github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-12 16:18:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

bpf: Check the protocol of a sock to agree the calls to bpf_setsockopt().

Browse Source 
Resolve an issue when calling sol_tcp_sockopt() on a socket with ktls
enabled. Prior to this patch, sol_tcp_sockopt() would only allow calls
if the function pointer of setsockopt of the socket was set to
tcp_setsockopt(). However, any socket with ktls enabled would have its
function pointer set to tls_setsockopt(). To resolve this issue, the
patch adds a check of the protocol of the linux socket and allows
bpf_setsockopt() to be called if ktls is initialized on the linux
socket. This ensures that calls to sol_tcp_sockopt() will succeed on
sockets with ktls enabled.

Signed-off-by: Kui-Feng Lee <kuifeng@meta.com>
Link: https://lore.kernel.org/r/20230125201608.908230-2-kuifeng@meta.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
This commit is contained in:
Kui-Feng Lee 2023-01-25 12:16:07 -08:00 committed by Martin KaFai Lau
parent a5f6b9d577
commit 2ab42c7b87
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net/core/filter.c
View File

@ -5204,7 +5204,7 @@ static int sol_tcp_sockopt(struct sock *sk, int optname,
char *optval, int *optlen, char *optval, int *optlen,
bool getopt) bool getopt)
{ {
if (sk->sk_prot->setsockopt != tcp_setsockopt) if (sk->sk_protocol != IPPROTO_TCP)
return -EINVAL; return -EINVAL;
switch (optname) { switch (optname) {