diff options
| author | Alexei Starovoitov <ast@fb.com> | 2016-05-05 19:49:12 -0700 |
|---|---|---|
| committer | Michael Bestas <mkbestas@lineageos.org> | 2022-04-19 00:50:25 +0300 |
| commit | 3b03a0c922380f14f8cf380c8d6c6a7e806e83dc (patch) | |
| tree | 642c38e5276986330f01fd0de2b411482c261a3f /include/linux | |
| parent | 84cbe200721a55423300ebb818cd1a54f912f7d1 (diff) | |
bpf: wire in data and data_end for cls_act_bpf
allow cls_bpf and act_bpf programs access skb->data and skb->data_end pointers.
The bpf helpers that change skb->data need to update data_end pointer as well.
The verifier checks that programs always reload data, data_end pointers
after calls to such bpf helpers.
We cannot add 'data_end' pointer to struct qdisc_skb_cb directly,
since it's embedded as-is by infiniband ipoib, so wrapper struct is needed.
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Chatur27 <jasonbright2709@gmail.com>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/filter.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/include/linux/filter.h b/include/linux/filter.h index db2ebf5e1e44..8f74f3d61894 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -363,6 +363,22 @@ struct sk_filter { #define BPF_SKB_CB_LEN QDISC_CB_PRIV_LEN +struct bpf_skb_data_end { + struct qdisc_skb_cb qdisc_cb; + void *data_end; +}; + +/* compute the linear packet data range [data, data_end) which + * will be accessed by cls_bpf and act_bpf programs + */ +static inline void bpf_compute_data_end(struct sk_buff *skb) +{ + struct bpf_skb_data_end *cb = (struct bpf_skb_data_end *)skb->cb; + + BUILD_BUG_ON(sizeof(*cb) > FIELD_SIZEOF(struct sk_buff, cb)); + cb->data_end = skb->data + skb_headlen(skb); +} + static inline u8 *bpf_skb_cb(struct sk_buff *skb) { /* eBPF programs may read/write skb->cb[] area to transfer meta |