Re: [PATCH net-next v2 1/2] net: add missing syncookie statistics for BPF custom syncookies

Next message: Kumar Anurag Singh: "Re: [PATCH v1] arm64: dts: qcom: lemans: Enable DISPLAY-PORT"
Previous message: SeongJae Park: "Re: (sashiko review) [RFC PATCH 1/2] mm/damon/stat: add a parameter for reading kdamond pid"
In reply to: Jiayuan Chen: "Re: [PATCH net-next v2 2/2] selftests/bpf: verify syncookie statistics in tcp_custom_syncookie"
Next in thread: Martin KaFai Lau: "Re: [PATCH net-next v2 1/2] net: add missing syncookie statistics for BPF custom syncookies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Kuniyuki Iwashima

Date: Tue Apr 14 2026 - 01:38:45 EST

On Fri, Apr 10, 2026 at 6:32 PM Jiayuan Chen <jiayuan.chen@xxxxxxxxx> wrote:
>
> 1. Replace IS_ENABLED(CONFIG_BPF) with CONFIG_BPF_SYSCALL for
> cookie_bpf_ok() and cookie_bpf_check(). CONFIG_BPF is selected by
> CONFIG_NET unconditionally, so IS_ENABLED(CONFIG_BPF) is always
> true and provides no real guard. CONFIG_BPF_SYSCALL is the correct
> config for BPF program functionality.
>
> 2. Remove the CONFIG_BPF_SYSCALL guard around struct bpf_tcp_req_attrs.
> This struct is referenced by bpf_sk_assign_tcp_reqsk() in
> net/core/filter.c which is compiled unconditionally, so wrapping
> the definition in a config guard could cause build failures when
> CONFIG_BPF_SYSCALL=n.
>
> 3. Fix mismatched declaration of cookie_bpf_check() between the
> CONFIG_BPF_SYSCALL and stub paths: the real definition takes
> 'struct net *net' but the declaration in the header did not.
> Add the net parameter to the declaration and all call sites.
>
> 4. Add missing LINUX_MIB_SYNCOOKIESRECV and LINUX_MIB_SYNCOOKIESFAILED
> statistics in cookie_bpf_check(), so that BPF custom syncookie
> validation is accounted for in SNMP counters just like the
> non-BPF path.
>
> Compile-tested with CONFIG_BPF_SYSCALL=y and CONFIG_BPF_SYSCALL
> not set.
>
> Signed-off-by: Jiayuan Chen <jiayuan.chen@xxxxxxxxx>

Reviewed-by: Kuniyuki Iwashima <kuniyu@xxxxxxxxxx>