bpf: add bpf_skb_change_tail helper
This work adds a bpf_skb_change_tail() helper for tc BPF programs. The basic idea is to expand or shrink the skb in a controlled manner. The eBPF program can then rewrite the rest via helpers like bpf_skb_store_bytes(), bpf_lX_csum_replace() and others rather than passing a raw buffer for writing here. bpf_skb_change_tail() is really a slow path helper and intended for replies with f.e. ICMP control messages. Concept is similar to other helpers like bpf_skb_change_proto() helper to keep the helper without protocol specifics and let the BPF program mangle the remaining parts. A flags field has been added and is reserved for now should we extend the helper in future. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Daniel Borkmann
David S. Miller
parent
45c7fffaf7
commit
5293efe62d
3 changed files with 150 additions and 4 deletions
|
|
@ -2295,7 +2295,7 @@ static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
|
|||
|
||||
int ___pskb_trim(struct sk_buff *skb, unsigned int len);
|
||||
|
||||
static inline void __skb_trim(struct sk_buff *skb, unsigned int len)
|
||||
static inline void __skb_set_length(struct sk_buff *skb, unsigned int len)
|
||||
{
|
||||
if (unlikely(skb_is_nonlinear(skb))) {
|
||||
WARN_ON(1);
|
||||
|
|
@ -2305,6 +2305,11 @@ static inline void __skb_trim(struct sk_buff *skb, unsigned int len)
|
|||
skb_set_tail_pointer(skb, len);
|
||||
}
|
||||
|
||||
static inline void __skb_trim(struct sk_buff *skb, unsigned int len)
|
||||
{
|
||||
__skb_set_length(skb, len);
|
||||
}
|
||||
|
||||
void skb_trim(struct sk_buff *skb, unsigned int len);
|
||||
|
||||
static inline int __pskb_trim(struct sk_buff *skb, unsigned int len)
|
||||
|
|
@ -2335,6 +2340,20 @@ static inline void pskb_trim_unique(struct sk_buff *skb, unsigned int len)
|
|||
BUG_ON(err);
|
||||
}
|
||||
|
||||
static inline int __skb_grow(struct sk_buff *skb, unsigned int len)
|
||||
{
|
||||
unsigned int diff = len - skb->len;
|
||||
|
||||
if (skb_tailroom(skb) < diff) {
|
||||
int ret = pskb_expand_head(skb, 0, diff - skb_tailroom(skb),
|
||||
GFP_ATOMIC);
|
||||
if (ret)
|
||||
return ret;
|
||||
}
|
||||
__skb_set_length(skb, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* skb_orphan - orphan a buffer
|
||||
* @skb: buffer to orphan
|
||||
|
|
@ -2938,6 +2957,21 @@ static inline int pskb_trim_rcsum(struct sk_buff *skb, unsigned int len)
|
|||
return __pskb_trim(skb, len);
|
||||
}
|
||||
|
||||
static inline int __skb_trim_rcsum(struct sk_buff *skb, unsigned int len)
|
||||
{
|
||||
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
||||
skb->ip_summed = CHECKSUM_NONE;
|
||||
__skb_trim(skb, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int __skb_grow_rcsum(struct sk_buff *skb, unsigned int len)
|
||||
{
|
||||
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
||||
skb->ip_summed = CHECKSUM_NONE;
|
||||
return __skb_grow(skb, len);
|
||||
}
|
||||
|
||||
#define skb_queue_walk(queue, skb) \
|
||||
for (skb = (queue)->next; \
|
||||
skb != (struct sk_buff *)(queue); \
|
||||
|
|
@ -3726,6 +3760,13 @@ static inline bool skb_is_gso_v6(const struct sk_buff *skb)
|
|||
return skb_shinfo(skb)->gso_type & SKB_GSO_TCPV6;
|
||||
}
|
||||
|
||||
static inline void skb_gso_reset(struct sk_buff *skb)
|
||||
{
|
||||
skb_shinfo(skb)->gso_size = 0;
|
||||
skb_shinfo(skb)->gso_segs = 0;
|
||||
skb_shinfo(skb)->gso_type = 0;
|
||||
}
|
||||
|
||||
void __skb_warn_lro_forwarding(const struct sk_buff *skb);
|
||||
|
||||
static inline bool skb_warn_if_lro(const struct sk_buff *skb)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue