Sam Ravnborg [EMAIL PROTECTED] writes:
On Thu, Nov 15, 2007 at 05:42:04PM +0300, Denis V. Lunev wrote:
nothing is discarded after module load. Though, I can be wrong. Could
you point me to the exact place?
If __initdata is not discarded after module load then we should do it.
There is no
Denis V. Lunev [EMAIL PROTECTED] writes:
net: consolidate net namespace related proc files creation
Signed-off-by: Denis V. Lunev [EMAIL PROTECTED]
Signed-off-by: Pavel Emelyanov [EMAIL PROTECTED]
Acked-by: Eric W. Biederman [EMAIL PROTECTED]
Looks good to me, and it looks like
Pavel Emelyanov [EMAIL PROTECTED] writes:
Rafael J. Wysocki wrote:
On Monday, 19 of November 2007, Pavel Machek wrote:
Hi!
I think that this worked before:
[EMAIL PROTECTED]:/proc# find . -name timer_info
find: WARNING: Hard link count is wrong for ./net: this may be a bug
in your
Ingo Molnar [EMAIL PROTECTED] writes:
* Eric W. Biederman [EMAIL PROTECTED] wrote:
lr-x-- 1 root root 64 Nov 20 18:03 3 - /proc/net
...
Yes all of those are nasty. So much for my clever way of implementing
these things. Grr. Simple hacks that almost work!
btw., in case you
for the
2.6.25 time frame and see if anyone screams.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/proc/base.c | 12 ++--
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 34a1821..8502436 100644
--- a/fs/proc/base.c
+++ b/fs
Roland McGrath [EMAIL PROTECTED] writes:
can you see any danger to providing a /proc/self_task/ link? (or can you
think of a better name/API/approach)
That is a poor name to choose given /proc/self/task exists as something
else (just try writing a sentence comparing them and then read it
Pavel Emelyanov [EMAIL PROTECTED] writes:
Rafael J. Wysocki wrote:
On Monday, 19 of November 2007, Pavel Machek wrote:
Hi!
I think that this worked before:
[EMAIL PROTECTED]:/proc# find . -name timer_info
find: WARNING: Hard link count is wrong for ./net: this may be a bug
in your
Robert Hancock [EMAIL PROTECTED] writes:
Eric W. Biederman wrote:
Could you elaborate a bit on how the semantics of returning the
wrong information are more useful?
In particular if a thread does the logical equivalent of:
grep Pid: /proc/self/status. It always get the tgid despite
having
what makes sense tomorrow.
Eric
From f359fde2469ba8be2123a465e788a83c7e6831e9 Mon Sep 17 00:00:00 2001
From: Eric W. Biederman [EMAIL PROTECTED]
Date: Tue, 20 Nov 2007 19:36:05 -0700
Subject: [PATCH] proc: Fix /proc/net directory listings.
Having proc dynamically display the contents of /proc/net
to find any issues but a few more eyeballs before I send this
along to Linus would be appreciated. Thanks.
From: Eric W. Biederman [EMAIL PROTECTED]
Subject: [PATCH] proc_net: Remove userspace visible changes.
This patch fixes some bugs in corner cases of the /proc/net
implementation
Forget this patch. It works but I have found something better.
Full explanation in the morning.
Eric
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/proc/generic.c | 12 ++-
fs/proc/proc_net.c | 86 +++
include/linux/proc_fs.h |3 ++
3 files changed, 19 insertions(+), 82 deletions(-)
diff --git a/fs/proc/generic.c b/fs/proc
the proc generic caching without modifying any code
that
uses the shadow_proc method.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
Thanks, Eric.
Much better ('find /proc' works and so does 'ls ..'), but one
issue is still unsolved :(
I mentioned the program, that opens the directory
in
a struct net_device.
Eric
CC: Eric W. Biederman [EMAIL PROTECTED]
CC: Ursula Braun [EMAIL PROTECTED]
CC: Peter Tiedemann [EMAIL PROTECTED]
Signed-off-by: Christian Borntraeger [EMAIL PROTECTED]
---
drivers/s390/net/ctcmain.c |2 ++
1 file changed, 2 insertions(+)
Index: linux-2.6
Currently the network namespace work has gotten about as far as we can
without the ability to make sysctls that are per network namespace.
