From mboxrd@z Thu Jan  1 00:00:00 1970
From: Daniel Borkmann <daniel@iogearbox.net>
Subject: Re: [PATCH v3 bpf-next 0/5] bpf: Hooks for sys_sendmsg
Date: Mon, 28 May 2018 00:56:42 +0200
Message-ID: <e7adf3d3-2d1f-a348-7e4f-3ee3269dfe1c@iogearbox.net>
References: <cover.1527224903.git.rdna@fb.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Cc: davem@davemloft.net, kafai@fb.com, ast@kernel.org,
        kernel-team@fb.com
To: Andrey Ignatov <rdna@fb.com>, netdev@vger.kernel.org
Return-path: <netdev-owner@vger.kernel.org>
Received: from www62.your-server.de ([213.133.104.62]:50246 "EHLO
        www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752466AbeE0W4o (ORCPT
        <rfc822;netdev@vger.kernel.org>); Sun, 27 May 2018 18:56:44 -0400
In-Reply-To: <cover.1527224903.git.rdna@fb.com>
Content-Language: en-US
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On 05/25/2018 07:09 AM, Andrey Ignatov wrote:
> v2 -> v3:
> * place BPF logic under static key in udp_sendmsg, udpv6_sendmsg;
> * rebase.
> 
> v1 -> v2:
> * return ENOTSUPP if bpf_prog rewrote IPv6-only with IPv4-mapped IPv6;
> * add test for IPv4-mapped IPv6 use-case;
> * fix build for CONFIG_CGROUP_BPF=n;
> * rebase.
> 
> This path set adds BPF hooks for sys_sendmsg similar to existing hooks for
> sys_bind and sys_connect.
> 
> Hooks allow to override source IP (including the case when it's set via
> cmsg(3)) and destination IP:port for unconnected UDP (slow path). TCP and
> connected UDP (fast path) are not affected. This makes UDP support
> complete: connected UDP is handled by sys_connect hooks, unconnected by
> sys_sendmsg ones.
> 
> Similar to sys_connect hooks, sys_sendmsg ones can be used to make system
> calls such as sendmsg(2) and sendto(2) return EPERM.
> 
> Please see patch 0001 for more details.
> 
> 
> Andrey Ignatov (5):
>   bpf: Hooks for sys_sendmsg
>   bpf: Sync bpf.h to tools/
>   libbpf: Support guessing sendmsg{4,6} progs
>   selftests/bpf: Prepare test_sock_addr for extension
>   selftests/bpf: Selftest for sys_sendmsg hooks
> 
>  include/linux/bpf-cgroup.h                   |   23 +-
>  include/linux/filter.h                       |    1 +
>  include/uapi/linux/bpf.h                     |    8 +
>  kernel/bpf/cgroup.c                          |   11 +-
>  kernel/bpf/syscall.c                         |    8 +
>  net/core/filter.c                            |   39 +
>  net/ipv4/udp.c                               |   20 +-
>  net/ipv6/udp.c                               |   24 +
>  tools/include/uapi/linux/bpf.h               |    8 +
>  tools/lib/bpf/libbpf.c                       |    2 +
>  tools/testing/selftests/bpf/Makefile         |    2 +-
>  tools/testing/selftests/bpf/sendmsg4_prog.c  |   49 ++
>  tools/testing/selftests/bpf/sendmsg6_prog.c  |   60 ++
>  tools/testing/selftests/bpf/test_sock_addr.c | 1155 +++++++++++++++++++++-----
>  14 files changed, 1214 insertions(+), 196 deletions(-)
>  create mode 100644 tools/testing/selftests/bpf/sendmsg4_prog.c
>  create mode 100644 tools/testing/selftests/bpf/sendmsg6_prog.c
> 

Applied to bpf-next, thanks Andrey!