2021-08-16 10:54:27

by Xu Liu

[permalink] [raw]
Subject: [PATCH] bpf: Allow bpf_get_netns_cookie in BPF_PROG_TYPE_SOCK_OPS

We'd like to be able to identify netns from sockops hooks
to accelerate local process communication form different netns.

Signed-off-by: Xu Liu <[email protected]>
---
net/core/filter.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)

diff --git a/net/core/filter.c b/net/core/filter.c
index d70187ce851b..34938a537931 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -4664,6 +4664,18 @@ static const struct bpf_func_proto bpf_get_netns_cookie_sock_addr_proto = {
.arg1_type = ARG_PTR_TO_CTX_OR_NULL,
};

+BPF_CALL_1(bpf_get_netns_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx)
+{
+ return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL);
+}
+
+static const struct bpf_func_proto bpf_get_netns_cookie_sock_ops_proto = {
+ .func = bpf_get_netns_cookie_sock_ops,
+ .gpl_only = false,
+ .ret_type = RET_INTEGER,
+ .arg1_type = ARG_PTR_TO_CTX_OR_NULL,
+};
+
BPF_CALL_1(bpf_get_socket_uid, struct sk_buff *, skb)
{
struct sock *sk = sk_to_full_sk(skb->sk);
@@ -7445,6 +7457,8 @@ sock_ops_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
return &bpf_sk_storage_get_proto;
case BPF_FUNC_sk_storage_delete:
return &bpf_sk_storage_delete_proto;
+ case BPF_FUNC_get_netns_cookie:
+ return &bpf_get_netns_cookie_sock_ops_proto;
#ifdef CONFIG_INET
case BPF_FUNC_load_hdr_opt:
return &bpf_sock_ops_load_hdr_opt_proto;
--
2.28.0


2021-08-17 16:20:43

by Song Liu

[permalink] [raw]
Subject: Re: [PATCH] bpf: Allow bpf_get_netns_cookie in BPF_PROG_TYPE_SOCK_OPS

Hi Xu,

> On Aug 16, 2021, at 3:51 AM, Xu Liu <[email protected]> wrote:
>
> We'd like to be able to identify netns from sockops hooks
> to accelerate local process communication form different netns.
>
> Signed-off-by: Xu Liu <[email protected]>

The change looks good to me. Some logistics issue:

1. Please prefix the subject based on target tree, like [PATCH bpf] or
[PATCH bpf-next]. This change should target bpf-next. Also, please
include v2 (or v3, v4...) when sending the revisions of the patch.
So the next version of this change should be [PATCH bpf-next v2] or
similar.

2. Please add a selftest (see tools/testing/selftests/bpf/) to exercise
this function from sock_ops

Thanks,
Song


> ---
> net/core/filter.c | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> diff --git a/net/core/filter.c b/net/core/filter.c
> index d70187ce851b..34938a537931 100644
> --- a/net/core/filter.c
> +++ b/net/core/filter.c
> @@ -4664,6 +4664,18 @@ static const struct bpf_func_proto bpf_get_netns_cookie_sock_addr_proto = {
> .arg1_type = ARG_PTR_TO_CTX_OR_NULL,
> };
>
> +BPF_CALL_1(bpf_get_netns_cookie_sock_ops, struct bpf_sock_ops_kern *, ctx)
> +{
> + return __bpf_get_netns_cookie(ctx ? ctx->sk : NULL);
> +}
> +
> +static const struct bpf_func_proto bpf_get_netns_cookie_sock_ops_proto = {
> + .func = bpf_get_netns_cookie_sock_ops,
> + .gpl_only = false,
> + .ret_type = RET_INTEGER,
> + .arg1_type = ARG_PTR_TO_CTX_OR_NULL,
> +};
> +
> BPF_CALL_1(bpf_get_socket_uid, struct sk_buff *, skb)
> {
> struct sock *sk = sk_to_full_sk(skb->sk);
> @@ -7445,6 +7457,8 @@ sock_ops_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> return &bpf_sk_storage_get_proto;
> case BPF_FUNC_sk_storage_delete:
> return &bpf_sk_storage_delete_proto;
> + case BPF_FUNC_get_netns_cookie:
> + return &bpf_get_netns_cookie_sock_ops_proto;
> #ifdef CONFIG_INET
> case BPF_FUNC_load_hdr_opt:
> return &bpf_sock_ops_load_hdr_opt_proto;
> --
> 2.28.0
>