Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v4.3 2015-07-31T22:13:14Z 2015-07-31T22:13:14Z Daniel Borkmann daniel@iogearbox.net 2015-07-30T14:04:22Z urn:sha1:a6ed38361b1e0f08d630bd491051c254d1fc71b9 This patch adds support to read the dmesg BPF JIT dump also from a file instead of the klog buffer. I found this quite useful when going through some 'before/after patch' logs. It also fixes a regex leak found by valgrind when no image dump was found. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-05-27T04:24:10Z Daniel Borkmann daniel@iogearbox.net 2015-05-25T12:08:03Z urn:sha1:082739aa458a74add9a2362988e5aca0367bfa53 With recent debugging, I noticed that bpf_jit_disasm segfaults when there's no debugging output from the JIT compiler to the kernel log. Reason is that when regexec(3) doesn't match on anything, start/end offsets are not being filled out and contain some uninitialized garbage from stack. Thus, we need zero out offsets first. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-03-25T01:21:41Z Daniel Borkmann daniel@iogearbox.net 2015-03-24T22:19:24Z urn:sha1:835c3d9b7a28f5ecfc2dea2300946e27811f16a5 We now have K_VLANT, K_VLANP and K_VLANTPID. Clean them up into more descriptive token, namely K_VLAN_TCI, K_VLAN_AVAIL and K_VLAN_TPID. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2015-03-24T19:25:15Z Michal Sekletar msekleta@redhat.com 2015-03-24T13:48:41Z urn:sha1:27cd5452476978283decb19e429e81fc6c71e74b If vlan offloading takes place then vlan header is removed from frame and its contents, both vlan_tci and vlan_proto, is available to user space via TPACKET interface. However, only vlan_tci can be used in BPF filters. This commit introduces a new BPF extension. It makes possible to load the value of vlan_proto (vlan TPID) to register A. Support for classic BPF and eBPF is being added, analogous to skb->protocol. Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Alexei Starovoitov <ast@plumgrid.com> Cc: Jiri Pirko <jpirko@redhat.com> Signed-off-by: Michal Sekletar <msekleta@redhat.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@plumgrid.com> Reviewed-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-05-16T20:44:08Z Alexei Starovoitov ast@plumgrid.com 2014-05-15T22:56:39Z urn:sha1:9bb1a208fddda94ea3c6df1fc9a225f92761cf1c JITed seccomp filters can be quite large if they check a lot of syscalls Simply increase buffer size Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Acked-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-05-16T20:44:08Z Alexei Starovoitov ast@plumgrid.com 2014-05-15T22:56:38Z urn:sha1:ed4afd451f12ea57f9aaaf6f8442eee7e415fa1a seccomp filters use kernel JIT image addresses, so bpf_jit_enable=2 prints [ 20.146438] flen=3 proglen=82 pass=0 image=0000000000000000 [ 20.146442] JIT code: 00000000: 55 48 89 e5 48 81 ec 28 02 00 00 ... ignore image address, so that seccomp filters can be disassembled Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Acked-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-05-12T17:19:14Z David S. Miller davem@davemloft.net 2014-05-12T17:19:14Z urn:sha1:5f013c9bc70214dcacd5fbed5a06c217d6ff9c59 Conflicts: drivers/net/ethernet/altera/altera_sgdma.c net/netlink/af_netlink.c net/sched/cls_api.c net/sched/sch_api.c The netlink conflict dealt with moving to netlink_capable() and netlink_ns_capable() in the 'net' tree vs. supporting 'tc' operations in non-init namespaces. These were simple transformations from netlink_capable to netlink_ns_capable. The Altera driver conflict was simply code removal overlapping some void pointer cast cleanups in net-next. Signed-off-by: David S. Miller <davem@davemloft.net> 2014-04-30T20:12:22Z Brendan Hickey bhickey@google.com 2014-04-30T08:24:38Z urn:sha1:e5744fe9d262d11131916d04ea79ea539fe296c0 The AND instruction is erroneously using the X register instead of the K register. Signed-off-by: Brendan Hickey <bhickey@google.com> Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-04-23T01:27:57Z Chema Gonzalez chema@google.com 2014-04-21T16:21:24Z urn:sha1:4cd3675ebf74d7f559038ded6aa8088e4099a83d Added a new ancillary load (bpf call in eBPF parlance) that produces a 32-bit random number. We are implementing it as an ancillary load (instead of an ISA opcode) because (a) it is simpler, (b) allows easy JITing, and (c) seems more in line with generic ISAs that do not have "get a random number" as a instruction, but as an OS call. The main use for this ancillary load is to perform random packet sampling. Signed-off-by: Chema Gonzalez <chema@google.com> Acked-by: Alexei Starovoitov <ast@plumgrid.com> Acked-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2014-03-15T02:31:55Z David S. Miller davem@davemloft.net 2014-03-15T02:31:55Z urn:sha1:85dcce7a73f1cc59f7a96fe52713b1630f4ca272 Conflicts: drivers/net/usb/r8152.c drivers/net/xen-netback/netback.c Both the r8152 and netback conflicts were simple overlapping changes. Signed-off-by: David S. Miller <davem@davemloft.net>