Merge branch 'update-sockmap-from-prog'

			 struct bpf_prog *old, u32 which);

int sock_map_get_from_fd(const union bpf_attr *attr, struct bpf_prog *prog);

int sock_map_prog_detach(const union bpf_attr *attr, enum bpf_prog_type ptype);

int sock_map_update_elem_sys(struct bpf_map *map, void *key, void *value, u64 flags);

void sock_map_unhash(struct sock *sk);

void sock_map_close(struct sock *sk, long timeout);

#else

{

	return -EOPNOTSUPP;

}

static inline int sock_map_update_elem_sys(struct bpf_map *map, void *key, void *value,

					   u64 flags)

{

	return -EOPNOTSUPP;

}

#endif /* CONFIG_BPF_STREAM_PARSER */

#if defined(CONFIG_INET) && defined(CONFIG_BPF_SYSCALL)

					 struct sk_psock *psock,

					 struct proto *ops)

{

	/* Initialize saved callbacks and original proto only once, since this

	 * function may be called multiple times for a psock, e.g. when

	 * psock->progs.msg_parser is updated.

	 *

	 * Since we've not installed the new proto, psock is not yet in use and

	 * we can initialize it without synchronization.

	 */

	if (!psock->sk_proto) {

		struct proto *orig = READ_ONCE(sk->sk_prot);

		psock->saved_unhash = orig->unhash;

		psock->saved_close = orig->close;

		psock->saved_write_space = sk->sk_write_space;

		psock->sk_proto = orig;

	}

	/* Pairs with lockless read in sk_clone_lock() */

	WRITE_ONCE(sk->sk_prot, ops);

}

	if (bpf_map_is_dev_bound(map)) {

		return bpf_map_offload_update_elem(map, key, value, flags);

	} else if (map->map_type == BPF_MAP_TYPE_CPUMAP ||

		   map->map_type == BPF_MAP_TYPE_SOCKHASH ||

		   map->map_type == BPF_MAP_TYPE_SOCKMAP ||

		   map->map_type == BPF_MAP_TYPE_STRUCT_OPS) {

		return map->ops->map_update_elem(map, key, value, flags);

	} else if (map->map_type == BPF_MAP_TYPE_SOCKHASH ||

		   map->map_type == BPF_MAP_TYPE_SOCKMAP) {

		return sock_map_update_elem_sys(map, key, value, flags);

	} else if (IS_FD_PROG_ARRAY(map)) {

		return bpf_fd_array_map_update_elem(map, f.file, key, value,

						    flags);

	return -EINVAL;

}

static int resolve_map_arg_type(struct bpf_verifier_env *env,

				 const struct bpf_call_arg_meta *meta,

				 enum bpf_arg_type *arg_type)

{

	if (!meta->map_ptr) {

		/* kernel subsystem misconfigured verifier */

		verbose(env, "invalid map_ptr to access map->type\n");

		return -EACCES;

	}

	switch (meta->map_ptr->map_type) {

	case BPF_MAP_TYPE_SOCKMAP:

	case BPF_MAP_TYPE_SOCKHASH:

		if (*arg_type == ARG_PTR_TO_MAP_VALUE) {

			*arg_type = ARG_PTR_TO_SOCKET;

		} else {

			verbose(env, "invalid arg_type for sockmap/sockhash\n");

			return -EINVAL;

		}

		break;

	default:

		break;

	}

	return 0;

}

static int check_func_arg(struct bpf_verifier_env *env, u32 arg,

			  struct bpf_call_arg_meta *meta,

			  const struct bpf_func_proto *fn)

		return -EACCES;

	}

	if (arg_type == ARG_PTR_TO_MAP_VALUE ||

	    arg_type == ARG_PTR_TO_UNINIT_MAP_VALUE ||

	    arg_type == ARG_PTR_TO_MAP_VALUE_OR_NULL) {

		err = resolve_map_arg_type(env, meta, &arg_type);

		if (err)

			return err;

	}

	if (arg_type == ARG_PTR_TO_MAP_KEY ||

	    arg_type == ARG_PTR_TO_MAP_VALUE ||

	    arg_type == ARG_PTR_TO_UNINIT_MAP_VALUE ||

	return -EACCES;

}

static bool may_update_sockmap(struct bpf_verifier_env *env, int func_id)

{

	enum bpf_attach_type eatype = env->prog->expected_attach_type;

	enum bpf_prog_type type = env->prog->type;

	if (func_id != BPF_FUNC_map_update_elem)

		return false;

	/* It's not possible to get access to a locked struct sock in these

	 * contexts, so updating is safe.

	 */

	switch (type) {

	case BPF_PROG_TYPE_TRACING:

		if (eatype == BPF_TRACE_ITER)

			return true;

		break;

	case BPF_PROG_TYPE_SOCKET_FILTER:

	case BPF_PROG_TYPE_SCHED_CLS:

	case BPF_PROG_TYPE_SCHED_ACT:

	case BPF_PROG_TYPE_XDP:

	case BPF_PROG_TYPE_SK_REUSEPORT:

	case BPF_PROG_TYPE_FLOW_DISSECTOR:

	case BPF_PROG_TYPE_SK_LOOKUP:

		return true;

	default:

		break;

	}

	verbose(env, "cannot update sockmap in this context\n");

	return false;

}

static int check_map_func_compatibility(struct bpf_verifier_env *env,

					struct bpf_map *map, int func_id)

{

		    func_id != BPF_FUNC_map_delete_elem &&

		    func_id != BPF_FUNC_msg_redirect_map &&

		    func_id != BPF_FUNC_sk_select_reuseport &&

		    func_id != BPF_FUNC_map_lookup_elem)

		    func_id != BPF_FUNC_map_lookup_elem &&

		    !may_update_sockmap(env, func_id))

			goto error;

		break;

	case BPF_MAP_TYPE_SOCKHASH:

		    func_id != BPF_FUNC_map_delete_elem &&

		    func_id != BPF_FUNC_msg_redirect_hash &&

		    func_id != BPF_FUNC_sk_select_reuseport &&

		    func_id != BPF_FUNC_map_lookup_elem)

		    func_id != BPF_FUNC_map_lookup_elem &&

		    !may_update_sockmap(env, func_id))

			goto error;

		break;

	case BPF_MAP_TYPE_REUSEPORT_SOCKARRAY:

struct sk_psock *sk_psock_init(struct sock *sk, int node)

{

	struct sk_psock *psock = kzalloc_node(sizeof(*psock),

					      GFP_ATOMIC | __GFP_NOWARN,

					      node);

	if (!psock)

		return NULL;

	struct sk_psock *psock;

	struct proto *prot;

	write_lock_bh(&sk->sk_callback_lock);

	if (inet_csk_has_ulp(sk)) {

		psock = ERR_PTR(-EINVAL);

		goto out;

	}

	if (sk->sk_user_data) {

		psock = ERR_PTR(-EBUSY);

		goto out;

	}

	psock = kzalloc_node(sizeof(*psock), GFP_ATOMIC | __GFP_NOWARN, node);

	if (!psock) {

		psock = ERR_PTR(-ENOMEM);

		goto out;

	}

	prot = READ_ONCE(sk->sk_prot);

	psock->sk = sk;

	psock->eval = __SK_NONE;

	psock->sk_proto = prot;

	psock->saved_unhash = prot->unhash;

	psock->saved_close = prot->close;

	psock->saved_write_space = sk->sk_write_space;

	INIT_LIST_HEAD(&psock->link);

	spin_lock_init(&psock->link_lock);

	rcu_assign_sk_user_data_nocopy(sk, psock);

	sock_hold(sk);

out:

	write_unlock_bh(&sk->sk_callback_lock);

	return psock;

}

EXPORT_SYMBOL_GPL(sk_psock_init);