On Sat, Feb 24, 2018 at 01:07:57AM +0100, Daniel Borkmann wrote:
> Couple of minor improvements to the x64 JIT I had still around from
> pre merge window in order to shrink the image size further. Added
> test cases for kselftests too as well as running Cilium workloads on
> them w/o issues.
Somewhere back around 3.17 the kmem cache "tcp_bind_bucket" dropped out
of /proc/slabinfo. It turns out the ss command was dumpster diving
in slabinfo to determine the number of bound sockets and now it always
reports 0.
Not sure why, the cache is still created but it doesn't
show in slabinfo.
> From: Intel-wired-lan [mailto:intel-wired-lan-boun...@osuosl.org] On
> Behalf Of Benjamin Poirier
> Sent: Monday, February 19, 2018 10:12 PM
> To: Kirsher, Jeffrey T
> Cc: netdev@vger.kernel.org; intel-wired-...@lists.osuosl.org; linux-
> ker...@vger.kernel.org
>
Just FYI...
On February 23, 2018 5:20:35 PM PST, Vinicius Costa Gomes
wrote:
>This allows filters added by tc-flower and specifying MAC addresses,
>Ethernet types, and the VLAN priority field, to be offloaded to the
>controller.
>
>This reuses most of the infrastructure used by
On February 23, 2018 5:20:33 PM PST, Vinicius Costa Gomes
wrote:
>This adds the capability of configuring the queue steering of arriving
>packets based on their source and destination MAC addresses.
>
>In practical terms this adds support for the following use cases,
On February 23, 2018 5:20:36 PM PST, Vinicius Costa Gomes
wrote:
>This allows tc-flower filters that were offloaded to be removed.
This should be squashed into your previous patch, either the functionality is
there and you can add/remove or it is not.
--
Florian
This reverts commit 762c330d670e3d4b795cf7a8d761866fdd1eef49. The
reason is we try to batch packets for devmap which causes calling
xdp_do_flush() in the process context. Simply disabling preemption
may not work since process may move among processors which lead
xdp_do_flush() to miss some flushes
We don't flush batched XDP packets through xdp_do_flush_map(), this
will cause packets stall at TX queue. Consider we don't do XDP on NAPI
poll(), the only possible fix is to call xdp_do_flush_map()
immediately after xdp_do_redirect().
Note, this in fact won't try to batch packets through devmap,
Except for tuntap, all other drivers' XDP was implemented at NAPI
poll() routine in a bh. This guarantees all XDP operation were done at
the same CPU which is required by e.g BFP_MAP_TYPE_PERCPU_ARRAY. But
for tuntap, we do it in process context and we try to protect XDP
processing by RCU reader
On Sat, Feb 24, 2018 at 01:49:35AM +, Chris Mi wrote:
> To verify this patch, the following is a sanity test case:
>
> # tc qdisc delete dev $link ingress > /dev/null 2>&1;
> # tc qdisc add dev $link ingress;
> # tc filter add dev $link prio 1 protocol ip handle 0x8001 parent :
>
> Ok, but it seems to me that what I have is an example of "specific book
> keeping
> private information". Can you clarify the style you prefer?
>
> In cases of allocation where I can just compare a pointer to null, I can
> easily remove
> the flags. But in other cases I need a record of which
> -Original Message-
> From: Matthew Wilcox [mailto:wi...@infradead.org]
> Sent: Saturday, February 24, 2018 9:15 AM
> To: Cong Wang ; Khalid Aziz
> ; linux-ker...@vger.kernel.org;
> netdev@vger.kernel.org
> Cc: Chris Mi
Heiner Kallweit :
[...]
> Last but not least it enables a feature which was (I presume accidently)
> disabled before. There are members of the RTL8169 family supporting MSI
> (e.g. RTL8169SB), however MSI never got enabled because RTL_CFG_0 was
> missing flag
This will allow functionality depending on the hardware being traffic
class aware to work. In particular the tc-flower offloading checks
verifies that this bit is set.
