Re: [PATCH] sctp: verify size of a new chunk in _sctp_make_chunk()

On Fri, Feb 09, 2018 at 04:02:31PM +0300, Alexey Kodanev wrote: > When SCTP makes INIT or INIT_ACK packets the total chunk length > can exceed SCTP_MAX_CHUNK_LEN which leads to kernel panic when > transmitting these packets, e.g. the crash on sending INIT_ACK: > > [ 597.804948] skbuff:

Re: sctp: skb_over_panic on INIT/INIT_ACK packet sending

Hi, On Fri, Feb 09, 2018 at 02:38:59AM +0300, Alexey Kodanev wrote: > Hi, > > Got the following panic when the received INIT packet has a lot of > address parameters, so that the INIT_ACK chunksize exceeds > SCTP_MAX_CHUNK_LEN: > > [ 597.804948] skbuff: skb_over_panic: text:ffae06e4

Re: qdisc_pkt_len_init: SCTP/GSO_BY_FRAGS and robustness questions

On Wed, Feb 07, 2018 at 12:15:32PM +1100, Daniel Axtens wrote: > Hi Marcelo and Eric, > > I'm working on checking code that might be impacted by GSO_BY_FRAGS - > after finding that the token bucket filter qdisc code doesn't handle it > properly, DaveM said I should look for other places where

Re: [PATCH net v3] sctp: fix dst refcnt leak in sctp_v4_get_dst

waiting for lo to become free. Usage > count = 1 > [ 405.383645] unregister_netdevice: waiting for lo to become free. Usage > count = 1 > ... > > Fixes: 410f03831 ("sctp: add routing output fallback") > Fixes: 0ca50d12f ("sctp: fix src address selection

Re: [PATCH] sctp: fix dst refcnt leak in sctp_v6_get_dst()

r the route lookup. > > Fixes: dbc2b5e9a09e ("sctp: fix src address selection if using secondary > addresses for ipv6") > Signed-off-by: Alexey Kodanev <alexey.koda...@oracle.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > --- > ne

Re: [PATCH net v2] sctp: fix dst refcnt leak in sctp_v4_get_dst

On Mon, Feb 05, 2018 at 03:33:11PM +0200, Tommi Rantala wrote: > Fix dst reference count leak in sctp_v4_get_dst() introduced in commit > 410f03831 ("sctp: add routing output fallback"): > Patch LGTM. Will wait the respin for Acking. Thanks.

Re: [PATCH net] sctp: fix dst reference leak in sctp_v4_get_dst

> count = 1 > ... > > Fixes: 410f03831 ("sctp: add routing output fallback") > Acked-by: Neil Horman <nhor...@tuxdriver.com> > Cc: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > Cc: Alexey Kodanev <alexey.koda...@oracle.com> > Signed-of

Re: BUG: unable to handle kernel NULL pointer dereference in sctp_stream_free

On Tue, Jan 30, 2018 at 03:03:50PM -0800, Eric Biggers wrote: > On Fri, Dec 22, 2017 at 01:31:26PM +0800, Xin Long wrote: > > On Thu, Dec 21, 2017 at 9:13 PM, Marcelo Ricardo Leitner > > <marcelo.leit...@gmail.com> wrote: > > > On Wed, Dec 20, 2017 at

Re: sctp netns "unregister_netdevice: waiting for lo to become free. Usage count = 1"

On Mon, Jan 29, 2018 at 05:55:45PM +0200, Tommi Rantala wrote: > Hi, > > When running sctp_test from lksctp-tools in netns in 4.4 and 4.9 with > suitable arguments, the local loopback device in the netns is not getting > destroyed after deleting the netns. > ... > > Based on a quick test, 4.14

Re: BUG: unable to handle kernel NULL pointer dereference in sctp_cmp_addr_exact

On Tue, Jan 30, 2018 at 01:57:44PM -0800, Eric Biggers wrote: > On Tue, Dec 19, 2017 at 11:49:03PM -0800, syzbot wrote: > > Hello, > > > > syzkaller hit the following crash on > > 6084b576dca2e898f5c101baef151f7bfdbb606d > > git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/master

Re: [PATCH v3 0/2] bnx2x: disable GSO on too-large packets

validate_mtu() for the > next series. Alright! Just need to sync the EXPORT_ in there. (I have no further comments, LGTM) > > Thanks, > Daniel > > [0]: https://patchwork.ozlabs.org/patch/859410/ > > Cc: manish.cho...@cavium.com > Cc: Jason Wang <jasow...@redhat.com>

Re: [PATCH v3 1/2] net: create skb_gso_validate_mac_len()

Hi, On Tue, Jan 30, 2018 at 12:14:46PM +1100, Daniel Axtens wrote: > If you take a GSO skb, and split it into packets, will the MAC > length (L2 + L3 + L4 headers + payload) of those packets be small > enough to fit within a given length? > > Move skb_gso_mac_seglen() to skbuff.h with other

Re: [PATCH net-next v2 00/12] net: sched: propagate extack to cls offloads on destroy and only with skip_sw

On Thu, Jan 25, 2018 at 02:57:17PM -0800, Jakub Kicinski wrote: > On Thu, 25 Jan 2018 13:11:57 -0200, Marcelo Ricardo Leitner wrote: > > On Wed, Jan 24, 2018 at 12:54:12PM -0800, Jakub Kicinski wrote: > > > Hi! > > > > > > This series some of Jiri's comm

Re: [PATCH net-next 1/8] pkt_cls: add new tc cls helper to check offload flag and chain index

On Wed, Jan 24, 2018 at 04:17:46PM -0800, Jakub Kicinski wrote: ... > +static inline bool > +tc_cls_can_offload_and_chain0(const struct net_device *dev, > + struct tc_cls_common_offload *common) > +{ > + if (common->chain_index) { > +

Re: [PATCH v2 0/4] Check size of packets before sending

On Thu, Jan 25, 2018 at 03:31:05PM +1100, Daniel Axtens wrote: > There are a few ways we can send packets that are too large to a > network driver. > > When non-GSO packets are forwarded, we validate their size, based on > the MTU of the destination device. However, when GSO packets are >

Re: [PATCH net-next v2 00/12] net: sched: propagate extack to cls offloads on destroy and only with skip_sw

On Wed, Jan 24, 2018 at 12:54:12PM -0800, Jakub Kicinski wrote: > Hi! > > This series some of Jiri's comments and the fact that today drivers > may produce extack even if there is no skip_sw flag (meaning the > driver failure is not really a problem), and warning messages will > only confuse the

Re: [PATCH net-next] sctp: reset ret in again path in sctp_for_each_transport

> Signed-off-by: Xin Long <lucien@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > --- > net/sctp/socket.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/net/sctp/socket.c b/net/sctp/socket.c > index 7ff444e.

Re: [PATCH net v3] gso: validate gso_type in GSO handlers

1137452496ffc305617e5...@google.com> > Reported-by: syzbot+fee64147a25aecd48...@syzkaller.appspotmail.com > Signed-off-by: Willem de Bruijn <will...@google.com> Reviewed-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > > --- > Similar checks existed u

Re: [PATCH 2/3] net: is_skb_forwardable: validate length of GSO packet segments

On Tue, Jan 16, 2018 at 01:09:19PM +1100, Daniel Axtens wrote: > is_skb_forwardable attempts to detect if a packet is too large to > be sent to the destination device. However, this test does not > consider GSO packets, and it is possible that a GSO packet, when > resegmented, will be larger than

Re: iproute2 net-next

On Fri, Dec 29, 2017 at 08:00:28PM -0800, Stephen Hemminger wrote: > On Fri, 29 Dec 2017 09:58:23 +0100 > Jiri Pirko wrote: > > > Fri, Dec 29, 2017 at 12:46:31AM CET, dan...@iogearbox.net wrote: > > >On 12/26/2017 10:35 AM, Leon Romanovsky wrote: > > >> On Mon, Dec 25, 2017

Re: [PATCH net] sctp: do not allow the v4 socket to bind a v4mapped v6 address

7b7b518b1228d2743...@syzkaller.appspotmail.com > Acked-by: Neil Horman <nhor...@tuxdriver.com> > Signed-off-by: Xin Long <lucien@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > --- > net/sctp/socket.c | 14 ++ > 1 file cha

Re: [PATCH net] sctp: reinit stream if stream outcnt has been change by sinit in sendmsg

endmsg. > > Fixes: a83863174a61 ("sctp: prepare asoc stream for stream reconf") > Signed-off-by: Xin Long <lucien@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > --- > net/sctp/socket.c | 10 -- > 1 file changed,

Re: [PATCH v2] bnx2x: disable GSO where gso_size is too big for hardware

On Fri, Jan 12, 2018 at 09:48:44AM -0200, Marcelo Ricardo Leitner wrote: > On Fri, Jan 12, 2018 at 10:59:05AM +1100, Daniel Axtens wrote: > > If a bnx2x card is passed a GSO packet with a gso_size larger than > > ~9700 bytes, it will cause a firmware error that will bring th

Re: [PATCH v2] bnx2x: disable GSO where gso_size is too big for hardware

On Fri, Jan 12, 2018 at 10:59:05AM +1100, Daniel Axtens wrote: > If a bnx2x card is passed a GSO packet with a gso_size larger than > ~9700 bytes, it will cause a firmware error that will bring the card > down: Why not use netif_set_gso_max_size() instead? Some drivers are using it to avoid such

[PATCH net] sctp: removed unused var from sctp_make_auth

Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/sm_make_chunk.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 9bf575f2e8ed0888e0219a872e84018ada

[PATCH net] sctp: avoid compiler warning on implicit fallthru

These fall-through are expected. Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/ipv6.c | 1 + net/sctp/outqueue.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c

Re: [PATCH V4 0/4] Add SELinux SCTP protocol support

On Wed, Jan 10, 2018 at 11:39:45AM -0500, Paul Moore wrote: > On Sat, Dec 30, 2017 at 12:18 PM, Richard Haines > wrote: > > Note: Some conflicts are expected when merging with current net-next due to > > Interleaving Data (I-DATA) sets of patches: > > PATCH 2/4 -

Re: [patch iproute2 v8 2/2] tc: Add batchsize feature for filter and actions

On Wed, Jan 10, 2018 at 12:27:42PM +0900, Chris Mi wrote: > Currently in tc batch mode, only one command is read from the batch > file and sent to kernel to process. With this support, at most 128 > commands can be accumulated before sending to kernel. > > Now it only works for the following

Re: [patch iproute2 v7 2/2] tc: Add batchsize feature for filter and actions

On Tue, Jan 09, 2018 at 03:59:08PM +0900, Chris Mi wrote: > Currently in tc batch mode, only one command is read from the batch > file and sent to kernel to process. With this support, at most 128 > commands can be accumulated before sending to kernel. > > Now it only works for the following

[PATCH net 2/3] sctp: add a ceiling to optlen in some sockopts

. This patch adds a ceiling by limiting optlen to the maximum allowed that would still make sense for these sockopt. Reported-by: Hangbin Liu <ha...@redhat.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/socket.c | 10 ++ 1 file changed, 10 inserti

[PATCH net 3/3] sctp: make use of pre-calculated len

. Also, replace some sizeof(type) to sizeof(var). Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/socket.c | 16 ++-- 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/net/sctp/socket.c b/net/sctp/socket.c

[PATCH net 1/3] sctp: GFP_ATOMIC is not needed in sctp_setsockopt_events

So replace it with GFP_USER and also add __GFP_NOWARN. Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/sctp/socket.c b/net/sctp/socket.c

[PATCH net 0/3] Some sockopt optlen fixes

in some setsockopt. Marcelo Ricardo Leitner (3): sctp: GFP_ATOMIC is not needed in sctp_setsockopt_events sctp: add a ceiling to optlen in some sockopts sctp: make use of pre-calculated len net/sctp/socket.c | 28 +--- 1 file changed, 21 insertions(+), 7 deletions

Re: [patch net-next v6 00/11] net: sched: allow qdiscs to share filter block instances

On Mon, Jan 08, 2018 at 04:42:03PM +0100, Jiri Pirko wrote: > Mon, Jan 08, 2018 at 04:23:06PM CET, marcelo.leit...@gmail.com wrote: > >On Sat, Jan 06, 2018 at 12:09:18AM +0100, Jiri Pirko wrote: > >... > >> Note we cannot use the qdisc for filter manipulations for shared blocks: > >> > >> $ tc

Re: [patch net-next v6 00/11] net: sched: allow qdiscs to share filter block instances

On Sat, Jan 06, 2018 at 12:09:18AM +0100, Jiri Pirko wrote: ... > Note we cannot use the qdisc for filter manipulations for shared blocks: > > $ tc filter add dev ens8 ingress protocol ip pref 1 flower dst_ip > 192.168.100.2 action drop > Error: Cannot work with shared block, please use block

Re: [RFC] memdup_user() and friends

On Sun, Jan 07, 2018 at 02:16:56AM +, Al Viro wrote: ... > > Everything else is definitely fine with GFP_USER - it's stuff like "copy of > ioctl > arguments in an ioctl never issued by the kernel code, must have come > straight from > ioctl(2)" and things like that. IMO we should simply

Re: WARNING: held lock freed!

On Mon, Jan 08, 2018 at 06:01:14PM +0800, Xin Long wrote: > On Mon, Jan 8, 2018 at 6:58 AM, syzbot > wrote: > > Hello, > > > > syzkaller hit the following crash on > > 3219e264b984ec0a13923aa66385819c2e98d582 > >

Re: KASAN: use-after-free Read in sctp_packet_transmit

On Fri, Jan 05, 2018 at 02:07:01PM -0800, syzbot wrote: > Hello, > > syzkaller hit the following crash on > 8a4816cad00bf14642f0ed6043b32d29a05006ce > git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/master > compiler: gcc (GCC) 7.1.1 20170620 > .config is attached > Raw console

Re: [patch iproute2 v6 2/3] tc: Add -bs option to batch mode

On Fri, Jan 05, 2018 at 11:15:59AM -0700, David Ahern wrote: > On 1/4/18 12:34 AM, Chris Mi wrote: > > Currently in tc batch mode, only one command is read from the batch > > file and sent to kernel to process. With this support, we can accumulate > > several commands before sending to kernel. > >

Re: [patch iproute2 v6 0/3] tc: Add -bs option to batch mode

On Fri, Jan 05, 2018 at 10:27:52AM -0700, David Ahern wrote: > On 1/5/18 10:25 AM, Phil Sutter wrote: > > I wonder whether specifying the batch size is necessary at all. Couldn't > > batch mode just collect messages until either EOF or an incompatible > > command is encountered which then triggers

Re: [patch iproute2 v6 2/3] tc: Add -bs option to batch mode

On Thu, Jan 04, 2018 at 04:34:53PM +0900, Chris Mi wrote: > Currently in tc batch mode, only one command is read from the batch > file and sent to kernel to process. With this support, we can accumulate > several commands before sending to kernel. > > Now it only works for the following

[PATCH net v3 2/2] sctp: fix the handling of ICMP Frag Needed for too small MTUs

ot <syzkal...@googlegroups.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- include/net/sctp/structs.h | 2 +- net/sctp/input.c | 8 ++-- net/sctp/transport.c | 29 +++-- 3 files changed, 26 insertions(+), 13 deletions(-)

[PATCH net v3 1/2] sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled

, which may very well trigger another ICMP, and another retransmission, leading to a loop. The fix is to simply not trigger immediate retransmissions if PMTU discovery is disabled on the given transport. Changes from v2: - updated stale comment, noticed by Xin Long Signed-off-by: Marcelo Ricardo

[PATCH net v3 0/2] SCTP PMTU discovery fixes

This patchset fixes 2 issues with PMTU discovery that can lead to flood of retransmissions. The first patch fixes the issue for when PMTUD is disabled by the application, while the second fixes it for when its enabled. Please consider these to stable. Thanks, Marcelo Ricardo Leitner (2): sctp

Re: [patch iproute2 v6 3/3] man: Add -bs option to tc manpage

On Thu, Jan 04, 2018 at 04:34:54PM +0900, Chris Mi wrote: > Signed-off-by: Chris Mi > --- > man/man8/tc.8 | 7 +++ > 1 file changed, 7 insertions(+) > > diff --git a/man/man8/tc.8 b/man/man8/tc.8 > index ff071b33..23db730c 100644 > --- a/man/man8/tc.8 > +++

Re: [PATCH net v2 1/2] sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled

On Thu, Jan 04, 2018 at 12:52:32PM +0800, Xin Long wrote: > On Thu, Jan 4, 2018 at 6:59 AM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > Currently, if PMTU discovery is disabled on a given transport, but the > > configured value is higher than the a

[PATCH net v2 2/2] sctp: fix the handling of ICMP Frag Needed for too small MTUs

orts using such path. See-also: https://lkml.org/lkml/2017/12/22/811 Reported-by: syzbot <syzkal...@googlegroups.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- include/net/sctp/structs.h | 2 +- net/sctp/input.c | 8 ++-- net/sctp/

[PATCH net v2 1/2] sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled

, which may very well trigger another ICMP, and another retransmission, leading to a loop. The fix is to simply not trigger immediate retransmissions if PMTU discovery is disabled on the given transport. Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/input.

[PATCH net v2 0/2] SCTP PMTU discovery fixes

This patchset fixes 2 issues with PMTU discovery that can lead to flood of retransmissions. The first patch fixes the issue for when PMTUD is disabled by the application, while the second fixes it for when its enabled. Please consider these to stable. Thanks, Marcelo Ricardo Leitner (2): sctp

Re: [PATCH net] sctp: fix handling of ICMP Frag Needed for too small MTUs

On Wed, Jan 03, 2018 at 03:31:00PM +0800, Xin Long wrote: > On Wed, Jan 3, 2018 at 5:44 AM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > syzbot reported a hang involving SCTP, on which it kept flooding dmesg > > with the message:

[PATCH net] sctp: fix error path in sctp_stream_init

bd ("sctp: introduce struct sctp_stream_out_ext") Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/stream.c | 22 ++ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/net/sctp/stream.c

[PATCH net] sctp: fix handling of ICMP Frag Needed for too small MTUs

ed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- net/sctp/input.c | 5 - net/sctp/transport.c | 2 ++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/net/sctp/input.c b/net/sctp/input.c index 621b5ca3fd1c17c3d7ef7bb1c767

Re: [patch iproute2 v4 3/3] man: Add -bs option to tc manpage

On Tue, Jan 02, 2018 at 11:28:04PM +0900, Chris Mi wrote: > Signed-off-by: Chris Mi > --- > man/man8/tc.8 | 5 + > 1 file changed, 5 insertions(+) > > diff --git a/man/man8/tc.8 b/man/man8/tc.8 > index ff071b33..de137e16 100644 > --- a/man/man8/tc.8 > +++

Re: [patch iproute2 v4 2/3] tc: Add -bs option to batch mode

On Tue, Jan 02, 2018 at 11:28:03PM +0900, Chris Mi wrote: > @@ -240,23 +244,49 @@ static int batch(const char *name) > } > > cmdlineno = 0; > - while (getcmdline(, , stdin) != -1) { > + if (getcmdline(, , stdin) == -1) > + goto Exit; > + do { >

Re: general protection fault in skb_segment

On Sat, Dec 30, 2017 at 10:52:20PM -0200, Marcelo Ricardo Leitner wrote: > On Sat, Dec 30, 2017 at 08:42:41AM +0100, Willem de Bruijn wrote: [...] > > Somewhat tangential, but any PF_PACKET socket can set this > > magic gso_size value in its virtio_net_hdr, so if it is assumed to

Re: general protection fault in skb_segment

On Sat, Dec 30, 2017 at 08:42:41AM +0100, Willem de Bruijn wrote: > > syzkaller hit the following crash on > > 37759fa6d0fa9e4d6036d19ac12f555bfc0aeafd > > git://git.cmpxchg.org/linux-mmots.git/master > > compiler: gcc (GCC) 7.1.1 20170620 > > .config is attached > > Raw console output is

Re: [PATCH V4 3/4] sctp: Add LSM hooks

On Sat, Dec 30, 2017 at 05:20:13PM +, Richard Haines wrote: > Add security hooks to allow security modules to exercise access control > over SCTP. > > Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: Marcelo Ricardo Leitner <marc

Re: [PATCH V4 4/4] selinux: Add SCTP support

On Sat, Dec 30, 2017 at 05:20:35PM +, Richard Haines wrote: > The SELinux SCTP implementation is explained in: > Documentation/security/SELinux-sctp.rst > > Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Reviewed-by: Marcelo Ricardo Leitner <marc

Re: [PATCH V4 2/4] sctp: Add ip option support

On Sat, Dec 30, 2017 at 05:19:50PM +, Richard Haines wrote: > Add ip option support to allow LSM security modules to utilise CIPSO/IPv4 > and CALIPSO/IPv6 services. > > Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: Marcelo Ricardo Lei

Re: [PATCH V4 1/4] security: Add support for SCTP security hooks

On Sat, Dec 30, 2017 at 05:19:26PM +, Richard Haines wrote: > The SCTP security hooks are explained in: > Documentation/security/LSM-sctp.rst > > Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Reviewed-by: Marcelo Ricardo Leitner <marc

Re: [patch iproute2 v3 3/4] tc: Add -bs option to batch mode

On Wed, Dec 27, 2017 at 01:40:24PM -0800, Stephen Hemminger wrote: > On Wed, 27 Dec 2017 18:39:29 -0200 > Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> wrote: > > > > > + send = false; > > > > + else >

Re: [patch iproute2 v3 3/4] tc: Add -bs option to batch mode

On Wed, Dec 27, 2017 at 09:39:15AM -0600, David Ahern wrote: > On 12/25/17 2:46 AM, Chris Mi wrote: > > Signed-off-by: Chris Mi > > --- > > tc/m_action.c | 91 +-- > > tc/tc.c| 47 ++ > > tc/tc_common.h |

Re: [patch iproute2 v3 3/4] tc: Add -bs option to batch mode

On Mon, Dec 25, 2017 at 05:46:57PM +0900, Chris Mi wrote: > @@ -267,6 +287,7 @@ int main(int argc, char **argv) > { > int ret; > char *batch_file = NULL; > + int batch_size = 1; > > while (argc > 1) { > if (argv[1][0] != '-') > @@ -297,6 +318,14 @@ int

Re: INFO: task hung in bpf_exit_net

On Fri, Dec 22, 2017 at 04:28:07PM -0200, Marcelo Ricardo Leitner wrote: > On Fri, Dec 22, 2017 at 11:58:08AM +0100, Dmitry Vyukov wrote: > ... > > > Same with this one, perhaps related to / fixed by: > > > http://patchwork.ozlabs.org/patch/850957/ > > > >

Re: INFO: task hung in bpf_exit_net

On Fri, Dec 22, 2017 at 11:58:08AM +0100, Dmitry Vyukov wrote: ... > > Same with this one, perhaps related to / fixed by: > > http://patchwork.ozlabs.org/patch/850957/ > > > > > > Looking at the log, this one seems to be an infinite loop in SCTP code > with console output in it. Kernel is

Re: [PATCH v3 1/4] security: Add support for SCTP security hooks

On Fri, Dec 22, 2017 at 09:20:45AM -0800, Casey Schaufler wrote: > On 12/22/2017 5:05 AM, Marcelo Ricardo Leitner wrote: > > From: Richard Haines <richard_c_hai...@btinternet.com> > > > > The SCTP security hooks are explained in: > > Documentation/security/LS

[PATCH v3 4/4] selinux: Add SCTP support

From: Richard Haines <richard_c_hai...@btinternet.com> The SELinux SCTP implementation is explained in: Documentation/security/SELinux-sctp.rst Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com>

[PATCH v3 3/4] sctp: Add LSM hooks

From: Richard Haines <richard_c_hai...@btinternet.com> Add security hooks to allow security modules to exercise access control over SCTP. Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- include/

[PATCH v3 0/4] Add SELinux SCTP protocol support

Posting on behalf of Richard Haines. Patchset is based on selinux-tree/next. Some small conflicts are expected when merging with current net-next due to I-Data patches, including one at include/uapi/linux/sctp.h, on which the fix is to update the define SCTP_SENDMSG_CONNECT to a higher number.

[PATCH v3 2/4] sctp: Add ip option support

From: Richard Haines <richard_c_hai...@btinternet.com> Add ip option support to allow LSM security modules to utilise CIPSO/IPv4 and CALIPSO/IPv6 services. Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.co

[PATCH v3 1/4] security: Add support for SCTP security hooks

From: Richard Haines <richard_c_hai...@btinternet.com> The SCTP security hooks are explained in: Documentation/security/LSM-sctp.rst Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> --- Document

Re: INFO: task hung in bpf_exit_net

On Fri, Dec 22, 2017 at 11:58:08AM +0100, Dmitry Vyukov wrote: > On Tue, Dec 19, 2017 at 7:20 PM, David Ahern wrote: > > On 12/19/17 5:47 AM, Dmitry Vyukov wrote: > >> On Tue, Dec 19, 2017 at 1:36 PM, syzbot > >>

Re: [PATCH v3 next-queue 05/10] ixgbe: add ipsec offload add and remove SA

On Wed, Dec 20, 2017 at 05:39:13PM -0800, Shannon Nelson wrote: > On 12/20/2017 5:17 PM, Marcelo Ricardo Leitner wrote: > > Hi, > > > > On Tue, Dec 19, 2017 at 03:59:57PM -0800, Shannon Nelson wrote: > > > +} > > > + > > > +s

Re: [PATCH v3 next-queue 05/10] ixgbe: add ipsec offload add and remove SA

Hi, On Tue, Dec 19, 2017 at 03:59:57PM -0800, Shannon Nelson wrote: > +} > + > +static const struct xfrmdev_ops ixgbe_xfrmdev_ops = { > + .xdo_dev_state_add = ixgbe_ipsec_add_sa, > + .xdo_dev_state_delete = ixgbe_ipsec_del_sa, > +}; > + This struct is only declared if XFRM_OFFLOAD is

Re: [PATCH v3 ipsec-next 3/3] xfrm: wrap xfrmdev_ops with offload config

On Wed, Dec 20, 2017 at 08:22:40AM -0800, Shannon Nelson wrote: > On 12/20/2017 8:03 AM, Marcelo Ricardo Leitner wrote: > > On Tue, Dec 19, 2017 at 03:35:49PM -0800, Shannon Nelson wrote: > > > There's no reason to define netdev->xfrmdev_ops if > > > the of

Re: [PATCH v3 ipsec-next 3/3] xfrm: wrap xfrmdev_ops with offload config

On Tue, Dec 19, 2017 at 03:35:49PM -0800, Shannon Nelson wrote: > There's no reason to define netdev->xfrmdev_ops if > the offload facility is not CONFIG'd in. > > Signed-off-by: Shannon Nelson This one could use a Fixes tag perhaps: Fixes: d77e38e612a0 ("xfrm: Add an

Re: [pull request][for-next 00/11] Mellanox, mlx5 E-Switch updates 2017-12-19

On Tue, Dec 19, 2017 at 02:39:38PM -0800, Saeed Mahameed wrote: > On Tue, Dec 19, 2017 at 1:54 PM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > On Tue, Dec 19, 2017 at 12:33:29PM -0800, Saeed Mahameed wrote: > >> Hi Dave and Doug, > >>

Re: [PATCH net-next] net: Clarify dev_weight documentation for LRO and GRO_HW.

On Tue, Dec 19, 2017 at 04:12:56PM -0500, Michael Chan wrote: > Reported-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com> > Signed-off-by: Michael Chan <michael.c...@broadcom.com> Thanks! > --- > Documentation/sysctl/net.txt | 4 +++- > 1 file changed,

Re: [pull request][for-next 00/11] Mellanox, mlx5 E-Switch updates 2017-12-19

On Tue, Dec 19, 2017 at 12:33:29PM -0800, Saeed Mahameed wrote: > Hi Dave and Doug, > > == > This series includes updates for mlx5 E-Switch infrastructures, > to be merged into net-next and rdma-next trees. > > Mark's patches provide E-Switch refactoring that generalize the mlx5 >

Re: [PATCH net-next v5 0/5] Introduce NETIF_F_GRO_HW

On Tue, Dec 19, 2017 at 11:25:29AM -0800, Michael Chan wrote: > On Tue, Dec 19, 2017 at 11:04 AM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > Can we clarify on the meaning/expectations of dev_weight? The > > documentation currently says: > >

Re: [PATCH net-next v5 0/5] Introduce NETIF_F_GRO_HW

On Tue, Dec 19, 2017 at 10:50:24AM -0500, David Miller wrote: > From: Michael Chan > Date: Sat, 16 Dec 2017 03:09:39 -0500 > > > Introduce NETIF_F_GRO_HW feature flag and convert drivers that support > > hardware GRO to use the new flag. > > Series applied, thanks for

Re: [PATCH v3 net-next 6/6] tls: Add generic NIC offload infrastructure.

On Tue, Dec 19, 2017 at 03:38:16PM +, Ilya Lesokhin wrote: > Tuesday, December 19, 2017 5:12 PM, Marcelo Ricardo Leitner wrote: > > > > I'm not quite sure what you mean by "no net_device's are registered" > > > Presumably you mean there is no device that impl

Re: [PATCH v3 net-next 6/6] tls: Add generic NIC offload infrastructure.

On Tue, Dec 19, 2017 at 07:31:24AM +, Ilya Lesokhin wrote: > On Mon, Monday, December 18, 2017 9:54 PM, Marcelo Ricardo Leitner wrote: > > > On Mon, Dec 18, 2017 at 01:10:33PM +0200, Ilya Lesokhin wrote: > > > This patch adds a generic infrastructure to offload TLS cryp

Re: [PATCH v3 net-next 3/6] net: Add SW fallback infrastructure for offloaded sockets

On Tue, Dec 19, 2017 at 07:51:02AM +, Ilya Lesokhin wrote: > On Monday, December 18, 2017 9:18 PM, Marcelo Ricardo Leitner wrote: > > > > + > > > + if (sk && sk_fullsock(sk) && sk->sk_offload_check) > > > > Isn't this going to hurt the

Re: [PATCH v3 net-next 6/6] tls: Add generic NIC offload infrastructure.

On Mon, Dec 18, 2017 at 01:10:33PM +0200, Ilya Lesokhin wrote: > This patch adds a generic infrastructure to offload TLS crypto to a > network devices. It enables the kernel TLS socket to skip encryption > and authentication operations on the transmit side of the data path. > Leaving those

Re: [PATCH v3 net-next 3/6] net: Add SW fallback infrastructure for offloaded sockets

On Mon, Dec 18, 2017 at 01:10:30PM +0200, Ilya Lesokhin wrote: > Offloaded sockets rely on the netdev to transform the transmitted > packets before sending them over the network. > When a packet from an offloaded socket is looped back or > rerouted to a different device we need to detect it and >

Re: [PATCH net] sctp: add SCTP_CID_RECONF conversion in sctp_cname

On Mon, Dec 18, 2017 at 02:13:17PM +0800, Xin Long wrote: > Whenever a new type of chunk is added, the corresp conversion in > sctp_cname should be added. Otherwise, in some places, pr_debug > will print it as "unknown chunk". > > Fixes: cc16f00f6529 ("sctp: add support for generating stream

Re: [PATCH 2/4] sctp: Add ip option support

On Tue, Dec 12, 2017 at 05:24:46PM -0500, Paul Moore wrote: > On Tue, Dec 12, 2017 at 4:56 PM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > On Tue, Dec 12, 2017 at 04:33:03PM -0500, Paul Moore wrote: > >> On Tue, Dec 12, 2017 at 11:08

Re: [PATCHv2 net-next 8/8] sctp: support sysctl to allow users to use stream interleave

On Fri, Dec 15, 2017 at 12:41:32AM +0800, Xin Long wrote: > This is the last patch for support of stream interleave, after this patch, > users could enable stream interleave by systcl -w net.sctp.intl_enable=1. > > Signed-off-by: Xin Long Acked-by: Marcelo R. Leitner

Re: [PATCHv2 net-next 7/8] sctp: update mid instead of ssn when doing stream and asoc reset

On Fri, Dec 15, 2017 at 12:41:31AM +0800, Xin Long wrote: > When using idata and doing stream and asoc reset, setting ssn with > 0 could only clear the 1st 16 bits of mid. > > So to make this work for both data and idata, it sets mid with 0 > instead of ssn, and also mid_uo for unordered idata

Re: [PATCHv2 net-next 6/8] sctp: add stream interleave support in stream scheduler

On Fri, Dec 15, 2017 at 12:41:30AM +0800, Xin Long wrote: > As Marcelo said in the stream scheduler patch: > > Support for I-DATA chunks, also described in RFC8260, with user message > interleaving is straightforward as it just requires the schedulers to > probe for the feature and ignore

Re: [PATCHv2 net-next 5/8] sctp: implement handle_ftsn for sctp_stream_interleave

On Fri, Dec 15, 2017 at 12:41:29AM +0800, Xin Long wrote: > handle_ftsn is added as a member of sctp_stream_interleave, used to skip > ssn for data or mid for idata, called for SCTP_CMD_PROCESS_FWDTSN cmd. > > sctp_handle_iftsn works for ifwdtsn, and sctp_handle_fwdtsn works for > fwdtsn. Note

Re: [PATCHv2 net-next 4/8] sctp: implement report_ftsn for sctp_stream_interleave

On Fri, Dec 15, 2017 at 12:41:28AM +0800, Xin Long wrote: > report_ftsn is added as a member of sctp_stream_interleave, used to > skip tsn from tsnmap, remove old events from reasm or lobby queue, > and abort pd for data or idata, called for SCTP_CMD_REPORT_FWDTSN > cmd and asoc reset. > >

Re: [PATCHv2 net-next 3/8] sctp: implement validate_ftsn for sctp_stream_interleave

On Fri, Dec 15, 2017 at 12:41:27AM +0800, Xin Long wrote: > validate_ftsn is added as a member of sctp_stream_interleave, used to > validate ssn/chunk type for fwdtsn or mid (message id)/chunk type for > ifwdtsn, called in sctp_sf_eat_fwd_tsn, just as validate_data. > > If this check fails, an

Re: [PATCHv2 net-next 2/8] sctp: implement generate_ftsn for sctp_stream_interleave

On Fri, Dec 15, 2017 at 12:41:26AM +0800, Xin Long wrote: > generate_ftsn is added as a member of sctp_stream_interleave, used to > create fwdtsn or ifwdtsn chunk according to abandoned chunks, called > in sctp_retransmit and sctp_outq_sack. > > sctp_generate_iftsn works for ifwdtsn, and

Re: [PATCHv2 net-next 1/8] sctp: add basic structures and make chunk function for ifwdtsn

On Fri, Dec 15, 2017 at 12:41:25AM +0800, Xin Long wrote: > sctp_ifwdtsn_skip, sctp_ifwdtsn_hdr and sctp_ifwdtsn_chunk are used to > define and parse I-FWD TSN chunk format, and sctp_make_ifwdtsn is a > function to build the chunk. > > The I-FORWARD-TSN Chunk Format is defined in section 2.3.1 of

Re: [PATCH] ipv6: ip6mr: Recalc UDP checksum before forwarding

Hi, On Wed, Dec 13, 2017 at 10:20:48PM +1100, Brendan McGrath wrote: > Currently, when forwarding from a Virtual Interface to a Physical > Interface, ip_summed is set to a value of CHECKSUM_UNNECESSARY and > the UDP checksum has not been calculated. > > When the packet is then forwarded by a

Re: [PATCH 2/4] sctp: Add ip option support

On Tue, Dec 12, 2017 at 04:33:03PM -0500, Paul Moore wrote: > On Tue, Dec 12, 2017 at 11:08 AM, Marcelo Ricardo Leitner > <marcelo.leit...@gmail.com> wrote: > > Hi Richard, > > > > On Mon, Nov 27, 2017 at 07:31:21PM +, Richard Haines wrote: > > ... > &g

Re: [PATCH] veth: Optionally pad packets to minimum Ethernet length

On Tue, Dec 12, 2017 at 11:32:46AM -0600, Dan Williams wrote: > On Tue, 2017-12-12 at 08:13 -0800, Ed Swierk wrote: > > Most physical Ethernet devices pad short packets to the minimum > > length > > of 64 bytes (including FCS) on transmit. It can be useful to simulate > > this behavior when

Re: [PATCH 2/4] sctp: Add ip option support

On Tue, Dec 12, 2017 at 02:08:00PM -0200, Marcelo Ricardo Leitner wrote: > Hi Richard, > > On Mon, Nov 27, 2017 at 07:31:21PM +, Richard Haines wrote: > ... > > --- a/net/sctp/socket.c > > +++ b/net/sctp/socket.c > > @@ -3123,8 +3123,10 @@ static int sctp_set

<    1   2   3   4   5   6   7   8   9   10   >