[PATCH net-next v7 0/3] net: core: Two Helper function about socket information

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Chenbo Feng <chenbofeng.kernel@gmail.com>
To: netdev@vger.kernel.org, David Miller <davem@davemloft.net>,
	Alexei Starovoitov <ast@fb.com>,
	Daniel Borkmann <daniel@iogearbox.net>
Cc: Lorenzo Colitti <lorenzo@google.com>,
	Willem de Bruijn <willemb@google.com>,
	Chenbo Feng <fengc@google.com>
Subject: [PATCH net-next v7 0/3] net: core: Two Helper function about socket information
Date: Tue, 21 Mar 2017 15:05:31 -0700	[thread overview]
Message-ID: <1490133934-7055-1-git-send-email-chenbofeng.kernel@gmail.com> (raw)

From: Chenbo Feng <fengc@google.com>

Introduce two eBpf helper function to get the socket cookie and
socket uid for each packet. The helper function is useful when
the *sk field inside sk_buff is not empty. These helper functions
can be used on socket and uid based traffic monitoring programs.

Change since V6:
* change the user namespace of uid helper function back to init_user_ns
  since in some situation, for example, pinned bpf object, the current
  user namespace is not always applicable. 

Change since V5:
* Delete unnecessary blank lines in sample program.
* Refine the variable orders in get_uid helper function.

Change since V4:
* Using current user namespace to get uid instead of using init_ns.
* Add compiling setup of example program in to Makefile.
* Change the name style of the example program binaries.

Change since V3:
* Fixed some typos and incorrect comments in sample program
* replaced raw insns with BPF_STX_XADD and add it to libbpf.h
* Use a temp dir as mount point instead and added a check for
  the user input string.
* Make the get uid helper function returns the user namespace uid
  instead of kuid.
* Return a overflowuid instead of 0 when no uid information is found.

Change since V2:
* Add a sample program to demostrate the usage of the helper function.
* Moved the helper function proto invoking place.
* Add function header into tools/include
* Apply sk_to_full_sk() before getting uid.

Change since V1:
* Removed the unnecessary declarations and export command
* resolved conflict with master branch.
* Examine if the socket is a full socket before getting the uid.

Chenbo Feng (3):
  Add a helper function to get socket cookie in eBPF
  Add a eBPF helper function to retrieve socket uid
  A Sample of using socket cookie and uid for traffic monitoring

 include/linux/sock_diag.h                    |   1 +
 include/uapi/linux/bpf.h                     |  16 +-
 net/core/filter.c                            |  39 +++++
 net/core/sock_diag.c                         |   2 +-
 samples/bpf/Makefile                         |   3 +
 samples/bpf/cookie_uid_helper_example.c      | 217 +++++++++++++++++++++++++++
 samples/bpf/libbpf.h                         |  10 ++
 samples/bpf/run_cookie_uid_helper_example.sh |  14 ++
 tools/include/uapi/linux/bpf.h               |   4 +-
 9 files changed, 303 insertions(+), 3 deletions(-)
 create mode 100644 samples/bpf/cookie_uid_helper_example.c
 create mode 100755 samples/bpf/run_cookie_uid_helper_example.sh

-- 
2.7.4

next             reply	other threads:[~2017-03-21 22:05 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-03-21 22:05 Chenbo Feng [this message]
2017-03-21 22:05 ` [PATCH net-next v7 1/3] Add a helper function to get socket cookie in eBPF Chenbo Feng
2017-03-22 11:10   ` Willem de Bruijn
2017-03-21 22:05 ` [PATCH net-next v7 2/3] Add a eBPF helper function to retrieve socket uid Chenbo Feng
2017-03-22 11:09   ` Willem de Bruijn
2017-03-22 12:06     ` Lorenzo Colitti
2017-03-22 19:25       ` Alexei Starovoitov
2017-03-21 22:05 ` [PATCH net-next v7 3/3] A Sample of using socket cookie and uid for traffic monitoring Chenbo Feng
2017-03-22 11:13   ` Willem de Bruijn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1490133934-7055-1-git-send-email-chenbofeng.kernel@gmail.com \
    --to=chenbofeng.kernel@gmail.com \
    --cc=ast@fb.com \
    --cc=daniel@iogearbox.net \
    --cc=davem@davemloft.net \
    --cc=fengc@google.com \
    --cc=lorenzo@google.com \
    --cc=netdev@vger.kernel.org \
    --cc=willemb@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.