Re: [PATCH iproute/master 2/3] iptunnel: add support for mpls/ip to sit tunnels

On Wed, Jun 14, 2017 at 11:16:20AM -0600, David Ahern wrote: > On 6/14/17 11:11 AM, Krister Johansen wrote: > > I did try to fix this up as part of bringing this patch up to date, > > since it was one of the concerns that David raised too. I believe the > &g

Re: [PATCH iproute/master 0/3] lost mpls ip tunnel patches

On Wed, Jun 14, 2017 at 10:24:51AM -0700, Stephen Hemminger wrote: > On Fri, 9 Jun 2017 18:31:29 -0700 > Krister Johansen <k...@templeofstupid.com> wrote: > > > Hi Stephen, > > I'm a bit unsure of the decorum in this particular situation. Kernel > > support f

Re: [PATCH iproute/master 2/3] iptunnel: add support for mpls/ip to sit tunnels

On Wed, Jun 14, 2017 at 10:02:11AM -0700, Stephen Hemminger wrote: > On Fri, 9 Jun 2017 18:31:31 -0700 > Krister Johansen <k...@templeofstupid.com> wrote: > > > diff --git a/include/utils.h b/include/utils.h > > index bfbc9e6..60ffde4 100644 > > --- a/include/

[PATCH iproute/master 1/3] iptunnel: document mode parameter for sit tunnels

Original-Author: Simon Horman <simon.hor...@netronome.com> Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- man/man8/ip-link.8.in | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in index 5d73538..3c

[PATCH iproute/master 3/3] iptunnel: add support for mpls/ip to ipip tunnels

Original-Author: Simon Horman <simon.hor...@netronome.com> Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- ip/link_iptnl.c | 21 - man/man8/ip-link.8.in | 5 +++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/ip/link_

[PATCH iproute/master 0/3] lost mpls ip tunnel patches

patch are here: http://marc.info/?l=linux-netdev=146782946216005=2 http://marc.info/?l=linux-netdev=146782941615977=2 http://marc.info/?l=linux-netdev=146782947016007=2 http://marc.info/?l=linux-netdev=146782942915988=2 Thanks, -K Krister Johansen (3): iptunnel: document mode parameter

[PATCH iproute/master 2/3] iptunnel: add support for mpls/ip to sit tunnels

Original-Author: Simon Horman <simon.hor...@netronome.com> Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- include/utils.h | 3 +++ ip/link_iptnl.c | 9 ++--- ip/tunnel.c | 3 +++ man/man8/ip-link.8.in | 9 + 4 files changed, 17 inse

Re: [PATCH net] Fix an intermittent pr_emerg warning about lo becoming free.

On Fri, Jun 09, 2017 at 11:18:44AM -0700, Cong Wang wrote: > On Thu, Jun 8, 2017 at 1:12 PM, Krister Johansen > <k...@templeofstupid.com> wrote: > > The way this works is that if there's still a reference on the dst entry > > at the time we try to free it, it ge

Re: [PATCH v2 net-next] Ipvlan should return an error when an address is already in use.

On Fri, Jun 09, 2017 at 01:15:10PM -0400, David Miller wrote: > From: Krister Johansen <k...@templeofstupid.com> > Date: Fri, 9 Jun 2017 10:13:10 -0700 > > > On Fri, Jun 09, 2017 at 12:26:46PM -0400, David Miller wrote: > >> From: Krister Johansen <k...@templeof

Re: [PATCH v2 net-next] Ipvlan should return an error when an address is already in use.

On Fri, Jun 09, 2017 at 12:26:46PM -0400, David Miller wrote: > From: Krister Johansen <k...@templeofstupid.com> > Date: Thu, 8 Jun 2017 13:12:14 -0700 > > > The ipvlan code already knows how to detect when a duplicate address is > > about to be assigned to

[PATCH net] Fix an intermittent pr_emerg warning about lo becoming free.

d when dst_dev_event() completes. Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- net/core/dst.c | 14 ++ 1 file changed, 14 insertions(+) diff --git a/net/core/dst.c b/net/core/dst.c index 6192f11..13ba4a0 100644 --- a/net/core/dst.c +++ b/net/core/dst.c @@ -469,6 +469,20 @

[PATCH v2 net-next] Ipvlan should return an error when an address is already in use.

. The provisioning software (or operator) can use this to detect situations where an ip address is unexpectedly in use. Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- drivers/net/ipvlan/ipvlan_main.c | 69 include/linux/inetdevice.h

[PATCH v3 net-next] Introduce a sysctl that modifies the value of PROT_SOCK.

. This modification was needed to allow the container manager to disable a namespace's priviliged port restrictions without exposing control of the network namespace to processes in the user namespace. Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- Documentation/networking/ip-sysctl.tx

Re: [PATCH v2 net-next] Introduce a sysctl that modifies the value of PROT_SOCK.

On Thu, Jan 12, 2017 at 09:22:13AM -0500, David Miller wrote: > From: Krister Johansen <k...@templeofstupid.com> > > The use case for this change is to allow containerized processes to bind > > to priviliged ports, but prevent them from ever being allowed to modify > >

Re: [PATCH v2 net-next] Introduce a sysctl that modifies the value of PROT_SOCK.

On Thu, Jan 12, 2017 at 06:39:57AM -0800, Eric Dumazet wrote: > On Wed, 2017-01-11 at 22:52 -0800, Krister Johansen wrote: > > Add net.ipv4.ip_unprotected_port_start, which is a per namespace sysctl > > that denotes the first unprotected inet port in the namespace. To > >

[PATCH v2 net-next] Introduce a sysctl that modifies the value of PROT_SOCK.

was needed to allow the container manager to disable a namespace's priviliged port restrictions without exposing control of the network namespace to processes in the user namespace. Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- include/net/ip.h

Re: [PATCH] Ipvlan should return an error when an address is already in use.

On Tue, Jan 03, 2017 at 02:24:43PM -0500, Aaron Conole wrote: > David Miller writes: > > > From: Aaron Conole > > Date: Tue, 03 Jan 2017 10:50:00 -0500 > > > >>> @@ -489,7 +490,12 @@ static int __inet_insert_ifa(struct in_ifaddr *ifa, > >>> struct

Re: [PATCH] Ipvlan should return an error when an address is already in use.

On Sun, Jan 01, 2017 at 10:26:32PM -0500, David Miller wrote: > From: Krister Johansen <k...@templeofstupid.com> > Date: Fri, 30 Dec 2016 20:10:58 -0800 > > > The ipvlan code already knows how to detect when a duplicate address is > > about to be assigned to

Re: [PATCH] Introduce a sysctl that modifies the value of PROT_SOCK.

On Sat, Dec 31, 2016 at 12:55:05PM -0800, Stephen Hemminger wrote: > On Fri, 30 Dec 2016 20:11:11 -0800 > Krister Johansen <k...@templeofstupid.com> wrote: > > > > > +config LOWPORT_SYSCTL > > + bool "Adjust reserved port range via sysctl&q

[PATCH] Introduce a sysctl that modifies the value of PROT_SOCK.

was needed to allow the container manager to disable a namespace's priviliged port restrictions without exposing control of the network namespace to processes in the user namespace. Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- include/net/ip.h

[PATCH] Ipvlan should return an error when an address is already in use.

is unexpectedly in use. Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- drivers/net/ipvlan/ipvlan_main.c | 12 net/ipv4/devinet.c | 8 +++- net/ipv6/addrconf.c | 23 ++- 3 files changed, 33 insertions(+), 10 deletions(-)

Re: [net-next PATCH 2/3] net/qdisc: IFF_NO_QUEUE drivers should use consistent TX queue len

On Thu, Nov 03, 2016 at 02:56:06PM +0100, Jesper Dangaard Brouer wrote: > The flag IFF_NO_QUEUE marks virtual device drivers that doesn't need a > default qdisc attached, given they will be backed by physical device, > that already have a qdisc attached for pushback. > > It is still supported to

Re: [PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

On Wed, Oct 05, 2016 at 11:01:38AM -0700, Cong Wang wrote: > Does the attached patch make any sense now? Our pernet init doesn't > rely on act_base, so even we have some race, the worst case is after > we initialize the pernet netns for an action but its ops still not > visible, which seems fine

Re: [PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

Hi Cong, Thanks for the follow-up. On Thu, Oct 06, 2016 at 12:01:15PM -0700, Cong Wang wrote: > On Wed, Oct 5, 2016 at 11:11 PM, Krister Johansen > > pernet_operations pointer. The code in register_pernet_subsys() makes > > no attempt to check for duplicates. If we add a pointer

Re: [PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

On Wed, Oct 05, 2016 at 11:01:38AM -0700, Cong Wang wrote: > On Tue, Oct 4, 2016 at 11:52 PM, Krister Johansen > <k...@templeofstupid.com> wrote: > > On Mon, Oct 03, 2016 at 11:22:33AM -0700, Cong Wang wrote: > >> Please try the attached patch. I also convert the rea

Re: [PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

On Mon, Oct 03, 2016 at 11:22:33AM -0700, Cong Wang wrote: > Please try the attached patch. I also convert the read path to RCU > to avoid a possible deadlock. A quick test shows no lockdep splat. I tried this patch, but it doesn't solve the problem. I got a panic on my very first try: SYSTEM

Re: [PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

Hi Cong, Thanks for the feedback. On Mon, Oct 03, 2016 at 11:22:33AM -0700, Cong Wang wrote: > On Sat, Oct 1, 2016 at 8:13 PM, Krister Johansen > <k...@templeofstupid.com> wrote: > > A tc_action_ops structure is visibile as soon as it is placed in the > > act_base list.

Re: [PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

On Sun, Oct 02, 2016 at 09:18:06PM -0400, Jamal Hadi Salim wrote: > On 16-10-01 11:13 PM, Krister Johansen wrote: > >A tc_action_ops structure is visibile as soon as it is placed in the > >act_base list. When tcf_regsiter_action adds an item to this list and > >drops act_m

[PATCH net] Panic when tc_lookup_action_n finds a partially initialized action.

_id needed to fetch the correct pointer was not yet set, because the register_pernet_subsys() call was pending in another thread. Fixes: ddf97ccdd7cb ("net_sched: add network namespace support for tc actions") Signed-off-by: Krister Johansen <k...@templeofstupid.com> --- include