/* * NetLabel CIPSO/IPv4 Support * * This file defines the CIPSO/IPv4 functions for the NetLabel system. The * NetLabel system manages static and dynamic label mappings for network * protocols such as CIPSO and RIPSO. * * Author: Paul Moore * */ /* * (c) Copyright Hewlett-Packard Development Company, L.P., 2006 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See * the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, see . * */ #ifndef _NETLABEL_CIPSO_V4 #define _NETLABEL_CIPSO_V4 #include /* * The following NetLabel payloads are supported by the CIPSO subsystem. * * o ADD: * Sent by an application to add a new DOI mapping table. * * Required attributes: * * NLBL_CIPSOV4_A_DOI * NLBL_CIPSOV4_A_MTYPE * NLBL_CIPSOV4_A_TAGLST * * If using CIPSO_V4_MAP_TRANS the following attributes are required: * * NLBL_CIPSOV4_A_MLSLVLLST * NLBL_CIPSOV4_A_MLSCATLST * * If using CIPSO_V4_MAP_PASS or CIPSO_V4_MAP_LOCAL no additional attributes * are required. * * o REMOVE: * Sent by an application to remove a specific DOI mapping table from the * CIPSO V4 system. * * Required attributes: * * NLBL_CIPSOV4_A_DOI * * o LIST: * Sent by an application to list the details of a DOI definition. On * success the kernel should send a response using the following format. * * Required attributes: * * NLBL_CIPSOV4_A_DOI * * The valid response message format depends on the type of the DOI mapping, * the defined formats are shown below. * * Required attributes: * * NLBL_CIPSOV4_A_MTYPE * NLBL_CIPSOV4_A_TAGLST * * If using CIPSO_V4_MAP_TRANS the following attributes are required: * * NLBL_CIPSOV4_A_MLSLVLLST * NLBL_CIPSOV4_A_MLSCATLST * * If using CIPSO_V4_MAP_PASS or CIPSO_V4_MAP_LOCAL no additional attributes * are required. * * o LISTALL: * This message is sent by an application to list the valid DOIs on the * system. When sent by an application there is no payload and the * NLM_F_DUMP flag should be set. The kernel should respond with a series of * the following messages. * * Required attributes: * * NLBL_CIPSOV4_A_DOI * NLBL_CIPSOV4_A_MTYPE * */ /* NetLabel CIPSOv4 commands */ enum { NLBL_CIPSOV4_C_UNSPEC, NLBL_CIPSOV4_C_ADD, NLBL_CIPSOV4_C_REMOVE, NLBL_CIPSOV4_C_LIST, NLBL_CIPSOV4_C_LISTALL, __NLBL_CIPSOV4_C_MAX, }; /* NetLabel CIPSOv4 attributes */ enum { NLBL_CIPSOV4_A_UNSPEC, NLBL_CIPSOV4_A_DOI, /* (NLA_U32) * the DOI value */ NLBL_CIPSOV4_A_MTYPE, /* (NLA_U32) * the mapping table type (defined in the cipso_ipv4.h header as * CIPSO_V4_MAP_*) */ NLBL_CIPSOV4_A_TAG, /* (NLA_U8) * a CIPSO tag type, meant to be used within a NLBL_CIPSOV4_A_TAGLST * attribute */ NLBL_CIPSOV4_A_TAGLST, /* (NLA_NESTED) * the CIPSO tag list for the DOI, there must be at least one * NLBL_CIPSOV4_A_TAG attribute, tags listed first are given higher * priorirty when sending packets */ NLBL_CIPSOV4_A_MLSLVLLOC, /* (NLA_U32) * the local MLS sensitivity level */ NLBL_CIPSOV4_A_MLSLVLREM, /* (NLA_U32) * the remote MLS sensitivity level */ NLBL_CIPSOV4_A_MLSLVL, /* (NLA_NESTED) * a MLS sensitivity level mapping, must contain only one attribute of * each of the following types: NLBL_CIPSOV4_A_MLSLVLLOC and * NLBL_CIPSOV4_A_MLSLVLREM */ NLBL_CIPSOV4_A_MLSLVLLST, /* (NLA_NESTED) * the CIPSO level mappings, there must be at least one * NLBL_CIPSOV4_A_MLSLVL attribute */ NLBL_CIPSOV4_A_MLSCATLOC, /* (NLA_U32) * the local MLS category */ NLBL_CIPSOV4_A_MLSCATREM, /* (NLA_U32) * the remote MLS category */ NLBL_CIPSOV4_A_MLSCAT, /* (NLA_NESTED) * a MLS category mapping, must contain only one attribute of each of * the following types: NLBL_CIPSOV4_A_MLSCATLOC and * NLBL_CIPSOV4_A_MLSCATREM */ NLBL_CIPSOV4_A_MLSCATLST, /* (NLA_NESTED) * the CIPSO category mappings, there must be at least one * NLBL_CIPSOV4_A_MLSCAT attribute */ __NLBL_CIPSOV4_A_MAX, }; #define NLBL_CIPSOV4_A_MAX (__NLBL_CIPSOV4_A_MAX - 1) /* NetLabel protocol functions */ int netlbl_cipsov4_genl_init(void); /* Free the memory associated with a CIPSOv4 DOI definition */ void netlbl_cipsov4_doi_free(struct rcu_head *entry); #endif 0100 commit433e19cf33d34bb6751c874a9c00980552fe508c (patch) treece6547ef2987fbb289fa28f03536328a42781651 /include/net/net_ratelimit.h parent191e885a2e130e639bb0c8ee350d7047294f2ce6 (diff)
Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()
Commit a389fcfd2cb5 ("Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read()") added the proper mb(), but removed the test "prev_write_sz < pending_sz" when making the signal decision. As a result, the guest can signal the host unnecessarily, and then the host can throttle the guest because the host thinks the guest is buggy or malicious; finally the user running stress test can perceive intermittent freeze of the guest. This patch brings back the test, and properly handles the in-place consumption APIs used by NetVSC (see get_next_pkt_raw(), put_pkt_raw() and commit_rd_index()). Fixes: a389fcfd2cb5 ("Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read()") Signed-off-by: Dexuan Cui <decui@microsoft.com> Reported-by: Rolf Neugebauer <rolf.neugebauer@docker.com> Tested-by: Rolf Neugebauer <rolf.neugebauer@docker.com> Cc: "K. Y. Srinivasan" <kys@microsoft.com> Cc: Haiyang Zhang <haiyangz@microsoft.com> Cc: Stephen Hemminger <sthemmin@microsoft.com> Cc: <stable@vger.kernel.org> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'include/net/net_ratelimit.h')