Signed-off-by: Vincent Bernat
---
Documentation/networking/ip-sysctl.rst | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Documentation/networking/ip-sysctl.rst
b/Documentation/networking/ip-sysctl.rst
index dd2b12a32b73..48d9db9151ac 100644
--- a/Documentation/networking/ip
ption to ignore routes when nexthop
link is down")
Signed-off-by: Vincent Bernat
---
Documentation/networking/ip-sysctl.rst | 3 +++
include/linux/inetdevice.h | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/Documentation/networking/ip-sysctl.rst
b/Documentation/
The disable_policy and disable_xfrm are a per-interface sysctl to
disable IPsec policy or encryption on an interface. However, while a
"all" variant is exposed, it was a noop since it was never evaluated.
We use the usual "or" logic for this kind of sysctls.
Signed-of
44b50b ("net: RFC3069, private VLAN proxy arp support")
Signed-off-by: Vincent Bernat
---
include/linux/inetdevice.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
index 3bbcddd22df8..53aa0343bf69 100644
--- a/
Some per-interface sysctls are ignoring the "all" variant. This
patchset fixes some of them when such a sysctl is handled as a
boolean. This includes:
- net.ipvX.conf.all.disable_policy
- net.ipvX.conf.all.disable_policy.disable_xfrm
- net.ipv4.conf.all.proxy_arp_pvlan
- net.ipvX.conf.all.igno
❦ 23 octobre 2020 08:40 -06, David Ahern:
>> I am wondering if we should revert the patch for 5.10 while we can,
>> waiting for a better solution (and breaking people relying on the new
>> behavior in 5.9).
>>
>> Then, I can propose a patch with a sysctl to avoid breaking existing
>> setups.
>>
❦ 2 avril 2020 17:47 -07, David Miller:
>> Currently, SO_BINDTODEVICE requires CAP_NET_RAW. This change allows a
>> non-root user to bind a socket to an interface if it is not already
>> bound.
> ...
>
> Ok I'm convinced now, thanks for your patience.
I've got some user feedback about this pat
❦ 19 octobre 2020 17:53 -07, Jakub Kicinski:
> I'm not hearing any objections, but I have two questions:
> - do you intend to merge it for 5.10 or 5.11? Because it has a fixes
>tag, yet it's marked for net-next. If we put it in 5.10 it may get
>pulled into stable immediately, knowing how
ption to ignore routes when nexthop
link is down")
Signed-off-by: Vincent Bernat
---
Documentation/networking/ip-sysctl.rst | 3 +++
include/linux/inetdevice.h | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/Documentation/networking/ip-sysctl.rst
b/Documentation/
❦ 27 septembre 2020 20:38 -07, David Ahern:
> fib_rt_alloc is incremented by calls to ip6_dst_alloc. Each of your
> 9,999 pings is to a unique address and hence causes a dst to be
> allocated and the counter to be incremented. It is never decremented.
> That is standard operating procedure.
At s
Ability to tweak the interval between peer notifications has been
added in 07a4ddec3ce9 ("bonding: add an option to specify a delay
between peer notifications") but the documentation was not updated.
Signed-off-by: Vincent Bernat
---
Documentation/networking/bonding.txt | 16 +
❦ 7 juillet 2019 11:40 -07, Stephen Hemminger :
> Looks good. I notice that all these flags don't show up in any man
> page.
Yes, "bond type" is not described at all in the manual page. I'll come
with a patch.
--
Your manuscript is both good and original, but the part that is good is not
origi
_rate slow ad_select
stable tlb_dynamic_lb 1 addrgenmode eu
Signed-off-by: Vincent Bernat
---
include/uapi/linux/if_link.h | 1 +
ip/iplink_bond.c | 14 +-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux
_rate slow ad_select
stable tlb_dynamic_lb 1 addrgenmode eu
Signed-off-by: Vincent Bernat
---
include/uapi/linux/if_link.h | 1 +
ip/iplink_bond.c | 14 +-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux
IFLA_BOND_PEER_NOTIF_DELAY was set to the value of downdelay instead
of peer_notif_delay. After this change, the correct value is exported.
Fixes: 07a4ddec3ce9 ("bonding: add an option to specify a delay between peer
notifications")
Signed-off-by: Vincent Bernat
---
drivers/n
y triggered once every N times, while we need to decrement the
counter each time.
iproute2 also needs to be updated to be able to specify this new
attribute through `ip link'.
Signed-off-by: Vincent Bernat
---
drivers/net/bonding/bond_main.c| 31 -
drivers/net/bonding/bond
❦ 1 juillet 2019 11:27 +02, Jiri Pirko :
>>+module_param(peer_notif_delay, int, 0);
>>+MODULE_PARM_DESC(peer_notif_delay, "Delay between each peer notification on "
>>+"failover event, in milliseconds");
>
> No module options please. Use netlink. See bond_changeli
e to specify this new
attribute through `ip link'.
Signed-off-by: Vincent Bernat
---
drivers/net/bonding/bond_main.c| 55 +--
drivers/net/bonding/bond_netlink.c | 14 ++
drivers/net/bonding/bond_options.c | 71 +++---
drivers/net/bonding
❦ 13 janvier 2019 18:01 -08, Maciej Żenczykowski :
> But I seem to recall that the core problem we were trying to solve was
> that a daemon listening
> on an AF_PACKET ethertype 88CC [LLDP] socket not bound to any device
> would not receive LLDP packets
> arriving on inactive bond slaves (either
ctly on one of its
>> slaves
>>
>> Reported-by: Vincent Bernat
>> Signed-off-by: Michal Soltys
Maybe add:
Fixes: b89f04c61efe ("bonding: deliver link-local packets with skb->dev set to
link that packets arrived on")
> It is tiring and disappointing to se
❦ 23 décembre 2018 14:06 +01, Michal Soltys :
>>> Basing on what you wrote below, it seems that everything was already
>>> possible before the Chonggang Li's commit ?
>>>
>>> If I understand correctly:
>>>
>>> - if listening on master, you could get both slave interface
>>> (PACKET_ORIGDEV) as we
❦ 19 décembre 2018 23:57 +01, Michal Soltys :
>>> Commit b89f04c61efe ("bonding: deliver link-local packets with
>>> skb->dev set to link that packets arrived on") changed the behavior
>>> of how link-local-multicast packets are processed. The change in
>>> the behavior broke some legacy use case
❦ 30 novembre 2018 22:32 +0100, Vincent Bernat :
>> Commit b89f04c61efe ("bonding: deliver link-local packets with
>> skb->dev set to link that packets arrived on") changed the behavior
>> of how link-local-multicast packets are processed. The change in
>&g
❦ 15 juillet 2018 19:12 -0700, Mahesh Bandewar :
> Commit b89f04c61efe ("bonding: deliver link-local packets with
> skb->dev set to link that packets arrived on") changed the behavior
> of how link-local-multicast packets are processed. The change in
> the behavior broke some legacy use cases whe
Fixes: 83ba4645152d ("net: add helpers checking if socket can be bound to
nonlocal address")
Signed-off-by: Vincent Bernat
---
include/net/ipv6.h | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 82
The construction "net->ipv4.sysctl_ip_nonlocal_bind || inet->freebind
|| inet->transparent" is present three times and its IPv6 counterpart
is also present three times. We introduce two small helpers to
characterize these tests uniformly.
Signed-off-by: Vincent Berna
uot;ipv6: Nonlocal bind") for IPv6. This commit also allows
>> IPv6 source address spoofing when non-local bind feature is enabled.
>>
>> Signed-off-by: Vincent Bernat
>
> This definitely seems to make sense. And is consistent with the other
> tests involving freeb
ofing when non-local bind feature is enabled.
Signed-off-by: Vincent Bernat
---
net/ipv6/datagram.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
index 201306b9b5ea..c46936563b15 100644
--- a/net/ipv6/datagram.c
+++ b/net/ipv6/
❦ 14 juillet 2018 21:54 +0300, Serhey Popovych :
> We should leave only filter.label check and return 0:
>
> if (filter.label)
> return 0;
>
> This will ensure we exit from print_linkinfo() earlier, skip
> print_link_stats() and push final filtering by label to
> print_selected_a
❦ 11 juillet 2018 21:01 -0400, David Ahern :
>> +++ b/ip/ipaddress.c
>> @@ -837,11 +837,6 @@ int print_linkinfo(const struct sockaddr_nl *who,
>> if (!name)
>> return -1;
>>
>> -if (filter.label &&
>> -(!filter.family || filter.family == AF_PACKET) &&
>> -
hing. It also works if we specify a label and the label is
>> the interface name. The flush operation also works as expected.
>>
>> Fixes: 9516823051ce ("ipaddress: Improve print_linkinfo()")
>> Signed-off-by: Vincent Bernat
>> ---
>> ip/ipaddress.c | 5 -
ddr show" works as expected
with or without specifying a label, both when the label is matching
and not matching. It also works if we specify a label and the label is
the interface name. The flush operation also works as expected.
Fixes: 9516823051ce ("ipaddress: Improve print_linkin
in the rpfilter case. I suppose the interface check
later in the function would make it redundant. However, the remaining
of the routing code is using RT6_LOOKUP_F_IFACE when there is no
source address (which matches rpfilter's case with a non-unicast
destination, like with neighbor solicitati
❦ 29 avril 2018 11:07 -0700, David Ahern :
> +struct fib6_info *fib6_lookup(struct net *net, int oif, struct flowi6 *fl6,
> + int flags)
Maybe an EXPORT_SYMBOL_GPL? There is one for __fib_lookup (fib_lookup is
an inline function).
--
Use the "telephone test" for reada
❦ 2 avril 2018 22:05 +0300, Julian Anastasov :
> Sorry to say it but may be you missed the discussion
> on lvs-devel about the new MH scheduler implemented by Inju Song:
>
> https://www.spinics.net/lists/lvs-devel/msg04928.html
> http://archive.linuxvirtualserver.org/html/lvs-devel/2018-0
❦ 2 avril 2018 10:33 -0700, Eric Dumazet :
>> +static inline u32
>> +ip_vs_csh_permutation(struct ip_vs_dest *d, int j)
>> +{
>> +u32 offset, skip;
>> +__be32 addr_fold = d->addr.ip;
>> +
>> +#ifdef CONFIG_IP_VS_IPV6
>> +if (d->af == AF_INET6)
>> +addr_fold = d->addr.ip6
(for
very large setups).
[1]: https://research.google.com/pubs/pub44824.html
[2]:
https://blog.acolyer.org/2016/03/21/maglev-a-fast-and-reliable-software-network-load-balancer/
Signed-off-by: Vincent Bernat
---
include/net/ip_vs.h| 27
net/netfilter/ipvs/Kconfig | 13 ++
The sh/dh/lblc/lblcr algorithms are using Knuth's multiplicative
hashing incorrectly. Replace its use by the hash_32() macro, which
correctly implements this algorithm. It doesn't use the same constant,
but it shouldn't matter.
Signed-off-by: Vincent Bernat
---
net/netfilter/
❦ 1 avril 2018 11:11 +0300, Julian Anastasov :
>> -return (ntohl(addr_fold)*2654435761UL) & IP_VS_DH_TAB_MASK;
>> +return ((ntohl(addr_fold)*2654435761U) >>
>> +(32 - IP_VS_DH_TAB_BITS)) &
>> +IP_VS_DH_TAB_MASK;
>
> Looks like the '& mask' part is not neede
t.values()))
run(True)
run(False)
Its output is:
True 25000 765.9416862050705
False 390.625 4.681209831891333
Signed-off-by: Vincent Bernat
---
net/netfilter/ipvs/ip_vs_dh.c| 4 +++-
net/netfilter/ipvs/ip_vs_lblc.c | 4 +++-
net/netfilter/ipvs/ip_vs_lblcr.c | 4 +++-
ne
tation suggestion and we can assume there is nothing to color in
>> the JSON output.
>>
>> Signed-off-by: Vincent Bernat
>
> Looks fine to me, this could even go into master.
