Re: [PATCH v2 net-next 1/2] bpf: allow extended BPF programs access skb fields

On 03/14/2015 02:46 AM, Daniel Borkmann wrote: ... Previously, it was much more consistent, which I like better. And only because of the simple BUILD_BUG_ON()? :/ Alternative is to move all of them into a central place, something like in twsk_build_assert() or __mld2_query_bugs

Re: [PATCH v2 net-next 1/2] bpf: allow extended BPF programs access skb fields

On 03/14/2015 03:08 AM, Alexei Starovoitov wrote: On 3/13/15 7:06 PM, Daniel Borkmann wrote: On 03/14/2015 02:46 AM, Daniel Borkmann wrote: ... Previously, it was much more consistent, which I like better. And only because of the simple BUILD_BUG_ON()? :/ Alternative is to move all of them

Re: [PATCH v2 net-next 1/2] bpf: allow extended BPF programs access skb fields

On 03/14/2015 05:59 AM, Alexei Starovoitov wrote: On 3/13/15 7:27 PM, Alexei Starovoitov wrote: On 3/13/15 7:16 PM, Daniel Borkmann wrote: On 03/14/2015 03:08 AM, Alexei Starovoitov wrote: On 3/13/15 7:06 PM, Daniel Borkmann wrote: On 03/14/2015 02:46 AM, Daniel Borkmann wrote

Re: [PATCH net-next 1/2] bpf: allow extended BPF programs access skb fields

On 03/13/2015 03:21 AM, Alexei Starovoitov wrote: introduce user accessible mirror of in-kernel 'struct sk_buff': struct __sk_buff { __u32 len; __u32 pkt_type; __u32 mark; __u32 ifindex; __u32 queue_mapping; }; bpf programs can do: struct __sk_buff *ptr; var =

Re: [PATCH net-next 0/2] bpf: allow extended BPF programs access skb fields

On 03/13/2015 03:21 AM, Alexei Starovoitov wrote: ... Daniel, patch 1 includes a bit of code that does prog_realloc and branch adjustment to make room for new instructions. I think you'd need the same for your 'constant blinding' work. If indeed that would be the case, we'll make it into a

Re: [PATCH net-next 1/2] bpf: allow extended BPF programs access skb fields

On 03/13/2015 05:22 PM, Alexei Starovoitov wrote: On 3/13/15 2:57 AM, Daniel Borkmann wrote: On 03/13/2015 03:21 AM, Alexei Starovoitov wrote: introduce user accessible mirror of in-kernel 'struct sk_buff': For each member, I'd also add BUILD_BUG_ON()s similarly as we have

Re: [RFC] bpf: Suggestion on bpf syscall interface

On 03/28/2015 06:21 PM, Alexei Starovoitov wrote: On 3/28/15 4:36 AM, He Kuang wrote: Hi, Alexei In our end-end IO module project, we use bpf maps to record configurations. According to current bpf syscall interface, we should specify map_fd to lookup/update bpf maps, so we are restricted to

Re: [PATCH v5 tip 1/7] bpf: make internal bpf API independent of CONFIG_BPF_SYSCALL ifdefs

On 03/02/2015 12:51 PM, Masami Hiramatsu wrote: (2015/03/02 20:10), Daniel Borkmann wrote: On 03/02/2015 11:53 AM, Masami Hiramatsu wrote: ... Hmm, it seems that this still doesn't hide some APIs which is provided only when CONFIG_BPF_SYSCALL. For example bpf_register_map_type etc. I think

Re: [PATCH v5 tip 1/7] bpf: make internal bpf API independent of CONFIG_BPF_SYSCALL ifdefs

On 03/02/2015 11:53 AM, Masami Hiramatsu wrote: ... Hmm, it seems that this still doesn't hide some APIs which is provided only when CONFIG_BPF_SYSCALL. For example bpf_register_map_type etc. I think all those APIs should be hidden in #ifdef or at least be commented so that the user doesn't

[PATCH net-next 08/10] x86: unexport set_memory_ro and set_memory_rw

to use these functions, as they i.e. protect eBPF (interpreted JIT'ed) images from malicious modifications or bugs. Outside of eBPF scope, I believe also other set_memory_* functions should be unexported on x86 for modules. Signed-off-by: Daniel Borkmann dan...@iogearbox.net Cc: Bruce Allan

[PATCH net-next 09/10] arm64: unexport set_memory_ro and set_memory_rw

and JIT'ed) images from malicious modifications or bugs. Outside of eBPF scope, I believe also other set_memory_* functions should be unexported on arm64 for modules. Signed-off-by: Daniel Borkmann dan...@iogearbox.net Cc: Laura Abbott lau...@codeaurora.org Cc: Will Deacon will.dea...@arm.com Cc: linux

Re: [PATCH net-next 09/10] arm64: unexport set_memory_ro and set_memory_rw

On 02/27/2015 08:54 PM, Will Deacon wrote: ... Looks good to me. Can this be applied independently, or does it need to remain part of your series? Ideally, it should be seen as part of this series, but I have no problem if this one goes via arm64 tree, instead. What Dave and you prefer. ;)

Re: Linux XIA - merge proposal

On 03/03/2015 06:29 PM, Michel Machado wrote: ... We're fine with clearly marking Linux XIA as being under staging as well as helping to define this review process for network stacks. With regard to staging, the code there is usually horrible and I'm not sure anyone really looks there,

Re: [PATCH net-next 09/10] arm64: unexport set_memory_ro and set_memory_rw

Hi Will, On 02/27/2015 09:05 PM, Daniel Borkmann wrote: On 02/27/2015 08:54 PM, Will Deacon wrote: ... Looks good to me. Can this be applied independently, or does it need to remain part of your series? Ideally, it should be seen as part of this series, but I have no problem if this one goes

[PATCH] arm64: mm: unexport set_memory_ro and set_memory_rw

and it's unclear if they would ever get there. Signed-off-by: Daniel Borkmann dan...@iogearbox.net Acked-by: Alexei Starovoitov a...@plumgrid.com Acked-by: Laura Abbott lau...@codeaurora.org --- arch/arm64/mm/pageattr.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/arm64/mm/pageattr.c b

Re: [PATCH] rhashtable: initialize all rhashtable walker members

On 02/21/2015 09:55 PM, Sasha Levin wrote: Commit rhashtable: Introduce rhashtable_walk_* forgot to initialize the members of struct rhashtable_walker after allocating it, which caused an undefined value for 'resize' which is used later on. Signed-off-by: Sasha Levin sasha.le...@oracle.com ---

Re: Use-after-free oops in next-20150204 - probably nelink related

On 02/21/2015 04:36 PM, Shachar Raindel wrote: ... This is most likely rhashtable related. The fixes for the use-after-free issues have been merged Feb 6 so they are probably not included in the Feb 04 snapshot that you use. The relevant net-next commits are: commit

Re: [PATCH 2/4] seccomp: rework seccomp_prepare_filter().

On 04/29/2015 03:37 PM, Nicolas Schichan wrote: - Try to use the classic BPF JIT via bpf_jit_compile(). - Use bpf_migrate_filter() from NET filter code instead of the double bpf_convert_filter() followed by bpf_prog_select_runtime() if classic bpf_jit_compile() did not succeed in

Re: [PATCH] compiler-intel: fix wrong compiler barrier() macro

On 04/29/2015 06:40 PM, Pranith Kumar wrote: On Wed, Apr 29, 2015 at 10:59 AM, mancha security manc...@zoho.com wrote: The problem is that ICC defines __GNUC__ so barrier() gets defined in compiler-gcc.h. Your commit removed an #undef from compiler-intel.h so compiler.h will never define

Re: [PATCH 0/4] Seccomp filter JIT support on ARM.

On 04/29/2015 03:37 PM, Nicolas Schichan wrote: ... The fourth and final patch fixes a bug in the emit_udiv() function when used to convert a BPF_ALU | BPF_DIV | BPF_K instruction in the ARM BPF JIT code. Shouldn't that fix go separately, so it can be included into 4.1 resp. -stable? Would be

[PATCH v2] compiler-intel: fix wrong compiler barrier() macro

a revert of that cleanup would be the safest option, imho, as it has been like this since pre git times. Fixes: 73679e508201 (compiler-intel.h: Remove duplicate definition) Signed-off-by: Daniel Borkmann dan...@iogearbox.net Reviewed-by: Pranith Kumar bobby.pr...@gmail.com Cc: Pranith Kumar bobby.pr

Re: [PATCH 0/4] Seccomp filter JIT support on ARM.

On 04/30/2015 02:35 PM, Nicolas Schichan wrote: On 04/29/2015 06:37 PM, Daniel Borkmann wrote: On 04/29/2015 03:37 PM, Nicolas Schichan wrote: ... The fourth and final patch fixes a bug in the emit_udiv() function when used to convert a BPF_ALU | BPF_DIV | BPF_K instruction in the ARM BPF JIT

Re: [PATCH 2/4] seccomp: rework seccomp_prepare_filter().

On 04/30/2015 02:27 PM, Nicolas Schichan wrote: ... I'll take more care about the receiver list for the v2 of this serie. Ok, cool. I see, you need that to make it available to the old bpf_jit_compile() for probing on classic JITs. Actually, I really would prefer, if instead of duplicating

Re: [BUG/PATCH] kernel RNG and its secrets

On 04/27/2015 10:41 PM, Stephan Mueller wrote: ... It seems you have the code already in mind, so please if you could write it :-) Ok, sure. I'll cook something by tomorrow morning. Cheers, Daniel -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a

Re: [BUG/PATCH] kernel RNG and its secrets

On 04/27/2015 09:10 PM, Stephan Mueller wrote: ... I posted the issue on the clang mailing list on April 10 -- no word so far. I would interpret this as a sign that it is a no-issue for them. Hm. ;) Here's a bug report on the topic, gcc vs llvm: https://llvm.org/bugs/show_bug.cgi?id=15495

Re: [PATCH 3.19 176/177] netfilter: x_tables: fix cgroup matching on non-full sks

Hi Greg, hi Pablo, On 05/03/2015 08:45 PM, Greg Kroah-Hartman wrote: On Sun, May 03, 2015 at 12:47:17AM +0300, Thomas Backlund wrote: Den 02.05.2015 22:03, Greg Kroah-Hartman skrev: 3.19-stable review patch. If anyone has any objections, please let me know. -- From: Daniel

[PATCH] compiler-intel: fix wrong compiler barrier() macro

of that cleanup would be the safest option, imho, as it has been like this since pre-git times. Fixes: 73679e508201 (compiler-intel.h: Remove duplicate definition) Signed-off-by: Daniel Borkmann dan...@iogearbox.net Cc: Pranith Kumar bobby.pr...@gmail.com Cc: H. Peter Anvin h...@linux.intel.com Cc: Ingo

Re: [PATCH] compiler-intel: fix wrong compiler barrier() macro

On 04/29/2015 04:51 PM, Pranith Kumar wrote: ... message says in 73679e508201(your commit message has the wrong hash). Sorry for that, the Fixes tag actually got it right. -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to

Re: [PATCH] ARM: net: delegate filter to kernel interpreter when imm_offset() return value can't fit into 12bits.

to the kernel BPF interpreter in that case is a more straight forward, minimal fix and easy to backport. Signed-off-by: Nicolas Schichan nschic...@freebox.fr Fix looks good to me. Fixes: ddecdfcea0ae (ARM: 7259/3: net: JIT compiler for packet filters) Acked-by: Daniel Borkmann dan...@iogearbox.net

Re: [PATCH net-next] test: bpf: extend load 64-bit immediate testcase

Starovoitov a...@plumgrid.com Cc: Will Deacon will.dea...@arm.com Signed-off-by: Xi Wang xi.w...@gmail.com Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info

Re: [Xen-devel] tcp: refine TSO autosizing causes performance regression on Xen

On 04/16/2015 10:56 AM, George Dunlap wrote: On 04/15/2015 07:19 PM, Eric Dumazet wrote: On Wed, 2015-04-15 at 19:04 +0100, George Dunlap wrote: Maybe you should stop wasting all of our time and just tell us what you're thinking. I think you make me wasting my time. I already gave all the

Re: linux-next: manual merge of the tip tree with the net-next tree

On 04/07/2015 09:11 AM, Stephen Rothwell wrote: ... Today's linux-next merge of the tip tree got a conflict in include/uapi/linux/bpf.h between commit 96be4325f443 (ebpf: add sched_cls_type and map it to sk_filter's verifier ops), 03e69b508b6f (ebpf: add prandom helper for packet sampling),

Re: linux-next: manual merge of the tip tree with the net-next tree

On 04/07/2015 09:00 AM, Stephen Rothwell wrote: ... Today's linux-next merge of the tip tree got a conflict in include/linux/bpf.h between commit 0fc174dea545 (ebpf: make internal bpf API independent of CONFIG_BPF_SYSCALL ifdefs) from the net-next tree and commit 4e537f7fbdce (bpf: Make internal

Re: linux-next: build failure after merge of the tip tree

On 04/07/2015 10:48 AM, Ingo Molnar wrote: * Stephen Rothwell s...@canb.auug.org.au wrote: Hi all, After merging the tip tree, today's linux-next build (powerpc ppc64_defconfig) failed like this: kernel/events/core.c: In function 'perf_event_set_bpf_prog': kernel/events/core.c:6732:15:

Re: linux-next: build failure after merge of the tip tree

[ Cc'ing Dave, fyi ] On 04/07/2015 11:05 AM, Stephen Rothwell wrote: On Tue, 07 Apr 2015 10:56:13 +0200 Daniel Borkmann dan...@iogearbox.net wrote: On 04/07/2015 10:48 AM, Ingo Molnar wrote: * Stephen Rothwell s...@canb.auug.org.au wrote: After merging the tip tree, today's linux-next build

Re: linux-next: build failure after merge of the tip tree

On 04/07/2015 06:18 PM, Alexei Starovoitov wrote: On 4/7/15 4:13 AM, Daniel Borkmann wrote: [ Cc'ing Dave, fyi ] On 04/07/2015 11:05 AM, Stephen Rothwell wrote: On Tue, 07 Apr 2015 10:56:13 +0200 Daniel Borkmann dan...@iogearbox.net wrote: On 04/07/2015 10:48 AM, Ingo Molnar wrote

[PATCH akpm] compiler-intel: fix wrong compiler barrier() macro

if that's still used in the field?) and only found this by accident during code review, a revert of that cleanup would be simplest option. Fixes: 73679e508201 (compiler-intel.h: Remove duplicate definition) Signed-off-by: Daniel Borkmann dan...@iogearbox.net Reviewed-by: Pranith Kumar bobby.pr

Re: [PATCH v2] bpf: BPF based latency tracing

to each other in columns and maybe the histogram view a bit more compressed (perhaps summary of all CPUs). Anyway, it's sample code people can go with and modify individually. Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel

Re: [PATCH net-next] test_bpf: extend tests for 32-bit endianness conversion

Thanks for extending the test suite! Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ

Re: [PATCH] selftests: add seccomp suite

On 06/16/2015 07:54 PM, Kees Cook wrote: This imports the existing seccomp test suite into the kernel's selftests tree. It contains extensive testing of seccomp features and corner cases. There remain additional tests to move into the kernel tree, but they have not yet been ported to all the

Re: [PATCH v2 net-next 0/3] bpf: share helpers between tracing and networking

On 06/16/2015 07:10 PM, Alexei Starovoitov wrote: ... Ideally we would allow a blend of tracing and networking programs, then the best solution would be one or two stable tracepoints in networking stack where skb is visible and receiving/transmitting task is also visible, then skb-len and

Re: [PATCH v2 net-next 3/3] bpf: let kprobe programs use bpf_get_smp_processor_id() helper

On 06/13/2015 04:39 AM, Alexei Starovoitov wrote: It's useful to do per-cpu histograms. Suggested-by: Daniel Wagner daniel.wag...@bmw-carit.de Signed-off-by: Alexei Starovoitov a...@plumgrid.com Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line

Re: [PATCH v2 net-next 0/3] bpf: share helpers between tracing and networking

On 06/16/2015 05:28 AM, Alexei Starovoitov wrote: On 6/15/15 4:01 PM, David Miller wrote: Although I agree with the sentiment that this thing can cause surprising results and can be asking for trouble. If someone wants to filter traffic by UID they might make a simple ingress TC ebpf program

Re: Edited draft of bpf(2) man page for review/enhancement

On 05/27/2015 10:43 AM, Michael Kerrisk (man-pages) wrote: Hello Alexei, I took the draft 3 of the bpf(2) man page that you sent back in March and did some substantial editing to clarify the language and add a few technical details. Could you please check the revised version below, to ensure I

Re: [PATCH net-next 1/4] bpf: allow bpf programs to tail-call other bpf programs

into the next program. ... Signed-off-by: Alexei Starovoitov a...@plumgrid.com LGTM, thanks! Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http

Re: [PATCH 2/6] test_bpf: allow tests to specify an skb fragment.

Starovoitov a...@plumgrid.com Acked-by: Daniel Borkmann dan...@iogearbox.net I'm good with this change here, just a comment below in general. enum { CLASSIC = BIT(6), /* Old BPF instructions only. */ @@ -81,6 +83,7 @@ struct bpf_test { __u32 result; } test

Re: [PATCH 4/6] test_bpf: add module parameters to filter the tests to run.

useful for the test suite, thanks. Acked-by: Daniel Borkmann dan...@iogearbox.net --- lib/test_bpf.c | 73 ++ 1 file changed, 73 insertions(+) diff --git a/lib/test_bpf.c b/lib/test_bpf.c index f5606fb..abd0507 100644 --- a/lib/test_bpf.c

Re: [PATCH 1/6] test_bpf: avoid oopsing the kernel when generate_test_data() fails.

On 08/03/2015 04:02 PM, Nicolas Schichan wrote: Signed-off-by: Nicolas Schichan nschic...@freebox.fr Acked-by: Alexei Starovoitov a...@plumgrid.com Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message

Re: [PATCH v4 2/4] bpf: Add new bpf map type to store the pointer to struct perf_event

On 07/28/2015 01:17 PM, Kaixu Xia wrote: Introduce a new bpf map type 'BPF_MAP_TYPE_PERF_EVENT_ARRAY'. This map only stores the pointer to struct perf_event. The user space event FDs from perf_event_open() syscall are converted to the pointer to struct perf_event and stored in map.

Re: [PATCH v4 4/4] samples/bpf: example of get selected PMU counter value

On 07/28/2015 01:17 PM, Kaixu Xia wrote: This is a simple example and shows how to use the new ability to get the selected Hardware PMU counter value. Signed-off-by: Kaixu Xia xiaka...@huawei.com ... diff --git a/samples/bpf/tracex6_user.c b/samples/bpf/tracex6_user.c new file mode 100644

Re: [PATCH v4 1/4] bpf: Make the bpf_prog_array_map more generic

On 07/28/2015 01:17 PM, Kaixu Xia wrote: From: Wang Nan wangn...@huawei.com According to the comments from Daniel, rewrite part of the bpf_prog_array map code and make it more generic. So the new perf_event_array map type can reuse most of code with bpf_prog_array map and add fewer lines of

Re: [PATCH v4 3/4] bpf: Implement function bpf_perf_event_read() that get the selected hardware PMU conuter

On 07/28/2015 01:17 PM, Kaixu Xia wrote: According to the perf_event_map_fd and index, the function bpf_perf_event_read() can convert the corresponding map value to the pointer to struct perf_event and return the Hardware PMU counter value. Signed-off-by: Kaixu Xia xiaka...@huawei.com ---

Re: [PATCH] packet: tpacket_snd(): fix signed/unsigned comparison

unsigned. That may lead to just returning an incorrect EMSGSIZE errno to the user. Signed-off-by: Alexander Drozdov al.droz...@gmail.com Looks good to me, thanks! Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body

Re: [BUG] net/ipv4: inconsistent routing table

[ please cc netdev ] On 08/05/2015 10:56 AM, Zang MingJie wrote: Hi: I found a bug when remove an ip address which is referenced by a routing entry. step to reproduce: ip li add type dummy ip li set dummy0 up ip ad add 10.0.0.1/24 dev dummy0 ip ad add 10.0.0.2/24 dev dummy0 ip ro add default

Re: [PATCH 3/6] test_bpf: test LD_ABS and LD_IND instructions on fragmented skbs.

On 08/03/2015 04:02 PM, Nicolas Schichan wrote: These new tests exercise various load sizes and offsets crossing the head/fragment boundary. Signed-off-by: Nicolas Schichan nschic...@freebox.fr Acked-by: Alexei Starovoitov a...@plumgrid.com Acked-by: Daniel Borkmann dan...@iogearbox.net

Re: [PATCH 5/6] test_bpf: add more tests for LD_ABS and LD_IND.

Acked-by: Alexei Starovoitov a...@plumgrid.com Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please

Re: [PATCH 6/6] test_bpf: add tests checking that JIT/interpreter sets A and X to 0.

Starovoitov a...@plumgrid.com Acked-by: Daniel Borkmann dan...@iogearbox.net -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http

Re: [PATCH 4/6] test_bpf: add module parameters to filter the tests to run.

On 08/03/2015 06:23 PM, Nicolas Schichan wrote: ... Btw, for the range test in prepare_bpf_tests(), you could also reject a negative lower bound index right there. I thought it was better to have all the sanity checks grouped in prepare_bpf_tests() (with the checking of the test_name and

Re: [PATCH 2/6] test_bpf: allow tests to specify an skb fragment.

On 08/03/2015 06:38 PM, Nicolas Schichan wrote: On 08/03/2015 05:29 PM, Daniel Borkmann wrote: On 08/03/2015 04:02 PM, Nicolas Schichan wrote: We now have 286 tests, which is awesome! Perhaps, we need to start thinking of a better test description method soonish as the test_bpf.ko module grew

Re: [PATCH v4 0/4] bpf: Introduce the new ability of eBPF programs to access hardware PMU counter

On 07/28/2015 01:17 PM, Kaixu Xia wrote: Previous patch v3 url: https://lkml.org/lkml/2015/7/23/203 ... Kaixu Xia (3): bpf: Add new bpf map type to store the pointer to struct perf_event bpf: Implement function bpf_perf_event_read() that get the selected hardware PMU conuter

Re: [PATCH v2 net-next] bpf: s390: Fix build error caused by the struct bpf_array member name changed

On 08/11/2015 08:53 AM, Kaixu Xia wrote: There is a build error that 'struct bpf_array' has no member named 'prog' on s390. In commit 2a36f0b, the member 'prog' of struct bpf_array is replaced by 'ptrs'. So this patch fixes it. Signed-off-by: Kaixu Xia xiaka...@huawei.com You were also asked

Re: [PATCH 26/31] net/sched: use kmemdup rather than duplicating its implementation

On 08/07/2015 09:59 AM, Andrzej Hajda wrote: The patch was generated using fixed coccinelle semantic patch scripts/coccinelle/api/memdup.cocci [1]. [1]: http://permalink.gmane.org/gmane.linux.kernel/2014320 Signed-off-by: Andrzej Hajda a.ha...@samsung.com Acked-by: Daniel Borkmann dan

Re: Edited draft of bpf(2) man page for review/enhancement

On 07/22/2015 04:49 PM, Michael Kerrisk (man-pages) wrote: Hi Daniel, Sorry for the long delay in following up No worries, eBPF is quite some material. ;) On 05/27/2015 11:26 AM, Daniel Borkmann wrote: On 05/27/2015 10:43 AM, Michael Kerrisk (man-pages) wrote: Hello Alexei, I took

Re: [PATCH v2 0/5] bpf: Introduce the new ability of eBPF programs to access hardware PMU counter

On 07/22/2015 10:09 AM, Kaixu Xia wrote: Previous patch v1 url: https://lkml.org/lkml/2015/7/17/287 [ Sorry to chime in late, just noticed this series now as I wasn't in Cc for the core BPF changes. More below ... ] This patchset allows user read PMU events in the following way: 1. Open

Re: Draft 3 of bpf(2) man page for review

On 07/23/2015 01:23 PM, Michael Kerrisk (man-pages) wrote: ... Btw, a user obviously can close() the map fds if he wants to, but ultimatively they're freed when the program unloads. Okay. (Not sure if you meant that something should be added to the page.) I think not necessary. [...]

Re: Draft 3 of bpf(2) man page for review

On 07/23/2015 03:36 PM, Michael Kerrisk (man-pages) wrote: ... Ok, I guess we could revisit/clarify that at a later point in time. I'd add a TODO comment to the source or the like, as this also is related to the 2nd below use case (aggregation/accounting), where an array is typically used.

Re: Draft 3 of bpf(2) man page for review

Hi Michael, looks good already, a couple of comments inline, on top of Alexei's feedback: On 07/22/2015 10:10 PM, Michael Kerrisk (man-pages) wrote: ... NAME bpf - perform a command on an extended eBPF map or program 'extended eBPF' should perhaps just say 'eBPF' or 'extended BPF'

Re: [PATCH v2] cgroup: net_cls: fix false-positive suspicious RCU usage

On 07/22/2015 11:23 AM, Konstantin Khlebnikov wrote: In dev_queue_xmit() net_cls protected with rcu-bh. ... Signed-off-by: Konstantin Khlebnikov khlebni...@yandex-team.ru --- net/core/netclassid_cgroup.c |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git

Re: [PATCH v2] cgroup: net_cls: fix false-positive suspicious RCU usage

On 07/22/2015 02:03 PM, Konstantin Khlebnikov wrote: On 22.07.2015 14:56, Daniel Borkmann wrote: On 07/22/2015 11:23 AM, Konstantin Khlebnikov wrote: In dev_queue_xmit() net_cls protected with rcu-bh. ... Signed-off-by: Konstantin Khlebnikov khlebni...@yandex-team.ru --- net/core

Re: Further work on bpf(2)

25 12:49:20 2015 -0700 tracing, perf: Implement BPF programs attached to kprobes * The page lacks documentation of the BPF_PROG_TYPE_SCHED_CLS program type. commit 96be4325f443dbbfeb37d2a157675ac0736531a1 Author: Daniel Borkmann dan...@iogearbox.net Date: Sun Mar 1

Re: [rhashtable] WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:301 __debug_object_init()

On 07/14/2015 07:21 AM, Fengguang Wu wrote: Sorry please ignore -- this no longer happen in linux-next, so should be fine. Seen this before, this fixed it back then:

Re: [PATCH] jhash: Deinline jhash, jhash2 and __jhash_nwords

On 07/16/2015 02:15 PM, Denys Vlasenko wrote: On 07/16/2015 12:41 PM, Thomas Graf wrote: On 07/16/15 at 12:02pm, Denys Vlasenko wrote: +/* jhash - hash an arbitrary key + * @k: sequence of bytes as key + * @length: the length of the key + * @initval: the previous hash, or an arbitray value + *

Re: Edited draft of bpf(2) man page for review/enhancement

Hi Michael, is there any update on the bpf(2) man-page since last time, wrt having an initial version in your tree? Thanks again, Daniel -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at

Re: [PATCH net-next 3/4] bpf: add support for persistent maps/progs

nel/bpf/device.c @@ -0,0 +1,441 @@ +/* + * Special file backend for persistent eBPF maps and programs, used by + * bpf() system call. + * + * (C) 2015 Daniel Borkmann <dan...@iogearbox.net> + * + * This program is free software; you can redistribute it and/or modify + * it under the ter

Re: [PATCH net-next 3/4] bpf: add support for persistent maps/progs

On 10/22/2015 09:35 PM, Eric W. Biederman wrote: Daniel Borkmann <dan...@iogearbox.net> writes: On 10/20/2015 08:56 PM, Eric W. Biederman wrote: ... Just FYI: Using a device for this kind of interface is pretty much a non-starter as that quickly gets you into situations where thi

Re: [PATCH v8] seccomp, ptrace: add support for dumping seccomp filters

On 10/21/2015 10:12 PM, Kees Cook wrote: On Wed, Oct 21, 2015 at 12:15 PM, Tycho Andersen wrote: Hi Oleg, On Wed, Oct 21, 2015 at 08:51:46PM +0200, Oleg Nesterov wrote: On 10/20, Tycho Andersen wrote: Hi Kees, Oleg, On Tue, Oct 20, 2015 at 10:20:24PM +0200,

Re: [PATCH v8] seccomp, ptrace: add support for dumping seccomp filters

Hi Tycho, On 10/27/2015 01:04 AM, Tycho Andersen wrote: On Mon, Oct 26, 2015 at 04:07:01PM +0900, Kees Cook wrote: On Mon, Oct 26, 2015 at 3:46 PM, Kees Cook wrote: Cool, thanks. I'll get this into my tree after kernel summit. Thanks for suffering through all this

[PATCH net-next v2 1/5] bpf: abstract anon_inode_getfd invocations

-by: Daniel Borkmann <dan...@iogearbox.net> Acked-by: Alexei Starovoitov <a...@kernel.org> --- kernel/bpf/syscall.c | 17 ++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 687dd6c..2b89ef0 100644 ---

[PATCH net-next v2 3/5] bpf: consolidate bpf_prog_put{,_rcu} dismantle paths

t;bpf: Need to call bpf_prog_uncharge_memlock from bpf_prog_put") if we would have had only a single, common path. We can simplify it further by assigning aux->prog only once during allocation time. Signed-off-by: Daniel Borkmann <dan...@iogearbox.net> Acked-by: Alexei Starovoit

[PATCH net-next v2 0/5] BPF updates

This set adds support for persistent maps/progs. Please see individual patches for further details. A man-page update to bpf(2) will be sent later on, also a iproute2 patch for support in tc. Thanks! v1 -> v2: - Reworked most of patch 4 and 5 - Rebased to latest net-next Daniel Borkmann

[PATCH net-next v2 4/5] bpf: add support for persistent maps/progs

hanks also to Alexei and Hannes who significantly contributed in the design discussion that eventually let us end up with this architecture here. Reference: https://lkml.org/lkml/2015/10/15/925 Signed-off-by: Daniel Borkmann <dan...@iogearbox.net> Signed-off-by: Alexei Starovoitov <a...@kern

[PATCH net-next v2 5/5] bpf: add sample usages for persistent maps/progs

-F /sys/fs/bpf/p2 -P -p -o ./sockex1_kern.o bpf: prog fd:5 (Success) bpf: pin ret:(0,Success) bpf: sock:3 <- fd:5 attached ret:(0,Success) # ./fds_example -F /sys/fs/bpf/p2 -G -p bpf: get fd:3 (Success) bpf: sock:4 <- fd:3 attached ret:(0,Success) Signed-off-by: Daniel Borkmann &

[PATCH net-next v2 2/5] bpf: align and clean bpf_{map,prog}_get helpers

nts, and take a reference. Signed-off-by: Daniel Borkmann <dan...@iogearbox.net> Acked-by: Alexei Starovoitov <a...@kernel.org> --- include/linux/bpf.h | 2 +- kernel/bpf/syscall.c | 41 +++-- kernel/bpf/verifier.c | 3 +-- 3 files changed

Re: [PATCH net-next 3/4] bpf: add support for persistent maps/progs

On 10/22/2015 12:44 AM, Alexei Starovoitov wrote: ... all users) When you have to hack drivers/base/core.c to get there it should have been a warning sign that something is wrong with this cdev approach. Hmm, you know, this had nothing to do with it, merely to save ~20 LoC that I can do just

Re: [PATCH, REPORT] bpf_trace: build error without PERF_EVENTS

On 11/10/2015 06:14 PM, Alexei Starovoitov wrote: On Tue, Nov 10, 2015 at 09:25:01AM -0500, Steven Rostedt wrote: On Tue, 10 Nov 2015 14:31:38 +0100 Daniel Borkmann <dan...@iogearbox.net> wrote: On 11/10/2015 01:55 PM, Arnd Bergmann wrote: In my ARM randconfig tests, I'm getting a

Re: [PATCH 2/2] arm64: bpf: add BPF XADD instruction

On 11/11/2015 11:24 AM, Will Deacon wrote: On Wed, Nov 11, 2015 at 09:49:48AM +0100, Arnd Bergmann wrote: On Tuesday 10 November 2015 18:52:45 Z Lim wrote: On Tue, Nov 10, 2015 at 4:42 PM, Alexei Starovoitov wrote: On Tue, Nov 10, 2015 at 04:26:02PM -0800, Shi,

Re: [PATCH 2/2] arm64: bpf: add BPF XADD instruction

On 11/11/2015 01:58 PM, Peter Zijlstra wrote: On Wed, Nov 11, 2015 at 12:38:31PM +, Will Deacon wrote: Hmm, gcc doesn't have an eBPF compiler backend, so this won't work on gcc at all. The eBPF backend in LLVM recognizes the __sync_fetch_and_add() keyword and maps that to a BPF_XADD version

Re: [PATCH 2/2] arm64: bpf: add BPF XADD instruction

On 11/11/2015 12:58 PM, Will Deacon wrote: On Wed, Nov 11, 2015 at 11:42:11AM +0100, Daniel Borkmann wrote: On 11/11/2015 11:24 AM, Will Deacon wrote: On Wed, Nov 11, 2015 at 09:49:48AM +0100, Arnd Bergmann wrote: On Tuesday 10 November 2015 18:52:45 Z Lim wrote: On Tue, Nov 10, 2015 at 4:42

Re: [PATCH] tools/net: Use include/uapi with __EXPORTED_HEADERS__

canonical.com> Acked-by: Daniel Borkmann <dan...@iogearbox.net> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Re: [PATCH 2/2] arm64: bpf: add BPF XADD instruction

On 11/11/2015 07:31 PM, Peter Zijlstra wrote: On Wed, Nov 11, 2015 at 10:11:33AM -0800, Alexei Starovoitov wrote: On Wed, Nov 11, 2015 at 06:57:41PM +0100, Peter Zijlstra wrote: On Wed, Nov 11, 2015 at 12:35:48PM -0500, David Miller wrote: From: Alexei Starovoitov

Re: [PATCH 2/2] arm64: bpf: add BPF XADD instruction

On 11/11/2015 08:23 PM, Peter Zijlstra wrote: On Wed, Nov 11, 2015 at 07:50:15PM +0100, Daniel Borkmann wrote: Well, on that note, it's not like you just change the target to bpf in your Makefile and can compile (& load into the kernel) anything you want with it. You do have to write s

Re: [PATCH] net-scm: Delete an unnecessary check before the function call "kfree"

On 11/17/2015 05:43 PM, SF Markus Elfring wrote: From: Markus Elfring Date: Tue, 17 Nov 2015 17:37:22 +0100 The kfree() function tests whether its argument is NULL and then returns immediately. Thus the test around the call is not needed. This issue was detected

Re: net-scm: Delete an unnecessary check before the function call "kfree"

On 11/17/2015 07:05 PM, SF Markus Elfring wrote: Eric already mentioned that in some situations where it's critical, it actually slows down the code, i.e. you'll have an extra function call to get there and inside kfree() / kfree_skb() / etc, the test is actually marked as unlikely(). How do

Re: [PATCH, REPORT] bpf_trace: build error without PERF_EVENTS

On 11/10/2015 01:55 PM, Arnd Bergmann wrote: In my ARM randconfig tests, I'm getting a build error for newly added code in bpf_perf_event_read and bpf_perf_event_output whenever CONFIG_PERF_EVENTS is disabled: kernel/trace/bpf_trace.c: In function 'bpf_perf_event_read':

Re: [PATCH] bpf: fix trivial comment typo

On 11/02/2015 10:48 PM, Matthew Fernandez wrote: On 03/11/15 08:31, David Miller wrote: From: Matthew Fernandez Date: Mon, 2 Nov 2015 11:59:03 +1100 bpf: fix trivial comment typo Signed-off-by: Matthew Fernandez This doesn't apply

[PATCH v2] tracefs: fix refcount imbalance in start_creating

in debugfs due to 190afd81e4a5 ("debugfs: split the beginning and the end of __create_file() off"), which seemed to got carried over into tracefs, too. Noticed during code review. Fixes: 4282d60689d4 ("tracefs: Add new tracefs file system") Signed-off-by: Daniel Borkmann <dan.

Re: [PATCH] tracefs, debugfs: fix refcount imbalance in start_creating

On 11/02/2015 08:07 PM, Steven Rostedt wrote: On Fri, 9 Oct 2015 20:30:10 +0200 Daniel Borkmann <dan...@iogearbox.net> wrote: [...] Fixes: 4282d60689d4 ("tracefs: Add new tracefs file system") Fixes: 190afd81e4a5 ("debugfs: split the beginning and the end of __create

[PATCH v2] debugfs: fix refcount imbalance in start_creating

e end of __create_file() off"), this seemed missed. Noticed during code review. Fixes: 190afd81e4a5 ("debugfs: split the beginning and the end of __create_file() off") Signed-off-by: Daniel Borkmann <dan...@iogearbox.net> --- v1 -> v2: - Split original patch into two patches (trac

Re: [PATCH] bpf: add mod default A and X test cases

i <yang@linaro.org> LGTM! Acked-by: Daniel Borkmann <dan...@iogearbox.net> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Re: [PATCH] arm64: bpf: fix div-by-zero case

On 11/04/2015 07:41 PM, Shi, Yang wrote: ... Agreed, and we may need add one more test cases in test_bpf module to cover MOD? Let me know if you have a test case ready :) Does the below change look like a valid test? + "MOD default X", + .u.insns = { +

<    1   2   3   4   5   6   7   8   9   10   >