Signed-off-by: Vinicius Costa Gomes
---
drivers/net/ethernet/intel/igb/igb_main.c | 6 --
1 file
On the RAH registers there are semantic differences on the meaning of
the "queue" parameter for traffic steering depending on the controller
model: there is the 82575 meaning, which "queue" means a RX Hardware
Queue, and the i350 meaning, where it is a reception pool.
The previous behaviour was
RDS applications use predominantly request-response, transacation
based IPC, so that ingress and egress traffic are well-balanced,
and it is possible/desirable to reduce system-call overhead by
piggybacking the notifications for zerocopy completion response
with data.
Moreover, it has been
This adds the capability of configuring the queue steering of arriving
packets based on their source and destination MAC addresses.
In practical terms this adds support for the following use cases,
characterized by these examples:
$ ethtool -N eth0 flow-type ether dst aa:aa:aa:aa:aa:aa action 0
This allows filters added by tc-flower and specifying MAC addresses,
Ethernet types, and the VLAN priority field, to be offloaded to the
controller.
This reuses most of the infrastructure used by ethtool, ethtool can be
used to read these filters, but modification and deletion can only be
done
This allows tc-flower filters that were offloaded to be removed.
Signed-off-by: Vinicius Costa Gomes
---
drivers/net/ethernet/intel/igb/igb_main.c | 32 ++-
1 file changed, 31 insertions(+), 1 deletion(-)
diff --git
Makes it possible to direct packets to queues based on their source
address. Documents the expected usage of the 'flags' parameter.
Signed-off-by: Vinicius Costa Gomes
---
drivers/net/ethernet/intel/igb/e1000_defines.h | 1 +
drivers/net/ethernet/intel/igb/igb.h
Hi,
This series enables some ethtool and tc-flower filters to be offloaded
to igb-based network controllers. This is useful when the system
configurator want to steer kinds of traffic to a specific hardware
queue.
The first two commits are bug fixes.
The basis of this series is to export the
This adds basic functions needed to implement offloading for filters
created by tc-flower.
Signed-off-by: Vinicius Costa Gomes
---
drivers/net/ethernet/intel/igb/igb_main.c | 66 +++
1 file changed, 66 insertions(+)
diff --git
Because the order of the parameters passes to 'hlist_add_behind()' was
inverted, the 'parent' node was added "behind" the 'input', as input
is not in the list, this causes the 'input' node to be lost.
Fixes: 0e71def25281 ("igb: add support of RX network flow classification")
Signed-off-by:
On Fri, Feb 23, 2018 Randy Dunlap wrote:
> [add Matthew Wilcox; hopefully he can look/see]
Thanks, Randy. I don't understand why nobody else thought to cc the
author of the patch that it was bisected to ...
> On 02/23/2018 04:13 PM, Cong Wang wrote:
> > On Fri, Feb 23, 2018 at 3:27 PM, Cong
On Fri, Feb 23, 2018 at 11:11:50AM -0500, Paul Moore wrote:
> On Thu, Feb 22, 2018 at 9:40 PM, Marcelo Ricardo Leitner
> wrote:
> > On Thu, Feb 22, 2018 at 06:08:05PM -0500, Paul Moore wrote:
> >> On Wed, Feb 21, 2018 at 3:45 PM, Paul Moore wrote:
[add Matthew Wilcox; hopefully he can look/see]
On 02/23/2018 04:13 PM, Cong Wang wrote:
> On Fri, Feb 23, 2018 at 3:27 PM, Cong Wang wrote:
>> On Fri, Feb 23, 2018 at 11:00 AM, Randy Dunlap wrote:
>>> [adding netdev]
>>>
>>> On 02/23/2018 08:05
On Fri, Feb 23, 2018 at 2:38 PM, Jiri Pirko wrote:
> Fri, Feb 23, 2018 at 11:22:36PM CET, losewe...@gmail.com wrote:
>
> [...]
