lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221027200019.4106375-1-sdf@google.com> Date: Thu, 27 Oct 2022 13:00:14 -0700 From: Stanislav Fomichev <sdf@...gle.com> To: bpf@...r.kernel.org Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org, martin.lau@...ux.dev, song@...nel.org, yhs@...com, john.fastabend@...il.com, kpsingh@...nel.org, sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org, Jakub Kicinski <kuba@...nel.org>, Willem de Bruijn <willemb@...gle.com>, Jesper Dangaard Brouer <brouer@...hat.com>, Anatoly Burakov <anatoly.burakov@...el.com>, Alexander Lobakin <alexandr.lobakin@...el.com>, Magnus Karlsson <magnus.karlsson@...il.com>, Maryam Tahhan <mtahhan@...hat.com>, xdp-hints@...-project.net, netdev@...r.kernel.org Subject: [RFC bpf-next 0/5] xdp: hints via kfuncs This is an RFC for the alternative approach suggested by Martin and Jakub. I've tried to CC most of the people from the original discussion, feel free to add more if you think I've missed somebody. Summary: - add new BPF_F_XDP_HAS_METADATA program flag and abuse attr->prog_ifindex to pass target device ifindex at load time - at load time, find appropriate ndo_unroll_kfunc and call it to unroll/inline kfuncs; kfuncs have the default "safe" implementation if unrolling is not supported by a particular device - rewrite xskxceiver test to use C bpf program and extend it to export rx_timestamp (plus add rx timestamp to veth driver) I've intentionally kept it small and hacky to see whether the approach is workable or not. Pros: - we avoid BTF complexity; the BPF programs themselves are now responsible for agreeing on the metadata layout with the AF_XDP consumer - the metadata is free if not used - the metadata should, in theory, be cheap if used; kfuncs should be unrolled to the same code as if the metadata was pre-populated and passed with a BTF id - it's not all or nothing; users can use small subset of metadata which is more efficient than the BTF id approach where all metadata has to be exposed for every frame (and selectively consumed by the users) Cons: - forwarding has to be handled explicitly; the BPF programs have to agree on the metadata layout (IOW, the forwarding program has to be aware of the final AF_XDP consumer metadata layout) - TX picture is not clear; but it's not clear with BTF ids as well; I think we've agreed that just reusing whatever we have at RX won't fly at TX; seems like TX XDP program might be the answer here? (with a set of another tx kfuncs to "expose" bpf/af_xdp metatata back into the kernel) Cc: Martin KaFai Lau <martin.lau@...ux.dev> Cc: Jakub Kicinski <kuba@...nel.org> Cc: Willem de Bruijn <willemb@...gle.com> Cc: Jesper Dangaard Brouer <brouer@...hat.com> Cc: Anatoly Burakov <anatoly.burakov@...el.com> Cc: Alexander Lobakin <alexandr.lobakin@...el.com> Cc: Magnus Karlsson <magnus.karlsson@...il.com> Cc: Maryam Tahhan <mtahhan@...hat.com> Cc: xdp-hints@...-project.net Cc: netdev@...r.kernel.org Stanislav Fomichev (5): bpf: Support inlined/unrolled kfuncs for xdp metadata veth: Support rx timestamp metadata for xdp libbpf: Pass prog_ifindex via bpf_object_open_opts selftests/bpf: Convert xskxceiver to use custom program selftests/bpf: Test rx_timestamp metadata in xskxceiver drivers/net/veth.c | 31 +++++ include/linux/bpf.h | 1 + include/linux/btf.h | 1 + include/linux/btf_ids.h | 4 + include/linux/netdevice.h | 3 + include/net/xdp.h | 22 ++++ include/uapi/linux/bpf.h | 5 + kernel/bpf/syscall.c | 28 ++++- kernel/bpf/verifier.c | 60 +++++++++ net/core/dev.c | 7 ++ net/core/xdp.c | 28 +++++ tools/include/uapi/linux/bpf.h | 5 + tools/lib/bpf/libbpf.c | 1 + tools/lib/bpf/libbpf.h | 6 +- tools/testing/selftests/bpf/Makefile | 1 + .../testing/selftests/bpf/progs/xskxceiver.c | 43 +++++++ tools/testing/selftests/bpf/xskxceiver.c | 119 +++++++++++++++--- tools/testing/selftests/bpf/xskxceiver.h | 5 +- 18 files changed, 348 insertions(+), 22 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/xskxceiver.c -- 2.38.1.273.g43a17bfeac-goog
Powered by blists - more mailing lists