tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

bpf/bpf_get,set_sockopt: add option to set TCP-BPF sock ops flags

Currently the only opportunity to set sock ops flags dictating
which callbacks fire for a socket is from within a TCP-BPF sockops
program. This is problematic if the connection is already set up
as there is no further chance to specify callbacks for that socket.
Add TCP_BPF_SOCK_OPS_CB_FLAGS to bpf_setsockopt() and bpf_getsockopt()
to allow users to specify callbacks later, either via an iterator
over sockets or via a socket-specific program triggered by a
setsockopt() on the socket.

Previous discussion on this here [1].

[1] https://lore.kernel.org/bpf/f42f157b-6e52-dd4d-3d97-9b86c84c0b00@oracle.com/

Signed-off-by: Alan Maguire <alan.maguire@oracle.com>
Link: https://lore.kernel.org/r/20240808150558.1035626-2-alan.maguire@oracle.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>

authored by

Alan Maguire and committed by
Martin KaFai Lau 3882dccf 91d516d4

+20 -2
+2 -1
include/uapi/linux/bpf.h
··· 2851 2851 * **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**, 2852 2852 * **TCP_NODELAY**, **TCP_MAXSEG**, **TCP_WINDOW_CLAMP**, 2853 2853 * **TCP_THIN_LINEAR_TIMEOUTS**, **TCP_BPF_DELACK_MAX**, 2854 - * **TCP_BPF_RTO_MIN**. 2854 + * **TCP_BPF_RTO_MIN**, **TCP_BPF_SOCK_OPS_CB_FLAGS**. 2855 2855 * * **IPPROTO_IP**, which supports *optname* **IP_TOS**. 2856 2856 * * **IPPROTO_IPV6**, which supports the following *optname*\ s: 2857 2857 * **IPV6_TCLASS**, **IPV6_AUTOFLOWLABEL**. ··· 7080 7080 TCP_BPF_SYN = 1005, /* Copy the TCP header */ 7081 7081 TCP_BPF_SYN_IP = 1006, /* Copy the IP[46] and TCP header */ 7082 7082 TCP_BPF_SYN_MAC = 1007, /* Copy the MAC, IP[46], and TCP header */ 7083 + TCP_BPF_SOCK_OPS_CB_FLAGS = 1008, /* Get or Set TCP sock ops flags */ 7083 7084 }; 7084 7085 7085 7086 enum {
+16
net/core/filter.c
··· 5278 5278 return -EINVAL; 5279 5279 inet_csk(sk)->icsk_rto_min = timeout; 5280 5280 break; 5281 + case TCP_BPF_SOCK_OPS_CB_FLAGS: 5282 + if (val & ~(BPF_SOCK_OPS_ALL_CB_FLAGS)) 5283 + return -EINVAL; 5284 + tp->bpf_sock_ops_cb_flags = val; 5285 + break; 5281 5286 default: 5282 5287 return -EINVAL; 5283 5288 } ··· 5371 5366 if (*optlen < 1) 5372 5367 return -EINVAL; 5373 5368 break; 5369 + case TCP_BPF_SOCK_OPS_CB_FLAGS: 5370 + if (*optlen != sizeof(int)) 5371 + return -EINVAL; 5372 + if (getopt) { 5373 + struct tcp_sock *tp = tcp_sk(sk); 5374 + int cb_flags = tp->bpf_sock_ops_cb_flags; 5375 + 5376 + memcpy(optval, &cb_flags, *optlen); 5377 + return 0; 5378 + } 5379 + return bpf_sol_tcp_setsockopt(sk, optname, optval, *optlen); 5374 5380 default: 5375 5381 if (getopt) 5376 5382 return -EINVAL;
+2 -1
tools/include/uapi/linux/bpf.h
··· 2851 2851 * **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**, 2852 2852 * **TCP_NODELAY**, **TCP_MAXSEG**, **TCP_WINDOW_CLAMP**, 2853 2853 * **TCP_THIN_LINEAR_TIMEOUTS**, **TCP_BPF_DELACK_MAX**, 2854 - * **TCP_BPF_RTO_MIN**. 2854 + * **TCP_BPF_RTO_MIN**, **TCP_BPF_SOCK_OPS_CB_FLAGS**. 2855 2855 * * **IPPROTO_IP**, which supports *optname* **IP_TOS**. 2856 2856 * * **IPPROTO_IPV6**, which supports the following *optname*\ s: 2857 2857 * **IPV6_TCLASS**, **IPV6_AUTOFLOWLABEL**. ··· 7080 7080 TCP_BPF_SYN = 1005, /* Copy the TCP header */ 7081 7081 TCP_BPF_SYN_IP = 1006, /* Copy the IP[46] and TCP header */ 7082 7082 TCP_BPF_SYN_MAC = 1007, /* Copy the MAC, IP[46], and TCP header */ 7083 + TCP_BPF_SOCK_OPS_CB_FLAGS = 1008, /* Get or Set TCP sock ops flags */ 7083 7084 }; 7084 7085 7085 7086 enum {