A u64 container identifier has been added to the kernel view of tasks.
This allows container orchestrators to label tasks with a unique
tamperproof identifier that gets inherited by its children to be able to
track the provenance of actions by a container.
Add support to libaudit and auditctl for
On 2018-03-04 10:01, Paul Moore wrote:
> On Sat, Mar 3, 2018 at 4:19 AM, Serge E. Hallyn wrote:
> > On Thu, Mar 01, 2018 at 02:41:04PM -0500, Richard Guy Briggs wrote:
> > ...
> >> +static inline bool audit_containerid_set(struct task_struct *tsk)
> >
> > Hi Richard,
> >
> > the calls to audit_con
Rdma requires ILT Memory to be allocated for it's QPs.
Each ILT entry points to a page used by several Rdma QPs.
To avoid allocating all the memory in advance, the rdma
implementation dynamically allocates memory as more QPs are
added, however it does not dynamically free the memory.
The memory sho
Sun, Mar 04, 2018 at 10:58:34PM CET, alexander.du...@gmail.com wrote:
>On Sun, Mar 4, 2018 at 10:50 AM, Jiri Pirko wrote:
>> Sun, Mar 04, 2018 at 07:24:12PM CET, alexander.du...@gmail.com wrote:
>>>On Sat, Mar 3, 2018 at 11:13 PM, Jiri Pirko wrote:
[...]
>
>>>Currently we only have agreement fr
On Mon, Mar 05, 2018 at 11:04:11AM +0200, Michal Kalderon wrote:
> Rdma requires ILT Memory to be allocated for it's QPs.
> Each ILT entry points to a page used by several Rdma QPs.
> To avoid allocating all the memory in advance, the rdma
> implementation dynamically allocates memory as more QPs a
On Sun, Mar 04, 2018 at 05:29:48PM +0200, Paul Blakey wrote:
> When inserting duplicate objects (those with the same key),
> current rhlist implementation messes up the chain pointers by
> updating the bucket pointer instead of prev next pointer to the
> newly inserted node. This causes missing ele
On Sun, Mar 04, 2018 at 05:29:49PM +0200, Paul Blakey wrote:
> Tries to insert duplicates in the middle of bucket's chain:
> bucket 1: [[val 21 (tid=1)]] -> [[ val 1 (tid=2), val 1 (tid=0) ]]
>
> Reuses tid to distinguish the elements insertion order.
>
> Signed-off-by: Paul Blakey
Acked-by:
Rdma requires ILT Memory to be allocated for it's QPs.
Each ILT entry points to a page used by several Rdma QPs.
To avoid allocating all the memory in advance, the rdma
implementation dynamically allocates memory as more QPs are
added, however it does not dynamically free the memory.
The memory sho
> From: Leon Romanovsky [mailto:l...@kernel.org]
> Sent: Monday, March 05, 2018 11:41 AM
> To: Kalderon, Michal
> Cc: da...@davemloft.net; netdev@vger.kernel.org; dledf...@redhat.com;
> j...@mellanox.com; linux-r...@vger.kernel.org; Elior, Ariel
>
> Subject: Re: [PATCH net] qed: Free RoCE ILT Mem
On 05/03/2018 6:20 AM, Sarah Newman wrote:
Take an additional reference to a page whenever it is placed
into the rx ring and put the page again after running
dma_unmap_page.
When swiotlb is in use, calling dma_unmap_page means that
the original page mapped with dma_map_page must still be valid
Hi Thomas,
On Fri, Mar 02, 2018 at 05:01:59PM +0100, Thomas Petazzoni wrote:
> On Fri, 2 Mar 2018 16:40:40 +0100, Antoine Tenart wrote:
> > +static struct {
> > + int pkt_size;
> > + int buf_num;
> > +} mvpp2_pools[MVPP2_BM_POOLS_NUM];
>
> Any reason for not doing:
>
> } mvpp2_pools[MVPP2_B
Hi,
this series continues to review and to convert pernet_operations
to make them possible to be executed in parallel for several
net namespaces in the same time. The patches touch mostly netfilter,
also there are small number of changes in other places.
Thanks,
Kirill
---
Kirill Tkhai (12):
These pernet_operations call xt_proto_init() and xt_proto_fini(),
which just register and unregister /proc entries.
They are safe to be marked as async.
Signed-off-by: Kirill Tkhai
---
net/ipv4/netfilter/arp_tables.c |1 +
net/ipv6/netfilter/ip6_tables.c |1 +
2 files changed, 2 insertio
These pernet_operations use ebt_register_table() and
ebt_unregister_table() to act on the tables, which
are used as argument in ebt_do_table(), called from
ebtables hooks.
Since there are no net-related bridge packets in-flight,
when the init and exit methods are called, these
pernet_operations ar
Init method just allocates memory for new cfg, and
assigns net_generic(net, caif_net_id). Despite there is
synchronize_rcu() on error path in cfcnfg_create(),
in real this function does not use global lists,
so it looks like this synchronize_rcu() is some legacy
inheritance. Exit method removes cai
These pernet_operations have a deal with cgw_list,
and the rest of accesses are made under rtnl_lock().
The only exception is cgw_dump_jobs(), which is
accessed under rcu_read_lock(). cgw_dump_jobs() is
called on netlink request, and it does not seem,
foreign pernet_operations want to send a net su
These pernet_operations use nf_log_set() and nf_log_unset()
in their methods:
nf_log_bridge_net_ops
nf_log_arp_net_ops
nf_log_ipv4_net_ops
nf_log_ipv6_net_ops
nf_log_netdev_net_ops
Nobody can send such a packet to a net before it's became
registered, nobody
These pernet_operations create and destroy net::dccp::v4_ctl_sk.
It looks like another pernet_operations don't want to send
dccp packets to dying or creating net. Batch method similar
to ipv4/ipv6 sockets and it has to be safe to be executed
in parallel with anything else. So, we mark them as async
These pernet_operations register and unregister sysctl and /proc
entries. Exit batch method also waits till all per-net conntracks
are dead. Thus, they are safe to be marked as async.
Signed-off-by: Kirill Tkhai
---
net/netfilter/nf_conntrack_standalone.c |1 +
1 file changed, 1 insertion(+)
These pernet_operations register and unregister sysctl.
nf_conntrack_l4proto_gre4->init_net is simple memory
initializer. Also, exit method removes gre keymap_list,
which is per-net. This looks safe to be executed
in parallel with other pernet_operations.
Signed-off-by: Kirill Tkhai
---
net/netf
These pernet_operations register and unregister
two conntrack notifiers, and they seem to be safe
to be executed in parallel.
General/not related to async pernet_operations JFI:
ctnetlink_net_exit_batch() actions are grouped in batch,
and this could look like there is synchronize_rcu()
is forgotte
These pernet_operations initialize and destroy
net_generic(net, ip_set_net_id)-related data.
Since ip_set is under CONFIG_IP_SET, it's easy
to watch drivers, which depend on this config.
All of them are in net/netfilter/ipset directory,
except of net/netfilter/xt_set.c. There are no
more drivers, w
These pernet_operations looks similar to dccp_v4_ops,
and they are also safe to be marked as async.
Signed-off-by: Kirill Tkhai
---
net/dccp/ipv6.c |1 +
1 file changed, 1 insertion(+)
diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c
index 5df7857fc0f3..2f48c020f8c3 100644
--- a/net/dccp/ipv6
These pernet_operations initialize and destroy
pernet net_generic(net, fou_net_id) list.
The rest of net_generic(net, fou_net_id) accesses
may happen after netlink message, and in-tree
pernet_operations do not send FOU_GENL_NAME messages.
So, these pernet_operations are safe to be marked
as async.
On Mon, 2018-03-05 at 08:45 +0100, Marek Szyprowski wrote:
> Hi Oliver,
>
> On 2018-02-27 17:07, Oliver Neukum wrote:
> > Am Dienstag, den 27.02.2018, 07:13 -0800 schrieb Eric Dumazet:
> >> On Tue, 2018-02-27 at 07:09 -0800, Eric Dumazet wrote:
> >>>
> >>> Note that for this one, it seems we also
Hi Dave,
Here are a few more Bluetooth fixes for the 4.16 kernel:
- btusb: reset/resume fixes for Yoga 920 and Dell OptiPlex 3060
- Fix for missing encryption refresh with the Security Manager protocol
Please let me know if there are any issues pulling. Thanks.
Johan
---
The following change
On Sun, 4 Mar 2018 18:11:41 -0700
David Ahern wrote:
> On 3/4/18 4:12 PM, Stefano Brivio wrote:
> > On Sat, 3 Mar 2018 12:22:36 +0100
> > Stefano Brivio wrote:
> >
> >>> And please codify the above expectation as a test under
> >>> tools/testing/selftests/net
> >>
> >> And this, along wit
Hello,
On Mon, 5 Mar 2018 11:48:13 +0100, Antoine Tenart wrote:
> > > +static void mvpp2_setup_bm_pool(void)
> > > +{
> > > + /* Short pool */
> > > + mvpp2_pools[MVPP2_BM_SHORT].buf_num = MVPP2_BM_SHORT_BUF_NUM;
> > > + mvpp2_pools[MVPP2_BM_SHORT].pkt_size = MVPP2_BM_SHORT_PKT_SIZE;
> > > +
> >
This patchset is to add support for 3 msg_control options described
in RFC6458:
5.3.7. SCTP PR-SCTP Information Structure (SCTP_PRINFO)
5.3.9. SCTP Destination IPv4 Address Structure (SCTP_DSTADDRV4)
5.3.10. SCTP Destination IPv6 Address Structure (SCTP_DSTADDRV6)
one send flag desc
This patch is to add support for Destination IPv4/6 Address options
for sendmsg, as described in section 5.3.9/10 of RFC6458.
With this option, you can provide more than one destination addrs
to sendmsg when creating asoc, like sctp_connectx.
It's also a necessary send info for sctp_sendv.
Signe
This patch is to add support for PR-SCTP Information for sendmsg,
as described in section 5.3.7 of RFC6458.
With this option, you can specify pr_policy and pr_value for user
data in sendmsg.
It's also a necessary send info for sctp_sendv.
Signed-off-by: Xin Long
---
include/net/sctp/structs.h
This patch is to add support for snd flag SCTP_SENDALL process
in sendmsg, as described in section 5.3.4 of RFC6458.
With this flag, you can send the same data to all the asocs of
this sk once.
Signed-off-by: Xin Long
---
include/uapi/linux/sctp.h | 2 ++
net/sctp/socket.c | 35 +++
On 03/03/2018 03:20 PM, Neil Horman wrote:
> On Fri, Mar 02, 2018 at 09:16:48PM +0300, Alexey Kodanev wrote:
>> When we exceed current packets limit and have more than one
>> segment in the list returned by skb_gso_segment(), netem drops
>> only the first one, skipping the rest, hence kmemleak repo
Hi Thomas,
On Mon, Mar 05, 2018 at 01:41:48PM +0100, Thomas Petazzoni wrote:
> On Mon, 5 Mar 2018 11:48:13 +0100, Antoine Tenart wrote:
>
> > > > +static void mvpp2_setup_bm_pool(void)
> > > > +{
> > > > + /* Short pool */
> > > > + mvpp2_pools[MVPP2_BM_SHORT].buf_num = MVPP2_BM_SHOR
Hello Andrew,
I've noticed that my device model is mv88e6390x and not mv88e6352 as I wrote
before.
What is the compatibility value for it?
Regards,
Michael
-Original Message-
From: Andrew Lunn [mailto:and...@lunn.ch]
Sent: Sunday, March 04, 2018 5:31 PM
To: Alayev Michael
Cc: 'netdev@v
On Sun, 2018-03-04 at 22:31 -0500, Richard Guy Briggs wrote:
> On 2018-03-04 16:55, Mimi Zohar wrote:
> > On Thu, 2018-03-01 at 14:41 -0500, Richard Guy Briggs wrote:
> > > Implement audit kernel container ID.
> > >
> > > This patchset is a preliminary RFC based on the proposal document (V3)
> > >
When a bond has tc rules offloaded to its slaves, prevent new slaves being
added. To remove a slave from a bond, the offloaded rules must first be
deleted. For the case where a slave port on a bond is unregistered from
the kernel, flush all offloaded rules and destroy the bond.
Signed-off-by: John
If ports are bonded, the same rule with the same cookie may be offloaded
to multiple ports. Modify the rule lookup function to optionally include
an ingress netdev and a host context along with the cookie value when
searching for a rule. When a new rule is passed to the driver, the netdev
the rule
A representor hardware address does not have any meaning outside of the
kernel netdev/networking stack. Thus there is no need for any app specific
code for setting a representors hardware address, the default eth_mac_addr
is sufficient.
Signed-off-by: John Hurley
---
drivers/net/ethernet/netrono
Allow drivers to register netdev callbacks for tc offload in linux bonds.
If a netdev has registered and is a slave of a given bond, then any tc
rules offloaded to the bond will be relayed to it if both the bond and the
slave permit hw offload.
Because the bond itself is not offloaded, just the ru
Register an ndo and callback for linux bonds to offload TC block ingress
rules. Enable tc-hw-offload to be set by the user (defaults to off). When
on, the flag cannot be turned off if rules are offloaded.
Signed-off-by: John Hurley
---
drivers/net/bonding/bond_main.c | 64 +++
Hi,
This RFC patchset adds support for offloading tc ingress rules applied to
linux bonds. The premise of these patches is that if a rule is applied to
a bond port then the rule should be applied to each slave of the bond.
The linux bond itself registers a cb for offloading tc rules. Potential
sl
On initialisation, register nfp repr ports to receive callbacks when tc
rules are offloaded to any bond they may be attached to. Callback
function is the same that is used for non bonded port rule offload.
Signed-off-by: John Hurley
---
drivers/net/ethernet/netronome/nfp/flower/main.c | 24 +++
On 03/01/2018 05:19 AM, Alexei Starovoitov wrote:
> This patch set is a different way to address the pressing need to access
> task_struct pointers in sched tracepoints from bpf programs.
>
> The first approach simply added these pointers to sched tracepoints:
> https://lkml.org/lkml/2017/12/14/75
Hi Kirill,
On 03/01/2018 04:53 PM, Kirill Tkhai wrote:
> I'm converting/reviewing pernet_operations either they allow several net
> namespaces
> to be created/destroyed in parallel or not. Please, see the details in my
> recent
> patches in net-next.git, if your are interested.
Thanks for your
Currently, when coping ebt compat entries, no checks are in place
for the offsets provided by user space, so that syzbot was able to
trigger the following splat:
BUG: unable to handle kernel paging request at c90001819e4f
IP: ebt_size_mwt net/bridge/netfilter/ebtables.c:2037 [inline]
IP: size_
From: Stefano Brivio
Date: Mon, 5 Mar 2018 13:29:56 +0100
> And about corner cases, from Documentation/dev-tools/kselftest.rst:
>
> These are intended to be small tests to exercise individual code
> paths in the kernel. Tests are intended to be run after building,
> installing
>
On Mon, Mar 05, 2018 at 01:12:43PM +, Alayev Michael wrote:
> Hello Andrew,
>
> I've noticed that my device model is mv88e6390x and not mv88e6352 as I wrote
> before.
> What is the compatibility value for it?
Hi Michael
Documentation/devicetree/binding/net/dsa/marvell.txt says:
Required pr
> -Original Message-
> From: Denis Kirjanov [mailto:k...@linux-powerpc.org]
> Sent: Sunday, March 4, 2018 8:48 PM
> To: Madalin-cristian Bucur
> Cc: netdev@vger.kernel.org; Denis Kirjanov
> Subject: [PATCH] fsl/fman: avoid sleeping in atomic context while adding an
> address
>
> __dev_mc
This patch adds the NETIF_F_IPV6_CSUM to the driver's features to enable
UDP/TCP checksum over IPv6. No extra configuration of the engine is
needed on top of the IPv4 counterpart, which already is in the features
list (NETIF_F_IP_CSUM).
Signed-off-by: Antoine Tenart
---
drivers/net/ethernet/marv
Hi all,
This series enable jumbo frames support in the Marvell PPv2 driver. The
first 2 patches rework the buffer management, then two patches prepare for
the final patch which adds the jumbo frames support into the driver.
This is based on top of net-next, and was tested on a mcbin.
Thanks!
Ant
From: Stefan Chulski
This patch configures the buffer manager long pool for all ports part of
the same CP. Long pool separation between ports is redundant since there
are no performance improvement when different pools are used.
Signed-off-by: Stefan Chulski
[Antoine: cosmetic cleanup, commit m
From: Yan Markman
This patch sets the Tx FIFO data size on port 0 to 10kB. This prepares
the PPv2 driver for the Jumbo frame support addition as the hardware
will need big enough Tx FIFO buffers when dealing with frames going
through an interface with an MTU of 9000.
Signed-off-by: Yan Markman
From: Stefan Chulski
This patch adds the support for jumbo frames in the Marvell PPv2 driver.
A third buffer pool is added with 10KB buffers, which is used if the MTU
is higher than 1518B for packets larger than 1518B. Please note only the
port 0 supports hardware checksum offload due to the Tx F
From: Stefan Chulski
The buffer free routine is updated to release only given a number of
buffers, and the destroy routine now checks the actual number of buffers
in the (BPPI and BPPE) HW counters before draining the pools. This
change helps getting jumbo frames support.
Signed-off-by: Stefan C
Paolo Abeni wrote:
> Currently, when coping ebt compat entries, no checks are in place
> for the offsets provided by user space, so that syzbot was able to
> trigger the following splat:
> ---
> net/bridge/netfilter/ebtables.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --gi
When we exceed current packets limit and we have more than one
segment in the list returned by skb_gso_segment(), netem drops
only the first one, skipping the rest, hence kmemleak reports:
unreferenced object 0x880b5d23b600 (size 1024):
comm "softirq", pid 0, jiffies 4384527763 (age 2770.629
From: Roman Mashak
Date: Fri, 2 Mar 2018 17:01:39 -0500
> Introduce routine to calculate size of the common tc netlink attributes,
> and another helper routine to get the full message size including netlink
> header and service header.
>
> Signed-off-by: Roman Mashak
Adding the helpers as sta
From: Roman Mashak
Date: Fri, 2 Mar 2018 17:01:40 -0500
> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
> index acac92a..6f3307f 100644
> --- a/net/sched/act_api.c
> +++ b/net/sched/act_api.c
> @@ -136,6 +136,14 @@ static size_t tcf_action_full_attrs_size(size_t sz)
> + sz
On Mon, 2018-03-05 at 15:57 +0300, Alexey Kodanev wrote:
>
> +static inline void __qdisc_drop_all(struct sk_buff *skb,
> + struct sk_buff **to_free)
> +{
> + struct sk_buff *first = skb;
> +
> + while (skb->next)
> + skb = skb->next;
> +
On Mon, 2018-03-05 at 15:32 +0100, Florian Westphal wrote:
> Paolo Abeni wrote:
> > Currently, when coping ebt compat entries, no checks are in place
> > for the offsets provided by user space, so that syzbot was able to
> > trigger the following splat:
> > ---
> > net/bridge/netfilter/ebtables.c
On Mon, 2018-03-05 at 00:21 -0800, syzbot wrote:
> Hello,
>
> syzbot hit the following crash on upstream commit
> 5fbdefcf685defd8bc5a8f37b17538d25c58d77a (Fri Mar 2 21:05:20 2018 +)
> Merge branch 'parisc-4.16-1' of
> git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux
>
> So
From: Roman Mashak
Date: Fri, 2 Mar 2018 20:52:01 -0500
> Signed-off-by: Roman Mashak
Applied.
Hi, Oliver,
thanks for your reply.
On 05.03.2018 16:59, Oliver Hartkopp wrote:
> Hi Kirill,
>
> On 03/01/2018 04:53 PM, Kirill Tkhai wrote:
>
>> I'm converting/reviewing pernet_operations either they allow several net
>> namespaces
>> to be created/destroyed in parallel or not. Please, see the
From: Felix Manlunas
Date: Fri, 2 Mar 2018 18:29:04 -0800
> From: Intiyaz Basha
>
> Corrected stats mismatch between Host Tx and its peer Rx stats
>
> Signed-off-by: Intiyaz Basha
> Acked-by: Derek Chickles
> Signed-off-by: Felix Manlunas
Applied.
From: Felix Manlunas
Date: Fri, 2 Mar 2018 18:59:10 -0800
> Added support to the ndo_get_phys_port_id() callback to provide
> port specific unique id to the netdev layer.
>
> Port id needs to be unique across different liquidio devices in the system.
> So used MAC address for port_id.
This does
From: Gal Pressman
Date: Sun, 4 Mar 2018 14:12:04 +0200
> LRO and RX-FCS offloads cannot be enabled at the same time since it is
> not clear what should happen to the FCS of each coalesced packet.
> The FCS is not really part of the TCP payload, hence cannot be merged
> into one big packet. On t
On 3/5/18 5:29 AM, Stefano Brivio wrote:
> On Sun, 4 Mar 2018 18:11:41 -0700
> David Ahern wrote:
>
>> On 3/4/18 4:12 PM, Stefano Brivio wrote:
>>> On Sat, 3 Mar 2018 12:22:36 +0100
>>> Stefano Brivio wrote:
>>>
> And please codify the above expectation as a test under
> tools/testing
From: Arkadi Sharshevsky
Date: Sun, 4 Mar 2018 16:35:26 +0200
> Currently the tc action test is used only to test mirred redirect
> action. This patch extends it for mirred mirror.
>
> Signed-off-by: Jiri Pirko
> Reviewed-by: Ido Schimmel
> Signed-off-by: Arkadi Sharshevsky
Applied, thank y
On 03/05/2018 06:13 PM, Eric Dumazet wrote:
> On Mon, 2018-03-05 at 15:57 +0300, Alexey Kodanev wrote:
>>
>> +static inline void __qdisc_drop_all(struct sk_buff *skb,
>> + struct sk_buff **to_free)
>> +{
>> + struct sk_buff *first = skb;
>> +
>> + while
From: Priyaranjan Jha
Date: Sun, 4 Mar 2018 10:38:35 -0800
> This patch adds TCP_NLA_SENDQ_SIZE stat into SCM_TIMESTAMPING_OPT_STATS.
> It reports no. of bytes present in send queue, when timestamp is
> generated.
>
> Signed-off-by: Priyaranjan Jha
> Signed-off-by: Neal Cardwell
> Signed-off-
From: Priyaranjan Jha
Date: Sun, 4 Mar 2018 10:38:36 -0800
> This patch adds TCP_NLA_CA_STATE stat into SCM_TIMESTAMPING_OPT_STATS.
> It reports ca_state of socket, when timestamp is generated.
>
> Signed-off-by: Priyaranjan Jha
> Signed-off-by: Neal Cardwell
> Signed-off-by: Yuchung Cheng
>
From: David Ahern
Date: Sun, 4 Mar 2018 17:37:47 -0800
> For tests using veth interfaces, the test infrastructure can create
> the netdevs if they do not exist. Arguably this is a preferred approach
> since the tests require p$N and p$(N+1) to be pairs.
>
> Signed-off-by: David Ahern
> ---
> v
From: Samuel Mendoza-Jonas
Date: Mon, 5 Mar 2018 11:39:05 +1100
> Add a generic netlink family for NCSI. This supports three commands;
> NCSI_CMD_PKG_INFO which returns information on packages and their
> associated channels, NCSI_CMD_SET_INTERFACE which allows a specific
> package or package/ch
David Miller writes:
> From: Roman Mashak
> Date: Fri, 2 Mar 2018 17:01:39 -0500
>
>> Introduce routine to calculate size of the common tc netlink attributes,
>> and another helper routine to get the full message size including netlink
>> header and service header.
>>
>> Signed-off-by: Roman M
David Miller writes:
> From: Roman Mashak
> Date: Fri, 2 Mar 2018 17:01:40 -0500
>
>> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
>> index acac92a..6f3307f 100644
>> --- a/net/sched/act_api.c
>> +++ b/net/sched/act_api.c
>> @@ -136,6 +136,14 @@ static size_t tcf_action_full_attrs_siz
On 05-Mar-18 17:27, David Miller wrote:
> From: Gal Pressman
> Date: Sun, 4 Mar 2018 14:12:04 +0200
>
>> LRO and RX-FCS offloads cannot be enabled at the same time since it is
>> not clear what should happen to the FCS of each coalesced packet.
>> The FCS is not really part of the TCP payload, h
From: Kirill Tkhai
Date: Mon, 05 Mar 2018 14:30:31 +0300
> this series continues to review and to convert pernet_operations
> to make them possible to be executed in parallel for several
> net namespaces in the same time. The patches touch mostly netfilter,
> also there are small number of change
> From: Lorenzo Bianconi
> Date: Fri, 2 Mar 2018 11:53:06 +0100
>
>> Fix the following slab-out-of-bounds kasan report in
>> ndisc_fill_redirect_hdr_option when the incoming ipv6 packet is not
>> linear and the accessed data are not in the linear data region of orig_skb
> ...
>> Reported-by: Jia
Hi Andy,
On Thu, Mar 01, 2018 at 10:05:47PM +, Andy Lutomirski wrote:
> But Tycho: would hooking user notifiers in right here work for you?
> As I see it, this would be the best justification for seccomp eBPF.
Sorry for the delay; Sargun had declared on irc that he was going to
implement it,
On Mon, 5 Mar 2018 10:21:18 +0100
Jiri Pirko wrote:
> Sun, Mar 04, 2018 at 10:58:34PM CET, alexander.du...@gmail.com wrote:
> >On Sun, Mar 4, 2018 at 10:50 AM, Jiri Pirko wrote:
> >> Sun, Mar 04, 2018 at 07:24:12PM CET, alexander.du...@gmail.com wrote:
> >>>On Sat, Mar 3, 2018 at 11:13 PM, J
On Mon, Feb 26, 2018 at 09:49:22AM -0800, Song Liu wrote:
> +/* Parse build ID of ELF file mapped to vma */
> +static int stack_map_get_build_id(struct vm_area_struct *vma,
> + unsigned char *build_id)
> +{
> + Elf32_Ehdr *ehdr = (Elf32_Ehdr *)vma->vm_start;
How
Signed-off-by: Roman Mashak
---
man/man8/tc.8 | 31 ++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/man/man8/tc.8 b/man/man8/tc.8
index 5ffea37..cc94faa 100644
--- a/man/man8/tc.8
+++ b/man/man8/tc.8
@@ -82,12 +82,20 @@ tc \- show / manipulate traffic
From: Roopa Prabhu
add support to match on ip_proto, sport and dport ranges.
For ip_proto, this patch currently enumerates tcp, udp and sctp.
This list can be extended in the future.
example:
$ip rule add sport 666-777 dport 999 ip_proto tcp table 100
$ip rule show
0: from all lookup local
From: Eric Dumazet
A tun device type can trivially be set to arbitrary value using
TUNSETLINK ioctl().
Therefore, lowpan_device_event() must really check that ieee802154_ptr
is not NULL.
Fixes: 2c88b5283f60d ("ieee802154: 6lowpan: remove check on null")
Signed-off-by: Eric Dumazet
Cc: Alexande
From: Eric Dumazet
Date: Mon, 05 Mar 2018 08:51:03 -0800
> From: Eric Dumazet
>
> A tun device type can trivially be set to arbitrary value using
> TUNSETLINK ioctl().
>
> Therefore, lowpan_device_event() must really check that ieee802154_ptr
> is not NULL.
>
> Fixes: 2c88b5283f60d ("ieee8021
On 3/1/18 12:51 AM, Naveen N. Rao wrote:
Daniel Borkmann wrote:
On 02/27/2018 01:13 PM, Sandipan Das wrote:
With this patch, it will look like this:
0: (85) call pc+2#bpf_prog_8f85936f29a7790a+3
(Note the +2 is the insn->off already.)
1: (b7) r0 = 1
2: (95) exit
3: (b7) r0 = 2
On Sat, Mar 03, 2018 at 11:33:53AM +0200, Denys Fedoryshchenko wrote:
> On 2018-03-02 19:43, Guillaume Nault wrote:
> > Out of curiosity, did unit-cache really bring performance improvements
> > on your workload?
> On old kernels it definitely did, due local specifics (electricity outages)
> i migh
On 3/5/18 9:36 AM, Roopa Prabhu wrote:
> diff --git a/ip/iprule.c b/ip/iprule.c
> index 6fdc9b5..973f8cb 100644
> --- a/ip/iprule.c
> +++ b/ip/iprule.c
> @@ -45,7 +45,10 @@ static void usage(void)
> " ip rule [ list [ SELECTOR ]]\n"
> "SELECTOR := [ not ] [ from PR
On 3/3/2018 1:12 PM, Guenter Roeck wrote:
> On 03/03/2018 12:48 PM, Guenter Roeck wrote:
>> On 03/03/2018 11:07 AM, Troy Kisky wrote:
>>> On 3/3/2018 8:32 AM, Guenter Roeck wrote:
Hi,
since v4.15, I get the following runtime warning when running sabrelite
images
in qemu.
>
When we exceed current packets limit and we have more than one
segment in the list returned by skb_gso_segment(), netem drops
only the first one, skipping the rest, hence kmemleak reports:
unreferenced object 0x880b5d23b600 (size 1024):
comm "softirq", pid 0, jiffies 4384527763 (age 2770.629
From: Jonathan Neuschäfer
Date: Sun, 4 Mar 2018 03:29:53 +0100
> This fixes the following kernel-doc warning:
>
> ./include/net/dst.h:366: warning: Function parameter or member 'net' not
> described in 'skb_tunnel_rx'
>
> Fixes: ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path
From: Jonathan Neuschäfer
Date: Sun, 4 Mar 2018 03:29:51 +0100
> Signed-off-by: Jonathan Neuschäfer
Applied to net-next.
From: Jonathan Neuschäfer
Date: Sun, 4 Mar 2018 03:29:52 +0100
> The other dst_cache_{get,set}_ip{4,6} functions, and the doc comment for
> dst_cache_set_ip6 use 'saddr' for their source address parameter. Rename
> the parameter to increase consistency.
>
> This fixes the following kernel-doc w
From: Corinna Vinschen
* Add a per-VF value to know if a VF is trusted, by default don't
trust VFs.
* Implement netdev op to trust VFs (igb_ndo_set_vf_trust) and add
trust status to ndo_get_vf_config output.
* Allow a trusted VF to change MAC and MAC filters even if MAC
has been administr
From: Christophe JAILLET
'HWTSTAMP_TX_ON' should be handled as a value, not as a bit mask.
The modified code should behave the same, because HWTSTAMP_TX_ON is 1
and no other possible values of 'tx_type' would match the test.
However, this is more future-proof, should other values be allowed one d
From: Pierre-Yves Kerbrat
Descriptor rings were not initialized at zero when allocated
When area contained garbage data, it caused skb_over_panic in
e1000_clean_rx_irq (if data had E1000_RXD_STAT_DD bit set)
This patch makes use of dma_zalloc_coherent to make sure the
ring is memset at 0 to prev
This series contains updates to igb and e1000e.
Corinna Vinschen adds the support for trusted VFs into the igb driver.
Mika fixes an issue where PCIe device is physically unplugged can cause
a kernel crash. This issue is that netif_device_detach() is called in
these cases, which prevents netif_u
From: Mika Westerberg
When the driver notices that PCIe link is gone by reading 0x
from a register it clears hw->hw_addr and then calls netif_device_detach().
This happens when the PCIe device is physically unplugged for example
the user disconnected the Thunderbolt cable.
However, netif
On Mon, 2018-03-05 at 09:59 -0800, syzbot wrote:
> Hello,
>
> syzbot hit the following crash on upstream commit
> 661e50bc853209e41a5c14a290ca4decc43cbfd1 (Sun Mar 4 22:54:11 2018
> +)
> Linux 4.16-rc4
>
> So far this crash happened 2 times on upstream.
> C reproducer is attached.
> syzkaller
1 - 100 of 300 matches
Mail list logo