• Joe Stringer's avatar
    bpf: Support sk lookup in netns with id 0 · f71c6143
    Joe Stringer authored
    David Ahern and Nicolas Dichtel report that the handling of the netns id
    0 is incorrect for the BPF socket lookup helpers: rather than finding
    the netns with id 0, it is resolving to the current netns. This renders
    the netns_id 0 inaccessible.
    
    To fix this, adjust the API for the netns to treat all negative s32
    values as a lookup in the current netns (including u64 values which when
    truncated to s32 become negative), while any values with a positive
    value in the signed 32-bit integer space would result in a lookup for a
    socket in the netns corresponding to that id. As before, if the netns
    with that ID does not exist, no socket will be found. Any netns outside
    of these ranges will fail to find a corresponding socket, as those
    values are reserved for future usage.
    Signed-off-by: default avatarJoe Stringer <joe@wand.net.nz>
    Acked-by: default avatarNicolas Dichtel <nicolas.dichtel@6wind.com>
    Acked-by: default avatarJoey Pabalinas <joeypabalinas@gmail.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    f71c6143
bpf_helpers.h 14 KB