On Sat, 6 Jan 2018 10:01:54 +0100
Greg KH wrote:
> On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote:
> > Static analysis reports that 'offset' may be a user controlled value
>
> Can I see the rule that determined that? It does not feel like that is
>
From: Jassi Brar
Changes since v5
# Removed helper macros
# Removed 'inline' qualifier
# Changed multiline empty comment to single line
# Added 'clock-names' property in DT binding example
# Ignore 'clock-names' property in
On Fri, 5 Jan 2018 18:52:07 -0800
Linus Torvalds wrote:
> On Fri, Jan 5, 2018 at 5:10 PM, Dan Williams wrote:
> > From: Andi Kleen
> >
> > When access_ok fails we should always stop speculating.
> > Add the required
On Thu, Dec 28, 2017 at 9:48 AM, Dmitry Vyukov wrote:
> syzkaller triggered OOM kills by passing ipt_replace.size = -1
> to IPT_SO_SET_REPLACE. The root cause is that SMP_ALIGN() in
> xt_alloc_table_info() causes int overflow and the size check passes
> when it should not.
From: Jassi Brar
This patch adds documentation for Device-Tree bindings for the
Socionext NetSec Controller driver.
Reviewed-by: Rob Herring
Signed-off-by: Jassi Brar
Signed-off-by: Ard Biesheuvel
From: Jassi Brar
This driver adds support for Socionext "netsec" IP Gigabit
Ethernet + PHY IP used in the Synquacer SC2A11 SoC.
Signed-off-by: Ard Biesheuvel
Signed-off-by: Jassi Brar
---
From: Jassi Brar
Add entry for the Socionext Netsec controller driver and DT bindings.
Acked-by: Ard Biesheuvel
Signed-off-by: Jassi Brar
---
MAINTAINERS | 7 +++
1 file changed, 7 insertions(+)
diff
Den 13. nov. 2017 09:07, skrev Phil Reid:
Replaces Pan Bian patch
"net: dsa: lan9303: correctly check return value of devm_gpiod_get_optional"
Errors need to be prograted back from probe.
Note: I have only compile tested the code as I don't have the hardware.
Phil Reid
On Fri, Jan 05, 2018 at 09:23:06PM -0800, Dan Williams wrote:
> On Fri, Jan 5, 2018 at 6:55 PM, Linus Torvalds
> wrote:
> > On Fri, Jan 5, 2018 at 5:09 PM, Dan Williams
> > wrote:
> >> +#ifndef nospec_ptr
> >> +#define nospec_ptr(ptr, lo,
Em 6 de janeiro de 2018 15:09:45 BRST, Dmitry Vyukov
escreveu:
>On Sat, Jan 6, 2018 at 6:02 PM, Marcelo Ricardo Leitner
> wrote:
>> On Fri, Jan 05, 2018 at 02:07:01PM -0800, syzbot wrote:
>>> Hello,
>>>
>>> syzkaller hit the following crash on
>>>
On 1/5/18, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 8a4816cad00bf14642f0ed6043b32d29a05006ce
> git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is
On Saturday, January 6, 2018 2:10:37 AM CET Dan Williams wrote:
> Static analysis reports that 'queue' may be a user controlled value that
> is used as a data dependency to read from the 'ar9170_qmap' array. In
> order to avoid potential leaks of kernel memory values, block
> speculative execution
On Sat, 6 Jan 2018 17:25:20 +0800
邢庆杰 wrote:
> We create bond0 and add eth0 as slaves. Eth0 is active. Then we add
> bond0
> into br0 as a bridge port. Br0 has ip address. When eth0 is down, after
> bond0's
> failover eth1 become active. At this moment, we need br0 send a
> >Is it because the static void is on the previous line?
> Yes, it is because the static void is on the previous line.
>
> I can add one patch to fix the previous line , and this patch will correct
> automatically.
>
> do it need V2 patchset? or push a new patch after this patchset?
Thanks
On Saturday, January 6, 2018 4:06:21 PM CET Alan Cox wrote:
> > The only way a user can set this in any meaningful way would be via
> > a NL80211_CMD_SET_WIPHY netlink message. However, the value will get
> > vetted there by cfg80211's parse_txq_params [0]. This is long before
>
> Far more than a
On Sat, Jan 6, 2018 at 6:02 PM, Marcelo Ricardo Leitner
wrote:
> On Fri, Jan 05, 2018 at 02:07:01PM -0800, syzbot wrote:
>> Hello,
>>
>> syzkaller hit the following crash on
>> 8a4816cad00bf14642f0ed6043b32d29a05006ce
>>
On Sat, Jan 6, 2018 at 4:32 AM, Alan Cox wrote:
>
> Also for x86-64 if we are trusting that an AND with a constant won't get
> speculated into something else surely we can just and the address with ~(1
> << 63) before copying from/to user space ? The user will then
On Thu, 04 Jan 2018 13:37:33 -0500 (EST)
David Miller wrote:
> From: Ahmed Abdelsalam
> Date: Sat, 30 Dec 2017 00:08:32 +0100
>
> > Some functions of seg6local are very useful to process SRv6
> > encapsulated packets
> >
> > This patch exports some
On Fri, 05 Jan 2018 17:11:04 -0800
Dan Williams wrote:
> Static analysis reports that 'offset' may be a user controlled value
> that is used as a data dependency reading from a raw6_frag_vec buffer.
> In order to avoid potential leaks of kernel memory values, block
>
> The only way a user can set this in any meaningful way would be via
> a NL80211_CMD_SET_WIPHY netlink message. However, the value will get
> vetted there by cfg80211's parse_txq_params [0]. This is long before
Far more than a couple of hundred instructions ? The problem is that the
processor
On Sat, Jan 06, 2018 at 12:23:47PM +, Alan Cox wrote:
> On Sat, 6 Jan 2018 10:01:54 +0100
> Greg KH wrote:
>
> > On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote:
> > > Static analysis reports that 'offset' may be a user controlled value
> >
> > Can
On Sat, Jan 6, 2018 at 6:23 AM, Christian Lamparter wrote:
> On Saturday, January 6, 2018 2:10:37 AM CET Dan Williams wrote:
>> Static analysis reports that 'queue' may be a user controlled value that
>> is used as a data dependency to read from the 'ar9170_qmap' array. In
>>
On Fri, Jan 05, 2018 at 02:07:01PM -0800, syzbot wrote:
> Hello,
>
> syzkaller hit the following crash on
> 8a4816cad00bf14642f0ed6043b32d29a05006ce
> git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached
> Raw console
Sat, Jan 06, 2018 at 12:09:19AM CET, j...@resnulli.us wrote:
>From: Jiri Pirko
>
>So far, there was possible only to register a single filter chain
>pointer to block->chain[0]. However, when the blocks will get shareable,
>we need to allow multiple filter chain pointers
On 18-01-06 04:48 AM, Jiri Pirko wrote:
[..]
Or, do you think it should work like:
$ tc qdisc add dev ens8 ingress
$ tc qdisc
qdisc ingress : dev ens8 parent :fff1
>
$ tc qdisc add dev ens7 ingress block 22
>
$ tc qdisc
qdisc ingress : dev ens7 parent :fff1 block 22
qdisc
On Sat, Jan 6, 2018 at 7:14 AM, Greg KH wrote:
> On Sat, Jan 06, 2018 at 12:23:47PM +, Alan Cox wrote:
>> On Sat, 6 Jan 2018 10:01:54 +0100
>> Greg KH wrote:
>>
>> > On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote:
>> > >
On Fri, 2018-01-05 at 17:57 -0800, Dan Williams wrote:
> On Fri, Jan 5, 2018 at 5:53 PM, Srinivas Pandruvada
> wrote:
> >
> > On Fri, 2018-01-05 at 17:10 -0800, Dan Williams wrote:
> > >
> > > Static analysis reports that 'trip' may be a user controlled
> >
On 1/6/18 1:07 AM, Jiri Pirko wrote:
> Sat, Jan 06, 2018 at 04:57:21AM CET, dsah...@gmail.com wrote:
>> On 1/5/18 4:09 PM, Jiri Pirko wrote:
>>> From: Jiri Pirko
>>>
>>> Currently the filters added to qdiscs are independent. So for example if you
>>> have 2 netdevices and you
On Sat, Jan 6, 2018 at 1:40 AM, Greg KH wrote:
> On Sat, Jan 06, 2018 at 10:09:07AM +0100, Greg KH wrote:
>> On Fri, Jan 05, 2018 at 05:10:32PM -0800, Dan Williams wrote:
>> > Static analysis reports that 'index' may be a user controlled value that
>> > is used as a
> On Jan 5, 2018, at 12:09 AM, Yafang Shao wrote:
>
> On Fri, Jan 5, 2018 at 3:21 PM, Song Liu wrote:
>>
>>> On Jan 4, 2018, at 10:42 PM, Yafang Shao wrote:
>>>
>>> sk->sk_protocol and sk->sk_family are exposed as tracepoint
On Sat, Jan 6, 2018 at 6:48 AM, Stephen Hemminger
wrote:
> On Fri, 05 Jan 2018 17:11:04 -0800
> Dan Williams wrote:
>
>> Static analysis reports that 'offset' may be a user controlled value
>> that is used as a data dependency reading from a
On Sat, Jan 6, 2018 at 8:29 AM, Dan Williams wrote:
> On Sat, Jan 6, 2018 at 7:14 AM, Greg KH wrote:
>> On Sat, Jan 06, 2018 at 12:23:47PM +, Alan Cox wrote:
>>> On Sat, 6 Jan 2018 10:01:54 +0100
>>> Greg KH
Hello!
