From: Daniel Borkmann <daniel@iogearbox.net>
Date: Mon, 28 May 2018 15:43:17 +0000 (+0200)
Subject: Merge branch 'bpf-sendmsg-hook'
X-Git-Tag: v4.18-rc1~114^2~9^2~20
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=f198222f056745b2622c89190a13c5a485011014;p=tomoyo%2Ftomoyo-test1.git

Merge branch 'bpf-sendmsg-hook'

Andrey Ignatov says:

====================
v3 -> v4:
* handle static key correctly for CONFIG_CGROUP_BPF=n.

v2 -> v3:
* place BPF logic under static key in udp_sendmsg, udpv6_sendmsg;
* rebase.

v1 -> v2:
* return ENOTSUPP if bpf_prog rewrote IPv6-only with IPv4-mapped IPv6;
* add test for IPv4-mapped IPv6 use-case;
* fix build for CONFIG_CGROUP_BPF=n;
* rebase.

This path set adds BPF hooks for sys_sendmsg similar to existing hooks for
sys_bind and sys_connect.

Hooks allow to override source IP (including the case when it's set via
cmsg(3)) and destination IP:port for unconnected UDP (slow path). TCP and
connected UDP (fast path) are not affected. This makes UDP support
complete: connected UDP is handled by sys_connect hooks, unconnected by
sys_sendmsg ones.

Similar to sys_connect hooks, sys_sendmsg ones can be used to make system
calls such as sendmsg(2) and sendto(2) return EPERM.

Please see patch 0002 for more details.
====================

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
---

f198222f056745b2622c89190a13c5a485011014