On 09/03/2016 06:36 PM, SF Markus Elfring wrote:
From: Markus Elfring
Date: Sat, 3 Sep 2016 17:10:20 +0200
A multiplication for the size determination of a memory allocation
indicated that an array data structure should be processed.
Thus use the corresponding function "kmalloc_array".
This is
On 09/01/2016 09:44 AM, Peter Zijlstra wrote:
On Wed, Aug 31, 2016 at 02:50:39PM -0700, Alexei Starovoitov wrote:
+static u32 pe_prog_convert_ctx_access(enum bpf_access_type type, int dst_reg,
+ int src_reg, int ctx_off,
+ s
On 08/27/2016 04:31 AM, Alexei Starovoitov wrote:
Make sure that BPF_PROG_TYPE_PERF_EVENT programs only use
preallocated hash maps, since doing memory allocation
in overflow_handler can crash depending on where nmi got triggered.
Signed-off-by: Alexei Starovoitov
Acked-by: Daniel Borkmann
struct bpf_perf_event_data_kern which allows changing
struct perf_sample_data without affecting bpf programs.
New fields can be added to the end of struct bpf_perf_event_data
in the future.
Signed-off-by: Alexei Starovoitov
Two things I noticed below, otherwise for BPF bits:
Acked-by: Daniel Borkmann
[...]
+
patch doesn't affect safety of sockets and xdp programs.
They check for 4-byte only ctx access before these conditions are hit.
Signed-off-by: Alexei Starovoitov
Acked-by: Daniel Borkmann
On 08/15/2016 02:35 AM, Stephen Rothwell wrote:
Hi all,
Today's linux-next merge of the net-next tree got a conflict in:
kernel/bpf/verifier.c
between commit:
747ea55e4f78 ("bpf: fix bpf_skb_in_cgroup helper naming")
from the net tree and commit:
60d20f9195b2 ("bpf: Add bpf_current
On 08/12/2016 11:38 PM, Fabian Frederick wrote:
Update documentation according to commit 606b5908
("bpf: split HAVE_BPF_JIT into cBPF and eBPF variant")
Signed-off-by: Fabian Frederick
Thanks, Fabian!
Acked-by: Daniel Borkmann
On 08/12/2016 04:36 PM, Jiri Kosina wrote:
On Fri, 12 Aug 2016, Daniel Borkmann wrote:
I was thinking about something like the patch below (the reasong being
that ->dev would be NULL only in cases of singletonish qdiscs) ...
wouldn't that also fix the issue you're seeing? Hav
On 08/12/2016 03:53 PM, Jiri Kosina wrote:
On Fri, 12 Aug 2016, Daniel Borkmann wrote:
This results in below panic. Tested reverting this patch and it fixes
the panic.
Did you test this also with ingress or clsact qdisc (just try adding
it to lo dev for example) ?
Hi Daniel,
thanks for the
Hi Jiri,
On 08/10/2016 11:05 AM, Jiri Kosina wrote:
From: Jiri Kosina
Convert the per-device linked list into a hashtable. The primary
motivation for this change is that currently, we're not tracking all the
qdiscs in hierarchy (e.g. excluding default qdiscs), as the lookup
performed over the
On 08/05/2016 12:54 AM, Andi Kleen wrote:
+1, I tried to bring this up here [1] in the last spin. I think only very
few changes would be needed, f.e. on eBPF side to add a queue setting
helper function which is probably straight forward ~10loc patch; and with
regards to actually picking it up aft
On 08/04/2016 10:21 PM, John Fastabend wrote:
On 16-08-04 12:36 PM, kan.li...@intel.com wrote:
From: Kan Liang
To achieve better network performance, the key step is to distribute the
packets to dedicated queues according to policy and system run time
status.
This patch provides an interface
On 08/04/2016 11:52 AM, Daniel Borkmann wrote:
On 08/04/2016 09:12 AM, Sargun Dhillon wrote:
I think it makes sense to restrict Checmate to loading programs that have been
compiled with the current kernel ABI. We can further stabilize the ABI, and
perhaps lift this restriction later.
Signed
On 08/04/2016 09:12 AM, Sargun Dhillon wrote:
I think it makes sense to restrict Checmate to loading programs that have been
compiled with the current kernel ABI. We can further stabilize the ABI, and
perhaps lift this restriction later.
Signed-off-by: Sargun Dhillon
---
kernel/bpf/syscall.c
Hi Sargun,
On 08/04/2016 09:11 AM, Sargun Dhillon wrote:
[...]
[It's a] minor LSM. My particular use case is one in which containers are being
dynamically deployed to machines by internal developers in a different group.
[...]
For many of these containers, the security policies can be fairly n
On 07/25/2016 02:54 PM, Sargun Dhillon wrote:
This allows user memory to be written to during the course of a kprobe.
It shouldn't be used to implement any kind of security mechanism
because of TOC-TOU attacks, but rather to debug, divert, and
manipulate execution of semi-cooperative processes.
f crashing
the system, we print a warning on invocation.
It was tested with the tracex7 program on x86-64.
Signed-off-by: Sargun Dhillon
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
---
include/uapi/linux/bpf.h | 12
kernel/bpf/verifier.c | 9 +
kernel/trace/bpf_tra
: 555c8a8623a3 ("bpf: avoid stack copy and use skb ctx for event output")
Fixes: 7e3f977edd0b ("perf, events: add non-linear data support for raw
records")
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
---
include/linux/bpf.h| 2 +-
include/linux/perf_eve
On 07/21/2016 12:47 PM, Sargun Dhillon wrote:
On Thu, Jul 21, 2016 at 01:00:51AM +0200, Daniel Borkmann wrote:
[...]
I don't really like couple of things, your ifdef CONFIG_MMU might not be
needed I think, couple of these checks seem redundant, (I'm not yet sure
about the task-&
On 07/20/2016 11:58 AM, Sargun Dhillon wrote:
[...]
So, with that, what about the following:
It includes
-Desupporting no MMU platforms as we've deemed them incapable of being
safe
-Checking that we're not in a kthread
-Checking that the active mm is the thread's mm
-A log message indicating th
On 07/20/2016 05:02 AM, Alexei Starovoitov wrote:
On Wed, Jul 20, 2016 at 01:19:51AM +0200, Daniel Borkmann wrote:
On 07/19/2016 06:34 PM, Alexei Starovoitov wrote:
On Tue, Jul 19, 2016 at 01:17:53PM +0200, Daniel Borkmann wrote:
+ return -EINVAL;
+
+ /* Is this a user
On 07/19/2016 06:34 PM, Alexei Starovoitov wrote:
On Tue, Jul 19, 2016 at 01:17:53PM +0200, Daniel Borkmann wrote:
+ return -EINVAL;
+
+ /* Is this a user address, or a kernel address? */
+ if (!access_ok(VERIFY_WRITE, to, size))
+ return -EINVAL
Hi Sargun,
On 07/19/2016 11:32 AM, Sargun Dhillon wrote:
This allows user memory to be written to during the course of a kprobe.
It shouldn't be used to implement any kind of security mechanism
because of TOC-TOU attacks, but rather to debug, divert, and
manipulate execution of semi-cooperative
On 07/18/2016 08:30 PM, Liang, Kan wrote:
On 07/18/2016 08:55 AM, kan.li...@intel.com wrote:
[...]
On a higher level picture, why for example, a new cgroup in combination
with tc shouldn't be the ones resolving these policies on resource usage?
The NET policy doesn't support cgroup yet, but i
Hi Kan,
On 07/18/2016 08:55 AM, kan.li...@intel.com wrote:
From: Kan Liang
It is a big challenge to get good network performance. First, the network
performance is not good with default system settings. Second, it is too
difficult to do automatic tuning for all possible workloads, since worklo
bpf_event_output() directly.
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
---
kernel/trace/bpf_trace.c | 35 ++-
1 file changed, 22 insertions(+), 13 deletions(-)
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 35ab1b2..c35883a 100644
defined meta data
passed along with the appended sample.
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
---
include/linux/bpf.h | 7 ++-
include/uapi/linux/bpf.h | 2 ++
kernel/bpf/core.c| 6 --
kernel/trace/bpf_trace.c | 33 +++---
the remaining ones accordingly. Thanks Peter!
Thanks a lot!
Daniel Borkmann (3):
perf, events: add non-linear data support for raw records
bpf, perf: split bpf_perf_event_output
bpf: avoid stack copy and use skb ctx for event output
arch/s390/kernel/perf_cpum_sf.c | 9 --
arch/x86/ev
.gmane.org/gmane.linux.network/421294
Suggested-by: Peter Zijlstra
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
---
Hi Peter, I've adapted the patch to your suggestion and also
added the padding; all size calculation is only done once at
perf_prepare_sample() time as well to avoid u
On 07/13/2016 06:40 PM, Peter Zijlstra wrote:
On Wed, Jul 13, 2016 at 04:08:55PM +0200, Daniel Borkmann wrote:
On 07/13/2016 03:42 PM, Peter Zijlstra wrote:
Ok so the nonlinear thing was it doing _two_ copies, one the regular
__output_copy() on raw->data and second the optional fragm
Hi Peter,
On 07/13/2016 03:42 PM, Peter Zijlstra wrote:
Ok so the nonlinear thing was it doing _two_ copies, one the regular
__output_copy() on raw->data and second the optional fragment thingy
using __output_custom().
Would something like this work instead?
It does the nonlinear thing and th
On 07/13/2016 02:10 PM, Peter Zijlstra wrote:
On Wed, Jul 13, 2016 at 11:24:13AM +0200, Daniel Borkmann wrote:
On 07/13/2016 09:52 AM, Peter Zijlstra wrote:
On Wed, Jul 13, 2016 at 12:36:17AM +0200, Daniel Borkmann wrote:
This patch adds support for non-linear data on raw records. It means
Hi Peter,
On 07/13/2016 09:52 AM, Peter Zijlstra wrote:
On Wed, Jul 13, 2016 at 12:36:17AM +0200, Daniel Borkmann wrote:
This patch adds support for non-linear data on raw records. It means
that for such data, the newly introduced __output_custom() helper will
be used instead of __output_copy
On 07/13/2016 01:25 AM, kbuild test robot wrote:
Hi,
[auto build test WARNING on net-next/master]
url:
https://github.com/0day-ci/linux/commits/Daniel-Borkmann/BPF-event-output-helper-improvements/20160713-065944
config: s390-allyesconfig (attached as .config)
compiler: s390x-linux-gnu-gcc
size_head
and frag data; no change in behavior for them. Later patch will extend
BPF side with a first user and callback for this facility, future users
could be things like XDP BPF programs (that work on different context
though and would thus have a different callback), etc.
Signed-off-by: Daniel
: Daniel Borkmann
Acked-by: Alexei Starovoitov
---
kernel/trace/bpf_trace.c | 32
1 file changed, 20 insertions(+), 12 deletions(-)
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 8540bd5..4d3d5b8 100644
--- a/kernel/trace/bpf_trace.c
+++ b
This set adds improvements to the BPF event output helper to
support non-linear data sampling, here specifically, for skb
context. For details please see individual patches. The set
is based against net-next tree.
Thanks a lot!
Daniel Borkmann (3):
perf, events: add non-linear data support for
data for setup to bpf_event_output(), which generates and pushes
the raw record. The linear data used in the non-frag part of the
record serves as custom / programmatically defined meta data passed
along with the appended sample.
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
f-by: Paul Gortmaker
(Patch is for net-next tree then.)
Acked-by: Daniel Borkmann
On 07/09/2016 02:20 AM, Alexei Starovoitov wrote:
On Sat, Jul 09, 2016 at 01:31:40AM +0200, Eric Dumazet wrote:
On Fri, 2016-07-08 at 17:52 +0200, Michal Kubecek wrote:
If socket filter truncates an udp packet below the length of UDP header
in udpv6_queue_rcv_skb() or udp_queue_rcv_skb(), it wi
estruction).
Fixes: dead9f29ddcc ("perf: Fix race in BPF program unregister")
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Cc: Jann Horn
---
include/linux/bpf.h | 4
kernel/events/core.c | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/include/l
On 06/23/2016 11:26 PM, Martin KaFai Lau wrote:
On Thu, Jun 23, 2016 at 11:42:31AM +0200, Daniel Borkmann wrote:
Hi Martin,
[ sorry to jump late in here, on pto currently ]
Thanks for reviewing.
Could you describe a bit more with regards to pinning maps and how this
should interact with
On 06/23/2016 11:13 PM, Tejun Heo wrote:
Hello,
On Thu, Jun 23, 2016 at 11:42:31AM +0200, Daniel Borkmann wrote:
I presume it's a valid use case to pin a cgroup map, put fds into it and
remove the pinned file expecting to continue to match on it, right? So
lifetime is really until last
On 06/23/2016 06:54 PM, Martin KaFai Lau wrote:
On Thu, Jun 23, 2016 at 11:53:50AM +0200, Daniel Borkmann wrote:
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 668e079..68753e0 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -1062,6 +1062,10 @@ static int
p
Most of the lines in test_cgrp2_tc.sh is the boilerplate
to setup the cgroup/bpf-fs/net-devices/netns...etc. It is
not bulletproof on errors but should work well enough and
give enough debug info if things did not go well.
Signed-off-by: Martin KaFai Lau
Cc: Alexei Starovoitov
Cc: Daniel Bor
s expected to populate a BPF_MAP_TYPE_CGROUP_ARRAY
which will be used by the bpf_skb_in_cgroup.
Modifications to the bpf verifier is to ensure BPF_MAP_TYPE_CGROUP_ARRAY
and bpf_skb_in_cgroup() are always used together.
Signed-off-by: Martin KaFai Lau
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
e the array with that fd.
Signed-off-by: Martin KaFai Lau
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
Cc: Tejun Heo
Acked-by: Alexei Starovoitov
Could you describe a bit more with regards to pinning maps and how this
should interact with cgroups? The two specialized array maps we have (tail
On 06/16/2016 11:44 AM, John Crispin wrote:
On 16/06/2016 07:20, David Miller wrote:
From: John Crispin
Date: Wed, 15 Jun 2016 16:58:46 +0200
This series contains 2 small code cleanups that are leftovers from the
MIPS support. There is also a small fix that adds proper locking to the
code acc
On 06/06/2016 06:56 AM, Z Lim wrote:
[...]
How about the attached patch? Fixes compilation error on build
!CONFIG_BPF_SYSCALL.
Also, should this patch be sent to net or net-next (along with this series)?
Looks good, feel free to add:
Acked-by: Daniel Borkmann
I think net-next along with
On 06/05/2016 01:46 AM, kbuild test robot wrote:
Hi,
[auto build test ERROR on net-next/master]
url:
https://github.com/0day-ci/linux/commits/Zi-Shen-Lim/arm64-bpf-implement-bpf_tail_call-helper/20160605-060435
config: arm64-defconfig (attached as .config)
compiler: aarch64-linux-gnu-gcc (D
On 05/17/2016 03:38 PM, Catalin Marinas wrote:
On Tue, May 17, 2016 at 09:12:34AM +0200, Daniel Borkmann wrote:
On 05/17/2016 09:03 AM, Geert Uytterhoeven wrote:
[...]
Someone's not gonna be happy with commit 606b5908 ("bpf: split
HAVE_BPF_JIT into cBPF and eBPF variant") br
and epilogue. AAPCS reserves R9 ~ R15 for temp
registers which not need to be saved/restored during function call. So, replace
R23 and R24 to R10 and R11, and remove tmp_used flag to save 2 instructions for
some jited BPF program.
CC: Daniel Borkmann
Acked-by: Zi Shen Lim
Signed-off-by: Yang Shi
On 05/17/2016 09:03 AM, Geert Uytterhoeven wrote:
[...]
Someone's not gonna be happy with commit 606b5908 ("bpf: split
HAVE_BPF_JIT into cBPF and eBPF variant") breaking the sort order again...
Wasn't aware of that. Maybe I'm missing something, but there appears
to be no throughout consiste
On 05/17/2016 02:24 AM, Stephen Rothwell wrote:
Hi all,
Today's linux-next merge of the net-next tree got a conflict in:
arch/arm64/Kconfig
between commit:
8ee708792e1c ("arm64: Kconfig: remove redundant HAVE_ARCH_TRANSPARENT_HUGEPAGE
definition")
from the arm64 tree and commit:
6
On 05/06/2016 12:39 AM, Colin King wrote:
From: Colin Ian King
klogctl can fail and return -ve len, so check for this and
return NULL to avoid passing a (size_t)-1 to malloc.
Signed-off-by: Colin Ian King
[ would be nice to get Cc'ed in future ... ]
Acked-by: Daniel Borkmann
used.
Signed-off-by: Daniel Borkmann
Signed-off-by: Alexei Starovoitov
---
include/uapi/linux/bpf.h | 4
kernel/trace/bpf_trace.c | 7 ++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 70eda5a..b7b0fb1 100644
le will be added to iproute2's BPF example files.
Signed-off-by: Daniel Borkmann
Signed-off-by: Alexei Starovoitov
---
include/linux/bpf.h | 2 ++
kernel/bpf/core.c| 7 +++
kernel/trace/bpf_trace.c | 27 +++
net/core/filter.c| 2 ++
4 file
This minor set adds a new helper bpf_event_output() for eBPF cls/act
program types which allows to pass events to user space applications.
For details, please see individual patches.
Thanks!
v1 -> v2:
- Address kbuild bot found compile issue in patch 2
- Rest as is
Daniel Borkmann
On 04/18/2016 01:55 AM, kbuild test robot wrote:
Hi Daniel,
[auto build test ERROR on net-next/master]
url:
https://github.com/0day-ci/linux/commits/Daniel-Borkmann/bpf-trace-add-BPF_F_CURRENT_CPU-flag-for-bpf_perf_event_output/20160418-063147
config: m68k-allyesconfig (attached as .config
This minor set adds a new helper bpf_skb_event_output() for eBPF cls/act
program types which allows to pass events to user space applications. For
details, please see individual patches.
Thanks!
Daniel Borkmann (2):
bpf, trace: add BPF_F_CURRENT_CPU flag for bpf_perf_event_output
bpf: add
used.
Signed-off-by: Daniel Borkmann
Signed-off-by: Alexei Starovoitov
---
include/uapi/linux/bpf.h | 4
kernel/trace/bpf_trace.c | 7 ++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 70eda5a..b7b0fb1 100644
le will be added to iproute2's BPF example files.
Signed-off-by: Daniel Borkmann
Signed-off-by: Alexei Starovoitov
---
include/linux/bpf.h | 2 ++
kernel/trace/bpf_trace.c | 2 +-
net/core/filter.c| 30 ++
3 files changed, 33 insertions(+), 1
On 04/05/2016 11:36 PM, Bastien Philbert wrote:
This fixes error handling for the switch statement case
SCTP_CMD_SEND_PKT by making the error value of the call
to sctp_packet_transmit equal the variable error due to
this function being able to fail with a error code. In
What actual issue have y
: Alexei Starovoitov
Cc: Daniel Borkmann
Cc: "David S. Miller"
Cc: Ananth N Mavinakayanahalli
Cc: Michael Ellerman
Cc: Paul Mackerras
Signed-off-by: Naveen N. Rao
Thanks for adding these!
Acked-by: Daniel Borkmann
On 04/05/2016 12:02 PM, Naveen N. Rao wrote:
BPF_ALU32 and BPF_ALU64 tests for adding two 32-bit values that results in
32-bit overflow.
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
Cc: "David S. Miller"
Cc: Ananth N Mavinakayanahalli
Cc: Michael Ellerman
Cc: Paul Mackerras
Sig
On 04/05/2016 12:02 PM, Naveen N. Rao wrote:
Unsigned Jump-if-Greater-Than.
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
Cc: "David S. Miller"
Cc: Ananth N Mavinakayanahalli
Cc: Michael Ellerman
Cc: Paul Mackerras
Signed-off-by: Naveen N. Rao
Acked-by: Daniel Borkmann
On 04/05/2016 12:02 PM, Naveen N. Rao wrote:
JMP_JSET tests incorrectly used BPF_JNE. Fix the same.
Cc: Alexei Starovoitov
Cc: Daniel Borkmann
Cc: "David S. Miller"
Cc: Ananth N Mavinakayanahalli
Cc: Michael Ellerman
Cc: Paul Mackerras
Signed-off-by: Naveen N. Rao
Acked-
On 04/01/2016 08:10 PM, Alexei Starovoitov wrote:
On 4/1/16 2:58 AM, Naveen N. Rao wrote:
PPC64 eBPF JIT compiler. Works for both ABIv1 and ABIv2.
Enable with:
echo 1 > /proc/sys/net/core/bpf_jit_enable
or
echo 2 > /proc/sys/net/core/bpf_jit_enable
... to see the generated JIT code. This can f
On 03/31/2016 07:46 PM, Alexei Starovoitov wrote:
On 3/31/16 4:25 AM, Naveen N. Rao wrote:
While at it, fix some typos in the comment.
Cc: Alexei Starovoitov
Cc: David S. Miller
Cc: Ananth N Mavinakayanahalli
Cc: Michael Ellerman
Signed-off-by: Naveen N. Rao
---
samples/bpf/Makefile | 11
On 03/30/2016 02:24 PM, Michal Kubecek wrote:
On Wed, Mar 30, 2016 at 01:33:44PM +0200, Daniel Borkmann wrote:
On 03/30/2016 11:42 AM, Michal Kubecek wrote:
I'm just not sure checking if we hold the right lock depending on caller
is worth the extra complexity. After all, what is really n
On 03/30/2016 11:42 AM, Michal Kubecek wrote:
On Tue, Mar 29, 2016 at 04:39:43PM +0200, Daniel Borkmann wrote:
diff --git a/drivers/net/tun.c b/drivers/net/tun.c
index afdf950617c3..7417d7c20bab 100644
--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
@@ -1818,11 +1818,13 @@ static int
On 03/29/2016 03:55 PM, Daniel Borkmann wrote:
[ dropping my old email address ]
On 03/29/2016 02:58 PM, Michal Kubecek wrote:
On Mon, Feb 22, 2016 at 10:31:33AM -0500, Sasha Levin wrote:
I've hit the following warning while fuzzing with trinity inside a kvmtool guest
running the l
[ dropping my old email address ]
On 03/29/2016 02:58 PM, Michal Kubecek wrote:
On Mon, Feb 22, 2016 at 10:31:33AM -0500, Sasha Levin wrote:
I've hit the following warning while fuzzing with trinity inside a kvmtool guest
running the latest -next kernel:
[ 1343.104588] ===
On 03/28/2016 11:56 PM, Kees Cook wrote:
From: Dave Anderson
Fixes a copy-paste-o in the BPF opcode table: "neg" takes no arguments
and thus has no addressing modes.
Signed-off-by: Dave Anderson
Signed-off-by: Kees Cook
Acked-by: Daniel Borkmann
On 03/11/2016 06:20 PM, Alexei Starovoitov wrote:
On 3/11/16 2:24 AM, Daniel Borkmann wrote:
On 03/10/2016 05:02 AM, Alexei Starovoitov wrote:
Lots of places in the kernel use memcpy(buf, comm, TASK_COMM_LEN); but
the result is typically passed to print("%s", buf) and extra bytes
On 03/10/2016 05:02 AM, Alexei Starovoitov wrote:
Lots of places in the kernel use memcpy(buf, comm, TASK_COMM_LEN); but
the result is typically passed to print("%s", buf) and extra bytes
after zero don't cause any harm.
In bpf the result of bpf_get_current_comm() is used as the part of
map key a
On 03/09/2016 06:18 PM, Randy Dunlap wrote:
On 03/09/16 09:07, Randy Dunlap wrote:
[...]
Does it handle where net/Kconfig symbol NET selects BPF unconditionally?
I got the patch from git and tested it. Works. Thanks.
Ahh, perfect, thanks a lot!
On 03/09/2016 06:07 PM, Randy Dunlap wrote:
On 03/09/16 08:48, Daniel Borkmann wrote:
On 03/09/2016 05:44 PM, Randy Dunlap wrote:
On 03/08/16 21:38, Stephen Rothwell wrote:
Hi all,
Changes since 20160308:
on x86_64:
../net/core/filter.c: In function 'bpf_skb_get_tunnel_opt':
.
On 03/09/2016 05:44 PM, Randy Dunlap wrote:
On 03/08/16 21:38, Stephen Rothwell wrote:
Hi all,
Changes since 20160308:
on x86_64:
../net/core/filter.c: In function 'bpf_skb_get_tunnel_opt':
../net/core/filter.c:1824:2: error: implicit declaration of function
'ip_tunnel_info_opts_get' [-Werr
On 03/07/2016 02:58 AM, Alexei Starovoitov wrote:
[...]
---
include/linux/bpf.h | 1 +
include/uapi/linux/bpf.h | 3 +
kernel/bpf/hashtab.c | 264 ++-
kernel/bpf/syscall.c | 2 +-
4 files changed, 196 insertions(+), 74 deletions
On 03/07/2016 02:58 AM, Alexei Starovoitov wrote:
Introduce simple percpu_freelist to keep single list of elements
spread across per-cpu singly linked lists.
/* push element into the list */
void pcpu_freelist_push(struct pcpu_freelist *, struct pcpu_freelist_node *);
/* pop element from the li
prevention mechanism.
Note, map_lookup and other tracing helpers don't have this problem,
since they don't hold any locks and don't modify global data.
bpf_trace_printk has its own recursive check and ok as well.
Signed-off-by: Alexei Starovoitov
LGTM
Acked-by: Daniel Borkmann
On 03/04/2016 03:09 AM, Stephen Rothwell wrote:
Hi all,
Today's linux-next merge of the net-next tree got a conflict in:
drivers/net/vxlan.c
between commit:
4024fcf70556 ("vxlan: fix missing options_len update on RX with collect
metadata")
from the net tree and commit:
3288af0892e
On 02/26/2016 01:13 AM, Stephen Rothwell wrote:
[...]
I fixed it up (see below) and can carry the fix as necessary (no action
is required).
Looks good to me, thanks Stephen!
Best,
Daniel
LGTM, patch is against net-next tree.
Acked-by: Daniel Borkmann
On 02/18/2016 10:27 PM, Tom Zanussi wrote:
On Tue, 2016-02-16 at 20:51 -0800, Alexei Starovoitov wrote:
On Tue, Feb 16, 2016 at 04:35:27PM -0600, Tom Zanussi wrote:
On Sun, 2016-02-14 at 01:02 +0100, Alexei Starovoitov wrote:
[...]
Take a look at all the tools written on top of it:
https://gi
On 02/03/2016 10:47 PM, Joe Perches wrote:
On Wed, 2016-02-03 at 22:14 +0100, Jason A. Donenfeld wrote:
The idea here is to be able to printk a sockaddr_in6, and have it show
something that looks like what the user would naturally pass to
getaddrinfo(3), which is entirely complete.
However, I c
On 02/03/2016 06:56 PM, Joe Perches wrote:
On Wed, 2016-02-03 at 13:13 +0100, Jason A. Donenfeld wrote:
Signed-off-by: Jason A. Donenfeld
---
lib/vsprintf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index 1b1b1c8..85e6645 100644
--- a
On 02/03/2016 11:41 AM, Jason A. Donenfeld wrote:
The sockaddr_in6 has the sin6_scope_id parameter. This contains the
netdev index of the output device. When set to 0, sin6_scope_id is
considered to be "unset" -- it has no Scope ID (see RFC4007). When it is
set to >0, it has a Scope ID.
[...]
S
On 01/21/2016 12:40 PM, Maninder Singh wrote:
The other sock_put() in packet_release() to drop the final ref and call into
sk_free(), which drops the 1 ref on the sk_wmem_alloc from init time. Since you
got into __sk_free() via sock_wfree() destructor, your socket must have invoked
packet_release
On 01/23/2016 08:25 PM, Florian Westphal wrote:
Dmitry Vyukov wrote:
[ CC nf-devel, not sure if its nfnetlink fault or NETLINK_MMAP ]
The following program causes GPF in netlink_getsockbyportid:
// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include
#include
#include
On 01/22/2016 06:35 PM, Adam Jackson wrote:
On Fri, 2016-01-22 at 14:22 -0300, Arnaldo Carvalho de Melo wrote:
the 'bpf' target for clang is being used together with perf to
build scriptlets into object code that then gets uploaded to the kernel
via sys_bpf(), was the decision not to in
so we can whitelist the function.
Signed-off-by: Josh Poimboeuf
Cc: Alexei Starovoitov
Cc: net...@vger.kernel.org
Fine by me:
Acked-by: Daniel Borkmann
On 01/05/2016 05:03 PM, Rabin Vincent wrote:
On Tue, Jan 05, 2016 at 08:00:45AM -0800, Eric Dumazet wrote:
On Tue, 2016-01-05 at 16:23 +0100, Rabin Vincent wrote:
The SKF_AD_ALU_XOR_X ancillary is not like the other ancillary data
instructions since it XORs A with X while all the others replace
-by: Rabin Vincent
Excellent catch, thanks a lot! The fix looks good to me and should
go to -net tree.
Acked-by: Daniel Borkmann
If you're interested, feel free to add a small test case for the
SKF_AD_ALU_XOR_X issue to lib/test_bpf.c for -net-next tree. Thanks!
--
To unsubscribe from this
ket's
hlist, and per-bucket lock is just enough. This patch converts
the per-hashtable lock into per-bucket spinlock, so that
contention can be decreased a lot.
Signed-off-by: Ming Lei
Looks better, thanks!
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "un
On 12/28/2015 01:55 PM, Ming Lei wrote:
Both htab_map_update_elem() and htab_map_delete_elem() can be
called from eBPF program, and they may be in kernel hot path,
so it isn't efficient to use a per-hashtable lock in this two
helpers.
The per-hashtable spinlock is used for protecting bucket's
hl
On 12/26/2015 10:31 AM, Ming Lei wrote:
From: Ming Lei
Both htab_map_update_elem() and htab_map_delete_elem() can be
called from eBPF program, and they may be in kernel hot path,
so it isn't efficient to use a per-hashtable lock in this two
helpers.
The per-hashtable spinlock is used just for
On 12/26/2015 10:31 AM, Ming Lei wrote:
The spinlock is just used for protecting the per-bucket
hlist, so it isn't needed for selecting bucket.
Signed-off-by: Ming Lei
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" i
On 12/26/2015 10:31 AM, Ming Lei wrote:
Preparing for removing global per-hashtable lock, so
the counter need to be defined as aotmic_t first.
Signed-off-by: Ming Lei
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the
701 - 800 of 1280 matches
Mail list logo
