* pull-request: bpf 2023-11-21
@ 2023-11-21 19:31 Daniel Borkmann
2023-11-22 0:30 ` patchwork-bot+netdevbpf
0 siblings, 1 reply; 2+ messages in thread
From: Daniel Borkmann @ 2023-11-21 19:31 UTC (permalink / raw)
To: davem; +Cc: kuba, pabeni, edumazet, daniel, ast, andrii, martin.lau, netdev,
bpf
Hi David, hi Jakub, hi Paolo, hi Eric,
The following pull-request contains BPF updates for your *net* tree.
We've added 19 non-merge commits during the last 4 day(s) which contain
a total of 18 files changed, 1043 insertions(+), 416 deletions(-).
The main changes are:
1) Fix BPF verifier to validate callbacks as if they are called an unknown
number of times in order to fix not detecting some unsafe programs,
from Eduard Zingerman.
2) Fix bpf_redirect_peer() handling which missed proper stats accounting
for veth and netkit and also generally fix missing stats for the latter,
from Peilin Ye, Daniel Borkmann et al.
Please consider pulling these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git tags/for-netdev
Thanks a lot!
Also thanks to reporters, reviewers and testers of commits in this pull-request:
Andrew Werner, Andrii Nakryiko, Nikolay Aleksandrov, Stanislav Fomichev,
Youlun Zhang
----------------------------------------------------------------
The following changes since commit 76df934c6d5f5c93ba7a0112b1818620ddc10b19:
MAINTAINERS: Add netdev subsystem profile link (2023-11-17 03:44:21 +0000)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git tags/for-netdev
for you to fetch changes up to acb12c859ac7c36d6d7632280fd1e263188cb07f:
Merge branch 'verify-callbacks-as-if-they-are-called-unknown-number-of-times' (2023-11-20 18:36:41 -0800)
----------------------------------------------------------------
bpf-for-netdev
----------------------------------------------------------------
Alexei Starovoitov (1):
Merge branch 'verify-callbacks-as-if-they-are-called-unknown-number-of-times'
Daniel Borkmann (6):
net, vrf: Move dstats structure to core
net: Move {l,t,d}stats allocation to core and convert veth & vrf
netkit: Add tstats per-CPU traffic counters
bpf, netkit: Add indirect call wrapper for fetching peer dev
selftests/bpf: De-veth-ize the tc_redirect test case
selftests/bpf: Add netkit to tc_redirect selftest
Eduard Zingerman (11):
selftests/bpf: track tcp payload offset as scalar in xdp_synproxy
selftests/bpf: track string payload offset as scalar in strobemeta
selftests/bpf: fix bpf_loop_bench for new callback verification scheme
bpf: extract __check_reg_arg() utility function
bpf: extract setup_func_entry() utility function
bpf: verify callbacks as if they are called unknown number of times
selftests/bpf: tests for iterating callbacks
bpf: widening for callback iterators
selftests/bpf: test widening for iterating callbacks
bpf: keep track of max number of bpf_loop callback iterations
selftests/bpf: check if max number of bpf_loop iterations is tracked
Martin KaFai Lau (1):
Merge branch 'bpf_redirect_peer fixes'
Peilin Ye (2):
veth: Use tstats per-CPU traffic counters
bpf: Fix dev's rx stats for bpf_redirect_peer traffic
drivers/net/netkit.c | 22 +-
drivers/net/veth.c | 44 +--
drivers/net/vrf.c | 38 +-
include/linux/bpf_verifier.h | 16 +
include/linux/netdevice.h | 30 +-
include/net/netkit.h | 6 +
kernel/bpf/verifier.c | 402 ++++++++++++++-------
net/core/dev.c | 57 ++-
net/core/filter.c | 19 +-
.../testing/selftests/bpf/prog_tests/tc_redirect.c | 317 +++++++++-------
tools/testing/selftests/bpf/prog_tests/verifier.c | 2 +
tools/testing/selftests/bpf/progs/bpf_loop_bench.c | 13 +-
tools/testing/selftests/bpf/progs/cb_refs.c | 1 +
.../testing/selftests/bpf/progs/exceptions_fail.c | 2 +
tools/testing/selftests/bpf/progs/strobemeta.h | 78 ++--
.../bpf/progs/verifier_iterating_callbacks.c | 242 +++++++++++++
.../bpf/progs/verifier_subprog_precision.c | 86 ++++-
.../selftests/bpf/progs/xdp_synproxy_kern.c | 84 +++--
18 files changed, 1043 insertions(+), 416 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: pull-request: bpf 2023-11-21
2023-11-21 19:31 pull-request: bpf 2023-11-21 Daniel Borkmann
@ 2023-11-22 0:30 ` patchwork-bot+netdevbpf
0 siblings, 0 replies; 2+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-11-22 0:30 UTC (permalink / raw)
To: Daniel Borkmann
Cc: davem, kuba, pabeni, edumazet, ast, andrii, martin.lau, netdev,
bpf
Hello:
This pull request was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@kernel.org>:
On Tue, 21 Nov 2023 20:31:13 +0100 you wrote:
> Hi David, hi Jakub, hi Paolo, hi Eric,
>
> The following pull-request contains BPF updates for your *net* tree.
>
> We've added 19 non-merge commits during the last 4 day(s) which contain
> a total of 18 files changed, 1043 insertions(+), 416 deletions(-).
>
> [...]
Here is the summary with links:
- pull-request: bpf 2023-11-21
https://git.kernel.org/netdev/net/c/b2d66643dcf2
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-11-22 0:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-21 19:31 pull-request: bpf 2023-11-21 Daniel Borkmann
2023-11-22 0:30 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).