From patchwork Fri Aug 4 01:55:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Geliang Tang X-Patchwork-Id: 13341101 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47A11EB64DD for ; Fri, 4 Aug 2023 01:55:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232543AbjHDBz4 (ORCPT ); Thu, 3 Aug 2023 21:55:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58454 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230201AbjHDBzv (ORCPT ); Thu, 3 Aug 2023 21:55:51 -0400 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2046.outbound.protection.outlook.com [40.107.22.46]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A93F1FF3; Thu, 3 Aug 2023 18:55:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YoLwFTsKFsDl08OVLLil++PNt0O4NMbuFplx0EgRWdt4oTuwGldEyTDv2Neq5YLj9rD2RAYcQLCSv+Xw7VoFQiDB7bw0SbwxT2grwO+EyvHCwGURx0+7IXcBCddxgvb3NZ7tn2ZozxiZ9BFaylikaedqJgzft3MkQwAA+GDHPUxbN/Un7yb/tXIpJOo4NvLSEji4MoLnx5zdK7ahcMKVkYTcetTmFErctpVbVYs1kAexKK2kD9/r8fZobCnz3DfaIhbRJh7iU4a/nbvmbbETnJVkCD1gMNJ6dP/2Q0sPwD0Ti1pQjiycs4kgj8Ng/gjSTD+qddgO77v+/Km1/eAETA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YpD3bEfg+gDFZ3eM+fAhpETWevC1iCBWrGrJJSjfmo4=; b=kgSzP9xtbHJEWu8gtZ7xJJ0d71OuzoN54IYA9uMmxtw0TsXXKI9HghYnTem6ztK10l5usVLXxGzhrwDdGcGxLkiHVylBwXgqu/tWNlOGtxhvCWZfIRM6C/LUOe37jobriiMZG0m3T5HUOSuOvc8wkF68Oc8DeZEPE/nfLyQ/RKdKqL/633yeOhJi9F3OpDYXf0XOWm6L4SWyLMdyL3wkF70ohiV8+5lCUX0GRR6gQ1593aBFQ1wGBa9/33QJW/ct44VxuAf3TbBvWtB2UAoVnQUOI+Y0R3Uxc3679WQZE+vkr1fFGULuG5OG1OLDJ1IRDOA5/HVEGpy7CMx8JZDzGg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YpD3bEfg+gDFZ3eM+fAhpETWevC1iCBWrGrJJSjfmo4=; b=slBDxJhMIr5pZl8RCkuOWyZAqHNHG73brJrerMe1gpb17nqs6SFmk61pR2oAkYt0EiThR132wnq+jutfAhcXJ6b4AXgl67QbhsufwC68Pxn+MLzWjUwKUZcaXvdn8mJ9b3UPuAIBQOCw1dExuCKCY0/5MJ/3gXx1ypgvXacC4Def/MlbVjcTZnld8hwxOpxOUjupwYvGEsgSdheZ9IztyIMX7FnomA7dBjUhSTywPOjmkKaqgJA1UniWxKeTcIv0XoMLXGE33SXGDzNm+dwPC1FaFUixS2biZT8hWMhuWylhmh/2W37slgFIMHrrUWeLBa7EsenxCQPNHTEMfY5bIQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Received: from HE1PR0402MB3497.eurprd04.prod.outlook.com (2603:10a6:7:83::14) by GV1PR04MB9085.eurprd04.prod.outlook.com (2603:10a6:150:20::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6652.21; Fri, 4 Aug 2023 01:55:48 +0000 Received: from HE1PR0402MB3497.eurprd04.prod.outlook.com ([fe80::2867:7a72:20ac:5f71]) by HE1PR0402MB3497.eurprd04.prod.outlook.com ([fe80::2867:7a72:20ac:5f71%3]) with mapi id 15.20.6652.020; Fri, 4 Aug 2023 01:55:48 +0000 From: Geliang Tang To: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Florent Revest , Brendan Jackman , Matthieu Baerts , Mat Martineau , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , John Johansen , Paul Moore , James Morris , "Serge E. Hallyn" , Stephen Smalley , Eric Paris , Mykola Lysenko , Shuah Khan , Simon Horman Cc: Geliang Tang , bpf@vger.kernel.org, netdev@vger.kernel.org, mptcp@lists.linux.dev, apparmor@lists.ubuntu.com, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, linux-kselftest@vger.kernel.org Subject: [PATCH bpf-next v10 1/5] bpf: Add update_socket_protocol hook Date: Fri, 4 Aug 2023 09:55:43 +0800 Message-Id: <079989b68ddded562b9f2149cc50642072575001.1691113640.git.geliang.tang@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: References: X-ClientProxiedBy: SI1PR02CA0048.apcprd02.prod.outlook.com (2603:1096:4:1f5::11) To HE1PR0402MB3497.eurprd04.prod.outlook.com (2603:10a6:7:83::14) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: HE1PR0402MB3497:EE_|GV1PR04MB9085:EE_ X-MS-Office365-Filtering-Correlation-Id: 7bbe9310-6a70-4dc6-9df5-08db948dec5c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 0jOJL2OylNL4GvH0SjR065NAyAltY17EBfwUjY+SEjY7gOILmGv4gQSvUrUtquCBQbn6eLae2NTceXC+ZdjbFZ7xiiDUSXybKOIxGp7Wvdtli0P4G9rA4clWfR3kuzzUevfgJYycEhY9jbdr8Kt1vgt67t82J3XJYFYUVJlfBy0Nv20Z99pc++PNMMI8Puy9DkkrmT9Os5DA7bdzFaK3F03665QtqkVQ95sDzbwBrxaoB+XQHVZ8bd0iZWtPNsmeo0BogDs19j+IVYZE5W70BiwYA+6tbytVACSFqlRfz9G9hV54VgQq3IhsPnBYM1OgjYBhwa9OyfcmNBXjnhFS1jW21xHXA+zjJT1HL4WXsFI35MbOAzUnqzP7X0UTAVFobi6e/v/2CbVQ+oMQmOfh5euZNJv5gw7iIbHxXLdkf5ZspmN8lMrtZerTUc+0YaJjBEUG1cKCxmYo5ZyDwHuLbGjeeuUilXB5eMavsF4736JFLNLmXRfQONxL3E/pV1aZTRV5UNUfA+Q7pqhNTmEr6hxrqXLWR//1BDhdrvMQg4F9J5DVJiZdUgDC5m09/GtpjxaVWNRRB/8NWAI5x+Cz2KgNKvTrLEUrM/VOg1Jn4UfO9L0kFpx5baGcigGcVb8v X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:HE1PR0402MB3497.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(376002)(396003)(136003)(346002)(39860400002)(186006)(451199021)(1800799003)(6506007)(38100700002)(921005)(26005)(478600001)(8676002)(15650500001)(8936002)(5660300002)(7416002)(110136005)(44832011)(7406005)(41300700001)(66556008)(4326008)(66946007)(66476007)(6512007)(6666004)(86362001)(966005)(316002)(6486002)(2616005)(36756003)(2906002)(83380400001)(13296009);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: XSo/jXZlcDmeuLuZb72mYKO3wo4RCPWd7h4CWFrWIKWlbDVAC+sKKrlNKNLef0iErvO/mDnESId1MhxipvtKhH3UtZ6AzFGONmUhpQoivJHiRZYjJdaHUx0yDlkoDROF7pUTfRgghwXDmbMz0UXQNbjEMRMoFBsrnzz8/SldcV5jVfd6MtXOotUL2H3Ch7A67XKTKKwrNWbCqLMnJVTvjBkKAjSV3LMQkzUXST+48rkeePcki15/RClBSAuHaSidb2w92nSTRPgRzspRAEul3Tm/0wyoOx7wGJP2QYpH3f1yoSNU1+FD8V3mmO3YgPrPT/4qvK1XNRV6BnaCCBl/96LMvzkZ+CecVsGbi+K+AWfEd+5JNXj6gG3GgXlswH4OHVosCiQ2Wb9DLQYEepqrwnvwML3bOs0ZUAXKHun1y/2vkm65cqxIKwKR279+Wovj0RBtxOjuin0LHX4nLJ9D4DdkhxcUkC2JEK9djdbNb6clRlztrsga7TZKpEgeh94cj3Tj3g8PiSjxBvlFT/8Qnf5u148jxk/GC0ZuEqBgCvPs6iPoAXKwlL2EjML7eeZkpobKDY10monIfJMRe+l0hGmHLpmTclUc/2R8KOh7DaNhjhGj09Le5YGCcgB5de2PshEI1OlJbUWTUcsx8fsLMOTr7P3iY4tF6qKOZdNRRXBgwz404qIpefns0MXQB6Yo6JskCxD2iXUoDyse6Wb3f0jaBTWnGEBBTKaIq0QIOjZEcJ6I6POGrS3zgsn/1qHbLllQjkhL8kxNC7cuAFRHPFzaUzO0Eg/JzoOFhqs57O8TueUSiK5OEImQ0+vYhvbxzoVYsnYdn005yU9pJ0Ab9Q1odwYx/V+lR1KX1rmp8Bg+XZcMtbS3mz64J5UESpF6+ENzAg84hw38QodNmuvK/Xtlb3GzPnwWq1O+lyUh+jw1Kk5Lh+vJkKKUn8Xm5oJtvFn9CwC4SszRVBZX0tgyuz6+9iDv5wBz4mIKcQsZv+ADz8KpmrSnEj1nVraan6/bzJvZ2papZA96DAmS5KIwxKquSJk/naJoVJ3N53+rSDrjGTZ1/NTeDiaC49CdPVA61TLE0H1ItorrleHCLkku55oP6u/APrMU8hWIfFhi/ClcEX8TdV2rt9w01hCGTL7a2AxCSNoVl72gKDDesi3mG9frbjDPqClchJZHTPP5P9zWJsIDDCpntmlhqRaja6PfI38Qv6FfIeRO5PqZ3H1ninzMeTGPe9KsRK8aohYgfxPLqm93/QwkUGYvyEwu71PBPQiJN2h5kRdru2QtPNH/RubsRRX368fUnUBke5VShasiIyJbOKJZJuGdgG0jW2x1fbuHgyjjYf0sdD8HFLYfF5edoAMPX+GDFaGsdykt+THBufRfI8djDnc4MFOI8+3e5IsvtpDnVdEKV+d42KtbvcsVgVSY8lv8kdlxcJIpuIEAhuK5IW8MuZWYwx8C6I5eQJGmYrjqtL2/MuvL8qcY+wWDi4xXjMWYPc+Kgcshovc7saBsvkaK5uBdAeI9soPF3+cd8YxzheJ5rWx0QfJWbKptM7Y2ko0QX9Lz65lPtR+NPut1yti9g8X00+ne8oBI X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7bbe9310-6a70-4dc6-9df5-08db948dec5c X-MS-Exchange-CrossTenant-AuthSource: HE1PR0402MB3497.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Aug 2023 01:55:48.2990 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ZkiXxHv1QT5LB3rr5uJYkEQdwpmnrJgotfsfD8v78MuVChIWPeJx0igckq++oBYSCgSkZ3jm8+FBuP6x1/cQGQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR04MB9085 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Add a hook named update_socket_protocol in __sys_socket(), for bpf progs to attach to and update socket protocol. One user case is to force legacy TCP apps to create and use MPTCP sockets instead of TCP ones. Define a mod_ret set named bpf_mptcp_fmodret_ids, add the hook update_socket_protocol into this set, and register it in bpf_mptcp_kfunc_init(). Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/79 Acked-by: Matthieu Baerts Signed-off-by: Geliang Tang Acked-by: Yonghong Song --- net/mptcp/bpf.c | 15 +++++++++++++++ net/socket.c | 24 ++++++++++++++++++++++++ 2 files changed, 39 insertions(+) diff --git a/net/mptcp/bpf.c b/net/mptcp/bpf.c index 5a0a84ad94af..8a16672b94e2 100644 --- a/net/mptcp/bpf.c +++ b/net/mptcp/bpf.c @@ -19,3 +19,18 @@ struct mptcp_sock *bpf_mptcp_sock_from_subflow(struct sock *sk) return NULL; } + +BTF_SET8_START(bpf_mptcp_fmodret_ids) +BTF_ID_FLAGS(func, update_socket_protocol) +BTF_SET8_END(bpf_mptcp_fmodret_ids) + +static const struct btf_kfunc_id_set bpf_mptcp_fmodret_set = { + .owner = THIS_MODULE, + .set = &bpf_mptcp_fmodret_ids, +}; + +static int __init bpf_mptcp_kfunc_init(void) +{ + return register_btf_fmodret_id_set(&bpf_mptcp_fmodret_set); +} +late_initcall(bpf_mptcp_kfunc_init); diff --git a/net/socket.c b/net/socket.c index 2b0e54b2405c..9f98ced88ac5 100644 --- a/net/socket.c +++ b/net/socket.c @@ -1644,11 +1644,35 @@ struct file *__sys_socket_file(int family, int type, int protocol) return sock_alloc_file(sock, flags, NULL); } +/* A hook for bpf progs to attach to and update socket protocol. + * + * A static noinline declaration here could cause the compiler to + * optimize away the function. A global noinline declaration will + * keep the definition, but may optimize away the callsite. + * Therefore, __weak is needed to ensure that the call is still + * emitted, by telling the compiler that we don't know what the + * function might eventually be. + * + * __diag_* below are needed to dismiss the missing prototype warning. + */ + +__diag_push(); +__diag_ignore_all("-Wmissing-prototypes", + "kfuncs which will be used in BPF programs"); + +__weak noinline int update_socket_protocol(int family, int type, int protocol) +{ + return protocol; +} + +__diag_pop(); + int __sys_socket(int family, int type, int protocol) { struct socket *sock; int flags; + protocol = update_socket_protocol(family, type, protocol); sock = __sys_socket_create(family, type, protocol); if (IS_ERR(sock)) return PTR_ERR(sock);