diff options
author | Kui-Feng Lee <kuifeng@meta.com> | 2023-01-25 12:16:07 -0800 |
---|---|---|
committer | Martin KaFai Lau <martin.lau@kernel.org> | 2023-01-25 14:49:11 -0800 |
commit | 2ab42c7b871f4e85f21e1a85dfa3f87e4d31221d (patch) | |
tree | 9eee2c57ef6a20b60ec195cb9734d3874718f52f /net/core/filter.c | |
parent | a5f6b9d577eba18601c14bba2dbff4a9b76af962 (diff) |
bpf: Check the protocol of a sock to agree the calls to bpf_setsockopt().
Resolve an issue when calling sol_tcp_sockopt() on a socket with ktls
enabled. Prior to this patch, sol_tcp_sockopt() would only allow calls
if the function pointer of setsockopt of the socket was set to
tcp_setsockopt(). However, any socket with ktls enabled would have its
function pointer set to tls_setsockopt(). To resolve this issue, the
patch adds a check of the protocol of the linux socket and allows
bpf_setsockopt() to be called if ktls is initialized on the linux
socket. This ensures that calls to sol_tcp_sockopt() will succeed on
sockets with ktls enabled.
Signed-off-by: Kui-Feng Lee <kuifeng@meta.com>
Link: https://lore.kernel.org/r/20230125201608.908230-2-kuifeng@meta.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Diffstat (limited to 'net/core/filter.c')
-rw-r--r-- | net/core/filter.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/core/filter.c b/net/core/filter.c index ed08dbf10338..6da78b3d381e 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -5204,7 +5204,7 @@ static int sol_tcp_sockopt(struct sock *sk, int optname, char *optval, int *optlen, bool getopt) { - if (sk->sk_prot->setsockopt != tcp_setsockopt) + if (sk->sk_protocol != IPPROTO_TCP) return -EINVAL; switch (optname) { |