diff options
| author | Martin KaFai Lau <martin.lau@kernel.org> | 2024-09-11 17:48:50 +0200 |
|---|---|---|
| committer | Martin KaFai Lau <martin.lau@kernel.org> | 2024-09-11 17:57:59 +0200 |
| commit | fdfd9d82a43a7a50b9d0989a0440d12a3d68ea15 (patch) | |
| tree | 4fa07558dae0dc5689ee92c485d13cbe4a132519 /net/core | |
| parent | bpf, cpumap: Move xdp:xdp_cpumap_kthread tracepoint before rcv (diff) | |
| parent | selftests/bpf: Expand skb dynptr selftests for tp_btf (diff) | |
| download | linux-fdfd9d82a43a7a50b9d0989a0440d12a3d68ea15.tar.xz linux-fdfd9d82a43a7a50b9d0989a0440d12a3d68ea15.zip | |
Merge branch 'bpf: Allow skb dynptr for tp_btf'
Philo Lu says:
====================
This makes bpf_dynptr_from_skb usable for tp_btf, so that we can easily
parse skb in tracepoints. This has been discussed in [0], and Martin
suggested to use dynptr (instead of helpers like bpf_skb_load_bytes).
For safety, skb dynptr shouldn't be used in fentry/fexit. This is achieved
by add KF_TRUSTED_ARGS flag in bpf_dynptr_from_skb defination, because
pointers passed by tracepoint are trusted (PTR_TRUSTED) while those of
fentry/fexit are not.
Another problem raises that NULL pointers could be passed to tracepoint,
such as trace_tcp_send_reset, and we need to recognize them. This is done
by add a "__nullable" suffix in the func_proto of the tracepoint,
discussed in [1].
2 Test cases are added, one for "__nullable" suffix, and the other for
using skb dynptr in tp_btf.
changelog
v2 -> v3 (Andrii Nakryiko):
Patch 1:
- Remove prog type check in prog_arg_maybe_null()
- Add bpf_put_raw_tracepoint() after get()
- Use kallsyms_lookup() instead of sprintf("%ps")
Patch 2: Add separate test "tp_btf_nullable", and use full failure msg
v1 -> v2:
- Add "__nullable" suffix support (Alexei Starovoitov)
- Replace "struct __sk_buff*" with "void*" in test (Martin KaFai Lau)
[0]
https://lore.kernel.org/all/20240205121038.41344-1-lulie@linux.alibaba.com/T/
[1]
https://lore.kernel.org/all/20240430121805.104618-1-lulie@linux.alibaba.com/T/
====================
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Diffstat (limited to 'net/core')
| -rw-r--r-- | net/core/filter.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/core/filter.c b/net/core/filter.c index f09d875cc053..c6012a3a14b2 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -12063,7 +12063,7 @@ int bpf_dynptr_from_skb_rdonly(struct __sk_buff *skb, u64 flags, } BTF_KFUNCS_START(bpf_kfunc_check_set_skb) -BTF_ID_FLAGS(func, bpf_dynptr_from_skb) +BTF_ID_FLAGS(func, bpf_dynptr_from_skb, KF_TRUSTED_ARGS) BTF_KFUNCS_END(bpf_kfunc_check_set_skb) BTF_KFUNCS_START(bpf_kfunc_check_set_xdp) @@ -12112,6 +12112,7 @@ static int __init bpf_kfunc_init(void) ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_LWT_XMIT, &bpf_kfunc_set_skb); ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_LWT_SEG6LOCAL, &bpf_kfunc_set_skb); ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_NETFILTER, &bpf_kfunc_set_skb); + ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_TRACING, &bpf_kfunc_set_skb); ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_XDP, &bpf_kfunc_set_xdp); ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_CGROUP_SOCK_ADDR, &bpf_kfunc_set_sock_addr); |