From patchwork Wed Jan 27 23:28:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislav Fomichev X-Patchwork-Id: 372174 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7E91C43381 for ; Wed, 27 Jan 2021 23:31:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8381264D7F for ; Wed, 27 Jan 2021 23:31:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231171AbhA0XbD (ORCPT ); Wed, 27 Jan 2021 18:31:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48002 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233538AbhA0XaM (ORCPT ); Wed, 27 Jan 2021 18:30:12 -0500 Received: from mail-qt1-x84a.google.com (mail-qt1-x84a.google.com [IPv6:2607:f8b0:4864:20::84a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7745BC06178A for ; Wed, 27 Jan 2021 15:28:59 -0800 (PST) Received: by mail-qt1-x84a.google.com with SMTP id h16so2259893qta.12 for ; Wed, 27 Jan 2021 15:28:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=qSwmxdg3a9pT/PW0olMN9Ba8UoPge1k1RGd+0B1erdg=; b=NHiMdDTltQdqd06KHgKOmR9ONnERLHNDNYV+qTbVZWx8Iq+z6evoghqDT/L1COZjOi KSEW7KaukiiqNyqKM0wwAAhkeAXCeC4PQnlVeLM1aqUsFWXMR+oJQoI+D+WxNZapTJpW 723bhfCqBsfnpTcQXRH2h4TbRl5RmQ7v8DaAdLj1027bipSKpwZRRVusVbSZIeBmbJVe wE4Mv7lgn5FUN7Cg08FUWHyZ2O1JiWToBhg2oeIUi49VwzPLF9CyQ3STmd2wW14aMpDU MI+vWWdDQSmaj9BWV6+OBgOcNQEfeJCYcgswF/JdoldRRJa2FW3e+GYuyQmirbxiJbBK 9pUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=qSwmxdg3a9pT/PW0olMN9Ba8UoPge1k1RGd+0B1erdg=; b=FgUk1Qg+4SHo65nTjHNTl9pq21cvxjLMwMHlF1ppDutq/selHVjUGvYkgS5iFxf88F AhxSqYCQgH/+MFlbRwkmu4+7lXCxzMYoU/CJTS7OuYLMQ6zOMsRdJK6MJb9FtW40AxEQ 5oriTp93QY6ymPbq9zKbt3kGDnLargP7DKO60XdP7wK36mgvzR9RZ3oCg1b+EFyzSDRY J6IphgMF0PSE7cIkMYzJA7Q4ReOzhfr2VIfAE2WH7NKDjnreFgrJHFcPwHPzOCyXjBrC iaK4PsB9f72a302+YcvTJuZdPD4zNCDbhV3QGAFRR3I8M3cygIn7IF9rbhhHGQ7z2dmK 0zZQ== X-Gm-Message-State: AOAM532BeEmOMqBuYA+KbwkzAOI8SGSQL2WFARrHlOW4CALC64TOTESD sOcMY4BQWM9g7eAmm/h5AgXp3kOu+IMJDlddtsEuEDfKVmVze6Hlb8TQ33NPeqlSriyjeR7vdeg RqIOjL4OeqjYK4LNrGbCGYIdTbOVGU1M1ANsEP+CDXtLLgMZwPEzcGw== X-Google-Smtp-Source: ABdhPJzpQz/EmRBmodHiEn57QMBjd4e9VRPMEglVEQquynKyuHfV3p3xhZRfWFelZdWt10qCt6YvDBE= Sender: "sdf via sendgmr" X-Received: from sdf2.svl.corp.google.com ([2620:15c:2c4:1:7220:84ff:fe09:7732]) (user=sdf job=sendgmr) by 2002:a05:6214:48f:: with SMTP id ay15mr12724612qvb.58.1611790138644; Wed, 27 Jan 2021 15:28:58 -0800 (PST) Date: Wed, 27 Jan 2021 15:28:51 -0800 In-Reply-To: <20210127232853.3753823-1-sdf@google.com> Message-Id: <20210127232853.3753823-3-sdf@google.com> Mime-Version: 1.0 References: <20210127232853.3753823-1-sdf@google.com> X-Mailer: git-send-email 2.30.0.280.ga3ce27912f-goog Subject: [PATCH bpf-next v2 2/4] bpf: enable bpf_{g, s}etsockopt in BPF_CGROUP_INET{4, 6}_GET{PEER, SOCK}NAME From: Stanislav Fomichev To: netdev@vger.kernel.org, bpf@vger.kernel.org Cc: ast@kernel.org, daniel@iogearbox.net, Stanislav Fomichev Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Those hooks run as BPF_CGROUP_RUN_SA_PROG_LOCK and operate on a locked socket. Signed-off-by: Stanislav Fomichev --- net/core/filter.c | 8 ++++++++ tools/testing/selftests/bpf/progs/connect_force_port4.c | 8 ++++++++ tools/testing/selftests/bpf/progs/connect_force_port6.c | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index 3d7f78a19565..ba436b1d70c2 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -7025,6 +7025,10 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_CGROUP_INET6_CONNECT: case BPF_CGROUP_UDP4_SENDMSG: case BPF_CGROUP_UDP6_SENDMSG: + case BPF_CGROUP_INET4_GETPEERNAME: + case BPF_CGROUP_INET6_GETPEERNAME: + case BPF_CGROUP_INET4_GETSOCKNAME: + case BPF_CGROUP_INET6_GETSOCKNAME: return &bpf_sock_addr_setsockopt_proto; default: return NULL; @@ -7037,6 +7041,10 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_CGROUP_INET6_CONNECT: case BPF_CGROUP_UDP4_SENDMSG: case BPF_CGROUP_UDP6_SENDMSG: + case BPF_CGROUP_INET4_GETPEERNAME: + case BPF_CGROUP_INET6_GETPEERNAME: + case BPF_CGROUP_INET4_GETSOCKNAME: + case BPF_CGROUP_INET6_GETSOCKNAME: return &bpf_sock_addr_getsockopt_proto; default: return NULL; diff --git a/tools/testing/selftests/bpf/progs/connect_force_port4.c b/tools/testing/selftests/bpf/progs/connect_force_port4.c index 7396308677a3..a979aaef2a76 100644 --- a/tools/testing/selftests/bpf/progs/connect_force_port4.c +++ b/tools/testing/selftests/bpf/progs/connect_force_port4.c @@ -10,6 +10,8 @@ #include #include +#include + char _license[] SEC("license") = "GPL"; int _version SEC("version") = 1; @@ -58,6 +60,9 @@ int connect4(struct bpf_sock_addr *ctx) SEC("cgroup/getsockname4") int getsockname4(struct bpf_sock_addr *ctx) { + if (!get_set_sk_priority(ctx)) + return 1; + /* Expose local server as 1.2.3.4:60000 to client. */ if (ctx->user_port == bpf_htons(60123)) { ctx->user_ip4 = bpf_htonl(0x01020304); @@ -71,6 +76,9 @@ int getpeername4(struct bpf_sock_addr *ctx) { struct svc_addr *orig; + if (!get_set_sk_priority(ctx)) + return 1; + /* Expose service 1.2.3.4:60000 as peer instead of backend. */ if (ctx->user_port == bpf_htons(60123)) { orig = bpf_sk_storage_get(&service_mapping, ctx->sk, 0, 0); diff --git a/tools/testing/selftests/bpf/progs/connect_force_port6.c b/tools/testing/selftests/bpf/progs/connect_force_port6.c index c1a2b555e9ad..afc8f1c5a9d6 100644 --- a/tools/testing/selftests/bpf/progs/connect_force_port6.c +++ b/tools/testing/selftests/bpf/progs/connect_force_port6.c @@ -9,6 +9,8 @@ #include #include +#include + char _license[] SEC("license") = "GPL"; int _version SEC("version") = 1; @@ -63,6 +65,9 @@ int connect6(struct bpf_sock_addr *ctx) SEC("cgroup/getsockname6") int getsockname6(struct bpf_sock_addr *ctx) { + if (!get_set_sk_priority(ctx)) + return 1; + /* Expose local server as [fc00::1]:60000 to client. */ if (ctx->user_port == bpf_htons(60124)) { ctx->user_ip6[0] = bpf_htonl(0xfc000000); @@ -79,6 +84,9 @@ int getpeername6(struct bpf_sock_addr *ctx) { struct svc_addr *orig; + if (!get_set_sk_priority(ctx)) + return 1; + /* Expose service [fc00::1]:60000 as peer instead of backend. */ if (ctx->user_port == bpf_htons(60124)) { orig = bpf_sk_storage_get(&service_mapping, ctx->sk, 0, 0); From patchwork Wed Jan 27 23:28:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislav Fomichev X-Patchwork-Id: 372173 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1E9D6C433DB for ; Wed, 27 Jan 2021 23:31:28 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E98FE64D7F for ; Wed, 27 Jan 2021 23:31:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233243AbhA0XbZ (ORCPT ); Wed, 27 Jan 2021 18:31:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48042 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231874AbhA0XaW (ORCPT ); Wed, 27 Jan 2021 18:30:22 -0500 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1D836C061793 for ; Wed, 27 Jan 2021 15:29:01 -0800 (PST) Received: by mail-pl1-x64a.google.com with SMTP id u14so992413plf.4 for ; Wed, 27 Jan 2021 15:29:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=+2brt3U1TLyEUVHvMxOOLD59kv/cc6yh68hbLCWv+N0=; b=Jvyx1+xktzRApPKKrCJEBjvQSD82HEcE+v5xVlmeYkTuk+ni8+XyschODcq0HMdJrk dbAbkXw7Vr837l3rKlVRZVDxJC6lDWkUvZYsAkI7yO4bsBzKvANGDOtbfNScz2FizpS8 ZT8V9Vj0K+C6estsRDdx1/ihwXGJVxFoieKm8K6W8rD1iZTSI1fYUyGghiatbo1Es/oR 8Obdfy9LFE8ZaR7G5q0XDIB3lgun3zbaYEC8W16+4yhdDA1w74Ljkdca24VTHd/x4D0T jSA3HZy59Om6z8EfyPspIqwvT9AF3MBCPBRklvCGcmSx9p3AJvh3kzXddtnPANuM7yEP Rc5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=+2brt3U1TLyEUVHvMxOOLD59kv/cc6yh68hbLCWv+N0=; b=F9tGgW9sfLyb64LvJc/QLtZ9chN66NqaSDzNIL858KlC84C77oEZoyVul6Oc/ZbDd1 CxhzfoljiA4H9RGePC1rPoufkhXx5bGh2U0vgM/wOqUzbNsE/b2O7JatubrDTAtAkm/c 4CEOXcd86ENv7YmACDAuKd+8f7IAlQESje2ttXav88Y0GBJoPHg97YrsRKdbHFtCuwH1 bAEeCQ0XxeTxymlsG8Oxd+IbGuKq14oW2pPKBO/SaBdRJWPH4L9rtDwaOxR4Yue255Ht bXFhVwkkbQGGH7O4js4KUK+BUUoRv4qN4sSW0lHmiDUY1kxMzS0GQKg9vlg9GRdi2SLm +gfQ== X-Gm-Message-State: AOAM53350by7lENLZjyI8pa3tuFOmz0DfaHCiYQz61wDPyU3kKNcpuVN 2xY+IcGBm/7R/uz35NHyJ6/utVU34kObtnZDldyb1QI1GUM1b74NRlAYYuOPL86hIpWZuEQgMoe 02LtOiTlcz1Nh5rnVPk5hNqWgx/Nnzssg2S29TP6IEJLi68bl+2Drtg== X-Google-Smtp-Source: ABdhPJx6kfIMcVZfa8y4i3LveOkcK9q+/vYvCemUKFy8yM3nBdpApWkWM87VBzjfVQd+zwM/14LsgzE= Sender: "sdf via sendgmr" X-Received: from sdf2.svl.corp.google.com ([2620:15c:2c4:1:7220:84ff:fe09:7732]) (user=sdf job=sendgmr) by 2002:a62:e312:0:b029:1b6:cbbd:63e9 with SMTP id g18-20020a62e3120000b02901b6cbbd63e9mr12862411pfh.35.1611790140533; Wed, 27 Jan 2021 15:29:00 -0800 (PST) Date: Wed, 27 Jan 2021 15:28:52 -0800 In-Reply-To: <20210127232853.3753823-1-sdf@google.com> Message-Id: <20210127232853.3753823-4-sdf@google.com> Mime-Version: 1.0 References: <20210127232853.3753823-1-sdf@google.com> X-Mailer: git-send-email 2.30.0.280.ga3ce27912f-goog Subject: [PATCH bpf-next v2 3/4] selftests/bpf: rewrite recvmsg{4, 6} asm progs to c in test_sock_addr From: Stanislav Fomichev To: netdev@vger.kernel.org, bpf@vger.kernel.org Cc: ast@kernel.org, daniel@iogearbox.net, Stanislav Fomichev Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org I'll extend them in the next patch. It's easier to work with C than with asm. Signed-off-by: Stanislav Fomichev --- .../selftests/bpf/progs/recvmsg4_prog.c | 37 ++++++++ .../selftests/bpf/progs/recvmsg6_prog.c | 43 ++++++++++ tools/testing/selftests/bpf/test_sock_addr.c | 86 +++---------------- 3 files changed, 92 insertions(+), 74 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/recvmsg4_prog.c create mode 100644 tools/testing/selftests/bpf/progs/recvmsg6_prog.c diff --git a/tools/testing/selftests/bpf/progs/recvmsg4_prog.c b/tools/testing/selftests/bpf/progs/recvmsg4_prog.c new file mode 100644 index 000000000000..fc2fe8a952fa --- /dev/null +++ b/tools/testing/selftests/bpf/progs/recvmsg4_prog.c @@ -0,0 +1,37 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include +#include +#include + +#include +#include + +#define SERV4_IP 0xc0a801feU /* 192.168.1.254 */ +#define SERV4_PORT 4040 + +SEC("cgroup/recvmsg4") +int recvmsg4_prog(struct bpf_sock_addr *ctx) +{ + struct bpf_sock *sk; + __u32 user_ip4; + __u16 user_port; + + sk = ctx->sk; + if (!sk) + return 1; + + if (sk->family != AF_INET) + return 1; + + if (ctx->type != SOCK_STREAM && ctx->type != SOCK_DGRAM) + return 1; + + ctx->user_ip4 = bpf_htonl(SERV4_IP); + ctx->user_port = bpf_htons(SERV4_PORT); + + return 1; +} + +char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/progs/recvmsg6_prog.c b/tools/testing/selftests/bpf/progs/recvmsg6_prog.c new file mode 100644 index 000000000000..6060fd63324b --- /dev/null +++ b/tools/testing/selftests/bpf/progs/recvmsg6_prog.c @@ -0,0 +1,43 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include +#include +#include + +#include +#include + +#define SERV6_IP_0 0xfaceb00c /* face:b00c:1234:5678::abcd */ +#define SERV6_IP_1 0x12345678 +#define SERV6_IP_2 0x00000000 +#define SERV6_IP_3 0x0000abcd +#define SERV6_PORT 6060 + +SEC("cgroup/recvmsg6") +int recvmsg6_prog(struct bpf_sock_addr *ctx) +{ + struct bpf_sock *sk; + __u32 user_ip4; + __u16 user_port; + + sk = ctx->sk; + if (!sk) + return 1; + + if (sk->family != AF_INET6) + return 1; + + if (ctx->type != SOCK_STREAM && ctx->type != SOCK_DGRAM) + return 1; + + ctx->user_ip6[0] = bpf_htonl(SERV6_IP_0); + ctx->user_ip6[1] = bpf_htonl(SERV6_IP_1); + ctx->user_ip6[2] = bpf_htonl(SERV6_IP_2); + ctx->user_ip6[3] = bpf_htonl(SERV6_IP_3); + ctx->user_port = bpf_htons(SERV6_PORT); + + return 1; +} + +char _license[] SEC("license") = "GPL"; diff --git a/tools/testing/selftests/bpf/test_sock_addr.c b/tools/testing/selftests/bpf/test_sock_addr.c index dcb83ab02919..aa3f185fcb89 100644 --- a/tools/testing/selftests/bpf/test_sock_addr.c +++ b/tools/testing/selftests/bpf/test_sock_addr.c @@ -31,6 +31,8 @@ #define CONNECT6_PROG_PATH "./connect6_prog.o" #define SENDMSG4_PROG_PATH "./sendmsg4_prog.o" #define SENDMSG6_PROG_PATH "./sendmsg6_prog.o" +#define RECVMSG4_PROG_PATH "./recvmsg4_prog.o" +#define RECVMSG6_PROG_PATH "./recvmsg6_prog.o" #define BIND4_PROG_PATH "./bind4_prog.o" #define BIND6_PROG_PATH "./bind6_prog.o" @@ -94,10 +96,10 @@ static int sendmsg_deny_prog_load(const struct sock_addr_test *test); static int recvmsg_allow_prog_load(const struct sock_addr_test *test); static int recvmsg_deny_prog_load(const struct sock_addr_test *test); static int sendmsg4_rw_asm_prog_load(const struct sock_addr_test *test); -static int recvmsg4_rw_asm_prog_load(const struct sock_addr_test *test); +static int recvmsg4_rw_c_prog_load(const struct sock_addr_test *test); static int sendmsg4_rw_c_prog_load(const struct sock_addr_test *test); static int sendmsg6_rw_asm_prog_load(const struct sock_addr_test *test); -static int recvmsg6_rw_asm_prog_load(const struct sock_addr_test *test); +static int recvmsg6_rw_c_prog_load(const struct sock_addr_test *test); static int sendmsg6_rw_c_prog_load(const struct sock_addr_test *test); static int sendmsg6_rw_v4mapped_prog_load(const struct sock_addr_test *test); static int sendmsg6_rw_wildcard_prog_load(const struct sock_addr_test *test); @@ -573,8 +575,8 @@ static struct sock_addr_test tests[] = { LOAD_REJECT, }, { - "recvmsg4: rewrite IP & port (asm)", - recvmsg4_rw_asm_prog_load, + "recvmsg4: rewrite IP & port (C)", + recvmsg4_rw_c_prog_load, BPF_CGROUP_UDP4_RECVMSG, BPF_CGROUP_UDP4_RECVMSG, AF_INET, @@ -587,8 +589,8 @@ static struct sock_addr_test tests[] = { SUCCESS, }, { - "recvmsg6: rewrite IP & port (asm)", - recvmsg6_rw_asm_prog_load, + "recvmsg6: rewrite IP & port (C)", + recvmsg6_rw_c_prog_load, BPF_CGROUP_UDP6_RECVMSG, BPF_CGROUP_UDP6_RECVMSG, AF_INET6, @@ -786,45 +788,9 @@ static int sendmsg4_rw_asm_prog_load(const struct sock_addr_test *test) return load_insns(test, insns, sizeof(insns) / sizeof(struct bpf_insn)); } -static int recvmsg4_rw_asm_prog_load(const struct sock_addr_test *test) +static int recvmsg4_rw_c_prog_load(const struct sock_addr_test *test) { - struct sockaddr_in src4_rw_addr; - - if (mk_sockaddr(AF_INET, SERV4_IP, SERV4_PORT, - (struct sockaddr *)&src4_rw_addr, - sizeof(src4_rw_addr)) == -1) - return -1; - - struct bpf_insn insns[] = { - BPF_MOV64_REG(BPF_REG_6, BPF_REG_1), - - /* if (sk.family == AF_INET && */ - BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_6, - offsetof(struct bpf_sock_addr, family)), - BPF_JMP_IMM(BPF_JNE, BPF_REG_7, AF_INET, 6), - - /* sk.type == SOCK_DGRAM) { */ - BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_6, - offsetof(struct bpf_sock_addr, type)), - BPF_JMP_IMM(BPF_JNE, BPF_REG_7, SOCK_DGRAM, 4), - - /* user_ip4 = src4_rw_addr.sin_addr */ - BPF_MOV32_IMM(BPF_REG_7, src4_rw_addr.sin_addr.s_addr), - BPF_STX_MEM(BPF_W, BPF_REG_6, BPF_REG_7, - offsetof(struct bpf_sock_addr, user_ip4)), - - /* user_port = src4_rw_addr.sin_port */ - BPF_MOV32_IMM(BPF_REG_7, src4_rw_addr.sin_port), - BPF_STX_MEM(BPF_W, BPF_REG_6, BPF_REG_7, - offsetof(struct bpf_sock_addr, user_port)), - /* } */ - - /* return 1 */ - BPF_MOV64_IMM(BPF_REG_0, 1), - BPF_EXIT_INSN(), - }; - - return load_insns(test, insns, sizeof(insns) / sizeof(struct bpf_insn)); + return load_path(test, RECVMSG4_PROG_PATH); } static int sendmsg4_rw_c_prog_load(const struct sock_addr_test *test) @@ -890,37 +856,9 @@ static int sendmsg6_rw_asm_prog_load(const struct sock_addr_test *test) return sendmsg6_rw_dst_asm_prog_load(test, SERV6_REWRITE_IP); } -static int recvmsg6_rw_asm_prog_load(const struct sock_addr_test *test) +static int recvmsg6_rw_c_prog_load(const struct sock_addr_test *test) { - struct sockaddr_in6 src6_rw_addr; - - if (mk_sockaddr(AF_INET6, SERV6_IP, SERV6_PORT, - (struct sockaddr *)&src6_rw_addr, - sizeof(src6_rw_addr)) == -1) - return -1; - - struct bpf_insn insns[] = { - BPF_MOV64_REG(BPF_REG_6, BPF_REG_1), - - /* if (sk.family == AF_INET6) { */ - BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_6, - offsetof(struct bpf_sock_addr, family)), - BPF_JMP_IMM(BPF_JNE, BPF_REG_7, AF_INET6, 10), - - STORE_IPV6(user_ip6, src6_rw_addr.sin6_addr.s6_addr32), - - /* user_port = dst6_rw_addr.sin6_port */ - BPF_MOV32_IMM(BPF_REG_7, src6_rw_addr.sin6_port), - BPF_STX_MEM(BPF_W, BPF_REG_6, BPF_REG_7, - offsetof(struct bpf_sock_addr, user_port)), - /* } */ - - /* return 1 */ - BPF_MOV64_IMM(BPF_REG_0, 1), - BPF_EXIT_INSN(), - }; - - return load_insns(test, insns, sizeof(insns) / sizeof(struct bpf_insn)); + return load_path(test, RECVMSG6_PROG_PATH); } static int sendmsg6_rw_v4mapped_prog_load(const struct sock_addr_test *test) From patchwork Wed Jan 27 23:28:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stanislav Fomichev X-Patchwork-Id: 372172 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50122C433DB for ; Wed, 27 Jan 2021 23:31:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2357360C40 for ; Wed, 27 Jan 2021 23:31:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235287AbhA0Xbq (ORCPT ); Wed, 27 Jan 2021 18:31:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48238 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232091AbhA0XbQ (ORCPT ); Wed, 27 Jan 2021 18:31:16 -0500 Received: from mail-qk1-x749.google.com (mail-qk1-x749.google.com [IPv6:2607:f8b0:4864:20::749]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 560E5C061797 for ; Wed, 27 Jan 2021 15:29:03 -0800 (PST) Received: by mail-qk1-x749.google.com with SMTP id r190so2796415qkf.19 for ; Wed, 27 Jan 2021 15:29:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:date:in-reply-to:message-id:mime-version:references:subject :from:to:cc; bh=2xvw56uMQ1ecuAEADRnoIpPQc7Y6L/lmpB1+lxfp0II=; b=TDuQRdk+Cp6QcQnhveInYzgj7+qT95NpYNmFCkXwUUTt7AmCuuS5mjFKS+acp2a/JS OO7MVd/Vb9FDSvWK9R7iBYCqO+QWdXQ6+Xq1zTVvO34FryOdQc7V5kM0zBOt6HhY7RyP 3mLoi6btRxY3g+LZqlhB1RE2vkk8SsK/TJgKfF0AoJvC7EPg6ArGsQsfmvwGcKqyE+hT mw7RUHRXOLdvLlB9g66qKlkYQVsWlRqiGUA4uzkuO76vSj/Edxd/mMElWEPWVstW3tKt vwp/bNN4bpHsLk6Z3iMC/uptF2e6xMCQxazWsE5HeVfHb65tENcTdHQtC+gitFkm01Pc V61A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=2xvw56uMQ1ecuAEADRnoIpPQc7Y6L/lmpB1+lxfp0II=; b=MnMCgaQCFAomwoacxcFlZBiqOBrcTXXZfMJXeGqEbWYSj7q5aovjMNudMLyBkqCtVQ GMBjaGF+Mp+9zru1nMekjSSnI3etDTm7nU/o5DKSSZwn8Zi6s1elNP9pKj9B+EWo8Pjl tsUQhaKdXSHJ5Fa4ydOt+D9rJzLKthlay9Defdbn6pjlqYTyLiYf46FgiyN+TFNPu8TF 7H1ZiEqhoi08ZkkYYesRNKZJGpic4wQTHGX+YezE161p/n1hFUxZjvM6Jn5ilZ7mO9JH GZzGQQE1IC3mMLBNpzOKkzQguaKe9952aJWzsLp1itcpertsfyZG0t9XfMjhXsmmFm5O KcaQ== X-Gm-Message-State: AOAM530jzJDarUTacwmtzAQmbzoelkJVjBEtlbg1QphLTr5ElDl+tkEb qUDkiwJ5VyyDXGzilqlQT40kylylCcMBKCm6Uzp78FOv162Lqc7TN3OAFUDlnFoMyRD77d+kbGK k3xRwtybzDnIra4rHBIpFfTDKt8D3aJzqP3kCqid+xmybkgMNf7JrtQ== X-Google-Smtp-Source: ABdhPJygd+LWTq3OcfriVsvZs0yM5KI1hOAhIJIzAF5DNobIqEF+dhNKIzuPqQJh+sGbFq2CxJ6iUzI= Sender: "sdf via sendgmr" X-Received: from sdf2.svl.corp.google.com ([2620:15c:2c4:1:7220:84ff:fe09:7732]) (user=sdf job=sendgmr) by 2002:a0c:e28c:: with SMTP id r12mr3962060qvl.34.1611790142513; Wed, 27 Jan 2021 15:29:02 -0800 (PST) Date: Wed, 27 Jan 2021 15:28:53 -0800 In-Reply-To: <20210127232853.3753823-1-sdf@google.com> Message-Id: <20210127232853.3753823-5-sdf@google.com> Mime-Version: 1.0 References: <20210127232853.3753823-1-sdf@google.com> X-Mailer: git-send-email 2.30.0.280.ga3ce27912f-goog Subject: [PATCH bpf-next v2 4/4] bpf: enable bpf_{g, s}etsockopt in BPF_CGROUP_UDP{4, 6}_RECVMSG From: Stanislav Fomichev To: netdev@vger.kernel.org, bpf@vger.kernel.org Cc: ast@kernel.org, daniel@iogearbox.net, Stanislav Fomichev Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Those hooks run as BPF_CGROUP_RUN_SA_PROG_LOCK and operate on a locked socket. Signed-off-by: Stanislav Fomichev --- net/core/filter.c | 4 ++++ tools/testing/selftests/bpf/progs/recvmsg4_prog.c | 5 +++++ tools/testing/selftests/bpf/progs/recvmsg6_prog.c | 5 +++++ 3 files changed, 14 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index ba436b1d70c2..e15d4741719a 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -7023,6 +7023,8 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_CGROUP_INET6_BIND: case BPF_CGROUP_INET4_CONNECT: case BPF_CGROUP_INET6_CONNECT: + case BPF_CGROUP_UDP4_RECVMSG: + case BPF_CGROUP_UDP6_RECVMSG: case BPF_CGROUP_UDP4_SENDMSG: case BPF_CGROUP_UDP6_SENDMSG: case BPF_CGROUP_INET4_GETPEERNAME: @@ -7039,6 +7041,8 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_CGROUP_INET6_BIND: case BPF_CGROUP_INET4_CONNECT: case BPF_CGROUP_INET6_CONNECT: + case BPF_CGROUP_UDP4_RECVMSG: + case BPF_CGROUP_UDP6_RECVMSG: case BPF_CGROUP_UDP4_SENDMSG: case BPF_CGROUP_UDP6_SENDMSG: case BPF_CGROUP_INET4_GETPEERNAME: diff --git a/tools/testing/selftests/bpf/progs/recvmsg4_prog.c b/tools/testing/selftests/bpf/progs/recvmsg4_prog.c index fc2fe8a952fa..3d1ae8b3402f 100644 --- a/tools/testing/selftests/bpf/progs/recvmsg4_prog.c +++ b/tools/testing/selftests/bpf/progs/recvmsg4_prog.c @@ -8,6 +8,8 @@ #include #include +#include + #define SERV4_IP 0xc0a801feU /* 192.168.1.254 */ #define SERV4_PORT 4040 @@ -28,6 +30,9 @@ int recvmsg4_prog(struct bpf_sock_addr *ctx) if (ctx->type != SOCK_STREAM && ctx->type != SOCK_DGRAM) return 1; + if (!get_set_sk_priority(ctx)) + return 1; + ctx->user_ip4 = bpf_htonl(SERV4_IP); ctx->user_port = bpf_htons(SERV4_PORT); diff --git a/tools/testing/selftests/bpf/progs/recvmsg6_prog.c b/tools/testing/selftests/bpf/progs/recvmsg6_prog.c index 6060fd63324b..27dfb21b21b4 100644 --- a/tools/testing/selftests/bpf/progs/recvmsg6_prog.c +++ b/tools/testing/selftests/bpf/progs/recvmsg6_prog.c @@ -8,6 +8,8 @@ #include #include +#include + #define SERV6_IP_0 0xfaceb00c /* face:b00c:1234:5678::abcd */ #define SERV6_IP_1 0x12345678 #define SERV6_IP_2 0x00000000 @@ -31,6 +33,9 @@ int recvmsg6_prog(struct bpf_sock_addr *ctx) if (ctx->type != SOCK_STREAM && ctx->type != SOCK_DGRAM) return 1; + if (!get_set_sk_priority(ctx)) + return 1; + ctx->user_ip6[0] = bpf_htonl(SERV6_IP_0); ctx->user_ip6[1] = bpf_htonl(SERV6_IP_1); ctx->user_ip6[2] = bpf_htonl(SERV6_IP_2);