Re: [PATCH -next] net: dsa: mv88e6xxx: fix non static symbol warnings

Hi Wei, Wei Yongjun writes: > From: Wei Yongjun > > Fixes the following sparse warnings: > > drivers/net/dsa/mv88e6xxx/chip.c:219:5: warning: > symbol 'mv88e6xxx_port_read' was not declared. Should it be static? >

[PATCH net] ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route

Since the commit below the ipmr/ip6mr rtnl_unicast() code uses the portid instead of the previous dst_pid which was copied from in_skb's portid. Since the skb is new the portid is 0 at that point so the packets are sent to the kernel and we get scheduling while atomic or a deadlock (depending on

Re: [PATCH][V2] mlxsw: spectrum: remove redundant check if err is zero

On 24/09/16 22:08, Ido Schimmel wrote: > On Sat, Sep 24, 2016 at 06:03:38PM -0700, Colin King wrote: >> From: Colin Ian King >> >> There is an earlier check and return if err is non-zero, so >> the check to see if it is zero is redundant in every iteration >> of the loop

Re: [PATCH 00/53] Netfilter updates for net-next

From: Pablo Neira Ayuso Date: Mon, 26 Sep 2016 01:06:10 +0200 > The following patchset contains Netfilter updates for your net-next > tree, they are: ... > You can pull these changes from: > > git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git Pulled,

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On 16-09-25 09:35 PM, Florian Westphal wrote: Jamal Hadi Salim wrote: Realize didnt respond to this. Seems very simple to fix: if skb->dev->ifindex and m->tcfm_dev->ifindex are the same, then you can drop the packet. Yes, but I think we get same issue when we deal with

[PATCH 32/53] netfilter: nf_tables: check tprot_set first when we use xt.thoff

From: Liping Zhang pkt->xt.thoff is not always set properly, but we use it without any check. For payload expr, it will cause wrong results. For nftrace, we may notify the wrong network or transport header to the user space, furthermore, input the following nft

[PATCH 23/53] netfilter: nf_queue: get rid of dependency on IP6_NF_IPTABLES

From: Liping Zhang hash_v6 is used by both nftables and ip6tables, so depend on IP6_NF_IPTABLES is not properly. Actually, it only parses ipv6hdr and computes a hash value, so even if IPV6 is disabled, there's no side effect too, remove it. Signed-off-by: Liping

[PATCH 48/53] netfilter: xt_hashlimit: Create revision 2 to support higher pps rates

From: Vishwanath Pai Create a new revision for the hashlimit iptables extension module. Rev 2 will support higher pps of upto 1 million, Version 1 supports only 10k. To support this we have to increase the size of the variables avg and burst in hashlimit_cfg to 64-bit. Create

RE: [v12, 0/8] Fix eSDHC host version register bug

Any comments about this version patchset ? :) > -Original Message- > From: Yangbo Lu [mailto:yangbo...@nxp.com] > Sent: Wednesday, September 21, 2016 2:57 PM > To: linux-...@vger.kernel.org; ulf.hans...@linaro.org; Scott Wood; Arnd > Bergmann > Cc: linuxppc-...@lists.ozlabs.org;

[PATCH v2] iproute2: macvlan: add "source" mode

Adjusting iproute2 utility to support new macvlan link type mode called "source". Example of commands that can be applied: ip link add link eth0 name macvlan0 type macvlan mode source ip link set link dev macvlan0 type macvlan macaddr add 00:11:11:11:11:11 ip link set link dev macvlan0 type

[PATCH] net: smc91x: take into account register shift

This aligns smc91x with its cousin, namely smc911x.c. This also allows the driver to run also in a device-tree based lubbock board build, on which it was tested. Signed-off-by: Robert Jarzmik --- drivers/net/ethernet/smsc/smc91x.c | 3 +++ 1 file changed, 3 insertions(+)

[PATCH 00/53] Netfilter updates for net-next

Hi David, The following patchset contains Netfilter updates for your net-next tree, they are: 1) Consolidate GRE protocol tracker using new GRE protocol definitions, patches from Gao Feng. 2) Properly parse continuation lines in SIP helper, update allowed characters in Call-ID header and

[PATCH 01/53] netfilter: gre: Use consistent GRE_* macros instead of ones defined by netfilter.

From: Gao Feng There are already some GRE_* macros in kernel, so it is unnecessary to define these macros. And remove some useless macros Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso ---

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On 16-09-25 02:31 PM, Florian Westphal wrote: Shmulik Ladkani wrote: We can later address any loop-detection improvements in mirred. WDYT? You can address this after fixing infamous spinlock recursion hard lockup (which has existed forever): tc qdisc add dev eth0

Re: [PATCH] igb: mark igb_rxnfc_write_vlan_prio_filter() static

On Sun, 2016-09-25 at 14:05 +0800, Baoyou Xie wrote: > We get 1 warning when building kernel with W=1: > drivers/net/ethernet/intel/igb/igb_ethtool.c:2707:5: warning: no previous > prototype for 'igb_rxnfc_write_vlan_prio_filter' [-Wmissing-prototypes] > > In fact, this function is only used in

Re: [PATCH] ixgbe: mark symbols static where possible

On Sun, 2016-09-25 at 14:03 +0800, Baoyou Xie wrote: > We get 2 warnings when building kernel with W=1: > drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c:2128:5: warning: no > previous prototype for 'ixgbe_led_on_t_x550em' [-Wmissing-prototypes] >

[PATCH 45/53] netfilter: nft_ct: unnecessary to require dir when use ct l3proto/protocol

From: Liping Zhang Currently, if the user want to match ct l3proto, we must specify the direction, for example: # nft add rule filter input ct original l3proto ipv4 Otherwise, error message will be reported: # nft add

[PATCH 53/53] netfilter: nf_log: get rid of XT_LOG_* macros

From: Liping Zhang nf_log is used by both nftables and iptables, so use XT_LOG_XXX macros here is not appropriate. Replace them with NF_LOG_XXX. Signed-off-by: Liping Zhang Signed-off-by: Pablo Neira Ayuso ---

[PATCH 36/53] netfilter: xt_TCPMSS: Refactor the codes to decrease one condition check and more readable

From: Gao Feng The origin codes perform two condition checks with dst_mtu(skb_dst(skb)) and in_mtu. And the last statement is "min(dst_mtu(skb_dst(skb)), in_mtu) - minlen". It may let reader think about how about the result. Would it be negative. Now assign the result of

[PATCH 40/53] netfilter: Remove explicit rcu_read_lock in nf_hook_slow

From: Aaron Conole All of the callers of nf_hook_slow already hold the rcu_read_lock, so this cleanup removes the recursive call. This is just a cleanup, as the locking code gracefully handles this situation. Signed-off-by: Aaron Conole Signed-off-by:

[PATCH 37/53] netfilter: bridge: add and use br_nf_hook_thresh

From: Florian Westphal This replaces the last uses of NF_HOOK_THRESH(). Followup patch will remove it and rename nf_hook_thresh. The reason is that inet (non-bridge) netfilter no longer invokes the hooks from hooks, so we do no longer need the thresh value to skip hooks with a

[PATCH 27/53] netfilter: nft_numgen: add number generation offset

From: Laura Garcia Liebana Add support of an offset value for incremental counter and random. With this option the sysadmin is able to start the counter to a certain value and then apply the generated number. Example: meta mark set numgen inc mod 2 offset 100 This

[PATCH 38/53] netfilter: call nf_hook_state_init with rcu_read_lock held

From: Florian Westphal This makes things simpler because we can store the head of the list in the nf_state structure without worrying about concurrent add/delete of hook elements from the list. A future commit will make use of this to implement a simpler linked-list.

[PATCH 35/53] netfilter: nft_lookup: remove superfluous element found check

We already checked for !found just a bit before: if (!found) { regs->verdict.code = NFT_BREAK; return; } if (found && set->flags & NFT_SET_MAP) ^ So this redundant check can just go away. Signed-off-by: Pablo Neira Ayuso

[PATCH 52/53] netfilter: nft_log: complete NFTA_LOG_FLAGS attr support

From: Liping Zhang NFTA_LOG_FLAGS attribute is already supported, but the related NF_LOG_XXX flags are not exposed to the userspace. So we cannot explicitly enable log flags to log uid, tcp sequence, ip options and so on, i.e. such rule "nft add rule filter output

[PATCH 46/53] netfilter: nft_ct: report error if mark and dir specified simultaneously

From: Liping Zhang NFT_CT_MARK is unrelated to direction, so if NFTA_CT_DIRECTION attr is specified, report EINVAL to the userspace. This validation check was already done at nft_ct_get_init, but we missed it in nft_ct_set_init. Signed-off-by: Liping Zhang

[PATCH 43/53] netfilter: replace list_head with single linked list

From: Aaron Conole The netfilter hook list never uses the prev pointer, and so can be trimmed to be a simple singly-linked list. In addition to having a more light weight structure for hook traversal, struct net becomes 5568 bytes (down from 6400) and struct net_device

[PATCH 22/53] netfilter: Add the missed return value check of nft_register_chain_type

From: Gao Feng There are some codes of netfilter module which did not check the return value of nft_register_chain_type. Add the checks now. Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso ---

[PATCH 50/53] netfilter: xt_socket: fix transparent match for IPv6 request sockets

From: KOVACS Krisztian The introduction of TCP_NEW_SYN_RECV state, and the addition of request sockets to the ehash table seems to have broken the --transparent option of the socket match for IPv6 (around commit a9407000). Now that the socket lookup finds the

[PATCH 24/53] netfilter: conntrack: remove packet hotpath stats

From: Florian Westphal These counters sit in hot path and do show up in perf, this is especially true for 'found' and 'searched' which get incremented for every packet processed. Information like searched=212030105 new=623431 found=333613 delete=623327 does not seem too

[PATCH 51/53] netfilter: nf_tables: add range expression

Inverse ranges != [a,b] are not currently possible because rules are composites of && operations, and we need to express this: data < a || data > b This patch adds a new range expression. Positive ranges can be already through two cmp expressions: cmp(sreg, data, >=)

[PATCH 33/53] netfilter: Enhance the codes used to get random once

From: Gao Feng There are some codes which are used to get one random once in netfilter. We could use net_get_random_once to simplify these codes. Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso --- net/netfilter/xt_RATEEST.c |

[PATCH 44/53] netfilter: seqadj: Fix the wrong ack adjust for the RST packet without ack

From: Gao Feng It is valid that the TCP RST packet which does not set ack flag, and bytes of ack number are zero. But current seqadj codes would adjust the "0" ack to invalid ack number. Actually seqadj need to check the ack flag before adjust it for these RST packets. The

[PATCH 41/53] netfilter: Only allow sane values in nf_register_net_hook

From: Aaron Conole This commit adds an upfront check for sane values to be passed when registering a netfilter hook. This will be used in a future patch for a simplified hook list traversal. Signed-off-by: Aaron Conole Signed-off-by: Pablo Neira Ayuso

[PATCH 42/53] netfilter: nf_queue: whitespace cleanup

From: Aaron Conole A future patch will modify the hook drop and outfn functions. This will cause the line lengths to take up too much space. This is simply a readability change. Signed-off-by: Aaron Conole Signed-off-by: Pablo Neira Ayuso

[PATCH 39/53] netfilter: call nf_hook_ingress with rcu_read_lock

From: Aaron Conole This commit ensures that the rcu read-side lock is held while the ingress hook is called. This ensures that a call to nf_hook_slow (and ultimately nf_ingress) will be read protected. Signed-off-by: Aaron Conole Signed-off-by: Pablo

[PATCH 47/53] netfilter: xt_hashlimit: Prepare for revision 2

From: Vishwanath Pai I am planning to add a revision 2 for the hashlimit xtables module to support higher packets per second rates. This patch renames all the functions and variables related to revision 1 by adding _v1 at the end of the names. Signed-off-by: Vishwanath Pai

[PATCH 30/53] netfilter: nf_queue: improve queue range support for bridge family

From: Liping Zhang After commit ac2863445686 ("netfilter: bridge: add nf_afinfo to enable queuing to userspace"), we can queue packets to the user space in bridge family. But when the user specify the queue range, packets will be only delivered to the first queue

[PATCH 49/53] netfilter: evict stale entries when user reads /proc/net/nf_conntrack

From: Florian Westphal Fabian reports a possible conntrack memory leak (could not reproduce so far), however, one minor issue can be easily resolved: > cat /proc/net/nf_conntrack | wc -l = 5 > 4 minutes required to clean up the table. We should not report those timed-out

[PATCH 34/53] netfilter: xt_helper: Use sizeof(variable) instead of literal number

From: Gao Feng It's better to use sizeof(info->name)-1 as index to force set the string tail instead of literal number '29'. Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso --- net/netfilter/xt_helper.c | 2 +- 1 file changed, 1

[PATCH 03/53] netfilter: nf_ct_sip: correct parsing of continuation lines in SIP headers

From: Marco Angaroni Current parsing methods for SIP headers do not properly manage continuation lines: in case of Call-ID header the first character of Call-ID header value is truncated. As a result IPVS SIP persistence engine hashes over a call-id that is not exactly

[PATCH 06/53] netfilter: ftp: Remove the useless code

From: Gao Feng There are some debug code which are commented out in find_pattern by #if 0. Now remove them. Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso --- net/netfilter/nf_conntrack_ftp.c | 13 + 1 file changed,

Re: [PATCH] net: smc91x: take into account register shift

From: Robert Jarzmik Date: Sun, 25 Sep 2016 23:00:45 +0200 > This aligns smc91x with its cousin, namely smc911x.c. > This also allows the driver to run also in a device-tree based lubbock > board build, on which it was tested. > > Signed-off-by: Robert Jarzmik

[PATCH] net: tg3: use new api ethtool_{get|set}_link_ksettings

The ethtool api {get|set}_settings is deprecated. We move this driver to new api {get|set}_link_ksettings. Signed-off-by: Philippe Reynes --- drivers/net/ethernet/broadcom/tg3.c | 112 +++ 1 files changed, 62 insertions(+), 50 deletions(-)

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On 16-09-25 12:26 PM, Daniel Borkmann wrote: On 09/25/2016 03:05 PM, Jamal Hadi Salim wrote: [..] MAX_RED_LOOP (stands for "Maximum Redirect loop") still exists in current code. The idea above was that we would increment the rttl counter once and if we saw it again upto MAX_RED_LOOP we

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On 16-09-25 02:33 PM, Florian Westphal wrote: Daniel Borkmann wrote: [..] Why not just reuse xmit_recursion, which is what we did in tc cls_bpf programs f.e. see __bpf_tx_skb()? Would be a pity to waste 3 bits on this in the skb. +1, don't (yet) understand why a

[PATCH] iproute2: macvlan: add "source" mode

Adjusting iproute2 utility to support new macvlan link type mode called "source". Example of commands that can be applied: ip link add link eth0 name macvlan0 type macvlan mode source ip link set link dev macvlan0 type macvlan macaddr add 00:11:11:11:11:11 ip link set link dev macvlan0 type

Re: [PATCH] iproute2: macvlan: add "source" mode

Please ignore this patch, something went wrong. Regards, M. Braun Am 25.09.2016 20:52, schrieb Michael Braun: Adjusting iproute2 utility to support new macvlan link type mode called "source". Example of commands that can be applied: ip link add link eth0 name macvlan0 type macvlan mode

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

Jamal Hadi Salim wrote: > On 16-09-25 02:31 PM, Florian Westphal wrote: > >Shmulik Ladkani wrote: > >>We can later address any loop-detection improvements in mirred. > >>WDYT? > > > >You can address this after fixing infamous spinlock recursion hard

Re: [PATCH -next] net: dsa: mv88e6xxx: fix non static symbol warnings

From: Wei Yongjun Date: Sun, 25 Sep 2016 15:43:02 + > From: Wei Yongjun > > Fixes the following sparse warnings: > > drivers/net/dsa/mv88e6xxx/chip.c:219:5: warning: > symbol 'mv88e6xxx_port_read' was not declared. Should it be static? >

Re: [PATCH -next] be2net: fix non static symbol warnings

From: Wei Yongjun Date: Sun, 25 Sep 2016 15:40:36 + > From: Wei Yongjun > > Fixes the following sparse warnings: > > drivers/net/ethernet/emulex/benet/be_main.c:47:25: warning: > symbol 'be_err_recovery_workq' was not declared. Should it be

[PATCH v3] iproute2: macvlan: add "source" mode

Adjusting iproute2 utility to support new macvlan link type mode called "source". Example of commands that can be applied: ip link add link eth0 name macvlan0 type macvlan mode source ip link set link dev macvlan0 type macvlan macaddr add 00:11:11:11:11:11 ip link set link dev macvlan0 type

[PATCH 29/53] netfilter: nft_queue: add _SREG_QNUM attr to select the queue number

From: Liping Zhang Currently, the user can specify the queue numbers by _QUEUE_NUM and _QUEUE_TOTAL attributes, this is enough in most situations. But acctually, it is not very flexible, for example: tcp dport 80 mapped to queue0 tcp dport 81 mapped to queue1

[PATCH 20/53] netfilter: nf_conntrack: simplify __nf_ct_try_assign_helper() return logic

From: Pablo Neira Instead of several goto's just to return the result, simply return it. Signed-off-by: Pablo Neira Ayuso --- net/netfilter/nf_conntrack_helper.c | 15 ++- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git

[PATCH 28/53] netfilter: nf_tables: validate maximum value of u32 netlink attributes

From: Laura Garcia Liebana Fetch value and validate u32 netlink attribute. This validation is usually required when the u32 netlink attributes are being stored in a field whose size is smaller. This patch revisits 4da449ae1df9 ("netfilter: nft_exthdr: Add size check on u8

[PATCH 14/53] netfilter: nft_dynset: allow to invert match criteria

The dynset expression matches if we can fit a new entry into the set. If there is no room for it, then it breaks the rule evaluation. This patch introduces the inversion flag so you can add rules to explicitly drop packets that don't fit into the set. For example: # nft filter input flow table

[PATCH 31/53] netfilter: nf_tables: improve nft payload fast eval

From: Liping Zhang There's an off-by-one issue in nft_payload_fast_eval, skb_tail_pointer and ptr + priv->len all point to the last valid address plus 1. So if they are equal, we can still fetch the valid data. It's unnecessary to fall back to nft_payload_eval.

[PATCH 08/53] netfilter: nft_quota: fix overquota logic

Use xor to decide to break further rule evaluation or not, since the existing logic doesn't achieve the expected inversion. Signed-off-by: Pablo Neira Ayuso --- net/netfilter/nft_quota.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git

[PATCH 02/53] netfilter: gre: Use consistent GRE and PTTP header structure instead of the ones defined by netfilter

From: Gao Feng There are two existing strutures which defines the GRE and PPTP header. So use these two structures instead of the ones defined by netfilter to keep consitent with other codes. Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso

[PATCH 17/53] netfilter: introduce nft_set_pktinfo_{ipv4, ipv6}_validate()

These functions are extracted from the netdev family, they initialize the pktinfo structure and validate that the IPv4 and IPv6 headers are well-formed given that these functions are called from a path where layer 3 sanitization did not happen yet. These functions are placed in

[PATCH 19/53] netfilter: nf_tables: don't drop IPv6 packets that cannot parse transport

This is overly conservative and not flexible at all, so better let them go through and let the filtering policy decide what to do with them. We use skb_header_pointer() all over the place so we would just fail to match when trying to access fields from malformed traffic. Signed-off-by: Pablo

[PATCH 21/53] netfilter: Add the missed return value check of register_netdevice_notifier

From: Gao Feng There are some codes of netfilter module which did not check the return value of register_netdevice_notifier. Add the checks now. Signed-off-by: Gao Feng Signed-off-by: Pablo Neira Ayuso ---

[PATCH 25/53] netfilter: nft_numgen: fix race between num generate and store it

From: Liping Zhang After we generate a new number, we still use the priv->counter and store it to the dreg. This is not correct, another cpu may already change it to a new number. So we must use the generated number, not the priv->counter itself. Fixes: 91dbc6be0a62

[PATCH 15/53] netfilter: nf_tables: ensure proper initialization of nft_pktinfo fields

This patch introduces nft_set_pktinfo_unspec() that ensures proper initialization all of pktinfo fields for non-IP traffic. This is used by the bridge, netdev and arp families. This new function relies on nft_set_pktinfo_proto_unspec() to set a new tprot_set field that indicates if transport

[PATCH 10/53] netfilter: nf_ct_sip: allow tab character in SIP headers

From: Marco Angaroni Current parsing methods for SIP headers do not allow the presence of tab characters between header name and header value. As a result Call-ID SIP headers like the following are discarded by IPVS SIP persistence engine: "Call-ID\t: mycallid@abcde"

[PATCH 18/53] netfilter: nf_tables_bridge: use nft_set_pktinfo_ipv{4, 6}_validate

Consolidate pktinfo setup and validation by using the new generic functions so we converge to the netdev family codebase. We only need a linear IPv4 and IPv6 header from the reject expression, so move nft_bridge_iphdr_validate() and nft_bridge_ip6hdr_validate() to

