On 09/09/2015 05:50 PM, Tycho Andersen wrote:
On Fri, Sep 04, 2015 at 02:08:37PM -0700, Kees Cook wrote:
On Fri, Sep 4, 2015 at 2:06 PM, Tycho Andersen
[...]
I was expecting to see a validator, similar to the existing BPF
validator that is called when creating seccomp filters currently. Can
we
On 09/03/2015 10:13 AM, Shaun Crampton wrote:
...
Is there anything I can do on a running system to help figure this out?
Some sort of kernel equivalent to pmap to find out what module or device
owns that chunk of memory?
Hmm, perhaps /proc/kallsyms could point to something. 0xa0087d81
On 09/02/2015 06:39 PM, Shaun Crampton wrote:
Make sure you backported commit
10e2eb878f3ca07ac2f05fa5ca5e6c4c9174a27a
("udp: fix dst races with multicast early demux")
I just tried the latest CoreOS alpha, which had that patch. Sadly, I saw
just as many reboots. Here's a sample of the differ
d-off-by: Daniel Borkmann
---
mm/slab.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/slab.h b/mm/slab.h
index 8da63e4..819f27e 100644
--- a/mm/slab.h
+++ b/mm/slab.h
@@ -321,7 +321,7 @@ static inline struct kmem_cache *cache_from_obj(struct
kmem_cache *s, vo
On 08/11/2015 08:53 AM, Kaixu Xia wrote:
There is a build error that "'struct bpf_array' has no member
named 'prog'" on s390. In commit 2a36f0b, the member 'prog' of
struct bpf_array is replaced by 'ptrs'. So this patch fixes it.
Signed-off-by: Kaixu Xia
You were also asked to add a proper Fi
On 08/07/2015 09:59 AM, Andrzej Hajda wrote:
The patch was generated using fixed coccinelle semantic patch
scripts/coccinelle/api/memdup.cocci [1].
[1]: http://permalink.gmane.org/gmane.linux.kernel/2014320
Signed-off-by: Andrzej Hajda
Acked-by: Daniel Borkmann
Not sure where the rest of
[ please cc netdev ]
On 08/05/2015 10:56 AM, Zang MingJie wrote:
Hi:
I found a bug when remove an ip address which is referenced by a routing entry.
step to reproduce:
ip li add type dummy
ip li set dummy0 up
ip ad add 10.0.0.1/24 dev dummy0
ip ad add 10.0.0.2/24 dev dummy0
ip ro add default
On 08/03/2015 06:38 PM, Nicolas Schichan wrote:
On 08/03/2015 05:29 PM, Daniel Borkmann wrote:
On 08/03/2015 04:02 PM, Nicolas Schichan wrote:
We now have 286 tests, which is awesome!
Perhaps, we need to start thinking of a better test description method
soonish as the test_bpf.ko module grew
On 08/03/2015 06:23 PM, Nicolas Schichan wrote:
...
Btw, for the range test in prepare_bpf_tests(), you could also reject
a negative lower bound index right there.
I thought it was better to have all the sanity checks grouped in
prepare_bpf_tests() (with the checking of the test_name and test_i
: Daniel Borkmann
---
lib/test_bpf.c | 73 ++
1 file changed, 73 insertions(+)
diff --git a/lib/test_bpf.c b/lib/test_bpf.c
index f5606fb..abd0507 100644
--- a/lib/test_bpf.c
+++ b/lib/test_bpf.c
@@ -4870,10 +4870,72 @@ static int run_one
ked-by: Daniel Borkmann
I'm good with this change here, just a comment below in general.
enum {
CLASSIC = BIT(6), /* Old BPF instructions only. */
@@ -81,6 +83,7 @@ struct bpf_test {
__u32 result;
} test[MAX_SUBTESTS];
int (*fill_helper)(stru
: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Starovoitov
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
On 08/03/2015 04:02 PM, Nicolas Schichan wrote:
These new tests exercise various load sizes and offsets crossing the
head/fragment boundary.
Signed-off-by: Nicolas Schichan
Acked-by: Alexei Starovoitov
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubs
On 08/03/2015 04:02 PM, Nicolas Schichan wrote:
Signed-off-by: Nicolas Schichan
Acked-by: Alexei Starovoitov
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordo
On 07/28/2015 01:17 PM, Kaixu Xia wrote:
Previous patch v3 url:
https://lkml.org/lkml/2015/7/23/203
...
Kaixu Xia (3):
bpf: Add new bpf map type to store the pointer to struct perf_event
bpf: Implement function bpf_perf_event_read() that get the selected
hardware PMU conuter
sampl
On 07/28/2015 01:17 PM, Kaixu Xia wrote:
This is a simple example and shows how to use the new ability
to get the selected Hardware PMU counter value.
Signed-off-by: Kaixu Xia
...
diff --git a/samples/bpf/tracex6_user.c b/samples/bpf/tracex6_user.c
new file mode 100644
index 000..e607eac
On 07/28/2015 01:17 PM, Kaixu Xia wrote:
According to the perf_event_map_fd and index, the function
bpf_perf_event_read() can convert the corresponding map
value to the pointer to struct perf_event and return the
Hardware PMU counter value.
Signed-off-by: Kaixu Xia
---
include/linux/bpf.h
On 07/28/2015 01:17 PM, Kaixu Xia wrote:
Introduce a new bpf map type 'BPF_MAP_TYPE_PERF_EVENT_ARRAY'.
This map only stores the pointer to struct perf_event. The
user space event FDs from perf_event_open() syscall are converted
to the pointer to struct perf_event and stored in map.
Signed-off-by
On 07/28/2015 01:17 PM, Kaixu Xia wrote:
From: Wang Nan
According to the comments from Daniel, rewrite part of
the bpf_prog_array map code and make it more generic.
So the new perf_event_array map type can reuse most of
code with bpf_prog_array map and add fewer lines of
special code.
Tested t
;hard_header_len are both unsigned.
That may lead to just returning an incorrect EMSGSIZE errno
to the user.
Signed-off-by: Alexander Drozdov
Looks good to me, thanks!
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
t
2015 -0700
tracing, perf: Implement BPF programs attached to kprobes
* The page lacks documentation of the BPF_PROG_TYPE_SCHED_CLS
program type.
commit 96be4325f443dbbfeb37d2a157675ac0736531a1
Author: Daniel Borkmann
Date: Sun Mar 1 12:31:46 2015 +0100
On 07/22/2015 10:09 AM, Kaixu Xia wrote:
Previous patch v1 url:
https://lkml.org/lkml/2015/7/17/287
[ Sorry to chime in late, just noticed this series now as I wasn't in Cc for
the core BPF changes. More below ... ]
This patchset allows user read PMU events in the following way:
1. Open t
On 07/23/2015 03:36 PM, Michael Kerrisk (man-pages) wrote:
...
Ok, I guess we could revisit/clarify that at a later point in time. I'd add
a TODO comment to the source or the like, as this also is related to the 2nd
below use case (aggregation/accounting), where an array is typically used.
Okay
On 07/23/2015 01:23 PM, Michael Kerrisk (man-pages) wrote:
...
Btw, a user obviously can close() the map fds if he
wants to, but ultimatively they're freed when the program unloads.
Okay. (Not sure if you meant that something should be added to the page.)
I think not necessary.
[...]
Hi Michael,
looks good already, a couple of comments inline, on top of Alexei's feedback:
On 07/22/2015 10:10 PM, Michael Kerrisk (man-pages) wrote:
...
NAME
bpf - perform a command on an extended eBPF map or program
'extended eBPF' should perhaps just say 'eBPF' or 'extended BPF' (th
On 07/22/2015 04:49 PM, Michael Kerrisk (man-pages) wrote:
Hi Daniel,
Sorry for the long delay in following up
No worries, eBPF is quite some material. ;)
On 05/27/2015 11:26 AM, Daniel Borkmann wrote:
On 05/27/2015 10:43 AM, Michael Kerrisk (man-pages) wrote:
Hello Alexei,
I took
On 07/22/2015 02:03 PM, Konstantin Khlebnikov wrote:
On 22.07.2015 14:56, Daniel Borkmann wrote:
On 07/22/2015 11:23 AM, Konstantin Khlebnikov wrote:
In dev_queue_xmit() net_cls protected with rcu-bh.
...
Signed-off-by: Konstantin Khlebnikov
---
net/core/netclassid_cgroup.c |3 ++-
1
On 07/22/2015 11:23 AM, Konstantin Khlebnikov wrote:
In dev_queue_xmit() net_cls protected with rcu-bh.
...
Signed-off-by: Konstantin Khlebnikov
---
net/core/netclassid_cgroup.c |3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/core/netclassid_cgroup.c b/net/core/
Hi Michael,
is there any update on the bpf(2) man-page since last time, wrt
having an initial version in your tree?
Thanks again,
Daniel
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http:/
On 07/16/2015 02:15 PM, Denys Vlasenko wrote:
On 07/16/2015 12:41 PM, Thomas Graf wrote:
On 07/16/15 at 12:02pm, Denys Vlasenko wrote:
+/* jhash - hash an arbitrary key
+ * @k: sequence of bytes as key
+ * @length: the length of the key
+ * @initval: the previous hash, or an arbitray value
+ *
On 07/14/2015 07:21 AM, Fengguang Wu wrote:
Sorry please ignore -- this no longer happen in linux-next, so should be fine.
Seen this before, this fixed it back then:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/lib/test_rhashtable.c?id=b7f5e5c7f8cedf6b69c9702d448cdf78
r extending the test suite!
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
mples written by
Alexei Starovoitov .
Signed-off-by: Daniel Wagner
I think it would be useful to perhaps have two options:
1) User specifies a specific CPU and gets one such an output above.
2) Summary view, i.e. to have the samples of each CPU for comparison
next to each other in columns and
On 06/16/2015 07:10 PM, Alexei Starovoitov wrote:
...
Ideally we would allow a blend of tracing and networking programs,
then the best solution would be one or two stable tracepoints in
networking stack where skb is visible and receiving/transmitting task
is also visible, then skb->len and task->
On 06/16/2015 07:54 PM, Kees Cook wrote:
This imports the existing seccomp test suite into the kernel's selftests
tree. It contains extensive testing of seccomp features and corner cases.
There remain additional tests to move into the kernel tree, but they have
not yet been ported to all the arch
On 06/16/2015 05:28 AM, Alexei Starovoitov wrote:
On 6/15/15 4:01 PM, David Miller wrote:
Although I agree with the sentiment that this thing can cause
surprising results and can be asking for trouble.
If someone wants to filter traffic "by UID" they might make
a simple ingress TC ebpf program
On 06/13/2015 04:39 AM, Alexei Starovoitov wrote:
It's useful to do per-cpu histograms.
Suggested-by: Daniel Wagner
Signed-off-by: Alexei Starovoitov
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a me
On 05/27/2015 10:43 AM, Michael Kerrisk (man-pages) wrote:
Hello Alexei,
I took the draft 3 of the bpf(2) man page that you sent back in March
and did some substantial editing to clarify the language and add a
few technical details. Could you please check the revised version
below, to ensure I
ind before jumping into the next program.
...
Signed-off-by: Alexei Starovoitov
LGTM, thanks!
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http
have an ecc at hand (unsure if that's still used in the
field?) and only found this by accident during code review, a revert
of that cleanup would be simplest option.
Fixes: 73679e508201 ("compiler-intel.h: Remove duplicate definition")
Signed-off-by: Daniel Borkmann
Reviewed-by: Pran
lexei Starovoitov
Cc: Will Deacon
Signed-off-by: Xi Wang
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please
egating to the kernel BPF
interpreter in that case is a more straight forward, minimal fix and
easy to backport.
Signed-off-by: Nicolas Schichan
Fix looks good to me.
Fixes: ddecdfcea0ae ("ARM: 7259/3: net: JIT compiler for packet filters")
Acked-by: Daniel Borkmann
--
To unsubscribe
tprint and consequently also don't have a sk_classid member;
probing for sk_classid member there could potentially lead to a
crash.
Fixes: a00e76349f35 ("netfilter: x_tables: allow to use cgroup match for LOCAL_IN nf
hooks")
Cc: Alexey Perevalov
Signed-off-by: Daniel Borkmann
Signed-
On 04/30/2015 02:35 PM, Nicolas Schichan wrote:
On 04/29/2015 06:37 PM, Daniel Borkmann wrote:
On 04/29/2015 03:37 PM, Nicolas Schichan wrote:
...
The fourth and final patch fixes a bug in the emit_udiv() function
when used to convert a BPF_ALU | BPF_DIV | BPF_K instruction in the
ARM BPF JIT
On 04/30/2015 02:27 PM, Nicolas Schichan wrote:
...
I'll take more care about the receiver list for the v2 of this serie.
Ok, cool.
I see, you need that to make it available to the old bpf_jit_compile()
for probing on classic JITs. Actually, I really would prefer, if instead
of duplicating th
an ecc at hand, so a revert of that cleanup would be
the safest option, imho, as it has been like this since pre git
times.
Fixes: 73679e508201 ("compiler-intel.h: Remove duplicate definition")
Signed-off-by: Daniel Borkmann
Reviewed-by: Pranith Kumar
Cc: Pranith Kumar
Cc: H. Peter Anvi
On 04/29/2015 03:37 PM, Nicolas Schichan wrote:
- Try to use the classic BPF JIT via bpf_jit_compile().
- Use bpf_migrate_filter() from NET filter code instead of the double
bpf_convert_filter() followed by bpf_prog_select_runtime() if
classic bpf_jit_compile() did not succeed in producing
On 04/29/2015 06:40 PM, Pranith Kumar wrote:
On Wed, Apr 29, 2015 at 10:59 AM, mancha security wrote:
The problem is that ICC defines __GNUC__ so barrier() gets defined
in compiler-gcc.h. Your commit removed an #undef from compiler-intel.h
so compiler.h will never define barrier to __memory_ba
On 04/29/2015 03:37 PM, Nicolas Schichan wrote:
...
The fourth and final patch fixes a bug in the emit_udiv() function
when used to convert a BPF_ALU | BPF_DIV | BPF_K instruction in the
ARM BPF JIT code.
Shouldn't that fix go separately, so it can be included into 4.1
resp. -stable?
Would be
On 04/29/2015 04:51 PM, Pranith Kumar wrote:
...
message says in 73679e508201(your commit message has the wrong hash).
Sorry for that, the Fixes tag actually got it right.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kerne
hand, so a revert
of that cleanup would be the safest option, imho, as it has been
like this since pre-git times.
Fixes: 73679e508201 ("compiler-intel.h: Remove duplicate definition")
Signed-off-by: Daniel Borkmann
Cc: Pranith Kumar
Cc: H. Peter Anvin
Cc: Ingo Molnar
Cc: mancha securit
On 04/27/2015 10:41 PM, Stephan Mueller wrote:
...
It seems you have the code already in mind, so please if you could write it
:-)
Ok, sure. I'll cook something by tomorrow morning.
Cheers,
Daniel
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a messa
On 04/27/2015 09:10 PM, Stephan Mueller wrote:
...
I posted the issue on the clang mailing list on April 10 -- no word so far. I
would interpret this as a sign that it is a no-issue for them.
Hm. ;)
Here's a bug report on the topic, gcc vs llvm:
https://llvm.org/bugs/show_bug.cgi?id=15495
On 04/16/2015 10:56 AM, George Dunlap wrote:
On 04/15/2015 07:19 PM, Eric Dumazet wrote:
On Wed, 2015-04-15 at 19:04 +0100, George Dunlap wrote:
Maybe you should stop wasting all of our time and just tell us what
you're thinking.
I think you make me wasting my time.
I already gave all the h
On 04/07/2015 06:18 PM, Alexei Starovoitov wrote:
On 4/7/15 4:13 AM, Daniel Borkmann wrote:
[ Cc'ing Dave, fyi ]
On 04/07/2015 11:05 AM, Stephen Rothwell wrote:
On Tue, 07 Apr 2015 10:56:13 +0200 Daniel Borkmann
wrote:
On 04/07/2015 10:48 AM, Ingo Molnar wrote:
* Stephen Rothwell
[ Cc'ing Dave, fyi ]
On 04/07/2015 11:05 AM, Stephen Rothwell wrote:
On Tue, 07 Apr 2015 10:56:13 +0200 Daniel Borkmann wrote:
On 04/07/2015 10:48 AM, Ingo Molnar wrote:
* Stephen Rothwell wrote:
After merging the tip tree, today's linux-next build (powerpc
ppc64_defconfig) f
On 04/07/2015 10:48 AM, Ingo Molnar wrote:
* Stephen Rothwell wrote:
Hi all,
After merging the tip tree, today's linux-next build (powerpc
ppc64_defconfig) failed like this:
kernel/events/core.c: In function 'perf_event_set_bpf_prog':
kernel/events/core.c:6732:15: error: 'struct bpf_prog_au
On 04/07/2015 09:11 AM, Stephen Rothwell wrote:
...
Today's linux-next merge of the tip tree got a conflict in
include/uapi/linux/bpf.h between commit 96be4325f443 ("ebpf: add
sched_cls_type and map it to sk_filter's verifier ops"), 03e69b508b6f
("ebpf: add prandom helper for packet sampling"), c
On 04/07/2015 09:00 AM, Stephen Rothwell wrote:
...
Today's linux-next merge of the tip tree got a conflict in
include/linux/bpf.h between commit 0fc174dea545 ("ebpf: make internal
bpf API independent of CONFIG_BPF_SYSCALL ifdefs") from the net-next
tree and commit 4e537f7fbdce ("bpf: Make intern
Commit-ID: 4e537f7fbdce5e8ae7c33ebaa8a1956c7727d5a7
Gitweb: http://git.kernel.org/tip/4e537f7fbdce5e8ae7c33ebaa8a1956c7727d5a7
Author: Daniel Borkmann
AuthorDate: Wed, 25 Mar 2015 12:49:18 -0700
Committer: Ingo Molnar
CommitDate: Thu, 2 Apr 2015 13:25:49 +0200
bpf: Make internal bpf
On 03/28/2015 06:21 PM, Alexei Starovoitov wrote:
On 3/28/15 4:36 AM, He Kuang wrote:
Hi, Alexei
In our end-end IO module project, we use bpf maps to record
configurations. According to current bpf syscall interface, we
should specify map_fd to lookup/update bpf maps, so we are
restricted to do
On 03/18/2015 06:14 PM, mancha wrote:
...
Patch 0001 fixes the dead store issue in memzero_explicit().
Thanks! I have issued the fix for the memzero bug to Herbert in
your authorship as discussed, also giving some more context.
For the 2nd issue, lets wait for Cesar.
Thanks again!
--
To unsub
, Stephan Mueller wrote:
Am Mittwoch, 18. März 2015, 11:56:43 schrieb Daniel Borkmann:
On 03/18/2015 11:50 AM, Hannes Frederic Sowa wrote:
On Wed, Mar 18, 2015, at 10:53, mancha wrote:
Hi.
