Eric Dumazet wrote:
>
>
> On 12/07/2018 04:03 PM, David Miller wrote:
> > From: David Ahern
> > Date: Fri, 7 Dec 2018 12:24:57 -0800
> >
> >> From: David Ahern
> >>
> >> The existing garbage collection algorithm has a number of problems:
> > ...
> >> This patch addresses these problems as fo
t, then unlock the table
and perform the destruction.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199289
Fixes: 6fd6ce2056de ("ipv6: Do not depend on rt->n in ip6_finish_output2().")
Signed-off-by: Wolfgang Bumiller
---
Changes to v1:
* Renamed 'pneigh_ifdown' to
David Miller wrote:
> From: Wolfgang Bumiller
> Date: Tue, 10 Apr 2018 11:15:14 +0200
>
> > diff --git a/net/core/neighbour.c b/net/core/neighbour.c
> > index 7b7a14abba28..601df647588c 100644
> > --- a/net/core/neighbour.c
> > +++ b/net/core/neighbour.c
> &g
t, then unlock the table
and perform the destruction.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199289
Fixes: 6fd6ce2056de ("ipv6: Do not depend on rt->n in ip6_finish_output2().")
Signed-off-by: Wolfgang Bumiller
---
I do feel bad about moving the unlock call. Perhaps ret
On Mon, Jan 29, 2018 at 08:07:23AM -0800, Stephen Hemminger wrote:
> On Mon, 29 Jan 2018 12:13:11 +0100
> Wolfgang Bumiller wrote:
>
> > The 'parse_action_control()' helper advances the argument
> > pointers to past its parsed action already, so don't
> &
The 'parse_action_control()' helper advances the argument
pointers to past its parsed action already, so don't
advance it further in 'act_parse_polic()'.
Fixes: e67aba559581 ("tc: actions: add helpers to parse and print control
actions")
Signed-off-b
On Tue, Jan 23, 2018 at 10:30:09AM +0100, Jiri Benc wrote:
> On Mon, 22 Jan 2018 23:25:41 +0100, Christian Brauner wrote:
> > This is not necessarily true in scenarios where I move a network device
> > via RTM_NEWLINK + IFLA_NET_NS_PID into a network namespace I haven't
> > created. Here is an exam
TCF_LAYER_LINK and TCF_LAYER_NETWORK returned the same pointer as
skb->data points to the network header.
Use skb_mac_header instead.
Signed-off-by: Wolfgang Bumiller
---
Only change: fixed up commit message
Previous comment:
Alternatively this could return skb->head directly, but
&#
'ptr' is shifted by the offset and then validated,
the memcmp should not add it a second time.
Signed-off-by: Wolfgang Bumiller
---
No changes in this patch
net/sched/em_nbyte.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sched/em_nbyte.c b/net/sched/
: Wolfgang Bumiller
---
(Resent as separate thread)
tc/emp_ematch.l | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/emp_ematch.l b/tc/emp_ematch.l
index dc106759..d7a99304 100644
--- a/tc/emp_ematch.l
+++ b/tc/emp_ematch.l
@@ -137,7 +137,7
Changes:
* Fixed up commit message
* Removed not really related iproute2 patch from this thread.
This fixes an oob read in em_nbyte and allows 'layer 0' in cmp and
nbyte and em_text to actually match layer 0 rather than being the same
as specifying layer 1.
Wolfgang Bumiller
TCF_LAYER_LINK and TCF_LAYER_NETWORK returned the same pointer as
skb->data points to the network header.
Use skb_mac_header instead.
Signed-off-by: Wolfgang Bumiller
---
Alternatively this could return skb->head directly, but
'sk_buff->mac_header' is documented as 'Lin
'ptr' is shifted by the offset and then validated,
the memcmp should not add it a second time.
Signed-off-by: Wolfgang Bumiller
---
net/sched/em_nbyte.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sched/em_nbyte.c b/net/sched/em_nbyte.c
index df
#x27; filter around that could just memcmp the
entire a byte sequence at once.
Wolfgang Bumiller (1; 2):
tc/lexer: let quotes actually start strings
tc/emp_ematch.l | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
net: sched: em_nbyte: don't add the data offset twice
: Wolfgang Bumiller
---
tc/emp_ematch.l | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tc/emp_ematch.l b/tc/emp_ematch.l
index dc106759..d7a99304 100644
--- a/tc/emp_ematch.l
+++ b/tc/emp_ematch.l
@@ -137,7 +137,7
ookie early and assign it on
success at the end.
CVE-2017-7979
Fixes: 1045ba77a596 ("net sched actions: Add support for user cookies")
Signed-off-by: Wolfgang Bumiller
Acked-by: Jamal Hadi Salim
---
This replaces both patches of the previous series:
- 1/2 net sched actions: fix access t
> On April 19, 2017 at 1:32 PM Jamal Hadi Salim wrote:
>
>
> On 17-04-19 04:09 AM, Wolfgang Bumiller wrote:
>
> This solves one issue, but I am afraid the issue Cong mentioned is a
> possibility still.
> Lets say user did a replace and tried to also replace the cook
> On April 19, 2017 at 8:23 AM Cong Wang wrote:
>
>
> On Tue, Apr 18, 2017 at 7:21 PM, Jamal Hadi Salim wrote:
> > Indeed. Allocate the cookie before init? That way, we fail early
> > and dont need to worry about restoring anything.
>
> No, a->act_cookie needs an action pointer first. ;)
>
>
Signed-off-by: Wolfgang Bumiller
Acked-by: Cong Wang
Acked-by: Jamal Hadi Salim
---
(same as v1)
net/sched/act_api.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index b70aa57319ea..8cc883c063f0 100644
--- a/net/sched/act_api.c
Whether the reference count has to be decremented depends
on whether the policy was created. If TCA_ACT_COOKIE is
passed and an error occurs there, the same condition still
has to be honored.
Signed-off-by: Wolfgang Bumiller
Cc: Jamal Hadi Salim
---
I did not include the Acked-bys here because
> On April 15, 2017 at 8:20 PM Cong Wang wrote:
>
>
> On Fri, Apr 14, 2017 at 2:08 AM, Wolfgang Bumiller
> wrote:
> > Before I do that - trying to wrap my head around the interdependencies
> > here better to be thorough - I noticed that tcf_hash_release() can
&g
On Thu, Apr 13, 2017 at 11:03:37AM -0700, Cong Wang wrote:
> On Thu, Apr 13, 2017 at 1:06 AM, Wolfgang Bumiller
> wrote:
> > On Wed, Apr 12, 2017 at 09:27:31PM -0700, Cong Wang wrote:
> >> Instead of duplicating code, you can add the check
> >> to the module_put()
On Wed, Apr 12, 2017 at 09:27:31PM -0700, Cong Wang wrote:
> On Wed, Apr 12, 2017 at 7:21 AM, Wolfgang Bumiller
> wrote:
> > If memory allocation for nla_memdup_cookie() fails
> > module_put has to be guarded by the same condition as it was
> > before the TCA_ACT_COOKIE
Signed-off-by: Wolfgang Bumiller
---
net/sched/act_api.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index b70aa57319ea..8cc883c063f0 100644
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -604,7 +604,7 @@ struct tc_action
Apr 12 09:19:35 testmachine kernel: ---[ end trace 89cb022ec57f7bd1 ]---
Wolfgang Bumiller (2):
net sched actions: fix access to uninitialized data
net sched actions: fix refcount decrement on error
net/sched/act_api.c | 14 +-
1 file changed, 9 insertions(+), 5 deletions(-)
--
2.11.0
->init() then
* ACT_P_CREATED is not returned (a zero is).
*/
Signed-off-by: Wolfgang Bumiller
---
Note that I'm unsure about this patch. The hangups weren't very reliable
and I couldn't actually reproduce them when building from git/master (as
I can only test a fraction of my u
26 matches
Mail list logo
