[PATCH v2 bpf-next 1/3] net: Fix for bpf_sysctl_set_new_value

BPF List
 help / color / mirror / Atom feed

From: Raman Shukhau <ramasha@meta.com>
To: <bpf@vger.kernel.org>, <ast@kernel.org>, <andrii@kernel.org>,
	<daniel@iogearbox.net>
Cc: Raman Shukhau <ramasha@meta.com>
Subject: [PATCH v2 bpf-next 1/3] net: Fix for bpf_sysctl_set_new_value
Date: Mon, 20 May 2024 02:14:22 -0700	[thread overview]
Message-ID: <20240520091424.2427762-2-ramasha@meta.com> (raw)
In-Reply-To: <20240520091424.2427762-1-ramasha@meta.com>

Call to bpf_sysctl_set_new_value doesn't change final value
of the parameter, when called from cgroup/syscall bpf handler. No error
thrown in this case, new value is simply ignored and original value, sent
to sysctl, is set. Example (see test added to this change for BPF handler
logic):

sysctl -w net.ipv4.ip_local_reserved_ports = 11111
... cgroup/syscal handler call bpf_sysctl_set_new_value	and set 22222
sysctl net.ipv4.ip_local_reserved_ports
... returns 11111

Return value check is incorrect in __cgroup_bpf_run_filter_sysctl
specifically for the case when new value is set, as bpf_prog_run_array_cg
return 0 on success.

Signed-off-by: Raman Shukhau <ramasha@meta.com>
---
 kernel/bpf/cgroup.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c
index 8ba73042a239..bfc36e7ca6f6 100644
--- a/kernel/bpf/cgroup.c
+++ b/kernel/bpf/cgroup.c
@@ -1739,7 +1739,7 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head,
 
 	kfree(ctx.cur_val);
 
-	if (ret == 1 && ctx.new_updated) {
+	if (ret == 0 && ctx.new_updated) {
 		kfree(*buf);
 		*buf = ctx.new_val;
 		*pcount = ctx.new_len;
-- 
2.43.0

next prev parent reply	other threads:[~2024-05-20  9:14 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-20  9:14 [PATCH v2 bpf-next 0/3] Fix and improvement for bpf_sysctl_set_new_value Raman Shukhau
2024-05-20  9:14 ` Raman Shukhau [this message]
2024-05-20  9:14 ` [PATCH v2 bpf-next 2/3] net: Improvement " Raman Shukhau
2024-05-20  9:14 ` [PATCH v2 bpf-next 3/3] net: new cgrp_sysctl test suite Raman Shukhau
2024-05-20 14:59 ` [PATCH v2 bpf-next 0/3] Fix and improvement for bpf_sysctl_set_new_value Alexei Starovoitov

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:8ba73042a23 dfblob:bfc36e7ca6f )
 OR (
bs:"[PATCH v2 bpf-next 1/3] net: Fix for bpf_sysctl_set_new_value" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240520091424.2427762-2-ramasha@meta.com \
    --to=ramasha@meta.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox