Commit 8bf22c33 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'net-7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 

Pull networking fixes from Jakub Kicinski:
 "Including fixes from Netfilter.

  Current release - new code bugs:

   - net: fix backlog_unlock_irq_restore() vs CONFIG_PREEMPT_RT

   - eth: mlx5e: XSK, Fix unintended ICOSQ change

   - phy_port: correctly recompute the port's linkmodes

   - vsock: prevent child netns mode switch from local to global

   - couple of kconfig fixes for new symbols

  Previous releases - regressions:

   - nfc: nci: fix false-positive parameter validation for packet data

   - net: do not delay zero-copy skbs in skb_attempt_defer_free()

  Previous releases - always broken:

   - mctp: ensure our nlmsg responses to user space are zero-initialised

   - ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()

   - fixes for ICMP rate limiting

  Misc:

   - intel: fix PCI device ID conflict between i40e and ipw2200"

* tag 'net-7.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (85 commits)
  net: nfc: nci: Fix parameter validation for packet data
  net/mlx5e: Use unsigned for mlx5e_get_max_num_channels
  net/mlx5e: Fix deadlocks between devlink and netdev instance locks
  net/mlx5e: MACsec, add ASO poll loop in macsec_aso_set_arm_event
  net/mlx5: Fix misidentification of write combining CQE during poll loop
  net/mlx5e: Fix misidentification of ASO CQE during poll loop
  net/mlx5: Fix multiport device check over light SFs
  bonding: alb: fix UAF in rlb_arp_recv during bond up/down
  bnge: fix reserving resources from FW
  eth: fbnic: Advertise supported XDP features.
  rds: tcp: fix uninit-value in __inet_bind
  net/rds: Fix NULL pointer dereference in rds_tcp_accept_one
  octeontx2-af: Fix default entries mcam entry action
  net/mlx5e: XSK, Fix unintended ICOSQ change
  ipv6: icmp: icmpv6_xrlim_allow() optimization if net.ipv6.icmp.ratelimit is zero
  ipv4: icmp: icmpv4_xrlim_allow() optimization if net.ipv4.icmp_ratelimit is zero
  ipv6: icmp: remove obsolete code in icmpv6_xrlim_allow()
  inet: move icmp_global_{credit,stamp} to a separate cache line
  icmp: prevent possible overflow in icmp_global_allow()
  selftests/net: packetdrill: add ipv4-mapped-ipv6 tests
  ...
parents 4f13d0da 571dcbeb

Documentation/admin-guide/sysctl/net.rst

+50 −2
Original line number Diff line number Diff line
@@ -40,8 +40,8 @@ Table : Subdirectories in /proc/sys/net 
 bridge    Bridging              rose       X.25 PLP layer

 core      General parameter     tipc       TIPC

 ethernet  Ethernet protocol     unix       Unix domain sockets

 ipv4      IP version 4          x25        X.25 protocol

 ipv6      IP version 6

 ipv4      IP version 4          vsock      VSOCK sockets

 ipv6      IP version 6          x25        X.25 protocol

 ========= =================== = ========== ===================



1. /proc/sys/net/core - Network core options
@@ -551,3 +551,51 @@ originally may have been issued in the correct sequential order. 
If named_timeout is nonzero, failed topology updates will be placed on a defer

queue until another event arrives that clears the error, or until the timeout

expires. Value is in milliseconds.



6. /proc/sys/net/vsock - VSOCK sockets

--------------------------------------



VSOCK sockets (AF_VSOCK) provide communication between virtual machines and

their hosts. The behavior of VSOCK sockets in a network namespace is determined

by the namespace's mode (``global`` or ``local``), which controls how CIDs

(Context IDs) are allocated and how sockets interact across namespaces.



ns_mode

-------



Read-only. Reports the current namespace's mode, set at namespace creation

and immutable thereafter.



Values:



	- ``global`` - the namespace shares system-wide CID allocation and

	  its sockets can reach any VM or socket in any global namespace.

	  Sockets in this namespace cannot reach sockets in local

	  namespaces.

	- ``local`` - the namespace has private CID allocation and its

	  sockets can only connect to VMs or sockets within the same

	  namespace.



The init_net mode is always ``global``.



child_ns_mode

-------------



Controls what mode newly created child namespaces will inherit. At namespace

creation, ``ns_mode`` is inherited from the parent's ``child_ns_mode``. The

initial value matches the namespace's own ``ns_mode``.



Values:



	- ``global`` - child namespaces will share system-wide CID allocation

	  and their sockets will be able to reach any VM or socket in any

	  global namespace.

	- ``local`` - child namespaces will have private CID allocation and

	  their sockets will only be able to connect within their own

	  namespace.



Changing ``child_ns_mode`` only affects namespaces created after the change;

it does not modify the current namespace or any existing children.



A namespace with ``ns_mode`` set to ``local`` cannot change

``child_ns_mode`` to ``global`` (returns ``-EPERM``).

Documentation/networking/ip-sysctl.rst

+4 −3
Original line number Diff line number Diff line
@@ -3234,12 +3234,13 @@ enhanced_dad - BOOLEAN 
===========



ratelimit - INTEGER

	Limit the maximal rates for sending ICMPv6 messages.

	Limit the maximal rates for sending ICMPv6 messages to a particular

	peer.



	0 to disable any limiting,

	otherwise the minimal space between responses in milliseconds.

	otherwise the space between responses in milliseconds.



	Default: 1000

	Default: 100



ratemask - list of comma separated ranges

	For ICMPv6 message types matching the ranges in the ratemask, limit

drivers/atm/fore200e.c

+4 −0
Original line number Diff line number Diff line
@@ -373,6 +373,10 @@ fore200e_shutdown(struct fore200e* fore200e) 
	fallthrough;

    case FORE200E_STATE_IRQ:

	free_irq(fore200e->irq, fore200e->atm_dev);

#ifdef FORE200E_USE_TASKLET

	tasklet_kill(&fore200e->tx_tasklet);

	tasklet_kill(&fore200e->rx_tasklet);

#endif



	fallthrough;

    case FORE200E_STATE_ALLOC_BUF:

drivers/dpll/zl3073x/ref.h

+2 −0
Original line number Diff line number Diff line
@@ -91,6 +91,8 @@ zl3073x_ref_freq_set(struct zl3073x_ref *ref, u32 freq) 


	ref->freq_base = base;

	ref->freq_mult = mult;

	ref->freq_ratio_m = 1;

	ref->freq_ratio_n = 1;



	return 0;

}

drivers/net/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -333,6 +333,7 @@ config MACSEC 


config NETCONSOLE

	tristate "Network console logging support"

	depends on PRINTK

	help

	  If you want to log kernel messages over the network, enable this.

	  See <file:Documentation/networking/netconsole.rst> for details.