frags. Then push the header just before calling napi_gro_frags.
>
> Fixes: 90e33d459407 ("tun: enable napi_gro_frags() for TUN/TAP driver")
> Signed-off-by: Willem de Bruijn
Acked-by: Petar Penkov
> ---
> drivers/net/tun.c | 14 ++
> 1 file changed, 10 insertio
lftests should not assume a particular initial configuration. Switch
> off rp_filter.
>
> Fixes: 50b3ed57dee9 ("selftests/bpf: test bpf flow dissection")
> Cc: Petar Penkov
> Signed-off-by: Jiri Benc
Acked-by: Petar Penkov
> ---
> tools/testing/selftests/bpf/te
From: Petar Penkov
If a SYN cookie is not issued by tcp_v#_gen_syncookie, then the return
value will be exactly 0, rather than <= 0. Let's change the check to
reflect that, especially since mss is an unsigned value and cannot be
negative.
Fixes: 70d66244317e ("bpf: add bpf_tcp_
This makes sense, thanks!
Acked-by: Petar Penkov
On Wed, Aug 21, 2019 at 5:19 AM Jakub Sitnicki wrote:
>
> Call to bpf_prog_put(), with help of call_rcu(), queues an RCU-callback to
> free the program once a grace period has elapsed. The callback can run
> together with new RCU
From: Petar Penkov
There is a race in this test between receiving the ACK for the
single-byte packet sent in the test, and reading the values from the
map.
This patch fixes this by having the client wait until there are no more
unacknowledged packets.
Before:
for i in {1..1000}; do ../net
On Fri, Aug 16, 2019 at 9:13 AM Stanislav Fomichev wrote:
>
> On 08/16, Petar Penkov wrote:
> > From: Petar Penkov
> >
> > There is a race in this test between receiving the ACK for the
> > single-byte packet sent in the test, and reading the values from the
>
From: Petar Penkov
There is a race in this test between receiving the ACK for the
single-byte packet sent in the test, and reading the values from the
map.
This patch fixes this by having the client wait until there are no more
unacknowledged packets.
Before:
for i in {1..1000}; do ../net
From: Petar Penkov
Since the "last_dissection" map holds only the flow keys for the most
recent packet, there is a small race in the skb-less flow dissector
tests if a new packet comes between transmitting the test packet, and
reading its keys from the map. If this happens, the test p
On Mon, Jul 29, 2019 at 1:48 PM Alexei Starovoitov
wrote:
>
> On Mon, Jul 29, 2019 at 09:59:12AM -0700, Petar Penkov wrote:
> > From: Petar Penkov
> >
> > This patch series introduces a BPF helper function that allows generating
> > SYN
> > cookies from BPF.
From: Petar Penkov
Expose bpf_tcp_gen_syncookie to selftests.
Signed-off-by: Petar Penkov
Reviewed-by: Lorenz Bauer
---
tools/testing/selftests/bpf/bpf_helpers.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/testing/selftests/bpf/bpf_helpers.h
b/tools/testing/selftests/bpf
From: Petar Penkov
Sync updated documentation for bpf_redirect_map.
Sync the bpf_tcp_gen_syncookie helper function definition with the one
in tools/uapi.
Signed-off-by: Petar Penkov
Reviewed-by: Lorenz Bauer
---
tools/include/uapi/linux/bpf.h | 37 +++---
1 file
From: Petar Penkov
This helper function allows BPF programs to try to generate SYN
cookies, given a reference to a listener socket. The function works
from XDP and with an skb context since bpf_skc_lookup_tcp can lookup a
socket in both cases.
Signed-off-by: Petar Penkov
Suggested-by: Eric
From: Petar Penkov
Modify the existing bpf_tcp_check_syncookie test to also generate a
SYN cookie, pass the packet to the kernel, and verify that the two
cookies are the same (and both valid). Since cloned SKBs are skipped
during generic XDP, this test does not issue a SYN cookie when run in
XDP
From: Petar Penkov
This patch allows generation of a SYN cookie before an SKB has been
allocated, as is the case at XDP.
Signed-off-by: Petar Penkov
Reviewed-by: Lorenz Bauer
---
include/net/tcp.h| 10 ++
net/ipv4/tcp_input.c | 73
net
From: Petar Penkov
This patch series introduces a BPF helper function that allows generating SYN
cookies from BPF. Currently, this helper is enabled at both the TC hook and the
XDP hook.
The first two patches in the series add/modify several TCP helper functions to
allow for SKB-less operation
From: Petar Penkov
This allows us to call this function before an SKB has been
allocated.
Signed-off-by: Petar Penkov
Reviewed-by: Lorenz Bauer
---
net/ipv4/tcp_input.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
Thanks! For the series:
Acked-by: Petar Penkov
On Thu, Jul 25, 2019 at 8:33 AM Stanislav Fomichev wrote:
>
> C flow dissector supports input flags that tell it to customize parsing
> by either stopping early or trying to parse as deep as possible.
> BPF flow dissector always parse
On Tue, Jul 23, 2019 at 5:33 AM Toke Høiland-Jørgensen wrote:
>
> Petar Penkov writes:
>
> > From: Petar Penkov
> >
> > This helper function allows BPF programs to try to generate SYN
> > cookies, given a reference to a listener socket. The function works
>
From: Petar Penkov
This helper function allows BPF programs to try to generate SYN
cookies, given a reference to a listener socket. The function works
from XDP and with an skb context since bpf_skc_lookup_tcp can lookup a
socket in both cases.
Signed-off-by: Petar Penkov
Suggested-by: Eric
From: Petar Penkov
Sync updated documentation for bpf_redirect_map.
Sync the bpf_tcp_gen_syncookie helper function definition with the one
in tools/uapi.
Signed-off-by: Petar Penkov
---
tools/include/uapi/linux/bpf.h | 37 +++---
1 file changed, 34 insertions
From: Petar Penkov
This patch allows generation of a SYN cookie before an SKB has been
allocated, as is the case at XDP.
Signed-off-by: Petar Penkov
---
include/net/tcp.h| 11 +++
net/ipv4/tcp_input.c | 76
net/ipv4/tcp_ipv4.c | 8
From: Petar Penkov
This allows us to call this function before an SKB has been
allocated.
Signed-off-by: Petar Penkov
---
net/ipv4/tcp_input.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index c21e8a22fb3b
From: Petar Penkov
This patch series introduces a BPF helper function that allows generating SYN
cookies from BPF. Currently, this helper is enabled at both the TC hook and the
XDP hook.
The first two patches in the series add/modify several TCP helper functions to
allow for SKB-less operation
From: Petar Penkov
Expose bpf_tcp_gen_syncookie to selftests.
Signed-off-by: Petar Penkov
---
tools/testing/selftests/bpf/bpf_helpers.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/testing/selftests/bpf/bpf_helpers.h
b/tools/testing/selftests/bpf/bpf_helpers.h
index
From: Petar Penkov
Modify the existing bpf_tcp_check_syncookie test to also generate a
SYN cookie, pass the packet to the kernel, and verify that the two
cookies are the same (and both valid). Since cloned SKBs are skipped
during generic XDP, this test does not issue a SYN cookie when run in
XDP
Thank you for your feedback!
On Tue, Jul 16, 2019 at 7:26 PM Alexei Starovoitov
wrote:
>
> On Tue, Jul 16, 2019 at 09:59:26AM +0200, Eric Dumazet wrote:
> >
> >
> > On 7/16/19 2:26 AM, Petar Penkov wrote:
> > > From: Petar Penkov
> > >
> > >
Thank you for the reviews!
On Tue, Jul 16, 2019 at 4:56 AM Lorenz Bauer wrote:
>
> On Tue, 16 Jul 2019 at 08:59, Eric Dumazet wrote:
> > > + return -EINVAL;
> > > +
> > > + if (sk->sk_protocol != IPPROTO_TCP || sk->sk_state != TCP_LISTEN)
> > > + return -EINVAL;
> > >
On Tue, Jul 16, 2019 at 4:35 AM Lorenz Bauer wrote:
>
> On Tue, 16 Jul 2019 at 01:27, Petar Penkov wrote:
> >
> > From: Petar Penkov
> >
> > This patch allows generation of a SYN cookie before an SKB has been
> > allocated, as is the case at XDP.
From: Petar Penkov
This allows us to call this function before an SKB has been
allocated.
Signed-off-by: Petar Penkov
---
net/ipv4/tcp_input.c | 8 +++-
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index c21e8a22fb3b
From: Petar Penkov
This patch allows generation of a SYN cookie before an SKB has been
allocated, as is the case at XDP.
Signed-off-by: Petar Penkov
---
include/net/tcp.h| 11 ++
net/ipv4/tcp_input.c | 79
net/ipv4/tcp_ipv4.c | 8
From: Petar Penkov
Sync updated documentation for bpf_redirect_map.
Sync the bpf_tcp_gen_syncookie helper function definition with the one
in tools/uapi.
Signed-off-by: Petar Penkov
---
tools/include/uapi/linux/bpf.h | 37 +++---
1 file changed, 34 insertions
From: Petar Penkov
This patch series introduces a BPF helper function that allows generating SYN
cookies from BPF.
The first two patches in the series modify several TCP helper functions to
allow for SKB-less operation, as is the case with XDP.
The third patch introduces the
From: Petar Penkov
Modify the existing bpf_tcp_check_syncookie test to also generate a
SYN cookie, pass the packet to the kernel, and verify that the two
cookies are the same (and both valid). Since cloned SKBs are skipped
during generic XDP, this test does not issue a SYN cookie when run in
XDP
From: Petar Penkov
Expose bpf_tcp_gen_syncookie to selftests.
Signed-off-by: Petar Penkov
---
tools/testing/selftests/bpf/bpf_helpers.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/testing/selftests/bpf/bpf_helpers.h
b/tools/testing/selftests/bpf/bpf_helpers.h
index
From: Petar Penkov
This helper function allows BPF programs to try to generate SYN
cookies, given a reference to a listener socket. The function works
from XDP and with an skb context since bpf_skc_lookup_tcp can lookup a
socket in both cases.
Signed-off-by: Petar Penkov
Suggested-by: Eric
Rules matching on loopback iif do not need early flow dissection as the
packet originates from the host. Stop counting such rules in
fib_rule_requires_fldissect
Signed-off-by: Petar Penkov
---
include/net/fib_rules.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a
On Mon, Apr 1, 2019 at 1:57 PM Stanislav Fomichev wrote:
>
> Short doc on what BPF flow dissector should expect in the input
> __sk_buff and flow_keys.
>
> Signed-off-by: Stanislav Fomichev
> ---
> .../networking/bpf_flow_dissector.txt | 115 ++
> 1 file changed, 115 inse
PF flow_keys for non-zero nhoff
> > flow_dissector: allow access only to a subset of __sk_buff fields
> > flow_dissector: document BPF flow dissector environment
>
> For the series:
>
> Acked-by: Willem de Bruijn
>
> This looks great to me. Thanks, Stan!
>
On Fri, Sep 14, 2018 at 2:47 PM, Y Song wrote:
> On Fri, Sep 14, 2018 at 12:24 PM Alexei Starovoitov
> wrote:
>>
>> On Fri, Sep 14, 2018 at 07:46:17AM -0700, Petar Penkov wrote:
>> > From: Petar Penkov
>> >
>> > This patch series hardens the RX stac
From: Petar Penkov
Adds a test that sends different types of packets over multiple
tunnels and verifies that valid packets are dissected correctly. To do
so, a tc-flower rule is added to drop packets on UDP src port 9, and
packets are sent from ports 8, 9, and 10. Only the packets on port 9
From: Petar Penkov
This eBPF program extracts basic/control/ip address/ports keys from
incoming packets. It supports recursive parsing for IP encapsulation,
and VLAN, along with IPv4/IPv6 and extension headers. This program is
meant to show how flow dissection and key extraction can be done in
From: Petar Penkov
This patch syncs tools/include/uapi/linux/bpf.h with the flow dissector
definitions from include/uapi/linux/bpf.h
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
tools/include/uapi/linux/bpf.h | 26 ++
1 file changed, 26 insertions
From: Petar Penkov
This patch extends libbpf and bpftool to work with programs of type
BPF_PROG_TYPE_FLOW_DISSECTOR.
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
tools/bpf/bpftool/prog.c | 1 +
tools/lib/bpf/libbpf.c | 2 ++
2 files changed, 3 insertions(+)
diff --git a
From: Petar Penkov
This patch series hardens the RX stack by allowing flow dissection in BPF,
as previously discussed [1]. Because of the rigorous checks of the BPF
verifier, this provides significant security guarantees. In particular, the
BPF flow dissector cannot get inside of an infinite
From: Petar Penkov
Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
attach type BPF_FLOW_DISSECTOR that is executed in the flow dissector
path. The BPF program is per-network namespace.
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
include/linux/bpf.h
From: Petar Penkov
This patch series hardens the RX stack by allowing flow dissection in BPF,
as previously discussed [1]. Because of the rigorous checks of the BPF
verifier, this provides significant security guarantees. In particular, the
BPF flow dissector cannot get inside of an infinite
From: Petar Penkov
This patch syncs tools/include/uapi/linux/bpf.h with the flow dissector
definitions from include/uapi/linux/bpf.h
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
tools/include/uapi/linux/bpf.h | 26 ++
1 file changed, 26 insertions
From: Petar Penkov
This patch extends libbpf and bpftool to work with programs of type
BPF_PROG_TYPE_FLOW_DISSECTOR.
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
tools/bpf/bpftool/prog.c | 1 +
tools/lib/bpf/libbpf.c | 2 ++
2 files changed, 3 insertions(+)
diff --git a
From: Petar Penkov
Adds a test that sends different types of packets over multiple
tunnels and verifies that valid packets are dissected correctly. To do
so, a tc-flower rule is added to drop packets on UDP src port 9, and
packets are sent from ports 8, 9, and 10. Only the packets on port 9
From: Petar Penkov
This eBPF program extracts basic/control/ip address/ports keys from
incoming packets. It supports recursive parsing for IP encapsulation,
and VLAN, along with IPv4/IPv6 and extension headers. This program is
meant to show how flow dissection and key extraction can be done in
From: Petar Penkov
Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
attach type BPF_FLOW_DISSECTOR that is executed in the flow dissector
path. The BPF program is per-network namespace.
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
include/linux/bpf.h
From: Petar Penkov
This eBPF program extracts basic/control/ip address/ports keys from
incoming packets. It supports recursive parsing for IP encapsulation,
and VLAN, along with IPv4/IPv6 and extension headers. This program is
meant to show how flow dissection and key extraction can be done in
From: Petar Penkov
Adds a test that sends different types of packets over multiple
tunnels and verifies that valid packets are dissected correctly. To do
so, a tc-flower rule is added to drop packets on UDP src port 9, and
packets are sent from ports 8, 9, and 10. Only the packets on port 9
From: Petar Penkov
This patch series hardens the RX stack by allowing flow dissection in BPF,
as previously discussed [1]. Because of the rigorous checks of the BPF
verifier, this provides significant security guarantees. In particular, the
BPF flow dissector cannot get inside of an infinite
From: Petar Penkov
Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
attach type BPF_FLOW_DISSECTOR that is executed in the flow dissector
path. The BPF program is per-network namespace.
