Re: [PATCH] net: Fix xps_needed inc/dec mismatch

Hi Ross, 2018-12-07, 10:16:21 +, Ross Lagerwall wrote: > xps_needed is incremented only when a new dev map is allocated (in > __netif_set_xps_queue). Therefore it should be decremented only when we > actually have a dev map to destroy. Without this, it may be decremented > too many times

Re: [PATCH v6 1/4] udp_tunnel: add config option to bind to a device

2018-11-27, 14:05:42 +0100, Alexis Bauvin wrote: > diff --git a/net/ipv4/udp_tunnel.c b/net/ipv4/udp_tunnel.c > index 6539ff15e9a3..dc68e15a4f72 100644 > --- a/net/ipv4/udp_tunnel.c > +++ b/net/ipv4/udp_tunnel.c > @@ -20,6 +20,16 @@ int udp_sock_create4(struct net *net, struct udp_port_cfg >

Re: [PATCH net-next v2 3/3] vxlan: move flag sets to use a helper func

2018-11-29, 07:27:17 -0800, Roopa Prabhu wrote: > On Thu, Nov 29, 2018 at 6:19 AM Sabrina Dubroca wrote: > > 2018-11-28, 14:27:59 -0800, Roopa Prabhu wrote: > > nit: This patch would have been easier to review if it came first in > > the series. Converting: > > I con

Re: [PATCH net-next v2 1/3] vxlan: support changelink for a few more attributes

2018-11-29, 07:33:11 -0800, Roopa Prabhu wrote: > On Thu, Nov 29, 2018 at 5:56 AM Sabrina Dubroca wrote: > > > > 2018-11-28, 14:27:57 -0800, Roopa Prabhu wrote: > > > From: Roopa Prabhu > > > > > > We started very conservative when supporting changelink

Re: [PATCH net-next v2 3/3] vxlan: move flag sets to use a helper func

2018-11-28, 14:27:59 -0800, Roopa Prabhu wrote: > +/* Set/clear flags based on attribute */ > +static void vxlan_nl2flag(struct vxlan_config *conf, struct nlattr *tb[], > + int attrtype, unsigned long mask) > +{ > + unsigned long flags; > + > + if (!tb[attrtype]) > +

Re: [PATCH net-next v2 1/3] vxlan: support changelink for a few more attributes

2018-11-28, 14:27:57 -0800, Roopa Prabhu wrote: > From: Roopa Prabhu > > We started very conservative when supporting changelink > especially because not all attribute changes could be > tested. This patch opens up a few more attributes for > changelink. The reason for choosing this set of

[PATCH net 0/2] fixes for XPS configuration after Symmetric queue selection

static key for XPS won't actually disable itself, once enabled. The RXQS-XPS static key can actually be disabled by reconfiguring a device that didn't have RXQS-XPS configured at all. Sabrina Dubroca (2): net: restore call to netdev_queue_numa_node_write when resetting XPS net: fix XPS static_key

[PATCH net 2/2] net: fix XPS static_key accounting

active map left, for example when writing ',' to all queues' xps_rxqs setting. Fixes: 04157469b7b8 ("net: Use static_key for XPS maps") Signed-off-by: Sabrina Dubroca --- net/core/dev.c | 45 - 1 file changed, 24 insertions(+), 2

[PATCH net 1/2] net: restore call to netdev_queue_numa_node_write when resetting XPS

here's no active XPS mapping left. Fixes: 80d19669ecd3 ("net: Refactor XPS for CPUs and Rx queues") Signed-off-by: Sabrina Dubroca --- net/core/dev.c | 16 +--- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/net/core/dev.c b/net/core/dev.c index ddc551f24ba2..32a6

Re: [PATCH v2] ipv4: make DSCP values works with ip rules

Hi Pavel, 2018-11-20, 16:29:36 +0300, Pavel Balaev wrote: > This patch adds ability to set DSCP values in ip rules. You dropped the RFC reference that you had in v1. > Values presented in /etc/iproute3/rt_dsfield and now can be used in rules. iproute3? > > Example: > $ ip ru add from

[PATCH net] ip_tunnel: don't force DF when MTU is locked

This patch makes setting the DF bit conditional on the route's MTU locking state. This issue seems to be older than git history. Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- net/ipv4/ip_tunnel_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git

[PATCH net 0/2] macsec: linkstate fixes

. The second patch is a follow-up. The restriction on setting the device up is a bit unreasonable, and operstate provides the information we need in this case. [0] https://patchwork.ozlabs.org/patch/971374/ Sabrina Dubroca (2): macsec: update operstate when lower device changes macsec: let

[PATCH net 2/2] macsec: let the administrator set UP state even if lowerdev is down

for this limitation, so let's remove it. Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver") Reported-by: Radu Rendec Signed-off-by: Sabrina Dubroca --- drivers/net/macsec.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c index 61

[PATCH net 1/2] macsec: update operstate when lower device changes

. This version is similar to what the macvlan driver does, and updates only the operstate. Fixes: c09440f7dcb3 ("macsec: introduce IEEE 802.1AE driver") Reported-by: Radu Rendec Reported-by: Patrick Talbert Signed-off-by: Sabrina Dubroca --- drivers/net/macsec.c | 17 +++

Re: [PATCH net] ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called

4da ("ipv6: Use icmpv6_notify() to propagate redirect, > instead of rt6_redirect().") > Signed-off-by: Stefano Brivio Reviewed-by: Sabrina Dubroca -- Sabrina

Re: [PATCH iproute2] macsec: fix off-by-one when parsing attributes

2018-10-15, 09:36:58 -0700, Stephen Hemminger wrote: > On Fri, 12 Oct 2018 17:34:12 +0200 > Sabrina Dubroca wrote: > > > I seem to have had a massive brainfart with uses of > > parse_rtattr_nested(). The rtattr* array must have MAX+1 elements, and > > the call to pa

Re: Bug in MACSec - stops passing traffic after approx 5TB

2018-10-14, 10:59:31 -0400, Josh Coombs wrote: > I initially mistook this for a traffic control issue, but after > stripping the test beds down to just the MACSec component, I can still > replicate the issue. After approximately 5TB of transfer / 4 billion > packets over a MACSec link it stops

Re: [PATCH net] ipv6: rate-limit probes for neighbourless routes

2018-10-12, 08:17:28 -0700, Eric Dumazet wrote: > > > On 10/12/2018 07:22 AM, Sabrina Dubroca wrote: > > When commit 270972554c91 ("[IPV6]: ROUTE: Add Router Reachability > > Probing (RFC4191).") introduced router probing, the rt6_probe() function > > re

[PATCH iproute2] json: make 0xhex handle u64

6 TXSC: 01560001 on SA 0 # ip -d link show macsec0 11: macsec0@ens3: [...] link/ether 52:54:00:12:01:56 brd ff:ff:ff:ff:ff:ff promiscuity 0 macsec sci 5254001201560001 [...] where TXSC and sci should match. Fixes: c0b904de6211 ("macsec: support JSON") Signed-off

[PATCH iproute2] macsec: fix off-by-one when parsing attributes

I seem to have had a massive brainfart with uses of parse_rtattr_nested(). The rtattr* array must have MAX+1 elements, and the call to parse_rtattr_nested must have MAX as its bound. Let's fix those. Fixes: b26fc590ce62 ("ip: add MACsec support") Signed-off-by: Sabrina Dubroca --- ip/

[PATCH net] ipv6: rate-limit probes for neighbourless routes

be in the fib6_info itself. Fixes: 2152caea7196 ("ipv6: Do not depend on rt->n in rt6_probe().") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- include/net/ip6_fib.h | 4 net/ipv6/route.c | 12 ++-- 2 files changed, 10 insertions(+), 6 deletions(-

[PATCH net v2 0/2] net: ipv4: fixes for PMTU when link MTU changes

mtu: add basic IPv4 and IPv6 PMTU tests") v2: add cover letter, and fix a few small things in patch 1 Sabrina Dubroca (2): net: ipv4: update fnhe_pmtu when first hop's MTU changes net: ipv4: don't let PMTU updates increase route MTU include/linux/netdevice.h | 7 ++ include/net/ip_

[PATCH net v2 2/2] net: ipv4: don't let PMTU updates increase route MTU

ca4 ("ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- v2: unchanged net/ipv4/route.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/net/ipv4/route.c b/net/ip

[PATCH net v2 1/2] net: ipv4: update fnhe_pmtu when first hop's MTU changes

aad1de5ea2c ("ipv4: use separate genid for next hop exceptions") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- v2: - s/u32/mtu/ in netdev_notifier_info_ext and call_netdevice_notifiers_ helper, suggested by David Ahern - don't EXPORT_SYMBOL the helper, it's only u

Re: [PATCH net 1/2] net: ipv4: update fnhe_pmtu when first hop's MTU changes

2018-10-08, 11:18:49 -0600, David Ahern wrote: > On 10/8/18 6:36 AM, Sabrina Dubroca wrote: > > diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h > > index c7861e4b402c..dc9d2668d9bb 100644 > > --- a/include/linux/netdevice.h > > +++ b/include/linux

[PATCH net-next 0/3] selftests: add more PMTU tests

with Stefano Brivio. Sabrina Dubroca (2): selftests: pmtu: extend MTU parsing helper to locked MTU selftests: pmtu: add basic IPv4 and IPv6 PMTU tests Stefano Brivio (1): selftests: pmtu: Introduce check_pmtu_value() tools/testing/selftests/net/pmtu.sh | 258 1 file

[PATCH net-next 2/3] selftests: pmtu: extend MTU parsing helper to locked MTU

The mtu_parse helper introduced in commit f2c929feeccd ("selftests: pmtu: Factor out MTU parsing helper") can only handle "mtu 1234", but not "mtu lock 1234". Extend it, so that we can do IPv4 tests with PMTU smaller than net.ipv4.route.min_pmtu Signed-off-by: Sabri

[PATCH net-next 1/3] selftests: pmtu: Introduce check_pmtu_value()

From: Stefano Brivio Introduce and use a function that checks PMTU values against expected values and logs error messages, to remove some clutter. Signed-off-by: Stefano Brivio Signed-off-by: Sabrina Dubroca --- tools/testing/selftests/net/pmtu.sh | 49 + 1 file

[PATCH net-next 3/3] selftests: pmtu: add basic IPv4 and IPv6 PMTU tests

Signed-off-by: Sabrina Dubroca Signed-off-by: Stefano Brivio --- tools/testing/selftests/net/pmtu.sh | 207 +++- 1 file changed, 203 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/net/pmtu.sh b/tools/testing/selftests/net/pmtu.sh index 03e56a27f69c..b9cdb68df

[PATCH net 2/2] ipv4: don't let PMTU updates increase route MTU

ca4 ("ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- net/ipv4/route.c | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/net/ipv4/route.c b/net/ipv4/route.c index b678

[PATCH net 1/2] net: ipv4: update fnhe_pmtu when first hop's MTU changes

aad1de5ea2c ("ipv4: use separate genid for next hop exceptions") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- include/linux/netdevice.h | 7 ++ include/net/ip_fib.h | 1 + net/core/dev.c| 29 +-- net/ipv4/fib_front

Re: [PATCH 1/1] macsec: reflect the master interface state

2018-09-19, 12:44:41 -0400, Radu Rendec wrote: > Hello, Gah, sorry, this fell into the "week-end" crack and I forgot to answer :( > On Wed, Sep 19, 2018 at 11:24 AM Sabrina Dubroca wrote: > > 2018-09-18, 20:16:12 -0400, Radu Rendec wrote: > > > This patch

Re: [PATCH 1/1] macsec: reflect the master interface state

Hello, 2018-09-18, 20:16:12 -0400, Radu Rendec wrote: > This patch makes macsec interfaces reflect the state of the underlying > interface: if the master interface changes state to up/down, the macsec > interface changes its state accordingly. I got a separate report of the same issue and I've

[PATCH net] selftests: pmtu: properly redirect stderr to /dev/null

ests: net: Introduce first PMTU test") Signed-off-by: Sabrina Dubroca --- tools/testing/selftests/net/pmtu.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/pmtu.sh b/tools/testing/selftests/net/pmtu.sh index 32a194e3e07a..0ab9423d009f 1007

[PATCH net v2 2/3] tls: zero the crypto information from tls_context before freeing

: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca --- v2: introduce union tls_crypto_context include/net/tls.h | 19 +-- net/tls/tls_device.c | 6 +++--- net/tls/tls_device_fallback.c | 2 +- net/tls/tls_main.c

[PATCH net v2 1/3] tls: don't copy the key out of tls12_crypto_info_aes_gcm_128

There's no need to copy the key to an on-stack buffer before calling crypto_aead_setkey(). Fixes: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca --- net/tls/tls_sw.c | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/net/tls/tls_sw.c

[PATCH net v2 3/3] tls: clear key material from kernel memory when do_tls_setsockopt_conf fails

Fixes: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca Signed-off-by: Sabrina Dubroca --- v2: use the new union tls_crypto_context net/tls/tls_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/tls/tls_main.c b/net/tls/tls_ma

[PATCH net v2 0/3] tls: don't leave keys in kernel memory

There are a few places where the RX/TX key for a TLS socket is copied to kernel memory. This series clears those memory areas when they're no longer needed. v2: add union tls_crypto_context, following Vakul Garg's comment swap patch 2 and 3, using new union in patch 3 Sabrina Dubroca (3

Re: [PATCH net-next v1] net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC

2018-09-05, 21:57:43 +0530, Vakul Garg wrote: > tls_sw_sendmsg() allocates plaintext and encrypted SG entries using > function sk_alloc_sg(). In case the number of SG entries hit > MAX_SKB_FRAGS, sk_alloc_sg() returns -ENOSPC and sets the variable for > current SG index to '0'. This leads to

Re: [PATCH net 2/3] tls: clear key material from kernel memory when do_tls_setsockopt_conf fails

2018-09-05, 16:53:54 +0300, Boris Pismenny wrote: > Hi Sabrina, > > On 9/5/2018 4:21 PM, Sabrina Dubroca wrote: > > Fixes: 3c4d7559159b ("tls: kernel TLS support") > > Signed-off-by: Sabrina Dubroca > > --- > > net/tls/tls_main.c | 2 +- >

Re: [PATCH net 3/3] tls: zero the crypto information from tls_context before freeing

2018-09-05, 13:48:48 +, Vakul Garg wrote: > > > > -Original Message- > > From: netdev-ow...@vger.kernel.org On > > Behalf Of Sabrina Dubroca > > Sent: Wednesday, September 5, 2018 6:52 PM > > To: netdev@vger.kernel.org > > Cc: Sabrina Du

[PATCH net 1/3] tls: don't copy the key out of tls12_crypto_info_aes_gcm_128

There's no need to copy the key to an on-stack buffer before calling crypto_aead_setkey(). Fixes: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca --- net/tls/tls_sw.c | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/net/tls/tls_sw.c

[PATCH net 3/3] tls: zero the crypto information from tls_context before freeing

This contains key material in crypto_send_aes_gcm_128 and crypto_recv_aes_gcm_128. Fixes: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca --- include/net/tls.h | 1 + net/tls/tls_main.c | 14 -- 2 files changed, 13 insertions(+), 2 deletions(-)

[PATCH net 2/3] tls: clear key material from kernel memory when do_tls_setsockopt_conf fails

Fixes: 3c4d7559159b ("tls: kernel TLS support") Signed-off-by: Sabrina Dubroca --- net/tls/tls_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 180b6640e531..0d432d025471 100644 --- a/net/tls/tls_main.c +++

[PATCH net 0/3] tls: don't leave keys in kernel memory

There are a few places where the RX/TX key for a TLS socket is copied to kernel memory. This series clears those memory areas when they're no longer needed. Sabrina Dubroca (3): tls: don't copy the key out of tls12_crypto_info_aes_gcm_128 tls: clear key material from kernel memory when

[PATCH net 2/2] selftests: pmtu: detect correct binary to ping ipv6 addresses

Some systems don't have the ping6 binary anymore, and use ping for everything. Detect the absence of ping6 and try to use ping instead. Fixes: d1f1b9cbf34c ("selftests: net: Introduce first PMTU test") Signed-off-by: Sabrina Dubroca Acked-by: Stefano Brivio --- tools/testing/sel

[PATCH net 1/2] selftests: pmtu: maximum MTU for vti4 is 2^16-1-20

tu") Signed-off-by: Sabrina Dubroca Acked-by: Stefano Brivio --- tools/testing/selftests/net/pmtu.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/pmtu.sh b/tools/testing/selftests/net/pmtu.sh index f8cc38afffa2..0ecf2609b9a4 100755 --- a/too

Re: [PATCH 1/2] xfrm6: call kfree_skb when skb is toobig

gt; > The fix is to call kfree_skb in case of transmit failures. > > Signed-off-by: Thadeu Lima de Souza Cascardo Reviewed-by: Sabrina Dubroca I was about to post the same patch. Arguably, the commit introducing this bug is the one that added those "return -EMSGSIZE" to __x

[PATCH net 2/3] ipv6: fix cleanup ordering for pingv6 registration

init+0x153/0x1b8 Fixes: 6d0bfe226116 ("net: ipv6: Add IPv6 support to the ping socket.") Signed-off-by: Sabrina Dubroca --- net/ipv6/af_inet6.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index e5da133c6932..9a4261e50

[PATCH net 3/3] net: rtnl: return early from rtnl_unregister_all when protocol isn't registered

[IPV6]: Make af_inet6 to check ip6_route_init return value.") Signed-off-by: Sabrina Dubroca --- net/core/rtnetlink.c | 4 1 file changed, 4 insertions(+) diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 24431e578310..60c928894a78 100644 --- a/net/core/rtnetlink.c +++

[PATCH net 1/3] ipv6: fix cleanup ordering for ip6_mr failure

x110/0x110 ? kmem_cache_create_usercopy+0x1b4/0x240 unregister_pernet_subsys+0x1d/0x30 icmpv6_cleanup+0x1d/0x30 inet6_init+0x1b5/0x23f Fixes: 15e668070a64 ("ipv6: reorder icmpv6_init() and ip6_mr_init()") Signed-off-by: Sabrina Dubroca --- net/ipv6/af_inet6.c | 6 +++--- 1 file changed

[PATCH net 0/3] ipv6: fix error path of inet6_init()

The error path of inet6_init() can trigger multiple kernel panics, mostly due to wrong ordering of cleanups. This series fixes those issues. Sabrina Dubroca (3): ipv6: fix cleanup ordering for ip6_mr failure ipv6: fix cleanup ordering for pingv6 registration net: rtnl: return early from

Re: I found a strange place while reading “net/ipv6/reassembly.c”

2018-08-15, 04:38:29 +, Ttttabcd wrote: > Hello everyone who develops the kernel. > > At the beginning I was looking for the source author, but his email > address has expired, so I can only come here to ask questions. > > The problem is in the /net/ipv6/reassembly.c file, the author is >

[PATCH net] net/ipv6: fix metrics leak

elper and use it to release the metrics. Fixes: d4ead6b34b67 ("net/ipv6: move metrics from dst to rt6_info") Signed-off-by: Sabrina Dubroca --- net/ipv6/ip6_fib.c | 18 ++ 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_f

[PATCH net] ipv6: make DAD fail with enhanced DAD when nonce length differs

but is currently ignored. Fixes: adc176c54722 ("ipv6 addrconf: Implemented enhanced DAD (RFC7527)") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- net/ipv6/ndisc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c index

Re: [PATCH net] skbuff: Unconditionally copy pfmemalloc in __skb_clone()

was set in the > original skb, but not cleared if it wasn't. This is wrong and > might lead to socket buffers being flagged with pfmemalloc even > if the skb data wasn't allocated from pfmemalloc reserves. Copy > the flag instead of ORing it. > > Reported-by: Sabrina Dubro

Re: [PATCH net] ipv4: reset fnhe_mtu_locked after cache route flushed

2018-05-10, 15:43:11 -0400, David Miller wrote: > From: Hangbin Liu > Date: Wed, 9 May 2018 18:06:44 +0800 > > > After route cache is flushed via ipv4_sysctl_rtcache_flush(), we forget > > to reset fnhe_mtu_locked in rt_bind_exception(). When pmtu is updated > > in __ip_rt_update_pmtu(), it

Re: [PATCH net v2 4/5] net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices

2018-07-09, 11:24:49 -0600, David Ahern wrote: > On 7/9/18 4:25 AM, Sabrina Dubroca wrote: > > This aligns the addr_gen_mode sysctl with the expected behavior of the > > "all" variant. > > > > Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to chan

[PATCH net v2 4/5] net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices

This aligns the addr_gen_mode sysctl with the expected behavior of the "all" variant. Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode") Suggested-by: David Ahern Signed-off-by: Sabrina Dubroca --- net/ipv6/addrconf.c | 12

[PATCH net v2 3/5] net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE

inet6_ifla6_size() is called to check how much space is needed by inet6_fill_link_af() and inet6_fill_ifinfo(), both of which include the IFLA_INET6_ADDR_GEN_MODE attribute. Reserve some room for it. Fixes: bc91b0f07ada ("ipv6: addrconf: implement address generation modes") Signed-off-b

[PATCH net v2 2/5] net/ipv6: don't reinitialize ndev->cnf.addr_gen_mode on new inet6_dev

The value has already been copied from this netns's devconf_dflt, it shouldn't be reset to the global kernel default. Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode") Signed-off-by: Sabrina Dubroca Reviewed-by: David Ahern --- net/ipv6/addr

[PATCH net v2 5/5] Documentation: ip-sysctl.txt: document addr_gen_mode

addr_gen_mode was introduced in without documentation, add it now. Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode") Signed-off-by: Sabrina Dubroca --- Documentation/networking/ip-sysctl.txt | 9 + 1 file changed, 9 insertions(+)

[PATCH net v2 1/5] net/ipv6: fix addrconf_sysctl_addr_gen_mode

ion mode") Signed-off-by: Sabrina Dubroca --- net/ipv6/addrconf.c | 27 ++- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 91580c62bb86..e9ba53d2a147 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.

[PATCH net v2 0/5] net/ipv6: addr_gen_mode fixes

documentation for the sysctl patches 1, 2, 3 are unchanged Sabrina Dubroca (5): net/ipv6: fix addrconf_sysctl_addr_gen_mode net/ipv6: don't reinitialize ndev->cnf.addr_gen_mode on new inet6_dev net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE net/ipv6: propagate net.i

Re: [PATCH net 1/3] net/ipv6: fix addrconf_sysctl_addr_gen_mode

2018-07-06, 09:28:48 -0600, David Ahern wrote: > On 7/6/18 9:02 AM, Sabrina Dubroca wrote: > > 2018-07-06, 08:42:01 -0600, David Ahern wrote: > >> On 7/6/18 7:49 AM, Sabrina Dubroca wrote: > >>> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c > >>&g

Re: [PATCH net 1/3] net/ipv6: fix addrconf_sysctl_addr_gen_mode

2018-07-06, 08:42:01 -0600, David Ahern wrote: > On 7/6/18 7:49 AM, Sabrina Dubroca wrote: > > diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c > > index 91580c62bb86..e9ba53d2a147 100644 > > --- a/net/ipv6/addrconf.c > > +++ b/net/ipv6/addrconf.c > > @

[PATCH net 2/3] net/ipv6: don't reinitialize ndev->cnf.addr_gen_mode on new inet6_dev

The value has already been copied from this netns's devconf_dflt, it shouldn't be reset to the global kernel default. Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode") Signed-off-by: Sabrina Dubroca --- net/ipv6/addrconf.c | 2 -- 1 file

[PATCH net 1/3] net/ipv6: fix addrconf_sysctl_addr_gen_mode

ion mode") Signed-off-by: Sabrina Dubroca --- net/ipv6/addrconf.c | 27 ++- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 91580c62bb86..e9ba53d2a147 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.

[PATCH net 0/3] net/ipv6: addr_gen_mode fixes

This series fixes bugs in handling of the addr_gen_mode option, mainly related to the sysctl. A minor netlink issue was also present in the initial commit introducing the option on a per-netdevice basis. Sabrina Dubroca (3): net/ipv6: fix addrconf_sysctl_addr_gen_mode net/ipv6: don't

[PATCH net 3/3] net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE

inet6_ifla6_size() is called to check how much space is needed by inet6_fill_link_af() and inet6_fill_ifinfo(), both of which include the IFLA_INET6_ADDR_GEN_MODE attribute. Reserve some room for it. Fixes: bc91b0f07ada ("ipv6: addrconf: implement address generation modes") Signed-off-b

[PATCH net] net: fix use-after-free in GRO with ESP

114163f2f5 ("net: Add a skb_gro_flush_final helper.") Signed-off-by: Sabrina Dubroca Reviewed-by: Stefano Brivio --- drivers/net/geneve.c | 2 +- drivers/net/vxlan.c | 4 +--- include/linux/netdevice.h | 20 net/8021q/vlan.c | 2 +- net/ipv4/f

[PATCH net] alx: take rtnl before calling __alx_open from resume

Move the calls to set the Tx and Rx queues into igb_open"). Fixes: d768319cd427 ("alx: enable multiple tx queues") Signed-off-by: Sabrina Dubroca --- drivers/net/ethernet/atheros/alx/main.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/a

[PATCH net v2 1/2] ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds

various fixes and cleanups"). Fixes: d1db275dd3f6 ("ipv6: ip6mr: support multiple tables") Signed-off-by: Sabrina Dubroca --- net/ipv6/ip6mr.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c index 298fd8b6ed17..42eca2689c3

[PATCH net v2 2/2] ipmr: fix error path when ipmr_new_table fails

MROUTE_COMMON, since it is never used. Fixes: 0bbbf0e7d0e7 ("ipmr, ip6mr: Unite creation of new mr_table") Signed-off-by: Sabrina Dubroca --- v2: - fixed brainfart that shadowed mrt variable in ip6_mroute_setsockopt - rebased on top of ip6_mroute_setsockopt fix include/linux/mroute_base

Re: [PATCH net] ipmr: fix error path when mr_table_alloc fails

2018-06-04, 17:25:14 -0400, David Miller wrote: > From: Sabrina Dubroca > Date: Mon, 4 Jun 2018 13:55:54 +0200 > > > commit 0bbbf0e7d0e7 ("ipmr, ip6mr: Unite creation of new mr_table") > > refactored ipmr_new_table, so that it now returns NULL when > > mr_

[PATCH net] ipmr: fix error path when mr_table_alloc fails

inters as well. It also removes the version of mr_table_alloc defined under !CONFIG_IP_MROUTE_COMMON, since it is never used. Fixes: 0bbbf0e7d0e7 ("ipmr, ip6mr: Unite creation of new mr_table") Fixes: 66fb33254f45 ("ipmr: properly check rhltable_init() return value") Signed-

[PATCH iproute2-next v2 1/2] man: ip link: document GRE tunnels

GRE tunnels are currently only documented together with IPIP and SIT tunnels, but they actually have very different configuration options. Let's separate them. Signed-off-by: Sabrina Dubroca <s...@queasysnail.net> --- man/man8/ip-link.8.in | 152 --

[PATCH iproute2-next v2 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags

Currently, iproute allows setting those flags, but it's impossible to clear them, since their current value is fetched from the kernel and then we OR in the additional flags passed on the command line. Add no* variants to allow clearing them. Signed-off-by: Sabrina Dubroca <s...@queasysnail.

Re: [PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags

2018-04-19, 12:22:42 +0200, Sabrina Dubroca wrote: > @@ -210,28 +210,49 @@ get_failed: > iflags |= GRE_KEY; > oflags |= GRE_KEY; > ikey = okey = tnl_parse_key("key", *argv); > + } else i

[PATCH iproute2-next 2/2] gre/gre6: allow clearing {,i,o}{key,seq,csum} flags

Currently, iproute allows setting those flags, but it's impossible to clear them, since their current value is fetched from the kernel and then we OR in the additional flags passed on the command line. Add no* variants to allow clearing them. Signed-off-by: Sabrina Dubroca <s...@queasysnail.

[PATCH iproute2-next 1/2] man: ip link: document GRE tunnels

GRE tunnels are currently only documented together with IPIP and SIT tunnels, but they actually have very different configuration options. Let's separate them. Signed-off-by: Sabrina Dubroca <s...@queasysnail.net> --- man/man8/ip-link.8.in | 152 --

Re: Regression with 5dcd8400884c ("macsec: missing dev_put() on error in macsec_newlink()")

Hello Laura, 2018-04-14, 10:56:55 -0700, Laura Abbott wrote: > Hi, > > Fedora got a bug report of a regression when trying to remove the > the macsec module (https://bugzilla.redhat.com/show_bug.cgi?id=1566410). > I did a bisect and found > > commit 5dcd8400884cc4a043a6d4617e042489e5d566a9 >

[PATCH net 2/2] tun: send netlink notification when the device is modified

wner/group or flags are modified, when queues are attached/detached, and when a tun fd is closed. Reported-by: Thomas Haller <thal...@redhat.com> Fixes: 1ec010e70593 ("tun: export flags, uid, gid, queue information over netlink") Signed-off-by: Sabrina Dubroca <s...@queasysnai

[PATCH net 1/2] tun: set the flags before registering the netdevice

Otherwise, register_netdevice advertises the creation of the device with the default flags, instead of what the user requested. Reported-by: Thomas Haller <thal...@redhat.com> Fixes: 1ec010e70593 ("tun: export flags, uid, gid, queue information over netlink") Signed-off-by: Sa

[PATCH net] ip_gre: clear feature flags when incompatible o_flags are set

.10 remote 192.168.0.20 ttl 255 key 1 seq Fixes: dd9d598c6657 ("ip_gre: add the support for i/o_flags update via netlink") Signed-off-by: Sabrina Dubroca <s...@queasysnail.net> --- net/ipv4/ip_gre.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/net/ipv4/ip_gre.c

Re: [PATCH v14 net-next 09/12] crypto: chtls - Inline TLS record Tx

2018-03-29, 21:27:51 +0530, Atul Gupta wrote: > TLS handler for record transmit. > Create Inline TLS work request and post to FW. > Create Inline TLS record CPLs for hardware > > Signed-off-by: Atul Gupta > Signed-off-by: Michael Werner > --- ... >

Re: [PATCH v14 net-next 08/12] crypto : chtls - CPL handler definition

2018-03-29, 21:27:50 +0530, Atul Gupta wrote: ... > +static void chtls_pass_accept_request(struct sock *sk, > + struct sk_buff *skb) > +{ ... > + if (chtls_get_module(newsk)) > + goto reject; > + inet_csk_reqsk_queue_added(sk); > +

Re: [PATCH v13 net-next 02/12] ethtool: enable Inline TLS in HW

io.com> > Reviewed-by: Sabrina Dubroca <sdubr...@redhat.com> uh, what? I definitely didn't give my "Reviewed-by" for any of these patches. Please never do that again. -- Sabrina

Re: [PATCH v11 crypto 06/12] crypto: chtls - structure and macro for Inline TLS

2018-03-16, 21:07:35 +0530, Atul Gupta wrote: [...] > +#define SOCK_INLINE (31) [...] > +static inline int csk_flag(const struct sock *sk, enum csk_flags flag) > +{ > + struct chtls_sock *csk = rcu_dereference_sk_user_data(sk); > + > + if (!sock_flag(sk, SOCK_INLINE)) > +

