Commit f54a2a13 authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 

Daniel Borkmann says:

====================
pull-request: bpf-next 2023-08-16

We've added 17 non-merge commits during the last 6 day(s) which contain
a total of 20 files changed, 1179 insertions(+), 37 deletions(-).

The main changes are:

1) Add a BPF hook in sys_socket() to change the protocol ID
   from IPPROTO_TCP to IPPROTO_MPTCP to cover migration for legacy
   applications, from Geliang Tang.

2) Follow-up/fallout fix from the SO_REUSEPORT + bpf_sk_assign work
   to fix a splat on non-fullsock sks in inet[6]_steal_sock,
   from Lorenz Bauer.

3) Improvements to struct_ops links to avoid forcing presence of
   update/validate callbacks. Also add bpf_struct_ops fields documentation,
   from David Vernet.

4) Ensure libbpf sets close-on-exec flag on gzopen, from Marco Vedovati.

5) Several new tcx selftest additions and bpftool link show support for
   tcx and xdp links, from Daniel Borkmann.

6) Fix a smatch warning on uninitialized symbol in
   bpf_perf_link_fill_kprobe, from Yafang Shao.

7) BPF selftest fixes e.g. misplaced break in kfunc_call test,
   from Yipeng Zou.

8) Small cleanup to remove unused declaration bpf_link_new_file,
   from Yue Haibing.

9) Small typo fix to bpftool's perf help message, from Daniel T. Lee.

* tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next:
  selftests/bpf: Add mptcpify test
  selftests/bpf: Fix error checks of mptcp open_and_load
  selftests/bpf: Add two mptcp netns helpers
  bpf: Add update_socket_protocol hook
  bpftool: Implement link show support for xdp
  bpftool: Implement link show support for tcx
  selftests/bpf: Add selftest for fill_link_info
  bpf: Fix uninitialized symbol in bpf_perf_link_fill_kprobe()
  net: Fix slab-out-of-bounds in inet[6]_steal_sock
  bpf: Document struct bpf_struct_ops fields
  bpf: Support default .validate() and .update() behavior for struct_ops links
  selftests/bpf: Add various more tcx test cases
  selftests/bpf: Clean up fmod_ret in bench_rename test script
  selftests/bpf: Fix repeat option when kfunc_call verification fails
  libbpf: Set close-on-exec flag on gzopen
  bpftool: fix perf help message
  bpf: Remove unused declaration bpf_link_new_file()
====================

Link: https://lore.kernel.org/r/20230816212840.1539-1-daniel@iogearbox.net


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents 42b118c9 de405373

include/linux/bpf.h

+47 −1
Original line number Diff line number Diff line
@@ -1550,6 +1550,53 @@ struct bpf_struct_ops_value; 
struct btf_member;



#define BPF_STRUCT_OPS_MAX_NR_MEMBERS 64

/**

 * struct bpf_struct_ops - A structure of callbacks allowing a subsystem to

 *			   define a BPF_MAP_TYPE_STRUCT_OPS map type composed

 *			   of BPF_PROG_TYPE_STRUCT_OPS progs.

 * @verifier_ops: A structure of callbacks that are invoked by the verifier

 *		  when determining whether the struct_ops progs in the

 *		  struct_ops map are valid.

 * @init: A callback that is invoked a single time, and before any other

 *	  callback, to initialize the structure. A nonzero return value means

 *	  the subsystem could not be initialized.

 * @check_member: When defined, a callback invoked by the verifier to allow

 *		  the subsystem to determine if an entry in the struct_ops map

 *		  is valid. A nonzero return value means that the map is

 *		  invalid and should be rejected by the verifier.

 * @init_member: A callback that is invoked for each member of the struct_ops

 *		 map to allow the subsystem to initialize the member. A nonzero

 *		 value means the member could not be initialized. This callback

 *		 is exclusive with the @type, @type_id, @value_type, and

 *		 @value_id fields.

 * @reg: A callback that is invoked when the struct_ops map has been

 *	 initialized and is being attached to. Zero means the struct_ops map

 *	 has been successfully registered and is live. A nonzero return value

 *	 means the struct_ops map could not be registered.

 * @unreg: A callback that is invoked when the struct_ops map should be

 *	   unregistered.

 * @update: A callback that is invoked when the live struct_ops map is being

 *	    updated to contain new values. This callback is only invoked when

 *	    the struct_ops map is loaded with BPF_F_LINK. If not defined, the

 *	    it is assumed that the struct_ops map cannot be updated.

 * @validate: A callback that is invoked after all of the members have been

 *	      initialized. This callback should perform static checks on the

 *	      map, meaning that it should either fail or succeed

 *	      deterministically. A struct_ops map that has been validated may

 *	      not necessarily succeed in being registered if the call to @reg

 *	      fails. For example, a valid struct_ops map may be loaded, but

 *	      then fail to be registered due to there being another active

 *	      struct_ops map on the system in the subsystem already. For this

 *	      reason, if this callback is not defined, the check is skipped as

 *	      the struct_ops map will have final verification performed in

 *	      @reg.

 * @type: BTF type.

 * @value_type: Value type.

 * @name: The name of the struct bpf_struct_ops object.

 * @func_models: Func models

 * @type_id: BTF type id.

 * @value_id: BTF value id.

 */

struct bpf_struct_ops {

	const struct bpf_verifier_ops *verifier_ops;

	int (*init)(struct btf *btf);
@@ -2120,7 +2167,6 @@ void bpf_link_cleanup(struct bpf_link_primer *primer); 
void bpf_link_inc(struct bpf_link *link);

void bpf_link_put(struct bpf_link *link);

int bpf_link_new_fd(struct bpf_link *link);

struct file *bpf_link_new_file(struct bpf_link *link, int *reserved_fd);

struct bpf_link *bpf_link_get_from_fd(u32 ufd);

struct bpf_link *bpf_link_get_curr_or_next(u32 *id);

include/net/inet6_hashtables.h

+1 −1
Original line number Diff line number Diff line
@@ -116,7 +116,7 @@ struct sock *inet6_steal_sock(struct net *net, struct sk_buff *skb, int doff, 
	if (!sk)

		return NULL;



	if (!prefetched)

	if (!prefetched || !sk_fullsock(sk))

		return sk;



	if (sk->sk_protocol == IPPROTO_TCP) {

include/net/inet_hashtables.h

+1 −1
Original line number Diff line number Diff line
@@ -462,7 +462,7 @@ struct sock *inet_steal_sock(struct net *net, struct sk_buff *skb, int doff, 
	if (!sk)

		return NULL;



	if (!prefetched)

	if (!prefetched || !sk_fullsock(sk))

		return sk;



	if (sk->sk_protocol == IPPROTO_TCP) {

kernel/bpf/bpf_struct_ops.c

+9 −6
Original line number Diff line number Diff line
@@ -509,9 +509,12 @@ static long bpf_struct_ops_map_update_elem(struct bpf_map *map, void *key, 
	}



	if (st_map->map.map_flags & BPF_F_LINK) {

		err = 0;

		if (st_ops->validate) {

			err = st_ops->validate(kdata);

			if (err)

				goto reset_unlock;

		}

		set_memory_rox((long)st_map->image, 1);

		/* Let bpf_link handle registration & unregistration.

		 *
@@ -663,9 +666,6 @@ static struct bpf_map *bpf_struct_ops_map_alloc(union bpf_attr *attr) 
	if (attr->value_size != vt->size)

		return ERR_PTR(-EINVAL);



	if (attr->map_flags & BPF_F_LINK && (!st_ops->validate || !st_ops->update))

		return ERR_PTR(-EOPNOTSUPP);



	t = st_ops->type;



	st_map_size = sizeof(*st_map) +
@@ -823,6 +823,9 @@ static int bpf_struct_ops_map_link_update(struct bpf_link *link, struct bpf_map 
	if (!bpf_struct_ops_valid_to_reg(new_map))

		return -EINVAL;



	if (!st_map->st_ops->update)

		return -EOPNOTSUPP;



	mutex_lock(&update_mutex);



	old_map = rcu_dereference_protected(st_link->map, lockdep_is_held(&update_mutex));

kernel/bpf/syscall.c

+2 −3
Original line number Diff line number Diff line
@@ -3378,14 +3378,13 @@ static int bpf_perf_link_fill_common(const struct perf_event *event, 


	if (!ulen ^ !uname)

		return -EINVAL;

	if (!uname)

		return 0;



	err = bpf_get_perf_event_info(event, &prog_id, fd_type, &buf,

				      probe_offset, probe_addr);

	if (err)

		return err;



	if (!uname)

		return 0;

	if (buf) {

		len = strlen(buf);

		err = bpf_copy_to_user(uname, buf, ulen, len);