packet: add extended BPF fanout mode
authorWillem de Bruijn <willemb@google.com>
Sat, 15 Aug 2015 02:31:35 +0000 (22:31 -0400)
committerDavid S. Miller <davem@davemloft.net>
Mon, 17 Aug 2015 21:22:48 +0000 (14:22 -0700)
Add fanout mode PACKET_FANOUT_EBPF that accepts an en extended BPF
program to select a socket.

Update the internal eBPF program by passing to socket option
SOL_PACKET/PACKET_FANOUT_DATA a file descriptor returned by bpf().

Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/uapi/linux/if_packet.h
net/packet/af_packet.c

index a4bb16fa822ef011aea2014dae4addb87c2d5634..9e7edfd8141e5dea69129807f46b89b2b637ead9 100644 (file)
@@ -64,6 +64,7 @@ struct sockaddr_ll {
 #define PACKET_FANOUT_RND              4
 #define PACKET_FANOUT_QM               5
 #define PACKET_FANOUT_CBPF             6
+#define PACKET_FANOUT_EBPF             7
 #define PACKET_FANOUT_FLAG_ROLLOVER    0x1000
 #define PACKET_FANOUT_FLAG_DEFRAG      0x8000
 
index 8869d07013e6b9eeb97d66cd8df8228d6c17e0fc..7b8e39a223879c3cb0a9d2a0bc6ff003118379f9 100644 (file)
@@ -1472,6 +1472,7 @@ static int packet_rcv_fanout(struct sk_buff *skb, struct net_device *dev,
                idx = fanout_demux_rollover(f, skb, 0, false, num);
                break;
        case PACKET_FANOUT_CBPF:
+       case PACKET_FANOUT_EBPF:
                idx = fanout_demux_bpf(f, skb, num);
                break;
        }
@@ -1529,6 +1530,7 @@ static void fanout_init_data(struct packet_fanout *f)
                atomic_set(&f->rr_cur, 0);
                break;
        case PACKET_FANOUT_CBPF:
+       case PACKET_FANOUT_EBPF:
                RCU_INIT_POINTER(f->bpf_prog, NULL);
                break;
        }
@@ -1571,12 +1573,39 @@ static int fanout_set_data_cbpf(struct packet_sock *po, char __user *data,
        return 0;
 }
 
+static int fanout_set_data_ebpf(struct packet_sock *po, char __user *data,
+                               unsigned int len)
+{
+       struct bpf_prog *new;
+       u32 fd;
+
+       if (sock_flag(&po->sk, SOCK_FILTER_LOCKED))
+               return -EPERM;
+       if (len != sizeof(fd))
+               return -EINVAL;
+       if (copy_from_user(&fd, data, len))
+               return -EFAULT;
+
+       new = bpf_prog_get(fd);
+       if (IS_ERR(new))
+               return PTR_ERR(new);
+       if (new->type != BPF_PROG_TYPE_SOCKET_FILTER) {
+               bpf_prog_put(new);
+               return -EINVAL;
+       }
+
+       __fanout_set_data_bpf(po->fanout, new);
+       return 0;
+}
+
 static int fanout_set_data(struct packet_sock *po, char __user *data,
                           unsigned int len)
 {
        switch (po->fanout->type) {
        case PACKET_FANOUT_CBPF:
                return fanout_set_data_cbpf(po, data, len);
+       case PACKET_FANOUT_EBPF:
+               return fanout_set_data_ebpf(po, data, len);
        default:
                return -EINVAL;
        };
@@ -1586,6 +1615,7 @@ static void fanout_release_data(struct packet_fanout *f)
 {
        switch (f->type) {
        case PACKET_FANOUT_CBPF:
+       case PACKET_FANOUT_EBPF:
                __fanout_set_data_bpf(f, NULL);
        };
 }
@@ -1608,6 +1638,7 @@ static int fanout_add(struct sock *sk, u16 id, u16 type_flags)
        case PACKET_FANOUT_RND:
        case PACKET_FANOUT_QM:
        case PACKET_FANOUT_CBPF:
+       case PACKET_FANOUT_EBPF:
                break;
        default:
                return -EINVAL;