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
include/linux/bpf.h
On Mon, Sep 3, 2018 at 1:54 PM, Petar Penkov wrote:
>
> On Sun, Sep 2, 2018 at 2:03 PM, Daniel Borkmann wrote:
> > On 08/30/2018 08:22 PM, Petar Penkov wrote:
> >> From: Petar Penkov
> >>
> >> Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR
On Sun, Sep 2, 2018 at 2:03 PM, Daniel Borkmann wrote:
> On 08/30/2018 08:22 PM, Petar Penkov wrote:
>> From: Petar Penkov
>>
>> Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
>> attach type BPF_FLOW_DISSECTOR that is executed in the flow dissector
From: Petar Penkov
Adds a test that sends different types of packets over multiple
tunnels and verifies that valid packets are dissected correctly. To do
so, a tc-flower rule is added to drop packets on UDP src port 9, and
packets are sent from ports 8, 9, and 10. Only the packets on port 9
From: Petar Penkov
This eBPF program extracts basic/control/ip address/ports keys from
incoming packets. It supports recursive parsing for IP encapsulation,
and VLAN, along with IPv4/IPv6 and extension headers. This program is
meant to show how flow dissection and key extraction can be done in
From: Petar Penkov
Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
attach type BPF_FLOW_DISSECTOR that is executed in the flow dissector
path. The BPF program is per-network namespace.
Signed-off-by: Petar Penkov
Signed-off-by: Willem de Bruijn
---
include/linux/bpf.h
From: Petar Penkov
This patch series hardens the RX stack by allowing flow dissection in BPF,
as previously discussed [1]. Because of the rigorous checks of the BPF
verifier, this provides significant security guarantees. In particular, the
BPF flow dissector cannot get inside of an infinite
On Wed, Aug 22, 2018 at 12:28 AM, Daniel Borkmann wrote:
> "On 08/22/2018 09:22 AM, Daniel Borkmann wrote:
>> On 08/22/2018 02:19 AM, Petar Penkov wrote:
>>> On Mon, Aug 20, 2018 at 1:52 PM, Alexei Starovoitov
>>> wrote:
>>>> On Thu, Aug 16,
On Mon, Aug 20, 2018 at 1:52 PM, Alexei Starovoitov
wrote:
> On Thu, Aug 16, 2018 at 09:44:20AM -0700, Petar Penkov wrote:
>> From: Petar Penkov
>>
>> This patch series hardens the RX stack by allowing flow dissection in BPF,
>> as previously discussed [1]. Because of
On Thu, Aug 16, 2018 at 3:40 PM, Song Liu wrote:
>
> On Thu, Aug 16, 2018 at 9:44 AM, Petar Penkov wrote:
> > From: Petar Penkov
> >
> > Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
> > attach type BPF_FLOW_DISSECTOR that is executed in the fl
From: Petar Penkov
Adds a hook for programs of type BPF_PROG_TYPE_FLOW_DISSECTOR and
attach type BPF_FLOW_DISSECTOR that is executed in the flow dissector
path. The BPF program is kept as a global variable so it is
accessible to all flow dissectors.
Signed-off-by: Petar Penkov
Signed-off-by
From: Petar Penkov
This eBPF program extracts basic/control/ip address/ports keys from
incoming packets. It supports recursive parsing for IP
encapsulation, MPLS, GUE, and VLAN, along with IPv4/IPv6 and extension
headers. This program is meant to show how flow dissection and key
extraction can
From: Petar Penkov
Adds a test that sends different types of packets over multiple
tunnels and verifies that valid packets are dissected correctly. To do
so, a tc-flower rule is added to drop packets on UDP src port 9, and
packets are sent from ports 8, 9, and 10. Only the packets on port 9
From: Petar Penkov
This patch series hardens the RX stack by allowing flow dissection in BPF,
as previously discussed [1]. Because of the rigorous checks of the BPF
verifier, this provides significant security guarantees. In particular, the
BPF flow dissector cannot get inside of an infinite
of these are explicit requirements for correct
operation in this mode.
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc: ppen...@stanford.edu
---
drivers/net/tun.c | 134
:
napi_gro_receive(): 4.90s
netif_rx_ni(): 4.90s
netif_receive_skb():7.20s
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc: ppen...@stanford.edu
---
drivers/net/tun.c | 133
IFF_TAP) are met before opening/attaching rather than after.
If they are not, change the behavior from discarding the
flag to rejecting the command with EINVAL.
Petar Penkov (2):
tun: enable NAPI for TUN/TAP driver
tun: enable napi_gro_frags() for TUN/TAP driver
drivers
On Fri, Sep 22, 2017 at 9:51 AM, Mahesh Bandewar (महेश बंडेवार)
wrote:
> On Fri, Sep 22, 2017 at 7:06 AM, Willem de Bruijn
> wrote:
>>> @@ -2061,6 +2174,9 @@ static int tun_set_iff(struct net *net, struct file
>>> *file, struct ifreq *ifr)
>>> if (tfile->detached)
>>> ret
of these are explicit requirements for correct
operation in this mode.
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc: ppen...@stanford.edu
---
drivers/net/tun.c | 131
IFF_NAPI_FRAGS to 0x0020 to accommodate for IFF_NAPI,
Require capable(CAP_NET_ADMIN) to set IFF_NAPI_FRAGS.
Petar Penkov (2):
tun: enable NAPI for TUN/TAP driver
tun: enable napi_gro_frags() for TUN/TAP driver
drivers/net/tun.c | 258
:
napi_gro_receive(): 4.90s
netif_rx_ni(): 4.90s
netif_receive_skb():7.20s
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc: ppen...@stanford.edu
---
drivers/net/tun.c | 133
On Tue, Sep 19, 2017 at 4:01 PM, David Miller wrote:
> From: Petar Penkov
> Date: Tue, 19 Sep 2017 00:34:00 -0700
>
>> The following patches address this by providing the user(syzkaller)
>> with the ability to send via napi_gro_receive() and napi_gro_frags().
>>
napi_gro_receive()
Patch 2/ Use NAPI skb and napi_gro_frags(), exercise flow
dissector, and allow custom skbs.
Petar Penkov (2):
tun: enable NAPI for TUN/TAP driver
tun: enable napi_gro_frags() for TUN/TAP driver
drivers/net/Kconfig | 8 ++
drivers/net/tun.c
.
This is imposed because this mode is intended for testing via tools like
syzkaller and packetdrill, and the increased flexibility it provides can
introduce security vulnerabilities.
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc
:
napi_gro_receive(): 4.90s
netif_rx_ni(): 4.90s
netif_receive_skb():7.20s
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc: ppen...@stanford.edu
---
drivers/net/Kconfig | 8
drivers
(), exercise flow dissector,
and allow custom skbs.
Petar Penkov (2):
tun: enable NAPI for TUN/TAP driver
tun: enable napi_gro_frags() for TUN/TAP driver
drivers/net/Kconfig | 8 ++
drivers/net/tun.c | 251 +---
include/uapi
.
This is imposed because this mode is intended for testing via tools like
syzkaller and packetdrill, and the increased flexibility it provides can
introduce security vulnerabilities.
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc
:
napi_gro_receive(): 4.90s
netif_rx_ni(): 4.90s
netif_receive_skb():7.20s
Signed-off-by: Petar Penkov
Cc: Eric Dumazet
Cc: Mahesh Bandewar
Cc: Willem de Bruijn
Cc: da...@davemloft.net
Cc: ppen...@stanford.edu
---
drivers/net/Kconfig | 8
drivers
82 matches
Mail list logo
