From patchwork Tue Jan 24 18:12:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kui-Feng Lee X-Patchwork-Id: 13114492 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E0230C54EB4 for ; Tue, 24 Jan 2023 18:13:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229451AbjAXSNI (ORCPT ); Tue, 24 Jan 2023 13:13:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58516 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232618AbjAXSNF (ORCPT ); Tue, 24 Jan 2023 13:13:05 -0500 Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1ED3B18A9C for ; Tue, 24 Jan 2023 10:13:05 -0800 (PST) Received: from pps.filterd (m0148461.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 30OE2YSq011818 for ; Tue, 24 Jan 2023 10:13:05 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=s2048-2021-q4; bh=Zhn9xNVwKO2PPFy243h0rJy1V/FGtGTYjCYHqV53EQo=; b=Q3KdmdnE8WRPlWFYRWcKsHA8rEiNn+MQ2ARnaglxXWa2RRXh02gS3NOUxcgNqFR2AoYY 46/AoEY75xLagnrk1P9vcW3tXdt83kqdUBDcvLhU0QwsfUDWAyOYqxNiV1MLQeoH3axC 9n5z3V5LL1MOmben5ihFRUR2xFjFBHjBD+QDqb1Q+Sx9CzyvliKKUqS4bSiBAH3I7hdK MHuX1mIc/eZOQeLPb1m4Uv0pZnKND4HCxVfJKFi6urRlgYLIoJ7lI5Bhcq+iBaJG9l8t Vokwfs+gT8GDaQWsQmduUjdlwaQrICsDU29oZC3SyMSBNP284xUu5lcWFDYoa6TLsZos nw== Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3na4dubyst-10 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 24 Jan 2023 10:13:04 -0800 Received: from twshared16996.15.frc2.facebook.com (2620:10d:c0a8:1b::d) by mail.thefacebook.com (2620:10d:c0a8:82::e) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Tue, 24 Jan 2023 10:13:01 -0800 Received: by devbig931.frc1.facebook.com (Postfix, from userid 460691) id 6265F3645D8C; Tue, 24 Jan 2023 10:12:50 -0800 (PST) From: Kui-Feng Lee To: , , , , CC: Kui-Feng Lee Subject: [PATCH bpf-next v2 1/2] bpf: Check the protocol of a sock to agree the calls to bpf_setsockopt(). Date: Tue, 24 Jan 2023 10:12:19 -0800 Message-ID: <20230124181220.2871611-2-kuifeng@meta.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230124181220.2871611-1-kuifeng@meta.com> References: <20230124181220.2871611-1-kuifeng@meta.com> MIME-Version: 1.0 X-FB-Internal: Safe X-Proofpoint-ORIG-GUID: UJa1Yb8qw2N81HNFhsADQmEXRdXfD1hg X-Proofpoint-GUID: UJa1Yb8qw2N81HNFhsADQmEXRdXfD1hg X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.122.1 definitions=2023-01-24_13,2023-01-24_01,2022-06-22_01 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Resolve an issue when calling sol_tcp_sockopt() on a socket with ktls enabled. Prior to this patch, sol_tcp_sockopt() would only allow calls if the function pointer of setsockopt of the socket was set to tcp_setsockopt(). However, any socket with ktls enabled would have its function pointer set to tls_setsockopt(). To resolve this issue, the patch adds a check of the protocol of the linux socket and allows bpf_setsockopt() to be called if ktls is initialized on the linux socket. This ensures that calls to sol_tcp_sockopt() will succeed on sockets with ktls enabled. Signed-off-by: Kui-Feng Lee --- net/core/filter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/filter.c b/net/core/filter.c index b4547a2c02f4..890384cbdeb2 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -5204,7 +5204,7 @@ static int sol_tcp_sockopt(struct sock *sk, int optname, char *optval, int *optlen, bool getopt) { - if (sk->sk_prot->setsockopt != tcp_setsockopt) + if (sk->sk_protocol != IPPROTO_TCP) return -EINVAL; switch (optname) {