On 1/3/2018 11:08 PM, Sergei Shtylyov wrote:
After the Ether platform data is fixed, the driver probe() method would
still fail since the 'struct sh_eth_cpu_data' corresponding to SH771x
indicates the presence of TSU but the memory resource for it is absent.
Add the missing TSU
On Sat, Jan 06, 2018 at 10:09:07AM +0100, Greg KH wrote:
> On Fri, Jan 05, 2018 at 05:10:32PM -0800, Dan Williams wrote:
> > Static analysis reports that 'index' may be a user controlled value that
> > is used as a data dependency to read 'pin' from the
> > 'selector->baSourceID' array. In order
Sat, Jan 06, 2018 at 09:07:28AM CET, j...@resnulli.us wrote:
>Sat, Jan 06, 2018 at 04:57:21AM CET, dsah...@gmail.com wrote:
>>On 1/5/18 4:09 PM, Jiri Pirko wrote:
>>> From: Jiri Pirko
>>>
>>> Currently the filters added to qdiscs are independent. So for example if you
>>> have
On 1/6/2018 4:10 AM, Dan Williams wrote:
Static analysis reports that 'trip' may be a user controlled value that
is used as a data dependency to read '*temp' from the 'd->aux_trips'
array. In order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction
Sat, Jan 06, 2018 at 04:57:21AM CET, dsah...@gmail.com wrote:
>On 1/5/18 4:09 PM, Jiri Pirko wrote:
>> From: Jiri Pirko
>>
>> Currently the filters added to qdiscs are independent. So for example if you
>> have 2 netdevices and you create ingress qdisc on both and you want to
On 1/6/2018 4:11 AM, Dan Williams wrote:
Expectedly, static analysis reports that 'fd' is a user controlled value
that is used as a data dependency to read from the 'fdt->fd' array. In
order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction stream
On 1/6/2018 4:11 AM, Dan Williams wrote:
Static analysis reports that 'index' may be a user controlled value that
is used as a data dependency reading 'rt' from the 'platform_label'
array. In order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction
On 1/6/2018 4:11 AM, Dan Williams wrote:
Static analysis reports that 'offset' may be a user controlled value
that is used as a data dependency reading from a raw_frag_vec buffer.
In order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction stream
On 1/6/2018 4:11 AM, Dan Williams wrote:
Static analysis reports that 'offset' may be a user controlled value
that is used as a data dependency reading from a raw6_frag_vec buffer.
In order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction stream
If the probing of the regulator is deferred, the memory allocated by
'mdiobus_alloc_size()' will be leaking.
It should be freed before the next call to 'sun4i_mdio_probe()' which will
reallocate it.
Fixes: 4bdcb1dd9feb ("net: Add MDIO bus driver for the Allwinner EMAC")
Signed-off-by: Christophe
On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote:
> Static analysis reports that 'offset' may be a user controlled value
> that is used as a data dependency reading from a raw_frag_vec buffer.
> In order to avoid potential leaks of kernel memory values, block
> speculative execution of
On Fri, Jan 05, 2018 at 05:11:10PM -0800, Dan Williams wrote:
> Static analysis reports that 'offset' may be a user controlled value
Can I see the rule that determined that? It does not feel like that is
correct, given the 3+ levels deep that this function gets this value
from...
Same for the
On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote:
> Static analysis reports that 'handle' may be a user controlled value
> that is used as a data dependency to read 'sp' from the
> 'req->outstanding_cmds' array. In order to avoid potential leaks of
> kernel memory values, block
On Sat, Jan 06, 2018 at 10:03:22AM +0100, Greg KH wrote:
> On Fri, Jan 05, 2018 at 05:10:48PM -0800, Dan Williams wrote:
> > Static analysis reports that 'handle' may be a user controlled value
> > that is used as a data dependency to read 'sp' from the
> > 'req->outstanding_cmds' array. In order
Hello!
On 1/6/2018 4:10 AM, Dan Williams wrote:
Static analysis reports that 'queue' may be a user controlled value that
is used as a data dependency to read from the 'ar9170_qmap' array. In
order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction
On 1/6/2018 4:10 AM, Dan Williams wrote:
Static analysis reports that 'queue' may be a user controlled value that
is used as a data dependency to read from the 'priv->qos_params' array.
In order to avoid potential leaks of kernel memory values, block
speculative execution of the instruction
On 18-01-06 01:02 PM, Jamal Hadi Salim wrote:
On 18-01-06 04:48 AM, Jiri Pirko wrote:
BTW: From your output, DavidA, i noticed something strange:
two flower filters with the same handle id 0x1 (different prios)
At least on the kernel i am using this is the exhibited default
behavior. I can
On Sat, Jan 06, 2018 at 06:38:59PM +, Alan Cox wrote:
> On Sat, 6 Jan 2018 10:13:33 -0800
> Alexei Starovoitov wrote:
>
> > On Sat, Jan 06, 2018 at 12:32:42PM +, Alan Cox wrote:
> > > On Fri, 5 Jan 2018 18:52:07 -0800
> > > Linus Torvalds
The 'sh_eth' driver's probe() method would fail on the SolutionEngine7710
board and crash on SolutionEngine7712 board as the platform code is
hopelessly behind the driver's platform data -- it passes the PHY address
instead of 'struct sh_eth_plat_data *'; pass the latter to the driver in
order
After the Ether platform data is fixed, the driver probe() method would
still fail since the 'struct sh_eth_cpu_data' corresponding to SH771x
indicates the presence of TSU but the memory resource for it is absent.
Add the missing TSU resource to both Ether devices and fix the harmless
Hello!
Here's the series of 2 patches against Linus' repo. This series should
(hoplefully) fix the Ether support on the SolutionEngine771x boards...
[1/2] SolutionEngine771x: fix Ether platform data
[2/2] SolutionEngine771x: add Ether TSU resource
MBR, Sergei
Le 01/05/18 à 17:09, Dan Williams a écrit :
> Quoting Mark's original RFC:
>
> "Recently, Google Project Zero discovered several classes of attack
> against speculative execution. One of these, known as variant-1, allows
> explicit bounds checks to be bypassed under speculation, providing an
>
On Sat, Jan 6, 2018 at 10:39 AM, Alexei Starovoitov
wrote:
[..]
>> retpoline is variant-2, this patch series is about variant-1.
>
> that's exactly the point. Don't slow down the kernel with lfences
> to solve variant 1. retpoline for 2 is ok from long term kernel
>
Oops, forgot to add v2 to the subjects... :-/
On Thu, Jan 04, 2018 at 09:00:15AM +0100, Christoph Hellwig wrote:
> ->get_poll_head returns the waitqueue that the poll operation is going
> to sleep on. Note that this means we can only use a single waitqueue
> for the poll, unlike some current drivers that use two waitqueues for
> different
On Thu, Jan 04, 2018 at 09:00:16AM +0100, Christoph Hellwig wrote:
> The socket file operations still implement ->poll until all protocols are
> switched over.
>
> Signed-off-by: Christoph Hellwig
> ---
> include/linux/net.h | 3 +++
> net/socket.c| 61
>
Thank you, Eric and David, for the time spent in reviewing our work.
Some comments inline:
On 05/01/18 at 03:53am, Eric Dumazet wrote:
> I do not want to add yet another condition in fast path.
> Just put an arbitrary large value in the existing sysctl, no need for
> extra code.
Due to the
On Sat, Jan 06, 2018 at 10:54:27AM -0800, Dan Williams wrote:
> On Sat, Jan 6, 2018 at 10:39 AM, Alexei Starovoitov
> wrote:
> [..]
