diff options
| author | Willem de Bruijn <willemb@google.com> | 2017-04-11 14:08:08 -0400 |
|---|---|---|
| committer | Michael Bestas <mkbestas@lineageos.org> | 2022-04-19 00:51:10 +0300 |
| commit | 92f7609bdf5f1ed96c461318bcac75074a823fa5 (patch) | |
| tree | d4d68e826ce6bfccbbe2d62044ee84d75e582073 /kernel | |
| parent | cbb19ce2324acc32e5491703bbc31f6d67e7ac1b (diff) | |
BACKPORT: UPSTREAM: bpf: pass sk to helper functions
Cherrypick from commit 8f917bba0042f1e3b7693743fbe9782709e936e7
BPF helper functions access socket fields through skb->sk. This is not
set in ingress cgroup and socket filters. The association is only made
in skb_set_owner_r once the filter has accepted the packet. Sk is
available as socket lookup has taken place.
Temporarily set skb->sk to sk in these cases.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bug: 30950746
Change-Id: Ifcbcbe2ab2882dc79c56f9707be1d6aef08c7fd3
Signed-off-by: Chatur27 <jasonbright2709@gmail.com>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/bpf/cgroup.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index a0ab43f264b0..d05c292290fe 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -119,7 +119,7 @@ void __cgroup_bpf_update(struct cgroup *cgrp, /** * __cgroup_bpf_run_filter() - Run a program for packet filtering - * @sk: The socken sending or receiving traffic + * @sk: The socket sending or receiving traffic * @skb: The skb that is being sent or received * @type: The type of program to be exectuted * @@ -154,10 +154,13 @@ int __cgroup_bpf_run_filter(struct sock *sk, prog = rcu_dereference(cgrp->bpf.effective[type]); if (prog) { unsigned int offset = skb->data - skb_network_header(skb); + struct sock *save_sk = skb->sk; + skb->sk = sk; __skb_push(skb, offset); ret = bpf_prog_run_save_cb(prog, skb) == 1 ? 0 : -EPERM; __skb_pull(skb, offset); + skb->sk = save_sk; } rcu_read_unlock(); |