From: John Fastabend <john.fastabend@gmail.com>
To: Jakub Sitnicki <jakub@cloudflare.com>, bpf@vger.kernel.org
Cc: John Fastabend <john.fastabend@gmail.com>,
Martin KaFai Lau <kafai@fb.com>,
netdev@vger.kernel.org, kernel-team@cloudflare.com
Subject: RE: [RFC bpf-next 2/5] bpf, sockmap: Allow inserting listening TCP sockets into SOCKMAP
Date: Thu, 24 Oct 2019 10:06:40 -0700 [thread overview]
Message-ID: <5db1da20174b1_5c282ada047205c046@john-XPS-13-9370.notmuch> (raw)
In-Reply-To: <20191022113730.29303-3-jakub@cloudflare.com>
Jakub Sitnicki wrote:
> In order for SOCKMAP type to become a generic collection for storing socket
> references we need to loosen the checks in update callback.
>
> Currently SOCKMAP requires the TCP socket to be in established state, which
> prevents us from using it to keep references to listening sockets.
>
> Change the update pre-checks so that it is sufficient for socket to be in a
> hash table, i.e. have a local address/port, to be inserted.
>
> Return -EINVAL if the condition is not met to be consistent with
> REUSEPORT_SOCKARRY map type.
>
> Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com>
> ---
We need to also have some tests then to verify redirecting to this listen socket
does the correct thing. Once its in the map we can redirect (ingress or egress)
to it and need to be sure the semantics are sane.
> net/core/sock_map.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/net/core/sock_map.c b/net/core/sock_map.c
> index facacc296e6c..222036393b90 100644
> --- a/net/core/sock_map.c
> +++ b/net/core/sock_map.c
> @@ -415,11 +415,14 @@ static int sock_map_update_elem(struct bpf_map *map, void *key,
> ret = -EINVAL;
> goto out;
> }
> - if (!sock_map_sk_is_suitable(sk) ||
> - sk->sk_state != TCP_ESTABLISHED) {
> + if (!sock_map_sk_is_suitable(sk)) {
> ret = -EOPNOTSUPP;
> goto out;
> }
> + if (!sk_hashed(sk)) {
> + ret = -EINVAL;
> + goto out;
> + }
>
> sock_map_sk_acquire(sk);
> ret = sock_map_update_common(map, idx, sk, flags);
> --
> 2.20.1
>
next prev parent reply other threads:[~2019-10-24 17:06 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-22 11:37 [RFC bpf-next 0/5] Extend SOCKMAP to store listening sockets Jakub Sitnicki
2019-10-22 11:37 ` [RFC bpf-next 1/5] bpf, sockmap: Let BPF helpers use lookup operation on SOCKMAP Jakub Sitnicki
2019-10-24 16:59 ` John Fastabend
2019-10-22 11:37 ` [RFC bpf-next 2/5] bpf, sockmap: Allow inserting listening TCP sockets into SOCKMAP Jakub Sitnicki
2019-10-24 17:06 ` John Fastabend [this message]
2019-10-25 9:41 ` Jakub Sitnicki
2019-10-22 11:37 ` [RFC bpf-next 3/5] bpf, sockmap: Don't let child socket inherit psock or its ops on copy Jakub Sitnicki
2019-10-22 11:37 ` [RFC bpf-next 4/5] bpf: Allow selecting reuseport socket from a SOCKMAP Jakub Sitnicki
2019-10-22 11:37 ` [RFC bpf-next 5/5] selftests/bpf: Extend SK_REUSEPORT tests to cover SOCKMAP Jakub Sitnicki
2019-10-24 16:12 ` [RFC bpf-next 0/5] Extend SOCKMAP to store listening sockets Alexei Starovoitov
2019-10-24 16:56 ` John Fastabend
2019-10-25 9:26 ` Jakub Sitnicki
2019-10-25 14:18 ` John Fastabend
2019-10-28 5:52 ` Martin Lau
2019-10-28 12:35 ` Jakub Sitnicki
2019-10-28 19:04 ` John Fastabend
2019-10-29 8:56 ` Jakub Sitnicki
2019-10-28 20:42 ` Martin Lau
2019-10-28 21:05 ` John Fastabend
2019-10-28 21:38 ` Martin Lau
2019-10-29 8:52 ` Jakub Sitnicki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5db1da20174b1_5c282ada047205c046@john-XPS-13-9370.notmuch \
--to=john.fastabend@gmail.com \
--cc=bpf@vger.kernel.org \
--cc=jakub@cloudflare.com \
--cc=kafai@fb.com \
--cc=kernel-team@cloudflare.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).