| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Apr 2020 20:06:16 +0200
From: Andrea Claudi <aclaudi@...hat.com>
To: Davide Caratti <dcaratti@...hat.com>
Cc: Stephen Hemminger <stephen@...workplumber.org>,
linux-netdev <netdev@...r.kernel.org>,
David Ahern <dsahern@...il.com>,
Jamal Hadi Salim <jhs@...atatu.com>
Subject: Re: [PATCH iproute2-next v2] tc: full JSON support for 'bpf' filter
On Thu, Apr 30, 2020 at 8:03 PM Davide Caratti <dcaratti@...hat.com> wrote:
>
> example using eBPF:
>
> # tc filter add dev dummy0 ingress bpf \
> > direct-action obj ./bpf/filter.o sec tc-ingress
> # tc -j filter show dev dummy0 ingress | jq
> [
> {
> "protocol": "all",
> "pref": 49152,
> "kind": "bpf",
> "chain": 0
> },
> {
> "protocol": "all",
> "pref": 49152,
> "kind": "bpf",
> "chain": 0,
> "options": {
> "handle": "0x1",
> "bpf_name": "filter.o:[tc-ingress]",
> "direct-action": true,
> "not_in_hw": true,
> "prog": {
> "id": 101,
> "tag": "a04f5eef06a7f555",
> "jited": 1
> }
> }
> }
> ]
>
> v2:
> - use print_nl(), thanks to Andrea Claudi
> - use print_0xhex() for filter handle, thanks to Stephen Hemminger
>
> Signed-off-by: Davide Caratti <dcaratti@...hat.com>
> ---
> tc/f_bpf.c | 29 +++++++++++++++--------------
> 1 file changed, 15 insertions(+), 14 deletions(-)
>
> diff --git a/tc/f_bpf.c b/tc/f_bpf.c
> index 135271aa1697..fa3552aefffd 100644
> --- a/tc/f_bpf.c
> +++ b/tc/f_bpf.c
> @@ -203,22 +203,24 @@ static int bpf_print_opt(struct filter_util *qu, FILE *f,
> parse_rtattr_nested(tb, TCA_BPF_MAX, opt);
>
> if (handle)
> - fprintf(f, "handle 0x%x ", handle);
> + print_0xhex(PRINT_ANY, "handle", "handle %#llx ", handle);
>
> if (tb[TCA_BPF_CLASSID]) {
> SPRINT_BUF(b1);
> - fprintf(f, "flowid %s ",
> + print_string(PRINT_ANY, "flowid", "flowid %s ",
> sprint_tc_classid(rta_getattr_u32(tb[TCA_BPF_CLASSID]), b1));
> }
>
> if (tb[TCA_BPF_NAME])
> - fprintf(f, "%s ", rta_getattr_str(tb[TCA_BPF_NAME]));
> + print_string(PRINT_ANY, "bpf_name", "%s ",
> + rta_getattr_str(tb[TCA_BPF_NAME]));
>
> if (tb[TCA_BPF_FLAGS]) {
> unsigned int flags = rta_getattr_u32(tb[TCA_BPF_FLAGS]);
>
> if (flags & TCA_BPF_FLAG_ACT_DIRECT)
> - fprintf(f, "direct-action ");
> + print_bool(PRINT_ANY,
> + "direct-action", "direct-action ", true);
> }
>
> if (tb[TCA_BPF_FLAGS_GEN]) {
> @@ -226,14 +228,14 @@ static int bpf_print_opt(struct filter_util *qu, FILE *f,
> rta_getattr_u32(tb[TCA_BPF_FLAGS_GEN]);
>
> if (flags & TCA_CLS_FLAGS_SKIP_HW)
> - fprintf(f, "skip_hw ");
> + print_bool(PRINT_ANY, "skip_hw", "skip_hw ", true);
> if (flags & TCA_CLS_FLAGS_SKIP_SW)
> - fprintf(f, "skip_sw ");
> -
> + print_bool(PRINT_ANY, "skip_sw", "skip_sw ", true);
> if (flags & TCA_CLS_FLAGS_IN_HW)
> - fprintf(f, "in_hw ");
> + print_bool(PRINT_ANY, "in_hw", "in_hw ", true);
> else if (flags & TCA_CLS_FLAGS_NOT_IN_HW)
> - fprintf(f, "not_in_hw ");
> + print_bool(PRINT_ANY,
> + "not_in_hw", "not_in_hw ", true);
> }
>
> if (tb[TCA_BPF_OPS] && tb[TCA_BPF_OPS_LEN])
> @@ -245,14 +247,13 @@ static int bpf_print_opt(struct filter_util *qu, FILE *f,
> if (!dump_ok && tb[TCA_BPF_TAG]) {
> SPRINT_BUF(b);
>
> - fprintf(f, "tag %s ",
> - hexstring_n2a(RTA_DATA(tb[TCA_BPF_TAG]),
> - RTA_PAYLOAD(tb[TCA_BPF_TAG]),
> - b, sizeof(b)));
> + print_string(PRINT_ANY, "tag", "tag %s ",
> + hexstring_n2a(RTA_DATA(tb[TCA_BPF_TAG]),
> + RTA_PAYLOAD(tb[TCA_BPF_TAG]), b, sizeof(b)));
> }
>
> if (tb[TCA_BPF_POLICE]) {
> - fprintf(f, "\n");
> + print_nl();
> tc_print_police(f, tb[TCA_BPF_POLICE]);
> }
>
> --
> 2.26.2
>
LGTM.
Acked-by: Andrea Claudi <aclaudi@...hat.com>
Powered by blists - more mailing lists