On 02/14, Jason Xing wrote: > On Fri, Feb 14, 2025 at 7:41 AM Stanislav Fomichev <stfomichev@xxxxxxxxx> wrote: > > > > On 02/13, Jason Xing wrote: > > > Support bpf_setsockopt() to set the maximum value of RTO for > > > BPF program. > > > > > > Signed-off-by: Jason Xing <kerneljasonxing@xxxxxxxxx> > > > --- > > > Documentation/networking/ip-sysctl.rst | 3 ++- > > > include/uapi/linux/bpf.h | 2 ++ > > > net/core/filter.c | 6 ++++++ > > > tools/include/uapi/linux/bpf.h | 2 ++ > > > 4 files changed, 12 insertions(+), 1 deletion(-) > > > > > > diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst > > > index 054561f8dcae..78eb0959438a 100644 > > > --- a/Documentation/networking/ip-sysctl.rst > > > +++ b/Documentation/networking/ip-sysctl.rst > > > @@ -1241,7 +1241,8 @@ tcp_rto_min_us - INTEGER > > > > > > tcp_rto_max_ms - INTEGER > > > Maximal TCP retransmission timeout (in ms). > > > - Note that TCP_RTO_MAX_MS socket option has higher precedence. > > > + Note that TCP_BPF_RTO_MAX and TCP_RTO_MAX_MS socket option have the > > > + higher precedence for configuring this setting. > > > > The cover letter needs more explanation about the motivation. And > > the precedence as well. > > I am targeting the net-next tree because of recent changes[1] made by > Eric. It probably hasn't merged into the bpf-next tree. > > [1]: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=ae9b3c0e79bc > > > > > WRT precedence, can you install setsockopt cgroup program and filter out > > calls to TCP_RTO_MAX_MS? > > Yesterday, as suggested by Kuniyuki, I decided to re-use the same > logic of TCP_RTO_MAX_MS for bpf_setsockopt(): > diff --git a/net/core/filter.c b/net/core/filter.c > index 2ec162dd83c4..ffec7b4357f9 100644 > --- a/net/core/filter.c > +++ b/net/core/filter.c > @@ -5382,6 +5382,7 @@ static int sol_tcp_sockopt(struct sock *sk, int optname, > case TCP_USER_TIMEOUT: > case TCP_NOTSENT_LOWAT: > case TCP_SAVE_SYN: > + case TCP_RTO_MAX_MS: > if (*optlen != sizeof(int)) > return -EINVAL; > break; > > Are you referring to using the previous way (by introducing a new flag > for BPF) because we need to know the explicit precedence between > setsockopt() and bpf_setsockopt() or other reasons? If so, I think > there are more places than setsockopt() to modify. > > And, sorry that I don't follow what you meant by saying "install > setsockopt cgroup program" here. Please provide more hints. Ah, sorry, I misread it as bpf options taking precedence over tcp ones; ignore the suggestion about setsockopt cgroup prog. And yes, reusing the logic of TCP_RTO_MAX_MS looks better!
