* [PATCH] selftests/bpf: fix erroneous bitmask operation
@ 2023-11-30 12:03 Jeroen van Ingen Schenau
2023-12-01 15:20 ` patchwork-bot+netdevbpf
0 siblings, 1 reply; 2+ messages in thread
From: Jeroen van Ingen Schenau @ 2023-11-30 12:03 UTC (permalink / raw)
To: bpf; +Cc: maximmi, tariqt, ast, daniel, Jeroen van Ingen Schenau,
Minh Le Hoang
xdp_synproxy_kern.c is a BPF program that generates SYN cookies on
allowed TCP ports and sends SYNACKs to clients, accelerating synproxy
iptables module.
Fix the bitmask operation when checking the status of an existing
conntrack entry within tcp_lookup() function. Do not AND with the bit
position number, but with the bitmask value to check whether the entry
found has the IPS_CONFIRMED flag set.
Link: https://lore.kernel.org/xdp-newbies/CAAi1gX7owA+Tcxq-titC-h-KPM7Ri-6ZhTNMhrnPq5gmYYwKow@mail.gmail.com/T/#u
Signed-off-by: Jeroen van Ingen Schenau <jeroen.vaningenschenau@novoserve.com>
Tested-by: Minh Le Hoang <minh.lehoang@novoserve.com>
---
tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c b/tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c
index 80f620602d50..518329c666e9 100644
--- a/tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c
+++ b/tools/testing/selftests/bpf/progs/xdp_synproxy_kern.c
@@ -467,13 +467,13 @@ static __always_inline int tcp_lookup(void *ctx, struct header_pointers *hdr, bo
unsigned long status = ct->status;
bpf_ct_release(ct);
- if (status & IPS_CONFIRMED_BIT)
+ if (status & IPS_CONFIRMED)
return XDP_PASS;
} else if (ct_lookup_opts.error != -ENOENT) {
return XDP_ABORTED;
}
- /* error == -ENOENT || !(status & IPS_CONFIRMED_BIT) */
+ /* error == -ENOENT || !(status & IPS_CONFIRMED) */
return XDP_TX;
}
--
2.34.1
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH] selftests/bpf: fix erroneous bitmask operation
2023-11-30 12:03 [PATCH] selftests/bpf: fix erroneous bitmask operation Jeroen van Ingen Schenau
@ 2023-12-01 15:20 ` patchwork-bot+netdevbpf
0 siblings, 0 replies; 2+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-12-01 15:20 UTC (permalink / raw)
To: Jeroen van Ingen Schenau; +Cc: bpf, maximmi, tariqt, ast, daniel, minh.lehoang
Hello:
This patch was applied to bpf/bpf-next.git (master)
by Daniel Borkmann <daniel@iogearbox.net>:
On Thu, 30 Nov 2023 13:03:53 +0100 you wrote:
> xdp_synproxy_kern.c is a BPF program that generates SYN cookies on
> allowed TCP ports and sends SYNACKs to clients, accelerating synproxy
> iptables module.
>
> Fix the bitmask operation when checking the status of an existing
> conntrack entry within tcp_lookup() function. Do not AND with the bit
> position number, but with the bitmask value to check whether the entry
> found has the IPS_CONFIRMED flag set.
>
> [...]
Here is the summary with links:
- selftests/bpf: fix erroneous bitmask operation
https://git.kernel.org/bpf/bpf-next/c/b6a3451e0847
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-12-01 15:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-30 12:03 [PATCH] selftests/bpf: fix erroneous bitmask operation Jeroen van Ingen Schenau
2023-12-01 15:20 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox