[PATCH net-next v1 0/5] tipc: netlink updates for neighbour monitor

This series contains the updates to configure and read the attributes for neighbour monitor. Parthasarathy Bhuvaragan (5): tipc: introduce constants for tipc address validation tipc: make cluster size threshold for monitoring configurable tipc: get monitor threshold for the cluster tipc: a

[PATCH net-next v1 1/5] tipc: introduce constants for tipc address validation

In this commit, we introduce defines for tipc address size, offset and mask specification for Zone.Cluster.Node. There is no functional change in this commit. Signed-off-by: Parthasarathy Bhuvaragan Reviewed-by: Jon Maloy --- include/uapi/linux/tipc.h | 30 ++ net/ti

[PATCH net-next v1 4/5] tipc: add a function to get the bearer name

Introduce a new function to get the bearer name from its id. This is used in subsequent commit. Signed-off-by: Parthasarathy Bhuvaragan Reviewed-by: Jon Maloy --- net/tipc/bearer.c | 21 + net/tipc/bearer.h | 1 + 2 files changed, 22 insertions(+) diff --git a/net/tipc/bea

[PATCH net-next v1 5/5] tipc: dump monitor attributes

In this commit, we dump the monitor attributes when queried. The link monitor attributes are separated into two kinds: 1. general attributes per bearer 2. specific attributes per node/peer This style resembles the socket attributes and the nametable publications per socket. Signed-off-by: Parthasa

[PATCH net-next v1 3/5] tipc: get monitor threshold for the cluster

In this commit, we add support to fetch the configured cluster monitoring threshold. Signed-off-by: Parthasarathy Bhuvaragan Reviewed-by: Jon Maloy --- include/uapi/linux/tipc_netlink.h | 1 + net/tipc/monitor.c| 7 ++ net/tipc/monitor.h| 2 ++ net/tipc/ne

[PATCH net-next v1 2/5] tipc: make cluster size threshold for monitoring configurable

In this commit, we introduce support to configure the minimum threshold to activate the new link monitoring algorithm. Signed-off-by: Parthasarathy Bhuvaragan Reviewed-by: Jon Maloy --- include/uapi/linux/tipc_netlink.h | 11 +++ net/tipc/monitor.c| 12 net/

Re: iproute2 mpls max labels

On 7/21/16, 1:00 PM, Eric W. Biederman wrote: > Roopa Prabhu writes: > >> On 7/16/16, 11:24 AM, Magnus Bergroth wrote: >>> Wanted to use more than the default maximum of 8 mpls labels. Max labels >>> seems to be hardcode to 8 in two places. >>> >>> --- iproute2-4.6.0/lib/utils.c2016-05-18 20:5

Re: [PATCH net] packet: propagate sock_cmsg_send() error

From: Soheil Hassas Yeganeh Date: Wed, 20 Jul 2016 18:01:18 -0400 > From: Soheil Hassas Yeganeh > > sock_cmsg_send() can return different error codes and not only > -EINVAL, and we should properly propagate them. > > Fixes: c14ac9451c34 ("sock: enable timestamping using control messages") > Si

Re: [PATCH v3 3/3] mac80211: mesh: fixed HT ies in beacon template

On 2016年07月14日 05:07, Yaniv Machani wrote: + + /* if channel width is 20MHz - configure HT capab accordingly*/ + if (sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20) { + cap &= ~IEEE80211_HT_CAP_SUP_WIDTH_20_40; + cap &= ~IEEE80211_HT_CAP_DSSSCCK

Re: [PATCH 1/1] lvs: Use IS_ERR_OR_NULL(svc) instead of IS_ERR(svc) || svc == NULL

Hello, On Fri, 22 Jul 2016, f...@ikuai8.com.aqb.so wrote: > From: Gao Feng > > This minor refactoring does not change the logic of function > ip_vs_genl_dump_dests. > > Signed-off-by: Gao Feng Looks good to me, Acked-by: Julian Anastasov If there is a next version

[PATCH 1/1] netfilter: h323: Use mod_timer instead of set_expect_timeout

From: Gao Feng It could simplify the codes without any side effect. The set_expect_timeout is used to modify the timer expired time. It tries to delete timer, and add it again. So we could use mod_timer directly. Signed-off-by: Gao Feng --- v1: Intial Patch net/netfilter/nf_conntrack_h323_ma

Re: [PATCH net-next 0/2] macsec: enable s/w offloads

From: Paolo Abeni Date: Wed, 20 Jul 2016 18:11:30 +0200 > This patches leverage gro_cells infrastructure to enable both GRO and RPS > on macsec devices. > > Paolo Abeni (2): > gro_cells: gro_cells_receive now return error code > macsec: enable GRO and RPS on macsec devices Series applied, t

Re: [PATCH 2/3] staging/rtl8192e: use s8 instead of char

Hi On 2016-07-20, Arnd Bergmann wrote: > On Wednesday, July 20, 2016 11:33:43 AM CEST Jes Sorensen wrote: > > Arnd Bergmann writes: > > > On Wednesday, July 20, 2016 7:25:19 AM CEST Jes Sorensen wrote: > > >> Arnd Bergmann writes: [...] > Yes, I was just agreeing here that it's not worth doi

