Received: by 2002:a05:7412:f584:b0:e2:908c:2ebd with SMTP id eh4csp1380477rdb; Mon, 4 Sep 2023 11:48:43 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFOX7kt2YpI+QmChBJ1Vo6cYoTr8i8zi+bi10A+sBvbAFNelKp/5uF/ngXD9miZI3Xo7TzK X-Received: by 2002:a17:907:2d0f:b0:9a5:dc2b:6a5 with SMTP id gs15-20020a1709072d0f00b009a5dc2b06a5mr12625190ejc.35.1693853323264; Mon, 04 Sep 2023 11:48:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1693853323; cv=none; d=google.com; s=arc-20160816; b=ERrU6QR+LurBId6VykYDpl4UGcl6HTX41vldI7tvUxHBlnb8NMgDpCvrwoSiVU/Ze5 QHrFs3zv2GvkUWmewlRrYjzVlo9inzgZzIujzeGsmeuYfHghH3ygE8m7Vcu4070is5cr vvwVmmqns9F/sSUBkuzkbrER233FP/RptcbMlfo2YSMM+ZluBjYUsvXhCH2MlJNUpNJh Mc7gdeI8LNoZM4LoRb/w1haaCb9u/b5p9EM071c7vD0DKysjUjP7KKzVD/NAsMVyozXy 20KegnZwzmXGfsNnsGB9WjkkQtS5l/kMIqIVpsW0MkIIqwxyEJiSFlxa3SFu5b11jIbt zdvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=82OoBXgBAbznwkXu05U9ZI1aovNZn8WR0zg3FquGFJc=; fh=+c+95fGcbTCfiGtP1wjVSKPH+khdhDeP1m02yjO0drg=; b=wmYXDh12A43OM/3s3Q43RMMdJ5w8r4wmZNJ3jnWidNBqMNFSZtJBEhLFcMzvEjGQPn 8t6tnXZdYBOfthWCZLvbRcFOjlBYD478HdCiqawpbVVLtbJ+nFae0zP5wpm7Cd+YBOwW vlpgtE98HCzNj/mq7Jt9WSo9fOlFiit0xSvYoDwCmba0pPQP5T25ix3iLXOFBImrrTEA 0pjDuzPSPUQgoTjcG5rYFWKIXeWu2s/W7qf+0fspD2+jcp+/5xbgcIjKFz/noa5B2uVB hdOcNt5jfqhfvKjYxdGVt+W0xt/ycscem073pcmmOfrSyozoYR3wtiJ55IfhTmAz03/d mmIQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id rs10-20020a170907036a00b009a21af2dd2esi6710950ejb.612.2023.09.04.11.48.13; Mon, 04 Sep 2023 11:48:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240384AbjIDQZh (ORCPT + 99 others); Mon, 4 Sep 2023 12:25:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42838 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237311AbjIDQZd (ORCPT ); Mon, 4 Sep 2023 12:25:33 -0400 Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com [209.85.218.54]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79B659D; Mon, 4 Sep 2023 09:25:29 -0700 (PDT) Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-9a1de3417acso542957066b.0; Mon, 04 Sep 2023 09:25:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693844728; x=1694449528; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=82OoBXgBAbznwkXu05U9ZI1aovNZn8WR0zg3FquGFJc=; b=k8Sopg0P1FsXkxle1F3S6sAVObIuQSuBOLU41iXnxjBOSL5LyIoErzP6pYN5NO83dm Hjs/sCIdAtC1sI3LpgYqMiD9mNIp31cWadl5S1MFOoLt+Us994bVsk+a+fnT1pdEIXef WH0nzaIwbfzhpUf3MQ7dq+YfgASgln/33VsrFDtBv6kOuzBBvh1nXCIGGBrgfP68AFC5 HoE5lmoRtuth4XL9vzmXhA1VW6+5pgm95gPR1dqyUnYYScks/insI2beu+G3XBvyKTRZ z3b93BZ1aGpGv079T+oszboV78W5Hc2PQTnPtv4aOaRMVIpThfkO54m7xxNUTu3xEUtQ fMhw== X-Gm-Message-State: AOJu0YzgMJmRo/VsTQoXP1Y+0FbW2L1aSfGKhCDCUu3dOVcaMP6Ax/8p qmGHIjsvREh0TIoqL3yvDoI= X-Received: by 2002:a17:907:1c86:b0:9a5:b2d8:e925 with SMTP id nb6-20020a1709071c8600b009a5b2d8e925mr15418113ejc.33.1693844728005; Mon, 04 Sep 2023 09:25:28 -0700 (PDT) Received: from localhost (fwdproxy-cln-120.fbsv.net. [2a03:2880:31ff:78::face:b00c]) by smtp.gmail.com with ESMTPSA id p27-20020a17090635db00b009a168ab6ee2sm6316951ejb.164.2023.09.04.09.25.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Sep 2023 09:25:27 -0700 (PDT) From: Breno Leitao To: sdf@google.com, axboe@kernel.dk, asml.silence@gmail.com, willemdebruijn.kernel@gmail.com, martin.lau@linux.dev, krisman@suse.de, Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Song Liu , Yonghong Song , John Fastabend , KP Singh , Hao Luo , Jiri Olsa , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, io-uring@vger.kernel.org, Kuniyuki Iwashima , Alexander Mikhalitsyn , Xin Long , David Howells , Jason Xing , Andy Shevchenko Subject: [PATCH v4 04/10] net/socket: Break down __sys_getsockopt Date: Mon, 4 Sep 2023 09:24:57 -0700 Message-Id: <20230904162504.1356068-5-leitao@debian.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230904162504.1356068-1-leitao@debian.org> References: <20230904162504.1356068-1-leitao@debian.