| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Jun 2019 11:59:11 -0700
From: Roman Gushchin <guro@...com>
To: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>, <bpf@...r.kernel.org>
CC: <kernel-team@...com>, <linux-kernel@...r.kernel.org>,
Roman Gushchin <guro@...com>, Yonghong Song <yhs@...com>
Subject: [PATCH bpf-next] bpf: allow CGROUP_SKB programs to use bpf_get_current_cgroup_id() helper
Currently bpf_get_current_cgroup_id() is not supported for
CGROUP_SKB programs. An attempt to load such a program generates an
error like this:
libbpf:
0: (b7) r6 = 0
...
8: (63) *(u32 *)(r10 -28) = r6
9: (85) call bpf_get_current_cgroup_id#80
unknown func bpf_get_current_cgroup_id#80
There are no particular reasons for denying it,
and we have some use cases where it might be useful.
So let's add it to the list of allowed helpers.
Signed-off-by: Roman Gushchin <guro@...com>
Cc: Yonghong Song <yhs@...com>
Cc: Alexei Starovoitov <ast@...nel.org>
Cc: Daniel Borkmann <daniel@...earbox.net>
---
net/core/filter.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net/core/filter.c b/net/core/filter.c
index 55bfc941d17a..19724bb1860d 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -5919,6 +5919,10 @@ cg_skb_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
return &bpf_sk_storage_get_proto;
case BPF_FUNC_sk_storage_delete:
return &bpf_sk_storage_delete_proto;
+#ifdef CONFIG_CGROUPS
+ case BPF_FUNC_get_current_cgroup_id:
+ return &bpf_get_current_cgroup_id_proto;
+#endif
#ifdef CONFIG_INET
case BPF_FUNC_tcp_sock:
return &bpf_tcp_sock_proto;
--
2.20.1
Powered by blists - more mailing lists