1. 30 Oct, 2019 5 commits
  2. 29 Oct, 2019 11 commits
  3. 28 Oct, 2019 21 commits
  4. 27 Oct, 2019 1 commit
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next · 5b7fe93d
      David S. Miller authored
      Daniel Borkmann says:
      
      ====================
      pull-request: bpf-next 2019-10-27
      
      The following pull-request contains BPF updates for your *net-next* tree.
      
      We've added 52 non-merge commits during the last 11 day(s) which contain
      a total of 65 files changed, 2604 insertions(+), 1100 deletions(-).
      
      The main changes are:
      
       1) Revolutionize BPF tracing by using in-kernel BTF to type check BPF
          assembly code. The work here teaches BPF verifier to recognize
          kfree_skb()'s first argument as 'struct sk_buff *' in tracepoints
          such that verifier allows direct use of bpf_skb_event_output() helper
          used in tc BPF et al (w/o probing memory access) that dumps skb data
          into perf ring buffer. Also add direct loads to probe memory in order
          to speed up/replace bpf_probe_read() calls, from Alexei Starovoitov.
      
       2) Big batch of changes to improve libbpf and BPF kselftests. Besides
          others: generalization of libbpf's CO-RE relocation support to now
          also include field existence relocations, revamp the BPF kselftest
          Makefile to add test runner concept allowing to exercise various
          ways to build BPF programs, and teach bpf_object__open() and friends
          to automatically derive BPF program type/expected attach type from
          section names to ease their use, from Andrii Nakryiko.
      
       3) Fix deadlock in stackmap's build-id lookup on rq_lock(), from Song Liu.
      
       4) Allow to read BTF as raw data from bpftool. Most notable use case
          is to dump /sys/kernel/btf/vmlinux through this, from Jiri Olsa.
      
       5) Use bpf_redirect_map() helper in libbpf's AF_XDP helper prog which
          manages to improve "rx_drop" performance by ~4%., from Björn Töpel.
      
       6) Fix to restore the flow dissector after reattach BPF test and also
          fix error handling in bpf_helper_defs.h generation, from Jakub Sitnicki.
      
       7) Improve verifier's BTF ctx access for use outside of raw_tp, from
          Martin KaFai Lau.
      
       8) Improve documentation for AF_XDP with new sections and to reflect
          latest features, from Magnus Karlsson.
      
       9) Add back 'version' section parsing to libbpf for old kernels, from
          John Fastabend.
      
      10) Fix strncat bounds error in libbpf's libbpf_prog_type_by_name(),
          from KP Singh.
      
      11) Turn on -mattr=+alu32 in LLVM by default for BPF kselftests in order
          to improve insn coverage for built BPF progs, from Yonghong Song.
      
      12) Misc minor cleanups and fixes, from various others.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5b7fe93d
  5. 26 Oct, 2019 2 commits
    • Roman Mashak's avatar
      tc-testing: list required kernel options for act_ct action · b9512485
      Roman Mashak authored
      Updated config with required kernel options for conntrac TC action,
      so that tdc can run the tests.
      Signed-off-by: default avatarRoman Mashak <mrv@mojatatu.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      b9512485
    • David S. Miller's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next · 4b1f5dda
      David S. Miller authored
      Pablo Neira Ayuso says:
      
      ====================
      Netfilter/IPVS updates for net-next
      
      The following patchset contains Netfilter/IPVS updates for net-next,
      more specifically:
      
      * Updates for ipset:
      
      1) Coding style fix for ipset comment extension, from Jeremy Sowden.
      
      2) De-inline many functions in ipset, from Jeremy Sowden.
      
      3) Move ipset function definition from header to source file.
      
      4) Move ip_set_put_flags() to source, export it as a symbol, remove
         inline.
      
      5) Move range_to_mask() to the source file where this is used.
      
      6) Move ip_set_get_ip_port() to the source file where this is used.
      
      * IPVS selftests and netns improvements:
      
      7) Two patches to speedup ipvs netns dismantle, from Haishuang Yan.
      
      8) Three patches to add selftest script for ipvs, also from
         Haishuang Yan.
      
      * Conntrack updates and new nf_hook_slow_list() function:
      
      9) Document ct ecache extension, from Florian Westphal.
      
      10) Skip ct extensions from ctnetlink dump, from Florian.
      
      11) Free ct extension immediately, from Florian.
      
      12) Skip access to ecache extension from nf_ct_deliver_cached_events()
          this is not correct as reported by Syzbot.
      
      13) Add and use nf_hook_slow_list(), from Florian.
      
      * Flowtable infrastructure updates:
      
      14) Move priority to nf_flowtable definition.
      
      15) Dynamic allocation of per-device hooks in flowtables.
      
      16) Allow to include netdevice only once in flowtable definitions.
      
      17) Rise maximum number of devices per flowtable.
      
      * Netfilter hardware offload infrastructure updates:
      
      18) Add nft_flow_block_chain() helper function.
      
      19) Pass callback list to nft_setup_cb_call().
      
      20) Add nft_flow_cls_offload_setup() helper function.
      
      21) Remove rules for the unregistered device via netdevice event.
      
      22) Support for multiple devices in a basechain definition at the
          ingress hook.
      
      22) Add nft_chain_offload_cmd() helper function.
      
      23) Add nft_flow_block_offload_init() helper function.
      
      24) Rewind in case of failing to bind multiple devices to hook.
      
      25) Typo in IPv6 tproxy module description, from Norman Rasmussen.
      ====================
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4b1f5dda