Netdev List
 help / color / mirror / Atom feed
* Re: [PATCH] net: Do not wrap sysctl igmp_max_memberships in IP_MULTICAST
From: Joakim Tjernlund @ 2011-04-12 22:41 UTC (permalink / raw)
  To: David Miller; +Cc: netdev
In-Reply-To: <20110412.140016.189701267.davem@davemloft.net>


David Miller <davem@davemloft.net> wrote on 2011/04/12 23:00:16:
>
> From: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> Date: Tue, 12 Apr 2011 11:49:34 +0200
>
> > controlling igmp_max_membership is useful even when IP_MULTICAST
> > is off.
> > Quagga(an OSPF deamon) uses multicast addresses for all interfaces
> > using a single socket and hits igmp_max_membership limit when
> > there are 20 interfaces or more.
> > Always export sysctl igmp_max_memberships in proc, just like
> > igmp_max_msf
> >
> > Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
>
> I really like your commit message, a full justification and a
> reference to existing similar behavior.
>
> If only every patch submitter did this :-/

Thanks, I really wish all my commit msgs are like the above.

 Jocke


^ permalink raw reply

* Re: pr_debug usage in raw_sendmsg
From: David Miller @ 2011-04-12 22:33 UTC (permalink / raw)
  To: davej; +Cc: netdev
In-Reply-To: <20110412223137.GA25528@redhat.com>

From: Dave Jones <davej@redhat.com>
Date: Tue, 12 Apr 2011 18:31:37 -0400

> While working on my system call fuzzer, I keep getting a lot
> of spew in dmesg from raw_sendmsg. Particularly..
> 
> [ 6442.690780] no dev
> [ 6454.257701] msg_flags 0x00000080
> [ 8055.873142] msg->msg_flags = 0xd63f35c1
> 
> Is there a good reason for keeping -DDEBUG in net/ieee802154/Makefile ?
> 
> Those messages don't look particularly helpful given there's no other context.
> (the 'no dev' one in particular looks kinda hopeless)

All of those cflags modifications in net/ieee802154/Makefile are bogus,
I'll commit the following:

--------------------
ieee802154: Remove hacked CFLAGS in net/ieee802154/Makefile

It adds -Wall (which the kernel carefully controls already) and of all
things -DDEBUG (which should be set by other means if desired, please
we have dynamic-debug these days).

Kill this noise.

Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
 net/ieee802154/Makefile |    2 --
 1 files changed, 0 insertions(+), 2 deletions(-)

diff --git a/net/ieee802154/Makefile b/net/ieee802154/Makefile
index ce2d335..5761185 100644
--- a/net/ieee802154/Makefile
+++ b/net/ieee802154/Makefile
@@ -1,5 +1,3 @@
 obj-$(CONFIG_IEEE802154) +=	ieee802154.o af_802154.o
 ieee802154-y		:= netlink.o nl-mac.o nl-phy.o nl_policy.o wpan-class.o
 af_802154-y		:= af_ieee802154.o raw.o dgram.o
-
-ccflags-y += -Wall -DDEBUG
-- 
1.7.4.3


^ permalink raw reply related

* pr_debug usage in raw_sendmsg
From: Dave Jones @ 2011-04-12 22:31 UTC (permalink / raw)
  To: netdev

While working on my system call fuzzer, I keep getting a lot
of spew in dmesg from raw_sendmsg. Particularly..

[ 6442.690780] no dev
[ 6454.257701] msg_flags 0x00000080
[ 8055.873142] msg->msg_flags = 0xd63f35c1

Is there a good reason for keeping -DDEBUG in net/ieee802154/Makefile ?

Those messages don't look particularly helpful given there's no other context.
(the 'no dev' one in particular looks kinda hopeless)

	Dave

^ permalink raw reply

* Re: fix locking unbalance in irda_sendmsg
From: David Miller @ 2011-04-12 22:30 UTC (permalink / raw)
  To: davej; +Cc: netdev, linux-kernel
In-Reply-To: <20110412221254.GA23906@redhat.com>

From: Dave Jones <davej@redhat.com>
Date: Tue, 12 Apr 2011 18:12:55 -0400

> 5b40964eadea40509d353318d2c82e8b7bf5e8a5 introduced a path where
> we have a locking unbalance.  If we pass invalid flags, we unlock
> a socket we never locked, resulting in this...
 ...
> Signed-off-by: Dave Jones <davej@redhat.com>

Applied and queued up for -stable, thanks Dave.

^ permalink raw reply

* Re: [PATCH 1/1] ipv6: RTA_PREFSRC support for ipv6 route source address selection
From: David Miller @ 2011-04-12 22:16 UTC (permalink / raw)
  To: dwalter; +Cc: netdev, linux-kernel
In-Reply-To: <20110412.150511.35038648.davem@davemloft.net>

From: David Miller <davem@davemloft.net>
Date: Tue, 12 Apr 2011 15:05:11 -0700 (PDT)

> From: Daniel Walter <dwalter@barracuda.com>
> Date: Mon, 11 Apr 2011 09:03:29 +0200
> 
>> [ipv6] Add support for RTA_PREFSRC
>> 
>> This patch allows a user to select the preferred source address
>> for a specific IPv6-Route. It can be set via a netlink message
>> setting RTA_PREFSRC to a valid IPv6 address which must be
>> up on the device the route will be bound to.
>> 
>> 
>> Signed-off-by: Daniel Walter <dwalter@barracuda.com>
> 
> Ok, I can live with this, applied, thanks!

Sorry, I had to revert.

Please fix this warning, test your patch, and resubmit it.

net/ipv6/ip6_output.c: In function ‘ip6_dst_lookup_tail’:
net/ipv6/ip6_output.c:936: warning: passing argument 3 of ‘ip6_route_get_saddr’ from incompatible pointer type
include/net/ip6_route.h:87: note: expected ‘struct in6_addr *’ but argument is of type ‘struct dst_entry **’

Thanks.

^ permalink raw reply

* fix locking unbalance in irda_sendmsg
From: Dave Jones @ 2011-04-12 22:12 UTC (permalink / raw)
  To: netdev; +Cc: Linux Kernel

5b40964eadea40509d353318d2c82e8b7bf5e8a5 introduced a path where
we have a locking unbalance.  If we pass invalid flags, we unlock
a socket we never locked, resulting in this...

=====================================
[ BUG: bad unlock balance detected! ]
-------------------------------------
trinity/20101 is trying to release lock (sk_lock-AF_IRDA) at:
[<ffffffffa057f001>] irda_sendmsg+0x207/0x21d [irda]
but there are no more locks to release!

other info that might help us debug this:
no locks held by trinity/20101.

stack backtrace:
Pid: 20101, comm: trinity Not tainted 2.6.39-rc3+ #3
Call Trace:
 [<ffffffffa057f001>] ? irda_sendmsg+0x207/0x21d [irda]
 [<ffffffff81085041>] print_unlock_inbalance_bug+0xc7/0xd2
 [<ffffffffa057f001>] ? irda_sendmsg+0x207/0x21d [irda]
 [<ffffffff81086aca>] lock_release+0xcf/0x18e
 [<ffffffff813ed190>] release_sock+0x2d/0x155
 [<ffffffffa057f001>] irda_sendmsg+0x207/0x21d [irda]
 [<ffffffff813e9f8c>] __sock_sendmsg+0x69/0x75
 [<ffffffff813ea105>] sock_sendmsg+0xa1/0xb6
 [<ffffffff81100ca3>] ? might_fault+0x5c/0xac
 [<ffffffff81086b7c>] ? lock_release+0x181/0x18e
 [<ffffffff81100cec>] ? might_fault+0xa5/0xac
 [<ffffffff81100ca3>] ? might_fault+0x5c/0xac
 [<ffffffff81133b94>] ? fcheck_files+0xb9/0xf0
 [<ffffffff813f387a>] ? copy_from_user+0x2f/0x31
 [<ffffffff813f3b70>] ? verify_iovec+0x52/0xa6
 [<ffffffff813eb4e3>] sys_sendmsg+0x23a/0x2b8
 [<ffffffff81086b7c>] ? lock_release+0x181/0x18e
 [<ffffffff810773c6>] ? up_read+0x28/0x2c
 [<ffffffff814bec3d>] ? do_page_fault+0x360/0x3b4
 [<ffffffff81087043>] ? trace_hardirqs_on_caller+0x10b/0x12f
 [<ffffffff810458aa>] ? finish_task_switch+0xb2/0xe3
 [<ffffffff8104583e>] ? finish_task_switch+0x46/0xe3
 [<ffffffff8108364a>] ? trace_hardirqs_off_caller+0x33/0x90
 [<ffffffff814bbaf9>] ? retint_swapgs+0x13/0x1b
 [<ffffffff81087043>] ? trace_hardirqs_on_caller+0x10b/0x12f
 [<ffffffff810a9dd3>] ? audit_syscall_entry+0x11c/0x148
 [<ffffffff8125609e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
 [<ffffffff814c22c2>] system_call_fastpath+0x16/0x1b

Signed-off-by: Dave Jones <davej@redhat.com>

diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c
index c9890e2..cc61697 100644
--- a/net/irda/af_irda.c
+++ b/net/irda/af_irda.c
@@ -1297,8 +1297,7 @@ static int irda_sendmsg(struct kiocb *iocb, struct socket *sock,
 	/* Note : socket.c set MSG_EOR on SEQPACKET sockets */
 	if (msg->msg_flags & ~(MSG_DONTWAIT | MSG_EOR | MSG_CMSG_COMPAT |
 			       MSG_NOSIGNAL)) {
-		err = -EINVAL;
-		goto out;
+		return -EINVAL;
 	}
 
 	lock_sock(sk);

^ permalink raw reply related

* Re: [PATCH 1/1] ipv6: RTA_PREFSRC support for ipv6 route source address selection
From: David Miller @ 2011-04-12 22:05 UTC (permalink / raw)
  To: dwalter; +Cc: netdev, linux-kernel
In-Reply-To: <1302505409.8923.2.camel@localhost>

From: Daniel Walter <dwalter@barracuda.com>
Date: Mon, 11 Apr 2011 09:03:29 +0200

> [ipv6] Add support for RTA_PREFSRC
> 
> This patch allows a user to select the preferred source address
> for a specific IPv6-Route. It can be set via a netlink message
> setting RTA_PREFSRC to a valid IPv6 address which must be
> up on the device the route will be bound to.
> 
> 
> Signed-off-by: Daniel Walter <dwalter@barracuda.com>

Ok, I can live with this, applied, thanks!

^ permalink raw reply

* Re: [PATCH 2/2] net/natsami: store MAC into perm_addr
From: David Miller @ 2011-04-12 21:56 UTC (permalink / raw)
  To: otavio; +Cc: netdev
In-Reply-To: <1302622241-11871-2-git-send-email-otavio@ossystems.com.br>

From: Otavio Salvador <otavio@ossystems.com.br>
Date: Tue, 12 Apr 2011 12:30:41 -0300

> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>

Applied.

^ permalink raw reply

* Re: [PATCH 1/2] net/sis900: store MAC into perm_addr for SiS 900, 630E, 635 and 96x variants
From: David Miller @ 2011-04-12 21:56 UTC (permalink / raw)
  To: otavio; +Cc: netdev
In-Reply-To: <1302622241-11871-1-git-send-email-otavio@ossystems.com.br>

From: Otavio Salvador <otavio@ossystems.com.br>
Date: Tue, 12 Apr 2011 12:30:40 -0300

> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>

Applied.

^ permalink raw reply

* Re: [PATCH] net: bna: convert to hw_features
From: Debashis Dutt @ 2011-04-12 21:56 UTC (permalink / raw)
  To: David Miller; +Cc: mirq-linux, netdev, rmody, ddutt
In-Reply-To: <20110412.145259.102551828.davem@davemloft.net>

2011/4/12 David Miller <davem@davemloft.net>:
> From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
> Date: Tue, 12 Apr 2011 21:38:23 +0200 (CEST)
>
>> Note: looks like bnad->conf_mutex is duplicating rtnl_lock.
>>
>> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
>
> Applied.
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

Thanks Michal & David.

Patch looks good. We will still do some unit-testing and let you know,
in case of any hiccups.

Thanks
--Debashis

^ permalink raw reply

* Re: [PATCH] net: vlan_features comment clarification
From: David Miller @ 2011-04-12 21:54 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev
In-Reply-To: <20110412140739.1DF1713909@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Tue, 12 Apr 2011 16:07:39 +0200 (CEST)

> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Applied, thanks.

^ permalink raw reply

* SMSC 8720a/MDIO/PHY help.
From: ANDY KENNEDY @ 2011-04-12 21:46 UTC (permalink / raw)
  To: netdev

I have written my MDIO driver, registered it via mdiobus_register(), and
have verified that the SCMS LAN8710 driver picks it up (via sysfs).
What am I missing?  The state machine never starts.  I get no runs,
hits, or errors (and nobody left -- it is baseball season after all).

If you have an idea of something for me to try, I'd love to entertain
it.

Thanks,
Andy

^ permalink raw reply

* Re: [PATCH] net: ioc3: convert to hw_features
From: David Miller @ 2011-04-12 21:53 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev, ralf, linux-mips
In-Reply-To: <20110412194817.3420713A65@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Tue, 12 Apr 2011 21:48:17 +0200 (CEST)

> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Applied.

^ permalink raw reply

* Re: [PATCH] net: bna: convert to hw_features
From: David Miller @ 2011-04-12 21:52 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev, rmody, ddutt
In-Reply-To: <20110412193823.177C613A64@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Tue, 12 Apr 2011 21:38:23 +0200 (CEST)

> Note: looks like bnad->conf_mutex is duplicating rtnl_lock.
> 
> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Applied.

^ permalink raw reply

* Re: [PATCH v5] net: bnx2x: convert to hw_features
From: David Miller @ 2011-04-12 21:52 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev, vladz, eilong
In-Reply-To: <20110412193823.0823213A65@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Tue, 12 Apr 2011 21:38:23 +0200 (CEST)

> Since ndo_fix_features callback is postponing features change when
> bp->recovery_state != BNX2X_RECOVERY_DONE, netdev_update_features()
> has to be called again when this condition changes. Previously,
> ethtool_ops->set_flags callback returned -EBUSY in that case
> (it's not possible in the new model).
> 
> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
> 
> v5: - don't delay set_features, as it's rtnl_locked - same as recovery process
> v4: - complete bp->rx_csum -> NETIF_F_RXCSUM conversion
>     - add check for failed ndo_set_features in ndo_open callback
> v3: - include NETIF_F_LRO in hw_features
>     - don't call netdev_update_features() if bnx2x_nic_load() failed
> v2: - comment in ndo_fix_features callback

I've applied this.

From what I can tell the is basic agreement from the Broadcom folks,
and if any fixups are needed that can be done with follow-up
patches.

Thanks.

^ permalink raw reply

* Re: [PATCH RESENT] net: ps3_gelic: convert to hw_features
From: David Miller @ 2011-04-12 21:51 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev, geoff, linuxppc-dev, cbe-oss-dev
In-Reply-To: <20110410144955.8620813909@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Sun, 10 Apr 2011 16:49:55 +0200 (CEST)

> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Applied.

^ permalink raw reply

* Re: [PATCH] net: sky2: convert to hw_features
From: David Miller @ 2011-04-12 21:51 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev, shemminger
In-Reply-To: <20110410131321.8CD9713A64@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Sun, 10 Apr 2011 15:13:21 +0200 (CEST)

> Caveats:
>  - driver modifies vlan_features on HW VLAN TX changes
>  - broken RX checksum will be reenabled on features change
> 
> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

It seems the checksum concern exists both before and after these
changes, so I'm going to apply this and you guys can send me a
fixup fir the RX checksum feature validation issue as a follow-on
patch.

Thanks!

^ permalink raw reply

* Re: 2.6.39-rc2 boot crash
From: David Miller @ 2011-04-12 21:39 UTC (permalink / raw)
  To: kaber; +Cc: zbr, emunson, dave, linux-kernel, gregkh, ksrinivasan, netdev
In-Reply-To: <4DA47247.20700@trash.net>

From: Patrick McHardy <kaber@trash.net>
Date: Tue, 12 Apr 2011 17:39:51 +0200

> I think this patch should fix the problem. Eric, could you please
> give it a try?

Applied, thanks everyone.

^ permalink raw reply

* Re: [PATCH] net: add RTNL_ASSERT in __netdev_update_features()
From: David Miller @ 2011-04-12 21:36 UTC (permalink / raw)
  To: mirq-linux; +Cc: netdev
In-Reply-To: <20110412195638.3983613A65@rere.qmqm.pl>

From: Michał Mirosław <mirq-linux@rere.qmqm.pl>
Date: Tue, 12 Apr 2011 21:56:38 +0200 (CEST)

> Signed-off-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>

Applied, thanks!

^ permalink raw reply

* Re: [PATCH] net: davinci_emac: fix spinlock bug with dma channel cleanup
From: David Miller @ 2011-04-12 21:33 UTC (permalink / raw)
  To: srk; +Cc: netdev, davinci-linux-open-source
In-Reply-To: <1302583351-10449-1-git-send-email-srk@ti.com>

From: Sriramakrishnan A G <srk@ti.com>
Date: Tue, 12 Apr 2011 10:12:31 +0530

> The DMA cleanup function was holding the spinlock across
> a busy loop where it waits for HW to indicate teardown is complete.
> This generates a backtrace, when DEBUG_SPINLOCK is enabled. Make the
> locking more granular.
> 
> Signed-off-by: Sriramakrishnan A G <srk@ti.com>

You can't really sleep in this function at all.

