git.ipfire.org Git - thirdparty/linux.git/commit

author	Alexei Starovoitov <ast@plumgrid.com>
	Fri, 13 Mar 2015 18:57:42 +0000 (11:57 -0700)
committer	David S. Miller <davem@davemloft.net>
	Mon, 16 Mar 2015 02:02:28 +0000 (22:02 -0400)
commit	9bac3d6d548e5cc925570b263f35b70a00a00ffd
tree	00ae5c37fb877d7c2b4fdf5ee0b8fe4837b1d476	tree \| snapshot
parent	a498cfe990f569dd3766bfc9bfd2a5ee04468cd2	commit \| diff

bpf: allow extended BPF programs access skb fields

introduce user accessible mirror of in-kernel 'struct sk_buff':
struct __sk_buff {
    __u32 len;
    __u32 pkt_type;
    __u32 mark;
    __u32 queue_mapping;
};

bpf programs can do:

int bpf_prog(struct __sk_buff *skb)
{
    __u32 var = skb->pkt_type;

which will be compiled to bpf assembler as:

dst_reg = *(u32 *)(src_reg + 4) // 4 == offsetof(struct __sk_buff, pkt_type)

bpf verifier will check validity of access and will convert it to:

dst_reg = *(u8 *)(src_reg + offsetof(struct sk_buff, __pkt_type_offset))
dst_reg &= 7

since skb->pkt_type is a bitfield.

Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/bpf.h		diff \| blob \| blame \| history
include/uapi/linux/bpf.h		diff \| blob \| blame \| history
kernel/bpf/syscall.c		diff \| blob \| blame \| history
kernel/bpf/verifier.c		diff \| blob \| blame \| history
net/core/filter.c		diff \| blob \| blame \| history