| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200515172124.44077-1-alexei.starovoitov@gmail.com>
Date: Fri, 15 May 2020 10:21:24 -0700
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: davem@...emloft.net
Cc: daniel@...earbox.net, netdev@...r.kernel.org, bpf@...r.kernel.org,
kernel-team@...com
Subject: pull-request: bpf-next 2020-05-15
Hi David,
The following pull-request contains BPF updates for your *net-next* tree.
We've added 37 non-merge commits during the last 1 day(s) which contain
a total of 67 files changed, 741 insertions(+), 252 deletions(-).
The main changes are:
1) bpf_xdp_adjust_tail() now allows to grow the tail as well, from Jesper.
2) bpftool can probe CONFIG_HZ, from Daniel.
3) CAP_BPF is introduced to isolate user processes that use BPF infra and
to secure BPF networking services by dropping CAP_SYS_ADMIN requirement
in certain cases, from Alexei.
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
Thanks a lot!
Also thanks to reporters, reviewers and testers of commits in this pull-request:
Andy Gospodarek, Björn Töpel, Grygorii Strashko, Jakub Kicinski, Jason
Wang, Lorenzo Bianconi, Mao Wenan, Michael S. Tsirkin, Quentin Monnet,
Sameeh Jubran, Tariq Toukan, Toke Høiland-Jørgensen, Toshiaki Makita
----------------------------------------------------------------
The following changes since commit d00f26b623333f2419f4c3b95ff11c8b1bb96f56:
Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next (2020-05-14 20:31:21 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git
for you to fetch changes up to ed24a7a852b542911479383d5c80b9a2b4bb8caa:
Merge branch 'bpf-cap' (2020-05-15 17:29:46 +0200)
----------------------------------------------------------------
Alexei Starovoitov (4):
Merge branch 'xdp-grow-tail'
bpf, capability: Introduce CAP_BPF
bpf: Implement CAP_BPF
selftests/bpf: Use CAP_BPF and CAP_PERFMON in tests
Daniel Borkmann (2):
bpf, bpftool: Allow probing for CONFIG_HZ from kernel config
Merge branch 'bpf-cap'
Ilias Apalodimas (1):
net: netsec: Add support for XDP frame size
Jesper Dangaard Brouer (32):
xdp: Add frame size to xdp_buff
bnxt: Add XDP frame size to driver
sfc: Add XDP frame size
mvneta: Add XDP frame size to driver
net: XDP-generic determining XDP frame size
xdp: Xdp_frame add member frame_sz and handle in convert_to_xdp_frame
xdp: Cpumap redirect use frame_sz and increase skb_tailroom
veth: Adjust hard_start offset on redirect XDP frames
veth: Xdp using frame_sz in veth driver
dpaa2-eth: Add XDP frame size
hv_netvsc: Add XDP frame size to driver
qlogic/qede: Add XDP frame size to driver
net: ethernet: ti: Add XDP frame size to driver cpsw
ena: Add XDP frame size to amazon NIC driver
mlx4: Add XDP frame size and adjust max XDP MTU
net: thunderx: Add XDP frame size
nfp: Add XDP frame size to netronome driver
tun: Add XDP frame size
vhost_net: Also populate XDP frame size
virtio_net: Add XDP frame size in two code paths
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
ixgbe: Add XDP frame size to driver
ixgbevf: Add XDP frame size to VF driver
i40e: Add XDP frame size to driver
ice: Add XDP frame size to driver
xdp: For Intel AF_XDP drivers add XDP frame_sz
mlx5: Rx queue setup time determine frame_sz for XDP
xdp: Allow bpf_xdp_adjust_tail() to grow packet size
xdp: Clear grow memory in bpf_xdp_adjust_tail()
bpf: Add xdp.frame_sz in bpf_prog_test_run_xdp().
selftests/bpf: Adjust BPF selftest for xdp_adjust_tail
selftests/bpf: Xdp_adjust_tail add grow tail tests
drivers/media/rc/bpf-lirc.c | 2 +-
drivers/net/ethernet/amazon/ena/ena_netdev.c | 1 +
drivers/net/ethernet/amazon/ena/ena_netdev.h | 5 +-
drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c | 1 +
drivers/net/ethernet/cavium/thunder/nicvf_main.c | 1 +
drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 7 ++
drivers/net/ethernet/intel/i40e/i40e_txrx.c | 30 ++++-
drivers/net/ethernet/intel/i40e/i40e_xsk.c | 2 +
drivers/net/ethernet/intel/ice/ice_txrx.c | 34 ++++--
drivers/net/ethernet/intel/ice/ice_xsk.c | 2 +
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 33 ++++--
drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 +
drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 34 ++++--
drivers/net/ethernet/marvell/mvneta.c | 25 +++--
drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 3 +-
drivers/net/ethernet/mellanox/mlx4/en_rx.c | 1 +
drivers/net/ethernet/mellanox/mlx5/core/en.h | 1 +
drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 1 +
drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 6 +
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 2 +
.../net/ethernet/netronome/nfp/nfp_net_common.c | 6 +
drivers/net/ethernet/qlogic/qede/qede_fp.c | 1 +
drivers/net/ethernet/qlogic/qede/qede_main.c | 2 +-
drivers/net/ethernet/sfc/rx.c | 1 +
drivers/net/ethernet/socionext/netsec.c | 30 +++--
drivers/net/ethernet/ti/cpsw.c | 1 +
drivers/net/ethernet/ti/cpsw_new.c | 1 +
drivers/net/hyperv/netvsc_bpf.c | 1 +
drivers/net/hyperv/netvsc_drv.c | 2 +-
drivers/net/tun.c | 2 +
drivers/net/veth.c | 28 +++--
drivers/net/virtio_net.c | 15 ++-
drivers/vhost/net.c | 1 +
include/linux/bpf.h | 18 ++-
include/linux/bpf_verifier.h | 3 +
include/linux/capability.h | 5 +
include/net/xdp.h | 27 ++++-
include/net/xdp_sock.h | 11 ++
include/uapi/linux/bpf.h | 4 +-
include/uapi/linux/capability.h | 34 +++++-
kernel/bpf/arraymap.c | 10 +-
kernel/bpf/bpf_struct_ops.c | 2 +-
kernel/bpf/core.c | 2 +-
kernel/bpf/cpumap.c | 23 +---
kernel/bpf/hashtab.c | 4 +-
kernel/bpf/helpers.c | 4 +-
kernel/bpf/lpm_trie.c | 2 +-
kernel/bpf/map_in_map.c | 2 +-
kernel/bpf/queue_stack_maps.c | 2 +-
kernel/bpf/reuseport_array.c | 2 +-
kernel/bpf/stackmap.c | 2 +-
kernel/bpf/syscall.c | 89 +++++++++++----
kernel/bpf/verifier.c | 37 ++++---
kernel/trace/bpf_trace.c | 3 +
net/bpf/test_run.c | 16 ++-
net/core/bpf_sk_storage.c | 4 +-
net/core/dev.c | 14 ++-
net/core/filter.c | 19 +++-
net/core/xdp.c | 8 ++
security/selinux/include/classmap.h | 4 +-
tools/bpf/bpftool/feature.c | 120 +++++++++++---------
.../selftests/bpf/prog_tests/xdp_adjust_tail.c | 123 ++++++++++++++++++++-
.../bpf/progs/test_xdp_adjust_tail_grow.c | 33 ++++++
...adjust_tail.c => test_xdp_adjust_tail_shrink.c} | 12 +-
tools/testing/selftests/bpf/test_verifier.c | 44 ++++++--
tools/testing/selftests/bpf/verifier/calls.c | 16 +--
tools/testing/selftests/bpf/verifier/dead_code.c | 10 +-
67 files changed, 741 insertions(+), 252 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/test_xdp_adjust_tail_grow.c
rename tools/testing/selftests/bpf/progs/{test_adjust_tail.c => test_xdp_adjust_tail_shrink.c} (70%)
Powered by blists - more mailing lists