| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181009055347.1610223-1-ast@kernel.org>
Date: Mon, 8 Oct 2018 22:53:47 -0700
From: Alexei Starovoitov <ast@...nel.org>
To: "David S . Miller" <davem@...emloft.net>
CC: <daniel@...earbox.net>, <netdev@...r.kernel.org>,
<kernel-team@...com>
Subject: pull-request: bpf-next 2018-10-08
Hi David,
The following pull-request contains BPF updates for your *net-next* tree.
The main changes are:
1) sk_lookup_[tcp|udp] and sk_release helpers from Joe Stringer which allow
BPF programs to perform lookups for sockets in a network namespace. This would
allow programs to determine early on in processing whether the stack is
expecting to receive the packet, and perform some action (eg drop,
forward somewhere) based on this information.
2) per-cpu cgroup local storage from Roman Gushchin.
Per-cpu cgroup local storage is very similar to simple cgroup storage
except all the data is per-cpu. The main goal of per-cpu variant is to
implement super fast counters (e.g. packet counters), which don't require
neither lookups, neither atomic operations in a fast path.
The example of these hybrid counters is in selftests/bpf/netcnt_prog.c
3) allow HW offload of programs with BPF-to-BPF function calls from Quentin Monnet
4) support more than 64-byte key/value in HW offloaded BPF maps from Jakub Kicinski
5) rename of libbpf interfaces from Andrey Ignatov.
libbpf is maturing as a library and should follow good practices in
library design and implementation to play well with other libraries.
This patch set brings consistent naming convention to global symbols.
6) relicense libbpf as LGPL-2.1 OR BSD-2-Clause from Alexei Starovoitov
to let Apache2 projects use libbpf
7) various AF_XDP fixes from Björn and Magnus
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
Thanks a lot!
----------------------------------------------------------------
The following changes since commit 1042caa79e9351b81ed19dc8d2d7fd6ff51a4422:
net-ipv4: remove 2 always zero parameters from ipv4_redirect() (2018-09-26 20:30:55 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
for you to fetch changes up to df3f94a0bbeb6cb6a02eb16b8e76f16b33cb2f8f:
bpf: fix building without CONFIG_INET (2018-10-09 00:49:44 +0200)
----------------------------------------------------------------
Alexei Starovoitov (1):
libbpf: relicense libbpf as LGPL-2.1 OR BSD-2-Clause
Andrey Ignatov (12):
bpftool: Fix bpftool net output
libbpf: Introduce libbpf_attach_type_by_name
libbpf: Support cgroup_skb/{e,in}gress section names
libbpf: Support sk_skb/stream_{parser, verdict} section names
selftests/bpf: Use libbpf_attach_type_by_name in test_socket_cookie
selftests/bpf: Test libbpf_{prog,attach}_type_by_name
libbpf: Move __dump_nlmsg_t from API to implementation
libbpf: Consistent prefixes for interfaces in libbpf.h.
libbpf: Consistent prefixes for interfaces in nlattr.h.
libbpf: Consistent prefixes for interfaces in str_error.h.
libbpf: Make include guards consistent
libbpf: Use __u32 instead of u32 in bpf_program__load
Arnd Bergmann (1):
bpf: fix building without CONFIG_INET
Arthur Fabre (1):
bpf, doc: Document Jump X addressing mode
Björn Töpel (1):
xsk: proper AF_XDP socket teardown ordering
Bo YU (1):
bpf, tracex3_user: erase "ARRAY_SIZE" redefined
Daniel Borkmann (7):
Merge branch 'bpf-libbpf-attach-by-name'
Merge branch 'bpf-per-cpu-cgroup-storage'
Merge branch 'bpf-big-map-entries'
Merge branch 'bpf-sk-lookup'
Merge branch 'bpf-libbpf-consistent-iface'
Merge branch 'bpf-xsk-fix-mixed-mode'
Merge branch 'bpf-to-bpf-calls-nfp'
Jakub Kicinski (5):
nfp: bpf: parse global BPF ABI version capability
nfp: allow apps to request larger MTU on control vNIC
nfp: bpf: allow control message sizing for map ops
ethtool: rename local variable max -> curr
ethtool: don't allow disabling queues with umem installed
Joe Stringer (14):
bpf: Add iterator for spilled registers
bpf: Simplify ptr_min_max_vals adjustment
bpf: Reuse canonical string formatter for ctx errs
bpf: Generalize ptr_or_null regs check
bpf: Add PTR_TO_SOCKET verifier type
bpf: Macrofy stack state copy
bpf: Add reference tracking to verifier
bpf: Add helper to retrieve socket in BPF
selftests/bpf: Generalize dummy program types
selftests/bpf: Add tests for reference tracking
libbpf: Support loading individual progs
selftests/bpf: Add C tests for reference tracking
Documentation: Describe bpf reference tracking
net: core: Fix build with CONFIG_IPV6=m
Konrad Djimeli (1):
bpf: typo fix in Documentation/networking/af_xdp.rst
Magnus Karlsson (3):
net: add umem reference in netdev{_rx}_queue
xsk: fix bug when trying to use both copy and zero-copy on one queue id
xsk: simplify xdp_clear_umem_at_qid implementation
Quentin Monnet (12):
bpf: add verifier callback to get stack usage info for offloaded progs
nfp: bpf: rename nfp_prog->stack_depth as nfp_prog->stack_frame_depth
nfp: bpf: copy eBPF subprograms information from kernel verifier
nfp: bpf: ignore helper-related checks for BPF calls in nfp verifier
nfp: bpf: account for BPF-to-BPF calls when preparing nfp JIT
nfp: bpf: add main logics for BPF-to-BPF calls support in nfp driver
nfp: bpf: account for additional stack usage when checking stack limit
nfp: bpf: update fixup function for BPF-to-BPF calls support
nfp: bpf: fix return address from register-saving subroutine to callee
nfp: bpf: optimise save/restore for R6~R9 based on register usage
nfp: bpf: support pointers to other stack frames for BPF-to-BPF calls
bpf: allow offload of programs with BPF-to-BPF function calls
Roman Gushchin (10):
bpf: extend cgroup bpf core to allow multiple cgroup storage types
bpf: rework cgroup storage pointer passing
bpf: introduce per-cpu cgroup local storage
bpf: don't allow create maps of per-cpu cgroup local storages
bpf: sync include/uapi/linux/bpf.h to tools/include/uapi/linux/bpf.h
bpftool: add support for PERCPU_CGROUP_STORAGE maps
selftests/bpf: add verifier per-cpu cgroup storage tests
selftests/bpf: extend the storage test to test per-cpu cgroup storage
samples/bpf: extend test_cgrp2_attach2 test to use per-cpu cgroup storage
selftests/bpf: cgroup local storage-based network counters
Song Liu (1):
bpf: test_bpf: add init_net to dev for flow_dissector
Yonghong Song (1):
bpf: permit CGROUP_DEVICE programs accessing helper bpf_get_current_cgroup_id()
Documentation/networking/af_xdp.rst | 4 +-
Documentation/networking/filter.txt | 94 +-
drivers/net/ethernet/netronome/nfp/bpf/cmsg.c | 71 +-
drivers/net/ethernet/netronome/nfp/bpf/fw.h | 11 +-
drivers/net/ethernet/netronome/nfp/bpf/jit.c | 381 ++++++-
drivers/net/ethernet/netronome/nfp/bpf/main.c | 52 +-
drivers/net/ethernet/netronome/nfp/bpf/main.h | 63 +-
drivers/net/ethernet/netronome/nfp/bpf/offload.c | 11 +-
drivers/net/ethernet/netronome/nfp/bpf/verifier.c | 141 ++-
drivers/net/ethernet/netronome/nfp/nfp_app.h | 4 +
drivers/net/ethernet/netronome/nfp/nfp_asm.h | 9 +
.../net/ethernet/netronome/nfp/nfp_net_common.c | 14 +-
drivers/net/ethernet/netronome/nfp/nfp_net_ctrl.h | 1 -
drivers/net/netdevsim/bpf.c | 8 +-
include/linux/bpf-cgroup.h | 55 +-
include/linux/bpf.h | 47 +-
include/linux/bpf_types.h | 1 +
include/linux/bpf_verifier.h | 38 +-
include/linux/netdevice.h | 6 +
include/net/xdp_sock.h | 7 +
include/uapi/linux/bpf.h | 94 +-
kernel/bpf/cgroup.c | 76 +-
kernel/bpf/helpers.c | 25 +-
kernel/bpf/local_storage.c | 169 +++-
kernel/bpf/map_in_map.c | 3 +-
kernel/bpf/offload.c | 18 +
kernel/bpf/syscall.c | 20 +-
kernel/bpf/verifier.c | 640 +++++++++---
lib/test_bpf.c | 1 +
net/bpf/test_run.c | 20 +-
net/core/ethtool.c | 23 +-
net/core/filter.c | 187 +++-
net/xdp/xdp_umem.c | 98 +-
net/xdp/xdp_umem.h | 2 +-
net/xdp/xsk.c | 20 +-
samples/bpf/test_cgrp2_attach2.c | 19 +-
samples/bpf/tracex3_user.c | 2 -
tools/bpf/bpftool/map.c | 4 +-
tools/bpf/bpftool/net.c | 41 +-
tools/bpf/bpftool/netlink_dumper.c | 32 +-
tools/bpf/bpftool/netlink_dumper.h | 18 +-
tools/include/uapi/linux/bpf.h | 94 +-
tools/lib/bpf/Makefile | 2 +-
tools/lib/bpf/bpf.c | 2 +-
tools/lib/bpf/bpf.h | 8 +-
tools/lib/bpf/btf.c | 2 +-
tools/lib/bpf/btf.h | 8 +-
tools/lib/bpf/libbpf.c | 170 ++--
tools/lib/bpf/libbpf.h | 49 +-
tools/lib/bpf/libbpf_errno.c | 15 +-
tools/lib/bpf/netlink.c | 50 +-
tools/lib/bpf/nlattr.c | 71 +-
tools/lib/bpf/nlattr.h | 72 +-
tools/lib/bpf/str_error.c | 4 +-
tools/lib/bpf/str_error.h | 10 +-
tools/testing/selftests/bpf/Makefile | 6 +-
tools/testing/selftests/bpf/bpf_helpers.h | 12 +
tools/testing/selftests/bpf/netcnt_common.h | 24 +
tools/testing/selftests/bpf/netcnt_prog.c | 71 ++
tools/testing/selftests/bpf/test_cgroup_storage.c | 60 +-
tools/testing/selftests/bpf/test_netcnt.c | 158 +++
tools/testing/selftests/bpf/test_progs.c | 38 +
tools/testing/selftests/bpf/test_section_names.c | 208 ++++
tools/testing/selftests/bpf/test_sk_lookup_kern.c | 180 ++++
tools/testing/selftests/bpf/test_socket_cookie.c | 6 +-
tools/testing/selftests/bpf/test_verifier.c | 1041 ++++++++++++++++++--
66 files changed, 4184 insertions(+), 707 deletions(-)
create mode 100644 tools/testing/selftests/bpf/netcnt_common.h
create mode 100644 tools/testing/selftests/bpf/netcnt_prog.c
create mode 100644 tools/testing/selftests/bpf/test_netcnt.c
create mode 100644 tools/testing/selftests/bpf/test_section_names.c
create mode 100644 tools/testing/selftests/bpf/test_sk_lookup_kern.c
Powered by blists - more mailing lists