-
Notifications
You must be signed in to change notification settings - Fork 2.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bpf: reduce complexity of logic to handle IPv4 fragments
Refactor the logic to handle IPv4 fragments to have only a single call to `ctx_load_bytes()` in order to load the l4 ports tuple. This change fixes a complexity issue in 5.4 kernels which prevents the BPF program from being loaded by the verifier as it would reach the maximum amount of instructions that can be processed. Signed-off-by: Gilberto Bertin <gilberto@isovalent.com>
- Loading branch information
Showing
3 changed files
with
44 additions
and
49 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters