Re: [PATCH bpf-next v2 1/3] bpf: Expose bpf_get_socket_cookie to tracing programs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/8/20 8:30 PM, Florent Revest wrote:
On Fri, 2020-12-04 at 20:03 +0100, Daniel Borkmann wrote:
On 12/4/20 7:56 PM, Daniel Borkmann wrote:
On 12/3/20 10:33 PM, Florent Revest wrote:
This creates a new helper proto because the existing
bpf_get_socket_cookie_sock_proto has a ARG_PTR_TO_CTX argument
and only
works for BPF programs where the context is a sock.

This helper could also be useful to other BPF program types such
as LSM.

Signed-off-by: Florent Revest <revest@xxxxxxxxxx>
---
   include/uapi/linux/bpf.h       | 7 +++++++
   kernel/trace/bpf_trace.c       | 4 ++++
   net/core/filter.c              | 7 +++++++
   tools/include/uapi/linux/bpf.h | 7 +++++++
   4 files changed, 25 insertions(+)

diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index c3458ec1f30a..3e0e33c43998 100644
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -1662,6 +1662,13 @@ union bpf_attr {
    *     Return
    *         A 8-byte long non-decreasing number.
    *
+ * u64 bpf_get_socket_cookie(void *sk)
+ *     Description
+ *         Equivalent to **bpf_get_socket_cookie**\ () helper
that accepts
+ *         *sk*, but gets socket from a BTF **struct sock**.
+ *     Return
+ *         A 8-byte long non-decreasing number.

I would not mention this here since it's not fully correct and we
should avoid users taking non-decreasing granted in their progs.
The only assumption you can make is that it can be considered a
unique number. See also [0] with reverse counter..

    [0]
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=92acdc58ab11af66fcaef485433fde61b5e32fac

Ah this is a good point, thank you! I will send a v3 with an extra
patch that s/non-decreasing/unique/ in the other descriptions. I had
not given it any extra thought, I just stupidly copied/pasted existing
descriptions. :)

One more thought, in case you plan to use this from sleepable
context, you would need to use sock_gen_cookie() variant in the BPF
helper instead.

Out of curiosity, why don't we just always call sock_gen_cookie? Is it
to avoid the performance impact of increasing the preempt counter and
introducing a memory barriers ?

Yes, all the other contexts where the existing helpers are used already have
preemption disabled, so the extra preempt_{disable,enable}() is unnecessary
overhead given we want the cookie generation be efficient.

Thanks,
Daniel



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux