| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 May 2020 13:34:20 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: Alexei Starovoitov <ast@...nel.org>, bpf <bpf@...r.kernel.org>,
Networking <netdev@...r.kernel.org>,
Andrey Ignatov <rdna@...com>,
Stanislav Fomichev <sdf@...gle.com>
Subject: Re: [PATCH bpf-next 0/4] Add get{peer,sock}name cgroup attach types
On Mon, May 18, 2020 at 8:36 AM Daniel Borkmann <daniel@...earbox.net> wrote:
>
> Trivial patch to add get{peer,sock}name cgroup attach types to the BPF
> sock_addr programs in order to enable rewriting sockaddr structs from
> both calls along with libbpf and bpftool support as well as selftests.
>
> Thanks!
>
> Daniel Borkmann (4):
> bpf: add get{peer,sock}name attach types for sock_addr
> bpf, libbpf: enable get{peer,sock}name attach types
> bpf, bpftool: enable get{peer,sock}name attach types
> bpf, testing: add get{peer,sock}name selftests to test_progs
>
> include/linux/bpf-cgroup.h | 1 +
> include/uapi/linux/bpf.h | 4 +
> kernel/bpf/syscall.c | 12 ++
> kernel/bpf/verifier.c | 6 +-
> net/core/filter.c | 4 +
> net/ipv4/af_inet.c | 8 +-
> net/ipv6/af_inet6.c | 9 +-
> .../bpftool/Documentation/bpftool-cgroup.rst | 10 +-
> .../bpftool/Documentation/bpftool-prog.rst | 3 +-
> tools/bpf/bpftool/bash-completion/bpftool | 15 ++-
> tools/bpf/bpftool/cgroup.c | 7 +-
> tools/bpf/bpftool/main.h | 4 +
> tools/bpf/bpftool/prog.c | 6 +-
> tools/include/uapi/linux/bpf.h | 4 +
> tools/lib/bpf/libbpf.c | 8 ++
> tools/testing/selftests/bpf/network_helpers.c | 11 +-
> tools/testing/selftests/bpf/network_helpers.h | 1 +
> .../bpf/prog_tests/connect_force_port.c | 107 +++++++++++++-----
> .../selftests/bpf/progs/connect_force_port4.c | 59 +++++++++-
> .../selftests/bpf/progs/connect_force_port6.c | 70 +++++++++++-
> 20 files changed, 295 insertions(+), 54 deletions(-)
>
> --
> 2.21.0
>
Looks good to me. It would be nice to convert those selftests to use
skeletons and bpf_link-based cgroup attachments, but that's for
another day, I suppose.
I'll also start a new thread regarding the alarming growth of enum
bpf_attach_type (and it's impact on struct cgroup_bpf size), but it's
not specific to this change.
So, for the series:
Acked-by: Andrii Nakryiko <andriin@...com>
Powered by blists - more mailing lists