Unnamed repository; edit this file 'description' to name the repository. https://gitea.privatedns.org/xavi/android_kernel_m2note/atom?h=ng-7.1.2 2017-05-23T17:59:15+00:00 2017-05-23T17:59:15+00:00 Lorenzo Colitti lorenzo@google.com 2016-11-03T17:23:43+00:00 urn:sha1:a9b18d8bc8fac0a39fab7c84ac9d951472a53558 - Use the UID in routing lookups made by protocol connect() and sendmsg() functions. - Make sure that routing lookups triggered by incoming packets (e.g., Path MTU discovery) take the UID of the socket into account. - For packets not associated with a userspace socket, (e.g., ping replies) use UID 0 inside the user namespace corresponding to the network namespace the socket belongs to. This allows all namespaces to apply routing and iptables rules to kernel-originated traffic in that namespaces by matching UID 0. This is better than using the UID of the kernel socket that is sending the traffic, because the UID of kernel sockets created at namespace creation time (e.g., the per-processor ICMP and TCP sockets) is the UID of the user that created the socket, which might not be mapped in the namespace. [Backport of net-next e2d118a1cb5e60d077131a09db1d81b90a5295fe] Bug: 16355602 Change-Id: I126f8359887b5b5bbac68daf0ded89e899cb7cb0 Tested: compiles allnoconfig, allyesconfig, allmodconfig Tested: https://android-review.googlesource.com/253302 Signed-off-by: Lorenzo Colitti <lorenzo@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Francisco Franco <franciscofranco.1990@gmail.com> 2017-05-23T11:49:44+00:00 Lorenzo Colitti lorenzo@google.com 2016-12-14T17:23:01+00:00 urn:sha1:90f539dbad9659112b649839b00f1897b7b2a6dc This reverts commit f6f535d3e0d8da2b5bc3c93690c47485d29e4ce6. Bug: 16355602 Change-Id: I5987e276f5ddbe425ea3bd86861cee0ae22212d9 Signed-off-by: Francisco Franco <franciscofranco.1990@gmail.com> 2017-05-22T09:13:11+00:00 Eric Dumazet edumazet@google.com 2017-05-09T13:29:19+00:00 urn:sha1:de0ad44c35234961ecf77767a471e9e8117e1aca syzkaller found a way to trigger double frees from ip_mc_drop_socket() It turns out that leave a copy of parent mc_list at accept() time, which is very bad. Very similar to commit 8b485ce69876 ("tcp: do not inherit fastopen_req from parent") Initial report from Pray3r, completed by Andrey one. Thanks a lot to them ! Change-Id: I9ab96385fcbcad25d3e6829927d586b91d22afe8 Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: Pray3r <pray3r.z@gmail.com> Reported-by: Andrey Konovalov <andreyknvl@google.com> Tested-by: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-04-29T14:47:32+00:00 Mister Oyster oysterized@gmail.com 2017-04-29T14:27:14+00:00 urn:sha1:3e0e49ebddd860ad6cceca5868de4c96858154a2 2017-04-13T10:32:19+00:00 Subash Abhinov Kasiviswanathan subashab@codeaurora.org 2015-08-19T22:33:59+00:00 urn:sha1:b814a93adfaebe63094da43ca155a871ed5bfd5d Reserved ports may have some special use cases which are not suitable for use by general userspace applications. Currently, ports specified in ip_local_reserved_ports will not be returned only in case of automatic port assignment. Add a boolean sysctl flag 'reserved_port_bind'. Default value is 1 which preserves the existing behavior. Setting the value to 0 will prevent userspace applications from binding to these ports even when they are explicitly requested. BUG=20663075 Change-Id: Ib1071ca5bd437cd3c4f71b56147e4858f3b9ebec Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> Signed-off-by: Mekala Natarajan <mekalan@codeaurora.org> 2016-08-15T02:19:42+00:00 Meizu OpenSource patchwork@meizu.com 2016-08-15T02:19:42+00:00 urn:sha1:d2e1446d81725c351dc73a03b397ce043fb18452