On 10/8/24 7:23 PM, Philo Lu wrote:
On 2024/10/9 03:05, Martin KaFai Lau wrote:
On 10/8/24 1:09 AM, Philo Lu wrote:
Sometimes sk is dereferenced as an rcu ptr, such as skb->sk in tp_btf,
which is a valid type of sock common. Then helpers like bpf_skc_to_*()
can be used with skb->sk.
For example, the following prog will be rejected without this patch:
```
SEC("tp_btf/tcp_bad_csum")
int BPF_PROG(tcp_bad_csum, struct sk_buff* skb)
{
struct sock *sk = skb->sk;
struct tcp_sock *tp;
if (!sk)
return 0;
tp = bpf_skc_to_tcp_sock(sk);
If the use case is for reading the fields in tp, please use the bpf_core_cast
from the libbpf's bpf_core_read.h. bpf_core_cast is using the bpf_rdonly_cast
kfunc underneath.
Thank you! This works for me so this patch is unnecessary then.
Just curious is there any technical issue to include rcu_ptr into
btf_id_sock_common_types? AFAICT rcu_ptr should also be a valid ptr type, and
then btf_id_sock_common_types will behave like (PTR_TO_BTF_ID +
&btf_sock_ids[BTF_SOCK_TYPE_SOCK_COMMON]) in bpf_func_proto.
bpf_skc_to_*() returns a PTR_TO_BTF_ID which can be passed into other helpers
that takes ARG_PTR_TO_BTF_ID_SOCK_COMMON. There are helpers that change the sk.
e.g. bpf_setsockopt() changes the sk and needs sk to be locked. Other non
tracing hooks do have a hold on the skb also. I did take a quick look at the
bpf_setsockopt situation and looks ok. I am positive there are other helpers
that need to audit first.
Tracing use case should only read the sk. bpf_core_cast() is the correct one to
use. The bpf_sk_storage_{get,delete}() should be the only allowed helper that
can change the sk.