All of lore.kernel.org
 help / color / mirror / Atom feed

From: Lorenz Bauer <lmb@cloudflare.com>
To: kafai@fb.com, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	John Fastabend <john.fastabend@gmail.com>,
	Jakub Sitnicki <jakub@cloudflare.com>,
	Lorenz Bauer <lmb@cloudflare.com>,
	"David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>
Cc: kernel-team@cloudflare.com, netdev@vger.kernel.org,
	bpf@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH bpf-next v2 1/4] bpf: sockmap: enable map_update_elem from bpf_iter
Date: Mon, 28 Sep 2020 10:08:02 +0100	[thread overview]
Message-ID: <20200928090805.23343-2-lmb@cloudflare.com> (raw)
In-Reply-To: <20200928090805.23343-1-lmb@cloudflare.com>

Allow passing a pointer to a BTF struct sock_common* when updating
a sockmap or sockhash. Since BTF pointers can fault and therefore be
NULL at runtime we need to add an additional !sk check to
sock_map_update_elem. Since we may be passed a request or timewait
socket we also need to check sk_fullsock. Doing this allows calling
map_update_elem on sockmap from bpf_iter context, which uses
BTF pointers.

Signed-off-by: Lorenz Bauer <lmb@cloudflare.com>
---
 kernel/bpf/verifier.c | 2 +-
 net/core/sock_map.c   | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index b25ba989c2dc..cc9c90d74dc1 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -3943,7 +3943,7 @@ static int resolve_map_arg_type(struct bpf_verifier_env *env,
 	case BPF_MAP_TYPE_SOCKMAP:
 	case BPF_MAP_TYPE_SOCKHASH:
 		if (*arg_type == ARG_PTR_TO_MAP_VALUE) {
-			*arg_type = ARG_PTR_TO_SOCKET;
+			*arg_type = ARG_PTR_TO_BTF_ID_SOCK_COMMON;
 		} else {
 			verbose(env, "invalid arg_type for sockmap/sockhash\n");
 			return -EINVAL;
diff --git a/net/core/sock_map.c b/net/core/sock_map.c
index e1f05e3fa1d0..08bc86f51593 100644
--- a/net/core/sock_map.c
+++ b/net/core/sock_map.c
@@ -610,6 +610,9 @@ static int sock_map_update_elem(struct bpf_map *map, void *key,
 	struct sock *sk = (struct sock *)value;
 	int ret;
 
+	if (unlikely(!sk || !sk_fullsock(sk)))
+		return -EINVAL;
+
 	if (!sock_map_sk_is_suitable(sk))
 		return -EOPNOTSUPP;
 
-- 
2.25.1

next prev parent reply	other threads:[~2020-09-28  9:08 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-28  9:08 [PATCH bpf-next v2 0/4] Sockmap copying Lorenz Bauer
2020-09-28  9:08 ` Lorenz Bauer [this message]
2020-09-29  5:35   ` [PATCH bpf-next v2 1/4] bpf: sockmap: enable map_update_elem from bpf_iter Martin KaFai Lau
2020-09-28  9:08 ` [PATCH bpf-next v2 2/4] selftests: bpf: Add helper to compare socket cookies Lorenz Bauer
2020-09-29  5:59   ` Martin KaFai Lau
2020-09-29 15:48     ` Alexei Starovoitov
2020-09-30  9:28       ` Lorenz Bauer
2020-10-01  7:23         ` Alexei Starovoitov
2020-10-01 17:09           ` Andrii Nakryiko
2020-10-01 17:11             ` Alexei Starovoitov
2020-10-02 10:08               ` Lorenz Bauer
2020-09-28  9:08 ` [PATCH bpf-next v2 3/4] selftests: bpf: remove shared header from sockmap iter test Lorenz Bauer
2020-09-28  9:08 ` [PATCH bpf-next v2 4/4] selftest: bpf: Test copying a sockmap and sockhash Lorenz Bauer
2020-09-29  6:06   ` Martin KaFai Lau
2020-09-29  9:21     ` Lorenz Bauer
2020-09-29 17:23       ` Martin KaFai Lau
2020-09-30  9:37         ` Lorenz Bauer

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:b25ba989c2d dfblob:e1f05e3fa1d dfblob:cc9c90d74dc
dfblob:08bc86f5159
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200928090805.23343-2-lmb@cloudflare.com \
    --to=lmb@cloudflare.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=davem@davemloft.net \
    --cc=jakub@cloudflare.com \
    --cc=john.fastabend@gmail.com \
    --cc=kafai@fb.com \
    --cc=kernel-team@cloudflare.com \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.