On 1/27/21 6:47 PM, Stanislav Fomichev wrote:
Can be used to query/modify socket state for unconnected UDP sendmsg. Those hooks run as BPF_CGROUP_RUN_SA_PROG_LOCK and operate on a locked socket.Signed-off-by: Stanislav Fomichev <s...@google.com> --- net/core/filter.c | 4 ++++ tools/testing/selftests/bpf/progs/sendmsg4_prog.c | 7 +++++++ tools/testing/selftests/bpf/progs/sendmsg6_prog.c | 7 +++++++ 3 files changed, 18 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index 9ab94e90d660..3d7f78a19565 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -7023,6 +7023,8 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_CGROUP_INET6_BIND: case BPF_CGROUP_INET4_CONNECT: case BPF_CGROUP_INET6_CONNECT: + case BPF_CGROUP_UDP4_SENDMSG: + case BPF_CGROUP_UDP6_SENDMSG: return &bpf_sock_addr_setsockopt_proto; default: return NULL; @@ -7033,6 +7035,8 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) case BPF_CGROUP_INET6_BIND: case BPF_CGROUP_INET4_CONNECT: case BPF_CGROUP_INET6_CONNECT: + case BPF_CGROUP_UDP4_SENDMSG: + case BPF_CGROUP_UDP6_SENDMSG: return &bpf_sock_addr_getsockopt_proto;
Patch looks good, could we at this point also add all the others that run under BPF_CGROUP_RUN_SA_PROG_LOCK while at it, that is v4/v6 flavors of recvmsg as well as peername/sockname? Thanks, Daniel
