lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <0ed5524b-0338-45cf-9220-18a9d62cc263@linux.dev>
Date: Wed, 29 Jan 2025 12:58:56 -0800
From: Martin KaFai Lau <martin.lau@...ux.dev>
To: zhangmingyi <zhangmingyi5@...wei.com>
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org, song@...nel.org,
 yhs@...com, john.fastabend@...il.com, kpsingh@...nel.org, sdf@...gle.com,
 haoluo@...gle.com, jolsa@...nel.org, bpf@...r.kernel.org,
 linux-kernel@...r.kernel.org, yanan@...wei.com, wuchangye@...wei.com,
 xiesongyang@...wei.com, liuxin350@...wei.com, liwei883@...wei.com,
 tianmuyang@...wei.com
Subject: Re: [PATCH 0/2] ipv4, bpf: Introduced to support the ULP to get or
 set sockets

On 1/27/25 1:07 AM, zhangmingyi wrote:
> We want call bpf_setsockopt to replace the kernel module in the TCP_ULP
> case. The purpose is to customize the behavior in connect and sendmsg.
> We have an open source community project kmesh (kmesh.net). Based on
> this, we refer to some processes of tcp fastopen to implement delayed
> connet and perform HTTP DNAT when sendmsg.In this case, we need to parse
> HTTP packets in the bpf program and set TCP_ULP for the specified socket.

The ulp could be a kernel module. Which ulp is needed in your use case?

> Note that tcp_getsockopt and tcp_setsockopt support TCP_ULP, while
> bpf_getsockopt and bpf_setsockopt do not support TCP_ULP.
> I'm not sure why there is such a difference, but I noticed that

You are right that bpf_get/setsockopt should be able to support most of the 
TCP_* optname.

After looking at tcp_set_ulp, I believe TCP_ULP is one of the few exceptions. I 
didn't drill down further and I stopped at __tcp_ulp_find_autoload which I 
believe it might_sleep. The BPF programs that support bpf_setsockopt cannot 
sleep. Take a look at how do_tcp_setsockopt(TCP_CONGESTION) is done.

pw-bot: cr

> tcp_setsockopt is called in bpf_setsockopt.I think we can add the
> handling of this case.
> 
> zhangmingyi (2):
>    ipv4, bpf: Introduced to support the ULP to get or set sockets
>    add selftest for TCP_ULP in bpf_setsockopt
> 
>   net/core/filter.c                             |  1 +
>   .../selftests/bpf/progs/setget_sockopt.c      | 21 ++++++++++++++++---
>   2 files changed, 19 insertions(+), 3 deletions(-)
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