diff options
author | Alexei Starovoitov <ast@kernel.org> | 2019-03-21 18:59:11 -0700 |
---|---|---|
committer | Alexei Starovoitov <ast@kernel.org> | 2019-03-21 18:59:12 -0700 |
commit | 2569473816a9ade34c2ba051118337b2d69007df (patch) | |
tree | 7121a9eaa84868932fd2b124ac432e4424d17eeb /samples | |
parent | 48e5d98a0eb1e4cec308ed63444a505a7e7dd9e3 (diff) | |
parent | bafc0ba8261e36e36b0b1e851749fd3712a2a6f4 (diff) | |
download | linux-2569473816a9ade34c2ba051118337b2d69007df.tar.bz2 |
Merge branch 'bpf_tcp_check_syncookie'
Lorenz Bauer says:
====================
This series adds the necessary helpers to determine wheter a given
(encapsulated) TCP packet belongs to a connection known to the network stack.
* bpf_skc_lookup_tcp gives access to request and timewait sockets
* bpf_tcp_check_syncookie identifies the final 3WHS ACK when syncookies
are enabled
The goal is to be able to implement load-balancing approaches like
glb-director [1] or Beamer [2] in pure eBPF. Specifically, we'd like to replace
the functionality of the glb-redirect kernel module [3] by an XDP program or
tc classifier.
Changes in v3:
* Fix missing check for ip4->ihl
* Only cast to unsigned long in BPF_CALLs
Changes in v2:
* Rename bpf_sk_check_syncookie to bpf_tcp_check_syncookie.
* Add bpf_skc_lookup_tcp. Without it bpf_tcp_check_syncookie doesn't make sense.
* Check tcp_synq_no_recent_overflow() in bpf_tcp_check_syncookie.
* Check th->syn in bpf_tcp_check_syncookie.
* Require CONFIG_IPV6 to be a built in.
1: https://github.com/github/glb-director
2: https://www.usenix.org/conference/nsdi18/presentation/olteanu
3: https://github.com/github/glb-director/tree/master/src/glb-redirect
====================
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'samples')
0 files changed, 0 insertions, 0 deletions