/* * NetLabel CALIPSO Support * * This file defines the CALIPSO functions for the NetLabel system. The * NetLabel system manages static and dynamic label mappings for network * protocols such as CIPSO and RIPSO. * * Authors: Paul Moore * Huw Davies * */ /* (c) Copyright Hewlett-Packard Development Company, L.P., 2006 * (c) Copyright Huw Davies , 2015 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * */ #ifndef _NETLABEL_CALIPSO #define _NETLABEL_CALIPSO #include #include /* The following NetLabel payloads are supported by the CALIPSO subsystem. * * o ADD: * Sent by an application to add a new DOI mapping table. * * Required attributes: * * NLBL_CALIPSO_A_DOI * NLBL_CALIPSO_A_MTYPE * * If using CALIPSO_MAP_PASS no additional attributes are required. * * o REMOVE: * Sent by an application to remove a specific DOI mapping table from the * CALIPSO system. * * Required attributes: * * NLBL_CALIPSO_A_DOI * * o LIST: * Sent by an application to list the details of a DOI definition. On * success the kernel should send a response using the following format. * * Required attributes: * * NLBL_CALIPSO_A_DOI * * The valid response message format depends on the type of the DOI mapping, * the defined formats are shown below. * * Required attributes: * * NLBL_CALIPSO_A_MTYPE * * If using CALIPSO_MAP_PASS no additional attributes are required. * * o LISTALL: * This message is sent by an application to list the valid DOIs on the * system. When sent by an application there is no payload and the * NLM_F_DUMP flag should be set. The kernel should respond with a series of * the following messages. * * Required attributes: * * NLBL_CALIPSO_A_DOI * NLBL_CALIPSO_A_MTYPE * */ /* NetLabel CALIPSO commands */ enum { NLBL_CALIPSO_C_UNSPEC, NLBL_CALIPSO_C_ADD, NLBL_CALIPSO_C_REMOVE, NLBL_CALIPSO_C_LIST, NLBL_CALIPSO_C_LISTALL, __NLBL_CALIPSO_C_MAX, }; /* NetLabel CALIPSO attributes */ enum { NLBL_CALIPSO_A_UNSPEC, NLBL_CALIPSO_A_DOI, /* (NLA_U32) * the DOI value */ NLBL_CALIPSO_A_MTYPE, /* (NLA_U32) * the mapping table type (defined in the calipso.h header as * CALIPSO_MAP_*) */ __NLBL_CALIPSO_A_MAX, }; #define NLBL_CALIPSO_A_MAX (__NLBL_CALIPSO_A_MAX - 1) /* NetLabel protocol functions */ #if IS_ENABLED(CONFIG_IPV6) int netlbl_calipso_genl_init(void); #else static inline int netlbl_calipso_genl_init(void) { return 0; } #endif int calipso_doi_add(struct calipso_doi *doi_def, struct netlbl_audit *audit_info); void calipso_doi_free(struct calipso_doi *doi_def); int calipso_doi_remove(u32 doi, struct netlbl_audit *audit_info); struct calipso_doi *calipso_doi_getdef(u32 doi); void calipso_doi_putdef(struct calipso_doi *doi_def); int calipso_doi_walk(u32 *skip_cnt, int (*callback)(struct calipso_doi *doi_def, void *arg), void *cb_arg); int calipso_sock_getattr(struct sock *sk, struct netlbl_lsm_secattr *secattr); int calipso_sock_setattr(struct sock *sk, const struct calipso_doi *doi_def, const struct netlbl_lsm_secattr *secattr); void calipso_sock_delattr(struct sock *sk); int calipso_req_setattr(struct request_sock *req, const struct calipso_doi *doi_def, const struct netlbl_lsm_secattr *secattr); void calipso_req_delattr(struct request_sock *req); unsigned char *calipso_optptr(const struct sk_buff *skb); int calipso_getattr(const unsigned char *calipso, struct netlbl_lsm_secattr *secattr); int calipso_skbuff_setattr(struct sk_buff *skb, const struct calipso_doi *doi_def, const struct netlbl_lsm_secattr *secattr); int calipso_skbuff_delattr(struct sk_buff *skb); void calipso_cache_invalidate(void); int calipso_cache_add(const unsigned char *calipso_ptr, const struct netlbl_lsm_secattr *secattr); #endif Dexuan Cui <decui@microsoft.com>2017-01-28 11:46:02 -0700 committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-01-31 10:59:48 +0100 commit433e19cf33d34bb6751c874a9c00980552fe508c (patch) treece6547ef2987fbb289fa28f03536328a42781651 /net/bluetooth/hci_conn.c parent191e885a2e130e639bb0c8ee350d7047294f2ce6 (diff)
Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()
Commit a389fcfd2cb5 ("Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read()") added the proper mb(), but removed the test "prev_write_sz < pending_sz" when making the signal decision. As a result, the guest can signal the host unnecessarily, and then the host can throttle the guest because the host thinks the guest is buggy or malicious; finally the user running stress test can perceive intermittent freeze of the guest. This patch brings back the test, and properly handles the in-place consumption APIs used by NetVSC (see get_next_pkt_raw(), put_pkt_raw() and commit_rd_index()). Fixes: a389fcfd2cb5 ("Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read()") Signed-off-by: Dexuan Cui <decui@microsoft.com> Reported-by: Rolf Neugebauer <rolf.neugebauer@docker.com> Tested-by: Rolf Neugebauer <rolf.neugebauer@docker.com> Cc: "K. Y. Srinivasan" <kys@microsoft.com> Cc: Haiyang Zhang <haiyangz@microsoft.com> Cc: Stephen Hemminger <sthemmin@microsoft.com> Cc: <stable@vger.kernel.org> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'net/bluetooth/hci_conn.c')