On Wed, Jun 14, 2017 at 11:16:20AM -0600, David Ahern wrote:
> On 6/14/17 11:11 AM, Krister Johansen wrote:
> > I did try to fix this up as part of bringing this patch up to date,
> > since it was one of the concerns that David raised too. I believe the
> > problem tha
On Wed, Jun 14, 2017 at 10:24:51AM -0700, Stephen Hemminger wrote:
> On Fri, 9 Jun 2017 18:31:29 -0700
> Krister Johansen wrote:
>
> > Hi Stephen,
> > I'm a bit unsure of the decorum in this particular situation. Kernel
> > support for mpls/ip tunnels was inte
On Wed, Jun 14, 2017 at 10:02:11AM -0700, Stephen Hemminger wrote:
> On Fri, 9 Jun 2017 18:31:31 -0700
> Krister Johansen wrote:
>
> > diff --git a/include/utils.h b/include/utils.h
> > index bfbc9e6..60ffde4 100644
> > --- a/include/utils.h
> > +++ b/i
Original-Author: Simon Horman
Signed-off-by: Krister Johansen
---
man/man8/ip-link.8.in | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/man/man8/ip-link.8.in b/man/man8/ip-link.8.in
index 5d73538..3cc2f5d 100644
--- a/man/man8/ip-link.8.in
+++ b/man/man8/ip-link.8
Original-Author: Simon Horman
Signed-off-by: Krister Johansen
---
ip/link_iptnl.c | 21 -
man/man8/ip-link.8.in | 5 +++--
2 files changed, 23 insertions(+), 3 deletions(-)
diff --git a/ip/link_iptnl.c b/ip/link_iptnl.c
index cf3a9ef..d24e737 100644
--- a/ip
The original threads for the 2016 patch are here:
http://marc.info/?l=linux-netdev&m=146782946216005&w=2
http://marc.info/?l=linux-netdev&m=146782941615977&w=2
http://marc.info/?l=linux-netdev&m=146782947016007&w=2
http://marc.info/?l=linux-netdev&m=146782942915988&am
Original-Author: Simon Horman
Signed-off-by: Krister Johansen
---
include/utils.h | 3 +++
ip/link_iptnl.c | 9 ++---
ip/tunnel.c | 3 +++
man/man8/ip-link.8.in | 9 +
4 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/include/utils.h b/include
On Fri, Jun 09, 2017 at 11:18:44AM -0700, Cong Wang wrote:
> On Thu, Jun 8, 2017 at 1:12 PM, Krister Johansen
> wrote:
> > The way this works is that if there's still a reference on the dst entry
> > at the time we try to free it, it gets placed in the gc list by
On Fri, Jun 09, 2017 at 01:15:10PM -0400, David Miller wrote:
> From: Krister Johansen
> Date: Fri, 9 Jun 2017 10:13:10 -0700
>
> > On Fri, Jun 09, 2017 at 12:26:46PM -0400, David Miller wrote:
> >> From: Krister Johansen
> >> Date: Thu, 8 Jun 2017 13:12:14 -
On Fri, Jun 09, 2017 at 12:26:46PM -0400, David Miller wrote:
> From: Krister Johansen
> Date: Thu, 8 Jun 2017 13:12:14 -0700
>
> > The ipvlan code already knows how to detect when a duplicate address is
> > about to be assigned to an ipvlan device. However, that failure
er the
gc_mutex is relased when dst_dev_event() completes.
Signed-off-by: Krister Johansen
---
net/core/dst.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/net/core/dst.c b/net/core/dst.c
index 6192f11..13ba4a0 100644
--- a/net/core/dst.c
+++ b/net/core/dst.c
@@ -469,6 +469,20 @@
provisioning software (or operator) can use
this to detect situations where an ip address is unexpectedly in use.
Signed-off-by: Krister Johansen
---
drivers/net/ipvlan/ipvlan_main.c | 69
include/linux/inetdevice.h | 7
include/net/addrconf.h
This modification was needed to allow the container manager
to disable a namespace's priviliged port restrictions without exposing
control of the network namespace to processes in the user namespace.
Signed-off-by: Krister Johansen
---
Documentation/networking/ip-sysctl.txt | 9 ++
includ
On Thu, Jan 12, 2017 at 09:22:13AM -0500, David Miller wrote:
> From: Krister Johansen
> > The use case for this change is to allow containerized processes to bind
> > to priviliged ports, but prevent them from ever being allowed to modify
> > their container's network
On Thu, Jan 12, 2017 at 06:39:57AM -0800, Eric Dumazet wrote:
> On Wed, 2017-01-11 at 22:52 -0800, Krister Johansen wrote:
> > Add net.ipv4.ip_unprotected_port_start, which is a per namespace sysctl
> > that denotes the first unprotected inet port in the namespace. To
> >
ation was needed to allow the container manager
to disable a namespace's priviliged port restrictions without exposing
control of the network namespace to processes in the user namespace.
Signed-off-by: Krister Johansen
---
include/net/ip.h | 10 +
include/net/ne
On Tue, Jan 03, 2017 at 02:24:43PM -0500, Aaron Conole wrote:
> David Miller writes:
>
> > From: Aaron Conole
> > Date: Tue, 03 Jan 2017 10:50:00 -0500
> >
> >>> @@ -489,7 +490,12 @@ static int __inet_insert_ifa(struct in_ifaddr *ifa,
> >>> struct nlmsghdr *nlh,
> >>> Notifier will trigger
On Sun, Jan 01, 2017 at 10:26:32PM -0500, David Miller wrote:
> From: Krister Johansen
> Date: Fri, 30 Dec 2016 20:10:58 -0800
>
> > The ipvlan code already knows how to detect when a duplicate address is
> > about to be assigned to an ipvlan device. However, that failure
On Sat, Dec 31, 2016 at 12:55:05PM -0800, Stephen Hemminger wrote:
> On Fri, 30 Dec 2016 20:11:11 -0800
> Krister Johansen wrote:
>
> >
> > +config LOWPORT_SYSCTL
> > + bool "Adjust reserved port range via sysctl"
> > + depends on SYSCTL
> >
ation was needed to allow the container manager
to disable a namespace's priviliged port restrictions without exposing
control of the network namespace to processes in the user namespace.
Signed-off-by: Krister Johansen
---
include/net/ip.h | 12 +
include/net/ne
unexpectedly in use.
Signed-off-by: Krister Johansen
---
drivers/net/ipvlan/ipvlan_main.c | 12
net/ipv4/devinet.c | 8 +++-
net/ipv6/addrconf.c | 23 ++-
3 files changed, 33 insertions(+), 10 deletions(-)
diff --git a/drivers/net
On Thu, Nov 03, 2016 at 02:56:06PM +0100, Jesper Dangaard Brouer wrote:
> The flag IFF_NO_QUEUE marks virtual device drivers that doesn't need a
> default qdisc attached, given they will be backed by physical device,
> that already have a qdisc attached for pushback.
>
> It is still supported to a
On Wed, Oct 05, 2016 at 11:01:38AM -0700, Cong Wang wrote:
> Does the attached patch make any sense now? Our pernet init doesn't
> rely on act_base, so even we have some race, the worst case is after
> we initialize the pernet netns for an action but its ops still not
> visible, which seems fine (a
Hi Cong,
Thanks for the follow-up.
On Thu, Oct 06, 2016 at 12:01:15PM -0700, Cong Wang wrote:
> On Wed, Oct 5, 2016 at 11:11 PM, Krister Johansen
> > pernet_operations pointer. The code in register_pernet_subsys() makes
> > no attempt to check for duplicates. If we add a pointer
On Wed, Oct 05, 2016 at 11:01:38AM -0700, Cong Wang wrote:
> On Tue, Oct 4, 2016 at 11:52 PM, Krister Johansen
> wrote:
> > On Mon, Oct 03, 2016 at 11:22:33AM -0700, Cong Wang wrote:
> >> Please try the attached patch. I also convert the read path to RCU
> >> to avoi
On Mon, Oct 03, 2016 at 11:22:33AM -0700, Cong Wang wrote:
> Please try the attached patch. I also convert the read path to RCU
> to avoid a possible deadlock. A quick test shows no lockdep splat.
I tried this patch, but it doesn't solve the problem. I got a panic on
my very first try:
SYSTEM
Hi Cong,
Thanks for the feedback.
On Mon, Oct 03, 2016 at 11:22:33AM -0700, Cong Wang wrote:
> On Sat, Oct 1, 2016 at 8:13 PM, Krister Johansen
> wrote:
> > A tc_action_ops structure is visibile as soon as it is placed in the
> > act_base list. When tcf_regsiter_action ad
On Sun, Oct 02, 2016 at 09:18:06PM -0400, Jamal Hadi Salim wrote:
> On 16-10-01 11:13 PM, Krister Johansen wrote:
> >A tc_action_ops structure is visibile as soon as it is placed in the
> >act_base list. When tcf_regsiter_action adds an item to this list and
> >drops act_mod_
_id needed to fetch the correct pointer was not
yet set, because the register_pernet_subsys() call was pending in
another thread.
Fixes: ddf97ccdd7cb ("net_sched: add network namespace support for tc actions")
Signed-off-by: Krister Johansen
---
include/net/act_api.h | 1 +
net/sc
29 matches
Mail list logo