Re: [PATCH v4 1/2] bpf: Add bpf_probe_write BPF helper to be called in tracers (kprobes)

On Thu, Jul 21, 2016 at 06:09:17PM -0700, Sargun Dhillon wrote: > This allows user memory to be written to during the course of a kprobe. > It shouldn't be used to implement any kind of security mechanism > because of TOC-TOU attacks, but rather to debug, divert, and > manipulate execution of semi-

[PATCH v4 1/2] bpf: Add bpf_probe_write BPF helper to be called in tracers (kprobes)

This allows user memory to be written to during the course of a kprobe. It shouldn't be used to implement any kind of security mechanism because of TOC-TOU attacks, but rather to debug, divert, and manipulate execution of semi-cooperative processes. Although it uses probe_kernel_write, we limit th

[PATCH v4 2/2] samples/bpf: Add example of using bpf_probe_write in bpf kprobes

This example shows using a kprobe to act as a dnat mechanism to divert traffic for arbitrary endpoints. It rewrite the arguments to a syscall while they're still in userspace, and before the syscall has a chance to copy the argument into kernel space. Signed-off-by: Sargun Dhillon Cc: Alexei Star

[PATCH v4 0/2] bpf: add bpf_probe_write helper & example

This patch series contains two patches that add support for a probe_write helper to BPF programs. This allows them to manipulate user memory during the course of tracing. The second patch in the series has an example that uses it, in one the intended ways to divert execution. Thanks to Alexei Star

Re: [PATCH net-next] net/ncsi: avoid maybe-uninitialized warning

On Thu, Jul 21, 2016 at 09:28:34PM +0200, Arnd Bergmann wrote: >gcc-4.9 and higher warn about the newly added NSCI code: > >net/ncsi/ncsi-manage.c: In function 'ncsi_process_next_channel': >net/ncsi/ncsi-manage.c:1003:2: error: 'old_state' may be used uninitialized in >this function [-Werror=maybe

[PATCH 1/1] lvs: Use IS_ERR_OR_NULL(svc) instead of IS_ERR(svc) || svc == NULL

From: Gao Feng This minor refactoring does not change the logic of function ip_vs_genl_dump_dests. Signed-off-by: Gao Feng --- v1: Initial patch net/netfilter/ipvs/ip_vs_ctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/i

Re: [PATCH net-next v2] net/faraday: Disallow using reversed MAC address from hardware

On Thu, Jul 21, 2016 at 04:01:09PM +0200, Andrew Lunn wrote: >On Thu, Jul 21, 2016 at 11:42:54AM +1000, Gavin Shan wrote: >> The initial MAC address is retrieved from hardware if it's not >> provided by device-tree. The reserved MAC address from hardware >> will be used if non-reserved MAC address

[PATCH net-next] bpf, events: fix offset in skb copy handler

This patch fixes the __output_custom() routine we currently use with bpf_skb_copy(). I missed that when len is larger than the size of the current handle, we can issue multiple invocations of copy_func, and __output_custom() advances destination but also source buffer by the written amount of bytes

Re: Network hang after c3f1010b30f7fc611139cfb702a8685741aa6827 with CIPSO & Smack

On 7/20/2016 1:13 PM, Paul Moore wrote: > On Tue, Jul 19, 2016 at 7:37 PM, Casey Schaufler > wrote: >> Digging into this further I have determined that the >> circumstances leading to this issue are somewhat complex. >> The good news is that there seems to be a very limited >> circumstances under

Re: [PATCH v6 11/12] Documentation: dtb: xgene: Add MDIO node

Hi Rob, On Thu, Jul 21, 2016 at 3:01 PM, Rob Herring wrote: > On Wed, Jul 20, 2016 at 11:59:29PM -0700, Iyappan Subramanian wrote: >> Signed-off-by: Iyappan Subramanian >> Tested-by: Fushen Chen >> Tested-by: Toan Le >> --- >> .../devicetree/bindings/net/apm-xgene-mdio.txt | 37 >> ++

Re: [PATCH v6 11/12] Documentation: dtb: xgene: Add MDIO node

On Wed, Jul 20, 2016 at 11:59:29PM -0700, Iyappan Subramanian wrote: > Signed-off-by: Iyappan Subramanian > Tested-by: Fushen Chen > Tested-by: Toan Le > --- > .../devicetree/bindings/net/apm-xgene-mdio.txt | 37 > ++ > 1 file changed, 37 insertions(+) > create mode 10

Re: [PATCH v6 06/12] drivers: net: xgene: Add backward compatibility

Hi, [auto build test WARNING on net-next/master] [also build test WARNING on next-20160721] [cannot apply to v4.7-rc7] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Iyappan-Subramanian/drivers

Re: PROBLEM: MTU of ipsec tunnel drops continuously until traffic stops

On 07/21/2016 09:13 PM, Steffen Klassert wrote: > Hi Matt, > > I've did some vti tests the last days, but I was unable to > reproduce it. > > On Tue, Jul 19, 2016 at 05:49:06AM +, Matt Bennett wrote: >> On 07/05/2016 03:55 PM, Matt Bennett wrote: >>> On 07/04/2016 11:12 PM, Steffen Klassert wro

Re: [net-next PATCH 1/3] net: phy: dp83867: Add documentation for optional impedance control

On Thu, Jul 21, 2016 at 11:52:36AM +0530, Sekhar Nori wrote: > Nishanth, > > On Wednesday 20 July 2016 09:03 PM, Nishanth Menon wrote: > > On 07/20/2016 09:56 AM, Mugunthan V N wrote: > >> Add documention of ti,impedance-control which can be used to > >> correct MAC impedance mismatch using phy ex

Re: [Patch net-next 1/2] net_sched: move tc_action into tcf_common

On Thu, Jul 21, 2016 at 11:35 AM, kbuild test robot wrote: > All warnings (new ones prefixed by >>): > >In file included from include/net/act_api.h:8:0, > from net/sched/act_police.c:22: >net/sched/act_police.c: In function 'tcf_act_police_init': >>> include/net/sch_gen

Re: iproute2 mpls max labels

> Eric W. Biederman > 21 juli 2016 22:00 > Roopa Prabhu writes: > >> On 7/16/16, 11:24 AM, Magnus Bergroth wrote: >>> Wanted to use more than the default maximum of 8 mpls labels. Max labels >>> seems to be hardcode to 8 in two places. >>> >>> --- iproute2-4.6.0/li

The global market so much, You'll only other foreign customers to your door, do not open up new ways to do?

我们是继平台展会之后第三种主流的外贸客户开发模式， 可以让您快速的掌握到全球范围内的不同类型的目标客户，主动把产品推广到客户的手中，增加更多的询盘机会， 请加+QQ // 3246075707 联系 在线演示主动开发全球客户，欢迎验证是否真实有效 也可加微信号：sunsesoftsam 如有不需要此信息，请回复“不需要”，我们将会将您的邮箱进行屏蔽，不再给您发信的。 祝：生意兴隆！

Re: iproute2 mpls max labels

Roopa Prabhu writes: > On 7/16/16, 11:24 AM, Magnus Bergroth wrote: >> Wanted to use more than the default maximum of 8 mpls labels. Max labels >> seems to be hardcode to 8 in two places. >> >> --- iproute2-4.6.0/lib/utils.c2016-05-18 20:56:02.0 +0200 >> +++ iproute2-4.6.0-bergroth/li

~~

On Thu, 2016-07-21 at 13:51 +0300, Sergei Shtylyov wrote: > Hello. > > On 7/21/2016 1:23 AM, Jeff Kirsher wrote: > > > From: Jacob Keller > > > > Sometimes, a VF driver will lose PCIe address access, such as due > > to > > a PF FLR event. In fm10k_detach_subtask, poll and check whether the > >

Re: [PATCH] net: ipv6: Always leave subnet anycast group on link down

On 7/21/16 7:44 AM, Mike Manning wrote: Default kernel behavior is to delete IPv6 addresses on link down, which entails deletion of the address-derived subnet-router anycast address. The latter does not happen with sysctl setting to keep global IPv6 addrs on link down, so every link down/up caus

Re: iproute2 mpls max labels

> Roopa Prabhu > 21 juli 2016 20:53 > I did not realize it is hardcoded to 8 in iproute2. Because kernel has > a hard coded limit of > 2. > I think we need to fix it in a few places: > a) we should move the kernel #define to a uapi header file which > iproute2 c

[PATCH net-next] net/ncsi: avoid maybe-uninitialized warning

gcc-4.9 and higher warn about the newly added NSCI code: net/ncsi/ncsi-manage.c: In function 'ncsi_process_next_channel': net/ncsi/ncsi-manage.c:1003:2: error: 'old_state' may be used uninitialized in this function [-Werror=maybe-uninitialized] The warning is a false positive and therefore harml

[PATCH 2/3] stmmac: change dma descriptors to __le32

The stmmac driver does not take into account the processor may be big endian when writing the DMA descriptors. This causes the ethernet interface not to be initialised correctly when running a big-endian kernel. Change the descriptors for DMA to use __le32 and ensure they are suitably swapped befor

Re: iproute2 mpls max labels

On 7/16/16, 11:24 AM, Magnus Bergroth wrote: > Wanted to use more than the default maximum of 8 mpls labels. Max labels > seems to be hardcode to 8 in two places. > > --- iproute2-4.6.0/lib/utils.c2016-05-18 20:56:02.0 +0200 > +++ iproute2-4.6.0-bergroth/lib/utils.c2016-07-16 20:12:

Re: [Patch net-next 1/2] net_sched: move tc_action into tcf_common

Hi, [auto build test WARNING on net-next/master] url: https://github.com/0day-ci/linux/commits/Cong-Wang/net_sched-refactor-tc-action-structures/20160722-010949 config: sh-titan_defconfig (attached as .config) compiler: sh4-linux-gnu-gcc (Debian 5.4.0-6) 5.4.0 20160609 reproduce: wget

