genlmsg_cancel() needs to be called in the error path of
inet6_fill_ifmcaddr and inet6_fill_ifacaddr to cancel
the message.
Fixes: 203651b665f72 ("ipv6: add inet6_fill_args")
Reported-by: Hulk Robot
Signed-off-by: Zhang Qilong
---
net/ipv6/addrconf.c | 8 ++--
1 file changed, 6 insertions(+
This patch adds an IPv4 routes encapsulation attribute
to the result of netlink RTM_GETROUTE requests
(e.g. ip route get 192.0.2.1).
Signed-off-by: Oliver Herms
---
net/ipv4/route.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index dc2a399cd9f4..b4d
On Wed, Nov 11, 2020 at 11:06 PM Martin Schiller wrote:
>
> About 1 year ago I was asked by Arnd Bergmann if I would like to become
> the maintainer for the X.25 stack:
>
> https://patchwork.ozlabs.org/project/netdev/patch/20191209151256.2497534-4-a...@arndb.de/#2320767
>
> Yes, I would agree to b
On Wed, 2020-11-11 at 11:23 +0800, Claire Chang wrote:
> On Wed, Nov 11, 2020 at 1:35 AM Johannes Berg
> wrote:
> > On Tue, 2020-11-10 at 16:49 +0800, Claire Chang wrote:
> > > If a device is getting removed or reprobed during resume, use-after-free
> > > might happen. For example, h5_btrtl_resum
Add driver for Samsung S3FWRN82 NFC controller.
S3FWRN82 is using NCI protocol and I2C communication interface.
Signed-off-by: bongsujeon
---
.../devicetree/bindings/net/nfc/s3fwrn82.txt | 30 ++
drivers/nfc/Kconfig | 1 +
drivers/nfc/Makefile
On Thu, Nov 12, 2020 at 2:48 AM 王擎 wrote:
> >> On Wed, Nov 11, 2020 at 03:24:33PM +0200, Grygorii Strashko wrote:
> >
> >I don't think v1 builds cleanly folks (not 100% sure, cpts is not
> >compiled on x86):
> >
> > ret = cpts->ptp_clock ? cpts->ptp_clock : (-ENODEV);
> >
> >ptp_cloc
From: Mariusz Dudek
Add support for separation of eBPF program load and xsk socket
creation.
This is needed for use-case when you want to privide as little
privileges as possible to the data plane application that will
handle xsk socket creation and incoming traffic.
With this patch the data en
From: Mariusz Dudek
Introduce a sample program to demonstrate the control and data
plane split. For the control plane part a new program called
xdpsock_ctrl_proc is introduced. For the data plane part, some code
was added to xdpsock_user.c to act as the data plane entity.
Application xdpsock_ctr
From: Mariusz Dudek
This patch series adds support for separation of eBPF program
load and xsk socket creation. In for example a Kubernetes
environment you can have an AF_XDP CNI or daemonset that is
responsible for launching pods that execute an application
using AF_XDP sockets. It is desirabl
On Thu, Nov 12, 2020 at 12:06 AM CET, Daniel Borkmann wrote:
[...]
>>> I'm not initimately familiar with this test, but looking at the change
>>> I'd consider that Destinations Options and encapsulation headers can
>>> follow the Fragment Header.
>>>
>>> With enough of Dst Opts or levels of encap
Hello!
On 11.11.2020 14:12, Marcel Holtmann wrote:
hci_phy_link_complete_evt() has several duplicate error paths -- consolidate
them, using the *goto* statements.
Signed-off-by: Sergey Shtylyov
---
net/bluetooth/hci_event.c | 16 ++--
1 file changed, 6 insertions(+), 10 deletion
From: Wenlin Kang
Replace strncpy() with strscpy(), fixes the following warning:
In function 'bearer_name_validate',
inlined from 'tipc_enable_bearer' at net/tipc/bearer.c:246:7:
net/tipc/bearer.c:141:2: warning: 'strncpy' specified bound 32 equals
destination size [-Wstringop-truncation]
On Wed, Nov 11, 2020 at 02:23:28PM -0800, Vinicius Costa Gomes wrote:
> Miroslav Lichvar writes:
> > On Tue, Nov 10, 2020 at 11:06:07AM -0800, Vinicius Costa Gomes wrote:
> >> The NIC I have supports PTM cycles from every ~1ms to ~512ms, and from
> >> my tests it wants to be kept running "in backg
The x25_disconnect function in x25_subr.c would decrease the refcount of
"x25->neighbour" (struct x25_neigh) and reset this pointer to NULL.
However, in the x25_rx_call_request function in af_x25.c, which is called
when we receive a connection request, does not increase the refcount when
it assign
From: wenxu
The mru in the qdisc_skb_cb should be init as 0. Only defrag packets in the
act_ct will set the value.
Fixes: 038ebb1a713d ("net/sched: act_ct: fix miss set mru for ovs after defrag
in act_ct")
Signed-off-by: wenxu
---
v11: no change
net/core/dev.c | 2 ++
1 file changed, 2 inser
From: wenxu
Currently kernel tc subsystem can do conntrack in act_ct. But when several
fragment packets go through the act_ct, function tcf_ct_handle_fragments
will defrag the packets to a big one. But the last action will redirect
mirred to a device which maybe lead the reassembly big packet ove
From: wenxu
This one is prepare for the next patch.
Signed-off-by: wenxu
---
v11: no change
include/net/sch_generic.h | 5 -
net/sched/act_mirred.c| 21 +++--
2 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/include/net/sch_generic.h b/include/net/sch_
From: wenxu
Currently kernel tc subsystem can do conntrack in cat_ct. But when several
fragment packets go through the act_ct, function tcf_ct_handle_fragments
will defrag the packets to a big one. But the last action will redirect
mirred to a device which maybe lead the reassembly big packet ove
On Mon, 02 Nov 2020, Lee Jones wrote:
> Fixes the following W=1 kernel build warning(s):
>
> drivers/net/wimax/i2400m/control.c:1195: warning: Function parameter or
> member 'arg' not described in 'i2400m_set_init_config'
> drivers/net/wimax/i2400m/control.c:1195: warning: Excess function para
On 12/11/2020 10:25, Arnd Bergmann wrote:
On Thu, Nov 12, 2020 at 2:48 AM 王擎 wrote:
On Wed, Nov 11, 2020 at 03:24:33PM +0200, Grygorii Strashko wrote:
I don't think v1 builds cleanly folks (not 100% sure, cpts is not
compiled on x86):
ret = cpts->ptp_clock ? cpts->ptp_clock
On Mon, 02 Nov 2020, Lee Jones wrote:
> 'pkt_len' is used to interact with a hardware register. It might not
> be safe to remove it entirely. Mark it as __maybe_unused instead.
>
> Fixes the following W=1 kernel build warning(s):
>
> drivers/net/ethernet/smsc/smc91x.c: In function ‘smc_tx’:
>
Just got the following when running iperf3 on linux-next from yesterday.
Haven't seen this error before.
[ 91.508431] [ cut here ]
[ 91.508642] WARNING: CPU: 2 PID: 2320 at net/core/stream.c:207
sk_stream_kill_queues+0x10d/0x120
[ 91.508755] Modules linked in: snd_h
The x25_disconnect function in x25_subr.c would decrease the refcount of
"x25->neighbour" (struct x25_neigh) and reset this pointer to NULL.
However, the x25_rx_call_request function in af_x25.c, which is called
when we receive a connection request, does not increase the refcount when
it assigns t
On 11/12/20 7:52 AM, Kegl Rohit wrote:
> On Wed, Nov 11, 2020 at 11:18 PM Fabio Estevam wrote:
>>
>> On Wed, Nov 11, 2020 at 11:27 AM Kegl Rohit wrote:
>>>
>>> Hello!
>>>
>>> We are using a imx6q platform.
>>> The fec interface is used to receive a continuous stream of custom /
>>> raw etherne
This series improves MPTCP handling of multiple concurrent
xmit streams.
The to-be-transmitted data is enqueued to a subflow only when
the send window is open, keeping the subflows xmit queue shorter
and allowing for faster switch-over.
The above requires a more accurate msk socket state tracking
mptcp_push_pending() is called even on orphaned
msk (and orphaned subflows), if there is outstanding
data at close() time.
To cope with the above MPTCP needs to handle explicitly
the allocation failure on xmit. The newly introduced
do_tcp_sendfrag() allows that, just plug it.
We can additionally
Will be needed by the next patch, as MPTCP needs to handle
directly the error/memory-allocation-needed path.
No functional changes intended.
Additionally let MPTCP code access the tcp_remove_empty_skb()
helper.
Signed-off-by: Paolo Abeni
---
include/net/tcp.h | 3 ++
net/ipv4/tcp.c| 119
Preparation patch to track the data pending in the msk
write queue. No functional change introduced here
Signed-off-by: Paolo Abeni
---
net/mptcp/protocol.c | 1 +
net/mptcp/protocol.h | 38 +++---
2 files changed, 36 insertions(+), 3 deletions(-)
diff --git a/n
unlocked version of protocol level close, will be used by
MPTCP to allow decouple orphaning and subflow level close.
Signed-off-by: Paolo Abeni
---
include/net/tcp.h | 1 +
net/ipv4/tcp.c| 9 +++--
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/include/net/tcp.h b/include
mptcp_sendmsg() is refactored so that first it copies
the data provided from user space into the send queue,
and then tries to spool the send queue via sendmsg_frag.
There a subtle change in the mptcp level collapsing on
consecutive data fragment: we now allow that only on unsent
data.
The latter
We must not close the subflows before all the MPTCP level
data, comprising the DATA_FIN has been acked at the MPTCP
level, otherwise we could be unable to retransmit as needed.
__mptcp_wr_shutdown() shutdown is responsible to check for the
correct status and close all subflows. Is called by the ou
From: Florian Westphal
Before sending 'x' new bytes also check that the new snd_una would
be within the permitted receive window.
For every ACK that also contains a DSS ack, check whether its tcp-level
receive window would advance the current mptcp window right edge and
update it if so.
Signed-
remove some of code duplications an allow preventing
rescheduling on close.
Signed-off-by: Paolo Abeni
---
net/mptcp/pm.c | 3 +--
net/mptcp/protocol.c | 36 ++--
net/mptcp/protocol.h | 1 +
3 files changed, 24 insertions(+), 16 deletions(-)
diff --git a/
After the previous patch we may end-up with unsent data
in the write buffer. If such buffer is full, the writer
will block for unlimited time.
We need to trigger the MPTCP xmit path even for the
subflow rx path, on MPTCP snd_una updates.
Keep things simple and just schedule the work queue if
need
On Thu, Nov 12, 2020 at 10:04:45AM +, Lee Jones wrote:
> On Mon, 02 Nov 2020, Lee Jones wrote:
>
> > Fixes the following W=1 kernel build warning(s):
> >
> > drivers/net/wimax/i2400m/control.c:1195: warning: Function parameter or
> > member 'arg' not described in 'i2400m_set_init_config'
>
From: Florian Westphal
MPTCP maintains a status bit, MPTCP_SEND_SPACE, that is set when at
least one subflow and the mptcp socket itself are writeable.
mptcp_poll returns EPOLLOUT if the bit is set.
mptcp_sendmsg makes sure MPTCP_SEND_SPACE gets cleared when last write
has used up all subflows
The current argument list is pretty long and quite unreadable,
move many of them into a specific struct. Later patches
will add more stuff to such struct.
Additionally drop the 'timeo' argument, now unused.
Signed-off-by: Paolo Abeni
---
net/mptcp/protocol.c | 53 ---
When the worker moves some bytes from the OoO queue into
the receive queue, the msk->ask_seq is updated, the MPTCP-level
ack carrying that value needs to wait the next ingress packet,
possibly slowing down or hanging the peer
Signed-off-by: Paolo Abeni
---
net/mptcp/protocol.c | 36 +
Track the next MPTCP sequence number used on xmit,
currently always equal to write_next.
Signed-off-by: Paolo Abeni
---
net/mptcp/options.c | 4 ++--
net/mptcp/protocol.c | 7 +--
net/mptcp/protocol.h | 17 +
3 files changed, 16 insertions(+), 12 deletions(-)
diff --git a
On Wed, Nov 11, 2020 at 06:47:27PM +0200, Vladimir Oltean wrote:
> On Wed, Nov 11, 2020 at 07:56:58AM -0800, Florian Fainelli wrote:
> > The semantics of promiscuous are pretty clear though, and if you have a
> > NIC with VLAN filtering capability which could prevent the stack from
> > seeing *all*
Commit d3fd65484c781 ("net: core: add dev_sw_netstats_tx_add")
has added function "dev_sw_netstats_tx_add()" to update
net device per-cpu TX stats.
Use this function instead of ieee80211_tx_stats().
Signed-off-by: Lev Stipakov
---
net/mac80211/tx.c | 16 +++-
1 file changed, 3 inser
Fix missing clk_disable_unprepare() before return from
gswip_gphy_fw_load() in the error handling case.
Fixes: 14fceff4771e ("net: dsa: Add Lantiq / Intel DSA driver for vrx200")
Reported-by: Hulk Robot
Signed-off-by: Zhang Changzhong
---
drivers/net/dsa/lantiq_gswip.c | 6 +-
1 file change
From: Eric Dumazet
> Sent: 12 November 2020 10:42
>
> On 11/12/20 7:52 AM, Kegl Rohit wrote:
> > On Wed, Nov 11, 2020 at 11:18 PM Fabio Estevam wrote:
> >>
> >> On Wed, Nov 11, 2020 at 11:27 AM Kegl Rohit wrote:
> >>>
> >>> Hello!
> >>>
> >>> We are using a imx6q platform.
> >>> The fec interfac
Commit d3fd65484c781 ("net: core: add dev_sw_netstats_tx_add") has added
function "dev_sw_netstats_tx_add()" to update net device per-cpu TX
stats.
Use this function instead of own code. While on it, replace
"len" variable with "skb->len".
Signed-off-by: Lev Stipakov
---
net/openvswitch/vport-i
Commit d3fd65484c781 ("net: core: add dev_sw_netstats_tx_add") has added
function "dev_sw_netstats_tx_add()" to update net device per-cpu TX
stats.
Use this function instead of own code.
Signed-off-by: Lev Stipakov
---
net/xfrm/xfrm_interface.c | 7 +--
1 file changed, 1 insertion(+), 6 del
Depending on the SoC/platform the CPSW can completely lose context after a
suspend/resume cycle, including CPSW wrapper (WR) which will cause reset of
WR_C0_MISC_EN register, so CPTS IRQ will became disabled.
Fix it by moving CPTS IRQ enabling in cpsw_ndo_open() where CPTS is
actually started.
Fi
Add the missing clk_disable_unprepare() before return from
smsc_phy_probe() in the error handling case.
Fixes: bedd8d78aba3 ("net: phy: smsc: LAN8710/20: add phy refclk in support")
Reported-by: Hulk Robot
Signed-off-by: Zhang Changzhong
---
drivers/net/phy/smsc.c | 4 +++-
1 file changed, 3 in
Fix to return a negative error code from the error handling
case instead of 0, as done elsewhere in this function.
Fixes: 8c7bd5a454ff ("net: ethernet: mtk-star-emac: new driver")
Reported-by: Hulk Robot
Signed-off-by: Zhang Changzhong
---
drivers/net/ethernet/mediatek/mtk_star_emac.c | 1 +
1
Fix to return a negative error code from the error handling
case instead of 0, as done elsewhere in this function.
Fixes: b66c7bc1cd4d ("iavf: Refactor init state machine")
Reported-by: Hulk Robot
Signed-off-by: Zhang Changzhong
---
drivers/net/ethernet/intel/iavf/iavf_main.c | 3 ++-
1 file ch
On Thu, Nov 12, 2020 at 12:35 PM Vincent Stehlé
wrote:
>
> The ndo_start_xmit() method must return NETDEV_TX_OK if the DMA mapping
> fails, after freeing the socket buffer.
> Fix the mtk_star_netdev_start_xmit() function accordingly.
>
> Fixes: 8c7bd5a454ff ("net: ethernet: mtk-star-emac: new driv
From: Björn Töpel
Add support for non-blocking recvmsg() to XDP sockets. Previously,
only sendmsg() was supported by XDP socket. Now, for symmetry and the
upcoming busy-polling support, recvmsg() is added.
Signed-off-by: Björn Töpel
---
net/xdp/xsk.c | 22 +-
1 file changed
From: Björn Töpel
This option lets a user set a per socket NAPI budget for
busy-polling. If the options is not set, it will use the default of 8.
Signed-off-by: Björn Töpel
---
arch/alpha/include/uapi/asm/socket.h | 1 +
arch/mips/include/uapi/asm/socket.h | 1 +
arch/parisc/include/uapi/
From: Björn Töpel
The existing busy-polling mode, enabled by the SO_BUSY_POLL socket
option or system-wide using the /proc/sys/net/core/busy_read knob, is
an opportunistic. That means that if the NAPI context is not
scheduled, it will poll it. If, after busy-polling, the budget is
exceeded the bu
As soon as you add the second port to a VLAN, all other port
membership configuration is overwritten with zeroes. The HW interprets
this as all ports being "unmodified members" of the VLAN.
In the simple case when all ports belong to the same VLAN, switching
will still work. But using multiple VLA
This series introduces three new features:
1. A new "heavy traffic" busy-polling variant that works in concert
with the existing napi_defer_hard_irqs and gro_flush_timeout knobs.
2. A new socket option that let a user change the busy-polling NAPI
budget.
3. Allow busy-polling to be perform
From: Björn Töpel
Start using recvfrom() the rxdrop scenario.
Signed-off-by: Björn Töpel
---
samples/bpf/xdpsock_user.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/samples/bpf/xdpsock_user.c b/samples/bpf/xdpsock_user.c
index 1149e94ca32f..96d0b6482ac4 100644
--
From: Björn Töpel
Add a new option to xdpsock, 'B', for busy-polling. This option will
also set the batching size, 'b' option, to the busy-poll budget.
Signed-off-by: Björn Töpel
---
samples/bpf/xdpsock_user.c | 40 +++---
1 file changed, 33 insertions(+), 7 del
From: Björn Töpel
Support for the SO_BUSY_POLL_BUDGET setsockopt, via the batching
option ('b').
Signed-off-by: Björn Töpel
---
samples/bpf/xdpsock_user.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/samples/bpf/xdpsock_user.c b/samples/bpf/xdpsock_user.c
index 8ecacbae7682..3f87b9
From: Björn Töpel
Add napi_id to the xdp_rxq_info structure, and make sure the XDP
socket pick up the napi_id in the Rx path. The napi_id is used to find
the corresponding NAPI structure for socket busy polling.
Signed-off-by: Björn Töpel
---
drivers/net/ethernet/amazon/ena/ena_netdev.c | 2
On Thu, Nov 12, 2020 at 12:33 PM Zhang Changzhong
wrote:
>
> Fix to return a negative error code from the error handling
> case instead of 0, as done elsewhere in this function.
>
> Fixes: 8c7bd5a454ff ("net: ethernet: mtk-star-emac: new driver")
> Reported-by: Hulk Robot
> Signed-off-by: Zhang C
From: Björn Töpel
Wire-up XDP socket busy-poll support for recvmsg() and sendmsg(). If
the XDP socket prefers busy-polling, make sure that no wakeup/IPI is
performed.
Signed-off-by: Björn Töpel
---
net/xdp/xsk.c | 23 +++
1 file changed, 23 insertions(+)
diff --git a/net/x
From: Björn Töpel
Add a check for need wake up in sendmsg(), so that if a user calls
sendmsg() when no wakeup is needed, do not trigger a wakeup.
To simplify the need wakeup check in the syscall, unconditionally
enable the need wakeup flag for Tx. This has a side-effect for poll();
If poll() is
Add node for ax88796c ethernet chip.
Signed-off-by: Łukasz Stelmach
---
arch/arm/boot/dts/exynos3250-artik5-eval.dts | 29
1 file changed, 29 insertions(+)
diff --git a/arch/arm/boot/dts/exynos3250-artik5-eval.dts
b/arch/arm/boot/dts/exynos3250-artik5-eval.dts
index 20446a
ASIX AX88796[1] is a versatile ethernet adapter chip, that can be
connected to a CPU with a 8/16-bit bus or with an SPI. This driver
supports SPI connection.
The driver has been ported from the vendor kernel for ARTIK5[2]
boards. Several changes were made to adapt it to the current kernel
which in
On Thu, 12 Nov 2020 at 12:51, Łukasz Stelmach wrote:
>
> This is a driver for AX88796C Ethernet Adapter connected in SPI mode as
> found on ARTIK5 evaluation board. The driver has been ported from a
> v3.10.9 vendor kernel for ARTIK5 board.
>
> Changes in v6:
> - fixed typos in Kconfig
> - che
Add bindings for AX88796C SPI Ethernet Adapter.
Signed-off-by: Łukasz Stelmach
Reviewed-by: Rob Herring
Acked-by: Krzysztof Kozlowski
---
.../bindings/net/asix,ax88796c.yaml | 73 +++
1 file changed, 73 insertions(+)
create mode 100644 Documentation/devicetree/bindin
Enable ax88796c driver for the ethernet chip on Exynos3250-based
ARTIK5 boards.
Signed-off-by: Łukasz Stelmach
---
arch/arm/configs/exynos_defconfig | 2 ++
arch/arm/configs/multi_v7_defconfig | 2 ++
2 files changed, 4 insertions(+)
diff --git a/arch/arm/configs/exynos_defconfig
b/arch/arm/
On Thu, Nov 12, 2020 at 12:10 PM David Laight wrote:
>
> From: Eric Dumazet
> > Sent: 12 November 2020 10:42
> >
> > On 11/12/20 7:52 AM, Kegl Rohit wrote:
> > > On Wed, Nov 11, 2020 at 11:18 PM Fabio Estevam wrote:
> > >>
> > >> On Wed, Nov 11, 2020 at 11:27 AM Kegl Rohit wrote:
> > >>>
> > >>>
This is a driver for AX88796C Ethernet Adapter connected in SPI mode as
found on ARTIK5 evaluation board. The driver has been ported from a
v3.10.9 vendor kernel for ARTIK5 board.
Changes in v6:
- fixed typos in Kconfig
- checked argument value in ax88796c_set_tunable
- updated tags in commi
Add the prefix for ASIX Electronics Corporation.
Signed-off-by: Łukasz Stelmach
Reviewed-by: Krzysztof Kozlowski
Acked-by: Rob Herring
---
Documentation/devicetree/bindings/vendor-prefixes.yaml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/Documentation/devicetree/bindings/vendor-prefi
Dear Linux kerenl-network experts,
I work at DESY (Hamburg, Germany), and is responsible for Data Acquisition
(DAQ) from different accelerators and experiments.
Every DAQ collects data over the network. UDP multicast is used to transfer the
data. Every data source has a multicast sender (~ 2
I have discovered that the maximum number of source packet contexts
configured for SDM845 is incorrect. Fix this error.
Signed-off-by: Alex Elder
---
drivers/net/ipa/ipa_data-sdm845.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ipa/ipa_data-sdm845.c
b/dr
This small series makes two fixes to the IPA code:
- While reviewing something else I found that one of the resource
limits on the SDM845 used the wrong value. The first patch
fixes this. The correct value allocates more resources of this
type for IPA to use, and otherwise does not
On 11.11.2020 17:28, Antoine Tenart wrote:
EXTERNAL EMAIL: Do not click links or open attachments unless you know the
content is safe
Hi Steen,
Quoting Steen Hegelund (2020-11-11 16:17:53)
The MSCC PHYs selected for PTP and MACSec was not correct
- PTP
- Add VSC8572 and VSC8574
- MACsec
The IPA-resident microcontroller has the ability to log various
activity in an area of IPA shared memory. When the microcontroller
starts it generates an event to the AP to provide information about
the log.
We don't support reading this log, and we can safely ignore the
event. So do that rather
On Thu, Nov 12, 2020 at 07:11:35PM +0800, Zhang Changzhong wrote:
> Fix missing clk_disable_unprepare() before return from
> gswip_gphy_fw_load() in the error handling case.
>
> Fixes: 14fceff4771e ("net: dsa: Add Lantiq / Intel DSA driver for vrx200")
> Reported-by: Hulk Robot
> Signed-off-by: Z
Hi Herbert, Bruce,
Here's my first cut at a generic Kerberos crypto library in the kernel so
that I can share code between rxrpc and sunrpc (and cifs?).
I derived some of the parts from the sunrpc gss library and added more
advanced AES and Camellia crypto. I haven't ported across the DES-base
Add some constants from the sunrpc headers.
Signed-off-by: David Howells
---
include/crypto/krb5.h | 39 +++
1 file changed, 39 insertions(+)
diff --git a/include/crypto/krb5.h b/include/crypto/krb5.h
index 2bd6cfe50b85..a7e4ab4e1348 100644
--- a/include/c
Provide core structures, an encoding-type registry and basic module and
config bits for a generic Kerberos crypto library.
Signed-off-by: David Howells
---
crypto/Kconfig |1 +
crypto/Makefile|1 +
crypto/krb5/Kconfig| 11 ++
crypto/krb5/Makefile |9 +
Add functions that sign and verify a piece of an skbuff according to
rfc3961 sec 5.4, using Kc to generate a checksum and insert it into the MIC
field in the skbuff in the sign phase then checksum the data and compare it
to the MIC in the verify phase.
Signed-off-by: David Howells
---
crypto/kr
Add functions that encrypt and decrypt a piece of an skbuff according to
rfc3961 sec 5.3, using Ki to checksum the data to be secured and Ke to
encrypt it during the encryption phase, then decrypting with Ke and
verifying the checksum with Ki in the decryption phase.
Signed-off-by: David Howells
On Mon, 2 Nov 2020 21:10:34 +0100
Jesper Dangaard Brouer wrote:
> On Mon, 02 Nov 2020 10:04:44 -0800
> John Fastabend wrote:
>
> > > > > +
> > > > > + /* Same relax as xdp_ok_fwd_dev() and is_skb_forwardable() */
> > > > > + if (flags & BPF_MTU_CHK_RELAX)
> > > > > + mtu +=
Implement the simplified crypto profile for Kerberos 5 rfc3961 with the
pseudo-random function, PRF(), from section 5.3 and the key derivation
function, DK() from section 5.1.
Signed-off-by: David Howells
---
crypto/krb5/Makefile |3
crypto/krb5/internal.h |6 +
c
Implement self-testing infrastructure to test the pseudo-random function,
key derivation, encryption and checksumming.
Signed-off-by: David Howells
---
crypto/krb5/Kconfig |4
crypto/krb5/Makefile|4
crypto/krb5/internal.h | 48
crypto/krb5/main.c
Implement encryption and decryption functions for AES + HMAC-SHA2 as
described in rfc8009 sec 5.
Signed-off-by: David Howells
---
crypto/krb5/rfc8009_aes2.c | 205
1 file changed, 203 insertions(+), 2 deletions(-)
diff --git a/crypto/krb5/rfc8009_a
Implement the aes128-cts-hmac-sha256-128 and aes256-cts-hmac-sha384-192
enctypes from rfc8009, overriding the rfc3961 kerberos 5 simplified crypto
scheme.
Signed-off-by: David Howells
---
crypto/krb5/Kconfig|2
crypto/krb5/Makefile |3 -
crypto/krb5/internal.h |6
Add the self-testing data from rfc8009 to test AES + HMAC-SHA2.
Signed-off-by: David Howells
---
crypto/krb5/selftest_data.c | 116 +++
1 file changed, 116 insertions(+)
diff --git a/crypto/krb5/selftest_data.c b/crypto/krb5/selftest_data.c
index 908572
Add support for the YFS-variant RxGK security class to support
GSSAPI-derived authentication. This also allows the use of better crypto
over the rxkad security class.
The key payload is XDR encoded of the form:
typedef int64_t opr_time;
const AFSTOKEN_RK_TIX_MAX = 12000; /* Matches ent
Add the security index for the YFS variant of rxgk.
Signed-off-by: David Howells
---
fs/afs/misc.c | 13 +
include/uapi/linux/rxrpc.h | 17 +
2 files changed, 30 insertions(+)
diff --git a/fs/afs/misc.c b/fs/afs/misc.c
index 1d1a8debe472..796783774e
Implement the camellia128-cts-cmac and camellia256-cts-cmac enctypes from
rfc6803.
Note that the test vectors in rfc6803 for encryption are incomplete,
lacking the key usage number needed to derive Ke and Ki, and there are
errata for this:
https://www.rfc-editor.org/errata_search.php?rfc=
Provide some infrastructure for implementing the RxGK transport security
class:
(1) A definition of an encoding type, including:
- Relevant crypto-layer names
- Lengths of the crypto keys and checksums involved
- Crypto functions specific to the encoding type
- Cr
Implement the basic parts of the yfs-rxgk security class (security index 6)
to support GSSAPI-negotiated security.
Signed-off-by: David Howells
---
include/trace/events/rxrpc.h |4
net/rxrpc/Makefile |2
net/rxrpc/ar-internal.h | 12
net/rxrpc/rxgk.c | 10
Implement rekeying of connections with the RxGK security class. This
involves regenerating the keys with a different key number as part of the
input data after a certain amount of time or a certain amount of bytes
encrypted. Rekeying may be triggered by either end.
The LSW of the key number is i
Implement the aes128-cts-hmac-sha1-96 and aes256-cts-hmac-sha1-96 enctypes
from rfc3962, using the rfc3961 kerberos 5 simplified crypto scheme.
Signed-off-by: David Howells
---
crypto/krb5/Makefile |3 +
crypto/krb5/internal.h|6 ++
crypto/krb5/main.c|2 +
crypto/kr
Provide key derivation interface functions and a helper to implement the
PRF+ function from rfc4402.
Signed-off-by: David Howells
---
crypto/krb5/Makefile |1
crypto/krb5/kdf.c | 223 +
include/crypto/krb5.h | 29 ++
3 files chang
---
net/rxrpc/ar-internal.h |1
net/rxrpc/key.c | 136 +++
net/rxrpc/rxgk.c| 25 +
net/rxrpc/rxgk_app.c| 135 +++
net/rxrpc/rxgk_common.h |2 +
net/rxrpc/security.c
On Wed, Nov 11, 2020 at 02:33:11PM -0800, Andrii Nakryiko wrote:
> >
> > >
> > > > switch (prog_type) {
> > > > case BPF_PROG_TYPE_CGROUP_SOCK_ADDR:
> > > > if (env->prog->expected_attach_type ==
> > > > BPF_CGROUP_UDP4_RECVMSG ||
> > > > @@ -7874,7 +7886,6 @@ stat
Selecting VSC8575 as a MACSec PHY was not correct
The relevant datasheet can be found here:
- VSC8575: https://www.microchip.com/wwwproducts/en/VSC8575
Fixes: 0a504e9e97886 ("net: phy: mscc: macsec initialization")
Signed-off-by: Steen Hegelund
---
drivers/net/phy/mscc/mscc_macsec.c | 1 -
1
On Thu, Nov 12, 2020 at 07:49:41AM +0200, Moshe Shemesh wrote:
> From: Vladyslav Tarasiuk
>
> DSFP is a new cable module type, which EEPROM uses memory layout
> described in CMIS 4.0 document. Use corresponding standard value for
> userspace ethtool to distinguish DSFP's layout from older standar
This set is part of a larger effort attempting to clean-up W=1
kernel builds, which are currently overwhelmingly riddled with
niggly little warnings.
This is a rebased set that went to Net before the move to Staging.
Lee Jones (6):
staging: net: wimax: i2400m: control: Fix some misspellings in
1 - 100 of 471 matches
Mail list logo