For example, it gets invoked from the ->ndo_tx_timeout() method in
davinci_emac.c, which runs from a timer.

So even if you hack the spinlock usage, there are still major issues
here.

We could conditionalize the timeout handling, but I don't think so
much complexity is worth it here.

Just do a udelay()/mdelay() or similar, instead of the timed sleeps.

Thanks.

^ permalink raw reply

* Re: [E1000-devel] [PATCH] driver/e1000e: Fix default interrupt mode select
From: Jeff Kirsher @ 2011-04-12 21:32 UTC (permalink / raw)
  To: Prabhakar Kushwaha
  Cc: linuxppc-dev@lists.ozlabs.org, Linux NICS, Kok, Auke-jan H,
	e1000-devel@lists.sourceforge.net, netdev@vger.kernel.org,
	meet2prabhu@gmail.com, Jin Qing
In-Reply-To: <1302584163-22318-1-git-send-email-prabhakar@freescale.com>

[-- Attachment #1: Type: text/plain, Size: 681 bytes --]

On Mon, 2011-04-11 at 21:56 -0700, Prabhakar Kushwaha wrote:
> From: Prabhakar <prabhakar@freescale.com>
> 
> The Intel e1000 device driver defaults to MSI interrupt mode, even if
> MSI
> support is not enabled
> 
> Signed-off-by: Jin Qing <b24347@freescale.com>
> Signed-off-by: Prabhakar Kushwaha <prabhakar@freescale.com>
> ---
>  Based upon
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git(branch master)
> 
>  added  netdev mail-list and e1000 mail-list & maintainer
> 
>  drivers/net/e1000e/param.c |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-) 

Thanks for the patch, I have added it to my queue of e1000e patches.

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

^ permalink raw reply

* Re: [PATCH] driver/e1000e: Fix default interrupt mode select
From: Jeff Kirsher @ 2011-04-12 21:31 UTC (permalink / raw)
  To: David Miller
  Cc: prabhakar@freescale.com, linuxppc-dev@lists.ozlabs.org,
	Linux NICS, Kok, Auke-jan H, e1000-devel@lists.sourceforge.net,
	netdev@vger.kernel.org, meet2prabhu@gmail.com,
	b24347@freescale.com
In-Reply-To: <20110412.142727.39177723.davem@davemloft.net>

[-- Attachment #1: Type: text/plain, Size: 673 bytes --]

On Tue, 2011-04-12 at 14:27 -0700, David Miller wrote:
> From: Prabhakar Kushwaha <prabhakar@freescale.com>
> Date: Tue, 12 Apr 2011 10:26:03 +0530
> 
> > From: Prabhakar <prabhakar@freescale.com>
> > 
> > The Intel e1000 device driver defaults to MSI interrupt mode, even if MSI
> > support is not enabled
> > 
> > Signed-off-by: Jin Qing <b24347@freescale.com>
> > Signed-off-by: Prabhakar Kushwaha <prabhakar@freescale.com>
> > ---
> >  Based upon git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git(branch master)
> > 
> >  added  netdev mail-list and e1000 mail-list & maintainer
> 
> Intel folks, you got this?

Yes.  Thanks Dave.

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

^ permalink raw reply

* Re: [PATCH] driver/e1000e: Fix default interrupt mode select
From: David Miller @ 2011-04-12 21:27 UTC (permalink / raw)
  To: prabhakar
  Cc: linuxppc-dev, linux.nics, auke-jan.h.kok, e1000-devel, netdev,
	meet2prabhu, b24347, jeffrey.t.kirsher
In-Reply-To: <1302584163-22318-1-git-send-email-prabhakar@freescale.com>

From: Prabhakar Kushwaha <prabhakar@freescale.com>
Date: Tue, 12 Apr 2011 10:26:03 +0530

> From: Prabhakar <prabhakar@freescale.com>
> 
> The Intel e1000 device driver defaults to MSI interrupt mode, even if MSI
> support is not enabled
> 
> Signed-off-by: Jin Qing <b24347@freescale.com>
> Signed-off-by: Prabhakar Kushwaha <prabhakar@freescale.com>
> ---
>  Based upon git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git(branch master)
> 
>  added  netdev mail-list and e1000 mail-list & maintainer

Intel folks, you got this?

