| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250731084240.86550-1-alibuda@linux.alibaba.com> Date: Thu, 31 Jul 2025 16:42:35 +0800 From: "D. Wythe" <alibuda@...ux.alibaba.com> To: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org, martin.lau@...ux.dev, pabeni@...hat.com, song@...nel.org, sdf@...gle.com, haoluo@...gle.com, yhs@...com, edumazet@...gle.com, john.fastabend@...il.com, kpsingh@...nel.org, jolsa@...nel.org, Mahanta.Jambigi@....com, Sidraya.Jayagond@....com, wenjia@...ux.ibm.com, wintera@...ux.ibm.com, dust.li@...ux.alibaba.com, tonylu@...ux.alibaba.com, guwen@...ux.alibaba.com Cc: bpf@...r.kernel.org, davem@...emloft.net, kuba@...nel.org, netdev@...r.kernel.org, jaka@...ux.ibm.com Subject: [PATCH bpf-next 0/5] net/smc: Introduce smc_hs_ctrl This patch aims to introduce BPF injection capabilities for SMC and includes a self-test to ensure code stability. Since the SMC protocol isn't ideal for every situation, especially short-lived ones, most applications can't guarantee the absence of such scenarios. Consequently, applications may need specific strategies to decide whether to use SMC. For example, an application might limit SMC usage to certain IP addresses or ports. To maintain the principle of transparent replacement, we want applications to remain unaffected even if they need specific SMC strategies. In other words, they should not require recompilation of their code. Additionally, we need to ensure the scalability of strategy implementation. While using socket options or sysctl might be straightforward, it could complicate future expansions. Fortunately, BPF addresses these concerns effectively. Users can write their own strategies in eBPF to determine whether to use SMC, and they can easily modify those strategies in the future. This is a rework of the series from [1]. Changes since [1] are limited to the SMC parts: 1. Rename smc_ops to smc_hs_ctrl and change interface name. 2. Squash SMC patches, removing standalone non-BPF hook capability. 3. Fix typos [1]: https://lore.kernel.org/bpf/20250123015942.94810-1-alibuda@linux.alibaba.com/#t D. Wythe (5): bpf: export necessary sympols for modules with struct_ops net/smc: fix UAF on smcsk after smc_listen_out() net/smc: bpf: Introduce generic hook for handshake flow libbpf: fix error when st-prefix_ops and ops from differ btf bpf/selftests: add selftest for bpf_smc_hs_ctrl include/net/netns/smc.h | 3 + include/net/smc.h | 53 +++ kernel/bpf/bpf_struct_ops.c | 2 + kernel/bpf/syscall.c | 1 + net/ipv4/tcp_output.c | 18 +- net/smc/Kconfig | 12 + net/smc/Makefile | 1 + net/smc/af_smc.c | 14 +- net/smc/smc_hs_bpf.c | 131 ++++++ net/smc/smc_hs_bpf.h | 31 ++ net/smc/smc_sysctl.c | 90 ++++ tools/lib/bpf/libbpf.c | 37 +- tools/testing/selftests/bpf/config | 4 + .../selftests/bpf/prog_tests/test_bpf_smc.c | 396 ++++++++++++++++++ tools/testing/selftests/bpf/progs/bpf_smc.c | 117 ++++++ 15 files changed, 886 insertions(+), 24 deletions(-) create mode 100644 net/smc/smc_hs_bpf.c create mode 100644 net/smc/smc_hs_bpf.h create mode 100644 tools/testing/selftests/bpf/prog_tests/test_bpf_smc.c create mode 100644 tools/testing/selftests/bpf/progs/bpf_smc.c -- 2.45.0
Powered by blists - more mailing lists