lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 2 Mar 2020 16:23:24 +0800
From:   Forrest Chen <forrest0579@...il.com>
To:     bpf <bpf@...r.kernel.org>
Cc:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        John Fastabend <john.fastabend@...il.com>,
        "David S . Miller" <davem@...emloft.net>,
        Networking <netdev@...r.kernel.org>,
        Petar Penkov <ppenkov.kernel@...il.com>,
        Song Liu <song@...nel.org>,
        Andrii Nakryiko <andrii.nakryiko@...il.com>
Subject: Re: [PATCH v4 bpf-next 0/3] bpf: Add get_netns_id helper for sock_ops

Find that all three commits are acked by the maintainer. Could we
merge this to the upstream? Or do we have any other comments?


Lingpeng Chen <forrest0579@...il.com> 于2020年2月25日周二 下午12:46写道:
>
> Currently 5-tuple(sip+dip+sport+dport+proto) can't identify a
> uniq connection because there may be multi net namespace.
> For example, there may be a chance that netns a and netns b all
> listen on 127.0.0.1:8080 and the client with same port 40782
> connect to them. Without netns number, sock ops program
> can't distinguish them.
> Using bpf_get_netns_id helpers to get current connection
> netns number to distinguish connections.
>
> Changes in v4:
> - rename get_netns_id_sock_ops to get_getns_id
> - rebase from bpf-next
>
> Changes in v3:
> - rename sock_ops_get_netns to get_netns_id
>
> Changes in v2:
> - Return u64 instead of u32 for sock_ops_get_netns
> - Fix build bug when CONFIG_NET_NS not set
> - Add selftest for sock_ops_get_netns
>
> Lingpeng Chen (3):
>   bpf: Add get_netns_id helper function for sock_ops
>   bpf: Sync uapi bpf.h to tools/
>   selftests/bpf: add selftest for get_netns_id helper
>
>  include/uapi/linux/bpf.h                      |  9 +++-
>  net/core/filter.c                             | 20 ++++++++
>  tools/include/uapi/linux/bpf.h                |  9 +++-
>  .../selftests/bpf/progs/test_tcpbpf_kern.c    | 11 +++++
>  .../testing/selftests/bpf/test_tcpbpf_user.c  | 46 ++++++++++++++++++-
>  5 files changed, 92 insertions(+), 3 deletions(-)
>
>
> base-commit e0360423d020
> ("selftests/bpf: Run SYN cookies with reuseport BPF test only for TCP")
> --
> 2.20.1
>


-- 
Beijing University of Posts and Telecommunications
forrest0579@...il.com

Powered by blists - more mailing lists