From 04ddea825470c28ab82ee2c98f9a8acb7c3d4cf9 Mon Sep 17 00:00:00 2001 From: yangyanjun Date: Wed, 31 Aug 2022 13:59:29 +0800 Subject: [PATCH 1/3] =?UTF-8?q?newip=E5=86=85=E6=A0=B8=E5=8D=8F=E8=AE=AE?= =?UTF-8?q?=E6=A0=88=E4=BE=B5=E5=85=A5=E5=BC=8F=E4=BF=AE=E6=94=B9=E4=BB=A3?= =?UTF-8?q?=E7=A0=81=E5=90=88=E5=85=A5(=E6=9C=AA=E4=BD=BF=E8=83=BD?= =?UTF-8?q?=E6=9C=AA=E5=8F=82=E4=B8=8E=E7=BC=96=E8=AF=91=EF=BC=8C=E7=AD=89?= =?UTF-8?q?sig=E5=AD=B5=E5=8C=96=E4=BB=93=E8=BD=AC=E6=AD=A3=E5=90=8E?= =?UTF-8?q?=E5=9C=A8=E5=AF=B9=E5=BA=94=E6=AC=BE=E5=9E=8B=E4=BD=BF=E8=83=BD?= =?UTF-8?q?=E6=94=BE=E5=BC=80=E7=BC=96=E8=AF=91)=20Signed-off-by:=20yangya?= =?UTF-8?q?njun=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- include/linux/netdevice.h | 3 ++ include/linux/socket.h | 5 +-- include/linux/tcp.h | 23 +++++++++++++ include/net/dst.h | 2 ++ include/net/inet_hashtables.h | 10 ++++++ include/net/inet_sock.h | 10 ++++++ include/net/neighbour.h | 3 ++ include/net/net_namespace.h | 6 ++++ include/net/secure_seq.h | 7 ++++ include/net/sock.h | 10 ++++++ include/net/tcp.h | 7 +++- include/uapi/linux/if_ether.h | 1 + net/Makefile | 3 ++ net/core/neighbour.c | 5 +++ net/core/secure_seq.c | 45 ++++++++++++++++++++++++++ net/ipv4/inet_connection_sock.c | 50 +++++++++++++++++++++++++++++ net/ipv4/inet_hashtables.c | 9 ++++++ security/selinux/hooks.c | 2 +- security/selinux/include/classmap.h | 2 +- 19 files changed, 198 insertions(+), 5 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index a934282b1a35..0f7248fefb98 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -2016,6 +2016,9 @@ struct net_device { struct dn_dev __rcu *dn_ptr; #endif struct inet6_dev __rcu *ip6_ptr; +#if IS_ENABLED(CONFIG_NEWIP) + struct ninet_dev __rcu *nip_ptr; /* NIP */ +#endif #if IS_ENABLED(CONFIG_AX25) void *ax25_ptr; #endif diff --git a/include/linux/socket.h b/include/linux/socket.h index 9aa530d497da..fb098a938581 100644 --- a/include/linux/socket.h +++ b/include/linux/socket.h @@ -223,8 +223,8 @@ struct ucred { * reuses AF_INET address family */ #define AF_XDP 44 /* XDP sockets */ - -#define AF_MAX 45 /* For now.. */ +#define AF_NINET 45 /* NIP */ +#define AF_MAX 46 /* For now.. */ /* Protocol families, same as address families. */ #define PF_UNSPEC AF_UNSPEC @@ -274,6 +274,7 @@ struct ucred { #define PF_QIPCRTR AF_QIPCRTR #define PF_SMC AF_SMC #define PF_XDP AF_XDP +#define PF_NINET AF_NINET /* NIP */ #define PF_MAX AF_MAX /* Maximum queue length specifiable by listen. */ diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 2f87377e9af7..c2b65321575b 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -317,6 +317,9 @@ struct tcp_sock { /* OOO segments go in this rbtree. Socket lock must be held. */ struct rb_root out_of_order_queue; +#ifdef CONFIG_NEWIP + struct sk_buff *nip_out_of_order_queue; /* NIP */ +#endif struct sk_buff *ooo_last_skb; /* cache rb_last(out_of_order_queue) */ /* SACKs data, these 2 need to be together (see tcp_options_write) */ @@ -412,6 +415,22 @@ struct tcp_sock { */ struct request_sock __rcu *fastopen_rsk; struct saved_syn *saved_syn; + +#ifdef CONFIG_NEWIP +/* newip tcp retrans */ + u32 ack_retrans_num; + u32 ack_retrans_seq; + u32 nip_ssthresh; + u32 nip_ssthresh_reset; + bool nip_keepalive_enable; + u32 idle_ka_probes_out; + u32 nip_keepalive_out; + u32 last_rcv_nxt; + u32 dup_ack_cnt; + u32 keepalive_time_bak; + u32 keepalive_probes_bak; + u32 keepalive_intvl_bak; +#endif }; enum tsq_enum { @@ -423,6 +442,10 @@ enum tsq_enum { TCP_MTU_REDUCED_DEFERRED, /* tcp_v{4|6}_err() could not call * tcp_v{4|6}_mtu_reduced() */ +#ifdef CONFIG_NEWIP + TCP_NIP_WRITE_TIMER_DEFERRED, /* NIP */ + TCP_NIP_DELACK_TIMER_DEFERRED, /* NIP */ +#endif }; enum tsq_flags { diff --git a/include/net/dst.h b/include/net/dst.h index acd15c544cf3..4c27d6bf3404 100644 --- a/include/net/dst.h +++ b/include/net/dst.h @@ -35,6 +35,8 @@ struct dst_entry { int (*output)(struct net *net, struct sock *sk, struct sk_buff *skb); unsigned short flags; + +#define DST_HOST 0x0001 /* NIP */ #define DST_NOXFRM 0x0002 #define DST_NOPOLICY 0x0004 #define DST_NOCOUNT 0x0008 diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h index d4d611064a76..3dfc043c0315 100644 --- a/include/net/inet_hashtables.h +++ b/include/net/inet_hashtables.h @@ -82,6 +82,9 @@ struct inet_bind_bucket { kuid_t fastuid; #if IS_ENABLED(CONFIG_IPV6) struct in6_addr fast_v6_rcv_saddr; +#endif +#if IS_ENABLED(CONFIG_NEWIP) + struct nip_addr fast_nip_rcv_saddr; #endif __be32 fast_rcv_saddr; unsigned short fast_sk_family; @@ -402,6 +405,13 @@ u32 inet6_ehashfn(const struct net *net, const struct in6_addr *laddr, const u16 lport, const struct in6_addr *faddr, const __be16 fport); +#ifdef CONFIG_NEWIP +/* NIP */ +u32 ninet_ehashfn(const struct net *net, + const struct nip_addr *laddr, const u16 lport, + const struct nip_addr *faddr, const __be16 fport); +#endif + static inline void sk_daddr_set(struct sock *sk, __be32 addr) { sk->sk_daddr = addr; /* alias of inet_daddr */ diff --git a/include/net/inet_sock.h b/include/net/inet_sock.h index 89163ef8cf4b..688929625158 100644 --- a/include/net/inet_sock.h +++ b/include/net/inet_sock.h @@ -73,6 +73,10 @@ struct inet_request_sock { #define ir_rmt_port req.__req_common.skc_dport #define ir_v6_rmt_addr req.__req_common.skc_v6_daddr #define ir_v6_loc_addr req.__req_common.skc_v6_rcv_saddr + +#define ir_nip_rmt_addr req.__req_common.nip_daddr /* NIP */ +#define ir_nip_loc_addr req.__req_common.nip_rcv_saddr /* NIP */ + #define ir_iif req.__req_common.skc_bound_dev_if #define ir_cookie req.__req_common.skc_cookie #define ireq_net req.__req_common.skc_net @@ -96,6 +100,12 @@ struct inet_request_sock { struct ipv6_txoptions *ipv6_opt; struct sk_buff *pktopts; }; +#endif +#if IS_ENABLED(CONFIG_NEWIP) + /* NIP */ + struct { + struct sk_buff *nip_pktopts; + }; #endif }; }; diff --git a/include/net/neighbour.h b/include/net/neighbour.h index d5767e25509c..810b857f9531 100644 --- a/include/net/neighbour.h +++ b/include/net/neighbour.h @@ -232,6 +232,9 @@ enum { NEIGH_ARP_TABLE = 0, NEIGH_ND_TABLE = 1, NEIGH_DN_TABLE = 2, +#ifdef CONFIG_NEWIP + NEIGH_NND_TABLE = 3, /* NIP */ +#endif NEIGH_NR_TABLES, NEIGH_LINK_TABLE = NEIGH_NR_TABLES /* Pseudo table for neigh_xmit */ }; diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h index eb0e7731f3b1..ac0f068f46fc 100644 --- a/include/net/net_namespace.h +++ b/include/net/net_namespace.h @@ -38,6 +38,9 @@ #include #include #include +#ifdef CONFIG_NEWIP +#include +#endif struct user_namespace; struct proc_dir_entry; @@ -127,6 +130,9 @@ struct net { #if IS_ENABLED(CONFIG_IPV6) struct netns_ipv6 ipv6; #endif +#if IS_ENABLED(CONFIG_NEWIP) + struct netns_newip newip; /* NIP */ +#endif #if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN) struct netns_ieee802154_lowpan ieee802154_lowpan; #endif diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h index dac91aa38c5a..65c4c437d83b 100644 --- a/include/net/secure_seq.h +++ b/include/net/secure_seq.h @@ -19,4 +19,11 @@ u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr, u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr, __be16 sport, __be16 dport); +#ifdef CONFIG_NEWIP +/* NIP */ +u64 secure_newip_port_ephemeral(const __be32 *saddr, const __be32 *daddr, + __be16 dport); +__u32 secure_tcp_nip_sequence_number(const __be32 *saddr, const __be32 *daddr, + __be16 sport, __be16 dport); +#endif #endif /* _NET_SECURE_SEQ */ diff --git a/include/net/sock.h b/include/net/sock.h index 2c11eb4abdd2..e475ce86a10a 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -68,6 +68,9 @@ #include #include #include +#ifdef CONFIG_NEWIP +#include +#endif /* * This structure really needs to be cleaned up. @@ -202,6 +205,11 @@ struct sock_common { struct in6_addr skc_v6_rcv_saddr; #endif +#if IS_ENABLED(CONFIG_NEWIP) + struct nip_addr nip_daddr; /* NIP */ + struct nip_addr nip_rcv_saddr; /* NIP */ +#endif + atomic64_t skc_cookie; /* following fields are padding to force @@ -379,6 +387,8 @@ struct sock { #define sk_net __sk_common.skc_net #define sk_v6_daddr __sk_common.skc_v6_daddr #define sk_v6_rcv_saddr __sk_common.skc_v6_rcv_saddr +#define sk_nip_daddr __sk_common.nip_daddr /* NIP */ +#define sk_nip_rcv_saddr __sk_common.nip_rcv_saddr /* NIP */ #define sk_cookie __sk_common.skc_cookie #define sk_incoming_cpu __sk_common.skc_incoming_cpu #define sk_flags __sk_common.skc_flags diff --git a/include/net/tcp.h b/include/net/tcp.h index 334b8d1b5442..b9b3ae0fa49c 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -40,7 +40,9 @@ #include #include #include - +#ifdef CONFIG_NEWIP +#include /* NIP */ +#endif #include #include #include @@ -868,6 +870,9 @@ struct tcp_skb_cb { struct inet_skb_parm h4; #if IS_ENABLED(CONFIG_IPV6) struct inet6_skb_parm h6; +#endif +#if IS_ENABLED(CONFIG_NEWIP) + struct ninet_skb_parm hnip; /* NIP */ #endif } header; /* For incoming skbs */ struct { diff --git a/include/uapi/linux/if_ether.h b/include/uapi/linux/if_ether.h index d6de2b167448..16d3450ea844 100644 --- a/include/uapi/linux/if_ether.h +++ b/include/uapi/linux/if_ether.h @@ -72,6 +72,7 @@ #define ETH_P_ERSPAN 0x88BE /* ERSPAN type II */ #define ETH_P_IPX 0x8137 /* IPX over DIX */ #define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */ +#define ETH_P_NEWIP 0xEADD /* NIP */ #define ETH_P_PAUSE 0x8808 /* IEEE Pause frames. See 802.3 31B */ #define ETH_P_SLOW 0x8809 /* Slow Protocol. See 802.3ad 43B */ #define ETH_P_WCCP 0x883E /* Web-cache coordination protocol diff --git a/net/Makefile b/net/Makefile index 5744bf1997fd..b02730775923 100644 --- a/net/Makefile +++ b/net/Makefile @@ -20,6 +20,9 @@ obj-$(CONFIG_TLS) += tls/ obj-$(CONFIG_XFRM) += xfrm/ obj-$(CONFIG_UNIX_SCM) += unix/ obj-$(CONFIG_NET) += ipv6/ +ifeq ($(CONFIG_NEWIP),y) +obj-$(CONFIG_NET) += newip/ +endif obj-$(CONFIG_BPFILTER) += bpfilter/ obj-$(CONFIG_PACKET) += packet/ obj-$(CONFIG_NET_KEY) += key/ diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 52a1c8725337..f36bd9d7dcd9 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -1778,6 +1778,11 @@ static struct neigh_table *neigh_find_table(int family) case AF_DECnet: tbl = neigh_tables[NEIGH_DN_TABLE]; break; +#ifdef CONFIG_NEWIP + case AF_NINET: /* NIP */ + tbl = neigh_tables[NEIGH_NND_TABLE]; + break; +#endif } return tbl; diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c index 444cce0184c3..10e9223edc3a 100644 --- a/net/core/secure_seq.c +++ b/net/core/secure_seq.c @@ -151,6 +151,51 @@ u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) EXPORT_SYMBOL_GPL(secure_ipv4_port_ephemeral); #endif +#ifdef CONFIG_NEWIP +/* NIP */ +__u32 secure_tcp_nip_sequence_number(const __be32 *saddr, const __be32 *daddr, + __be16 sport, __be16 dport) +{ + const struct { + struct nip_addr saddr; + struct nip_addr daddr; + __be16 sport; + __be16 dport; + } __aligned(SIPHASH_ALIGNMENT) combined = { + .saddr = *(struct nip_addr *)saddr, + .daddr = *(struct nip_addr *)daddr, + .sport = sport, + .dport = dport, + }; + u32 hash; + + net_secret_init(); + hash = siphash(&combined, offsetofend(typeof(combined), dport), + &net_secret); + return seq_scale(hash); +} +EXPORT_SYMBOL_GPL(secure_tcp_nip_sequence_number); + +/* NIP */ +u64 secure_newip_port_ephemeral(const __be32 *saddr, const __be32 *daddr, + __be16 dport) +{ + const struct { + struct nip_addr saddr; + struct nip_addr daddr; + __be16 dport; + } __aligned(SIPHASH_ALIGNMENT) combined = { + .saddr = *(struct nip_addr *)saddr, + .daddr = *(struct nip_addr *)daddr, + .dport = dport, + }; + net_secret_init(); + return siphash(&combined, offsetofend(typeof(combined), dport), + &net_secret); +} +EXPORT_SYMBOL_GPL(secure_newip_port_ephemeral); +#endif + #if IS_ENABLED(CONFIG_IP_DCCP) u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr, __be16 sport, __be16 dport) diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index addd595bb3fe..3ef461a783c8 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c @@ -22,7 +22,34 @@ #include #include #include +#if IS_ENABLED(CONFIG_NEWIP) +#include +#include +#endif +#if IS_ENABLED(CONFIG_NEWIP) +/* only match New IP sock + * match_sk*_wildcard == true: NIP_ADDR_ANY equals to any New IP addresses + * + * match_sk*_wildcard == false: addresses must be exactly the same, i.e. + * NIP_ADDR_ANY only equals to NIP_ADDR_ANY + */ +static bool nip_rcv_saddr_equal(const struct nip_addr *sk1_rcv_saddr, + const struct nip_addr *sk2_rcv_saddr, + bool sk2_isnewip, + bool match_sk1_wildcard, + bool match_sk2_wildcard) +{ + if (!sk2_isnewip) + return false; + if (nip_addr_eq(sk1_rcv_saddr, sk2_rcv_saddr)) + return true; + return (match_sk1_wildcard && + nip_addr_eq(sk1_rcv_saddr, &nip_any_addr)) || + (match_sk2_wildcard && + nip_addr_eq(sk2_rcv_saddr, &nip_any_addr)); +} +#endif #if IS_ENABLED(CONFIG_IPV6) /* match_sk*_wildcard == true: IPV6_ADDR_ANY equals to any IPv6 addresses * if IPv6 only, and any IPv4 addresses @@ -102,6 +129,16 @@ bool inet_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2, match_wildcard, match_wildcard); #endif + +#if IS_ENABLED(CONFIG_NEWIP) + if (sk->sk_family == AF_NINET) + return nip_rcv_saddr_equal(&sk->sk_nip_rcv_saddr, + &sk2->sk_nip_rcv_saddr, + sk2->sk_family == AF_NINET, + match_wildcard, + match_wildcard); +#endif + return ipv4_rcv_saddr_equal(sk->sk_rcv_saddr, sk2->sk_rcv_saddr, ipv6_only_sock(sk2), match_wildcard, match_wildcard); @@ -291,6 +328,13 @@ static inline int sk_reuseport_match(struct inet_bind_bucket *tb, sk->sk_rcv_saddr, tb->fast_ipv6_only, ipv6_only_sock(sk), true, false); +#endif +#if IS_ENABLED(CONFIG_NEWIP) + if (tb->fast_sk_family == AF_NINET) + return nip_rcv_saddr_equal(&tb->fast_nip_rcv_saddr, + &sk->sk_nip_rcv_saddr, + sk->sk_family == AF_NINET, + true, false); #endif return ipv4_rcv_saddr_equal(tb->fast_rcv_saddr, sk->sk_rcv_saddr, ipv6_only_sock(sk), true, false); @@ -312,6 +356,9 @@ void inet_csk_update_fastreuse(struct inet_bind_bucket *tb, tb->fast_sk_family = sk->sk_family; #if IS_ENABLED(CONFIG_IPV6) tb->fast_v6_rcv_saddr = sk->sk_v6_rcv_saddr; +#endif +#if IS_ENABLED(CONFIG_NEWIP) + tb->fast_nip_rcv_saddr = sk->sk_nip_rcv_saddr; #endif } else { tb->fastreuseport = 0; @@ -339,6 +386,9 @@ void inet_csk_update_fastreuse(struct inet_bind_bucket *tb, tb->fast_sk_family = sk->sk_family; #if IS_ENABLED(CONFIG_IPV6) tb->fast_v6_rcv_saddr = sk->sk_v6_rcv_saddr; +#endif +#if IS_ENABLED(CONFIG_NEWIP) + tb->fast_nip_rcv_saddr = sk->sk_nip_rcv_saddr; #endif } } else { diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index cf178d8eea81..662f190f3901 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -52,6 +52,15 @@ static u32 sk_ehashfn(const struct sock *sk) &sk->sk_v6_rcv_saddr, sk->sk_num, &sk->sk_v6_daddr, sk->sk_dport); #endif + +#if IS_ENABLED(CONFIG_NEWIP) + /* NIP */ + if (sk->sk_family == AF_NINET) + return ninet_ehashfn(sock_net(sk), + &sk->sk_nip_rcv_saddr, sk->sk_num, + &sk->sk_nip_daddr, sk->sk_dport); +#endif + return inet_ehashfn(sock_net(sk), sk->sk_rcv_saddr, sk->sk_num, sk->sk_daddr, sk->sk_dport); diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ff2191ae5352..a45250a13d79 