Re: [PATCH] net: bridge: br_set_ageing_time takes a clock_t

On Thu, Jul 21, 2016 at 11:18 AM, Vivien Didelot wrote: > Hi Cong, > > Cong Wang writes: > >> On Thu, Jul 21, 2016 at 9:42 AM, Vivien Didelot >> wrote: >>> Change the ageing_time type in br_set_ageing_time() from u32 to what it >>> is expected to be, i.e. a clock_t. >> >> You also need to change

Re: [PATCH] net: bridge: br_set_ageing_time takes a clock_t

Hi Cong, Cong Wang writes: > On Thu, Jul 21, 2016 at 9:42 AM, Vivien Didelot > wrote: >> Change the ageing_time type in br_set_ageing_time() from u32 to what it >> is expected to be, i.e. a clock_t. > > You also need to change struct switchdev_attr: > > struct switchdev_attr { > struct

[PATCH] net: neigh: disallow state transition DELAY->STALE in neigh_update()

If neigh entry was CONNECTED and address is not changed, and if new state is STALE, entry state will not change. Because DELAY is not in CONNECTED, it's possible to change state from DELAY to STALE. That is bad. Consider a host in IPv4 nerwork, a neigh entry in STALE state is referenced to send pa

Re: [PATCH v5 10/11] Documentation: dtb: xgene: Add MDIO node

On Wed, Jul 13, 2016 at 6:10 AM, Rob Herring wrote: > On Thu, Jul 07, 2016 at 04:02:58PM -0700, Iyappan Subramanian wrote: >> Signed-off-by: Iyappan Subramanian >> Tested-by: Fushen Chen >> Tested-by: Toan Le >> Tested-by: Matthias Brugger >> --- >> .../devicetree/bindings/net/apm-xgene-mdio.

Re: [PATCH net V2] net/mlx5e: Fix del vxlan port command buffer memset

On Thu, Jul 21, 2016 at 11:08:06AM +0300, Saeed Mahameed wrote: > On Thu, Jul 21, 2016 at 3:53 AM, Alexei Starovoitov > wrote: > > On Thu, Jul 21, 2016 at 12:39:53AM +0300, Saeed Mahameed wrote: > >> memset the command buffers rather than the pointers to them. > > > > that is still wrong commit lo

RE: [PATCH V2] Add flow control to the portmapper

> > On Wed, Jul 20, 2016 at 09:47:50PM -0500, Shiraz Saleem wrote: > > On Tue, Jul 19, 2016 at 08:32:53PM +0300, Leon Romanovsky wrote: > > > On Tue, Jul 19, 2016 at 09:50:24AM -0500, Shiraz Saleem wrote: > > > > On Tue, Jul 19, 2016 at 08:40:06AM +0300, Leon Romanovsky wrote: > > > > > > > > > >

[net-next v3 6/6] cxgb3i,cxgb4i: fix symbol not declared sparse warning

Fix following sparse warnings warning: symbol 'cxgb3i_ofld_init' was not declared. Should it be static? warning: symbol 'cxgb4i_cplhandlers' was not declared. Should it be static? warning: symbol 'cxgb4i_ofld_init' was not declared. Should it be static? Signed-off-by: Varun Prakash Reviewed-by: S

[net-next v3 3/6] cxgb4i,libcxgbi: add iSCSI DDP support

Add iSCSI DDP support in cxgb4i driver using common iSCSI DDP Page Pod Manager. Signed-off-by: Varun Prakash --- drivers/scsi/cxgbi/Makefile| 2 + drivers/scsi/cxgbi/cxgb3i/Kbuild | 1 + drivers/scsi/cxgbi/cxgb3i/Kconfig | 1 + drivers/scsi/cxgbi/cxgb4i/Kbuild | 1 + drivers

[net-next v3 5/6] libcxgb: export ppm release and tagmask set api

Export cxgbi_ppm_release() to release ppod manager and cxgbi_tagmask_set() to set tag mask, they are used by cxgb3i, cxgb4i and cxgbit. Signed-off-by: Varun Prakash Reviewed-by: Steve Wise --- drivers/net/ethernet/chelsio/libcxgb/libcxgb_ppm.c | 2 ++ drivers/scsi/cxgbi/cxgb3i/cxgb3i.c

[net-next v3 4/6] cxgb3i: add iSCSI DDP support

Add iSCSI DDP support in cxgb3i driver using common iSCSI DDP Page Pod Manager. Signed-off-by: Varun Prakash Reviewed-by: Steve Wise --- drivers/scsi/cxgbi/cxgb3i/cxgb3i.c | 119 - 1 file changed, 118 insertions(+), 1 deletion(-) diff --git a/drivers/scsi/cx

[net-next v3 2/6] cxgb3i,cxgb4i,libcxgbi: remove iSCSI DDP support

Remove old ddp code from cxgb3i,cxgb4i,libcxgbi. Next two commits adds DDP support using common iSCSI DDP Page Pod Manager. Signed-off-by: Varun Prakash --- drivers/scsi/cxgbi/cxgb3i/cxgb3i.c | 128 drivers/scsi/cxgbi/cxgb4i/cxgb4i.c | 142 - drivers/scsi/cxgbi/libcxgbi.c

[net-next v3 0/6] common library for Chelsio drivers.

Hi, This patch series adds common library module(libcxgb.ko) for Chelsio drivers to remove duplicate code. This series moves common iSCSI DDP Page Pod manager code from cxgb4.ko to libcxgb.ko, earlier this code was used by only cxgbit.ko now it is used by three Chelsio iSCSI drivers cxgb3i,

Re: [PATCH V2] Add flow control to the portmapper

On Wed, Jul 20, 2016 at 09:47:50PM -0500, Shiraz Saleem wrote: > On Tue, Jul 19, 2016 at 08:32:53PM +0300, Leon Romanovsky wrote: > > On Tue, Jul 19, 2016 at 09:50:24AM -0500, Shiraz Saleem wrote: > > > On Tue, Jul 19, 2016 at 08:40:06AM +0300, Leon Romanovsky wrote: > > > > > > > > You are the on

[net-next v3 1/6] libcxgb: add library module for Chelsio drivers

Add common library module(libcxgb.ko) for Chelsio drivers to remove duplicate code. Code for iSCSI DDP Page Pod Manager is moved from cxgb4.ko to libcxgb.ko. Earlier only cxgbit.ko was using this code, now cxgb3i and cxgb4i will also use common Page Pod manager code. In future this module will ha

[PATCH v2 07/10] ipcns: Add a limit on the number of ipc namespaces

Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 1 + ipc/namespace.c| 42 +++--- kernel/user_namespace.c| 1 + 3 files changed, 33 insertions(+), 11 deletions(-) diff --git a/include/linux/user_namespace.h b/in

Re: [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct

On Thu, Jul 21, 2016 at 06:45:53PM +0200, Pablo Neira Ayuso wrote: > > diff --git a/net/netfilter/nf_conntrack_core.c > > b/net/netfilter/nf_conntrack_core.c > > index 153e33f..634d592 100644 > > --- a/net/netfilter/nf_conntrack_core.c > > +++ b/net/netfilter/nf_conntrack_core.c > > @@ -1108,10 +1

Re: [PATCH] net: bridge: br_set_ageing_time takes a clock_t

On Thu, Jul 21, 2016 at 9:42 AM, Vivien Didelot wrote: > Change the ageing_time type in br_set_ageing_time() from u32 to what it > is expected to be, i.e. a clock_t. You also need to change struct switchdev_attr: struct switchdev_attr { struct net_device *orig_dev; enum switchdev

[PATCH v2 09/10] netns: Add a limit on the number of net namespaces

Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 1 + kernel/user_namespace.c| 1 + net/core/net_namespace.c | 15 +++ 3 files changed, 17 insertions(+) diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h index 1a3a9cb93

[PATCH v2 03/10] userns: Add a limit on the number of user namespaces

Export the export the maximum number of user namespaces as /proc/sys/userns/max_user_namespaces. Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 2 ++ kernel/fork.c | 2 ++ kernel/user_namespace.c| 69 +-

[PATCH v2 08/10] cgroupns: Add a limit on the number of cgroup namespaces

Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 1 + kernel/cgroup.c| 15 +++ kernel/user_namespace.c| 1 + 3 files changed, 17 insertions(+) diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h index 367cf08ff

Re: [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct

This patch title is too long, no more than 80 chars. On Thu, Jul 21, 2016 at 10:09:19PM +0800, f...@ikuai8.com wrote: > From: Gao Feng Please, include a description here. > Signed-off-by: Gao Feng More comments below. > --- > v1: Initial Version > > net/netfilter/ipvs/ip_vs_ctl.c| 2 +-

[PATCH v2 05/10] pidns: Add a limit on the number of pid namespaces

Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 1 + kernel/pid_namespace.c | 22 ++ kernel/user_namespace.c| 1 + 3 files changed, 20 insertions(+), 4 deletions(-) diff --git a/include/linux/user_namespace.h b/include/linux/user_name

[PATCH v2 06/10] utsns: Add a limit on the number of uts namespaces

Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 1 + kernel/user_namespace.c| 1 + kernel/utsname.c | 31 ++- 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/include/linux/user_namespace.h b/include/linux/

[PATCH v2 10/10] mntns: Add a limit on the number of mount namespaces.

Signed-off-by: "Eric W. Biederman" --- fs/namespace.c | 19 ++- include/linux/user_namespace.h | 1 + kernel/user_namespace.c| 1 + 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/fs/namespace.c b/fs/namespace.c index aabe8e397fc3..3942ae6c

[PATCH v2 02/10] userns: Add per user namespace sysctls.

Limit per userns sysctls to only be opened for write by a holder of CAP_SYS_RESOURCE. Add all of the necessary boilerplate for having per user namespace sysctls. Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 4 ++ kernel/user_namespace.c| 96 ++

[PATCH v2 04/10] userns: Generalize the user namespace count into ucount

The same kind of recursive sane default limit and policy countrol that has been implemented for the user namespace is desirable for the other namespaces, so generalize the user namespace refernce count into a ucount. Signed-off-by: "Eric W. Biederman" --- include/linux/user_namespace.h | 32

[PATCH v2 01/10] sysctl: Stop implicitly passing current into sysctl_table_root.lookup

Passing nsproxy into sysctl_table_root.lookup was a premature optimization in attempt to avoid depending on current. The directory /proc/self/sys has not appeared and if and when it does this code will need to be reviewed closely and reworked anyway. So remove the premature optimization. Acked-b

[PATCH v2 00/10] userns: sysctl limits for namespaces

This patchset addresses two use cases: - Implement a sane upper bound on the number of namespaces. - Provide a way for sandboxes to limit the attack surface from namespaces. The maximum sane case I can imagine is if every process is a fat process, so I set the maximum number of namespaces to th

The global market is so big, but you are waiting for the light B2B inquiry and exhibitors, it is better to take the initiative to develop a global audience! ! ! Advisory QQ: 3246075707

外贸朋友们: 您对于手上外贸资源满意吗？ 我们发现目前很多外贸企业遇到以下难题： 平台难做？客户有效询盘减少？展会成本太高？客户范围太窄？ 我们能为您做到轻松开发客户，订单不断，开发出属于自己的客户群。 我们能为您的企业制定一套专业的客户开发解决方案服务，承诺百分百出效果，无效全额退款。 我们产品的功能及其优势： 1、利用搜索引擎主动开发全球目标客户。 2、短时间内就能收到大量询盘和订单。 3、主动地找到你的目标客户群体。 4、主动将您的产品邮件群发推广给客户。 5、避免外贸淡季，避免询盘多，成交少，外贸开发投资高，B2B询盘质量不高的困局。 6、外贸客户开发不再难，不

Re: [Patch net-next 1/2] net_sched: move tc_action into tcf_common

On Thu, Jul 21, 2016 at 12:38 AM, Jamal Hadi Salim wrote: > It is an involved change (and i was fond of the container_of() > trickery;)). > > Looking at this patch I cant grok some parts - maybe i need to apply it > when i am not in a hurry to see clearly. > Mostly this around things like: > --- >

Re: [PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct

This patch title is too long, no more than 80 chars please, when it goes over that boundary it becomes a description ;) More comments below. On Thu, Jul 21, 2016 at 10:09:19PM +0800, f...@ikuai8.com wrote: > From: Gao Feng > > Signed-off-by: Gao Feng > --- > v1: Initial Version > > net/netf

[PATCH] net: bridge: fix br_stp_enable_bridge comment

br_stp_enable_bridge() does take the br->lock spinlock. Fix its wrongly pasted comment and use the same as br_stp_disable_bridge(). Signed-off-by: Vivien Didelot --- net/bridge/br_stp_if.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/bridge/br_stp_if.c b/net/bridge/br_

[PATCH] net: bridge: br_set_ageing_time takes a clock_t

Change the ageing_time type in br_set_ageing_time() from u32 to what it is expected to be, i.e. a clock_t. Signed-off-by: Vivien Didelot --- net/bridge/br_private.h | 2 +- net/bridge/br_stp.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/net/bridge/br_private.h b/ne

Re: [PATCH net-next 2/2] net/mlx5e: Query minimum required header copy during xmit

On Thu, Jul 21, 2016 at 11:22:32AM +0300, Saeed Mahameed wrote: > On Thu, Jul 21, 2016 at 8:15 AM, Alexei Starovoitov > wrote: > > On Thu, Jul 21, 2016 at 01:20:02AM +0300, Saeed Mahameed wrote: > >> From: Hadar Hen Zion > >> > >> Add support for query the minimum inline mode from the Firmware. >

Re: [PATCH net-next 2/2] net/mlx5e: Query minimum required header copy during xmit

On Thu, Jul 21, 2016 at 7:15 PM, David Miller wrote: > From: Saeed Mahameed > Date: Thu, 21 Jul 2016 11:22:32 +0300 > >> On Thu, Jul 21, 2016 at 8:15 AM, Alexei Starovoitov >> wrote: >>> On Thu, Jul 21, 2016 at 01:20:02AM +0300, Saeed Mahameed wrote: From: Hadar Hen Zion Add supp

Re: [PATCH net-next 2/2] net/mlx5e: Query minimum required header copy during xmit

From: Saeed Mahameed Date: Thu, 21 Jul 2016 11:22:32 +0300 > On Thu, Jul 21, 2016 at 8:15 AM, Alexei Starovoitov > wrote: >> On Thu, Jul 21, 2016 at 01:20:02AM +0300, Saeed Mahameed wrote: >>> From: Hadar Hen Zion >>> >>> Add support for query the minimum inline mode from the Firmware. >>> It i

AW: IPv6 IPSec incompatibilities between 2.6.23 and 3.6.18/4.6.4

I'm tracking this down and I *think* I found it. I think it's not really an IPsec issue. Something changed between 2.6.x and 3.x regarding the handling of multicast packets. If I call "iperf -s -u -V -B ff0e::1" and those join ff0e::1, things start to work. Regards joerg > -Ursprüngliche

Re: [ovs-dev] [PATCH net-next v11 5/6] openvswitch: add layer 3 flow/port support

On Mon, 18 Jul 2016 13:50:27 +0900, Simon Horman wrote: > On Fri, Jul 15, 2016 at 02:07:37PM -0700, pravin shelar wrote: > > I think we should send L2 header with l2 header pushed on skb. This is > > what OVS expect. The skb-push should be done for all l2 packets rather > > than for particular type

Re: [PATCH net-next] net: dsa: add CONFIG_NET_DSA_LEGACY

On Thu, Jul 21, 2016 at 10:46:56AM -0400, Vivien Didelot wrote: > Florian Fainelli writes: > > > Le 20/07/2016 à 17:35, Andrew Lunn a écrit : > >> On Wed, Jul 20, 2016 at 06:26:41PM -0400, Vivien Didelot wrote: > >>> This patch simply moves the legacy DSA code from dsa.c to legacy.c, > >>> except

Re: [PATCH net-next] net: dsa: add CONFIG_NET_DSA_LEGACY

Florian Fainelli writes: > Le 20/07/2016 à 17:35, Andrew Lunn a écrit : >> On Wed, Jul 20, 2016 at 06:26:41PM -0400, Vivien Didelot wrote: >>> This patch simply moves the legacy DSA code from dsa.c to legacy.c, >>> except the few shared symbols which remain in dsa.c. >> >> I think it is a bit ea

[PATCH] cxgb4/cxgb4vf: Add link mode mask API to cxgb4 and cxgb4vf

Based on original work by Casey Leedom Signed-off-by: Ganesh Goudar --- drivers/net/ethernet/chelsio/cxgb4/cxgb4.h | 1 + drivers/net/ethernet/chelsio/cxgb4/cxgb4_ethtool.c | 375 ++--- drivers/net/ethernet/chelsio/cxgb4/t4_hw.c | 2 + drivers/net/ethernet/ch

Re: [PATCH net-next] net: dsa: add CONFIG_NET_DSA_LEGACY

Hi Andrew, Andrew Lunn writes: >> net/dsa/dsa.c| 985 >> net/dsa/legacy.c | 1013 >> ++ > > I'm surprised git did not notice this is a rename. I used -M though, even -C doesn't change

Re: WAS ( Re: [PATCH net-next 1/1] net_sched: Introduce skbmod action

On 07/21/2016 09:27 AM, Jamal Hadi Salim wrote: [...] Forgot about csum which would work with pedit - didnt quiet parse what you are saying above though: does changing MAC address require changing to CHECKSUM_NONE? If yes, then seems like i need to send a patch for act_ife as well to make in the

RE: IPv6 IPSec incompatibilities between 2.6.23 and 3.6.18/4.6.4

> Node 1: fd01:1b10:1000::1 is running 4.6.4 > 14:21:50.737092 IP6 fd01:1b10:1000::3 > ff0e::1: > ESP(spi=0x0001,seq=0x100), length 136 > 14:21:51.737155 IP6 fd01:1b10:1000::3 > ff0e::1: > ESP(spi=0x0001,seq=0x101), length 136 ... > ip -s xfrm state > src fd01:1b10:1000::1 dst ff0e::1 >

Re: [PATCH net V2] net/bonding: Enforce active-backup policy for IPoIB bonds

Saeed Mahameed wrote: >From: Mark Bloch > >When using an IPoIB bond currently only active-backup mode is a valid >use case and this commit strengthens it. > >Since commit 2ab82852a270 ("net/bonding: Enable bonding to enslave >netdevices not supporting set_mac_address()") was introduced till >4.7

Re: [PATCH net V2] net/bonding: Enforce active-backup policy for IPoIB bonds

On Thu, Jul 21, 2016 at 11:52:55AM +0300, Saeed Mahameed wrote: > From: Mark Bloch > > When using an IPoIB bond currently only active-backup mode is a valid > use case and this commit strengthens it. > > Since commit 2ab82852a270 ("net/bonding: Enable bonding to enslave > netdevices not supporti

[PATCH 1/1] netfilter: Use IS_ERR_OR_NULL instead of IS_ERR and NULl check to simplify the codes in ip_vs_genl_dump_dests and resolve_normal_ct

From: Gao Feng Signed-off-by: Gao Feng --- v1: Initial Version net/netfilter/ipvs/ip_vs_ctl.c| 2 +- net/netfilter/nf_conntrack_core.c | 6 ++ 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index c3c809b..

Re: [PATCH net-next v2] net/faraday: Disallow using reversed MAC address from hardware

On Thu, Jul 21, 2016 at 11:42:54AM +1000, Gavin Shan wrote: > The initial MAC address is retrieved from hardware if it's not > provided by device-tree. The reserved MAC address from hardware > will be used if non-reserved MAC address is invalid. It will > cause mismatched MAC address seen by hardwa

[PATCH] net: ipv6: Always leave subnet anycast group on link down

Default kernel behavior is to delete IPv6 addresses on link down, which entails deletion of the address-derived subnet-router anycast address. The latter does not happen with sysctl setting to keep global IPv6 addrs on link down, so every link down/up causes an increment of the anycast refcount, c

Re: [patch net-next 2/9] mlxsw: pci: Add max span resources to resources query

Thu, Jul 21, 2016 at 11:19:13AM IDT, j...@resnulli.us wrote: >From: Nogah Frankel > >Add max span resources to resources query. > >Signed-off-by: Nogah Frankel >Signed-off-by: Jiri Pirko Reviewed-by: Ido Schimmel