^ permalink raw reply

* Re: [PATCH] net: ipv4: add IPPROTO_ICMP socket kind
From: David Miller @ 2011-04-12 21:25 UTC (permalink / raw)
  To: solar
  Cc: segoon, linux-kernel, netdev, peak, kees.cook, dan.j.rosenberg,
	eugene, nelhage, kuznet, pekkas, jmorris, yoshfuji, kaber
In-Reply-To: <20110412050659.GA14129@openwall.com>

From: Solar Designer <solar@openwall.com>
Date: Tue, 12 Apr 2011 09:06:59 +0400

> On Sat, Apr 09, 2011 at 02:15:14PM +0400, Vasiliy Kulikov wrote:
>> This patch adds IPPROTO_ICMP socket kind.  It makes it possible to send
>> ICMP_ECHO messages and receive the corresponding ICMP_ECHOREPLY messages
>> without any special privileges.  In other words, the patch makes it
>> possible to implement setuid-less and CAP_NET_RAW-less /bin/ping.  In
>> order not to increase the kernel's attack surface (in case of
>> vulnerabilities in the newly added code), the new functionality is
>> disabled by default, but is enabled at bootup by supporting Linux
>> distributions, optionally with restriction to a group or a group range
> ...
>> For Openwall GNU/*/Linux it is the last step on the road to the
>> setuid-less distro.
> 
> More correctly, it _was_ the last step - we've already taken it, so a
> revision of the patch (against OpenVZ/RHEL5 kernels) is currently in use.
> 
> We would really like this accepted into mainline, which is why Vasiliy
> spends extra effort to keep the patch updated to current mainline
> kernels and re-test it.  If there are any comments/concerns/objections,
> we'd be happy to hear those.
> 
>> Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
> 
> Acked-by: Solar Designer <solar@openwall.com>

I have no fundamental objections to this change and I'll be happy to
apply it after we iron out a few details.

First, please get rid of the debug option, we have pr_debug() which can
be dynamically turned on and off at run time these days.

Second, if this is a bonafide core facility we'd like everyone to use,
let's make it so.  I want it so that every ping binary can expect this
facility to be there if the kernel is new enough.

So let's get rid of the config option.

Third, either we trust this code or we do not.  If we are OK with a
user application spamming whatever they wish out of a datagram UDP
socket, they can do no more harm with this thing unless there are
bugs.

The group range thing I also consider hackish.  In my opinion two
other approaches seem more reasonable:

1) On/Off sysctl, default to ON.  This is to handle the "oh crap
   there's a really bad bug discovered in this thing" situations.

2) A single group ID, if zero it means "all groups" else it limits
   the facility to specific groups.

I would mention capabilities, but probably that's undesirable for
something like this as it creeps us back to the original problem
this is trying to resolve.

Finally, longer term, I'd really like to see ipv6 support for this
feature as well.  I absolutely am not requiring that ipv6 get
worked on right now just to apply the ipv4 variant.

So let's sort out the ipv4 side issues so I can get this into the
net-next-2.6 tree and people can start testing it.

Thanks.

^ permalink raw reply

* Re: [patch net-next-2.6 v2] net: vlan: make non-hw-accel rx path similar to hw-accel
From: David Miller @ 2011-04-12 21:16 UTC (permalink / raw)
  To: jpirko
  Cc: netdev, shemminger, kaber, fubar, eric.dumazet, nicolas.2p.debian,
	andy, xiaosuo, jesse, ebiederm
In-Reply-To: <1302241713-3637-1-git-send-email-jpirko@redhat.com>

From: Jiri Pirko <jpirko@redhat.com>
Date: Fri,  8 Apr 2011 07:48:33 +0200

> Now there are 2 paths for rx vlan frames. When rx-vlan-hw-accel is
> enabled, skb is untagged by NIC, vlan_tci is set and the skb gets into
> vlan code in __netif_receive_skb - vlan_hwaccel_do_receive.
> 
> For non-rx-vlan-hw-accel however, tagged skb goes thru whole
> __netif_receive_skb, it's untagged in ptype_base hander and reinjected
> 
> This incosistency is fixed by this patch. Vlan untagging happens early in
> __netif_receive_skb so the rest of code (ptype_all handlers, rx_handlers)
> see the skb like it was untagged by hw.
> 
> Signed-off-by: Jiri Pirko <jpirko@redhat.com>
> 
> v1->v2:
> 	remove "inline" from vlan_core.c functions

Ok, I've applied this, let's see what happens :-)

Thanks!

^ permalink raw reply


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox