git.baikalelectronics.ru Git - kernel.git/commit

author	Maxim Mikityanskiy <maximmi@nvidia.com>
	Wed, 15 Jun 2022 13:48:44 +0000 (16:48 +0300)
committer	Alexei Starovoitov <ast@kernel.org>
	Fri, 17 Jun 2022 04:20:30 +0000 (21:20 -0700)
commit	331f6c2cc0c139f1edfadf75ed2027b2964b3241
tree	882637b6f7deb157f08d0e3b52e780aae6b793bc	tree \| snapshot
parent	6b39949bdadf79c334d86a4f11375564981b7648	commit \| diff

bpf: Add helpers to issue and check SYN cookies in XDP

The new helpers bpf_tcp_raw_{gen,check}_syncookie_ipv{4,6} allow an XDP
program to generate SYN cookies in response to TCP SYN packets and to
check those cookies upon receiving the first ACK packet (the final
packet of the TCP handshake).

Unlike bpf_tcp_{gen,check}_syncookie these new helpers don't need a
listening socket on the local machine, which allows to use them together
with synproxy to accelerate SYN cookie generation.

Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com>
Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
Link: https://lore.kernel.org/r/20220615134847.3753567-4-maximmi@nvidia.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/net/tcp.h		diff \| blob \| history
include/uapi/linux/bpf.h		diff \| blob \| history
net/core/filter.c		diff \| blob \| history
net/ipv4/tcp_input.c		diff \| blob \| history
scripts/bpf_doc.py		diff \| blob \| history
tools/include/uapi/linux/bpf.h		diff \| blob \| history