1 // SPDX-License-Identifier: GPL-2.0
3 * To speed up listener socket lookup, create an array to store all sockets
4 * listening on the same port. This allows a decision to be made after finding
5 * the first socket. An optional BPF program can also be configured for
6 * selecting the socket index from the array of available sockets.
10 #include <net/sock_reuseport.h>
11 #include <linux/bpf.h>
12 #include <linux/idr.h>
13 #include <linux/filter.h>
14 #include <linux/rcupdate.h>
16 #define INIT_SOCKS 128
18 DEFINE_SPINLOCK(reuseport_lock);
20 static DEFINE_IDA(reuseport_ida);
21 static int reuseport_resurrect(struct sock *sk, struct sock_reuseport *old_reuse,
22 struct sock_reuseport *reuse, bool bind_inany);
24 void reuseport_has_conns_set(struct sock *sk)
26 struct sock_reuseport *reuse;
28 if (!rcu_access_pointer(sk->sk_reuseport_cb))
31 spin_lock_bh(&reuseport_lock);
32 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
33 lockdep_is_held(&reuseport_lock));
36 spin_unlock_bh(&reuseport_lock);
38 EXPORT_SYMBOL(reuseport_has_conns_set);
40 static void __reuseport_get_incoming_cpu(struct sock_reuseport *reuse)
42 /* Paired with READ_ONCE() in reuseport_select_sock_by_hash(). */
43 WRITE_ONCE(reuse->incoming_cpu, reuse->incoming_cpu + 1);
46 static void __reuseport_put_incoming_cpu(struct sock_reuseport *reuse)
48 /* Paired with READ_ONCE() in reuseport_select_sock_by_hash(). */
49 WRITE_ONCE(reuse->incoming_cpu, reuse->incoming_cpu - 1);
52 static void reuseport_get_incoming_cpu(struct sock *sk, struct sock_reuseport *reuse)
54 if (sk->sk_incoming_cpu >= 0)
55 __reuseport_get_incoming_cpu(reuse);
58 static void reuseport_put_incoming_cpu(struct sock *sk, struct sock_reuseport *reuse)
60 if (sk->sk_incoming_cpu >= 0)
61 __reuseport_put_incoming_cpu(reuse);
64 void reuseport_update_incoming_cpu(struct sock *sk, int val)
66 struct sock_reuseport *reuse;
67 int old_sk_incoming_cpu;
69 if (unlikely(!rcu_access_pointer(sk->sk_reuseport_cb))) {
70 /* Paired with REAE_ONCE() in sk_incoming_cpu_update()
71 * and compute_score().
73 WRITE_ONCE(sk->sk_incoming_cpu, val);
77 spin_lock_bh(&reuseport_lock);
79 /* This must be done under reuseport_lock to avoid a race with
80 * reuseport_grow(), which accesses sk->sk_incoming_cpu without
81 * lock_sock() when detaching a shutdown()ed sk.
83 * Paired with READ_ONCE() in reuseport_select_sock_by_hash().
85 old_sk_incoming_cpu = sk->sk_incoming_cpu;
86 WRITE_ONCE(sk->sk_incoming_cpu, val);
88 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
89 lockdep_is_held(&reuseport_lock));
91 /* reuseport_grow() has detached a closed sk. */
95 if (old_sk_incoming_cpu < 0 && val >= 0)
96 __reuseport_get_incoming_cpu(reuse);
97 else if (old_sk_incoming_cpu >= 0 && val < 0)
98 __reuseport_put_incoming_cpu(reuse);
101 spin_unlock_bh(&reuseport_lock);
104 static int reuseport_sock_index(struct sock *sk,
105 const struct sock_reuseport *reuse,
112 right = reuse->num_socks;
114 left = reuse->max_socks - reuse->num_closed_socks;
115 right = reuse->max_socks;
118 for (; left < right; left++)
119 if (reuse->socks[left] == sk)
124 static void __reuseport_add_sock(struct sock *sk,
125 struct sock_reuseport *reuse)
127 reuse->socks[reuse->num_socks] = sk;
128 /* paired with smp_rmb() in reuseport_(select|migrate)_sock() */
131 reuseport_get_incoming_cpu(sk, reuse);
134 static bool __reuseport_detach_sock(struct sock *sk,
135 struct sock_reuseport *reuse)
137 int i = reuseport_sock_index(sk, reuse, false);
142 reuse->socks[i] = reuse->socks[reuse->num_socks - 1];
144 reuseport_put_incoming_cpu(sk, reuse);
149 static void __reuseport_add_closed_sock(struct sock *sk,
150 struct sock_reuseport *reuse)
152 reuse->socks[reuse->max_socks - reuse->num_closed_socks - 1] = sk;
153 /* paired with READ_ONCE() in inet_csk_bind_conflict() */
154 WRITE_ONCE(reuse->num_closed_socks, reuse->num_closed_socks + 1);
155 reuseport_get_incoming_cpu(sk, reuse);
158 static bool __reuseport_detach_closed_sock(struct sock *sk,
159 struct sock_reuseport *reuse)
161 int i = reuseport_sock_index(sk, reuse, true);
166 reuse->socks[i] = reuse->socks[reuse->max_socks - reuse->num_closed_socks];
167 /* paired with READ_ONCE() in inet_csk_bind_conflict() */
168 WRITE_ONCE(reuse->num_closed_socks, reuse->num_closed_socks - 1);
169 reuseport_put_incoming_cpu(sk, reuse);
174 static struct sock_reuseport *__reuseport_alloc(unsigned int max_socks)
176 unsigned int size = sizeof(struct sock_reuseport) +
177 sizeof(struct sock *) * max_socks;
178 struct sock_reuseport *reuse = kzalloc(size, GFP_ATOMIC);
183 reuse->max_socks = max_socks;
185 RCU_INIT_POINTER(reuse->prog, NULL);
189 int reuseport_alloc(struct sock *sk, bool bind_inany)
191 struct sock_reuseport *reuse;
194 /* bh lock used since this function call may precede hlist lock in
195 * soft irq of receive path or setsockopt from process context
197 spin_lock_bh(&reuseport_lock);
199 /* Allocation attempts can occur concurrently via the setsockopt path
200 * and the bind/hash path. Nothing to do when we lose the race.
202 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
203 lockdep_is_held(&reuseport_lock));
205 if (reuse->num_closed_socks) {
206 /* sk was shutdown()ed before */
207 ret = reuseport_resurrect(sk, reuse, NULL, bind_inany);
211 /* Only set reuse->bind_inany if the bind_inany is true.
212 * Otherwise, it will overwrite the reuse->bind_inany
213 * which was set by the bind/hash path.
216 reuse->bind_inany = bind_inany;
220 reuse = __reuseport_alloc(INIT_SOCKS);
226 id = ida_alloc(&reuseport_ida, GFP_ATOMIC);
233 reuse->reuseport_id = id;
234 reuse->bind_inany = bind_inany;
235 reuse->socks[0] = sk;
236 reuse->num_socks = 1;
237 reuseport_get_incoming_cpu(sk, reuse);
238 rcu_assign_pointer(sk->sk_reuseport_cb, reuse);
241 spin_unlock_bh(&reuseport_lock);
245 EXPORT_SYMBOL(reuseport_alloc);
247 static struct sock_reuseport *reuseport_grow(struct sock_reuseport *reuse)
249 struct sock_reuseport *more_reuse;
250 u32 more_socks_size, i;
252 more_socks_size = reuse->max_socks * 2U;
253 if (more_socks_size > U16_MAX) {
254 if (reuse->num_closed_socks) {
255 /* Make room by removing a closed sk.
256 * The child has already been migrated.
257 * Only reqsk left at this point.
261 sk = reuse->socks[reuse->max_socks - reuse->num_closed_socks];
262 RCU_INIT_POINTER(sk->sk_reuseport_cb, NULL);
263 __reuseport_detach_closed_sock(sk, reuse);
271 more_reuse = __reuseport_alloc(more_socks_size);
275 more_reuse->num_socks = reuse->num_socks;
276 more_reuse->num_closed_socks = reuse->num_closed_socks;
277 more_reuse->prog = reuse->prog;
278 more_reuse->reuseport_id = reuse->reuseport_id;
279 more_reuse->bind_inany = reuse->bind_inany;
280 more_reuse->has_conns = reuse->has_conns;
281 more_reuse->incoming_cpu = reuse->incoming_cpu;
283 memcpy(more_reuse->socks, reuse->socks,
284 reuse->num_socks * sizeof(struct sock *));
285 memcpy(more_reuse->socks +
286 (more_reuse->max_socks - more_reuse->num_closed_socks),
287 reuse->socks + (reuse->max_socks - reuse->num_closed_socks),
288 reuse->num_closed_socks * sizeof(struct sock *));
289 more_reuse->synq_overflow_ts = READ_ONCE(reuse->synq_overflow_ts);
291 for (i = 0; i < reuse->max_socks; ++i)
292 rcu_assign_pointer(reuse->socks[i]->sk_reuseport_cb,
295 /* Note: we use kfree_rcu here instead of reuseport_free_rcu so
296 * that reuse and more_reuse can temporarily share a reference
299 kfree_rcu(reuse, rcu);
303 static void reuseport_free_rcu(struct rcu_head *head)
305 struct sock_reuseport *reuse;
307 reuse = container_of(head, struct sock_reuseport, rcu);
308 sk_reuseport_prog_free(rcu_dereference_protected(reuse->prog, 1));
309 ida_free(&reuseport_ida, reuse->reuseport_id);
314 * reuseport_add_sock - Add a socket to the reuseport group of another.
315 * @sk: New socket to add to the group.
316 * @sk2: Socket belonging to the existing reuseport group.
317 * @bind_inany: Whether or not the group is bound to a local INANY address.
319 * May return ENOMEM and not add socket to group under memory pressure.
321 int reuseport_add_sock(struct sock *sk, struct sock *sk2, bool bind_inany)
323 struct sock_reuseport *old_reuse, *reuse;
325 if (!rcu_access_pointer(sk2->sk_reuseport_cb)) {
326 int err = reuseport_alloc(sk2, bind_inany);
332 spin_lock_bh(&reuseport_lock);
333 reuse = rcu_dereference_protected(sk2->sk_reuseport_cb,
334 lockdep_is_held(&reuseport_lock));
335 old_reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
336 lockdep_is_held(&reuseport_lock));
337 if (old_reuse && old_reuse->num_closed_socks) {
338 /* sk was shutdown()ed before */
339 int err = reuseport_resurrect(sk, old_reuse, reuse, reuse->bind_inany);
341 spin_unlock_bh(&reuseport_lock);
345 if (old_reuse && old_reuse->num_socks != 1) {
346 spin_unlock_bh(&reuseport_lock);
350 if (reuse->num_socks + reuse->num_closed_socks == reuse->max_socks) {
351 reuse = reuseport_grow(reuse);
353 spin_unlock_bh(&reuseport_lock);
358 __reuseport_add_sock(sk, reuse);
359 rcu_assign_pointer(sk->sk_reuseport_cb, reuse);
361 spin_unlock_bh(&reuseport_lock);
364 call_rcu(&old_reuse->rcu, reuseport_free_rcu);
367 EXPORT_SYMBOL(reuseport_add_sock);
369 static int reuseport_resurrect(struct sock *sk, struct sock_reuseport *old_reuse,
370 struct sock_reuseport *reuse, bool bind_inany)
372 if (old_reuse == reuse) {
373 /* If sk was in the same reuseport group, just pop sk out of
374 * the closed section and push sk into the listening section.
376 __reuseport_detach_closed_sock(sk, old_reuse);
377 __reuseport_add_sock(sk, old_reuse);
382 /* In bind()/listen() path, we cannot carry over the eBPF prog
383 * for the shutdown()ed socket. In setsockopt() path, we should
384 * not change the eBPF prog of listening sockets by attaching a
385 * prog to the shutdown()ed socket. Thus, we will allocate a new
386 * reuseport group and detach sk from the old group.
390 reuse = __reuseport_alloc(INIT_SOCKS);
394 id = ida_alloc(&reuseport_ida, GFP_ATOMIC);
400 reuse->reuseport_id = id;
401 reuse->bind_inany = bind_inany;
403 /* Move sk from the old group to the new one if
404 * - all the other listeners in the old group were close()d or
405 * shutdown()ed, and then sk2 has listen()ed on the same port
407 * - sk listen()ed without bind() (or with autobind), was
408 * shutdown()ed, and then listen()s on another port which
411 if (reuse->num_socks + reuse->num_closed_socks == reuse->max_socks) {
412 reuse = reuseport_grow(reuse);
418 __reuseport_detach_closed_sock(sk, old_reuse);
419 __reuseport_add_sock(sk, reuse);
420 rcu_assign_pointer(sk->sk_reuseport_cb, reuse);
422 if (old_reuse->num_socks + old_reuse->num_closed_socks == 0)
423 call_rcu(&old_reuse->rcu, reuseport_free_rcu);
428 void reuseport_detach_sock(struct sock *sk)
430 struct sock_reuseport *reuse;
432 spin_lock_bh(&reuseport_lock);
433 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
434 lockdep_is_held(&reuseport_lock));
436 /* reuseport_grow() has detached a closed sk */
440 /* Notify the bpf side. The sk may be added to a sockarray
441 * map. If so, sockarray logic will remove it from the map.
