JIRA: https://issues.redhat.com/browse/RHEL-31230
Conflicts:
1) The net/netfilter/Makefile hunk is dropped due to missing
nft_ct_fast.c file first intruduced by commit d9e789147605
("netfilter: nf_tables: avoid retpoline overhead for some ct
expression calls").
2) A merge conflict in the tools/objtool/check.c hunk due to missing
upstream commit 9bb2ec608a20 ("objtool: Update Retpoline validation").
3) First hunk of net/netfilter/nf_tables_core.c is dropped and a merge
conflict in the second hunk due to missing upstream commit
d8d760627855 ("netfilter: nf_tables: add static key to skip retpoline
workarounds").
4) The net/netfilter/nft_ct.c hunks are dropped due to missing upstream
commit d9e789147605 ("netfilter: nf_tables: avoid retpoline overhead
for some ct expression calls").
commit aefb2f2e619b6c334bcb31de830aa00ba0b11129
Author: Breno Leitao <leitao@debian.org>
Date: Tue, 21 Nov 2023 08:07:32 -0800
x86/bugs: Rename CONFIG_RETPOLINE => CONFIG_MITIGATION_RETPOLINE
Step 5/10 of the namespace unification of CPU mitigations related Kconfig options.
[ mingo: Converted a few more uses in comments/messages as well. ]
Suggested-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Breno Leitao <leitao@debian.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Reviewed-by: Ariel Miculas <amiculas@cisco.com>
Acked-by: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Link: https://lore.kernel.org/r/20231121160740.1249350-6-leitao@debian.org
Signed-off-by: Waiman Long <longman@redhat.com>
JIRA: https://issues.redhat.com/browse/RHEL-36218
commit ba24ea129126362e7139fed4e13701ca5b71ac0b
Author: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Thu Dec 21 16:31:03 2023 -0500
net/sched: Retire ipt action
The tc ipt action was intended to run all netfilter/iptables target.
Unfortunately it has not benefitted over the years from proper updates when
netfilter changes, and for that reason it has remained rudimentary.
Pinging a bunch of people that i was aware were using this indicates that
removing it wont affect them.
Retire it to reduce maintenance efforts. Buh-bye.
Reviewed-by: Victor Noguiera <victor@mojatatu.com>
Reviewed-by: Pedro Tammela <pctammela@mojatatu.com>
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2172886
commit 265b4da82dbf5df04bee5a5d46b7474b1aaf326a
Author: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Tue Feb 14 08:49:15 2023 -0500
net/sched: Retire rsvp classifier
The rsvp classifier has served us well for about a quarter of a century but has
has not been getting much maintenance attention due to lack of known users.
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
Acked-by: Jiri Pirko <jiri@nvidia.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2172886
Conflicts:
- conflicts due to previous backports to cls_tcindex
commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28
Author: Jamal Hadi Salim <jhs@mojatatu.com>
Date: Tue Feb 14 08:49:14 2023 -0500
net/sched: Retire tcindex classifier
The tcindex classifier has served us well for about a quarter of a century
but has not been getting much TLC due to lack of known users. Most recently
it has become easy prey to syzkaller. For this reason, we are retiring it.
Signed-off-by: Jamal Hadi Salim <jhs@mojatatu.com>
Acked-by: Jiri Pirko <jiri@nvidia.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2172886
commit 40cab44b9089a41f71bbd0eff753eb91d5dafd68
Author: Pedro Tammela <pctammela@mojatatu.com>
Date: Tue Dec 27 11:04:59 2022 -0300
net/sched: fix retpoline wrapper compilation on configs without tc filters
Rudi reports a compilation failure on x86_64 when CONFIG_NET_CLS or
CONFIG_NET_CLS_ACT is not set but CONFIG_RETPOLINE is set.
A misplaced '#endif' was causing the issue.
Fixes: 7f0e810220e2 ("net/sched: add retpoline wrapper for tc")
Tested-by: Rudi Heitbaum <rudi@heitbaum.com>
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2172886
commit 7f0e810220e2d985338ecdd907c1598404db251d
Author: Pedro Tammela <pctammela@mojatatu.com>
Date: Tue Dec 6 10:55:11 2022 -0300
net/sched: add retpoline wrapper for tc
On kernels using retpoline as a spectrev2 mitigation,
optimize actions and filters that are compiled as built-ins into a direct call.
On subsequent patches we expose the classifiers and actions functions
and wire up the wrapper into tc.
Signed-off-by: Pedro Tammela <pctammela@mojatatu.com>
Reviewed-by: Jamal Hadi Salim <jhs@mojatatu.com>
Reviewed-by: Victor Nogueira <victor@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Waiman Long
Ivan Vecera