[PATCH bpf-next] bpf: Allow bpf_tcp

public inbox for netdev@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH bpf-next] bpf: Allow bpf_tcp_sock() helper in XDP
@ 2026-02-04 12:24 Arthur Fabre
  2026-02-04 13:04 ` bot+bpf-ci
  0 siblings, 1 reply; 4+ messages in thread
From: Arthur Fabre @ 2026-02-04 12:24 UTC (permalink / raw)
  To: Martin KaFai Lau, Daniel Borkmann, John Fastabend,
	Stanislav Fomichev, Alexei Starovoitov, Andrii Nakryiko,
	Eduard Zingerman, Song Liu, Yonghong Song, KP Singh, Hao Luo,
	Jiri Olsa, David S. Miller, Eric Dumazet, Jakub Kicinski,
	Paolo Abeni, Simon Horman
  Cc: bpf, netdev, linux-kernel, kernel-team, wferguson, Arthur Fabre

We can already lookup sockets in XDP via the bpf_sk(c)_lookup_(udp|tcp)
helpers. This can be used to determine if a received packet is for an
established socket or not, for example in a load balancer.

But the TCP TIME-WAIT state needs special handling for this: packets
received for a TIME-WAIT socket can either belong to the current
incarnation of the connection, or a new incarnation. The only way to
determine this is to compare the sequence numbers.

Add the bpf_tcp_sock() helper in XDP to allow the socket sequence
numbers to be read.

---
Signed-off-by: Arthur Fabre <afabre@cloudflare.com>
---
 net/core/filter.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/net/core/filter.c b/net/core/filter.c
index f04982d79d72e92f1b46ccd87633391e38c3da81..5e3a1951130369f070c3a373ea649bd10db412b6 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -8506,6 +8506,8 @@ xdp_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		return &bpf_sk_release_proto;
 	case BPF_FUNC_skc_lookup_tcp:
 		return &bpf_xdp_skc_lookup_tcp_proto;
+	case BPF_FUNC_tcp_sock:
+		return &bpf_tcp_sock_proto;
 	case BPF_FUNC_tcp_check_syncookie:
 		return &bpf_tcp_check_syncookie_proto;
 	case BPF_FUNC_tcp_gen_syncookie:

---
base-commit: d95d76aa772bf94df353b015b1cb38303d4a415d
change-id: 20260204-afabre-bpf_tcp_sock-117d03c6f0e3

Best regards,
-- 
Arthur Fabre <afabre@cloudflare.com>


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH bpf-next] bpf: Allow bpf_tcp_sock() helper in XDP
  2026-02-04 12:24 [PATCH bpf-next] bpf: Allow bpf_tcp_sock() helper in XDP Arthur Fabre
@ 2026-02-04 13:04 ` bot+bpf-ci
  2026-02-04 22:27   ` Martin KaFai Lau
  0 siblings, 1 reply; 4+ messages in thread
From: bot+bpf-ci @ 2026-02-04 13:04 UTC (permalink / raw)
  To: afabre, martin.lau, daniel, john.fastabend, sdf, ast, andrii,
	eddyz87, song, yonghong.song, kpsingh, haoluo, jolsa, davem,
	edumazet, kuba, pabeni, horms
  Cc: bpf, netdev, linux-kernel, kernel-team, wferguson, afabre, ast,
	andrii, daniel, martin.lau, eddyz87, yonghong.song, clm,
	ihor.solodrai

[-- Attachment #1: Type: text/plain, Size: 2021 bytes --]

>     But the TCP TIME-WAIT state needs special handling for this: packets
>     received for a TIME-WAIT socket can either belong to the current
>     incarnation of the connection, or a new incarnation. The only way to
>     determine this is to compare the sequence numbers.
>
>     Add the bpf_tcp_sock() helper in XDP to allow the socket sequence
>     numbers to be read.

Can this approach work for TIME-WAIT sockets? Looking at bpf_tcp_sock() in
net/core/filter.c:

    if (sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP)
        return (unsigned long)sk;
    return (unsigned long)NULL;

And sk_fullsock() in include/net/sock.h:

    static inline bool sk_fullsock(const struct sock *sk)
    {
        return (1 << sk->sk_state) & ~(TCPF_TIME_WAIT | TCPF_NEW_SYN_RECV);
    }

TIME-WAIT sockets are explicitly excluded by sk_fullsock(), so bpf_tcp_sock()
returns NULL for them. The sequence numbers stored in TIME-WAIT sockets
(skc_tw_rcv_nxt and skc_tw_snd_nxt in sock_common) would not be accessible
through this helper.

The change itself is useful for accessing tcp_sock fields from established
connections in XDP, but the commit message implies this solves the TIME-WAIT
sequence number problem described, which doesn't appear to be the case.

---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/21671977729

AI-authorship-score: low
AI-authorship-explanation: The commit message style is consistent with human-written kernel patches, with natural technical language and standard formatting; the technical error is more likely human oversight than AI hallucination.
issues-found: 1
issue-severity-score: low
issue-severity-explanation: The issue is a misleading commit message that claims the change enables TIME-WAIT socket sequence number reading, but the bpf_tcp_sock() helper explicitly returns NULL for TIME-WAIT sockets.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH bpf-next] bpf: Allow bpf_tcp_sock() helper in XDP
  2026-02-04 13:04 ` bot+bpf-ci
@ 2026-02-04 22:27   ` Martin KaFai Lau
  2026-02-05 15:52     ` Arthur Fabre
  0 siblings, 1 reply; 4+ messages in thread
From: Martin KaFai Lau @ 2026-02-04 22:27 UTC (permalink / raw)
  To: afabre
  Cc: daniel, john.fastabend, sdf, ast, andrii, eddyz87, song,
	yonghong.song, kpsingh, haoluo, jolsa, davem, edumazet, kuba,
	pabeni, horms, bpf, netdev, linux-kernel, kernel-team, wferguson,
	martin.lau, clm, ihor.solodrai, bot+bpf-ci



On 2/4/26 5:04 AM, bot+bpf-ci@kernel.org wrote:
>>      But the TCP TIME-WAIT state needs special handling for this: packets
>>      received for a TIME-WAIT socket can either belong to the current
>>      incarnation of the connection, or a new incarnation. The only way to
>>      determine this is to compare the sequence numbers.
>>
>>      Add the bpf_tcp_sock() helper in XDP to allow the socket sequence
>>      numbers to be read.
> 
> Can this approach work for TIME-WAIT sockets? Looking at bpf_tcp_sock() in
> net/core/filter.c:
> 
>      if (sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP)
>          return (unsigned long)sk;
>      return (unsigned long)NULL;
> 
> And sk_fullsock() in include/net/sock.h:
> 
>      static inline bool sk_fullsock(const struct sock *sk)
>      {
>          return (1 << sk->sk_state) & ~(TCPF_TIME_WAIT | TCPF_NEW_SYN_RECV);
>      }
> 
> TIME-WAIT sockets are explicitly excluded by sk_fullsock(), so bpf_tcp_sock()
> returns NULL for them. The sequence numbers stored in TIME-WAIT sockets
> (skc_tw_rcv_nxt and skc_tw_snd_nxt in sock_common) would not be accessible
> through this helper.
> 
> The change itself is useful for accessing tcp_sock fields from established
> connections in XDP, but the commit message implies this solves the TIME-WAIT
> sequence number problem described, which doesn't appear to be the case.

or use "tp = bpf_core_cast(sk, struct tcp_sock /* or tcp_timewait_sock 
*/);". The bpf prog can also read all members of the kernel struct 
instead of a subset defined in bpf_tcp_sock.

pw-bot: cr

> 
> 
> ---
> AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
> See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
> 
> CI run summary: https://github.com/kernel-patches/bpf/actions/runs/21671977729
> 
> AI-authorship-score: low
> AI-authorship-explanation: The commit message style is consistent with human-written kernel patches, with natural technical language and standard formatting; the technical error is more likely human oversight than AI hallucination.
> issues-found: 1
> issue-severity-score: low
> issue-severity-explanation: The issue is a misleading commit message that claims the change enables TIME-WAIT socket sequence number reading, but the bpf_tcp_sock() helper explicitly returns NULL for TIME-WAIT sockets.


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH bpf-next] bpf: Allow bpf_tcp_sock() helper in XDP
  2026-02-04 22:27   ` Martin KaFai Lau
@ 2026-02-05 15:52     ` Arthur Fabre
  0 siblings, 0 replies; 4+ messages in thread
From: Arthur Fabre @ 2026-02-05 15:52 UTC (permalink / raw)
  To: Martin KaFai Lau
  Cc: daniel, john.fastabend, sdf, ast, andrii, eddyz87, song,
	yonghong.song, kpsingh, haoluo, jolsa, davem, edumazet, kuba,
	pabeni, horms, bpf, netdev, linux-kernel, kernel-team, wferguson,
	martin.lau, clm, ihor.solodrai, bot+bpf-ci

On Wed Feb 4, 2026 at 11:27 PM CET, Martin KaFai Lau wrote:
>
>
> On 2/4/26 5:04 AM, bot+bpf-ci@kernel.org wrote:
> >>      But the TCP TIME-WAIT state needs special handling for this: packets
> >>      received for a TIME-WAIT socket can either belong to the current
> >>      incarnation of the connection, or a new incarnation. The only way to
> >>      determine this is to compare the sequence numbers.
> >>
> >>      Add the bpf_tcp_sock() helper in XDP to allow the socket sequence
> >>      numbers to be read.
> > 
> > Can this approach work for TIME-WAIT sockets? Looking at bpf_tcp_sock() in
> > net/core/filter.c:
> > 
> >      if (sk_fullsock(sk) && sk->sk_protocol == IPPROTO_TCP)
> >          return (unsigned long)sk;
> >      return (unsigned long)NULL;
> > 
> > And sk_fullsock() in include/net/sock.h:
> > 
> >      static inline bool sk_fullsock(const struct sock *sk)
> >      {
> >          return (1 << sk->sk_state) & ~(TCPF_TIME_WAIT | TCPF_NEW_SYN_RECV);
> >      }
> > 
> > TIME-WAIT sockets are explicitly excluded by sk_fullsock(), so bpf_tcp_sock()
> > returns NULL for them. The sequence numbers stored in TIME-WAIT sockets
> > (skc_tw_rcv_nxt and skc_tw_snd_nxt in sock_common) would not be accessible
> > through this helper.
> > 
> > The change itself is useful for accessing tcp_sock fields from established
> > connections in XDP, but the commit message implies this solves the TIME-WAIT
> > sequence number problem described, which doesn't appear to be the case.
>
> or use "tp = bpf_core_cast(sk, struct tcp_sock /* or tcp_timewait_sock 
> */);". The bpf prog can also read all members of the kernel struct 
> instead of a subset defined in bpf_tcp_sock.

Brilliant, that works! Thanks Martin.

>
> pw-bot: cr
>
> > 
> > 
> > ---
> > AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
> > See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
> > 
> > CI run summary: https://github.com/kernel-patches/bpf/actions/runs/21671977729
> > 
> > AI-authorship-score: low
> > AI-authorship-explanation: The commit message style is consistent with human-written kernel patches, with natural technical language and standard formatting; the technical error is more likely human oversight than AI hallucination.
> > issues-found: 1
> > issue-severity-score: low
> > issue-severity-explanation: The issue is a misleading commit message that claims the change enables TIME-WAIT socket sequence number reading, but the bpf_tcp_sock() helper explicitly returns NULL for TIME-WAIT sockets.


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2026-02-05 15:52 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-04 12:24 [PATCH bpf-next] bpf: Allow bpf_tcp_sock() helper in XDP Arthur Fabre
2026-02-04 13:04 ` bot+bpf-ci
2026-02-04 22:27   ` Martin KaFai Lau
2026-02-05 15:52     ` Arthur Fabre

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox