lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <57923a5a17573e7939a78a55ba5b6dd28ad1862f.1588064112.git.dcaratti@redhat.com>
Date:   Tue, 28 Apr 2020 11:00:07 +0200
From:   Davide Caratti <dcaratti@...hat.com>
To:     David Ahern <dsahern@...il.com>
Cc:     Jamal Hadi Salim <jhs@...atatu.com>,
        Andrea Claudi <aclaudi@...hat.com>, netdev@...r.kernel.org
Subject: [PATCH iproute2-next] tc: full JSON support for 'bpf' filter

example using eBPF:

 # tc filter add dev dummy0 ingress bpf \
 > direct-action obj ./bpf/filter.o sec tc-ingress
 # tc  -j filter show dev dummy0 ingress | jq
 [
   {
     "protocol": "all",
     "pref": 49152,
     "kind": "bpf",
     "chain": 0
   },
   {
     "protocol": "all",
     "pref": 49152,
     "kind": "bpf",
     "chain": 0,
     "options": {
       "handle": "1",
       "bpf_name": "filter.o:[tc-ingress]",
       "direct-action": true,
       "not_in_hw": true,
       "prog": {
         "id": 101,
         "tag": "a04f5eef06a7f555",
         "jited": 1
       }
     }
   }
 ]

Signed-off-by: Davide Caratti <dcaratti@...hat.com>
---
 tc/f_bpf.c | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/tc/f_bpf.c b/tc/f_bpf.c
index 135271aa1697..519186f929e5 100644
--- a/tc/f_bpf.c
+++ b/tc/f_bpf.c
@@ -203,22 +203,24 @@ static int bpf_print_opt(struct filter_util *qu, FILE *f,
 	parse_rtattr_nested(tb, TCA_BPF_MAX, opt);
 
 	if (handle)
-		fprintf(f, "handle 0x%x ", handle);
+		print_hex(PRINT_ANY, "handle", "handle 0x%x ", handle);
 
 	if (tb[TCA_BPF_CLASSID]) {
 		SPRINT_BUF(b1);
-		fprintf(f, "flowid %s ",
+		print_string(PRINT_ANY, "flowid", "flowid %s ",
 			sprint_tc_classid(rta_getattr_u32(tb[TCA_BPF_CLASSID]), b1));
 	}
 
 	if (tb[TCA_BPF_NAME])
-		fprintf(f, "%s ", rta_getattr_str(tb[TCA_BPF_NAME]));
+		print_string(PRINT_ANY, "bpf_name", "%s ",
+			     rta_getattr_str(tb[TCA_BPF_NAME]));
 
 	if (tb[TCA_BPF_FLAGS]) {
 		unsigned int flags = rta_getattr_u32(tb[TCA_BPF_FLAGS]);
 
 		if (flags & TCA_BPF_FLAG_ACT_DIRECT)
-			fprintf(f, "direct-action ");
+			print_bool(PRINT_ANY,
+				   "direct-action", "direct-action ", true);
 	}
 
 	if (tb[TCA_BPF_FLAGS_GEN]) {
@@ -226,14 +228,14 @@ static int bpf_print_opt(struct filter_util *qu, FILE *f,
 			rta_getattr_u32(tb[TCA_BPF_FLAGS_GEN]);
 
 		if (flags & TCA_CLS_FLAGS_SKIP_HW)
-			fprintf(f, "skip_hw ");
+			print_bool(PRINT_ANY, "skip_hw", "skip_hw ", true);
 		if (flags & TCA_CLS_FLAGS_SKIP_SW)
-			fprintf(f, "skip_sw ");
-
+			print_bool(PRINT_ANY, "skip_sw", "skip_sw ", true);
 		if (flags & TCA_CLS_FLAGS_IN_HW)
-			fprintf(f, "in_hw ");
+			print_bool(PRINT_ANY, "in_hw", "in_hw ", true);
 		else if (flags & TCA_CLS_FLAGS_NOT_IN_HW)
-			fprintf(f, "not_in_hw ");
+			print_bool(PRINT_ANY,
+				   "not_in_hw", "not_in_hw ", true);
 	}
 
 	if (tb[TCA_BPF_OPS] && tb[TCA_BPF_OPS_LEN])
@@ -245,14 +247,13 @@ static int bpf_print_opt(struct filter_util *qu, FILE *f,
 	if (!dump_ok && tb[TCA_BPF_TAG]) {
 		SPRINT_BUF(b);
 
-		fprintf(f, "tag %s ",
-			hexstring_n2a(RTA_DATA(tb[TCA_BPF_TAG]),
-				      RTA_PAYLOAD(tb[TCA_BPF_TAG]),
-				      b, sizeof(b)));
+		print_string(PRINT_ANY, "tag", "tag %s ",
+			     hexstring_n2a(RTA_DATA(tb[TCA_BPF_TAG]),
+			     RTA_PAYLOAD(tb[TCA_BPF_TAG]), b, sizeof(b)));
 	}
 
 	if (tb[TCA_BPF_POLICE]) {
-		fprintf(f, "\n");
+		print_string(PRINT_FP, NULL, "\n", "");
 		tc_print_police(f, tb[TCA_BPF_POLICE]);
 	}
 
-- 
2.25.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