lines below (in the code we
have)...
Regards,
--
Antonio Quartulli
..each of us alone is worth nothing..
Ernesto "Che" Guevara
pgpyR7hC9GdIq.pgp
Description: PGP signature
ould make
it easier to find it.
Regards,
> Best regards, Emil
>
> On Wed, 2013-02-06 at 18:22 +0100, Antonio Quartulli wrote:
> > Hi Emil,
> >
> > On Wed, Feb 06, 2013 at 05:37:41 +0100, Emil Goode wrote:
> > > The commit ed242d01 removed a node parameter from iterato
On Wed, 2013-02-06 at 20:55 +0100, Antonio Quartulli wrote:
> > Hi Emil,
> >
> > On Wed, Feb 06, 2013 at 06:55:53 +0100, Emil Goode wrote:
> > > Hi Antonio,
> > >
> > > The commit ed242d01 is in the linux-next tree and my patch depends on
> > >
ed.
>
> Sparse gives a warning:
>
> net/batman-adv/originator.c:411:21: warning:
> unused variable ‘node_tmp’ [-Wunused-variable]
>
> Signed-off-by: Emil Goode
Acked-by: Antonio Quartulli
Thanks Emil
Cheers,
--
Antonio Quartulli
..each of us alone is w
]---
>
> Rip points to:
>
> for (i = 0; i < hash->size; i++) {
> head = &hash->table[i];
>
> rcu_read_lock();
> hlist_for_each_entry_rcu(orig_node, head, hash_entry) { <---
> here
>
On Sun, Sep 01, 2013 at 03:45:08PM -0700, Joe Perches wrote:
> This function is being removed, rename the reference.
>
> Signed-off-by: Joe Perches
Acked-by: Antonio Quartulli
Thanks a lot Joe
--
Antonio Quartulli
..each of us alone is worth nothing..
Ernesto "Che" Guev
On Thu, Jan 03, 2013 at 09:19:15PM +0900, Akinobu Mita wrote:
> Use more preferable function name which implies using a pseudo-random
> number generator.
>
> Signed-off-by: Akinobu Mita
> Acked-by: Antonio Quartulli
> Cc: Marek Lindner
> Cc: Simon Wunderlich
> Cc:
s adds the parentheses at the appropriate position so that it matches
> original intension.
>
> Signed-off-by: Akinobu Mita
> Cc: Marek Lindner
> Cc: Simon Wunderlich
> Cc: Antonio Quartulli
> Cc: b.a.t.m....@lists.open-mesh.org
> Cc: "David S. Miller"
> Cc:
On Mon, Dec 24, 2012 at 11:14:07AM +0900, Akinobu Mita wrote:
> Use more preferable function name which implies using a pseudo-random
> number generator.
>
> Signed-off-by: Akinobu Mita
> Cc: Marek Lindner
> Cc: Simon Wunderlich
> Cc: Antonio Quartulli
> Cc: b.a.t.m
trying to explain in the message.
Then, we usually pick this patches up in our repo and then we send them as batch
to the networking tree via pull request, therefore you can also skip the netdev
ml when sending the fixes.
Thank you very much!
Regards,
--
Antonio Quartulli
..each
already prepared pull request.
Is it ok with you?
Cheers,
--
Antonio Quartulli
..each of us alone is worth nothing..
Ernesto "Che" Guevara
signature.asc
Description: Digital signature
has been registered now and batman-adv is trying to
analyse it to decide if it is a potential candidate for its virtual device or
not.
To the best of my knowledge, if the function above is returning NULL, it means
that the iflink attribute contains a broken value.
Am I wrong or iflink
correct meaning.
Fix this by removing the iflink assignment in
__gre_tunnel_init().
Introduced by c54419321455631079c7d6e60bc732dd0c5914c5
("GRE: Refactor GRE tunneling code.")
Reported-by: Fengguang Wu
Cc: Pravin B Shelar
Cc: "David S. Miller"
Signed-off-by: Antonio Quar
el.
> This patch makes sure we free the memory in that case.
>
> Signed-off-by: Jesper Juhl
Acked-by: Antonio Quartulli
Thank you very much Jepser!
--
Antonio Quartulli
..each of us alone is worth nothing..
Ernesto "Che" Guevara
pgpDpRK1l8sVx.pgp
Description: PGP signature
On Fri, Jan 04, 2013 at 10:50:41PM +0900, Akinobu Mita wrote:
> 2013/1/4 Antonio Quartulli :
> > On Thu, Jan 03, 2013 at 09:19:15PM +0900, Akinobu Mita wrote:
> >> Use more preferable function name which implies using a pseudo-random
> >> number generator.
> >&
nvert is_my_mac() to bool") in
net-next that does exactly the same. I guess you did not pull the latest
changes before writing this patch?
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
The definition of IS_ERR() already applies the unlikely() notation
when checking the error status of the passed pointer. For this
reason there is no need to have the same notation outside of
IS_ERR() itself.
Clean up code by removing redundant notation.
Signed-off-by: Antonio Quartulli
The definition of IS_ERR() already applies the unlikely() notation
when checking the error status of the passed pointer. For this
reason there is no need to have the same notation outside of
IS_ERR() itself.
Clean up code by removing redundant notation.
Signed-off-by: Antonio Quartulli
The definition of IS_ERR() already applies the unlikely() notation
when checking the error status of the passed pointer. For this
reason there is no need to have the same notation outside of
IS_ERR() itself.
Clean up code by removing redundant notation.
Signed-off-by: Antonio Quartulli
The definition of IS_ERR() already applies the unlikely() notation
when checking the error status of the passed pointer. For this
reason there is no need to have the same notation outside of
IS_ERR() itself.
Clean up code by removing redundant notation.
Signed-off-by: Antonio Quartulli
quot; clause should be on the line right after the function
name (as explained in Documentation/kernel-doc-nano-HOWTO.txt), e.g.:
/**
* function_name - blabla
* @arg: I am a good arg description
*
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
On 08/01/14 03:53, Ding Tianhong wrote:
> It is better to use batadv_compate_eth instead of memcpy for
> concise style.
>
> Cc: Marek Lindner
> Cc: Simon Wunderlich
> Cc: Antonio Quartulli
> Cc: "David S. Miller"
> Cc: b.a.t.m@lists.open-mesh.org
> C
o make the payload after the
>* following ethernet header again 4 bytes boundary aligned
>*/
> -};
> +} __packed __aligned(2);
>
> /**
> * struct batadv_coded_packet - network coded packet
> @@ -404,9 +401,8 @@ struct batadv_coded_packet {
> uint8_t second_orig_dest[ETH_ALEN];
> __be32 second_crc;
> __be16 coded_len;
> -};
> +} __packed __aligned(2);
>
> -#pragma pack()
>
> /**
> * struct batadv_unicast_tvlv - generic unicast packet with tvlv payload
>
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
l
the other occurrences of "#pragma pack" and change them all (assuming
that using __attribute__((aligned(2))) is the way to go).
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
+ /* gw_node can be NULL. We need to check before dereferencing */
> + if (gw_node == NULL)
> + goto out;
> +
> if (!gw_node->bandwidth_down == 0)
> goto out;
>
> --
> 1.8.1.4
>
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
ner
> Cc: b.a.t.m@lists.open-mesh.org
> Cc: net...@vger.kernel.org
> Signed-off-by: Rasmus Villemoes
Acked-by: Antonio Quartulli
Thank you
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
working subsystem..but I know you don't like it ;)
(I just wanted to justify Justin).
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
at we can improve something by changing this? (I am not talking
about the fastpath here).
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
tx_work,0);
> + queue_delayed_work(system_power_efficient_wq,
> + &npinfo->tx_work, 0);
> }
> }
> EXPORT_SYMBOL(netpoll_send_skb_on_dev);
>
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
Joe,
we have other places in the batman-adv code where we use seq_printf, but
at the moment we don't check the return value and we always return 0 at
the end of the function.
I think we could use seq_overflow here as well?
Thanks,
--
Antonio Quartulli
signature.asc
Description: Op
> misused return that is often assumed to be an int for
> the number of bytes emitted ala printk.
>
> Signed-off-by: Joe Perches
I assume this patch is going to be merged with the others in some tree.
In that case:
Acked-by: Antonio Quartulli
Thanks,
--
Antonio Quartulli
> Signed-off-by: Joe Perches
Acked-by: Antonio Quartulli
- --
Antonio Quartulli
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCAAGBQJSoaKXAAoJEEKTMo6mOh1VMjoP/3GqGy0TQG1yXRzbrzAbbklJ
8Oa6DHQd2pSN/cJkR501JYwSUnCGh3m7eh7qc1HZYrEIgxIrJDLHWSq
? 1 : 0);
> + return ether_addr_equal_unaligned(data1, data2) ? 1 : 0;
same here
Moreover, include linux/etherdevice.h in both files as explained in
point 1) of Documentation/SubmitChecklist
Thanks.
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
On 23/12/13 09:59, Joe Perches wrote:
> On Mon, 2013-12-23 at 09:46 +0100, Antonio Quartulli wrote:
>> On 23/12/13 06:10, Ding Tianhong wrote:
>>
>> [...]
>>
>>> --- a/net/batman-adv/originator.c
>>> +++ b/net/batman-adv/originator.c
>>>
On 24/12/13 12:28, Ding Tianhong wrote:
> It is better to use batadv_compate_eth instead of memcpy for
> concise style.
>
> Cc: Marek Lindner
> Cc: Simon Wunderlich
> Cc: Antonio Quartulli
> Cc: "David S. Miller"
> Cc: b.a.t.m@lists.open-mesh.org
> C
ef(tt_local_entry);
> return ret;
Markus,
if you really want to make this codestyle change, I'd suggest you to go
through the whole batman-adv code and apply the same change where
needed. It does not make sense to change the codestyle in one spot only.
On top of that, by going through the batman-adv code you might agree
that the current style is actually not a bad idea.
Cheers,
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
Hi Joe,
thank you very much for this patch.
On 17/02/15 02:31, Joe Perches wrote:
> This function is soon going to return void so remove the
> return value use.
>
> Convert the return value to test seq_has_overflowed() instead.
>
> Signed-off-by: Joe Perches
Acked-by:
35991552 152746082 91ab862 vmlinux
Hi Danys,
thanks for your patch. This function is used in a several performance critical
code paths (i.e. packet forwarding).
Are we sure we are not losing in performance here?
Cheers,
--
Antonio Quartulli
signature.asc
Description: Digital signature
On Mon, Apr 25, 2016 at 03:45:20PM +0200, Denys Vlasenko wrote:
> On 04/25/2016 03:39 PM, Antonio Quartulli wrote:
> > On Mon, Apr 25, 2016 at 03:25:22PM +0200, Denys Vlasenko wrote:
> >> This function compiles to 473 bytes of machine code.
> >> 21 callsites.
> >
these variables at the beginning then.
> >
> > Signed-off-by: Markus Elfring
>
> I am assuming Antonio will take this in via his tree.
>
Yeah, it will go through our tree. Still under review right now.
Cheers,
--
Antonio Quartulli
signature.asc
Description: Digital signature
27;:
> (text+0x5c62c): undefined reference to `cfg80211_get_station'
>
> This clarifies the dependency to cover all combinations.
>
> Signed-off-by: Arnd Bergmann
> Fixes: c833484e5f38 ("batman-adv: ELP - compute the metric based on the
> estimated throughput")
fit in 80 chars.. in that case the patch looks good.
Acked-by: Antonio Quartulli
--
Antonio Quartulli
signature.asc
Description: OpenPGP digital signature
On 04/10/2024 18:13, Donald Hunter wrote:
On Wed, 2 Oct 2024 at 10:03, Antonio Quartulli wrote:
+definitions:
+ -
+type: const
+name: nonce-tail-size
+value: 8
+ -
+type: enum
+name: cipher-alg
+value-start: 0
value-start defaults to 0 for enum so this is
On 07/10/24 17:53, Jakub Kicinski wrote:
On Mon, 7 Oct 2024 12:04:22 +0200 Antonio Quartulli wrote:
Or we could check if len(self.checks) <= 1 early and throw our hands up
if there is more, for now?
We already perform the same check in the 'else' branch below.
It'd be abou
ibute-set: ovpn
+ flags: [ admin-perm ]
+ doc: Delete existing interface of type ovpn
+ do:
+pre: ovpn-nl-pre-doit
+post: ovpn-nl-post-doit
+request:
+ attributes:
+- ifindex
[...]
--
Antonio Quartulli
OpenVPN Inc.
do:
+pre: ovpn-nl-pre-doit
+post: ovpn-nl-post-doit
+request:
+ attributes:
+ - ifindex
[...]
--
Antonio Quartulli
OpenVPN Inc.
--
Antonio Quartulli
OpenVPN Inc.
--
Antonio Quartulli
OpenVPN Inc.
s to endless confusion. We use NLA_UNSPEC (0)
if min-len is set (IOW we don't set .type to NLA_BINARY). NLA_UNSPEC
has different semantics for len.
Agreed that we should probably clean this up, but no bug AFAICT.
--
Antonio Quartulli
OpenVPN Inc.
Hi,
On 03/10/2024 00:35, Shuah Khan wrote:
On 10/2/24 03:02, Antonio Quartulli wrote:
The ovpn-cli tool can be compiled and used as selftest for the ovpn
kernel module.
Does this test load ovpn module before running tests? If so does
it unload the modules after tests are complete?
The
On 16/10/2024 10:27, Jiri Pirko wrote:
Wed, Oct 16, 2024 at 03:03:04AM CEST, anto...@openvpn.net wrote:
Add basic infrastructure for handling ovpn interfaces.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 115 --
drivers/net/ovpn
On 16/10/2024 23:14, Shuah Khan wrote:
On 10/15/24 19:03, Antonio Quartulli wrote:
The ovpn-cli tool can be compiled and used as selftest for the ovpn
kernel module.
It implements the netlink API and can thus be integrated in any
script for more automated testing.
Along with the tool, 2
On 16/10/2024 23:14, Shuah Khan wrote:
On 10/15/24 19:03, Antonio Quartulli wrote:
The ovpn-cli tool can be compiled and used as selftest for the ovpn
kernel module.
It implements the netlink API and can thus be integrated in any
script for more automated testing.
Along with the tool, 2
On 17/10/2024 23:40, Shuah Khan wrote:
On 10/17/24 05:27, Antonio Quartulli wrote:
On 16/10/2024 23:14, Shuah Khan wrote:
On 10/15/24 19:03, Antonio Quartulli wrote:
The ovpn-cli tool can be compiled and used as selftest for the ovpn
kernel module.
It implements the netlink API and can thus
l-post-doit
+request:
+ attributes:
+ - ifindex
[...]
--
Antonio Quartulli
OpenVPN Inc.
--
Antonio Quartulli
OpenVPN Inc.
/ovpn/netlink-gen.h
Cc: donald.hun...@gmail.com
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/ovpn.yaml | 387 ++
MAINTAINERS | 2 +
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c
ff-by: Antonio Quartulli
---
MAINTAINERS | 8
drivers/net/Kconfig | 14 ++
drivers/net/Makefile | 1 +
drivers/net/ovpn/Makefile | 11 +
drivers/net/ovpn/io.c | 22 ++
drivers/net/ovpn/io.h | 15 +++
drivers/net/ovpn/main.c
Add basic infrastructure for handling ovpn interfaces.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 155 +-
drivers/net/ovpn/main.h | 10 +++
drivers/net/ovpn/ovpnstruct.h | 8 +++
drivers/net/ovpn/packet.h | 40
linux-kernel-ovpn
Thanks a lot!
Best Regards,
Antonio Quartulli
OpenVPN Inc.
---
Antonio Quartulli (24):
netlink: add NLA_POLICY_MAX_LEN macro
net: introduce OpenVPN Data Channel Offload (ovpn)
ovpn: add basic netlink support
ovpn: add basic interface creation/destru
Similarly to NLA_POLICY_MIN_LEN, NLA_POLICY_MAX_LEN defines a policy
with a maximum length value.
The netlink generator for YAML specs has been extended accordingly.
Cc: donald.hun...@gmail.com
Signed-off-by: Antonio Quartulli
---
include/net/netlink.h | 1 +
tools/net/ynl/ynl-gen-c.py
Allow userspace to create and destroy an interface using netlink
commands.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.h| 2 ++
drivers/net/ovpn/netlink.c | 59 --
2 files changed, 59 insertions(+), 2 deletions(-)
diff --git a
An ovpn interface will keep carrier always on and let the user
decide when an interface should be considered disconnected.
This way, even if an ovpn interface is not connected to any peer,
it can still retain all IPs and routes and thus prevent any data
leak.
Signed-off-by: Antonio Quartulli
a later
patch.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/socket.c | 120 ++
drivers/net/ovpn/socket.h | 48 +++
drivers/net/ovpn/udp.c| 72
drivers/net
Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
Packets received over the socket are forwarded to the user device.
Implementation is UDP only. TCP will be added by a later patch.
Note: no decryption/decapsulation exists yet, packets are forwarded as
they arrive without much processing.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
ovpn_peer, also the ovpn_bind object is introcued
as the two are strictly related.
An ovpn_bind object wraps a sockaddr representing the local
coordinates being used to talk to a specific peer.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/bind.c
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 3 +
drivers/net/ovpn/crypto.c
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/crypto_aead.c | 2 ++
drivers/net/ovpn/io.c | 12
With this change ovpn is allowed to communicate to peers also via TCP.
Parsing of incoming messages is implemented through the strparser API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 4 +
drivers/net
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 50 +++-
drivers/net/ovpn/ovpnstruct.h
: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 272 ++--
1 file changed, 264 insertions(+), 8 deletions(-)
diff --git a/drivers/net/ovpn/peer.c b/drivers/net/ovpn/peer.c
index
3c6fbf99f696c18d8a2dbe169c7f6f5933fb71ac
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 77 +
drivers/net
A peer connected via UDP may change its IP address without reconnecting
(float).
Add support for detecting and updating the new peer IP/port in case of
floating.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/bind.c | 10 ++--
drivers/net/ovpn/io.c | 9
drivers/net/ovpn/peer.c
In case of UDP links, the local endpoint used to communicate with a
given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 45
amount of traffic by
periodically polling GET_PEER and fetching the VPN/LINK stats.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/crypto.c | 19
drivers/net/ovpn/crypto.h | 2 ++
drivers/net/ovpn/io.c | 18 ++-
drivers/net/ovpn/netlink.c | 55
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 582
This change introduces the netlink commands needed to add, delete and
swap keys for a specific peer.
Userspace is expected to use these commands to create, destroy and
rotate session keys for a specific peer.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 210
.
The scripts can be performed in sequence by running run.sh
Cc: sh...@kernel.org
Cc: linux-kselft...@vger.kernel.org
Signed-off-by: Antonio Quartulli
---
MAINTAINERS |1 +
tools/testing/selftests/Makefile |1 +
tools/testing/selftests
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file
With this change ovpn is allowed to communicate to peers also via TCP.
Parsing of incoming messages is implemented through the strparser API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig | 1 +
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/io.c | 4 +
drivers/net
: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 272 ++--
1 file changed, 264 insertions(+), 8 deletions(-)
diff --git a/drivers/net/ovpn/peer.c b/drivers/net/ovpn/peer.c
index
73ef509faab9701192a45ffe78a46dbbbeab01c2
Similarly to NLA_POLICY_MIN_LEN, NLA_POLICY_MAX_LEN defines a policy
with a maximum length value.
The netlink generator for YAML specs has been extended accordingly.
Signed-off-by: Antonio Quartulli
Reviewed-by: Donald Hunter
---
include/net/netlink.h | 1 +
tools/net/ynl/ynl-gen-c.py
` and `iperf`.
In general it is useful only in case of failure, in order to
understand which step has failed and why.
Cc: linux-kselft...@vger.kernel.org
Signed-off-by: Antonio Quartulli
Reviewed-by: Shuah Khan
---
MAINTAINERS|1 +
tools/testing
With this change an ovpn instance will be able to stay connected to
multiple remote endpoints.
This functionality is strictly required when running ovpn on an
OpenVPN server.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 55 +-
drivers/net/ovpn/ovpnstruct.h
A peer connected via UDP may change its IP address without reconnecting
(float).
Add support for detecting and updating the new peer IP/port in case of
floating.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/bind.c | 10 ++--
drivers/net/ovpn/io.c | 9
drivers/net/ovpn/peer.c
Add basic infrastructure for handling ovpn interfaces.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/main.c | 115 --
drivers/net/ovpn/main.h | 7 +++
drivers/net/ovpn/ovpnstruct.h | 8 +++
drivers/net/ovpn/packet.h | 40
ovpn_peer, also the ovpn_bind object is introcued
as the two are strictly related.
An ovpn_bind object wraps a sockaddr representing the local
coordinates being used to talk to a specific peer.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/bind.c
Packets sent over the ovpn interface are processed and transmitted to the
connected peer, if any.
Implementation is UDP only. TCP will be added by a later patch.
Note: no crypto/encapsulation exists yet. packets are just captured and
sent.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
An ovpn interface will keep carrier always on and let the user
decide when an interface should be considered disconnected.
This way, even if an ovpn interface is not connected to any peer,
it can still retain all IPs and routes and thus prevent any data
leak.
Signed-off-by: Antonio Quartulli
/ovpn/netlink-gen.h
Cc: donald.hun...@gmail.com
Signed-off-by: Antonio Quartulli
---
Documentation/netlink/specs/ovpn.yaml | 362 ++
MAINTAINERS | 2 +
drivers/net/ovpn/Makefile | 2 +
drivers/net/ovpn/main.c
Packets received over the socket are forwarded to the user device.
Implementation is UDP only. TCP will be added by a later patch.
Note: no decryption/decapsulation exists yet, packets are forwarded as
they arrive without much processing.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn
Byte/packet counters for in-tunnel and transport streams
are now initialized and updated as needed.
To be exported via netlink.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 1 +
drivers/net/ovpn/crypto_aead.c | 2 ++
drivers/net/ovpn/io.c | 11
Implement support for basic ethtool functionality.
Note that ovpn is a virtual device driver, therefore
various ethtool APIs are just not meaningful and thus
not implemented.
Signed-off-by: Antonio Quartulli
Reviewed-by: Andrew Lunn
---
drivers/net/ovpn/main.c | 15 +++
1 file
This change introduces the netlink command needed to add, delete and
retrieve/dump known peers. Userspace is expected to use these commands
to handle known peer lifecycles.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/netlink.c | 578
This change introduces the netlink commands needed to add, get, delete
and swap keys for a specific peer.
Userspace is expected to use these commands to create, inspect (non
sensible data only), destroy and rotate session keys for a specific
peer.
Signed-off-by: Antonio Quartulli
---
drivers
Whenever a peer is deleted, send a notification to userspace so that it
can react accordingly.
This is most important when a peer is deleted due to ping timeout,
because it all happens in kernelspace and thus userspace has no direct
way to learn about it.
Signed-off-by: Antonio Quartulli
In case of UDP links, the local endpoint used to communicate with a
given peer may change without a connection restart.
Add support for learning the new address in case of change.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/peer.c | 45
OpenVPN supports configuring a periodic keepalive packet.
message to allow the remote endpoint detect link failures.
This change implements the keepalive sending and timer expiring logic.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/io.c | 77 +
drivers/net
retained the Reviewed-by tag
since no major code modification has happened since the review.
The latest code can also be found at:
https://github.com/OpenVPN/linux-kernel-ovpn
Thanks a lot!
Best Regards,
Antonio Quartulli
OpenVPN Inc.
---
Antonio Quartulli (23):
netlink: add
ff-by: Antonio Quartulli
---
MAINTAINERS | 8
drivers/net/Kconfig | 13 ++
drivers/net/Makefile | 1 +
drivers/net/ovpn/Makefile | 11 +
drivers/net/ovpn/io.c | 22 +
drivers/net/ovpn/io.h | 15 ++
drivers/net/ovpn/main.c
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/ovpn/Makefile | 3 +
drivers/net/ovpn/crypto.c
1 - 100 of 618 matches
Mail list logo
