On Thu, Jan 4, 2018 at 8:28 AM, Jason Wang wrote:
>
>
> On 2018年01月02日 17:19, Willem de Bruijn wrote:
More importantly, should this program just return a boolean pass or
drop. Taking a length and trimming may introduce bugs later on if the
stack parses the packet unconditionall
On 2018年01月02日 17:19, Willem de Bruijn wrote:
More importantly, should this program just return a boolean pass or
drop. Taking a length and trimming may introduce bugs later on if the
stack parses the packet unconditionally, expecting a minimum size
to be present.
This was the reason for intro
On 2018年01月02日 17:19, Willem de Bruijn wrote:
More importantly, should this program just return a boolean pass or
drop. Taking a length and trimming may introduce bugs later on if the
stack parses the packet unconditionally, expecting a minimum size
to be present.
This was the reason for intro
>>> /* Net device start xmit */
>>> static netdev_tx_t tun_net_xmit(struct sk_buff *skb, struct net_device
>>> *dev)
>>> {
>>> struct tun_struct *tun = netdev_priv(dev);
>>> int txq = skb->queue_mapping;
>>> struct tun_file *tfile;
>>> + int len = skb->len;
>>
On 2017年12月31日 18:14, Willem de Bruijn wrote:
On Fri, Dec 29, 2017 at 3:44 AM, Jason Wang wrote:
This patch allows userspace to attach eBPF filter to tun. This will
allow to implement VM dataplane filtering in a more efficient way
compared to cBPF filter.
Is the idea to allow the trusted hyp
On Fri, Dec 29, 2017 at 3:44 AM, Jason Wang wrote:
> This patch allows userspace to attach eBPF filter to tun. This will
> allow to implement VM dataplane filtering in a more efficient way
> compared to cBPF filter.
Is the idea to allow the trusted hypervisor to install these programs,
or the unt
This patch allows userspace to attach eBPF filter to tun. This will
allow to implement VM dataplane filtering in a more efficient way
compared to cBPF filter.
Signed-off-by: Jason Wang
---
drivers/net/tun.c | 26 ++
include/uapi/linux/if_tun.h | 1 +
2 files ch
