[bpf-next,v3,0/5] bpf: expose bpf_{g,s}et_retval to more cgroup hooks

Message ID	20220818232729.2479330-1-sdf@google.com (mailing list archive)
Headers	show Return-Path: <bpf-owner@kernel.org> Date: Thu, 18 Aug 2022 16:27:24 -0700 Message-Id: <20220818232729.2479330-1-sdf@google.com> Mime-Version: 1.0 Subject: [PATCH bpf-next v3 0/5] bpf: expose bpf_{g,s}et_retval to more cgroup hooks From: Stanislav Fomichev <sdf@google.com> To: bpf@vger.kernel.org Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, martin.lau@linux.dev, song@kernel.org, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk
Series	bpf: expose bpf_{g,s}et_retval to more cgroup hooks \| expand [bpf-next,v3,0/5] bpf: expose bpf_{g,s}et_retval to more cgroup hooks [bpf-next,v3,1/5] bpf: Introduce cgroup_{common,current}_func_proto [bpf-next,v3,2/5] bpf: Use cgroup_{common,current}_func_proto in more hooks [bpf-next,v3,3/5] bpf: expose bpf_strtol and bpf_strtoul to all program types [bpf-next,v3,4/5] bpf: update bpf_{g,s}et_retval documentation [bpf-next,v3,5/5] selftests/bpf: Make sure bpf_{g,s}et_retval is exposed everywhere

Message ID

20220818232729.2479330-1-sdf@google.com (mailing list archive)

Headers

Date: Thu, 18 Aug 2022 16:27:24 -0700
Message-Id: <20220818232729.2479330-1-sdf@google.com>
Mime-Version: 1.0
Subject: [PATCH bpf-next v3 0/5] bpf: expose bpf_{g,s}et_retval to more cgroup
 hooks
From: Stanislav Fomichev <sdf@google.com>
To: bpf@vger.kernel.org
Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
        martin.lau@linux.dev, song@kernel.org, yhs@fb.com,
        john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com,
        haoluo@google.com, jolsa@kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

Series

bpf: expose bpf_{g,s}et_retval to more cgroup hooks | expand

Message

Stanislav Fomichev Aug. 18, 2022, 11:27 p.m. UTC

Apparently, only a small subset of cgroup hooks actually falls
back to cgroup_base_func_proto. This leads to unexpected result
where not all cgroup helpers have bpf_{g,s}et_retval.

It's getting harder and harder to manage which helpers are exported
to which hooks. We now have the following call chains:

- cg_skb_func_proto
  - sk_filter_func_proto
    - bpf_sk_base_func_proto
      - bpf_base_func_proto

So by looking at cg_skb_func_proto it's pretty hard to understand
what's going on.

For cgroup helpers, I'm proposing we do the following instead:

  func_proto = cgroup_common_func_proto();
  if (func_proto) return func_proto;

  /* optional, if hook has 'current' */
  func_proto = cgroup_current_func_proto();
  if (func_proto) return func_proto;

  ...

  switch (func_id) {
  /* hook specific helpers */
  case BPF_FUNC_hook_specific_helper:
    return &xyz;
  default:
    /* always fall back to plain bpf_base_func_proto */
    bpf_base_func_proto(func_id);
  }

If this turns out more workable, we can follow up with converting
the rest to the same pattern.

v3:
- expose strtol/strtoul everywhere (Martin)
- move helpers declarations from bpf.h to bpf-cgroup.h (Martin)
- revise bpf_{g,s}et_retval documentation (Martin)
- don't expose bpf_{g,s}et_retval to cg_skb hooks (Martin)

v2:
- move everything into kernel/bpf/cgroup.c instead (Martin)
- use cgroup_common_func_proto in lsm (Martin)

Stanislav Fomichev (5):
  bpf: Introduce cgroup_{common,current}_func_proto
  bpf: Use cgroup_{common,current}_func_proto in more hooks
  bpf: expose bpf_strtol and bpf_strtoul to all program types
  bpf: update bpf_{g,s}et_retval documentation
  selftests/bpf: Make sure bpf_{g,s}et_retval is exposed everywhere

 include/linux/bpf-cgroup.h                    |  17 ++
 include/uapi/linux/bpf.h                      |  22 +-
 kernel/bpf/bpf_lsm.c                          |  19 +-
 kernel/bpf/cgroup.c                           | 212 ++++++++++++++++--
 kernel/bpf/helpers.c                          |  82 +------
 net/core/filter.c                             |  92 +++-----
 tools/include/uapi/linux/bpf.h                |  22 +-
 tools/testing/selftests/bpf/Makefile          |   1 +
 .../bpf/cgroup_getset_retval_hooks.h          |  25 +++
 .../bpf/prog_tests/cgroup_getset_retval.c     |  48 ++++
 .../bpf/progs/cgroup_getset_retval_hooks.c    |  16 ++
 11 files changed, 380 insertions(+), 176 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/cgroup_getset_retval_hooks.h
 create mode 100644 tools/testing/selftests/bpf/progs/cgroup_getset_retval_hooks.c