On 16/06/2015 00:32, Hefty, Sean wrote:
>> drivers/infiniband/core/cm.c | 7 +++
>> include/rdma/ib_cm.h | 2 ++
>> 2 files changed, 9 insertions(+)
>>
>> diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c
>> index c5f5f89e274a..46f99ec4080a 100644
>> --- a/driver
On 15/06/2015 20:22, Jason Gunthorpe wrote:
> On Mon, Jun 15, 2015 at 11:47:07AM +0300, Haggai Eran wrote:
>
>> +/* Called with an RCU read lock taken */
>
> Add _rcu to the name? That is the standard convention.
Sure, I'll change that.
>
>> +/* returns an IPoIB netdev on top a given ipoib dev
Tue, Jun 16, 2015 at 01:25:51AM CEST, da...@davemloft.net wrote:
>From: sfel...@gmail.com
>Date: Sat, 13 Jun 2015 11:04:26 -0700
>
>> The switchdev port driver must do two things:
>>
>> 1) Generate a fwd_mark for each switch port, using some unique key of the
>>switch device (and optionally po
On 15/06/2015 20:08, Jason Gunthorpe wrote:
> On Mon, Jun 15, 2015 at 11:47:13AM +0300, Haggai Eran wrote:
>> Instead of relying on a the ib_cm module to check an incoming CM request's
>> private data header, add these checks to the RDMA CM module. This allows a
>> following patch to to clean up th
From: Alexei Starovoitov
Date: Mon, 15 Jun 2015 20:49:24 -0700
> Accessing current->pid/uid from cls_bpf may lead to misleading results and
> should not be used when TC classifiers need accurate information about
> pid/uid.
>
> Signed-off-by: Alexei Starovoitov
Applied, thanks.
--
To unsubscr
Accessing current->pid/uid from cls_bpf may lead to misleading results and
should not be used when TC classifiers need accurate information about pid/uid.
Signed-off-by: Alexei Starovoitov
---
net/core/filter.c |6 --
1 file changed, 6 deletions(-)
diff --git a/net/core/filter.c b/net/c
Thank you.
Suravee
On 6/15/15 18:24, Rafael J. Wysocki wrote:
On Wednesday, June 10, 2015 11:08:51 AM Suravee Suthikulpanit wrote:
This patch series introduce support for _CCA object, which is currently
used mainly by ARM64 platform to specify DMA coherency attribute for
devices when booting w
On 6/15/15 4:01 PM, David Miller wrote:
Although I agree with the sentiment that this thing can cause
surprising results and can be asking for trouble.
If someone wants to filter traffic "by UID" they might make
a simple ingress TC ebpf program using these new interfaces
and expect it to work.
From: Fabian Frederick
Date: Mon, 15 Jun 2015 19:13:05 +0200
> {
> unsigned int i;
> + struct scatterlist *sg;
Please order local variables from longest to shortest line (reverse
christmas tree).
Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body
From: Edward Cree
Date: Mon, 15 Jun 2015 18:27:54 +0100
> Without this change, modprobe -r sfc hits the BUG_ON() in
> efx_pci_remove_main().
>
> Fixes: e7fef9b45ae1 ("sfc: add sysfs entry to control MCDI tracing")
> Reported-by: Jarod Wilson
> Reviewed-by: Jarod Wilson
> Signed-off-by: Edward
From: Craig Gallek
Date: Mon, 15 Jun 2015 11:26:17 -0400
> This series extends the netlink sock_diag interface to broadcast
> socket information as they are being destroyed. The current
> interface is poll based and can not be used to retreive information
> about sockets that are destroyed betwe
From: ebied...@xmission.com (Eric W. Biederman)
Date: Mon, 15 Jun 2015 19:26:13 -0500
> So what I am in the processes of doing is reviewing and testing
> the combined set of patches and hopefully I will have something
> for you soon (tomorrow?). Unless Pablo has objections.
I will be travelling
HGN!
On Mon, Jun 15, 2015 at 11:36:54PM +0200, Hagen Paul Pfeifer wrote:
> On 15 June 2015 at 22:54, Phil Sutter wrote:
>
> > As I see it, a user has no way of detecting the listening socket in this
> > address family: it does not show in /proc/net/{tcp,udp} nor do
> > 'netstat', 'ss' or 'lsof'
Hi Davem,
Can you please apply this patch series against net-next ?
Thanks
Praveen
From: Praveen Madhavan [prave...@chelsio.com]
Sent: Tuesday, June 09, 2015 6:44 PM
To: netdev@vger.kernel.org; linux-s...@vger.kernel.org
Cc: da...@davemloft.net; jbottom...@
From: Eric Dumazet
Let's force a 16 bytes alignment on xt_counter percpu allocations,
so that bytes and packets sit in same cache line.
xt_counter being exported to user space, we cannot add __align(16) on
the structure itself.
Signed-off-by: Eric Dumazet
Cc: Florian Westphal
---
include/lin
Currently output of MPLS packets on tunnel vports is not allowed by the
datapath and, moreover, flows that match on MPLS packets and output to
tunnel vports are rejected by the datapath. The flows are rejected
regardless of if they also output to non-tunnel vports which is allowed for
MPLS packets
David Miller writes:
> From: ebied...@xmission.com (Eric W. Biederman)
> Date: Sun, 14 Jun 2015 22:07:30 -0500
>
>> While looking into what it would take to route packets out to network
>> devices in other network namespaces I started looking at the netfilter
>> hooks, and there is a lot of nasty
From: Or Gerlitz
Date: Mon, 15 Jun 2015 17:58:55 +0300
> This series from Eran and Hadar is further dealing with traffic
> counters in the mlx4 driver, this time mostly around SRIOV.
>
> We added a new ndo to read the VF counters through the PF netdev
> netlink infrastructure plus mlx4 impleme
From: Andrea Parri
Date: Mon, 15 Jun 2015 14:20:01 +0200
> The control !hlist_unhashed() in qfq_destroy_agg() is unnecessary
> because already performed in hlist_del_init(), so remove it.
>
> Signed-off-by: Andrea Parri
This patch has been corrupted by your email client (TAB characters
have be
From: Maninder Singh
Date: Mon, 15 Jun 2015 10:35:05 +0530
> Use BUG_ON(condition) instead of if(condition)/BUG()
>
> Signed-off-by: Maninder Singh
> Reviewed-by: Akhilesh Kumar
Your email client corrupted this patch, making it unusable.
--
To unsubscribe from this list: send the line "unsubs
From: ebied...@xmission.com (Eric W. Biederman)
Date: Sun, 14 Jun 2015 22:07:30 -0500
> While looking into what it would take to route packets out to network
> devices in other network namespaces I started looking at the netfilter
> hooks, and there is a lot of nasty code to figure out which netwo
From: sfel...@gmail.com
Date: Sun, 14 Jun 2015 11:33:11 -0700
> From: Scott Feldman
>
> We need to delete from offload the device externally learnded fdbs when any
> one of these events happen:
>
> 1) Bridge ages out fdb. (When bridge is doing ageing vs. device doing
> ageing. If device is do
From: Samuel Ortiz
Date: Sun, 14 Jun 2015 18:00:45 +0200
> This is the NFC pull request for 4.2:
>
> - NCI drivers can now define their own handlers for processing
> proprietary NCI responses and notifications.
>
> - NFC vendors can use a dedicated netlink API to send their own
> proprietar
From: Or Gerlitz
Date: Sun, 14 Jun 2015 17:13:06 +0300
> Due to firmware bug, under VPI configuration when port1 = IB and
> port2 = Eth, Granular QoS per VF isn't working properly. More over,
> the whole QP0/QP1 Para-Virtualization in the mlx4 IB driver is
> broken on that config.
>
> Hence, we
From: Nikolay Aleksandrov
Date: Sun, 14 Jun 2015 16:36:33 +0300
> These are two small patches that export actor_oper_port_state and
> partner_oper_port_state via netlink and sysfs, until now they were only
> exported via bond's proc entry. If this set gets accepted I have an iproute2
> patch prep
From: sfel...@gmail.com
Date: Sat, 13 Jun 2015 11:04:26 -0700
> The switchdev port driver must do two things:
>
> 1) Generate a fwd_mark for each switch port, using some unique key of the
>switch device (and optionally port). This is a one-time operation done
>when port's netdev is setup
On Mon, 2015-06-15 at 21:46 +, subas...@codeaurora.org wrote:
> When NAPI_STATE_SCHED state is not set, enqueue_to_backlog()
> will queue an IPI and add the backlog queue to the poll list. A packet
> added by RPS onto the core could also add the NAPI backlog struct to the
> poll list. This doub
From: sfel...@gmail.com
Date: Fri, 12 Jun 2015 21:35:45 -0700
> One of the items removed from the rocker driver in the Spring Cleanup patch
> series was the ability to mark processing in the driver as "no wait" for
> those contexts where we cannot sleep. Turns out, we have "no wait"
> contexts wh
From: sfel...@gmail.com
Date: Fri, 12 Jun 2015 21:24:40 -0700
> From: Scott Feldman
>
> rocker->neigh_tbl_next_index is used to generate unique indices for neigh
> entries programmed into the device. The way new indices were generated was
> racy with the new prepare-commit transaction model. A
From: sfel...@gmail.com
Date: Fri, 12 Jun 2015 21:09:44 -0700
> From: Scott Feldman
>
> The ports array is filled in as ports are probed, but if probing doesn't
> finish, we need to stop only those ports that where probed successfully.
> Check the ports array for NULL to skip un-probed ports whe
From: Eric Dumazet
Date: Fri, 12 Jun 2015 19:44:48 -0700
> From: Eric Dumazet
>
> Using a function instead of a macro is cleaner and remove
> following W=1 warnings (extract)
...
> Signed-off-by: Eric Dumazet
Applied.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
th
From: sfel...@gmail.com
Date: Fri, 12 Jun 2015 17:39:50 -0700
> From: Scott Feldman
>
> v2:
>
> Move struct switchdev_obj automatics to inner scope where there used.
>
> v1:
>
> To maintain backward compatibility with the existing iproute2 "bridge vlan"
> command, let bridge's setlink/dellink
From: Alexei Starovoitov
Date: Fri, 12 Jun 2015 19:39:11 -0700
> v1->v2: switched to init_user_ns from current_user_ns as suggested by Andy
>
> Introduce new helpers to access 'struct task_struct'->pid, tgid, uid, gid,
> comm
> fields in tracing and networking.
>
> Share bpf_trace_printk() and
On Wednesday, June 10, 2015 11:08:51 AM Suravee Suthikulpanit wrote:
> This patch series introduce support for _CCA object, which is currently
> used mainly by ARM64 platform to specify DMA coherency attribute for
> devices when booting with ACPI.
>
> A copy of ACPIv6 can be found here:
> http
tree: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git master
head: ada6c1de9ecabcfc5619479bcd29a208f2e248a0
commit: efb6de9b4ba0092b2c55f6a52d16294a8a698edd [1371/1406] netfilter: bridge:
forward IPv6 fragmented packets
config: sh-titan_defconfig (attached as .config)
reproduc
> Add helper functions to access the IDRs by port-space and port number.
>
> Pass around the port-space enum in cma.c instead of using pointers to
> port-space IDRs.
