lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAAVpQUDsBUcn+0ZB2Da4ymNGhvWU2=HoVumPQvsw97AhREWsRg@mail.gmail.com>
Date: Tue, 2 Sep 2025 13:13:29 -0700
From: Kuniyuki Iwashima <kuniyu@...gle.com>
To: Martin KaFai Lau <martin.lau@...ux.dev>
Cc: Alexei Starovoitov <ast@...nel.org>, Andrii Nakryiko <andrii@...nel.org>, 
	Daniel Borkmann <daniel@...earbox.net>, John Fastabend <john.fastabend@...il.com>, 
	Stanislav Fomichev <sdf@...ichev.me>, Johannes Weiner <hannes@...xchg.org>, Michal Hocko <mhocko@...nel.org>, 
	Roman Gushchin <roman.gushchin@...ux.dev>, Shakeel Butt <shakeel.butt@...ux.dev>, 
	"David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, 
	Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, 
	Neal Cardwell <ncardwell@...gle.com>, Willem de Bruijn <willemb@...gle.com>, 
	Mina Almasry <almasrymina@...gle.com>, Kuniyuki Iwashima <kuni1840@...il.com>, bpf@...r.kernel.org, 
	netdev@...r.kernel.org
Subject: Re: [PATCH v4 bpf-next/net 3/5] bpf: Introduce SK_BPF_MEMCG_FLAGS and SK_BPF_MEMCG_SOCK_ISOLATED.

On Tue, Sep 2, 2025 at 1:02 PM Martin KaFai Lau <martin.lau@...ux.dev> wrote:
>
> On 8/28/25 6:00 PM, Kuniyuki Iwashima wrote:
> >   static int sol_socket_sockopt(struct sock *sk, int optname,
> >                             char *optval, int *optlen,
> >                             bool getopt)
> > @@ -5284,6 +5313,7 @@ static int sol_socket_sockopt(struct sock *sk, int optname,
> >       case SO_BINDTOIFINDEX:
> >       case SO_TXREHASH:
> >       case SK_BPF_CB_FLAGS:
> > +     case SK_BPF_MEMCG_FLAGS:
> >               if (*optlen != sizeof(int))
> >                       return -EINVAL;
> >               break;
> > @@ -5293,8 +5323,15 @@ static int sol_socket_sockopt(struct sock *sk, int optname,
> >               return -EINVAL;
> >       }
> >
> > -     if (optname == SK_BPF_CB_FLAGS)
> > +     switch (optname) {
> > +     case SK_BPF_CB_FLAGS:
> >               return sk_bpf_set_get_cb_flags(sk, optval, getopt);
> > +     case SK_BPF_MEMCG_FLAGS:
>
> I would remove the getsockopt only support from the other hooks that cannot do
> the setsockopt. There are other ways for them to read sk->sk_memcg if it is
> really needed.

Ah, I forgot bpf_core_cast().

>
> > +             if (!IS_ENABLED(CONFIG_MEMCG) || !getopt)
> > +                     return -EOPNOTSUPP;
> > +
> > +             return sk_bpf_get_memcg_flags(sk, optval);
>
> Instead, do this only in bpf_sock_create_getsockopt.

Will do.

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