From: "Nikita V. Shirokov" <tehnerd@fb•com>
To: ast@kernel•org, brakmo@fb•com, daniel@iogearbox•net
Cc: netdev@vger•kernel.org, "Nikita V. Shirokov" <tehnerd@fb•com>
Subject: [PATCH v3 bpf-next 1/2] new options for bpf_(set|get)sockopt
Date: Thu, 30 Aug 2018 07:51:53 -0700 [thread overview]
Message-ID: <20180830145154.1128593-2-tehnerd@fb.com> (raw)
In-Reply-To: <20180830145154.1128593-1-tehnerd@fb.com>
adding support for two new bpf's get/set sockopts: TCP_SAVE_SYN (set)
and TCP_SAVED_SYN (get). this would allow for bpf program to build
logic based on data from ingress SYN packet
Signed-off-by: Nikita V. Shirokov <tehnerd@fb•com>
---
net/core/filter.c | 25 +++++++++++++++++++++----
1 file changed, 21 insertions(+), 4 deletions(-)
diff --git a/net/core/filter.c b/net/core/filter.c
index c25eb36f1320..feb578506009 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -4007,6 +4007,12 @@ BPF_CALL_5(bpf_setsockopt, struct bpf_sock_ops_kern *, bpf_sock,
tp->snd_ssthresh = val;
}
break;
+ case TCP_SAVE_SYN:
+ if (val < 0 || val > 1)
+ ret = -EINVAL;
+ else
+ tp->save_syn = val;
+ break;
default:
ret = -EINVAL;
}
@@ -4032,21 +4038,32 @@ static const struct bpf_func_proto bpf_setsockopt_proto = {
BPF_CALL_5(bpf_getsockopt, struct bpf_sock_ops_kern *, bpf_sock,
int, level, int, optname, char *, optval, int, optlen)
{
+ struct inet_connection_sock *icsk;
struct sock *sk = bpf_sock->sk;
+ struct tcp_sock *tp;
if (!sk_fullsock(sk))
goto err_clear;
-
#ifdef CONFIG_INET
if (level == SOL_TCP && sk->sk_prot->getsockopt == tcp_getsockopt) {
- if (optname == TCP_CONGESTION) {
- struct inet_connection_sock *icsk = inet_csk(sk);
+ switch (optname) {
+ case TCP_CONGESTION:
+ icsk = inet_csk(sk);
if (!icsk->icsk_ca_ops || optlen <= 1)
goto err_clear;
strncpy(optval, icsk->icsk_ca_ops->name, optlen);
optval[optlen - 1] = 0;
- } else {
+ break;
+ case TCP_SAVED_SYN:
+ tp = tcp_sk(sk);
+
+ if (optlen <= 0 || !tp->saved_syn ||
+ optlen > tp->saved_syn[0])
+ goto err_clear;
+ memcpy(optval, tp->saved_syn + 1, optlen);
+ break;
+ default:
goto err_clear;
}
} else if (level == SOL_IP) {
--
2.17.1
next prev parent reply other threads:[~2018-08-30 19:17 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-30 14:51 [PATCH v3 bpf-next 0/2] bpf tcp save syn set/get sockoptions Nikita V. Shirokov
2018-08-30 14:51 ` Nikita V. Shirokov [this message]
2018-08-30 14:51 ` [PATCH v3 bpf-next 2/2] new sample bpf prog Nikita V. Shirokov
2018-08-31 3:00 ` [PATCH v3 bpf-next 0/2] bpf tcp save syn set/get sockoptions Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180830145154.1128593-2-tehnerd@fb.com \
--to=tehnerd@fb$(echo .)com \
--cc=ast@kernel$(echo .)org \
--cc=brakmo@fb$(echo .)com \
--cc=daniel@iogearbox$(echo .)net \
--cc=netdev@vger$(echo .)kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox