On Fri, Aug 12, 2022 at 12:02:40PM -0700, Stanislav Fomichev wrote:
> diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
> index de7d2fabb06d..87ce47b13b22 100644
> --- a/kernel/bpf/helpers.c
> +++ b/kernel/bpf/helpers.c
> @@ -1764,9 +1764,31 @@ cgroup_common_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> case BPF_FUNC_get_local_storage:
> return &bpf_get_local_storage_proto;
> case BPF_FUNC_get_retval:
> - return &bpf_get_retval_proto;
> + switch (prog->expected_attach_type) {
> + case BPF_CGROUP_SOCK_OPS:
> + case BPF_CGROUP_UDP4_RECVMSG:
> + case BPF_CGROUP_UDP6_RECVMSG:
> + case BPF_CGROUP_INET4_GETPEERNAME:
> + case BPF_CGROUP_INET6_GETPEERNAME:
> + case BPF_CGROUP_INET4_GETSOCKNAME:
> + case BPF_CGROUP_INET6_GETSOCKNAME:
> + return NULL;
> + default:
> + return &bpf_get_retval_proto;
> + }
> case BPF_FUNC_set_retval:
> - return &bpf_set_retval_proto;
> + switch (prog->expected_attach_type) {
> + case BPF_CGROUP_SOCK_OPS:
> + case BPF_CGROUP_UDP4_RECVMSG:
> + case BPF_CGROUP_UDP6_RECVMSG:
> + case BPF_CGROUP_INET4_GETPEERNAME:
> + case BPF_CGROUP_INET6_GETPEERNAME:
> + case BPF_CGROUP_INET4_GETSOCKNAME:
> + case BPF_CGROUP_INET6_GETSOCKNAME:
> + return NULL;
> + default:
> + return &bpf_set_retval_proto;
> + }
Does it make sense to have bpf_lsm_func_proto() calling
cgroup_common_func_proto() also?
