All of lore.kernel.org
 help / color / mirror / Atom feed
From: Stanislav Fomichev <sdf@google.com>
To: Daniel Borkmann <daniel@iogearbox.net>
Cc: Netdev <netdev@vger.kernel.org>, bpf <bpf@vger.kernel.org>,
	Alexei Starovoitov <ast@kernel.org>
Subject: Re: [PATCH bpf-next v2 4/4] bpf: enable bpf_{g,s}etsockopt in BPF_CGROUP_UDP{4,6}_RECVMSG
Date: Thu, 28 Jan 2021 16:59:25 -0800	[thread overview]
Message-ID: <CAKH8qBsU+8495AwcCtQ0fQ8B6mrRLULZ4k3A=XUX3BL0gha_cA@mail.gmail.com> (raw)
In-Reply-To: <3098d1b1-3438-6646-d466-feed27e9ba6b@iogearbox.net>

On Thu, Jan 28, 2021 at 4:52 PM Daniel Borkmann <daniel@iogearbox.net> wrote:
>
> On 1/28/21 12:28 AM, Stanislav Fomichev wrote:
> > Those hooks run as BPF_CGROUP_RUN_SA_PROG_LOCK and operate on
> > a locked socket.
> >
> > Signed-off-by: Stanislav Fomichev <sdf@google.com>
> > ---
> >   net/core/filter.c                                 | 4 ++++
> >   tools/testing/selftests/bpf/progs/recvmsg4_prog.c | 5 +++++
> >   tools/testing/selftests/bpf/progs/recvmsg6_prog.c | 5 +++++
> >   3 files changed, 14 insertions(+)
> >
> > diff --git a/net/core/filter.c b/net/core/filter.c
> > index ba436b1d70c2..e15d4741719a 100644
> > --- a/net/core/filter.c
> > +++ b/net/core/filter.c
> > @@ -7023,6 +7023,8 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> >               case BPF_CGROUP_INET6_BIND:
> >               case BPF_CGROUP_INET4_CONNECT:
> >               case BPF_CGROUP_INET6_CONNECT:
> > +             case BPF_CGROUP_UDP4_RECVMSG:
> > +             case BPF_CGROUP_UDP6_RECVMSG:
> >               case BPF_CGROUP_UDP4_SENDMSG:
> >               case BPF_CGROUP_UDP6_SENDMSG:
> >               case BPF_CGROUP_INET4_GETPEERNAME:
> > @@ -7039,6 +7041,8 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> >               case BPF_CGROUP_INET6_BIND:
> >               case BPF_CGROUP_INET4_CONNECT:
> >               case BPF_CGROUP_INET6_CONNECT:
> > +             case BPF_CGROUP_UDP4_RECVMSG:
> > +             case BPF_CGROUP_UDP6_RECVMSG:
> >               case BPF_CGROUP_UDP4_SENDMSG:
> >               case BPF_CGROUP_UDP6_SENDMSG:
> >               case BPF_CGROUP_INET4_GETPEERNAME:
>
> Looks good overall, also thanks for adding the test cases! I was about to apply, but noticed one
> small nit that would be good to get resolved before that. Above you now list all the attach hooks
> for sock_addr ctx, so we should just remove the whole switch that tests on prog->expected_attach_type
> altogether in this last commit.
Sure, I can resend tomorrow.
But do you think it's safe and there won't ever be another sock_addr
hook that runs with an unlocked socket?

  reply	other threads:[~2021-01-29  1:00 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-27 23:28 [PATCH bpf-next v2 0/4] bpf: expose bpf_{g,s}etsockopt to more bpf_sock_addr hooks Stanislav Fomichev
2021-01-27 23:28 ` [PATCH bpf-next v2 1/4] bpf: enable bpf_{g,s}etsockopt in BPF_CGROUP_UDP{4,6}_SENDMSG Stanislav Fomichev
2021-01-27 23:28 ` [PATCH bpf-next v2 2/4] bpf: enable bpf_{g,s}etsockopt in BPF_CGROUP_INET{4,6}_GET{PEER,SOCK}NAME Stanislav Fomichev
2021-01-27 23:28 ` [PATCH bpf-next v2 3/4] selftests/bpf: rewrite recvmsg{4,6} asm progs to c in test_sock_addr Stanislav Fomichev
2021-01-27 23:28 ` [PATCH bpf-next v2 4/4] bpf: enable bpf_{g,s}etsockopt in BPF_CGROUP_UDP{4,6}_RECVMSG Stanislav Fomichev
2021-01-29  0:52   ` Daniel Borkmann
2021-01-29  0:59     ` Stanislav Fomichev [this message]
2021-01-29  1:08       ` Daniel Borkmann
2021-01-29  1:14         ` Stanislav Fomichev
2021-01-29  1:20 ` [PATCH bpf-next v2 0/4] bpf: expose bpf_{g,s}etsockopt to more bpf_sock_addr hooks patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKH8qBsU+8495AwcCtQ0fQ8B6mrRLULZ4k3A=XUX3BL0gha_cA@mail.gmail.com' \
    --to=sdf@google.com \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.