| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200420200055.49033-17-dsahern@kernel.org>
Date: Mon, 20 Apr 2020 14:00:55 -0600
From: David Ahern <dsahern@...nel.org>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org,
prashantbhole.linux@...il.com, jasowang@...hat.com,
brouer@...hat.com, toke@...hat.com, toshiaki.makita1@...il.com,
daniel@...earbox.net, john.fastabend@...il.com, ast@...nel.org,
kafai@...com, songliubraving@...com, yhs@...com, andriin@...com,
dsahern@...il.com, David Ahern <dahern@...italocean.com>
Subject: [PATCH bpf-next 16/16] samples/bpf: add XDP egress support to xdp1
From: David Ahern <dahern@...italocean.com>
xdp1 and xdp2 now accept -E flag to set XDP program in the egress
path.
Signed-off-by: Prashant Bhole <prashantbhole.linux@...il.com>
Signed-off-by: David Ahern <dahern@...italocean.com>
---
samples/bpf/xdp1_user.c | 39 ++++++++++++++++++++++++++++++++-------
1 file changed, 32 insertions(+), 7 deletions(-)
diff --git a/samples/bpf/xdp1_user.c b/samples/bpf/xdp1_user.c
index c447ad9e3a1d..9f79bd537763 100644
--- a/samples/bpf/xdp1_user.c
+++ b/samples/bpf/xdp1_user.c
@@ -20,22 +20,37 @@
static int ifindex;
static __u32 xdp_flags = XDP_FLAGS_UPDATE_IF_NOEXIST;
+static struct bpf_xdp_set_link_opts opts;
static __u32 prog_id;
static void int_exit(int sig)
{
__u32 curr_prog_id = 0;
+ int rc;
- if (bpf_get_link_xdp_id(ifindex, &curr_prog_id, xdp_flags)) {
- printf("bpf_get_link_xdp_id failed\n");
+ if (opts.egress)
+ rc = bpf_get_link_xdp_egress_id(ifindex, &curr_prog_id, xdp_flags);
+ else
+ rc = bpf_get_link_xdp_id(ifindex, &curr_prog_id, xdp_flags);
+
+ if (rc) {
+ printf("Failed to get existing prog id for device");
exit(1);
}
+
+ if (curr_prog_id)
+ opts.old_fd = bpf_prog_get_fd_by_id(curr_prog_id);
+
if (prog_id == curr_prog_id)
- bpf_set_link_xdp_fd(ifindex, -1, xdp_flags);
+ bpf_set_link_xdp_fd_opts(ifindex, -1, xdp_flags, &opts);
else if (!curr_prog_id)
printf("couldn't find a prog id on a given interface\n");
else
printf("program on interface changed, not removing\n");
+
+ if (opts.old_fd >= 0)
+ close(opts.old_fd);
+
exit(0);
}
@@ -73,7 +88,8 @@ static void usage(const char *prog)
"OPTS:\n"
" -S use skb-mode\n"
" -N enforce native mode\n"
- " -F force loading prog\n",
+ " -F force loading prog\n"
+ " -E egress path program\n",
prog);
}
@@ -83,15 +99,20 @@ int main(int argc, char **argv)
struct bpf_prog_load_attr prog_load_attr = {
.prog_type = BPF_PROG_TYPE_XDP,
};
+ struct bpf_xdp_set_link_opts opts;
struct bpf_prog_info info = {};
__u32 info_len = sizeof(info);
- const char *optstr = "FSN";
+ const char *optstr = "FSNE";
int prog_fd, map_fd, opt;
struct bpf_object *obj;
struct bpf_map *map;
char filename[256];
int err;
+ memset(&opts, 0, sizeof(opts));
+ opts.sz = sizeof(opts);
+ opts.old_fd = -1;
+
while ((opt = getopt(argc, argv, optstr)) != -1) {
switch (opt) {
case 'S':
@@ -103,13 +124,17 @@ int main(int argc, char **argv)
case 'F':
xdp_flags &= ~XDP_FLAGS_UPDATE_IF_NOEXIST;
break;
+ case 'E':
+ opts.egress = true;
+ prog_load_attr.expected_attach_type = BPF_XDP_EGRESS;
+ break;
default:
usage(basename(argv[0]));
return 1;
}
}
- if (!(xdp_flags & XDP_FLAGS_SKB_MODE))
+ if (!(xdp_flags & XDP_FLAGS_SKB_MODE) && !opts.egress)
xdp_flags |= XDP_FLAGS_DRV_MODE;
if (optind == argc) {
@@ -149,7 +174,7 @@ int main(int argc, char **argv)
signal(SIGINT, int_exit);
signal(SIGTERM, int_exit);
- if (bpf_set_link_xdp_fd(ifindex, prog_fd, xdp_flags) < 0) {
+ if (bpf_set_link_xdp_fd_opts(ifindex, prog_fd, xdp_flags, &opts) < 0) {
printf("link set xdp fd failed\n");
return 1;
}
--
2.21.1 (Apple Git-122.3)
Powered by blists - more mailing lists