On Thu, 2017-08-31 at 11:45 -0700, Kees Cook wrote:
> On Thu, Aug 31, 2017 at 10:19 AM, Mike Galbraith wrote:
> > On Thu, 2017-08-31 at 10:00 -0700, Kees Cook wrote:
> >>
> >> Oh! So it's gcc-version sensitive? That's alarming. Is this mapping
> >> correct:
> >>
> >> 4.8.5: WARN, eventual kernel
Dear Michael and Siva,
On Thu, 2017-08-31 at 23:36 -0700, Michael Chan wrote:
> On Thu, Aug 31, 2017 at 11:10 PM, Frans van Berckel
> wrote:
> >
> > a long list of likely the same type of error codes.
> >
>
> Please post the entire register dump.
[ 237.169194] tg3 :01:00.0 enp1s0: Link
On Thu, Aug 31, 2017 at 11:10 PM, Frans van Berckel wrote:
> Dear NetDev Team,
>
> I am new to this machine. On a marketplace website I
> bought a Dell PowerEdge sc1435. Booting a today's Fedora (or even a
> Debian) amd64 Live CD from usb, and goes all fine.
>
> [0.00] Linux version 4.11.8
This patch writes 'node->ref = 1' only if node->ref is 0.
The number of lookups/s for a ~1M entries LRU map increased by
~30% (260097 to 343313).
Other writes on 'node->ref = 0' is not changed. In those cases, the
same cache line has to be changed anyway.
First column: Size of the LRU hash
Secon
This patchset improves the lookup performance of the LRU map.
Please see individual patch for details.
Martin KaFai Lau (3):
bpf: Add lru_hash_lookup performance test
bpf: Inline LRU map lookup
bpf: Only set node->ref = 1 if it has not been set
kernel/bpf/bpf_lru_list.h| 3 +-
ker
Inline the lru map lookup to save the cost in making calls to
bpf_map_lookup_elem() and htab_lru_map_lookup_elem().
Different LRU hash size is tested. The benefit diminishes when
the cache miss starts to dominate in the bigger LRU hash.
Considering the change is simple, it is still worth to optim
Create a new case to test the LRU lookup performance.
At the beginning, the LRU map is fully loaded (i.e. the number of keys
is equal to map->max_entries). The lookup is done through key 0
to num_map_entries and then repeats from 0 again.
This patch also creates an anonymous struct to properly
Dear NetDev Team,
I am new to this machine. On a marketplace website I
bought a Dell PowerEdge sc1435. Booting a today's Fedora (or even a
Debian) amd64 Live CD from usb, and goes all fine.
[0.00] Linux version 4.11.8-300.fc26.x86_64 (mockbuild@bkernel0
2.phx2.fedoraproject.org) (gcc ve
On Thu, Aug 31, 2017 at 7:05 PM, Alexei Starovoitov
wrote:
> On Thu, Aug 31, 2017 at 01:56:34PM -0700, Chenbo Feng wrote:
>> From: Chenbo Feng
>>
>> Introduce a pointer into struct bpf_map to hold the security information
>> about the map. The actual security struct varies based on the security
>
Thanks for responding. Now responding inline
> -Original Message-
> From: Florian Fainelli [mailto:f.faine...@gmail.com]
> Sent: Friday, September 01, 2017 5:53 AM
> To: Bhadram Varka ; and...@lunn.ch
> Cc: linux-netdev
> Subject: Re: netdev carrier changes is one even after ethernet link
Thanks for responding.
-Original Message-
From: Florian Fainelli [mailto:f.faine...@gmail.com]
Sent: Friday, September 01, 2017 5:53 AM
To: Bhadram Varka ; and...@lunn.ch
Cc: linux-netdev
Subject: Re: netdev carrier changes is one even after ethernet link up.
On 08/30/2017 10:53 PM, Bha
On Thu, Aug 31, 2017 at 04:29:25PM -0700, Kees Cook wrote:
> Several timer users needlessly reset their .function/.data fields during
> their timer callback, but nothing else changes them. Some users do not
> use their .data field at all. Each instance is removed here.
>
> Cc: Krzysztof Halasa
>
From: David Ahern
Date: Thu, 31 Aug 2017 15:05:43 -0700
> Add option to set mark and priority in addition to bound device for newly
> created sockets. Also, allow the bpf programs to use the get_current_uid_gid
> helper meaning socket marks, priority and device can be set based on the
> uid/gid o
The vendor patches initialize those registers to get the
PHY working properly.
Sadly I don't have that PHY spec and whatever Broadcom PHY
code we already have don't seem to document these two shadow
registers (unless I miscalculated the address) so I'm keeping
this as "vendor magic for that board"
On 08/31/2017 05:05 PM, Andrew Lunn wrote:
> On Wed, Aug 30, 2017 at 05:18:44PM -0700, Florian Fainelli wrote:
>> This patch series is sent as reference, especially because the last patch
>> is trying not to be creating too many layer violations, but clearly there
>> are a little bit being create
On 08/31/2017 04:44 PM, Andrew Lunn wrote:
> On Wed, Aug 30, 2017 at 05:18:45PM -0700, Florian Fainelli wrote:
>> Let switch drivers indicate how many RX and TX queues they support. Some
>> switches, such as Broadcom Starfighter 2 are resigned with 8 egress
>> queues.
>
> Marvell switches also h
The TPACKET_V3 test of PACKET_TX_RING will fail with kernel version
lower than v4.11. Supported code of tx ring was add with commit id
<7f953ab2ba46: af_packet: TX_RING support for TPACKET_V3> at Jan. 3
of 2017.
So skip this item test instead of reporting failing for old kernels.
Signed-off-by: O
On 2017年09月01日 01:04, Radu Rendec wrote:
Hello,
Looking at the code in virtnet_set_link_ksettings, it seems the speed
and duplex can be set to any valid value. The driver will "remember"
them and report them back in virtnet_get_link_ksettings.
However, the supported link modes (link_modes.sup
On Thu, Aug 31, 2017 at 11:10 PM, Alexei Starovoitov
wrote:
> On Thu, Aug 31, 2017 at 11:04:41PM -0400, Willem de Bruijn wrote:
>> On Thu, Aug 31, 2017 at 10:10 PM, Alexei Starovoitov
>> wrote:
>> > On Thu, Aug 31, 2017 at 05:00:13PM -0400, Willem de Bruijn wrote:
>> >> From: Willem de Bruijn
>>
On Thu, Aug 31, 2017 at 07:22:01AM -0700, Tejun Heo wrote:
> Hello, David, Alexei.
>
> Sorry about late reply.
>
> On Sun, Aug 27, 2017 at 08:49:23AM -0600, David Ahern wrote:
> > On 8/25/17 8:49 PM, Alexei Starovoitov wrote:
> > >
> > >> +if (prog && curr_recursive && !new_recursive)
>
On 2017年08月31日 22:30, Willem de Bruijn wrote:
Incomplete results at this stage, but I do see this correlation between
flows. It occurs even while not running out of zerocopy descriptors,
which I cannot yet explain.
Running two threads in a guest, each with a udp socket, each
sending up to 100
On Thu, Aug 31, 2017 at 11:04:41PM -0400, Willem de Bruijn wrote:
> On Thu, Aug 31, 2017 at 10:10 PM, Alexei Starovoitov
> wrote:
> > On Thu, Aug 31, 2017 at 05:00:13PM -0400, Willem de Bruijn wrote:
> >> From: Willem de Bruijn
> >>
> >> Documentation for this feature was missing from the patchse
On 2017年08月30日 11:11, Willem de Bruijn wrote:
On Tue, Aug 29, 2017 at 9:45 PM, Jason Wang wrote:
On 2017年08月30日 03:35, Willem de Bruijn wrote:
On Fri, Aug 25, 2017 at 9:03 PM, Willem de Bruijn
wrote:
On Fri, Aug 25, 2017 at 7:32 PM, Michael S. Tsirkin
wrote:
On Fri, Aug 25, 2017 at 06:4
On Thu, Aug 31, 2017 at 10:10 PM, Alexei Starovoitov
wrote:
> On Thu, Aug 31, 2017 at 05:00:13PM -0400, Willem de Bruijn wrote:
>> From: Willem de Bruijn
>>
>> Documentation for this feature was missing from the patchset.
>> Copied a lot from the netdev 2.1 paper, addressing some small
>> interfa
On Thu, 2017-08-31 at 09:59 -0700, Ivan Delalande wrote:
> Report TCP MD5 (RFC2385) signing keys, addresses and address prefixes to
> processes with CAP_NET_ADMIN requesting INET_DIAG_INFO. Currently it is
> not possible to retrieve these from the kernel once they have been
> configured on sockets.
On Thu, 2017-08-31 at 09:59 -0700, Ivan Delalande wrote:
> Extend inet_diag_handler to allow individual protocols to report
> additional data on INET_DIAG_INFO through idiag_get_aux. The size
> can be dynamic and is computed by idiag_get_aux_size.
>
> Signed-off-by: Ivan Delalande
> ---
> includ
Eric Dumazet writes:
> If you had this test in bnx2x_features_check(), packet could be
> segmented by core networking stack before reaching bnx2x_start_xmit() by
> clearing NETIF_F_GSO_MASK
>
> -> No drop would be involved.
Thanks for the pointer - networking code is all a bit new to me.
I'm ju
Best Regards,
liujian
> -Original Message-
> From: Michal Kubecek [mailto:mkube...@suse.cz]
> Sent: Friday, September 01, 2017 12:24 AM
> To: Jesper Dangaard Brouer
> Cc: liujian (CE); netdev@vger.kernel.org; Florian Westphal
> Subject: Re: [RFC PATCH] net: frag limit checks need to us
On Thu, Aug 31, 2017 at 05:00:13PM -0400, Willem de Bruijn wrote:
> From: Willem de Bruijn
>
> Documentation for this feature was missing from the patchset.
> Copied a lot from the netdev 2.1 paper, addressing some small
> interface changes since then.
>
> Signed-off-by: Willem de Bruijn
...
>
On Thu, Aug 31, 2017 at 01:56:34PM -0700, Chenbo Feng wrote:
> From: Chenbo Feng
>
> Introduce a pointer into struct bpf_map to hold the security information
> about the map. The actual security struct varies based on the security
> models implemented. Place the LSM hooks before each of the unres
On Thu, Aug 31, 2017 at 03:05:49PM -0700, David Ahern wrote:
> Update cgrp2 bpf sock tests to check that device, mark and priority
> can all be set on a socket via bpf programs attached to a cgroup.
>
> Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
On Thu, Aug 31, 2017 at 03:05:50PM -0700, David Ahern wrote:
> Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
On Thu, Aug 31, 2017 at 03:05:48PM -0700, David Ahern wrote:
> Add option to dump socket settings. Will be used in the next patch
> to verify bpf programs are correctly setting mark, priority and
> device based on the cgroup attachment for the program run.
>
> Signed-off-by: David Ahern
Acked-by
On Thu, Aug 31, 2017 at 03:05:47PM -0700, David Ahern wrote:
> Add option to detach programs from a cgroup.
>
> Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
On Thu, Aug 31, 2017 at 03:05:46PM -0700, David Ahern wrote:
> Update sock test to set mark and priority on socket create.
>
> Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Signed-off-by: Vinicius Costa Gomes
---
include/linux/pkt_sched.h | 29 +
1 file changed, 29 insertions(+)
diff --git a/include/linux/pkt_sched.h b/include/linux/pkt_sched.h
index 099bf552..ba6c9a54 100644
--- a/include/linux/pkt_sched.h
+++ b/include/linux/pkt_sched.
The Credit Based Shaper (CBS) queueing discipline allows bandwidth
reservation with sub-milisecond precision. It is defined by the
802.1Q-2014 specification (section 8.6.8.2 and Annex L).
The syntax is:
tc qdisc add dev DEV parent NODE cbs locredit hicredit
sendslope idleslope
Signed-off-by:
From: Andre Guedes
Add a script that takes as input the parameters of the Credit-based
shaper used on FQTSS - link rate, max frame size of best effort
traffic, idleslope and maximum frame size of the time-sensitive
traffic class - for SR classes A and B, and calculates how the CBS
qdisc must be c
From: Jesus Sanchez-Palencia
Add two examples so one can easily test a 'TSN distributed system'
running with standard kernel interfaces. Both 'talker' and 'listener'
sides are provided, and use a AF_PACKET for Tx / Rx of frames.
Running the examples is rather simple.
For the talker, just the int
Hi,
This patchset is an RFC on a proposal of how the Traffic Control subsystem can
be used to offload the configuration of traffic shapers into network devices
that provide support for them in HW. Our goal here is to start upstreaming
support for features related to the Time-Sensitive Networking (
Export the API necessary for configuring the CBS shaper (implemented
in the next patch) via the tc tool.
Signed-off-by: Vinicius Costa Gomes
---
include/uapi/linux/pkt_sched.h | 29 +
1 file changed, 29 insertions(+)
diff --git a/include/uapi/linux/pkt_sched.h b/incl
This queueing discipline implements the shaper algorithm defined by
the 802.1Q-2014 Section 8.6.8.2 and detailed in Annex L.
It's primary usage is to apply some bandwidth reservation to user
defined traffic classes, which are mapped to different queues via the
mqprio qdisc.
Initially, it only sup
From: Andre Guedes
This patch adds support for Credit-Based Shaper (CBS) qdisc offload
from Traffic Control system. This support enable us to leverage the
Forwarding and Queuing for Time-Sensitive Streams (FQTSS) features
from Intel i210 Ethernet Controller. FQTSS is the former 802.1Qav
standard
On Thu, Aug 31, 2017 at 4:59 PM, Kees Cook wrote:
> On Thu, Aug 31, 2017 at 4:45 PM, Dmitry Torokhov
> wrote:
>> On Thu, Aug 31, 2017 at 4:29 PM, Kees Cook wrote:
>>> In several places, .data is checked for initialization to gate early
>>> calls to del_timer_sync(). Checking for .function is equ
On Thu, Aug 31, 2017 at 3:38 PM, Daniel Borkmann wrote:
> On 08/31/2017 10:56 PM, Chenbo Feng wrote:
>>
>> From: Chenbo Feng
>>
>> Introduce a pointer into struct bpf_map to hold the security information
>> about the map. The actual security struct varies based on the security
>> models implement
On 08/31/2017 04:29 PM, Kees Cook wrote:
> This standardizes the callback and data prototypes in several places that
> perform casting, in an effort to remove more open-coded .data and
> .function uses in favor of setup_timer().
>
> Cc: Samuel Ortiz
> Cc: Tyrel Datwyler
> Cc: Benjamin Herrenschm
On 08/31/2017 04:29 PM, Kees Cook wrote:
> This standardizes the callback and data prototypes in several places that
> perform casting, in an effort to remove more open-coded .data and
> .function uses in favor of setup_timer().
>
> Cc: Samuel Ortiz
> Cc: Tyrel Datwyler
> Cc: Benjamin Herrenschm
On 08/30/2017 10:53 PM, Bhadram Varka wrote:
> Hi,
>
>
>
> I have observed that carrier_changes is one even in case of the ethernet
> link is up.
>
>
>
> After investigating the code below is my observation –
>
>
>
> ethernet_driver_probe()
>
> +--->phy_connect()
>
> | +--->phy_at
On Fri, Sep 01, 2017 at 01:26:33AM +0200, Sabrina Dubroca wrote:
> 2017-08-31, 09:59:39 -0700, Ivan Delalande wrote:
> > diff --git a/net/ipv4/tcp_diag.c b/net/ipv4/tcp_diag.c
> > index a748c74aa8b7..abbf0edcf6c2 100644
> > --- a/net/ipv4/tcp_diag.c
> > +++ b/net/ipv4/tcp_diag.c
> [...]
> > +static
On Thu, 2017-08-31 at 16:48 -0700, Eric Dumazet wrote:
> Yet another atomic_t -> refcount_t conversion, split in two patches.
>
> First patch prepares the automatic conversion done in the second patch.
>
> Eric Dumazet (2):
> net: prepare (struct ubuf_info)->refcnt conversion
> net: convert (
On Wed, Aug 30, 2017 at 05:18:44PM -0700, Florian Fainelli wrote:
> This patch series is sent as reference, especially because the last patch
> is trying not to be creating too many layer violations, but clearly there
> are a little bit being created here anyways.
>
> Essentially what I am trying
On Thu, Aug 31, 2017 at 4:45 PM, Dmitry Torokhov
wrote:
> On Thu, Aug 31, 2017 at 4:29 PM, Kees Cook wrote:
>> In several places, .data is checked for initialization to gate early
>> calls to del_timer_sync(). Checking for .function is equally valid, so
>> switch to this in all callers.
>
> Not s
On Thu, Aug 31, 2017 at 7:48 PM, Eric Dumazet wrote:
> refcount_t type and corresponding API should be
> used instead of atomic_t when the variable is used as
> a reference counter. This allows to avoid accidental
> refcounter overflows that might lead to use-after-free
> situations.
>
> v2: added
On Thu, Aug 31, 2017 at 7:48 PM, Eric Dumazet wrote:
> In order to convert this atomic_t refcnt to refcount_t,
> we need to init the refcount to one to not trigger
> a 0 -> 1 transition.
>
> This also removes one atomic operation in fast path.
>
> v2: removed dead code in sock_zerocopy_put_abort()
In order to convert this atomic_t refcnt to refcount_t,
we need to init the refcount to one to not trigger
a 0 -> 1 transition.
This also removes one atomic operation in fast path.
v2: removed dead code in sock_zerocopy_put_abort()
as suggested by Willem.
Signed-off-by: Eric Dumazet
---
net/co
In preparation for changing the timer callback argument to the timer
pointer, move to a separate static data variable.
Cc: "David S. Miller"
Cc: Andrew Morton
Cc: Alexey Dobriyan
Cc: "Reshetova, Elena"
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook
---
net/atm/mpc.c | 10 +-
1 f
refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.
v2: added the change in drivers/vhost/net.c as spotted
by Willem.
Signed-of
Yet another atomic_t -> refcount_t conversion, split in two patches.
First patch prepares the automatic conversion done in the second patch.
Eric Dumazet (2):
net: prepare (struct ubuf_info)->refcnt conversion
net: convert (struct ubuf_info)->refcnt to refcount_t
drivers/vhost/net.c| 2
On Thu, Aug 31, 2017 at 4:29 PM, Kees Cook wrote:
> In several places, .data is checked for initialization to gate early
> calls to del_timer_sync(). Checking for .function is equally valid, so
> switch to this in all callers.
Not seeing the rest of patches it is unclear from the patch
descriptio
2017-08-31, 18:11:41 +0200, Stefano Brivio wrote:
> After ip_route_input() calls ip_route_input_noref(), another
> check on skb_dst() is done, but if this fails, we shouldn't
> override the return code from ip_route_input_noref(), as it
> could have been more specific (i.e. -EHOSTUNREACH).
>
> Thi
On Wed, Aug 30, 2017 at 05:18:45PM -0700, Florian Fainelli wrote:
> Let switch drivers indicate how many RX and TX queues they support. Some
> switches, such as Broadcom Starfighter 2 are resigned with 8 egress
> queues.
Marvell switches also have egress queue.
Does the SF2 have ingress queues? M
The core sk_timer initializer can provide the common .data assignment
instead of it being set separately in users.
Cc: "David S. Miller"
Cc: Ralf Baechle
Cc: Andrew Hendry
Cc: Eric Dumazet
Cc: Paolo Abeni
Cc: David Howells
Cc: Colin Ian King
Cc: Ingo Molnar
Cc: linzhang
Cc: netdev@vger.ke
This standardizes the callback and data prototypes in several places that
perform casting, in an effort to remove more open-coded .data and
.function uses in favor of setup_timer().
Cc: Samuel Ortiz
Cc: Tyrel Datwyler
Cc: Benjamin Herrenschmidt
Cc: Paul Mackerras
Cc: Michael Ellerman
Cc: "Jam
The use of del_timer_sync() will make sure a timer is not rescheduled.
As such, there is no need to add external signals to kill timers. In
preparation for switching the timer callback argument to the timer
pointer, this drops the .data argument since it doesn't serve a meaningful
purpose here.
Cc
In several places, .data is checked for initialization to gate early
calls to del_timer_sync(). Checking for .function is equally valid, so
switch to this in all callers.
Cc: "Rafael J. Wysocki"
Cc: Pavel Machek
Cc: Len Brown
Cc: Greg Kroah-Hartman
Cc: Mike Marciniszyn
Cc: Dennis Dalessandro
Several timer users needlessly reset their .function/.data fields during
their timer callback, but nothing else changes them. Some users do not
use their .data field at all. Each instance is removed here.
Cc: Krzysztof Halasa
Cc: Aditya Shankar
Cc: Ganesh Krishna
Cc: Greg Kroah-Hartman
Cc: Jen
This patch introduces a new socket option SO_SYMMETRIC_QUEUES that can be used
to enable symmetric tx and rx queues on a socket.
This option is specifically useful for epoll based multi threaded workloads
where each thread handles packets received on a single RX queue . In this model,
we have noti
2017-08-31, 09:59:39 -0700, Ivan Delalande wrote:
> diff --git a/net/ipv4/tcp_diag.c b/net/ipv4/tcp_diag.c
> index a748c74aa8b7..abbf0edcf6c2 100644
> --- a/net/ipv4/tcp_diag.c
> +++ b/net/ipv4/tcp_diag.c
[...]
> +static int tcp_diag_get_aux(struct sock *sk, bool net_admin,
> +
The first gets rid of unnecessary ref counting, and second
allows removing hv_netvsc driver even if VF present.
Stephen Hemminger (2):
netvsc: cleanup datapath switch
netvsc: allow driver to be removed even if VF is present
drivers/net/hyperv/netvsc_drv.c | 55 ---
If VF is attached then can still allow netvsc driver module to
be removed. Just have to make sure and do the cleanup.
Also, avoid extra rtnl round trip when calling unregister.
Signed-off-by: Stephen Hemminger
---
drivers/net/hyperv/netvsc_drv.c | 17 +
1 file changed, 9 inserti
Use one routine for datapath up/down. Don't need to reopen
the rndis layer.
Signed-off-by: Stephen Hemminger
---
drivers/net/hyperv/netvsc_drv.c | 38 +++---
1 file changed, 7 insertions(+), 31 deletions(-)
diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/n
On Thu, 2017-08-31 at 18:45 -0400, Willem de Bruijn wrote:
> On Thu, Aug 31, 2017 at 4:30 PM, Eric Dumazet wrote:
> > refcount_t type and corresponding API should be
> > used instead of atomic_t when the variable is used as
> > a reference counter. This allows to avoid accidental
> > refcounter ov
On Thu, Aug 31, 2017 at 4:30 PM, Eric Dumazet wrote:
> refcount_t type and corresponding API should be
> used instead of atomic_t when the variable is used as
> a reference counter. This allows to avoid accidental
> refcounter overflows that might lead to use-after-free
> situations.
>
> Signed-of
On Thu, 31 Aug 2017 23:50:26 +0200
Jesper Dangaard Brouer wrote:
> On Thu, 31 Aug 2017 11:43:25 -0700 (PDT)
> David Miller wrote:
>
> > From: Roopa Prabhu
> > Date: Wed, 30 Aug 2017 22:18:13 -0700
> >
> > > From: Roopa Prabhu
> > >
> > > This extends bridge fdb table tracepoints to also c
On 08/31/2017 10:56 PM, Chenbo Feng wrote:
From: Chenbo Feng
Introduce a pointer into struct bpf_map to hold the security information
about the map. The actual security struct varies based on the security
models implemented. Place the LSM hooks before each of the unrestricted
eBPF operations, t
On Thu, Aug 31, 2017 at 4:30 PM, Eric Dumazet wrote:
> In order to convert this atomic_t refcnt to refcount_t,
> we need to init the refcount to one to not trigger
> a 0 -> 1 transition.
>
> This also removes one atomic operation in fast path.
>
> Signed-off-by: Eric Dumazet
Acked-by: Willem de
__skb_flow_dissect is riddled with gotos that make discerning the flow,
debugging, and extending the capability difficult. This patch
reorganizes things so that we only perform goto's after the two main
switch statements (no gotos within the cases now). It also eliminates
several goto labels so tha
In flow dissector there are no limits to the number of nested
encapsulations that might be dissected which makes for a nice DOS
attack. This patch limits for dissecting nested encapsulations
as well as for dissecting over extension headers.
Reported-by: Hannes Frederic Sowa
Signed-off-by: Tom Her
This patch set fixes some basic issues with __skb_flow_dissect function.
Items addressed:
- Cleanup control flow in the fucntion; in particular eliminate a
bunch of goto's and implement a simplified control flow model
- Add limits for number of encapsulations of extension headers that
On 09/01/2017 12:05 AM, David Ahern wrote:
Allow BPF programs run on sock create to use the get_current_uid_gid
helper. IPv4 and IPv6 sockets are created in a process context so
there is always a valid uid/gid
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
Acked-by: Daniel Borkmann
On 09/01/2017 12:05 AM, David Ahern wrote:
Add socket mark and priority to fields that can be set by
ebpf program when a socket is created.
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
---
include/uapi/linux/bpf.h | 2 ++
net/core/filter.c| 26 ++
On Thu, Aug 31, 2017 at 2:17 PM, Mimi Zohar wrote:
> On Thu, 2017-08-31 at 13:56 -0700, Chenbo Feng wrote:
>> From: Chenbo Feng
>>
>> Introduce a pointer into struct bpf_map to hold the security information
>> about the map. The actual security struct varies based on the security
>> models implem
Update sock test to set mark and priority on socket create.
Signed-off-by: David Ahern
---
samples/bpf/test_cgrp2_sock.c | 134 -
samples/bpf/test_cgrp2_sock.sh | 2 +-
2 files changed, 119 insertions(+), 17 deletions(-)
diff --git a/samples/bpf/test_c
Add option to detach programs from a cgroup.
Signed-off-by: David Ahern
---
samples/bpf/test_cgrp2_sock.c | 50 ++-
1 file changed, 35 insertions(+), 15 deletions(-)
diff --git a/samples/bpf/test_cgrp2_sock.c b/samples/bpf/test_cgrp2_sock.c
index 681abbe6
Allow BPF programs run on sock create to use the get_current_uid_gid
helper. IPv4 and IPv6 sockets are created in a process context so
there is always a valid uid/gid
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
---
net/core/filter.c | 16 +++-
1 file changed, 15 insertio
Update cgrp2 bpf sock tests to check that device, mark and priority
can all be set on a socket via bpf programs attached to a cgroup.
Signed-off-by: David Ahern
---
samples/bpf/test_cgrp2_sock.sh | 162 +++--
1 file changed, 124 insertions(+), 38 deletions(-)
Signed-off-by: David Ahern
---
samples/bpf/sock_flags_kern.c | 5 +
samples/bpf/test_cgrp2_sock.c | 12 +++-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/samples/bpf/sock_flags_kern.c b/samples/bpf/sock_flags_kern.c
index 533dd11a6baa..05dcdf8a4baa 100644
--- a/samp
Add option to dump socket settings. Will be used in the next patch
to verify bpf programs are correctly setting mark, priority and
device based on the cgroup attachment for the program run.
Signed-off-by: David Ahern
---
samples/bpf/test_cgrp2_sock.c | 75
Add socket mark and priority to fields that can be set by
ebpf program when a socket is created.
Signed-off-by: David Ahern
Acked-by: Alexei Starovoitov
---
include/uapi/linux/bpf.h | 2 ++
net/core/filter.c| 26 ++
2 files changed, 28 insertions(+)
diff --git
Add option to set mark and priority in addition to bound device for newly
created sockets. Also, allow the bpf programs to use the get_current_uid_gid
helper meaning socket marks, priority and device can be set based on the
uid/gid of the running process.
Sample programs are updated to demonstrate
On Thu, 31 Aug 2017 11:43:25 -0700 (PDT)
David Miller wrote:
> From: Roopa Prabhu
> Date: Wed, 30 Aug 2017 22:18:13 -0700
>
> > From: Roopa Prabhu
> >
> > This extends bridge fdb table tracepoints to also cover
> > learned fdb entries in the br_fdb_update path. Note that
> > unlike other trac
From: Jiri Pirko
Date: Thu, 31 Aug 2017 17:59:11 +0200
> This patchset adds IPv6 host dpipe table support. This will provide the
> ability to observe the hardware offloaded IPv6 neighbors.
Series applied, thanks.
I noticed while reviewing this we are pretty much split on how
to access neigh->pr
On Thu, 2017-08-31 at 08:24 -0700, Vernon Mauery wrote:
> +int ncsi_vlan_rx_add_vid(struct net_device *dev, __be16 proto, u16 vid)
> > +{
> > + return -ENOTTY;
> > +}
> > +int ncsi_vlan_rx_kill_vid(struct net_device *dev, __be16 proto, u16 vid)
> > +{
> > + return -ENOTTY;
> > +}
>
> Thes
From: Lipeng
Date: Thu, 31 Aug 2017 21:39:08 +0800
> Config the self_define vlan_type as TPID(0x8100) for vlan identification.
> When normal port initialize vlan configure, set default vlan id as 0.
>
> Signed-off-by: Mingguang Qu
> Signed-off-by: Lipeng
No, that's not what this patch is doin
On Thu, 2017-08-31 at 18:37 +0530, Himanshu Jha wrote:
> casting to void pointer from any pointer type and vice-versa is done
> implicitly and therefore casting is not needed in such a case.
You said you were going to remember to mention the tool
and script that did this.
On Thu, 2017-08-31 at 13:56 -0700, Chenbo Feng wrote:
> From: Chenbo Feng
>
> Introduce a pointer into struct bpf_map to hold the security information
> about the map. The actual security struct varies based on the security
> models implemented. Place the LSM hooks before each of the unrestricted
From: Willem de Bruijn
Documentation for this feature was missing from the patchset.
Copied a lot from the netdev 2.1 paper, addressing some small
interface changes since then.
Signed-off-by: Willem de Bruijn
---
Documentation/networking/msg_zerocopy.rst | 254 ++
1
On Thu, Aug 31, 2017 at 03:18:03PM -0500, Rob Herring wrote:
> On Sat, Aug 26, 2017 at 11:20:51PM +0200, Andrew Lunn wrote:
> > Hi Corentin
> >
> > I think we have now all agreed this is an mdio-mux, plus it is also an
> > MII mux. We should represent that in device tree. This patchset does
> > th
From: Chenbo Feng
Introduce 5 new selinux checks for eBPF object related operations. The
check is based on the ownership information of eBPF maps and the
capability of creating eBPF object.
Signed-off-by: Chenbo Feng
---
security/selinux/hooks.c| 54
From: Chenbo Feng
Introduce a pointer into struct bpf_map to hold the security information
about the map. The actual security struct varies based on the security
models implemented. Place the LSM hooks before each of the unrestricted
eBPF operations, the map_update_elem and map_delete_elem operat
1 - 100 of 235 matches
Mail list logo
