lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <1683872684-64872-1-git-send-email-alibuda@linux.alibaba.com> Date: Fri, 12 May 2023 14:24:39 +0800 From: "D. Wythe" <alibuda@...ux.alibaba.com> To: kgraul@...ux.ibm.com, wenjia@...ux.ibm.com, jaka@...ux.ibm.com, ast@...nel.org, daniel@...earbox.net, andrii@...nel.org, martin.lau@...ux.dev, pabeni@...hat.com, song@...nel.org, sdf@...gle.com, haoluo@...gle.com, yhs@...com, edumazet@...gle.com, john.fastabend@...il.com, kpsingh@...nel.org, jolsa@...nel.org, guwen@...ux.alibaba.com Cc: kuba@...nel.org, davem@...emloft.net, netdev@...r.kernel.org, linux-s390@...r.kernel.org, linux-rdma@...r.kernel.org, bpf@...r.kernel.org Subject: [PATCH bpf-next v1 0/5] net/smc: Introduce BPF injection capability From: "D. Wythe" <alibuda@...ux.alibaba.com> This patches attempt to introduce BPF injection capability for SMC, and add selftest to ensure code stability. As we all know that the SMC protocol is not suitable for all scenarios, especially for short-lived. However, for most applications, they cannot guarantee that there are no such scenarios at all. Therefore, apps may need some specific strategies to decide shall we need to use SMC or not, for example, apps can limit the scope of the SMC to a specific IP address or port. Based on the consideration of transparent replacement, we hope that apps can remain transparent even if they need to formulate some specific strategies for SMC using. That is, do not need to recompile their code. On the other hand, we need to ensure the scalability of strategies implementation. Although it is simple to use socket options or sysctl, it will bring more complexity to subsequent expansion. Fortunately, BPF can solve these concerns very well, users can write thire own strategies in eBPF to choose whether to use SMC or not. And it's quite easy for them to modify their strategies in the future. This patches implement injection capability for SMC via struct_ops. In that way, we can add new injection scenarios in the future. v1: 1. split bpf_smc.c 2. remove unnecessary symbol exports D. Wythe (5): net/smc: move smc_sock related structure definition net/smc: allow smc to negotiate protocols on policies net/smc: allow set or get smc negotiator by sockopt bpf: add smc negotiator support in BPF struct_ops bpf/selftests: add selftest for SMC bpf capability include/net/smc.h | 257 ++++++++++++++++++++++ include/uapi/linux/smc.h | 1 + kernel/bpf/bpf_struct_ops_types.h | 4 + net/Makefile | 1 + net/smc/Kconfig | 11 + net/smc/af_smc.c | 265 ++++++++++++++++++++--- net/smc/bpf_smc.c | 171 +++++++++++++++ net/smc/smc.h | 224 ------------------- net/smc/smc_negotiator.c | 119 ++++++++++ net/smc/smc_negotiator.h | 116 ++++++++++ tools/testing/selftests/bpf/prog_tests/bpf_smc.c | 107 +++++++++ tools/testing/selftests/bpf/progs/bpf_smc.c | 265 +++++++++++++++++++++++ 12 files changed, 1282 insertions(+), 259 deletions(-) create mode 100644 net/smc/bpf_smc.c create mode 100644 net/smc/smc_negotiator.c create mode 100644 net/smc/smc_negotiator.h create mode 100644 tools/testing/selftests/bpf/prog_tests/bpf_smc.c create mode 100644 tools/testing/selftests/bpf/progs/bpf_smc.c -- 1.8.3.1
Powered by blists - more mailing lists