| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Aug 2018 01:49:22 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: davem@...emloft.net
Cc: daniel@...earbox.net, ast@...nel.org, netdev@...r.kernel.org
Subject: pull-request: bpf-next 2018-08-13
Hi David,
The following pull-request contains BPF updates for your *net-next* tree.
The main changes are:
1) Add driver XDP support for veth. This can be used in conjunction with
redirect of another XDP program e.g. sitting on NIC so the xdp_frame
can be forwarded to the peer veth directly without modification,
from Toshiaki.
2) Add a new BPF map type REUSEPORT_SOCKARRAY and prog type SK_REUSEPORT
in order to provide more control and visibility on where a SO_REUSEPORT
sk should be located, and the latter enables to directly select a sk
from the bpf map. This also enables map-in-map for application migration
use cases, from Martin.
3) Add a new BPF helper bpf_skb_ancestor_cgroup_id() that returns the id
of cgroup v2 that is the ancestor of the cgroup associated with the
skb at the ancestor_level, from Andrey.
4) Implement BPF fs map pretty-print support based on BTF data for regular
hash table and LRU map, from Yonghong.
5) Decouple the ability to attach BTF for a map from the key and value
pretty-printer in BPF fs, and enable further support of BTF for maps for
percpu and LPM trie, from Daniel.
6) Implement a better BPF sample of using XDP's CPU redirect feature for
load balancing SKB processing to remote CPU. The sample implements the
same XDP load balancing as Suricata does which is symmetric hash based
on IP and L4 protocol, from Jesper.
7) Revert adding NULL pointer check with WARN_ON_ONCE() in __xdp_return()'s
critical path as it is ensured that the allocator is present, from Björn.
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
Thanks a lot!
----------------------------------------------------------------
The following changes since commit a736e074680745faa5dc6be8dd3c58ad4850aab9:
Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net (2018-08-09 11:52:36 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
for you to fetch changes up to 2ce3206b9eb3943de09f3bf4ec9134568420d8b9:
Merge branch 'bpf-ancestor-cgroup-id' (2018-08-13 01:02:41 +0200)
----------------------------------------------------------------
Andrey Ignatov (4):
bpf: Introduce bpf_skb_ancestor_cgroup_id helper
bpf: Sync bpf.h to tools/
selftests/bpf: Add cgroup id helpers to bpf_helpers.h
selftests/bpf: Selftest for bpf_skb_ancestor_cgroup_id
Björn Töpel (1):
Revert "xdp: add NULL pointer check in __xdp_return()"
Daniel Borkmann (6):
Merge branch 'bpf-sample-cpumap-lb'
Merge branch 'bpf-veth-xdp-support'
Merge branch 'bpf-btf-for-htab-lru'
Merge branch 'bpf-reuseport-map'
bpf: decouple btf from seq bpf fs dump and enable more maps
Merge branch 'bpf-ancestor-cgroup-id'
Jesper Dangaard Brouer (2):
samples/bpf: add Paul Hsieh's (LGPL 2.1) hash function SuperFastHash
samples/bpf: xdp_redirect_cpu load balance like Suricata
Martin KaFai Lau (9):
tcp: Avoid TCP syncookie rejected by SO_REUSEPORT socket
net: Add ID (if needed) to sock_reuseport and expose reuseport_lock
bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY
bpf: Introduce BPF_PROG_TYPE_SK_REUSEPORT
bpf: Enable BPF_PROG_TYPE_SK_REUSEPORT bpf prog in reuseport selection
bpf: Refactor ARRAY_SIZE macro to bpf_util.h
bpf: Sync bpf.h uapi to tools/
bpf: test BPF_MAP_TYPE_REUSEPORT_SOCKARRAY
bpf: Test BPF_PROG_TYPE_SK_REUSEPORT
Toshiaki Makita (10):
net: Export skb_headers_offset_update
veth: Add driver XDP
veth: Avoid drops by oversized packets when XDP is enabled
xdp: Helper function to clear kernel pointers in xdp_frame
veth: Handle xdp_frames in xdp napi ring
veth: Add ndo_xdp_xmit
bpf: Make redirect_info accessible from modules
xdp: Helpers for disabling napi_direct of xdp_return_frame
veth: Add XDP TX and REDIRECT
veth: Support per queue XDP ring
Yonghong Song (3):
bpf: fix bpffs non-array map seq_show issue
bpf: btf: add pretty print for hash/lru_hash maps
tools/bpf: add bpffs pretty print btf test for hash/lru_hash maps
drivers/net/veth.c | 750 ++++++++++++++++++++-
include/linux/bpf.h | 41 +-
include/linux/bpf_types.h | 6 +
include/linux/cgroup.h | 30 +
include/linux/filter.h | 51 ++
include/linux/skbuff.h | 1 +
include/net/addrconf.h | 1 +
include/net/sock_reuseport.h | 19 +-
include/net/tcp.h | 30 +-
include/net/xdp.h | 7 +
include/uapi/linux/bpf.h | 56 +-
kernel/bpf/Makefile | 3 +
kernel/bpf/arraymap.c | 28 +-
kernel/bpf/cpumap.c | 1 +
kernel/bpf/devmap.c | 1 +
kernel/bpf/hashtab.c | 26 +
kernel/bpf/inode.c | 11 +-
kernel/bpf/local_storage.c | 1 +
kernel/bpf/lpm_trie.c | 12 +
kernel/bpf/reuseport_array.c | 363 ++++++++++
kernel/bpf/sockmap.c | 2 +
kernel/bpf/stackmap.c | 1 +
kernel/bpf/syscall.c | 42 +-
kernel/bpf/verifier.c | 9 +
kernel/bpf/xskmap.c | 3 +-
net/core/filter.c | 411 +++++++++--
net/core/skbuff.c | 3 +-
net/core/sock_reuseport.c | 92 ++-
net/core/xdp.c | 9 +-
net/ipv4/inet_connection_sock.c | 9 +
net/ipv4/inet_hashtables.c | 19 +-
net/ipv4/udp.c | 9 +-
net/ipv6/inet6_hashtables.c | 14 +-
net/ipv6/udp.c | 4 +
samples/bpf/hash_func01.h | 55 ++
samples/bpf/xdp_redirect_cpu_kern.c | 103 +++
samples/bpf/xdp_redirect_cpu_user.c | 4 +-
tools/include/uapi/linux/bpf.h | 56 +-
tools/lib/bpf/bpf.c | 1 +
tools/lib/bpf/bpf.h | 1 +
tools/lib/bpf/libbpf.c | 1 +
tools/testing/selftests/bpf/Makefile | 11 +-
tools/testing/selftests/bpf/bpf_helpers.h | 8 +
tools/testing/selftests/bpf/bpf_util.h | 4 +
tools/testing/selftests/bpf/test_align.c | 5 +-
tools/testing/selftests/bpf/test_btf.c | 92 ++-
tools/testing/selftests/bpf/test_maps.c | 262 ++++++-
.../testing/selftests/bpf/test_select_reuseport.c | 688 +++++++++++++++++++
.../selftests/bpf/test_select_reuseport_common.h | 36 +
.../selftests/bpf/test_select_reuseport_kern.c | 180 +++++
tools/testing/selftests/bpf/test_skb_cgroup_id.sh | 62 ++
.../selftests/bpf/test_skb_cgroup_id_kern.c | 47 ++
.../selftests/bpf/test_skb_cgroup_id_user.c | 187 +++++
tools/testing/selftests/bpf/test_sock.c | 5 +-
tools/testing/selftests/bpf/test_sock_addr.c | 5 +-
tools/testing/selftests/bpf/test_verifier.c | 5 +-
56 files changed, 3707 insertions(+), 176 deletions(-)
create mode 100644 kernel/bpf/reuseport_array.c
create mode 100644 samples/bpf/hash_func01.h
create mode 100644 tools/testing/selftests/bpf/test_select_reuseport.c
create mode 100644 tools/testing/selftests/bpf/test_select_reuseport_common.h
create mode 100644 tools/testing/selftests/bpf/test_select_reuseport_kern.c
create mode 100755 tools/testing/selftests/bpf/test_skb_cgroup_id.sh
create mode 100644 tools/testing/selftests/bpf/test_skb_cgroup_id_kern.c
create mode 100644 tools/testing/selftests/bpf/test_skb_cgroup_id_user.c
Powered by blists - more mailing lists