If net_prio is used, we could also use eBPF programs to attach it,
because the net_prio cgroup could be got with prioidx in struct
sock_cgroup_data.
Hence it should not only be limited to cgroup2.
Signed-off-by: Yafang Shao <laoar.s...@gmail.com>
---
include/linux/cgroup.h | 18 ++++++++++++++++--
kernel/cgroup/cgroup.c | 6 +-----
2 files changed, 17 insertions(+), 7 deletions(-)
diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h
index 473e0c0..1d67def 100644
--- a/include/linux/cgroup.h
+++ b/include/linux/cgroup.h
@@ -772,8 +772,22 @@ static inline struct cgroup *sock_cgroup_ptr(struct
sock_cgroup_data *skcd)
*/
v = READ_ONCE(skcd->val);
- if (v & 1)
- return &cgrp_dfl_root.cgrp;
+ /* either net_prio or net_cls or both being used. */
+ if (v & 1) {
+ if (skcd->prioidx != 1) {
+ struct cgroup_subsys_state *css;
+ struct cgroup *cg;
+
+ rcu_read_lock();
+ css = css_from_id(skcd->prioidx, &net_prio_cgrp_subsys);
+ cg = css->cgroup;
+ rcu_read_unlock();
+
+ return cg;
+ }
+
+ return task_cgroup(current, net_prio_cgrp_id);
+ }
return (struct cgroup *)(unsigned long)v ?: &cgrp_dfl_root.cgrp;
#else
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 7e4c445..59610f5 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -5735,7 +5735,7 @@ struct cgroup *cgroup_get_from_path(const char *path)
/**
* cgroup_get_from_fd - get a cgroup pointer from a fd
- * @fd: fd obtained by open(cgroup2_dir)
+ * @fd: fd obtained by open(cgroup2_dir or net_prio_dir)
*
* Find the cgroup from a fd which should be obtained
* by opening a cgroup directory. Returns a pointer to the
@@ -5758,10 +5758,6 @@ struct cgroup *cgroup_get_from_fd(int fd)
return ERR_CAST(css);
cgrp = css->cgroup;
- if (!cgroup_on_dfl(cgrp)) {
- cgroup_put(cgrp);
- return ERR_PTR(-EBADF);
- }
return cgrp;
}
--
1.8.3.1
