[PATCH v2 7/8] io_uring/cmd: BPF hook for getsockopt cmd
From: Breno Leitao
Date: Tue Aug 08 2023 - 15:17:43 EST
Add BPF hooks support for getsockopts io_uring command. So, bpf cgroups
programs can run when SOCKET_URING_OP_GETSOCKOPT command is called.
This implementation follows a similar approach to what
__sys_getsockopt() does, but, using USER_SOCKPTR() for optval instead of
kernel pointer.
Signed-off-by: Breno Leitao <leitao@xxxxxxxxxx>
---
io_uring/uring_cmd.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c
index dbba005a7290..3693e5779229 100644
--- a/io_uring/uring_cmd.c
+++ b/io_uring/uring_cmd.c
@@ -5,6 +5,8 @@
#include <linux/io_uring.h>
#include <linux/security.h>
#include <linux/nospec.h>
+#include <linux/compat.h>
+#include <linux/bpf-cgroup.h>
#include <uapi/linux/io_uring.h>
#include <uapi/asm-generic/ioctls.h>
@@ -179,17 +181,23 @@ static inline int io_uring_cmd_getsockopt(struct socket *sock,
if (err)
return err;
- if (level == SOL_SOCKET) {
+ err = -EOPNOTSUPP;
+ if (level == SOL_SOCKET)
err = sk_getsockopt(sock->sk, level, optname,
USER_SOCKPTR(optval),
KERNEL_SOCKPTR(&optlen));
- if (err)
- return err;
+ if (!in_compat_syscall())
+ err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level,
+ optname,
+ USER_SOCKPTR(optval),
+ KERNEL_SOCKPTR(&optlen),
+ optlen, err);
+
+ if (!err)
return optlen;
- }
- return -EOPNOTSUPP;
+ return err;
}
static inline int io_uring_cmd_setsockopt(struct socket *sock,
--
2.34.1