| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220727060856.2370358-1-kafai@fb.com>
Date: Tue, 26 Jul 2022 23:08:56 -0700
From: Martin KaFai Lau <kafai@...com>
To: <bpf@...r.kernel.org>, <netdev@...r.kernel.org>
CC: Alexei Starovoitov <ast@...nel.org>,
Andrii Nakryiko <andrii@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
David Miller <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, <kernel-team@...com>,
Paolo Abeni <pabeni@...hat.com>
Subject: [PATCH bpf-next 00/14] bpf: net: Remove duplicated codes from bpf_setsockopt()
The codes in bpf_setsockopt() is mostly a copy-and-paste from
the sock_setsockopt(), do_tcp_setsockopt(), do_ipv6_setsockopt(),
and do_ip_setsockopt(). As the allowed optnames in bpf_setsockopt()
grows, so are the duplicated codes. The codes between the copies
also slowly drifted.
This set is an effort to clean this up and reuse the existing
{sock,do_tcp,do_ipv6,do_ip}_setsockopt() as much as possible.
After the clean up, this set also adds a few allowed optnames
that we need to the bpf_setsockopt().
The initial attempt was to clean up both bpf_setsockopt() and
bpf_getsockopt() together. However, the patch set was getting
too long. It is beneficial to leave the bpf_getsockopt()
out for another patch set. Thus, this set is focusing
on the bpf_setsockopt().
Martin KaFai Lau (14):
net: Change sock_setsockopt from taking sock ptr to sk ptr
bpf: net: Avoid sock_setsockopt() taking sk lock when called from bpf
bpf: net: Consider optval.is_bpf before capable check in
sock_setsockopt()
bpf: net: Avoid do_tcp_setsockopt() taking sk lock when called from
bpf
bpf: net: Avoid do_ip_setsockopt() taking sk lock when called from bpf
bpf: net: Avoid do_ipv6_setsockopt() taking sk lock when called from
bpf
bpf: Embed kernel CONFIG check into the if statement in bpf_setsockopt
bpf: Change bpf_setsockopt(SOL_SOCKET) to reuse sock_setsockopt()
bpf: Refactor bpf specific tcp optnames to a new function
bpf: Change bpf_setsockopt(SOL_TCP) to reuse do_tcp_setsockopt()
bpf: Change bpf_setsockopt(SOL_IP) to reuse do_ip_setsockopt()
bpf: Change bpf_setsockopt(SOL_IPV6) to reuse do_ipv6_setsockopt()
bpf: Add a few optnames to bpf_setsockopt
selftests/bpf: bpf_setsockopt tests
drivers/nvme/host/tcp.c | 2 +-
fs/ksmbd/transport_tcp.c | 2 +-
include/linux/sockptr.h | 8 +-
include/net/ip.h | 2 +
include/net/ipv6.h | 2 +
include/net/ipv6_stubs.h | 2 +
include/net/sock.h | 14 +-
include/net/tcp.h | 2 +
net/core/filter.c | 378 +++++-------
net/core/sock.c | 25 +-
net/ipv4/ip_sockglue.c | 10 +-
net/ipv4/tcp.c | 21 +-
net/ipv6/af_inet6.c | 1 +
net/ipv6/ipv6_sockglue.c | 10 +-
net/mptcp/sockopt.c | 12 +-
net/socket.c | 2 +-
.../selftests/bpf/prog_tests/setget_sockopt.c | 125 ++++
.../selftests/bpf/progs/setget_sockopt.c | 538 ++++++++++++++++++
18 files changed, 890 insertions(+), 266 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/setget_sockopt.c
create mode 100644 tools/testing/selftests/bpf/progs/setget_sockopt.c
--
2.30.2
Powered by blists - more mailing lists