The techniques we have been using for other namespace of examining
current and replacing the ctl_table.data field depending on the
namespace instance that
this change is both a space savings and a code simplification.
CC: Olaf Kirch [EMAIL PROTECTED]
CC: Olaf Hering [EMAIL PROTECTED]
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
include/linux/sysctl.h |9 +
kernel/sysctl.c| 90
-by: Eric W. Biederman [EMAIL PROTECTED]
---
include/linux/sysctl.h |1 +
kernel/sysctl.c|1 +
2 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index eb522bf..8b2e9e0 100644
--- a/include/linux/sysctl.h
+++ b/include/linux
other sysctls continue to be globally visible.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
include/net/net_namespace.h |9 +++
net/sysctl_net.c| 57 +++
2 files changed, 66 insertions(+), 0 deletions(-)
diff --git a/include/net
is added to add a new sysctl table on
a non-default sysctl list.
The only intrusive part of this patch is propagating the information
to decided which list of sysctls to use for sysctl_check_table.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
include/linux/sysctl.h | 16
PROTECTED]
Looks sane skimming through the patches.
Acked-by: Eric W. Biederman [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Serge E. Hallyn [EMAIL PROTECTED] writes:
Hey Eric,
the patches look nice.
The hand-forcing of the passed-in net_ns into a copy of current-nsproxy
does make it seem like nsproxy may not be the best choice of what to
pass in. Doesn't only net_sysctl_root-lookup() look at the argument?
Herbert Xu [EMAIL PROTECTED] writes:
On Thu, Nov 29, 2007 at 10:40:24AM -0700, Eric W. Biederman wrote:
Herbert we need this infrastructure most in net-2.6.25 (as not having
it is a current bottleneck to further development of the network
namespace) so these patches are against net-2.6.25
Now that we have network namespace support merged it is time to
revisit the sysfs support so we can remove the dependency on !SYSFS.
I'm not even trying to base this on any of Tejun's very interesting
work on sysfs to remove the coupling between kobjects and
sysfs_dirents. For my objective
In preparation for multiple mounts of sysfs add a superblock parameter to
sysfs_get_dentry.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/dir.c | 11 ++-
fs/sysfs/file.c |2 +-
fs/sysfs/sysfs.h |2 +-
3 files changed, 8 insertions(+), 7 deletions(-)
diff
This function is similar but much simpler to sysfs_get_dentry
returns a sysfs dentry if one curently exists.
This requires less locking the sysfs_get_dentry and which
makes it preferable in some contexts.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/dir.c | 38
This patch modifies the sysfs_rename_dir and sysfs_move_dir
to support multiple sysfs dentry trees rooted in different
sysfs superblocks.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/dir.c | 190 +++
1 files changed, 135
Teach sysfs_chmod_file how to handle multiple sysfs superblocks.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/file.c | 51 ---
1 files changed, 28 insertions(+), 23 deletions(-)
diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c
makes it an uninteresting problem
to solve.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/bin.c|2 +-
fs/sysfs/dir.c| 182 +
fs/sysfs/file.c |8 +-
fs/sysfs/group.c | 12 ++--
fs/sysfs/inode.c
kobject is renamed or deleted. If they are
called later I loose track of which tag the target kobject was marked
with and can no longer find the old symlink to remove it.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/symlink.c| 31 +++
include
.
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
drivers/base/class.c | 30 ---
drivers/base/core.c| 51 +--
include/linux/device.h |2 +
3 files changed, 55 insertions(+), 28 deletions(-)
diff --git
W. Biederman [EMAIL PROTECTED]
---
fs/sysfs/mount.c | 36
include/linux/sysfs.h |2 ++
net/Kconfig |2 +-
net/core/net-sysfs.c | 20
4 files changed, 59 insertions(+), 1 deletions(-)
diff --git a/fs/sysfs
Pavel Emelyanov [EMAIL PROTECTED] writes:
But I gotta say this struct/file is going to be enormous. It's also
one of those files that causes everything to get recompiled. Maybe
we ought to make a rule that each subsystem only gets to have at most
one entry in it :)
Thanks,
Good point,
Stephen Hemminger [EMAIL PROTECTED] writes:
On Sat, 01 Dec 2007 08:10:17 -0500
Mark Lord [EMAIL PROTECTED] wrote:
Now that we have network namespace support merged it is time to
revisit the sysfs support so we can remove the dependency on !SYSFS.
...
Now that the namespace updates are
Stephen Hemminger [EMAIL PROTECTED] writes:
Actually, the whole mess would go away if the api for dev_get_by_ hadn't
been changed in the namespace transition. IMHO the interface to
dev_get_by_name()
should not have added a namespace parameter, of the callers in the tree, only
two use a
Mark Lord [EMAIL PROTECTED] writes:
Can we get this resolved before 2.6.24 is released? Going back and forth
on API's is just needless frottage.
Sure. We keep the updated dev_get_by_ that takes a network
namespace parameter.
..
And what should code be passing in when # CONFIG_NET_NS
Mark Lord [EMAIL PROTECTED] writes:
Arjan van de Ven wrote:
On Sat, 01 Dec 2007 15:21:12 -0500
Mark Lord [EMAIL PROTECTED] wrote:
Eric W. Biederman wrote:
Stephen Hemminger [EMAIL PROTECTED] writes:
Sure. We keep the updated dev_get_by_ that takes a network
namespace parameter
Mark Lord [EMAIL PROTECTED] writes:
Eric W. Biederman wrote:
Mark Lord [EMAIL PROTECTED] writes:
Arjan van de Ven wrote:
On Sat, 01 Dec 2007 15:21:12 -0500
Mark Lord [EMAIL PROTECTED] wrote:
Eric W. Biederman wrote:
Stephen Hemminger [EMAIL PROTECTED] writes:
Sure. We keep the updated
Jiri Slaby [EMAIL PROTECTED] writes:
On 12/02/2007 12:13 AM, Eric W. Biederman wrote:
Mark Lord [EMAIL PROTECTED] writes:
Fine. But all of them want to call sk_alloc(),
network drivers should be calling sk_alloc less then they should
call dev_get_by_. Only protocols call sk_alloc
Stephen Hemminger [EMAIL PROTECTED] writes:
On Sat, 1 Dec 2007 11:17:36 -0800
Stephen Hemminger [EMAIL PROTECTED] wrote:
Then init_net needs to be not GPL limited. Sorry, we need to allow
non GPL network drivers. There is a fine line between keeping the
binary seething masses from
Pavel Emelyanov [EMAIL PROTECTED] writes:
They include the whole file, but it is already compiled
out when SYSCTL=n, since it is obj-$(CONFIG_SYSCTL) target
in the Makefile.
Pavel thanks for sending these patches. Might I ask
for some level of acknowledgement when you rework one of
my
Pavel Emelyanov [EMAIL PROTECTED] writes:
Eric W. Biederman wrote:
Pavel Emelyanov [EMAIL PROTECTED] writes:
They include the whole file, but it is already compiled
out when SYSCTL=n, since it is obj-$(CONFIG_SYSCTL) target
in the Makefile.
Pavel thanks for sending these patches. Might
Denis V. Lunev [EMAIL PROTECTED] writes:
This patch removes some unneeded includes for net_namespace.h to speed up
compilation.
Signed-off-by: Denis V. Lunev [EMAIL PROTECTED]
diff --git a/include/net/pkt_cls.h b/include/net/pkt_cls.h
index f285de6..28b7f25 100644
---
Looks good to me.
Acked-by: Eric W. Biederman [EMAIL PROTECTED]
Eric
Denis V. Lunev [EMAIL PROTECTED] writes:
you right, how about this?
Eric W. Biederman wrote:
Denis V. Lunev [EMAIL PROTECTED] writes:
This patch removes some unneeded includes for net_namespace.h to speed up
Patrick McHardy [EMAIL PROTECTED] writes:
Ben Greear wrote:
I have a binary module that uses dev_get_by_name...it's sort of a bridge-like
thing and
needs user-space to tell it which device to listen for packets on...
This code doesn't need or care about name-spaces, so I don't see how it
Romano Giannetti [EMAIL PROTECTED] writes:
Please pardon me for jumping in; I am not a kernel developer, but I try
to help with debugging whenever I can (and it's not just hand-waving, I
helped to track down a couple of nasty bugs on MMC or ACPI EC,
recently). And I am an engineer and IANAL,
Ben Greear [EMAIL PROTECTED] writes:
Regardless of infringement it is incompatible with a complete network
namespace implementation. Further it sounds like the module you are
describing defines a kernel ABI without being merged and hopes that
ABI will still be supportable in the future.
Daniel Lezcano [EMAIL PROTECTED] writes:
Ben Greear wrote:
Once things are largely complete it makes sense to argue with out of
tree module authors that because they don't have network namespace
support in their modules, their modules are broken.
Does this imply that every module that
Ben Greear [EMAIL PROTECTED] writes:
Eric W. Biederman wrote:
However there also seem to be simpler cases like Ben's bridge module,
that don't appear to have any global state.
Well, my module has some global state, but I don't think it needs to care
about
namespaces. My first impression
Ben Greear [EMAIL PROTECTED] writes:
I have a module that has a collection of 2-port bridges. These bridges are
used
for emulation
purposes (somewhat similar to netem's feature set). Each bridge is logically
independent
of the others. To set up a bridge, I do something like:
echo
Ben Greear [EMAIL PROTECTED] writes:
Ok, but can a netdev at least know what namespace it is in? I don't
need this for my module, but it seems very useful knowledge...
Sure. dev-nd_net
It is a don't care not a don't know, and there should be device
events when it goes in and out of a
Stephen Hemminger [EMAIL PROTECTED] writes:
On Wed, 5 Dec 2007 10:44:17 +0800
Chung-Chi Lo [EMAIL PROTECTED] wrote:
My kernel is Linxu 2.6.22.1. SYSFS is off.
When adding an interface to bridge, console will show WARNING message.
If turn SYSFS to on, then the WARNING message is gone.
Any
The idea of separate structures make sense, and seems needed and useful.
Denis V. Lunev [EMAIL PROTECTED] writes:
diff --git a/include/net/netns/unix.h b/include/net/netns/unix.h
new file mode 100644
index 000..27b4e7f
--- /dev/null
+++ b/include/net/netns/unix.h
Kirill Korotaev [EMAIL PROTECTED] writes:
Daniel Lezcano wrote:
Denis V. Lunev wrote:
Recently David Miller and Herbert Xu pointed out that struct net becomes
overbloated and un-maintainable. There are two solutions:
- provide a pointer to a network subsystem definition from struct net.
/standard_window_size .3.9.1.5 Unknown
sysctl binary path
===
(...)
and so on ...
Signed-off-by: Eric W. Biederman [EMAIL PROTECTED]
---
kernel/sysctl_check.c |7 ++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/kernel/sysctl_check.c b/kernel
Bernard Pidoux [EMAIL PROTECTED] writes:
Eric,
I applied your patch and now I have all /proc/sys/net/ax25
created and initialized as before.
Thanks for reporting this.
Eric
--
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to [EMAIL PROTECTED]
More
Greg KH [EMAIL PROTECTED] writes:
On Sat, Dec 01, 2007 at 02:06:58AM -0700, Eric W. Biederman wrote:
Now that we have network namespace support merged it is time to
revisit the sysfs support so we can remove the dependency on !SYSFS.
snip
Oops, I forgot to apply this to my tree. Eric
Benjamin Thery [EMAIL PROTECTED] writes:
Hi Eric,
While testing the current network namespace stuff merged in net-2.6.25,
I bumped into the following problem with the /proc/net/ entries.
It doesn't always display the actual data of the current namespace,
but sometime displays data from
behaviour/ABI forever.
Thanks.
Reviewed-by: Eric W. Biederman ebied...@xmission.com
These patches all look good. If these patches can make it into 4.1 so
we don't have a stable release without the new net/mpls/conf/dev/input
sysctl that would minimize disruption to users of the mpls code.
Eric
on operators.
Reviewed-by: Eric W. Biederman ebied...@xmission.com
Cc: Eric W. Biederman ebied...@xmission.com
Signed-off-by: Robert Shearman rshea...@brocade.com
---
Documentation/networking/mpls-sysctl.txt | 9 +
net/mpls/af_mpls.c | 68
Robert Shearman rshea...@brocade.com writes:
The reserved implicit-NULL label isn't allowed to appear in the label
stack for packets, so make it an error for the control plane to
specify it as an outgoing label.
Reviewed-by: Eric W. Biederman ebied...@xmission.com
Suggested-by: Eric W
- previously they were allowed through.
Reviewed-by: Eric W. Biederman ebied...@xmission.com
Cc: Eric W. Biederman ebied...@xmission.com
Signed-off-by: Robert Shearman rshea...@brocade.com
---
include/linux/netdevice.h | 4
net/mpls/af_mpls.c| 50
and everything
else. That just seems like an extra arbitrary rule.
Otherwise:
Acked-by: Eric W. Biederman ebied...@xmission.com
Not that I expect Dave Miller is taking patches during the merge window.
Robert Shearman (3):
mpls: Per-device MPLS state
mpls: Per-device enabling of packet input
Jiri Slaby jsl...@suse.cz writes:
On 04/25/2015, 04:16 PM, Guenter Roeck wrote:
Several powerpc build fail with:
drivers/net/ethernet/freescale/gianfar.c: In function 'gfar_start_xmit':
drivers/net/ethernet/freescale/gianfar.c:2146:3: error: implicit declaration
of
function
Herbert Xu herb...@gondor.apana.org.au writes:
On Thu, May 07, 2015 at 11:14:13AM -0500, Eric W. Biederman wrote:
The following change shows how it is possible to always know that your
network namespace has a non-zero reference count in the network
namespace initialization methods. My
In preparation for changing how struct net is refcounted
on kernel sockets pass the knowledge that we are creating
a kernel socket from sock_create_kern through to sk_alloc.
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
crypto/af_alg.c| 4 ++--
drivers/isdn/mISDN
Eric Dumazet eric.duma...@gmail.com writes:
On Fri, 2015-05-08 at 21:09 -0500, Eric W. Biederman wrote:
In preparation for changing how struct net is refcounted
on kernel sockets pass the knowledge that we are creating
a kernel socket from sock_create_kern through to sk_alloc.
...
diff
for the mpls device
after the RCU grace period has elapsed.
Acked-by: Eric W. Biederman ebied...@xmission.com
Fixes: 03c57747a702 (mpls: Per-device MPLS state)
Signed-off-by: Robert Shearman rshea...@brocade.com
---
net/mpls/af_mpls.c | 2 +-
net/mpls/internal.h | 1 +
2 files changed, 2
Robert Shearman rshea...@brocade.com writes:
In order to be able to function as a Label Edge Router in an MPLS
network, it is necessary to be able to take IP packets and impose an
MPLS encap and forward them out. The traditional approach of setting
up an interface for each tunnel endpoint
roopa ro...@cumulusnetworks.com writes:
On 6/1/15, 9:46 AM, Robert Shearman wrote:
In order to be able to function as a Label Edge Router in an MPLS
network, it is necessary to be able to take IP packets and impose an
MPLS encap and forward them out. The traditional approach of setting
up an
instead of having to do weird flow based magic that
is rarely needed.
I believe what we want are the xfrm stacking of dst entries.
Eric
This implementation is based on an alternative earlier implementation
by Eric W. Biederman.
Signed-off-by: Robert Shearman rshea...@brocade.com
Thomas Graf tg...@suug.ch writes:
This is the first series in a greater effort to bring the scalability
and programmability advantages of OVS to the rest of the network
stack and to get rid of as much OVS specific code as possible.
This first series focuses on getting rid of OVS tunnel
.
This bit of infrastructure should be more like rtnl_register. Where
we register an encap type and the operations to go with it.
Just like rtnl_register we can have small array with the operations for
each supported encapsulation.
