bpf, net: Avoid loading module when calling bpf_setsockopt(TCP_CONGESTION)

When bpf prog changes tcp-cc by calling bpf_setsockopt(TCP_CONGESTION), it should not try to load module which may be a blocking operation. This details was correct in the v1 [0] but missed by mistake in the later revision in commit cb388e7ee3a8 ("bpf: net: Change do_tcp_setsockopt() to use the sockopt's lock_sock() and capable()"). This patch fixes it by checking the has_current_bpf_ctx(). [0] https://lore.kernel.org/bpf/20220727060921.2373314-1-kafai@fb.com/ Fixes: cb388e7ee3a8 ("bpf: net: Change do_tcp_setsockopt() to use the sockopt's lock_sock() and capable()") Signed-off-by: Martin KaFai Lau <martin.lau@linux.dev> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20220830231946.791504-1-martin.lau@linux.dev
author: Martin KaFai Lau <martin.lau@linux.dev> 2022-08-30 16:19:46 -0700
committer: Daniel Borkmann <daniel@iogearbox.net> 2022-08-31 22:21:45 +0200
commit: 84e5a0f208ca341ec1ea88a97c40849a2d541faa (patch)
tree: 3eb366755911c11a8e262a2aae1d68c569d25f36
parent: 14e5ce79943a72b9bf0fff8a5867320a9fa3e40d (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index a6986f201f92..f0d79ea45ac8 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -3503,7 +3503,7 @@ int do_tcp_setsockopt(struct sock *sk, int level, int optname,
 		name[val] = 0;
 
 		sockopt_lock_sock(sk);
-		err = tcp_set_congestion_control(sk, name, true,
+		err = tcp_set_congestion_control(sk, name, !has_current_bpf_ctx(),
 						 sockopt_ns_capable(sock_net(sk)->user_ns,
 								    CAP_NET_ADMIN));
 		sockopt_release_sock(sk);
author	Martin KaFai Lau <martin.lau@linux.dev>	2022-08-30 16:19:46 -0700
committer	Daniel Borkmann <daniel@iogearbox.net>	2022-08-31 22:21:45 +0200
commit	84e5a0f208ca341ec1ea88a97c40849a2d541faa (patch)
tree	3eb366755911c11a8e262a2aae1d68c569d25f36
parent	14e5ce79943a72b9bf0fff8a5867320a9fa3e40d (diff)