** Description changed: Ticket for the patch series that adds new BPF helpers to query conntrack and to generate SYN cookies for forwarded connections. * Explain the bug(s) This patch series aims to accelerate iptables synproxy module with XDP. The stage that generates and checks SYN cookies is stateless and can be implemented in XDP. * Brief explanation of fixes - This patch series adds new BPF helpers: + The series first cherry picked multiple upstream patches from xdp/bpf to support + the new BPF helpers. + + Then it adds new BPF helpers on top of those upstream patches. * bpf_ct_lookup_tcp to lookup CT status of a TCP connection. * bpf_tcp_raw_gen_syncookie to generate SYN cookies without a listening socket on the same host (to be used with iptables synproxy module). * bpf_tcp_raw_check_syncookie to check SYN cookies generated by the previos helper (to be used with iptables synproxy module). * bpf_tcp_raw_gen_tscookie to generate timestamp cookies, which encode additional information like SACK permission, ECN support, window scale. The format is compatible with iptables synproxy module. These new helpers allow to accelerate the iptables synproxy module. This series also includes some dependency patches backported from upstream. * How to test Use an XDP application that generates and checks SYN cookies, leveraging the new helpers. * What it could break. Nothing should be broken, only new functionality is added, and some - patches are backported from upstream. CONFIG_NF_CONNTRACK is changed - from m to y, which is also not expected to break existing functionality. + patches are backported from upstream.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1934499 Title: New BPF helpers to query conntrack and to generate/validate SYN cookies To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/1934499/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
