lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 3 Jun 2024 11:01:03 +0800
From: "D. Wythe" <alibuda@...ux.alibaba.com>
To: Wenjia Zhang <wenjia@...ux.ibm.com>, kgraul@...ux.ibm.com,
 jaka@...ux.ibm.com, wintera@...ux.ibm.com, guwen@...ux.alibaba.com
Cc: kuba@...nel.org, davem@...emloft.net, netdev@...r.kernel.org,
 linux-s390@...r.kernel.org, linux-rdma@...r.kernel.org,
 tonylu@...ux.alibaba.com, pabeni@...hat.com, edumazet@...gle.com
Subject: Re: [PATCH net-next v5 0/3] Introduce IPPROTO_SMC



On 5/31/24 4:06 PM, Wenjia Zhang wrote:
>
>
> On 30.05.24 12:14, D. Wythe wrote:
>>
>>
>> On 5/30/24 5:30 PM, D. Wythe wrote:
>>> From: "D. Wythe" <alibuda@...ux.alibaba.com>
>>>
>>> This patch allows to create smc socket via AF_INET,
>>> similar to the following code,
>>>
>>> /* create v4 smc sock */
>>> v4 = socket(AF_INET, SOCK_STREAM, IPPROTO_SMC);
>>>
>>> /* create v6 smc sock */
>>> v6 = socket(AF_INET6, SOCK_STREAM, IPPROTO_SMC);
>>
>> Welcome everyone to try out the eBPF based version of smc_run during 
>> testing, I have added a separate command called smc_run.bpf,
>> it was equivalent to normal smc_run but with IPPROTO_SMC via eBPF.
>>
>> You can obtain the code and more info from: 
>> https://github.com/D-Wythe/smc-tools
>>
>> Usage:
>>
>> smc_run.bpf
>> An eBPF implemented smc_run based on IPPROTO_SMC:
>>
>> 1. Support to transparent replacement based on command (Just like 
>> smc_run).
>> 2. Supprot to transparent replacement based on pid configuration. And 
>> supports the inheritance of this capability between parent and child 
>> processes.
>> 3. Support to transparent replacement based on per netns configuration.
>>
>> smc_run.bpf COMMAND
>>
>> 1. Equivalent to smc_run but with IPPROTO_SMC via eBPF
>>
>> smc_run.bpf -p pid
>>
>>   1. Add the process with target pid to the map. Afterward, all 
>> socket() calls of the process and its descendant processes will be 
>> replaced from IPPROTO_TCP to IPPROTO_SMC.
>>   2. Mapping will be automatically deleted when process exits.
>>   3. Specifically, COMMAND mode is actually works like following:
>>
>>      smc_run.bpf -p $$
>>      COMMAND
>>      exit
>>
>> smc_run.bpf -n 1
>>
>>   1. Make all socket() calls of the current netns to be replaced from 
>> IPPROTO_TCP to IPPROTO_SMC.
>>   2. Turn off it by smc_run.bpf -n 0
>>
>>
> Hi D. Wythe,
>
> Thank you for the info and description! The code generally looks good 
> to me, just still some details I need to check again. And I'd like to 
> give smc_run.bpf a try, and maybe let you know if it works for me next 
> week.
>
> Thanks,
> Wenjia

Hi Wenjia,

That's okay to us. And if there are any issues regarding the use of 
smc_run.bpf, please let me know.

Best wishes,
D. Wythe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