lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jan 2021 19:59:52 -0800 From: Alexei Starovoitov <alexei.starovoitov@...il.com> To: Stanislav Fomichev <sdf@...gle.com> Cc: Andrii Nakryiko <andrii.nakryiko@...il.com>, Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net> Subject: Re: [RPC PATCH bpf-next] bpf: implement new BPF_CGROUP_INET_SOCK_POST_CONNECT On Thu, Jan 14, 2021 at 7:51 PM Stanislav Fomichev <sdf@...gle.com> wrote: > > > > > > lock_sock(sock->sk); > > > err = __inet_stream_connect(sock, uaddr, addr_len, flags, 0); > > > > Similarly here, attaching fexit to __inet_stream_connect would execute > > your BPF program at exactly the same time (and then you can check for > > err value). > > > > Or the point here is to have a more "stable" BPF program type? > Good suggestion, I can try to play with it, I think it should give me > all the info I need (I only need sock). > But yeah, I'd rather prefer a stable interface against stable > __sk_buff, but maybe fexit will also work. Maybe we can add an extension to fentry/fexit that are cgroup scoped? I think this will solve many such cases.
Powered by blists - more mailing lists