From patchwork Sat Jan 21 02:57:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kui-Feng Lee X-Patchwork-Id: 13110816 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0120C05027 for ; Sat, 21 Jan 2023 02:57:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229494AbjAUC53 (ORCPT ); Fri, 20 Jan 2023 21:57:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229379AbjAUC53 (ORCPT ); Fri, 20 Jan 2023 21:57:29 -0500 Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFFD16AC91 for ; Fri, 20 Jan 2023 18:57:28 -0800 (PST) Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 30KNmeOF012368 for ; Fri, 20 Jan 2023 18:57:28 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=s2048-2021-q4; bh=Zhn9xNVwKO2PPFy243h0rJy1V/FGtGTYjCYHqV53EQo=; b=BrfO8SVnjbVznyUk7l+53UTFcC5fwPX5gAOxdWoDc04B3+vcm1Q3fMEocpDeDPgBACNk 4oQz7X1yfpOMYS1kxZimndAk36cuSpPRJP4/X8xw+jgo4eT36AXDQNvCrErBFmzyULic hr7oGq96nCGhlM3oYn7fC8DxXMidN3WIVRmb21zfAMZam0rv3fa/m/ZAhUrJGldgte4O Jb/EMwEA8vXDVdpnvzdnNHm7h7iPt+/IEy1zeb5lcMU/TJeYcjbVtKANC0XcKO0VMSi5 OubuA1mU4iTkAD/Wz5zcdXxYanHypq2YtoGhP+A0ukvVm4xjCl5TanmEGeNkphqd7MWC ZA== Received: from mail.thefacebook.com ([163.114.132.120]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3n702vmvqk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Fri, 20 Jan 2023 18:57:28 -0800 Received: from twshared19053.17.frc2.facebook.com (2620:10d:c085:108::4) by mail.thefacebook.com (2620:10d:c085:11d::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Fri, 20 Jan 2023 18:57:27 -0800 Received: by devbig931.frc1.facebook.com (Postfix, from userid 460691) id 8CA3531A6231; Fri, 20 Jan 2023 18:57:18 -0800 (PST) From: Kui-Feng Lee To: , , , , CC: Kui-Feng Lee Subject: [PATCH bpf-next 1/2] bpf: Check the protocol of a sock to agree the calls to bpf_setsockopt(). Date: Fri, 20 Jan 2023 18:57:15 -0800 Message-ID: <20230121025716.3039933-2-kuifeng@meta.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230121025716.3039933-1-kuifeng@meta.com> References: <20230121025716.3039933-1-kuifeng@meta.com> MIME-Version: 1.0 X-FB-Internal: Safe X-Proofpoint-GUID: Oa8j4A314Dgwkz2LrYizQfbwROBgBpN5 X-Proofpoint-ORIG-GUID: Oa8j4A314Dgwkz2LrYizQfbwROBgBpN5 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1 definitions=2023-01-20_13,2023-01-20_01,2022-06-22_01 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Resolve an issue when calling sol_tcp_sockopt() on a socket with ktls enabled. Prior to this patch, sol_tcp_sockopt() would only allow calls if the function pointer of setsockopt of the socket was set to tcp_setsockopt(). However, any socket with ktls enabled would have its function pointer set to tls_setsockopt(). To resolve this issue, the patch adds a check of the protocol of the linux socket and allows bpf_setsockopt() to be called if ktls is initialized on the linux socket. This ensures that calls to sol_tcp_sockopt() will succeed on sockets with ktls enabled. Signed-off-by: Kui-Feng Lee --- net/core/filter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/filter.c b/net/core/filter.c index b4547a2c02f4..890384cbdeb2 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -5204,7 +5204,7 @@ static int sol_tcp_sockopt(struct sock *sk, int optname, char *optval, int *optlen, bool getopt) { - if (sk->sk_prot->setsockopt != tcp_setsockopt) + if (sk->sk_protocol != IPPROTO_TCP) return -EINVAL; switch (optname) {