diff options
author | David Ahern <dsa@cumulusnetworks.com> | 2016-12-01 17:48:03 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-12-02 19:44:56 +0100 |
commit | b2cd12574aa3e1625f471ff57cde7f628a18a46b (patch) | |
tree | f0ab0871e5673a32bde0b5c393e8925765522118 /kernel | |
parent | mlx4: fix use-after-free in mlx4_en_fold_software_stats() (diff) | |
download | linux-b2cd12574aa3e1625f471ff57cde7f628a18a46b.tar.xz linux-b2cd12574aa3e1625f471ff57cde7f628a18a46b.zip |
bpf: Refactor cgroups code in prep for new type
Code move and rename only; no functional change intended.
Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/bpf/cgroup.c | 10 | ||||
-rw-r--r-- | kernel/bpf/syscall.c | 28 |
2 files changed, 20 insertions, 18 deletions
diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index 8c784f8c67cd..8fe55ffd109d 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -118,7 +118,7 @@ void __cgroup_bpf_update(struct cgroup *cgrp, } /** - * __cgroup_bpf_run_filter() - Run a program for packet filtering + * __cgroup_bpf_run_filter_skb() - Run a program for packet filtering * @sk: The socken sending or receiving traffic * @skb: The skb that is being sent or received * @type: The type of program to be exectuted @@ -132,9 +132,9 @@ void __cgroup_bpf_update(struct cgroup *cgrp, * This function will return %-EPERM if any if an attached program was found * and if it returned != 1 during execution. In all other cases, 0 is returned. */ -int __cgroup_bpf_run_filter(struct sock *sk, - struct sk_buff *skb, - enum bpf_attach_type type) +int __cgroup_bpf_run_filter_skb(struct sock *sk, + struct sk_buff *skb, + enum bpf_attach_type type) { struct bpf_prog *prog; struct cgroup *cgrp; @@ -164,4 +164,4 @@ int __cgroup_bpf_run_filter(struct sock *sk, return ret; } -EXPORT_SYMBOL(__cgroup_bpf_run_filter); +EXPORT_SYMBOL(__cgroup_bpf_run_filter_skb); diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 4caa18e6860a..5518a6839ab1 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -856,6 +856,7 @@ static int bpf_prog_attach(const union bpf_attr *attr) { struct bpf_prog *prog; struct cgroup *cgrp; + enum bpf_prog_type ptype; if (!capable(CAP_NET_ADMIN)) return -EPERM; @@ -866,25 +867,26 @@ static int bpf_prog_attach(const union bpf_attr *attr) switch (attr->attach_type) { case BPF_CGROUP_INET_INGRESS: case BPF_CGROUP_INET_EGRESS: - prog = bpf_prog_get_type(attr->attach_bpf_fd, - BPF_PROG_TYPE_CGROUP_SKB); - if (IS_ERR(prog)) - return PTR_ERR(prog); - - cgrp = cgroup_get_from_fd(attr->target_fd); - if (IS_ERR(cgrp)) { - bpf_prog_put(prog); - return PTR_ERR(cgrp); - } - - cgroup_bpf_update(cgrp, prog, attr->attach_type); - cgroup_put(cgrp); + ptype = BPF_PROG_TYPE_CGROUP_SKB; break; default: return -EINVAL; } + prog = bpf_prog_get_type(attr->attach_bpf_fd, ptype); + if (IS_ERR(prog)) + return PTR_ERR(prog); + + cgrp = cgroup_get_from_fd(attr->target_fd); + if (IS_ERR(cgrp)) { + bpf_prog_put(prog); + return PTR_ERR(cgrp); + } + + cgroup_bpf_update(cgrp, prog, attr->attach_type); + cgroup_put(cgrp); + return 0; } |