lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 20 Jul 2021 11:05:02 -0700
From:   Alexei Starovoitov <alexei.starovoitov@...il.com>
To:     Martin KaFai Lau <kafai@...com>,
        Eric Dumazet <eric.dumazet@...il.com>
Cc:     bpf <bpf@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Kernel Team <kernel-team@...com>,
        Neal Cardwell <ncardwell@...gle.com>,
        Network Development <netdev@...r.kernel.org>,
        Yonghong Song <yhs@...com>, Yuchung Cheng <ycheng@...gle.com>
Subject: Re: [PATCH v2 bpf-next 0/8] bpf: Allow bpf tcp iter to do bpf_(get|set)sockopt

On Wed, Jul 14, 2021 at 6:29 PM Alexei Starovoitov
<alexei.starovoitov@...il.com> wrote:
>
> On Thu, Jul 1, 2021 at 1:05 PM Martin KaFai Lau <kafai@...com> wrote:
> >
> > This set is to allow bpf tcp iter to call bpf_(get|set)sockopt.
> >
> > With bpf-tcp-cc, new algo rollout happens more often.  Instead of
> > restarting the applications to pick up the new tcp-cc, this set
> > allows the bpf tcp iter to call bpf_(get|set)sockopt(TCP_CONGESTION).
> > It is not limited to TCP_CONGESTION, the bpf tcp iter can call
> > bpf_(get|set)sockopt() with other options.  The bpf tcp iter can read
> > into all the fields of a tcp_sock, so there is a lot of flexibility
> > to select the desired sk to do setsockopt(), e.g. it can test for
> > TCP_LISTEN only and leave the established connections untouched,
> > or check the addr/port, or check the current tcp-cc name, ...etc.
> >
> > Patch 1-4 are some cleanup and prep work in the tcp and bpf seq_file.
> >
> > Patch 5 is to have the tcp seq_file iterate on the
> > port+addr lhash2 instead of the port only listening_hash.
> ...
> >  include/linux/bpf.h                           |   8 +
> >  include/net/inet_hashtables.h                 |   6 +
> >  include/net/tcp.h                             |   1 -
> >  kernel/bpf/bpf_iter.c                         |  22 +
> >  kernel/trace/bpf_trace.c                      |   7 +-
> >  net/core/filter.c                             |  34 ++
> >  net/ipv4/tcp_ipv4.c                           | 410 ++++++++++++++----
>
> Eric,
>
> Could you please review this set where it touches inet bits?
> I've looked a few times and it all looks fine to me, but I'm no expert
> in those parts.

Eric,

ping!
If you're on vacation or something I'm inclined to land the patches
and let Martin address your review feedback in follow up patches.

Thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