| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20191126100914.5150-4-prashantbhole.linux@gmail.com>
Date: Tue, 26 Nov 2019 19:09:14 +0900
From: Prashant Bhole <prashantbhole.linux@...il.com>
To: "Michael S . Tsirkin" <mst@...hat.com>,
Jason Wang <jasowang@...hat.com>, qemu-devel@...gnu.org
Cc: "David S . Miller" <davem@...emloft.net>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Jakub Kicinski <jakub.kicinski@...ronome.com>,
Jesper Dangaard Brouer <hawk@...nel.org>,
John Fastabend <john.fastabend@...il.com>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Andrii Nakryiko <andriin@...com>, netdev@...r.kernel.org,
kvm@...r.kernel.org, Prashant Bhole <prashantbhole.linux@...il.com>
Subject: [RFC 3/3] virtio-net: add support for offloading an ebpf map
From: Jason Wang <jasowang@...hat.com>
This change is a part of XDP offload feature. It handles offloading
of eBPF map from the guest.
A command handler for VIRTIO_NET_CTRL_EBPF now checks for subcommand
VIRTIO_NET_CTRL_EBPF_MAP and. The control buffer consists of struct
virtio_net_ctrl_ebpf_map followed by map key/value or key/key pair.
Map manipulation is done using libbpf APIs.
Signed-off-by: Jason Wang <jasowang@...hat.com>
Co-developed-by: Prashant Bhole <prashantbhole.linux@...il.com>
Signed-off-by: Prashant Bhole <prashantbhole.linux@...il.com>
---
hw/net/Makefile.objs | 2 +
hw/net/virtio-net.c | 88 +++++++++++++++++++++
include/standard-headers/linux/virtio_net.h | 23 ++++++
3 files changed, 113 insertions(+)
diff --git a/hw/net/Makefile.objs b/hw/net/Makefile.objs
index 7907d2c199..5928497a01 100644
--- a/hw/net/Makefile.objs
+++ b/hw/net/Makefile.objs
@@ -52,3 +52,5 @@ common-obj-$(CONFIG_ROCKER) += rocker/rocker.o rocker/rocker_fp.o \
obj-$(call lnot,$(CONFIG_ROCKER)) += rocker/qmp-norocker.o
common-obj-$(CONFIG_CAN_BUS) += can/
+
+virtio-net.o-libs := $(LIBBPF_LIBS)
diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
index 7cc1bd1654..3c49273796 100644
--- a/hw/net/virtio-net.c
+++ b/hw/net/virtio-net.c
@@ -1011,6 +1011,92 @@ static int virtio_net_handle_offloads(VirtIONet *n, uint8_t cmd,
}
}
+static int virtio_net_handle_ebpf_map(VirtIONet *n, struct iovec *iov,
+ unsigned int iov_cnt)
+{
+#ifdef CONFIG_LIBBPF
+ struct virtio_net_ctrl_ebpf_map *ctrl = NULL;
+ struct bpf_create_map_attr map_attr = {};
+ uint8_t *key, *val;
+ uint32_t buf_len;
+ int fd, err = 0;
+ size_t s;
+
+ s = iov_to_buf(iov, iov_cnt, 0, &buf_len, sizeof(buf_len));
+ if (s != sizeof(buf_len)) {
+ goto err;
+ }
+
+ ctrl = malloc(sizeof(*ctrl) + buf_len);
+ if (!ctrl) {
+ goto err;
+ }
+
+ s = iov_to_buf(iov, iov_cnt, 0, ctrl, sizeof(*ctrl) + buf_len);
+ if (s != (sizeof(*ctrl) + buf_len)) {
+ error_report("Invalid map control buffer");
+ goto err;
+ }
+
+ key = ctrl->buf;
+ val = ctrl->buf + ctrl->key_size;
+
+ switch (ctrl->cmd) {
+ case VIRTIO_NET_BPF_CMD_CREATE_MAP:
+ map_attr.map_type = ctrl->map_type;
+ map_attr.map_flags = ctrl->map_flags;
+ map_attr.key_size = ctrl->key_size;
+ map_attr.value_size = ctrl->value_size;
+ map_attr.max_entries = ctrl->max_entries;
+ fd = bpf_create_map_xattr(&map_attr);
+ if (fd < 0) {
+ goto err;
+ }
+ ctrl->map_fd = fd;
+ break;
+ case VIRTIO_NET_BPF_CMD_FREE_MAP:
+ close(ctrl->map_fd);
+ break;
+ case VIRTIO_NET_BPF_CMD_LOOKUP_ELEM:
+ err = bpf_map_lookup_elem(ctrl->map_fd, key, val);
+ break;
+ case VIRTIO_NET_BPF_CMD_GET_FIRST:
+ err = bpf_map_get_next_key(ctrl->map_fd, NULL, val);
+ break;
+ case VIRTIO_NET_BPF_CMD_GET_NEXT:
+ err = bpf_map_get_next_key(ctrl->map_fd, key, val);
+ break;
+ case VIRTIO_NET_BPF_CMD_UPDATE_ELEM:
+ err = bpf_map_update_elem(ctrl->map_fd, key, val, ctrl->flags);
+ break;
+ case VIRTIO_NET_BPF_CMD_DELETE_ELEM:
+ err = bpf_map_delete_elem(ctrl->map_fd, key);
+ default:
+ error_report("map operation not implemented %d", ctrl->cmd);
+ goto err;
+ }
+
+ if (err) {
+ goto err;
+ }
+
+ s = iov_from_buf(iov, iov_cnt, 0, ctrl, sizeof(*ctrl) + buf_len);
+ if (s != sizeof(*ctrl) + buf_len) {
+ error_report("failed to write map operation result");
+ goto err;
+ }
+
+ free(ctrl);
+ return VIRTIO_NET_OK;
+
+err:
+ if (ctrl) {
+ free(ctrl);
+ }
+#endif
+ return VIRTIO_NET_ERR;
+}
+
static int virtio_net_handle_ebpf_prog(VirtIONet *n, struct iovec *iov,
unsigned int iov_cnt)
{
@@ -1053,6 +1139,8 @@ static int virtio_net_handle_ebpf(VirtIONet *n, uint8_t cmd,
{
if (cmd == VIRTIO_NET_CTRL_EBPF_PROG) {
return virtio_net_handle_ebpf_prog(n, iov, iov_cnt);
+ } else if (cmd == VIRTIO_NET_CTRL_EBPF_MAP) {
+ return virtio_net_handle_ebpf_map(n, iov, iov_cnt);
}
return VIRTIO_NET_ERR;
diff --git a/include/standard-headers/linux/virtio_net.h b/include/standard-headers/linux/virtio_net.h
index 83292c81bc..cca234e0e8 100644
--- a/include/standard-headers/linux/virtio_net.h
+++ b/include/standard-headers/linux/virtio_net.h
@@ -281,11 +281,34 @@ struct virtio_net_ctrl_ebpf_prog {
uint8_t insns[0];
};
+struct virtio_net_ctrl_ebpf_map {
+ __virtio32 buf_len;
+ __virtio32 cmd;
+ __virtio32 map_type;
+ __virtio32 key_size;
+ __virtio32 value_size;
+ __virtio32 max_entries;
+ __virtio32 map_flags;
+ __virtio32 map_fd;
+ __virtio64 flags;
+ uint8_t buf[0];
+};
+
#define VIRTIO_NET_CTRL_EBPF 6
#define VIRTIO_NET_CTRL_EBPF_PROG 1
+ #define VIRTIO_NET_CTRL_EBPF_MAP 2
/* Commands for VIRTIO_NET_CTRL_EBPF_PROG */
#define VIRTIO_NET_BPF_CMD_SET_OFFLOAD 1
#define VIRTIO_NET_BPF_CMD_UNSET_OFFLOAD 2
+/* Commands for VIRTIO_NET_CTRL_EBPF_MAP */
+#define VIRTIO_NET_BPF_CMD_CREATE_MAP 1
+#define VIRTIO_NET_BPF_CMD_FREE_MAP 2
+#define VIRTIO_NET_BPF_CMD_UPDATE_ELEM 3
+#define VIRTIO_NET_BPF_CMD_LOOKUP_ELEM 4
+#define VIRTIO_NET_BPF_CMD_DELETE_ELEM 5
+#define VIRTIO_NET_BPF_CMD_GET_FIRST 6
+#define VIRTIO_NET_BPF_CMD_GET_NEXT 7
+
#endif /* _LINUX_VIRTIO_NET_H */
--
2.20.1
Powered by blists - more mailing lists