Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-29 Thread Daniel Borkmann
On 06/28/2017 07:45 PM, Lawrence Brakmo wrote: [...] Daniel, thank you for the feedback. I just submitted a new patch set without the global program and using bpf cgroups framework. Awesome, thanks for working on it!

Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-28 Thread Lawrence Brakmo
On 6/23/17, 2:15 PM, "Daniel Borkmann" wrote: On 06/23/2017 01:57 AM, Lawrence Brakmo wrote: > On 6/22/17, 4:19 PM, "netdev-ow...@vger.kernel.org on behalf of Daniel Borkmann" wrote: > > On 06/23/2017 12:58 AM, Lawrence Brakmo wrote: > [...] > > Daniel, I

Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-23 Thread Daniel Borkmann
On 06/23/2017 01:57 AM, Lawrence Brakmo wrote: On 6/22/17, 4:19 PM, "netdev-ow...@vger.kernel.org on behalf of Daniel Borkmann" wrote: On 06/23/2017 12:58 AM, Lawrence Brakmo wrote: [...] > Daniel, I see value for having a global program, so I would like to keep that. When

Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-22 Thread Lawrence Brakmo
On 6/22/17, 4:19 PM, "netdev-ow...@vger.kernel.org on behalf of Daniel Borkmann" wrote: On 06/23/2017 12:58 AM, Lawrence Brakmo wrote: [...] > Daniel, I see value for having a global program, so I would like to keep that. When > this patchset is accepted, I will submit one tha

Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-22 Thread Daniel Borkmann
On 06/23/2017 12:58 AM, Lawrence Brakmo wrote: [...] Daniel, I see value for having a global program, so I would like to keep that. When this patchset is accepted, I will submit one that adds support for per cgroup sock_ops programs, with the option to use the global one if none is specified for

Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-22 Thread Lawrence Brakmo
On 6/22/17, 3:41 PM, "Daniel Borkmann" wrote: On 06/20/2017 05:00 AM, Lawrence Brakmo wrote: [...] > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h > index f94b48b..861dbe9 100644 > --- a/include/uapi/linux/bpf.h > +++ b/include/uapi/linux/bpf.h > @@

Re: [PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-22 Thread Daniel Borkmann
On 06/20/2017 05:00 AM, Lawrence Brakmo wrote: [...] diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index f94b48b..861dbe9 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -120,12 +120,14 @@ enum bpf_prog_type { BPF_PROG_TYPE_LWT_IN, BPF_PR

[PATCH net-next v3 01/15] bpf: BPF support for sock_ops

2017-06-19 Thread Lawrence Brakmo
Created a new BPF program type, BPF_PROG_TYPE_SOCK_OPS, and a corresponding struct that allows BPF programs of this type to access some of the socket's fields (such as IP addresses, ports, etc.). Currently there is functionality to load one global BPF program of this type which can be called at app