lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 21 Feb 2019 13:59:07 +0800
From:   Ye Xiaolong <xiaolong.ye@...el.com>
To:     Magnus Karlsson <magnus.karlsson@...el.com>
Cc:     bjorn.topel@...el.com, ast@...nel.org, daniel@...earbox.net,
        netdev@...r.kernel.org, jakub.kicinski@...ronome.com,
        bjorn.topel@...il.com, qi.z.zhang@...el.com, brouer@...hat.com
Subject: Re: [PATCH bpf-next v5 1/3] libbpf: add support for using AF_XDP
 sockets

Hi Magnus

On 02/19, Magnus Karlsson wrote:
[snip]
>+static int xsk_setup_xdp_prog(struct xsk_socket *xsk)
>+{
>+	bool prog_attached = false;
>+	__u32 prog_id = 0;
>+	int err;
>+
>+	err = bpf_get_link_xdp_id(xsk->ifindex, &prog_id,
>+				  xsk->config.xdp_flags);
>+	if (err)
>+		return err;
>+
>+	if (!prog_id) {
>+		prog_attached = true;
>+		err = xsk_create_bpf_maps(xsk);
>+		if (err)
>+			return err;
>+
>+		err = xsk_load_xdp_prog(xsk);
>+		if (err)
>+			goto out_maps;
>+	} else {
>+		xsk->fd = bpf_prog_get_fd_by_id(prog_id);

I suppose it should be 

		xsk->prog_fd = bpf_prog_get_fd_by_id(prog_id);

>+	}
>+
>+	err = xsk_update_bpf_maps(xsk, true, xsk->fd);
>+	if (err)
>+		goto out_load;
>+
>+	return 0;
>+
>+out_load:
>+	if (prog_attached)
>+		close(xsk->prog_fd);
>+out_maps:
>+	if (prog_attached)
>+		xsk_delete_bpf_maps(xsk);
>+	return err;
>+}
>+
>+int xsk_socket__create(struct xsk_socket **xsk_ptr, const char *ifname,
>+		       __u32 queue_id, struct xsk_umem *umem,
>+		       struct xsk_ring_cons *rx, struct xsk_ring_prod *tx,
>+		       const struct xsk_socket_config *usr_config)
>+{
>+	struct sockaddr_xdp sxdp = {};
>+	struct xdp_mmap_offsets off;
>+	struct xsk_socket *xsk;
>+	socklen_t optlen;
>+	void *map;
>+	int err;
>+
>+	if (!umem || !xsk_ptr || !rx || !tx)
>+		return -EFAULT;
>+
>+	if (umem->refcount) {
>+		pr_warning("Error: shared umems not supported by libbpf.\n");
>+		return -EBUSY;
>+	}
>+
>+	xsk = calloc(1, sizeof(*xsk));
>+	if (!xsk)
>+		return -ENOMEM;
>+
>+	if (umem->refcount++ > 0) {
>+		xsk->fd = socket(AF_XDP, SOCK_RAW, 0);
>+		if (xsk->fd < 0) {
>+			err = -errno;
>+			goto out_xsk_alloc;
>+		}
>+	} else {
>+		xsk->fd = umem->fd;
>+	}
>+
>+	xsk->outstanding_tx = 0;
>+	xsk->queue_id = queue_id;
>+	xsk->umem = umem;
>+	xsk->ifindex = if_nametoindex(ifname);
>+	if (!xsk->ifindex) {
>+		err = -errno;
>+		goto out_socket;
>+	}
>+	strncpy(xsk->ifname, ifname, IFNAMSIZ);
>+
>+	xsk_set_xdp_socket_config(&xsk->config, usr_config);
>+
>+	if (rx) {
>+		err = setsockopt(xsk->fd, SOL_XDP, XDP_RX_RING,
>+				 &xsk->config.rx_size,
>+				 sizeof(xsk->config.rx_size));
>+		if (err) {
>+			err = -errno;
>+			goto out_socket;
>+		}
>+	}
>+	if (tx) {
>+		err = setsockopt(xsk->fd, SOL_XDP, XDP_TX_RING,
>+				 &xsk->config.tx_size,
>+				 sizeof(xsk->config.tx_size));
>+		if (err) {
>+			err = -errno;
>+			goto out_socket;
>+		}
>+	}
>+
>+	optlen = sizeof(off);
>+	err = getsockopt(xsk->fd, SOL_XDP, XDP_MMAP_OFFSETS, &off, &optlen);
>+	if (err) {
>+		err = -errno;
>+		goto out_socket;
>+	}
>+
>+	if (rx) {
>+		map = xsk_mmap(NULL, off.rx.desc +
>+			       xsk->config.rx_size * sizeof(struct xdp_desc),
>+			       PROT_READ | PROT_WRITE,
>+			       MAP_SHARED | MAP_POPULATE,
>+			       xsk->fd, XDP_PGOFF_RX_RING);
>+		if (map == MAP_FAILED) {
>+			err = -errno;
>+			goto out_socket;
>+		}
>+
>+		rx->mask = xsk->config.rx_size - 1;
>+		rx->size = xsk->config.rx_size;
>+		rx->producer = map + off.rx.producer;
>+		rx->consumer = map + off.rx.consumer;
>+		rx->ring = map + off.rx.desc;
>+	}
>+	xsk->rx = rx;
>+
>+	if (tx) {
>+		map = xsk_mmap(NULL, off.tx.desc +
>+			       xsk->config.tx_size * sizeof(struct xdp_desc),
>+			       PROT_READ | PROT_WRITE,
>+			       MAP_SHARED | MAP_POPULATE,
>+			       xsk->fd, XDP_PGOFF_TX_RING);
>+		if (map == MAP_FAILED) {
>+			err = -errno;
>+			goto out_mmap_rx;
>+		}
>+
>+		tx->mask = xsk->config.tx_size - 1;
>+		tx->size = xsk->config.tx_size;
>+		tx->producer = map + off.tx.producer;
>+		tx->consumer = map + off.tx.consumer;
>+		tx->ring = map + off.tx.desc;
>+		tx->cached_cons = xsk->config.tx_size;
>+	}
>+	xsk->tx = tx;
>+
>+	sxdp.sxdp_family = PF_XDP;
>+	sxdp.sxdp_ifindex = xsk->ifindex;
>+	sxdp.sxdp_queue_id = xsk->queue_id;
>+	sxdp.sxdp_flags = xsk->config.bind_flags;
>+
>+	err = bind(xsk->fd, (struct sockaddr *)&sxdp, sizeof(sxdp));
>+	if (err) {
>+		err = -errno;
>+		goto out_mmap_tx;
>+	}
>+
>+	if (!(xsk->config.libbpf_flags & XSK_LIBBPF_FLAGS__INHIBIT_PROG_LOAD)) {
>+		err = xsk_setup_xdp_prog(xsk);
>+		if (err)
>+			goto out_mmap_tx;
>+	}
>+
>+	*xsk_ptr = xsk;
>+	return 0;
>+
>+out_mmap_tx:
>+	if (tx)
>+		munmap(xsk->tx,
>+		       off.tx.desc +
>+		       xsk->config.tx_size * sizeof(struct xdp_desc));
>+out_mmap_rx:
>+	if (rx)
>+		munmap(xsk->rx,
>+		       off.rx.desc +
>+		       xsk->config.rx_size * sizeof(struct xdp_desc));
>+out_socket:
>+	if (--umem->refcount)
>+		close(xsk->fd);
>+out_xsk_alloc:
>+	free(xsk);
>+	return err;
>+}
>+
>+int xsk_umem__delete(struct xsk_umem *umem)
>+{
>+	struct xdp_mmap_offsets off;
>+	socklen_t optlen;
>+	int err;
>+
>+	if (!umem)
>+		return 0;
>+
>+	if (umem->refcount)
>+		return -EBUSY;
>+
>+	optlen = sizeof(off);
>+	err = getsockopt(umem->fd, SOL_XDP, XDP_MMAP_OFFSETS, &off, &optlen);
>+	if (!err) {
>+		munmap(umem->fill->ring,
>+		       off.fr.desc + umem->config.fill_size * sizeof(__u64));
>+		munmap(umem->comp->ring,
>+		       off.cr.desc + umem->config.comp_size * sizeof(__u64));
>+	}
>+
>+	close(umem->fd);
>+	free(umem);
>+
>+	return 0;
>+}
>+
>+void xsk_socket__delete(struct xsk_socket *xsk)
>+{
>+	struct xdp_mmap_offsets off;
>+	socklen_t optlen;
>+	int err;
>+
>+	if (!xsk)
>+		return;
>+
>+	(void)xsk_update_bpf_maps(xsk, 0, 0);
>+
>+	optlen = sizeof(off);
>+	err = getsockopt(xsk->fd, SOL_XDP, XDP_MMAP_OFFSETS, &off, &optlen);
>+	if (!err) {
>+		if (xsk->rx)
>+			munmap(xsk->rx->ring,
>+			       off.rx.desc +
>+			       xsk->config.rx_size * sizeof(struct xdp_desc));
>+		if (xsk->tx)
>+			munmap(xsk->tx->ring,
>+			       off.tx.desc +
>+			       xsk->config.tx_size * sizeof(struct xdp_desc));
>+	}
>+
>+	xsk->umem->refcount--;
>+	/* Do not close an fd that also has an associated umem connected
>+	 * to it.
>+	 */
>+	if (xsk->fd != xsk->umem->fd)
>+		close(xsk->fd);
>+	free(xsk);
>+}
>diff --git a/tools/lib/bpf/xsk.h b/tools/lib/bpf/xsk.h
>new file mode 100644
>index 0000000..a497f00
>--- /dev/null
>+++ b/tools/lib/bpf/xsk.h
>@@ -0,0 +1,203 @@
>+/* SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) */
>+
>+/*
>+ * AF_XDP user-space access library.
>+ *
>+ * Copyright(c) 2018 - 2019 Intel Corporation.
>+ *
>+ * Author(s): Magnus Karlsson <magnus.karlsson@...el.com>
>+ */
>+
>+#ifndef __LIBBPF_XSK_H
>+#define __LIBBPF_XSK_H
>+
>+#include <stdio.h>
>+#include <stdint.h>
>+#include <linux/if_xdp.h>
>+
>+#include "libbpf.h"
>+
>+#ifdef __cplusplus
>+extern "C" {
>+#endif
>+
>+/* Do not access these members directly. Use the functions below. */
>+#define DEFINE_XSK_RING(name) \
>+struct name { \
>+	__u32 cached_prod; \
>+	__u32 cached_cons; \
>+	__u32 mask; \
>+	__u32 size; \
>+	__u32 *producer; \
>+	__u32 *consumer; \
>+	void *ring; \
>+}
>+
>+DEFINE_XSK_RING(xsk_ring_prod);
>+DEFINE_XSK_RING(xsk_ring_cons);
>+
>+struct xsk_umem;
>+struct xsk_socket;
>+
>+static inline __u64 *xsk_ring_prod__fill_addr(struct xsk_ring_prod *fill,
>+					      __u32 idx)
>+{
>+	__u64 *addrs = (__u64 *)fill->ring;
>+
>+	return &addrs[idx & fill->mask];
>+}
>+
>+static inline const __u64 *
>+xsk_ring_cons__comp_addr(const struct xsk_ring_cons *comp, __u32 idx)
>+{
>+	const __u64 *addrs = (const __u64 *)comp->ring;
>+
>+	return &addrs[idx & comp->mask];
>+}
>+
>+static inline struct xdp_desc *xsk_ring_prod__tx_desc(struct xsk_ring_prod *tx,
>+						      __u32 idx)
>+{
>+	struct xdp_desc *descs = (struct xdp_desc *)tx->ring;
>+
>+	return &descs[idx & tx->mask];
>+}
>+
>+static inline const struct xdp_desc *
>+xsk_ring_cons__rx_desc(const struct xsk_ring_cons *rx, __u32 idx)
>+{
>+	const struct xdp_desc *descs = (const struct xdp_desc *)rx->ring;
>+
>+	return &descs[idx & rx->mask];
>+}
>+
>+static inline __u32 xsk_prod_nb_free(struct xsk_ring_prod *r, __u32 nb)
>+{
>+	__u32 free_entries = r->cached_cons - r->cached_prod;
>+
>+	if (free_entries >= nb)
>+		return free_entries;
>+
>+	/* Refresh the local tail pointer.
>+	 * cached_cons is r->size bigger than the real consumer pointer so
>+	 * that this addition can be avoided in the more frequently
>+	 * executed code that computs free_entries in the beginning of
>+	 * this function. Without this optimization it whould have been
>+	 * free_entries = r->cached_prod - r->cached_cons + r->size.
>+	 */
>+	r->cached_cons = *r->consumer + r->size;
>+
>+	return r->cached_cons - r->cached_prod;
>+}
>+
>+static inline __u32 xsk_cons_nb_avail(struct xsk_ring_cons *r, __u32 nb)
>+{
>+	__u32 entries = r->cached_prod - r->cached_cons;
>+
>+	if (entries == 0) {
>+		r->cached_prod = *r->producer;
>+		entries = r->cached_prod - r->cached_cons;
>+	}
>+
>+	return (entries > nb) ? nb : entries;
>+}
>+
>+static inline size_t xsk_ring_prod__reserve(struct xsk_ring_prod *prod,
>+					    size_t nb, __u32 *idx)
>+{
>+	if (unlikely(xsk_prod_nb_free(prod, nb) < nb))
>+		return 0;
>+
>+	*idx = prod->cached_prod;
>+	prod->cached_prod += nb;
>+
>+	return nb;
>+}
>+
>+static inline void xsk_ring_prod__submit(struct xsk_ring_prod *prod, size_t nb)
>+{
>+	/* Make sure everything has been written to the ring before signalling
>+	 * this to the kernel.
>+	 */
>+	smp_wmb();
>+
>+	*prod->producer += nb;
>+}
>+
>+static inline size_t xsk_ring_cons__peek(struct xsk_ring_cons *cons,
>+					 size_t nb, __u32 *idx)
>+{
>+	size_t entries = xsk_cons_nb_avail(cons, nb);
>+
>+	if (likely(entries > 0)) {
>+		/* Make sure we do not speculatively read the data before
>+		 * we have received the packet buffers from the ring.
>+		 */
>+		smp_rmb();
>+
>+		*idx = cons->cached_cons;
>+		cons->cached_cons += entries;
>+	}
>+
>+	return entries;
>+}
>+
>+static inline void xsk_ring_cons__release(struct xsk_ring_cons *cons, size_t nb)
>+{
>+	*cons->consumer += nb;
>+}
>+
>+static inline void *xsk_umem__get_data(void *umem_area, __u64 addr)
>+{
>+	return &((char *)umem_area)[addr];
>+}
>+
>+LIBBPF_API int xsk_umem__fd(const struct xsk_umem *umem);
>+LIBBPF_API int xsk_socket__fd(const struct xsk_socket *xsk);
>+
>+#define XSK_RING_CONS__DEFAULT_NUM_DESCS      2048
>+#define XSK_RING_PROD__DEFAULT_NUM_DESCS      2048
>+#define XSK_UMEM__DEFAULT_FRAME_SHIFT    11 /* 2048 bytes */
>+#define XSK_UMEM__DEFAULT_FRAME_SIZE     (1 << XSK_UMEM__DEFAULT_FRAME_SHIFT)
>+#define XSK_UMEM__DEFAULT_FRAME_HEADROOM 0
>+
>+struct xsk_umem_config {
>+	__u32 fill_size;
>+	__u32 comp_size;
>+	__u32 frame_size;
>+	__u32 frame_headroom;
>+};
>+
>+/* Flags for the libbpf_flags field. */
>+#define XSK_LIBBPF_FLAGS__INHIBIT_PROG_LOAD (1 << 0)
>+
>+struct xsk_socket_config {
>+	__u32 rx_size;
>+	__u32 tx_size;
>+	__u32 libbpf_flags;
>+	__u32 xdp_flags;
>+	__u16 bind_flags;
>+};
>+
>+/* Set config to NULL to get the default configuration. */
>+LIBBPF_API int xsk_umem__create(struct xsk_umem **umem,
>+				void *umem_area, __u64 size,
>+				struct xsk_ring_prod *fill,
>+				struct xsk_ring_cons *comp,
>+				const struct xsk_umem_config *config);
>+LIBBPF_API int xsk_socket__create(struct xsk_socket **xsk,
>+				  const char *ifname, __u32 queue_id,
>+				  struct xsk_umem *umem,
>+				  struct xsk_ring_cons *rx,
>+				  struct xsk_ring_prod *tx,
>+				  const struct xsk_socket_config *config);
>+
>+/* Returns 0 for success and -EBUSY if the umem is still in use. */
>+LIBBPF_API int xsk_umem__delete(struct xsk_umem *umem);
>+LIBBPF_API void xsk_socket__delete(struct xsk_socket *xsk);
>+
>+#ifdef __cplusplus
>+} /* extern "C" */
>+#endif
>+
>+#endif /* __LIBBPF_XSK_H */
>-- 
>2.7.4
>

Powered by blists - more mailing lists