[PATCH bpf 0/7] Batch of direct packet access fixes for BPF

Daniel Borkmann Wed, 24 Oct 2018 13:06:02 -0700

Several fixes to get direct packet access in order from verifier
side. Also test suite fix to run cg_skb as unpriv and an improvement
to make direct packet write less error prone in future.


Thanks!

Daniel Borkmann (7):
  bpf: fix test suite to enable all unpriv program types
  bpf: disallow direct packet access for unpriv in cg_skb
  bpf: fix direct packet access for flow dissector progs
  bpf: fix cg_skb types to hint access type in may_access_direct_pkt_data
  bpf: fix direct packet write into pop/peek helpers
  bpf: fix leaking uninitialized memory on pop/peek helpers
  bpf: make direct packet write unclone more robust

 kernel/bpf/helpers.c                        |  2 --
 kernel/bpf/queue_stack_maps.c               |  2 ++
 kernel/bpf/verifier.c                       | 13 ++++++++++---
 net/core/filter.c                           | 17 +++++++++++++++++
 tools/testing/selftests/bpf/test_verifier.c | 15 +++++++++++++--
 5 files changed, 42 insertions(+), 7 deletions(-)

-- 
2.9.5

[PATCH bpf 0/7] Batch of direct packet access fixes for BPF

Reply via email to