> >> retpoline is variant-2, this patch series is about variant-1.
> >
> > that's exactly the point. Don't slow down the kernel with
Hi,
On 07/01/18 03:28, Stefano Brivio wrote:
> On Sun, 7 Jan 2018 02:31:50 +0800
> Antonio Quartulli wrote:
>
>> When parsing and printing the unix sockets in unix_show(),
>> if the oldformat is detected, the peer_name member of the sockstat
>> object is left uninitialized
Hi Josef,
Em Sat, 6 Jan 2018 16:04:16 +0100
"Josef Griebichler" escreveu:
> Hi,
>
> the causing commit has been identified.
> After reverting commit
>
> cpus execute what they see. speculative execution does the same
> except results are not committed to visible registers and stay
> in renanmed/shadow set. There is no 'undo' of the speculative execution.
> The whole issue is that cache and branch predictor don't have
> a shadow unlike registers.
On Sat, Jan 6, 2018 at 11:37 AM, Dan Williams wrote:
> On Fri, Jan 5, 2018 at 5:09 PM, Dan Williams wrote:
>> Quoting Mark's original RFC:
>>
>> "Recently, Google Project Zero discovered several classes of attack
>> against speculative
> "Value prediction consists of predicting entire 32- and 64-bit register values
> based on previously-seen values"
For their implementation yes
>
> > In other words there are at least two problems with Linus proposal
> >
> > 1. The / mask has to be generated and that has to involve
On Sat, Jan 06, 2018 at 12:32:42PM +, Alan Cox wrote:
> On Fri, 5 Jan 2018 18:52:07 -0800
> Linus Torvalds wrote:
>
> > On Fri, Jan 5, 2018 at 5:10 PM, Dan Williams
> > wrote:
> > > From: Andi Kleen
> > >
> > >
Hello!
On 01/03/2018 11:08 PM, Sergei Shtylyov wrote:
The 'sh_eth' driver's probe() method would fail on the SolutionEngine7710
board and crash on SolutionEngine7712 board as the platform code is
hopelessly behind the driver's platform data -- it passes the PHY address
instead of 'struct
On 18-01-06 12:41 PM, David Ahern wrote:
On 1/6/18 1:07 AM, Jiri Pirko wrote:
Sat, Jan 06, 2018 at 04:57:21AM CET, dsah...@gmail.com wrote:
On 1/5/18 4:09 PM, Jiri Pirko wrote:
From: Jiri Pirko
$ tc filter show block 22
$ echo $?
0
$ tc qdisc show | grep block
qdisc
On Fri, Jan 5, 2018 at 5:09 PM, Dan Williams wrote:
> Quoting Mark's original RFC:
>
> "Recently, Google Project Zero discovered several classes of attack
> against speculative execution. One of these, known as variant-1, allows
> explicit bounds checks to be bypassed
On Sat, Jan 06, 2018 at 07:55:51PM +, Alan Cox wrote:
> > cpus execute what they see. speculative execution does the same
> > except results are not committed to visible registers and stay
> > in renanmed/shadow set. There is no 'undo' of the speculative execution.
> > The whole issue is that
Sat, Jan 06, 2018 at 06:41:18PM CET, dsah...@gmail.com wrote:
>On 1/6/18 1:07 AM, Jiri Pirko wrote:
>> Sat, Jan 06, 2018 at 04:57:21AM CET, dsah...@gmail.com wrote:
>>> On 1/5/18 4:09 PM, Jiri Pirko wrote:
From: Jiri Pirko
Currently the filters added to qdiscs
Sat, Jan 06, 2018 at 07:16:10PM CET, j...@mojatatu.com wrote:
>On 18-01-06 12:41 PM, David Ahern wrote:
>> On 1/6/18 1:07 AM, Jiri Pirko wrote:
>> > Sat, Jan 06, 2018 at 04:57:21AM CET, dsah...@gmail.com wrote:
>> > > On 1/5/18 4:09 PM, Jiri Pirko wrote:
>> > > > From: Jiri Pirko
Sat, Jan 06, 2018 at 12:09:24AM CET, j...@resnulli.us wrote:
>From: Jiri Pirko
>
>As the tcm_ifindex 0 is invalid ifindex, reuse it to indicate that we
>work with block, instead of qdisc. So if tcm_ifindex is 0, tcm_parent is
>used to carry block_index.
>
>If the block is set
On Sat, Jan 06, 2018 at 06:38:59PM +, Alan Cox wrote:
> Normally people who propose security fixes don't have to argue about the
> fact they added 30 clocks to avoid your box being 0wned.
In fact it depends, because if a fix makes the system unusable for its
initial purpose, this fix will
On Sat, Jan 6, 2018 at 10:13 AM, Alexei Starovoitov
wrote:
> On Sat, Jan 06, 2018 at 12:32:42PM +, Alan Cox wrote:
>> On Fri, 5 Jan 2018 18:52:07 -0800
>> Linus Torvalds wrote:
>>
>> > On Fri, Jan 5, 2018 at 5:10 PM, Dan Williams
On Sat, Jan 06, 2018 at 10:29:49AM -0800, Dan Williams wrote:
> On Sat, Jan 6, 2018 at 10:13 AM, Alexei Starovoitov
> wrote:
> > On Sat, Jan 06, 2018 at 12:32:42PM +, Alan Cox wrote:
> >> On Fri, 5 Jan 2018 18:52:07 -0800
> >> Linus Torvalds
On Sat, 6 Jan 2018 10:13:33 -0800
Alexei Starovoitov wrote:
> On Sat, Jan 06, 2018 at 12:32:42PM +, Alan Cox wrote:
> > On Fri, 5 Jan 2018 18:52:07 -0800
> > Linus Torvalds wrote:
> >
> > > On Fri, Jan 5, 2018 at 5:10 PM, Dan
On Sun, 7 Jan 2018 02:31:49 +0800
Antonio Quartulli wrote:
> When the first header field is disabled (i.e. when passing the -t
> option), field_flush() is invoked with the `buffer` global variable
> still zero'd.
> However, in field_flush() we try to access buffer.cur->len
>
On Fri, Jan 5, 2018 at 10:59 PM, Ed Swierk wrote:
>
>
> On Jan 5, 2018 22:17, "Pravin Shelar" wrote:
>
> On Fri, Jan 5, 2018 at 3:20 PM, Ed Swierk
> wrote:
>> On Fri, Jan 5, 2018 at 10:14 AM, Ed Swierk
It sounds like Coverity was used to produce these patches? If so, is
there a plan to have smatch (hey Dan) or other open source static
analysis tool be possibly enhanced to do a similar type of work?
I'd love for that to happen; the tricky part is being able to have even a
sort of sensible
When parsing and printing the unix sockets in unix_show(),
if the oldformat is detected, the peer_name member of the sockstat
object is left uninitialized (NULL).
For this reason, if a filter has been specified on the command line,
a strcmp() will crash when trying to access it.
Avoid crash by
When the first header field is disabled (i.e. when passing the -t
option), field_flush() is invoked with the `buffer` global variable
still zero'd.
However, in field_flush() we try to access buffer.cur->len
during variables initialization, thus leading to a SIGSEGV.
It's interesting to note that
On Thu, Jan 04, 2018 at 09:00:14AM +0100, Christoph Hellwig wrote:
> These abstract out calls to the poll method in preparation for changes to
> those methods.
FWIW, I would make vfs_poll()
static inline __poll_t vfs_poll(struct file *file, struct poll_table_struct *pt)
{
if
On 1/6/18 11:02 AM, Jamal Hadi Salim wrote:
> BTW: From your output, DavidA, i noticed something strange:
> two flower filters with the same handle id 0x1 (different prios)
> and also two filters with the same prio (but different handles).
> I see one was added using :dev .." - how were the other
On Sun, 7 Jan 2018 02:31:50 +0800
Antonio Quartulli wrote:
> When parsing and printing the unix sockets in unix_show(),
> if the oldformat is detected, the peer_name member of the sockstat
> object is left uninitialized (NULL).
Luckily, it is initialized. I'd rather say:
On 01/05/2018 06:54 PM, David Miller wrote:
Here's the series of 2 patches against Linus' repo. This series should
(hoplefully) fix the Ether support on the SolutionEngine771x boards...
[1/2] SolutionEngine771x: fix Ether platform data
[2/2] SolutionEngine771x: add Ether TSU resource
Looks
On Sat, Jan 6, 2018 at 11:25 AM, Alexei Starovoitov
wrote:
> On Sat, Jan 06, 2018 at 10:54:27AM -0800, Dan Williams wrote:
>> On Sat, Jan 6, 2018 at 10:39 AM, Alexei Starovoitov
>> wrote:
>> [..]
>> >> retpoline is variant-2, this patch
On Sat, 6 Jan 2018, Alexei Starovoitov wrote:
> On Sat, Jan 06, 2018 at 10:54:27AM -0800, Dan Williams wrote:
> > On Sat, Jan 6, 2018 at 10:39 AM, Alexei Starovoitov
> > wrote:
> > [..]
> > >> retpoline is variant-2, this patch series is about variant-1.
> > >
> > >
On Sat, Jan 06, 2018 at 05:41:28PM -0800, Wei Wang wrote:
> On Fri, Jan 5, 2018 at 11:42 PM, Martin KaFai Lau wrote:
> > On Fri, Jan 05, 2018 at 05:38:35PM -0800, Wei Wang wrote:
> >> From: Wei Wang
> >>
> >> In the current code, when creating a new fib6 table,
As of now, there're two sk_family are traced with sock:inet_sock_set_state,
which are AF_INET and AF_INET6.
So the sk_family are exposed as well.
Then we can conveniently use it to do the filter.
Both sk_family and sk_protocol are showed in the printk message, so we need
not expose them as
On Sat, Jan 06, 2018 at 11:05:07PM +, Alan Cox wrote:
> > Even if it would be practical the speed probably going to be in bytes per
> > second,
> > so to read anything meaningful an attack detection techniques (that people
> > are actively working on) will be able to catch it.
> > At the end
On Sat, Jan 06, 2018 at 07:38:14PM -0800, Alexei Starovoitov wrote:
> yep. plenty of unknowns and what's happening now is an overreaction.
To be fair there's overreaction on both sides. The vast majority of
users need to get a 100% safe system and will never notice any
difference. A few of us
On Thu, Jan 04, 2018 at 08:29:31PM -0700, David Ahern wrote:
> On 1/4/18 12:01 AM, Leon Romanovsky wrote:
> > diff --git a/rdma/utils.c b/rdma/utils.c
> > index af2b374d..446c23da 100644
> > --- a/rdma/utils.c
> > +++ b/rdma/utils.c
> > @@ -114,6 +114,225 @@ static void dev_map_cleanup(struct rd
From: Subash Abhinov Kasiviswanathan
Date: Fri, 05 Jan 2018 18:05:23 -0700
> I dont see this series in patchwork.
It's there, in state "Changes Requested" because you were given
feedback on your patch series and you must address it.
"Changes Requested" state patches do
On Sat, Jan 6, 2018 at 3:31 PM, Dan Williams wrote:
>
> I assume if we put this in uaccess_begin() we also need audit for
> paths that use access_ok but don't do on to call uaccess_begin()? A
> quick glance shows a few places where we are open coding the stac().
>
From: Willy Tarreau
Date: Sat, 6 Jan 2018 21:42:29 +0100
> On Sat, Jan 06, 2018 at 06:38:59PM +, Alan Cox wrote:
>> Normally people who propose security fixes don't have to argue about the
>> fact they added 30 clocks to avoid your box being 0wned.
>
> In fact it depends,
On Fri, Jan 5, 2018 at 11:42 PM, Martin KaFai Lau wrote:
> On Fri, Jan 05, 2018 at 05:38:35PM -0800, Wei Wang wrote:
>> From: Wei Wang
>>
>> In the current code, when creating a new fib6 table, tb6_root.leaf gets
>> initialized to net->ipv6.ip6_null_entry.
>> If
From: Yonatan Goldschmidt
Date: Sun, 7 Jan 2018 01:26:48 +0200
> IP fragmentation can be performed as expected down the stack, without touching
> irrelevant fields in the included header besides fragment offset, setting
> IP_MF and header checksum.
> If the included header
It's there, in state "Changes Requested" because you were given
feedback on your patch series and you must address it.
"Changes Requested" state patches do not show up in the default
view, you must explicitly adjust the search criteria to see
patches which are not in state which qualifies as
After reviewing memdup_user() callers, I've found several places
where it got completely unbounded values passed for size (up to 2Gb),
as well as some bounded by ridiculously high values - e.g.
if (size > 1024 * 128) /* sane value */
return -EINVAL;
1 - 100 of 117 matches
Mail list logo