Skip to content

Commit a08d97a

Browse files
committed
Daniel Borkmann says: ==================== pull-request: bpf-next 2022-10-03 We've added 143 non-merge commits during the last 27 day(s) which contain a total of 151 files changed, 8321 insertions(+), 1402 deletions(-). The main changes are: 1) Add kfuncs for PKCS#7 signature verification from BPF programs, from Roberto Sassu. 2) Add support for struct-based arguments for trampoline based BPF programs, from Yonghong Song. 3) Fix entry IP for kprobe-multi and trampoline probes under IBT enabled, from Jiri Olsa. 4) Batch of improvements to veristat selftest tool in particular to add CSV output, a comparison mode for CSV outputs and filtering, from Andrii Nakryiko. 5) Add preparatory changes needed for the BPF core for upcoming BPF HID support, from Benjamin Tissoires. 6) Support for direct writes to nf_conn's mark field from tc and XDP BPF program types, from Daniel Xu. 7) Initial batch of documentation improvements for BPF insn set spec, from Dave Thaler. 8) Add a new BPF_MAP_TYPE_USER_RINGBUF map which provides single-user-space-producer / single-kernel-consumer semantics for BPF ring buffer, from David Vernet. 9) Follow-up fixes to BPF allocator under RT to always use raw spinlock for the BPF hashtab's bucket lock, from Hou Tao. 10) Allow creating an iterator that loops through only the resources of one task/thread instead of all, from Kui-Feng Lee. 11) Add support for kptrs in the per-CPU arraymap, from Kumar Kartikeya Dwivedi. 12) Add a new kfunc helper for nf to set src/dst NAT IP/port in a newly allocated CT entry which is not yet inserted, from Lorenzo Bianconi. 13) Remove invalid recursion check for struct_ops for TCP congestion control BPF programs, from Martin KaFai Lau. 14) Fix W^X issue with BPF trampoline and BPF dispatcher, from Song Liu. 15) Fix percpu_counter leakage in BPF hashtab allocation error path, from Tetsuo Handa. 16) Various cleanups in BPF selftests to use preferred ASSERT_* macros, from Wang Yufen. 17) Add invocation for cgroup/connect{4,6} BPF programs for ICMP pings, from YiFei Zhu. 18) Lift blinding decision under bpf_jit_harden = 1 to bpf_capable(), from Yauheni Kaliuta. 19) Various libbpf fixes and cleanups including a libbpf NULL pointer deref, from Xin Liu. * https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: (143 commits) net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c Documentation: bpf: Add implementation notes documentations to table of contents bpf, docs: Delete misformatted table. selftests/xsk: Fix double free bpftool: Fix error message of strerror libbpf: Fix overrun in netlink attribute iteration selftests/bpf: Fix spelling mistake "unpriviledged" -> "unprivileged" samples/bpf: Fix typo in xdp_router_ipv4 sample bpftool: Remove unused struct event_ring_info bpftool: Remove unused struct btf_attach_point bpf, docs: Add TOC and fix formatting. bpf, docs: Add Clang note about BPF_ALU bpf, docs: Move Clang notes to a separate file bpf, docs: Linux byteswap note bpf, docs: Move legacy packet instructions to a separate file selftests/bpf: Check -EBUSY for the recurred bpf_setsockopt(TCP_CONGESTION) bpf: tcp: Stop bpf_setsockopt(TCP_CONGESTION) in init ops to recur itself bpf: Refactor bpf_setsockopt(TCP_CONGESTION) handling into another function bpf: Move the "cdg" tcp-cc check to the common sol_tcp_sockopt() bpf: Add __bpf_prog_{enter,exit}_struct_ops for struct_ops trampoline ... ==================== Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Jakub Kicinski <[email protected]>
2 parents 62c0798 + 820dc05 commit a08d97a

File tree

151 files changed

+8321
-1402
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

151 files changed

+8321
-1402
lines changed

Documentation/admin-guide/sysctl/net.rst

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,9 @@ Values:
102102
- 1 - enable JIT hardening for unprivileged users only
103103
- 2 - enable JIT hardening for all users
104104

105+
where "privileged user" in this context means a process having
106+
CAP_BPF or CAP_SYS_ADMIN in the root user name space.
107+
105108
bpf_jit_kallsyms
106109
----------------
107110

Documentation/bpf/clang-notes.rst

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
.. contents::
2+
.. sectnum::
3+
4+
==========================
5+
Clang implementation notes
6+
==========================
7+
8+
This document provides more details specific to the Clang/LLVM implementation of the eBPF instruction set.
9+
10+
Versions
11+
========
12+
13+
Clang defined "CPU" versions, where a CPU version of 3 corresponds to the current eBPF ISA.
14+
15+
Clang can select the eBPF ISA version using ``-mcpu=v3`` for example to select version 3.
16+
17+
Arithmetic instructions
18+
=======================
19+
20+
For CPU versions prior to 3, Clang v7.0 and later can enable ``BPF_ALU`` support with
21+
``-Xclang -target-feature -Xclang +alu32``. In CPU version 3, support is automatically included.
22+
23+
Atomic operations
24+
=================
25+
26+
Clang can generate atomic instructions by default when ``-mcpu=v3`` is
27+
enabled. If a lower version for ``-mcpu`` is set, the only atomic instruction
28+
Clang can generate is ``BPF_ADD`` *without* ``BPF_FETCH``. If you need to enable
29+
the atomics features, while keeping a lower ``-mcpu`` version, you can use
30+
``-Xclang -target-feature -Xclang +alu32``.

Documentation/bpf/index.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,8 @@ that goes into great technical depth about the BPF Architecture.
2626
classic_vs_extended.rst
2727
bpf_licensing
2828
test_debug
29+
clang-notes
30+
linux-notes
2931
other
3032

3133
.. only:: subproject and html

0 commit comments

Comments
 (0)