<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/net/ipv4, branch v3.0.24</title>
<subtitle>Linux kernel source tree</subtitle>
<id>https://git.amat.us/linux/atom/net/ipv4?h=v3.0.24</id>
<link rel='self' href='https://git.amat.us/linux/atom/net/ipv4?h=v3.0.24'/>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/'/>
<updated>2012-03-01T00:34:18Z</updated>
<entry>
<title>ipv4: fix redirect handling</title>
<updated>2012-03-01T00:34:18Z</updated>
<author>
<name>Eric Dumazet</name>
<email>eric.dumazet@gmail.com</email>
</author>
<published>2011-11-18T20:24:32Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=42ab5316ddcaa0de23e88e8a3d363c767b9ab0b3'/>
<id>urn:sha1:42ab5316ddcaa0de23e88e8a3d363c767b9ab0b3</id>
<content type='text'>
[ Upstream commit 9cc20b268a5a14f5e57b8ad405a83513ab0d78dc ]

commit f39925dbde77 (ipv4: Cache learned redirect information in
inetpeer.) introduced a regression in ICMP redirect handling.

It assumed ipv4_dst_check() would be called because all possible routes
were attached to the inetpeer we modify in ip_rt_redirect(), but thats
not true.

commit 7cc9150ebe (route: fix ICMP redirect validation) tried to fix
this but solution was not complete. (It fixed only one route)

So we must lookup existing routes (including different TOS values) and
call check_peer_redir() on them.

Reported-by: Ivan Zahariev &lt;famzah@icdsoft.com&gt;
Signed-off-by: Eric Dumazet &lt;eric.dumazet@gmail.com&gt;
CC: Flavio Leitner &lt;fbl@redhat.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>route: fix ICMP redirect validation</title>
<updated>2012-03-01T00:34:17Z</updated>
<author>
<name>Flavio Leitner</name>
<email>fbl@redhat.com</email>
</author>
<published>2011-10-24T06:56:38Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=bebee22bcbf0026f92141990972bd5863ef9b69c'/>
<id>urn:sha1:bebee22bcbf0026f92141990972bd5863ef9b69c</id>
<content type='text'>
[ Upstream commit 7cc9150ebe8ec06cafea9f1c10d92ddacf88d8ae ]

The commit f39925dbde7788cfb96419c0f092b086aa325c0f
(ipv4: Cache learned redirect information in inetpeer.)
removed some ICMP packet validations which are required by
RFC 1122, section 3.2.2.2:
...
  A Redirect message SHOULD be silently discarded if the new
  gateway address it specifies is not on the same connected
  (sub-) net through which the Redirect arrived [INTRO:2,
  Appendix A], or if the source of the Redirect is not the
  current first-hop gateway for the specified destination (see
  Section 3.3.1).

Signed-off-by: Flavio Leitner &lt;fbl@redhat.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>tcp: fix tcp_shifted_skb() adjustment of lost_cnt_hint for FACK</title>
<updated>2012-03-01T00:34:17Z</updated>
<author>
<name>Neal Cardwell</name>
<email>ncardwell@google.com</email>
</author>
<published>2012-02-13T20:22:08Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=623f1904ef55789082259573bb6248df5fea3d92'/>
<id>urn:sha1:623f1904ef55789082259573bb6248df5fea3d92</id>
<content type='text'>
[ Upstream commit 0af2a0d0576205dda778d25c6c344fc6508fc81d ]

This commit ensures that lost_cnt_hint is correctly updated in
tcp_shifted_skb() for FACK TCP senders. The lost_cnt_hint adjustment
in tcp_sacktag_one() only applies to non-FACK senders, so FACK senders
need their own adjustment.

This applies the spirit of 1e5289e121372a3494402b1b131b41bfe1cf9b7f -
except now that the sequence range passed into tcp_sacktag_one() is
correct we need only have a special case adjustment for FACK.

Signed-off-by: Neal Cardwell &lt;ncardwell@google.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>tcp: fix range tcp_shifted_skb() passes to tcp_sacktag_one()</title>
<updated>2012-03-01T00:34:16Z</updated>
<author>
<name>Neal Cardwell</name>
<email>ncardwell@google.com</email>
</author>
<published>2012-02-12T18:37:10Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=dd31c1ce7ef7b363215081fde02f13bf3e50b5a1'/>
<id>urn:sha1:dd31c1ce7ef7b363215081fde02f13bf3e50b5a1</id>
<content type='text'>
[ Upstream commit daef52bab1fd26e24e8e9578f8fb33ba1d0cb412 ]

Fix the newly-SACKed range to be the range of newly-shifted bytes.

Previously - since 832d11c5cd076abc0aa1eaf7be96c81d1a59ce41 -
tcp_shifted_skb() incorrectly called tcp_sacktag_one() with the start
and end sequence numbers of the skb it passes in set to the range just
beyond the range that is newly-SACKed.

This commit also removes a special-case adjustment to lost_cnt_hint in
tcp_shifted_skb() since the pre-existing adjustment of lost_cnt_hint
in tcp_sacktag_one() now properly handles this things now that the
correct start sequence number is passed in.

Signed-off-by: Neal Cardwell &lt;ncardwell@google.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>tcp: allow tcp_sacktag_one() to tag ranges not aligned with skbs</title>
<updated>2012-03-01T00:34:16Z</updated>
<author>
<name>Neal Cardwell</name>
<email>ncardwell@google.com</email>
</author>
<published>2012-02-12T18:37:09Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=382e8f84cb3db5295aa2f142a11e42eac6544ab4'/>
<id>urn:sha1:382e8f84cb3db5295aa2f142a11e42eac6544ab4</id>
<content type='text'>
[ Upstream commit cc9a672ee522d4805495b98680f4a3db5d0a0af9 ]

This commit allows callers of tcp_sacktag_one() to pass in sequence
ranges that do not align with skb boundaries, as tcp_shifted_skb()
needs to do in an upcoming fix in this patch series.

In fact, now tcp_sacktag_one() does not need to depend on an input skb
at all, which makes its semantics and dependencies more clear.

Signed-off-by: Neal Cardwell &lt;ncardwell@google.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>tcp_v4_send_reset: binding oif to iif in no sock case</title>
<updated>2012-03-01T00:34:15Z</updated>
<author>
<name>Shawn Lu</name>
<email>shawn.lu@ericsson.com</email>
</author>
<published>2012-02-04T12:38:09Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=39b73fb4fedd23980b720d0272e5e26510cd6940'/>
<id>urn:sha1:39b73fb4fedd23980b720d0272e5e26510cd6940</id>
<content type='text'>
[ Upstream commit e2446eaab5585555a38ea0df4e01ff313dbb4ac9 ]

Binding RST packet outgoing interface to incoming interface
for tcp v4 when there is no socket associate with it.
when sk is not NULL, using sk-&gt;sk_bound_dev_if instead.
(suggested by Eric Dumazet).

This has few benefits:
1. tcp_v6_send_reset already did that.
2. This helps tcp connect with SO_BINDTODEVICE set. When
connection is lost, we still able to sending out RST using
same interface.
3. we are sending reply, it is most likely to be succeed
if iif is used

Signed-off-by: Shawn Lu &lt;shawn.lu@ericsson.com&gt;
Acked-by: Eric Dumazet &lt;eric.dumazet@gmail.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>net: Don't proxy arp respond if iif == rt-&gt;dst.dev if private VLAN is disabled</title>
<updated>2012-03-01T00:34:06Z</updated>
<author>
<name>Thomas Graf</name>
<email>tgraf@suug.ch</email>
</author>
<published>2012-02-10T04:07:11Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=1831cd9e1fb43c2e700e795827cb9531e679b0ef'/>
<id>urn:sha1:1831cd9e1fb43c2e700e795827cb9531e679b0ef</id>
<content type='text'>
[ Upstream commit 70620c46ac2b45c24b0f22002fdf5ddd1f7daf81 ]

Commit 653241 (net: RFC3069, private VLAN proxy arp support) changed
the behavior of arp proxy to send arp replies back out on the interface
the request came in even if the private VLAN feature is disabled.

Previously we checked rt-&gt;dst.dev != skb-&gt;dev for in scenarios, when
proxy arp is enabled on for the netdevice and also when individual proxy
neighbour entries have been added.

This patch adds the check back for the pneigh_lookup() scenario.

Signed-off-by: Thomas Graf &lt;tgraf@suug.ch&gt;
Acked-by: Jesper Dangaard Brouer &lt;hawk@comx.dk&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ipv4: Fix wrong order of ip_rt_get_source() and update iph-&gt;daddr.</title>
<updated>2012-03-01T00:34:03Z</updated>
<author>
<name>Li Wei</name>
<email>lw@cn.fujitsu.com</email>
</author>
<published>2012-02-09T21:15:25Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=ab2fd30a38e23f0b6f2e331889b31f4f6fb2378a'/>
<id>urn:sha1:ab2fd30a38e23f0b6f2e331889b31f4f6fb2378a</id>
<content type='text'>
[ Upstream commit 5dc7883f2a7c25f8df40d7479687153558cd531b ]

This patch fix a bug which introduced by commit ac8a4810 (ipv4: Save
nexthop address of LSRR/SSRR option to IPCB.).In that patch, we saved
the nexthop of SRR in ip_option-&gt;nexthop and update iph-&gt;daddr until
we get to ip_forward_options(), but we need to update it before
ip_rt_get_source(), otherwise we may get a wrong src.

Signed-off-by: Li Wei &lt;lw@cn.fujitsu.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ipv4: Save nexthop address of LSRR/SSRR option to IPCB.</title>
<updated>2012-03-01T00:34:02Z</updated>
<author>
<name>Li Wei</name>
<email>lw@cn.fujitsu.com</email>
</author>
<published>2011-11-22T23:33:10Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=5805d4729059f578c8283ccc44021342fbe8c93d'/>
<id>urn:sha1:5805d4729059f578c8283ccc44021342fbe8c93d</id>
<content type='text'>
[ Upstream commit ac8a48106be49c422575ddc7531b776f8eb49610 ]

We can not update iph-&gt;daddr in ip_options_rcv_srr(), It is too early.
When some exception ocurred later (eg. in ip_forward() when goto
sr_failed) we need the ip header be identical to the original one as
ICMP need it.

Add a field 'nexthop' in struct ip_options to save nexthop of LSRR
or SSRR option.

Signed-off-by: Li Wei &lt;lw@cn.fujitsu.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ipv4: fix for ip_options_rcv_srr() daddr update.</title>
<updated>2012-03-01T00:34:01Z</updated>
<author>
<name>Li Wei</name>
<email>lw@cn.fujitsu.com</email>
</author>
<published>2011-11-08T21:39:28Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=c4f2403478002bdb0a46a62f87909aeda8058d8b'/>
<id>urn:sha1:c4f2403478002bdb0a46a62f87909aeda8058d8b</id>
<content type='text'>
[ Upstream commit b12f62efb8ec0b9523bdb6c2d412c07193086de9 ]

When opt-&gt;srr_is_hit is set skb_rtable(skb) has been updated for
'nexthop' and iph-&gt;daddr should always equals to skb_rtable-&gt;rt_dst
holds, We need update iph-&gt;daddr either.

Signed-off-by: Li Wei &lt;lw@cn.fujitsu.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;
</content>
</entry>
</feed>