AW: IPv6 IPSec incompatibilities between 2.6.23 and 3.6.18 (and probably later)

Shanker, as you suggested I have captured the ESP packets for 2.6.23, 3.6.18 and 4.6.4. The capture took place on the sending interface. I can't see anything suspicious in any of the three captures. Regards Joerg > -Ursprüngliche Nachricht- > Von: Shanker Wang [mailto:shankerwangm...@gm

Re: IPv6 IPSec incompatibilities between 2.6.23 and 3.6.18/4.6.4

Additionally I have now built and installed Linux-4.6.4 and run the debug script. Setup is unchanged from the previous one, except that Node 1 is now running Linux-4.6.4. Node 1: fd01:1b10:1000::1 is running 4.6.4 Debug log from Node 1, Receiver running 4.6.4: ==Begin===

Re: [PATCH net-next v3 1/2] bpf: Add bpf_copy_to_user BPF helper to be called in tracers (kprobes)

On 07/21/2016 12:47 PM, Sargun Dhillon wrote: On Thu, Jul 21, 2016 at 01:00:51AM +0200, Daniel Borkmann wrote: [...] I don't really like couple of things, your ifdef CONFIG_MMU might not be needed I think, couple of these checks seem redundant, (I'm not yet sure about the task->mm != task->acti

[PATCH] iproute2: ip: add udp_csum, udp6_csum_tx, udp6_csum_rx control flags to ip l2tp add tunnel

Three options are added for the user to control whether the checksum is enabled Signed-off-by: Miao Wang --- ip/ipl2tp.c | 45 + 1 file changed, 45 insertions(+) diff --git a/ip/ipl2tp.c b/ip/ipl2tp.c index 1f84c61..9ebda13 100644 --- a/ip/ipl2tp.c ++

Re: [net-next 16/20] fm10k: check if PCIe link is restored

Hello. On 7/21/2016 1:23 AM, Jeff Kirsher wrote: From: Jacob Keller Sometimes, a VF driver will lose PCIe address access, such as due to a PF FLR event. In fm10k_detach_subtask, poll and check whether the PCIe register space is active again and restore the device when it has. Signed-off-by:

Re: [PATCH net-next v3 1/2] bpf: Add bpf_copy_to_user BPF helper to be called in tracers (kprobes)

On Thu, Jul 21, 2016 at 01:00:51AM +0200, Daniel Borkmann wrote: > On 07/20/2016 11:58 AM, Sargun Dhillon wrote: > [...] > >So, with that, what about the following: > >It includes > >-Desupporting no MMU platforms as we've deemed them incapable of being > > safe > >-Checking that we're not in a kt

[patch net-next v2 4/9] net/sched: Add match-all classifier hw offloading.

From: Yotam Gigi Following the work that have been done on offloading classifiers like u32 and flower, now the match-all classifier hw offloading is possible. if the interface supports tc offloading. To control the offloading, two tc flags have been introduced: skip_sw and skip_hw. Typical usage

[patch net-next v2 8/9] net/sched: act_mirred: Add helper inlines to access tcf_mirred info.

From: Yotam Gigi The helper function is_tcf_mirred_mirror helps finding whether an action struct is of type mirred and is configured to be of type mirror. Signed-off-by: Yotam Gigi Signed-off-by: Jiri Pirko --- include/net/tc_act/tc_mirred.h | 9 + 1 file changed, 9 insertions(+) dif

[patch net-next v2 6/9] mlxsw: reg: Add Monitoring Port Analyzer Table register

From: Yotam Gigi The MPAT register is used to query and configure the Switch Port Analyzer (SPAN) table. This register is used to configure a port as a mirror output port, while after that a mirrored input port can be bound using MPAR register. Signed-off-by: Yotam Gigi Reviewed-by: Ido Schimme

[patch net-next v2 9/9] mlxsw: spectrum: Add support in matchall mirror TC offloading

From: Yotam Gigi This patch offloads port mirroring directives to hw using the matchall TC with action mirror. It includes both the implementation of the ndo_setup_tc function for the spectrum driver and the spectrum hardware offload configuration code. The hardware offload code is basically two

[patch net-next v2 5/9] mlxsw: reg: Add Shared Buffer Internal Buffer register

From: Yotam Gigi The SBIB register configures per port buffer for internal use. This register is used to configure an egress mirror buffer on the egress port which does the mirroring. Signed-off-by: Yotam Gigi Reviewed-by: Ido Schimmel Signed-off-by: Jiri Pirko --- drivers/net/ethernet/mella

[patch net-next v2 7/9] mlxsw: reg: Add the Monitoring Port Analyzer register

From: Yotam Gigi The MPAR register is used to bind ports to a SPAN entry (which was created using MPAT register) and thus mirror their traffic (ingress / egress) to a different port. Signed-off-by: Yotam Gigi Reviewed-by: Ido Schimmel Signed-off-by: Jiri Pirko --- v1->v2: - fixed wrapping is

  1   2   >