AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-20 14:08:30 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
973,707 Commits 1 Branch 0 Tags 2 GiB
C 97.7%
Assembly 1.2%
Shell 0.3%
Makefile 0.3%
Python 0.2%
Other 0.1%
6c1ea8bee7
Go to file
Jonathon Reinhart 6c1ea8bee7 net: Only allow init netns to set default tcp cong to a restricted algo 
commit 8d432592f30fcc34ef5a10aac4887b4897884493 upstream.

tcp_set_default_congestion_control() is netns-safe in that it writes
to &net->ipv4.tcp_congestion_control, but it also sets
ca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced.
This has the unintended side-effect of changing the global
net.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it
is read-only: 97684f0970f6 ("net: Make tcp_allowed_congestion_control
readonly in non-init netns")

Resolve this netns "leak" by only allowing the init netns to set the
default algorithm to one that is restricted. This restriction could be
removed if tcp_allowed_congestion_control were namespace-ified in the
future.

This bug was uncovered with
https://github.com/JonathonReinhart/linux-netns-sysctl-verify

Fixes: 6670e15244 ("tcp: Namespace-ify sysctl_tcp_default_congestion_control")
Signed-off-by: Jonathon Reinhart <jonathon.reinhart@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-05-14 09:50:46 +02:00
arch arm64: Remove arm64_dma32_phys_limit and its uses 2021-05-14 09:50:46 +02:00
block block: return -EBUSY when there are open partitions in blkdev_reread_part 2021-04-28 13:39:59 +02:00
certs certs: Fix blacklist flag type confusion 2021-03-04 11:37:59 +01:00
crypto async_xor: increase src_offs when dropping destination page 2021-05-14 09:49:59 +02:00
Documentation media: docs: Fix data organization of MEDIA_BUS_FMT_RGB101010_1X30 2021-05-14 09:50:23 +02:00
drivers RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res 2021-05-14 09:50:44 +02:00
fs afs: Fix speculative status fetches 2021-05-14 09:50:45 +02:00
include net: bridge: mcast: fix broken length + header check for MRDv6 Adv. 2021-05-14 09:50:44 +02:00
init seccomp: Fix CONFIG tests for Seccomp_filters 2021-05-14 09:50:24 +02:00
ipc ipc: adjust proc_ipc_sem_dointvec definition to match prototype 2020-09-05 12:14:29 -07:00
kernel bpf: Prevent writable memory-mapping of read-only ringbuf pages 2021-05-14 09:50:46 +02:00
lib bug: Remove redundant condition check in report_bug 2021-05-14 09:50:32 +02:00
LICENSES LICENSES/deprecated: add Zlib license text 2020-09-16 14:33:49 +02:00
mm mm/memory-failure: unnecessary amount of unmapping 2021-05-14 09:50:45 +02:00
net net: Only allow init netns to set default tcp cong to a restricted algo 2021-05-14 09:50:46 +02:00
samples kfifo: fix ternary sign extension bugs 2021-05-14 09:50:45 +02:00
scripts kasan: fix hwasan build for gcc 2021-04-28 13:40:02 +02:00
security ima: Fix the error code for restoring the PCR value 2021-05-14 09:50:30 +02:00
sound ALSA: usb: midi: don't return -ENOMEM when usb_urb_ep_type_check fails 2021-05-14 09:50:40 +02:00
tools perf session: Add swap operation for event TIME_CONV 2021-05-14 09:50:45 +02:00
usr Merge branch 'work.fdpic' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2020-08-07 13:29:39 -07:00
virt KVM: Stop looking for coalesced MMIO zones if the bus is destroyed 2021-05-14 09:50:04 +02:00
.clang-format RDMA 5.10 pull request 2020-10-17 11:18:18 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes
.gitignore .gitignore: docs: ignore sphinx_*/ directories 2020-09-10 10:44:31 -06:00
.mailmap mailmap: add two more addresses of Uwe Kleine-König 2020-12-06 10:19:07 -08:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Jason Cooper to CREDITS 2020-11-30 10:20:34 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: move the staging subsystem to lists.linux.dev 2021-03-25 09:04:18 +01:00
Makefile Linux 5.10.36 2021-05-11 14:47:41 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.