mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Davide Caratti 7cbcf67ca4 net/sched: act_police: more accurate MTU policing 
commit 4ddc844eb8 upstream.

in current Linux, MTU policing does not take into account that packets at
the TC ingress have the L2 header pulled. Thus, the same TC police action
(with the same value of tcfp_mtu) behaves differently for ingress/egress.
In addition, the full GSO size is compared to tcfp_mtu: as a consequence,
the policer drops GSO packets even when individual segments have the L2 +
L3 + L4 + payload length below the configured valued of tcfp_mtu.

Improve the accuracy of MTU policing as follows:
 - account for mac_len for non-GSO packets at TC ingress.
 - compare MTU threshold with the segmented size for GSO packets.
Also, add a kselftest that verifies the correct behavior.

Signed-off-by: Davide Caratti <dcaratti@redhat.com>
Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2022-06-14 18:41:52 +02:00
..
6lowpan
9p xen/9p: use alloc/free_pages_exact() 2022-03-07 09:48:55 +01:00
802
8021q vlan: move dev_put into vlan_dev_uninit 2022-02-09 13:33:39 +00:00
appletalk
atm proc: remove PDE_DATA() completely 2022-01-22 08:33:37 +02:00
ax25 ax25: Fix ax25 session cleanup problems 2022-06-14 18:41:25 +02:00
batman-adv batman-adv: Don't skb_split skbuffs with frag_list 2022-05-18 10:28:11 +02:00
bluetooth bluetooth: don't use bitmaps for random flag accesses 2022-06-14 18:41:26 +02:00
bpf bpf: Make remote_port field in struct bpf_sk_lookup 16-bit wide 2022-04-13 19:27:40 +02:00
bpfilter
bridge net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. 2022-05-25 09:59:11 +02:00
caif Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2021-12-31 14:35:40 +00:00
can can: isotp: remove re-binding of bound socket 2022-05-12 12:32:25 +02:00
ceph libceph: fix potential use-after-free on linger ping and resends 2022-05-25 09:59:04 +02:00
core net, neigh: Set lower cap for neigh_managed_work rearming 2022-06-14 18:41:37 +02:00
dcb net: dcb: disable softirqs in dcbnl_flush_dev() 2022-03-03 08:01:55 -08:00
dccp
decnet Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2021-12-31 14:35:40 +00:00
dns_resolver
dsa net: dsa: flush switchdev workqueue on bridge join error path 2022-05-18 10:28:14 +02:00
ethernet
ethtool ethtool: use phydev variable 2022-01-06 12:33:35 +00:00
hsr net: Write lock dev_base_lock without disabling bottom halves. 2021-11-29 12:12:36 +00:00
ieee802154 net: ieee802154: Return meaningful error codes from the netlink helpers 2022-01-27 08:20:47 +01:00
ife
ipv4 tcp: use alloc_large_system_hash() to allocate table_perturb 2022-06-14 18:41:32 +02:00
ipv6 net: ipv6: unexport __init-annotated seg6_hmac_init() 2022-06-14 18:41:31 +02:00
iucv net: Don't include filter.h from net/sock.h 2021-12-29 08:48:14 -08:00
kcm net: Don't include filter.h from net/sock.h 2021-12-29 08:48:14 -08:00
key Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process" 2022-06-14 18:41:37 +02:00
l2tp l2tp: add netns refcount tracker to l2tp_dfs_seq_data 2021-12-10 06:38:27 -08:00
l3mdev l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu 2022-04-27 14:41:01 +02:00
lapb
llc llc: only change llc->dev when bind() succeeds 2022-03-28 10:03:22 +02:00
mac80211 mac80211: upgrade passive scan to active scan on DFS channels after beacon rx 2022-06-09 10:26:26 +02:00
mac802154
mctp mctp: defer the kfree of object mdev->addrs 2022-05-09 09:16:24 +02:00
mpls net: mpls: Fix GCC 12 warning 2022-02-10 15:29:39 +00:00
mptcp mptcp: reset the packet scheduler on PRIO change 2022-06-09 10:25:39 +02:00
ncsi all: replace find_next{,_zero}_bit with find_first{,_zero}_bit where appropriate 2022-01-15 08:47:31 -08:00
netfilter netfilter: nf_tables: bail out early if hardware offload is not supported 2022-06-14 18:41:30 +02:00
netlabel netlabel: fix out-of-bounds memory accesses 2022-04-13 19:27:22 +02:00
netlink netlink: do not reset transport header in netlink_recvmsg() 2022-05-18 10:28:13 +02:00
netrom netrom: fix api breakage in nr_setsockopt() 2022-01-07 14:11:05 +00:00
nfc NFC: NULL out the dev->rfkill to prevent UAF 2022-06-09 10:25:39 +02:00
nsh
openvswitch net: openvswitch: fix misuse of the cached connection on tuple changes 2022-06-14 18:41:47 +02:00
packet net/packet: fix packet_sock xmit return value checking 2022-04-27 14:41:00 +02:00
phonet phonet/pep: refuse to enable an unbound pipe 2021-12-20 11:49:51 +00:00
psample
qrtr bus: mhi: core: Add an API for auto queueing buffers for DL channel 2021-12-17 17:17:14 +01:00
rds net: rds: use maybe_get_net() when acquiring refcount on TCP sockets 2022-05-18 10:28:12 +02:00
rfkill rfkill: make new event layout opt-in 2022-04-08 13:57:27 +02:00
rose net: Don't include filter.h from net/sock.h 2021-12-29 08:48:14 -08:00
rxrpc rxrpc: Fix decision on when to generate an IDLE ACK 2022-06-09 10:25:58 +02:00
sched net/sched: act_police: more accurate MTU policing 2022-06-14 18:41:52 +02:00
sctp sctp: read sk->sk_bound_dev_if once in sctp_rcv() 2022-06-09 10:25:53 +02:00
smc net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct smc_wr_tx_pend_priv *" 2022-06-14 18:41:22 +02:00
strparser
sunrpc SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() 2022-06-14 18:41:31 +02:00
switchdev net: switchdev: add net device refcount tracker 2021-12-07 20:44:58 -08:00
tipc tipc: check attribute length for bearer name 2022-06-14 18:41:25 +02:00
tls tls: Fix context leak on tls_device_down 2022-05-18 10:28:16 +02:00
unix af_unix: Fix a data-race in unix_dgram_peer_wake_me(). 2022-06-14 18:41:30 +02:00
vmw_vsock vsock/virtio: enable VQs early on probe 2022-04-08 13:58:32 +02:00
wireless cfg80211: declare MODULE_FIRMWARE for regulatory.db 2022-06-09 10:26:26 +02:00
x25 net/x25: Fix null-ptr-deref caused by x25_disconnect 2022-04-08 13:58:34 +02:00
xdp xsk: Fix handling of invalid descriptors in XSK TX batching API 2022-06-14 18:41:31 +02:00
xfrm xfrm: rework default policy structure 2022-05-25 09:59:06 +02:00
Kconfig
Kconfig.debug net: add networking namespace refcount tracker 2021-12-10 06:38:26 -08:00
Makefile
compat.c
devres.c
socket.c net: fix documentation for kernel_getsockname 2022-02-14 14:01:19 +00:00
sysctl_net.c