From: Breno Leitao <leitao@debian.org>
To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com,
willemdebruijn.kernel@gmail.com, martin.lau@linux.dev,
krisman@suse.de, Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
John Fastabend <john.fastabend@gmail.com>,
Andrii Nakryiko <andrii@kernel.org>, Song Liu <song@kernel.org>,
Yonghong Song <yonghong.song@linux.dev>,
KP Singh <kpsingh@kernel.org>, Hao Luo <haoluo@google.com>,
Jiri Olsa <jolsa@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>
Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org, io-uring@vger.kernel.org
Subject: [PATCH v4 02/10] bpf: Leverage sockptr_t in BPF setsockopt hook
Date: Mon, 4 Sep 2023 09:24:55 -0700 [thread overview]
Message-ID: <20230904162504.1356068-3-leitao@debian.org> (raw)
In-Reply-To: <20230904162504.1356068-1-leitao@debian.org>
Change BPF setsockopt hook (__cgroup_bpf_run_filter_setsockopt()) to use
sockptr instead of user pointers. This brings flexibility to the
function, since it could be called with userspace or kernel pointers.
This change will allow the creation of a core sock_setsockopt, called
do_sock_setsockopt(), which will be called from both the system call path
and by io_uring command.
This also aligns with the getsockopt() counterpart, which is now using
sockptr_t universal pointer.
Signed-off-by: Breno Leitao <leitao@debian.org>
---
include/linux/bpf-cgroup.h | 2 +-
kernel/bpf/cgroup.c | 5 +++--
net/socket.c | 2 +-
3 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h
index f5b4fb6ed8c6..cecfe8c99f28 100644
--- a/include/linux/bpf-cgroup.h
+++ b/include/linux/bpf-cgroup.h
@@ -137,7 +137,7 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head,
enum cgroup_bpf_attach_type atype);
int __cgroup_bpf_run_filter_setsockopt(struct sock *sock, int *level,
- int *optname, char __user *optval,
+ int *optname, sockptr_t optval,
int *optlen, char **kernel_optval);
int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level,
diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c
index ebc8c58f7e46..f0dedd4f7f2e 100644
--- a/kernel/bpf/cgroup.c
+++ b/kernel/bpf/cgroup.c
@@ -1785,7 +1785,7 @@ static bool sockopt_buf_allocated(struct bpf_sockopt_kern *ctx,
}
int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level,
- int *optname, char __user *optval,
+ int *optname, sockptr_t optval,
int *optlen, char **kernel_optval)
{
struct cgroup *cgrp = sock_cgroup_ptr(&sk->sk_cgrp_data);
@@ -1808,7 +1808,8 @@ int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level,
ctx.optlen = *optlen;
- if (copy_from_user(ctx.optval, optval, min(*optlen, max_optlen)) != 0) {
+ if (copy_from_sockptr(ctx.optval, optval,
+ min(*optlen, max_optlen))) {
ret = -EFAULT;
goto out;
}
diff --git a/net/socket.c b/net/socket.c
index 6fda5d011521..9ec9a8a07c0e 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -2287,7 +2287,7 @@ int __sys_setsockopt(int fd, int level, int optname, char __user *user_optval,
if (!in_compat_syscall())
err = BPF_CGROUP_RUN_PROG_SETSOCKOPT(sock->sk, &level, &optname,
- user_optval, &optlen,
+ optval, &optlen,
&kernel_optval);
if (err < 0)
goto out_put;
--
2.34.1
next prev parent reply other threads:[~2023-09-04 16:25 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-04 16:24 [PATCH v4 00/10] io_uring: Initial support for {s,g}etsockopt commands Breno Leitao
2023-09-04 16:24 ` [PATCH v4 01/10] bpf: Leverage sockptr_t in BPF getsockopt hook Breno Leitao
2023-09-04 16:24 ` Breno Leitao [this message]
2023-09-04 16:24 ` [PATCH v4 03/10] net/socket: Break down __sys_setsockopt Breno Leitao
2023-09-04 16:24 ` [PATCH v4 04/10] net/socket: Break down __sys_getsockopt Breno Leitao
2023-09-05 9:36 ` David Laight
2023-09-05 10:29 ` Andy Shevchenko
2023-09-04 16:24 ` [PATCH v4 05/10] io_uring/cmd: Pass compat mode in issue_flags Breno Leitao
2023-09-04 16:24 ` [PATCH v4 06/10] selftests/net: Extract uring helpers to be reusable Breno Leitao
2023-09-04 16:25 ` [PATCH v4 07/10] io_uring/cmd: return -EOPNOTSUPP if net is disabled Breno Leitao
2023-09-05 12:32 ` Gabriel Krisman Bertazi
2023-09-08 17:04 ` Breno Leitao
2023-09-04 16:25 ` [PATCH v4 08/10] io_uring/cmd: Introduce SOCKET_URING_OP_GETSOCKOPT Breno Leitao
2023-09-05 12:24 ` Gabriel Krisman Bertazi
2023-09-04 16:25 ` [PATCH v4 09/10] io_uring/cmd: Introduce SOCKET_URING_OP_SETSOCKOPT Breno Leitao
2023-09-05 12:24 ` Gabriel Krisman Bertazi
2023-09-04 16:25 ` [PATCH v4 10/10] selftests/bpf/sockopt: Add io_uring support Breno Leitao
2023-09-05 22:49 ` [PATCH v4 00/10] io_uring: Initial support for {s,g}etsockopt commands Jakub Kicinski
2023-09-08 16:55 ` Breno Leitao
2023-10-06 15:45 ` Breno Leitao
2023-10-09 10:11 ` Willem de Bruijn
2023-10-09 13:28 ` Breno Leitao
2023-10-09 16:55 ` Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230904162504.1356068-3-leitao@debian.org \
--to=leitao@debian.org \
--cc=andrii@kernel.org \
--cc=asml.silence@gmail.com \
--cc=ast@kernel.org \
--cc=axboe@kernel.dk \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=haoluo@google.com \
--cc=io-uring@vger.kernel.org \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=krisman@suse.de \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=willemdebruijn.kernel@gmail.com \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.