On 2024/10/11 06:07, Martin KaFai Lau wrote:
On 10/8/24 7:23 PM, Philo Lu wrote:
On 2024/10/9 03:05, Martin KaFai Lau wrote:
On 10/8/24 1:09 AM, Philo Lu wrote:
Sometimes sk is dereferenced as an rcu ptr, such as skb->sk in tp_btf,
which is a valid type of sock common. Then helpers like bpf_skc_to_*()
can be used with skb->sk.
For example, the following prog will be rejected without this patch:
```
SEC("tp_btf/tcp_bad_csum")
int BPF_PROG(tcp_bad_csum, struct sk_buff* skb)
{
struct sock *sk = skb->sk;
struct tcp_sock *tp;
if (!sk)
return 0;
tp = bpf_skc_to_tcp_sock(sk);
If the use case is for reading the fields in tp, please use the
bpf_core_cast from the libbpf's bpf_core_read.h. bpf_core_cast is
using the bpf_rdonly_cast kfunc underneath.
Thank you! This works for me so this patch is unnecessary then.
Just curious is there any technical issue to include rcu_ptr into
btf_id_sock_common_types? AFAICT rcu_ptr should also be a valid ptr
type, and then btf_id_sock_common_types will behave like
(PTR_TO_BTF_ID + &btf_sock_ids[BTF_SOCK_TYPE_SOCK_COMMON]) in
bpf_func_proto.
bpf_skc_to_*() returns a PTR_TO_BTF_ID which can be passed into other
helpers that takes ARG_PTR_TO_BTF_ID_SOCK_COMMON. There are helpers that
change the sk. e.g. bpf_setsockopt() changes the sk and needs sk to be
locked. Other non tracing hooks do have a hold on the skb also. I did
take a quick look at the bpf_setsockopt situation and looks ok. I am
positive there are other helpers that need to audit first.
Tracing use case should only read the sk. bpf_core_cast() is the correct
one to use. The bpf_sk_storage_{get,delete}() should be the only allowed
helper that can change the sk.
Thank you for explanation, Martin. This helps me a lot.
--
Philo