| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180112042917.10348-1-jakub.kicinski@netronome.com>
Date: Thu, 11 Jan 2018 20:29:02 -0800
From: Jakub Kicinski <jakub.kicinski@...ronome.com>
To: alexei.starovoitov@...il.com, daniel@...earbox.net,
davem@...emloft.net
Cc: netdev@...r.kernel.org, oss-drivers@...ronome.com, tehnerd@...com,
Jakub Kicinski <jakub.kicinski@...ronome.com>
Subject: [PATCH bpf-next v2 00/15] bpf: support creating maps on networking devices
Hi!
This set adds support for creating maps on networking devices. BPF is
programs+maps, the pure program offload has been around for quite some
time, this patchset adds the map part of the equation.
Maps are allocated on the target device from the start. There is no
host copy when map is created on the device. Device maps are represented
by struct bpf_offloaded_map, regardless of type. Host programs can't
access such maps, access is only possible from a program also loaded
to the same device and/or via the BPF syscall.
Offloaded programs are currently only allowed to perform lookups,
control plane is responsible for populating the maps.
For brevity only infrastructure and basic NFP patches are included.
Target device reporting, netdevsim and tests will follow up as well as
some further optimizations to the NFP code.
v2:
- leave out the array maps, we will add them trivially later to avoid
merge conflicts with ongoing spectere&meltdown mitigations.
Jakub Kicinski (15):
bpf: add map_alloc_check callback
bpf: hashtab: move attribute validation before allocation
bpf: hashtab: move checks out of alloc function
bpf: add helper for copying attrs to struct bpf_map
bpf: rename bpf_dev_offload -> bpf_prog_offload
bpf: offload: factor out netdev checking at allocation time
bpf: offload: add map offload infrastructure
nfp: bpf: add map data structure
nfp: bpf: add basic control channel communication
nfp: bpf: implement helpers for FW map ops
nfp: bpf: parse function call and map capabilities
nfp: bpf: add helpers for updating immediate instructions
nfp: bpf: add verification and codegen for map lookups
nfp: bpf: add support for reading map memory
nfp: bpf: implement bpf map offload
drivers/net/ethernet/netronome/nfp/Makefile | 1 +
drivers/net/ethernet/netronome/nfp/bpf/cmsg.c | 446 +++++++++++++++++++++
drivers/net/ethernet/netronome/nfp/bpf/fw.h | 103 +++++
drivers/net/ethernet/netronome/nfp/bpf/jit.c | 163 +++++++-
drivers/net/ethernet/netronome/nfp/bpf/main.c | 60 ++-
drivers/net/ethernet/netronome/nfp/bpf/main.h | 95 ++++-
drivers/net/ethernet/netronome/nfp/bpf/offload.c | 106 ++++-
drivers/net/ethernet/netronome/nfp/bpf/verifier.c | 47 +++
drivers/net/ethernet/netronome/nfp/nfp_app.h | 9 +
drivers/net/ethernet/netronome/nfp/nfp_asm.c | 58 +++
drivers/net/ethernet/netronome/nfp/nfp_asm.h | 4 +
drivers/net/ethernet/netronome/nfp/nfp_net.h | 12 +
.../net/ethernet/netronome/nfp/nfp_net_common.c | 7 +
include/linux/bpf.h | 65 ++-
include/linux/netdevice.h | 6 +
include/uapi/linux/bpf.h | 1 +
kernel/bpf/cpumap.c | 8 +-
kernel/bpf/devmap.c | 8 +-
kernel/bpf/hashtab.c | 103 +++--
kernel/bpf/lpm_trie.c | 7 +-
kernel/bpf/offload.c | 224 ++++++++++-
kernel/bpf/sockmap.c | 8 +-
kernel/bpf/stackmap.c | 6 +-
kernel/bpf/syscall.c | 71 +++-
kernel/bpf/verifier.c | 7 +
tools/include/uapi/linux/bpf.h | 1 +
26 files changed, 1506 insertions(+), 120 deletions(-)
create mode 100644 drivers/net/ethernet/netronome/nfp/bpf/cmsg.c
--
2.15.1
Powered by blists - more mailing lists