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Split __sys_getsockopt() into two functions by removing the core logic into a sub-function (do_sock_getsockopt()). This will avoid code duplication when doing the same operation in other callers, for instance. do_sock_getsockopt() will be called by io_uring getsockopt() command operation in the following patch. The same was done for the setsockopt pair. Suggested-by: Martin KaFai Lau Signed-off-by: Breno Leitao --- include/linux/bpf-cgroup.h | 2 +- include/net/sock.h | 2 ++ net/core/sock.c | 8 ----- net/socket.c | 62 ++++++++++++++++++++++++-------------- 4 files changed, 42 insertions(+), 32 deletions(-) diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h index cecfe8c99f28..ffaca1ab5e8d 100644 --- a/include/linux/bpf-cgroup.h +++ b/include/linux/bpf-cgroup.h @@ -378,7 +378,7 @@ static inline bool cgroup_bpf_sock_enabled(struct sock *sk, ({ \ int __ret = 0; \ if (cgroup_bpf_enabled(CGROUP_GETSOCKOPT)) \ - get_user(__ret, optlen); \ + copy_from_sockptr(&__ret, optlen, sizeof(int)); \ __ret; \ }) diff --git a/include/net/sock.h b/include/net/sock.h index b059f9272303..c0185121efe4 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -1863,6 +1863,8 @@ int sock_setsockopt(struct socket *sock, int level, int op, sockptr_t optval, unsigned int optlen); int do_sock_setsockopt(struct socket *sock, bool compat, int level, int optname, sockptr_t optval, int optlen); +int do_sock_getsockopt(struct socket *sock, bool compat, int level, + int optname, sockptr_t optval, sockptr_t optlen); int sk_getsockopt(struct sock *sk, int level, int optname, sockptr_t optval, sockptr_t optlen); diff --git a/net/core/sock.c b/net/core/sock.c index 666a17cab4f5..cf15394ed664 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -2009,14 +2009,6 @@ int sk_getsockopt(struct sock *sk, int level, int optname, return 0; } -int sock_getsockopt(struct socket *sock, int level, int optname, - char __user *optval, int __user *optlen) -{ - return sk_getsockopt(sock->sk, level, optname, - USER_SOCKPTR(optval), - USER_SOCKPTR(optlen)); -} - /* * Initialize an sk_lock. * diff --git a/net/socket.c b/net/socket.c index 3bf29a27653f..c79d2b2b902e 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2332,6 +2332,42 @@ SYSCALL_DEFINE5(setsockopt, int, fd, int, level, int, optname, INDIRECT_CALLABLE_DECLARE(bool tcp_bpf_bypass_getsockopt(int level, int optname)); +int do_sock_getsockopt(struct socket *sock, bool compat, int level, + int optname, sockptr_t optval, sockptr_t optlen) +{ + int max_optlen __maybe_unused; + const struct proto_ops *ops; + int err; + + err = security_socket_getsockopt(sock, level, optname); + if (err) + return err; + + ops = READ_ONCE(sock->ops); + if (level == SOL_SOCKET) { + err = sk_getsockopt(sock->sk, level, optname, optval, optlen); + } else if (unlikely(!ops->getsockopt)) { + err = -EOPNOTSUPP; + } else { + if (WARN_ONCE(optval.is_kernel || optlen.is_kernel, + "Invalid argument type")) + return -EOPNOTSUPP; + + err = ops->getsockopt(sock, level, optname, optval.user, + optlen.user); + } + + if (!compat) { + max_optlen = BPF_CGROUP_GETSOCKOPT_MAX_OPTLEN(optlen); + err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level, optname, + optval, optlen, max_optlen, + err); + } + + return err; +} +EXPORT_SYMBOL(do_sock_getsockopt); + /* * Get a socket option. Because we don't know the option lengths we have * to pass a user mode parameter for the protocols to sort out. @@ -2339,37 +2375,17 @@ INDIRECT_CALLABLE_DECLARE(bool tcp_bpf_bypass_getsockopt(int level, int __sys_getsockopt(int fd, int level, int optname, char __user *optval, int __user *optlen) { - int max_optlen __maybe_unused; - const struct proto_ops *ops; int err, fput_needed; + bool compat = in_compat_syscall(); struct socket *sock; sock = sockfd_lookup_light(fd, &err, &fput_needed); if (!sock) return err; - err = security_socket_getsockopt(sock, level, optname); - if (err) - goto out_put; - - if (!in_compat_syscall()) - max_optlen = BPF_CGROUP_GETSOCKOPT_MAX_OPTLEN(optlen); + err = do_sock_getsockopt(sock, compat, level, optname, + USER_SOCKPTR(optval), USER_SOCKPTR(optlen)); - ops = READ_ONCE(sock->ops); - if (level == SOL_SOCKET) - err = sock_getsockopt(sock, level, optname, optval, optlen); - else if (unlikely(!ops->getsockopt)) - err = -EOPNOTSUPP; - else - err = ops->getsockopt(sock, level, optname, optval, - optlen); - - if (!in_compat_syscall()) - err = BPF_CGROUP_RUN_PROG_GETSOCKOPT(sock->sk, level, optname, - USER_SOCKPTR(optval), - USER_SOCKPTR(optlen), - max_optlen, err); -out_put: fput_light(sock->file, fput_needed); return err; } -- 2.34.1