Re: [PATCH bpf-next v2 0/2] bpf: Guard conntrack opts error writes

Next message: Dave Chinner: "Re: [PATCH v6 1/2] mm: Introduce opportunistic_compaction concept to vmscan and shrinkers"
Previous message: Ganesh Harshan: "[PATCH] staging: rtl8723bs: fix timer rescheduling in rtw_cmd callbacks"
In reply to: Yiyang Chen: "[PATCH bpf-next v2 2/2] selftests/bpf: Cover small conntrack opts error writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: patchwork-bot+netdevbpf

Date: Mon Jun 22 2026 - 19:10:33 EST

Hello:

This series was applied to bpf/bpf.git (master)
by Alexei Starovoitov <ast@xxxxxxxxxx>:

On Thu, 18 Jun 2026 10:18:42 +0000 you wrote:
> The conntrack lookup/allocation kfuncs expose an opts/opts__sz pair.
> The verifier checks the caller-provided opts__sz range, but the wrappers
> currently write opts->error after internal errors even when opts__sz is too
> small to include that field.
>
> Patch 1 writes opts->error only when opts__sz includes it, and uses a
> single helper to fold ERR_PTR returns into the kfunc ABI result while keeping
> the local nfct result variable in each wrapper.
> Patch 2 adds a bpf_nf regression check that keeps a guard in opts->error
> while passing opts__sz covering only netns_id.
>
> [...]

Here is the summary with links:
- [bpf-next,v2,1/2] bpf: Guard conntrack opts error writes
https://git.kernel.org/bpf/bpf/c/6f6183a39533
- [bpf-next,v2,2/2] selftests/bpf: Cover small conntrack opts error writes
https://git.kernel.org/bpf/bpf/c/38ba6d43af38

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html