lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAEf4BzY4+9hTg34GHELBCF413HB7EtxxtYyHcTLgT2GczoNiMw@mail.gmail.com>
Date:   Mon, 18 May 2020 13:34:20 -0700
From:   Andrii Nakryiko <andrii.nakryiko@...il.com>
To:     Daniel Borkmann <daniel@...earbox.net>
Cc:     Alexei Starovoitov <ast@...nel.org>, bpf <bpf@...r.kernel.org>,
        Networking <netdev@...r.kernel.org>,
        Andrey Ignatov <rdna@...com>,
        Stanislav Fomichev <sdf@...gle.com>
Subject: Re: [PATCH bpf-next 0/4] Add get{peer,sock}name cgroup attach types

On Mon, May 18, 2020 at 8:36 AM Daniel Borkmann <daniel@...earbox.net> wrote:
>
> Trivial patch to add get{peer,sock}name cgroup attach types to the BPF
> sock_addr programs in order to enable rewriting sockaddr structs from
> both calls along with libbpf and bpftool support as well as selftests.
>
> Thanks!
>
> Daniel Borkmann (4):
>   bpf: add get{peer,sock}name attach types for sock_addr
>   bpf, libbpf: enable get{peer,sock}name attach types
>   bpf, bpftool: enable get{peer,sock}name attach types
>   bpf, testing: add get{peer,sock}name selftests to test_progs
>
>  include/linux/bpf-cgroup.h                    |   1 +
>  include/uapi/linux/bpf.h                      |   4 +
>  kernel/bpf/syscall.c                          |  12 ++
>  kernel/bpf/verifier.c                         |   6 +-
>  net/core/filter.c                             |   4 +
>  net/ipv4/af_inet.c                            |   8 +-
>  net/ipv6/af_inet6.c                           |   9 +-
>  .../bpftool/Documentation/bpftool-cgroup.rst  |  10 +-
>  .../bpftool/Documentation/bpftool-prog.rst    |   3 +-
>  tools/bpf/bpftool/bash-completion/bpftool     |  15 ++-
>  tools/bpf/bpftool/cgroup.c                    |   7 +-
>  tools/bpf/bpftool/main.h                      |   4 +
>  tools/bpf/bpftool/prog.c                      |   6 +-
>  tools/include/uapi/linux/bpf.h                |   4 +
>  tools/lib/bpf/libbpf.c                        |   8 ++
>  tools/testing/selftests/bpf/network_helpers.c |  11 +-
>  tools/testing/selftests/bpf/network_helpers.h |   1 +
>  .../bpf/prog_tests/connect_force_port.c       | 107 +++++++++++++-----
>  .../selftests/bpf/progs/connect_force_port4.c |  59 +++++++++-
>  .../selftests/bpf/progs/connect_force_port6.c |  70 +++++++++++-
>  20 files changed, 295 insertions(+), 54 deletions(-)
>
> --
> 2.21.0
>

Looks good to me. It would be nice to convert those selftests to use
skeletons and bpf_link-based cgroup attachments, but that's for
another day, I suppose.

I'll also start a new thread regarding the alarming growth of enum
bpf_attach_type (and it's impact on struct cgroup_bpf size), but it's
not specific to this change.

So, for the series:

Acked-by: Andrii Nakryiko <andriin@...com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