lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 17 Aug 2021 16:18:11 +0000
From:   Song Liu <songliubraving@...com>
To:     Xu Liu <liuxu623@...il.com>
CC:     Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Andrii Nakryiko <andrii@...nel.org>, Martin Lau <kafai@...com>,
        Yonghong Song <yhs@...com>,
        John Fastabend <john.fastabend@...il.com>,
        "kpsingh@...nel.org" <kpsingh@...nel.org>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "bpf@...r.kernel.org" <bpf@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] bpf: Allow bpf_get_netns_cookie in BPF_PROG_TYPE_SOCK_OPS

Hi Xu, 

> On Aug 16, 2021, at 3:51 AM, Xu Liu <liuxu623@...il.com> wrote:
> 
> We'd like to be able to identify netns from sockops hooks
> to accelerate local process communication form different netns.
> 
> Signed-off-by: Xu Liu <liuxu623@...il.com>

The change looks good to me. Some logistics issue:

1. Please prefix the subject based on target tree, like [PATCH bpf] or
   [PATCH bpf-next]. This change should target bpf-next. Also, please 
   include v2 (or v3, v4...) when sending the revisions of the patch. 
   So the next version of this change should be [PATCH bpf-next v2] or 
   similar. 

2. Please add a selftest (see tools/testing/selftests/bpf/) to exercise 
   this function from sock_ops

Thanks,
Song


> ---
> net/core/filter.c | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
> 
> diff --git a/net/core/filter.c b/net/core/filter.c
> index d70187ce851b..34938a537931 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -4664,6 +4664,18 @@ static const struct bpf_func_proto bpf_get_netns_cookie_sock_addr_proto = {
> 	.arg1_type	= ARG_PTR_TO_CTX_OR_NULL,
> };
> 
> +BPF_CALL_1(bpf_get_netns_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx)
> +{
> +	return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL);
> +}
> +
> +static const struct bpf_func_proto bpf_get_netns_cookie_sock_ops_proto = {
> +	.func		= bpf_get_netns_cookie_sock_ops,
> +	.gpl_only	= false,
> +	.ret_type	= RET_INTEGER,
> +	.arg1_type	= ARG_PTR_TO_CTX_OR_NULL,
> +};
> +
> BPF_CALL_1(bpf_get_socket_uid, struct sk_buff *, skb)
> {
> 	struct sock *sk = sk_to_full_sk(skb->sk);
> @@ -7445,6 +7457,8 @@ sock_ops_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> 		return &bpf_sk_storage_get_proto;
> 	case BPF_FUNC_sk_storage_delete:
> 		return &bpf_sk_storage_delete_proto;
> +	case BPF_FUNC_get_netns_cookie:
> +		return &bpf_get_netns_cookie_sock_ops_proto;
> #ifdef CONFIG_INET
> 	case BPF_FUNC_load_hdr_opt:
> 		return &bpf_sock_ops_load_hdr_opt_proto;
> -- 
> 2.28.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