-off-by: Florian Westphal <f...@strlen.de>
---
v2: forgot to refresh patch, v1 did not even compile.
net/core/rtnetlink.c | 33 +
1 file changed, 17 insertions(+), 16 deletions(-)
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index e84d10
exercise RTM_GETNETCONF call path for unspec, inet and inet6
families, they are DOIT_UNLOCKED candidates.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
tools/testing/selftests/net/rtnetlink.sh | 28
1 file changed, 28 insertions(+)
diff --git a/tools/t
, suggested by David Ahern, they
are not useful, the add/del in bridge command line is enough.
Also reword error in response to malformed/bad vlan id attribute
size.
Cc: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/core/rtne
David Ahern <dsah...@gmail.com> wrote:
> On 10/10/17 5:32 AM, Florian Westphal wrote:
> > diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> > index e84d108cfee4..19ea53a5210f 100644
> > --- a/net/core/rtnetlink.c
> > +++ b/net/core/rtnetlink.
, suggested by David Ahern, they
are not useful, the add/del in bridge command line is enough.
Also reword error in response to malformed/bad vlan id attribute
size.
Cc: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
change since v3: forg
<eduma...@google.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
v2: fix Erics email address
net/netfilter/x_tables.c | 15 ---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index c83a3b5e1c6c..f
replacement on busy systems with large tables
(and many cores).
Cc: Dan Williams <d...@redhat.com>
Cc: Eric Dumazet <eduma...@google.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
v2: fix Erics email address
net/ipv4/netfilter/arp_tables.c | 22 --
iptables-restore can take quite a long time when sytem is busy,
in order of half a minute or more.
The main reason for this is the way ip(6)tables performs table
swap, or, more precisely, expensive sequence lock synchronizations
when reading counters.
When xt_replace_table assigns the new ruleset
ipv6 RTM_GETNETCONF and RTM_GETADDR don't seem to require strict
serialization via rtnl mutex, so switch both to DOIT_UNLOCKED and increment
device reference counts instead.
Alternative would be to use rcu which would need some minor
code re-arrangements (we can't use GFP_ATOMIC for buffer
Similar to the previous patch, use the device lookup functions
that bump device refcount and flag this as DOIT_UNLOCKED to avoid
rtnl mutex.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/ipv6/addrconf.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff
to GFP_KERNEL allocation.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/ipv6/addrconf.c | 24 ++--
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index d9f6226694eb..5207f567ef28 100644
--- a/net/ipv6/addrconf.c
Signed-off-by: Florian Westphal <f...@strlen.de>
---
tools/testing/selftests/net/rtnetlink.sh | 42
1 file changed, 42 insertions(+)
diff --git a/tools/testing/selftests/net/rtnetlink.sh
b/tools/testing/selftests/net/rtnetlink.sh
index a8a8cdf726b2..521549
Sabrina Dubroca <s...@queasysnail.net> wrote:
> 2017-10-12, 11:11:22 +0200, Florian Westphal wrote:
> > Signed-off-by: Florian Westphal <f...@strlen.de>
>
> Reviewed-by: Sabrina Dubroca <s...@queasysnail.net>
Thanks for reviewing.
> Just a small detail: t
Ursula Braun wrote:
> On 10/11/2017 11:06 PM, David Miller wrote:
> > From: Ursula Braun
> > Date: Tue, 10 Oct 2017 16:14:19 +0200
> >
> >> The goal of this patch is to leave common TCP code unmodified. Thus,
> >> it uses netfilter hooks to
instead.
doit functions that need the af_ops can now use rcu instead of the
rtnl mutex provided the mutex isn't needed for other reasons.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/core/rtnetlink.c | 62 ++--
net/ipv4/devinet.c
next patch will rcu-ify rtnl af_ops, i.e. allow af_ops
lookup and function calls with rcu read lock held instead
of rtnl mutex.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/core/rtnetlink.c | 72 ++--
1 file changed, 42 inse
None of the rtnl af_ops callbacks sleep, so they can be called while
holding rcu read lock.
Switch handling of af_ops to rcu.
This would allow to later call af_ops functions without holding
the rtnl mutex anymore.
core/rtnetlink.c | 134 ---
Eric reported a performance regression caused by header prediction
removal.
We now call tcp_ack() much more frequently, for some workloads
this brings in enough cache line misses to become noticeable.
We could possibly still kill HP provided we find a different
way to suppress unneeded tcp_ack,
<eduma...@google.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
include/linux/tcp.h | 6 ++
include/net/tcp.h | 23 ++
include/uapi/linux/snmp.h | 2 +
net/ipv4/proc.c | 2 +
net/ipv4/tcp.c| 4 +-
net/ipv4/tcp_input.
This change was a followup to the header prediction removal,
so first revert this as a prerequisite to back out hp removal.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
include/net/tcp.h | 5 +++--
net/ipv4/tcp_input.c| 35 +++
ne
Cong Wang wrote:
> While testing my TC filter patches (so not related to conntrack), the
> following memory leaks are shown up:
>
> unreferenced object 0x9b19ba551228 (size 128):
> comm "chronyd", pid 338, jiffies 4294910829 (age 53.188s)
> hex dump (first 32
Geert Uytterhoeven wrote:
> > srchash = hash_by_src(net,
> >
> > >tuplehash[IP_CT_DIR_ORIGINAL].tuple);
> > - spin_lock_bh(_nat_lock);
> > + lock = _nat_locks[srchash %
Mike Galbraith wrote:
> [ 21.219604] ip6_tables: (C) 2000-2006 Netfilter Core Team
> [ 21.433091] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)
> [ 21.495849] ip_tables: (C) 2000-2006 Netfilter Core Team
> [ 22.404040] [ cut here ]
> [
Acked-by: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
Changes since v1: indent all lines with tabs, not spaces
detaching this from the series, I want to avoid needless v5.
tools/testing/selftests/net/rtnet
Artem Savkov wrote:
> It is possible for ebt_in_hook to be triggered before ebt_table is assigned
> resulting in a NULL-pointer dereference. Make sure hooks are
> registered as the last step.
Right, thanks for the patch.
> --- a/net/bridge/netfilter/ebtable_broute.c
> +++
fou test lifted from ip-fou man page.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
tools/testing/selftests/net/rtnetlink.sh | 96
1 file changed, 96 insertions(+)
diff --git a/tools/testing/selftests/net/rtnetlink.sh
b/tools/testing/selftes
David Miller <da...@davemloft.net> wrote:
> From: Florian Westphal <f...@strlen.de>
> Date: Fri, 29 Sep 2017 13:21:50 +0200
>
> > @@ -1488,7 +1484,7 @@ static void netdev_release(struct device *d)
> >
> > BUG_ON(dev->reg_state != NETREG_R
to not hold it when dumping ifalias.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
Changes since v1:
- add a comment why dev->ifalias is freed
via kfree, not kfree_rcu.
include/linux/netdevice.h | 3 +-
net/core/dev.c| 70 +++
Eric Dumazet wrote:
> Just use RCU : A writer is supposed to work on a private copy, and
> _then_ publish the new pointer, so that a reader can not see mangled
> string.
>
> We either copy the 'old' name or the 'new' one.
>
> A seqcount is not needed, and wont prevent
to not hold it when dumping ifalias.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
include/linux/netdevice.h | 3 +-
net/core/dev.c| 70 +++
net/core/net-sysfs.c | 14 --
net/core/rtnetlink.c | 13 +++--
4
Patches split large rtnl_fill_ifinfo into smaller chunks
to better see which parts
1. require rtnl
2. do not require it at all
3. rely on rtnl locking now but could be converted
Changes since v3:
I dropped the 'ifalias' patch, I have a change to decouple ifalias and
rtnl mutex, I will send it
it can be switched to rcu.
Reviewed-by: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
No changes in v4.
net/core/rtnetlink.c | 10 +++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/net/core/rtnetlink.c b/net/core/rtnet
Reviewed-by: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
No changes in v4.
net/core/rtnetlink.c | 30 +++---
1 file changed, 19 insertions(+), 11 deletions(-)
diff --git a/net/core/rtnetlink.c b/net/core/rtnet
rtnl dependency.
Reviewed-by: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
No changes in v4.
net/core/rtnetlink.c | 32 +++-
1 file changed, 27 insertions(+), 5 deletions(-)
diff --git a/net/core/rtnetlink.
similar to earlier patches, split out more parts of this function to
better see what is happening and where we assume rtnl is locked.
Reviewed-by: David Ahern <dsah...@gmail.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
No changes in v4.
net/core/rtne
Michal Kubecek wrote:
> When --checksum_fill action is applied to a GSO packet, checksum_tg() calls
> skb_checksum_help() which is only meant to be applied to non-GSO packets so
> that it issues a warning.
>
> This can be easily triggered by using e.g.
>
> iptables -t mangle
Davide Caratti wrote:
> Small nit: may I suggest you to call skb_csum_hwoffload_help() instead of
> skb_checksum_help(), so that we avoid corrupting SCTP packets in case they
> hit xt_CHECKSUM target?
Alternatively we could restrict the target to udp only.
AFAIU the only
Jiri Pirko wrote:
> Fri, Aug 25, 2017 at 01:51:29AM CEST, xiyou.wangc...@gmail.com wrote:
> >For TC classes, their ->get() and ->put() are always paired, and the
> >reference counting is completely useless, because:
> >
> >1) For class modification and dumping paths, we already
Michal Kubecek <mkube...@suse.cz> wrote:
> On Thu, Aug 24, 2017 at 03:17:22PM +0200, Florian Westphal wrote:
> > Davide Caratti <dcara...@redhat.com> wrote:
> > > Small nit: may I suggest you to call skb_csum_hwoffload_help() instead of
> > > skb_checksum_h
Florian Westphal <f...@strlen.de> wrote:
> Michal Kubecek <mkube...@suse.cz> wrote:
> > On Thu, Aug 24, 2017 at 03:17:22PM +0200, Florian Westphal wrote:
> > > Davide Caratti <dcara...@redhat.com> wrote:
> > > > Small nit: may I sugge
Arvind Yadav wrote:
> nf_hook_ops are not supposed to change at runtime. nf_register_net_hooks
> and nf_unregister_net_hooks are working with const nf_hook_ops.
> So mark the non-const nf_hook_ops structs as const.
please update your nf-next tree, all nf_hook_ops are
liujian (CE) wrote:
> Hi
>
> I checked our 3.10 kernel, we had backported all percpu_counter bug fix in
> lib/percpu_counter.c and include/linux/percpu_counter.h.
> And I check 4.13-rc6, also has the issue if NIC's rx cpu num big enough.
>
> > > > > the issue:
> > > > >
Denys Fedoryshchenko wrote:
> >>> I am trying to upgrade kernel 4.11.8 to 4.12.3 (it is a nat/router,
> >>> handling
> >>> approx 2gbps of pppoe users traffic) and noticed that after while server
> >>> rebooting(i have set reboot on panic and etc).
> >>> I can't run
Bhumika Goyal <bhumi...@gmail.com> wrote:
[..]
trimming CC list, also this should probably have been
sent to netfilter-de...@vger.kernel.org on its own, with [nf-next] in
subject line. That aside:
Acked-by: Florian Westphal <f...@strlen.de>
Jesper Dangaard Brouer <bro...@redhat.com> wrote:
> On Mon, 28 Aug 2017 16:00:32 +0200
> Florian Westphal <f...@strlen.de> wrote:
>
> > liujian (CE) <liujia...@huawei.com> wrote:
> > > Hi
> > >
> > > I checked our 3.10 kernel
There appears to be no need to use rtnl, addrlabel entries are refcounted
and add/delete is serialized by the addrlabel table spinlock.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/ipv6/addrlabel.c | 22 +-
1 file changed, 17 insertions(+), 5 deletions(-)
addrlabel doesn't appear to require rtnl lock as the addrlabel
table uses a spinlock to serialize add/delete operations.
Also, entries are reference counted so it should be safe
to call the rtnl ops without the rtnl mutex.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
tools/testing/selftests/net/rtnetlink.sh | 41
1 file changed, 41 insertions(+)
diff --git a/tools/testing/selftests/net/rtnetlink.sh
b/tools/testing/selftests/net/rtnetlink.sh
index 84b4acf5baa9..57b5ff
Jesper Dangaard Brouer wrote:
> > I take 2) back. Its wrong to do this, for large NR_CPU values it
> > would even overflow.
>
> Alternatively solution 3:
> Why do we want to maintain a (4MBytes) memory limit, across all CPUs?
> Couldn't we just allow each CPU to have a memory
liujian (CE) wrote:
[ trimming cc list ]
> Now, I have not the real environment.
> I use iperf generate fragment packets;
> and I always change NIC rx irq's affinity cpu, to make sure frag_mem_limit
> reach to thresh.
> my test machine, CPU num is 384.
Oh well, that
Jesper Dangaard Brouer <bro...@redhat.com> wrote:
> This reverts commit 6d7b857d541ecd1d9bd997c97242d4ef94b19de2.
>
> There is a bug in fragmentation codes use of the percpu_counter API,
> that can cause issues on systems with many CPUs.
Acked-by: Florian Westphal <f...@strlen.de>
Thanks Jesper.
switch the only caller to rtnl_af_unregister.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
include/net/rtnetlink.h | 2 --
net/core/rtnetlink.c| 14 +-
net/ipv6/addrconf.c | 4 ++--
3 files changed, 3 insertions(+), 17 deletions(-)
diff --git a/inclu
Eric Dumazet wrote:
> > + /* ... so wait for even xt_recseq on all cpus */
> > + for_each_possible_cpu(cpu) {
> > + seqcount_t *s = _cpu(xt_recseq, cpu);
> > +
> > + while (raw_read_seqcount(s) & 1)
> > +
> locking dependency detected" warnings on flush.
>
> Fixes: ec30d78c14a8 xfrm: add xdst pcpu cache
> Signed-off-by: Artem Savkov <asav...@redhat.com>
You're right, its not needed (and wrong).
Acked-by: Florian Westphal <f...@strlen.de>
> > - 5 hooks: (raw + mangle prerouting, mangle+filter input, inet filter):
> >empty mangle and raw prerouting, mangle and filter input hooks:
> >353.9
> >this patch:
> >364.2
> >
> >Signed-off-by: Aaron Conole <acon...@bytheb.org>
> >Signed-off
[ full-quoting due to Cc fixups, adding netdev ]
Steve Ibanez wrote:
> Hi Florian, Neal, and Daniel,
>
> I hope this email finds you well. My name is Stephen Ibanez and I'm a PhD
> Student at Stanford currently working on a project with Mohammad Alizadeh,
> Nick McKeown,
Peter Zijlstra <pet...@infradead.org> wrote:
> On Mon, Oct 23, 2017 at 06:37:44PM +0200, Florian Westphal wrote:
>
> > Is refcount_t only supposed to be used with dec_and_test patterns?
>
> Yes, for reference counting objects.
Hmm, I still feel its
Peter Zijlstra <pet...@infradead.org> wrote:
> On Mon, Oct 23, 2017 at 09:37:03PM +0200, Florian Westphal wrote:
>
> > > OK, so then why not do something like so?
> > > @@ -260,10 +259,18 @@ void rtnl_unregister_all(int protocol)
> > > RCU_INIT_PO
Peter Zijlstra <pet...@infradead.org> wrote:
> On Mon, Nov 13, 2017 at 08:21:59AM +0100, Florian Westphal wrote:
> > Reason is that some places do this:
> >
> > rtnl_register(pf, RTM_FOO, doit, NULL, 0);
> > rtnl_register(pf, RTM_FOO, NULL, dumpit, 0);
>
>
Peter Zijlstra <pet...@infradead.org> wrote:
> On Tue, Nov 07, 2017 at 10:47:51AM +0100, Florian Westphal wrote:
> > I would expect this to trigger all the time, due to
> >
> > rtnl_register(AF_INET, RTM_GETROUTE, ...
> > rtnl_register(AF_INET, RTM_GETADDR, ...
&
Hi.
We are experiencing broken ipv6 connectivity with 4.14 kernel
on arm64 with thunderx.
ping6 still works, but it looks like tcp syn packets get sent
with a wrong checksum -- socket remains in SYN-SENT state.
after running
ethtool -K enP2p1s0f1 tx-checksum-ipv6 off
ipv6 tcp appears to works
header.h6
Indeed, thanks for fixing this up.
Acked-by: Florian Westphal <f...@strlen.de>
convert remaining users of rtnl_register to rtnl_register_module
and un-export rtnl_register.
Requested-by: David S. Miller <da...@davemloft.net>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
include/net/addrconf.h | 2 +-
net/core/rtnetlink.c | 1 -
net/ipv6/addrco
)
Reported-by: kbuild test robot <fengguang...@intel.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 642b3afb12b9..a4faefd65006 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -129,7 +129,7 @@ bool loc
Vasily Averin <v...@virtuozzo.com> wrote:
> Be sure that instance_table array initialized in net_init hook
> was return to initial state.
Acked-by: Florian Westphal <f...@strlen.de>
break;
This looks strange, why if/break?
Plain WARN_ON_ONCE should be enough, but thats a nit so:
Acked-by: Florian Westphal <f...@strlen.de>
David Ahern <dsah...@gmail.com> wrote:
> On 11/14/17 10:36 AM, Florian Westphal wrote:
> > Hi David
> >
> > This test program no longer works with 4.14
> > (recvfrom: Resource temporarily unavailable)
> >
> > after reverting commit
> > 4832c30d5
Hi David
This test program no longer works with 4.14
(recvfrom: Resource temporarily unavailable)
after reverting commit
4832c30d5458387ff2533ff66fbde26ad8bb5a2d
(net: ipv6: put host and anycast routes on device with address)
it will work again ("OK").
Could you please have a look at this?
com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/xfrm/xfrm_input.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/xfrm/xfrm_input.c b/net/xfrm/xfrm_input.c
index 8ac9d32fb79d..1c6051cb7733 100644
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input
Pablo Neira Ayuso <pa...@netfilter.org> wrote:
> So we can call this from other expression that need conntrack in place
> to work.
Acked-by: Florian Westphal <f...@strlen.de>
syzbot
wrote:
[ cc Thomas Egerer ]
> syzkaller hit the following crash on
> 36ef71cae353f88fd6e095e2aaa3e5953af1685d
> git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master
> compiler: gcc (GCC) 7.1.1
Pablo Neira Ayuso wrote:
> This patch adds the IPS_OFFLOAD status bit, this new bit tells us that
> the conntrack entry is owned by the flow offload infrastructure. The
> timer of such conntrack entries is stopped - the conntrack garbage
> collector skips them - and they
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/mpls/af_mpls.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/net/mpls/af_mpls.c b/net/mpls/af_mpls.c
index 8ca9915befc8..5dce8336d33f 100644
--- a/net/mpls/af_mpls.c
+++ b/net/mpls/af_mpls.c
@@ -2
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/qrtr/qrtr.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/net/qrtr/qrtr.c b/net/qrtr/qrtr.c
index e458ece96d3d..5098625469e0 100644
--- a/net/qrtr/qrtr.c
+++ b/net/qrtr/qrtr.c
@@ -1116,9 +1116,13 @@ stat
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/phonet/pn_netlink.c | 21 +
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/net/phonet/pn_netlink.c b/net/phonet/pn_netlink.c
index da754fc926e7..871eaf2cb85e 100644
--- a/net/phonet/pn_netlink.c
+++
t;
Tested-by: Stephen Smalley <s...@tycho.nsa.gov>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/xfrm/xfrm_policy.c | 42 --
1 file changed, 24 insertions(+), 18 deletions(-)
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 8caf
77
> > inet_rtm_getroute+0xf97/0x2d70 net/ipv4/route.c:2785
>
> This is introduced by:
>
> commit 394f51abb3d04f33fb798f04b16ae6b0491ea4ec
> Author: Florian Westphal <f...@strlen.de>
> Date: Tue Aug 15 16:34:44 2017 +0200
>
> ipv4: route: set ipv4 RTM_GETROUTE to not use rtn
Charlie Sale wrote:
> Fixed FIXME comment in code my changing a vmalloc call
> to a kmalloc call. Thought it would be a good place to
> start for a first patch.
Please at least compile test your patches.
> - /* FIXME: don't use vmalloc() here or anywhere else -HW */
>
Peter Zijlstra <pet...@infradead.org> wrote:
> On Mon, Nov 06, 2017 at 11:51:07AM +0100, Florian Westphal wrote:
> > @@ -180,6 +164,12 @@ int __rtnl_register(int protocol, int msgtype,
> > rcu_assign_pointer(rtnl_msg_handlers[protocol], tab);
> >
Peter Zijlstra wrote:
> Something like the below would go some way toward sanitizing this stuff;
> rcu_assign_pointer() is a store-release, meaning it happens after
> everything coming before.
>
> Therefore, when you observe that tab (through rcu_dereference) you're
>
Peter Zijlstra wrote:
> > rtnetlink_rcv_msg:
> >
> > 4406 dumpit = READ_ONCE(handlers[type].dumpit);
> > 4407 if (!dumpit)
> > 4408 goto err_unlock;
> > 4409 owner =
William Tu wrote:
Not related to your patch specifically but:
> +static int prepare_ip6gre_xmit_ipv6(struct sk_buff *skb,
> + struct net_device *dev,
> + struct flowi6 *fl6, __u8 *dsfield,
> +
syzbot reported an issue where pointer to ip header content was not
reloaded after xfrm_parse_spi().
Its not intuitive that this function changes skb->head, so switch to
skb_pointer_header.
Reported-by: syzbot <syzkal...@googlegroups.com>
Signed-off-by: Florian Westphal <f.
Steffen Klassert <steffen.klass...@secunet.com> wrote:
> On Wed, Nov 01, 2017 at 11:06:08PM +0100, Florian Westphal wrote:
> > I also don't understand how address comparision is supposed to work in this
> > case,
> > it seems that if saddr/daddr are v4 and templ
ipv4 RTM_GETROUTE to not use rtnl")
Reported-by: syzbot <syzkal...@googlegroups.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/ipv4/fib_semantics.c | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4
Charlie Sale wrote:
> + hinfo = kvmalloc(sizeof(*hinfo) + sizeof(struct hlist_head) * size,
> + GPT_KERNEL);
Looks like you did not even compile test this. Again. :-(
Pablo Neira Ayuso wrote:
> +static void nft_flow_offload_eval(const struct nft_expr *expr,
> + struct nft_regs *regs,
> + const struct nft_pktinfo *pkt)
> +{
[..]
> + if (test_bit(IPS_HELPER_BIT, >status))
> +
Pablo Neira Ayuso wrote:
> +static int __init nf_flow_offload_module_init(void)
> +{
> + struct rhashtable_params params = flow_offload_rhash_params;
> + struct nf_hook_ops flow_offload_hook = {
> + .hook = nf_flow_offload_hook,
> +
Pablo Neira Ayuso wrote:
> +static void flow_offload_work(struct work_struct *work)
> +{
> + struct flow_hw_offload *offload, *next;
> +
> + spin_lock_bh(_hw_offload_lock);
> + list_for_each_entry_safe(offload, next, _hw_offload_pending_list,
> list) {
> +
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/bridge/br_mdb.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c
index 31ddff22563e..f56eb480abb2 100644
--- a/net/bridge/br_mdb.c
+++ b/net/bridge/br_mdb.c
@@ -714,9
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/can/gw.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/net/can/gw.c b/net/can/gw.c
index 73a02af4b5d7..398dd0395ad9 100644
--- a/net/can/gw.c
+++ b/net/can/gw.c
@@ -1014,6 +1014,8 @@ static
Add yet another rtnl_register function. It will be used by modules
that can be removed.
The passed module struct is used to take a reference while a netlink
dump is in progress to prevent module unload while netlink core can
invoke registered dumper function again.
Signed-off-by: Florian
is in use.
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/core/rtnetlink.c | 13 -
1 file changed, 13 deletions(-)
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index dc5ad84ac096..c70f62137dd8 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@
Peter Zijlstra reported:
--
I just ran across commit:
019a316992ee ("rtnetlink: add reference counting to prevent module unload
while dump is in progress")
And that commit is _completely_ broken.
1) it not in fact a refcount, so using refcount_t is silly
2) there is a distinct
Signed-off-by: Florian Westphal <f...@strlen.de>
---
net/decnet/dn_dev.c | 9 ++---
net/decnet/dn_fib.c | 6 --
net/decnet/dn_route.c | 8
3 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index 915324
Pablo Neira Ayuso wrote:
> diff --git a/include/uapi/linux/netfilter/nf_conntrack_common.h
> b/include/uapi/linux/netfilter/nf_conntrack_common.h
> index dc947e59d03a..6b463b88182d 100644
> --- a/include/uapi/linux/netfilter/nf_conntrack_common.h
> +++
Pablo Neira Ayuso wrote:
> The software flow table garbage collector skips entries that resides in
> the hardware, so the hardware will be responsible for releasing this
> flow table entry too via flow_offload_dead(). In the next garbage
> collector run, this removes the
Pablo Neira Ayuso wrote:
> This patch adds the IPv4 flow table type, that implements the datapath
> flow table to forward IPv4 traffic. Rationale is:
>
> 1) Look up for the packet in the flow table, from the ingress hook.
> 2) If there's a hit, decrement ttl and pass it on
Add yet another rtnl_register function. It will be used by modules
that can be removed.
The passed module struct is used to prevent module unload while
a netlink dump is in progress or when a DOIT_UNLOCKED doit callback
is called.
Cc: Peter Zijlstra <pet...@infradead.org>
Signed-off-by: F
nderx: Fix TCP/UDP checksum offload for IPv6
pkts")
Cc: Sunil Goutham <sgout...@cavium.com>
Cc: Aleksey Makarov <aleksey.maka...@auriga.com>
Cc: Eric Dumazet <eduma...@google.com>
Signed-off-by: Florian Westphal <f...@strlen.de>
---
drivers/net/ethernet/cavium/thunder/nic
601 - 700 of 853 matches
Mail list logo