| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Apr 2019 20:02:48 +0100
From: Quentin Monnet <quentin.monnet@...ronome.com>
To: Stanislav Fomichev <sdf@...gle.com>, netdev@...r.kernel.org,
bpf@...r.kernel.org
Cc: davem@...emloft.net, ast@...nel.org, daniel@...earbox.net,
jakub.kicinski@...ronome.com
Subject: Re: [PATCH bpf-next v3 2/2] bpftool: show flow_dissector attachment
status
2019-04-24 11:52 UTC-0700 ~ Stanislav Fomichev <sdf@...gle.com>
> Right now there is no way to query whether BPF flow_dissector program
> is attached to a network namespace or not. In previous commit, I added
> support for querying that info, show it when doing `bpftool net`:
>
> $ bpftool prog loadall ./bpf_flow.o \
> /sys/fs/bpf/flow type flow_dissector \
> pinmaps /sys/fs/bpf/flow
> $ bpftool prog
> 3: flow_dissector name _dissect tag 8c9e917b513dd5cc gpl
> loaded_at 2019-04-23T16:14:48-0700 uid 0
> xlated 656B jited 461B memlock 4096B map_ids 1,2
> btf_id 1
> ...
>
> $ bpftool net -j
> [{"xdp":[],"tc":[],"flow_dissector":[]}]
>
> $ bpftool prog attach pinned \
> /sys/fs/bpf/flow/flow_dissector flow_dissector
> $ bpftool net -j
> [{"xdp":[],"tc":[],"flow_dissector":["id":3]}]
>
> Doesn't show up in a different net namespace:
> $ ip netns add test
> $ ip netns exec test bpftool net -j
> [{"xdp":[],"tc":[],"flow_dissector":[]}]
>
> Non-json output:
> $ bpftool net
> xdp:
>
> tc:
>
> flow_dissector:
> id 3
>
> v2:
> * initialization order (Jakub Kicinski)
> * clear errno for batch mode (Quentin Monnet)
>
> Signed-off-by: Stanislav Fomichev <sdf@...gle.com>
> ---
Reviewed-by: Quentin Monnet <quentin.monnet@...ronome.com>
Thanks!
Powered by blists - more mailing lists