On 10/25/18 12:43 PM, Bjørn Mork wrote:
>
> inet_valid_dump_ifaddr_req() will bail out with an error, but only
> *after* setting fillargs->netnsid:
>
> if (i == IFA_TARGET_NETNSID) {
> struct net *net;
>
> fillargs->netnsid =
From: David Ahern
The intent of ip6_route_check_nh_onlink is to make sure the gateway
given for an onlink route is not actually on a connected route for
a different interface (e.g., 2001:db8:1::/64 is on dev eth1 and then
an onlink route has a via 2001:db8:1::1 dev eth2). If the gateway
lookup
From: David Ahern
When doing a route dump across all address families, do not error out
if the table does not exist. This allows a route dump for AF_UNSPEC
with a table id that may only exist for some of the families.
Do return the table does not exist error if dumping routes for a
specific
From: David Ahern
If an address, route or netconf dump request is sent for AF_UNSPEC, then
rtnl_dump_all is used to do the dump across all address families. If one
of the dumpit functions fails (e.g., invalid attributes in the dump
request) then rtnl_dump_all needs to propagate that error so
From: David Ahern
If tgt_net is set based on IFA_TARGET_NETNSID attribute in the dump
request, make sure all error paths call put_net.
Fixes: 6371a71f3a3b ("net/ipv6: Add support for dumping addresses for a
specific device")
Fixes: ed6eff11790a ("net/ipv6: Update inet6_dump_
From: David Ahern
Li RongQing noted that tgt_net is leaked in ipv4 due to the recent change
to handle address dumps for a specific device. The report also applies to
ipv6 and other error paths. Patches 1 and 2 fix those leaks.
Patch 3 stops route dumps from erroring out when dumping across
From: David Ahern
If tgt_net is set based on IFA_TARGET_NETNSID attribute in the dump
request, make sure all error paths call put_net.
Fixes: 5fcd266a9f64 ("net/ipv4: Add support for dumping addresses for a
specific device")
Fixes: c33078e3dfb1 ("net/ipv4: Update inet_dump_if
From: David Ahern
Marco reported an error with hfsc:
root@Calimero:~# tc qdisc add dev eth0 root handle 1:0 hfsc default 1
Error: Attribute failed policy validation.
Apparently a few implementations pass TCA_OPTIONS as a binary instead
of nested attribute, so drop TCA_OPTIONS from the policy
On 10/24/18 9:02 AM, David Ahern wrote:
> On 10/24/18 3:36 AM, Li RongQing wrote:
>> put net when input a invalid ifindex, otherwise it will be leaked
>>
>> Fixes: 5fcd266a9f64("net/ipv4: Add support for dumping addresses for a
>> specific device")
>>
On 10/24/18 3:36 AM, Li RongQing wrote:
> put net when input a invalid ifindex, otherwise it will be leaked
>
> Fixes: 5fcd266a9f64("net/ipv4: Add support for dumping addresses for a
> specific device")
> Cc: David Ahern
> Signed-off-by: Zhang Yu
> Signed-off-by:
On 10/24/18 7:07 AM, Florian Westphal wrote:
> Marco Berizzi wrote:
>
> [ CC David ]
>
>> root@Calimero:~# tc qdisc add dev eth0 root handle 1:0 hfsc default 1
>> Error: Attribute failed policy validation.
>
> caused by:
> commit 8b4c3cdd9dd8290343ce959a132d3b334062c5b9
> net: sched: Add
On 10/22/18 1:46 AM, Hangbin Liu wrote:
> Currently when we add geneve with "ttl inherit", we only set ttl to 0, which
> is actually use whatever default value instead of inherit the inner protocol's
> ttl value.
>
> To make a difference with ttl inherit and ttl == 0, we add an attribute
>
On 10/18/18 5:51 AM, Leon Romanovsky wrote:
> From: Leon Romanovsky
>
> Enrich rdmatool with an option to rename IB devices,
> the command interface follows Iproute2 convention:
> "rdma dev set [OLD-DEVNAME] name NEW-DEVNAME"
>
> Signed-off-by: Leon Romanovsky
> ---
> rdma/dev.c | 35
On 10/18/18 1:01 AM, Hangbin Liu wrote:
> Currently when we add geneve with "ttl inherit", we only set ttl to 0, which
> is actually use whatever default value instead of inherit the inner protocol's
> ttl value.
>
> To make a difference with ttl inherit and ttl == 0, we add an attribute
>
From: David Ahern
No command, filter, or print function uses the sockaddr_nl arg,
so just drop it.
Signed-off-by: David Ahern
---
bridge/br_common.h | 9 +++--
bridge/fdb.c | 2 +-
bridge/link.c| 3 +--
bridge/mdb.c | 2 +-
bridge/monitor.c | 9
From: David Ahern
iplink_get has 1 caller and the flags arg is 0, so just remove it.
Signed-off-by: David Ahern
---
ip/ip_common.h | 2 +-
ip/ipaddress.c | 2 +-
ip/iplink.c| 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/ip/ip_common.h b/ip/ip_common.h
index
From: David Ahern
If an RTM_GETADDR dump request has ifa_index set in the ifaddrmsg
header, then return only the addresses for that device.
Signed-off-by: David Ahern
---
net/ipv4/devinet.c | 28 +++-
1 file changed, 23 insertions(+), 5 deletions(-)
diff --git a/net
From: David Ahern
ip_idx is always 0 going into in6_dump_addrs; it is passed as a pointer
to save the last good index into cb. Since cb is already argument to
in6_dump_addrs, just save the value there.
Signed-off-by: David Ahern
---
net/ipv6/addrconf.c | 16 ++--
1 file changed, 6
From: David Ahern
Similar to IPv6 move the logic that walks over the ipv4 address list
for a device into a helper.
Signed-off-by: David Ahern
---
net/ipv4/devinet.c | 49 ++---
1 file changed, 34 insertions(+), 15 deletions(-)
diff --git a/net/ipv4
From: David Ahern
If an RTM_GETADDR dump request has ifa_index set in the ifaddrmsg
header, then return only the addresses for that device.
Since inet6_dump_addr is reused for multicast and anycast addresses,
this adds support for device specfic dumps of RTM_GETMULTICAST and
RTM_GETANYCAST
From: David Ahern
Use the recently added kernel side filter infrastructure to add support
for dumping addresses only for a specific device.
Patch 1 creates an IPv4 version similar to IPv6's in6_dump_addrs function.
Patch 2 simplifies in6_dump_addrs by moving index tracking of IP
addresses from
From: David Ahern
The loop wants to skip previously dumped addresses, so loops until
current index >= saved index. If the message fills it wants to save
the index for the next address to dump - ie., the one that did not
fit in the current message.
Currently, it is incrementing the index coun
From: David Ahern
Update Shrijeet's email address for the VRF entry.
Signed-off-by: David Ahern
---
MAINTAINERS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index 7f1399ac028e..144cd0ca41ec 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -15745,7
On 10/18/18 5:41 AM, Phil Sutter wrote:
> With 'name' field defined as array in struct filters, it will always
> contain a value irrespective of whether a name was assigned or not.
>
> Fix this by turning the field into a const char pointer.
>
> Fixes: 8cd644095842a ("devlink: Add support for
On 10/17/18 11:36 PM, David Miller wrote:
> From: Nikolay Aleksandrov
> Date: Wed, 17 Oct 2018 22:34:34 +0300
>
>> If the skb space ends in an unresolved entry while dumping we'll miss
>> some unresolved entries. The reason is due to zeroing the entry counter
>> between dumping resolved and
On 10/16/18 11:43 PM, Song Liu wrote:
> I agree that processing events while recording has significant overhead.
> In this case, perf user space need to know details about the the jited BPF
> program. It is impossible to pass all these details to user space through
> the relatively stable
On 10/15/18 4:33 PM, Song Liu wrote:
> I am working with Alexei on the idea of fetching BPF program information via
> BPF_OBJ_GET_INFO_BY_FD cmd. I added PERF_RECORD_BPF_EVENT
> to perf_event_type, and dumped these events to perf event ring buffer.
>
> I found that perf will not process event
From: David Ahern
Move per-table loops from mr_rtm_dumproute to mr_table_dump and export
mr_table_dump for dumps by specific table id.
Signed-off-by: David Ahern
---
include/linux/mroute_base.h | 6
net/ipv4/ipmr_base.c| 88 -
2 files
From: David Ahern
With dump filtering we need a way to ensure the NLM_F_DUMP_FILTERED
flag is set on a message back to the user if the data returned is
influenced by some input attributes. Normally this can be done as
messages are added to the skb, but if the filter results in no data
being
From: David Ahern
Implement kernel side filtering of routes by egress device index and
protocol. MPLS uses only a single table and route type.
Signed-off-by: David Ahern
---
net/mpls/af_mpls.c | 42 +-
1 file changed, 41 insertions(+), 1 deletion
From: David Ahern
Unlike IPv6, IPv4 does not have routes marked with RTF_PREFIX_RT. If the
flag is set in the dump request, just return.
In the process of this change, move the CLONE check to use the new
filter flags.
Signed-off-by: David Ahern
---
net/ipv4/fib_frontend.c | 8 ++--
1
From: David Ahern
Implement kernel side filtering of routes by egress device index and
table id. If the table id is given in the filter, lookup table and
call mr_table_dump directly for it.
Signed-off-by: David Ahern
---
include/linux/mroute_base.h | 7 ---
net/ipv4/ipmr.c
From: David Ahern
Similar to IPv4, IPv6 fib no longer contains cloned routes. If a user
requests a route dump for only cloned entries, no sense walking the FIB
and returning everything.
Signed-off-by: David Ahern
---
net/ipv6/ip6_fib.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions
From: David Ahern
Update the dump request parsing in MPLS for the non-INET case to
enable kernel side filtering. If INET is disabled the only filters
that make sense for MPLS are protocol and nexthop device.
Signed-off-by: David Ahern
---
net/mpls/af_mpls.c | 33
From: David Ahern
Implement kernel side filtering of routes by table id, egress device
index, protocol, and route type. If the table id is given in the filter,
lookup the table and call fib6_dump_table directly for it.
Move the existing route flags check for prefix only routes to the new
filter
From: David Ahern
Add struct fib_dump_filter for options on limiting which routes are
returned in a dump request. The current list is table id, protocol,
route type, rtm_flags and nexthop device index. struct net is needed
to lookup the net_device from the index.
Declare the filter for each
From: David Ahern
Update parsing of route dump request to enable kernel side filtering.
Allow filtering results by protocol (e.g., which routing daemon installed
the route), route type (e.g., unicast), table id and nexthop device. These
amount to the low hanging fruit, yet a huge improvement
From: David Ahern
Implement kernel side filtering of route dumps by protocol (e.g., which
routing daemon installed the route), route type (e.g., unicast), table
id and nexthop device.
iproute2 has been doing this filtering in userspace for years; pushing
the filters to the kernel side reduces
From: David Ahern
Implement kernel side filtering of routes by table id, egress device index,
protocol and route type. If the table id is given in the filter, lookup the
table and call fib_table_dump directly for it.
Signed-off-by: David Ahern
---
include/net/ip_fib.h| 2 +-
net/ipv4
On 10/12/18 5:42 AM, Nikolay Aleksandrov wrote:
> This patch adds support for the new backup port option that can be set
> on a bridge port. If the port's carrier goes down all of the traffic
> gets redirected to the configured backup port. We add the following new
> arguments:
> $ ip link set dev
On 10/11/18 2:45 PM, Roopa Prabhu wrote:
> From: Roopa Prabhu
>
> Adds new option extern_learn to set NTF_EXT_LEARNED flag
> on neigh entries.
>
> Signed-off-by: Roopa Prabhu
> ---
> ip/ipneigh.c| 7 ++-
> man/man8/ip-neighbour.8 | 9 -
> 2 files changed, 14
From: David Ahern
When a link's carrier goes down it could be a sign of the port changing
networks. If the new network has overlapping addresses with the old one,
then the kernel will continue trying to use neighbor entries established
based on the old network until the entries finally age out
From: David Ahern
Another difference between IPv4 and IPv6 is the generation of RTM_DELROUTE
notifications when a device is taken down (admin down) or deleted. IPv4
does not generate a message for routes evicted by the down or delete;
IPv6 does. A NOS at scale really needs to avoid
On 10/11/18 12:05 PM, Jamal Hadi Salim wrote:
> On 2018-10-11 1:04 p.m., David Ahern wrote:
>
>> You can already filter link dumps by kind. How? By passing in the KIND
>> attribute on a dump request. This type of filtering exists for link
>> dumps, neighbor dumps, fdb du
On 10/11/18 10:46 AM, Jamal Hadi Salim wrote:
> On 2018-10-11 12:16 p.m., David Ahern wrote:
>
> Yes, you can do it with cBPF but some complexity may occur. Example:
> if i was interested to netdevice events of "kind = vxlan &&
> admin flag is down" then that is
On 10/11/18 9:56 AM, Andrew Lunn wrote:
>> @@ -866,10 +866,13 @@ static int inet_dump_fib(struct sk_buff *skb, struct
>> netlink_callback *cb)
>> hlist_for_each_entry_rcu(tb, head, tb_hlist) {
>> if (e < s_e)
>> goto next;
>> +
On 10/11/18 10:07 AM, Jamal Hadi Salim wrote:
> On 2018-10-11 11:46 a.m., Sowmini Varadhan wrote:
>> On (10/11/18 08:26), Stephen Hemminger wrote:
>>> You can do the something like this already with BPF socket filters.
>>> But writing BPF for multi-part messages is hard.
>>
>> Indeed. And I was
On 10/11/18 10:10 AM, Sowmini Varadhan wrote:
> On (10/11/18 09:32), David Ahern wrote:
>>
>> Route dumps are done for the entire FIB for each address family. As we
>> approach internet routing tables (700k+ routes for IPv4, currently
>> around 55k for IPv6) with many VR
On 10/11/18 9:26 AM, Stephen Hemminger wrote:
>>
>
> You can do the something like this already with BPF socket filters.
> But writing BPF for multi-part messages is hard.
>
> Maybe a generic eBPF filter mechanism would be more flexible?
>
That exists today and does not cover what is needed
From: David Ahern
Update the dump request parsing in MPLS for the non-INET case to
enable kernel side filtering. If INET is disabled the other filters
that make sense for MPLS are protocol and nexthop device.
Signed-off-by: David Ahern
---
net/mpls/af_mpls.c | 32
From: David Ahern
Implement kernel side filtering of routes by egress device index and
protocol. MPLS uses only a single table and route type.
Signed-off-by: David Ahern
---
net/mpls/af_mpls.c | 42 +-
1 file changed, 41 insertions(+), 1 deletion
From: David Ahern
Implement kernel side filtering of routes by table id, egress device index,
protocol and route type.
Signed-off-by: David Ahern
---
include/net/ip_fib.h| 2 +-
net/ipv4/fib_frontend.c | 5 -
net/ipv4/fib_trie.c | 37 ++---
3
From: David Ahern
Implement kernel side filtering of routes by table id, egress device
index, protocol, and route type.
Move the existing route flags check for prefix only routes to the new
filter.
Signed-off-by: David Ahern
---
net/ipv6/ip6_fib.c | 9 +
net/ipv6/route.c | 40
From: David Ahern
Add struct fib_dump_filter for options on limiting which routes are
returned in a dump request. The current list is table id, protocol,
route type, rtm_flags and nexthop device index. struct net is needed
to lookup the net_device from the index.
Plumb the new arguments from
From: David Ahern
Update parsing of route dump request to enable kernel side filtering.
Allow filtering results by protocol (e.g., which routing daemon installed
the route), route type (e.g., unicast), table id and nexthop device. These
amount to the low hanging fruit, yet a huge improvement
From: David Ahern
Implement kernel side filtering of routes by egress device index and
table id.
Signed-off-by: David Ahern
---
include/linux/mroute_base.h | 5 +++--
net/ipv4/ipmr.c | 2 +-
net/ipv4/ipmr_base.c| 33 -
net/ipv6/ip6mr.c
From: David Ahern
Similar to IPv4, IPv6 fib no longer contains cloned routes. If a user
requests a route dump for only cloned entries, no sense walking the FIB
and returning everything.
Signed-off-by: David Ahern
---
net/ipv6/ip6_fib.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions
From: David Ahern
Unlike IPv6, IPv4 does not have routes marked with RTF_PREFIX_RT. If the
flag is set in the dump request, just return.
In the process of this change, move the CLONE check to use the new
filter flags.
Signed-off-by: David Ahern
---
net/ipv4/fib_frontend.c | 8 ++--
1
From: David Ahern
Implement kernel side filtering of route dumps by protocol (e.g., which
routing daemon installed the route), route type (e.g., unicast), table
id and nexthop device.
iproute2 has been doing this filtering in userspace for years; pushing
the filters to the kernel side reduces
by: Stefano Brivio
> ---
> v2:
> - s/u32/mtu/ in netdev_notifier_info_ext and call_netdevice_notifiers_
>helper, suggested by David Ahern
> - don't EXPORT_SYMBOL the helper, it's only used in net/core/dev.c
> - fix typo in commit message
> - fix kerneldoc commen
On 10/9/18 3:27 PM, David Ahern wrote:
> From: David Ahern
>
> Another difference between IPv4 and IPv6 is the generation of RTM_DELROUTE
> notifications when a device is taken down (admin down) or deleted. IPv4
> does not generate a message for routes evicted by the down or dele
From: David Ahern
Another difference between IPv4 and IPv6 is the generation of RTM_DELROUTE
notifications when a device is taken down (admin down) or deleted. IPv4
does not generate a message for routes evicted by the down or delete;
IPv6 does. A NOS at scale really needs to avoid
On 10/9/18 2:24 PM, Heiner Kallweit wrote:
> Reordering the struct members to fill the holes could be a little tricky
> and could have side effects because it may make a performance difference
> whether certain members are in one cacheline or not.
> And whether it's worth to spend this effort
From: David Ahern
Without CONFIG_INET enabled compiles fail with:
net/mpls/af_mpls.o: In function `mpls_dump_routes':
af_mpls.c:(.text+0xed0): undefined reference to `ip_valid_fib_dump_req'
The preference is for MPLS to use the same handler as ipv4 and ipv6
to allow consistency when doing
On 10/9/18 10:12 AM, Davide Caratti wrote:
>>> --- a/net/sched/cls_api.c
>>> +++ b/net/sched/cls_api.c
>>> @@ -37,6 +37,11 @@ static LIST_HEAD(tcf_proto_base);
>>> /* Protects list of registered TC modules. It is pure SMP lock. */
>>> static DEFINE_RWLOCK(cls_mod_lock);
>>>
>>> +const struct
[ adding netdev so others know ]
On 10/9/18 3:38 AM, Preethi Ramachandra wrote:
> Hi David,
>
> I tested your fix, Linux is updating PMTU successfully.
ok, I'll send a formal patch
>
> Thanks,
> Preethi
>
> On 10/7/18, 8:59 AM, "David Ahern" wrote:
On 10/8/18 2:17 PM, Heiner Kallweit wrote:
> bool is good as parameter type or function return type, but if used
> for struct members it consumes more memory than needed.
> Changing the bool members of struct net_device to bitfield members
> allows to decrease the memory footprint of this struct.
On 10/9/18 7:10 AM, Davide Caratti wrote:
> Similarly to what has been done in 8b4c3cdd9dd8 ("net: sched: Add policy
> validation for tc attributes"), add validation for TCA_CHAIN and TCA_KIND
> netlink attributes.
>
> tested with:
> # ./tdc.py -c filter
>
> Fixes: 5bc1701881e39 ("net: sched:
From: David Ahern
ipv6_route_table_template is exported but there are no users outside
of route.c. Make it static.
Signed-off-by: David Ahern
---
include/net/ipv6.h | 2 --
net/ipv6/route.c | 2 +-
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/include/net/ipv6.h b/include
From: David Ahern
The NLM_F_DUMP_PROPER_HDR netlink flag was replaced by a setsockopt.
Update the comment in rtnl_stats_dump.
Fixes: 841891ec0c65 ("rtnetlink: Update rtnl_stats_dump for strict data
checking")
Reported-by: Christian Brauner
Signed-off-by: David Ahern
---
net/core/r
From: David Ahern
Move setting of local variable ifm to after the message parsing in
valid_fdb_dump_legacy. Avoid potential future use of unchecked variable.
Fixes: 8dfbda19a21b ("rtnetlink: Move input checking for rtnl_fdb_dump to
helper")
Reported-by: Christian Brauner
Signed-off
nh_lwtstate);
>
Odd that KMEMLEAK is not detecting this. Thanks for the fix.
Reviewed-by: David Ahern
e generation and
> update of PMTU exceptions in IPv4 and IPv6.
>
> Signed-off-by: Sabrina Dubroca
> Signed-off-by: Stefano Brivio
> ---
> tools/testing/selftests/net/pmtu.sh | 207 +++-
> 1 file changed, 203 insertions(+), 4 deletions(-)
>
Thank
gt; ---
> tools/testing/selftests/net/pmtu.sh | 49 +
> 1 file changed, 22 insertions(+), 27 deletions(-)
>
Reviewed-by: David Ahern
> smaller than net.ipv4.route.min_pmtu
>
> Signed-off-by: Sabrina Dubroca
> ---
> tools/testing/selftests/net/pmtu.sh | 2 ++
> 1 file changed, 2 insertions(+)
>
Reviewed-by: David Ahern
On 10/8/18 6:36 AM, Sabrina Dubroca wrote:
> diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> index c7861e4b402c..dc9d2668d9bb 100644
> --- a/include/linux/netdevice.h
> +++ b/include/linux/netdevice.h
> @@ -2458,6 +2458,13 @@ struct netdev_notifier_info {
> struct
On 10/8/18 4:54 AM, Christian Brauner wrote:
> On Sun, Oct 07, 2018 at 08:16:38PM -0700, David Ahern wrote:
>> From: David Ahern
>>
>> Update rtnl_net_dumpid for strict data checking. If the flag is set,
>> the dump request is expected to have an rtgenmsg struct
On 10/8/18 4:17 AM, Christian Brauner wrote:
>> @@ -4696,13 +4697,32 @@ static int rtnl_stats_dump(struct sk_buff *skb,
>> struct netlink_callback *cb)
>>
>> cb->seq = net->dev_base_seq;
>>
>> -if (nlmsg_len(cb->nlh) < sizeof(*ifsm))
>> +if (nlmsg_len(cb->nlh) < sizeof(*ifsm)) {
From: David Ahern
Update rtnl_net_dumpid for strict data checking. If the flag is set,
the dump request is expected to have an rtgenmsg struct as the header
which has the family as the only element. No data may be appended.
Signed-off-by: David Ahern
---
net/core/net_namespace.c | 6 ++
1
From: David Ahern
Add a new socket option, NETLINK_DUMP_STRICT_CHK, that userspace
can use via setsockopt to request strict checking of headers and
attributes on dump requests.
To get dump features such as kernel side filtering based on data in
the header or attributes appended to the dump
From: David Ahern
Update inet6_dump_addr for strict data checking. If the flag is set, the
dump request is expected to have an ifaddrmsg struct as the header
potentially followed by one or more attributes. Any data passed in the
header or as an attribute is taken as a request to influence
From: David Ahern
Update ipmr_rtm_dumplink for strict data checking. If the flag is set,
the dump request is expected to have an ifinfomsg struct as the header.
All elements of the struct are expected to be 0 and no attributes can
be appended.
Signed-off-by: David Ahern
---
net/ipv4/ipmr.c
From: David Ahern
Declare extack in netlink_dump and pass to dump handlers via
netlink_callback. Add any extack message after the dump_done_errno
allowing error messages to be returned. This will be useful when
strict checking is done on dump requests, returning why the dump
fails EINVAL
From: David Ahern
nla_parse is currently lenient on message parsing, allowing type to be 0
or greater than max expected and only logging a message
"netlink: %d bytes leftover after parsing attributes in process `%s'."
if the netlink message has unknown data at the end after par
From: David Ahern
Give a user a reason why EINVAL is returned in nlmsg_parse.
Signed-off-by: David Ahern
Acked-by: Christian Brauner
---
include/net/netlink.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/include/net/netlink.h b/include/net/netlink.h
index
From: David Ahern
Update inet_dump_ifaddr for strict data checking. If the flag is set,
the dump request is expected to have an ifaddrmsg struct as the header
potentially followed by one or more attributes. Any data passed in the
header or as an attribute is taken as a request to influence
From: David Ahern
Update br_mdb_dump for strict data checking. If the flag is set,
the dump request is expected to have a br_port_msg struct as the
header. All elements of the struct are expected to be 0 and no
attributes can be appended.
Signed-off-by: David Ahern
---
net/bridge/br_mdb.c
From: David Ahern
Update neigh_dump_info for strict data checking. If the flag is set,
the dump request is expected to have an ndmsg struct as the header
potentially followed by one or more attributes. Any data passed in the
header or as an attribute is taken as a request to influence the data
From: David Ahern
There are many use cases where a user wants to influence what is
returned in a dump for some rtnetlink command: one is wanting data
for a different namespace than the one the request is received and
another is limiting the amount of data returned in the dump to a
specific set
From: David Ahern
Update inet_netconf_dump_devconf, inet6_netconf_dump_devconf, and
mpls_netconf_dump_devconf for strict data checking. If the flag is set,
the dump request is expected to have an netconfmsg struct as the header.
The struct only has the family member and no attributes can
From: David Ahern
Make sure extack is passed to nlmsg_parse where easy to do so.
Most of these are dump handlers and leveraging the extack in
the netlink_callback.
Signed-off-by: David Ahern
Acked-by: Christian Brauner
---
net/core/devlink.c | 2 +-
net/core/neighbour.c
From: David Ahern
Update rtnl_stats_dump for strict data checking. If the flag is set,
the dump request is expected to have an if_stats_msg struct as the header.
All elements of the struct are expected to be 0 except filter_mask which
must be non-0 (legacy behavior). No attributes are supported
From: David Ahern
Update rtnl_dump_ifinfo for strict data checking. If the flag is set,
the dump request is expected to have an ifinfomsg struct as the header
potentially followed by one or more attributes. Any data passed in the
header or as an attribute is taken as a request to influence
From: David Ahern
Update fib_nl_dumprule for strict data checking. If the flag is set,
the dump request is expected to have fib_rule_hdr struct as the header.
All elements of the struct are expected to be 0 and no attributes can
be appended.
Signed-off-by: David Ahern
---
net/core/fib_rules.c
From: David Ahern
Update neightbl_dump_info for strict data checking. If the flag is set,
the dump request is expected to have an ndtmsg struct as the header.
All elements of the struct are expected to be 0 and no attributes can
be appended.
Signed-off-by: David Ahern
---
net/core/neighbour.c
From: David Ahern
Update rtnl_bridge_getlink for strict data checking. If the flag is set,
the dump request is expected to have an ifinfomsg struct as the header
potentially followed by one or more attributes. Any data passed in the
header or as an attribute is taken as a request to influence
From: David Ahern
Pull the inet6_fill_args arg up to in6_dump_addrs and move netnsid
into it.
Signed-off-by: David Ahern
Acked-by: Christian Brauner
---
net/ipv6/addrconf.c | 57 -
1 file changed, 30 insertions(+), 27 deletions(-)
diff
From: David Ahern
Update inet6_dump_ifinfo for strict data checking. If the flag is
set, the dump request is expected to have an ifinfomsg struct as
the header. All elements of the struct are expected to be 0 and no
attributes can be appended.
Signed-off-by: David Ahern
---
net/ipv6
From: David Ahern
Add helper to check netlink message for route dumps. If the strict flag
is set the dump request is expected to have an rtmsg struct as the header.
All elements of the struct are expected to be 0 with the exception of
rtm_flags (which is used by both ipv4 and ipv6 dumps
From: David Ahern
Update ip6addrlbl_dump for strict data checking. If the flag is set,
the dump request is expected to have an ifaddrlblmsg struct as the
header. All elements of the struct are expected to be 0 and no
attributes can be appended.
Signed-off-by: David Ahern
---
net/ipv6
501 - 600 of 7749 matches
Mail list logo