| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4c9020de-80c6-2b70-d9db-1759ea579780@fb.com>
Date: Wed, 28 Jun 2017 12:53:43 -0700
From: Alexei Starovoitov <ast@...com>
To: Lawrence Brakmo <brakmo@...com>, netdev <netdev@...r.kernel.org>
CC: Kernel Team <kernel-team@...com>, Blake Matheny <bmatheny@...com>,
Daniel Borkmann <daniel@...earbox.net>,
David Ahern <dsa@...ulusnetworks.com>
Subject: Re: [PATCH net-next v4 01/16] bpf: BPF support for sock_ops
On 6/28/17 10:31 AM, Lawrence Brakmo wrote:
> +#ifdef CONFIG_BPF
> +static inline int tcp_call_bpf(struct sock *sk, bool is_req_sock, int op)
> +{
> + struct bpf_sock_ops_kern sock_ops;
> + int ret;
> +
> + if (!is_req_sock)
> + sock_owned_by_me(sk);
> +
> + memset(&sock_ops, 0, sizeof(sock_ops));
> + sock_ops.sk = sk;
> + sock_ops.is_req_sock = is_req_sock;
> + sock_ops.op = op;
> +
> + ret = BPF_CGROUP_RUN_PROG_SOCK_OPS(&sock_ops);
> + if (ret == 0)
> + ret = sock_ops.reply;
> + else
> + ret = -1;
> + return ret;
> +}
the switch to cgroup attached only made it really nice and clean.
No global state to worry about.
I haven't looked through the minor patch details, but overall
it all looks good to me. I don't have any architectural concerns.
Acked-by: Alexei Starovoitov <ast@...nel.org>
Powered by blists - more mailing lists