| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20231016204803.30153-1-daniel@iogearbox.net>
Date: Mon, 16 Oct 2023 22:48:03 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: davem@...emloft.net
Cc: kuba@...nel.org,
pabeni@...hat.com,
edumazet@...gle.com,
daniel@...earbox.net,
ast@...nel.org,
andrii@...nel.org,
martin.lau@...ux.dev,
netdev@...r.kernel.org,
bpf@...r.kernel.org
Subject: pull-request: bpf-next 2023-10-16
Hi David, hi Jakub, hi Paolo, hi Eric,
The following pull-request contains BPF updates for your *net-next* tree.
We've added 90 non-merge commits during the last 25 day(s) which contain
a total of 120 files changed, 3519 insertions(+), 895 deletions(-).
The main changes are:
1) Add missed stats for kprobes to retrieve the number of missed kprobe executions
and subsequent executions of BPF programs, from Jiri Olsa.
2) Add cgroup BPF sockaddr hooks for unix sockets. The use case is for systemd to
reimplement the LogNamespace feature which allows running multiple instances of
systemd-journald to process the logs of different services, from Daan De Meyer.
3) Implement BPF CPUv4 support for s390x BPF JIT, from Ilya Leoshkevich.
4) Improve BPF verifier log output for scalar registers to better disambiguate their
internal state wrt defaults vs min/max values matching, from Andrii Nakryiko.
5) Extend the BPF fib lookup helpers for IPv4/IPv6 to support retrieving the
source IP address with a new BPF_FIB_LOOKUP_SRC flag, from Martynas Pumputis.
6) Add support for open-coded task_vma iterator to help with symbolization for
BPF-collected user stacks, from Dave Marchevsky.
7) Add libbpf getters for accessing individual BPF ring buffers which is useful for
polling them individually, for example, from Martin Kelly.
8) Extend AF_XDP selftests to validate the SHARED_UMEM feature, from Tushar Vyavahare.
9) Improve BPF selftests cross-building support for riscv arch, from Björn Töpel.
10) Add the ability to pin a BPF timer to the same calling CPU, from David Vernet.
11) Fix libbpf's bpf_tracing.h macros for riscv to use the generic implementation
of PT_REGS_SYSCALL_REGS() to access syscall arguments, from Alexandre Ghiti.
12) Extend libbpf to support symbol versioning for uprobes, from Hengqi Chen.
13) Fix bpftool's skeleton code generation to guarantee that ELF data is 8 byte
aligned, from Ian Rogers.
14) Inherit system-wide cpu_mitigations_off() setting for Spectre v1/v4 security
mitigations in BPF verifier, from Yafang Shao.
15) Annotate struct bpf_stack_map with __counted_by attribute to prepare BPF side
for upcoming __counted_by compiler support, from Kees Cook.
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git tags/for-netdev
Thanks a lot!
Also thanks to reporters, reviewers and testers of commits in this pull-request:
Alan Maguire, Andrii Nakryiko, Eduard Zingerman, Hou Tao, Jiri Olsa,
John Fastabend, KP Singh, Kuniyuki Iwashima, Magnus Karlsson, Puranjay
Mohan, Quentin Monnet, Sami Tolvanen, Song Liu, Stanislav Fomichev,
Stephen Rothwell, Steven Rostedt (Google), Yonghong Song
----------------------------------------------------------------
The following changes since commit e9cbc89067cce78211c8629c78e931c0fe64e29d:
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net (2023-09-21 21:49:45 +0200)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git tags/for-netdev
for you to fetch changes up to 99c9991f4e5d77328187187d0c921a3b62bfa998:
Merge branch 'bpf-log-improvements' (2023-10-16 13:49:41 +0200)
----------------------------------------------------------------
bpf-next-for-netdev
----------------------------------------------------------------
Akihiko Odaki (1):
bpf: Fix the comment for bpf_restore_data_end()
Alexandre Ghiti (1):
libbpf: Fix syscall access arguments on riscv
Alexei Starovoitov (1):
Merge branch 'implement-cpuv4-support-for-s390x'
Andrii Nakryiko (14):
Merge branch 'libbpf: Support symbol versioning for uprobe'
Merge branch 'add libbpf getters for individual ringbuffers'
Merge branch 'bpf: Add missed stats for kprobes'
Merge branch 'libbpf/selftests syscall wrapper fixes for RISC-V'
Merge branch 'selftest/bpf, riscv: Improved cross-building support'
selftests/bpf: Fix compiler warnings reported in -O2 mode
selftests/bpf: Support building selftests in optimized -O2 mode
selftests/bpf: Don't truncate #test/subtest field
Merge branch 'Open-coded task_vma iter'
selftests/bpf: Improve percpu_alloc test robustness
selftests/bpf: Improve missed_kprobe_recursion test robustness
selftests/bpf: Make align selftests more robust
bpf: Disambiguate SCALAR register state output in verifier logs
bpf: Ensure proper register state printing for cond jumps
Artem Savkov (1):
bpf: Change syscall_nr type to int in struct syscall_tp_t
Björn Töpel (5):
selftests/bpf: Define SYS_PREFIX for riscv
selftests/bpf: Define SYS_NANOSLEEP_KPROBE_NAME for riscv
selftests/bpf: Add cross-build support for urandom_read et al
selftests/bpf: Enable lld usage for RISC-V
selftests/bpf: Add uprobe_multi to gen_tar target
Daan De Meyer (9):
selftests/bpf: Add missing section name tests for getpeername/getsockname
bpf: Propagate modified uaddrlen from cgroup sockaddr programs
bpf: Add bpf_sock_addr_set_sun_path() to allow writing unix sockaddr from bpf
bpf: Implement cgroup sockaddr hooks for unix sockets
libbpf: Add support for cgroup unix socket address hooks
bpftool: Add support for cgroup unix socket address hooks
documentation/bpf: Document cgroup unix socket address hooks
selftests/bpf: Make sure mount directory exists
selftests/bpf: Add tests for cgroup unix socket address hooks
Daniel Borkmann (2):
Merge branch 'bpf-xsk-sh-umem'
Merge branch 'bpf-log-improvements'
Dave Marchevsky (4):
bpf: Don't explicitly emit BTF for struct btf_iter_num
selftests/bpf: Rename bpf_iter_task_vma.c to bpf_iter_task_vmas.c
bpf: Introduce task_vma open-coded iterator kfuncs
selftests/bpf: Add tests for open-coded task_vma iter
David Vernet (2):
bpf: Add ability to pin bpf timer to calling CPU
selftests/bpf: Test pinning bpf timer to a core
Geliang Tang (2):
selftests/bpf: Enable CONFIG_VSOCKETS in config
selftests/bpf: Add pairs_redir_to_connected helper
Hengqi Chen (4):
libbpf: Resolve symbol conflicts at the same offset for uprobe
libbpf: Support symbol versioning for uprobe
selftests/bpf: Add tests for symbol versioning for uprobe
libbpf: Allow Golang symbols in uprobe secdef
Ian Rogers (2):
bpftool: Align output skeleton ELF code
bpftool: Align bpf_load_and_run_opts insns and data
Ilya Leoshkevich (10):
bpf: Disable zero-extension for BPF_MEMSX
selftests/bpf: Unmount the cgroup2 work directory
selftests/bpf: Add big-endian support to the ldsx test
s390/bpf: Implement BPF_MOV | BPF_X with sign-extension
s390/bpf: Implement BPF_MEMSX
s390/bpf: Implement unconditional byte swap
s390/bpf: Implement unconditional jump with 32-bit offset
s390/bpf: Implement signed division
selftests/bpf: Enable the cpuv4 tests for s390x
selftests/bpf: Trim DENYLIST.s390x
Jinghao Jia (2):
samples/bpf: syscall_tp_user: Rename num_progs into nr_tests
samples/bpf: syscall_tp_user: Fix array out-of-bound access
Jiri Olsa (9):
bpf: Count stats for kprobe_multi programs
bpf: Add missed value to kprobe_multi link info
bpf: Add missed value to kprobe perf link info
bpf: Count missed stats in trace_call_bpf
bpftool: Display missed count for kprobe_multi link
bpftool: Display missed count for kprobe perf link
selftests/bpf: Add test for missed counts of perf event link kprobe
selftests/bpf: Add test for recursion counts of perf event link kprobe
selftests/bpf: Add test for recursion counts of perf event link tracepoint
Kees Cook (1):
bpf: Annotate struct bpf_stack_map with __counted_by
Martin KaFai Lau (3):
Merge branch 'bpf: Fix src IP addr related limitation in bpf_*_fib_lookup()'
Merge branch 'Add cgroup sockaddr hooks for unix sockets'
net/bpf: Avoid unused "sin_addr_len" warning when CONFIG_CGROUP_BPF is not set
Martin Kelly (14):
libbpf: Refactor cleanup in ring_buffer__add
libbpf: Switch rings to array of pointers
libbpf: Add ring_buffer__ring
selftests/bpf: Add tests for ring_buffer__ring
libbpf: Add ring__producer_pos, ring__consumer_pos
selftests/bpf: Add tests for ring__*_pos
libbpf: Add ring__avail_data_size
selftests/bpf: Add tests for ring__avail_data_size
libbpf: Add ring__size
selftests/bpf: Add tests for ring__size
libbpf: Add ring__map_fd
selftests/bpf: Add tests for ring__map_fd
libbpf: Add ring__consume
selftests/bpf: Add tests for ring__consume
Martynas Pumputis (2):
bpf: Derive source IP addr via bpf_*_fib_lookup()
selftests/bpf: Add BPF_FIB_LOOKUP_SRC tests
Ruowen Qin (1):
samples/bpf: Add -fsanitize=bounds to userspace programs
Tiezhu Yang (1):
bpf, docs: Add loongarch64 as arch supporting BPF JIT
Tushar Vyavahare (8):
selftests/xsk: Move pkt_stream to the xsk_socket_info
selftests/xsk: Rename xsk_xdp_metadata.h to xsk_xdp_common.h
selftests/xsk: Move src_mac and dst_mac to the xsk_socket_info
selftests/xsk: Iterate over all the sockets in the receive pkts function
selftests/xsk: Remove unnecessary parameter from pkt_set() function call
selftests/xsk: Iterate over all the sockets in the send pkts function
selftests/xsk: Modify xsk_update_xskmap() to accept the index as an argument
selftests/xsk: Add a test for shared umem feature
Yafang Shao (2):
bpf: Inherit system settings for CPU security mitigations
bpf: Avoid unnecessary audit log for CPU security mitigations
Documentation/admin-guide/sysctl/net.rst | 1 +
Documentation/bpf/libbpf/program_types.rst | 10 +
Documentation/networking/filter.rst | 4 +-
arch/s390/net/bpf_jit_comp.c | 265 ++++++---
include/linux/bpf-cgroup-defs.h | 5 +
include/linux/bpf-cgroup.h | 90 +--
include/linux/bpf.h | 20 +-
include/linux/filter.h | 3 +-
