lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 10 Jul 2016 15:59:00 -0500
From:	Tom Herbert <tom@...bertland.com>
To:	Brenden Blanco <bblanco@...mgrid.com>
Cc:	"David S. Miller" <davem@...emloft.net>,
	Linux Kernel Network Developers <netdev@...r.kernel.org>,
	Martin KaFai Lau <kafai@...com>,
	Jesper Dangaard Brouer <brouer@...hat.com>,
	Ari Saha <as754m@....com>,
	Alexei Starovoitov <alexei.starovoitov@...il.com>,
	Or Gerlitz <gerlitz.or@...il.com>,
	john fastabend <john.fastabend@...il.com>,
	Hannes Frederic Sowa <hannes@...essinduktion.org>,
	Thomas Graf <tgraf@...g.ch>,
	Daniel Borkmann <daniel@...earbox.net>
Subject: Re: [PATCH v6 02/12] net: add ndo to set xdp prog in adapter rx

On Thu, Jul 7, 2016 at 9:15 PM, Brenden Blanco <bblanco@...mgrid.com> wrote:
> Add two new set/check netdev ops for drivers implementing the
> BPF_PROG_TYPE_XDP filter.
>
> Signed-off-by: Brenden Blanco <bblanco@...mgrid.com>
> ---
>  include/linux/netdevice.h | 14 ++++++++++++++
>  net/core/dev.c            | 30 ++++++++++++++++++++++++++++++
>  2 files changed, 44 insertions(+)
>
> diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> index 49736a3..36ae955 100644
> --- a/include/linux/netdevice.h
> +++ b/include/linux/netdevice.h
> @@ -63,6 +63,7 @@ struct wpan_dev;
>  struct mpls_dev;
>  /* UDP Tunnel offloads */
>  struct udp_tunnel_info;
> +struct bpf_prog;
>
>  void netdev_set_default_ethtool_ops(struct net_device *dev,
>                                     const struct ethtool_ops *ops);
> @@ -1087,6 +1088,15 @@ struct tc_to_netdev {
>   *     appropriate rx headroom value allows avoiding skb head copy on
>   *     forward. Setting a negative value resets the rx headroom to the
>   *     default value.
> + * int (*ndo_xdp_set)(struct net_device *dev, struct bpf_prog *prog);
> + *     This function is used to set or clear a bpf program used in the
> + *     earliest stages of packet rx. The prog will have been loaded as
> + *     BPF_PROG_TYPE_XDP. The callee is responsible for calling bpf_prog_put
> + *     on any old progs that are stored, but not on the passed in prog.
> + * bool (*ndo_xdp_attached)(struct net_device *dev);
> + *     This function is used to check if a bpf program is set on the device.
> + *     The callee should return true if a program is currently attached and
> + *     running.
>   *
>   */
>  struct net_device_ops {
> @@ -1271,6 +1281,9 @@ struct net_device_ops {
>                                                        struct sk_buff *skb);
>         void                    (*ndo_set_rx_headroom)(struct net_device *dev,
>                                                        int needed_headroom);
> +       int                     (*ndo_xdp_set)(struct net_device *dev,
> +                                              struct bpf_prog *prog);
> +       bool                    (*ndo_xdp_attached)(struct net_device *dev);

It might nice if everything could be accomplished with with one ndo
function (just too many ndo's flying around). Also, may want to
consider future like maybe we have an XDP function in output path, or
multiple programs pipelined together somehow.

>  };
>
>  /**
> @@ -3257,6 +3270,7 @@ int dev_get_phys_port_id(struct net_device *dev,
>  int dev_get_phys_port_name(struct net_device *dev,
>                            char *name, size_t len);
>  int dev_change_proto_down(struct net_device *dev, bool proto_down);
> +int dev_change_xdp_fd(struct net_device *dev, int fd);
>  struct sk_buff *validate_xmit_skb_list(struct sk_buff *skb, struct net_device *dev);
>  struct sk_buff *dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
>                                     struct netdev_queue *txq, int *ret);
> diff --git a/net/core/dev.c b/net/core/dev.c
> index b92d63b..154b057 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -94,6 +94,7 @@
>  #include <linux/ethtool.h>
>  #include <linux/notifier.h>
>  #include <linux/skbuff.h>
> +#include <linux/bpf.h>
>  #include <net/net_namespace.h>
>  #include <net/sock.h>
>  #include <net/busy_poll.h>
> @@ -6615,6 +6616,35 @@ int dev_change_proto_down(struct net_device *dev, bool proto_down)
>  EXPORT_SYMBOL(dev_change_proto_down);
>
>  /**
> + *     dev_change_xdp_fd - set or clear a bpf program for a device rx path
> + *     @dev: device
> + *     @fd: new program fd or negative value to clear
> + *
> + *     Set or clear a bpf program for a device
> + */
> +int dev_change_xdp_fd(struct net_device *dev, int fd)
> +{
> +       const struct net_device_ops *ops = dev->netdev_ops;
> +       struct bpf_prog *prog = NULL;
> +       int err;
> +
> +       if (!ops->ndo_xdp_set)
> +               return -EOPNOTSUPP;
> +       if (fd >= 0) {
> +               prog = bpf_prog_get_type(fd, BPF_PROG_TYPE_XDP);
> +               if (IS_ERR(prog))
> +                       return PTR_ERR(prog);
> +       }
> +
> +       err = ops->ndo_xdp_set(dev, prog);
> +       if (err < 0 && prog)
> +               bpf_prog_put(prog);
> +
> +       return err;
> +}
> +EXPORT_SYMBOL(dev_change_xdp_fd);
> +
> +/**
>   *     dev_new_index   -       allocate an ifindex
>   *     @net: the applicable net namespace
>   *
> --
> 2.8.2
>

Powered by blists - more mailing lists