Re: [PATCH net v2 0/2] Fix tc-ife bugs

On 16-09-25 11:55 AM, Yotam Gigi wrote: -Original Message- From: Jamal Hadi Salim [mailto:j...@mojatatu.com] Sent: Sunday, September 25, 2016 4:46 PM To: Yotam Gigi ; da...@davemloft.net; netdev@vger.kernel.org; Yotam Gigi Subject: Re: [PATCH net

[PATCH 05/53] netfilter: ftp: Remove the useless dlen==0 condition check in find_pattern

From: Gao Feng The caller function "help" has already make sure the datalen could not be zero before invoke find_pattern as a parameter by the following codes if (dataoff >= skb->len) { pr_debug("ftp: dataoff(%u) >= skblen(%u)\n", dataoff,

[PATCH 07/53] netfilter: nft_numgen: rename until attribute by modulus

From: Laura Garcia Liebana The _until_ attribute is renamed to _modulus_ as the behaviour is similar to other expresions with number limits (ex. nft_hash). Renaming is possible because there isn't a kernel release yet with these changes. Signed-off-by: Laura Garcia Liebana

[PATCH 09/53] netfilter: nft_quota: introduce nft_overquota()

This is patch renames the existing function to nft_overquota() and make it return a boolean that tells us if we have exceeded our byte quota. Just a cleanup. Signed-off-by: Pablo Neira Ayuso --- net/netfilter/nft_quota.c | 8 1 file changed, 4 insertions(+), 4

[PATCH 13/53] netfilter: nft_hash: Add hash offset value

From: Laura Garcia Liebana Add support to pass through an offset to the hash value. With this feature, the sysadmin is able to generate a hash with a given offset value. Example: meta mark set jhash ip saddr mod 2 seed 0xabcd offset 100 This option generates marks

[PATCH 26/53] netfilter: nft_hash: fix hash overflow validation

From: Laura Garcia Liebana The overflow validation in the init() function establishes that the maximum value that the hash could reach is less than U32_MAX, which is likely to be true. The fix detects the overflow when the maximum hash value is less than the offset itself.

[PATCH 12/53] netfilter: nf_conntrack: remove unused ctl_table_path member in nf_conntrack_l3proto

From: Liping Zhang After commit adf0516845bc ("netfilter: remove ip_conntrack* sysctl compat code"), ctl_table_path member in struct nf_conntrack_l3proto{} is not used anymore, remove it. Signed-off-by: Liping Zhang Signed-off-by: Pablo

[PATCH 04/53] netfilter: nf_ct_sip: correct allowed characters in Call-ID SIP header

From: Marco Angaroni Current parsing methods for SIP header Call-ID do not check correctly all characters allowed by RFC 3261. In particular "," character is allowed instead of "'" character. As a result Call-ID headers like the following are discarded by IPVS SIP

[PATCH 16/53] netfilter: nf_tables_ipv6: setup pktinfo transport field on failure to parse

Make sure the pktinfo protocol fields are initialized if this fails to parse the transport header. Signed-off-by: Pablo Neira Ayuso --- include/net/netfilter/nf_tables_ipv6.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git

Re: [PATCH] igb: mark igb_rxnfc_write_vlan_prio_filter() static

On Monday 26 September 2016, Jeff Kirsher wrote: > On Sun, 2016-09-25 at 14:05 +0800, Baoyou Xie wrote: > > We get 1 warning when building kernel with W=1: > > drivers/net/ethernet/intel/igb/igb_ethtool.c:2707:5: warning: no previous > > prototype for 'igb_rxnfc_write_vlan_prio_filter'

Re: [PATCH 3/6] isdn/hisax: add function declarations

On Sunday 25 September 2016, Baoyou Xie wrote: > > > @@ -1350,3 +1350,63 @@ static inline struct pci_dev > > *hisax_find_pci_device(unsigned int vendor, > > > } > > > > > > #endif > > > + > > > +#if CARD_TELES3 > > > +int setup_teles3(struct IsdnCard *card); > > > +#endif > > > + > > > +#if

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On 16-09-25 01:33 PM, Shmulik Ladkani wrote: On Sun, 25 Sep 2016 09:05:08 -0400 Jamal Hadi Salim wrote: On 16-09-23 11:40 AM, Shmulik Ladkani wrote: [off topic] I think this is still on topic! Sorry, wasn't too clear on that. What I meant is that _existing_ "egress

Re: pull request: bluetooth-next 2016-09-25

From: Johan Hedberg Date: Sun, 25 Sep 2016 15:42:38 +0300 > Here are a few more Bluetooth & 802.15.4 patches for the 4.9 kernel that > have popped up during the past week: > > - New USB ID for QCA_ROME Bluetooth device > - NULL pointer dereference fix for Bluetooth

[PATCH][V2] cxgb4: fix -ve error check on a signed iq

From: Colin Ian King iq is unsigned, so the error check for iq < 0 has no effect so errors can slip past this check. Fix this by making iq signed and also get_filter_steerq return a signed int so a -ve error can be returned. Signed-off-by: Colin Ian King

Re: [PATCH v2] fs/select: add vmalloc fallback for select(2)

Eric Dumazet writes: > On Thu, 2016-09-22 at 18:43 +0200, Vlastimil Babka wrote: >> The select(2) syscall performs a kmalloc(size, GFP_KERNEL) where size grows >> with the number of fds passed. We had a customer report page allocation >> failures of order-4 for this

[PATCH 11/53] netfilter: nft_queue: check the validation of queues_total and queuenum

From: Liping Zhang Although the validation of queues_total and queuenum is checked in nft utility, but user can add nft rules via nfnetlink, so it is necessary to check the validation at the nft_queue expr init routine too. Tested by run ./nft-test.py any/queue.t:

Re: [PATCH net v2 0/2] Fix tc-ife bugs

On 16-09-25 07:17 PM, Jamal Hadi Salim wrote: [..] Do you prefer that I will fix the encode side to encode the whole tlv header size instead of fixing the decode side? Yes please - Add NLA_HDRLEN to the dlen on the encode you showed above. And the correct commit it fixes is:

About 1000Mbps capability for the GMAC of RK3288

I have confirmed the 1000Mbps won't work with kernel 4.4, I have to disable it in dts. The TRM shows that it may not support 1000Mbps, as the gmac_speed in GRF_SOC_CON1 is just a bit length flag. Also I have test the performance at the firefly plus with upstream kernel, it even looks bad at

Re: [PATCH net] ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route

From: Nikolay Aleksandrov Date: Sun, 25 Sep 2016 23:08:31 +0200 > Since the commit below the ipmr/ip6mr rtnl_unicast() code uses the portid > instead of the previous dst_pid which was copied from in_skb's portid. > Since the skb is new the portid is 0 at that point

Re: [PATCH][V2] cxgb4: fix -ve error check on a signed iq

From: Colin King Date: Sun, 25 Sep 2016 14:14:45 -0700 > From: Colin Ian King > > iq is unsigned, so the error check for iq < 0 has no effect so errors > can slip past this check. Fix this by making iq signed and also > get_filter_steerq

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On Sun, Sep 25, 2016 at 10:59 AM, Shmulik Ladkani wrote: > Hi, > > On Sat, 24 Sep 2016 17:07:12 -0700 Cong Wang wrote: >> One problem to use your code for us is that, the RX side of veth >> is inside containers, not visible to outside, perhaps

Re: [PATCH v5 16/16] MAINTAINERS: Update for PVRDMA driver

On Sun, Sep 25 2016 at 10:30:10AM +0300, Leon Romanovsky wrote: > On Sat, Sep 24, 2016 at 04:21:40PM -0700, Adit Ranadive wrote: > > Add maintainer info for the PVRDMA driver. > > > > Reviewed-by: Jorgen Hansen > > Reviewed-by: George Zhang > >

Re: [PATCH v5 16/16] MAINTAINERS: Update for PVRDMA driver

On Sun, Sep 25, 2016 at 10:22:02PM -0700, Adit Ranadive wrote: > On Sun, Sep 25 2016 at 10:30:10AM +0300, Leon Romanovsky wrote: > > On Sat, Sep 24, 2016 at 04:21:40PM -0700, Adit Ranadive wrote: > > > Add maintainer info for the PVRDMA driver. > > > > > > Reviewed-by: Jorgen Hansen

Re: [PATCH v5 00/16] Add Paravirtual RDMA Driver

On Sun, Sep 25, 2016 at 10:25:12PM -0700, Adit Ranadive wrote: > On Sun, Sep 25 2016 at 10:03:52AM +0300, Leon Romanovsky wrote: > > On Sat, Sep 24, 2016 at 04:21:24PM -0700, Adit Ranadive wrote: > > > > <...> > > > > > include/uapi/rdma/pvrdma-abi.h | 99 ++ > > >

Re: [PATCH v5 02/16] IB/pvrdma: Add user-level shared functions

On Sun, Sep 25 2016 at 10:26:24AM +0300, Leon Romanovsky wrote: > > On Sat, Sep 24, 2016 at 04:21:26PM -0700, Adit Ranadive wrote: > > We share some common structures with the user-level driver. This patch adds > > those structures and shared functions to traverse the QP/CQ rings. <...> > > + >

Re: [PATCH v5 13/16] IB/pvrdma: Add the main driver module for PVRDMA

On sun, Sep 25 2016 at 10:57:03AM +0300, Leon Romanovsky wrote: > On Sat, Sep 24, 2016 at 04:21:37PM -0700, Adit Ranadive wrote: > > This patch adds the support to register a RDMA device with the kernel RDMA > > stack as well as a kernel module. This also initializes the underlying > > virtual PCI

Re: [PATCH net-next 4/4] net/sched: act_mirred: Implement ingress actions

On Sun, Sep 25, 2016 at 6:39 AM, Jamal Hadi Salim wrote: > On 16-09-24 08:07 PM, Cong Wang wrote: >> >> On Thu, Sep 22, 2016 at 10:11 PM, Shmulik Ladkani > > >> >> One problem to use your code for us is that, the RX side of veth >> is inside containers, not visible to outside,

[PATCH] igb: mark igb_rxnfc_write_vlan_prio_filter() static

We get 1 warning when building kernel with W=1: drivers/net/ethernet/intel/igb/igb_ethtool.c:2707:5: warning: no previous prototype for 'igb_rxnfc_write_vlan_prio_filter' [-Wmissing-prototypes] In fact, this function is only used in the file in which it is declared and don't need a declaration,

[net-next 08/15] i40e: Increase minimum number of allocated VSI

From: Akeem Abodunrin This patch increases minimum number of allocated VSIs, so as to resolve failure adding VSI for VF when 64-VFs assigned to a PF. The driver supports up to 128 VFs per device, users can decide to enable up to 64-VFs on a single PF, especially 2 X

Re: [net-next 5/5] PCI: disable FLR for 82579 device

On 9/24/2016 12:05 AM, Jeff Kirsher wrote: On Fri, 2016-09-23 at 09:01 -0500, Bjorn Helgaas wrote: On Thu, Sep 22, 2016 at 11:39:01PM -0700, Jeff Kirsher wrote: From: Sasha Neftin 82579 has a problem reattaching itself after the device is detached. The bug was

Re: [PATCH] ipv6 addrconf: implement RFC7559 router solicitation backoff

Please do not do this. When you need to repsin a patch in a patch series to fix or otherwise resolve something, you must make a fresh resubmission of the entire patch series. You also must properly mark the resubmission with a proper indication that this is a new version of the patch series by

[PATCH v2 5/7] ipv6 addrconf: implement RFC7559 router solicitation backoff

From: Maciej Żenczykowski This implements: https://tools.ietf.org/html/rfc7559 Backoff is performed according to RFC3315 section 14: https://tools.ietf.org/html/rfc3315#section-14 Signed-off-by: Maciej Żenczykowski --- include/net/if_inet6.h | 1 +

[PATCH v2 4/7] ipv6 addrconf: add new sysctl 'router_solicitation_max_interval'

From: Maciej Żenczykowski Accessible via: /proc/sys/net/ipv6/conf/*/router_solicitation_max_interval For now we default it to the same value as the normal interval. Signed-off-by: Maciej Żenczykowski --- include/linux/ipv6.h | 1 +

[PATCH v2 3/7] ipv6 addrconf: rtr_solicits == -1 means unlimited

From: Maciej Żenczykowski This allows setting /proc/sys/net/ipv6/conf/*/router_solicitations to -1 meaning an unlimited number of retransmits. Signed-off-by: Maciej Żenczykowski --- net/ipv6/addrconf.c | 10 ++ 1 file changed, 6 insertions(+), 4

  1   2   3   >