inet_diag: fix reporting cgroup classid and fallback to priority

Field idiag_ext in struct inet_diag_req_v2 used as bitmap of requested extensions has only 8 bits. Thus extensions starting from DCTCPINFO cannot be requested directly. Some of them included into response unconditionally or hook into some of lower 8 bits. Extension INET_DIAG_CLASS_ID has not way to request from the beginning. This patch bundle it with INET_DIAG_TCLASS (ipv6 tos), fixes space reservation, and documents behavior for other extensions. Also this patch adds fallback to reporting socket priority. This filed is more widely used for traffic classification because ipv4 sockets automatically maps TOS to priority and default qdisc pfifo_fast knows about that. But priority could be changed via setsockopt SO_PRIORITY so INET_DIAG_TOS isn't enough for predicting class. Also cgroup2 obsoletes net_cls classid (it always zero), but we cannot reuse this field for reporting cgroup2 id because it is 64-bit (ino+gen). So, after this patch INET_DIAG_CLASS_ID will report socket priority for most common setup when net_cls isn't set and/or cgroup2 in use. Fixes: 0888e372c37f ("net: inet: diag: expose sockets cgroup classid") Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru> Signed-off-by: David S. Miller <davem@davemloft.net>

inet_diag: fix reporting cgroup classid and fallback to priority
Field idiag_ext in struct inet_diag_req_v2 used as bitmap of requested extensions has only 8 bits. Thus extensions starting from DCTCPINFO cannot be requested directly. Some of them included into response unconditionally or hook into some of lower 8 bits. Extension INET_DIAG_CLASS_ID has not way to request from the beginning. This patch bundle it with INET_DIAG_TCLASS (ipv6 tos), fixes space reservation, and documents behavior for other extensions. Also this patch adds fallback to reporting socket priority. This filed is more widely used for traffic classification because ipv4 sockets automatically maps TOS to priority and default qdisc pfifo_fast knows about that. But priority could be changed via setsockopt SO_PRIORITY so INET_DIAG_TOS isn't enough for predicting class. Also cgroup2 obsoletes net_cls classid (it always zero), but we cannot reuse this field for reporting cgroup2 id because it is 64-bit (ino+gen). So, after this patch INET_DIAG_CLASS_ID will report socket priority for most common setup when net_cls isn't set and/or cgroup2 in use. Fixes: 0888e372c37f ("net: inet: diag: expose sockets cgroup classid") Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru> Signed-off-by: David S. Miller <davem@davemloft.net>
Konstantin Khlebnikov · David S. Miller
1 parent 4ffcbfac60
Showing 3 changed files with 21 additions and 6 deletions Side-by-side Diff
include/uapi/linux/inet_diag.h
net/ipv4/inet_diag.c
net/sctp/diag.c
@@ -137,15 +137,21 @@
 	INET_DIAG_TCLASS,
 	INET_DIAG_SKMEMINFO,
 	INET_DIAG_SHUTDOWN,
-	INET_DIAG_DCTCPINFO,
-	INET_DIAG_PROTOCOL,  /* response attribute only */
+
+	/*
+	 * Next extenstions cannot be requested in struct inet_diag_req_v2:
+	 * its field idiag_ext has only 8 bits.
+	 */
+
+	INET_DIAG_DCTCPINFO,	/* request as INET_DIAG_VEGASINFO */
+	INET_DIAG_PROTOCOL,	/* response attribute only */
 	INET_DIAG_SKV6ONLY,
 	INET_DIAG_LOCALS,
 	INET_DIAG_PEERS,
 	INET_DIAG_PAD,
-	INET_DIAG_MARK,
-	INET_DIAG_BBRINFO,
-	INET_DIAG_CLASS_ID,
+	INET_DIAG_MARK,		/* only with CAP_NET_ADMIN */
+	INET_DIAG_BBRINFO,	/* request as INET_DIAG_VEGASINFO */
+	INET_DIAG_CLASS_ID,	/* request as INET_DIAG_TCLASS */
 	INET_DIAG_MD5SIG,
 	__INET_DIAG_MAX,
 };
@@ -108,6 +108,7 @@
 		+ nla_total_size(1) /* INET_DIAG_TOS */
 		+ nla_total_size(1) /* INET_DIAG_TCLASS */
 		+ nla_total_size(4) /* INET_DIAG_MARK */
+		+ nla_total_size(4) /* INET_DIAG_CLASS_ID */
 		+ nla_total_size(sizeof(struct inet_diag_meminfo))
 		+ nla_total_size(sizeof(struct inet_diag_msg))
 		+ nla_total_size(SK_MEMINFO_VARS * sizeof(u32))
  
@@ -287,12 +288,19 @@
 			goto errout;
 	}
  
-	if (ext & (1 << (INET_DIAG_CLASS_ID - 1))) {
+	if (ext & (1 << (INET_DIAG_CLASS_ID - 1)) ||
+	    ext & (1 << (INET_DIAG_TCLASS - 1))) {
 		u32 classid = 0;
  
 #ifdef CONFIG_SOCK_CGROUP_DATA
 		classid = sock_cgroup_classid(&sk->sk_cgrp_data);
 #endif
+		/* Fallback to socket priority if class id isn't set.
+		 * Classful qdiscs use it as direct reference to class.
+		 * For cgroup2 classid is always zero.
+		 */
+		if (!classid)
+			classid = sk->sk_priority;
  
 		if (nla_put_u32(skb, INET_DIAG_CLASS_ID, classid))
 			goto errout;
@@ -256,6 +256,7 @@
 		+ nla_total_size(1) /* INET_DIAG_TOS */
 		+ nla_total_size(1) /* INET_DIAG_TCLASS */
 		+ nla_total_size(4) /* INET_DIAG_MARK */
+		+ nla_total_size(4) /* INET_DIAG_CLASS_ID */
 		+ nla_total_size(addrlen * asoc->peer.transport_count)
 		+ nla_total_size(addrlen * addrcnt)
 		+ nla_total_size(sizeof(struct inet_diag_meminfo))
...	...	@@ -137,15 +137,21 @@
137	137	INET_DIAG_TCLASS,
138	138	INET_DIAG_SKMEMINFO,
139	139	INET_DIAG_SHUTDOWN,
140		- INET_DIAG_DCTCPINFO,
141		- INET_DIAG_PROTOCOL, /* response attribute only */
	140	+
	141	+ /*
	142	+ * Next extenstions cannot be requested in struct inet_diag_req_v2:
	143	+ * its field idiag_ext has only 8 bits.
	144	+ */
	145	+
	146	+ INET_DIAG_DCTCPINFO, /* request as INET_DIAG_VEGASINFO */
	147	+ INET_DIAG_PROTOCOL, /* response attribute only */
142	148	INET_DIAG_SKV6ONLY,
143	149	INET_DIAG_LOCALS,
144	150	INET_DIAG_PEERS,
145	151	INET_DIAG_PAD,
146		- INET_DIAG_MARK,
147		- INET_DIAG_BBRINFO,
148		- INET_DIAG_CLASS_ID,
	152	+ INET_DIAG_MARK, /* only with CAP_NET_ADMIN */
	153	+ INET_DIAG_BBRINFO, /* request as INET_DIAG_VEGASINFO */
	154	+ INET_DIAG_CLASS_ID, /* request as INET_DIAG_TCLASS */
149	155	INET_DIAG_MD5SIG,
150	156	__INET_DIAG_MAX,
151	157	};
...	...	@@ -108,6 +108,7 @@
108	108	+ nla_total_size(1) /* INET_DIAG_TOS */
109	109	+ nla_total_size(1) /* INET_DIAG_TCLASS */
110	110	+ nla_total_size(4) /* INET_DIAG_MARK */
	111	+ + nla_total_size(4) /* INET_DIAG_CLASS_ID */
111	112	+ nla_total_size(sizeof(struct inet_diag_meminfo))
112	113	+ nla_total_size(sizeof(struct inet_diag_msg))
113	114	+ nla_total_size(SK_MEMINFO_VARS * sizeof(u32))
114	115
...	...	@@ -287,12 +288,19 @@
287	288	goto errout;
288	289	}
289	290
290		- if (ext & (1 << (INET_DIAG_CLASS_ID - 1))) {
	291	+ if (ext & (1 << (INET_DIAG_CLASS_ID - 1)) \|\|
	292	+ ext & (1 << (INET_DIAG_TCLASS - 1))) {
291	293	u32 classid = 0;
292	294
293	295	#ifdef CONFIG_SOCK_CGROUP_DATA
294	296	classid = sock_cgroup_classid(&sk->sk_cgrp_data);
295	297	#endif
	298	+ /* Fallback to socket priority if class id isn't set.
	299	+ * Classful qdiscs use it as direct reference to class.
	300	+ * For cgroup2 classid is always zero.
	301	+ */
	302	+ if (!classid)
	303	+ classid = sk->sk_priority;
296	304
297	305	if (nla_put_u32(skb, INET_DIAG_CLASS_ID, classid))
298	306	goto errout;
...	...	@@ -256,6 +256,7 @@
256	256	+ nla_total_size(1) /* INET_DIAG_TOS */
257	257	+ nla_total_size(1) /* INET_DIAG_TCLASS */
258	258	+ nla_total_size(4) /* INET_DIAG_MARK */
	259	+ + nla_total_size(4) /* INET_DIAG_CLASS_ID */
259	260	+ nla_total_size(addrlen * asoc->peer.transport_count)
260	261	+ nla_total_size(addrlen * addrcnt)
261	262	+ nla_total_size(sizeof(struct inet_diag_meminfo))