linux/net
Daniel Borkmann a5c90b29e5 act_bpf: properly support late binding of bpf action to a classifier
Since the introduction of the BPF action in d23b8ad8ab ("tc: add BPF
based action"), late binding was not working as expected. I.e. setting
the action part for a classifier only via 'bpf index <num>', where <num>
is the index of an existing action, is being rejected by the kernel due
to other missing parameters.

It doesn't make sense to require these parameters such as BPF opcodes
etc, as they are not going to be used anyway: in this case, they're just
allocated/parsed and then freed again w/o doing anything meaningful.

Instead, parse and verify the remaining parameters *after* the test on
tcf_hash_check(), when we really know that we're dealing with creation
of a new action or replacement of an existing one and where late binding
is thus irrelevant.

After patch, test case is now working:

  FOO="1,6 0 0 4294967295,"
  tc actions add action bpf bytecode "$FOO"
  tc filter add dev foo parent 1: bpf bytecode "$FOO" flowid 1:1 action bpf index 1
  tc actions show action bpf
    action order 0: bpf bytecode '1,6 0 0 4294967295' default-action pipe
    index 1 ref 2 bind 1
  tc filter show dev foo
    filter protocol all pref 49152 bpf
    filter protocol all pref 49152 bpf handle 0x1 flowid 1:1 bytecode '1,6 0 0 4294967295'
    action order 1: bpf bytecode '1,6 0 0 4294967295' default-action pipe
    index 1 ref 2 bind 1

Late binding of a BPF action can be useful for preloading maps (e.g. before
they hit traffic) in case of eBPF programs, or to share a single eBPF action
with multiple classifiers.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-08-03 16:05:56 -07:00
..
6lowpan 6lowpan: add request for ipv6 module 2015-07-23 17:10:48 +02:00
9p virtio/vhost: fixes for 4.2 2015-07-23 13:07:04 -07:00
802
8021q vlan: Add GRO support for non hardware accelerated vlan 2015-06-01 16:50:52 -07:00
appletalk
atm br2684: Remove unnecessary formatting macros b1 and bs 2015-07-31 15:25:52 -07:00
ax25 NET: AX.25: Stop heartbeat timer on disconnect. 2015-07-15 15:59:58 -07:00
batman-adv batman-adv: change the MAC of each VLAN upon ndo_set_mac_address 2015-06-07 17:07:20 +02:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
bridge bridge: mdb: add/del entry on all vlans if vlan_filter is enabled and vid is 0 2015-08-03 15:43:35 -07:00
caif caif: fix leaks and race in caif_queue_rcv_skb() 2015-07-21 00:02:44 -07:00
can can: replace timestamp as unique skb attribute 2015-07-12 21:13:22 +02:00
ceph libceph: treat sockaddr_storage with uninitialized family as blank 2015-07-09 20:30:34 +03:00
core ebpf: add skb->hash to offset map for usage in {cls, act}_bpf or filters 2015-08-02 17:20:47 -07:00
dcb
dccp tcp: fix recv with flags MSG_WAITALL | MSG_PEEK 2015-07-27 01:06:53 -07:00
decnet
dns_resolver
dsa net: dsa: Add netconsole support 2015-07-31 15:45:37 -07:00
ethernet net: Add full IPv6 addresses to flow_keys 2015-06-04 15:44:30 -07:00
hsr
ieee802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
ipv4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
ipv6 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
ipx
irda
iucv
key Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2015-06-24 16:49:49 -07:00
l2tp
lapb
llc tcp: fix recv with flags MSG_WAITALL | MSG_PEEK 2015-07-27 01:06:53 -07:00
mac80211 cfg80211: use RTNL locked reg_can_beacon for IR-relaxation 2015-07-17 15:02:02 +02:00
mac802154 mac802154: Fix memory corruption with global deferred transmit state. 2015-07-30 14:08:55 +02:00
mpls af_mpls: fix undefined reference to ip6_route_output 2015-07-31 15:21:30 -07:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
netlabel
netlink netlink: don't hold mutex in rcu callback when releasing mmapd ring 2015-07-21 22:22:56 -07:00
netrom netfilter: Remove spurios included of netfilter.h 2015-06-18 21:14:32 +02:00
nfc NFC: nci: fix mistake in uart generic driver 2015-06-15 18:10:37 +02:00
openvswitch openvswitch: Re-add CONFIG_OPENVSWITCH_VXLAN 2015-07-29 23:03:10 -07:00
packet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
phonet
rds Changes for 4.2-rc 2015-07-15 17:03:03 -07:00
rfkill net: rfkill: gpio: make better use of gpiod API 2015-05-29 13:13:45 +02:00
rose Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-24 02:58:51 -07:00
rxrpc
sched act_bpf: properly support late binding of bpf action to a classifier 2015-08-03 16:05:56 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-07-31 23:52:20 -07:00
sunrpc NFS client bugfixes for Linux 4.2 2015-07-28 09:37:44 -07:00
switchdev switchdev: add offload_fwd_mark generator helper 2015-07-20 18:32:44 -07:00
tipc ipv6: change ipv6_stub_impl.ipv6_dst_lookup to take net argument 2015-07-31 15:21:30 -07:00
unix net/unix: support SCM_SECURITY for stream sockets 2015-06-10 22:49:20 -07:00
vmw_vsock
wimax
wireless cfg80211: use RTNL locked reg_can_beacon for IR-relaxation 2015-07-17 15:02:02 +02:00
x25
xfrm xfrm: Fix a typo 2015-07-21 00:28:36 -07:00
compat.c
Kconfig lwtunnel: infrastructure for handling light weight tunnels like mpls 2015-07-21 10:39:03 -07:00
Makefile
socket.c
sysctl_net.c