Commit 01d81b16 authored Jul 15, 2023 by zhang-mingyi66

bpf, sockops: Enhance the return capability of sockops

hulk inclusion
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I7LE1H



----------------------------------------------------

Since commit 2585cd62 ("bpf: Only reply field should be writeable"),
sockops is not allowd to modify the replylong field except replylong[0].
The reason is that the replylong[1] to replylong[3] field is not used
at that time.

But in actual use, we can call `BPF_CGROUP_RUN_PROG_SOCK_OPS` in the
kernel modules and expect sockops to return some useful data.

The design comment about bpf_sock_ops::replylong in
include/uapi/linux/bpf.h is described as follows:

```
  struct bpf_sock_ops {
        __u32 op;
        union {
                __u32 args[4];          /* Optionally passed to bpf program */
                __u32 reply;            /* Returned by bpf program          */
                __u32 replylong[4];     /* Optioznally returned by bpf prog  */
        };
  ...
```

It seems to contradict the purpose for which the field was originally
designed. Let's remove this restriction.

Fixes: 2585cd62 ("bpf: Only reply field should be writeable")

Signed-off-by: zhang-mingyi66 <zhangmingyi5@huawei.com>

parent d992e267

net/core/filter.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -8974,7 +8974,7 @@ static bool sock_ops_is_valid_access(int off, int size,

		if (type == BPF_WRITE) {
		switch (off) {
		case offsetof(struct bpf_sock_ops, reply):
		case bpf_ctx_range_till(struct bpf_sock_ops, reply, replylong[3]):
		case offsetof(struct bpf_sock_ops, sk_txhash):
		if (size != size_default)
		return false;