Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
Alexei Starovoitov says: ==================== pull-request: bpf-next 2021-07-15 The following pull-request contains BPF updates for your *net-next* tree. We've added 45 non-merge commits during the last 15 day(s) which contain a total of 52 files changed, 3122 insertions(+), 384 deletions(-). The main changes are: 1) Introduce bpf timers, from Alexei. 2) Add sockmap support for unix datagram socket, from Cong. 3) Fix potential memleak and UAF in the verifier, from He. 4) Add bpf_get_func_ip helper, from Jiri. 5) Improvements to generic XDP mode, from Kumar. 6) Support for passing xdp_md to XDP programs in bpf_prog_run, from Zvi. =================== Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller
103
net/core/dev.c
103
net/core/dev.c
@@ -4744,45 +4744,18 @@ static struct netdev_rx_queue *netif_get_rxqueue(struct sk_buff *skb)
|
||||
return rxqueue;
|
||||
}
|
||||
|
||||
static u32 netif_receive_generic_xdp(struct sk_buff *skb,
|
||||
struct xdp_buff *xdp,
|
||||
struct bpf_prog *xdp_prog)
|
||||
u32 bpf_prog_run_generic_xdp(struct sk_buff *skb, struct xdp_buff *xdp,
|
||||
struct bpf_prog *xdp_prog)
|
||||
{
|
||||
void *orig_data, *orig_data_end, *hard_start;
|
||||
struct netdev_rx_queue *rxqueue;
|
||||
u32 metalen, act = XDP_DROP;
|
||||
bool orig_bcast, orig_host;
|
||||
u32 mac_len, frame_sz;
|
||||
__be16 orig_eth_type;
|
||||
struct ethhdr *eth;
|
||||
u32 metalen, act;
|
||||
int off;
|
||||
|
||||
/* Reinjected packets coming from act_mirred or similar should
|
||||
* not get XDP generic processing.
|
||||
*/
|
||||
if (skb_is_redirected(skb))
|
||||
return XDP_PASS;
|
||||
|
||||
/* XDP packets must be linear and must have sufficient headroom
|
||||
* of XDP_PACKET_HEADROOM bytes. This is the guarantee that also
|
||||
* native XDP provides, thus we need to do it here as well.
|
||||
*/
|
||||
if (skb_cloned(skb) || skb_is_nonlinear(skb) ||
|
||||
skb_headroom(skb) < XDP_PACKET_HEADROOM) {
|
||||
int hroom = XDP_PACKET_HEADROOM - skb_headroom(skb);
|
||||
int troom = skb->tail + skb->data_len - skb->end;
|
||||
|
||||
/* In case we have to go down the path and also linearize,
|
||||
* then lets do the pskb_expand_head() work just once here.
|
||||
*/
|
||||
if (pskb_expand_head(skb,
|
||||
hroom > 0 ? ALIGN(hroom, NET_SKB_PAD) : 0,
|
||||
troom > 0 ? troom + 128 : 0, GFP_ATOMIC))
|
||||
goto do_drop;
|
||||
if (skb_linearize(skb))
|
||||
goto do_drop;
|
||||
}
|
||||
|
||||
/* The XDP program wants to see the packet starting at the MAC
|
||||
* header.
|
||||
*/
|
||||
@@ -4837,6 +4810,13 @@ static u32 netif_receive_generic_xdp(struct sk_buff *skb,
|
||||
skb->protocol = eth_type_trans(skb, skb->dev);
|
||||
}
|
||||
|
||||
/* Redirect/Tx gives L2 packet, code that will reuse skb must __skb_pull
|
||||
* before calling us again on redirect path. We do not call do_redirect
|
||||
* as we leave that up to the caller.
|
||||
*
|
||||
* Caller is responsible for managing lifetime of skb (i.e. calling
|
||||
* kfree_skb in response to actions it cannot handle/XDP_DROP).
|
||||
*/
|
||||
switch (act) {
|
||||
case XDP_REDIRECT:
|
||||
case XDP_TX:
|
||||
@@ -4847,6 +4827,49 @@ static u32 netif_receive_generic_xdp(struct sk_buff *skb,
|
||||
if (metalen)
|
||||
skb_metadata_set(skb, metalen);
|
||||
break;
|
||||
}
|
||||
|
||||
return act;
|
||||
}
|
||||
|
||||
static u32 netif_receive_generic_xdp(struct sk_buff *skb,
|
||||
struct xdp_buff *xdp,
|
||||
struct bpf_prog *xdp_prog)
|
||||
{
|
||||
u32 act = XDP_DROP;
|
||||
|
||||
/* Reinjected packets coming from act_mirred or similar should
|
||||
* not get XDP generic processing.
|
||||
*/
|
||||
if (skb_is_redirected(skb))
|
||||
return XDP_PASS;
|
||||
|
||||
/* XDP packets must be linear and must have sufficient headroom
|
||||
* of XDP_PACKET_HEADROOM bytes. This is the guarantee that also
|
||||
* native XDP provides, thus we need to do it here as well.
|
||||
*/
|
||||
if (skb_cloned(skb) || skb_is_nonlinear(skb) ||
|
||||
skb_headroom(skb) < XDP_PACKET_HEADROOM) {
|
||||
int hroom = XDP_PACKET_HEADROOM - skb_headroom(skb);
|
||||
int troom = skb->tail + skb->data_len - skb->end;
|
||||
|
||||
/* In case we have to go down the path and also linearize,
|
||||
* then lets do the pskb_expand_head() work just once here.
|
||||
*/
|
||||
if (pskb_expand_head(skb,
|
||||
hroom > 0 ? ALIGN(hroom, NET_SKB_PAD) : 0,
|
||||
troom > 0 ? troom + 128 : 0, GFP_ATOMIC))
|
||||
goto do_drop;
|
||||
if (skb_linearize(skb))
|
||||
goto do_drop;
|
||||
}
|
||||
|
||||
act = bpf_prog_run_generic_xdp(skb, xdp, xdp_prog);
|
||||
switch (act) {
|
||||
case XDP_REDIRECT:
|
||||
case XDP_TX:
|
||||
case XDP_PASS:
|
||||
break;
|
||||
default:
|
||||
bpf_warn_invalid_xdp_action(act);
|
||||
fallthrough;
|
||||
@@ -5312,7 +5335,6 @@ another_round:
|
||||
ret = NET_RX_DROP;
|
||||
goto out;
|
||||
}
|
||||
skb_reset_mac_len(skb);
|
||||
}
|
||||
|
||||
if (eth_type_vlan(skb->protocol)) {
|
||||
@@ -5638,25 +5660,6 @@ static int generic_xdp_install(struct net_device *dev, struct netdev_bpf *xdp)
|
||||
struct bpf_prog *new = xdp->prog;
|
||||
int ret = 0;
|
||||
|
||||
if (new) {
|
||||
u32 i;
|
||||
|
||||
mutex_lock(&new->aux->used_maps_mutex);
|
||||
|
||||
/* generic XDP does not work with DEVMAPs that can
|
||||
* have a bpf_prog installed on an entry
|
||||
*/
|
||||
for (i = 0; i < new->aux->used_map_cnt; i++) {
|
||||
if (dev_map_can_have_prog(new->aux->used_maps[i]) ||
|
||||
cpu_map_prog_allowed(new->aux->used_maps[i])) {
|
||||
mutex_unlock(&new->aux->used_maps_mutex);
|
||||
return -EINVAL;
|
||||
}
|
||||
}
|
||||
|
||||
mutex_unlock(&new->aux->used_maps_mutex);
|
||||
}
|
||||
|
||||
switch (xdp->command) {
|
||||
case XDP_SETUP_PROG:
|
||||
rcu_assign_pointer(dev->xdp_prog, new);
|
||||
|
||||
Reference in New Issue
Block a user