The kernel RNG introduced memzero_explicit in d4c5efdb9777 to
protect
memory cleansing against things like
On 03/18/2015 11:50 AM, Hannes Frederic Sowa wrote:
On Wed, Mar 18, 2015, at 10:53, mancha wrote:
Hi.
The kernel RNG introduced memzero_explicit in d4c5efdb9777 to protect
memory cleansing against things like dead store optimization:
void memzero_explicit(void *s, size_t count)
{
[ Cc'ing Cesar ]
On 03/18/2015 10:53 AM, mancha wrote:
Hi.
The kernel RNG introduced memzero_explicit in d4c5efdb9777 to protect
memory cleansing against things like dead store optimization:
void memzero_explicit(void *s, size_t count)
{
memset(s, 0, count);
OPT
On 03/14/2015 04:55 PM, Alexei Starovoitov wrote:
...
so from there I saw two options: either copy paste all
build_bug_on and have the same *insn=... and build_bug_on in
two places or consolidate them in single helper function.
Obviously single helper function is a preferred method.
I'm not sure
On 03/14/2015 05:59 AM, Alexei Starovoitov wrote:
On 3/13/15 7:27 PM, Alexei Starovoitov wrote:
On 3/13/15 7:16 PM, Daniel Borkmann wrote:
On 03/14/2015 03:08 AM, Alexei Starovoitov wrote:
On 3/13/15 7:06 PM, Daniel Borkmann wrote:
On 03/14/2015 02:46 AM, Daniel Borkmann wrote
On 03/14/2015 03:08 AM, Alexei Starovoitov wrote:
On 3/13/15 7:06 PM, Daniel Borkmann wrote:
On 03/14/2015 02:46 AM, Daniel Borkmann wrote:
...
Previously, it was much more consistent, which I like better. And only
because of the simple BUILD_BUG_ON()? :/
Alternative is to move all of them
On 03/14/2015 02:46 AM, Daniel Borkmann wrote:
...
Previously, it was much more consistent, which I like better. And only
because of the simple BUILD_BUG_ON()? :/
Alternative is to move all of them into a central place, something like
in twsk_build_assert() or __mld2_query_bugs[].
--
To
On 03/13/2015 07:57 PM, Alexei Starovoitov wrote:
introduce user accessible mirror of in-kernel 'struct sk_buff':
struct __sk_buff {
__u32 len;
__u32 pkt_type;
__u32 mark;
__u32 queue_mapping;
};
bpf programs can do:
int bpf_prog(struct __sk_buff *skb)
{
__u32 var = skb
On 03/13/2015 05:22 PM, Alexei Starovoitov wrote:
On 3/13/15 2:57 AM, Daniel Borkmann wrote:
On 03/13/2015 03:21 AM, Alexei Starovoitov wrote:
introduce user accessible mirror of in-kernel 'struct sk_buff':
For each member, I'd also add BUILD_BUG_ON()s similarl
On 03/13/2015 03:21 AM, Alexei Starovoitov wrote:
...
Daniel,
patch 1 includes a bit of code that does prog_realloc and branch adjustment
to make room for new instructions. I think you'd need the same for your
'constant blinding' work. If indeed that would be the case, we'll make it
into a helper
On 03/13/2015 03:21 AM, Alexei Starovoitov wrote:
introduce user accessible mirror of in-kernel 'struct sk_buff':
struct __sk_buff {
__u32 len;
__u32 pkt_type;
__u32 mark;
__u32 ifindex;
__u32 queue_mapping;
};
bpf programs can do:
struct __sk_buff *ptr;
var = ptr->pkt_t
On 03/03/2015 06:29 PM, Michel Machado wrote:
...
We're fine with clearly marking Linux XIA as being under staging as well as
helping to define this review process for network stacks.
With regard to staging, the code there is usually horrible and I'm
not sure anyone really looks there, tha
On 03/02/2015 12:51 PM, Masami Hiramatsu wrote:
> (2015/03/02 20:10), Daniel Borkmann wrote:
>> On 03/02/2015 11:53 AM, Masami Hiramatsu wrote:
>> ...
>>> Hmm, it seems that this still doesn't hide some APIs which is provided
>>> only when CONFIG_BPF_SYSCALL.
On 03/02/2015 11:53 AM, Masami Hiramatsu wrote:
...
> Hmm, it seems that this still doesn't hide some APIs which is provided
> only when CONFIG_BPF_SYSCALL. For example bpf_register_map_type etc.
> I think all those APIs should be hidden in #ifdef or at least be commented
> so that the user doesn't
in mainline and it's unclear if they would ever get there.
Signed-off-by: Daniel Borkmann
Acked-by: Alexei Starovoitov
Acked-by: Laura Abbott
---
arch/arm64/mm/pageattr.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c
index bb0
Hi Will,
On 02/27/2015 09:05 PM, Daniel Borkmann wrote:
On 02/27/2015 08:54 PM, Will Deacon wrote:
...
Looks good to me. Can this be applied independently, or does it need to
remain part of your series?
Ideally, it should be seen as part of this series, but I have no problem
if this one goes
Commit-ID: 6bbb614ec478961c7443086bdf7fd6784479c14a
Gitweb: http://git.kernel.org/tip/6bbb614ec478961c7443086bdf7fd6784479c14a
Author: Daniel Borkmann
AuthorDate: Fri, 27 Feb 2015 15:55:40 +0100
Committer: Ingo Molnar
CommitDate: Sat, 28 Feb 2015 10:41:59 +0100
x86/mm: Unexport
On 02/27/2015 08:54 PM, Will Deacon wrote:
...
Looks good to me. Can this be applied independently, or does it need to
remain part of your series?
Ideally, it should be seen as part of this series, but I have no problem
if this one goes via arm64 tree, instead. What Dave and you prefer. ;)
Tha
o not want modules
to use these functions, as they i.e. protect eBPF (interpreted & JIT'ed)
images from malicious modifications or bugs.
Outside of eBPF scope, I believe also other set_memory_* functions should
be unexported on x86 for modules.
Signed-off-by: Daniel Borkmann
Cc: Bruce Allan
C
preted and
JIT'ed) images from malicious modifications or bugs.
Outside of eBPF scope, I believe also other set_memory_* functions should
be unexported on arm64 for modules.
Signed-off-by: Daniel Borkmann
Cc: Laura Abbott
Cc: Will Deacon
Cc: linux-kernel@vger.kernel.org
Acked-by: Ale
On 02/21/2015 09:55 PM, Sasha Levin wrote:
Commit "rhashtable: Introduce rhashtable_walk_*" forgot to initialize the
members of struct rhashtable_walker after allocating it, which caused
an undefined value for 'resize' which is used later on.
Signed-off-by: Sasha Levin
---
lib/rhashtable.c |
On 02/21/2015 04:36 PM, Shachar Raindel wrote:
...
This is most likely rhashtable related. The fixes for the
use-after-free issues have been merged Feb 6 so they are probably
not included in the Feb 04 snapshot that you use.
The relevant net-next commits are:
commit 020219a69d40a205dad12b0ea1e6a
On 02/17/2015 03:03 PM, Stathis Voukelatos wrote:
The framework registers each backend sniffer channel as a netdev,
which can be accessed from user space through a raw packet socket.
Packets received from user space are treated as a command string
configuration. Each match event from the backend
On 02/17/2015 12:05 AM, Mikko Rapeli wrote:
Fixes compilation error:
linux/sctp.h:652:2: error: unknown type name ‘uint32_t’
Signed-off-by: Mikko Rapeli
I have no idea where the rest of this series went (neither netdev, nor
lkml, nor linux-sctp) and what user space application making use of
On 01/28/2015 02:02 AM, Stephen Rothwell wrote:
...
I fixed it up (see below) and can carry the fix as necessary (no action
is required).
Looks good, thanks!
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More maj
Hi Stathis,
On 01/27/2015 12:15 PM, Stathis Voukelatos wrote:
On 26/01/15 10:10, Daniel Borkmann wrote:
Hello Daniel. Thank you for your feedback.
Packet sockets could also be used for the driver interface to
user space, however I think that both approaches would require the same
amount of
On 01/26/2015 02:17 PM, Sun Paul wrote:
When an ABORT is sent to side-A, side-A INIT a new connection again.
Even if the ABORT is not being sent, the peer (the one who would send
his ABORT) closes the TCB from his side silently then. Any messages that
would afterwards arrive on this dead connec
Hi Stathis,
On 01/26/2015 10:49 AM, Stathis Voukelatos wrote:
On 23/01/15 11:20, Daniel Borkmann wrote:
On 01/23/2015 11:07 AM, Stathis Voukelatos wrote:
This patch adds support the Ethernet Packet Sniffer H/W module
developed by Linn Products Ltd and found in the IMG Pistachio SoC.
The
On 01/23/2015 07:36 PM, Michael Tuexen wrote:
...
Yepp. It might not reach the peer or it might. If it does it helps
to keep the states in sync. If it doesn't it sometimes helps in
analysing tracefiles. In BSD, we also send it. It is not required,
doesn't harm and is useful in some cases...
Ok,
On 01/23/2015 05:05 PM, Vlad Yasevich wrote:
On 01/23/2015 06:50 AM, Daniel Borkmann wrote:
On 01/23/2015 11:25 AM, Sun Paul wrote:
...
I would like to check the behave in LKSCTP.
we are running DIAMETER message over SCTP, and we have set the
parameter "net.sctp.association_max_retran
Hi,
On 01/23/2015 11:25 AM, Sun Paul wrote:
...
I would like to check the behave in LKSCTP.
we are running DIAMETER message over SCTP, and we have set the
parameter "net.sctp.association_max_retrans = 4" in the LinuxOS.
We noticed that when remote peer have retry to send the same request
for 4
On 01/23/2015 11:07 AM, Stathis Voukelatos wrote:
This patch adds support the Ethernet Packet Sniffer H/W module
developed by Linn Products Ltd and found in the IMG Pistachio SoC.
The module allows Ethernet packets to be parsed, matched against
a user-defined pattern and timestamped. It sits betw
xei Starovoitov
Acked-by: Daniel Borkmann
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
000264230>] map_lookup_elem+0x188/0x260
[<00264716>] SyS_bpf+0x20e/0x840
Fix it by allocating temporary buffer to store map element value.
Fixes: db20fd2b0108 ("bpf: add lookup/update/delete/iterate methods to BPF
maps")
Reported-by: Michael Holzheu
Signed-off-by: Alexei S
abort as intended
if the creation of the layer 2 header fails.
Spotted by Coverity - CID 1259975 ("Operands don't affect result").
Fixes: 9c7077622dd9 ("packet: make packet_snd fail on len smaller than l2
header")
Signed-off-by: Christoph Jaeger
Thanks, Christoph!
A
I constantly get this warning triggered on bootup. Any ideas? ;)
Thanks a lot,
Daniel
[...]
[4.634728] [drm] Memory usable by graphics device = 2048M
[4.636017] checking generic (9000 42) vs hw (9000 1000)
[4.636020] fb: switching to inteldrmfb from EFI VGA
[4.637
On 01/07/2015 12:53 PM, Michael Kerrisk (man-pages) wrote:
...
Still hoping to hear from Will Drewy regarding this FIXME in the
page source:
.\" FIXME What is the significance of the line
.\" ftest->code = BPF_LDX | BPF_W | BPF_ABS;
.\" in kernel/seccomp.c::seccomp_check_filter()
901 - 1000 of 1280 matches
Mail list logo
