Udip Pant says:
====================
This patch series adds changes in verifier to make decisions such as granting
of read / write access or enforcement of return code status based on
the program type of the target program while using dynamic program
extension (of type BPF_PROG_TYPE_EXT).
The BPF_PROG_TYPE_EXT type can be used to extend types such as XDP, SKB
and others. Since the BPF_PROG_TYPE_EXT program type on itself is just a
placeholder for those, we need this extended check for those extended
programs to actually work with proper access, while using this option.
Patch #1 includes changes in the verifier.
Patch #2 adds selftests to verify write access on a packet for a valid
extension program type
Patch #3 adds selftests to verify proper check for the return code
Patch #4 adds selftests to ensure access permissions and restrictions
for some map types such sockmap.
Changelogs:
v2 -> v3:
* more comprehensive resolution of the program type in the verifier
based on the target program (and not just for the packet access)
* selftests for checking return code and map access
* Also moved this patch to 'bpf-next' from 'bpf' tree
v1 -> v2:
* extraction of the logic to resolve prog type into a separate method
* selftests to check for packet access for a valid freplace prog
====================
Acked-by: Yonghong Song <yhs@fb.com>
Acked-by: Toke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>