On Tue, Apr 20, 2021 at 03:09:24PM -0500, Gustavo A. R. Silva wrote:
> Hi all,
>
> Friendly ping: who can take this, please?
It would go via net/net-next tree, but I can't find this one on
patchwork. Just the previous version.
http://patchwork.ozlabs.org/project/netdev/list/?series=&submitter=&s
On Mon, Apr 19, 2021 at 05:23:44PM +0200, Davide Caratti wrote:
> when 'act_mirred' tries to fragment IPv4 packets that had been previously
> re-assembled using 'act_ct', splats like the following can be observed on
> kernels built with KASAN:
Acked-by: Marcelo Ricardo Leitner
m/KSPP/linux/issues/109
> Reported-by: kernel test robot
> Signed-off-by: Gustavo A. R. Silva
Acked-by: Marcelo Ricardo Leitner
Thanks.
_lock in sctp_destroy_sock
> instead of sctp_close.
>
> This addresses CVE-2021-23133.
>
> Reported-by: Or Cohen
> Reviewed-by: Xin Long
> Fixes: 610236587600 ("bpf: Add new cgroup attach type to enable sock
> modifications")
> Signed-off-by: Or Cohen
Thanks folks.
Acked-by: Marcelo Ricardo Leitner
On Tue, Apr 13, 2021 at 12:31:53PM +0300, Or Cohen wrote:
> +++ b/net/sctp/socket.c
> @@ -1520,11 +1520,9 @@ static void sctp_close(struct sock *sk, long timeout)
>
> /* Supposedly, no process has access to the socket, but
>* the net layers still may.
> - * Also, sctp_destroy_s
On Mon, Mar 29, 2021 at 06:21:57PM -0400, Sasha Levin wrote:
> From: liuyacan
>
> [ Upstream commit f211ac154577ec9ccf07c15f18a6abf0d9bdb4ab ]
>
> The "backlog" argument in listen() specifies
> the maximom length of pending connections,
> so the accept queue should be considered full
> if there
On Thu, Mar 25, 2021 at 10:46:12AM +0200, Oz Shlomo wrote:
> Hi Marcelo,
>
> On 3/24/2021 11:20 PM, Marcelo Ricardo Leitner wrote:
> > Maybe I'm just missing it but I'm not seeing how removals would only
> > happen after the entry is actually offloaded. As in, if
On Wed, Mar 24, 2021 at 01:24:53PM +0200, Oz Shlomo wrote:
> Hi,
Hi,
>
> On 3/24/2021 3:38 AM, Pablo Neira Ayuso wrote:
> > Hi Marcelo,
> >
> > On Mon, Mar 22, 2021 at 03:09:51PM -0300, Marcelo Ricardo Leitner wrote:
> > > On Wed, Mar 03, 2021 at 05:11
From: Marcelo Ricardo Leitner
Invalid detection works with two distinct moments: act_ct tries to find
a conntrack entry and set post_ct true, indicating that that was
attempted. Then, when flow dissector tries to dissect CT info and no
entry is there, it knows that it was tried and no entry was
On Wed, Mar 03, 2021 at 05:11:47PM +0100, Pablo Neira Ayuso wrote:
> Hi,
>
> On Wed, Mar 03, 2021 at 02:59:53PM +0200, Oz Shlomo wrote:
> > Currently the flow table offload replace, destroy and stats work items are
> > executed on a single workqueue. As such, DESTROY and STATS commands may
> > be
est, and it's worrying about
bits that shouldn't be considered if +inv is there.
I don't see a reason for it to be that restrictive, though, and it
will work as expected.
Reviewed-by: Marcelo Ricardo Leitner
> tb[TCA_FLOWER_KEY_CT_STATE_MASK],
> extack);
> if (err)
> --
> 1.8.3.1
>
et post_ct flag
> which will lead the ct_state_key with -trk flag.
>
> Fixes: 7baf2429a1a9 ("net/sched: cls_flower add CT_FLAGS_INVALID flag
> support")
> Signed-off-by: wenxu
Thanks for the quick fix.
Reviewed-by: Marcelo Ricardo Leitner
Hi,
On Tue, Mar 16, 2021 at 03:44:17PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> The ct_state validate should not only check the mask bit and also
> check the state bit.
> For the +new+est case example, The 'new' and 'est' bits should be
> set in both state_mask and state flags. Or the -ne
On Tue, Feb 23, 2021 at 03:11:55PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> Add invalid and reply flags validate in the fl_validate_ct_state.
> This makes the checking complete if compared to ovs'
> validate_ct_state().
>
> Signed-off-by: wenxu
Reviewed-by: Marcelo Ricardo Leitner
On Mon, Feb 22, 2021 at 02:09:50PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> Add invalid and reply flags validate in the fl_validate_ct_state.
This makes the checking complete if compared to ovs'
validate_ct_state().
...
> + if (state & TCA_FLOWER_KEY_CT_FLAGS_INVALID &&
> + s
Hi everyone,
Since NetdevConf 0x12 some of us have been meeting to talk about tc
testing. We're taking a next step on that and a) expanding the scope,
so that general development on tc is also welcomed, and b) making it
more public.
The idea is for it to be an open place for brainstorming and
syn
On Tue, Feb 09, 2021 at 06:10:59PM +0200, Or Gerlitz wrote:
> On Tue, Feb 9, 2021 at 4:26 PM Vlad Buslov wrote:
> > On Mon 08 Feb 2021 at 22:22, Jakub Kicinski wrote:
> > > On Mon, 8 Feb 2021 10:21:21 +0200 Vlad Buslov wrote:
>
> > >> > These operations imply that 7.7.7.5 is configured on some i
tack, tb,
> + "no trk, so no other flag can be set");
I just tested iproute2 and it can't report based on the attr here.
Nonetheless, that would be iproute2 job and not the errmsg, I think.
Reviewed-by: Marcelo Ricardo Leitner
Thanks!
>
On Mon, Feb 08, 2021 at 10:47:59AM -0800, Jakub Kicinski wrote:
> On Mon, 8 Feb 2021 10:41:35 -0800 Cong Wang wrote:
> > On Sat, Feb 6, 2021 at 9:26 PM wrote:
> > > + if (state && !(state & TCA_FLOWER_KEY_CT_FLAGS_TRACKED)) {
> > > + NL_SET_ERR_MSG_ATTR(extack, tb,
> > > +
On Sun, Feb 07, 2021 at 01:13:23PM +0800, we...@ucloud.cn wrote:
> --- a/net/sched/cls_flower.c
> +++ b/net/sched/cls_flower.c
> @@ -30,6 +30,11 @@
>
> #include
>
> +#define TCA_FLOWER_KEY_CT_FLAGS_MASK (TCA_FLOWER_KEY_CT_FLAGS_NEW | \
> + TCA_FLOWER_KEY_CT_F
On Mon, Feb 08, 2021 at 03:31:50PM +0200, Vlad Buslov wrote:
>
> On Mon 08 Feb 2021 at 15:25, Marcelo Ricardo Leitner
> wrote:
> > On Mon, Feb 08, 2021 at 10:21:21AM +0200, Vlad Buslov wrote:
> >>
> >> On Sat 06 Feb 2021 at 20:13, Marcelo Ricard
On Mon, Feb 08, 2021 at 10:21:21AM +0200, Vlad Buslov wrote:
>
> On Sat 06 Feb 2021 at 20:13, Marcelo Ricardo Leitner
> wrote:
> > Hi,
> >
> > I didn't receive the cover letter, so I'm replying on this one. :-)
> >
> > This is nice. One thing is
Hi,
I didn't receive the cover letter, so I'm replying on this one. :-)
This is nice. One thing is not clear to me yet. From the samples on
the cover letter:
$ tc -s filter show dev enp8s0f0_1 ingress
filter protocol ip pref 4 flower chain 0
filter protocol ip pref 4 flower chain 0 handle 0x1
s.
>
> So move the sctp_transport_put() call to ->next and ->stop.
>
> Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code and
> interface")
> Reported-by: Xin Long
> Signed-off-by: NeilBrown
Acked-by: Marcelo Ricardo Leitner
On Thu, Feb 04, 2021 at 11:50:53PM +0800, wenxu wrote:
>
> 在 2021/2/4 21:38, Marcelo Ricardo Leitner 写道:
> > Hi,
> >
> > On Thu, Feb 04, 2021 at 12:17:24PM +0800, we...@ucloud.cn wrote:
> >> From: wenxu
> >>
> >> Reject the unknown ct_state
n strip the blank line above.
> Signed-off-by: wenxu
Reviewed-by: Marcelo Ricardo Leitner
Hi,
On Thu, Feb 04, 2021 at 12:17:24PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> Reject the unknown ct_state flags of cls flower rules. This also make
> the userspace like ovs to probe the ct_state flags support in the
> kernel.
That's a good start but it could also do some combination sa
On Wed, Feb 03, 2021 at 10:48:16PM -0300, Marcelo Ricardo Leitner wrote:
> From: Marcelo Ricardo Leitner
>
> Often userspace won't request the extack information, or they don't log it
> because of log level or so, and even when they do, sometimes it's not
> enough t
From: Marcelo Ricardo Leitner
Often userspace won't request the extack information, or they don't log it
because of log level or so, and even when they do, sometimes it's not
enough to know exactly what caused the error.
Netlink extack is the standard way of reporting erros w
On Tue, Feb 02, 2021 at 09:16:28AM -0700, David Ahern wrote:
> On 2/2/21 5:30 AM, Marcelo Ricardo Leitner wrote:
> >
> > Also, if the message is a common one, one may not be able to easily
> > distinguish them. Ideally this shouldn't happen, but when debugging
> >
On Tue, Feb 02, 2021 at 02:24:42PM +0200, Paul Blakey wrote:
> Matches on conntrack rpl ct_state.
>
> Example:
> $ tc filter add dev ens1f0_0 ingress prio 1 chain 1 proto ip flower \
> ct_state +trk+est+rpl \
> action mirred egress redirect dev ens1f0_1
> $ tc filter add dev ens1f0_1 ingress p
On Wed, Jan 27, 2021 at 04:32:47PM +0200, Paul Blakey wrote:
> Add support for matching on ct_state reply flag.
Sorry for the late reply, missed the patchset here. (just noticed
because of the iproute2 patch, thanks for the Cc in there)
Only one question though. Is it safe to assume that this wil
On Mon, Feb 01, 2021 at 05:34:00PM -0800, Jakub Kicinski wrote:
> On Mon, 1 Feb 2021 15:12:19 -0300 Marcelo Ricardo Leitner wrote:
> > Often userspace won't request the extack information, or they don't log it
> > because of log level or so, and even when they do, sometim
the function
call to do_trace_netlink_extack() on the macros is not protected by
tracepoint_enabled() because the macros are called from modules, and this
would require exporting some trace structs. As this is error path, it's
better to export just the wrapper instead.
Signed-off-by
On Fri, Jan 22, 2021 at 02:18:34AM +0100, Pablo Neira Ayuso wrote:
> Hi Oz,
>
> On Wed, Jan 20, 2021 at 06:09:48PM +0200, Oz Shlomo wrote:
> > On 1/14/2021 11:50 PM, Marcelo Ricardo Leitner wrote:
> > >
> > > Thoughts?
> > >
> >
> > I wonde
On Wed, Jan 20, 2021 at 02:18:41PM -0800, Cong Wang wrote:
> On Tue, Jan 19, 2021 at 12:33 AM wrote:
> > diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c
> > index 2d70ded..c565c7a 100644
> > --- a/net/core/flow_dissector.c
> > +++ b/net/core/flow_dissector.c
> > @@ -237,9 +237,8
On Wed, Jan 20, 2021 at 10:52:12AM +0800, we...@ucloud.cn wrote:
> +++ b/tc/f_flower.c
> @@ -340,6 +340,7 @@ static struct flower_ct_states {
> { "trk", TCA_FLOWER_KEY_CT_FLAGS_TRACKED },
> { "new", TCA_FLOWER_KEY_CT_FLAGS_NEW },
> { "est", TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED },
>
On Tue, Jan 19, 2021 at 04:34:59PM +0800, we...@ucloud.cn wrote:
> --- a/man/man8/tc-flower.8
> +++ b/man/man8/tc-flower.8
> @@ -387,6 +387,8 @@ new - New connection.
> .TP
> est - Established connection.
> .TP
> +inv - The packet is associated with no known connection.
This is not accurate. Pl
Acked-by: Marcelo Ricardo Leitner
The patch looks good to me, just some side comments below.
On Tue, Jan 19, 2021 at 04:31:50PM +0800, we...@ucloud.cn wrote:
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -3878,6 +3878,7 @@ int dev_loopback_xmit(struct net *net, struct sock *sk,
On Mon, Jan 18, 2021 at 01:18:47PM +0800, we...@ucloud.cn wrote:
...
> --- a/net/sched/cls_flower.c
> +++ b/net/sched/cls_flower.c
> @@ -305,6 +305,9 @@ static int fl_classify(struct sk_buff *skb, const struct
> tcf_proto *tp,
> struct fl_flow_key skb_key;
> struct fl_flow_mask *mask;
On Thu, Jan 14, 2021 at 04:03:43PM +0200, Oz Shlomo wrote:
>
>
> On 1/14/2021 3:02 PM, Marcelo Ricardo Leitner wrote:
> > On Tue, Jan 12, 2021 at 11:27:04AM +0200, Oz Shlomo wrote:
> > >
> > >
> > > On 1/12/2021 1:51 AM, Marcelo Ricardo Leitner wrote:
On Tue, Jan 12, 2021 at 11:27:04AM +0200, Oz Shlomo wrote:
>
>
> On 1/12/2021 1:51 AM, Marcelo Ricardo Leitner wrote:
> > On Sun, Jan 10, 2021 at 09:52:55AM +0200, Roi Dayan wrote:
> > >
> > >
> > > On 2021-01-10 9:45 AM, Roi Dayan wrote:
> &
On Tue, Jan 12, 2021 at 10:18:00AM +0800, 慕冬亮 wrote:
> Dear developers,
>
> I find that "general protection fault in l2cap_sock_getsockopt" and
> "general protection fault in sco_sock_getsockopt" may be duplicated
> bugs from the same root cause.
>
> First, by comparing the PoC similarity after o
On Sun, Jan 10, 2021 at 09:52:55AM +0200, Roi Dayan wrote:
>
>
> On 2021-01-10 9:45 AM, Roi Dayan wrote:
> >
> >
> > On 2021-01-08 11:48 PM, Marcelo Ricardo Leitner wrote:
> > > Hi,
> > >
> > > On Thu, Jan 07, 2021 at 09:30:47P
Hi,
On Thu, Jan 07, 2021 at 09:30:48PM -0800, Saeed Mahameed wrote:
> @@ -1429,6 +1600,14 @@ mlx5_tc_ct_add_ft_cb(struct mlx5_tc_ct_priv *ct_priv,
> u16 zone,
> if (err)
> goto err_insert;
>
> + nf_ct_zone_init(&ctzone, zone, NF_CT_DEFAULT_ZONE_DIR, 0);
> + ft->tmpl
Hi,
On Thu, Jan 07, 2021 at 09:30:47PM -0800, Saeed Mahameed wrote:
> From: Roi Dayan
>
> Connection tracking associates the connection state per packet. The
> first packet of a connection is assigned with the +trk+new state. The
> connection enters the established state once a packet is seen on
")
> Signed-off-by: Oz Shlomo
> Reported-by: Marcelo Ricardo Leitner
Tested-by: Marcelo Ricardo Leitner
Thanks.
> Reviewed-by: Roi Dayan
> Reviewed-by: Paul Blakey
> Signed-off-by: Saeed Mahameed
On Mon, Dec 07, 2020 at 12:20:54PM +0200, Oz Shlomo wrote:
> On 12/1/2020 11:41 PM, Saeed Mahameed wrote:
> > On Fri, 2020-11-27 at 11:01 -0300, Marcelo Ricardo Leitner wrote:
...
> > > The same is visible on 'ovs-appctl dpctl/dump-conntrack -s' then.
> > > Sum
On Fri, Nov 27, 2020 at 06:00:32PM -0800, Jakub Kicinski wrote:
> On Thu, 26 Nov 2020 15:40:49 -0300 Marcelo Ricardo Leitner wrote:
> > By setting NF_FLOWTABLE_COUNTER. Otherwise, the updates added by
> > commit ef803b3cf96a ("netfilter: flowtable: add counter support in HW
&
On Wed, Sep 23, 2020 at 03:48:18PM -0700, sa...@kernel.org wrote:
> From: Oz Shlomo
Sorry for reviving this one, but seemed better for the context.
>
> A connection is represented by two 5-tuple entries, one for each direction.
> Currently, each direction allocates its own hw counter, which is
3192 ("net/sched: act_ct: update
nf_conn_acct for act_ct SW offload in flowtable") with the check on
NF_FLOWTABLE_COUNTER, as also done on other places.
Note that this shouldn't impact performance as these stats are only
enabled when net.netfilter.nf_conntrack_acct is enabled.
Signe
On Wed, Nov 25, 2020 at 12:01:23PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> Currently kernel tc subsystem can do conntrack in cat_ct. But when several
typo ^^^
> fragment packets go through the act_ct, function tcf_ct_handle_fragments
> will
On Wed, Nov 18, 2020 at 06:07:22PM +0100, Davide Caratti wrote:
> On Wed, 2020-11-18 at 13:47 -0300, Marcelo Ricardo Leitner wrote:
> > On Wed, Nov 18, 2020 at 05:36:52PM +0100, Davide Caratti wrote:
> >
> > Hi,
> >
> > > case TCA_MPLS_ACT_MODIFY:
&g
On Wed, Nov 18, 2020 at 05:36:52PM +0100, Davide Caratti wrote:
Hi,
> case TCA_MPLS_ACT_MODIFY:
> + if (!pskb_may_pull(skb,
> +skb_network_offset(skb) + sizeof(new_lse)))
> + goto drop;
> new_lse = tcf_mpls_get_ls
On Sat, Nov 14, 2020 at 10:05:39AM -0800, Cong Wang wrote:
> On Wed, Nov 11, 2020 at 9:44 PM wrote:
> > diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c
> > index 9c79fb9..dff3c40 100644
> > --- a/net/sched/act_ct.c
> > +++ b/net/sched/act_ct.c
> > @@ -1541,8 +1541,14 @@ static int __init ct_i
gt; v1->v2:
> - Also use sctp_transport_put() for the "out_unlock:" path in
> sctp_generate_proto_unreach_event(), as Marcelo noticed.
>
> Fixes: 50b5d6ad6382 ("sctp: Fix a race between ICMP protocol unreachable and
> connect()")
> Reported-by:
Hi,
On Fri, Nov 13, 2020 at 05:18:24PM +0800, Xin Long wrote:
...
> diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c
> index 813d307..0a51150 100644
> --- a/net/sctp/sm_sideeffect.c
> +++ b/net/sctp/sm_sideeffect.c
> @@ -419,7 +419,7 @@ void sctp_generate_proto_unreach_event(struct
On Thu, Nov 12, 2020 at 02:20:58PM -0800, Jakub Kicinski wrote:
> On Thu, 12 Nov 2020 11:24:57 +0800 we...@ucloud.cn wrote:
> > v7-v10: fix __rcu warning
>
> Are you reposting stuff just to get it build tested?
>
> This is absolutely unacceptable.
I don't know if that's the case, but maybe we c
he last one add implict packet fragment support to fix the over mtu for
> defrag in act_ct.
Acked-by: Marcelo Ricardo Leitner
he last one add implict packet fragment support to fix the over mtu for
> defrag in act_ct.
Acked-by: Marcelo Ricardo Leitner
On Mon, Nov 09, 2020 at 05:47:46PM +0200, Vlad Buslov wrote:
>
> On Mon 09 Nov 2020 at 16:50, Marcelo Ricardo Leitner
> wrote:
> > On Mon, Nov 09, 2020 at 03:24:37PM +0200, Vlad Buslov wrote:
> >> On Sun 08 Nov 2020 at 01:30, we...@ucloud.cn wrote:
...
> >>
On Mon, Nov 09, 2020 at 03:24:37PM +0200, Vlad Buslov wrote:
> On Sun 08 Nov 2020 at 01:30, we...@ucloud.cn wrote:
...
> > @@ -974,9 +974,22 @@ config NET_ACT_TUNNEL_KEY
> > To compile this code as a module, choose M here: the
> > module will be called act_tunnel_key.
> >
> > +config
On Fri, Nov 06, 2020 at 10:48:24AM +0100, Petr Malat wrote:
> On Fri, Nov 06, 2020 at 05:46:34AM -0300, Marcelo Ricardo Leitner wrote:
> > On Thu, Nov 05, 2020 at 11:39:47AM +0100, Petr Malat wrote:
> > > Function sctp_dst_mtu() never returns lower MTU than
he frag xmit hook maybe reused by other modules.
>
> Signed-off-by: wenxu
Acked-by: Marcelo Ricardo Leitner
Thanks wenxu.
On Fri, Nov 06, 2020 at 05:14:15PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> This one is prepare for the next patch.
>
> Signed-off-by: wenxu
Acked-by: Marcelo Ricardo Leitner
On Thu, Nov 05, 2020 at 06:41:33PM +0800, we...@ucloud.cn wrote:
> From: wenxu
I see Davide's and Jakub's comments. Other than those, I don't have
further comments. LGTM!
On Thu, Nov 05, 2020 at 11:39:47AM +0100, Petr Malat wrote:
> Function sctp_dst_mtu() never returns lower MTU than
> SCTP_TRUNC4(SCTP_DEFAULT_MINSEGMENT) even when the actual MTU is less,
> in which case we rely on the IP fragmentation and must enable it.
This should be being handled at sctp_packe
On Thu, Nov 05, 2020 at 03:52:27PM +0800, we...@ucloud.cn wrote:
We cross-posted :)
I think my comments on the v1 still applies, btw.
...
> This patch add support for a xmit hook to mirred, that gets executed before
> xmiting the packet. Then, when act_ct gets loaded, it configs that hook.
> The
On Wed, Nov 04, 2020 at 04:56:32PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> Currently kernel tc subsystem can do conntrack in cat_ct. But when several
^^^ typo
I like where this is going. More comments below.
> fragment packets go throu
appspotmail.com
> Fixes: a1dd2cf2f1ae ("sctp: allow changing transport encap_port by peer
> packets")
> Signed-off-by: Xin Long
Acked-by: Marcelo Ricardo Leitner
Thanks Xin.
y: Petr Malat
Then, it also needs:
Fixes: 978aa0474115 ("sctp: fix some type cast warnings introduced since very
beginning")'
Acked-by: Marcelo Ricardo Leitner
(If the maintainers can't add the Fixes tag above, please keep the ack
on the v2)
Thanks.
On Thu, Oct 29, 2020 at 07:59:36PM -0300, Marcelo Ricardo Leitner wrote:
> Cc'ing Cong, Paul, Oz and Davide.
>
> On Thu, Oct 29, 2020 at 10:22:04AM +0800, wenxu wrote:
> > Only do gso for the reassembly big packet is also can't fix all the
> > case such for icmp pac
Cc'ing Cong, Paul, Oz and Davide.
On Thu, Oct 29, 2020 at 10:22:04AM +0800, wenxu wrote:
> Only do gso for the reassembly big packet is also can't fix all the
> case such for icmp packet.
Good point. And as we can't know that a fragment was for an icmp
packet before defraging it, this is quite im
rnel.
Acked-by: Marcelo Ricardo Leitner
Thanks Xin!
On Fri, Oct 23, 2020 at 10:52:14PM +0200, Davide Caratti wrote:
> kfree_skb_list() calls kfree_skb(), thus triggering as many dropwatch
> events as the number of skbs in the list. This can disturb the analysis
> of packet drops, e.g. with fragmented echo requests generated by ICMP
> sockets, or wit
On Tue, Oct 20, 2020 at 10:08:17PM +, David Laight wrote:
> From: Marcelo Ricardo Leitner
> > Sent: 20 October 2020 22:24
> ...
> > > > Did FreeBSD enable it by default too?
> > > No. The default is 0, which means that the encapsulation is turned off.
> &
On Tue, Oct 20, 2020 at 11:15:26PM +0200, Michael Tuexen wrote:
> > On 20. Oct 2020, at 23:11, Marcelo Ricardo Leitner
> > wrote:
> >
> > On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote:
> >> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner
>
On Tue, Oct 20, 2020 at 05:12:06PM +0800, Xin Long wrote:
> On Tue, Oct 20, 2020 at 6:15 AM Marcelo Ricardo Leitner
> wrote:
> >
> > On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote:
> > > --- a/Documentation/networking/ip-sysctl.rst
> > > +++ b/Do
Ah, please note that net-next is closed.
https://lore.kernel.org/netdev/20201015123116.743005ca%40kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com/T/
Marcelo
On Mon, Oct 19, 2020 at 08:25:33PM +0800, Xin Long wrote:
> --- a/Documentation/networking/ip-sysctl.rst
> +++ b/Documentation/networking/ip-sysctl.rst
> @@ -2640,6 +2640,12 @@ addr_scope_policy - INTEGER
>
> Default: 1
>
> +udp_port - INTEGER
Need to be more verbose here, and also menti
On Mon, Oct 19, 2020 at 08:25:24PM +0800, Xin Long wrote:
> --- a/Documentation/networking/ip-sysctl.rst
> +++ b/Documentation/networking/ip-sysctl.rst
> @@ -2640,6 +2640,15 @@ addr_scope_policy - INTEGER
>
> Default: 1
>
> +encap_port - INTEGER
> + The default remote UDP encapsalutio
Actually..
On Tue, Oct 13, 2020 at 03:27:41PM +0800, Xin Long wrote:
...
> Also add sysctl udp_port to allow changing the listening
> sock's port by users.
...
> ---
> net/sctp/protocol.c | 5 +
> net/sctp/sysctl.c | 50 ++
> 2 files changed,
On Wed, Oct 14, 2020 at 08:34:16PM -0700, Jakub Kicinski wrote:
> On Tue, 13 Oct 2020 15:27:25 +0800 Xin Long wrote:
> > Description From the RFC:
> >
> >The Main Reasons:
> >
> >o To allow SCTP traffic to pass through legacy NATs, which do not
> > provide native SCTP support as sp
On Thu, Oct 08, 2020 at 01:38:31AM -0700, Eric Dumazet wrote:
> From: Eric Dumazet
>
> After freeing ep->auth_hmacs we have to clear the pointer
> or risk use-after-free as reported by syzbot:
>
Acked-by: Marcelo Ricardo Leitner
On Sat, Oct 03, 2020 at 08:24:34PM +0800, Xin Long wrote:
> On Sat, Oct 3, 2020 at 7:23 PM Xin Long wrote:
> >
> > On Sat, Oct 3, 2020 at 4:12 PM Xin Long wrote:
> > >
> > > On Sat, Oct 3, 2020 at 12:08 PM Marcelo Ricardo Leitner
> > > wrote:
> >
On Tue, Sep 29, 2020 at 09:49:07PM +0800, Xin Long wrote:
> This patch is to enable udp tunneling socks by calling
> sctp_udp_sock_start() in sctp_ctrlsock_init(), and
> sctp_udp_sock_stop() in sctp_ctrlsock_exit().
>
> Also add sysctl udp_port to allow changing the listening
> sock's port by user
On Tue, Sep 29, 2020 at 09:49:04PM +0800, Xin Long wrote:
> sk_setup_caps() was originally called in Commit 90017accff61 ("sctp:
> Add GSO support"), as:
>
> "We have to refresh this in case we are xmiting to more than one
>transport at a time"
>
> This actually happens in the loop of sctp_
On Wed, Sep 30, 2020 at 03:00:42AM +0800, kernel test robot wrote:
> Hi Xin,
>
> Thank you for the patch! Yet something to improve:
I wonder how are you planning to fix this. It is quite entangled.
This is not performance critical. Maybe the cleanest way out is to
move it to a .c file.
Adding a
On Tue, Sep 29, 2020 at 09:49:03PM +0800, Xin Long wrote:
> sctp_mtu_payload() is for calculating the frag size before making
> chunks from a msg. So we should only add udphdr size to overhead
> when udp socks are listening, as only then sctp can handling the
On Tue, Sep 29, 2020 at 09:49:02PM +0800, Xin Long wrote:
> static int sctp_udp_rcv(struct sock *sk, struct sk_buff *skb)
> {
> + memset(skb->cb, 0, sizeof(skb->cb));
> + SCTP_INPUT_CB(skb)->encap_port = ntohs(udp_hdr(skb)->source);
Here it's in host order already. The fact that is does
On Tue, Sep 29, 2020 at 09:49:01PM +0800, Xin Long wrote:
...
> +struct sctp_udpencaps {
> + sctp_assoc_t sue_assoc_id;
> + struct sockaddr_storage sue_address;
> + uint16_t sue_port;
> +};
...
> +static int sctp_setsockopt_encap_port(struct sock *sk,
> +
On Tue, Sep 29, 2020 at 09:48:55PM +0800, Xin Long wrote:
> This patch fixes two things:
>
> When skb->ip_summed == CHECKSUM_PARTIAL, skb_checksum_help() should be
> called do the checksum, instead of gso_make_checksum(), which is used
> to do the checksum for current proto after calling skb
On Tue, Sep 29, 2020 at 09:48:52PM +0800, Xin Long wrote:
...
> Patches:
Please give me till tomorrow for revising this patchset.
Thanks,
Marcelo
e.
>
> Fixes: 636d25d557d1 ("sctp: not copy sctp_sock pd_lobby in
> sctp_copy_descendant")
> Signed-off-by: Henry Ptasinski
Acked-by: Marcelo Ricardo Leitner
...
> {
> - int ancestor_size = sizeof(struct inet_sock) +
> - sizeof(struct s
On Fri, Sep 18, 2020 at 01:56:10AM +, Henry Ptasinski wrote:
> When calculating ancestor_size with IPv6 enabled, simply using
> sizeof(struct ipv6_pinfo) doesn't account for extra bytes needed for
> alignment in the struct sctp6_sock. On x86, there aren't any extra
> bytes, but on ARM the ipv6_
Hi!
On Thu, Sep 03, 2020 at 01:21:48PM +0200, Petr Malat wrote:
> Hi!
> On Wed, Sep 02, 2020 at 11:58:35AM -0300, Marcelo Ricardo Leitner wrote:
> > On Tue, Sep 01, 2020 at 11:00:07AM +0200, Petr Malat wrote:
> > > Command SCTP_CMD_PART_DELIVER issued under
On Tue, Sep 01, 2020 at 11:00:07AM +0200, Petr Malat wrote:
> Command SCTP_CMD_PART_DELIVER issued under memory pressure calls
> sctp_ulpq_partial_delivery(), which tries to fetch and partially deliver
> the first message it finds without checking if the message is longer than
> SCTP_PARTIAL_DELIVE
On Fri, Aug 28, 2020 at 11:14:30PM +0800, we...@ucloud.cn wrote:
> From: wenxu
>
> Add ip6_fragment in ipv6_stub and use it in openvswitch
> This version add default function eafnosupport_ipv6_fragment
Reviewed-by: Marcelo Ricardo Leitner
On Thu, Aug 27, 2020 at 07:51:47AM -0700, David Miller wrote:
> From: we...@ucloud.cn
> Date: Thu, 27 Aug 2020 18:39:51 +0800
>
> > From: wenxu
> >
> > Add ipv6_fragment to ipv6_stub to avoid calling netfilter when
> > access ip6_fragment.
> >
> > Signed-off-by: wenxu
>
> Please test these ch
On Thu, Aug 27, 2020 at 11:30:54AM +0800, wenxu wrote:
...
> So only othersolution for solving this problem?
Lets wait for Cong's input. LPC is happening and he had a talk there.
Marcelo
1 - 100 of 1338 matches
Mail list logo
