On Mon, Sep 17, 2018 at 10:32 AM John Fastabend
wrote:
>
> After this patch we only allow socks that are in ESTABLISHED state or
> are being added via a sock_ops event that is transitioning into an
> ESTABLISHED state. By allowing sock_ops events we allow users to
> manage sockmaps directly from
On Mon, Sep 17, 2018 at 10:32 AM John Fastabend
wrote:
>
> It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
> state via tcp_disconnect() without actually calling tcp_close which
> would then call our bpf_tcp_close() callback. Because of this a user
> could disconnect a socket
On Mon, Sep 17, 2018 at 10:33 AM John Fastabend
wrote:
>
> Ensure that sockets added to a sock{map|hash} that is not in the
> ESTABLISHED state is rejected.
>
> Fixes: 1aa12bdf1bfb ("bpf: sockmap, add sock close() hook to remove socks")
> Signed-off-by: John Fastabend
> ---
>
On Mon, Sep 17, 2018 at 11:07 PM, Leon Romanovsky wrote:
> On Mon, Sep 17, 2018 at 10:51:29PM +0300, Or Gerlitz wrote:
>> On Mon, Sep 17, 2018 at 10:34 PM, Leon Romanovsky
>> wrote:
>> > On Mon, Sep 17, 2018 at 02:03:53PM +0300, Leon Romanovsky wrote:
>> >> From: Leon Romanovsky
>> >>
>> >>
On Mon, Sep 17, 2018 at 11:57:28AM +0200, Johannes Berg wrote:
> From: Johannes Berg
>
> In some situations some netlink attributes may be used for output
> only (kernel->userspace) or may be reserved for future use. It's
> then helpful to be able to prevent userspace from using them in
>
On Mon, Sep 17, 2018 at 11:57:29AM +0200, Johannes Berg wrote:
> From: Johannes Berg
>
> Commonly, ethernet addresses are just using a policy of
> { .len = ETH_ALEN }
> which leaves userspace free to send more data than it should,
> which may hide bugs.
>
> Introduce NLA_EXACT_LEN which
On Mon, Sep 17, 2018 at 02:03:53PM +0300, Leon Romanovsky wrote:
> From: Leon Romanovsky
>
> From Yishai,
>
> This series comes to enable the DEVX functionality in some wider scope,
> specifically,
> - It enables using kernel objects that were created by the verbs
> API in the DEVX flow.
> - It
On 09/17/2018 10:59 AM, John Fastabend wrote:
> It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
> state via tcp_disconnect() without actually calling tcp_close which
> would then call our bpf_tcp_close() callback. Because of this a user
> could disconnect a socket then put it
On Wed, Sep 05, 2018 at 06:54:57PM +0100, Edward Cree wrote:
> Of the three drivers that currently support FEC configuration, two (sfc
> and cxgb4[vf]) accept configurations with more than one bit set in the
> feccmd.fec bitmask. (The precise semantics of these combinations vary.)
> Thus, this
On Mon, Sep 17, 2018 at 10:51:29PM +0300, Or Gerlitz wrote:
> On Mon, Sep 17, 2018 at 10:34 PM, Leon Romanovsky wrote:
> > On Mon, Sep 17, 2018 at 02:03:53PM +0300, Leon Romanovsky wrote:
> >> From: Leon Romanovsky
> >>
> >> From Yishai,
> >>
> >> This series comes to enable the DEVX
On Mon, Sep 17, 2018 at 1:49 PM Stefan Nuernberger wrote:
> commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop") fixed
> a possible infinite loop in the IP option parsing of CIPSO. The fix
> assumes that ip_options_compile filtered out all zero length options and
> that no other
On Mon, Sep 17, 2018 at 10:34 PM, Leon Romanovsky wrote:
> On Mon, Sep 17, 2018 at 02:03:53PM +0300, Leon Romanovsky wrote:
>> From: Leon Romanovsky
>>
>> From Yishai,
>>
>> This series comes to enable the DEVX functionality in some wider scope,
>> specifically,
>> - It enables using kernel
On Mon, Sep 17, 2018 at 11:13:55PM +0300, Or Gerlitz wrote:
> On Mon, Sep 17, 2018 at 11:07 PM, Leon Romanovsky wrote:
> > On Mon, Sep 17, 2018 at 10:51:29PM +0300, Or Gerlitz wrote:
> >> On Mon, Sep 17, 2018 at 10:34 PM, Leon Romanovsky
> >> wrote:
> >> > On Mon, Sep 17, 2018 at 02:03:53PM
On 9/17/18 3:19 AM, Daniel Borkmann wrote:
> On 09/14/2018 11:49 PM, Yonghong Song wrote:
>> This is a followup patch for Commit f6f3bac08ff9
>> ("tools/bpf: bpftool: add net support").
>> Some improvements are made for the bpftool net output.
>> Specially, plain output is more concise such that
On the Netgear WNDAP620, the emac ethernet isn't receiving nor
xmitting any frames from/to the RTL8363SB (identifies itself
as a RTL8367RB).
This is caused by the emac hardware not knowing the forced link
parameters for speed, duplex, pause, etc.
This begs the question, how this was working on
From: Felix Manlunas
Date: Sun, 16 Sep 2018 22:43:32 -0700
> From: Weilin Chang
>
> 1. Add functions for get_fecparam and set_fecparam.
> 2. Modify lio_get_link_ksettings to display FEC setting.
>
> Signed-off-by: Weilin Chang
> Acked-by: Derek Chickles
> Signed-off-by: Felix Manlunas
Restructure the OSN xmit path to handle misaligned HW headers properly,
without shifting the packet data around.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_core.h | 1 -
drivers/s390/net/qeth_core_main.c | 21 -
drivers/s390/net/qeth_l2_main.c | 37
Switch TSO over to the faster transmit path, and remove all the unused
old TSO code.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_core.h | 1 -
drivers/s390/net/qeth_core_main.c | 3 +-
drivers/s390/net/qeth_l3_main.c | 151 ++
3 files
For quite a lot of code paths it's obvious that they will never run in
IRQ context. So replace their spin_lock_irqsave() calls with
spin_lock_irq().
While at it, get rid of the redundant card pointer in struct qeth_reply
that was used by qeth_send_control_data() to access the card's lock.
qeth_get_ipacmd_buffer() obtains its buffers for building IPA cmds from
__qeth_get_buffer(), where they are fully cleared. So get rid of all the
additional zero-ing in various other places.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_core_main.c | 15 +--
1 file
L3 OSAs can only offload IPv4 traffic, use the common L2 transmit path
for all other traffic.
In particular there's no support for TX VLAN offload, so any such packet
needs to be manually de-accelerated via ndo_features_check().
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_l3_main.c
qeth_l3_xmit() is now only used for TSOv4 traffic, shrink it down.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_l3_main.c | 71 ++---
1 file changed, 17 insertions(+), 54 deletions(-)
diff --git a/drivers/s390/net/qeth_l3_main.c
When qeth_add_hw_header() falls back to the HW header cache, it also
copies over the necessary protocol headers. Thus any manipulation to
the protocol headers needs to happen before adding the HW header.
For current usage this doesn't matter, but it becomes relevant when
moving TSO transmission
Combined L3+L4 csum offload is only required for some L3 HW. So for
L2 devices, don't offload the IP header csum calculation.
Signed-off-by: Julian Wiedmann
Reference-ID: JUP 394553
---
drivers/s390/net/qeth_core.h| 5 -
drivers/s390/net/qeth_l3_main.c | 5 +
2 files changed, 5
Assuming this was just a typo, as returning an actual negative value
from a cmd callback would make no sense either.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_core_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/s390/net/qeth_core_main.c
Convert the last remaining user of qeth_get_elements_no() to
qeth_count_elements(), so this helper can be removed.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_core.h | 3 +--
drivers/s390/net/qeth_core_main.c | 39 +++
Calling napi_schedule() from process context does not ensure that the
NET_RX softirq is run in a timely fashion. So trigger it manually.
This is no big issue with current code. A call to ndo_open() is usually
followed by a ndo_set_rx_mode() call, and for qeth this contains a
spin_unlock_bh().
Hi Dave,
please apply the following patchset to net-next. This brings more restructuring
of qeth's transmit code (eliminating its last usage of skb_realloc_headroom()),
and the usual mix of minor improvements & cleanups.
Thanks,
Julian
Julian Wiedmann (15):
s390/qeth: move L2 xmit code to
When setting up, qeth installs its IRQ handler on the ccw devices. But
the IRQ handler is not cleared on removal - so even after qeth yields
control of the ccw devices, spurious interrupts would still be presented
to us.
Make (de-)installation of the IRQ handler part of the ccw channel
Add all the necessary TSO plumbing to the copy-less transmit path.
This includes calculating the right length of required protocol headers,
and always building a separate buffer element for the TSO headers.
A follow-up patch will then switch TSO traffic over to this path.
Signed-off-by: Julian
On Thu, 13 Sep 2018 12:33:38 -0700
Stephen Hemminger wrote:
> If an error happens in multi-segment message (tc only)
> then report the error and stop processing further responses.
> This also fixes refering to the buffer after free.
>
> The sequence check is not necessary here because the
>
On 2018-09-13 18:52, Jakub Kicinski wrote:
> On Thu, 13 Sep 2018 18:31:55 +0200, Konrad Djimeli wrote:
>> Hello,
>>
>> I have been working on trying to make use of AF_XDP sockets as part of a
>> project I working on, and I have been facing some issues but I am not
>> sure where to ask questions
On Thu, Sep 13, 2018 at 9:11 PM David Ahern wrote:
>
> On 9/13/18 1:38 PM, Peter Oskolkov wrote:
>
> > diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> > index 3eed045c65a5..a3902f805305 100644
> > --- a/net/ipv6/route.c
> > +++ b/net/ipv6/route.c
> > @@ -946,7 +946,7 @@ static void
On 9/17/2018 10:50 PM, Andrew Lunn wrote:
> On Mon, Sep 17, 2018 at 04:53:29PM +0800, Wang Dongsheng wrote:
>> This property copy from "ibm,emac.txt" to describe a shared MIDO bus.
>> Since emac include MDIO, so If the motherboard has more than one PHY
>> connected to an MDIO bus, this property
On 9/17/18 9:11 AM, Peter Oskolkov wrote:
> On Thu, Sep 13, 2018 at 9:11 PM David Ahern wrote:
>>
>> On 9/13/18 1:38 PM, Peter Oskolkov wrote:
>>
>>> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
>>> index 3eed045c65a5..a3902f805305 100644
>>> --- a/net/ipv6/route.c
>>> +++ b/net/ipv6/route.c
From: Michael Chan
Date: Fri, 14 Sep 2018 15:41:29 -0400
> The recent commit to always forward the VF MAC address to the PF for
> approval may not work if the PF driver or the firmware is older. This
> will cause the VF driver to fail during probe:
>
> bnxt_en :00:03.0 (unnamed
From: Eric Dumazet
Date: Fri, 14 Sep 2018 12:02:31 -0700
> In the unlikely case ip6_xmit() has to call skb_realloc_headroom(),
> we need to call skb_set_owner_w() before consuming original skb,
> otherwise we risk a use-after-free.
>
> Bring IPv6 in line with what we do in IPv4 to fix this.
>
From: Andrew Lunn
Date: Fri, 14 Sep 2018 23:46:12 +0200
> Fix a cut/paste error and a typo which results in ATU miss violations
> not being reported.
>
> Fixes: 0977644c5005 ("net: dsa: mv88e6xxx: Decode ATU problem interrupt")
> Signed-off-by: Andrew Lunn
Applied and queued up for -stable.
From: Daniel Borkmann
Date: Fri, 14 Sep 2018 23:00:55 +0200
> In kTLS MSG_PEEK behavior is currently failing, strace example:
...
> As can be seen from strace, there are two TLS records sent,
> i) 'test_read_peek' and ii) '_mult_recs\0' where we end up
> peeking
Hi Russell,
Russell King - ARM Linux writes:
> On Mon, Sep 17, 2018 at 05:19:57PM +0300, Baruch Siach wrote:
>> When the switching to the SFP detected link mode update the main
>> link_interface field as well. Otherwise, the link fails to come up when
>> the configured 'phy-mode' defers from the
From: Julian Wiedmann
Date: Mon, 17 Sep 2018 17:35:54 +0200
> please apply the following patchset to net-next. This brings more
> restructuring
> of qeth's transmit code (eliminating its last usage of
> skb_realloc_headroom()),
> and the usual mix of minor improvements & cleanups.
Series
On 09/17/2018 09:47 AM, Wang, Dongsheng wrote:
> On 9/17/2018 10:50 PM, Andrew Lunn wrote:
>> On Mon, Sep 17, 2018 at 04:53:29PM +0800, Wang Dongsheng wrote:
>>> This property copy from "ibm,emac.txt" to describe a shared MIDO bus.
>>> Since emac include MDIO, so If the motherboard has more than
From: Stephen Hemminger
Date: Fri, 14 Sep 2018 12:54:55 -0700
> The Hyper-V implementation of PCI controller has concept of 32 bit serial
> number
> (not to be confused with PCI-E serial number). This value is sent in the
> protocol
> from the host to indicate SR-IOV VF device is attached to
From: Wei Yongjun
Date: Sat, 15 Sep 2018 01:33:21 +
> In case of error, the function devm_ioremap_resource() returns ERR_PTR()
> and never returns NULL. The NULL test in the return value check should
> be replaced with IS_ERR().
>
> Fixes: 14fceff4771e ("net: dsa: Add Lantiq / Intel DSA
On Mon, Sep 17, 2018 at 05:13:07PM +0200, Simon Horman wrote:
> On Wed, Sep 12, 2018 at 01:53:14AM +0200, Andrew Lunn wrote:
> > Some MAC hardware cannot support a subset of link modes. e.g. often
> > 1Gbps Full duplex is supported, but Half duplex is not. Add a helper
> > to remove such a link
We need the exact same transmit path for non-offload-eligible traffic on
L3 OSAs. So make it accessible from both sub-drivers.
Signed-off-by: Julian Wiedmann
---
drivers/s390/net/qeth_core.h | 5 +++
drivers/s390/net/qeth_core_main.c | 59 +++
When qeth_add_hw_header() falls back to the header cache, ensure that
the requested length doesn't exceed the object size.
For current usage this is a no-brainer, but TSO transmission will
introduce protocol headers of varying length.
Signed-off-by: Julian Wiedmann
---
From: Cong Wang
Date: Fri, 14 Sep 2018 13:32:42 -0700
> ra_mutex is a IPv4 specific mutex, it is inside struct netns_ipv4,
> but its initialization is in the generic netns code, setup_net().
>
> Move it to IPv4 specific net init code, inet_init_net().
>
> Fixes: d9ff3049739e ("net: Replace
From: Wei Yongjun
Date: Sat, 15 Sep 2018 01:33:50 +
> In case of error, the function devm_ioremap_resource() returns ERR_PTR()
> and never returns NULL. The NULL test in the return value check should
> be replaced with IS_ERR().
>
> Fixes: fe1a56420cf2 ("net: lantiq: Add Lantiq / Intel
From: Wei Yongjun
Date: Sat, 15 Sep 2018 01:42:09 +
> Fixes the following sparse warning:
>
> drivers/net/ethernet/hisilicon/hns/hns_dsaf_gmac.c:322:5: warning:
> symbol 'hns_gmac_wait_fifo_clean' was not declared. Should it be static?
>
> Signed-off-by: Wei Yongjun
Applied.
From: Hauke Mehrtens
Date: Sat, 15 Sep 2018 14:08:44 +0200
> These are mostly minor fixes to problems addresses in the latests round
> of the review of the original series adding these driver, which were not
> applied before the patches got merged into net-next.
> In addition it fixes a data
commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop") fixed
a possible infinite loop in the IP option parsing of CIPSO. The fix
assumes that ip_options_compile filtered out all zero length options and
that no other one-byte options beside IPOPT_END and IPOPT_NOOP exist.
While this
On Mon, Sep 17, 2018 at 05:19:57PM +0300, Baruch Siach wrote:
> When the switching to the SFP detected link mode update the main
> link_interface field as well. Otherwise, the link fails to come up when
> the configured 'phy-mode' defers from the SFP detected mode.
>
> This fixes 1GB SFP module
On Wed, Sep 12, 2018 at 01:53:14AM +0200, Andrew Lunn wrote:
> Some MAC hardware cannot support a subset of link modes. e.g. often
> 1Gbps Full duplex is supported, but Half duplex is not. Add a helper
> to remove such a link mode.
>
> Signed-off-by: Andrew Lunn
> Reviewed-by: Florian Fainelli
From: Igor Russkikh
Date: Sat, 15 Sep 2018 18:03:39 +0300
> From: Friedemann Gerold
>
> This patch fixes skb_shared area, which will be corrupted
> upon reception of 4K jumbo packets.
>
> Originally build_skb usage purpose was to reuse page for skb to eliminate
> needs of extra fragments. But
From: Zhu Yanjun
Date: Sun, 16 Sep 2018 22:49:30 -0400
> The function rds_inc_init is in recv process. To use memset can optimize
> the function rds_inc_init.
> The test result:
>
> Before:
> 1) + 24.950 us |rds_inc_init [rds]();
> After:
> 1) + 10.990 us |
From: John Fastabend
Date: Fri, 14 Sep 2018 13:01:46 -0700
> When async support was added it needed to access the sk from the async
> callback to report errors up the stack. The patch tried to use space
> after the aead request struct by directly setting the reqsize field in
> aead_request. This
On 9/17/18 9:11 AM, Peter Oskolkov wrote:
> On Thu, Sep 13, 2018 at 9:11 PM David Ahern wrote:
>>
>> On 9/13/18 1:38 PM, Peter Oskolkov wrote:
>>
>>> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
>>> index 3eed045c65a5..a3902f805305 100644
>>> --- a/net/ipv6/route.c
>>> +++ b/net/ipv6/route.c
On Mon, Sep 17, 2018 at 11:12 AM Stefan Nuernberger wrote:
> commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop") fixed
> a possible infinite loop in the IP option parsing of CIPSO. The fix
> assumes that ip_options_compile filtered out all zero length options and
> that no other
This is a followup patch for Commit f6f3bac08ff9
("tools/bpf: bpftool: add net support").
Some improvements are made for the bpftool net output.
Specially, plain output is more concise such that
per attachment should nicely fit in one line.
Compared to previous output, the prog tag is removed
On (09/17/18 16:15), Alexei Starovoitov wrote:
>
> if the goal is to add firewall ability to RDS then the patch set
> is going in the wrong direction.
The goal is to add the ability to process scatterlist directly,
just like we process skb's today.
Your main objection was that you wanted a test
On Mon, Sep 17, 2018 at 07:23:48PM -0400, Sowmini Varadhan wrote:
> On (09/17/18 16:15), Alexei Starovoitov wrote:
> >
> > if the goal is to add firewall ability to RDS then the patch set
> > is going in the wrong direction.
>
> The goal is to add the ability to process scatterlist directly,
>
On Thu, Sep 13, 2018 at 06:10:13AM -0400, Sowmini Varadhan wrote:
> On (09/12/18 19:07), Alexei Starovoitov wrote:
> >
> > I didn't know that. The way I understand your statement that
> > this new program type, new sg logic, and all the complexity
> > are only applicable to RDMA capable hw and
From: Alaa Hleihel
When modifying hairpin SQ, instead of checking if the next state equals
to MLX5_SQC_STATE_RDY, we compare it against the MLX5_RQC_STATE_RDY enum
value.
The code worked since both of MLX5_RQC_STATE_RDY and MLX5_SQC_STATE_RDY
have the same value today.
This patch fixes this
This series provides three fixes to mlx5 core and mlx5e netdevice
driver.
Please pull and let me know if there's any problem.
For -stable v4.16:
('net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ')
Thanks,
Saeed.
---
The following changes since commit
From: Eli Cohen
Use accessor function READ_ONCE to read from coherent memory modified
by the device and read by the driver. This becomes most important in
preemptive kernels where cond_resched implementation does not have the
side effect which guaranteed the updated value.
Fixes: 269d26f47f6f
Read TLS caps from the core driver only when TLS is supported, i.e
mlx5_accel_is_tls_device returns true.
Fixes: 790af90c00d2 ("net/mlx5e: TLS, build TLS netdev from capabilities")
Reported-by: Michal Kubecek
Signed-off-by: Saeed Mahameed
Reviewed-by: Boris Pismenny
Reviewed-by: Tariq Toukan
Ensure that sockets added to a sock{map|hash} that is not in the
ESTABLISHED state is rejected.
Fixes: 1aa12bdf1bfb ("bpf: sockmap, add sock close() hook to remove socks")
Signed-off-by: John Fastabend
---
tools/testing/selftests/bpf/test_maps.c | 10 +++---
1 file changed, 7
After this patch we only allow socks that are in ESTABLISHED state or
are being added via a sock_ops event that is transitioning into an
ESTABLISHED state. By allowing sock_ops events we allow users to
manage sockmaps directly from sock ops programs. The two supported
sock_ops ops are
It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
state via tcp_disconnect() without actually calling tcp_close which
would then call our bpf_tcp_close() callback. Because of this a user
could disconnect a socket then put it in a LISTEN state which would
break our assumptions
Eric noted that using the close callback is not sufficient
to catch all transitions from ESTABLISHED state to a LISTEN
state. So this series does two things. First, only allow
adding socks in ESTABLISH state and second use unhash callback
to catch tcp_disconnect() transitions.
v2: Added check for
DST_NOCOUNT in dst_entry::flags tracks whether the entry counts
toward route cache size (net->ipv6.sysctl.ip6_rt_max_size).
If the flag is NOT set, dst_ops::pcpuc_entries counter is incremented
in dist_init() and decremented in dst_destroy().
This flag is tied to allocation/deallocation of
It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
state via tcp_disconnect() without actually calling tcp_close which
would then call our bpf_tcp_close() callback. Because of this a user
could disconnect a socket then put it in a LISTEN state which would
break our assumptions
Ensure that sockets added to a sock{map|hash} that is not in the
ESTABLISHED state is rejected.
Fixes: 1aa12bdf1bfb ("bpf: sockmap, add sock close() hook to remove socks")
Signed-off-by: John Fastabend
---
tools/testing/selftests/bpf/test_maps.c | 10 +++---
1 file changed, 7
Eric noted that using the close callback is not sufficient
to catch all transitions from ESTABLISHED state to a LISTEN
state. So this series does two things. First, only allow
adding socks in ESTABLISH state and second use unhash callback
to catch tcp_disconnect() transitions.
Thanks,
John
---
After this patch we only allow socks that are in ESTABLISHED state or
are being added via a sock_ops event that is transitioning into an
ESTABLISHED state. By allowing sock_ops events we allow users to
manage sockmaps directly from sock ops programs. The two supported
sock_ops ops are
On Mon, Sep 17, 2018 at 9:59 AM David Ahern wrote:
>
> On 9/17/18 9:11 AM, Peter Oskolkov wrote:
> > On Thu, Sep 13, 2018 at 9:11 PM David Ahern wrote:
> >>
> >> On 9/13/18 1:38 PM, Peter Oskolkov wrote:
> >>
> >>> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> >>> index
commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop") fixed
a possible infinite loop in the IP option parsing of CIPSO. The fix
assumes that ip_options_compile filtered out all zero length options and
that no other one-byte options beside IPOPT_END and IPOPT_NOOP exist.
While this
On Mon, 2018-09-17 at 12:35 -0400, Paul Moore wrote:
> On Mon, Sep 17, 2018 at 11:12 AM Stefan Nuernberger
> wrote:
> >
> > commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop")
> > fixed
> > a possible infinite loop in the IP option parsing of CIPSO. The fix
> > assumes that
Hi all,
while working on IPv6 vlxan driver I figured out that with recent version
of iproute2 it is no longer possible to configure an IPv6 vxlan device without
endpoint info (local ip, remote ip or group ip) and later add entries in
the vxlan fdb. This issue can be triggered with the following
On 9/17/18 10:20 AM, Peter Oskolkov wrote:
> DST_NOCOUNT in dst_entry::flags tracks whether the entry counts
> toward route cache size (net->ipv6.sysctl.ip6_rt_max_size).
>
> If the flag is NOT set, dst_ops::pcpuc_entries counter is incremented
> in dist_init() and decremented in dst_destroy().
>
From: Colin King
Date: Fri, 14 Sep 2018 18:19:16 +0100
> From: Colin Ian King
>
> It is impossible for frontpkt to be null at the point of the null
> check because it has been assigned from rearpkt and there is no
> way realpkt can be null at the point of the assignment because
> of the sanity
From: Saeed Mahameed
Date: Mon, 17 Sep 2018 17:01:58 -0700
> This series provides three fixes to mlx5 core and mlx5e netdevice
> driver.
>
> Please pull and let me know if there's any problem.
>
> For -stable v4.16:
> ('net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ')
From: Stefan Nuernberger
Date: Mon, 17 Sep 2018 19:46:53 +0200
> commit 40413955ee26 ("Cipso: cipso_v4_optptr enter infinite loop") fixed
> a possible infinite loop in the IP option parsing of CIPSO. The fix
> assumes that ip_options_compile filtered out all zero length options and
> that no
From: Peter Oskolkov
Date: Mon, 17 Sep 2018 10:20:53 -0700
> DST_NOCOUNT in dst_entry::flags tracks whether the entry counts
> toward route cache size (net->ipv6.sysctl.ip6_rt_max_size).
>
> If the flag is NOT set, dst_ops::pcpuc_entries counter is incremented
> in dist_init() and decremented
On 09/17/2018 02:09 PM, Y Song wrote:
> On Mon, Sep 17, 2018 at 10:32 AM John Fastabend
> wrote:
>>
>> It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
>> state via tcp_disconnect() without actually calling tcp_close which
>> would then call our bpf_tcp_close() callback.
On Mon, Sep 17, 2018 at 9:39 PM John Fastabend wrote:
>
> It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
> state via tcp_disconnect() without actually calling tcp_close which
> would then call our bpf_tcp_close() callback. Because of this a user
> could disconnect a socket
The function nft_validate_register_store requires a struct of type
struct nft_data_types. NFTA_DATA_VALUE is of type enum
nft_verdict_attributes. Pass the correct enum type.
This fixes a warning seen with Clang:
net/netfilter/nft_osf.c:52:8: warning: implicit conversion from
enumeration
From: Alaa Hleihel
When modifying hairpin SQ, instead of checking if the next state equals
to MLX5_SQC_STATE_RDY, we compare it against the MLX5_RQC_STATE_RDY enum
value.
The code worked since both of MLX5_RQC_STATE_RDY and MLX5_SQC_STATE_RDY
have the same value today.
This patch fixes this
Read TLS caps from the core driver only when TLS is supported, i.e
mlx5_accel_is_tls_device returns true.
Fixes: 790af90c00d2 ("net/mlx5e: TLS, build TLS netdev from capabilities")
Reported-by: Michal Kubecek
Signed-off-by: Saeed Mahameed
Reviewed-by: Boris Pismenny
Reviewed-by: Tariq Toukan
From: Eli Cohen
Use accessor function READ_ONCE to read from coherent memory modified
by the device and read by the driver. This becomes most important in
preemptive kernels where cond_resched implementation does not have the
side effect which guaranteed the updated value.
Fixes: 269d26f47f6f
Hi Dave,
Sorry about the previous submission of this series which was mistakenly
marked for net-next, here I am resending with 'net' mark.
This series provides three fixes to mlx5 core and mlx5e netdevice
driver.
Please pull and let me know if there's any problem.
For -stable v4.16:
if skb->head is vmalloc address, when this skb is delivered, full
allocation for this skb is required, if there are many devices,
the full allocation will be called for every devices
now using the first time allocated skb when iterate other devices
to send, reduce full allocation and speedup
After this patch we only allow socks that are in ESTABLISHED state or
are being added via a sock_ops event that is transitioning into an
ESTABLISHED state. By allowing sock_ops events we allow users to
manage sockmaps directly from sock ops programs. The two supported
sock_ops ops are
Ensure that sockets added to a sock{map|hash} that is not in the
ESTABLISHED state is rejected.
Fixes: 1aa12bdf1bfb ("bpf: sockmap, add sock close() hook to remove socks")
Signed-off-by: John Fastabend
---
tools/testing/selftests/bpf/test_maps.c | 10 +++---
1 file changed, 7
It is possible (via shutdown()) for TCP socks to go trough TCP_CLOSE
state via tcp_disconnect() without actually calling tcp_close which
would then call our bpf_tcp_close() callback. Because of this a user
could disconnect a socket then put it in a LISTEN state which would
break our assumptions
Eric noted that using the close callback is not sufficient
to catch all transitions from ESTABLISHED state to a LISTEN
state. So this series does two things. First, only allow
adding socks in ESTABLISH state and second use unhash callback
to catch tcp_disconnect() transitions.
v2: added check for
samples/bpf build failed with the following errors:
$ make samples/bpf/
...
HOSTCC samples/bpf/sockex3_user.o
/data/users/yhs/work/net-next/samples/bpf/sockex3_user.c:16:8: error:
redefinition of ‘struct bpf_flow_keys’
struct bpf_flow_keys {
^
In file included from
On Mon, Sep 17, 2018 at 7:37 PM David Miller wrote:
>
> From: Saeed Mahameed
> Date: Mon, 17 Sep 2018 17:01:58 -0700
>
> > This series provides three fixes to mlx5 core and mlx5e netdevice
> > driver.
> >
> > Please pull and let me know if there's any problem.
> >
> > For -stable v4.16:
> >
In the following patches queue and stack maps (FIFO and LIFO
datastructures) will be implemented. In order to avoid confusion and
a possible name clash rename stackmap.c to stacktracemap.c and
stack_map_ops to stack_trace_map_ops
Signed-off-by: Mauricio Vasquez B
---
include/linux/bpf_types.h
1 - 100 of 191 matches
Mail list logo
