From: Amery Hung <ameryhung@gmail.com>
To: netdev@vger.kernel.org
Cc: bpf@vger.kernel.org, daniel@iogearbox.net, andrii@kernel.org,
alexei.starovoitov@gmail.com, martin.lau@kernel.org,
kuba@kernel.org, edumazet@google.com, xiyou.wangcong@gmail.com,
jhs@mojatatu.com, sinquersw@gmail.com, toke@redhat.com,
jiri@resnulli.us, stfomichev@gmail.com,
ekarani.silvestre@ccc.ufcg.edu.br, yangpeihao@sjtu.edu.cn,
yepeilin.cs@gmail.com, ameryhung@gmail.com, kernel-team@meta.com
Subject: [PATCH bpf-next v5 09/13] bpf: net_sched: Disable attaching bpf qdisc to non root
Date: Thu, 13 Mar 2025 12:03:03 -0700 [thread overview]
Message-ID: <20250313190309.2545711-10-ameryhung@gmail.com> (raw)
In-Reply-To: <20250313190309.2545711-1-ameryhung@gmail.com>
Do not allow users to attach bpf qdiscs to classful qdiscs. This is to
prevent accidentally breaking existings classful qdiscs if they rely on
some data in the child qdisc. This restriction can potentially be lifted
in the future. Note that, we still allow bpf qdisc to be attached to mq.
Signed-off-by: Amery Hung <ameryhung@gmail.com>
---
net/sched/bpf_qdisc.c | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/net/sched/bpf_qdisc.c b/net/sched/bpf_qdisc.c
index e4e7a5879869..c2f33cd35674 100644
--- a/net/sched/bpf_qdisc.c
+++ b/net/sched/bpf_qdisc.c
@@ -170,8 +170,11 @@ static int bpf_qdisc_gen_prologue(struct bpf_insn *insn_buf, bool direct_write,
return 0;
*insn++ = BPF_MOV64_REG(BPF_REG_6, BPF_REG_1);
+ *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_2, BPF_REG_1, 16);
*insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_1, 0);
*insn++ = BPF_CALL_KFUNC(0, bpf_qdisc_init_prologue_ids[0]);
+ *insn++ = BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 1);
+ *insn++ = BPF_EXIT_INSN();
*insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_6);
*insn++ = prog->insnsi[0];
@@ -239,11 +242,26 @@ __bpf_kfunc void bpf_qdisc_watchdog_schedule(struct Qdisc *sch, u64 expire, u64
}
/* bpf_qdisc_init_prologue - Hidden kfunc called in prologue of .init. */
-__bpf_kfunc void bpf_qdisc_init_prologue(struct Qdisc *sch)
+__bpf_kfunc int bpf_qdisc_init_prologue(struct Qdisc *sch,
+ struct netlink_ext_ack *extack)
{
struct bpf_sched_data *q = qdisc_priv(sch);
+ struct net_device *dev = qdisc_dev(sch);
+ struct Qdisc *p;
+
+ if (sch->parent != TC_H_ROOT) {
+ p = qdisc_lookup(dev, TC_H_MAJ(sch->parent));
+ if (!p)
+ return -ENOENT;
+
+ if (!(p->flags & TCQ_F_MQROOT)) {
+ NL_SET_ERR_MSG(extack, "BPF qdisc only supported on root or mq");
+ return -EINVAL;
+ }
+ }
qdisc_watchdog_init(&q->watchdog, sch);
+ return 0;
}
/* bpf_qdisc_reset_destroy_epilogue - Hidden kfunc called in epilogue of .reset
--
2.47.1
next prev parent reply other threads:[~2025-03-13 19:03 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-13 19:02 [PATCH bpf-next v5 00/13] bpf qdisc Amery Hung
2025-03-13 19:02 ` [PATCH bpf-next v5 01/13] bpf: Prepare to reuse get_ctx_arg_idx Amery Hung
2025-03-13 19:02 ` [PATCH bpf-next v5 02/13] bpf: Generalize finding member offset of struct_ops prog Amery Hung
2025-03-13 19:02 ` [PATCH bpf-next v5 03/13] bpf: net_sched: Support implementation of Qdisc_ops in bpf Amery Hung
2025-03-13 19:02 ` [PATCH bpf-next v5 04/13] bpf: net_sched: Add basic bpf qdisc kfuncs Amery Hung
2025-03-14 20:14 ` Alexei Starovoitov
2025-03-17 19:44 ` Amery Hung
2025-03-13 19:02 ` [PATCH bpf-next v5 05/13] bpf: net_sched: Add a qdisc watchdog timer Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 06/13] bpf: net_sched: Support updating bstats Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 07/13] bpf: net_sched: Support updating qstats Amery Hung
2025-03-14 20:24 ` Alexei Starovoitov
2025-03-16 13:56 ` Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 08/13] bpf: net_sched: Allow writing to more Qdisc members Amery Hung
2025-03-13 19:03 ` Amery Hung [this message]
2025-03-14 20:31 ` [PATCH bpf-next v5 09/13] bpf: net_sched: Disable attaching bpf qdisc to non root Alexei Starovoitov
2025-03-16 13:58 ` Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 10/13] libbpf: Support creating and destroying qdisc Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 11/13] selftests/bpf: Add a basic fifo qdisc test Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 12/13] selftests/bpf: Add a bpf fq qdisc to selftest Amery Hung
2025-03-14 20:35 ` Alexei Starovoitov
2025-03-17 1:25 ` Amery Hung
2025-03-13 19:03 ` [PATCH bpf-next v5 13/13] selftests/bpf: Test attaching bpf qdisc to mq and non root Amery Hung
2025-03-13 19:52 ` [PATCH bpf-next v5 00/13] bpf qdisc Toke Høiland-Jørgensen
2025-03-14 1:43 ` Amery Hung
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250313190309.2545711-10-ameryhung@gmail.com \
--to=ameryhung@gmail.com \
--cc=alexei.starovoitov@gmail.com \
--cc=andrii@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=edumazet@google.com \
--cc=ekarani.silvestre@ccc.ufcg.edu.br \
--cc=jhs@mojatatu.com \
--cc=jiri@resnulli.us \
--cc=kernel-team@meta.com \
--cc=kuba@kernel.org \
--cc=martin.lau@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=sinquersw@gmail.com \
--cc=stfomichev@gmail.com \
--cc=toke@redhat.com \
--cc=xiyou.wangcong@gmail.com \
--cc=yangpeihao@sjtu.edu.cn \
--cc=yepeilin.cs@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox