Re: [PATCH] net: remove check before __cgroup_bpf_run_filter_skb

From: Oliver Crumrine
Date: Fri Feb 09 2024 - 15:37:29 EST

Next message: Dave Hansen: "Re: [PATCH 2/2] x86/random: Issue a warning if RDRAND or RDSEED fails"
Previous message: Naik, Avadhut: "[PATCH 2/2] x86/MCE: Add command line option to extend MCE Records pool"
In reply to: Kui-Feng Lee: "Re: [PATCH] net: remove check before __cgroup_bpf_run_filter_skb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 09, 2024 at 11:00:09AM -0800, Stanislav Fomichev wrote:
> Maybe we should instead remove "(!sk || !sk_fullsock(sk))" check from
> __cgroup_bpf_run_filter_skb? BPF_CGROUP_RUN_PROG_INET_EGRESS makes
> care of all those corner conditions. We just need to add those checks to
> BPF_CGROUP_RUN_PROG_INET_INGRESS.
>
> Let me also CC Kui-Feng, he was touching this part recently in commit
> 223f5f79f2ce ("bpf, net: Check skb ownership against full socket.").

Completely agree with this -- it would be best from a performance
standpoint. I will send out a v2 of this patch in a few hours.

Next message: Dave Hansen: "Re: [PATCH 2/2] x86/random: Issue a warning if RDRAND or RDSEED fails"
Previous message: Naik, Avadhut: "[PATCH 2/2] x86/MCE: Add command line option to extend MCE Records pool"
In reply to: Kui-Feng Lee: "Re: [PATCH] net: remove check before __cgroup_bpf_run_filter_skb"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]