Commit e28784e3 authored by Andrii Nakryiko's avatar Andrii Nakryiko Committed by Alexei Starovoitov

bpf: Factor out attach_type to prog_type mapping for attach/detach

Factor out logic mapping expected program attach type to program type and
subsequent handling of program attach/detach. Also list out all supported
cgroup BPF program types explicitly to prevent accidental bugs once more
program types are added to a mapping. Do the same for prog_query API.
Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20200325065746.640559-3-andriin@fb.com
parent 00c4eddf
...@@ -2535,36 +2535,18 @@ static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog, ...@@ -2535,36 +2535,18 @@ static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog,
} }
} }
#define BPF_PROG_ATTACH_LAST_FIELD replace_bpf_fd static enum bpf_prog_type
attach_type_to_prog_type(enum bpf_attach_type attach_type)
#define BPF_F_ATTACH_MASK \
(BPF_F_ALLOW_OVERRIDE | BPF_F_ALLOW_MULTI | BPF_F_REPLACE)
static int bpf_prog_attach(const union bpf_attr *attr)
{ {
enum bpf_prog_type ptype; switch (attach_type) {
struct bpf_prog *prog;
int ret;
if (!capable(CAP_NET_ADMIN))
return -EPERM;
if (CHECK_ATTR(BPF_PROG_ATTACH))
return -EINVAL;
if (attr->attach_flags & ~BPF_F_ATTACH_MASK)
return -EINVAL;
switch (attr->attach_type) {
case BPF_CGROUP_INET_INGRESS: case BPF_CGROUP_INET_INGRESS:
case BPF_CGROUP_INET_EGRESS: case BPF_CGROUP_INET_EGRESS:
ptype = BPF_PROG_TYPE_CGROUP_SKB; return BPF_PROG_TYPE_CGROUP_SKB;
break; break;
case BPF_CGROUP_INET_SOCK_CREATE: case BPF_CGROUP_INET_SOCK_CREATE:
case BPF_CGROUP_INET4_POST_BIND: case BPF_CGROUP_INET4_POST_BIND:
case BPF_CGROUP_INET6_POST_BIND: case BPF_CGROUP_INET6_POST_BIND:
ptype = BPF_PROG_TYPE_CGROUP_SOCK; return BPF_PROG_TYPE_CGROUP_SOCK;
break;
case BPF_CGROUP_INET4_BIND: case BPF_CGROUP_INET4_BIND:
case BPF_CGROUP_INET6_BIND: case BPF_CGROUP_INET6_BIND:
case BPF_CGROUP_INET4_CONNECT: case BPF_CGROUP_INET4_CONNECT:
...@@ -2573,37 +2555,53 @@ static int bpf_prog_attach(const union bpf_attr *attr) ...@@ -2573,37 +2555,53 @@ static int bpf_prog_attach(const union bpf_attr *attr)
case BPF_CGROUP_UDP6_SENDMSG: case BPF_CGROUP_UDP6_SENDMSG:
case BPF_CGROUP_UDP4_RECVMSG: case BPF_CGROUP_UDP4_RECVMSG:
case BPF_CGROUP_UDP6_RECVMSG: case BPF_CGROUP_UDP6_RECVMSG:
ptype = BPF_PROG_TYPE_CGROUP_SOCK_ADDR; return BPF_PROG_TYPE_CGROUP_SOCK_ADDR;
break;
case BPF_CGROUP_SOCK_OPS: case BPF_CGROUP_SOCK_OPS:
ptype = BPF_PROG_TYPE_SOCK_OPS; return BPF_PROG_TYPE_SOCK_OPS;
break;
case BPF_CGROUP_DEVICE: case BPF_CGROUP_DEVICE:
ptype = BPF_PROG_TYPE_CGROUP_DEVICE; return BPF_PROG_TYPE_CGROUP_DEVICE;
break;
case BPF_SK_MSG_VERDICT: case BPF_SK_MSG_VERDICT:
ptype = BPF_PROG_TYPE_SK_MSG; return BPF_PROG_TYPE_SK_MSG;
break;
case BPF_SK_SKB_STREAM_PARSER: case BPF_SK_SKB_STREAM_PARSER:
case BPF_SK_SKB_STREAM_VERDICT: case BPF_SK_SKB_STREAM_VERDICT:
ptype = BPF_PROG_TYPE_SK_SKB; return BPF_PROG_TYPE_SK_SKB;
break;
case BPF_LIRC_MODE2: case BPF_LIRC_MODE2:
ptype = BPF_PROG_TYPE_LIRC_MODE2; return BPF_PROG_TYPE_LIRC_MODE2;
break;
case BPF_FLOW_DISSECTOR: case BPF_FLOW_DISSECTOR:
ptype = BPF_PROG_TYPE_FLOW_DISSECTOR; return BPF_PROG_TYPE_FLOW_DISSECTOR;
break;
case BPF_CGROUP_SYSCTL: case BPF_CGROUP_SYSCTL:
ptype = BPF_PROG_TYPE_CGROUP_SYSCTL; return BPF_PROG_TYPE_CGROUP_SYSCTL;
break;
case BPF_CGROUP_GETSOCKOPT: case BPF_CGROUP_GETSOCKOPT:
case BPF_CGROUP_SETSOCKOPT: case BPF_CGROUP_SETSOCKOPT:
ptype = BPF_PROG_TYPE_CGROUP_SOCKOPT; return BPF_PROG_TYPE_CGROUP_SOCKOPT;
break;
default: default:
return -EINVAL; return BPF_PROG_TYPE_UNSPEC;
} }
}
#define BPF_PROG_ATTACH_LAST_FIELD replace_bpf_fd
#define BPF_F_ATTACH_MASK \
(BPF_F_ALLOW_OVERRIDE | BPF_F_ALLOW_MULTI | BPF_F_REPLACE)
static int bpf_prog_attach(const union bpf_attr *attr)
{
enum bpf_prog_type ptype;
struct bpf_prog *prog;
int ret;
if (!capable(CAP_NET_ADMIN))
return -EPERM;
if (CHECK_ATTR(BPF_PROG_ATTACH))
return -EINVAL;
if (attr->attach_flags & ~BPF_F_ATTACH_MASK)
return -EINVAL;
ptype = attach_type_to_prog_type(attr->attach_type);
if (ptype == BPF_PROG_TYPE_UNSPEC)
return -EINVAL;
prog = bpf_prog_get_type(attr->attach_bpf_fd, ptype); prog = bpf_prog_get_type(attr->attach_bpf_fd, ptype);
if (IS_ERR(prog)) if (IS_ERR(prog))
...@@ -2625,8 +2623,17 @@ static int bpf_prog_attach(const union bpf_attr *attr) ...@@ -2625,8 +2623,17 @@ static int bpf_prog_attach(const union bpf_attr *attr)
case BPF_PROG_TYPE_FLOW_DISSECTOR: case BPF_PROG_TYPE_FLOW_DISSECTOR:
ret = skb_flow_dissector_bpf_prog_attach(attr, prog); ret = skb_flow_dissector_bpf_prog_attach(attr, prog);
break; break;
default: case BPF_PROG_TYPE_CGROUP_DEVICE:
case BPF_PROG_TYPE_CGROUP_SKB:
case BPF_PROG_TYPE_CGROUP_SOCK:
case BPF_PROG_TYPE_CGROUP_SOCK_ADDR:
case BPF_PROG_TYPE_CGROUP_SOCKOPT:
case BPF_PROG_TYPE_CGROUP_SYSCTL:
case BPF_PROG_TYPE_SOCK_OPS:
ret = cgroup_bpf_prog_attach(attr, ptype, prog); ret = cgroup_bpf_prog_attach(attr, ptype, prog);
break;
default:
ret = -EINVAL;
} }
if (ret) if (ret)
...@@ -2646,53 +2653,27 @@ static int bpf_prog_detach(const union bpf_attr *attr) ...@@ -2646,53 +2653,27 @@ static int bpf_prog_detach(const union bpf_attr *attr)
if (CHECK_ATTR(BPF_PROG_DETACH)) if (CHECK_ATTR(BPF_PROG_DETACH))
return -EINVAL; return -EINVAL;
switch (attr->attach_type) { ptype = attach_type_to_prog_type(attr->attach_type);
case BPF_CGROUP_INET_INGRESS:
case BPF_CGROUP_INET_EGRESS: switch (ptype) {
ptype = BPF_PROG_TYPE_CGROUP_SKB; case BPF_PROG_TYPE_SK_MSG:
break; case BPF_PROG_TYPE_SK_SKB:
case BPF_CGROUP_INET_SOCK_CREATE:
case BPF_CGROUP_INET4_POST_BIND:
case BPF_CGROUP_INET6_POST_BIND:
ptype = BPF_PROG_TYPE_CGROUP_SOCK;
break;
case BPF_CGROUP_INET4_BIND:
case BPF_CGROUP_INET6_BIND:
case BPF_CGROUP_INET4_CONNECT:
case BPF_CGROUP_INET6_CONNECT:
case BPF_CGROUP_UDP4_SENDMSG:
case BPF_CGROUP_UDP6_SENDMSG:
case BPF_CGROUP_UDP4_RECVMSG:
case BPF_CGROUP_UDP6_RECVMSG:
ptype = BPF_PROG_TYPE_CGROUP_SOCK_ADDR;
break;
case BPF_CGROUP_SOCK_OPS:
ptype = BPF_PROG_TYPE_SOCK_OPS;
break;
case BPF_CGROUP_DEVICE:
ptype = BPF_PROG_TYPE_CGROUP_DEVICE;
break;
case BPF_SK_MSG_VERDICT:
return sock_map_get_from_fd(attr, NULL);
case BPF_SK_SKB_STREAM_PARSER:
case BPF_SK_SKB_STREAM_VERDICT:
return sock_map_get_from_fd(attr, NULL); return sock_map_get_from_fd(attr, NULL);
case BPF_LIRC_MODE2: case BPF_PROG_TYPE_LIRC_MODE2:
return lirc_prog_detach(attr); return lirc_prog_detach(attr);
case BPF_FLOW_DISSECTOR: case BPF_PROG_TYPE_FLOW_DISSECTOR:
return skb_flow_dissector_bpf_prog_detach(attr); return skb_flow_dissector_bpf_prog_detach(attr);
case BPF_CGROUP_SYSCTL: case BPF_PROG_TYPE_CGROUP_DEVICE:
ptype = BPF_PROG_TYPE_CGROUP_SYSCTL; case BPF_PROG_TYPE_CGROUP_SKB:
break; case BPF_PROG_TYPE_CGROUP_SOCK:
case BPF_CGROUP_GETSOCKOPT: case BPF_PROG_TYPE_CGROUP_SOCK_ADDR:
case BPF_CGROUP_SETSOCKOPT: case BPF_PROG_TYPE_CGROUP_SOCKOPT:
ptype = BPF_PROG_TYPE_CGROUP_SOCKOPT; case BPF_PROG_TYPE_CGROUP_SYSCTL:
break; case BPF_PROG_TYPE_SOCK_OPS:
return cgroup_bpf_prog_detach(attr, ptype);
default: default:
return -EINVAL; return -EINVAL;
} }
return cgroup_bpf_prog_detach(attr, ptype);
} }
#define BPF_PROG_QUERY_LAST_FIELD query.prog_cnt #define BPF_PROG_QUERY_LAST_FIELD query.prog_cnt
...@@ -2726,7 +2707,7 @@ static int bpf_prog_query(const union bpf_attr *attr, ...@@ -2726,7 +2707,7 @@ static int bpf_prog_query(const union bpf_attr *attr,
case BPF_CGROUP_SYSCTL: case BPF_CGROUP_SYSCTL:
case BPF_CGROUP_GETSOCKOPT: case BPF_CGROUP_GETSOCKOPT:
case BPF_CGROUP_SETSOCKOPT: case BPF_CGROUP_SETSOCKOPT:
break; return cgroup_bpf_prog_query(attr, uattr);
case BPF_LIRC_MODE2: case BPF_LIRC_MODE2:
return lirc_prog_query(attr, uattr); return lirc_prog_query(attr, uattr);
case BPF_FLOW_DISSECTOR: case BPF_FLOW_DISSECTOR:
...@@ -2734,8 +2715,6 @@ static int bpf_prog_query(const union bpf_attr *attr, ...@@ -2734,8 +2715,6 @@ static int bpf_prog_query(const union bpf_attr *attr,
default: default:
return -EINVAL; return -EINVAL;
} }
return cgroup_bpf_prog_query(attr, uattr);
} }
#define BPF_PROG_TEST_RUN_LAST_FIELD test.ctx_out #define BPF_PROG_TEST_RUN_LAST_FIELD test.ctx_out
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment