system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-09-20 19:17:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/net
History
Florian Westphal c56716c69c netfilter: extensions: introduce extension genid count 
Multiple netfilter extensions store pointers to external data
in their extension area struct.

Examples:
1. Timeout policies
2. Connection tracking helpers.

No references are taken for these.

When a helper or timeout policy is removed, the conntrack table gets
traversed and affected extensions are cleared.

Conntrack entries not yet in the hashtable are referenced via a special
list, the unconfirmed list.

On removal of a policy or connection tracking helper, the unconfirmed
list gets traversed an all entries are marked as dying, this prevents
them from getting committed to the table at insertion time: core checks
for dying bit, if set, the conntrack entry gets destroyed at confirm
time.

The disadvantage is that each new conntrack has to be added to the percpu
unconfirmed list, and each insertion needs to remove it from this list.
The list is only ever needed when a policy or helper is removed -- a rare
occurrence.

Add a generation ID count: Instead of adding to the list and then
traversing that list on policy/helper removal, increment a counter
that is stored in the extension area.

For unconfirmed conntracks, the extension has the genid valid at ct
allocation time.

Removal of a helper/policy etc. increments the counter.
At confirmation time, validate that ext->genid == global_id.

If the stored number is not the same, do not allow the conntrack
insertion, just like as if a confirmed-list traversal would have flagged
the entry as dying.

After insertion, the genid is no longer relevant (conntrack entries
are now reachable via the conntrack table iterators and is set to 0.

This allows removal of the percpu unconfirmed list.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2022-05-13 18:52:16 +02:00
..
6lowpan net: don't include ndisc.h from ipv6.h 2022-02-04 14:15:11 -08:00
9p xen/grant-table: remove readonly parameter from functions 2022-03-15 20:34:40 -05:00
802
8021q vlan: use correct format characters 2022-03-17 16:34:49 -07:00
appletalk net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
atm net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
ax25 net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
batman-adv batman-adv: Use netif_rx(). 2022-03-07 11:40:41 +00:00
bluetooth net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
bpf bpf, test_run: Fix packet size check for live packet mode 2022-03-11 22:01:26 +01:00
bpfilter uaccess: remove CONFIG_SET_FS 2022-02-25 09:36:06 +01:00
bridge net: bridge: fdb: add support for flush filtering based on ifindex and vlan 2022-04-13 12:46:26 +01:00
caif net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
can net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
ceph libceph: drop else branches in prepare_read_data{,_cont} 2022-03-01 18:26:36 +01:00
core devlink: add port to line card relationship set 2022-04-18 11:00:18 +01:00
dcb net: dcb: disable softirqs in dcbnl_flush_dev() 2022-03-03 08:01:55 -08:00
dccp net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
decnet net: decnet: use time_is_before_jiffies() instead of open coding it 2022-02-28 13:21:32 +00:00
dns_resolver
dsa Revert "net: dsa: setup master before ports" 2022-04-13 12:38:06 +01:00
ethernet net: ethernet: set default assignment identifier to NET_NAME_ENUM 2022-04-07 21:04:03 -07:00
ethtool net: ethtool: move checks before rtnl_lock() in ethnl_set_rings 2022-04-15 11:41:45 -07:00
hsr net: add per-cpu storage and net->core_stats 2022-03-11 23:17:24 -08:00
ieee802154 net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
ife
ipv4 tcp: fix signed/unsigned comparison 2022-04-18 10:28:40 +01:00
ipv6 net/ipv6: Introduce accept_unsolicited_na knob to implement router-side changes for RFC9131 2022-04-17 13:23:49 +01:00
iucv net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
kcm
key net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
l2tp net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
l3mdev net: Add l3mdev index to flow struct and avoid oif reset for port devices 2022-03-15 20:20:02 -07:00
lapb
llc llc: only change llc->dev when bind() succeeds 2022-03-25 16:55:41 -07:00
mac80211 mac80211: fix ht_capa printout in debugfs 2022-04-11 11:57:27 +02:00
mac802154
mctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-04-07 23:24:23 -07:00
mpls net: mpls: fix memdup.cocci warning 2022-04-07 21:06:41 -07:00
mptcp net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
ncsi
netfilter netfilter: extensions: introduce extension genid count 2022-05-13 18:52:16 +02:00
netlabel netlabel: fix out-of-bounds memory accesses 2022-03-21 10:59:11 +00:00
netlink net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
netrom net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-04-15 09:26:00 +02:00
nsh
openvswitch net: openvswitch: fix leak of nested actions 2022-04-06 13:36:50 +01:00
packet net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
phonet net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
psample
qrtr net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
rds
rfkill rfkill: make new event layout opt-in 2022-03-18 13:09:17 +02:00
rose net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
rxrpc rxrpc: fix a race in rxrpc_exit_net() 2022-04-06 13:48:51 +01:00
sched net_sched: make qdisc_reset() smaller 2022-04-15 14:04:56 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-04-15 09:26:00 +02:00
smc net/smc: Fix af_ops of child socket pointing to released memory 2022-04-11 18:28:03 -07:00
strparser
sunrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-04-15 09:26:00 +02:00
switchdev net: switchdev: remove lag_mod_cb from switchdev_handle_fdb_event_to_device 2022-02-24 21:31:43 -08:00
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-03-23 10:53:49 -07:00
tls tls: rx: only copy IV from the packet for TLS 1.2 2022-04-13 11:45:39 +01:00
unix net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
vmw_vsock net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
wireless cfg80211: hold bss_lock while updating nontrans_list 2022-04-11 11:55:36 +02:00
x25 net: remove noblock parameter from skb_recv_datagram() 2022-04-06 13:45:26 +01:00
xdp xsk: Do not write NULL in SW ring at allocation failure 2022-03-28 19:56:28 -07:00
xfrm net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
compat.c
devres.c
Kconfig page_pool: Add allocation stats 2022-03-03 09:55:28 +00:00
Kconfig.debug
Makefile
socket.c fs: allocate inode by using alloc_inode_sb() 2022-03-22 15:57:03 -07:00
sysctl_net.c