On 08/10, thinker.li@xxxxxxxxx wrote:
> From: Kui-Feng Lee <kuifeng@xxxxxxxx>
>
> Provide bpf_copy_from_user() and bpf_copy_to_user() to the BPF programs
> attached to cgroup/{set,get}sockopt. bpf_copy_to_user() is a new kfunc to
> copy data from an kernel space buffer to a user space buffer. They are only
> available for sleepable BPF programs. bpf_copy_to_user() is only available
> to the BPF programs attached to cgroup/getsockopt.
>
> Signed-off-by: Kui-Feng Lee <thinker.li@xxxxxxxxx>
> ---
> kernel/bpf/cgroup.c | 6 ++++++
> kernel/bpf/helpers.c | 31 +++++++++++++++++++++++++++++++
> 2 files changed, 37 insertions(+)
>
> diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c
> index 5bf3115b265c..c15a72860d2a 100644
> --- a/kernel/bpf/cgroup.c
> +++ b/kernel/bpf/cgroup.c
> @@ -2461,6 +2461,12 @@ cg_sockopt_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
> #endif
> case BPF_FUNC_perf_event_output:
> return &bpf_event_output_data_proto;
> +
> + case BPF_FUNC_copy_from_user:
> + if (prog->aux->sleepable)
> + return &bpf_copy_from_user_proto;
> + return NULL;
If we just allow copy to/from, I'm not sure I understand how the buffer
sharing between sleepable/non-sleepable works.
Let's assume I have two progs in the chain:
1. non-sleepable - copies the buffer, does some modifications; since
we don't copy the buffer back after every prog run, the modifications
stay in the kernel buffer
2. sleepable - runs and just gets the user pointer? does it mean this
sleepable program doesn't see the changes from (1)?
IOW, do we need some custom sockopt copy_to/from that handle this
potential buffer location transparently or am I missing something?
Assuming we want to support this at all. If we do, might deserve a
selftest.
