• brakmo's avatar
    bpf: cgroup inet skb programs can return 0 to 3 · 5cf1e914
    brakmo authored
    Allows cgroup inet skb programs to return values in the range [0, 3].
    The second bit is used to deterine if congestion occurred and higher
    level protocol should decrease rate. E.g. TCP would call tcp_enter_cwr()
    
    The bpf_prog must set expected_attach_type to BPF_CGROUP_INET_EGRESS
    at load time if it uses the new return values (i.e. 2 or 3).
    
    The expected_attach_type is currently not enforced for
    BPF_PROG_TYPE_CGROUP_SKB.  e.g Meaning the current bpf_prog with
    expected_attach_type setting to BPF_CGROUP_INET_EGRESS can attach to
    BPF_CGROUP_INET_INGRESS.  Blindly enforcing expected_attach_type will
    break backward compatibility.
    
    This patch adds a enforce_expected_attach_type bit to only
    enforce the expected_attach_type when it uses the new
    return value.
    Signed-off-by: default avatarLawrence Brakmo <brakmo@fb.com>
    Signed-off-by: default avatarMartin KaFai Lau <kafai@fb.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    5cf1e914
syscall.c 67 KB