[PATCH v3 2/9] bpf: Leverage sockptr_t in BPF setsockopt hook

From: Breno Leitao
Date: Thu Aug 17 2023 - 10:57:33 EST

Next message: Breno Leitao: "[PATCH v3 3/9] net/socket: Break down __sys_setsockopt"
Previous message: Breno Leitao: "[PATCH v3 1/9] bpf: Leverage sockptr_t in BPF getsockopt hook"
In reply to: Breno Leitao: "[PATCH v3 1/9] bpf: Leverage sockptr_t in BPF getsockopt hook"
Next in thread: Breno Leitao: "[PATCH v3 3/9] net/socket: Break down __sys_setsockopt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Change BPF setsockopt hook (__cgroup_bpf_run_filter_setsockopt()) to use
sockptr instead of user pointers. This brings flexibility to the
function, since it could be called with userspace or kernel pointers.

This change will allow the creation of a core sock_setsockopt, called
do_sock_setsockopt(), which will be called from both the system call path
and by io_uring command.

This also aligns with the getsockopt() counterpart, which is now using
sockptr_t types.

Signed-off-by: Breno Leitao <leitao@xxxxxxxxxx>
---
include/linux/bpf-cgroup.h | 2 +-
kernel/bpf/cgroup.c | 5 +++--
net/socket.c | 2 +-
3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h
index d16cb99fd4f1..5e3419eb267a 100644
--- a/include/linux/bpf-cgroup.h
+++ b/include/linux/bpf-cgroup.h
@@ -137,7 +137,7 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head,
enum cgroup_bpf_attach_type atype);

int __cgroup_bpf_run_filter_setsockopt(struct sock *sock, int *level,
- int *optname, char __user *optval,
+ int *optname, sockptr_t optval,
int *optlen, char **kernel_optval);

int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level,
diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c
index ebc8c58f7e46..f0dedd4f7f2e 100644
--- a/kernel/bpf/cgroup.c
+++ b/kernel/bpf/cgroup.c
@@ -1785,7 +1785,7 @@ static bool sockopt_buf_allocated(struct bpf_sockopt_kern *ctx,
}

int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level,
- int *optname, char __user *optval,
+ int *optname, sockptr_t optval,
int *optlen, char **kernel_optval)
{
struct cgroup *cgrp = sock_cgroup_ptr(&sk->sk_cgrp_data);
@@ -1808,7 +1808,8 @@ int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level,

ctx.optlen = *optlen;

- if (copy_from_user(ctx.optval, optval, min(*optlen, max_optlen)) != 0) {
+ if (copy_from_sockptr(ctx.optval, optval,
+ min(*optlen, max_optlen))) {
ret = -EFAULT;
goto out;
}
diff --git a/net/socket.c b/net/socket.c
index 33ea5eb91ade..2c3ef8862b4f 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -2246,7 +2246,7 @@ int __sys_setsockopt(int fd, int level, int optname, char __user *user_optval,

if (!in_compat_syscall())
err = BPF_CGROUP_RUN_PROG_SETSOCKOPT(sock->sk, &level, &optname,
- user_optval, &optlen,
+ optval, &optlen,
&kernel_optval);
if (err < 0)
goto out_put;
--
2.34.1

Next message: Breno Leitao: "[PATCH v3 3/9] net/socket: Break down __sys_setsockopt"
Previous message: Breno Leitao: "[PATCH v3 1/9] bpf: Leverage sockptr_t in BPF getsockopt hook"
In reply to: Breno Leitao: "[PATCH v3 1/9] bpf: Leverage sockptr_t in BPF getsockopt hook"
Next in thread: Breno Leitao: "[PATCH v3 3/9] net/socket: Break down __sys_setsockopt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]