lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 5 Jun 2023 15:02:49 -0700
From: Andrii Nakryiko <andrii.nakryiko@...il.com>
To: Florian Westphal <fw@...len.de>
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org, ast@...nel.org
Subject: Re: [PATCH bpf v2] bpf: netfilter: add BPF_NETFILTER bpf_attach_type

On Mon, Jun 5, 2023 at 6:15 AM Florian Westphal <fw@...len.de> wrote:
>
> Andrii Nakryiko writes:
>
>  And we currently don't have an attach type for NETLINK BPF link.
>  Thankfully it's not too late to add it. I see that link_create() in
>  kernel/bpf/syscall.c just bypasses attach_type check. We shouldn't
>  have done that. Instead we need to add BPF_NETLINK attach type to enum
>  bpf_attach_type. And wire all that properly throughout the kernel and
>  libbpf itself.
>
> This adds BPF_NETFILTER and uses it.  This breaks uabi but this
> wasn't in any non-rc release yet, so it should be fine.
>
> v2: check link_attack prog type in link_create too
>
> Fixes: 84601d6ee68a ("bpf: add bpf_link support for BPF_NETFILTER programs")
> Suggested-by: Andrii Nakryiko <andrii.nakryiko@...il.com>
> Link: https://lore.kernel.org/bpf/CAEf4BzZ69YgrQW7DHCJUT_X+GqMq_ZQQPBwopaJJVGFD5=d5Vg@mail.gmail.com/
> Signed-off-by: Florian Westphal <fw@...len.de>
> ---

There was one more place that needed adjustment in
tools/lib/bpf/libbpf_probes.c and another in tools/lib/bpf/libbpf.c
for BPF_NETLINK -> "netlink" string representation. I fixed it up and
pushed it to the bpf tree, but for future submissions please make sure
to run all selftests locally and make sure they all pass.

>  include/uapi/linux/bpf.h       | 1 +
>  kernel/bpf/syscall.c           | 9 +++++++++
>  tools/include/uapi/linux/bpf.h | 1 +
>  tools/lib/bpf/libbpf.c         | 2 +-
>  4 files changed, 12 insertions(+), 1 deletion(-)
>

[...]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