git.itanic.dy.fi Git - linux-stable/commit

author	Florian Westphal <fw@strlen.de>
	Mon, 5 Jun 2023 13:14:45 +0000 (15:14 +0200)
committer	Andrii Nakryiko <andrii@kernel.org>
	Mon, 5 Jun 2023 22:01:43 +0000 (15:01 -0700)
commit	132328e8e85174ea788faf8f627c33258c88fbad
tree	07d02da4e6abf7ab058c2d6b1f836263e176e617	tree \| snapshot
parent	23509e92cf13ed22c17d160efac7d0f0602d0bcb	commit \| diff

bpf: netfilter: Add BPF_NETFILTER bpf_attach_type

Andrii Nakryiko writes:

And we currently don't have an attach type for NETLINK BPF link.
Thankfully it's not too late to add it. I see that link_create() in
kernel/bpf/syscall.c just bypasses attach_type check. We shouldn't
have done that. Instead we need to add BPF_NETLINK attach type to enum
bpf_attach_type. And wire all that properly throughout the kernel and
libbpf itself.

This adds BPF_NETFILTER and uses it. This breaks uabi but this
wasn't in any non-rc release yet, so it should be fine.

v2: check link_attack prog type in link_create too

Fixes: 84601d6ee68a ("bpf: add bpf_link support for BPF_NETFILTER programs")
Suggested-by: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/CAEf4BzZ69YgrQW7DHCJUT_X+GqMq_ZQQPBwopaJJVGFD5=d5Vg@mail.gmail.com/
Link: https://lore.kernel.org/bpf/20230605131445.32016-1-fw@strlen.de

include/uapi/linux/bpf.h		diff \| blob \| history
kernel/bpf/syscall.c		diff \| blob \| history
tools/include/uapi/linux/bpf.h		diff \| blob \| history
tools/lib/bpf/libbpf.c		diff \| blob \| history
tools/lib/bpf/libbpf_probes.c		diff \| blob \| history