summaryrefslogtreecommitdiff
path: root/net/dcb
AgeCommit message (Collapse)Author
2014-06-26net: Use netlink_ns_capable to verify the permisions of netlink messagesEric W. Biederman
[ Upstream commit 90f62cf30a78721641e08737bda787552428061e ] It is possible by passing a netlink socket to a more privileged executable and then to fool that executable into writing to the socket data that happens to be valid netlink message to do something that privileged executable did not intend to do. To keep this from happening replace bare capable and ns_capable calls with netlink_capable, netlink_net_calls and netlink_ns_capable calls. Which act the same as the previous calls except they verify that the opener of the socket had the desired permissions as well. Reported-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-03-22rtnetlink: Remove passing of attributes into rtnl_doit functionsThomas Graf
With decnet converted, we can finally get rid of rta_buf and its computations around it. It also gets rid of the minimal header length verification since all message handlers do that explicitly anyway. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller
Conflicts: drivers/net/ethernet/intel/e1000e/netdev.c Minor conflict in e1000e, a line that got fixed in 'net' has been removed in 'net-next'. Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-10dcbnl: fix various netlink info leaksMathias Krause
The dcb netlink interface leaks stack memory in various places: * perm_addr[] buffer is only filled at max with 12 of the 32 bytes but copied completely, * no in-kernel driver fills all fields of an IEEE 802.1Qaz subcommand, so we're leaking up to 58 bytes for ieee_ets structs, up to 136 bytes for ieee_pfc structs, etc., * the same is true for CEE -- no in-kernel driver fills the whole struct, Prevent all of the above stack info leaks by properly initializing the buffers/structures involved. Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-09dcb: fix sparse warningsstephen hemminger
Add header with function definitions to quiet warnings and avoid future errors. Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-12-10net: Allow DCBnl to use other namespaces besides init_netJohn Fastabend
Allow DCB and net namespace to work together. This is useful if you have containers that are bound to 'phys' interfaces that want to also manage their DCB attributes. The net namespace is taken from sock_net(skb->sk) of the netlink skb. CC: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-18net: Push capable(CAP_NET_ADMIN) into the rtnl methodsEric W. Biederman
- In rtnetlink_rcv_msg convert the capable(CAP_NET_ADMIN) check to ns_capable(net->user-ns, CAP_NET_ADMIN). Allowing unprivileged users to make netlink calls to modify their local network namespace. - In the rtnetlink doit methods add capable(CAP_NET_ADMIN) so that calls that are not safe for unprivileged users are still protected. Later patches will remove the extra capable calls from methods that are safe for unprivilged users. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-10netlink: Rename pid to portid to avoid confusionEric W. Biederman
It is a frequent mistake to confuse the netlink port identifier with a process identifier. Try to reduce this confusion by renaming fields that hold port identifiers portid instead of pid. I have carefully avoided changing the structures exported to userspace to avoid changing the userspace API. I have successfully built an allyesconfig kernel with this change. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-07-10net: Fix non-kernel-doc comments with kernel-doc start markerBen Hutchings
Signed-off-by: Ben Hutchings <bhutchings@solarflare.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-21net: dcb: fix small regression in __dcbnl_pg_setcfg()John Fastabend
A small regression was introduced in the reply command of dcbnl_pg_setcfg(). User space apps may be expecting the DCB_ATTR_PG_CFG attribute to be returned with the patch below TX or RX variants are returned. commit 7be994138b188387691322921c08e19bddf6d3c5 Author: Thomas Graf <tgraf@suug.ch> Date: Wed Jun 13 02:54:55 2012 +0000 dcbnl: Shorten all command handling functions This patch reverts this behavior and returns DCB_ATTR_PG_CFG Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-14dcbnl: Use BUG_ON() instead of BUG()Thomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-14dcbnl: Silence harmless gcc warning about uninitialized reply_nlhThomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Use type safe nlmsg_data()Thomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Move dcb app allocation into dcb_app_add()Thomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Move dcb app lookup code into dcb_app_lookup()Thomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Return consistent error codesThomas Graf
EMSGSIZE - ran out of space while constructing message EOPNOTSUPP - driver/hardware does not support operation ENODEV - network device not found EINVAL - invalid message Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Use dcbnl_newmsg() where possibleThomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Remove now unused dcbnl_reply()Thomas Graf
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Shorten all command handling functionsThomas Graf
Allocating and sending the skb in dcb_doit() allows for much shorter and cleaner command handling functions. The huge switch statement is replaced with an array based definition of the handling function and reply message type. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-06-13dcbnl: Prepare framework to shorten handling functionsThomas Graf
There is no need to allocate and send the reply message in each handling function separately. Instead, the reply skb can be allocated and sent in dcb_doit() directly. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-04-25net: dcb: add CEE notify callsJohn Fastabend
This adds code to trigger CEE events when an APP change or setall command is made from user space. This simplifies user space code significantly by creating a single interface to listen on that works with both firmware and userland agents. And if we end up with multiple agents this keeps every thing in sync userland agents, firmware agents, and kernel notifier consumers. For an example agent that listens for these events see: https://github.com/jrfastab/cgdcbxd cgdcbxd is a daemon used to monitor DCB netlink events and manage the net_prio control group sub-system. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Acked-by: Shmulik Ravid <shmulikr@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-04-05net/dcb: Add an optional max rate attributeAmir Vadai
Although not specified in 8021Qaz spec, it could be useful to enable drivers whose HW supports setting a rate limit for an ETS TC. This patch adds this optional attribute to DCB netlink. To use it, drivers should implement and register the callbacks ieee_setmaxrate and ieee_getmaxrate. The units are 64 bits long and specified in Kbps to enable usage over both slow and very fast networks. Signed-off-by: Amir Vadai <amirv@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-04-02dcbnl: Stop using NLA_PUT*().David S. Miller
These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller <davem@davemloft.net>
2011-10-31net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modulesPaul Gortmaker
These files are non modular, but need to export symbols using the macros now living in export.h -- call out the include so that things won't break when we remove the implicit presence of module.h from everywhere. Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2011-10-31net: Fix files explicitly needing to include module.hPaul Gortmaker
With calls to modular infrastructure, these files really needs the full module.h header. Call it out so some of the cleanups of implicit and unrequired includes elsewhere can be cleaned up. Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2011-10-06dcb: add DCBX mode to event notifier attributesJohn Fastabend
Add DCBX mode to event notifiers so listeners can learn currently enabled mode. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-10-06dcb: Use ifindex instead of ifnameMark Rustad
Use ifindex instead of ifname in the DCB app ring. This makes for a smaller data structure and faster comparisons. It also avoids possible issues when a net device is renamed. Signed-off-by: Mark Rustad <mark.d.rustad@intel.com> Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-08dcbnl: unlock on an error path in dcbnl_cee_fill()Dan Carpenter
We need to release "dcb_lock" which we took on the previous line. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-05dcbnl: Add CEE notificationShmulik Ravid
This patch add an unsolicited notification of the DCBX negotiated parameters for the CEE flavor of the DCBX protocol. The notification message is identical to the aggregated CEE get operation and holds all the pertinent local and peer information. The notification routine is exported so it can be invoked by drivers supporting an embedded DCBX stack. Signed-off-by: Shmulik Ravid <shmulikr@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-07-05dcbnl: Aggregated CEE GET operationShmulik Ravid
The following couple of patches add dcbnl an unsolicited notification of the the DCB configuration for the CEE flavor of the DCBX protocol. This is useful when the user-mode DCB client is not responsible for conducting and resolving the DCBX negotiation (either because the DCBX stack is embedded in the HW or the negotiation is handled by another agent in the host), but still needs to get the negotiated parameters. This functionality already exists for the IEEE flavor of the DCBX protocol and these patches add it to the older CEE flavor. The first patch extends the CEE attribute GET operation to include not only the peer information, but also all the pertinent local configuration (negotiated parameters). The second patch adds and export a CEE specific notification routine. Signed-off-by: Shmulik Ravid <shmulikr@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-23dcb: use nlmsg_free() instead of kfree()Dan Carpenter
These sk_buff structs were allocated with nlmsg_new() so they should be freed with nlmsg_free(). Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21dcb: Add missing error check in dcb_ieee_set()John Fastabend
Missing error checking before nla_parse_nested(). Reported-by: Mark Rustad <mark.d.rustad@intel.com> Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21dcb: fix return type on dcb_setapp()John Fastabend
Incorrect return type on dcb_setapp() this routine returns negative error codes. All call sites of dcb_setapp() assign the return value to an int already so no need to update drivers. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21dcb: Add dcb_ieee_getapp_mask() for drivers to query APP settingsJohn Fastabend
With multiple APP entries per selector and protocol drivers or stacks may want to pick a specific value or stripe traffic across many priorities. Also if an APP entry in use is deleted the stack/driver may want to choose from the existing APP entries. To facilitate this and avoid having duplicate code to walk the APP ring provide a routine dcb_ieee_getapp_mask() to return a u8 bitmask of all priorities set for the specified selector and protocol. This routine and bitmask is a helper for DCB kernel users. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21dcb: Add ieee_dcb_delapp() and dcb op to delete app entryJohn Fastabend
Now that we allow multiple IEEE App entries we need a way to remove specific entries. To do this add the ieee_dcb_delapp() routine. Additionaly drivers may need to remove the APP entry from their firmware tables. Add dcb ops routine to handle this. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21dcb: Add ieee_dcb_setapp() to be used for IEEE 802.1Qaz APP dataJohn Fastabend
This adds a setapp routine for IEEE802.1Qaz encoded APP data types. The IEEE 802.1Qaz spec encodes the priority bits differently and allows for multiple APP data entries of the same selector and protocol. Trying to force these to use the same set routines was becoming tedious. Furthermore, userspace could probably enforce the correct semantics, but expecting drivers to do this seems error prone in the firmware case. For these reasons add ieee_dcb_setapp() that understands the IEEE 802.1Qaz encoded form. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21net: dcbnl, add multicast group for DCBJohn Fastabend
Now that dcbnl is being used in many cases by more than a single agent it is beneficial to be notified when some entity either driver or user space has changed the DCB attributes. Today applications either end up polling the interface or relying on a user space database to maintain the DCB state and post events. Polling is a poor solution for obvious reasons. And relying on a user space database has its own downside. Namely it has created strange boot dependencies requiring the database be populated before any applications dependent on DCB attributes starts or the application goes into a polling loop. Populating the database requires negotiating link setting with the peer and can take anywhere from less than a second up to a few seconds depending on the switch implementation. Perhaps more importantly if another application or an embedded agent sets a DCB link attribute the database has no way of knowing other than polling the kernel. This prevents applications from responding quickly to changes in link events which at least in the FCoE case and probably any other protocols expecting a lossless link may result in IO errors. By adding a multicast group for DCB we have clean way to disseminate kernel DCB link attributes up to user space. Avoiding the need for user space to maintain a coherant database and disperse events that potentially do not reflect the current link state. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-21dcb: Add DCBX capabilities bitmask to the get_ieee responseJohn Fastabend
Adding the capabilities bitmask to the get_ieee response allows user space to determine the current DCBX mode. Either CEE or IEEE this is useful with devices that support switching between modes where knowing the current state is relevant. Derived from work by Mark Rustad Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-06-09rtnetlink: Compute and store minimum ifinfo dump sizeGreg Rose
The message size allocated for rtnl ifinfo dumps was limited to a single page. This is not enough for additional interface info available with devices that support SR-IOV and caused a bug in which VF info would not be displayed if more than approximately 40 VFs were created per interface. Implement a new function pointer for the rtnl_register service that will calculate the amount of data required for the ifinfo dump and allocate enough data to satisfy the request. Signed-off-by: Greg Rose <gregory.v.rose@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2011-03-14net: dcbnl: Update copyright datesMark Rustad
Signed-off-by: Mark Rustad <mark.d.rustad@intel.com> Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-03-03Merge branch 'master' of ↵David S. Miller
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: drivers/net/bnx2x/bnx2x.h
2011-03-02dcbnl: add support for retrieving peer configuration - ceeShmulik Ravid
This patch adds the support for retrieving the remote or peer DCBX configuration via dcbnl for embedded DCBX stacks supporting the CEE DCBX standard. Signed-off-by: Shmulik Ravid <shmulikr@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-03-02dcbnl: add support for retrieving peer configuration - ieeeShmulik Ravid
These 2 patches add the support for retrieving the remote or peer DCBX configuration via dcbnl for embedded DCBX stacks. The peer configuration is part of the DCBX MIB and is useful for debugging and diagnostics of the overall DCB configuration. The first patch add this support for IEEE 802.1Qaz standard the second patch add the same support for the older CEE standard. Diff for v2 - the peer-app-info is CEE specific. Signed-off-by: Shmulik Ravid <shmulikr@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-03-02net: dcbnl: check correct ops in dcbnl_ieee_set()John Fastabend
The incorrect ops routine was being tested for in DCB_ATTR_IEEE_PFC attributes. This patch corrects it. Currently, every driver implementing ieee_setets also implements ieee_setpfc so this bug is not actualized yet. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-13Don't potentially dereference NULL in net/dcb/dcbnl.c:dcbnl_getapp()Jesper Juhl
nla_nest_start() may return NULL. If it does then we'll blow up in nla_nest_end() when we dereference the pointer. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-13net: dcb: application priority is per net_deviceJohn Fastabend
The app_data priority may not be the same for all net devices. In order for stacks with application notifiers to identify the specific net device dcb_app_type should be passed in the ptr. This allows handlers to use dev_get_by_name() to pin priority to net devices. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-24dcbnl: make get_app handling symmetric for IEEE and CEE DCBxJohn Fastabend
The IEEE get/set app handlers use generic routines and do not require the net_device to implement the dcbnl_ops routines. This patch makes it symmetric so user space and drivers do not have to handle the CEE version and IEEE DCBx versions differently. Signed-off-by: John Fastabend <john.r.fastabend@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-06dcb: use after free in dcb_flushapp()Dan Carpenter
The original code has a use after free bug because it's not using the _safe() version of the list_for_each_entry() macro. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-06dcb: unlock on error in dcbnl_ieee_get()Dan Carpenter
There is a "goto nla_put_failure" hidden inside the NLA_PUT() macro, but we're holding the dcb_lock so we need to unlock first. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-01-03dcbnl: more informed return values for new dcbnl routinesShmulik Ravid
More accurate return values for the following (new) dcbnl routines: dcbnl_getdcbx() dcbnl_setdcbx() dcbnl_getfeatcfg() dcbnl_setfeatcfg() Signed-off-by: Shmulik Ravid <shmulikr@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>