linux/net/sched
Daniel Borkmann 7bd509e311 bpf: add prog_digest and expose it via fdinfo/netlink
When loading a BPF program via bpf(2), calculate the digest over
the program's instruction stream and store it in struct bpf_prog's
digest member. This is done at a point in time before any instructions
are rewritten by the verifier. Any unstable map file descriptor
number part of the imm field will be zeroed for the hash.

fdinfo example output for progs:

  # cat /proc/1590/fdinfo/5
  pos:          0
  flags:        02000002
  mnt_id:       11
  prog_type:    1
  prog_jited:   1
  prog_digest:  b27e8b06da22707513aa97363dfb11c7c3675d28
  memlock:      4096

When programs are pinned and retrieved by an ELF loader, the loader
can check the program's digest through fdinfo and compare it against
one that was generated over the ELF file's program section to see
if the program needs to be reloaded. Furthermore, this can also be
exposed through other means such as netlink in case of a tc cls/act
dump (or xdp in future), but also through tracepoints or other
facilities to identify the program. Other than that, the digest can
also serve as a base name for the work in progress kallsyms support
of programs. The digest doesn't depend/select the crypto layer, since
we need to keep dependencies to a minimum. iproute2 will get support
for this facility.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-12-05 15:33:11 -05:00
..
act_api.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
act_bpf.c bpf: add prog_digest and expose it via fdinfo/netlink 2016-12-05 15:33:11 -05:00
act_connmark.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_csum.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_gact.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_ife.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_ipt.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_meta_mark.c Support to encoding decoding skb mark on IFE action 2016-03-01 17:15:23 -05:00
act_meta_skbprio.c Support to encoding decoding skb prio on IFE action 2016-03-01 17:15:23 -05:00
act_meta_skbtcindex.c net sched ife action: Introduce skb tcindex metadata encap decap 2016-09-19 21:55:28 -04:00
act_mirred.c act_mirred: fix a typo in get_dev 2016-12-03 19:28:02 -05:00
act_nat.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_pedit.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-12-03 12:29:53 -05:00
act_police.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
act_simple.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_skbedit.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_skbmod.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_tunnel_key.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
act_vlan.c netns: make struct pernet_operations::id unsigned int 2016-11-18 10:59:15 -05:00
cls_api.c net/sched: cls_flower: Add offload support using egress Hardware device 2016-12-02 13:28:37 -05:00
cls_basic.c net, sched: respect rcu grace period on cls destruction 2016-11-28 10:47:35 -05:00
cls_bpf.c bpf: add prog_digest and expose it via fdinfo/netlink 2016-12-05 15:33:11 -05:00
cls_cgroup.c net, sched: respect rcu grace period on cls destruction 2016-11-28 10:47:35 -05:00
cls_flow.c net, sched: respect rcu grace period on cls destruction 2016-11-28 10:47:35 -05:00
cls_flower.c net/sched: cls_flower: Set the filter Hardware device for all use-cases 2016-12-05 15:06:58 -05:00
cls_fw.c net sched: stylistic cleanups 2016-09-19 22:04:14 -04:00
cls_matchall.c net, sched: respect rcu grace period on cls destruction 2016-11-28 10:47:35 -05:00
cls_route.c net_sched: check NULL on error path in route4_change() 2016-09-23 06:51:49 -04:00
cls_rsvp6.c
cls_rsvp.c
cls_rsvp.h net, sched: respect rcu grace period on cls destruction 2016-11-28 10:47:35 -05:00
cls_tcindex.c net, sched: respect rcu grace period on cls destruction 2016-11-28 10:47:35 -05:00
cls_u32.c net sched: stylistic cleanups 2016-09-19 22:04:14 -04:00
em_canid.c net: sched: remove tcf_proto from ematch calls 2014-10-06 18:02:32 -04:00
em_cmp.c
em_ipset.c netfilter: x_tables: move hook state into xt_action_param structure 2016-11-03 10:56:21 +01:00
em_meta.c net/sched: em_meta: Fix 'meta vlan' to correctly recognize zero VID frames 2016-10-23 17:31:25 -04:00
em_nbyte.c net: sched: remove tcf_proto from ematch calls 2014-10-06 18:02:32 -04:00
em_text.c net: Remove state argument from skb_find_text() 2015-02-22 15:59:54 -05:00
em_u32.c
ematch.c ematch: Fix auto-loading of ematch modules. 2015-02-20 15:30:56 -05:00
Kconfig net sched ife action: Introduce skb tcindex metadata encap decap 2016-09-19 21:55:28 -04:00
Makefile net sched ife action: Introduce skb tcindex metadata encap decap 2016-09-19 21:55:28 -04:00
sch_api.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_atm.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_blackhole.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_cbq.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_choke.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_codel.c sched: replace __skb_dequeue with __qdisc_dequeue_head 2016-09-19 01:47:18 -04:00
sch_drr.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_dsmark.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_fifo.c sched: don't use skb queue helpers 2016-09-19 01:47:18 -04:00
sch_fq_codel.c net_sched: fq_codel: cache skb->truesize into skb->cb 2016-06-25 12:19:35 -04:00
sch_fq.c net_sched: sch_fq: use hash_ptr() 2016-11-17 13:28:56 -05:00
sch_generic.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_gred.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_hfsc.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_hhf.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_htb.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_ingress.c net: sched: fix tc_should_offload for specific clsact classes 2016-06-07 16:59:53 -07:00
sch_mq.c net: sched: convert qdisc linked list to hashtable 2016-08-10 17:19:02 -07:00
sch_mqprio.c net: sched: convert qdisc linked list to hashtable 2016-08-10 17:19:02 -07:00
sch_multiq.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_netem.c sched: add and use qdisc_skb_head helpers 2016-09-19 01:47:18 -04:00
sch_pie.c sched: replace __skb_dequeue with __qdisc_dequeue_head 2016-09-19 01:47:18 -04:00
sch_plug.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_prio.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-06-30 05:03:36 -04:00
sch_qfq.c net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00
sch_red.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_sfb.c sch_sfb: keep backlog updated with qlen 2016-09-23 06:52:31 -04:00
sch_sfq.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_tbf.c net_sched: drop packets after root qdisc lock is released 2016-06-25 12:19:35 -04:00
sch_teql.c net: use core MTU range checking in core net infra 2016-10-20 14:51:09 -04:00