Roxana Nicolescu

lp:~roxanan/+git/focal

  1. Git
  2. lp:~roxanan/+git/focal
Owned by Roxana Nicolescu
Get this repository:
git clone https://git.launchpad.net/~roxanan/+git/focal
Only Roxana Nicolescu can upload to this repository. If you are Roxana Nicolescu please log in for upload directions.

Branches

Name Last Modified Last Commit
annotation-migration 2023-09-27 13:17:24 UTC
UBUNTU: [Config] migrate all configs into annotations

Author: Roxana Nicolescu
Author Date: 2023-09-27 12:54:57 UTC

UBUNTU: [Config] migrate all configs into annotations

BugLink: https://bugs.launchpad.net/bugs/2019000

Signed-off-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
master-next 2023-09-22 07:46:02 UTC
net: Avoid address overwrite in kernel_connect

Author: Jordan Rife
Author Date: 2023-09-12 19:49:27 UTC

net: Avoid address overwrite in kernel_connect

BugLink: https://bugs.launchpad.net/bugs/2035163

BPF programs that run on connect can rewrite the connect address. For
the connect system call this isn't a problem, because a copy of the address
is made when it is moved into kernel space. However, kernel_connect
simply passes through the address it is given, so the caller may observe
its address value unexpectedly change.

A practical example where this is problematic is where NFS is combined
with a system such as Cilium which implements BPF-based load balancing.
A common pattern in software-defined storage systems is to have an NFS
mount that connects to a persistent virtual IP which in turn maps to an
ephemeral server IP. This is usually done to achieve high availability:
if your server goes down you can quickly spin up a replacement and remap
the virtual IP to that endpoint. With BPF-based load balancing, mounts
will forget the virtual IP address when the address rewrite occurs
because a pointer to the only copy of that address is passed down the
stack. Server failover then breaks, because clients have forgotten the
virtual IP address. Reconnects fail and mounts remain broken. This patch
was tested by setting up a scenario like this and ensuring that NFS
reconnects worked after applying the patch.

Signed-off-by: Jordan Rife <jrife@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(backported from commit 0bdf399342c5acbd817c9098b6c7ed21f1974312)
[ kmously: adjusted for lack of READ_ONCE() ]
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
12 of 2 results FirstPreviousNextLast
This repository contains Public information 
Everyone can see this information.

Subscribers