From aca06275c04a33d3ce621565a0b253a80d8b2c9a Mon Sep 17 00:00:00 2001 From: bitcoffee Date: Tue, 13 Jun 2023 14:19:23 +0800 Subject: [PATCH 1/4] net, bpf: Add a writeable_tracepoint to inet_stream_connect hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I71USM -------------------------------------------------- A trace point is added to the connection process. Theebpf program can be mounted to modify the return value of the function. This is mandatory for delaying the establishment of an ebpf link. After the connection is complete, a message is returned immediately and no unnecessary operation is performed. Signed-off-by: bitcoffee --- include/trace/events/sock.h | 14 ++++++++++++++ net/ipv4/af_inet.c | 1 + 2 files changed, 15 insertions(+) diff --git a/include/trace/events/sock.h b/include/trace/events/sock.h index 905b151bc3dd..841627e15314 100644 --- a/include/trace/events/sock.h +++ b/include/trace/events/sock.h @@ -203,6 +203,20 @@ TRACE_EVENT(inet_sock_set_state, show_tcp_state_name(__entry->newstate)) ); +#undef NET_DECLARE_TRACE +#ifdef DECLARE_TRACE_WRITABLE +#define NET_DECLARE_TRACE(call, proto, args, size) \ + DECLARE_TRACE_WRITABLE(call, PARAMS(proto), PARAMS(args), size) +#else +#define NET_DECLARE_TRACE(call, proto, args, size) \ + DECLARE_TRACE(call, PARAMS(proto), PARAMS(args)) +#endif + +NET_DECLARE_TRACE(connect_ret, + TP_PROTO(int *err), + TP_ARGS(err), + sizeof(int)); + #endif /* _TRACE_SOCK_H */ /* This part must be outside protection */ diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c index 4ddbfccfd0c8..6c9b39e96592 100644 --- a/net/ipv4/af_inet.c +++ b/net/ipv4/af_inet.c @@ -729,6 +729,7 @@ int inet_stream_connect(struct socket *sock, struct sockaddr *uaddr, lock_sock(sock->sk); err = __inet_stream_connect(sock, uaddr, addr_len, flags, 0); release_sock(sock->sk); + trace_connect_ret(&err); return err; } EXPORT_SYMBOL(inet_stream_connect); -- Gitee From 48b25f1c5a47647316f699dabb3ec55579e12e4f Mon Sep 17 00:00:00 2001 From: bitcoffee Date: Tue, 13 Jun 2023 14:21:35 +0800 Subject: [PATCH 2/4] net, bpf: Introduces a new ebpf delay connect flag hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I71USM --------------------------------------------------- The bpf_defer_connect bit is added for inet_sock to indicate whether the current socket is changed to the bpf program to delay link establishment. Signed-off-by: bitcoffee --- include/net/inet_sock.h | 3 ++- net/ipv4/tcp.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/include/net/inet_sock.h b/include/net/inet_sock.h index 91668b1cd3d1..7f500a230757 100644 --- a/include/net/inet_sock.h +++ b/include/net/inet_sock.h @@ -240,10 +240,11 @@ struct inet_sock { nodefrag:1; __u8 bind_address_no_port:1, recverr_rfc4884:1, - defer_connect:1; /* Indicates that fastopen_connect is set + defer_connect:1, /* Indicates that fastopen_connect is set * and cookie exists so we defer connect * until first data frame is written */ + bpf_defer_connect:1; __u8 rcv_tos; __u8 convert_csum; int uc_index; diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index e7ac3555d798..c687995f64b6 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -590,7 +590,8 @@ __poll_t tcp_poll(struct file *file, struct socket *sock, poll_table *wait) if (tp->urg_data & TCP_URG_VALID) mask |= EPOLLPRI; - } else if (state == TCP_SYN_SENT && inet_sk(sk)->defer_connect) { + } else if (state == TCP_SYN_SENT && + (inet_sk(sk)->defer_connect || inet_sk(sk)->bpf_defer_connect)) { /* Active TCP fastopen socket with defer_connect * Return EPOLLOUT so application can call write() * in order for kernel to generate SYN+data -- Gitee From d5bbce3352542eeb3076b9bba3da8db2cd7ff955 Mon Sep 17 00:00:00 2001 From: bitcoffee Date: Tue, 13 Jun 2023 14:23:05 +0800 Subject: [PATCH 3/4] ipv4, bpf: Introduced to support the ULP to modify sockets during setopt hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I71USM ------------------------------------------------------ Currently, the ebpf program can distinguish sockets according to the address accessed by the client, and use the ULP framework to modify the matched sockets to delay link establishment. Signed-off-by: bitcoffee --- net/core/filter.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index 012a5070a9e5..904f65aa2f14 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -4837,6 +4837,13 @@ static int _bpf_setsockopt(struct sock *sk, int level, int optname, TCP_CA_NAME_MAX-1)); name[TCP_CA_NAME_MAX-1] = 0; ret = tcp_set_congestion_control(sk, name, false, true); + } else if (optname == TCP_ULP) { + char name[TCP_ULP_NAME_MAX]; + + strncpy(name, optval, min_t(long, optlen, + TCP_ULP_NAME_MAX - 1)); + name[TCP_ULP_NAME_MAX - 1] = 0; + return tcp_set_ulp(sk, name); } else { struct inet_connection_sock *icsk = inet_csk(sk); struct tcp_sock *tp = tcp_sk(sk); -- Gitee From dacbc5a9e944ceb75c9acebc1a8c127a1d0efce9 Mon Sep 17 00:00:00 2001 From: bitcoffee Date: Tue, 13 Jun 2023 14:23:35 +0800 Subject: [PATCH 4/4] bpf: Introduces a new state to identify the location of the sockops call hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I71USM ----------------------------------------------------- Currently, a permission status code is required to identify that the access to the sockops is from the delayed link establishment scenario. Therefore, "BPF_SOCK_OPS_TCP_DEFFER_CONNECT_CB" Signed-off-by: bitcoffee --- include/uapi/linux/bpf.h | 1 + tools/include/uapi/linux/bpf.h | 1 + 2 files changed, 2 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index 9e64dac44d60..79d5e5850bf6 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -4872,6 +4872,7 @@ enum { * by the kernel or the * earlier bpf-progs. */ + BPF_SOCK_OPS_TCP_DEFER_CONNECT_CB,/* call ebpf to defer connect*/ }; /* List of TCP states. There is a build check in net/ipv4/tcp.c to detect diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index abf8023d606b..807232f0c7e0 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -4872,6 +4872,7 @@ enum { * by the kernel or the * earlier bpf-progs. */ + BPF_SOCK_OPS_TCP_DEFER_CONNECT_CB,/* call ebpf to defer connect*/ }; /* List of TCP states. There is a build check in net/ipv4/tcp.c to detect -- Gitee