Re: [PATCH net-next] net: gro: properly remove skb from list

flags: 0x17c0008100(slab|head) > [ 148.525481] raw: 0017c0008100 880106b938d0 880106b938d0 > 880106f4dfc0 > [ 148.527503] raw: 8801e52ee840 00190011 0001 > 0000 > [ 148.529547] page dumped because: kasan: bad access dete

[BUG net-next] BUG triggered with GRO SKB list_head changes

Starting with the following net-next commit, I see a BUG when starting a LXD container inside of a KVM guest using virtio-net: d4546c2509b1 net: Convert GRO SKB handling to list_head. Here's what the kernel spits out: kernel BUG at /var/scm/kernel/linux/include/linux/skbuff.h:2080! invalid

Re: [PATCH 0/2] Quiet noisy LSM denial when accessing net sysctl

On 05/17/2016 09:13 AM, Tyler Hicks wrote: > On 05/08/2016 10:56 PM, David Miller wrote: >> From: Tyler Hicks <tyhi...@canonical.com> >> Date: Fri, 6 May 2016 18:04:12 -0500 >> >>> This pair of patches does away with what I believe is a useless denial >>

Re: [PATCH 0/2] Quiet noisy LSM denial when accessing net sysctl

On 05/08/2016 10:56 PM, David Miller wrote: > From: Tyler Hicks <tyhi...@canonical.com> > Date: Fri, 6 May 2016 18:04:12 -0500 > >> This pair of patches does away with what I believe is a useless denial >> audit message when a privileged process initially accesses

[PATCH 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

application authors because root-running Go applications always triggered the denial. To prevent this confusion, the capability check in net_ctl_permissions() is switched to the noaudit variant. BugLink: https://launchpad.net/bugs/1465724 Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --

[PATCH 1/2] kernel: Add noaudit variant of ns_capable()

() is moved into a single, shared function to keep duplicated code to a minimum and ease maintainability. Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- include/linux/capability.h | 5 + kernel/capability.c| 46 -- 2 files chang

[PATCH 0/2] Quiet noisy LSM denial when accessing net sysctl

This pair of patches does away with what I believe is a useless denial audit message when a privileged process initially accesses a net sysctl. The bug was first discovered when running Go applications under AppArmor confinement. It can be triggered like so: $ echo "profile test { file, }" |

Re: [v2 PATCH 9/26] eCryptfs: Use skcipher and shash

th skcipher, > and the long obsolete hash interface with shash. > > Signed-off-by: Herbert Xu <herb...@gondor.apana.org.au> Acked-by: Tyler Hicks <tyhi...@canonical.com> I have no problem with you taking this through the cryptodev tree. Thanks! Tyler > > diff --git

[IPSEC] RFC 4301 PFP Support

the correct solution would be for openswan to pass valid selectors in UPDSA messages, even if it is the larval selectors we gave them. On a side note, Joy Latten has reported to see the same behavior while using ipsec-tools. Thanks! Tyler Hicks -- To unsubscribe from this list: send the line unsubscribe

[PATCH] [IPSEC]: Add populate from packet (PFP) support

in the flowi. Prior to this patch, the fields in the flowi were always used. Signed-off-by: Tyler Hicks [EMAIL PROTECTED] diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h index b58adc5..ce6b1b5 100644 --- a/include/linux/xfrm.h +++ b/include/linux/xfrm.h @@ -362,6 +362,11 @@ struct