What is the motivation for this change?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a messa
> -static int cma_save_net_info(struct rdma_cm_id *id, struct rdma_cm_id
> *listen_id,
> - struct ib_cm_event *ib_event)
> +static u16 cma_port_from_service_id(__be64 service_id)
> {
> - struct cma_hdr *hdr;
> + return be64_to_cpu(service_id);
> +}
Nit - Does the
From: David Herrmann
Date: Fri, 12 Jun 2015 18:15:38 +0200
> This patch adds getsockopt(SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS) to
> retrieve all groups a socket is a member of. Currently, we have to use
> getsockname() and look at the nl.nl_groups bitmask. However, this mask is
> limited to 32 gr
> @@ -722,6 +725,7 @@ struct ib_cm_id *ib_create_cm_id(struct ib_device
> *device,
> INIT_LIST_HEAD(&cm_id_priv->work_list);
> atomic_set(&cm_id_priv->work_count, -1);
> atomic_set(&cm_id_priv->refcount, 1);
> + cm_id_priv->listen_sharecount = 1;
This is setting the listen co
On Mon, Jun 15, 2015 at 09:32:53PM +, Hefty, Sean wrote:
> > drivers/infiniband/core/cm.c | 7 +++
> > include/rdma/ib_cm.h | 2 ++
> > 2 files changed, 9 insertions(+)
> >
> > diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c
> > index c5f5f89e274a..46f99ec
From: Firo Yang
Date: Fri, 12 Jun 2015 12:57:57 +0800
> Code refactoring:
> 1. Move the common code of inet_listen() and inet_dccp_listen() to
> sock_common_listen().
>
> 2. Modify and rename inet_listen() to tcp_listen().
>
> 3. Modify and rename inet_dccp_listen() to dccp_listen().
>
> 4. Ad
When NAPI_STATE_SCHED state is not set, enqueue_to_backlog()
will queue an IPI and add the backlog queue to the poll list. A packet
added by RPS onto the core could also add the NAPI backlog struct to the
poll list. This double addition to the list causes a crash -
2920.540304: <2> list_add doub
From: Pablo Neira Ayuso
Date: Mon, 15 Jun 2015 23:25:57 +0200
> You can pull these changes from:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
Pulled, thanks Pablo!
> Have a nice and safe travel to NFWS in Budapest.
Yep, thanks, see you soon!
--
To unsubscribe from thi
On 15 June 2015 at 22:54, Phil Sutter wrote:
> As I see it, a user has no way of detecting the listening socket in this
> address family: it does not show in /proc/net/{tcp,udp} nor do
> 'netstat', 'ss' or 'lsof' print any additional information about those
> sockets over pure IPv6 ones.
Probabl
> drivers/infiniband/core/cm.c | 7 +++
> include/rdma/ib_cm.h | 2 ++
> 2 files changed, 9 insertions(+)
>
> diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c
> index c5f5f89e274a..46f99ec4080a 100644
> --- a/drivers/infiniband/core/cm.c
> +++ b/drivers/infinib
From: Jozsef Kadlecsik
Commit "Simplify cidr handling for hash:*net* types" broke the cidr
handling for the hash:*net* types when the sets were used by the SET
target: entries with invalid cidr values were added to the sets.
Reported by Jonathan Johnson.
Testsuite entry is added to verify the fi
From: Florian Westphal
The binary arp/ip/ip6tables ruleset is stored per cpu.
The only reason left as to why we need percpu duplication are the rule
counters embedded into ipt_entry et al -- since each cpu has its own copy
of the rules, all counters can be lockless.
The downside is that the mor
From: Sergey Popovich
There is no reason to check CIDR value regardless attribute
specifying CIDR is given.
Initialize cidr array in element structure on element structure
declaration to let more freedom to the compiler to optimize
initialization right before element structure is used.
Remove l
From: Sergey Popovich
Signed-off-by: Sergey Popovich
Signed-off-by: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_core.c | 12 ++--
net/netfilter/ipset/ip_set_hash_gen.h |2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/net/netfilter/ipset/ip_set_core.c
From: Florian Westphal
We store the rule blob per (possible) cpu. Unfortunately this means we can
waste lot of memory on big smp machines. ipt_entry structure ('rule head')
is 112 byte, so e.g. with maxcpu=64 one single rule eats
close to 8k RAM.
Since previous patch made counters percpu it app
From: Jozsef Kadlecsik
Signed-off-by: Jozsef Kadlecsik
---
include/linux/netfilter/ipset/ip_set_timeout.h |4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/netfilter/ipset/ip_set_timeout.h
b/include/linux/netfilter/ipset/ip_set_timeout.h
index 83c2f9e..3c
> Expose the service ID on an incoming CM or SIDR request to the event
> handler. This will allow the RDMA CM module to de-multiplex connection
> requests based on the information encoded in the service ID.
>
> Signed-off-by: Haggai Eran
Acked-by: Sean Hefty
--
To unsubscribe from this list: se
From: Florian Westphal
since commit d6b915e29f4adea9
("ip_fragment: don't forward defragmented DF packet") the largest
fragment size is available in the IPCB.
Therefore we no longer need to care about 'encapsulation'
overhead of stripped PPPOE/VLAN headers since ip_do_fragment
doesn't use device
From: Bernhard Thaler
Prepare check_hbh_len() to be called from newly introduced
br_validate_ipv6() in next commit.
Signed-off-by: Bernhard Thaler
Signed-off-by: Pablo Neira Ayuso
---
net/bridge/br_netfilter.c | 111 +++--
1 file changed, 56 insertions
From: Jozsef Kadlecsik
When elements added to a hash:* type of set and resizing triggered,
parallel listing could start to list the original set (before resizing)
and "continue" with listing the new set. Fix it by references and
using the original hash table for listing. Therefore the destroying
From: Jozsef Kadlecsik
Signed-off-by: Jozsef Kadlecsik
---
include/linux/netfilter/ipset/ip_set.h |5 +-
include/uapi/linux/netfilter/ipset/ip_set.h |6 +-
net/netfilter/ipset/ip_set_bitmap_gen.h | 11 +-
net/netfilter/ipset/ip_set_bitmap_ip.c | 12 +-
net/netfilte
From: Sergey Popovich
Permit userspace to supply CIDR length equal to the host address CIDR
length in netlink message. Prohibit any other CIDR length for IPv6
variant of the set.
Also return -IPSET_ERR_HASH_RANGE_UNSUPPORTED instead of generic
-IPSET_ERR_PROTOCOL in IPv6 variant of hash:ip,port,
From: Sergey Popovich
Even if we return with generic IPSET_ERR_PROTOCOL it is good idea
to return line number if we called in batch mode.
Moreover we are not always exiting with IPSET_ERR_PROTOCOL. For
example hash:ip,port,net may return IPSET_ERR_HASH_RANGE_UNSUPPORTED
or IPSET_ERR_INVALID_CIDR
From: Sergey Popovich
Make all extensions attributes checks within ip_set_get_extensions()
and reduce number of duplicated code.
Signed-off-by: Sergey Popovich
Signed-off-by: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_bitmap_ip.c |8 +---
net/netfilter/ipset/ip_set_bitmap_i
This wrapper functions take care of hook registration for basechains.
Signed-off-by: Pablo Neira Ayuso
---
net/netfilter/nf_tables_api.c | 52 +
1 file changed, 37 insertions(+), 15 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter
From: Jozsef Kadlecsik
There was a small window when all sets are destroyed and a concurrent
listing of all sets could grab a set which is just being destroyed.
Signed-off-by: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_core.c | 49 +
1 file changed, 3
From: Jozsef Kadlecsik
Standard rculist is used.
Signed-off-by: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_list_set.c | 398 -
1 file changed, 189 insertions(+), 209 deletions(-)
diff --git a/net/netfilter/ipset/ip_set_list_set.c
b/net/netfilter/ipset/ip
From: Florian Westphal
If bridge netfilter is used with both
bridge-nf-call-iptables and bridge-nf-filter-vlan-tagged enabled
then ip fragments in VLAN frames are sent without the vlan header.
This has never worked reliably. Turns out this relied on pre-3.5
behaviour where skb frag_list was use
From: Jozsef Kadlecsik
Remove rbtree in order to introduce RCU instead of rwlock in ipset
Signed-off-by: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_hash_netiface.c | 163
1 file changed, 20 insertions(+), 143 deletions(-)
diff --git a/net/netfilter/ipset/ip_
From: Jozsef Kadlecsik
Three types of data need to be protected in the case of the hash types:
a. The hash buckets: standard rcu pointer operations are used.
b. The element blobs in the hash buckets are stored in an array and
a bitmap is used for book-keeping to tell which elements in the arr
According to the reporter, they are not needed.
Reported-by: Sergei Shtylyov
Signed-off-by: Pablo Neira Ayuso
---
net/ipv4/netfilter/Kconfig |3 ++-
net/ipv6/netfilter/Kconfig |3 ++-
net/netfilter/Kconfig | 18 +-
3 files changed, 13 insertions(+), 11 deletions(-
The device is part of the hook configuration, so instead of a global
configuration per table, set it to each of the basechain that we create.
This patch reworks ebddf1a8d78a ("netfilter: nf_tables: allow to bind table to
net_device").
Note that this adds a dev_name field in the nft_base_chain str
From: Bernhard Thaler
br_parse_ip_options() does not parse any IP options, it validates IP
packets as a whole and the function name is misleading.
Rename br_parse_ip_options() to br_validate_ipv4() and remove unneeded
commments.
Signed-off-by: Bernhard Thaler
Signed-off-by: Pablo Neira Ayuso
From: Jozsef Kadlecsik
There's nothing much required because the bitmap types use atomic
bit operations. However the logic of adding elements slightly changed:
first the MAC address updated (which is not atomic), then the element
activated (added). The extensions may call kfree_rcu() therefore we
In case the net_device is gone, we have to unregister the hooks and put back
the reference on the net_device object. Once it comes back, register them
again. This also covers the device rename case.
This patch also adds a new flag to indicate that the basechain is disabled, so
their hooks are not
From: Eric Dumazet
After Florian patches, there is no need for XT_TABLE_INFO_SZ anymore :
Only one copy of table is kept, instead of one copy per cpu.
We also can avoid a dereference if we put table data right after
xt_table_info. It reduces register pressure and helps compiler.
Then, we attemp
From: Jozsef Kadlecsik
Replace rwlock_t with spinlock_t in "struct ip_set" and change the locking
accordingly. Convert the comment extension into an rcu-avare object. Also,
simplify the timeout routines.
Signed-off-by: Jozsef Kadlecsik
---
include/linux/netfilter/ipset/ip_set.h |9
From: Bernhard Thaler
Put br_nf_pre_routing_finish_ipv6() after daddr_was_changed() and
br_nf_pre_routing_finish_bridge() to prepare calling these functions
from there.
Signed-off-by: Bernhard Thaler
Signed-off-by: Pablo Neira Ayuso
---
net/bridge/br_netfilter.c | 63 +++
From: Bernhard Thaler
Currently frag_max_size is member of br_input_skb_cb and copied back and
forth using IPCB(skb) and BR_INPUT_SKB_CB(skb) each time it is changed or
used.
Attach frag_max_size to nf_bridge_info and set value in pre_routing and
forward functions. Use its value in forward and x
From: Bernhard Thaler
IPv4 iptables allows to REDIRECT/DNAT/SNAT any traffic over a bridge.
e.g. REDIRECT
$ sysctl -w net.bridge.bridge-nf-call-iptables=1
$ iptables -t nat -A PREROUTING -p tcp -m tcp --dport 8080 \
-j REDIRECT --to-ports 81
This does not work with ip6tables on a bridge in NA
From: Bernhard Thaler
use binary AND on complement of BRNF_NF_BRIDGE_PREROUTING to unset
bit in nf_bridge->mask.
Signed-off-by: Bernhard Thaler
Signed-off-by: Pablo Neira Ayuso
---
net/bridge/br_netfilter.c |4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/bridge/
From: Bernhard Thaler
IPv6 fragmented packets are not forwarded on an ethernet bridge
with netfilter ip6_tables loaded. e.g. steps to reproduce
1) create a simple bridge like this
modprobe br_netfilter
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth2
From: Marcelo Ricardo Leitner
After db29a9508a92 ("netfilter: conntrack: disable generic tracking for
known protocols"), if the specific helper is built but not loaded
(a standard for most distributions) systems with a restrictive firewall
but weak configuration regarding netfilter modules to loa
Hi David,
This a bit large (and late) patchset that contains Netfilter updates for
net-next. Most relevantly br_netfilter fixes, ipset RCU support, removal of
x_tables percpu ruleset copy and rework of the nf_tables netdev support. More
specifically, they are:
1) Warn the user when there is a bet
Hi,
A socket listening on any AF_INET6 address will receive IPv4 traffic as
well, as long as it does not set IPV6_V6ONLY (or sysctl
net.ipv6.bindv6only is set). Apache APR e.g. explicitly disables
IPV6_V6ONLY for listening sockets.
As I see it, a user has no way of detecting the listening socket
On Mon, 2015-06-15 at 11:26 -0400, Craig Gallek wrote:
> This get_info handler will simply dispatch to the appropriate
> existing inet protocol handler.
>
> This patch also includes a new netlink attribute
> (INET_DIAG_PROTOCOL). This attribute is currently only used
> for multicast messages. Wi
On Mon, 2015-06-15 at 11:26 -0400, Craig Gallek wrote:
> Previously, there was no clear distinction between the inet protocols
> that used struct tcp_info to report information and those that didn't.
> This change adds a specific size attribute to the inet_diag_handler
> struct which defines these
On Mon, 2015-06-15 at 11:26 -0400, Craig Gallek wrote:
> These groups will contain socket-destruction events for
> AF_INET/AF_INET6, IPPROTO_TCP/IPPROTO_UDP.
>
> Near the end of socket destruction, a check for listeners is
> performed. In the presence of a listener, rather than completely
> clean
On Mon, 2015-06-15 at 11:26 -0400, Craig Gallek wrote:
> This series extends the netlink sock_diag interface to broadcast
> socket information as they are being destroyed. The current
> interface is poll based and can not be used to retreive information
> about sockets that are destroyed between p
В письме от 15 июня 2015 19:06:39 пользователь Pablo Neira Ayuso написал:
> On Mon, Jun 15, 2015 at 12:11:58PM +0300, Roman I Khimov wrote:
> > Suppose that we're trying to use an xt_string netfilter module to match a
> > string in a specially crafted packet that has "a nice string" starting at
> >
On Mon, Jun 15, 2015 at 02:37:16PM -0400, John W. Linville wrote:
> Signed-off-by: John W. Linville
> ---
> include/linux/if_link.h | 1 +
This includes the include/linux/if_link.h bits, that will need to be
dropped after iproute2 does the 4.1 update for that file.
> ip/iplink_geneve.c |
On Mon, Jun 15, 2015 at 02:37:15PM -0400, John W. Linville wrote:
> Signed-off-by: John W. Linville
> ---
> include/linux/if_link.h | 1 +
This includes the include/linux/if_link.h bits, that will need to be
dropped after iproute2 does the 4.1 update for that file.
> ip/iplink_geneve.c |
This pair of patches add configuration of TTL and TOS settings for
GENEVE tunnel packets. These settings follow the same conventions
as the VXLAN counterparts.
These patches include man page changes. Therefore, they depend on
the preceding "iproute2: update ip-link.8 for geneve tunnels" patch,
p
Signed-off-by: John W. Linville
---
include/linux/if_link.h | 1 +
ip/iplink_geneve.c | 26 +-
man/man8/ip-link.8.in | 6 ++
3 files changed, 32 insertions(+), 1 deletion(-)
diff --git a/include/linux/if_link.h b/include/linux/if_link.h
index 2b5268531bef..59
Signed-off-by: John W. Linville
---
include/linux/if_link.h | 1 +
ip/iplink_geneve.c | 23 ++-
man/man8/ip-link.8.in | 7 +++
3 files changed, 30 insertions(+), 1 deletion(-)
diff --git a/include/linux/if_link.h b/include/linux/if_link.h
index 7720ad34c6b3..2b52
to msecs_to_jiffies(50).
>
> Signed-off-by: Nicholas Mc Guire
> ---
>
> Patch was compile tested with x86_64_defconfig + CONFIG_IPW2100=m
> (with a few buildwarnings in ipw2100.c though not related to this patch)
>
> Patch is against 4.1-rc7 (localversion-next is -next-20150
These kind of informations are only useful for debugging and should not be
displayed in normal modules message.
Signed-off-by: Romain Perier
---
drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 75 +-
1 file changed, 36 insertions(+), 39 deletions(-)
diff --git a/drivers
On Mon, 15 Jun 2015, Stanislav Yakovlev wrote:
> Hi Nicholas,
>
> On 12 June 2015 at 20:58, Nicholas Mc Guire wrote:
> > Hi !
> >
> > commit 2c86c275015c ("Add ipw2100 wireless driver.") introduced
> >
> > drivers/net/wireless/ipw2100.c - line-numbers are from next-20150511
> > 1410 static int i
On 12/06/15 10:18, Andrew Lunn wrote:
> By default, DSA and CPU ports are configured to the maximum speed the
> switch supports. However there can be use cases where the peer device
> port is slower. Allow a fixed-link property to be used with the DSA
> and CPU port in the device tree, and use this
Patch was compile tested with x86_64_defconfig + CONFIG_IPW2100=m
(with a few buildwarnings in ipw2100.c though not related to this patch)
Patch is against 4.1-rc7 (localversion-next is -next-20150615)
drivers/net/wireless/ipw2x00/ipw2100.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
di
On Sun, Jun 7, 2015 at 11:56 PM, Joe Stringer wrote:
>
> Hi Zack, have you had any further development on this issue?
Sorry for the delay. The only additional piece of information I have
for you is that
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1403152 may be
another report of the sam
On 12/06/15 11:29, Guenter Roeck wrote:
[snip]
static int dsa_switch_setup_one(struct dsa_switch *ds, struct
>>> device *parent)
>>> {
>>> struct dsa_switch_driver *drv = ds->drv;
>>> @@ -204,6 +234,7 @@ static int dsa_switch_setup_one(struct dsa_switch
>>> *ds, struct device *parent)
>>>
After the ->set() spinlocks were removed br_stp_set_bridge_priority
was left running without any protection when used via sysfs. It can
race with port add/del and could result in use-after-free cases and
corrupted lists. Tested by running port add/del in a loop with stp
enabled while setting priori
Without this change, modprobe -r sfc hits the BUG_ON() in
efx_pci_remove_main().
Fixes: e7fef9b45ae1 ("sfc: add sysfs entry to control MCDI tracing")
Reported-by: Jarod Wilson
Reviewed-by: Jarod Wilson
Signed-off-by: Edward Cree
---
drivers/net/ethernet/sfc/efx.c | 1 +
1 file changed, 1 inser
On Mon, Jun 15, 2015 at 11:47:07AM +0300, Haggai Eran wrote:
> +/* Called with an RCU read lock taken */
Add _rcu to the name? That is the standard convention.
> +/* returns an IPoIB netdev on top a given ipoib device matching a pkey_index
> + * and address, if one exists. */
> +static struct ne
1 - 100 of 197 matches
Mail list logo
