7 files changed, 34 insertions, 7 deletions

diff --git a/MAINTAINERS b/MAINTAINERS
index 537fd17a211b..52d246fd29c9 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -15424,6 +15424,14 @@ T:	git git://linuxtv.org/media_tree.git
 S:      Maintained
 F:      drivers/media/tuners/tuner-xc2028.*
 
+XDP SOCKETS (AF_XDP)
+M:      Björn Töpel <bjorn.topel@intel.com>
+M:      Magnus Karlsson <magnus.karlsson@intel.com>
+L:      netdev@vger.kernel.org
+S:      Maintained
+F:      kernel/bpf/xskmap.c
+F:      net/xdp/
+
 XEN BLOCK SUBSYSTEM
 M:      Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
 M:      Roger Pau Monné <roger.pau@citrix.com>
diff --git a/include/linux/socket.h b/include/linux/socket.h
index ea50f4a65816..7ed4713d5337 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -207,8 +207,9 @@ struct ucred {
                                  * PF_SMC protocol family that
                                  * reuses AF_INET address family
                                  */
+#define AF_XDP          44      /* XDP sockets                  */
 
-#define AF_MAX          44      /* For now.. */
+#define AF_MAX          45      /* For now.. */
 
 /* Protocol families, same as address families. */
 #define PF_UNSPEC       AF_UNSPEC
@@ -257,6 +258,7 @@ struct ucred {
 #define PF_KCM          AF_KCM
 #define PF_QIPCRTR      AF_QIPCRTR
 #define PF_SMC          AF_SMC
+#define PF_XDP          AF_XDP
 #define PF_MAX          AF_MAX
 
 /* Maximum queue length specifiable by listen.  */
@@ -338,6 +340,7 @@ struct ucred {
 #define SOL_NFC         280
 #define SOL_KCM         281
 #define SOL_TLS         282
+#define SOL_XDP         283
 
 /* IPX options */
 #define IPX_TYPE        1
diff --git a/net/Kconfig b/net/Kconfig
index 6fa1a4493b8c..86471a1c1ed4 100644
--- a/net/Kconfig
+++ b/net/Kconfig
@@ -59,6 +59,7 @@ source "net/tls/Kconfig"
 source "net/xfrm/Kconfig"
 source "net/iucv/Kconfig"
 source "net/smc/Kconfig"
+source "net/xdp/Kconfig"
 
 config INET
         bool "TCP/IP networking"
diff --git a/net/core/sock.c b/net/core/sock.c
index b2c3db169ca1..e7d8b6c955c6 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -226,7 +226,8 @@ static struct lock_class_key af_family_kern_slock_keys[AF_MAX];
   x "AF_RXRPC" ,        x "AF_ISDN"     ,       x "AF_PHONET"   , \
   x "AF_IEEE802154",    x "AF_CAIF"     ,       x "AF_ALG"      , \
   x "AF_NFC"   ,        x "AF_VSOCK"    ,       x "AF_KCM"      , \
-  x "AF_QIPCRTR",       x "AF_SMC"      ,       x "AF_MAX"
+  x "AF_QIPCRTR",       x "AF_SMC"      ,       x "AF_XDP"      , \
+  x "AF_MAX"
 
 static const char *const af_family_key_strings[AF_MAX+1] = {
         _sock_locks("sk_lock-")
@@ -262,7 +263,8 @@ static const char *const af_family_rlock_key_strings[AF_MAX+1] = {
   "rlock-AF_RXRPC" , "rlock-AF_ISDN"     , "rlock-AF_PHONET"   ,
   "rlock-AF_IEEE802154", "rlock-AF_CAIF" , "rlock-AF_ALG"      ,
   "rlock-AF_NFC"   , "rlock-AF_VSOCK"    , "rlock-AF_KCM"      ,
-  "rlock-AF_QIPCRTR", "rlock-AF_SMC"     , "rlock-AF_MAX"
+  "rlock-AF_QIPCRTR", "rlock-AF_SMC"     , "rlock-AF_XDP"      ,
+  "rlock-AF_MAX"
 };
 static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
   "wlock-AF_UNSPEC", "wlock-AF_UNIX"     , "wlock-AF_INET"     ,
@@ -279,7 +281,8 @@ static const char *const af_family_wlock_key_strings[AF_MAX+1] = {
   "wlock-AF_RXRPC" , "wlock-AF_ISDN"     , "wlock-AF_PHONET"   ,
   "wlock-AF_IEEE802154", "wlock-AF_CAIF" , "wlock-AF_ALG"      ,
   "wlock-AF_NFC"   , "wlock-AF_VSOCK"    , "wlock-AF_KCM"      ,
-  "wlock-AF_QIPCRTR", "wlock-AF_SMC"     , "wlock-AF_MAX"
+  "wlock-AF_QIPCRTR", "wlock-AF_SMC"     , "wlock-AF_XDP"      ,
+  "wlock-AF_MAX"
 };
 static const char *const af_family_elock_key_strings[AF_MAX+1] = {
   "elock-AF_UNSPEC", "elock-AF_UNIX"     , "elock-AF_INET"     ,
@@ -296,7 +299,8 @@ static const char *const af_family_elock_key_strings[AF_MAX+1] = {
   "elock-AF_RXRPC" , "elock-AF_ISDN"     , "elock-AF_PHONET"   ,
   "elock-AF_IEEE802154", "elock-AF_CAIF" , "elock-AF_ALG"      ,
   "elock-AF_NFC"   , "elock-AF_VSOCK"    , "elock-AF_KCM"      ,
-  "elock-AF_QIPCRTR", "elock-AF_SMC"     , "elock-AF_MAX"
+  "elock-AF_QIPCRTR", "elock-AF_SMC"     , "elock-AF_XDP"      ,
+  "elock-AF_MAX"
 };
 
 /*
diff --git a/net/xdp/Kconfig b/net/xdp/Kconfig
new file mode 100644
index 000000000000..90e4a7152854
--- /dev/null
+++ b/net/xdp/Kconfig
@@ -0,0 +1,7 @@
+config XDP_SOCKETS
+        bool "XDP sockets"
+        depends on BPF_SYSCALL
+        default n
+        help
+          XDP sockets allows a channel between XDP programs and
+          userspace applications.
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 4cafe6a19167..5c508d26b367 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1471,7 +1471,9 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
                         return SECCLASS_QIPCRTR_SOCKET;
                 case PF_SMC:
                         return SECCLASS_SMC_SOCKET;
-#if PF_MAX > 44
+                case PF_XDP:
+                        return SECCLASS_XDP_SOCKET;
+#if PF_MAX > 45
 #error New address family defined, please update this function.
 #endif
                 }
diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
index 7f0372426494..bd5fe0d3204a 100644
--- a/security/selinux/include/classmap.h
+++ b/security/selinux/include/classmap.h
@@ -240,9 +240,11 @@ struct security_class_mapping secclass_map[] = {
           { "manage_subnet", NULL } },
         { "bpf",
           {"map_create", "map_read", "map_write", "prog_load", "prog_run"} },
+        { "xdp_socket",
+          { COMMON_SOCK_PERMS, NULL } },
         { NULL }
   };
 
-#if PF_MAX > 44
+#if PF_MAX > 45
 #error New address family defined, please update secclass_map.
 #endif