bpf: Change bpf_tcp_*_syncookie to accept ARG_PTR_TO_BTF_ID_SOCK_COMMON

This patch changes the bpf_tcp_*_syncookie() to take
ARG_PTR_TO_BTF_ID_SOCK_COMMON such that they will work with the pointer
returned by the bpf_skc_to_*() helpers also.

Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Lorenz Bauer <lmb@cloudflare.com>
Link: https://lore.kernel.org/bpf/20200925000409.3856725-1-kafai@fb.com

diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index 0ec6dbeb17a5e31b7f11b2b51477d407695736b4..69b9e30375bc90eb78c9e96e3decbe31431e5f2e 100644 (file)
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -2692,7 +2692,7 @@ union bpf_attr {
  *             result is from *reuse*\ **->socks**\ [] using the hash of the
  *             tuple.
  *
- * long bpf_tcp_check_syncookie(struct bpf_sock *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
+ * long bpf_tcp_check_syncookie(void *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
  *     Description
  *             Check whether *iph* and *th* contain a valid SYN cookie ACK for
  *             the listening socket in *sk*.
@@ -2878,7 +2878,7 @@ union bpf_attr {
  *
  *             **-EAGAIN** if bpf program can try again.
  *
- * s64 bpf_tcp_gen_syncookie(struct bpf_sock *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
+ * s64 bpf_tcp_gen_syncookie(void *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
  *     Description
  *             Try to issue a SYN cookie for the packet with corresponding
  *             IP/TCP headers, *iph* and *th*, on the listening socket in *sk*.

diff --git a/net/core/filter.c b/net/core/filter.c
index 06d397eeef2ac0cf767eafbb63b0ddf315089106..1d88e9b498eb375262b746e5c3d67083f486751d 100644 (file)
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -6086,7 +6086,7 @@ BPF_CALL_5(bpf_tcp_check_syncookie, struct sock *, sk, void *, iph, u32, iph_len
        u32 cookie;
        int ret;
 
-       if (unlikely(th_len < sizeof(*th)))
+       if (unlikely(!sk || th_len < sizeof(*th)))
                return -EINVAL;
 
        /* sk_listener() allows TCP_NEW_SYN_RECV, which makes no sense here. */
@@ -6139,7 +6139,7 @@ static const struct bpf_func_proto bpf_tcp_check_syncookie_proto = {
        .gpl_only       = true,
        .pkt_access     = true,
        .ret_type       = RET_INTEGER,
-       .arg1_type      = ARG_PTR_TO_SOCK_COMMON,
+       .arg1_type      = ARG_PTR_TO_BTF_ID_SOCK_COMMON,
        .arg2_type      = ARG_PTR_TO_MEM,
        .arg3_type      = ARG_CONST_SIZE,
        .arg4_type      = ARG_PTR_TO_MEM,
@@ -6153,7 +6153,7 @@ BPF_CALL_5(bpf_tcp_gen_syncookie, struct sock *, sk, void *, iph, u32, iph_len,
        u32 cookie;
        u16 mss;
 
-       if (unlikely(th_len < sizeof(*th) || th_len != th->doff * 4))
+       if (unlikely(!sk || th_len < sizeof(*th) || th_len != th->doff * 4))
                return -EINVAL;
 
        if (sk->sk_protocol != IPPROTO_TCP || sk->sk_state != TCP_LISTEN)
@@ -6208,7 +6208,7 @@ static const struct bpf_func_proto bpf_tcp_gen_syncookie_proto = {
        .gpl_only       = true, /* __cookie_v*_init_sequence() is GPL */
        .pkt_access     = true,
        .ret_type       = RET_INTEGER,
-       .arg1_type      = ARG_PTR_TO_SOCK_COMMON,
+       .arg1_type      = ARG_PTR_TO_BTF_ID_SOCK_COMMON,
        .arg2_type      = ARG_PTR_TO_MEM,
        .arg3_type      = ARG_CONST_SIZE,
        .arg4_type      = ARG_PTR_TO_MEM,

diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h
index 0ec6dbeb17a5e31b7f11b2b51477d407695736b4..69b9e30375bc90eb78c9e96e3decbe31431e5f2e 100644 (file)
--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@@ -2692,7 +2692,7 @@ union bpf_attr {
  *             result is from *reuse*\ **->socks**\ [] using the hash of the
  *             tuple.
  *
- * long bpf_tcp_check_syncookie(struct bpf_sock *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
+ * long bpf_tcp_check_syncookie(void *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
  *     Description
  *             Check whether *iph* and *th* contain a valid SYN cookie ACK for
  *             the listening socket in *sk*.
@@ -2878,7 +2878,7 @@ union bpf_attr {
  *
  *             **-EAGAIN** if bpf program can try again.
  *
- * s64 bpf_tcp_gen_syncookie(struct bpf_sock *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
+ * s64 bpf_tcp_gen_syncookie(void *sk, void *iph, u32 iph_len, struct tcphdr *th, u32 th_len)
  *     Description
  *             Try to issue a SYN cookie for the packet with corresponding
  *             IP/TCP headers, *iph* and *th*, on the listening socket in *sk*.