From patchwork Tue Aug 8 13:40:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346144 X-Patchwork-Delegate: kuba@kernel.org Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 91919134BC; Tue, 8 Aug 2023 15:42:36 +0000 (UTC) Received: from mail-ed1-f49.google.com (mail-ed1-f49.google.com [209.85.208.49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9DF371FCD; Tue, 8 Aug 2023 08:42:07 -0700 (PDT) Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-5232d593646so4480642a12.0; Tue, 08 Aug 2023 08:42:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691509275; x=1692114075; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ChPT/lHzXHpKHyXlCB2W1LoY3mnd1UwLMSxiYiQjKmg=; b=Aq0HpdvkekfQbw+pkrnpkt0EUqI2o9wYwT779VYgsIebtZ323pxA6fUaihE2No2Ojq W+eHddT/Cjqr7KndK6kk7jMXK25ESTvHK3ysjzsCh5Jtf2p9o0Uw6ITaTpWtPuAUtejm 1B4K776/QDeS5jATJ6wdyf9Ec5ZGmqxHCm+OS/hojhjIrwCqo/B4HS9erRyY/HYjeuea Sa6P0gFa3Fbm1EBj6eJf1d+/5txs1pLbAIZKAMAz80zPvwZXSgT8V2B0bLagraQxyGbF FTyiJ8vobs7KBmAV/Ybuwklvhx9wquFj3MrPO2J3nl48A7j9flOZc0B4ty6gnOfz+u4C HT2g== X-Gm-Message-State: AOJu0Yw8iWUPcnIcnQoeBnZc5XwHH7eX3ZwUHposQ6766q/FczVlOHWH ERLrGmt4N6zSeBnJSY87Rf/50b+YRNQ= X-Google-Smtp-Source: AGHT+IEtMdELcO0r2mho0d8dPID1Lr2S9Ywk3n1aEbs+vzrbTUu1jEy7bEX0QBvnj23d6IU/jIcNYQ== X-Received: by 2002:a17:907:770b:b0:99b:ce9c:a94a with SMTP id kw11-20020a170907770b00b0099bce9ca94amr12488319ejc.4.1691502063751; Tue, 08 Aug 2023 06:41:03 -0700 (PDT) Received: from localhost (fwdproxy-cln-018.fbsv.net. [2a03:2880:31ff:12::face:b00c]) by smtp.gmail.com with ESMTPSA id h23-20020a1709067cd700b00992f309cfe8sm6775236ejp.178.2023.08.08.06.41.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:03 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com, "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org Subject: [PATCH v2 1/8] net: expose sock_use_custom_sol_socket Date: Tue, 8 Aug 2023 06:40:41 -0700 Message-Id: <20230808134049.1407498-2-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: kuba@kernel.org Exposing function sock_use_custom_sol_socket(), so it could be used by io_uring subsystem. This function will be used in the function io_uring_cmd_setsockopt() in the coming patch, so, let's move it to the socket.h header file. Signed-off-by: Breno Leitao --- include/linux/net.h | 5 +++++ net/socket.c | 5 ----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/linux/net.h b/include/linux/net.h index 41c608c1b02c..14a956e4530e 100644 --- a/include/linux/net.h +++ b/include/linux/net.h @@ -355,4 +355,9 @@ u32 kernel_sock_ip_overhead(struct sock *sk); #define MODULE_ALIAS_NET_PF_PROTO_NAME(pf, proto, name) \ MODULE_ALIAS("net-pf-" __stringify(pf) "-proto-" __stringify(proto) \ name) + +static inline bool sock_use_custom_sol_socket(const struct socket *sock) +{ + return test_bit(SOCK_CUSTOM_SOCKOPT, &sock->flags); +} #endif /* _LINUX_NET_H */ diff --git a/net/socket.c b/net/socket.c index 1dc23f5298ba..8df54352af83 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2216,11 +2216,6 @@ SYSCALL_DEFINE4(recv, int, fd, void __user *, ubuf, size_t, size, return __sys_recvfrom(fd, ubuf, size, flags, NULL, NULL); } -static bool sock_use_custom_sol_socket(const struct socket *sock) -{ - return test_bit(SOCK_CUSTOM_SOCKOPT, &sock->flags); -} - /* * Set a socket option. Because we don't know the option lengths we have * to pass the user mode parameter for the protocols to sort out. From patchwork Tue Aug 8 13:40:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346167 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 349AF18B1F; Tue, 8 Aug 2023 15:47:16 +0000 (UTC) Received: from mail-lj1-f179.google.com (mail-lj1-f179.google.com [209.85.208.179]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BEB267EC1; Tue, 8 Aug 2023 08:47:00 -0700 (PDT) Received: by mail-lj1-f179.google.com with SMTP id 38308e7fff4ca-2b9e6cc93d8so93815801fa.0; Tue, 08 Aug 2023 08:47:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691509614; x=1692114414; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=r9Qw/F0brYOmpW9rwZop//d4heqX4w4nP09GhRsKIik=; b=T4BQwXpXdsCuYvtifYD93c+gJl9rrz++/mR+4CynnqIvkUphBdDQ+lCgTW1D5Bi+Pd VzU5S/44j9RzUIScS4QKgvxAIEgjOrRy8tDji1l921ZgNNxUFqrtES9Ziv9X6D3dHBib G7vP+ZDfprdS+SwSUuLv58BN+BeGptCqziUtKUOPiyKKG+ub3vTum+zI2bk9IZ7ZIcAE iSuXNg9/rEwuUhXUCKN7a5MpHlyfMeNolQIQE3qUpI2Py1QozWcyrh4m/mjELJrfeoB+ nLeM6ywoACfu+zpBe7U8v+g8pnpYv0x5wwMHOJx4MIrMUzz8K2294mNLzrRmA+yMxSJu R+/A== X-Gm-Message-State: AOJu0Yw68NILxUrlrTB/SJ1JZ9iclpb5ZGtyYQEOzYatsri3G6neoxCe +OsiLVGqovmnCRwfei7OonbnVu78xjE= X-Google-Smtp-Source: AGHT+IEqhkwYaYSGAbqiw/LtPf5oEi+RgNvatwnvbRraW5eX4hKHlnSYlRuneFBiMukqQzpmDTlkmg== X-Received: by 2002:aa7:dad0:0:b0:51d:9ddf:f0f6 with SMTP id x16-20020aa7dad0000000b0051d9ddff0f6mr10088298eds.36.1691502065220; Tue, 08 Aug 2023 06:41:05 -0700 (PDT) Received: from localhost (fwdproxy-cln-012.fbsv.net. [2a03:2880:31ff:c::face:b00c]) by smtp.gmail.com with ESMTPSA id bc5-20020a056402204500b005230f06de15sm6767707edb.78.2023.08.08.06.41.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:04 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org, kuba@kernel.org, pabeni@redhat.com Subject: [PATCH v2 2/8] io_uring/cmd: Introduce SOCKET_URING_OP_GETSOCKOPT Date: Tue, 8 Aug 2023 06:40:42 -0700 Message-Id: <20230808134049.1407498-3-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Add support for getsockopt command (SOCKET_URING_OP_GETSOCKOPT), where level is SOL_SOCKET. This is leveraging the sockptr_t infrastructure, where a sockptr_t is either userspace or kernel space, and handled as such. Function io_uring_cmd_getsockopt() is inspired by __sys_getsockopt(). Differently from the getsockopt(2), the optlen field is not a userspace pointers. In getsockopt(2), userspace provides optlen pointer, which is overwritten by the kernel. In this implementation, userspace passes a u32, and the new value is returned in cqe->res. I.e., optlen is not a pointer. Important to say that userspace needs to keep the pointer alive until the CQE is completed. Signed-off-by: Breno Leitao --- include/uapi/linux/io_uring.h | 7 +++++++ io_uring/uring_cmd.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h index 9fc7195f25df..8152151080db 100644 --- a/include/uapi/linux/io_uring.h +++ b/include/uapi/linux/io_uring.h @@ -43,6 +43,10 @@ struct io_uring_sqe { union { __u64 addr; /* pointer to buffer or iovecs */ __u64 splice_off_in; + struct { + __u32 level; + __u32 optname; + }; }; __u32 len; /* buffer size or number of iovecs */ union { @@ -79,6 +83,7 @@ struct io_uring_sqe { union { __s32 splice_fd_in; __u32 file_index; + __u32 optlen; struct { __u16 addr_len; __u16 __pad3[1]; @@ -89,6 +94,7 @@ struct io_uring_sqe { __u64 addr3; __u64 __pad2[1]; }; + __u64 optval; /* * If the ring is initialized with IORING_SETUP_SQE128, then * this field is used for 80 bytes of arbitrary command data @@ -729,6 +735,7 @@ struct io_uring_recvmsg_out { enum { SOCKET_URING_OP_SIOCINQ = 0, SOCKET_URING_OP_SIOCOUTQ, + SOCKET_URING_OP_GETSOCKOPT, }; #ifdef __cplusplus diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c index 8e7a03c1b20e..582931879482 100644 --- a/io_uring/uring_cmd.c +++ b/io_uring/uring_cmd.c @@ -166,6 +166,32 @@ int io_uring_cmd_import_fixed(u64 ubuf, unsigned long len, int rw, } EXPORT_SYMBOL_GPL(io_uring_cmd_import_fixed); +static inline int io_uring_cmd_getsockopt(struct socket *sock, + struct io_uring_cmd *cmd) +{ + void __user *optval = u64_to_user_ptr(READ_ONCE(cmd->sqe->optval)); + int optname = READ_ONCE(cmd->sqe->optname); + int optlen = READ_ONCE(cmd->sqe->optlen); + int level = READ_ONCE(cmd->sqe->level); + int err; + + err = security_socket_getsockopt(sock, level, optname); + if (err) + return err; + + if (level == SOL_SOCKET) { + err = sk_getsockopt(sock->sk, level, optname, + USER_SOCKPTR(optval), + KERNEL_SOCKPTR(&optlen)); + if (err) + return err; + + return optlen; + } + + return -EOPNOTSUPP; +} + int io_uring_cmd_sock(struct io_uring_cmd *cmd, unsigned int issue_flags) { struct socket *sock = cmd->file->private_data; @@ -187,6 +213,8 @@ int io_uring_cmd_sock(struct io_uring_cmd *cmd, unsigned int issue_flags) if (ret) return ret; return arg; + case SOCKET_URING_OP_GETSOCKOPT: + return io_uring_cmd_getsockopt(sock, cmd); default: return -EOPNOTSUPP; } From patchwork Tue Aug 8 13:40:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346410 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B47411B7C9; Tue, 8 Aug 2023 16:49:34 +0000 (UTC) Received: from mail-lj1-f180.google.com (mail-lj1-f180.google.com [209.85.208.180]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5B78116AFF; Tue, 8 Aug 2023 09:49:33 -0700 (PDT) Received: by mail-lj1-f180.google.com with SMTP id 38308e7fff4ca-2b9d3dacb33so95357021fa.1; Tue, 08 Aug 2023 09:49:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691513371; x=1692118171; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o+9mxu8b+EhzS+5yoGnjlhzry4jkjQ5Q19ANuPNesrY=; b=l+J8ftwOUHMt2R84TGYZQ0G1AyQ5zfkFhgjdQq3p9CwjDoGfVT0ysWkD4m4cTgcsrz VnSiC+kxrEl2uMHN/bL/TWpw3x/mq6elkVx75+/P3kKsTIglIOftRjuzOuvoaACqXp5r ymAK9h6w30XQZ1yTTXBX14Rsgdaq0/Tnz3ManZ2HMz/vrr9bX9l3o4rk6dp7jIHxFxK0 81K3x0pf3DSIIlzuWGkGhAedjyFcksBQFrZWjqx6gZIEINC08DeLtTyLKyvCNAy6YSiQ Wy5ry/WBQUcvIamvkyq2r9r86dOB12CigvoxmhcZt1udmO7m48wgpDKTtKoZb+qTtnL/ OQ2w== X-Gm-Message-State: AOJu0YzXUznEAgznzLGg5rUubd3OEPwCcoK9CwyNaiwAWf5suWi4nRWW 836OXhYYY1oNvNd2OR8qzhldv0OOJBs= X-Google-Smtp-Source: AGHT+IFaiSD6la9EEN/hiA8ab/8s4dP7Ut5NjsQn3lAyBLxiI8Mq1SO2WnI7EtR5m+sRlgD67JjEaA== X-Received: by 2002:aa7:dc07:0:b0:522:37f1:5fd0 with SMTP id b7-20020aa7dc07000000b0052237f15fd0mr11327506edu.5.1691502066712; Tue, 08 Aug 2023 06:41:06 -0700 (PDT) Received: from localhost (fwdproxy-cln-018.fbsv.net. [2a03:2880:31ff:12::face:b00c]) by smtp.gmail.com with ESMTPSA id p8-20020a05640210c800b005231e1780aasm6116955edu.91.2023.08.08.06.41.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:06 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org, kuba@kernel.org, pabeni@redhat.com Subject: [PATCH v2 3/8] io_uring/cmd: Introduce SOCKET_URING_OP_SETSOCKOPT Date: Tue, 8 Aug 2023 06:40:43 -0700 Message-Id: <20230808134049.1407498-4-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Add initial support for SOCKET_URING_OP_SETSOCKOPT. This new command is similar to setsockopt. This initial implementation just cares about SOL_SOCKET level for now. The next patch implements the generic case. Function io_uring_cmd_setsockopt() is inspired by the function __sys_setsockopt(). Important to say that userspace needs to keep the pointer's memory alive until the operation is completed. Signed-off-by: Breno Leitao --- include/uapi/linux/io_uring.h | 1 + io_uring/uring_cmd.c | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/include/uapi/linux/io_uring.h b/include/uapi/linux/io_uring.h index 8152151080db..3fe82df06abf 100644 --- a/include/uapi/linux/io_uring.h +++ b/include/uapi/linux/io_uring.h @@ -736,6 +736,7 @@ enum { SOCKET_URING_OP_SIOCINQ = 0, SOCKET_URING_OP_SIOCOUTQ, SOCKET_URING_OP_GETSOCKOPT, + SOCKET_URING_OP_SETSOCKOPT, }; #ifdef __cplusplus diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c index 582931879482..5404b788ca14 100644 --- a/io_uring/uring_cmd.c +++ b/io_uring/uring_cmd.c @@ -192,6 +192,27 @@ static inline int io_uring_cmd_getsockopt(struct socket *sock, return -EOPNOTSUPP; } +static inline int io_uring_cmd_setsockopt(struct socket *sock, + struct io_uring_cmd *cmd) +{ + void __user *optval = u64_to_user_ptr(READ_ONCE(cmd->sqe->optval)); + int optname = READ_ONCE(cmd->sqe->optname); + int optlen = READ_ONCE(cmd->sqe->optlen); + int level = READ_ONCE(cmd->sqe->level); + int err; + + err = security_socket_setsockopt(sock, level, optname); + if (err) + return err; + + err = -EOPNOTSUPP; + if (level == SOL_SOCKET && !sock_use_custom_sol_socket(sock)) + err = sock_setsockopt(sock, level, optname, + USER_SOCKPTR(optval), optlen); + + return err; +} + int io_uring_cmd_sock(struct io_uring_cmd *cmd, unsigned int issue_flags) { struct socket *sock = cmd->file->private_data; @@ -215,6 +236,8 @@ int io_uring_cmd_sock(struct io_uring_cmd *cmd, unsigned int issue_flags) return arg; case SOCKET_URING_OP_GETSOCKOPT: return io_uring_cmd_getsockopt(sock, cmd); + case SOCKET_URING_OP_SETSOCKOPT: + return io_uring_cmd_setsockopt(sock, cmd); default: return -EOPNOTSUPP; } From patchwork Tue Aug 8 13:40:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346371 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E48CB15AF8; Tue, 8 Aug 2023 16:37:49 +0000 (UTC) Received: from mail-wm1-f42.google.com (mail-wm1-f42.google.com [209.85.128.42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CED031458D; Tue, 8 Aug 2023 09:37:36 -0700 (PDT) Received: by mail-wm1-f42.google.com with SMTP id 5b1f17b1804b1-3fe12baec61so49809545e9.2; Tue, 08 Aug 2023 09:37:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691512617; x=1692117417; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=poXIN1qcm1mBgNPqEzhboKC2+bYbXxru4TDBolh6FdE=; b=GUsMOGemXr5xK1uso6LK91nkUDP0bg339cyAUktGmrr+UOR/4bWHSV7ZztR+rboZXs pT04BqZPDtHcJUrD0/TbcFaWxevzQsS1X5xuNk8m6CERBF2ME/ylns06NyfRxvaICxcu OqWtv+l8EROL6yQAFVBH3i1LRfrlGpKIOC/E0IZh+Ka9BFKirt/IPcwDA8oZHL4ohSRQ BvJMWi2EseNpceI/JI8QRSGQG6eO7vJhUFUjEggDekyh62YwkEOvNjyGtf7wA8BTGZdN TpEXdpJERZOkhHZKusY8T7y5HIBBnrgyRVq30Ap4uWWNkiGbqGyDGqbdjNQ0axoFBLDn 74vQ== X-Gm-Message-State: AOJu0YysYYBNy/qpUs7CzqmTRp5rzwQIlhNdUtssVYv5R5uBLfyxAtem 1i7ijAJfGjW7F5cHCMgKlQhiaammt0g= X-Google-Smtp-Source: AGHT+IEhtROCWEOran/dhDokRbAF7S3YnYi+PrNq/rKwkr1ke/zSZrffti0r8XOG/549ipMIkjst3w== X-Received: by 2002:a50:ec99:0:b0:523:7b1:3720 with SMTP id e25-20020a50ec99000000b0052307b13720mr9558535edr.15.1691502068043; Tue, 08 Aug 2023 06:41:08 -0700 (PDT) Received: from localhost (fwdproxy-cln-118.fbsv.net. [2a03:2880:31ff:76::face:b00c]) by smtp.gmail.com with ESMTPSA id v18-20020aa7d652000000b005233885d0c6sm2734886edr.41.2023.08.08.06.41.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:07 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org, kuba@kernel.org, pabeni@redhat.com Subject: [PATCH v2 4/8] io_uring/cmd: Extend support beyond SOL_SOCKET Date: Tue, 8 Aug 2023 06:40:44 -0700 Message-Id: <20230808134049.1407498-5-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Add generic support for SOCKET_URING_OP_SETSOCKOPT, expanding the current case, that just execute if level is SOL_SOCKET. This implementation basically calls sock->ops->setsockopt() with a kernel allocated optval; Since the callback for ops->setsockopt() is already using sockptr_t, then the callbacks are leveraged to be called directly, similarly to __sys_setsockopt(). Signed-off-by: Breno Leitao --- io_uring/uring_cmd.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c index 5404b788ca14..dbba005a7290 100644 --- a/io_uring/uring_cmd.c +++ b/io_uring/uring_cmd.c @@ -205,10 +205,14 @@ static inline int io_uring_cmd_setsockopt(struct socket *sock, if (err) return err; - err = -EOPNOTSUPP; if (level == SOL_SOCKET && !sock_use_custom_sol_socket(sock)) err = sock_setsockopt(sock, level, optname, USER_SOCKPTR(optval), optlen); + else if (unlikely(!sock->ops->setsockopt)) + err = -EOPNOTSUPP; + else + err = sock->ops->setsockopt(sock, level, optname, + USER_SOCKPTR(koptval), optlen); return err; } From patchwork Tue Aug 8 13:40:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346370 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B8F9B14AAF; Tue, 8 Aug 2023 16:37:36 +0000 (UTC) Received: from mail-lf1-f46.google.com (mail-lf1-f46.google.com [209.85.167.46]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E266537C90; Tue, 8 Aug 2023 09:37:20 -0700 (PDT) Received: by mail-lf1-f46.google.com with SMTP id 2adb3069b0e04-4fe44955decso28257e87.1; Tue, 08 Aug 2023 09:37:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691512594; x=1692117394; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WLStaBoTlMXtsHG0LLCYkbddKzfAcQ5BShqSRpjotqI=; b=cAsypFqqvS+Y1at9eJ3zijNrYf0ExbU767ArQWvaTpHunW+EjPLYRZ68jJ9Fq6bmlQ iKE9VwwR9tXTPRipPom8syovBPjxiwW02P0SMW1DGE4J1AQZhSbX0O0OTWYLg4DuWCj8 KXKZZCaf0uczTvDIkX8wAXkAPhVBoaLQ5WPQTNcGvnNY1yuJhbaNoba+ev0wxXSCYbfP KycSjnQmfGq0kiXgIJIpn86msevJGZ63S61ckWBcLijETXUO9zgVophEF/pDr2J8WZDg FwmXajkv+yXcLCq2LbOAud0c9V7h8aIormKQf+aSmxP2NQR+sWRuNZvl2pCuWzvBHc3j fuhQ== X-Gm-Message-State: AOJu0YxVEv+LATBsrqAmNCgTsgVDZKzg17PzZdKp9ameNPyhiKujq3D8 aET8o3K9vk8NRXEj6wAIclRAehcTsLpAVw== X-Google-Smtp-Source: AGHT+IF4pL/BbT9L+kSVOMCx71cAwnol6Gbk2yOMizfp6UByrTTgxHgBZXsIOIp5AcahLoyQBhIXHQ== X-Received: by 2002:a17:906:8a66:b0:99b:4210:cc76 with SMTP id hy6-20020a1709068a6600b0099b4210cc76mr10279182ejc.28.1691502069666; Tue, 08 Aug 2023 06:41:09 -0700 (PDT) Received: from localhost (fwdproxy-cln-002.fbsv.net. [2a03:2880:31ff:2::face:b00c]) by smtp.gmail.com with ESMTPSA id o17-20020a17090611d100b0099bd0b5a2bcsm6750611eja.101.2023.08.08.06.41.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:09 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com, Alexei Starovoitov , Daniel Borkmann , John Fastabend , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , KP Singh , Hao Luo , Jiri Olsa , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org Subject: [PATCH v2 5/8] bpf: Leverage sockptr_t in BPF getsockopt hook Date: Tue, 8 Aug 2023 06:40:45 -0700 Message-Id: <20230808134049.1407498-6-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: bpf@iogearbox.net Leverage sockptr_t structure to have an argument that is either an userspace pointer, or, a kernel pointer. This makes this function flexible, so, we can mix and match user and kernel space pointers. The main motivation for this change is to use it in the io_uring {g,s}etsockopt(), which will use a userspace pointer for *optval, but, a kernel value for optlen. Signed-off-by: Breno Leitao --- include/linux/bpf-cgroup.h | 5 +++-- kernel/bpf/cgroup.c | 20 +++++++++++--------- net/socket.c | 5 +++-- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h index 57e9e109257e..d16cb99fd4f1 100644 --- a/include/linux/bpf-cgroup.h +++ b/include/linux/bpf-cgroup.h @@ -139,9 +139,10 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head, int __cgroup_bpf_run_filter_setsockopt(struct sock *sock, int *level, int *optname, char __user *optval, int *optlen, char **kernel_optval); + int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, - int optname, char __user *optval, - int __user *optlen, int max_optlen, + int optname, sockptr_t optval, + sockptr_t optlen, int max_optlen, int retval); int __cgroup_bpf_run_filter_getsockopt_kern(struct sock *sk, int level, diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index 5b2741aa0d9b..ebc8c58f7e46 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -1875,8 +1875,8 @@ int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level, } int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, - int optname, char __user *optval, - int __user *optlen, int max_optlen, + int optname, sockptr_t optval, + sockptr_t optlen, int max_optlen, int retval) { struct cgroup *cgrp = sock_cgroup_ptr(&sk->sk_cgrp_data); @@ -1903,8 +1903,8 @@ int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, * one that kernel returned as well to let * BPF programs inspect the value. */ - - if (get_user(ctx.optlen, optlen)) { + if (copy_from_sockptr(&ctx.optlen, optlen, + sizeof(ctx.optlen))) { ret = -EFAULT; goto out; } @@ -1915,8 +1915,8 @@ int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, } orig_optlen = ctx.optlen; - if (copy_from_user(ctx.optval, optval, - min(ctx.optlen, max_optlen)) != 0) { + if (copy_from_sockptr(ctx.optval, optval, + min(ctx.optlen, max_optlen))) { ret = -EFAULT; goto out; } @@ -1930,7 +1930,8 @@ int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, if (ret < 0) goto out; - if (optval && (ctx.optlen > max_optlen || ctx.optlen < 0)) { + if (!sockptr_is_null(optval) && + (ctx.optlen > max_optlen || ctx.optlen < 0)) { if (orig_optlen > PAGE_SIZE && ctx.optlen >= 0) { pr_info_once("bpf getsockopt: ignoring program buffer with optlen=%d (max_optlen=%d)\n", ctx.optlen, max_optlen); @@ -1942,11 +1943,12 @@ int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, } if (ctx.optlen != 0) { - if (optval && copy_to_user(optval, ctx.optval, ctx.optlen)) { + if (!sockptr_is_null(optval) && + copy_to_sockptr(optval, ctx.optval, ctx.optlen)) { ret = -EFAULT; goto out; } - if (put_user(ctx.optlen, optlen)) { + if (copy_to_sockptr(optlen, &ctx.optlen, sizeof(ctx.optlen))) { ret = -EFAULT; goto out; } diff --git a/net/socket.c b/net/socket.c index 8df54352af83..c686c6e89441 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2306,8 +2306,9 @@ int __sys_getsockopt(int fd, int level, int optname, char __user *optval, if (!in_compat_syscall()) err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level, optname, - optval, optlen, max_optlen, - err); + USER_SOCKPTR(optval), + USER_SOCKPTR(optlen), + max_optlen, err); out_put: fput_light(sock->file, fput_needed); return err; From patchwork Tue Aug 8 13:40:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346329 X-Patchwork-Delegate: bpf@iogearbox.net Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54C611427B; Tue, 8 Aug 2023 16:23:51 +0000 (UTC) Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D780429B5D; Tue, 8 Aug 2023 09:23:36 -0700 (PDT) Received: by mail-wr1-f54.google.com with SMTP id ffacd0b85a97d-31765aee31bso4407799f8f.1; Tue, 08 Aug 2023 09:23:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691511776; x=1692116576; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Evi9zaaIocUJUljhUqjZf7aG4nW/p3HKqWc5e4qc1/c=; b=lD9mAXwki50v5R4shgAO1eWV6+duHpa3z72W63T7UURzzxtw3HoaFXmxhgceq6d7FT q7QMebiG8AHcS1p6i/B0zGbry6Gp/YEFrtKAUzPdclXOfk8h/tgW1VQ+8x4o7J0GHXve LXGmBh8JBE8yAkCwAQcIno4ShJJtcF26kmLq1bVkwv4vxQE368eYHIJywEd9IR3x0SdV AiJq2ikEthR2wECttUhEjMf1mX5dUuWOYpVXPzFfwE/iWv6amFPW9/XBVgzsYAHzEon4 ZWW/+sWxUHHyxlOr7NwDHktMHE/brgKXLPb09e+epZo32UBm1yqYlHCa5o7AUyHW4OAG 8zgQ== X-Gm-Message-State: AOJu0Yx4BO3TxX9eF4R6aGXjrCgpMirBYdzlwbS2IyPskoPDLucjHL7f p4FLyEKCFx2cGKEhc3OpbJith4rK6nMObA== X-Google-Smtp-Source: AGHT+IF+kwB5pVAkz6onSyAIl+T5+1+ttJMPZ4G+vAb/sWRvLXfUO1y6Zyhx90T3HXmclZ/857Yrnw== X-Received: by 2002:a17:906:3046:b0:992:6064:f32b with SMTP id d6-20020a170906304600b009926064f32bmr11160819ejd.46.1691502071224; Tue, 08 Aug 2023 06:41:11 -0700 (PDT) Received: from localhost (fwdproxy-cln-020.fbsv.net. [2a03:2880:31ff:14::face:b00c]) by smtp.gmail.com with ESMTPSA id d11-20020a170906c20b00b00992d70f8078sm6731416ejz.106.2023.08.08.06.41.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:10 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Hao Luo , Jiri Olsa , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org Subject: [PATCH v2 6/8] bpf: Leverage sockptr_t in BPF setsockopt hook Date: Tue, 8 Aug 2023 06:40:46 -0700 Message-Id: <20230808134049.1407498-7-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Patchwork-Delegate: bpf@iogearbox.net Move BPF setsockopt hook (__cgroup_bpf_run_filter_setsockopt()) to use sockptr instead of user pointers. This brings flexibility to the function, since it could be called with userspace or kernel pointers. This also aligns with the getsockopt() counterpart, which is now using sockptr_t types. Signed-off-by: Breno Leitao --- include/linux/bpf-cgroup.h | 2 +- kernel/bpf/cgroup.c | 5 +++-- net/socket.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h index d16cb99fd4f1..5e3419eb267a 100644 --- a/include/linux/bpf-cgroup.h +++ b/include/linux/bpf-cgroup.h @@ -137,7 +137,7 @@ int __cgroup_bpf_run_filter_sysctl(struct ctl_table_header *head, enum cgroup_bpf_attach_type atype); int __cgroup_bpf_run_filter_setsockopt(struct sock *sock, int *level, - int *optname, char __user *optval, + int *optname, sockptr_t optval, int *optlen, char **kernel_optval); int __cgroup_bpf_run_filter_getsockopt(struct sock *sk, int level, diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index ebc8c58f7e46..f0dedd4f7f2e 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -1785,7 +1785,7 @@ static bool sockopt_buf_allocated(struct bpf_sockopt_kern *ctx, } int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level, - int *optname, char __user *optval, + int *optname, sockptr_t optval, int *optlen, char **kernel_optval) { struct cgroup *cgrp = sock_cgroup_ptr(&sk->sk_cgrp_data); @@ -1808,7 +1808,8 @@ int __cgroup_bpf_run_filter_setsockopt(struct sock *sk, int *level, ctx.optlen = *optlen; - if (copy_from_user(ctx.optval, optval, min(*optlen, max_optlen)) != 0) { + if (copy_from_sockptr(ctx.optval, optval, + min(*optlen, max_optlen))) { ret = -EFAULT; goto out; } diff --git a/net/socket.c b/net/socket.c index c686c6e89441..b7d22633995a 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2241,7 +2241,7 @@ int __sys_setsockopt(int fd, int level, int optname, char __user *user_optval, if (!in_compat_syscall()) err = BPF_CGROUP_RUN_PROG_SETSOCKOPT(sock->sk, &level, &optname, - user_optval, &optlen, + optval, &optlen, &kernel_optval); if (err < 0) goto out_put; From patchwork Tue Aug 8 13:40:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346374 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 19D6029DFC; Tue, 8 Aug 2023 16:39:27 +0000 (UTC) Received: from mail-lf1-f45.google.com (mail-lf1-f45.google.com [209.85.167.45]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61302F839C; Tue, 8 Aug 2023 09:39:15 -0700 (PDT) Received: by mail-lf1-f45.google.com with SMTP id 2adb3069b0e04-4fe48d0ab0fso9142016e87.1; Tue, 08 Aug 2023 09:39:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691512724; x=1692117524; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D1FImuotzzVQ6nA+cw3aWKU2TeJBwRAYe/LnZXkkaFw=; b=EkCA40kxooti6uJfoNlssQSr4NVwrGflalP+OqK6jMNA3ijjWS+eZs4M6eyBQVVYyI P3kHuvn9LiAnPomnRuO7ZHip+S52gzRIikunEID3OL7n7HeIdUT5PhF4xsmZ2oRinjvf hI9EDM5uZ10nKb5k70YeyEcWgKGdYOqMwJWqYWa6MPUnDk8e85F1A74l1R4jl6+I0Loj bsza1vqK10MbxmFz0x56knIi3keDR+l1SS98hIerkHxa27MgvqqWxnw8z51imILB3cOy e4hdzFvoGcN9QFehT/WvdSMqGVYKQckTSmdtAz7S91690wrq3TmUCCrrVAhqmGaDDRZW yOEA== X-Gm-Message-State: AOJu0Yxl9tj8oc6OXXvZgkWKC0MKrNfxqj53h9M+IjPt/ox4OyBb8DX/ LNnmSJHzDprRO/nUSjbjiN6TPpNHYjo= X-Google-Smtp-Source: AGHT+IFbk39aiWdQs43VmDbGnkeQcAnhXwYUlno2wMsVnKErCw/KqJgXvGi+kwIrhmeCXX2f4IKflA== X-Received: by 2002:a2e:3307:0:b0:2b6:fe3c:c3c1 with SMTP id d7-20020a2e3307000000b002b6fe3cc3c1mr9358880ljc.4.1691502072628; Tue, 08 Aug 2023 06:41:12 -0700 (PDT) Received: from localhost (fwdproxy-cln-003.fbsv.net. [2a03:2880:31ff:3::face:b00c]) by smtp.gmail.com with ESMTPSA id s15-20020a170906284f00b00992e265495csm6650549ejc.212.2023.08.08.06.41.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:12 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org, kuba@kernel.org, pabeni@redhat.com Subject: [PATCH v2 7/8] io_uring/cmd: BPF hook for getsockopt cmd Date: Tue, 8 Aug 2023 06:40:47 -0700 Message-Id: <20230808134049.1407498-8-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Add BPF hooks support for getsockopts io_uring command. So, bpf cgroups programs can run when SOCKET_URING_OP_GETSOCKOPT command is called. This implementation follows a similar approach to what __sys_getsockopt() does, but, using USER_SOCKPTR() for optval instead of kernel pointer. Signed-off-by: Breno Leitao --- io_uring/uring_cmd.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c index dbba005a7290..3693e5779229 100644 --- a/io_uring/uring_cmd.c +++ b/io_uring/uring_cmd.c @@ -5,6 +5,8 @@ #include #include #include +#include +#include #include #include @@ -179,17 +181,23 @@ static inline int io_uring_cmd_getsockopt(struct socket *sock, if (err) return err; - if (level == SOL_SOCKET) { + err = -EOPNOTSUPP; + if (level == SOL_SOCKET) err = sk_getsockopt(sock->sk, level, optname, USER_SOCKPTR(optval), KERNEL_SOCKPTR(&optlen)); - if (err) - return err; + if (!in_compat_syscall()) + err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level, + optname, + USER_SOCKPTR(optval), + KERNEL_SOCKPTR(&optlen), + optlen, err); + + if (!err) return optlen; - } - return -EOPNOTSUPP; + return err; } static inline int io_uring_cmd_setsockopt(struct socket *sock, From patchwork Tue Aug 8 13:40:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Breno Leitao X-Patchwork-Id: 13346372 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3A48C26B60; Tue, 8 Aug 2023 16:38:03 +0000 (UTC) Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 16AEB47E2; Tue, 8 Aug 2023 09:37:48 -0700 (PDT) Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-99bc9e3cbf1so7259366b.0; Tue, 08 Aug 2023 09:37:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691512580; x=1692117380; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DkmTv84pMJXYa4K1dNGjk/Yamo7BduW6q6khqHXBPa8=; b=Dd8Vgwj0UHNXYwynWoCRfMASq4JLeZpNRyD/tDC9/ATD1zoHWUD7ZBnS7KIY4WDcfK ft9+HC6Im3yySuN5IA5x2mBmsJHnSVZ1PXbqb+ovN4ly171nyV0dASxLtRo3/nlwXxDo aLK1oV5PIlsIJs2UrdsvJjI7JFwh3NrDn54tIZ3w0s3CkR0cC0e71kaoBOGXWS8pJA0W nEmzli7l0wxxb4cN1N2BC61xsSM+p2tbs2xTwZyKuS7hTuFdRVGBsWeUl3I7NzhFcLoR ZEoZ8LhZxB+pGH0RTFuHz9iTIkCjkS5MgAOof+PL6lB2JUE8uTccbwHO/zc5G23VX2UL RJVg== X-Gm-Message-State: AOJu0Yx4C50amqYS9gt0/ZdikrVwIQtBhmV0KIH8JFMRFOWB81RRqczP dTuNCJmSONEKBPOItM+Xhm94RIj+iFA= X-Google-Smtp-Source: AGHT+IFCb2xDaXaWa86RAvY8VGrjOIB1tiZauK4N/+kpq0thYV6NlgElKwksutrFFgGq6zVtrt/YmA== X-Received: by 2002:a17:906:53ce:b0:99c:7300:94b8 with SMTP id p14-20020a17090653ce00b0099c730094b8mr10749291ejo.10.1691502074057; Tue, 08 Aug 2023 06:41:14 -0700 (PDT) Received: from localhost (fwdproxy-cln-116.fbsv.net. [2a03:2880:31ff:74::face:b00c]) by smtp.gmail.com with ESMTPSA id qh17-20020a170906ecb100b0099cc1ffd8f5sm4484910ejb.53.2023.08.08.06.41.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Aug 2023 06:41:13 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org, kuba@kernel.org, pabeni@redhat.com Subject: [PATCH v2 8/8] io_uring/cmd: BPF hook for setsockopt cmd Date: Tue, 8 Aug 2023 06:40:48 -0700 Message-Id: <20230808134049.1407498-9-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230808134049.1407498-1-leitao@debian.org> References: <20230808134049.1407498-1-leitao@debian.org> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Add support for BPF hooks for io_uring setsockopts command. This implementation follows a similar approach to what __sys_setsockopt() does, but, operates only on kernel memory instead of user memory (which is also possible, but not preferred since the kernel memory is already available) Signed-off-by: Breno Leitao --- io_uring/uring_cmd.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c index 3693e5779229..b7b27e4dbddd 100644 --- a/io_uring/uring_cmd.c +++ b/io_uring/uring_cmd.c @@ -205,23 +205,42 @@ static inline int io_uring_cmd_setsockopt(struct socket *sock, { void __user *optval = u64_to_user_ptr(READ_ONCE(cmd->sqe->optval)); int optname = READ_ONCE(cmd->sqe->optname); + sockptr_t optval_s = USER_SOCKPTR(optval); int optlen = READ_ONCE(cmd->sqe->optlen); int level = READ_ONCE(cmd->sqe->level); + char *kernel_optval = NULL; int err; err = security_socket_setsockopt(sock, level, optname); if (err) return err; + if (!in_compat_syscall()) { + err = BPF_CGROUP_RUN_PROG_SETSOCKOPT(sock->sk, &level, + &optname, + USER_SOCKPTR(optval), + &optlen, + &kernel_optval); + if (err < 0) + return err; + if (err > 0) + return 0; + + /* Replace optval by the one returned by BPF */ + if (kernel_optval) + optval_s = KERNEL_SOCKPTR(kernel_optval); + } + if (level == SOL_SOCKET && !sock_use_custom_sol_socket(sock)) err = sock_setsockopt(sock, level, optname, - USER_SOCKPTR(optval), optlen); + optval_s, optlen); else if (unlikely(!sock->ops->setsockopt)) err = -EOPNOTSUPP; else err = sock->ops->setsockopt(sock, level, optname, - USER_SOCKPTR(koptval), optlen); + optval_s, optlen); + kfree(kernel_optval); return err; }