On 05/25/2018 07:09 AM, Andrey Ignatov wrote: > v2 -> v3: > * place BPF logic under static key in udp_sendmsg, udpv6_sendmsg; > * rebase. > > v1 -> v2: > * return ENOTSUPP if bpf_prog rewrote IPv6-only with IPv4-mapped IPv6; > * add test for IPv4-mapped IPv6 use-case; > * fix build for CONFIG_CGROUP_BPF=n; > * rebase. > > This path set adds BPF hooks for sys_sendmsg similar to existing hooks for > sys_bind and sys_connect. > > Hooks allow to override source IP (including the case when it's set via > cmsg(3)) and destination IP:port for unconnected UDP (slow path). TCP and > connected UDP (fast path) are not affected. This makes UDP support > complete: connected UDP is handled by sys_connect hooks, unconnected by > sys_sendmsg ones. > > Similar to sys_connect hooks, sys_sendmsg ones can be used to make system > calls such as sendmsg(2) and sendto(2) return EPERM. > > Please see patch 0001 for more details. > > > Andrey Ignatov (5): > bpf: Hooks for sys_sendmsg > bpf: Sync bpf.h to tools/ > libbpf: Support guessing sendmsg{4,6} progs > selftests/bpf: Prepare test_sock_addr for extension > selftests/bpf: Selftest for sys_sendmsg hooks > > include/linux/bpf-cgroup.h | 23 +- > include/linux/filter.h | 1 + > include/uapi/linux/bpf.h | 8 + > kernel/bpf/cgroup.c | 11 +- > kernel/bpf/syscall.c | 8 + > net/core/filter.c | 39 + > net/ipv4/udp.c | 20 +- > net/ipv6/udp.c | 24 + > tools/include/uapi/linux/bpf.h | 8 + > tools/lib/bpf/libbpf.c | 2 + > tools/testing/selftests/bpf/Makefile | 2 +- > tools/testing/selftests/bpf/sendmsg4_prog.c | 49 ++ > tools/testing/selftests/bpf/sendmsg6_prog.c | 60 ++ > tools/testing/selftests/bpf/test_sock_addr.c | 1155 > +++++++++++++++++++++----- > 14 files changed, 1214 insertions(+), 196 deletions(-) > create mode 100644 tools/testing/selftests/bpf/sendmsg4_prog.c > create mode 100644 tools/testing/selftests/bpf/sendmsg6_prog.c >
Applied to bpf-next, thanks Andrey!