[PATCH net v2] ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu

("ipv4: Cache learned PMTU information in inetpeer.") Signed-off-by: Sabrina Dubroca <s...@queasysnail.net> Reviewed-by: Stefano Brivio <sbri...@redhat.com> --- v2: make rt_pmtu a bitfield fix missing initializations of rt_mtu_locked include/net/ip.h| 11 ++

Re: [PATCH net] ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu

2018-03-09, 16:06:19 -0500, David Miller wrote: > From: Sabrina Dubroca <s...@queasysnail.net> > Date: Fri, 9 Mar 2018 17:43:21 +0100 > > > diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h > > index f80524396c06..77d0a78cf7d2 100644 > > --- a/include/n

[PATCH net] ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu

r.") Signed-off-by: Sabrina Dubroca <s...@queasysnail.net> Reviewed-by: Stefano Brivio <sbri...@redhat.com> --- include/net/ip.h | 11 +-- include/net/ip_fib.h | 1 + include/net/route.h | 1 + net/ipv4/route.c | 25 ++--- 4 files changed, 29 ins

Re: [PATCH v9 crypto 08/12] chtls: Key program

2018-03-06, 21:09:27 +0530, Atul Gupta wrote: [snip] > +static int chtls_set_tcb_field(struct sock *sk, u16 word, u64 mask, u64 val) > +{ > + struct chtls_sock *csk = rcu_dereference_sk_user_data(sk); > + struct sk_buff *skb; > + struct cpl_set_tcb_field *req; > + struct

Re: [PATCH v9 crypto 06/12] cxgb4: LLD driver changes to enable TLS

2018-03-06, 21:09:25 +0530, Atul Gupta wrote: > Read FW capability. Read key area size. Dump the TLS record count. That's not a really helpful commit message. Have a look at other commit messages and try to be more descriptive. It's also not clear if those changes belong together in one patch,

Re: [PATCH v9 crypto 02/12] ethtool: enable Inline TLS in HW

Since you're saying the driver supports offloading TLS records to the HW, why not call the feature "record offloading"? With, for example, NETIF_F_HW_TLS_RECORD as the feature, and maybe "tls-hw-record" for the ethtool string. This "Inline TLS" name sounds rather like marketing to me.

Re: [PATCH v9 crypto 00/12] Chelsio Inline TLS

2018-03-06, 21:05:23 +0530, Atul Gupta wrote: > Series for Chelsio Inline TLS driver (chtls) > > Use tls ULP infrastructure to register chtls as Inline TLS driver. > Chtls use TCP Sockets to transmit and receive TLS record. TCP proto_ops is > extended to offload TLS record. > > T6 adapter

Re: [PATCH v9 crypto 01/12] tls: tls_device struct to register TLS drivers

Hello Atul, One quick note before you start replying: please fix your email client, as you've been told before. Quoting has to add a quoting marker (the '>' character) at the beginning of the line, otherwise it's impossible to separate your reply from the email you're quoting. 2018-03-06,

[PATCH net-next v2] ipv6: allow userspace to add IFA_F_OPTIMISTIC addresses

failed, because in ipv6_chk_addr_and_flags(), IFA_F_OPTIMISTIC overrides IFA_F_TENTATIVE. Setting IFA_F_OPTIMISTIC from userspace is conditional on CONFIG_IPV6_OPTIMISTIC_DAD and the optimistic_dad sysctl. Signed-off-by: Sabrina Dubroca <s...@queasysnail.net> Reviewed-by: Stefano Brivio

Re: [PATCH] net: ipv4: avoid unused variable warning for sysctl

other variables like it, to avoid the harmless > warning. > > Fixes: c7272c2f1229 ("net: ipv4: don't allow setting net.ipv4.route.min_pmtu > below 68") > Signed-off-by: Arnd Bergmann <a...@arndb.de> Crap. Thanks, and sorry for the mess. Acked-by: Sabrina Dubroca <s...@queasysnail.net> -- Sabrina

Re: [PATCH net-next] ipv6: allow userspace to add IFA_F_OPTIMISTIC addresses

2018-02-27, 10:47:08 -0500, David Miller wrote: > From: Sabrina Dubroca <s...@queasysnail.net> > Date: Tue, 27 Feb 2018 15:13:28 +0100 > > > 2018-02-26, 12:11:27 -0500, David Miller wrote: > >> From: Sabrina Dubroca <s...@queasysnail.net> > &

  1   2   3   4   >