>
No, that's not what I was talking about of course. I thought you
mentioned the upgrade scenario this patch would like to address is to
On Fri, Feb 23, 2018 at 3:27 PM, Cong Wang wrote:
> On Fri, Feb 23, 2018 at 11:00 AM, Randy Dunlap wrote:
>> [adding netdev]
>>
>> On 02/23/2018 08:05 AM, Khalid Aziz wrote:
>>> I am seeing a kernel panic with 4.16-rc1 and 4.16-rc2 kernels when
While analyzing some of the more complex BPF programs from Cilium,
I found that LLVM generally prefers to emit LD_IMM64 instead of MOV32
BPF instructions for loading unsigned 32-bit immediates into a
register. Given we cannot change the current/stable LLVM versions
that are already out there, lets
Instead of unconditionally performing push/pop on rax/rdx
in case of multiplication, we can save a few bytes in case
of dest register being either BPF r0 (rax) or r3 (rdx)
since the result is written in there anyway.
Signed-off-by: Daniel Borkmann
---
While it's rather cumbersome to reduce prologue for cBPF->eBPF
migrations wrt spill/fill for r15 which is callee saved register
due to bpf_error path in bpf_jit.S that is both used by migrations
as well as native eBPF, we can still trivially save 5 bytes in
prologue for the former since tail calls
Add few test cases that check the rnu-time results under JIT.
Signed-off-by: Daniel Borkmann
---
tools/testing/selftests/bpf/test_verifier.c | 89 +
1 file changed, 89 insertions(+)
diff --git a/tools/testing/selftests/bpf/test_verifier.c
Add a generic emit_mov_reg() helper in order to reuse it in BPF
multiplication to load the src into rax, we can save a few bytes
in alu32 while doing so.
Signed-off-by: Daniel Borkmann
---
arch/x86/net/bpf_jit_comp.c | 43 ---
1 file
Couple of minor improvements to the x64 JIT I had still around from
pre merge window in order to shrink the image size further. Added
test cases for kselftests too as well as running Cilium workloads on
them w/o issues.
Thanks!
Daniel Borkmann (6):
bpf, x64: save one byte per shl/shr/sar when
When we shift by one, we can use a different encoding where imm
is not explicitly needed, which saves 1 byte per such op.
Signed-off-by: Daniel Borkmann
---
arch/x86/net/bpf_jit_comp.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git
(pruned to reduce thread)
On Wed, 21 Feb 2018 16:17:19 -0800
Alexander Duyck wrote:
> >>> FWIW two solutions that immediately come to mind is to export "backup"
> >>> as phys_port_name of the backup virtio link and/or assign a name to the
> >>> master like you are
On Thu, 22 Feb 2018 13:30:12 -0800
Alexander Duyck wrote:
> > Again, I undertand your motivation. Yet I don't like your solution.
> > But if the decision is made to do this in-driver bonding. I would like
> > to see it baing done some generic way:
> > 1) share the same
On 2/22/18 6:02 AM, Serhey Popovych wrote:
> @@ -650,6 +658,9 @@ int iplink_parse(int argc, char **argv, struct iplink_req
> *req,
> bool drv = strcmp(*argv, "xdpdrv") == 0;
> bool offload = strcmp(*argv, "xdpoffload") == 0;
>
> +
On Fri, Feb 23, 2018 at 11:00 AM, Randy Dunlap wrote:
> [adding netdev]
>
> On 02/23/2018 08:05 AM, Khalid Aziz wrote:
>> I am seeing a kernel panic with 4.16-rc1 and 4.16-rc2 kernels when running
>> selftests
>> from tools/testing/selftests. Last messages from selftest
Hi Florian,
Thanks for your review. I have the following questions/comments.
> On 02/21/2018 11:06 AM, Bryan Whitehead wrote:
> > Add main source files for new lan743x driver.
> >
> > Signed-off-by: Bryan Whitehead
> > ---
>
> > +lan743x-objs := lan743x_main.o
>
Fri, Feb 23, 2018 at 11:22:36PM CET, losewe...@gmail.com wrote:
[...]
>>>
>>> No, that's not what I was talking about of course. I thought you
>>> mentioned the upgrade scenario this patch would like to address is to
>>> use the bypass interface "to take the place of the original virtio,
>>> and
On Fri, Feb 23, 2018 at 10:29:05PM +0100, Daniel Borkmann wrote:
> The requirements around atomic_add() / atomic64_add() resp. their
> JIT implementations differ across architectures. E.g. while x86_64
> seems just fine with BPF's xadd on unaligned memory, on arm64 it
> triggers via interpreter
PF_RDS sockets pass up cookies for zerocopy completion as ancillary
data. Update msg_zerocopy to reap this information.
Signed-off-by: Sowmini Varadhan
---
v2: receive zerocopy completion notification as POLLIN
tools/testing/selftests/net/msg_zerocopy.c | 60
In preparation for optimized reception of zerocopy completion,
revert the Rx side changes introduced by Commit dfb8434b0a94
("selftests/net: add zerocopy support for PF_RDS test case")
Signed-off-by: Sowmini Varadhan
---
v2: prepare to remove sk_error_queue based
This commit is an optimization of the commit 01883eda72bd
("rds: support for zcopy completion notification") for PF_RDS sockets.
RDS applications are predominantly request-response transactions, so
it is more efficient to reduce the number of system calls and have
zerocopy completion notification
On 02/23/2018 09:41 AM, Edward Cree wrote:
> Where the register umin_value is increasing sufficiently fast, the loop
> will terminate after a reasonable number of iterations, so we can allow
> to keep walking it.
Continuing to walk the loop is problematic because we hit the complexity
limit.
On 02/23/2018 09:40 AM, Edward Cree wrote:
> Add in a new chain of parent states, which does not cross function-call
> boundaries, and check whether our current insn_idx appears anywhere in
> the chain. Since all jump targets have state-list marks (now placed
> by prepare_cfg_marks(), which
On Wed, Feb 21, 2018 at 6:35 PM, Samudrala, Sridhar
wrote:
> On 2/21/2018 5:59 PM, Siwei Liu wrote:
>>
>> On Wed, Feb 21, 2018 at 4:17 PM, Alexander Duyck
>> wrote:
>>>
>>> On Wed, Feb 21, 2018 at 3:50 PM, Siwei Liu
Hi Ilya,
On Mon, Sep 04, 2017 at 01:14:01PM +0300, Ilya Lesokhin wrote:
> The tls ulp overrides sk->prot with a new tls specific proto structs.
> The tls specific structs were previously based on the ipv4 specific
> tcp_prot sturct.
> As a result, attaching the tls ulp to an ipv6 tcp socket
This patch improves few aspects of interrupt handling:
- update to current interrupt allocation API
(use pci_alloc_irq_vectors() instead of deprecated pci_enable_msi())
- this implicitly will allocate a MSI-X interrupt if available
- get rid of flag RTL_FEATURE_MSI
Last but not least it enables
The requirements around atomic_add() / atomic64_add() resp. their
JIT implementations differ across architectures. E.g. while x86_64
seems just fine with BPF's xadd on unaligned memory, on arm64 it
triggers via interpreter but also JIT the following crash:
[ 830.864985] Unable to handle kernel
On 2/23/18 10:49 AM, Stephen Suryaputra wrote:
> Greetings,
>
> We found that ICMP destination unreachable isn't sent if VRF
> forwarding isn't configured, i.e.
> /proc/sys/net/ipv4/conf//forwarding isn't set. The
> relevant code is:
>
> static int ip_error(struct sk_buff *skb)
> {
> ...
>
On Fri, 2018-02-23 at 23:41 +0300, Alexey Dobriyan wrote:
> On Fri, Feb 23, 2018 at 09:17:48PM +0100, Stefan Hellermann wrote:
> > @@ -8,10 +8,6 @@ bool mac_pton(const char *s, u8 *mac)
> > {
> > int i;
> >
> > - /* XX:XX:XX:XX:XX:XX */
> > - if (strlen(s) < 3 * ETH_ALEN - 1)
> > -
From: Donald Sharp
Date: Fri, 23 Feb 2018 14:01:52 -0500
> For ages iproute2 has used `struct rtmsg` as the ancillary header for
> FIB rules and in the process set the protocol value to RTPROT_BOOT.
> Until ca56209a66 ("net: Allow a rule to track originating
On Fri, Feb 23, 2018 at 09:17:48PM +0100, Stefan Hellermann wrote:
> @@ -8,10 +8,6 @@ bool mac_pton(const char *s, u8 *mac)
> {
> int i;
>
> - /* XX:XX:XX:XX:XX:XX */
> - if (strlen(s) < 3 * ETH_ALEN - 1)
> - return false;
> -
> /* Don't dirty result unless
From: Emil Tantilov
Add check for build_skb enabled ring in ixgbe_dma_sync_frag().
In that case _shinfo(skb)->frags[0] may not always be set which
can lead to a crash. Instead we derive the page offset from skb->data.
Fixes: 42073d91a214
("ixgbe: Have the CPU take
I am Ms.Ella Golan, I am the Executive Vice President Banking Division with
FIRST INTERNATIONAL BANK OF ISRAEL LTD (FIBI). I am getting in touch with you
regarding an extremely important and urgent matter. If you would oblige me the
opportunity, I shall provide you with details upon your
On Fri, Feb 23, 2018 at 09:17:48PM +0100, Stefan Hellermann wrote:
> Commit 4904dbda41c8 ("ARM: orion5x: use mac_pton() helper") crashes my
> QNAP TS-209 NAS early on boot.
>
> The boot code for the TS-209 is looping through an ext2 filesystem on a
> 384kB mtd partition (factory configuration put
Commit 4904dbda41c8 ("ARM: orion5x: use mac_pton() helper") crashes my
QNAP TS-209 NAS early on boot.
The boot code for the TS-209 is looping through an ext2 filesystem on a
384kB mtd partition (factory configuration put there by QNAP). There it
looks on every 1kB boundary if there is a valid MAC
This patch converts old type string formattings to new type string
formattings for adapting Linux Traffic Control (tc) unit testing suite
python3.
Linux Traffic Control (tc) unit testing suite's code quality improved is
improved with this patch.
According to python documentation;
"The built-in
Signed-off-by: Batuhan Osman Taskaya
---
tools/testing/selftests/tc-testing/tdc.py | 2 +-
tools/testing/selftests/tc-testing/tdc_batch.py | 8
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/tools/testing/selftests/tc-testing/tdc.py
The iprule.c code was using `struct rtmsg` as the data
type to pass into the kernel for the netlink message.
While 'struct rtmsg' and `struct fib_rule_hdr` are
the same size and mostly the same, we should use
the correct data structure. This commit translates
the data structures to have iprule.c
Modify 'ip rule' command to notice when the kernel passes
to us the originating protocol.
Add code to allow the `ip rule flush protocol XXX`
command to be accepted and properly handled.
Modify the documentation to reflect these code changes.
Signed-off-by: Donald Sharp
Allow the specification of a protocol when the user
adds/modifies/deletes a rule.
Signed-off-by: Donald Sharp
---
ip/iprule.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/ip/iprule.c b/ip/iprule.c
index 17df9e9b..796da3b3 100644
--- a/ip/iprule.c
+++
Fix iprule.c to use the actual `struct fib_rule_hdr` and to
allow the end user to see and use the protocol keyword
for rule manipulation.
v2: Rearrange and code changes as per David Ahern
v3: Fix some missed RTN_XXX to appropriate FR_XX and doc changes
Donald Sharp (3):
ip: Use the `struct
On Fri, 23 Feb 2018 14:10:09 -0500
Donald Sharp wrote:
> The vxlan driver when a neighbor add/delete event occurs sends
> NDA_DST filled with a union:
>
> union vxlan_addr {
> struct sockaddr_in sin;
> struct sockaddr_in6 sin6;
> struct sockaddr sa;
On Thu, 2018-02-22 at 16:04 -0800, Santosh Shilimkar wrote:
> Hi Saeed
>
> On 2/21/2018 12:13 PM, Saeed Mahameed wrote:
> > From: Yonatan Cohen
> >
> > The current implementation of create CQ requires contiguous
> > memory, such requirement is problematic once the memory
From: BTaskaya
Date: Fri, 23 Feb 2018 21:48:30 +0300
> Signed-off-by: Batuhan Osman Taskaya
Sorry, this still is not submitted properly.
You Subject line is enormous. It should contain a short,
concise, title for the change. Including
The vxlan driver when a neighbor add/delete event occurs sends
NDA_DST filled with a union:
union vxlan_addr {
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
struct sockaddr sa;
};
This eventually calls rt_addr_n2a_r which had no handler for the
AF_BRIDGE family and
For ages iproute2 has used `struct rtmsg` as the ancillary header for
FIB rules and in the process set the protocol value to RTPROT_BOOT.
Until ca56209a66 ("net: Allow a rule to track originating protocol")
the kernel rules code ignored the protocol value sent from userspace
and always returned 0
[adding netdev]
On 02/23/2018 08:05 AM, Khalid Aziz wrote:
> I am seeing a kernel panic with 4.16-rc1 and 4.16-rc2 kernels when running
> selftests
> from tools/testing/selftests. Last messages from selftest before kernel panic
> are:
>
>
> running psock_tpacket test
>
1) Fix TTL offset calculation in mac80211 mesh code, from Peter Oh.
2) Fix races with procfs in ipt_CLUSTERIP, from Cong Wang.
3) Memory leak fix in lpm_trie BPF map code, from Yonghong Song.
4) Need to use GFP_ATOMIC in BPF cpumap allocations, from Jason Wang.
5) Fix potential deadlocks in
Greetings,
We found that ICMP destination unreachable isn't sent if VRF
forwarding isn't configured, i.e.
/proc/sys/net/ipv4/conf//forwarding isn't set. The
relevant code is:
static int ip_error(struct sk_buff *skb)
{
...
// in_dev is the vrf net_device
if
Sorry, this is still not submitted in an acceptable way.
Please read the documents I pointed you too, look at how other people
submit patches on this list, and submit it properly.
Thank you.
From: Willem de Bruijn
Date: Fri, 23 Feb 2018 11:56:20 -0500
> From: Willem de Bruijn
>
> The packet fanout test generates UDP traffic and reads this with
> a pair of packet sockets, testing the various fanout algorithms.
>
> Avoid
l2tp_tunnel_get walks the tunnel list to find a matching tunnel
instance and if a match is found, its refcount is increased before
returning the tunnel pointer. But when tunnel objects are destroyed,
they are on the tunnel list after their refcount hits zero. Fix this
by moving the code that
Previously, if a ppp session was closed, we called inet_shutdown to mark
the socket as unconnected such that userspace would get errors and
then close the socket. This could race with userspace closing the
socket. Instead, leave userspace to close the socket in its own time
(our session will be
Previously, if a tunnel was closed, we called inet_shutdown to mark
the socket as unconnected such that userspace would get errors and
then close the socket. This could race with userspace closing the
socket. Instead, leave userspace to close the socket in its own time
(our tunnel will be detached
This patch series addresses several races with L2TP APIs discovered by
syzbot. There are no functional changes.
The set of patches 1-5 in combination fix the following syzbot reports.
19c09769f WARNING in debug_print_object
347bd5acd KASAN: use-after-free Read in inet_shutdown
6e6a5ec8d general
The tunnel socket tunnel->sock (struct sock) is accessed when
preparing a new ppp session on a tunnel at pppol2tp_session_init. If
the socket is closed by a thread while another is creating a new
session, the threads race. In pppol2tp_connect, the tunnel object may
be created if the pppol2tp
pppol2tp_release uses call_rcu to put the final ref on its socket. But
the session object doesn't hold a ref on the session socket so may be
freed while the pppol2tp_put_sk RCU callback is scheduled. Fix this by
having the session hold a ref on its socket until the session is
destroyed. It is this
From: Yafang Shao
Date: Fri, 23 Feb 2018 14:58:41 +0800
> sk is already allocated in inet_create/inet6_create, hence when
> BPF_CGROUP_RUN_PROG_INET_SOCK is executed sk will never be NULL.
>
> The logic is as bellow,
> sk = sk_alloc();
> if (!sk)
>
From: Colin King
Date: Fri, 23 Feb 2018 12:22:52 +
> From: Colin Ian King
>
> Zero is being bit-wise or'd in a calculation twice; these are redundant
> and can be removed.
>
> Signed-off-by: Colin Ian King
From: Ganesh Goudar
Date: Fri, 23 Feb 2018 20:36:53 +0530
> @@ -92,6 +92,18 @@ module_param(msi, int, 0644);
> MODULE_PARM_DESC(msi, "whether to use MSI-X or MSI");
>
> /*
> + * Logic controls.
> + * ===
> + */
> +
> +/* The Virtual Interfaces are connected
From: Eric Dumazet
Date: Thu, 22 Feb 2018 19:45:27 -0800
> From: Eric Dumazet
>
> pfifo_fast got percpu stats lately, uncovering a bug I introduced last
> year in linux-4.10.
>
> I missed the fact that we have to clear our temporary storage
>
Slight change to message when execution can run off the end of the program.
Signed-off-by: Edward Cree
---
tools/testing/selftests/bpf/test_verifier.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/bpf/test_verifier.c
My previous version just checked that every insn could be jumped to from
somewhere, which meant that the program could contain multiple connected
components. Instead let's do a flood-fill of the insns set to ensure all
insns are actually reachable from the entry point. Since this involves
Computing min_frame in find_loop and using it to detect recursion means we
don't need to play games with per-frame parent pointers, and can instead
have a single parent pointer in the verifier_state.
Signed-off-by: Edward Cree
---
include/linux/bpf_verifier.h | 12
On Fri, Feb 23, 2018 at 05:16:57PM +, Colin King wrote:
> From: Colin Ian King
>
> The function xenvif_rx_skb is local to the source and does not need
> to be in global scope, so make it static.
>
> Cleans up sparse warning:
> drivers/net/xen-netback/rx.c:422:6:
By reference-counting how many children of an explored_state are still
being walked, we can avoid pruning based on a state that's in our own
history (and thus hasn't reached an exit yet) without a persistent mark
that prevents other, later branches from being pruned against it when
it _has_
Mainly consists of tests that broke (or I expected to break) earlier
versions of the bounded-loop handling.
Also updated some existing tests to deal with changed error messages,
programs now being accepted etc.
Signed-off-by: Edward Cree
---
Where the register umin_value is increasing sufficiently fast, the loop
will terminate after a reasonable number of iterations, so we can allow
to keep walking it.
The semantics of prev_insn_idx are changed slightly: it now always refers
to the last jump insn walked, even when that jump was not
Add in a new chain of parent states, which does not cross function-call
boundaries, and check whether our current insn_idx appears anywhere in
the chain. Since all jump targets have state-list marks (now placed
by prepare_cfg_marks(), which replaces check_cfg()), it suffices to
thread this
If a conditional branch would produce an inconsistent set of bounds (e.g.
umin_value > umax_value) on one leg, then that leg cannot actually happen
so we don't need to walk it.
This will necessary for bounded loop support so that we stop walking round
the loop once the termination condition is
This means each entry in the parentage chain can have its insn identified,
which will help to support bounded-loop handling later.
Signed-off-by: Edward Cree
---
include/linux/bpf_verifier.h | 6 --
kernel/bpf/verifier.c| 22 +++---
2 files
By giving each register its own liveness chain, we elide the skip_callee()
logic. Instead, each register's parent is the state it inherits from;
both check_func_call() and prepare_func_exit() automatically connect
reg states to the correct chain since when they copy the reg state across
Error messages for some bad programs have changed, partly because we now
check for loops / out-of-bounds jumps before checking subprogs.
Problematic selftests:
513 calls: wrong recursive calls
This is now rejected with 'unreachable insn 1'. I'm not entirely sure what
it was meant to do/test,
Removes a couple of passes from the verifier, one to check subprogs don't
overlap etc., and one to compute max stack depth (which now is done by
topologically sorting the call graph).
Signed-off-by: Edward Cree
---
As noted in the cover letter, I haven't yet integrated
---
tools/testing/selftests/tc-testing/tdc.py | 2 +-
tools/testing/selftests/tc-testing/tdc_batch.py | 8
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/tools/testing/selftests/tc-testing/tdc.py
b/tools/testing/selftests/tc-testing/tdc.py
index
1 - 100 of 164 matches
Mail list logo