From patchwork Thu Nov 26 16:44:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 334085 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56845C63697 for ; Thu, 26 Nov 2020 16:45:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1C2BF221E9 for ; Thu, 26 Nov 2020 16:45:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="YZ/SabCw" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391538AbgKZQpl (ORCPT ); Thu, 26 Nov 2020 11:45:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2391290AbgKZQpk (ORCPT ); Thu, 26 Nov 2020 11:45:40 -0500 Received: from mail-wr1-x443.google.com (mail-wr1-x443.google.com [IPv6:2a00:1450:4864:20::443]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3980CC0613D4 for ; Thu, 26 Nov 2020 08:45:40 -0800 (PST) Received: by mail-wr1-x443.google.com with SMTP id r3so2829662wrt.2 for ; Thu, 26 Nov 2020 08:45:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=OzwTSFRm2NQ0xmYlvkrP6vFZBi0q2EwWN/7wEw0Mm2M=; b=YZ/SabCw3GMPxVQifMw1wfMaBRwSvKNZLOkWk1+4MgwdSio9a6nOJlqYwFZ+yxSi/i a+vHHSNaWuIzK4AyTU3K6YX5ytvou2EDpRwGRUviaUwnfnMeunFsYUP9SeaH1BE1KdGa 6EeLLEq/OHFhzoDLA3k6sp2itKCu3Rr+HGmNA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=OzwTSFRm2NQ0xmYlvkrP6vFZBi0q2EwWN/7wEw0Mm2M=; b=PduYe2ZAqI/3gAU5FXDmZZ7JJhpgkO+8ePL21MyFtqmGp9ta8EEJgtuHmYZcPjBd5x V01uuTlrYF8++K3I/Xy9D+gtz7pcUq9A62n8QL2M+Wnb38HIgvpN6Z0MGlrYqKHm0ltX CMs+hOKiWxVgpe/4LqhwUzkYgsjCeOk1H/ZKzP9y8pKe4bgu5jzPMAd0fjXJu7BG6Qgo L7Y8x5HB5+WBJtEtqo4sffF1F/X4AgqDt7LjxWqAhtWcCHivBBfChiWLmxRwQB4egqrj E0T0gpVN4Ynx1RmoKa9rCP5aDUzXqf4jAvOV/1fRfuU8jWfRnfzo/ny7dO5qz4YZUvWM T4lA== X-Gm-Message-State: AOAM5328RgZOyDSUr/Yoef9/62w1dwas+sJCB+FKTukOik649usmws/h FABh7qNg2t8v+Xi34WsMhBeqPQ== X-Google-Smtp-Source: ABdhPJyYejpp3WfNREOwXD1l8xon+U7PTR6cUwtqEEC3XDtPWEu/+1prYheAeaU+VwTsatLipM9E6A== X-Received: by 2002:adf:eeca:: with SMTP id a10mr4845073wrp.186.1606409138934; Thu, 26 Nov 2020 08:45:38 -0800 (PST) Received: from revest.zrh.corp.google.com ([2a00:79e0:42:204:f693:9fff:fef4:a569]) by smtp.gmail.com with ESMTPSA id f17sm8805824wmh.10.2020.11.26.08.45.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Nov 2020 08:45:38 -0800 (PST) From: Florent Revest X-Google-Original-From: Florent Revest To: bpf@vger.kernel.org Cc: viro@zeniv.linux.org.uk, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, yhs@fb.com, andrii@kernel.org, kpsingh@chromium.org, revest@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH bpf-next v3 1/6] net: Remove the err argument from sock_from_file Date: Thu, 26 Nov 2020 17:44:44 +0100 Message-Id: <20201126164449.1745292-1-revest@google.com> X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Currently, the sock_from_file prototype takes an "err" pointer that is either not set or set to -ENOTSOCK IFF the returned socket is NULL. This makes the error redundant and it is ignored by a few callers. This patch simplifies the API by letting callers deduce the error based on whether the returned socket is NULL or not. Suggested-by: Al Viro Signed-off-by: Florent Revest --- fs/eventpoll.c | 3 +-- fs/io_uring.c | 16 ++++++++-------- include/linux/net.h | 2 +- net/core/netclassid_cgroup.c | 3 +-- net/core/netprio_cgroup.c | 3 +-- net/core/sock.c | 8 +------- net/socket.c | 27 ++++++++++++++++----------- 7 files changed, 29 insertions(+), 33 deletions(-) diff --git a/fs/eventpoll.c b/fs/eventpoll.c index 4df61129566d..c764d8d5a76a 100644 --- a/fs/eventpoll.c +++ b/fs/eventpoll.c @@ -415,12 +415,11 @@ static inline void ep_set_busy_poll_napi_id(struct epitem *epi) unsigned int napi_id; struct socket *sock; struct sock *sk; - int err; if (!net_busy_loop_on()) return; - sock = sock_from_file(epi->ffd.file, &err); + sock = sock_from_file(epi->ffd.file); if (!sock) return; diff --git a/fs/io_uring.c b/fs/io_uring.c index 8018c7076b25..ace99b15cbd3 100644 --- a/fs/io_uring.c +++ b/fs/io_uring.c @@ -4341,9 +4341,9 @@ static int io_sendmsg(struct io_kiocb *req, bool force_nonblock, unsigned flags; int ret; - sock = sock_from_file(req->file, &ret); + sock = sock_from_file(req->file); if (unlikely(!sock)) - return ret; + return -ENOTSOCK; if (req->async_data) { kmsg = req->async_data; @@ -4390,9 +4390,9 @@ static int io_send(struct io_kiocb *req, bool force_nonblock, unsigned flags; int ret; - sock = sock_from_file(req->file, &ret); + sock = sock_from_file(req->file); if (unlikely(!sock)) - return ret; + return -ENOTSOCK; ret = import_single_range(WRITE, sr->buf, sr->len, &iov, &msg.msg_iter); if (unlikely(ret)) @@ -4569,9 +4569,9 @@ static int io_recvmsg(struct io_kiocb *req, bool force_nonblock, unsigned flags; int ret, cflags = 0; - sock = sock_from_file(req->file, &ret); + sock = sock_from_file(req->file); if (unlikely(!sock)) - return ret; + return -ENOTSOCK; if (req->async_data) { kmsg = req->async_data; @@ -4632,9 +4632,9 @@ static int io_recv(struct io_kiocb *req, bool force_nonblock, unsigned flags; int ret, cflags = 0; - sock = sock_from_file(req->file, &ret); + sock = sock_from_file(req->file); if (unlikely(!sock)) - return ret; + return -ENOTSOCK; if (req->flags & REQ_F_BUFFER_SELECT) { kbuf = io_recv_buffer_select(req, !force_nonblock); diff --git a/include/linux/net.h b/include/linux/net.h index 0dcd51feef02..9e2324efc26a 100644 --- a/include/linux/net.h +++ b/include/linux/net.h @@ -240,7 +240,7 @@ int sock_sendmsg(struct socket *sock, struct msghdr *msg); int sock_recvmsg(struct socket *sock, struct msghdr *msg, int flags); struct file *sock_alloc_file(struct socket *sock, int flags, const char *dname); struct socket *sockfd_lookup(int fd, int *err); -struct socket *sock_from_file(struct file *file, int *err); +struct socket *sock_from_file(struct file *file); #define sockfd_put(sock) fput(sock->file) int net_ratelimit(void); diff --git a/net/core/netclassid_cgroup.c b/net/core/netclassid_cgroup.c index 41b24cd31562..b49c57d35a88 100644 --- a/net/core/netclassid_cgroup.c +++ b/net/core/netclassid_cgroup.c @@ -68,9 +68,8 @@ struct update_classid_context { static int update_classid_sock(const void *v, struct file *file, unsigned n) { - int err; struct update_classid_context *ctx = (void *)v; - struct socket *sock = sock_from_file(file, &err); + struct socket *sock = sock_from_file(file); if (sock) { spin_lock(&cgroup_sk_update_lock); diff --git a/net/core/netprio_cgroup.c b/net/core/netprio_cgroup.c index 9bd4cab7d510..99a431c56f23 100644 --- a/net/core/netprio_cgroup.c +++ b/net/core/netprio_cgroup.c @@ -220,8 +220,7 @@ static ssize_t write_priomap(struct kernfs_open_file *of, static int update_netprio(const void *v, struct file *file, unsigned n) { - int err; - struct socket *sock = sock_from_file(file, &err); + struct socket *sock = sock_from_file(file); if (sock) { spin_lock(&cgroup_sk_update_lock); sock_cgroup_set_prioidx(&sock->sk->sk_cgrp_data, diff --git a/net/core/sock.c b/net/core/sock.c index 727ea1cc633c..dd0598d831ef 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -2808,14 +2808,8 @@ EXPORT_SYMBOL(sock_no_mmap); void __receive_sock(struct file *file) { struct socket *sock; - int error; - /* - * The resulting value of "error" is ignored here since we only - * need to take action when the file is a socket and testing - * "sock" for NULL is sufficient. - */ - sock = sock_from_file(file, &error); + sock = sock_from_file(file); if (sock) { sock_update_netprioidx(&sock->sk->sk_cgrp_data); sock_update_classid(&sock->sk->sk_cgrp_data); diff --git a/net/socket.c b/net/socket.c index 6e6cccc2104f..c799d9652a2c 100644 --- a/net/socket.c +++ b/net/socket.c @@ -445,17 +445,15 @@ static int sock_map_fd(struct socket *sock, int flags) /** * sock_from_file - Return the &socket bounded to @file. * @file: file - * @err: pointer to an error code return * - * On failure returns %NULL and assigns -ENOTSOCK to @err. + * On failure returns %NULL. */ -struct socket *sock_from_file(struct file *file, int *err) +struct socket *sock_from_file(struct file *file) { if (file->f_op == &socket_file_ops) return file->private_data; /* set in sock_map_fd */ - *err = -ENOTSOCK; return NULL; } EXPORT_SYMBOL(sock_from_file); @@ -484,9 +482,11 @@ struct socket *sockfd_lookup(int fd, int *err) return NULL; } - sock = sock_from_file(file, err); - if (!sock) + sock = sock_from_file(file); + if (!sock) { + *err = -ENOTSOCK; fput(file); + } return sock; } EXPORT_SYMBOL(sockfd_lookup); @@ -498,11 +498,12 @@ static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed) *err = -EBADF; if (f.file) { - sock = sock_from_file(f.file, err); + sock = sock_from_file(f.file); if (likely(sock)) { *fput_needed = f.flags & FDPUT_FPUT; return sock; } + *err = -ENOTSOCK; fdput(f); } return NULL; @@ -1715,9 +1716,11 @@ int __sys_accept4_file(struct file *file, unsigned file_flags, if (SOCK_NONBLOCK != O_NONBLOCK && (flags & SOCK_NONBLOCK)) flags = (flags & ~SOCK_NONBLOCK) | O_NONBLOCK; - sock = sock_from_file(file, &err); - if (!sock) + sock = sock_from_file(file); + if (!sock) { + err = -ENOTSOCK; goto out; + } err = -ENFILE; newsock = sock_alloc(); @@ -1840,9 +1843,11 @@ int __sys_connect_file(struct file *file, struct sockaddr_storage *address, struct socket *sock; int err; - sock = sock_from_file(file, &err); - if (!sock) + sock = sock_from_file(file); + if (!sock) { + err = -ENOTSOCK; goto out; + } err = security_socket_connect(sock, (struct sockaddr *)address, addrlen); From patchwork Thu Nov 26 16:44:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 333478 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5456C64E7A for ; Thu, 26 Nov 2020 16:46:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C3BFE21741 for ; Thu, 26 Nov 2020 16:46:33 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="Z+g9Cd89" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403921AbgKZQpn (ORCPT ); Thu, 26 Nov 2020 11:45:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59076 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2391313AbgKZQpm (ORCPT ); Thu, 26 Nov 2020 11:45:42 -0500 Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com [IPv6:2a00:1450:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5FA10C0613D4 for ; Thu, 26 Nov 2020 08:45:41 -0800 (PST) Received: by mail-wr1-x442.google.com with SMTP id s8so2792235wrw.10 for ; Thu, 26 Nov 2020 08:45:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=PBLkMiU4AZr9DwvoaSu135Em+YugoC0ZruXr4QELs2A=; b=Z+g9Cd897ku1PCfexurtrEKmKTArtxH/GS6WUlZGdbueQMN4Zy9ClCUTXRGhP6qBIu v/5mazfLJ2QzyxrJqlCx/K7EpkJEWuozj8G8sF70nLpTWb5oDZffxlG+q06rP0MBUpJb cOJsCl4FPTODAFNVIanqPy9UInMphaITtArmI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=PBLkMiU4AZr9DwvoaSu135Em+YugoC0ZruXr4QELs2A=; b=jXkkn47K3YjI6PjHqteMUpEpqdThlOAAmfiUeWEFRAC63YBC0TdA48NEWalOQQpjNK K2Xbe1S+LtP+UGF24ZymWj2p72UwUmeljV8sUZ5Oa4sNG9oT9JqkAmAFajVUcOd8Qx84 XrV4LpbP583SqAW+hjnpjJozrn7ukEfR9LQ0ujuAd9cbJJ7TePBQNnVGwyDx2BTTW36H f2rpEwe+OK0mZWqt+0m1beCN4KHKQ6mAHfuFM04NS1BPq8EWqNVOmsZ/eE3ElcUgIULX zxNwjc83MehelwBbn5OGQxl1r9ZxInOA2Oip1Uogo1H/mnb+MdYanl1Fc9uVhoi93DKu JyYA== X-Gm-Message-State: AOAM531YM5gX8NX64MxGLgAKjv1aDdO59Zlfer2v14xvrbDIxPydTa8/ Mw9Dpv9W7qoaJ7dan7LUfPSDMg== X-Google-Smtp-Source: ABdhPJzpzqOZ2ltvKHE1YHKtRwuBy1a1wReRu5pxL/0DcvJGQHt988+K3byFXupcu8wSor4VuiSPIA== X-Received: by 2002:a5d:4ec8:: with SMTP id s8mr5050945wrv.349.1606409140037; Thu, 26 Nov 2020 08:45:40 -0800 (PST) Received: from revest.zrh.corp.google.com ([2a00:79e0:42:204:f693:9fff:fef4:a569]) by smtp.gmail.com with ESMTPSA id f17sm8805824wmh.10.2020.11.26.08.45.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Nov 2020 08:45:39 -0800 (PST) From: Florent Revest X-Google-Original-From: Florent Revest To: bpf@vger.kernel.org Cc: viro@zeniv.linux.org.uk, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, yhs@fb.com, andrii@kernel.org, kpsingh@chromium.org, revest@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, KP Singh Subject: [PATCH bpf-next v3 2/6] bpf: Add a bpf_sock_from_file helper Date: Thu, 26 Nov 2020 17:44:45 +0100 Message-Id: <20201126164449.1745292-2-revest@google.com> X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog In-Reply-To: <20201126164449.1745292-1-revest@google.com> References: <20201126164449.1745292-1-revest@google.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org While eBPF programs can check whether a file is a socket by file->f_op == &socket_file_ops, they cannot convert the void private_data pointer to a struct socket BTF pointer. In order to do this a new helper wrapping sock_from_file is added. This is useful to tracing programs but also other program types inheriting this set of helpers such as iterators or LSM programs. Signed-off-by: Florent Revest Acked-by: KP Singh Acked-by: Martin KaFai Lau --- include/uapi/linux/bpf.h | 9 +++++++++ kernel/trace/bpf_trace.c | 20 ++++++++++++++++++++ scripts/bpf_helpers_doc.py | 4 ++++ tools/include/uapi/linux/bpf.h | 9 +++++++++ 4 files changed, 42 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index c3458ec1f30a..a92b2b7d331b 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -3817,6 +3817,14 @@ union bpf_attr { * The **hash_algo** is returned on success, * **-EOPNOTSUP** if IMA is disabled or **-EINVAL** if * invalid arguments are passed. + * + * struct socket *bpf_sock_from_file(struct file *file) + * Description + * If the given file represents a socket, returns the associated + * socket. + * Return + * A pointer to a struct socket on success or NULL if the file is + * not a socket. */ #define __BPF_FUNC_MAPPER(FN) \ FN(unspec), \ @@ -3981,6 +3989,7 @@ union bpf_attr { FN(bprm_opts_set), \ FN(ktime_get_coarse_ns), \ FN(ima_inode_hash), \ + FN(sock_from_file), \ /* */ /* integer value in 'imm' field of BPF_CALL instruction selects which helper diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index d255bc9b2bfa..d0aac9eac2d8 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -1260,6 +1260,24 @@ const struct bpf_func_proto bpf_snprintf_btf_proto = { .arg5_type = ARG_ANYTHING, }; +BPF_CALL_1(bpf_sock_from_file, struct file *, file) +{ + return (unsigned long) sock_from_file(file); +} + +BTF_ID_LIST(bpf_sock_from_file_btf_ids) +BTF_ID(struct, socket) +BTF_ID(struct, file) + +static const struct bpf_func_proto bpf_sock_from_file_proto = { + .func = bpf_sock_from_file, + .gpl_only = false, + .ret_type = RET_PTR_TO_BTF_ID_OR_NULL, + .ret_btf_id = &bpf_sock_from_file_btf_ids[0], + .arg1_type = ARG_PTR_TO_BTF_ID, + .arg1_btf_id = &bpf_sock_from_file_btf_ids[1], +}; + const struct bpf_func_proto * bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) { @@ -1356,6 +1374,8 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return &bpf_per_cpu_ptr_proto; case BPF_FUNC_bpf_this_cpu_ptr: return &bpf_this_cpu_ptr_proto; + case BPF_FUNC_sock_from_file: + return &bpf_sock_from_file_proto; default: return NULL; } diff --git a/scripts/bpf_helpers_doc.py b/scripts/bpf_helpers_doc.py index 8b829748d488..867ada23281c 100755 --- a/scripts/bpf_helpers_doc.py +++ b/scripts/bpf_helpers_doc.py @@ -437,6 +437,8 @@ class PrinterHelpers(Printer): 'struct path', 'struct btf_ptr', 'struct inode', + 'struct socket', + 'struct file', ] known_types = { '...', @@ -482,6 +484,8 @@ class PrinterHelpers(Printer): 'struct path', 'struct btf_ptr', 'struct inode', + 'struct socket', + 'struct file', } mapped_types = { 'u8': '__u8', diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index c3458ec1f30a..a92b2b7d331b 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -3817,6 +3817,14 @@ union bpf_attr { * The **hash_algo** is returned on success, * **-EOPNOTSUP** if IMA is disabled or **-EINVAL** if * invalid arguments are passed. + * + * struct socket *bpf_sock_from_file(struct file *file) + * Description + * If the given file represents a socket, returns the associated + * socket. + * Return + * A pointer to a struct socket on success or NULL if the file is + * not a socket. */ #define __BPF_FUNC_MAPPER(FN) \ FN(unspec), \ @@ -3981,6 +3989,7 @@ union bpf_attr { FN(bprm_opts_set), \ FN(ktime_get_coarse_ns), \ FN(ima_inode_hash), \ + FN(sock_from_file), \ /* */ /* integer value in 'imm' field of BPF_CALL instruction selects which helper From patchwork Thu Nov 26 16:44:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 333480 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7975FC56202 for ; Thu, 26 Nov 2020 16:45:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4201920B80 for ; Thu, 26 Nov 2020 16:45:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="fgliAF2S" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391547AbgKZQpn (ORCPT ); Thu, 26 Nov 2020 11:45:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59088 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2403791AbgKZQpm (ORCPT ); Thu, 26 Nov 2020 11:45:42 -0500 Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 57177C061A49 for ; Thu, 26 Nov 2020 08:45:42 -0800 (PST) Received: by mail-wm1-x341.google.com with SMTP id 1so3019582wme.3 for ; Thu, 26 Nov 2020 08:45:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=satiAp7q7vxp1zQmeNmE59ZD3HlYoTJcGcwpTzuEPC0=; b=fgliAF2Sz+QGPKBp4FiAzSvtfZOF7X/v9rcdOtzOseupTGyRIbwNAS4OUUle3/h8+l rk7N6gZ4JrwfofolDrrcTiS52Hrx8X6IEIM4b1cpxPNZafVYRM1E1LxRvOUN4y6/skLV yvw76LTXAJ3qK4WEUPs1J/Ff67cswZgDrv7z0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=satiAp7q7vxp1zQmeNmE59ZD3HlYoTJcGcwpTzuEPC0=; b=h8nnVHcXaTaArdINk5jTUlxBg1QjjTLP4rcXqwDwihZks8YWm99IGqU3ZdxZiXLinO zdDibG4+yJw7l9RzJGCImX6SROZwUxfKm0SXrGH7oeG5D4S3cvyYI6KKL/N0rcRxn7Sy 7cRfSpJJK57CMB2e+5bytLzVxYoVYHNZEve8ahzf12zeu1twT0ourJHH4SlyAofj0/ga ad/d1OL2cvHh9GpwuWuR/gI7+VJ2fsILsLET3UrH5tMu60XjskPGyJ4oQSXzug9ktf6Q RplK5KTYK64h0hUZkkM4LCuoEyi98Nkz0zq5HNVK71hF1csEJyX40NIU5OiVq6GTf0w5 qYZA== X-Gm-Message-State: AOAM532eRBn013S8RJi5AtcFTGqkZBFDlktFRGaPc7y39x8XCOnUNgw2 /Rm7GM4OZVLHktUBTREC4b/Rhg== X-Google-Smtp-Source: ABdhPJxro2BM0uV+9MCG3jYYWVG89Rgp+wglSySpeJeHg6JxH5CR3TLj4hTfoXxWpnJZJSyuO0BkBg== X-Received: by 2002:a1c:e3c1:: with SMTP id a184mr4437025wmh.88.1606409141127; Thu, 26 Nov 2020 08:45:41 -0800 (PST) Received: from revest.zrh.corp.google.com ([2a00:79e0:42:204:f693:9fff:fef4:a569]) by smtp.gmail.com with ESMTPSA id f17sm8805824wmh.10.2020.11.26.08.45.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Nov 2020 08:45:40 -0800 (PST) From: Florent Revest X-Google-Original-From: Florent Revest To: bpf@vger.kernel.org Cc: viro@zeniv.linux.org.uk, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, yhs@fb.com, andrii@kernel.org, kpsingh@chromium.org, revest@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH bpf-next v3 3/6] bpf: Expose bpf_sk_storage_* to iterator programs Date: Thu, 26 Nov 2020 17:44:46 +0100 Message-Id: <20201126164449.1745292-3-revest@google.com> X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog In-Reply-To: <20201126164449.1745292-1-revest@google.com> References: <20201126164449.1745292-1-revest@google.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Iterators are currently used to expose kernel information to userspace over fast procfs-like files but iterators could also be used to manipulate local storage. For example, the task_file iterator could be used to initialize a socket local storage with associations between processes and sockets or to selectively delete local storage values. Signed-off-by: Florent Revest Acked-by: Martin KaFai Lau --- net/core/bpf_sk_storage.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/core/bpf_sk_storage.c b/net/core/bpf_sk_storage.c index a32037daa933..4edd033e899c 100644 --- a/net/core/bpf_sk_storage.c +++ b/net/core/bpf_sk_storage.c @@ -394,6 +394,7 @@ static bool bpf_sk_storage_tracing_allowed(const struct bpf_prog *prog) * use the bpf_sk_storage_(get|delete) helper. */ switch (prog->expected_attach_type) { + case BPF_TRACE_ITER: case BPF_TRACE_RAW_TP: /* bpf_sk_storage has no trace point */ return true; From patchwork Thu Nov 26 16:44:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 334083 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C992C71156 for ; Thu, 26 Nov 2020 16:45:59 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CDD4420B80 for ; Thu, 26 Nov 2020 16:45:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="VeQVYnUP" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403969AbgKZQpz (ORCPT ); Thu, 26 Nov 2020 11:45:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59090 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2391549AbgKZQpn (ORCPT ); Thu, 26 Nov 2020 11:45:43 -0500 Received: from mail-wm1-x342.google.com (mail-wm1-x342.google.com [IPv6:2a00:1450:4864:20::342]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5F542C0617A7 for ; Thu, 26 Nov 2020 08:45:43 -0800 (PST) Received: by mail-wm1-x342.google.com with SMTP id c198so2719261wmd.0 for ; Thu, 26 Nov 2020 08:45:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=K/M4gu8JZX1RUvKKxbWMwd6sKzErX4ydvwnU8nMRHQ4=; b=VeQVYnUP9KC7S8j11jYv0Ifl89CXEqxOuZgoab/dwFEBTfsJpzh0GOKRiCP4Jbhdql 2kJUbltoOyZkHNEByR5WnALGaHHXKXg3aLzN8IvmIlHm+5moCC6CFNCzZFoKsSsrNmUn lWl1alFCkbLVAnaUVURNlfTcgBn1sVTNUmv+M= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=K/M4gu8JZX1RUvKKxbWMwd6sKzErX4ydvwnU8nMRHQ4=; b=r0LsCXcCeCqmRr//gPd7VKVMU1Te5OUnRqJ417JMZPEvuIoD99sPtOyaN9ewt2JdB2 2AukbHkXVuqGxk8/Cuh4jq8EMLqBGQ3N5Jc2Cf4T/hQdUoxBhLN106Dj4bHY5/+VxEk2 QZ0h1wqoLqeJCru8WR9uTdEgfVTMZKgULDj11/A5/8dSpGKBKBudhgsWjmppGdkIe5kF I7UFuvWvmfhh93v6nVAEcZlGI6XatnbjfZQLd7gYWTjKFL08L1vxaw5CxoxYSSNGosY7 eCvF202S0Gy+c/5jmd50XxP+f+kmd3EL/qtDW2448sZICqsz59hXhp52slDNBwzEil6u eNIQ== X-Gm-Message-State: AOAM531KbwdYWPnqmKoqwhajhoYtyANzw+OglHaAVBxb68EFbI4wC+h1 zk5lW9wpX51zlHTb66nl1ple4A== X-Google-Smtp-Source: ABdhPJz/hAybfvllqWHwxRB83B2Q+QlMRW0h/r1vHAe/FPh4b07hMEadXqNvy3z/U8v9P+3SVZg9Cg== X-Received: by 2002:a1c:28c4:: with SMTP id o187mr4399225wmo.40.1606409142137; Thu, 26 Nov 2020 08:45:42 -0800 (PST) Received: from revest.zrh.corp.google.com ([2a00:79e0:42:204:f693:9fff:fef4:a569]) by smtp.gmail.com with ESMTPSA id f17sm8805824wmh.10.2020.11.26.08.45.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Nov 2020 08:45:41 -0800 (PST) From: Florent Revest X-Google-Original-From: Florent Revest To: bpf@vger.kernel.org Cc: viro@zeniv.linux.org.uk, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, yhs@fb.com, andrii@kernel.org, kpsingh@chromium.org, revest@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH bpf-next v3 4/6] bpf: Add an iterator selftest for bpf_sk_storage_delete Date: Thu, 26 Nov 2020 17:44:47 +0100 Message-Id: <20201126164449.1745292-4-revest@google.com> X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog In-Reply-To: <20201126164449.1745292-1-revest@google.com> References: <20201126164449.1745292-1-revest@google.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The eBPF program iterates over all entries (well, only one) of a socket local storage map and deletes them all. The test makes sure that the entry is indeed deleted. Signed-off-by: Florent Revest Acked-by: Martin KaFai Lau --- .../selftests/bpf/prog_tests/bpf_iter.c | 64 +++++++++++++++++++ .../progs/bpf_iter_bpf_sk_storage_helpers.c | 23 +++++++ 2 files changed, 87 insertions(+) create mode 100644 tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c index 448885b95eed..bb4a638f2e6f 100644 --- a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c +++ b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c @@ -20,6 +20,7 @@ #include "bpf_iter_bpf_percpu_hash_map.skel.h" #include "bpf_iter_bpf_array_map.skel.h" #include "bpf_iter_bpf_percpu_array_map.skel.h" +#include "bpf_iter_bpf_sk_storage_helpers.skel.h" #include "bpf_iter_bpf_sk_storage_map.skel.h" #include "bpf_iter_test_kern5.skel.h" #include "bpf_iter_test_kern6.skel.h" @@ -913,6 +914,67 @@ static void test_bpf_percpu_array_map(void) bpf_iter_bpf_percpu_array_map__destroy(skel); } +/* An iterator program deletes all local storage in a map. */ +static void test_bpf_sk_storage_delete(void) +{ + DECLARE_LIBBPF_OPTS(bpf_iter_attach_opts, opts); + struct bpf_iter_bpf_sk_storage_helpers *skel; + union bpf_iter_link_info linfo; + int err, len, map_fd, iter_fd; + struct bpf_link *link; + int sock_fd = -1; + __u32 val = 42; + char buf[64]; + + skel = bpf_iter_bpf_sk_storage_helpers__open_and_load(); + if (CHECK(!skel, "bpf_iter_bpf_sk_storage_helpers__open_and_load", + "skeleton open_and_load failed\n")) + return; + + map_fd = bpf_map__fd(skel->maps.sk_stg_map); + + sock_fd = socket(AF_INET6, SOCK_STREAM, 0); + if (CHECK(sock_fd < 0, "socket", "errno: %d\n", errno)) + goto out; + err = bpf_map_update_elem(map_fd, &sock_fd, &val, BPF_NOEXIST); + if (CHECK(err, "map_update", "map_update failed\n")) + goto out; + + memset(&linfo, 0, sizeof(linfo)); + linfo.map.map_fd = map_fd; + opts.link_info = &linfo; + opts.link_info_len = sizeof(linfo); + link = bpf_program__attach_iter(skel->progs.delete_bpf_sk_storage_map, + &opts); + if (CHECK(IS_ERR(link), "attach_iter", "attach_iter failed\n")) + goto out; + + iter_fd = bpf_iter_create(bpf_link__fd(link)); + if (CHECK(iter_fd < 0, "create_iter", "create_iter failed\n")) + goto free_link; + + /* do some tests */ + while ((len = read(iter_fd, buf, sizeof(buf))) > 0) + ; + if (CHECK(len < 0, "read", "read failed: %s\n", strerror(errno))) + goto close_iter; + + /* test results */ + err = bpf_map_lookup_elem(map_fd, &sock_fd, &val); + if (CHECK(!err || errno != ENOENT, "bpf_map_lookup_elem", + "map value wasn't deleted (err=%d, errno=%d)\n", err, errno)) + goto close_iter; + +close_iter: + close(iter_fd); +free_link: + bpf_link__destroy(link); +out: + if (sock_fd >= 0) + close(sock_fd); + bpf_iter_bpf_sk_storage_helpers__destroy(skel); +} + static void test_bpf_sk_storage_map(void) { DECLARE_LIBBPF_OPTS(bpf_iter_attach_opts, opts); @@ -1067,6 +1129,8 @@ void test_bpf_iter(void) test_bpf_percpu_array_map(); if (test__start_subtest("bpf_sk_storage_map")) test_bpf_sk_storage_map(); + if (test__start_subtest("bpf_sk_storage_delete")) + test_bpf_sk_storage_delete(); if (test__start_subtest("rdonly-buf-out-of-bound")) test_rdonly_buf_out_of_bound(); if (test__start_subtest("buf-neg-offset")) diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c new file mode 100644 index 000000000000..01ff3235e413 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c @@ -0,0 +1,23 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (c) 2020 Google LLC. */ +#include "bpf_iter.h" +#include +#include + +char _license[] SEC("license") = "GPL"; + +struct { + __uint(type, BPF_MAP_TYPE_SK_STORAGE); + __uint(map_flags, BPF_F_NO_PREALLOC); + __type(key, int); + __type(value, int); +} sk_stg_map SEC(".maps"); + +SEC("iter/bpf_sk_storage_map") +int delete_bpf_sk_storage_map(struct bpf_iter__bpf_sk_storage_map *ctx) +{ + if (ctx->sk) + bpf_sk_storage_delete(&sk_stg_map, ctx->sk); + + return 0; +} From patchwork Thu Nov 26 16:44:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 333479 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 88551C64E8A for ; Thu, 26 Nov 2020 16:45:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 50AE42223C for ; Thu, 26 Nov 2020 16:45:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="nmlDob9p" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403931AbgKZQpq (ORCPT ); Thu, 26 Nov 2020 11:45:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59098 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2391548AbgKZQpo (ORCPT ); Thu, 26 Nov 2020 11:45:44 -0500 Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 76967C0617A7 for ; Thu, 26 Nov 2020 08:45:44 -0800 (PST) Received: by mail-wm1-x344.google.com with SMTP id x22so2690610wmc.5 for ; Thu, 26 Nov 2020 08:45:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=JquaGZ4n6vRq9oOS/Nn0a4TRgj4BlG1HC7wCqFjNeO4=; b=nmlDob9p8DccospaPcW6JURvwmTYAbhm1w3tIUeM0PxqDr7GYt8vl5kY6/lAbTV8nT 9NvIIsPmaJJ4KruAfekKCYZkjjkg4tiWKKrhy/TpGX5K59vkwvedP+pXmF6CIGQOtsXr iwWrb+2T1gzU01eS5C811TkU4kOcqnPObScrE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JquaGZ4n6vRq9oOS/Nn0a4TRgj4BlG1HC7wCqFjNeO4=; b=Xg/+NMrGFO7Wu6PT+sBGbcD8L9xz9XYPWVdwUjcBf55cYzHJh6P/V6/jvijjl6Z166 gWYlkMyjN1VvlSwuAT0WTEBslfhl29x7g9NRPoJCBaCwSGtPi7LbhhFrCs2eBke0143c aWDd3YeLxSK5GNIeIT1ghecz3KbL+zq0SYIIz3eNgxTxjFxEIfYJKHT0fbviLvL4HVHW TWtn4iRjufsUiZSYgxefq5T+KQwbgtPmNsH0FiqA44kE+vqS2tr3anMGXIlZrveWcc2U c89X31Z6IVDfpOrLbBJdf+gp0q982n7CPsMmDW3NdCWQvJP7H4cUzapTo2t7hkoXcigV JtJw== X-Gm-Message-State: AOAM531+EKA+UCZwdA9PwilFVQ2MsCIR0aPJQKbcbhoy+HmS0zee+MJz 7C7Cfj/1OKr637vsbfAju1766g== X-Google-Smtp-Source: ABdhPJyPS0o+jWO5pjI5vTxr6yRbjDbxrtdz23Gp1AI3CvBSTTBdSm2ZxoxPDebDlSzYjJR/qt960Q== X-Received: by 2002:a1c:96cb:: with SMTP id y194mr4292036wmd.62.1606409143233; Thu, 26 Nov 2020 08:45:43 -0800 (PST) Received: from revest.zrh.corp.google.com ([2a00:79e0:42:204:f693:9fff:fef4:a569]) by smtp.gmail.com with ESMTPSA id f17sm8805824wmh.10.2020.11.26.08.45.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Nov 2020 08:45:42 -0800 (PST) From: Florent Revest X-Google-Original-From: Florent Revest To: bpf@vger.kernel.org Cc: viro@zeniv.linux.org.uk, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, yhs@fb.com, andrii@kernel.org, kpsingh@chromium.org, revest@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH bpf-next v3 5/6] bpf: Add an iterator selftest for bpf_sk_storage_get Date: Thu, 26 Nov 2020 17:44:48 +0100 Message-Id: <20201126164449.1745292-5-revest@google.com> X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog In-Reply-To: <20201126164449.1745292-1-revest@google.com> References: <20201126164449.1745292-1-revest@google.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The eBPF program iterates over all files and tasks. For all socket files, it stores the tgid of the last task it encountered with a handle to that socket. This is a heuristic for finding the "owner" of a socket similar to what's done by lsof, ss, netstat or fuser. Potentially, this information could be used from a cgroup_skb/*gress hook to try to associate network traffic with processes. The test makes sure that a socket it created is tagged with prog_tests's pid. Signed-off-by: Florent Revest Acked-by: Yonghong Song --- .../selftests/bpf/prog_tests/bpf_iter.c | 40 +++++++++++++++++++ .../progs/bpf_iter_bpf_sk_storage_helpers.c | 25 ++++++++++++ 2 files changed, 65 insertions(+) diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c index bb4a638f2e6f..9336d0f18331 100644 --- a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c +++ b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c @@ -975,6 +975,44 @@ static void test_bpf_sk_storage_delete(void) bpf_iter_bpf_sk_storage_helpers__destroy(skel); } +/* This creates a socket and its local storage. It then runs a task_iter BPF + * program that replaces the existing socket local storage with the tgid of the + * only task owning a file descriptor to this socket, this process, prog_tests. + */ +static void test_bpf_sk_storage_get(void) +{ + struct bpf_iter_bpf_sk_storage_helpers *skel; + int err, map_fd, val = -1; + int sock_fd = -1; + + skel = bpf_iter_bpf_sk_storage_helpers__open_and_load(); + if (CHECK(!skel, "bpf_iter_bpf_sk_storage_helpers__open_and_load", + "skeleton open_and_load failed\n")) + return; + + sock_fd = socket(AF_INET6, SOCK_STREAM, 0); + if (CHECK(sock_fd < 0, "socket", "errno: %d\n", errno)) + goto out; + + map_fd = bpf_map__fd(skel->maps.sk_stg_map); + + err = bpf_map_update_elem(map_fd, &sock_fd, &val, BPF_NOEXIST); + if (CHECK(err, "bpf_map_update_elem", "map_update_failed\n")) + goto close_socket; + + do_dummy_read(skel->progs.fill_socket_owner); + + err = bpf_map_lookup_elem(map_fd, &sock_fd, &val); + CHECK(err || val != getpid(), "bpf_map_lookup_elem", + "map value wasn't set correctly (expected %d, got %d, err=%d)\n", + getpid(), val, err); + +close_socket: + close(sock_fd); +out: + bpf_iter_bpf_sk_storage_helpers__destroy(skel); +} + static void test_bpf_sk_storage_map(void) { DECLARE_LIBBPF_OPTS(bpf_iter_attach_opts, opts); @@ -1131,6 +1169,8 @@ void test_bpf_iter(void) test_bpf_sk_storage_map(); if (test__start_subtest("bpf_sk_storage_delete")) test_bpf_sk_storage_delete(); + if (test__start_subtest("bpf_sk_storage_get")) + test_bpf_sk_storage_get(); if (test__start_subtest("rdonly-buf-out-of-bound")) test_rdonly_buf_out_of_bound(); if (test__start_subtest("buf-neg-offset")) diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c index 01ff3235e413..d7a7a802d172 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c @@ -21,3 +21,28 @@ int delete_bpf_sk_storage_map(struct bpf_iter__bpf_sk_storage_map *ctx) return 0; } + +SEC("iter/task_file") +int fill_socket_owner(struct bpf_iter__task_file *ctx) +{ + struct task_struct *task = ctx->task; + struct file *file = ctx->file; + struct socket *sock; + int *sock_tgid; + + if (!task || !file || task->tgid != task->pid) + return 0; + + sock = bpf_sock_from_file(file); + if (!sock) + return 0; + + sock_tgid = bpf_sk_storage_get(&sk_stg_map, sock->sk, 0, 0); + if (!sock_tgid) + return 0; + + *sock_tgid = task->tgid; + + return 0; +} + From patchwork Thu Nov 26 16:44:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florent Revest X-Patchwork-Id: 334084 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44F36C64E7B for ; Thu, 26 Nov 2020 16:45:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E822E221F7 for ; Thu, 26 Nov 2020 16:45:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="dfG6QgYG" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2403954AbgKZQps (ORCPT ); Thu, 26 Nov 2020 11:45:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59088 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2403947AbgKZQpr (ORCPT ); Thu, 26 Nov 2020 11:45:47 -0500 Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7F3CCC061A48 for ; Thu, 26 Nov 2020 08:45:45 -0800 (PST) Received: by mail-wr1-x444.google.com with SMTP id t4so2783638wrr.12 for ; Thu, 26 Nov 2020 08:45:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=R8OIjsoCGUrG5WzInzx7EjrjpLAoCJHAB1p5aT6+rCM=; b=dfG6QgYG3wMRF+1qrcQJ+2Msv84PvbSL3jc039gEML/SehncbRgKiAD/bpJSolPlDj EUxqAunSuZOxiDOtzmUVHLn9dtIljEgKQIbc3HLznqCnP4h+38i+5ksLWz2ffeLaCxdC Y9ifZ94RpLOLRqR4Dywo9EY8vXYTQYzsRuEjs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=R8OIjsoCGUrG5WzInzx7EjrjpLAoCJHAB1p5aT6+rCM=; b=lX0DJkyMR50aTBFSOUZsbI3bCRKb7bqOfWv4CWwrvWshfaW6tUq1K9ySssQTh++28d OSepNDuyt8NlJ0BMPy9scxLG9/vN1pGnmJ44uNHEvNdKYd2/UtTnXHPTFK/OJpUeHChs 5DdFQ5HP2qVtzQmichkdF4f3YfLsL0m3t6VoTM4+5telRCZxxORkpe+dF4j5OPY4a6y6 Vxe5ATUaV5ayAqRxevj8M8JLQ47cxejAD4PC/HzBg88sggA33u1liXKB15t82kj9ySXJ DURgg6bmZ7lnJnWrvGIeD77He1Z9QFKHny8+pF5aXReqXZ9lAfTKcJ42HRHQ+jLVPjXY w4qQ== X-Gm-Message-State: AOAM531WaMZuP66wOHKE7ay60jB8+qDO9qH5Oosctmk8hgif7efrenth ZihNMC5svQKANkI9SrrEqkYovQ== X-Google-Smtp-Source: ABdhPJzSNy5KWDcCBURNPLt/CBHQyRh/dh9G9EIGL7pKRAi9DE7KKXVSit7SVTmAprKpY/ovGLEU5A== X-Received: by 2002:adf:ed46:: with SMTP id u6mr4833460wro.287.1606409144239; Thu, 26 Nov 2020 08:45:44 -0800 (PST) Received: from revest.zrh.corp.google.com ([2a00:79e0:42:204:f693:9fff:fef4:a569]) by smtp.gmail.com with ESMTPSA id f17sm8805824wmh.10.2020.11.26.08.45.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Nov 2020 08:45:43 -0800 (PST) From: Florent Revest X-Google-Original-From: Florent Revest To: bpf@vger.kernel.org Cc: viro@zeniv.linux.org.uk, davem@davemloft.net, kuba@kernel.org, ast@kernel.org, daniel@iogearbox.net, kafai@fb.com, yhs@fb.com, andrii@kernel.org, kpsingh@chromium.org, revest@google.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH bpf-next v3 6/6] bpf: Test bpf_sk_storage_get in tcp iterators Date: Thu, 26 Nov 2020 17:44:49 +0100 Message-Id: <20201126164449.1745292-6-revest@google.com> X-Mailer: git-send-email 2.29.2.454.gaff20da3a2-goog In-Reply-To: <20201126164449.1745292-1-revest@google.com> References: <20201126164449.1745292-1-revest@google.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This extends the existing bpf_sk_storage_get test where a socket is created and tagged with its creator's pid by a task_file iterator. A TCP iterator is now also used at the end of the test to negate the values already stored in the local storage. The test therefore expects -getpid() to be stored in the local storage. Signed-off-by: Florent Revest --- .../selftests/bpf/prog_tests/bpf_iter.c | 13 +++++++++++++ .../progs/bpf_iter_bpf_sk_storage_helpers.c | 18 ++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c index 9336d0f18331..b8362147c9e3 100644 --- a/tools/testing/selftests/bpf/prog_tests/bpf_iter.c +++ b/tools/testing/selftests/bpf/prog_tests/bpf_iter.c @@ -978,6 +978,8 @@ static void test_bpf_sk_storage_delete(void) /* This creates a socket and its local storage. It then runs a task_iter BPF * program that replaces the existing socket local storage with the tgid of the * only task owning a file descriptor to this socket, this process, prog_tests. + * It then runs a tcp socket iterator that negates the value in the existing + * socket local storage, the test verifies that the resulting value is -pid. */ static void test_bpf_sk_storage_get(void) { @@ -994,6 +996,10 @@ static void test_bpf_sk_storage_get(void) if (CHECK(sock_fd < 0, "socket", "errno: %d\n", errno)) goto out; + err = listen(sock_fd, 1); + if (CHECK(err != 0, "listen", "errno: %d\n", errno)) + goto out; + map_fd = bpf_map__fd(skel->maps.sk_stg_map); err = bpf_map_update_elem(map_fd, &sock_fd, &val, BPF_NOEXIST); @@ -1007,6 +1013,13 @@ static void test_bpf_sk_storage_get(void) "map value wasn't set correctly (expected %d, got %d, err=%d)\n", getpid(), val, err); + do_dummy_read(skel->progs.negate_socket_local_storage); + + err = bpf_map_lookup_elem(map_fd, &sock_fd, &val); + CHECK(err || val != -getpid(), "bpf_map_lookup_elem", + "map value wasn't set correctly (expected %d, got %d, err=%d)\n", + -getpid(), val, err); + close_socket: close(sock_fd); out: diff --git a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c index d7a7a802d172..b3f0cb139c55 100644 --- a/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c +++ b/tools/testing/selftests/bpf/progs/bpf_iter_bpf_sk_storage_helpers.c @@ -46,3 +46,21 @@ int fill_socket_owner(struct bpf_iter__task_file *ctx) return 0; } +SEC("iter/tcp") +int negate_socket_local_storage(struct bpf_iter__tcp *ctx) +{ + struct sock_common *sk_common = ctx->sk_common; + int *sock_tgid; + + if (!sk_common) + return 0; + + sock_tgid = bpf_sk_storage_get(&sk_stg_map, sk_common, 0, 0); + if (!sock_tgid) + return 0; + + *sock_tgid = -*sock_tgid; + + return 0; +} +