<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/tools/testing/selftests/net, branch linux-6.8.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>selftests/net/lib: no need to record ns name if it already exist</title>
<updated>2024-05-30T07:49:50+00:00</updated>
<author>
<name>Hangbin Liu</name>
<email>liuhangbin@gmail.com</email>
</author>
<published>2024-05-14T02:33:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=f4992a8cb283cc25c868c230a84256cbc7e04ef2'/>
<id>f4992a8cb283cc25c868c230a84256cbc7e04ef2</id>
<content type='text'>
[ Upstream commit 83e93942796db58652288f0391ac00072401816f ]

There is no need to add the name to ns_list again if the netns already
recoreded.

Fixes: 25ae948b4478 ("selftests/net: add lib.sh")
Signed-off-by: Hangbin Liu &lt;liuhangbin@gmail.com&gt;
Reviewed-by: Simon Horman &lt;horms@kernel.org&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 83e93942796db58652288f0391ac00072401816f ]

There is no need to add the name to ns_list again if the netns already
recoreded.

Fixes: 25ae948b4478 ("selftests/net: add lib.sh")
Signed-off-by: Hangbin Liu &lt;liuhangbin@gmail.com&gt;
Reviewed-by: Simon Horman &lt;horms@kernel.org&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval</title>
<updated>2024-05-30T07:49:50+00:00</updated>
<author>
<name>Nikolay Aleksandrov</name>
<email>razor@blackwall.org</email>
</author>
<published>2024-05-13T10:52:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=59476596a6d93bbdd51c429c2d98b92002f9fa31'/>
<id>59476596a6d93bbdd51c429c2d98b92002f9fa31</id>
<content type='text'>
[ Upstream commit 06080ea23095afe04a2cb7a8d05fab4311782623 ]

When running the bridge IGMP/MLD selftests on debug kernels we can get
spurious errors when setting up the IGMP/MLD exclude timeout tests
because the membership interval is just 3 seconds and the setup has 2
seconds of sleep plus various validations, the one second that is left
is not enough. Increase the membership interval from 3 to 5 seconds to
make room for the setup validation and 2 seconds of sleep.

Fixes: 34d7ecb3d4f7 ("selftests: net: bridge: update IGMP/MLD membership interval value")
Reported-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Nikolay Aleksandrov &lt;razor@blackwall.org&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 06080ea23095afe04a2cb7a8d05fab4311782623 ]

When running the bridge IGMP/MLD selftests on debug kernels we can get
spurious errors when setting up the IGMP/MLD exclude timeout tests
because the membership interval is just 3 seconds and the setup has 2
seconds of sleep plus various validations, the one second that is left
is not enough. Increase the membership interval from 3 to 5 seconds to
make room for the setup validation and 2 seconds of sleep.

Fixes: 34d7ecb3d4f7 ("selftests: net: bridge: update IGMP/MLD membership interval value")
Reported-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Nikolay Aleksandrov &lt;razor@blackwall.org&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests: net: move amt to socat for better compatibility</title>
<updated>2024-05-30T07:49:24+00:00</updated>
<author>
<name>Jakub Kicinski</name>
<email>kuba@kernel.org</email>
</author>
<published>2024-05-09T16:19:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=1c402509e2341ebb4d21b4cecf4c3db66276f3c7'/>
<id>1c402509e2341ebb4d21b4cecf4c3db66276f3c7</id>
<content type='text'>
[ Upstream commit 4c639b6a7b9db236c0907aca8e92d1537076f2cd ]

The test seems to expect that nc will exit after the first
received message. This is not the case with Ncat 7.94.
There are multiple versions of nc out there, switch
to socat for better compatibility.

Tell socat to exit after 128 bytes and pad the message.

Since the test sets -e make sure we don't set exit code
(|| true) and print the pass / fail rather then silently
moving over the test and just setting non-zero exit code
with no output indicating what failed.

