| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200331012815.3258314-1-ast@kernel.org>
Date: Mon, 30 Mar 2020 18:28:15 -0700
From: Alexei Starovoitov <ast@...nel.org>
To: <davem@...emloft.net>
CC: <daniel@...earbox.net>, <netdev@...r.kernel.org>,
<bpf@...r.kernel.org>, <kernel-team@...com>
Subject: pull-request: bpf-next 2020-03-30
Hi David,
The following pull-request contains BPF updates for your *net-next* tree.
We've added 73 non-merge commits during the last 14 day(s) which contain
a total of 107 files changed, 6086 insertions(+), 1728 deletions(-).
The main changes are:
1) drgn tool document, from Andrey.
2) bpf_link for cgroup-bpf, from Andrii.
3) new helpers for cgroup-bpf and netns cookie, from Daniel.
4) verifier fixes, from Jann and Daniel.
5) bpf_sk_assign, from Joe.
6) tracking of subregister bounds in the verifier, from John.
7) bpf-lsm, from KP.
8) bpf_sk_storage for bpf_tcp_ca, from Martin.
9) ifla_xdp_expected_fd, from Toke.
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
Thanks a lot!
Also thanks to reporters, reviewers and testers of commits in this pull-request:
Alexei Starovoitov, Anatoly Trosinenko, Andrii Nakryiko, Brendan
Jackman, Casey Schaufler, Florent Revest, Hulk Robot, Jakub Kicinski,
Jakub Sitnicki, James Morris, Jann Horn, John Fastabend, kbuild test
robot, Kees Cook, Lorenz Bauer, Magnus Karlsson, Martin KaFai Lau,
Michael Ellerman, Nathan Chancellor, Quentin Monnet, Randy Dunlap, Roman
Gushchin, Stanislav Fomichev, Thomas Garnier, Yonghong Song
----------------------------------------------------------------
The following changes since commit 86e85bf6981c0c265c427d6bfe9e2a0111797444:
sfc: fix XDP-redirect in this driver (2020-03-16 18:22:43 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
for you to fetch changes up to 8596a75f6c830a693ec86e6467a58b225713a7f1:
Merge branch 'cgroup-bpf_link' (2020-03-30 17:36:41 -0700)
----------------------------------------------------------------
Alexei Starovoitov (5):
Merge branch 'cgroup-helpers'
Merge branch 'ifla_xdp_expected_fd'
Merge branch 'bpf_sk_assign'
Merge branch 'subreg-bounds'
Merge branch 'cgroup-bpf_link'
Andrey Ignatov (1):
bpf: Document bpf_inspect drgn tool
Andrii Nakryiko (11):
selftest/bpf: Fix compilation warning in sockmap_parse_prog.c
selftests/bpf: Fix nanosleep for real this time
selftests/bpf: Fix race in tcp_rtt test
selftests/bpf: Fix test_progs's parsing of test numbers
selftests/bpf: Reset process and thread affinity after each test/sub-test
bpf: Factor out cgroup storages operations
bpf: Factor out attach_type to prog_type mapping for attach/detach
bpf: Implement bpf_link-based cgroup BPF program attachment
bpf: Implement bpf_prog replacement for an active bpf_cgroup_link
libbpf: Add support for bpf_link-based cgroup attachment
selftests/bpf: Test FD-based cgroup attachment
Bill Wendling (1):
selftests/bpf: Fix mix of tabs and spaces
Daniel Borkmann (11):
bpf: Enable retrieval of socket cookie for bind/post-bind hook
bpf: Enable perf event rb output for bpf cgroup progs
bpf: Add netns cookie and enable it for bpf cgroup hooks
bpf: Allow to retrieve cgroup v1 classid from v2 hooks
bpf: Enable bpf cgroup hooks to retrieve cgroup v2 and ancestor id
bpf: Enable retrival of pid/tgid/comm from bpf cgroup hooks
bpf: Add selftest cases for ctx_or_null argument type
bpf, net: Fix build issue when net ns not configured
Merge branch 'bpf-lsm'
bpf: Undo incorrect __reg_bound_offset32 handling
bpf, doc: Add John as official reviewer to BPF subsystem
Daniel T. Lee (2):
samples, bpf: Move read_trace_pipe to trace_helpers
samples, bpf: Refactor perf_event user program with libbpf bpf_link
Fangrui Song (1):
bpf: Support llvm-objcopy for vmlinux BTF
Fletcher Dunn (1):
libbpf, xsk: Init all ring members in xsk_umem__create and xsk_socket__create
Jann Horn (2):
bpf: Fix tnum constraints for 32-bit comparisons
bpf: Simplify reg_set_min_max_inv handling
Jean-Philippe Menil (1):
bpf: Fix build warning regarding missing prototypes
Joe Stringer (4):
bpf: Add socket assign support
net: Track socket refcounts in skb_steal_sock()
bpf: Don't refcount LISTEN sockets in sk_assign()
selftests: bpf: Extend sk_assign tests for UDP
John Fastabend (10):
bpf: Verifer, refactor adjust_scalar_min_max_vals
bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()
bpf: Test_verifier, #70 error message updates for 32-bit right shift
bpf: Verifier, do_refine_retval_range may clamp umin to 0 incorrectly
bpf: Verifier, do explicit ALU32 bounds tracking
bpf: Verifier, refine 32bit bound in do_refine_retval_range
bpf: Test_progs, add test to catch retval refine error handling
bpf: Test_verifier, bpf_get_stack return value add <0
bpf: Test_verifier, #65 error message updates for trunc of boundary-cross
bpf: Test_verifier, add alu32 bounds tracking tests
KP Singh (10):
bpf: Introduce BPF_PROG_TYPE_LSM
security: Refactor declaration of LSM hooks
bpf: lsm: Provide attachment points for BPF LSM programs
bpf: lsm: Implement attach, detach and execution
bpf: lsm: Initialize the BPF LSM hooks
tools/libbpf: Add support for BPF_PROG_TYPE_LSM
bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM
bpf: lsm: Add Documentation
bpf: btf: Fix arg verification in btf_ctx_access()
bpf, lsm: Make BPF_LSM depend on BPF_EVENTS
Lorenz Bauer (1):
selftests: bpf: Add test for sk_assign
Martin KaFai Lau (6):
bpftool: Print the enum's name instead of value
bpftool: Print as a string for char array
bpftool: Translate prog_id to its bpf prog_name
bpftool: Add struct_ops support
bpf: Add bpf_sk_storage support to bpf_tcp_ca
bpf: Add tests for bpf_sk_storage to bpf_tcp_ca
Stanislav Fomichev (1):
libbpf: Don't allocate 16M for log buffer by default
Tobias Klauser (1):
libbpf: Remove unused parameter `def` to get_map_field_int
Toke Høiland-Jørgensen (6):
xdp: Support specifying expected existing program when attaching XDP
tools: Add EXPECTED_FD-related definitions in if_link.h
libbpf: Add function to set link XDP fd while specifying old program
selftests/bpf: Add tests for attaching XDP programs
libbpf: Add setter for initial value for internal maps
selftests: Add test for overriding global data value before load
Wenbo Zhang (1):
bpf, libbpf: Fix ___bpf_kretprobe_args1(x) macro definition
YueHaibing (3):
bpf, tcp: Fix unused function warnings
bpf, tcp: Make tcp_bpf_recvmsg static
bpf: Remove unused vairable 'bpf_xdp_link_lops'
Documentation/bpf/bpf_lsm.rst | 142 ++
Documentation/bpf/drgn.rst | 213 +++
Documentation/bpf/index.rst | 6 +-
MAINTAINERS | 2 +
arch/powerpc/kernel/vmlinux.lds.S | 6 -
include/asm-generic/vmlinux.lds.h | 15 +
include/linux/bpf-cgroup.h | 41 +-
include/linux/bpf.h | 15 +-
include/linux/bpf_lsm.h | 33 +
include/linux/bpf_types.h | 4 +
include/linux/bpf_verifier.h | 4 +
include/linux/limits.h | 1 +
include/linux/lsm_hook_defs.h | 381 +++++
include/linux/lsm_hooks.h | 628 +-------
include/linux/netdevice.h | 2 +-
include/linux/tnum.h | 12 +
include/net/cls_cgroup.h | 7 +-
include/net/inet6_hashtables.h | 3 +-
include/net/inet_hashtables.h | 3 +-
include/net/net_namespace.h | 5 +
include/net/sock.h | 46 +-
include/net/tcp.h | 2 -
include/uapi/linux/bpf.h | 82 +-
include/uapi/linux/if_link.h | 4 +-
init/Kconfig | 13 +
kernel/bpf/Makefile | 1 +
kernel/bpf/bpf_lsm.c | 54 +
kernel/bpf/btf.c | 45 +-
kernel/bpf/cgroup.c | 505 +++++--
kernel/bpf/core.c | 1 +
kernel/bpf/helpers.c | 18 +
kernel/bpf/syscall.c | 330 ++--
kernel/bpf/sysfs_btf.c | 11 +-
kernel/bpf/tnum.c | 15 +
kernel/bpf/trampoline.c | 17 +-
kernel/bpf/verifier.c | 1570 ++++++++++++++------
kernel/cgroup/cgroup.c | 41 +-
kernel/trace/bpf_trace.c | 12 +-
net/bpf/test_run.c | 4 +
net/core/dev.c | 26 +-
net/core/filter.c | 141 +-
net/core/net_namespace.c | 15 +
net/core/rtnetlink.c | 14 +
net/core/sock.c | 12 +
net/ipv4/bpf_tcp_ca.c | 33 +
net/ipv4/ip_input.c | 3 +-
net/ipv4/tcp_bpf.c | 152 +-
net/ipv4/udp.c | 6 +-
net/ipv6/ip6_input.c | 3 +-
net/ipv6/udp.c | 9 +-
net/sched/act_bpf.c | 3 +
samples/bpf/Makefile | 8 +-
samples/bpf/bpf_load.c | 20 -
samples/bpf/bpf_load.h | 1 -
samples/bpf/sampleip_user.c | 98 +-
samples/bpf/trace_event_user.c | 139 +-
samples/bpf/tracex1_user.c | 1 +
samples/bpf/tracex5_user.c | 1 +
scripts/link-vmlinux.sh | 24 +-
security/Kconfig | 10 +-
security/Makefile | 2 +
security/bpf/Makefile | 5 +
security/bpf/hooks.c | 26 +
security/security.c | 41 +-
.../bpftool/Documentation/bpftool-struct_ops.rst | 116 ++
tools/bpf/bpftool/bash-completion/bpftool | 28 +
tools/bpf/bpftool/btf_dumper.c | 199 ++-
tools/bpf/bpftool/main.c | 3 +-
tools/bpf/bpftool/main.h | 2 +
tools/bpf/bpftool/struct_ops.c | 596 ++++++++
tools/include/uapi/linux/bpf.h | 82 +-
tools/include/uapi/linux/if_link.h | 4 +-
tools/lib/bpf/bpf.c | 37 +-
tools/lib/bpf/bpf.h | 19 +
tools/lib/bpf/bpf_tracing.h | 2 +-
tools/lib/bpf/btf.c | 20 +-
tools/lib/bpf/libbpf.c | 134 +-
tools/lib/bpf/libbpf.h | 22 +-
tools/lib/bpf/libbpf.map | 9 +
tools/lib/bpf/libbpf_probes.c | 1 +
tools/lib/bpf/netlink.c | 34 +-
tools/lib/bpf/xsk.c | 16 +-
tools/testing/selftests/bpf/config | 2 +
.../testing/selftests/bpf/prog_tests/bpf_tcp_ca.c | 39 +-
tools/testing/selftests/bpf/prog_tests/btf_dump.c | 2 +-
.../testing/selftests/bpf/prog_tests/cgroup_link.c | 244 +++
.../selftests/bpf/prog_tests/get_stack_raw_tp.c | 5 +
.../selftests/bpf/prog_tests/global_data_init.c | 61 +
tools/testing/selftests/bpf/prog_tests/sk_assign.c | 309 ++++
tools/testing/selftests/bpf/prog_tests/tcp_rtt.c | 4 +-
tools/testing/selftests/bpf/prog_tests/test_lsm.c | 86 ++
tools/testing/selftests/bpf/prog_tests/vmlinux.c | 2 +-
.../testing/selftests/bpf/prog_tests/xdp_attach.c | 62 +
tools/testing/selftests/bpf/progs/bpf_dctcp.c | 16 +
tools/testing/selftests/bpf/progs/lsm.c | 48 +
.../selftests/bpf/progs/sockmap_parse_prog.c | 1 -
.../testing/selftests/bpf/progs/test_cgroup_link.c | 24 +
.../selftests/bpf/progs/test_get_stack_rawtp_err.c | 26 +
.../testing/selftests/bpf/progs/test_global_data.c | 2 +-
tools/testing/selftests/bpf/progs/test_sk_assign.c | 204 +++
tools/testing/selftests/bpf/test_progs.c | 71 +-
tools/testing/selftests/bpf/test_progs.h | 1 +
tools/testing/selftests/bpf/trace_helpers.c | 23 +
tools/testing/selftests/bpf/trace_helpers.h | 1 +
tools/testing/selftests/bpf/verifier/bounds.c | 57 +-
.../testing/selftests/bpf/verifier/bpf_get_stack.c | 8 +-
tools/testing/selftests/bpf/verifier/ctx.c | 105 ++
107 files changed, 6086 insertions(+), 1728 deletions(-)
create mode 100644 Documentation/bpf/bpf_lsm.rst
create mode 100644 Documentation/bpf/drgn.rst
create mode 100644 include/linux/bpf_lsm.h
create mode 100644 include/linux/lsm_hook_defs.h
create mode 100644 kernel/bpf/bpf_lsm.c
create mode 100644 security/bpf/Makefile
create mode 100644 security/bpf/hooks.c
create mode 100644 tools/bpf/bpftool/Documentation/bpftool-struct_ops.rst
create mode 100644 tools/bpf/bpftool/struct_ops.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/cgroup_link.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/global_data_init.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/sk_assign.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/test_lsm.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/xdp_attach.c
create mode 100644 tools/testing/selftests/bpf/progs/lsm.c
create mode 100644 tools/testing/selftests/bpf/progs/test_cgroup_link.c
create mode 100644 tools/testing/selftests/bpf/progs/test_get_stack_rawtp_err.c
create mode 100644 tools/testing/selftests/bpf/progs/test_sk_assign.c
Powered by blists - more mailing lists