From: Andrey Ignatov <rdna@fb.com>
To: <netdev@vger.kernel.org>
Cc: Andrey Ignatov <rdna@fb.com>, <davem@davemloft.net>,
<kafai@fb.com>, <ast@kernel.org>, <daniel@iogearbox.net>,
<kernel-team@fb.com>
Subject: [PATCH v3 bpf-next 0/5] bpf: Hooks for sys_sendmsg
Date: Thu, 24 May 2018 22:09:34 -0700 [thread overview]
Message-ID: <cover.1527224903.git.rdna@fb.com> (raw)
v2 -> v3:
* place BPF logic under static key in udp_sendmsg, udpv6_sendmsg;
* rebase.
v1 -> v2:
* return ENOTSUPP if bpf_prog rewrote IPv6-only with IPv4-mapped IPv6;
* add test for IPv4-mapped IPv6 use-case;
* fix build for CONFIG_CGROUP_BPF=n;
* rebase.
This path set adds BPF hooks for sys_sendmsg similar to existing hooks for
sys_bind and sys_connect.
Hooks allow to override source IP (including the case when it's set via
cmsg(3)) and destination IP:port for unconnected UDP (slow path). TCP and
connected UDP (fast path) are not affected. This makes UDP support
complete: connected UDP is handled by sys_connect hooks, unconnected by
sys_sendmsg ones.
Similar to sys_connect hooks, sys_sendmsg ones can be used to make system
calls such as sendmsg(2) and sendto(2) return EPERM.
Please see patch 0001 for more details.
Andrey Ignatov (5):
bpf: Hooks for sys_sendmsg
bpf: Sync bpf.h to tools/
libbpf: Support guessing sendmsg{4,6} progs
selftests/bpf: Prepare test_sock_addr for extension
selftests/bpf: Selftest for sys_sendmsg hooks
include/linux/bpf-cgroup.h | 23 +-
include/linux/filter.h | 1 +
include/uapi/linux/bpf.h | 8 +
kernel/bpf/cgroup.c | 11 +-
kernel/bpf/syscall.c | 8 +
net/core/filter.c | 39 +
net/ipv4/udp.c | 20 +-
net/ipv6/udp.c | 24 +
tools/include/uapi/linux/bpf.h | 8 +
tools/lib/bpf/libbpf.c | 2 +
tools/testing/selftests/bpf/Makefile | 2 +-
tools/testing/selftests/bpf/sendmsg4_prog.c | 49 ++
tools/testing/selftests/bpf/sendmsg6_prog.c | 60 ++
tools/testing/selftests/bpf/test_sock_addr.c | 1155 +++++++++++++++++++++-----
14 files changed, 1214 insertions(+), 196 deletions(-)
create mode 100644 tools/testing/selftests/bpf/sendmsg4_prog.c
create mode 100644 tools/testing/selftests/bpf/sendmsg6_prog.c
--
2.9.5
next reply other threads:[~2018-05-25 5:12 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-25 5:09 Andrey Ignatov [this message]
2018-05-25 5:09 ` [PATCH v3 bpf-next 1/5] bpf: Hooks for sys_sendmsg Andrey Ignatov
2018-05-25 5:09 ` [PATCH v3 bpf-next 2/5] bpf: Sync bpf.h to tools/ Andrey Ignatov
2018-05-25 5:09 ` [PATCH v3 bpf-next 3/5] libbpf: Support guessing sendmsg{4,6} progs Andrey Ignatov
2018-05-25 5:09 ` [PATCH v3 bpf-next 4/5] selftests/bpf: Prepare test_sock_addr for extension Andrey Ignatov
2018-05-25 5:09 ` [PATCH v3 bpf-next 5/5] selftests/bpf: Selftest for sys_sendmsg hooks Andrey Ignatov
2018-05-27 22:56 ` [PATCH v3 bpf-next 0/5] bpf: Hooks for sys_sendmsg Daniel Borkmann
2018-05-27 22:59 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1527224903.git.rdna@fb.com \
--to=rdna@fb.com \
--cc=ast@kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=kafai@fb.com \
--cc=kernel-team@fb.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.