mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-04 20:19:47 +08:00 
			
		
		
		
	 4c3384d7ab
			
		
	
	
		4c3384d7ab
		
	
	
	
	
		
			
			Those hooks run as BPF_CGROUP_RUN_SA_PROG_LOCK and operate on a locked socket. Note that we could remove the switch for prog->expected_attach_type altogether since all current sock_addr attach types are covered. However, it makes sense to keep it as a safe-guard in case new sock_addr attach types are added that might not operate on a locked socket. Therefore, avoid to let this slip through. Signed-off-by: Stanislav Fomichev <sdf@google.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20210127232853.3753823-5-sdf@google.com
		
			
				
	
	
		
			49 lines
		
	
	
		
			1000 B
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			49 lines
		
	
	
		
			1000 B
		
	
	
	
		
			C
		
	
	
	
	
	
| // SPDX-License-Identifier: GPL-2.0
 | |
| 
 | |
| #include <linux/stddef.h>
 | |
| #include <linux/bpf.h>
 | |
| #include <linux/in6.h>
 | |
| #include <sys/socket.h>
 | |
| 
 | |
| #include <bpf/bpf_helpers.h>
 | |
| #include <bpf/bpf_endian.h>
 | |
| 
 | |
| #include <bpf_sockopt_helpers.h>
 | |
| 
 | |
| #define SERV6_IP_0		0xfaceb00c /* face:b00c:1234:5678::abcd */
 | |
| #define SERV6_IP_1		0x12345678
 | |
| #define SERV6_IP_2		0x00000000
 | |
| #define SERV6_IP_3		0x0000abcd
 | |
| #define SERV6_PORT		6060
 | |
| 
 | |
| SEC("cgroup/recvmsg6")
 | |
| int recvmsg6_prog(struct bpf_sock_addr *ctx)
 | |
| {
 | |
| 	struct bpf_sock *sk;
 | |
| 	__u32 user_ip4;
 | |
| 	__u16 user_port;
 | |
| 
 | |
| 	sk = ctx->sk;
 | |
| 	if (!sk)
 | |
| 		return 1;
 | |
| 
 | |
| 	if (sk->family != AF_INET6)
 | |
| 		return 1;
 | |
| 
 | |
| 	if (ctx->type != SOCK_STREAM && ctx->type != SOCK_DGRAM)
 | |
| 		return 1;
 | |
| 
 | |
| 	if (!get_set_sk_priority(ctx))
 | |
| 		return 1;
 | |
| 
 | |
| 	ctx->user_ip6[0] = bpf_htonl(SERV6_IP_0);
 | |
| 	ctx->user_ip6[1] = bpf_htonl(SERV6_IP_1);
 | |
| 	ctx->user_ip6[2] = bpf_htonl(SERV6_IP_2);
 | |
| 	ctx->user_ip6[3] = bpf_htonl(SERV6_IP_3);
 | |
| 	ctx->user_port = bpf_htons(SERV6_PORT);
 | |
| 
 | |
| 	return 1;
 | |
| }
 | |
| 
 | |
| char _license[] SEC("license") = "GPL";
 |