Fixes: c08e8baea78e ("selftests: add amt interface selftest script")
Acked-by: Paolo Abeni&lt;pabeni@redhat.com&gt;
Tested-by: Taehee Yoo &lt;ap420073@gmail.com&gt;
Link: https://lore.kernel.org/r/20240509161952.3940476-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 4c639b6a7b9db236c0907aca8e92d1537076f2cd ]

The test seems to expect that nc will exit after the first
received message. This is not the case with Ncat 7.94.
There are multiple versions of nc out there, switch
to socat for better compatibility.

Tell socat to exit after 128 bytes and pad the message.

Since the test sets -e make sure we don't set exit code
(|| true) and print the pass / fail rather then silently
moving over the test and just setting non-zero exit code
with no output indicating what failed.

Fixes: c08e8baea78e ("selftests: add amt interface selftest script")
Acked-by: Paolo Abeni&lt;pabeni@redhat.com&gt;
Tested-by: Taehee Yoo &lt;ap420073@gmail.com&gt;
Link: https://lore.kernel.org/r/20240509161952.3940476-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests: net: add missing config for amt.sh</title>
<updated>2024-05-30T07:49:24+00:00</updated>
<author>
<name>Jakub Kicinski</name>
<email>kuba@kernel.org</email>
</author>
<published>2024-05-09T16:19:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=a15b16fa9785e4c494241b9bc7113c3c3ab978dd'/>
<id>a15b16fa9785e4c494241b9bc7113c3c3ab978dd</id>
<content type='text'>
[ Upstream commit c499fe96d3f75a5cf50de6089dd8f1cddd1301a9 ]

Test needs IPv6 multicast. smcroute currently crashes when trying
to install a route in a kernel without IPv6 multicast.

Fixes: c08e8baea78e ("selftests: add amt interface selftest script")
Link: https://lore.kernel.org/r/20240509161919.3939966-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit c499fe96d3f75a5cf50de6089dd8f1cddd1301a9 ]

Test needs IPv6 multicast. smcroute currently crashes when trying
to install a route in a kernel without IPv6 multicast.

Fixes: c08e8baea78e ("selftests: add amt interface selftest script")
Link: https://lore.kernel.org/r/20240509161919.3939966-1-kuba@kernel.org
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC</title>
<updated>2024-05-17T10:14:53+00:00</updated>
<author>
<name>Ido Schimmel</name>
<email>idosch@nvidia.com</email>
</author>
<published>2024-05-07T11:30:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=f94bf6ed8e88b4b6aff1a45f1794af6e840664f6'/>
<id>f94bf6ed8e88b4b6aff1a45f1794af6e840664f6</id>
<content type='text'>
[ Upstream commit 9a169c267e946b0f47f67e8ccc70134708ccf3d4 ]

When creating the topology for the test, three veth pairs are created in
the initial network namespace before being moved to one of the network
namespaces created by the test.

On systems where systemd-udev uses MACAddressPolicy=persistent (default
since systemd version 242), this will result in some net devices having
the same MAC address since they were created with the same name in the
initial network namespace. In turn, this leads to arping / ndisc6
failing since packets are dropped by the bridge's loopback filter.

Fix by creating each net device in the correct network namespace instead
of moving it there from the initial network namespace.

Reported-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Closes: https://lore.kernel.org/netdev/20240426074015.251854d4@kernel.org/
Fixes: 7648ac72dcd7 ("selftests: net: Add bridge neighbor suppression test")
Signed-off-by: Ido Schimmel &lt;idosch@nvidia.com&gt;
Link: https://lore.kernel.org/r/20240507113033.1732534-1-idosch@nvidia.com
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 9a169c267e946b0f47f67e8ccc70134708ccf3d4 ]

When creating the topology for the test, three veth pairs are created in
the initial network namespace before being moved to one of the network
namespaces created by the test.

On systems where systemd-udev uses MACAddressPolicy=persistent (default
since systemd version 242), this will result in some net devices having
the same MAC address since they were created with the same name in the
initial network namespace. In turn, this leads to arping / ndisc6
failing since packets are dropped by the bridge's loopback filter.

Fix by creating each net device in the correct network namespace instead
of moving it there from the initial network namespace.

Reported-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Closes: https://lore.kernel.org/netdev/20240426074015.251854d4@kernel.org/
Fixes: 7648ac72dcd7 ("selftests: net: Add bridge neighbor suppression test")
Signed-off-by: Ido Schimmel &lt;idosch@nvidia.com&gt;
Link: https://lore.kernel.org/r/20240507113033.1732534-1-idosch@nvidia.com
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests/tcp_ao: Printing fixes to confirm with format-security</title>
<updated>2024-04-27T15:12:51+00:00</updated>
<author>
<name>Dmitry Safonov</name>
<email>0x7f454c46@gmail.com</email>
</author>
<published>2024-04-13T01:42:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=1763b3c51e276d602a28da2b0c045fdf9bf4c72f'/>
<id>1763b3c51e276d602a28da2b0c045fdf9bf4c72f</id>
<content type='text'>
[ Upstream commit b476c93654d748c13624f7c7d0ba191c56a8092e ]

On my new laptop with packages from nixos-unstable, gcc 12.3.0 produces
&gt; lib/setup.c: In function ‘__test_msg’:
&gt; lib/setup.c:20:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    20 |         ksft_print_msg(buf);
&gt;       |         ^~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_ok’:
&gt; lib/setup.c:26:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    26 |         ksft_test_result_pass(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_fail’:
&gt; lib/setup.c:32:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    32 |         ksft_test_result_fail(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_xfail’:
&gt; lib/setup.c:38:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    38 |         ksft_test_result_xfail(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_error’:
&gt; lib/setup.c:44:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    44 |         ksft_test_result_error(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_skip’:
&gt; lib/setup.c:50:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    50 |         ksft_test_result_skip(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~
&gt; cc1: some warnings being treated as errors

As the buffer was already pre-printed into, print it as a string
rather than a format-string.

Fixes: cfbab37b3da0 ("selftests/net: Add TCP-AO library")
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Reported-by: Muhammad Usama Anjum &lt;usama.anjum@collabora.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit b476c93654d748c13624f7c7d0ba191c56a8092e ]

On my new laptop with packages from nixos-unstable, gcc 12.3.0 produces
&gt; lib/setup.c: In function ‘__test_msg’:
&gt; lib/setup.c:20:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    20 |         ksft_print_msg(buf);
&gt;       |         ^~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_ok’:
&gt; lib/setup.c:26:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    26 |         ksft_test_result_pass(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_fail’:
&gt; lib/setup.c:32:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    32 |         ksft_test_result_fail(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_xfail’:
&gt; lib/setup.c:38:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    38 |         ksft_test_result_xfail(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_error’:
&gt; lib/setup.c:44:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    44 |         ksft_test_result_error(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~~
&gt; lib/setup.c: In function ‘__test_skip’:
&gt; lib/setup.c:50:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    50 |         ksft_test_result_skip(buf);
&gt;       |         ^~~~~~~~~~~~~~~~~~~~~
&gt; cc1: some warnings being treated as errors

As the buffer was already pre-printed into, print it as a string
rather than a format-string.

Fixes: cfbab37b3da0 ("selftests/net: Add TCP-AO library")
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Reported-by: Muhammad Usama Anjum &lt;usama.anjum@collabora.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests/tcp_ao: Fix fscanf() call for format-security</title>
<updated>2024-04-27T15:12:51+00:00</updated>
<author>
<name>Dmitry Safonov</name>
<email>0x7f454c46@gmail.com</email>
</author>
<published>2024-04-13T01:42:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=0d7211d6b8097b9a4d26fa186007bf9f51711ee8'/>
<id>0d7211d6b8097b9a4d26fa186007bf9f51711ee8</id>
<content type='text'>
[ Upstream commit beb78cd1329d039d73487ca05633d1b92e1ab2ea ]

On my new laptop with packages from nixos-unstable, gcc 12.3.0 produces:
&gt; lib/proc.c: In function ‘netstat_read_type’:
&gt; lib/proc.c:89:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    89 |         if (fscanf(fnetstat, type-&gt;header_name) == EOF)
&gt;       |         ^~
&gt; cc1: some warnings being treated as errors

Here the selftests lib parses header name, while expectes non-space word
ending with a column.

Fixes: cfbab37b3da0 ("selftests/net: Add TCP-AO library")
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Reported-by: Muhammad Usama Anjum &lt;usama.anjum@collabora.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit beb78cd1329d039d73487ca05633d1b92e1ab2ea ]

On my new laptop with packages from nixos-unstable, gcc 12.3.0 produces:
&gt; lib/proc.c: In function ‘netstat_read_type’:
&gt; lib/proc.c:89:9: error: format not a string literal and no format arguments [-Werror=format-security]
&gt;    89 |         if (fscanf(fnetstat, type-&gt;header_name) == EOF)
&gt;       |         ^~
&gt; cc1: some warnings being treated as errors

Here the selftests lib parses header name, while expectes non-space word
ending with a column.

Fixes: cfbab37b3da0 ("selftests/net: Add TCP-AO library")
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Reported-by: Muhammad Usama Anjum &lt;usama.anjum@collabora.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests/tcp_ao: Zero-init tcp_ao_info_opt</title>
<updated>2024-04-27T15:12:51+00:00</updated>
<author>
<name>Dmitry Safonov</name>
<email>0x7f454c46@gmail.com</email>
</author>
<published>2024-04-13T01:42:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=cc9a80d5d51e11e432d8d44722114614cd8adcc7'/>
<id>cc9a80d5d51e11e432d8d44722114614cd8adcc7</id>
<content type='text'>
[ Upstream commit b089b3bead532419cdcbd8e4e0a3e23c49d11573 ]

The structure is on the stack and has to be zero-initialized as
the kernel checks for:
&gt;	if (in.reserved != 0 || in.reserved2 != 0)
&gt;		return -EINVAL;

Fixes: b26660531cf6 ("selftests/net: Add test for TCP-AO add setsockopt() command")
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit b089b3bead532419cdcbd8e4e0a3e23c49d11573 ]

The structure is on the stack and has to be zero-initialized as
the kernel checks for:
&gt;	if (in.reserved != 0 || in.reserved2 != 0)
&gt;		return -EINVAL;

Fixes: b26660531cf6 ("selftests/net: Add test for TCP-AO add setsockopt() command")
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selftests/tcp_ao: Make RST tests less flaky</title>
<updated>2024-04-27T15:12:51+00:00</updated>
<author>
<name>Dmitry Safonov</name>
<email>0x7f454c46@gmail.com</email>
</author>
<published>2024-04-13T01:42:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=4fc84bb1b76cc533b9ceae629a33f55a670efb3d'/>
<id>4fc84bb1b76cc533b9ceae629a33f55a670efb3d</id>
<content type='text'>
[ Upstream commit 4225dfa4535f219b03ae14147d9c6e7e82ec8df4 ]

Currently, "active reset" cases are flaky, because select() is called
for 3 sockets, while only 2 are expected to receive RST.
The idea of the third socket was to get into request_sock_queue,
but the test mistakenly attempted to connect() after the listener
socket was shut down.

Repair this test, it's important to check the different kernel
code-paths for signing RST TCP-AO segments.

Fixes: c6df7b2361d7 ("selftests/net: Add TCP-AO RST test")
Reported-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 4225dfa4535f219b03ae14147d9c6e7e82ec8df4 ]

Currently, "active reset" cases are flaky, because select() is called
for 3 sockets, while only 2 are expected to receive RST.
The idea of the third socket was to get into request_sock_queue,
but the test mistakenly attempted to connect() after the listener
socket was shut down.

Repair this test, it's important to check the different kernel
code-paths for signing RST TCP-AO segments.

Fixes: c6df7b2361d7 ("selftests/net: Add TCP-AO RST test")
Reported-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
Signed-off-by: Dmitry Safonov &lt;0x7f454c46@gmail.com&gt;
Signed-off-by: Paolo Abeni &lt;pabeni@redhat.com&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>net: change maximum number of UDP segments to 128</title>
<updated>2024-04-27T15:12:50+00:00</updated>
<author>
<name>Yuri Benditovich</name>
<email>yuri.benditovich@daynix.com</email>
</author>
<published>2024-04-11T05:11:24+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=00c165039399f7d545a67c75547a1fa051211039'/>
<id>00c165039399f7d545a67c75547a1fa051211039</id>
<content type='text'>
[ Upstream commit 1382e3b6a3500c245e5278c66d210c02926f804f ]

The commit fc8b2a619469
("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
adds check of potential number of UDP segments vs
UDP_MAX_SEGMENTS in linux/virtio_net.h.
After this change certification test of USO guest-to-guest
transmit on Windows driver for virtio-net device fails,
for example with packet size of ~64K and mss of 536 bytes.
In general the USO should not be more restrictive than TSO.
Indeed, in case of unreasonably small mss a lot of segments
can cause queue overflow and packet loss on the destination.
Limit of 128 segments is good for any practical purpose,
with minimal meaningful mss of 536 the maximal UDP packet will
be divided to ~120 segments.
The number of segments for UDP packets is validated vs
UDP_MAX_SEGMENTS also in udp.c (v4,v6), this does not affect
quest-to-guest path but does affect packets sent to host, for
example.
It is important to mention that UDP_MAX_SEGMENTS is kernel-only
define and not available to user mode socket applications.
In order to request MSS smaller than MTU the applications
just uses setsockopt with SOL_UDP and UDP_SEGMENT and there is
no limitations on socket API level.

Fixes: fc8b2a619469 ("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
Signed-off-by: Yuri Benditovich &lt;yuri.benditovich@daynix.com&gt;
Reviewed-by: Willem de Bruijn &lt;willemb@google.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 1382e3b6a3500c245e5278c66d210c02926f804f ]

The commit fc8b2a619469
("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
adds check of potential number of UDP segments vs
UDP_MAX_SEGMENTS in linux/virtio_net.h.
After this change certification test of USO guest-to-guest
transmit on Windows driver for virtio-net device fails,
for example with packet size of ~64K and mss of 536 bytes.
In general the USO should not be more restrictive than TSO.
Indeed, in case of unreasonably small mss a lot of segments
can cause queue overflow and packet loss on the destination.
Limit of 128 segments is good for any practical purpose,
with minimal meaningful mss of 536 the maximal UDP packet will
be divided to ~120 segments.
The number of segments for UDP packets is validated vs
UDP_MAX_SEGMENTS also in udp.c (v4,v6), this does not affect
quest-to-guest path but does affect packets sent to host, for
example.
It is important to mention that UDP_MAX_SEGMENTS is kernel-only
define and not available to user mode socket applications.
In order to request MSS smaller than MTU the applications
just uses setsockopt with SOL_UDP and UDP_SEGMENT and there is
no limitations on socket API level.

Fixes: fc8b2a619469 ("net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation")
Signed-off-by: Yuri Benditovich &lt;yuri.benditovich@daynix.com&gt;
Reviewed-by: Willem de Bruijn &lt;willemb@google.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Sasha Levin &lt;sashal@kernel.org&gt;
</pre>
</div>
</content>
</entry>
</feed>
