From patchwork Mon Aug 31 04:03:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Khaled Elmously X-Patchwork-Id: 1354097 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4BfxQn2SGSz9sTr; Mon, 31 Aug 2020 14:04:01 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1kCb2p-00059F-DI; Mon, 31 Aug 2020 04:03:47 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1kCb2m-00058X-2a for kernel-team@lists.ubuntu.com; Mon, 31 Aug 2020 04:03:44 +0000 Received: from mail-qv1-f70.google.com ([209.85.219.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1kCb2l-0006IJ-Nk for kernel-team@lists.ubuntu.com; Mon, 31 Aug 2020 04:03:43 +0000 Received: by mail-qv1-f70.google.com with SMTP id m11so4510653qvv.3 for ; Sun, 30 Aug 2020 21:03:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=rjE98RHZW6Ci3h3YVqyWv/iqjW8gq8xIofP8wrGGIg8=; b=JEws/+3k7vKnYzamCiC6pELULCe9T1jKU74L4ZZu1u6amR6nkYZViozC/zecseG+EG nXOZ6lz/cvW80qtk54kk5IkNsGsTXHZjyfmi7tmS0qfSqMjZgdPRFBQK/XV8OBZZrzF/ VsyNyqBFnPnKB1iqvndlddrfYLDFvSwkpnCML39tW5XA8u4XES8qbJlXQbWSSptzZCSM IqzRjR+wot1BR4vVANtSFXZs1DG8yIlmMtrFc96xz/vOFPbFzEJcnZ/te0twLK7k7hEu 69zqyaTm1F3h6HQ2xrTkHHnkWcA2xdHSXdlGYF7QAovcoHgxrluXZrkLVss/mbsxG82P bRyA== X-Gm-Message-State: AOAM530f3IcrQMJS5leSYOqzGYKOfrn4DWtvJyHJwrMpkDzjnJIMZpzw bdzvtj9rGXABNtoO2Yp2Nh4/ZduJwzniPqKvi8Rr5vY2+4XTQSxr6D1QhUPdXSvNJJ91fJ9zzGE hM0UpLsUyMPwccQjvYCCHD4OTTTppO0bOQUWp74Pjjg== X-Received: by 2002:a05:620a:13b2:: with SMTP id m18mr9340721qki.490.1598846622430; Sun, 30 Aug 2020 21:03:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzesIC8qLCsVi7c+Re4+JcbSF5CrwuYu+H45/AqLS5+7b7tuCwhp1Z38B5BxnK6MHGffdhPZA== X-Received: by 2002:a05:620a:13b2:: with SMTP id m18mr9340708qki.490.1598846622146; Sun, 30 Aug 2020 21:03:42 -0700 (PDT) Received: from kbuntu2.fuzzbuzz.org (dhcp-24-53-242-104.cable.user.start.ca. [24.53.242.104]) by smtp.gmail.com with ESMTPSA id d9sm7779648qkj.83.2020.08.30.21.03.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 30 Aug 2020 21:03:41 -0700 (PDT) From: Khalid Elmously To: kernel-team@lists.ubuntu.com Subject: [PATCH 01/13] bpf: Enable retrieval of socket cookie for bind/post-bind hook Date: Mon, 31 Aug 2020 00:03:21 -0400 Message-Id: <20200831040333.6058-2-khalid.elmously@canonical.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200831040333.6058-1-khalid.elmously@canonical.com> References: <20200831040333.6058-1-khalid.elmously@canonical.com> X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Daniel Borkmann BugLink: https://bugs.launchpad.net/bugs/1887740 [ upstream commit 0e53d9e5e82056555020c47ee0c7a087147be084 ] We currently make heavy use of the socket cookie in BPF's connect(), sendmsg() and recvmsg() hooks for load-balancing decisions. However, it is currently not enabled/implemented in BPF {post-}bind hooks where it can later be used in combination for correlation in the tc egress path, for example. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/e9d71f310715332f12d238cc650c1edc5be55119.1585323121.git.daniel@iogearbox.net Signed-off-by: Daniel Borkmann Signed-off-by: Khalid Elmously --- net/core/filter.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index f1f2304822e3..d6f781e0a894 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -4184,6 +4184,18 @@ static const struct bpf_func_proto bpf_get_socket_cookie_sock_addr_proto = { .arg1_type = ARG_PTR_TO_CTX, }; +BPF_CALL_1(bpf_get_socket_cookie_sock, struct sock *, ctx) +{ + return sock_gen_cookie(ctx); +} + +static const struct bpf_func_proto bpf_get_socket_cookie_sock_proto = { + .func = bpf_get_socket_cookie_sock, + .gpl_only = false, + .ret_type = RET_INTEGER, + .arg1_type = ARG_PTR_TO_CTX, +}; + BPF_CALL_1(bpf_get_socket_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx) { return sock_gen_cookie(ctx->sk); @@ -6019,6 +6031,8 @@ sock_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return &bpf_get_current_uid_gid_proto; case BPF_FUNC_get_local_storage: return &bpf_get_local_storage_proto; + case BPF_FUNC_get_socket_cookie: + return &bpf_get_socket_cookie_sock_proto; default: return bpf_base_func_proto(func_id); }