08-10 06:50:02 +04:00
sk - > sk_state ! = TCP_SYN_SENT | |
( sk - > sk_userlocks & SOCK_BINDADDR_LOCK ) | |
( err = inet_sk_reselect_saddr ( sk ) ) ! = 0 )
sk - > sk_err_soft = - err ;
}
return err ;
}
EXPORT_SYMBOL ( inet_sk_rebuild_header ) ;
2017-12-20 06:12:51 +03:00
void inet_sk_set_state ( struct sock * sk , int state )
{
trace_inet_sock_set_state ( sk , sk - > sk_state , state ) ;
sk - > sk_state = state ;
}
EXPORT_SYMBOL ( inet_sk_set_state ) ;
void inet_sk_state_store ( struct sock * sk , int newstate )
{
trace_inet_sock_set_state ( sk , sk - > sk_state , newstate ) ;
smp_store_release ( & sk - > sk_state , newstate ) ;
}
2016-05-18 19:06:23 +03:00
struct sk_buff * inet_gso_segment ( struct sk_buff * skb ,
netdev_features_t features )
2006-06-22 14:02:40 +04:00
{
net: accept UFO datagrams from tuntap and packet
Tuntap and similar devices can inject GSO packets. Accept type
VIRTIO_NET_HDR_GSO_UDP, even though not generating UFO natively.
Processes are expected to use feature negotiation such as TUNSETOFFLOAD
to detect supported offload types and refrain from injecting other
packets. This process breaks down with live migration: guest kernels
do not renegotiate flags, so destination hosts need to expose all
features that the source host does.
Partially revert the UFO removal from 182e0b6b5846~1..d9d30adf5677.
This patch introduces nearly(*) no new code to simplify verification.
It brings back verbatim tuntap UFO negotiation, VIRTIO_NET_HDR_GSO_UDP
insertion and software UFO segmentation.
It does not reinstate protocol stack support, hardware offload
(NETIF_F_UFO), SKB_GSO_UDP tunneling in SKB_GSO_SOFTWARE or reception
of VIRTIO_NET_HDR_GSO_UDP packets in tuntap.
To support SKB_GSO_UDP reappearing in the stack, also reinstate
logic in act_csum and openvswitch. Achieve equivalence with v4.13 HEAD
by squashing in commit 939912216fa8 ("net: skb_needs_check() removes
CHECKSUM_UNNECESSARY check for tx.") and reverting commit 8d63bee643f1
("net: avoid skb_warn_bad_offload false positives on UFO").
(*) To avoid having to bring back skb_shinfo(skb)->ip6_frag_id,
ipv6_proxy_select_ident is changed to return a __be32 and this is
assigned directly to the frag_hdr. Also, SKB_GSO_UDP is inserted
at the end of the enum to minimize code churn.
Tested
Booted a v4.13 guest kernel with QEMU. On a host kernel before this
patch `ethtool -k eth0` shows UFO disabled. After the patch, it is
enabled, same as on a v4.13 host kernel.
A UFO packet sent from the guest appears on the tap device:
host:
nc -l -p -u 8000 &
tcpdump -n -i tap0
guest:
dd if=/dev/zero of=payload.txt bs=1 count=2000
nc -u 192.16.1.1 8000 < payload.txt
Direct tap to tap transmission of VIRTIO_NET_HDR_GSO_UDP succeeds,
packets arriving fragmented:
./with_tap_pair.sh ./tap_send_ufo tap0 tap1
(from https://github.com/wdebruij/kerneltools/tree/master/tests)
Changes
v1 -> v2
- simplified set_offload change (review comment)
- documented test procedure
Link: http://lkml.kernel.org/r/<CAF=yD-LuUeDuL9YWPJD9ykOZ0QCjNeznPDr6whqZ9NGMNF12Mw@mail.gmail.com>
Fixes: fb652fdfe837 ("macvlan/macvtap: Remove NETIF_F_UFO advertisement.")
Reported-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-21 18:22:25 +03:00
bool udpfrag = false , fixedid = false , gso_partial , encap ;
2006-06-22 14:02:40 +04:00
struct sk_buff * segs = ERR_PTR ( - EINVAL ) ;
2012-11-15 12:49:14 +04:00
const struct net_offload * ops ;
net: accept UFO datagrams from tuntap and packet
Tuntap and similar devices can inject GSO packets. Accept type
VIRTIO_NET_HDR_GSO_UDP, even though not generating UFO natively.
Processes are expected to use feature negotiation such as TUNSETOFFLOAD
to detect supported offload types and refrain from injecting other
packets. This process breaks down with live migration: guest kernels
do not renegotiate flags, so destination hosts need to expose all
features that the source host does.
Partially revert the UFO removal from 182e0b6b5846~1..d9d30adf5677.
This patch introduces nearly(*) no new code to simplify verification.
It brings back verbatim tuntap UFO negotiation, VIRTIO_NET_HDR_GSO_UDP
insertion and software UFO segmentation.
It does not reinstate protocol stack support, hardware offload
(NETIF_F_UFO), SKB_GSO_UDP tunneling in SKB_GSO_SOFTWARE or reception
of VIRTIO_NET_HDR_GSO_UDP packets in tuntap.
To support SKB_GSO_UDP reappearing in the stack, also reinstate
logic in act_csum and openvswitch. Achieve equivalence with v4.13 HEAD
by squashing in commit 939912216fa8 ("net: skb_needs_check() removes
CHECKSUM_UNNECESSARY check for tx.") and reverting commit 8d63bee643f1
("net: avoid skb_warn_bad_offload false positives on UFO").
(*) To avoid having to bring back skb_shinfo(skb)->ip6_frag_id,
ipv6_proxy_select_ident is changed to return a __be32 and this is
assigned directly to the frag_hdr. Also, SKB_GSO_UDP is inserted
at the end of the enum to minimize code churn.
Tested
Booted a v4.13 guest kernel with QEMU. On a host kernel before this
patch `ethtool -k eth0` shows UFO disabled. After the patch, it is
enabled, same as on a v4.13 host kernel.
A UFO packet sent from the guest appears on the tap device:
host:
nc -l -p -u 8000 &
tcpdump -n -i tap0
guest:
dd if=/dev/zero of=payload.txt bs=1 count=2000
nc -u 192.16.1.1 8000 < payload.txt
Direct tap to tap transmission of VIRTIO_NET_HDR_GSO_UDP succeeds,
packets arriving fragmented:
./with_tap_pair.sh ./tap_send_ufo tap0 tap1
(from https://github.com/wdebruij/kerneltools/tree/master/tests)
Changes
v1 -> v2
- simplified set_offload change (review comment)
- documented test procedure
Link: http://lkml.kernel.org/r/<CAF=yD-LuUeDuL9YWPJD9ykOZ0QCjNeznPDr6whqZ9NGMNF12Mw@mail.gmail.com>
Fixes: fb652fdfe837 ("macvlan/macvtap: Remove NETIF_F_UFO advertisement.")
Reported-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-21 18:22:25 +03:00
unsigned int offset = 0 ;
2012-06-20 05:56:21 +04:00
struct iphdr * iph ;
2016-04-11 04:45:03 +03:00
int proto , tot_len ;
2013-10-19 22:42:56 +04:00
int nhoff ;
2006-06-22 14:02:40 +04:00
int ihl ;
int id ;
2013-10-19 22:42:56 +04:00
skb_reset_network_header ( skb ) ;
nhoff = skb_network_header ( skb ) - skb_mac_header ( skb ) ;
2006-07-04 06:38:35 +04:00
if ( unlikely ( ! pskb_may_pull ( skb , sizeof ( * iph ) ) ) )
2006-06-22 14:02:40 +04:00
goto out ;
2007-04-21 09:47:35 +04:00
iph = ip_hdr ( skb ) ;
2006-06-22 14:02:40 +04:00
ihl = iph - > ihl * 4 ;
if ( ihl < sizeof ( * iph ) )
goto out ;
2013-10-19 00:13:27 +04:00
id = ntohs ( iph - > id ) ;
proto = iph - > protocol ;
/* Warning: after this point, iph might be no longer valid */
2006-07-04 06:38:35 +04:00
if ( unlikely ( ! pskb_may_pull ( skb , ihl ) ) )
2006-06-22 14:02:40 +04:00
goto out ;
2013-10-19 00:13:27 +04:00
__skb_pull ( skb , ihl ) ;
2006-06-22 14:02:40 +04:00
2013-10-28 05:18:16 +04:00
encap = SKB_GSO_CB ( skb ) - > encap_level > 0 ;
if ( encap )
2014-10-20 15:49:16 +04:00
features & = skb - > dev - > hw_enc_features ;
2013-10-19 22:42:56 +04:00
SKB_GSO_CB ( skb ) - > encap_level + = ihl ;
2013-03-07 17:21:51 +04:00
2007-03-13 19:06:52 +03:00
skb_reset_transport_header ( skb ) ;
2013-10-19 00:13:27 +04:00
2006-06-22 14:02:40 +04:00
segs = ERR_PTR ( - EPROTONOSUPPORT ) ;
2016-04-11 04:44:51 +03:00
if ( ! skb - > encapsulation | | encap ) {
net: accept UFO datagrams from tuntap and packet
Tuntap and similar devices can inject GSO packets. Accept type
VIRTIO_NET_HDR_GSO_UDP, even though not generating UFO natively.
Processes are expected to use feature negotiation such as TUNSETOFFLOAD
to detect supported offload types and refrain from injecting other
packets. This process breaks down with live migration: guest kernels
do not renegotiate flags, so destination hosts need to expose all
features that the source host does.
Partially revert the UFO removal from 182e0b6b5846~1..d9d30adf5677.
This patch introduces nearly(*) no new code to simplify verification.
It brings back verbatim tuntap UFO negotiation, VIRTIO_NET_HDR_GSO_UDP
insertion and software UFO segmentation.
It does not reinstate protocol stack support, hardware offload
(NETIF_F_UFO), SKB_GSO_UDP tunneling in SKB_GSO_SOFTWARE or reception
of VIRTIO_NET_HDR_GSO_UDP packets in tuntap.
To support SKB_GSO_UDP reappearing in the stack, also reinstate
logic in act_csum and openvswitch. Achieve equivalence with v4.13 HEAD
by squashing in commit 939912216fa8 ("net: skb_needs_check() removes
CHECKSUM_UNNECESSARY check for tx.") and reverting commit 8d63bee643f1
("net: avoid skb_warn_bad_offload false positives on UFO").
(*) To avoid having to bring back skb_shinfo(skb)->ip6_frag_id,
ipv6_proxy_select_ident is changed to return a __be32 and this is
assigned directly to the frag_hdr. Also, SKB_GSO_UDP is inserted
at the end of the enum to minimize code churn.
Tested
Booted a v4.13 guest kernel with QEMU. On a host kernel before this
patch `ethtool -k eth0` shows UFO disabled. After the patch, it is
enabled, same as on a v4.13 host kernel.
A UFO packet sent from the guest appears on the tap device:
host:
nc -l -p -u 8000 &
tcpdump -n -i tap0
guest:
dd if=/dev/zero of=payload.txt bs=1 count=2000
nc -u 192.16.1.1 8000 < payload.txt
Direct tap to tap transmission of VIRTIO_NET_HDR_GSO_UDP succeeds,
packets arriving fragmented:
./with_tap_pair.sh ./tap_send_ufo tap0 tap1
(from https://github.com/wdebruij/kerneltools/tree/master/tests)
Changes
v1 -> v2
- simplified set_offload change (review comment)
- documented test procedure
Link: http://lkml.kernel.org/r/<CAF=yD-LuUeDuL9YWPJD9ykOZ0QCjNeznPDr6whqZ9NGMNF12Mw@mail.gmail.com>
Fixes: fb652fdfe837 ("macvlan/macvtap: Remove NETIF_F_UFO advertisement.")
Reported-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-21 18:22:25 +03:00
udpfrag = ! ! ( skb_shinfo ( skb ) - > gso_type & SKB_GSO_UDP ) ;
2016-04-11 04:44:51 +03:00
fixedid = ! ! ( skb_shinfo ( skb ) - > gso_type & SKB_GSO_TCP_FIXEDID ) ;
/* fixed ID is invalid if DF bit is not set */
2016-11-28 18:36:58 +03:00
if ( fixedid & & ! ( ip_hdr ( skb ) - > frag_off & htons ( IP_DF ) ) )
2016-04-11 04:44:51 +03:00
goto out ;
}
2013-11-08 06:32:06 +04:00
2012-11-15 12:49:14 +04:00
ops = rcu_dereference ( inet_offloads [ proto ] ) ;
2022-02-18 17:35:24 +03:00
if ( likely ( ops & & ops - > callbacks . gso_segment ) ) {
2012-11-15 12:49:23 +04:00
segs = ops - > callbacks . gso_segment ( skb , features ) ;
2022-02-18 17:35:24 +03:00
if ( ! segs )
skb - > network_header = skb_mac_header ( skb ) + nhoff - skb - > head ;
}
2006-06-22 14:02:40 +04:00
2013-01-22 10:32:49 +04:00
if ( IS_ERR_OR_NULL ( segs ) )
2006-06-22 14:02:40 +04:00
goto out ;
2016-09-19 13:58:47 +03:00
gso_partial = ! ! ( skb_shinfo ( segs ) - > gso_type & SKB_GSO_PARTIAL ) ;
2006-06-22 14:02:40 +04:00
skb = segs ;
do {
2013-10-19 22:42:56 +04:00
iph = ( struct iphdr * ) ( skb_mac_header ( skb ) + nhoff ) ;
net: accept UFO datagrams from tuntap and packet
Tuntap and similar devices can inject GSO packets. Accept type
VIRTIO_NET_HDR_GSO_UDP, even though not generating UFO natively.
Processes are expected to use feature negotiation such as TUNSETOFFLOAD
to detect supported offload types and refrain from injecting other
packets. This process breaks down with live migration: guest kernels
do not renegotiate flags, so destination hosts need to expose all
features that the source host does.
Partially revert the UFO removal from 182e0b6b5846~1..d9d30adf5677.
This patch introduces nearly(*) no new code to simplify verification.
It brings back verbatim tuntap UFO negotiation, VIRTIO_NET_HDR_GSO_UDP
insertion and software UFO segmentation.
It does not reinstate protocol stack support, hardware offload
(NETIF_F_UFO), SKB_GSO_UDP tunneling in SKB_GSO_SOFTWARE or reception
of VIRTIO_NET_HDR_GSO_UDP packets in tuntap.
To support SKB_GSO_UDP reappearing in the stack, also reinstate
logic in act_csum and openvswitch. Achieve equivalence with v4.13 HEAD
by squashing in commit 939912216fa8 ("net: skb_needs_check() removes
CHECKSUM_UNNECESSARY check for tx.") and reverting commit 8d63bee643f1
("net: avoid skb_warn_bad_offload false positives on UFO").
(*) To avoid having to bring back skb_shinfo(skb)->ip6_frag_id,
ipv6_proxy_select_ident is changed to return a __be32 and this is
assigned directly to the frag_hdr. Also, SKB_GSO_UDP is inserted
at the end of the enum to minimize code churn.
Tested
Booted a v4.13 guest kernel with QEMU. On a host kernel before this
patch `ethtool -k eth0` shows UFO disabled. After the patch, it is
enabled, same as on a v4.13 host kernel.
A UFO packet sent from the guest appears on the tap device:
host:
nc -l -p -u 8000 &
tcpdump -n -i tap0
guest:
dd if=/dev/zero of=payload.txt bs=1 count=2000
nc -u 192.16.1.1 8000 < payload.txt
Direct tap to tap transmission of VIRTIO_NET_HDR_GSO_UDP succeeds,
packets arriving fragmented:
./with_tap_pair.sh ./tap_send_ufo tap0 tap1
(from https://github.com/wdebruij/kerneltools/tree/master/tests)
Changes
v1 -> v2
- simplified set_offload change (review comment)
- documented test procedure
Link: http://lkml.kernel.org/r/<CAF=yD-LuUeDuL9YWPJD9ykOZ0QCjNeznPDr6whqZ9NGMNF12Mw@mail.gmail.com>
Fixes: fb652fdfe837 ("macvlan/macvtap: Remove NETIF_F_UFO advertisement.")
Reported-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-21 18:22:25 +03:00
if ( udpfrag ) {
iph - > frag_off = htons ( offset > > 3 ) ;
if ( skb - > next )
iph - > frag_off | = htons ( IP_MF ) ;
offset + = skb - > len - nhoff - ihl ;
tot_len = skb - > len - nhoff ;
} else if ( skb_is_gso ( skb ) ) {
2016-04-11 04:45:03 +03:00
if ( ! fixedid ) {
iph - > id = htons ( id ) ;
id + = skb_shinfo ( skb ) - > gso_segs ;
}
2016-09-19 13:58:47 +03:00
if ( gso_partial )
tot_len = skb_shinfo ( skb ) - > gso_size +
SKB_GSO_CB ( skb ) - > data_offset +
skb - > head - ( unsigned char * ) iph ;
else
tot_len = skb - > len - nhoff ;
2016-04-11 04:45:03 +03:00
} else {
if ( ! fixedid )
iph - > id = htons ( id + + ) ;
tot_len = skb - > len - nhoff ;
2013-02-22 11:30:30 +04:00
}
2016-04-11 04:45:03 +03:00
iph - > tot_len = htons ( tot_len ) ;
2013-10-19 00:13:27 +04:00
ip_send_check ( iph ) ;
2013-10-28 05:18:16 +04:00
if ( encap )
2013-10-19 22:42:56 +04:00
skb_reset_inner_headers ( skb ) ;
skb - > network_header = ( u8 * ) iph - skb - > head ;
2018-09-13 17:43:07 +03:00
skb_reset_mac_len ( skb ) ;
2006-06-22 14:02:40 +04:00
} while ( ( skb = skb - > next ) ) ;
out :
return segs ;
}
2019-02-20 18:52:12 +03:00
static struct sk_buff * ipip_gso_segment ( struct sk_buff * skb ,
netdev_features_t features )
{
if ( ! ( skb_shinfo ( skb ) - > gso_type & SKB_GSO_IPXIP4 ) )
return ERR_PTR ( - EINVAL ) ;
return inet_gso_segment ( skb , features ) ;
}
2018-06-24 08:13:49 +03:00
struct sk_buff * inet_gro_receive ( struct list_head * head , struct sk_buff * skb )
2008-12-16 10:41:09 +03:00
{
2012-11-15 12:49:14 +04:00
const struct net_offload * ops ;
2018-06-24 08:13:49 +03:00
struct sk_buff * pp = NULL ;
2011-04-22 08:53:02 +04:00
const struct iphdr * iph ;
2018-06-24 08:13:49 +03:00
struct sk_buff * p ;
2009-05-26 22:50:28 +04:00
unsigned int hlen ;
unsigned int off ;
2009-05-26 22:50:29 +04:00
unsigned int id ;
2008-12-16 10:41:09 +03:00
int flush = 1 ;
int proto ;
2009-05-26 22:50:28 +04:00
off = skb_gro_offset ( skb ) ;
hlen = off + sizeof ( * iph ) ;
2022-08-23 10:10:49 +03:00
iph = skb_gro_header ( skb , hlen , off ) ;
if ( unlikely ( ! iph ) )
goto out ;
2008-12-16 10:41:09 +03:00
2012-06-20 05:56:21 +04:00
proto = iph - > protocol ;
2008-12-16 10:41:09 +03:00
2012-11-15 12:49:14 +04:00
ops = rcu_dereference ( inet_offloads [ proto ] ) ;
2012-11-15 12:49:23 +04:00
if ( ! ops | | ! ops - > callbacks . gro_receive )
2021-11-24 01:56:07 +03:00
goto out ;
2008-12-16 10:41:09 +03:00
2009-02-08 21:00:39 +03:00
if ( * ( u8 * ) iph ! = 0x45 )
2021-11-24 01:56:07 +03:00
goto out ;
2008-12-16 10:41:09 +03:00
2017-04-28 11:54:32 +03:00
if ( ip_is_fragment ( iph ) )
2021-11-24 01:56:07 +03:00
goto out ;
2017-04-28 11:54:32 +03:00
net: tcp: GRO should be ECN friendly
While doing TCP ECN tests, I discovered GRO was reordering packets if it
receives one packet with CE set, while previous packets in same NAPI run
have ECT(0) for the same flow :
09:25:25.857620 IP (tos 0x2,ECT(0), ttl 64, id 27893, offset 0, flags
[DF], proto TCP (6), length 4396)
172.30.42.19.54550 > 172.30.42.13.44139: Flags [.], seq
233801:238145, ack 1, win 115, options [nop,nop,TS val 3397779 ecr
1990627], length 4344
09:25:25.857626 IP (tos 0x3,CE, ttl 64, id 27892, offset 0, flags [DF],
proto TCP (6), length 1500)
172.30.42.19.54550 > 172.30.42.13.44139: Flags [.], seq
232353:233801, ack 1, win 115, options [nop,nop,TS val 3397779 ecr
1990627], length 1448
09:25:25.857638 IP (tos 0x0, ttl 64, id 34581, offset 0, flags [DF],
proto TCP (6), length 64)
172.30.42.13.44139 > 172.30.42.19.54550: Flags [.], cksum 0xac8f
(incorrect -> 0xca69), ack 232353, win 1271, options [nop,nop,TS val
1990627 ecr 3397779,nop,nop,sack 1 {233801:238145}], length 0
We have two problems here :
1) GRO reorders packets
If NIC gave packet1, then packet2, which happen to be from "different
flows" GRO feeds stack with packet2, then packet1. I have yet to
understand how to solve this problem.
2) GRO is not ECN friendly
Delivering packets out of order makes TCP stack not as fast as it could
be.
In this patch I suggest we make the tos test not part of the 'same_flow'
determination, but part of the 'should flush' logic
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-06 02:34:50 +04:00
if ( unlikely ( ip_fast_csum ( ( u8 * ) iph , 5 ) ) )
2021-11-24 01:56:07 +03:00
goto out ;
2008-12-16 10:41:09 +03:00
2010-04-21 06:06:52 +04:00
id = ntohl ( * ( __be32 * ) & iph - > id ) ;
2013-05-31 15:18:10 +04:00
flush = ( u16 ) ( ( ntohl ( * ( __be32 * ) iph ) ^ skb_gro_len ( skb ) ) | ( id & ~ IP_DF ) ) ;
2009-05-26 22:50:29 +04:00
id > > = 16 ;
2008-12-16 10:41:09 +03:00
2018-06-24 08:13:49 +03:00
list_for_each_entry ( p , head , list ) {
2008-12-16 10:41:09 +03:00
struct iphdr * iph2 ;
2016-04-11 04:44:57 +03:00
u16 flush_id ;
2008-12-16 10:41:09 +03:00
if ( ! NAPI_GRO_CB ( p ) - > same_flow )
continue ;
net-gro: Prepare GRO stack for the upcoming tunneling support
This patch modifies the GRO stack to avoid the use of "network_header"
and associated macros like ip_hdr() and ipv6_hdr() in order to allow
an arbitary number of IP hdrs (v4 or v6) to be used in the
encapsulation chain. This lays the foundation for various IP
tunneling support (IP-in-IP, GRE, VXLAN, SIT,...) to be added later.
With this patch, the GRO stack traversing now is mostly based on
skb_gro_offset rather than special hdr offsets saved in skb (e.g.,
skb->network_header). As a result all but the top layer (i.e., the
the transport layer) must have hdrs of the same length in order for
a pkt to be considered for aggregation. Therefore when adding a new
encap layer (e.g., for tunneling), one must check and skip flows
(e.g., by setting NAPI_GRO_CB(p)->same_flow to 0) that have a
different hdr length.
Note that unlike the network header, the transport header can and
will continue to be set by the GRO code since there will be at
most one "transport layer" in the encap chain.
Signed-off-by: H.K. Jerry Chu <hkchu@google.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-12 08:53:45 +04:00
iph2 = ( struct iphdr * ) ( p - > data + off ) ;
/* The above works because, with the exception of the top
* ( inner most ) layer , we only aggregate pkts with the same
* hdr length so all the hdrs we ' ll need to verify will start
* at the same offset .
*/
2009-02-08 21:00:39 +03:00
if ( ( iph - > protocol ^ iph2 - > protocol ) |
2010-04-21 06:06:52 +04:00
( ( __force u32 ) iph - > saddr ^ ( __force u32 ) iph2 - > saddr ) |
( ( __force u32 ) iph - > daddr ^ ( __force u32 ) iph2 - > daddr ) ) {
2008-12-16 10:41:09 +03:00
NAPI_GRO_CB ( p ) - > same_flow = 0 ;
continue ;
}
/* All fields must match except length and checksum. */
NAPI_GRO_CB ( p ) - > flush | =
2009-02-08 21:00:39 +03:00
( iph - > ttl ^ iph2 - > ttl ) |
net: tcp: GRO should be ECN friendly
While doing TCP ECN tests, I discovered GRO was reordering packets if it
receives one packet with CE set, while previous packets in same NAPI run
have ECT(0) for the same flow :
09:25:25.857620 IP (tos 0x2,ECT(0), ttl 64, id 27893, offset 0, flags
[DF], proto TCP (6), length 4396)
172.30.42.19.54550 > 172.30.42.13.44139: Flags [.], seq
233801:238145, ack 1, win 115, options [nop,nop,TS val 3397779 ecr
1990627], length 4344
09:25:25.857626 IP (tos 0x3,CE, ttl 64, id 27892, offset 0, flags [DF],
proto TCP (6), length 1500)
172.30.42.19.54550 > 172.30.42.13.44139: Flags [.], seq
232353:233801, ack 1, win 115, options [nop,nop,TS val 3397779 ecr
1990627], length 1448
09:25:25.857638 IP (tos 0x0, ttl 64, id 34581, offset 0, flags [DF],
proto TCP (6), length 64)
172.30.42.13.44139 > 172.30.42.19.54550: Flags [.], cksum 0xac8f
(incorrect -> 0xca69), ack 232353, win 1271, options [nop,nop,TS val
1990627 ecr 3397779,nop,nop,sack 1 {233801:238145}], length 0
We have two problems here :
1) GRO reorders packets
If NIC gave packet1, then packet2, which happen to be from "different
flows" GRO feeds stack with packet2, then packet1. I have yet to
understand how to solve this problem.
2) GRO is not ECN friendly
Delivering packets out of order makes TCP stack not as fast as it could
be.
In this patch I suggest we make the tos test not part of the 'same_flow'
determination, but part of the 'should flush' logic
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-08-06 02:34:50 +04:00
( iph - > tos ^ iph2 - > tos ) |
net-gre-gro: Add GRE support to the GRO stack
This patch built on top of Commit 299603e8370a93dd5d8e8d800f0dff1ce2c53d36
("net-gro: Prepare GRO stack for the upcoming tunneling support") to add
the support of the standard GRE (RFC1701/RFC2784/RFC2890) to the GRO
stack. It also serves as an example for supporting other encapsulation
protocols in the GRO stack in the future.
The patch supports version 0 and all the flags (key, csum, seq#) but
will flush any pkt with the S (seq#) flag. This is because the S flag
is not support by GSO, and a GRO pkt may end up in the forwarding path,
thus requiring GSO support to break it up correctly.
Currently the "packet_offload" structure only contains L3 (ETH_P_IP/
ETH_P_IPV6) GRO offload support so the encapped pkts are limited to
IP pkts (i.e., w/o L2 hdr). But support for other protocol type can
be easily added, so is the support for GRE variations like NVGRE.
The patch also support csum offload. Specifically if the csum flag is on
and the h/w is capable of checksumming the payload (CHECKSUM_COMPLETE),
the code will take advantage of the csum computed by the h/w when
validating the GRE csum.
Note that commit 60769a5dcd8755715c7143b4571d5c44f01796f1 "ipv4: gre:
add GRO capability" already introduces GRO capability to IPv4 GRE
tunnels, using the gro_cells infrastructure. But GRO is done after
GRE hdr has been removed (i.e., decapped). The following patch applies
GRO when pkts first come in (before hitting the GRE tunnel code). There
is some performance advantage for applying GRO as early as possible.
Also this approach is transparent to other subsystem like Open vSwitch
where GRE decap is handled outside of the IP stack hence making it
harder for the gro_cells stuff to apply. On the other hand, some NICs
are still not capable of hashing on the inner hdr of a GRE pkt (RSS).
In that case the GRO processing of pkts from the same remote host will
all happen on the same CPU and the performance may be suboptimal.
I'm including some rough preliminary performance numbers below. Note
that the performance will be highly dependent on traffic load, mix as
usual. Moreover it also depends on NIC offload features hence the
following is by no means a comprehesive study. Local testing and tuning
will be needed to decide the best setting.
All tests spawned 50 copies of netperf TCP_STREAM and ran for 30 secs.
(super_netperf 50 -H 192.168.1.18 -l 30)
An IP GRE tunnel with only the key flag on (e.g., ip tunnel add gre1
mode gre local 10.246.17.18 remote 10.246.17.17 ttl 255 key 123)
is configured.
The GRO support for pkts AFTER decap are controlled through the device
feature of the GRE device (e.g., ethtool -K gre1 gro on/off).
1.1 ethtool -K gre1 gro off; ethtool -K eth0 gro off
thruput: 9.16Gbps
CPU utilization: 19%
1.2 ethtool -K gre1 gro on; ethtool -K eth0 gro off
thruput: 5.9Gbps
CPU utilization: 15%
1.3 ethtool -K gre1 gro off; ethtool -K eth0 gro on
thruput: 9.26Gbps
CPU utilization: 12-13%
1.4 ethtool -K gre1 gro on; ethtool -K eth0 gro on
thruput: 9.26Gbps
CPU utilization: 10%
The following tests were performed on a different NIC that is capable of
csum offload. I.e., the h/w is capable of computing IP payload csum
(CHECKSUM_COMPLETE).
2.1 ethtool -K gre1 gro on (hence will use gro_cells)
2.1.1 ethtool -K eth0 gro off; csum offload disabled
thruput: 8.53Gbps
CPU utilization: 9%
2.1.2 ethtool -K eth0 gro off; csum offload enabled
thruput: 8.97Gbps
CPU utilization: 7-8%
2.1.3 ethtool -K eth0 gro on; csum offload disabled
thruput: 8.83Gbps
CPU utilization: 5-6%
2.1.4 ethtool -K eth0 gro on; csum offload enabled
thruput: 8.98Gbps
CPU utilization: 5%
2.2 ethtool -K gre1 gro off
2.2.1 ethtool -K eth0 gro off; csum offload disabled
thruput: 5.93Gbps
CPU utilization: 9%
2.2.2 ethtool -K eth0 gro off; csum offload enabled
thruput: 5.62Gbps
CPU utilization: 8%
2.2.3 ethtool -K eth0 gro on; csum offload disabled
thruput: 7.69Gbps
CPU utilization: 8%
2.2.4 ethtool -K eth0 gro on; csum offload enabled
thruput: 8.96Gbps
CPU utilization: 5-6%
Signed-off-by: H.K. Jerry Chu <hkchu@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-01-07 22:23:19 +04:00
( ( iph - > frag_off ^ iph2 - > frag_off ) & htons ( IP_DF ) ) ;
2008-12-16 10:41:09 +03:00
NAPI_GRO_CB ( p ) - > flush | = flush ;
2016-04-11 04:44:57 +03:00
/* We need to store of the IP ID check to be included later
* when we can verify that this packet does in fact belong
* to a given flow .
*/
flush_id = ( u16 ) ( id - ntohs ( iph2 - > id ) ) ;
/* This bit of code makes it much easier for us to identify
* the cases where we are doing atomic vs non - atomic IP ID
* checks . Specifically an atomic check can return IP ID
* values 0 - 0xFFFF , while a non - atomic check can only
* return 0 or 0xFFFF .
*/
if ( ! NAPI_GRO_CB ( p ) - > is_atomic | |
! ( iph - > frag_off & htons ( IP_DF ) ) ) {
flush_id ^ = NAPI_GRO_CB ( p ) - > count ;
flush_id = flush_id ? 0xFFFF : 0 ;
}
/* If the previous IP ID value was based on an atomic
* datagram we can overwrite the value and ignore it .
*/
if ( NAPI_GRO_CB ( skb ) - > is_atomic )
NAPI_GRO_CB ( p ) - > flush_id = flush_id ;
else
NAPI_GRO_CB ( p ) - > flush_id | = flush_id ;
2008-12-16 10:41:09 +03:00
}
2016-04-11 04:44:57 +03:00
NAPI_GRO_CB ( skb ) - > is_atomic = ! ! ( iph - > frag_off & htons ( IP_DF ) ) ;
2008-12-16 10:41:09 +03:00
NAPI_GRO_CB ( skb ) - > flush | = flush ;
net-gro: Prepare GRO stack for the upcoming tunneling support
This patch modifies the GRO stack to avoid the use of "network_header"
and associated macros like ip_hdr() and ipv6_hdr() in order to allow
an arbitary number of IP hdrs (v4 or v6) to be used in the
encapsulation chain. This lays the foundation for various IP
tunneling support (IP-in-IP, GRE, VXLAN, SIT,...) to be added later.
With this patch, the GRO stack traversing now is mostly based on
skb_gro_offset rather than special hdr offsets saved in skb (e.g.,
skb->network_header). As a result all but the top layer (i.e., the
the transport layer) must have hdrs of the same length in order for
a pkt to be considered for aggregation. Therefore when adding a new
encap layer (e.g., for tunneling), one must check and skip flows
(e.g., by setting NAPI_GRO_CB(p)->same_flow to 0) that have a
different hdr length.
Note that unlike the network header, the transport header can and
will continue to be set by the GRO code since there will be at
most one "transport layer" in the encap chain.
Signed-off-by: H.K. Jerry Chu <hkchu@google.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-12 08:53:45 +04:00
skb_set_network_header ( skb , off ) ;
/* The above will be needed by the transport layer if there is one
* immediately following this IP hdr .
*/
2014-10-01 09:12:05 +04:00
/* Note : No need to call skb_gro_postpull_rcsum() here,
* as we already checked checksum over ipv4 header was 0
*/
2009-01-29 17:19:50 +03:00
skb_gro_pull ( skb , sizeof ( * iph ) ) ;
skb_set_transport_header ( skb , skb_gro_offset ( skb ) ) ;
2008-12-16 10:41:09 +03:00
2018-12-14 13:51:59 +03:00
pp = indirect_call_gro_receive ( tcp4_gro_receive , udp4_gro_receive ,
ops - > callbacks . gro_receive , head , skb ) ;
2008-12-16 10:41:09 +03:00
out :
2017-02-15 11:39:39 +03:00
skb_gro_flush_final ( skb , pp , flush ) ;
2008-12-16 10:41:09 +03:00
return pp ;
}
2018-06-24 08:13:49 +03:00
static struct sk_buff * ipip_gro_receive ( struct list_head * head ,
struct sk_buff * skb )
2016-03-19 19:32:01 +03:00
{
if ( NAPI_GRO_CB ( skb ) - > encap_mark ) {
NAPI_GRO_CB ( skb ) - > flush = 1 ;
return NULL ;
}
NAPI_GRO_CB ( skb ) - > encap_mark = 1 ;
return inet_gro_receive ( head , skb ) ;
}
2016-02-27 11:32:15 +03:00
# define SECONDS_PER_DAY 86400
/* inet_current_timestamp - Return IP network timestamp
*
* Return milliseconds since midnight in network byte order .
*/
__be32 inet_current_timestamp ( void )
{
u32 secs ;
u32 msecs ;
struct timespec64 ts ;
ktime_get_real_ts64 ( & ts ) ;
/* Get secs since midnight. */
( void ) div_u64_rem ( ts . tv_sec , SECONDS_PER_DAY , & secs ) ;
/* Convert to msecs. */
msecs = secs * MSEC_PER_SEC ;
/* Convert nsec to msec. */
msecs + = ( u32 ) ts . tv_nsec / NSEC_PER_MSEC ;
/* Convert to network byte order. */
2016-03-22 04:21:26 +03:00
return htonl ( msecs ) ;
2016-02-27 11:32:15 +03:00
}
EXPORT_SYMBOL ( inet_current_timestamp ) ;
2014-11-26 22:53:02 +03:00
int inet_recv_error ( struct sock * sk , struct msghdr * msg , int len , int * addr_len )
{
if ( sk - > sk_family = = AF_INET )
return ip_recv_error ( sk , msg , len , addr_len ) ;
# if IS_ENABLED(CONFIG_IPV6)
if ( sk - > sk_family = = AF_INET6 )
return pingv6_ops . ipv6_recv_error ( sk , msg , len , addr_len ) ;
# endif
return - EINVAL ;
}
2016-05-18 19:06:23 +03:00
int inet_gro_complete ( struct sk_buff * skb , int nhoff )
2008-12-16 10:41:09 +03:00
{
net-gro: Prepare GRO stack for the upcoming tunneling support
This patch modifies the GRO stack to avoid the use of "network_header"
and associated macros like ip_hdr() and ipv6_hdr() in order to allow
an arbitary number of IP hdrs (v4 or v6) to be used in the
encapsulation chain. This lays the foundation for various IP
tunneling support (IP-in-IP, GRE, VXLAN, SIT,...) to be added later.
With this patch, the GRO stack traversing now is mostly based on
skb_gro_offset rather than special hdr offsets saved in skb (e.g.,
skb->network_header). As a result all but the top layer (i.e., the
the transport layer) must have hdrs of the same length in order for
a pkt to be considered for aggregation. Therefore when adding a new
encap layer (e.g., for tunneling), one must check and skip flows
(e.g., by setting NAPI_GRO_CB(p)->same_flow to 0) that have a
different hdr length.
Note that unlike the network header, the transport header can and
will continue to be set by the GRO code since there will be at
most one "transport layer" in the encap chain.
Signed-off-by: H.K. Jerry Chu <hkchu@google.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-12 08:53:45 +04:00
__be16 newlen = htons ( skb - > len - nhoff ) ;
struct iphdr * iph = ( struct iphdr * ) ( skb - > data + nhoff ) ;
2012-11-15 12:49:14 +04:00
const struct net_offload * ops ;
2012-06-20 05:56:21 +04:00
int proto = iph - > protocol ;
2008-12-16 10:41:09 +03:00
int err = - ENOSYS ;
2017-03-07 20:33:31 +03:00
if ( skb - > encapsulation ) {
skb_set_inner_protocol ( skb , cpu_to_be16 ( ETH_P_IP ) ) ;
2014-07-15 02:54:46 +04:00
skb_set_inner_network_header ( skb , nhoff ) ;
2017-03-07 20:33:31 +03:00
}
2014-07-15 02:54:46 +04:00
2008-12-16 10:41:09 +03:00
csum_replace2 ( & iph - > check , iph - > tot_len , newlen ) ;
iph - > tot_len = newlen ;
2012-11-15 12:49:14 +04:00
ops = rcu_dereference ( inet_offloads [ proto ] ) ;
2012-11-15 12:49:23 +04:00
if ( WARN_ON ( ! ops | | ! ops - > callbacks . gro_complete ) )
2021-11-24 01:56:08 +03:00
goto out ;
2008-12-16 10:41:09 +03:00
net-gro: Prepare GRO stack for the upcoming tunneling support
This patch modifies the GRO stack to avoid the use of "network_header"
and associated macros like ip_hdr() and ipv6_hdr() in order to allow
an arbitary number of IP hdrs (v4 or v6) to be used in the
encapsulation chain. This lays the foundation for various IP
tunneling support (IP-in-IP, GRE, VXLAN, SIT,...) to be added later.
With this patch, the GRO stack traversing now is mostly based on
skb_gro_offset rather than special hdr offsets saved in skb (e.g.,
skb->network_header). As a result all but the top layer (i.e., the
the transport layer) must have hdrs of the same length in order for
a pkt to be considered for aggregation. Therefore when adding a new
encap layer (e.g., for tunneling), one must check and skip flows
(e.g., by setting NAPI_GRO_CB(p)->same_flow to 0) that have a
different hdr length.
Note that unlike the network header, the transport header can and
will continue to be set by the GRO code since there will be at
most one "transport layer" in the encap chain.
Signed-off-by: H.K. Jerry Chu <hkchu@google.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-12 08:53:45 +04:00
/* Only need to add sizeof(*iph) to get to the next hdr below
* because any hdr with option will have been flushed in
* inet_gro_receive ( ) .
*/
2018-12-14 13:51:59 +03:00
err = INDIRECT_CALL_2 ( ops - > callbacks . gro_complete ,
tcp4_gro_complete , udp4_gro_complete ,
skb , nhoff + sizeof ( * iph ) ) ;
2008-12-16 10:41:09 +03:00
2021-11-24 01:56:08 +03:00
out :
2008-12-16 10:41:09 +03:00
return err ;
}
2016-03-19 19:32:00 +03:00
static int ipip_gro_complete ( struct sk_buff * skb , int nhoff )
{
skb - > encapsulation = 1 ;
2016-05-18 19:06:10 +03:00
skb_shinfo ( skb ) - > gso_type | = SKB_GSO_IPXIP4 ;
2016-03-19 19:32:00 +03:00
return inet_gro_complete ( skb , nhoff ) ;
}
2008-04-04 01:27:58 +04:00
int inet_ctl_sock_create ( struct sock * * sk , unsigned short family ,
2008-04-04 01:28:30 +04:00
unsigned short type , unsigned char protocol ,
struct net * net )
2008-04-04 01:22:32 +04:00
{
2008-04-04 01:27:58 +04:00
struct socket * sock ;
2015-05-09 05:10:31 +03:00
int rc = sock_create_kern ( net , family , type , protocol , & sock ) ;
2008-04-04 01:22:32 +04:00
if ( rc = = 0 ) {
2008-04-04 01:27:58 +04:00
* sk = sock - > sk ;
( * sk ) - > sk_allocation = GFP_ATOMIC ;
2008-04-04 01:22:32 +04:00
/*
* Unhash it so that IP input processing does not even see it ,
* we do not wish this socket to see incoming packets .
*/
2008-04-04 01:27:58 +04:00
( * sk ) - > sk_prot - > unhash ( * sk ) ;
2008-04-04 01:22:32 +04:00
}
return rc ;
}
EXPORT_SYMBOL_GPL ( inet_ctl_sock_create ) ;
2014-05-06 02:55:55 +04:00
unsigned long snmp_fold_field ( void __percpu * mib , int offt )
2007-04-25 08:53:35 +04:00
{
unsigned long res = 0 ;
2014-05-06 02:55:55 +04:00
int i ;
2007-04-25 08:53:35 +04:00
2014-05-06 02:55:55 +04:00
for_each_possible_cpu ( i )
2015-08-30 08:59:41 +03:00
res + = snmp_get_cpu_field ( mib , i , offt ) ;
2007-04-25 08:53:35 +04:00
return res ;
}
EXPORT_SYMBOL_GPL ( snmp_fold_field ) ;
2010-07-01 00:31:19 +04:00
# if BITS_PER_LONG==32
2015-08-31 08:40:44 +03:00
u64 snmp_get_cpu_field64 ( void __percpu * mib , int cpu , int offt ,
2015-08-30 08:59:41 +03:00
size_t syncp_offset )
{
void * bhptr ;
struct u64_stats_sync * syncp ;
u64 v ;
unsigned int start ;
bhptr = per_cpu_ptr ( mib , cpu ) ;
syncp = ( struct u64_stats_sync * ) ( bhptr + syncp_offset ) ;
do {
start = u64_stats_fetch_begin_irq ( syncp ) ;
v = * ( ( ( u64 * ) bhptr ) + offt ) ;
} while ( u64_stats_fetch_retry_irq ( syncp , start ) ) ;
return v ;
}
EXPORT_SYMBOL_GPL ( snmp_get_cpu_field64 ) ;
2014-05-06 02:55:55 +04:00
u64 snmp_fold_field64 ( void __percpu * mib , int offt , size_t syncp_offset )
2010-07-01 00:31:19 +04:00
{
u64 res = 0 ;
int cpu ;
for_each_possible_cpu ( cpu ) {
2015-08-31 15:46:07 +03:00
res + = snmp_get_cpu_field64 ( mib , cpu , offt , syncp_offset ) ;
2010-07-01 00:31:19 +04:00
}
return res ;
}
EXPORT_SYMBOL_GPL ( snmp_fold_field64 ) ;
# endif
2005-04-17 02:20:36 +04:00
# ifdef CONFIG_IP_MULTICAST
2009-09-14 16:21:47 +04:00
static const struct net_protocol igmp_protocol = {
2005-04-17 02:20:36 +04:00
. handler = igmp_rcv ,
} ;
# endif
tcp/udp: Make early_demux back namespacified.
Commit e21145a9871a ("ipv4: namespacify ip_early_demux sysctl knob") made
it possible to enable/disable early_demux on a per-netns basis. Then, we
introduced two knobs, tcp_early_demux and udp_early_demux, to switch it for
TCP/UDP in commit dddb64bcb346 ("net: Add sysctl to toggle early demux for
tcp and udp"). However, the .proc_handler() was wrong and actually
disabled us from changing the behaviour in each netns.
We can execute early_demux if net.ipv4.ip_early_demux is on and each proto
.early_demux() handler is not NULL. When we toggle (tcp|udp)_early_demux,
the change itself is saved in each netns variable, but the .early_demux()
handler is a global variable, so the handler is switched based on the
init_net's sysctl variable. Thus, netns (tcp|udp)_early_demux knobs have
nothing to do with the logic. Whether we CAN execute proto .early_demux()
is always decided by init_net's sysctl knob, and whether we DO it or not is
by each netns ip_early_demux knob.
This patch namespacifies (tcp|udp)_early_demux again. For now, the users
of the .early_demux() handler are TCP and UDP only, and they are called
directly to avoid retpoline. So, we can remove the .early_demux() handler
from inet6?_protos and need not dereference them in ip6?_rcv_finish_core().
If another proto needs .early_demux(), we can restore it at that time.
Fixes: dddb64bcb346 ("net: Add sysctl to toggle early demux for tcp and udp")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Link: https://lore.kernel.org/r/20220713175207.7727-1-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-07-13 20:52:07 +03:00
static const struct net_protocol tcp_protocol = {
2012-06-20 08:22:05 +04:00
. handler = tcp_v4_rcv ,
. err_handler = tcp_v4_err ,
. no_policy = 1 ,
2014-01-09 13:01:17 +04:00
. icmp_strict_tag_validation = 1 ,
2005-04-17 02:20:36 +04:00
} ;
tcp/udp: Make early_demux back namespacified.
Commit e21145a9871a ("ipv4: namespacify ip_early_demux sysctl knob") made
it possible to enable/disable early_demux on a per-netns basis. Then, we
introduced two knobs, tcp_early_demux and udp_early_demux, to switch it for
TCP/UDP in commit dddb64bcb346 ("net: Add sysctl to toggle early demux for
tcp and udp"). However, the .proc_handler() was wrong and actually
disabled us from changing the behaviour in each netns.
We can execute early_demux if net.ipv4.ip_early_demux is on and each proto
.early_demux() handler is not NULL. When we toggle (tcp|udp)_early_demux,
the change itself is saved in each netns variable, but the .early_demux()
handler is a global variable, so the handler is switched based on the
init_net's sysctl variable. Thus, netns (tcp|udp)_early_demux knobs have
nothing to do with the logic. Whether we CAN execute proto .early_demux()
is always decided by init_net's sysctl knob, and whether we DO it or not is
by each netns ip_early_demux knob.
This patch namespacifies (tcp|udp)_early_demux again. For now, the users
of the .early_demux() handler are TCP and UDP only, and they are called
directly to avoid retpoline. So, we can remove the .early_demux() handler
from inet6?_protos and need not dereference them in ip6?_rcv_finish_core().
If another proto needs .early_demux(), we can restore it at that time.
Fixes: dddb64bcb346 ("net: Add sysctl to toggle early demux for tcp and udp")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Link: https://lore.kernel.org/r/20220713175207.7727-1-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-07-13 20:52:07 +03:00
static const struct net_protocol udp_protocol = {
2005-04-17 02:20:36 +04:00
. handler = udp_rcv ,
. err_handler = udp_err ,
. no_policy = 1 ,
} ;
2009-09-14 16:21:47 +04:00
static const struct net_protocol icmp_protocol = {
2005-04-17 02:20:36 +04:00
. handler = icmp_rcv ,
2013-02-22 02:18:44 +04:00
. err_handler = icmp_err ,
2007-12-12 21:44:43 +03:00
. no_policy = 1 ,
2005-04-17 02:20:36 +04:00
} ;
2008-07-18 15:01:44 +04:00
static __net_init int ipv4_mib_init_net ( struct net * net )
{
2013-10-08 02:51:58 +04:00
int i ;
2014-05-06 02:55:55 +04:00
net - > mib . tcp_statistics = alloc_percpu ( struct tcp_mib ) ;
if ( ! net - > mib . tcp_statistics )
2008-07-18 15:02:08 +04:00
goto err_tcp_mib ;
2014-05-06 02:55:55 +04:00
net - > mib . ip_statistics = alloc_percpu ( struct ipstats_mib ) ;
if ( ! net - > mib . ip_statistics )
2008-07-18 15:02:42 +04:00
goto err_ip_mib ;
2013-10-08 02:51:58 +04:00
for_each_possible_cpu ( i ) {
struct ipstats_mib * af_inet_stats ;
2014-05-06 02:55:55 +04:00
af_inet_stats = per_cpu_ptr ( net - > mib . ip_statistics , i ) ;
2013-10-08 02:51:58 +04:00
u64_stats_init ( & af_inet_stats - > syncp ) ;
}
2014-05-06 02:55:55 +04:00
net - > mib . net_statistics = alloc_percpu ( struct linux_mib ) ;
if ( ! net - > mib . net_statistics )
2008-07-18 15:03:08 +04:00
goto err_net_mib ;
2014-05-06 02:55:55 +04:00
net - > mib . udp_statistics = alloc_percpu ( struct udp_mib ) ;
if ( ! net - > mib . udp_statistics )
2008-07-18 15:03:27 +04:00
goto err_udp_mib ;
2014-05-06 02:55:55 +04:00
net - > mib . udplite_statistics = alloc_percpu ( struct udp_mib ) ;
if ( ! net - > mib . udplite_statistics )
2008-07-18 15:03:45 +04:00
goto err_udplite_mib ;
2014-05-06 02:55:55 +04:00
net - > mib . icmp_statistics = alloc_percpu ( struct icmp_mib ) ;
if ( ! net - > mib . icmp_statistics )
2008-07-18 15:04:02 +04:00
goto err_icmp_mib ;
2011-11-08 17:04:43 +04:00
net - > mib . icmpmsg_statistics = kzalloc ( sizeof ( struct icmpmsg_mib ) ,
GFP_KERNEL ) ;
if ( ! net - > mib . icmpmsg_statistics )
2008-07-18 15:04:22 +04:00
goto err_icmpmsg_mib ;
2008-07-18 15:02:08 +04:00
tcp_mib_init ( net ) ;
2008-07-18 15:01:44 +04:00
return 0 ;
2008-07-18 15:02:08 +04:00
2008-07-18 15:04:22 +04:00
err_icmpmsg_mib :
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . icmp_statistics ) ;
2008-07-18 15:04:02 +04:00
err_icmp_mib :
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . udplite_statistics ) ;
2008-07-18 15:03:45 +04:00
err_udplite_mib :
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . udp_statistics ) ;
2008-07-18 15:03:27 +04:00
err_udp_mib :
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . net_statistics ) ;
2008-07-18 15:03:08 +04:00
err_net_mib :
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . ip_statistics ) ;
2008-07-18 15:02:42 +04:00
err_ip_mib :
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . tcp_statistics ) ;
2008-07-18 15:02:08 +04:00
err_tcp_mib :
return - ENOMEM ;
2008-07-18 15:01:44 +04:00
}
static __net_exit void ipv4_mib_exit_net ( struct net * net )
{
2011-11-08 17:04:43 +04:00
kfree ( net - > mib . icmpmsg_statistics ) ;
2014-05-06 02:55:55 +04:00
free_percpu ( net - > mib . icmp_statistics ) ;
free_percpu ( net - > mib . udplite_statistics ) ;
free_percpu ( net - > mib . udp_statistics ) ;
free_percpu ( net - > mib . net_statistics ) ;
free_percpu ( net - > mib . ip_statistics ) ;
free_percpu ( net - > mib . tcp_statistics ) ;
2020-03-28 00:48:50 +03:00
# ifdef CONFIG_MPTCP
/* allocated on demand, see mptcp_init_sock() */
free_percpu ( net - > mib . mptcp_statistics ) ;
# endif
2008-07-18 15:01:44 +04:00
}
static __net_initdata struct pernet_operations ipv4_mib_ops = {
. init = ipv4_mib_init_net ,
. exit = ipv4_mib_exit_net ,
} ;
2005-04-17 02:20:36 +04:00
static int __init init_ipv4_mibs ( void )
{
2008-07-18 15:04:51 +04:00
return register_pernet_subsys ( & ipv4_mib_ops ) ;
2005-04-17 02:20:36 +04:00
}
2014-05-06 22:02:49 +04:00
static __net_init int inet_init_net ( struct net * net )
{
/*
* Set defaults for local port range
*/
seqlock_init ( & net - > ipv4 . ip_local_ports . lock ) ;
net - > ipv4 . ip_local_ports . range [ 0 ] = 32768 ;
tcp/dccp: try to not exhaust ip_local_port_range in connect()
A long standing problem on busy servers is the tiny available TCP port
range (/proc/sys/net/ipv4/ip_local_port_range) and the default
sequential allocation of source ports in connect() system call.
If a host is having a lot of active TCP sessions, chances are
very high that all ports are in use by at least one flow,
and subsequent bind(0) attempts fail, or have to scan a big portion of
space to find a slot.
In this patch, I changed the starting point in __inet_hash_connect()
so that we try to favor even [1] ports, leaving odd ports for bind()
users.
We still perform a sequential search, so there is no guarantee, but
if connect() targets are very different, end result is we leave
more ports available to bind(), and we spread them all over the range,
lowering time for both connect() and bind() to find a slot.
This strategy only works well if /proc/sys/net/ipv4/ip_local_port_range
is even, ie if start/end values have different parity.
Therefore, default /proc/sys/net/ipv4/ip_local_port_range was changed to
32768 - 60999 (instead of 32768 - 61000)
There is no change on security aspects here, only some poor hashing
schemes could be eventually impacted by this change.
[1] : The odd/even property depends on ip_local_port_range values parity
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-05-25 00:49:35 +03:00
net - > ipv4 . ip_local_ports . range [ 1 ] = 60999 ;
2014-05-06 22:02:50 +04:00
seqlock_init ( & net - > ipv4 . ping_group_range . lock ) ;
/*
* Sane defaults - nobody may create ping sockets .
* Boot scripts should set this to distro - specific group .
*/
net - > ipv4 . ping_group_range . range [ 0 ] = make_kgid ( & init_user_ns , 1 ) ;
net - > ipv4 . ping_group_range . range [ 1 ] = make_kgid ( & init_user_ns , 0 ) ;
2016-05-20 19:21:10 +03:00
/* Default values for sysctl-controlled parameters.
* We set them here , in case sysctl is not compiled .
*/
net - > ipv4 . sysctl_ip_default_ttl = IPDEFTTL ;
2018-08-01 01:36:03 +03:00
net - > ipv4 . sysctl_ip_fwd_update_priority = 1 ;
2016-05-20 19:21:10 +03:00
net - > ipv4 . sysctl_ip_dynaddr = 0 ;
net - > ipv4 . sysctl_ip_early_demux = 1 ;
2017-03-23 22:34:16 +03:00
net - > ipv4 . sysctl_udp_early_demux = 1 ;
net - > ipv4 . sysctl_tcp_early_demux = 1 ;
2020-04-27 23:56:46 +03:00
net - > ipv4 . sysctl_nexthop_compat_mode = 1 ;
2017-01-21 04:49:11 +03:00
# ifdef CONFIG_SYSCTL
net - > ipv4 . sysctl_ip_prot_sock = PROT_SOCK ;
# endif
2016-05-20 19:21:10 +03:00
2017-08-09 14:38:04 +03:00
/* Some igmp sysctl, whose values are always used */
net - > ipv4 . sysctl_igmp_max_memberships = 20 ;
net - > ipv4 . sysctl_igmp_max_msf = 10 ;
/* IGMP reports for link-local multicast groups are enabled by default */
net - > ipv4 . sysctl_igmp_llm_reports = 1 ;
net - > ipv4 . sysctl_igmp_qrv = 2 ;
2021-02-01 22:47:52 +03:00
net - > ipv4 . sysctl_fib_notify_on_flag_change = 0 ;
2014-05-06 22:02:49 +04:00
return 0 ;
}
static __net_initdata struct pernet_operations af_inet_ops = {
. init = inet_init_net ,
} ;
static int __init init_inet_pernet_ops ( void )
{
return register_pernet_subsys ( & af_inet_ops ) ;
}
2005-04-17 02:20:36 +04:00
static int ipv4_proc_init ( void ) ;
2005-07-06 01:40:10 +04:00
/*
* IP protocol layer initialiser
*/
2012-11-15 12:49:11 +04:00
static struct packet_offload ip_packet_offload __read_mostly = {
. type = cpu_to_be16 ( ETH_P_IP ) ,
2012-11-15 12:49:23 +04:00
. callbacks = {
. gso_segment = inet_gso_segment ,
. gro_receive = inet_gro_receive ,
. gro_complete = inet_gro_complete ,
} ,
2005-07-06 01:40:10 +04:00
} ;
2013-10-19 22:42:57 +04:00
static const struct net_offload ipip_offload = {
. callbacks = {
2019-02-20 18:52:12 +03:00
. gso_segment = ipip_gso_segment ,
2016-03-19 19:32:01 +03:00
. gro_receive = ipip_gro_receive ,
2016-03-19 19:32:00 +03:00
. gro_complete = ipip_gro_complete ,
2013-10-19 22:42:57 +04:00
} ,
} ;
2017-08-02 19:34:15 +03:00
static int __init ipip_offload_init ( void )
{
return inet_add_offload ( & ipip_offload , IPPROTO_IPIP ) ;
}
2012-11-15 12:49:21 +04:00
static int __init ipv4_offload_init ( void )
{
/*
* Add offloads
*/
2013-06-08 14:56:03 +04:00
if ( udpv4_offload_init ( ) < 0 )
2012-11-15 12:49:21 +04:00
pr_crit ( " %s: Cannot add UDP protocol offload \n " , __func__ ) ;
2013-06-07 09:11:46 +04:00
if ( tcpv4_offload_init ( ) < 0 )
pr_crit ( " %s: Cannot add TCP protocol offload \n " , __func__ ) ;
2017-08-02 19:34:15 +03:00
if ( ipip_offload_init ( ) < 0 )
pr_crit ( " %s: Cannot add IPIP protocol offload \n " , __func__ ) ;
2012-11-15 12:49:21 +04:00
dev_add_offload ( & ip_packet_offload ) ;
return 0 ;
}
fs_initcall ( ipv4_offload_init ) ;
static struct packet_type ip_packet_type __read_mostly = {
. type = cpu_to_be16 ( ETH_P_IP ) ,
. func = ip_rcv ,
2018-07-02 18:14:12 +03:00
. list_func = ip_list_rcv ,
2012-11-15 12:49:21 +04:00
} ;
2005-04-17 02:20:36 +04:00
static int __init inet_init ( void )
{
struct inet_protosw * q ;
struct list_head * r ;
2020-04-21 00:51:49 +03:00
int rc ;
2005-04-17 02:20:36 +04:00
2015-03-01 15:58:29 +03:00
sock_skb_cb_check_size ( sizeof ( struct inet_skb_parm ) ) ;
2005-04-17 02:20:36 +04:00
2022-06-18 06:47:05 +03:00
raw_hashinfo_init ( & raw_v4_hashinfo ) ;
2005-04-17 02:20:36 +04:00
rc = proto_register ( & tcp_prot , 1 ) ;
if ( rc )
2014-05-13 03:04:53 +04:00
goto out ;
2005-04-17 02:20:36 +04:00
rc = proto_register ( & udp_prot , 1 ) ;
if ( rc )
goto out_unregister_tcp_proto ;
rc = proto_register ( & raw_prot , 1 ) ;
if ( rc )
goto out_unregister_udp_proto ;
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
rc = proto_register ( & ping_prot , 1 ) ;
if ( rc )
goto out_unregister_raw_proto ;
2005-04-17 02:20:36 +04:00
/*
2007-02-09 17:24:47 +03:00
* Tell SOCKET that we are alive . . .
2005-04-17 02:20:36 +04:00
*/
2007-02-09 17:24:47 +03:00
( void ) sock_register ( & inet_family_ops ) ;
2005-04-17 02:20:36 +04:00
2008-07-16 00:00:59 +04:00
# ifdef CONFIG_SYSCTL
ip_static_sysctl_init ( ) ;
# endif
2005-04-17 02:20:36 +04:00
/*
* Add all the base protocols .
*/
if ( inet_add_protocol ( & icmp_protocol , IPPROTO_ICMP ) < 0 )
2012-03-11 22:36:11 +04:00
pr_crit ( " %s: Cannot add ICMP protocol \n " , __func__ ) ;
2005-04-17 02:20:36 +04:00
if ( inet_add_protocol ( & udp_protocol , IPPROTO_UDP ) < 0 )
2012-03-11 22:36:11 +04:00
pr_crit ( " %s: Cannot add UDP protocol \n " , __func__ ) ;
2005-04-17 02:20:36 +04:00
if ( inet_add_protocol ( & tcp_protocol , IPPROTO_TCP ) < 0 )
2012-03-11 22:36:11 +04:00
pr_crit ( " %s: Cannot add TCP protocol \n " , __func__ ) ;
2005-04-17 02:20:36 +04:00
# ifdef CONFIG_IP_MULTICAST
if ( inet_add_protocol ( & igmp_protocol , IPPROTO_IGMP ) < 0 )
2012-03-11 22:36:11 +04:00
pr_crit ( " %s: Cannot add IGMP protocol \n " , __func__ ) ;
2005-04-17 02:20:36 +04:00
# endif
/* Register the socket-side information for inet_create. */
for ( r = & inetsw [ 0 ] ; r < & inetsw [ SOCK_MAX ] ; + + r )
INIT_LIST_HEAD ( r ) ;
for ( q = inetsw_array ; q < & inetsw_array [ INETSW_ARRAY_LEN ] ; + + q )
inet_register_protosw ( q ) ;
/*
* Set the ARP module up
*/
arp_init ( ) ;
2007-02-09 17:24:47 +03:00
/*
* Set the IP module up
*/
2005-04-17 02:20:36 +04:00
ip_init ( ) ;
2021-12-28 13:41:45 +03:00
/* Initialise per-cpu ipv4 mibs */
if ( init_ipv4_mibs ( ) )
panic ( " %s: Cannot init ipv4 mibs \n " , __func__ ) ;
2005-04-17 02:20:36 +04:00
/* Setup TCP slab cache for open requests. */
tcp_init ( ) ;
2007-12-31 11:29:24 +03:00
/* Setup UDP memory threshold */
udp_init ( ) ;
2006-11-27 22:10:57 +03:00
/* Add UDP-Lite (RFC 3828) */
udplite4_register ( ) ;
2005-04-17 02:20:36 +04:00
2018-11-07 18:36:05 +03:00
raw_init ( ) ;
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
ping_init ( ) ;
2005-04-17 02:20:36 +04:00
/*
* Set the ICMP layer up
*/
2008-02-29 22:14:50 +03:00
if ( icmp_init ( ) < 0 )
panic ( " Failed to create the ICMP control socket. \n " ) ;
2005-04-17 02:20:36 +04:00
/*
* Initialise the multicast router
*/
# if defined(CONFIG_IP_MROUTE)
2008-07-03 08:13:36 +04:00
if ( ip_mr_init ( ) )
2012-03-11 22:36:11 +04:00
pr_crit ( " %s: Cannot init ipv4 mroute \n " , __func__ ) ;
2005-04-17 02:20:36 +04:00
# endif
2014-05-06 22:02:49 +04:00
if ( init_inet_pernet_ops ( ) )
pr_crit ( " %s: Cannot init ipv4 inet pernet ops \n " , __func__ ) ;
2007-02-09 17:24:47 +03:00
2005-04-17 02:20:36 +04:00
ipv4_proc_init ( ) ;
ipfrag_init ( ) ;
2005-07-06 01:40:10 +04:00
dev_add_pack ( & ip_packet_type ) ;
2015-07-23 11:08:44 +03:00
ip_tunnel_core_init ( ) ;
2005-04-17 02:20:36 +04:00
rc = 0 ;
out :
return rc ;
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
out_unregister_raw_proto :
proto_unregister ( & raw_prot ) ;
2005-04-17 02:20:36 +04:00
out_unregister_udp_proto :
proto_unregister ( & udp_prot ) ;
2006-09-28 03:33:45 +04:00
out_unregister_tcp_proto :
proto_unregister ( & tcp_prot ) ;
2005-04-17 02:20:36 +04:00
goto out ;
}
2006-04-29 02:19:17 +04:00
fs_initcall ( inet_init ) ;
2005-04-17 02:20:36 +04:00
/* ------------------------------------------------------------------------ */
# ifdef CONFIG_PROC_FS
static int __init ipv4_proc_init ( void )
{
int rc = 0 ;
if ( raw_proc_init ( ) )
goto out_raw ;
if ( tcp4_proc_init ( ) )
goto out_tcp ;
if ( udp4_proc_init ( ) )
goto out_udp ;
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
if ( ping_proc_init ( ) )
goto out_ping ;
2005-04-17 02:20:36 +04:00
if ( ip_misc_proc_init ( ) )
goto out_misc ;
out :
return rc ;
out_misc :
net: ipv4: add IPPROTO_ICMP socket kind
This patch adds IPPROTO_ICMP socket kind. It makes it possible to send
ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
without any special privileges. In other words, the patch makes it
possible to implement setuid-less and CAP_NET_RAW-less /bin/ping. In
order not to increase the kernel's attack surface, the new functionality
is disabled by default, but is enabled at bootup by supporting Linux
distributions, optionally with restriction to a group or a group range
(see below).
Similar functionality is implemented in Mac OS X:
http://www.manpagez.com/man/4/icmp/
A new ping socket is created with
socket(PF_INET, SOCK_DGRAM, PROT_ICMP)
Message identifiers (octets 4-5 of ICMP header) are interpreted as local
ports. Addresses are stored in struct sockaddr_in. No port numbers are
reserved for privileged processes, port 0 is reserved for API ("let the
kernel pick a free number"). There is no notion of remote ports, remote
port numbers provided by the user (e.g. in connect()) are ignored.
Data sent and received include ICMP headers. This is deliberate to:
1) Avoid the need to transport headers values like sequence numbers by
other means.
2) Make it easier to port existing programs using raw sockets.
ICMP headers given to send() are checked and sanitized. The type must be
ICMP_ECHO and the code must be zero (future extensions might relax this,
see below). The id is set to the number (local port) of the socket, the
checksum is always recomputed.
ICMP reply packets received from the network are demultiplexed according
to their id's, and are returned by recv() without any modifications.
IP header information and ICMP errors of those packets may be obtained
via ancillary data (IP_RECVTTL, IP_RETOPTS, and IP_RECVERR). ICMP source
quenches and redirects are reported as fake errors via the error queue
(IP_RECVERR); the next hop address for redirects is saved to ee_info (in
network order).
socket(2) is restricted to the group range specified in
"/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning
that nobody (not even root) may create ping sockets. Setting it to "100
100" would grant permissions to the single group (to either make
/sbin/ping g+s and owned by this group or to grant permissions to the
"netadmins" group), "0 4294967295" would enable it for the world, "100
4294967295" would enable it for the users, but not daemons.
The existing code might be (in the unlikely case anyone needs it)
extended rather easily to handle other similar pairs of ICMP messages
(Timestamp/Reply, Information Request/Reply, Address Mask Request/Reply
etc.).
Userspace ping util & patch for it:
http://openwall.info/wiki/people/segoon/ping
For Openwall GNU/*/Linux it was the last step on the road to the
setuid-less distro. A revision of this patch (for RHEL5/OpenVZ kernels)
is in use in Owl-current, such as in the 2011/03/12 LiveCD ISOs:
http://mirrors.kernel.org/openwall/Owl/current/iso/
Initially this functionality was written by Pavel Kankovsky for
Linux 2.4.32, but unfortunately it was never made public.
All ping options (-b, -p, -Q, -R, -s, -t, -T, -M, -I), are tested with
the patch.
PATCH v3:
- switched to flowi4.
- minor changes to be consistent with raw sockets code.
PATCH v2:
- changed ping_debug() to pr_debug().
- removed CONFIG_IP_PING.
- removed ping_seq_fops.owner field (unused for procfs).
- switched to proc_net_fops_create().
- switched to %pK in seq_printf().
PATCH v1:
- fixed checksumming bug.
- CAP_NET_RAW may not create icmp sockets anymore.
RFC v2:
- minor cleanups.
- introduced sysctl'able group range to restrict socket(2).
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-13 14:01:00 +04:00
ping_proc_exit ( ) ;
out_ping :
2005-04-17 02:20:36 +04:00
udp4_proc_exit ( ) ;
out_udp :
tcp4_proc_exit ( ) ;
out_tcp :
raw_proc_exit ( ) ;
out_raw :
rc = - ENOMEM ;
goto out ;
}
# else /* CONFIG_PROC_FS */
static int __init ipv4_proc_init ( void )
{
return 0 ;
}
# endif /* CONFIG_PROC_FS */