1. 21 Dec, 2023 15 commits
  2. 20 Dec, 2023 16 commits
  3. 19 Dec, 2023 9 commits
    • Paolo Abeni's avatar
      Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next · 1728df7f
      Paolo Abeni authored
      Daniel Borkmann says:
      
      ====================
      pull-request: bpf-next 2023-12-19
      
      Hi David, hi Jakub, hi Paolo, hi Eric,
      
      The following pull-request contains BPF updates for your *net-next* tree.
      
      We've added 2 non-merge commits during the last 1 day(s) which contain
      a total of 40 files changed, 642 insertions(+), 2926 deletions(-).
      
      The main changes are:
      
      1) Revert all of BPF token-related patches for now as per list discussion [0],
         from Andrii Nakryiko.
      
         [0] https://lore.kernel.org/bpf/CAHk-=wg7JuFYwGy=GOMbRCtOL+jwSQsdUaBsRWkDVYbxipbM5A@mail.gmail.com
      
      2) Fix a syzbot-reported use-after-free read in nla_find() triggered from
         bpf_skb_get_nlattr_nest() helper, from Jakub Kicinski.
      
      bpf-next-for-netdev
      
      * tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next:
        Revert BPF token-related functionality
        bpf: Use nla_ok() instead of checking nla_len directly
      ====================
      
      Link: https://lore.kernel.org/r/20231219170359.11035-1-daniel@iogearbox.netSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      1728df7f
    • Andrii Nakryiko's avatar
      Revert BPF token-related functionality · d17aff80
      Andrii Nakryiko authored
      This patch includes the following revert (one  conflicting BPF FS
      patch and three token patch sets, represented by merge commits):
        - revert 0f5d5454 "Merge branch 'bpf-fs-mount-options-parsing-follow-ups'";
        - revert 750e7857 "bpf: Support uid and gid when mounting bpffs";
        - revert 73376328 "Merge branch 'bpf-token-support-in-libbpf-s-bpf-object'";
        - revert c35919dc "Merge branch 'bpf-token-and-bpf-fs-based-delegation'".
      
      Link: https://lore.kernel.org/bpf/CAHk-=wg7JuFYwGy=GOMbRCtOL+jwSQsdUaBsRWkDVYbxipbM5A@mail.gmail.comSigned-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      d17aff80
    • Paolo Abeni's avatar
      Merge branch 'devlink-introduce-notifications-filtering' · 62ed78f3
      Paolo Abeni authored
      Jiri Pirko says:
      
      ====================
      devlink: introduce notifications filtering
      
      From: Jiri Pirko <jiri@nvidia.com>
      
      Currently the user listening on a socket for devlink notifications
      gets always all messages for all existing devlink instances and objects,
      even if he is interested only in one of those. That may cause
      unnecessary overhead on setups with thousands of instances present.
      
      User is currently able to narrow down the devlink objects replies
      to dump commands by specifying select attributes.
      
      Allow similar approach for notifications providing user a new
      notify-filter-set command to select attributes with values
      the notification message has to match. In that case, it is delivered
      to the socket.
      
      Note that the filtering is done per-socket, so multiple users may
      specify different selection of attributes with values.
      
      This patchset initially introduces support for following attributes:
      DEVLINK_ATTR_BUS_NAME
      DEVLINK_ATTR_DEV_NAME
      DEVLINK_ATTR_PORT_INDEX
      
      Patches #1 - #4 are preparations in devlink code, patch #3 is
                      an optimization done on the way.
      Patches #5 - #7 are preparations in netlink and generic netlink code.
      Patch #8 is the main one in this set implementing of
               the notify-filter-set command and the actual
               per-socket filtering.
      Patch #9 extends the infrastructure allowing to filter according
               to a port index.
      
      Example:
      $ devlink mon port pci/0000:08:00.0/32768
      [port,new] pci/0000:08:00.0/32768: type notset flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      [port,new] pci/0000:08:00.0/32768: type eth flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      [port,new] pci/0000:08:00.0/32768: type eth netdev eth3 flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      [port,new] pci/0000:08:00.0/32768: type eth netdev eth3 flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      [port,new] pci/0000:08:00.0/32768: type eth flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      [port,new] pci/0000:08:00.0/32768: type notset flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      [port,del] pci/0000:08:00.0/32768: type notset flavour pcisf controller 0 pfnum 0 sfnum 107 splittable false
        function:
          hw_addr 00:00:00:00:00:00 state inactive opstate detached roce enable
      ====================
      
      Link: https://lore.kernel.org/r/20231216123001.1293639-1-jiri@resnulli.usSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      62ed78f3
    • Jiri Pirko's avatar
      devlink: extend multicast filtering by port index · ded6f77c
      Jiri Pirko authored
      Expose the previously introduced notification multicast messages
      filtering infrastructure and allow the user to select messages using
      port index.
      Signed-off-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      ded6f77c
    • Jiri Pirko's avatar
      devlink: add a command to set notification filter and use it for multicasts · 13b127d2
      Jiri Pirko authored
      Currently the user listening on a socket for devlink notifications
      gets always all messages for all existing instances, even if he is
      interested only in one of those. That may cause unnecessary overhead
      on setups with thousands of instances present.
      
      User is currently able to narrow down the devlink objects replies
      to dump commands by specifying select attributes.
      
      Allow similar approach for notifications. Introduce a new devlink
      NOTIFY_FILTER_SET which the user passes the select attributes. Store
      these per-socket and use them for filtering messages
      during multicast send.
      Signed-off-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      13b127d2
    • Jiri Pirko's avatar
      genetlink: introduce helpers to do filtered multicast · 971b4ad8
      Jiri Pirko authored
      Currently it is possible for netlink kernel user to pass custom
      filter function to broadcast send function netlink_broadcast_filtered().
      However, this is not exposed to multicast send and to generic
      netlink users.
      
      Extend the api and introduce a netlink helper nlmsg_multicast_filtered()
      and a generic netlink helper genlmsg_multicast_netns_filtered()
      to allow generic netlink families to specify filter function
      while sending multicast messages.
      Signed-off-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      971b4ad8
    • Jiri Pirko's avatar
      netlink: introduce typedef for filter function · 403863e9
      Jiri Pirko authored
      Make the code using filter function a bit nicer by consolidating the
      filter function arguments using typedef.
      Suggested-by: default avatarAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      Signed-off-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      403863e9
    • Jiri Pirko's avatar
      genetlink: introduce per-sock family private storage · a7311324
      Jiri Pirko authored
      Introduce an xarray for Generic netlink family to store per-socket
      private. Initialize this xarray only if family uses per-socket privs.
      
      Introduce genl_sk_priv_get() to get the socket priv pointer for a family
      and initialize it in case it does not exist.
      Introduce __genl_sk_priv_get() to obtain socket priv pointer for a
      family under RCU read lock.
      
      Allow family to specify the priv size, init() and destroy() callbacks.
      Signed-off-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      a7311324
    • Jiri Pirko's avatar
      devlink: introduce a helper for netlink multicast send · 5648de0b
      Jiri Pirko authored
      Introduce a helper devlink_nl_notify_send() so each object notification
      function does not have to call genlmsg_multicast_netns() with the same
      arguments.
      Signed-off-by: default avatarJiri Pirko <jiri@nvidia.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      5648de0b