git.baikalelectronics.ru Git - kernel.git/commit

author	Maxim Mikityanskiy <maximmi@nvidia.com>
	Wed, 15 Jun 2022 13:48:44 +0000 (16:48 +0300)
committer	Alexei Starovoitov <ast@kernel.org>
	Fri, 17 Jun 2022 04:20:30 +0000 (21:20 -0700)
commit	d0217e55faa1e89c98d637d0f5247dfc9832082c
tree	882637b6f7deb157f08d0e3b52e780aae6b793bc	tree \| snapshot
parent	4087fc626e5bc04d61dfc390854161c6de8e96f5	commit \| diff

bpf: Add helpers to issue and check SYN cookies in XDP

The new helpers bpf_tcp_raw_{gen,check}_syncookie_ipv{4,6} allow an XDP
program to generate SYN cookies in response to TCP SYN packets and to
check those cookies upon receiving the first ACK packet (the final
packet of the TCP handshake).

Unlike bpf_tcp_{gen,check}_syncookie these new helpers don't need a
listening socket on the local machine, which allows to use them together
with synproxy to accelerate SYN cookie generation.

Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com>
Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
Link: https://lore.kernel.org/r/20220615134847.3753567-4-maximmi@nvidia.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/net/tcp.h		diff \| blob \| history
include/uapi/linux/bpf.h		diff \| blob \| history
net/core/filter.c		diff \| blob \| history
net/ipv4/tcp_input.c		diff \| blob \| history
scripts/bpf_doc.py		diff \| blob \| history
tools/include/uapi/linux/bpf.h		diff \| blob \| history