| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAG4SDVVe5s-MZJDQjMGS9_QkTnSsaP7MRuxXs-AHp8bA6sSiPA@mail.gmail.com>
Date: Thu, 25 Jul 2019 10:05:12 -0700
From: Petar Penkov <ppenkov@...gle.com>
To: Stanislav Fomichev <sdf@...gle.com>
Cc: Networking <netdev@...r.kernel.org>, bpf@...r.kernel.org,
"David S . Miller" <davem@...emloft.net>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Song Liu <songliubraving@...com>,
Willem de Bruijn <willemb@...gle.com>
Subject: Re: [PATCH bpf-next v2 0/7] bpf/flow_dissector: support input flags
Thanks! For the series:
Acked-by: Petar Penkov <ppenkov@...gle.com>
On Thu, Jul 25, 2019 at 8:33 AM Stanislav Fomichev <sdf@...gle.com> wrote:
>
> C flow dissector supports input flags that tell it to customize parsing
> by either stopping early or trying to parse as deep as possible.
> BPF flow dissector always parses as deep as possible which is sub-optimal.
> Pass input flags to the BPF flow dissector as well so it can make the same
> decisions.
>
> Series outline:
> * remove unused FLOW_DISSECTOR_F_STOP_AT_L3 flag
> * export FLOW_DISSECTOR_F_XXX flags as uapi and pass them to BPF
> flow dissector
> * add documentation for the export flags
> * support input flags in BPF_PROG_TEST_RUN via ctx_{in,out}
> * sync uapi to tools
> * support FLOW_DISSECTOR_F_PARSE_1ST_FRAG in selftest
> * support FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL in kernel and selftest
> * support FLOW_DISSECTOR_F_STOP_AT_ENCAP in selftest
>
> Pros:
> * makes BPF flow dissector faster by avoiding burning extra cycles
> * existing BPF progs continue to work by ignoring the flags and always
> parsing as deep as possible
>
> Cons:
> * new UAPI which we need to support (OTOH, if we need to deprecate some
> flags, we can just stop setting them upon calling BPF programs)
>
> Some numbers (with .repeat = 4000000 in test_flow_dissector):
> test_flow_dissector:PASS:ipv4-frag 35 nsec
> test_flow_dissector:PASS:ipv4-frag 35 nsec
> test_flow_dissector:PASS:ipv4-no-frag 32 nsec
> test_flow_dissector:PASS:ipv4-no-frag 32 nsec
>
> test_flow_dissector:PASS:ipv6-frag 39 nsec
> test_flow_dissector:PASS:ipv6-frag 39 nsec
> test_flow_dissector:PASS:ipv6-no-frag 36 nsec
> test_flow_dissector:PASS:ipv6-no-frag 36 nsec
>
> test_flow_dissector:PASS:ipv6-flow-label 36 nsec
> test_flow_dissector:PASS:ipv6-flow-label 36 nsec
> test_flow_dissector:PASS:ipv6-no-flow-label 33 nsec
> test_flow_dissector:PASS:ipv6-no-flow-label 33 nsec
>
> test_flow_dissector:PASS:ipip-encap 38 nsec
> test_flow_dissector:PASS:ipip-encap 38 nsec
> test_flow_dissector:PASS:ipip-no-encap 32 nsec
> test_flow_dissector:PASS:ipip-no-encap 32 nsec
>
> The improvement is around 10%, but it's in a tight cache-hot
> BPF_PROG_TEST_RUN loop.
>
> Cc: Song Liu <songliubraving@...com>
> Cc: Willem de Bruijn <willemb@...gle.com>
> Cc: Petar Penkov <ppenkov@...gle.com>
>
> Stanislav Fomichev (7):
> bpf/flow_dissector: pass input flags to BPF flow dissector program
> bpf/flow_dissector: document flags
> bpf/flow_dissector: support flags in BPF_PROG_TEST_RUN
> tools/bpf: sync bpf_flow_keys flags
> selftests/bpf: support FLOW_DISSECTOR_F_PARSE_1ST_FRAG
> bpf/flow_dissector: support ipv6 flow_label and
> FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL
> selftests/bpf: support FLOW_DISSECTOR_F_STOP_AT_ENCAP
>
> Documentation/bpf/prog_flow_dissector.rst | 18 ++
> include/linux/skbuff.h | 2 +-
> include/net/flow_dissector.h | 4 -
> include/uapi/linux/bpf.h | 6 +
> net/bpf/test_run.c | 39 ++-
> net/core/flow_dissector.c | 14 +-
> tools/include/uapi/linux/bpf.h | 6 +
> .../selftests/bpf/prog_tests/flow_dissector.c | 242 +++++++++++++++++-
> tools/testing/selftests/bpf/progs/bpf_flow.c | 46 +++-
> 9 files changed, 359 insertions(+), 18 deletions(-)
>
> --
> 2.22.0.657.g960e92d24f-goog
Powered by blists - more mailing lists