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1271,7 +1271,7 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc return SECCLASS_SMC_SOCKET; case PF_XDP: return SECCLASS_XDP_SOCKET; -#if PF_MAX > 45 +#if PF_MAX > 46 #error New address family defined, please update this function. #endif } diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index b9fdba2ff416..7271a0e05966 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -253,6 +253,6 @@ struct security_class_mapping secclass_map[] = { { NULL } }; -#if PF_MAX > 45 +#if PF_MAX > 46 #error New address family defined, please update secclass_map. #endif -- Gitee From 406f9c5b10377357a2aa3cbba719b796b3ad1e13 Mon Sep 17 00:00:00 2001 From: yangyanjun Date: Thu, 8 Sep 2022 17:02:09 +0800 Subject: [PATCH 2/3] =?UTF-8?q?newip=E4=BE=B5=E5=85=A5=E5=BC=8F=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E6=A3=80=E8=A7=86=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: yangyanjun --- include/linux/tcp.h | 4 ---- include/net/dst.h | 1 - include/net/inet_hashtables.h | 7 ------ include/net/inet_sock.h | 10 -------- include/net/secure_seq.h | 7 ------ include/net/sock.h | 2 -- include/uapi/linux/if_ether.h | 1 - net/core/secure_seq.c | 45 ----------------------------------- net/ipv4/inet_hashtables.c | 3 +++ 9 files changed, 3 insertions(+), 77 deletions(-) diff --git a/include/linux/tcp.h b/include/linux/tcp.h index c2b65321575b..aaaecc45a4fc 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -442,10 +442,6 @@ enum tsq_enum { TCP_MTU_REDUCED_DEFERRED, /* tcp_v{4|6}_err() could not call * tcp_v{4|6}_mtu_reduced() */ -#ifdef CONFIG_NEWIP - TCP_NIP_WRITE_TIMER_DEFERRED, /* NIP */ - TCP_NIP_DELACK_TIMER_DEFERRED, /* NIP */ -#endif }; enum tsq_flags { diff --git a/include/net/dst.h b/include/net/dst.h index 4c27d6bf3404..65b7551dd304 100644 --- a/include/net/dst.h +++ b/include/net/dst.h @@ -36,7 +36,6 @@ struct dst_entry { unsigned short flags; -#define DST_HOST 0x0001 /* NIP */ #define DST_NOXFRM 0x0002 #define DST_NOPOLICY 0x0004 #define DST_NOCOUNT 0x0008 diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h index 3dfc043c0315..3695a1802ea6 100644 --- a/include/net/inet_hashtables.h +++ b/include/net/inet_hashtables.h @@ -405,13 +405,6 @@ u32 inet6_ehashfn(const struct net *net, const struct in6_addr *laddr, const u16 lport, const struct in6_addr *faddr, const __be16 fport); -#ifdef CONFIG_NEWIP -/* NIP */ -u32 ninet_ehashfn(const struct net *net, - const struct nip_addr *laddr, const u16 lport, - const struct nip_addr *faddr, const __be16 fport); -#endif - static inline void sk_daddr_set(struct sock *sk, __be32 addr) { sk->sk_daddr = addr; /* alias of inet_daddr */ diff --git a/include/net/inet_sock.h b/include/net/inet_sock.h index 688929625158..89163ef8cf4b 100644 --- a/include/net/inet_sock.h +++ b/include/net/inet_sock.h @@ -73,10 +73,6 @@ struct inet_request_sock { #define ir_rmt_port req.__req_common.skc_dport #define ir_v6_rmt_addr req.__req_common.skc_v6_daddr #define ir_v6_loc_addr req.__req_common.skc_v6_rcv_saddr - -#define ir_nip_rmt_addr req.__req_common.nip_daddr /* NIP */ -#define ir_nip_loc_addr req.__req_common.nip_rcv_saddr /* NIP */ - #define ir_iif req.__req_common.skc_bound_dev_if #define ir_cookie req.__req_common.skc_cookie #define ireq_net req.__req_common.skc_net @@ -100,12 +96,6 @@ struct inet_request_sock { struct ipv6_txoptions *ipv6_opt; struct sk_buff *pktopts; }; -#endif -#if IS_ENABLED(CONFIG_NEWIP) - /* NIP */ - struct { - struct sk_buff *nip_pktopts; - }; #endif }; }; diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h index 65c4c437d83b..dac91aa38c5a 100644 --- a/include/net/secure_seq.h +++ b/include/net/secure_seq.h @@ -19,11 +19,4 @@ u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr, u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr, __be16 sport, __be16 dport); -#ifdef CONFIG_NEWIP -/* NIP */ -u64 secure_newip_port_ephemeral(const __be32 *saddr, const __be32 *daddr, - __be16 dport); -__u32 secure_tcp_nip_sequence_number(const __be32 *saddr, const __be32 *daddr, - __be16 sport, __be16 dport); -#endif #endif /* _NET_SECURE_SEQ */ diff --git a/include/net/sock.h b/include/net/sock.h index e475ce86a10a..477e7bc6831e 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -387,8 +387,6 @@ struct sock { #define sk_net __sk_common.skc_net #define sk_v6_daddr __sk_common.skc_v6_daddr #define sk_v6_rcv_saddr __sk_common.skc_v6_rcv_saddr -#define sk_nip_daddr __sk_common.nip_daddr /* NIP */ -#define sk_nip_rcv_saddr __sk_common.nip_rcv_saddr /* NIP */ #define sk_cookie __sk_common.skc_cookie #define sk_incoming_cpu __sk_common.skc_incoming_cpu #define sk_flags __sk_common.skc_flags diff --git a/include/uapi/linux/if_ether.h b/include/uapi/linux/if_ether.h index 16d3450ea844..d6de2b167448 100644 --- a/include/uapi/linux/if_ether.h +++ b/include/uapi/linux/if_ether.h @@ -72,7 +72,6 @@ #define ETH_P_ERSPAN 0x88BE /* ERSPAN type II */ #define ETH_P_IPX 0x8137 /* IPX over DIX */ #define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */ -#define ETH_P_NEWIP 0xEADD /* NIP */ #define ETH_P_PAUSE 0x8808 /* IEEE Pause frames. See 802.3 31B */ #define ETH_P_SLOW 0x8809 /* Slow Protocol. See 802.3ad 43B */ #define ETH_P_WCCP 0x883E /* Web-cache coordination protocol diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c index 10e9223edc3a..444cce0184c3 100644 --- a/net/core/secure_seq.c +++ b/net/core/secure_seq.c @@ -151,51 +151,6 @@ u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport) EXPORT_SYMBOL_GPL(secure_ipv4_port_ephemeral); #endif -#ifdef CONFIG_NEWIP -/* NIP */ -__u32 secure_tcp_nip_sequence_number(const __be32 *saddr, const __be32 *daddr, - __be16 sport, __be16 dport) -{ - const struct { - struct nip_addr saddr; - struct nip_addr daddr; - __be16 sport; - __be16 dport; - } __aligned(SIPHASH_ALIGNMENT) combined = { - .saddr = *(struct nip_addr *)saddr, - .daddr = *(struct nip_addr *)daddr, - .sport = sport, - .dport = dport, - }; - u32 hash; - - net_secret_init(); - hash = siphash(&combined, offsetofend(typeof(combined), dport), - &net_secret); - return seq_scale(hash); -} -EXPORT_SYMBOL_GPL(secure_tcp_nip_sequence_number); - -/* NIP */ -u64 secure_newip_port_ephemeral(const __be32 *saddr, const __be32 *daddr, - __be16 dport) -{ - const struct { - struct nip_addr saddr; - struct nip_addr daddr; - __be16 dport; - } __aligned(SIPHASH_ALIGNMENT) combined = { - .saddr = *(struct nip_addr *)saddr, - .daddr = *(struct nip_addr *)daddr, - .dport = dport, - }; - net_secret_init(); - return siphash(&combined, offsetofend(typeof(combined), dport), - &net_secret); -} -EXPORT_SYMBOL_GPL(secure_newip_port_ephemeral); -#endif - #if IS_ENABLED(CONFIG_IP_DCCP) u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr, __be16 sport, __be16 dport) diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index 662f190f3901..49fb529a939d 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -23,6 +23,9 @@ #if IS_ENABLED(CONFIG_IPV6) #include #endif +#if IS_ENABLED(CONFIG_NEWIP) +#include +#endif #include #include #include -- Gitee From b0e19b49bab2d4d891f4231f91bebd25e20c2f33 Mon Sep 17 00:00:00 2001 From: yangyanjun Date: Thu, 8 Sep 2022 17:42:17 +0800 Subject: [PATCH 3/3] =?UTF-8?q?newip=E4=BE=B5=E5=85=A5=E5=BC=8F=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E8=AF=84=E5=AE=A1=E9=97=AE=E9=A2=98=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: yangyanjun --- include/net/dst.h | 1 - net/ipv4/inet_connection_sock.c | 24 ------------------------ 2 files changed, 25 deletions(-) diff --git a/include/net/dst.h b/include/net/dst.h index 65b7551dd304..acd15c544cf3 100644 --- a/include/net/dst.h +++ b/include/net/dst.h @@ -35,7 +35,6 @@ struct dst_entry { int (*output)(struct net *net, struct sock *sk, struct sk_buff *skb); unsigned short flags; - #define DST_NOXFRM 0x0002 #define DST_NOPOLICY 0x0004 #define DST_NOCOUNT 0x0008 diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index 3ef461a783c8..f359192a4632 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c @@ -23,33 +23,9 @@ #include #include #if IS_ENABLED(CONFIG_NEWIP) -#include #include #endif -#if IS_ENABLED(CONFIG_NEWIP) -/* only match New IP sock - * match_sk*_wildcard == true: NIP_ADDR_ANY equals to any New IP addresses - * - * match_sk*_wildcard == false: addresses must be exactly the same, i.e. - * NIP_ADDR_ANY only equals to NIP_ADDR_ANY - */ -static bool nip_rcv_saddr_equal(const struct nip_addr *sk1_rcv_saddr, - const struct nip_addr *sk2_rcv_saddr, - bool sk2_isnewip, - bool match_sk1_wildcard, - bool match_sk2_wildcard) -{ - if (!sk2_isnewip) - return false; - if (nip_addr_eq(sk1_rcv_saddr, sk2_rcv_saddr)) - return true; - return (match_sk1_wildcard && - nip_addr_eq(sk1_rcv_saddr, &nip_any_addr)) || - (match_sk2_wildcard && - nip_addr_eq(sk2_rcv_saddr, &nip_any_addr)); -} -#endif #if IS_ENABLED(CONFIG_IPV6) /* match_sk*_wildcard == true: IPV6_ADDR_ANY equals to any IPv6 addresses * if IPv6 only, and any IPv4 addresses -- Gitee