lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 22 Mar 2019 11:14:51 -0400
From:   Willem de Bruijn <willemdebruijn.kernel@...il.com>
To:     netdev@...r.kernel.org
Cc:     ast@...nel.org, daniel@...earbox.net, alan.maguire@...cle.com,
        Willem de Bruijn <willemb@...gle.com>
Subject: [PATCH bpf-next v2 00/13] bpf tc tunneling

From: Willem de Bruijn <willemb@...gle.com>

BPF allows for dynamic tunneling, choosing the tunnel destination and
features on-demand. Extend bpf_skb_adjust_room to allow for efficient
tunneling at the TC hooks.

Most features are required for large packets with GSO, as these will
be modified after this patch.

Patch 1
  is a performance optimization, avoiding an unnecessary unclone
  for the TCP hot path.

Patches 2..6
  introduce a regression test. These can be squashed, but the code is
  arguably more readable when gradually expanding the feature set.

Patch 7
  is a performance optimization, avoid copying network headers
  that are going to be overwritten. This also simplifies the bpf
  program.

Patch 8
  reenables bpf_skb_adjust_room for UDP packets.

Patch 9
  configures skb tunneling metadata analogous to tunnel devices.

Patches 10..13
  expand the regression test to make use of the new features and
  enable the GSO testcases.

Changes v1->v2
  - move BPF_F_ADJ_ROOM_MASK out of uapi as it can be expanded
  - document new flags
  - in tests replace netcat -q flag with coreutils timeout:
      the -q flag is not supported in all netcat versions

Willem de Bruijn (13):
  bpf: in bpf_skb_adjust_room avoid copy in tx fast path
  selftests/bpf: bpf tunnel encap test
  selftests/bpf: expand bpf tunnel test with decap
  selftests/bpf: expand bpf tunnel test to ipv6
  selftests/bpf: extend bpf tunnel test with gre
  selftests/bpf: extend bpf tunnel test with tso
  bpf: add bpf_skb_adjust_room mode BPF_ADJ_ROOM_MAC
  bpf: add bpf_skb_adjust_room flag BPF_F_ADJ_ROOM_FIXED_GSO
  bpf: add bpf_skb_adjust_room encap flags
  bpf: Sync bpf.h to tools
  selftests/bpf: convert bpf tunnel test to BPF_ADJ_ROOM_MAC
  selftests/bpf: convert bpf tunnel test to BPF_F_ADJ_ROOM_FIXED_GSO
  selftests/bpf: convert bpf tunnel test to encap modes

 include/uapi/linux/bpf.h                      |  32 ++-
 net/core/filter.c                             | 129 +++++++--
 tools/include/uapi/linux/bpf.h                |  32 ++-
 tools/testing/selftests/bpf/Makefile          |   3 +-
 tools/testing/selftests/bpf/config            |   2 +
 .../selftests/bpf/progs/test_tc_tunnel.c      | 261 ++++++++++++++++++
 tools/testing/selftests/bpf/test_tc_tunnel.sh | 178 ++++++++++++
 7 files changed, 601 insertions(+), 36 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/progs/test_tc_tunnel.c
 create mode 100755 tools/testing/selftests/bpf/test_tc_tunnel.sh

-- 
2.21.0.392.gf8f6787159e-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