From patchwork Fri Feb 16 13:40:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Daniel Borkmann X-Patchwork-Id: 874424 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3zjZ6827Gdz9t3M for ; Sat, 17 Feb 2018 00:40:48 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1031794AbeBPNkn (ORCPT ); Fri, 16 Feb 2018 08:40:43 -0500 Received: from www62.your-server.de ([213.133.104.62]:39978 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1031737AbeBPNkl (ORCPT ); Fri, 16 Feb 2018 08:40:41 -0500 Received: from [194.230.159.127] (helo=localhost) by www62.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.85_2) (envelope-from ) id 1emgFi-0003iV-ED; Fri, 16 Feb 2018 14:40:38 +0100 From: Daniel Borkmann To: netdev@vger.kernel.org Cc: netfilter-devel@vger.kernel.org, davem@davemloft.net, alexei.starovoitov@gmail.com, Alexei Starovoitov Subject: [PATCH RFC 2/4] bpf: introduce bpfilter commands Date: Fri, 16 Feb 2018 14:40:21 +0100 Message-Id: <20180216134023.15536-3-daniel@iogearbox.net> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20180216134023.15536-1-daniel@iogearbox.net> References: <20180216134023.15536-1-daniel@iogearbox.net> X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.99.3/24320/Fri Feb 16 10:20:55 2018) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Alexei Starovoitov Signed-off-by: Alexei Starovoitov --- include/uapi/linux/bpf.h | 16 ++++++++++++++++ kernel/bpf/syscall.c | 41 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index db6bdc3..ea977e9 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -94,6 +94,8 @@ enum bpf_cmd { BPF_MAP_GET_FD_BY_ID, BPF_OBJ_GET_INFO_BY_FD, BPF_PROG_QUERY, + BPFILTER_GET_CMD, + BPFILTER_REPLY, }; enum bpf_map_type { @@ -231,6 +233,17 @@ enum bpf_attach_type { #define BPF_F_RDONLY (1U << 3) #define BPF_F_WRONLY (1U << 4) +struct bpfilter_get_cmd { + __u32 pid; + __u32 cmd; + __u64 addr; + __u32 len; +}; + +struct bpfilter_reply { + __u32 status; +}; + union bpf_attr { struct { /* anonymous struct used by BPF_MAP_CREATE command */ __u32 map_type; /* one of enum bpf_map_type */ @@ -320,6 +333,9 @@ union bpf_attr { __aligned_u64 prog_ids; __u32 prog_cnt; } query; + + struct bpfilter_get_cmd bpfilter_get_cmd; + struct bpfilter_reply bpfilter_reply; } __attribute__((aligned(8))); /* BPF helper function descriptions: diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index e24aa32..e933bf9 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -1840,6 +1840,41 @@ static int bpf_obj_get_info_by_fd(const union bpf_attr *attr, return err; } +DECLARE_WAIT_QUEUE_HEAD(bpfilter_get_cmd_wq); +DECLARE_WAIT_QUEUE_HEAD(bpfilter_reply_wq); +bool bpfilter_get_cmd_ready = false; +bool bpfilter_reply_ready = false; +struct bpfilter_get_cmd bpfilter_get_cmd_mbox; +struct bpfilter_reply bpfilter_reply_mbox; + +#define BPFILTER_GET_CMD_LAST_FIELD bpfilter_get_cmd.len + +static int bpfilter_get_cmd(const union bpf_attr *attr, + union bpf_attr __user *uattr) +{ + if (CHECK_ATTR(BPFILTER_GET_CMD)) + return -EINVAL; + wait_event_killable(bpfilter_get_cmd_wq, bpfilter_get_cmd_ready); + bpfilter_get_cmd_ready = false; + if (copy_to_user(&uattr->bpfilter_get_cmd, &bpfilter_get_cmd_mbox, + sizeof(bpfilter_get_cmd_mbox))) + return -EFAULT; + return 0; +} + +#define BPFILTER_REPLY_LAST_FIELD bpfilter_reply.status + +static int bpfilter_reply(const union bpf_attr *attr, + union bpf_attr __user *uattr) +{ + if (CHECK_ATTR(BPFILTER_REPLY)) + return -EINVAL; + bpfilter_reply_mbox.status = attr->bpfilter_reply.status; + bpfilter_reply_ready = true; + wake_up(&bpfilter_reply_wq); + return 0; +} + SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, size) { union bpf_attr attr = {}; @@ -1917,6 +1952,12 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz case BPF_OBJ_GET_INFO_BY_FD: err = bpf_obj_get_info_by_fd(&attr, uattr); break; + case BPFILTER_GET_CMD: + err = bpfilter_get_cmd(&attr, uattr); + break; + case BPFILTER_REPLY: + err = bpfilter_reply(&attr, uattr); + break; default: err = -EINVAL; break;