subject:"\[PATCH net\-next\] bpf\: add additional verifier tests for BPF_PROG_TYPE_LWT_\*"

Re: [PATCH net-next] bpf: add additional verifier tests for BPF_PROG_TYPE_LWT_*

2016-12-06 Thread David Miller

From: Thomas Graf Date: Mon, 5 Dec 2016 10:30:52 +0100 > - direct packet read is allowed for LWT_* > - direct packet write for LWT_IN/LWT_OUT is prohibited > - direct packet write for LWT_XMIT is allowed > - access to skb->tc_classid is prohibited for LWT_* > >

Re: [PATCH net-next] bpf: add additional verifier tests for BPF_PROG_TYPE_LWT_*

2016-12-05 Thread Alexei Starovoitov

On Mon, Dec 05, 2016 at 10:30:52AM +0100, Thomas Graf wrote: > - direct packet read is allowed for LWT_* > - direct packet write for LWT_IN/LWT_OUT is prohibited > - direct packet write for LWT_XMIT is allowed > - access to skb->tc_classid is prohibited for LWT_* > > Signed-off-by: Thomas

[PATCH net-next] bpf: add additional verifier tests for BPF_PROG_TYPE_LWT_*

2016-12-05 Thread Thomas Graf

- direct packet read is allowed for LWT_* - direct packet write for LWT_IN/LWT_OUT is prohibited - direct packet write for LWT_XMIT is allowed - access to skb->tc_classid is prohibited for LWT_* Signed-off-by: Thomas Graf Acked-by: Daniel Borkmann ---