Eric
Suggested-by: Eric W. Biederman ebied...@xmission.com
Robert Shearman rshea...@brocade.com writes:
On 02/06/15 19:11, Eric W. Biederman wrote:
Robert Shearman rshea...@brocade.com writes:
In order to be able to function as a Label Edge Router in an MPLS
network, it is necessary to be able to take IP packets and impose an
MPLS encap and forward
. Biederman ebied...@xmission.com
Suggested-by: Eric W. Biederman ebied...@xmission.com
Signed-off-by: Roopa Prabhu ro...@cumulusnetworks.com
Signed-off-by: Vivek Venkataraman vi...@cumulusnetworks.com
--
v4 move fix to iproute2
---
ip/iproute.c | 16
1 file changed, 12
Thomas Graf tg...@suug.ch writes:
On 06/02/15 at 01:26pm, Eric W. Biederman wrote:
What we really want here is xfrm-lite. By lite I mean the tunnel
selection criteria is simple enough that it fits into the normal
routing table instead of having to do weird flow based magic that
is rarely
Thomas Graf tg...@suug.ch writes:
On 06/02/15 at 01:26pm, Eric W. Biederman wrote:
What we really want here is xfrm-lite. By lite I mean the tunnel
selection criteria is simple enough that it fits into the normal
routing table instead of having to do weird flow based magic that
is rarely
roopa ro...@cumulusnetworks.com writes:
On 6/2/15, 2:13 PM, Eric W. Biederman wrote:
So I just stopped and looked at what is happening. When you originally
reported this you said (or at least I understood) that rtm_scope was not
being set in iproute. I assumed that meant it was not being
:00:00 2001
From: Eric W. Biederman ebied...@xmission.com
Date: Tue, 2 Jun 2015 15:51:31 -0500
Subject: [PATCH] iproute: When deleting routes don't always set the scope to
RT_SCOPE_NOWHERE
IPv6 and MPLS do not implement scopes on addresses and using
RT_SCOPE_NOWHERE is just confusing noise. Use
anything in this case but is down right confusing to think
about, and could lead to maintenance problems in the future.
Otherwise
Acked-by: Eric W. Biederman ebied...@xmission.com
Signed-off-by: Vivek Venkataraman vi...@cumulusnetworks.com
Signed-off-by: Roopa Prabhu ro...@cumulusnetworks.com
Robert Shearman rshea...@brocade.com writes:
On 02/06/15 22:10, Eric W. Biederman wrote:
Robert Shearman rshea...@brocade.com writes:
On 02/06/15 19:11, Eric W. Biederman wrote:
Robert Shearman rshea...@brocade.com writes:
In order to be able to function as a Label Edge Router in an MPLS
Pablo Neira Ayuso pa...@netfilter.org writes:
On Sat, Jun 20, 2015 at 09:08:20AM -0500, Eric W. Biederman wrote:
Pablo Neira Ayuso pa...@netfilter.org writes:
On Fri, Jun 19, 2015 at 05:23:37PM -0500, Eric W. Biederman wrote:
If someone sends packets from one of the netdevice ingress
Pablo Neira Ayuso pa...@netfilter.org writes:
On Mon, Jun 22, 2015 at 09:56:37AM -0500, Eric W. Biederman wrote:
Pablo Neira Ayuso pa...@netfilter.org writes:
[...]
There is no nfnetlink_queue support for the netdev family at this
moment, so this can't be triggered unless you use an out
Cc' list trimmed as this is not longer about the original patch
submission.
Julian Anastasov j...@ssi.bg writes:
Hello,
On Wed, 17 Jun 2015, Eric W. Biederman wrote:
p.s. I do have my patch that I can toss in your direction if you are
interested.
Of course... I'll be able
If someone sends packets from one of the netdevice ingress hooks to
the a userspace queue, and then userspace later accepts the packet,
the netfilter code can enter an infinite loop as the list head will
never be found.
Pass in the saved list_head to avoid this.
Signed-off-by: Eric W. Biederman
Pablo Neira Ayuso pa...@netfilter.org writes:
On Fri, Jun 19, 2015 at 02:03:39PM -0500, Eric W. Biederman wrote:
Add code to nf_unregister_hook to flush the nf_queue when a hook is
unregistered. This guarantees that the pointer that the nf_queue code
retains into the nf_hook list
Patrick McHardy ka...@trash.net writes:
On 20.06, Pablo Neira Ayuso wrote:
On Fri, Jun 19, 2015 at 02:03:39PM -0500, Eric W. Biederman wrote:
Add code to nf_unregister_hook to flush the nf_queue when a hook is
unregistered. This guarantees that the pointer that the nf_queue code
Pablo Neira Ayuso pa...@netfilter.org writes:
On Fri, Jun 19, 2015 at 05:23:37PM -0500, Eric W. Biederman wrote:
If someone sends packets from one of the netdevice ingress hooks to
the a userspace queue, and then userspace later accepts the packet,
the netfilter code can enter an infinite
Julian Anastasov j...@ssi.bg writes:
Hello,
On Thu, 18 Jun 2015, Eric W. Biederman wrote:
My incremental patch for ipvs on top of everything else I have pushed
out looks like this:
From: Eric W. Biederman ebied...@xmission.com
Date: Fri, 12 Jun 2015 18:34:12 -0500
Subject: [PATCH
.
Cc: sta...@vger.kernel.org
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
net/netfilter/nf_tables_core.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c
index f153b07073af..f77bad46ac68 100644
/0x6a
Code: Bad RIP value.
RIP [00010001] 0x10001
RSP 8800ba9dba40
CR2: 00010001
---[ end trace 08eb65d42362793f ]---
Cc: sta...@vger.kernel.org
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
Apologies for the duplicate send but I forgot to include
Pablo Neira Ayuso pa...@netfilter.org writes:
Hi Eric,
On Sun, Jun 14, 2015 at 10:07:30PM -0500, Eric W. Biederman wrote:
While looking into what it would take to route packets out to network
devices in other network namespaces I started looking at the netfilter
hooks, and there is a lot
Pablo Neira Ayuso pa...@netfilter.org writes:
On Mon, Jun 15, 2015 at 07:26:13PM -0500, Eric W. Biederman wrote:
[...]
So what I am in the processes of doing is reviewing and testing
the combined set of patches and hopefully I will have something
for you soon (tomorrow?). Unless Pablo has
Julian Anastasov j...@ssi.bg writes:
Hello,
On Sun, 14 Jun 2015, Eric W. Biederman wrote:
This patshset roots out all of the very weird network namespace
computation logic (except for the code in ipvs) and fixes it. I really
don't like how the code has been essentially guessing
Patrick McHardy ka...@trash.net writes:
On 17.06, Eric W. Biederman wrote:
From: Eric W Biederman ebied...@xmission.com
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
net/netfilter/core.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/netfilter
From: Eric W Biederman ebied...@xmission.com
Add a new field fn to struct xt_table that will hold the standard hook
function. If that field is set the hook function is automatically
registered when as part of the table registration, and automatically
unregisted as part of table unregistration
From: Eric W Biederman ebied...@xmission.com
Since pernet hooks, we need to register the hook for each netnamespace space.
Based on a patch by Pablo Neira Ayuso pa...@netfilter.org that was
buggy and did a lot more.
Signed-off-by: Eric W Biederman ebied...@xmission.com
---
net/bridge
From: Eric W Biederman ebied...@xmission.com
Don't allow network namespaces and netfilter to both be
enabled. This allows the netfilter code to be bisected
through while per network namespace netfilter hooks are
being implemented.
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
init
From: Eric W Biederman ebied...@xmission.com
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
net/ipv4/netfilter/nf_defrag_ipv4.c | 21 ++---
net/ipv6/netfilter/nf_defrag_ipv6_hooks.c | 21 ++---
2 files changed, 36 insertions(+), 6 deletions
em-net is always set and always available, use it in preference
to dev_net(skb-dev).
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
net/sched/em_ipset.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/sched/em_ipset.c b/net/sched/em_ipset.c
index
of cachelines the callers touch.
Signed-off-by: Eric W. Biederman ebied...@xmission.com
---
include/linux/netfilter_arp/arp_tables.h | 1 -
include/linux/netfilter_ipv4/ip_tables.h | 1 -
include/linux/netfilter_ipv6/ip6_tables.h | 1 -
net/ipv4/netfilter/arp_tables.c | 2 +-
net/ipv4
401 - 500 of 1118 matches
Mail list logo
