Re: [PATCH net-next 2/4] packet: add eBPF fanout mode

public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Alexei Starovoitov <ast@plumgrid•com>
To: Willem de Bruijn <willemb@google•com>, netdev@vger•kernel.org
Cc: davem@davemloft•net, edumazet@google•com, dborkman@redhat•com
Subject: Re: [PATCH net-next 2/4] packet: add eBPF fanout mode
Date: Fri, 14 Aug 2015 10:03:16 -0700	[thread overview]
Message-ID: <55CE1F54.7090109@plumgrid.com> (raw)
In-Reply-To: <1439567427-19504-3-git-send-email-willemb@google.com>

On 8/14/15 8:50 AM, Willem de Bruijn wrote:
> +static int fanout_set_data_ebpf(struct packet_fanout *f, char __user *data,
> +				unsigned int len)
> +{
> +	struct bpf_prog *new;
> +	u32 fd;
> +
> +	if (len != sizeof(fd))
> +		return -EINVAL;
> +	if (copy_from_user(&fd, data, len))
> +		return -EFAULT;
> +
> +	new = bpf_prog_get(fd);
> +	if (IS_ERR(new))
> +		return PTR_ERR(new);
> +
> +	__fanout_set_data_bpf(f, new);
> +	return 0;
> +}

all looks great except in the above the check:
         if (new->type != BPF_PROG_TYPE_SOCKET_FILTER) {
                 bpf_prog_put(new);
                 return -EINVAL;
         }
is missing. Otherwise user will be able to attach programs
of wrong types to fanout.

Also instead of:
  #define PACKET_FANOUT_BPF		6
  #define PACKET_FANOUT_EBPF		7

I would call them FANOUT_CBPF and FANOUT_EBPF to be unambiguous.
This is how bpf manpage distinguishes them.

next prev parent reply	other threads:[~2015-08-14 17:03 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-08-14 15:50 [PATCH net-next 0/4] packet: add BPF and eBPF fanout modes Willem de Bruijn
2015-08-14 15:50 ` [PATCH net-next 1/4] packet: add BPF fanout mode Willem de Bruijn
2015-08-17 14:29   ` Eric Dumazet
2015-08-14 15:50 ` [PATCH net-next 2/4] packet: add eBPF " Willem de Bruijn
2015-08-14 17:03   ` Alexei Starovoitov [this message]
2015-08-14 18:47     ` Willem de Bruijn
2015-08-14 19:01     ` Daniel Borkmann
2015-08-14 19:27       ` Willem de Bruijn
2015-08-14 19:46         ` Daniel Borkmann
2015-08-15  2:28           ` Willem de Bruijn
2015-08-14 15:50 ` [PATCH net-next 3/4] selftests/net: test bpf " Willem de Bruijn
2015-08-14 15:50 ` [PATCH net-next 4/4] selftests/net: test eBPF " Willem de Bruijn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55CE1F54.7090109@plumgrid.com \
    --to=ast@plumgrid$(echo .)com \
    --cc=davem@davemloft$(echo .)net \
    --cc=dborkman@redhat$(echo .)com \
    --cc=edumazet@google$(echo .)com \
    --cc=netdev@vger$(echo .)kernel.org \
    --cc=willemb@google$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox