From: Liu Jian <liujian56@huawei.com> hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I8KU3B CVE: NA -------------------------------- Access bpf_sock's src_ip4 and sorc_port in BPF_CGROUP_INET_SOCK_RELEASE hook. Signed-off-by: Liu Jian <liujian56@huawei.com> Signed-off-by: Zhengchao Shao <shaozhengchao@huawei.com> --- net/core/filter.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/core/filter.c b/net/core/filter.c index 4c9d429babaa..2acf7141b644 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -8685,6 +8685,9 @@ static bool __sock_filter_check_attach_type(int off, case bpf_ctx_range(struct bpf_sock, src_ip4): switch (attach_type) { case BPF_CGROUP_INET4_POST_BIND: +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + case BPF_CGROUP_INET_SOCK_RELEASE: +#endif goto read_only; default: return false; @@ -8700,6 +8703,9 @@ static bool __sock_filter_check_attach_type(int off, switch (attach_type) { case BPF_CGROUP_INET4_POST_BIND: case BPF_CGROUP_INET6_POST_BIND: +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + case BPF_CGROUP_INET_SOCK_RELEASE: +#endif goto read_only; default: return false; -- 2.34.1