| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200626175501.1459961-1-kafai@fb.com>
Date: Fri, 26 Jun 2020 10:55:01 -0700
From: Martin KaFai Lau <kafai@...com>
To: <bpf@...r.kernel.org>
CC: Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Eric Dumazet <edumazet@...gle.com>, <kernel-team@...com>,
Lawrence Brakmo <brakmo@...com>,
Neal Cardwell <ncardwell@...gle.com>, <netdev@...r.kernel.org>,
Yuchung Cheng <ycheng@...gle.com>
Subject: [PATCH bpf-next 00/10] BPF TCP header options
The earlier effort in BPF-TCP-CC allows the TCP Congestion Control
algorithm to be written in BPF. It opens up opportunities to allow
a faster turnaround time in testing/releasing new congestion control
ideas to production environment.
The same flexibility can be extended to writing TCP header option.
It is not uncommon that people want to test new TCP header option
to improve the TCP performance. Another use case is for data-center
that has a more controlled environment and has more flexibility in
putting header options for internal traffic only.
This patch set introduces the necessary BPF logic and API to
allow bpf program (BPF_PROG_TYPE_SOCK_OPS) to write and parse
TCP options under experimental kind(254) and 16bit-magic(0xeB9F).
The experimental kind(254) usage is defined in RFC 6994.
There are also some changes to TCP and they are mostly to provide
the needed sk and skb info to the bpf program to make decision.
Patch 4 is the main patch and has more details on the API and design.
The set ends with an example which sends the max delay ack in
the BPF TCP header option and the receiving side can
then adjust its RTO accordingly.
Martin KaFai Lau (10):
tcp: Use a struct to represent a saved_syn
tcp: bpf: Parse BPF experimental header option
bpf: sock_ops: Change some members of sock_ops_kern from u32 to u8
bpf: tcp: Allow bpf prog to write and parse BPF TCP header option
bpf: selftests: A few improvements to network_helpers.c
bpf: selftests: Add fastopen_connect to network_helpers
bpf: selftests: Restore netns after each test
bpf: selftests: tcp header options
tcp: bpf: Add TCP_BPF_DELACK_MAX and TCP_BPF_RTO_MIN to bpf_setsockopt
bpf: selftest: Add test for TCP_BPF_DELACK_MAX and TCP_BPF_RTO_MIN
include/linux/bpf-cgroup.h | 25 +
include/linux/filter.h | 10 +-
include/linux/tcp.h | 11 +-
include/net/inet_connection_sock.h | 2 +
include/net/request_sock.h | 8 +-
include/net/tcp.h | 58 +-
include/uapi/linux/bpf.h | 189 ++++-
net/core/filter.c | 236 +++++-
net/ipv4/tcp.c | 13 +-
net/ipv4/tcp_fastopen.c | 2 +-
net/ipv4/tcp_input.c | 99 ++-
net/ipv4/tcp_ipv4.c | 4 +-
net/ipv4/tcp_minisocks.c | 1 +
net/ipv4/tcp_output.c | 188 ++++-
net/ipv6/tcp_ipv6.c | 4 +-
tools/include/uapi/linux/bpf.h | 189 ++++-
tools/testing/selftests/bpf/network_helpers.c | 182 +++--
tools/testing/selftests/bpf/network_helpers.h | 11 +-
.../bpf/prog_tests/cgroup_skb_sk_lookup.c | 12 +-
.../bpf/prog_tests/connect_force_port.c | 10 +-
.../bpf/prog_tests/load_bytes_relative.c | 4 +-
.../bpf/prog_tests/tcp_hdr_options.c | 522 +++++++++++++
.../selftests/bpf/prog_tests/tcp_rtt.c | 4 +-
.../bpf/progs/test_tcp_hdr_options.c | 708 ++++++++++++++++++
tools/testing/selftests/bpf/test_progs.c | 21 +
tools/testing/selftests/bpf/test_progs.h | 2 +
.../selftests/bpf/test_tcp_hdr_options.h | 34 +
27 files changed, 2426 insertions(+), 123 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/tcp_hdr_options.c
create mode 100644 tools/testing/selftests/bpf/progs/test_tcp_hdr_options.c
create mode 100644 tools/testing/selftests/bpf/test_tcp_hdr_options.h
--
2.24.1
Powered by blists - more mailing lists