| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Apr 2020 11:18:01 -0600
From: David Ahern <dsahern@...nel.org>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org,
prashantbhole.linux@...il.com, jasowang@...hat.com,
brouer@...hat.com, toke@...hat.com, toshiaki.makita1@...il.com,
daniel@...earbox.net, john.fastabend@...il.com, ast@...nel.org,
kafai@...com, songliubraving@...com, yhs@...com, andriin@...com,
dsahern@...il.com, David Ahern <dahern@...italocean.com>
Subject: [PATCH RFC-v5 bpf-next 12/12] samples/bpf: add XDP egress support to xdp1
From: David Ahern <dahern@...italocean.com>
xdp1 and xdp2 now accept -E flag to set XDP program in the egress
path.
Signed-off-by: Prashant Bhole <prashantbhole.linux@...il.com>
Signed-off-by: David Ahern <dahern@...italocean.com>
---
samples/bpf/xdp1_user.c | 38 +++++++++++++++++++++++++++++++-------
1 file changed, 31 insertions(+), 7 deletions(-)
diff --git a/samples/bpf/xdp1_user.c b/samples/bpf/xdp1_user.c
index c447ad9e3a1d..1e74020203ca 100644
--- a/samples/bpf/xdp1_user.c
+++ b/samples/bpf/xdp1_user.c
@@ -21,18 +21,32 @@
static int ifindex;
static __u32 xdp_flags = XDP_FLAGS_UPDATE_IF_NOEXIST;
static __u32 prog_id;
+static bool egress;
static void int_exit(int sig)
{
+ struct bpf_xdp_set_link_opts opts = { .sz = sizeof(opts) };
__u32 curr_prog_id = 0;
+ int err, old_fd;
- if (bpf_get_link_xdp_id(ifindex, &curr_prog_id, xdp_flags)) {
+ if (egress)
+ err = bpf_get_link_xdp_egress_id(ifindex, &curr_prog_id,
+ xdp_flags);
+ else
+ err = bpf_get_link_xdp_id(ifindex, &curr_prog_id, xdp_flags);
+ if (err) {
printf("bpf_get_link_xdp_id failed\n");
exit(1);
}
- if (prog_id == curr_prog_id)
- bpf_set_link_xdp_fd(ifindex, -1, xdp_flags);
- else if (!curr_prog_id)
+ if (prog_id == curr_prog_id) {
+ if (egress)
+ opts.egress = 1;
+
+ old_fd = bpf_prog_get_fd_by_id(prog_id);
+ opts.old_fd = old_fd;
+ bpf_set_link_xdp_fd_opts(ifindex, -1, xdp_flags, &opts);
+ close(old_fd);
+ } else if (!curr_prog_id)
printf("couldn't find a prog id on a given interface\n");
else
printf("program on interface changed, not removing\n");
@@ -73,19 +87,21 @@ static void usage(const char *prog)
"OPTS:\n"
" -S use skb-mode\n"
" -N enforce native mode\n"
- " -F force loading prog\n",
+ " -F force loading prog\n"
+ " -E egress path program\n",
prog);
}
int main(int argc, char **argv)
{
+ struct bpf_xdp_set_link_opts opts = { .sz = sizeof(opts) };
struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
struct bpf_prog_load_attr prog_load_attr = {
.prog_type = BPF_PROG_TYPE_XDP,
};
struct bpf_prog_info info = {};
__u32 info_len = sizeof(info);
- const char *optstr = "FSN";
+ const char *optstr = "FSNE";
int prog_fd, map_fd, opt;
struct bpf_object *obj;
struct bpf_map *map;
@@ -103,6 +119,9 @@ int main(int argc, char **argv)
case 'F':
xdp_flags &= ~XDP_FLAGS_UPDATE_IF_NOEXIST;
break;
+ case 'E':
+ egress = true;
+ break;
default:
usage(basename(argv[0]));
return 1;
@@ -130,6 +149,10 @@ int main(int argc, char **argv)
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
prog_load_attr.file = filename;
+ if (egress) {
+ opts.egress = 1;
+ prog_load_attr.expected_attach_type = BPF_XDP_EGRESS;
+ }
if (bpf_prog_load_xattr(&prog_load_attr, &obj, &prog_fd))
return 1;
@@ -149,7 +172,8 @@ int main(int argc, char **argv)
signal(SIGINT, int_exit);
signal(SIGTERM, int_exit);
- if (bpf_set_link_xdp_fd(ifindex, prog_fd, xdp_flags) < 0) {
+ err = bpf_set_link_xdp_fd_opts(ifindex, prog_fd, xdp_flags, &opts);
+ if (err < 0) {
printf("link set xdp fd failed\n");
return 1;
}
--
2.21.1 (Apple Git-122.3)
Powered by blists - more mailing lists