443 * Other bpf map types that work with reuseport, like sockmap,
444 * don't need an explicit callback from here. They override sk
445 * unhash/close ops to remove the sk from the map before we
448 bpf_sk_reuseport_detach(sk);
450 rcu_assign_pointer(sk->sk_reuseport_cb, NULL);
452 if (!__reuseport_detach_closed_sock(sk, reuse))
453 __reuseport_detach_sock(sk, reuse);
455 if (reuse->num_socks + reuse->num_closed_socks == 0)
456 call_rcu(&reuse->rcu, reuseport_free_rcu);
459 spin_unlock_bh(&reuseport_lock);
461 EXPORT_SYMBOL(reuseport_detach_sock);
463 void reuseport_stop_listen_sock(struct sock *sk)
465 if (sk->sk_protocol == IPPROTO_TCP) {
466 struct sock_reuseport *reuse;
467 struct bpf_prog *prog;
469 spin_lock_bh(&reuseport_lock);
471 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
472 lockdep_is_held(&reuseport_lock));
473 prog = rcu_dereference_protected(reuse->prog,
474 lockdep_is_held(&reuseport_lock));
476 if (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_migrate_req) ||
477 (prog && prog->expected_attach_type == BPF_SK_REUSEPORT_SELECT_OR_MIGRATE)) {
478 /* Migration capable, move sk from the listening section
479 * to the closed section.
481 bpf_sk_reuseport_detach(sk);
483 __reuseport_detach_sock(sk, reuse);
484 __reuseport_add_closed_sock(sk, reuse);
486 spin_unlock_bh(&reuseport_lock);
490 spin_unlock_bh(&reuseport_lock);
493 /* Not capable to do migration, detach immediately */
494 reuseport_detach_sock(sk);
496 EXPORT_SYMBOL(reuseport_stop_listen_sock);
498 static struct sock *run_bpf_filter(struct sock_reuseport *reuse, u16 socks,
499 struct bpf_prog *prog, struct sk_buff *skb,
502 struct sk_buff *nskb = NULL;
505 if (skb_shared(skb)) {
506 nskb = skb_clone(skb, GFP_ATOMIC);
512 /* temporarily advance data past protocol header */
513 if (!pskb_pull(skb, hdr_len)) {
517 index = bpf_prog_run_save_cb(prog, skb);
518 __skb_push(skb, hdr_len);
525 return reuse->socks[index];
528 static struct sock *reuseport_select_sock_by_hash(struct sock_reuseport *reuse,
529 u32 hash, u16 num_socks)
531 struct sock *first_valid_sk = NULL;
534 i = j = reciprocal_scale(hash, num_socks);
536 struct sock *sk = reuse->socks[i];
538 if (sk->sk_state != TCP_ESTABLISHED) {
539 /* Paired with WRITE_ONCE() in __reuseport_(get|put)_incoming_cpu(). */
540 if (!READ_ONCE(reuse->incoming_cpu))
543 /* Paired with WRITE_ONCE() in reuseport_update_incoming_cpu(). */
544 if (READ_ONCE(sk->sk_incoming_cpu) == raw_smp_processor_id())
556 return first_valid_sk;
560 * reuseport_select_sock - Select a socket from an SO_REUSEPORT group.
561 * @sk: First socket in the group.
562 * @hash: When no BPF filter is available, use this hash to select.
563 * @skb: skb to run through BPF filter.
564 * @hdr_len: BPF filter expects skb data pointer at payload data. If
565 * the skb does not yet point at the payload, this parameter represents
566 * how far the pointer needs to advance to reach the payload.
567 * Returns a socket that should receive the packet (or NULL on error).
569 struct sock *reuseport_select_sock(struct sock *sk,
574 struct sock_reuseport *reuse;
575 struct bpf_prog *prog;
576 struct sock *sk2 = NULL;
580 reuse = rcu_dereference(sk->sk_reuseport_cb);
582 /* if memory allocation failed or add call is not yet complete */
586 prog = rcu_dereference(reuse->prog);
587 socks = READ_ONCE(reuse->num_socks);
589 /* paired with smp_wmb() in __reuseport_add_sock() */
595 if (prog->type == BPF_PROG_TYPE_SK_REUSEPORT)
596 sk2 = bpf_run_sk_reuseport(reuse, sk, prog, skb, NULL, hash);
598 sk2 = run_bpf_filter(reuse, socks, prog, skb, hdr_len);
601 /* no bpf or invalid bpf result: fall back to hash usage */
603 sk2 = reuseport_select_sock_by_hash(reuse, hash, socks);
610 EXPORT_SYMBOL(reuseport_select_sock);
613 * reuseport_migrate_sock - Select a socket from an SO_REUSEPORT group.
614 * @sk: close()ed or shutdown()ed socket in the group.
615 * @migrating_sk: ESTABLISHED/SYN_RECV full socket in the accept queue or
616 * NEW_SYN_RECV request socket during 3WHS.
617 * @skb: skb to run through BPF filter.
618 * Returns a socket (with sk_refcnt +1) that should accept the child socket
619 * (or NULL on error).
621 struct sock *reuseport_migrate_sock(struct sock *sk,
622 struct sock *migrating_sk,
625 struct sock_reuseport *reuse;
626 struct sock *nsk = NULL;
627 bool allocated = false;
628 struct bpf_prog *prog;
634 reuse = rcu_dereference(sk->sk_reuseport_cb);
638 socks = READ_ONCE(reuse->num_socks);
639 if (unlikely(!socks))
642 /* paired with smp_wmb() in __reuseport_add_sock() */
645 hash = migrating_sk->sk_hash;
646 prog = rcu_dereference(reuse->prog);
647 if (!prog || prog->expected_attach_type != BPF_SK_REUSEPORT_SELECT_OR_MIGRATE) {
648 if (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_migrate_req))
654 skb = alloc_skb(0, GFP_ATOMIC);
660 nsk = bpf_run_sk_reuseport(reuse, sk, prog, skb, migrating_sk, hash);
667 nsk = reuseport_select_sock_by_hash(reuse, hash, socks);
669 if (IS_ERR_OR_NULL(nsk) || unlikely(!refcount_inc_not_zero(&nsk->sk_refcnt))) {
679 __NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMIGRATEREQFAILURE);
682 EXPORT_SYMBOL(reuseport_migrate_sock);
684 int reuseport_attach_prog(struct sock *sk, struct bpf_prog *prog)
686 struct sock_reuseport *reuse;
687 struct bpf_prog *old_prog;
689 if (sk_unhashed(sk)) {
692 if (!sk->sk_reuseport)
695 err = reuseport_alloc(sk, false);
698 } else if (!rcu_access_pointer(sk->sk_reuseport_cb)) {
699 /* The socket wasn't bound with SO_REUSEPORT */
703 spin_lock_bh(&reuseport_lock);
704 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
705 lockdep_is_held(&reuseport_lock));
706 old_prog = rcu_dereference_protected(reuse->prog,
707 lockdep_is_held(&reuseport_lock));
708 rcu_assign_pointer(reuse->prog, prog);
709 spin_unlock_bh(&reuseport_lock);
711 sk_reuseport_prog_free(old_prog);
714 EXPORT_SYMBOL(reuseport_attach_prog);
716 int reuseport_detach_prog(struct sock *sk)
718 struct sock_reuseport *reuse;
719 struct bpf_prog *old_prog;
722 spin_lock_bh(&reuseport_lock);
723 reuse = rcu_dereference_protected(sk->sk_reuseport_cb,
724 lockdep_is_held(&reuseport_lock));
726 /* reuse must be checked after acquiring the reuseport_lock
727 * because reuseport_grow() can detach a closed sk.
730 spin_unlock_bh(&reuseport_lock);
731 return sk->sk_reuseport ? -ENOENT : -EINVAL;
734 if (sk_unhashed(sk) && reuse->num_closed_socks) {
735 spin_unlock_bh(&reuseport_lock);
739 old_prog = rcu_replace_pointer(reuse->prog, old_prog,
740 lockdep_is_held(&reuseport_lock));
741 spin_unlock_bh(&reuseport_lock);
746 sk_reuseport_prog_free(old_prog);
749 EXPORT_SYMBOL(reuseport_detach_prog);
projects / platform / kernel / linux-starfive.git / blob