One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
function skb_segment(), line 3667. The bpf program attaches to
clsact ingress, calls bpf_skb_change_proto to change protocol
from ipv4 to ipv6 or from ipv6 to ipv4, and then calls bpf_redirect
to send the changed packet out.
3472
One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
function skb_segment(), line 3667. The bpf program attaches to
clsact ingress, calls bpf_skb_change_proto to change protocol
from ipv4 to ipv6 or from ipv6 to ipv4, and then calls bpf_redirect
to send the changed packet out.
...
Without the previous commit,
"modprobe test_bpf" will have the following errors:
...
[ 98.149165] [ cut here ]
[ 98.159362] kernel BUG at net/core/skbuff.c:3667!
[ 98.169756] invalid opcode: [#1] SMP PTI
[ 98.179370] Modules linked in:
[ 98.179371] test_bpf(+
* Linus Torvalds wrote:
> And even if you ignore that "maintenance problems down the line" issue
> ("we can fix them when they happen") I don't want to see games like
> this, because I'm pretty sure it breaks the optimized xsave by tagging
> the state as being dirty.
That's true - and it would
On 3/20/2018 7:54 PM, Dave Watson wrote:
Add rx path for tls software implementation.
recvmsg, splice_read, and poll implemented.
An additional sockopt TLS_RX is added, with the same interface as
TLS_TX. Either TLX_RX or TLX_TX may be provided separately, or
together (with two different sets
On 3/20/18 5:44 PM, Eric Dumazet wrote:
On 03/20/2018 04:21 PM, Yonghong Song wrote:
Without the previous commit,
"modprobe test_bpf" will have the following errors:
...
[ 98.149165] [ cut here ]
[ 98.159362] kernel BUG at net/core/skbuff.c:3667!
[ 98.169756] in
On 3/20/18 4:50 PM, Alexander Duyck wrote:
On Tue, Mar 20, 2018 at 4:21 PM, Yonghong Song wrote:
One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
function skb_segment(), line 3667. The bpf program attaches to
clsact ingress, calls bpf_skb_change_proto to change protocol
fr
top_hierarchy arg can be determined by comparing parent_resource_id to
DEVLINK_RESOURCE_ID_PARENT_TOP so it does not need to be a separate
argument.
Signed-off-by: David Ahern
---
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 9 -
drivers/net/ethernet/mellanox/mlxsw/spectrum_kvdl
Hi David,
The following pull-request contains BPF updates for your *net* tree.
The main changes are:
1) Follow-up fix to the fault injection framework to prevent jump
optimization on the kprobe by installing a dummy post-handler,
from Masami.
2) Drop bpf_perf_prog_read_value helper from t
Hi,
I've just discovered an issue in this patch. Please, drop it. I'll send
v2 shortly.
Thanks
--
Gustavo
On 03/20/2018 06:34 PM, Gustavo A. R. Silva wrote:
In preparation to enabling -Wvla, remove VLA and replace it
with dynamic memory allocation instead.
The use of stack Variable Length A
Hi David,
The following pull-request contains BPF updates for your *net-next* tree.
The main changes are:
1) Add a BPF hook for sendmsg and sendfile by reusing the ULP infrastructure
and sockmap. Three helpers are added along with this, bpf_msg_apply_bytes(),
bpf_msg_cork_bytes(), and bpf_
In preparation to enabling -Wvla, remove VLA and replace it
with dynamic memory allocation instead.
The use of stack Variable Length Arrays needs to be avoided, as they
can be a vector for stack exhaustion, which can be both a runtime bug
or a security flaw. Also, in general, as code evolves it is
On Tue, 2018-03-20 at 18:09 -0700, Jeff Kirsher wrote:
> On Tue, 2018-03-20 at 16:46 -0700, Philippe Ombredanne wrote:
> > When the kernel maintainers decide to switch to V3.0 of the SPDX list,
> > the doc will be updated and then Joe's script could be applied at once
> > to update the past.
>
> I
rk for you?
Pavel
Tried the 4.16-rc6 with nm 1.4.4 - I do not see the issue.
Thanks for testing... but yes, 4.16 should be ok. If not fixed,
problem will appear in 4.17-rc1.
Works here OK. Tried ~10 suspends, all restarted OK.
kernel next-20180320
nmcli shows that W
On Tue, 2018-03-20 at 16:46 -0700, Philippe Ombredanne wrote:
> Allan,
>
> On Tue, Mar 20, 2018 at 1:48 PM, Allan, Bruce W
> wrote:
> > > -Original Message-
> > > From: netdev-ow...@vger.kernel.org [mailto:netdev-owner@vger.kernel.o
> > > rg]
> > > On Behalf Of Jeff Kirsher
> > > Sent: Tu
On Tue, 2018-03-20 at 17:47 -0700, Stephen Hemminger wrote:
> On Tue, 20 Mar 2018 10:13:20 -0700
> Jeff Kirsher wrote:
>
> > diff --git a/drivers/net/ethernet/intel/e100.c
> > b/drivers/net/ethernet/intel/e100.c
> > index 29486478836e..a750a5fe373a 100644
> > --- a/drivers/net/ethernet/intel/e100
On Wed, Mar 21, 2018 at 01:38:45AM +0100, Daniel Borkmann wrote:
> On 03/21/2018 01:36 AM, Linus Torvalds wrote:
> > On Tue, Mar 20, 2018 at 5:18 PM, Daniel Borkmann
> > wrote:
> >> Prasad reported that he has seen crashes in BPF subsystem with netd
> >> on Android with arm64 in the form of (note
On Tue, 20 Mar 2018 10:13:20 -0700
Jeff Kirsher wrote:
> diff --git a/drivers/net/ethernet/intel/e100.c
> b/drivers/net/ethernet/intel/e100.c
> index 29486478836e..a750a5fe373a 100644
> --- a/drivers/net/ethernet/intel/e100.c
> +++ b/drivers/net/ethernet/intel/e100.c
> @@ -1,3 +1,4 @@
> +// SPDX
On 03/20/2018 04:21 PM, Yonghong Song wrote:
> Without the previous commit,
> "modprobe test_bpf" will have the following errors:
> ...
> [ 98.149165] [ cut here ]
> [ 98.159362] kernel BUG at net/core/skbuff.c:3667!
> [ 98.169756] invalid opcode: [#1] SMP PTI
>
On Tue, Mar 20, 2018 at 3:10 PM, David Laight wrote:
> From: Andy Lutomirski
>> Sent: 20 March 2018 14:57
> ...
>> I'd rather see us finally finish the work that Rik started to rework
>> this differently. I'd like kernel_fpu_begin() to look like:
>>
>> if (test_thread_flag(TIF_NEED_FPU_RESTORE))
On 03/21/2018 01:36 AM, Linus Torvalds wrote:
> On Tue, Mar 20, 2018 at 5:18 PM, Daniel Borkmann wrote:
>> Prasad reported that he has seen crashes in BPF subsystem with netd
>> on Android with arm64 in the form of (note, the taint is unrelated):
>
> Ack. This looks good to me. And thanks for not
On Tue, Mar 20, 2018 at 5:18 PM, Daniel Borkmann wrote:
> Prasad reported that he has seen crashes in BPF subsystem with netd
> on Android with arm64 in the form of (note, the taint is unrelated):
Ack. This looks good to me. And thanks for noticing the behavior wrt
the correct gcc merging.
> [
We have a functional dependency on the FIXED_PHY MDIO bus because we register
fixed PHY devices "the old way" which only works if the code that does this has
had a chance to run before the fixed MDIO bus is probed. Make sure we account
for that and have dsa_loop_bdinfo.o be either built-in or modul
Prasad reported that he has seen crashes in BPF subsystem with netd
on Android with arm64 in the form of (note, the taint is unrelated):
[ 4134.721483] Unable to handle kernel paging request at virtual address
80001
[ 4134.820925] Mem abort info:
[ 4134.901283] Exception class = DABT
On Tue, Mar 20, 2018 at 04:26:52PM -0700, Linus Torvalds wrote:
> On Tue, Mar 20, 2018 at 4:23 PM, Linus Torvalds
> wrote:
> >
> > Hmm. So thanks to the diseased mind of Martin Uecker, there's a better
> > test for "__is_constant()":
> >
> > /* Glory to Martin Uecker */
> > #define __is_const
In preparation to enabling -Wvla, remove VLA and replace it
with dynamic memory allocation instead.
The use of stack Variable Length Arrays needs to be avoided, as they
can be a vector for stack exhaustion, which can be both a runtime bug
or a security flaw. Also, in general, as code evolves it is
On Tue, Mar 20, 2018 at 4:21 PM, Yonghong Song wrote:
> One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
> function skb_segment(), line 3667. The bpf program attaches to
> clsact ingress, calls bpf_skb_change_proto to change protocol
> from ipv4 to ipv6 or from ipv6 to ipv4, an
Allan,
On Tue, Mar 20, 2018 at 1:48 PM, Allan, Bruce W wrote:
>> -Original Message-
>> From: netdev-ow...@vger.kernel.org [mailto:netdev-ow...@vger.kernel.org]
>> On Behalf Of Jeff Kirsher
>> Sent: Tuesday, March 20, 2018 10:52 AM
>> To: Joe Perches ; da...@davemloft.net; Philippe
>> Ombr
On Tue, Mar 20, 2018 at 4:23 PM, Linus Torvalds
wrote:
>
> Hmm. So thanks to the diseased mind of Martin Uecker, there's a better
> test for "__is_constant()":
>
> /* Glory to Martin Uecker */
> #define __is_constant(a) \
> (sizeof(int) == sizeof(*(1 ? ((void*)((a) * 0l)) : (int*)1)))
On Sat, Mar 17, 2018 at 1:07 PM, Kees Cook wrote:
>
> No luck! :( gcc 4.4 refuses to play along. And, hilariously, not only
> does it not change the complaint about __builtin_choose_expr(), it
> also thinks that's a VLA now.
Hmm. So thanks to the diseased mind of Martin Uecker, there's a better
t
One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
function skb_segment(), line 3667. The bpf program attaches to
clsact ingress, calls bpf_skb_change_proto to change protocol
from ipv4 to ipv6 or from ipv6 to ipv4, and then calls bpf_redirect
to send the changed packet out.
3472
Without the previous commit,
"modprobe test_bpf" will have the following errors:
...
[ 98.149165] [ cut here ]
[ 98.159362] kernel BUG at net/core/skbuff.c:3667!
[ 98.169756] invalid opcode: [#1] SMP PTI
[ 98.179370] Modules linked in:
[ 98.179371] test_bpf(+
One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
function skb_segment(), line 3667. The bpf program attaches to
clsact ingress, calls bpf_skb_change_proto to change protocol
from ipv4 to ipv6 or from ipv6 to ipv4, and then calls bpf_redirect
to send the changed packet out.
...
On 03/20/2018 12:37 PM, Lorenzo Colitti wrote:
> On Tue, Mar 20, 2018 at 12:57 AM, Chenbo Feng
> wrote:
>> - if (!capable(CAP_SYS_ADMIN) && sysctl_unprivileged_bpf_disabled)
>> + if (sysctl_unprivileged_bpf_disabled && !capable(CAP_SYS_ADMIN))
>> return -EPERM;
>>
>
>
On 3/20/18 11:08 AM, Alexander Duyck wrote:
On Tue, Mar 20, 2018 at 8:55 AM, Yonghong Song wrote:
One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
function skb_segment(), line 3667. The bpf program attaches to
clsact ingress, calls bpf_skb_change_proto to change protocol
f
On Tue, Mar 20, 2018 at 12:21:15AM +0100, Daniel Borkmann wrote:
> As this recently came up on netdev [0], lets add it to the BPF devel doc.
>
> [0] https://www.spinics.net/lists/netdev/msg489612.html
>
> Signed-off-by: Daniel Borkmann
Appled to bpf-next, thanks Daniel.
On 03/20/2018 07:19 PM, Yonghong Song wrote:
> Commit 4bebdc7a85aa ("bpf: add helper bpf_perf_prog_read_value")
> added helper bpf_perf_prog_read_value so that perf_event type program
> can read event counter and enabled/running time.
> This commit, however, introduced a bug which allows this helpe
On 03/20/2018 01:58 PM, Thadeu Lima de Souza Cascardo wrote:
> Function bpf_fill_maxinsns11 is designed to not be able to be JITed on
> x86_64. So, it fails when CONFIG_BPF_JIT_ALWAYS_ON=y, and
> commit 09584b406742 ("bpf: fix selftests/bpf test_kmod.sh failure when
> CONFIG_BPF_JIT_ALWAYS_ON=y") m
On older versions of Windows, the host ignores messages after
vmbus channel is closed.
Workaround this by doing what Windows does and send the teardown
before close on older versions of NVSP protocol.
Reported-by: Mohammed Gamal
Fixes: 0cf737808ae7 ("hv_netvsc: netvsc_teardown_gpadl() split")
Si
This makes sure that no CPU is still process packets when
the channel is closed.
Fixes: 76bb5db5c749 ("netvsc: fix use after free on module removal")
Signed-off-by: Stephen Hemminger
---
drivers/net/hyperv/netvsc.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drive
Make common function for detaching internals of device
during changes to MTU and RSS. Make sure no more packets
are transmitted and all packets have been received before
doing device teardown.
Change the wait logic to be common and use usleep_range().
Changes transmit enabling logic so that trans
This set of patches fixes issues identified by Vitaly Kuznetsov and
Mohammed Gamal related to state changes in Hyper-v network driver.
A lot of the issues are because setting up the netvsc device requires
a second step (in work queue) to get all the sub-channels running.
Stephen Hemminger (4):
The receive processing may continue to happen while the
internal network device state is in RCU grace period.
The internal RNDIS structure is associated with the
internal netvsc_device structure; both have the same
RCU lifetime.
Defer freeing all associated parts until after grace
period.
Fixes:
On 20.03.2018 22:25, Kirill Tkhai wrote:
> Hi, David,
>
> thanks for the review!
>
> On 20.03.2018 19:23, David Miller wrote:
>> From: Kirill Tkhai
>> Date: Mon, 19 Mar 2018 12:14:54 +0300
>>
>>> This reverts commit 1215e51edad1.
>>> Since raw_close() is used on every RAW socket destruction,
>>>
rk for you?
Pavel
Tried the 4.16-rc6 with nm 1.4.4 - I do not see the issue.
Thanks for testing... but yes, 4.16 should be ok. If not fixed,
problem will appear in 4.17-rc1.
Works here OK. Tried ~10 suspends, all restarted OK.
kernel next-20180320
nmcli shows
On 20/03/18 20:51, valdis.kletni...@vt.edu wrote:
On Tue, 20 Mar 2018 18:39:47 +0200, Liran Alon said:
What is your opinion in regards if it's OK to put the flag enabling this
"fix" in /proc/sys/net/core? Do you think it's sufficient?
Umm.. *which* /proc/sys/net/core? These could differ for
On 03/20/2018 09:29 PM, Stephen Hemminger wrote:
> Use strlcpy to avoid cases where sizeof(buf) == strlen(buf)
>
> Signed-off-by: Stephen Hemminger
Acked-by: Daniel Borkmann
On Tue, 2018-03-20 at 20:48 +, Allan, Bruce W wrote:
> > -Original Message-
> > From: netdev-ow...@vger.kernel.org [mailto:netdev-ow...@vger.kernel.org]
> > On Behalf Of Jeff Kirsher
> > Sent: Tuesday, March 20, 2018 10:52 AM
> > To: Joe Perches ; da...@davemloft.net; Philippe
> > Ombre
> -Original Message-
> From: netdev-ow...@vger.kernel.org [mailto:netdev-ow...@vger.kernel.org]
> On Behalf Of Jeff Kirsher
> Sent: Tuesday, March 20, 2018 10:52 AM
> To: Joe Perches ; da...@davemloft.net; Philippe
> Ombredanne
> Cc: netdev@vger.kernel.org; nhor...@redhat.com; sassm...@red
On Thu, Mar 15, 2018 at 12:53 PM, Matthew Wilcox wrote:
> From: Matthew Wilcox
>
> Shrink page_frag_cache from 24 to 8 bytes (a single pointer to the
> currently-in-use struct page) by using the page's refcount directly
> (instead of maintaining a bias) and storing our current progress through
>
On 03/19/2018 07:44 PM, Saeed Mahameed wrote:
From: Ilya Lesokhin
Called when a TCP segment is acknowledged.
Could be used by application protocols who hold additional
metadata associated with the stream data.
This is required by TLS device offload to release
metadata associated with acknowl
This fixes gcc-8 warnings about strncpy bounds by using
strlcpy instead.
Signed-off-by: Stephen Hemminger
---
ip/iplink.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/ip/iplink.c b/ip/iplink.c
index d401311bcad9..cca530eeeb09 100644
--- a/ip/iplink.c
+++ b/i
Newer versions of Gcc warn about string truncation.
Fix by using strlcpy.
Signed-off-by: Stephen Hemminger
---
tc/m_pedit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/m_pedit.c b/tc/m_pedit.c
index 26549eeea899..8577f875a7c0 100644
--- a/tc/m_pedit.c
+++ b/tc/m_pedit.
It is possible that user could request really long namespace
name and overrun the path buffer.
Signed-off-by: Stephen Hemminger
---
lib/namespace.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/namespace.c b/lib/namespace.c
index 6f3356d0fa08..682634028587 100644
Gcc 8 checks that target buffer is big enough.
Signed-off-by: Stephen Hemminger
---
misc/nstat.c | 4 ++--
misc/ss.c| 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/misc/nstat.c b/misc/nstat.c
index a4dd405d43a9..433a1f483be3 100644
--- a/misc/nstat.c
+++ b/misc/nstat.c
Size buffer big enough to avoid any possible overflow.
Signed-off-by: Stephen Hemminger
---
tc/tc_class.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/tc/tc_class.c b/tc/tc_class.c
index 1b214b82c702..91802518bb27 100644
--- a/tc/tc_class.c
+++ b/tc/tc_class.c
@@ -219
Use strlcpy to avoid cases where sizeof(buf) == strlen(buf)
Signed-off-by: Stephen Hemminger
---
lib/bpf.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/bpf.c b/lib/bpf.c
index c38d92d87759..04bc5a5685d5 100644
--- a/lib/bpf.c
+++ b/lib/bpf.c
@@ -2593,7 +2593,7 @@
Fixes gcc 8 warning about possible snprint overflow
Signed-off-by: Stephen Hemminger
---
tc/m_ematch.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/m_ematch.c b/tc/m_ematch.c
index d2bb5c380382..0d66dc682314 100644
--- a/tc/m_ematch.c
+++ b/tc/m_ematch.c
@@ -161,7 +161,
Fixes warnings about strncpy size by using strlcpy.
tunnel.c: In function ‘tnl_gen_ioctl’:
tunnel.c:145:2: warning: ‘strncpy’ specified bound
16 equals destination size [-Wstringop-truncation]
strncpy(ifr.ifr_name, name, IFNAMSIZ);
^
Signed-off-by: Stephen
This fixes new gcc warning about possible string overflow.
mdb.c: In function ‘__print_router_port_stats’:
mdb.c:61:11: warning: ‘%.2i’ directive output may be truncated
writing between 2 and 7 bytes into a region of size
between 0 and 4 [-Wformat-truncation=]
"%4i.%.2i", (int)tv.tv_sec,
This fixes most of the warning seen build iproute2 with gcc-8.
There are still a couple in namespace and bpf to resolve related
to PATH_MAX.
Stephen Hemminger (9):
bridge: avoid snprint truncation on time
pedit: fix strncpy warning
ip: use strlcpy() to avoid truncation
tunnel: use strlcpy
On Tue, 2018-03-20 at 13:07 -0700, Florian Fainelli wrote:
> On 03/20/2018 01:00 PM, Joe Perches wrote:
> > Treewide there are ~60 declarations of a ethernet broadcast
> > address as a 6 byte array that are later used as either an
> > output for vsprintf extension %pM or as a source array to
> > co
Hello, I have one bug with new HPE ProLiant m710x Server Cartridges,
there is Mellanox Technologies MT27520 Family [ConnectX-3 Pro]
Ethernet controller.
When I use bonding + VFs and KVM I have stacked kernel with these
messages on console:
[ 1011.070739] kvm [16361]: vcpu0, guest rIP: 0x8
On 03/20/2018 01:00 PM, Joe Perches wrote:
> Treewide there are ~60 declarations of a ethernet broadcast
> address as a 6 byte array that are later used as either an
> output for vsprintf extension %pM or as a source array to
> copy or compare.
>
> Perhaps it'd be useful to declare a global static
Treewide there are ~60 declarations of a ethernet broadcast
address as a 6 byte array that are later used as either an
output for vsprintf extension %pM or as a source array to
copy or compare.
Perhaps it'd be useful to declare a global static const u8[]
in net somewhere instead to save the text/d
Hi, David,
thanks for the review!
On 20.03.2018 19:23, David Miller wrote:
> From: Kirill Tkhai
> Date: Mon, 19 Mar 2018 12:14:54 +0300
>
>> This reverts commit 1215e51edad1.
>> Since raw_close() is used on every RAW socket destruction,
>> the changes made by 1215e51edad1 scale sadly. This clea
From: Shrikrishna Khare
Date: Tue, 20 Mar 2018 11:42:47 -0700
> Ronak's patch that fixes this issue has the right code, and is already
> accepted in net tree (Commit: 034f405793897a3c8f642935f5494b86c340cde7).
> We no longer need Igor's patch.
That explains why things in my actual tree are fin
On Tue, 20 Mar 2018, David Miller wrote:
> From: kbuild test robot
> Date: Sun, 18 Mar 2018 14:37:35 +0800
>
> > All warnings (new ones prefixed by >>):
> >
> >drivers/net/vmxnet3/vmxnet3_drv.c: In function 'vmxnet3_rq_rx_complete':
> >>> drivers/net/vmxnet3/vmxnet3_drv.c:1474:8: warning:
On Tue, 20 Mar 2018 18:39:47 +0200, Liran Alon said:
> What is your opinion in regards if it's OK to put the flag enabling this
> "fix" in /proc/sys/net/core? Do you think it's sufficient?
Umm.. *which* /proc/sys/net/core? These could differ for things that
are in different namespaces. Or are yo
Ben Greear writes:
> On 03/20/2018 09:44 AM, Liran Alon wrote:
>>
>>
>> On 20/03/18 18:24, ebied...@xmission.com wrote:
>>>
>>> I don't believe the current behavior is a bug.
>>>
>>> I looked through the history. Basically skb_scrub_packet
>>> started out as the scrubbing needed for crossing net
On 03/20/2018 11:24 AM, Michal Kubecek wrote:
On Tue, Mar 20, 2018 at 08:39:33AM -0700, Ben Greear wrote:
On 03/20/2018 03:37 AM, Michal Kubecek wrote:
IMHO it would be more practical to set "0 means same as GSTATS" as a
rule and make ethtool_get_stats() a wrapper for ethtool_get_stats2() to
a
From: Marcel Holtmann
Date: Tue, 20 Mar 2018 18:28:18 +0100
> Any chance you can pull net into net-next once you send it off to
> Linus? We have a few further Broadcom driver improvements for
> net-next that conflict a little bit.
Yeah, I merge net into net-next pretty much every time after
Linu
The 03/20/2018 10:57, David Miller wrote:
> From: kbuild test robot
> Date: Sun, 18 Mar 2018 14:37:35 +0800
>
> > All warnings (new ones prefixed by >>):
> >
> >drivers/net/vmxnet3/vmxnet3_drv.c: In function 'vmxnet3_rq_rx_complete':
> >>> drivers/net/vmxnet3/vmxnet3_drv.c:1474:8: warning: s
On Tue, Mar 20, 2018 at 08:39:33AM -0700, Ben Greear wrote:
> On 03/20/2018 03:37 AM, Michal Kubecek wrote:
> >
> > IMHO it would be more practical to set "0 means same as GSTATS" as a
> > rule and make ethtool_get_stats() a wrapper for ethtool_get_stats2() to
> > avoid code duplication (or perhap
Signed-off-by: Roman Mashak
---
tc/m_nat.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/tc/m_nat.c b/tc/m_nat.c
index 1e4ff51fe75a..f6e373957c1b 100644
--- a/tc/m_nat.c
+++ b/tc/m_nat.c
@@ -169,6 +169,9 @@ print_nat(struct action_util *au, FILE * f, struct rtattr
*arg)
This fixes most of the warnings when building with gcc-8.
Still have issues with namespace and bpf.
Stephen Hemminger (9):
bridge: avoid snprint truncation on time
pedit: fix strncpy warning
ip: use strlcpy() to avoid truncation
tunnel: use strlcpy to avoid strncpy warnings
namespace: fi
Commit 4bebdc7a85aa ("bpf: add helper bpf_perf_prog_read_value")
added helper bpf_perf_prog_read_value so that perf_event type program
can read event counter and enabled/running time.
This commit, however, introduced a bug which allows this helper
for tracepoint type programs. This is incorrect as
On Tue, Mar 20, 2018 at 8:55 AM, Yonghong Song wrote:
> One of our in-house projects, bpf-based NAT, hits a kernel BUG_ON at
> function skb_segment(), line 3667. The bpf program attaches to
> clsact ingress, calls bpf_skb_change_proto to change protocol
> from ipv4 to ipv6 or from ipv6 to ipv4, an
]
url:
https://github.com/0day-ci/linux/commits/Atul-Gupta/Chelsio-Inline-TLS/20180320-101600
reproduce:
# apt-get install sparse
make ARCH=x86_64 allmodconfig
make C=1 CF=-D__CHECK_ENDIAN__
sparse warnings: (new ones prefixed by >>)
drivers/crypto/chelsio
On Tue, Mar 20, 2018 at 1:26 AM, Ingo Molnar wrote:
>
> So assuming the target driver will only load on modern FPUs I *think* it
> should
> actually be possible to do something like (pseudocode):
>
> vmovdqa %ymm0, 40(%rsp)
> vmovdqa %ymm1, 80(%rsp)
>
> ...
> # use
Add documentation on rx path setup and cmsg interface.
Signed-off-by: Dave Watson
---
Documentation/networking/tls.txt | 67 ++--
1 file changed, 65 insertions(+), 2 deletions(-)
diff --git a/Documentation/networking/tls.txt b/Documentation/networking/tls.txt
Several config variables are prefixed with tx, drop the prefix
since these will be used for both tx and rx.
Signed-off-by: Dave Watson
---
include/net/tls.h | 2 +-
net/tls/tls_main.c | 26 +-
2 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/include/net/
Add rx path for tls software implementation.
recvmsg, splice_read, and poll implemented.
An additional sockopt TLS_RX is added, with the same interface as
TLS_TX. Either TLX_RX or TLX_TX may be provided separately, or
together (with two different setsockopt calls with appropriate keys).
Control
Pass EBADMSG explicitly to tls_err_abort. Receive path will
pass additional codes - EMSGSIZE if framing is larger than max
TLS record size, EINVAL if TLS version mismatch.
Signed-off-by: Dave Watson
---
include/net/tls.h | 6 +++---
net/tls/tls_sw.c | 2 +-
2 files changed, 4 insertions(+), 4
Hi Maxime,
On Tue, Mar 20, 2018 at 04:34:08PM +0100, Maxime Chevallier wrote:
> @@ -2416,36 +2393,36 @@ static int mvpp2_prs_double_vlan_add(struct mvpp2
> *priv, unsigned short tpid1,
> }
>
> if (tid >= tid_aux) {
> - ret = -ERANGE;
> -
Refactor zerocopy_from_iter to take arguments for pages and size,
such that it can be used for both tx and rx. RX will also support
zerocopy direct to output iter, as long as the full message can
be copied at once (a large enough userspace buffer was provided).
Signed-off-by: Dave Watson
---
net
Separate tx crypto parameters to a separate cipher_context struct.
The same parameters will be used for rx using the same struct.
tls_advance_record_sn is modified to only take the cipher info.
Signed-off-by: Dave Watson
---
include/net/tls.h | 26 +---
net/tls/tls_main.c |
TLS tcp socket RX implementation, to match existing TX code.
This patchset completes the software TLS socket, allowing full
bi-directional communication over TLS using normal socket syscalls,
after the handshake has been done in userspace. Only the symmetric
encryption is done in the kernel.
Thi
Fixes: cf0c1a4821ae ("tls: support for Inline tls record")
Signed-off-by: Fengguang Wu
---
tls_main.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c
index 608e6cd..42439fb 100644
--- a/net/tls/tls_main.c
+++ b/net/tls/tls_main.c
@@
]
url:
https://github.com/0day-ci/linux/commits/Atul-Gupta/Chelsio-Inline-TLS/20180320-101600
reproduce:
# apt-get install sparse
make ARCH=x86_64 allmodconfig
make C=1 CF=-D__CHECK_ENDIAN__
sparse warnings: (new ones prefixed by >>)
>> net/tls/tls_main.c:45
On Tue, 2018-03-20 at 10:41 -0700, Joe Perches wrote:
> On Tue, 2018-03-20 at 10:13 -0700, Jeff Kirsher wrote:
> > Add the SPDX identifiers to all the Intel wired LAN driver files,
> > as
> > outlined in Documentation/process/license-rules.rst.
>
> So far the Documentation does not show using the
Signed-off-by: Roman Mashak
---
tc/m_connmark.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tc/m_connmark.c b/tc/m_connmark.c
index 37d718541549..d5b140cbb7bd 100644
--- a/tc/m_connmark.c
+++ b/tc/m_connmark.c
@@ -121,7 +121,8 @@ static int print_connmark(struct action_u
On Tue, 2018-03-20 at 10:13 -0700, Jeff Kirsher wrote:
> Add the SPDX identifiers to all the Intel wired LAN driver files, as
> outlined in Documentation/process/license-rules.rst.
So far the Documentation does not show using the -only variant.
For a discussion, please see:
https://lkml.org/lkml/
To make the test a bit clearer and to reduce object size a little.
Miscellanea:
o remove now unnecessary static const array
$ size ip_set_hash_mac.o*
textdata bss dec hex filename
228224619 64 275056b71 ip_set_hash_mac.o.allyesconfig.new
229324683 6
Hi Dave,
>> any issue with this pull request? I ask since it seems to have
>> disappeared from patchwork.
>
> Should be pulled in now, don't know how that happened ;-)
awesome. Thanks.
Any chance you can pull net into net-next once you send it off to Linus? We
have a few further Broadcom drive
On 3/20/18 11:04 AM, Nicolas Dichtel wrote:
> As the comment said, this attribute defines the originator of the rule,
> it's not really a (network) protocol.
> Let's rename it accordingly to avoid confusion (difference between
> FRA_PROTOCOL and FRA_IP_PROTO was not obvious).
>
> CC: Donald Sharp
On Mon, Mar 19, 2018 at 7:31 AM, Davide Caratti wrote:
> This series fixes situations where a temporary failure to install a TC
> action results in the permanent impossibility to reuse the configured
> value of 'index'.
>
> Thanks to Cong Wang for the initial review.
>
> v2: fix build error in act
On 3/20/18 10:00 AM, Thadeu Lima de Souza Cascardo wrote:
On Tue, Mar 20, 2018 at 09:05:15AM -0700, Yonghong Song wrote:
On 3/20/18 5:58 AM, Thadeu Lima de Souza Cascardo wrote:
Function bpf_fill_maxinsns11 is designed to not be able to be JITed on
x86_64. So, it fails when CONFIG_BPF_JIT_A
On 3/16/2018 12:18 PM, David Ahern wrote:
> On 3/13/18 1:58 PM, Doug Ledford wrote:
>> On Tue, 2018-03-13 at 13:45 -0700, David Ahern wrote:
>>> On 3/13/18 1:32 AM, Leon Romanovsky wrote:
On Mon, Mar 12, 2018 at 10:53:03AM -0700, David Ahern wrote:
> On 3/12/18 8:16 AM, Steve Wise wrote:
>
On 03/20/2018 10:11 AM, David Lebrun wrote:
> On 20/03/18 15:07, Eric Dumazet wrote:
>> This is not the proper fix.
>>
>> Control path holds RTNL and can sleeep if needed.
>>
>> RCU should be avoided in lwtunnel_build_state()
>>
>
> +Roopa
>
> In lwtunnel_build_state(), the RCU protects the lwt
1 - 100 of 245 matches
Mail list logo
