| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87368pyna9.fsf@toke.dk>
Date: Mon, 27 Apr 2020 17:13:34 +0200
From: Toke Høiland-Jørgensen <toke@...hat.com>
To: David Ahern <dsahern@...nel.org>, netdev@...r.kernel.org
Cc: davem@...emloft.net, kuba@...nel.org,
prashantbhole.linux@...il.com, jasowang@...hat.com,
brouer@...hat.com, toshiaki.makita1@...il.com,
daniel@...earbox.net, john.fastabend@...il.com, ast@...nel.org,
kafai@...com, songliubraving@...com, yhs@...com, andriin@...com,
dsahern@...il.com, David Ahern <dahern@...italocean.com>
Subject: Re: [PATCH v3 bpf-next 12/15] bpftool: Add support for XDP egress
David Ahern <dsahern@...nel.org> writes:
> From: David Ahern <dahern@...italocean.com>
>
> Add xdp_egress as a program type since it requires a new attach
> type. This follows suit with other program type + attach type
> combintations and leverages the SEC name in libbpf.
>
> Add NET_ATTACH_TYPE_XDP_EGRESS and update attach_type_strings to
> allow a user to specify 'xdp_egress' as the attach or detach point.
>
> Update do_attach_detach_xdp to set XDP_FLAGS_EGRESS_MODE if egress
> is selected.
>
> Update do_xdp_dump_one to show egress program ids.
>
> Update the documentation and help output.
>
> Signed-off-by: David Ahern <dahern@...italocean.com>
> ---
> tools/bpf/bpftool/Documentation/bpftool-net.rst | 4 +++-
> tools/bpf/bpftool/Documentation/bpftool-prog.rst | 2 +-
> tools/bpf/bpftool/bash-completion/bpftool | 4 ++--
> tools/bpf/bpftool/net.c | 6 +++++-
> tools/bpf/bpftool/netlink_dumper.c | 5 +++++
> tools/bpf/bpftool/prog.c | 2 +-
> 6 files changed, 17 insertions(+), 6 deletions(-)
>
> diff --git a/tools/bpf/bpftool/Documentation/bpftool-net.rst b/tools/bpf/bpftool/Documentation/bpftool-net.rst
> index 8651b00b81ea..d7398fb00ec4 100644
> --- a/tools/bpf/bpftool/Documentation/bpftool-net.rst
> +++ b/tools/bpf/bpftool/Documentation/bpftool-net.rst
> @@ -26,7 +26,8 @@ NET COMMANDS
> | **bpftool** **net help**
> |
> | *PROG* := { **id** *PROG_ID* | **pinned** *FILE* | **tag** *PROG_TAG* }
> -| *ATTACH_TYPE* := { **xdp** | **xdpgeneric** | **xdpdrv** | **xdpoffload** }
> +| *ATTACH_TYPE* :=
> +| { **xdp** | **xdpgeneric** | **xdpdrv** | **xdpoffload** | **xdp_egress** }
>
> DESCRIPTION
> ===========
> @@ -63,6 +64,7 @@ DESCRIPTION
> **xdpgeneric** - Generic XDP. runs at generic XDP hook when packet already enters receive path as skb;
> **xdpdrv** - Native XDP. runs earliest point in driver's receive path;
> **xdpoffload** - Offload XDP. runs directly on NIC on each packet reception;
> + **xdp_egress** - XDP in egress path. runs at core networking level;
>
> **bpftool** **net detach** *ATTACH_TYPE* **dev** *NAME*
> Detach bpf program attached to network interface *NAME* with
> diff --git a/tools/bpf/bpftool/Documentation/bpftool-prog.rst b/tools/bpf/bpftool/Documentation/bpftool-prog.rst
> index 9f19404f470e..ab0a8846a8e3 100644
> --- a/tools/bpf/bpftool/Documentation/bpftool-prog.rst
> +++ b/tools/bpf/bpftool/Documentation/bpftool-prog.rst
> @@ -44,7 +44,7 @@ PROG COMMANDS
> | **cgroup/connect4** | **cgroup/connect6** | **cgroup/sendmsg4** | **cgroup/sendmsg6** |
> | **cgroup/recvmsg4** | **cgroup/recvmsg6** | **cgroup/sysctl** |
> | **cgroup/getsockopt** | **cgroup/setsockopt** |
> -| **struct_ops** | **fentry** | **fexit** | **freplace**
> +| **struct_ops** | **fentry** | **fexit** | **freplace** | **xdp_egress**
> | }
> | *ATTACH_TYPE* := {
> | **msg_verdict** | **stream_verdict** | **stream_parser** | **flow_dissector**
> diff --git a/tools/bpf/bpftool/bash-completion/bpftool b/tools/bpf/bpftool/bash-completion/bpftool
> index 45ee99b159e2..ab20696c20c6 100644
> --- a/tools/bpf/bpftool/bash-completion/bpftool
> +++ b/tools/bpf/bpftool/bash-completion/bpftool
> @@ -471,7 +471,7 @@ _bpftool()
> cgroup/post_bind4 cgroup/post_bind6 \
> cgroup/sysctl cgroup/getsockopt \
> cgroup/setsockopt struct_ops \
> - fentry fexit freplace" -- \
> + fentry fexit freplace xdp_egress" -- \
> "$cur" ) )
> return 0
> ;;
> @@ -1003,7 +1003,7 @@ _bpftool()
> ;;
> net)
> local PROG_TYPE='id pinned tag name'
> - local ATTACH_TYPES='xdp xdpgeneric xdpdrv xdpoffload'
> + local ATTACH_TYPES='xdp xdpgeneric xdpdrv xdpoffload xdp_egress'
> case $command in
> show|list)
> [[ $prev != "$command" ]] && return 0
> diff --git a/tools/bpf/bpftool/net.c b/tools/bpf/bpftool/net.c
> index c5e3895b7c8b..dbace14e5484 100644
> --- a/tools/bpf/bpftool/net.c
> +++ b/tools/bpf/bpftool/net.c
> @@ -61,6 +61,7 @@ enum net_attach_type {
> NET_ATTACH_TYPE_XDP_GENERIC,
> NET_ATTACH_TYPE_XDP_DRIVER,
> NET_ATTACH_TYPE_XDP_OFFLOAD,
> + NET_ATTACH_TYPE_XDP_EGRESS,
> };
>
> static const char * const attach_type_strings[] = {
> @@ -68,6 +69,7 @@ static const char * const attach_type_strings[] = {
> [NET_ATTACH_TYPE_XDP_GENERIC] = "xdpgeneric",
> [NET_ATTACH_TYPE_XDP_DRIVER] = "xdpdrv",
> [NET_ATTACH_TYPE_XDP_OFFLOAD] = "xdpoffload",
> + [NET_ATTACH_TYPE_XDP_EGRESS] = "xdp_egress",
> };
>
> const size_t net_attach_type_size = ARRAY_SIZE(attach_type_strings);
> @@ -286,6 +288,8 @@ static int do_attach_detach_xdp(int progfd, enum net_attach_type attach_type,
> flags |= XDP_FLAGS_DRV_MODE;
> if (attach_type == NET_ATTACH_TYPE_XDP_OFFLOAD)
> flags |= XDP_FLAGS_HW_MODE;
> + if (attach_type == NET_ATTACH_TYPE_XDP_EGRESS)
> + flags |= XDP_FLAGS_EGRESS_MODE;
>
> return bpf_set_link_xdp_fd(ifindex, progfd, flags);
> }
> @@ -464,7 +468,7 @@ static int do_help(int argc, char **argv)
> " %s %s help\n"
> "\n"
> " " HELP_SPEC_PROGRAM "\n"
> - " ATTACH_TYPE := { xdp | xdpgeneric | xdpdrv | xdpoffload }\n"
> + " ATTACH_TYPE := { xdp | xdpgeneric | xdpdrv | xdpoffload | xdp_egress}\n"
Nit: Missing space before }
Powered by blists - more mailing lists