lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <1516895425-2311-1-git-send-email-laoar.shao@gmail.com>
Date:   Thu, 25 Jan 2018 23:50:25 +0800
From:   Yafang Shao <laoar.shao@...il.com>
To:     tj@...nel.org, guro@...com, davem@...emloft.net,
        longman@...hat.com, lizefan@...wei.com, hannes@...xchg.org
Cc:     cgroups@...r.kernel.org, linux-kernel@...r.kernel.org,
        Yafang Shao <laoar.shao@...il.com>
Subject: [PATCH bpf-next] cgroup: support attaching eBPF programs to net_prio cgroup

If net_prio is used, we could also use eBPF programs to attach it,
because the net_prio cgroup could be got with prioidx in struct
sock_cgroup_data.
Hence it should not only be limited to cgroup2.

Signed-off-by: Yafang Shao <laoar.shao@...il.com>
---
 include/linux/cgroup.h | 16 +++++++++++++++-
 kernel/cgroup/cgroup.c |  6 +-----
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h
index 473e0c0..c0cb46b 100644
--- a/include/linux/cgroup.h
+++ b/include/linux/cgroup.h
@@ -772,8 +772,22 @@ static inline struct cgroup *sock_cgroup_ptr(struct sock_cgroup_data *skcd)
 	 */
 	v = READ_ONCE(skcd->val);
 
-	if (v & 1)
+	/* either net_prio or net_cls or both being used. */
+	if (v & 1) {
+		if (skcd->prioidx != 1) {
+			struct cgroup_subsys_state *css;
+			struct cgroup *cg;
+
+			rcu_read_lock();
+			css = css_from_id(skcd->prioidx, &net_prio_cgrp_subsys);
+			cg = css->cgroup;
+			rcu_read_unlock();
+
+			return cg;
+		}
+
 		return &cgrp_dfl_root.cgrp;
+	}
 
 	return (struct cgroup *)(unsigned long)v ?: &cgrp_dfl_root.cgrp;
 #else
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 7e4c445..59610f5 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5735,7 +5735,7 @@ struct cgroup *cgroup_get_from_path(const char *path)
 
 /**
  * cgroup_get_from_fd - get a cgroup pointer from a fd
- * @fd: fd obtained by open(cgroup2_dir)
+ * @fd: fd obtained by open(cgroup2_dir or net_prio_dir)
  *
  * Find the cgroup from a fd which should be obtained
  * by opening a cgroup directory.  Returns a pointer to the
@@ -5758,10 +5758,6 @@ struct cgroup *cgroup_get_from_fd(int fd)
 		return ERR_CAST(css);
 
 	cgrp = css->cgroup;
-	if (!cgroup_on_dfl(cgrp)) {
-		cgroup_put(cgrp);
-		return ERR_PTR(-EBADF);
-	}
 
 	return cgrp;
 }
-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