diff options
author | Prankur Gupta <prankgup@fb.com> | 2021-08-17 15:42:20 -0700 |
---|---|---|
committer | Daniel Borkmann <daniel@iogearbox.net> | 2021-08-20 01:04:52 +0200 |
commit | 2c531639deb5e3ddfd6e8123b82052b2d9fbc6e5 (patch) | |
tree | 4f23f7d3f661031fea98d69984ce28fc8b1a4191 | |
parent | 44779a4b85abd1d1dab9e5b90bd5e6adcfc8143a (diff) | |
download | linux-stable-2c531639deb5e3ddfd6e8123b82052b2d9fbc6e5.tar.gz linux-stable-2c531639deb5e3ddfd6e8123b82052b2d9fbc6e5.tar.bz2 linux-stable-2c531639deb5e3ddfd6e8123b82052b2d9fbc6e5.zip |
bpf: Add support for {set|get} socket options from setsockopt BPF
Add logic to call bpf_setsockopt() and bpf_getsockopt() from setsockopt BPF
programs. An example use case is when the user sets the IPV6_TCLASS socket
option, we would also like to change the tcp-cc for that socket.
We don't have any use case for calling bpf_setsockopt() from supposedly read-
only sys_getsockopt(), so it is made available to BPF_CGROUP_SETSOCKOPT only
at this point.
Signed-off-by: Prankur Gupta <prankgup@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Song Liu <songliubraving@fb.com>
Link: https://lore.kernel.org/bpf/20210817224221.3257826-2-prankgup@fb.com
-rw-r--r-- | kernel/bpf/cgroup.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index 9f35928bab0a..8e9d99e2ade4 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -1873,6 +1873,14 @@ cg_sockopt_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return &bpf_sk_storage_get_proto; case BPF_FUNC_sk_storage_delete: return &bpf_sk_storage_delete_proto; + case BPF_FUNC_setsockopt: + if (prog->expected_attach_type == BPF_CGROUP_SETSOCKOPT) + return &bpf_sk_setsockopt_proto; + return NULL; + case BPF_FUNC_getsockopt: + if (prog->expected_attach_type == BPF_CGROUP_SETSOCKOPT) + return &bpf_sk_getsockopt_proto; + return NULL; #endif #ifdef CONFIG_INET case BPF_FUNC_tcp_sock: |