af_unix: Implement ->psock_update_sk_prot()
Now we can implement unix_bpf_update_proto() to update sk_prot, especially prot->close(). Signed-off-by: Cong Wang <cong.wang@bytedance.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20210704190252.11866-7-xiyou.wangcong@gmail.com
This commit is contained in:
parent
c7272e15f0
commit
c63829182c
|
@ -10277,6 +10277,7 @@ F: net/core/skmsg.c
|
|||
F: net/core/sock_map.c
|
||||
F: net/ipv4/tcp_bpf.c
|
||||
F: net/ipv4/udp_bpf.c
|
||||
F: net/unix/unix_bpf.c
|
||||
|
||||
LANDLOCK SECURITY MODULE
|
||||
M: Mickaël Salaün <mic@digikod.net>
|
||||
|
|
|
@ -89,4 +89,14 @@ void unix_sysctl_unregister(struct net *net);
|
|||
static inline int unix_sysctl_register(struct net *net) { return 0; }
|
||||
static inline void unix_sysctl_unregister(struct net *net) {}
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_BPF_SYSCALL
|
||||
extern struct proto unix_proto;
|
||||
|
||||
int unix_bpf_update_proto(struct sock *sk, struct sk_psock *psock, bool restore);
|
||||
void __init unix_bpf_build_proto(void);
|
||||
#else
|
||||
static inline void __init unix_bpf_build_proto(void)
|
||||
{}
|
||||
#endif
|
||||
#endif
|
||||
|
|
|
@ -1517,6 +1517,7 @@ void sock_map_close(struct sock *sk, long timeout)
|
|||
release_sock(sk);
|
||||
saved_close(sk, timeout);
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(sock_map_close);
|
||||
|
||||
static int sock_map_iter_attach_target(struct bpf_prog *prog,
|
||||
union bpf_iter_link_info *linfo,
|
||||
|
|
|
@ -7,6 +7,7 @@ obj-$(CONFIG_UNIX) += unix.o
|
|||
|
||||
unix-y := af_unix.o garbage.o
|
||||
unix-$(CONFIG_SYSCTL) += sysctl_net_unix.o
|
||||
unix-$(CONFIG_BPF_SYSCALL) += unix_bpf.o
|
||||
|
||||
obj-$(CONFIG_UNIX_DIAG) += unix_diag.o
|
||||
unix_diag-y := diag.o
|
||||
|
|
|
@ -788,11 +788,14 @@ static void unix_close(struct sock *sk, long timeout)
|
|||
*/
|
||||
}
|
||||
|
||||
static struct proto unix_proto = {
|
||||
struct proto unix_proto = {
|
||||
.name = "UNIX",
|
||||
.owner = THIS_MODULE,
|
||||
.obj_size = sizeof(struct unix_sock),
|
||||
.close = unix_close,
|
||||
#ifdef CONFIG_BPF_SYSCALL
|
||||
.psock_update_sk_prot = unix_bpf_update_proto,
|
||||
#endif
|
||||
};
|
||||
|
||||
static struct sock *unix_create1(struct net *net, struct socket *sock, int kern)
|
||||
|
@ -2973,6 +2976,7 @@ static int __init af_unix_init(void)
|
|||
|
||||
sock_register(&unix_family_ops);
|
||||
register_pernet_subsys(&unix_net_ops);
|
||||
unix_bpf_build_proto();
|
||||
out:
|
||||
return rc;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,47 @@
|
|||
// SPDX-License-Identifier: GPL-2.0
|
||||
/* Copyright (c) 2021 Cong Wang <cong.wang@bytedance.com> */
|
||||
|
||||
#include <linux/skmsg.h>
|
||||
#include <linux/bpf.h>
|
||||
#include <net/sock.h>
|
||||
#include <net/af_unix.h>
|
||||
|
||||
static struct proto *unix_prot_saved __read_mostly;
|
||||
static DEFINE_SPINLOCK(unix_prot_lock);
|
||||
static struct proto unix_bpf_prot;
|
||||
|
||||
static void unix_bpf_rebuild_protos(struct proto *prot, const struct proto *base)
|
||||
{
|
||||
*prot = *base;
|
||||
prot->close = sock_map_close;
|
||||
}
|
||||
|
||||
static void unix_bpf_check_needs_rebuild(struct proto *ops)
|
||||
{
|
||||
if (unlikely(ops != smp_load_acquire(&unix_prot_saved))) {
|
||||
spin_lock_bh(&unix_prot_lock);
|
||||
if (likely(ops != unix_prot_saved)) {
|
||||
unix_bpf_rebuild_protos(&unix_bpf_prot, ops);
|
||||
smp_store_release(&unix_prot_saved, ops);
|
||||
}
|
||||
spin_unlock_bh(&unix_prot_lock);
|
||||
}
|
||||
}
|
||||
|
||||
int unix_bpf_update_proto(struct sock *sk, struct sk_psock *psock, bool restore)
|
||||
{
|
||||
if (restore) {
|
||||
sk->sk_write_space = psock->saved_write_space;
|
||||
WRITE_ONCE(sk->sk_prot, psock->sk_proto);
|
||||
return 0;
|
||||
}
|
||||
|
||||
unix_bpf_check_needs_rebuild(psock->sk_proto);
|
||||
WRITE_ONCE(sk->sk_prot, &unix_bpf_prot);
|
||||
return 0;
|
||||
}
|
||||
|
||||
void __init unix_bpf_build_proto(void)
|
||||
{
|
||||
unix_bpf_rebuild_protos(&unix_bpf_prot, &unix_proto);
|
||||
}
|
Loading…
Reference in New Issue