On Wed, Oct 24, 2018 at 1:08 PM Daniel Borkmann <dan...@iogearbox.net> wrote: > > Several fixes to get direct packet access in order from verifier > side. Also test suite fix to run cg_skb as unpriv and an improvement > to make direct packet write less error prone in future. > > Thanks! > > Daniel Borkmann (7): > bpf: fix test suite to enable all unpriv program types > bpf: disallow direct packet access for unpriv in cg_skb > bpf: fix direct packet access for flow dissector progs > bpf: fix cg_skb types to hint access type in may_access_direct_pkt_data > bpf: fix direct packet write into pop/peek helpers > bpf: fix leaking uninitialized memory on pop/peek helpers > bpf: make direct packet write unclone more robust > > kernel/bpf/helpers.c | 2 -- > kernel/bpf/queue_stack_maps.c | 2 ++ > kernel/bpf/verifier.c | 13 ++++++++++--- > net/core/filter.c | 17 +++++++++++++++++ > tools/testing/selftests/bpf/test_verifier.c | 15 +++++++++++++-- > 5 files changed, 42 insertions(+), 7 deletions(-) > > -- > 2.9.5 >
Other than the nitpick on 7/7, for the series: Acked-by: Song Liu <songliubrav...@fb.com>
