| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Jan 2020 16:24:36 +0000
From: Lorenz Bauer <lmb@...udflare.com>
To: Jakub Sitnicki <jakub@...udflare.com>
Cc: bpf <bpf@...r.kernel.org>, Networking <netdev@...r.kernel.org>,
kernel-team <kernel-team@...udflare.com>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Daniel Borkmann <daniel@...earbox.net>,
John Fastabend <john.fastabend@...il.com>,
Martin Lau <kafai@...com>
Subject: Re: [PATCH bpf-next v3 06/12] bpf, sockmap: Don't set up sockmap
progs for listening sockets
On Wed, 22 Jan 2020 at 13:06, Jakub Sitnicki <jakub@...udflare.com> wrote:
> @@ -352,7 +376,15 @@ static int sock_map_update_common(struct bpf_map *map, u32 idx,
> if (!link)
> return -ENOMEM;
>
> - ret = sock_map_link(map, &stab->progs, sk);
> + /* Only established or almost established sockets leaving
> + * SYN_RECV state need to hold refs to parser/verdict progs
> + * and have their sk_data_ready and sk_write_space callbacks
> + * overridden.
> + */
> + if (sk->sk_state == TCP_LISTEN)
> + ret = sock_map_link_no_progs(map, sk);
> + else
> + ret = sock_map_link(map, &stab->progs, sk);
Could you use sock_map_redirect_okay from the previous patch here
instead of checking for TCP_LISTEN?
--
Lorenz Bauer | Systems Engineer
6th Floor, County Hall/The Riverside Building, SE1 7PB, UK
www.cloudflare.com
Powered by blists - more mailing lists