Make it possible to read from skb metadata area using the bpf_dynptr_read() BPF helper. This prepares ground for access to skb metadata from all BPF hooks which operate on __sk_buff context. Signed-off-by: Jakub Sitnicki --- include/linux/filter.h | 8 ++++++++ kernel/bpf/helpers.c | 2 +- net/core/filter.c | 12 ++++++++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/include/linux/filter.h b/include/linux/filter.h index eca229752cbe..de0d1ce34f0d 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -1772,6 +1772,8 @@ int __bpf_xdp_store_bytes(struct xdp_buff *xdp, u32 offset, void *buf, u32 len); void *bpf_xdp_pointer(struct xdp_buff *xdp, u32 offset, u32 len); void bpf_xdp_copy_buf(struct xdp_buff *xdp, unsigned long off, void *buf, unsigned long len, bool flush); +int bpf_skb_meta_load_bytes(const struct sk_buff *src, u32 offset, + void *dst, u32 len); #else /* CONFIG_NET */ static inline int __bpf_skb_load_bytes(const struct sk_buff *skb, u32 offset, void *to, u32 len) @@ -1806,6 +1808,12 @@ static inline void bpf_xdp_copy_buf(struct xdp_buff *xdp, unsigned long off, voi unsigned long len, bool flush) { } + +static inline int bpf_skb_meta_load_bytes(const struct sk_buff *src, u32 offset, + void *dst, u32 len) +{ + return -EOPNOTSUPP; +} #endif /* CONFIG_NET */ #endif /* __LINUX_FILTER_H__ */ diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index e25a6d44efd6..54b0e8dd747e 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -1776,7 +1776,7 @@ static int __bpf_dynptr_read(void *dst, u32 len, const struct bpf_dynptr_kern *s case BPF_DYNPTR_TYPE_XDP: return __bpf_xdp_load_bytes(src->data, src->offset + offset, dst, len); case BPF_DYNPTR_TYPE_SKB_META: - return -EOPNOTSUPP; /* not implemented */ + return bpf_skb_meta_load_bytes(src->data, src->offset + offset, dst, len); default: WARN_ONCE(true, "bpf_dynptr_read: unknown dynptr type %d\n", type); return -EFAULT; diff --git a/net/core/filter.c b/net/core/filter.c index e4a1f50904db..93524839a49f 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -11978,6 +11978,18 @@ bpf_sk_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return func; } +int bpf_skb_meta_load_bytes(const struct sk_buff *skb, u32 offset, + void *dst, u32 len) +{ + u32 meta_len = skb_metadata_len(skb); + + if (len > meta_len || offset > meta_len - len) + return -E2BIG; /* out of bounds */ + + memmove(dst, skb_metadata_end(skb) - meta_len + offset, len); + return 0; +} + static int dynptr_from_skb_meta(struct __sk_buff *skb_, u64 flags, struct bpf_dynptr *ptr_, bool rdonly) { -- 2.43.0