> Need to update man page and make sure behavior is consistent
> across ip, tc, and bridge
-off-by: Vincent Bernat
---
include/color.h | 1 -
ip/ip.c | 7 ---
lib/color.c | 8
3 files changed, 4 insertions(+), 12 deletions(-)
diff --git a/include/color.h b/include/color.h
index f6c351b77746..c80359d3e2e9 100644
--- a/include/color.h
+++ b/include/color.h
❦ 16 novembre 2017 20:23 +0100, Andrew Lunn :
> struct net_bridge_fdb_entry is 40 bytes.
>
> My WiFi access point which is also a 5 port bridge, currently has 97MB
> free RAM. That is space for about 2.5M FDB entries. So even Roopa's
> 128K is not really a problem, in terms of memory.
I am also
earlier. I have tested
your fix and I can confirm it works as expected.
> Fixes: f1fb08f6337c ("vxlan: fix ND proxy when skb doesn't have transport
> header offset")
> Reported-by: Jianlin Shi
> Signed-off-by: Xin Long
Reviewed-by: Vincent Bernat
--
Don't just e
efault
>> link/ether 9e:da:60:ee:cf:c8 brd ff:ff:ff:ff:ff:ff
>>
>> 5: dummy1: mtu 1500 qdisc noqueue master
>> bridge0 state UNKNOWN group default
>> link/ether 9e:da:60:ee:cf:c8 brd ff:ff:ff:ff:ff:ff
>> 5: dummy1: mtu 1500 master bridge0 state
>> U
❦ 21 septembre 2017 08:09 -0700, Roopa Prabhu :
>>> The one concern is that ports added or removed through ioctl should
>>> cause same events as doing the same thing via netlink. Some users use
>>> brctl (ioctl) and others use newer bridge (netlink) API.
>>
>> I'll make a third iteration to have
: Vincent Bernat
---
net/bridge/br_ioctl.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c
index 7970f8540cbb..66cd98772051 100644
--- a/net/bridge/br_ioctl.c
+++ b/net/bridge/br_ioctl.c
@@ -102,6 +102,9 @@ static int add_del_if(struct net_bridge *br
❦ 20 septembre 2017 16:21 -0700, Stephen Hemminger
:
> The one concern is that ports added or removed through ioctl should
> cause same events as doing the same thing via netlink. Some users use
> brctl (ioctl) and others use newer bridge (netlink) API.
I'll make a third iteration to have the
❦ 20 septembre 2017 15:57 -0600, David Ahern :
> The DELLINK is for AF_BRIDGE family (ifi_family). Adding family to
> print_linkinfo and running the monitor I get:
>
>
> [LINK]family 0: 35: dummy1: mtu 1500 qdisc
> noqueue master br0 state UNKNOWN group default
> link/ether d6:c3:73:86:3c:7
(). When using Netlink, such an
event is already automatically emitted in do_setlink().
Signed-off-by: Vincent Bernat
---
net/bridge/br_ioctl.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/bridge/br_ioctl.c b/net/bridge/br_ioctl.c
index 7970f8540cbb..3148cb3a8e82 100644
❦ 15 septembre 2017 21:38 +0200, Vincent Bernat :
> Currently, when an interface is released from a bridge, we get a
> RTM_DELLINK event through netlink:
>
> Deleted 2: dummy0: mtu 1500 master bridge0
> state UNKNOWN
> link/ether 6e:23:c2:54:3a:b3
It should be noted
interface is
released (without master info).
Deleted 2: dummy0: mtu 1500 master bridge0 state
UNKNOWN
link/ether 8a:bb:e7:94:b1:f8
2: dummy0: mtu 1500 qdisc noqueue state UNKNOWN
group default
link/ether 8a:bb:e7:94:b1:f8 brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vincent Bernat
---
net/bridge
k-lab/blob/master/lab-routes-ipv6/kbench_mod.c
Signed-off-by: Vincent Bernat
Reviewed-by: Jiri Pirko
---
include/net/netns/ipv6.h | 1 +
net/ipv6/fib6_rules.c| 40 +++-
net/ipv6/route.c | 1 +
3 files changed, 29 insertions(+), 13 deletions(-)
❦ 8 août 2017 08:46 -0600, David Ahern :
>> diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
>> index 2f29e4e33bd3..693c27ede40e 100644
>> --- a/net/ipv6/fib6_rules.c
>> +++ b/net/ipv6/fib6_rules.c
>> @@ -63,19 +63,32 @@ unsigned int fib6_rules_seq_read(struct net *net)
>> struct dst
outes-ipv6/kbench_mod.c
Signed-off-by: Vincent Bernat
---
include/net/netns/ipv6.h | 1 +
net/ipv6/fib6_rules.c| 34 --
net/ipv6/route.c | 1 +
3 files changed, 26 insertions(+), 10 deletions(-)
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ip
8:1::12
metric 1024 pref medium
After the patch, we get:
2001:db8:1::50 via 2001:db8:1::13 dev out6 src 2001:db8:1::12 metric 0
cache expires 578sec mtu 1400 pref medium
Fixes: 2647a9b07032 ("ipv6: Remove external dependency on rt6i_gateway and
RTF_ANYCAST")
Signed-off-by
It dates back from 2.1.16 and is obsolete since 2.1.68 when the current
rule system has been introduced.
Signed-off-by: Vincent Bernat
---
Documentation/networking/policy-routing.txt | 150
1 file changed, 150 deletions(-)
delete mode 100644 Documentation
with skb_network_offset() + sizeof(struct
ipv6hdr). Additionally, ensure we pskb_may_pull() the whole skb as we
need it to iterate over the options.
Signed-off-by: Vincent Bernat
---
drivers/net/vxlan.c | 29 +++--
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/dr
with skb_network_offset() + sizeof(struct
ipv6hdr). Additionally, ensure we pskb_may_pull() the whole skb as we
need it to iterate over the options.
Signed-off-by: Vincent Bernat
---
drivers/net/vxlan.c | 28 ++--
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/dr
❦ 30 mars 2017 06:36 -0700, Eric Dumazet :
>>> Parsing of neighbor discovery options is done earlier to ignore the
>>> whole packet in case of a malformed option. Moreover, the assumption the
>>> skb was linear is removed and options are extracted with
>>> skb_header_pointer() as well. The check
❦ 29 mars 2017 22:47 +0200, Vincent Bernat :
> Parsing of neighbor discovery options is done earlier to ignore the
> whole packet in case of a malformed option. Moreover, the assumption the
> skb was linear is removed and options are extracted with
> skb_header_pointer() as well.
16) fe80::5254:33ff:fe00:8 > ff02::2: [icmp6 sum
ok] ICMP6, router solicitation, length 16
source link-address option (1), length 8 (1): 50:54:33:00:00:08
0x: 5054 3300 0008
Signed-off-by: Vincent Bernat
---
drivers
When sending a L3 miss, the family is set to AF_INET even for IPv6. This
causes userland (eg "ip monitor") to be confused. Ensure we send the
appropriate family in this case. For L2 miss, keep using AF_INET.
Signed-off-by: Vincent Bernat
---
drivers/net/vxlan.c | 2 +-
1 file
f the user specifies a preferred address family (eg, "ip -6 link add"),
then send either IFLA_VXLAN_GROUP or IFLA_VXLAN_GROUP6 to enforce the
use of the appropriate family.
Signed-off-by: Vincent Bernat
---
ip/iplink_vxlan.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git
❦ 24 novembre 2016 10:55 +0100, Miroslav Lichvar :
> The ETHTOOL_GLINKSETTINGS command is deprecating the ETHTOOL_GSET
> command and likewise it shouldn't require the CAP_NET_ADMIN
> capability.
Could this patch be pushed to stable branches too?
--
Each module should do one thing well.
❦ 19 septembre 2016 06:58 CEST, David Miller :
>> @@ -1808,6 +1808,30 @@ static struct rt6_info *ip6_nh_lookup_table(struct
>> net *net,
>> return rt;
>> }
>>
>> +static int ip6_nh_valid(struct rt6_info *grt,
>> +struct net_device **dev, struct inet6_dev **idev) {
>>
default via 2001:db8::5 dev eth0 metric 1024 pref medium
Fixes: 8c14586fc320 ("net: ipv6: Use passed in table for nexthop lookups")
Signed-off-by: Vincent Bernat
---
net/ipv6/route.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/net/ipv6/route.
default via 2001:db8::5 dev eth0 metric 1024 pref medium
Signed-off-by: Vincent Bernat
---
net/ipv6/route.c | 8
1 file changed, 8 insertions(+)
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index ad4a7ff301fc..2c6c7257ff75 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
❦ 16 septembre 2016 20:36 CEST, David Ahern :
>> contained a non-connected route (like a default gateway) fails while it
>> was previously working:
>>
>> $ ip link add eth0 type dummy
>> $ ip link set up dev eth0
>> $ ip addr add 2001:db8::1/64 dev eth0
>> $ ip route add ::/0 vi
default via 2001:db8::5 dev eth0 metric 1024 pref medium
Signed-off-by: Vincent Bernat
---
net/ipv6/route.c | 48 +++-
1 file changed, 27 insertions(+), 21 deletions(-)
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index ad4a7ff301fc..c2aaddcfe
❦ 12 septembre 2016 18:12 CEST, Daniel Mack :
> * The sample program learned to support both ingress and egress, and
> can now optionally make the eBPF program drop packets by making it
> return 0.
Ability to lock the eBPF program to avoid modification from a later
program or in a subcgroup
❦ 14 septembre 2016 17:25 CEST, David Ahern :
>> I could just give more time to VRF. I also had some concerns over
>> performance with the way Netfilter integration is done, but I understand
>> that I could just stay away from POSTROUTING rules which is the only
>> hook executed twice?
> With t
❦ 14 septembre 2016 16:39 CEST, David Ahern :
When a user wants to assign a routing table to a group of incoming
interfaces, the current solutions are:
- one IP rule for each interface (scalability problems)
- use of fwmark and devgroup matcher (don't work with interna
❦ 14 septembre 2016 16:15 CEST, David Ahern :
>> When a user wants to assign a routing table to a group of incoming
>> interfaces, the current solutions are:
>>
>> - one IP rule for each interface (scalability problems)
>> - use of fwmark and devgroup matcher (don't work with internal route
>
❦ 14 septembre 2016 14:40 CEST, Vincent Bernat :
> Each interface can be assigned to a numeric group using IFLA_GROUP. This
> commit enables a user to reference such a group into an IP rule. Here is
> an example of output of iproute2:
>
> $ ip rule show
> 0: fro
32765: from all iifgroup 1 lookup 1
32766: from all lookup main
32767: from all lookup default
Signed-off-by: Vincent Bernat
---
include/net/fib_rules.h| 6 -
include/uapi/linux/fib_rules.h | 2 ++
net/core/fib_rules.c | 57
❦ 31 mai 2016 08:30 CEST, Vincent Bernat :
> diff --git a/drivers/net/veth.c b/drivers/net/veth.c
> index f37a6e61d4ad..aaa1b023b9f2 100644
> --- a/drivers/net/veth.c
> +++ b/drivers/net/veth.c
> @@ -466,6 +466,8 @@ static int veth_newlink(struct net *src_net, struct
&g
eth0: mtu 1500 qdisc noop state DOWN
group default
link/ether ea:e4:e2:26:3c:87 brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vincent Bernat
---
v4:
- use ~0U instead of IFF_SLAVE for ifi_change
v3:
- send an additional netlink messages once the peer link is tied to
avoid any chicken/egg p
❦ 30 mai 2016 18:27 CEST, Nicolas Dichtel :
>>> +
>>> + rtmsg_ifinfo(RTM_NEWLINK, peer, IFF_SLAVE, GFP_KERNEL);
>>
>> Maybe ~0U would be better than hijacking IFF_SLAVE?
> IFF_SLAVE is wrong. It's a flag here, that will be put in the ifi_change field
> not an attribute number.
There are some
❦ 30 mai 2016 17:58 CEST, Vincent Bernat :
> +
> + rtmsg_ifinfo(RTM_NEWLINK, peer, IFF_SLAVE, GFP_KERNEL);
Maybe ~0U would be better than hijacking IFF_SLAVE?
--
Anyone who has had a bull by the tail knows five or six more things
than someone who hasn't.
-- Mark Twain
eth0: mtu 1500 qdisc noop state DOWN
group default
link/ether ea:e4:e2:26:3c:87 brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vincent Bernat
---
v3:
- send an additional netlink messages once the peer link is tied to
avoid any chicken/egg problem
v2:
- ensure the device is unregistered
❦ 30 mai 2016 17:19 CEST, Nicolas Dichtel :
priv = netdev_priv(peer);
rcu_assign_pointer(priv->peer, dev);
+
+ err = rtnl_configure_link(peer, ifmp);
+ if (err < 0)
+ goto err_configure_peer;
>>
>>> You should fix the error path. 'unregister_netdev
❦ 30 mai 2016 12:12 CEST, Vincent Bernat :
> When the peer link is created, its "iflink" information is not
[...]
And that's the wrong patch... Please, ignore this one.
--
Don't stop with your first draft.
- The Elements of Programming Style (Kernighan & Plauger)
❦ 30 mai 2016 11:23 CEST, Nicolas Dichtel :
>> @@ -466,6 +462,10 @@ static int veth_newlink(struct net *src_net, struct
>> net_device *dev,
>>
>> priv = netdev_priv(peer);
>> rcu_assign_pointer(priv->peer, dev);
>> +
>> +err = rtnl_configure_link(peer, ifmp);
>> +if (err < 0
p
default
link/ether ee:0d:80:46:36:fe brd ff:ff:ff:ff:ff:ff
4: veth1@veth0: mtu 1500 qdisc noop state DOWN
group default
link/ether ba:25:bc:7a:0d:c8 brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vincent Bernat
---
drivers/net/veth.c | 13 +
1 file changed, 9 insertions(+), 4
p
default
link/ether ee:0d:80:46:36:fe brd ff:ff:ff:ff:ff:ff
4: veth1@veth0: mtu 1500 qdisc noop state DOWN
group default
link/ether ba:25:bc:7a:0d:c8 brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vincent Bernat
---
drivers/net/veth.c | 8
1 file changed, 4 insertions(+), 4
p
default
link/ether ee:0d:80:46:36:fe brd ff:ff:ff:ff:ff:ff
4: veth1@veth0: mtu 1500 qdisc noop state DOWN
group default
link/ether ba:25:bc:7a:0d:c8 brd ff:ff:ff:ff:ff:ff
Signed-off-by: Vincent Bernat
---
drivers/net/veth.c | 8
1 file changed, 4 insertions(+), 4
❦ 1 mars 2016 11:03 +0100, "Michael Kerrisk (man-pages)"
:
> Once the SO_LOCK_FILTER option has been enabled,
> attempts by an unprivileged process to change or remove
> the filter attached to a socket, or to disable the
> SO_LOCK_FILTER o
❦ 20 août 2015 14:07 -0700, David Miller :
I also don't know what is the best way to handle this. veth advertises
its peer via IFLA_LINK since 4.1, so it's too late to change it for
this
release.
>>>
>>> Apparently we need to pick our poison. Either way, we break something.
>
❦ 19 août 2015 14:38 +0200, Jiri Benc :
>> That's the main goal of this patch: advertising the peer link as
>> IFLA_LINK attribute triggers an infinite loop in userland software when
>> they follow iflink to discover network devices topology. iflink has
>> always been the index of a lower device
❦ 19 août 2015 13:00 +0200, Jiri Benc :
>> While the documentation doesn't say exactly what kind of relationship
>> iflink should represent, until a45253, only lower devices were
>> advertised this way. While veth cannot have a lower device, using iflink
>> to advertise the peer may create infin
evice topology.
Instead of advertising the peer link with iflink, a symbolic link "peer"
is added to each peer.
Signed-off-by: Vincent Bernat
---
drivers/net/veth.c | 40 +---
1 file changed, 25 insertions(+), 15 deletions(-)
diff --git a/drive
Here is a proposed patch to fix this by providing a symlink to the
peer instead. This may not totally replace the use of iflink since the
peer won't be available through netlink anymore but maybe this is good
enough for the intended use.
--
To unsubscribe from this list: send the line "unsubscribe
93 matches
Mail list logo