include/linux/trace_events.h | 6 +-
include/net/ipv6_stubs.h | 5 +
include/uapi/linux/bpf.h | 29 +-
kernel/bpf/bpf_iter.c | 2 -
kernel/bpf/btf.c | 1 +
kernel/bpf/cgroup.c | 28 +-
kernel/bpf/helpers.c | 8 +-
kernel/bpf/stackmap.c | 2 +-
kernel/bpf/syscall.c | 29 +-
kernel/bpf/task_iter.c | 91 +++
kernel/bpf/verifier.c | 81 ++-
kernel/trace/bpf_trace.c | 10 +-
kernel/trace/trace_kprobe.c | 14 +-
kernel/trace/trace_syscalls.c | 4 +-
net/core/filter.c | 67 ++-
net/ipv4/af_inet.c | 9 +-
net/ipv4/ping.c | 2 +-
net/ipv4/tcp_ipv4.c | 2 +-
net/ipv4/udp.c | 9 +-
net/ipv6/af_inet6.c | 10 +-
net/ipv6/ping.c | 2 +-
net/ipv6/tcp_ipv6.c | 2 +-
net/ipv6/udp.c | 6 +-
net/unix/af_unix.c | 35 +-
samples/bpf/Makefile | 3 +
samples/bpf/syscall_tp_user.c | 45 +-
tools/bpf/bpftool/Documentation/bpftool-cgroup.rst | 16 +-
tools/bpf/bpftool/Documentation/bpftool-prog.rst | 8 +-
tools/bpf/bpftool/bash-completion/bpftool | 14 +-
tools/bpf/bpftool/cgroup.c | 16 +-
tools/bpf/bpftool/gen.c | 58 +-
tools/bpf/bpftool/link.c | 6 +
tools/bpf/bpftool/prog.c | 7 +-
tools/include/uapi/linux/bpf.h | 29 +-
tools/lib/bpf/bpf_tracing.h | 2 -
tools/lib/bpf/elf.c | 139 ++++-
tools/lib/bpf/libbpf.c | 32 +-
tools/lib/bpf/libbpf.h | 73 +++
tools/lib/bpf/libbpf.map | 7 +
tools/lib/bpf/ringbuf.c | 85 ++-
tools/testing/selftests/bpf/DENYLIST.aarch64 | 1 +
tools/testing/selftests/bpf/DENYLIST.s390x | 25 -
tools/testing/selftests/bpf/Makefile | 37 +-
tools/testing/selftests/bpf/bpf_experimental.h | 8 +
tools/testing/selftests/bpf/bpf_kfuncs.h | 14 +
.../selftests/bpf/bpf_testmod/bpf_testmod.c | 5 +
.../selftests/bpf/bpf_testmod/bpf_testmod_kfunc.h | 2 +
tools/testing/selftests/bpf/cgroup_helpers.c | 38 +-
tools/testing/selftests/bpf/config | 1 +
tools/testing/selftests/bpf/liburandom_read.map | 15 +
.../selftests/bpf/map_tests/map_in_map_batch_ops.c | 4 +-
tools/testing/selftests/bpf/network_helpers.c | 34 ++
tools/testing/selftests/bpf/network_helpers.h | 1 +
tools/testing/selftests/bpf/prog_tests/align.c | 241 ++++----
.../selftests/bpf/prog_tests/bloom_filter_map.c | 4 +-
tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 26 +-
.../selftests/bpf/prog_tests/connect_ping.c | 4 +-
.../testing/selftests/bpf/prog_tests/fib_lookup.c | 83 ++-
tools/testing/selftests/bpf/prog_tests/iters.c | 58 ++
.../testing/selftests/bpf/prog_tests/linked_list.c | 2 +-
.../testing/selftests/bpf/prog_tests/lwt_helpers.h | 3 +-
tools/testing/selftests/bpf/prog_tests/missed.c | 138 +++++
.../selftests/bpf/prog_tests/percpu_alloc.c | 3 +
.../selftests/bpf/prog_tests/queue_stack_map.c | 2 +-
tools/testing/selftests/bpf/prog_tests/ringbuf.c | 26 +
.../selftests/bpf/prog_tests/ringbuf_multi.c | 15 +
.../selftests/bpf/prog_tests/section_names.c | 45 ++
tools/testing/selftests/bpf/prog_tests/sock_addr.c | 612 +++++++++++++++++++++
.../selftests/bpf/prog_tests/sockmap_basic.c | 8 +-
.../selftests/bpf/prog_tests/sockmap_helpers.h | 2 +-
.../selftests/bpf/prog_tests/sockmap_listen.c | 150 ++---
tools/testing/selftests/bpf/prog_tests/timer.c | 4 +
tools/testing/selftests/bpf/prog_tests/uprobe.c | 95 ++++
.../selftests/bpf/prog_tests/xdp_metadata.c | 2 +-
.../{bpf_iter_task_vma.c => bpf_iter_task_vmas.c} | 0
tools/testing/selftests/bpf/progs/bpf_misc.h | 3 +
.../selftests/bpf/progs/connect_unix_prog.c | 40 ++
.../selftests/bpf/progs/exceptions_assert.c | 18 +-
.../selftests/bpf/progs/getpeername_unix_prog.c | 39 ++
.../selftests/bpf/progs/getsockname_unix_prog.c | 39 ++
tools/testing/selftests/bpf/progs/iters_task_vma.c | 43 ++
tools/testing/selftests/bpf/progs/missed_kprobe.c | 30 +
.../selftests/bpf/progs/missed_kprobe_recursion.c | 48 ++
.../selftests/bpf/progs/missed_tp_recursion.c | 41 ++
.../selftests/bpf/progs/percpu_alloc_array.c | 7 +
.../bpf/progs/percpu_alloc_cgrp_local_storage.c | 4 +
tools/testing/selftests/bpf/progs/profiler.inc.h | 2 +-
.../selftests/bpf/progs/recvmsg_unix_prog.c | 39 ++
.../selftests/bpf/progs/sendmsg_unix_prog.c | 40 ++
tools/testing/selftests/bpf/progs/test_ldsx_insn.c | 9 +-
tools/testing/selftests/bpf/progs/test_uprobe.c | 61 ++
tools/testing/selftests/bpf/progs/test_vmlinux.c | 4 +-
tools/testing/selftests/bpf/progs/timer.c | 63 ++-
tools/testing/selftests/bpf/progs/verifier_bswap.c | 3 +-
tools/testing/selftests/bpf/progs/verifier_gotol.c | 3 +-
tools/testing/selftests/bpf/progs/verifier_ldsx.c | 151 ++---
tools/testing/selftests/bpf/progs/verifier_movsx.c | 3 +-
tools/testing/selftests/bpf/progs/verifier_sdiv.c | 3 +-
tools/testing/selftests/bpf/progs/xsk_xdp_progs.c | 22 +-
tools/testing/selftests/bpf/test_loader.c | 4 +-
tools/testing/selftests/bpf/test_progs.c | 2 +-
tools/testing/selftests/bpf/test_progs.h | 2 +
tools/testing/selftests/bpf/urandom_read.c | 15 +-
tools/testing/selftests/bpf/urandom_read_lib1.c | 22 +
tools/testing/selftests/bpf/xdp_features.c | 4 +-
tools/testing/selftests/bpf/xdp_hw_metadata.c | 2 +-
tools/testing/selftests/bpf/xsk.c | 3 +-
tools/testing/selftests/bpf/xsk.h | 2 +-
tools/testing/selftests/bpf/xsk_xdp_common.h | 12 +
tools/testing/selftests/bpf/xsk_xdp_metadata.h | 5 -
tools/testing/selftests/bpf/xskxceiver.c | 513 ++++++++++-------
tools/testing/selftests/bpf/xskxceiver.h | 13 +-
120 files changed, 3519 insertions(+), 895 deletions(-)
create mode 100644 tools/testing/selftests/bpf/liburandom_read.map
create mode 100644 tools/testing/selftests/bpf/prog_tests/missed.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/sock_addr.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/uprobe.c
rename tools/testing/selftests/bpf/progs/{bpf_iter_task_vma.c => bpf_iter_task_vmas.c} (100%)
create mode 100644 tools/testing/selftests/bpf/progs/connect_unix_prog.c
create mode 100644 tools/testing/selftests/bpf/progs/getpeername_unix_prog.c
create mode 100644 tools/testing/selftests/bpf/progs/getsockname_unix_prog.c
create mode 100644 tools/testing/selftests/bpf/progs/iters_task_vma.c
create mode 100644 tools/testing/selftests/bpf/progs/missed_kprobe.c
create mode 100644 tools/testing/selftests/bpf/progs/missed_kprobe_recursion.c
create mode 100644 tools/testing/selftests/bpf/progs/missed_tp_recursion.c
create mode 100644 tools/testing/selftests/bpf/progs/recvmsg_unix_prog.c
create mode 100644 tools/testing/selftests/bpf/progs/sendmsg_unix_prog.c
create mode 100644 tools/testing/selftests/bpf/progs/test_uprobe.c
create mode 100644 tools/testing/selftests/bpf/xsk_xdp_common.h
delete mode 100644 tools/testing/selftests/bpf/xsk_xdp_metadata.h
Powered by blists - more mailing lists