lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y6DDfVhOWRybVNUt@google.com>
Date:   Mon, 19 Dec 2022 12:03:09 -0800
From:   sdf@...gle.com
To:     Lorenzo Bianconi <lorenzo@...nel.org>
Cc:     bpf@...r.kernel.org, netdev@...r.kernel.org, ast@...nel.org,
        daniel@...earbox.net, andrii@...nel.org, davem@...emloft.net,
        kuba@...nel.org, hawk@...nel.org, pabeni@...hat.com,
        edumazet@...gle.com, toke@...hat.com, memxor@...il.com,
        alardam@...il.com, saeedm@...dia.com, anthony.l.nguyen@...el.com,
        gospo@...adcom.com, vladimir.oltean@....com, nbd@....name,
        john@...ozen.org, leon@...nel.org, simon.horman@...igine.com,
        aelior@...vell.com, christophe.jaillet@...adoo.fr,
        ecree.xilinx@...il.com, grygorii.strashko@...com, mst@...hat.com,
        bjorn@...nel.org, magnus.karlsson@...el.com,
        maciej.fijalkowski@...el.com, intel-wired-lan@...ts.osuosl.org,
        lorenzo.bianconi@...hat.com
Subject: Re: [RFC bpf-next 2/8] net: introduce XDP features flag

On 12/19, Lorenzo Bianconi wrote:
> From: Marek Majtyka <alardam@...il.com>

> Implement support for checking what kind of XDP features a netdev
> supports. Previously, there was no way to do this other than to try to
> create an AF_XDP socket on the interface or load an XDP program and see
> if it worked. This commit changes this by adding a new variable which
> describes all xdp supported functions on pretty detailed level:

>   - aborted
>   - drop
>   - pass
>   - tx
>   - redirect
>   - sock_zerocopy
>   - hw_offload
>   - redirect_target
>   - tx_lock
>   - frag_rx
>   - frag_target

> Zerocopy mode requires that redirect XDP operation is implemented in a
> driver and the driver supports also zero copy mode. Full mode requires
> that all XDP operation are implemented in the driver. Basic mode is just
> full mode without redirect operation. Frag target requires
> redirect_target one is supported by the driver.

Can you share more about _why_ is it needed? If we can already obtain
most of these signals via probing, why export the flags?

> Initially, these new flags are disabled for all drivers by default.

> Co-developed-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@...il.com>
> Co-developed-by: Lorenzo Bianconi <lorenzo@...nel.org>
> Signed-off-by: Lorenzo Bianconi <lorenzo@...nel.org>
> Signed-off-by: Marek Majtyka <alardam@...il.com>
> ---
>   .../networking/netdev-xdp-features.rst        | 60 +++++++++++++++++
>   include/linux/netdevice.h                     |  2 +
>   include/linux/xdp_features.h                  | 64 +++++++++++++++++++
>   include/uapi/linux/if_link.h                  |  7 ++
>   include/uapi/linux/xdp_features.h             | 34 ++++++++++
>   net/core/rtnetlink.c                          | 34 ++++++++++
>   tools/include/uapi/linux/if_link.h            |  7 ++
>   tools/include/uapi/linux/xdp_features.h       | 34 ++++++++++
>   8 files changed, 242 insertions(+)
>   create mode 100644 Documentation/networking/netdev-xdp-features.rst
>   create mode 100644 include/linux/xdp_features.h
>   create mode 100644 include/uapi/linux/xdp_features.h
>   create mode 100644 tools/include/uapi/linux/xdp_features.h

> diff --git a/Documentation/networking/netdev-xdp-features.rst  
> b/Documentation/networking/netdev-xdp-features.rst
> new file mode 100644
> index 000000000000..1dc803fe72dd
> --- /dev/null
> +++ b/Documentation/networking/netdev-xdp-features.rst
> @@ -0,0 +1,60 @@
> +.. SPDX-License-Identifier: GPL-2.0
> +
> +=====================
> +Netdev XDP features
> +=====================
> +
> + * XDP FEATURES FLAGS
> +
> +Following netdev xdp features flags can be retrieved over route netlink
> +interface (compact form) - the same way as netdev feature flags.
> +These features flags are read only and cannot be change at runtime.
> +
> +*  XDP_ABORTED
> +
> +This feature informs if netdev supports xdp aborted action.
> +
> +*  XDP_DROP
> +
> +This feature informs if netdev supports xdp drop action.
> +
> +*  XDP_PASS
> +
> +This feature informs if netdev supports xdp pass action.
> +
> +*  XDP_TX
> +
> +This feature informs if netdev supports xdp tx action.
> +
> +*  XDP_REDIRECT
> +
> +This feature informs if netdev supports xdp redirect action.
> +It assumes the all beforehand mentioned flags are enabled.
> +
> +*  XDP_SOCK_ZEROCOPY
> +
> +This feature informs if netdev driver supports xdp zero copy.
> +It assumes the all beforehand mentioned flags are enabled.
> +
> +*  XDP_HW_OFFLOAD
> +
> +This feature informs if netdev driver supports xdp hw oflloading.
> +
> +*  XDP_TX_LOCK
> +
> +This feature informs if netdev ndo_xdp_xmit function requires locking.
> +
> +*  XDP_REDIRECT_TARGET
> +
> +This feature informs if netdev implements ndo_xdp_xmit callback.
> +
> +*  XDP_FRAG_RX
> +
> +This feature informs if netdev implements non-linear xdp buff support in
> +the driver napi callback.
> +
> +*  XDP_FRAG_TARGET
> +
> +This feature informs if netdev implements non-linear xdp buff support in
> +ndo_xdp_xmit callback. XDP_FRAG_TARGET requires XDP_REDIRECT_TARGET is  
> properly
> +supported.
> diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
> index aad12a179e54..ae5a8564383b 100644
> --- a/include/linux/netdevice.h
> +++ b/include/linux/netdevice.h
> @@ -43,6 +43,7 @@
>   #include <net/xdp.h>

>   #include <linux/netdev_features.h>
> +#include <linux/xdp_features.h>
>   #include <linux/neighbour.h>
>   #include <uapi/linux/netdevice.h>
>   #include <uapi/linux/if_bonding.h>
> @@ -2362,6 +2363,7 @@ struct net_device {
>   	struct rtnl_hw_stats64	*offload_xstats_l3;

>   	struct devlink_port	*devlink_port;
> +	xdp_features_t		xdp_features;
>   };
>   #define to_net_dev(d) container_of(d, struct net_device, dev)

> diff --git a/include/linux/xdp_features.h b/include/linux/xdp_features.h
> new file mode 100644
> index 000000000000..4e72a86ef329
> --- /dev/null
> +++ b/include/linux/xdp_features.h
> @@ -0,0 +1,64 @@
> +/* SPDX-License-Identifier: GPL-2.0-or-later */
> +/*
> + * Network device xdp features.
> + */
> +#ifndef _LINUX_XDP_FEATURES_H
> +#define _LINUX_XDP_FEATURES_H
> +
> +#include <linux/types.h>
> +#include <linux/bitops.h>
> +#include <asm/byteorder.h>
> +#include <uapi/linux/xdp_features.h>
> +
> +typedef u32 xdp_features_t;
> +
> +#define __XDP_F_BIT(bit)	((xdp_features_t)1 << (bit))
> +#define __XDP_F(name)		__XDP_F_BIT(XDP_F_##name##_BIT)
> +
> +#define XDP_F_ABORTED		__XDP_F(ABORTED)
> +#define XDP_F_DROP		__XDP_F(DROP)
> +#define XDP_F_PASS		__XDP_F(PASS)
> +#define XDP_F_TX		__XDP_F(TX)
> +#define XDP_F_REDIRECT		__XDP_F(REDIRECT)
> +#define XDP_F_REDIRECT_TARGET	__XDP_F(REDIRECT_TARGET)
> +#define XDP_F_SOCK_ZEROCOPY	__XDP_F(SOCK_ZEROCOPY)
> +#define XDP_F_HW_OFFLOAD	__XDP_F(HW_OFFLOAD)
> +#define XDP_F_TX_LOCK		__XDP_F(TX_LOCK)
> +#define XDP_F_FRAG_RX		__XDP_F(FRAG_RX)
> +#define XDP_F_FRAG_TARGET	__XDP_F(FRAG_TARGET)
> +
> +#define XDP_F_BASIC		(XDP_F_ABORTED | XDP_F_DROP |	\
> +				 XDP_F_PASS | XDP_F_TX)
> +
> +#define XDP_F_FULL		(XDP_F_BASIC | XDP_F_REDIRECT)
> +
> +#define XDP_F_FULL_ZC		(XDP_F_FULL | XDP_F_SOCK_ZEROCOPY)
> +
> +#define XDP_FEATURES_ABORTED_STR		"xdp-aborted"
> +#define XDP_FEATURES_DROP_STR			"xdp-drop"
> +#define XDP_FEATURES_PASS_STR			"xdp-pass"
> +#define XDP_FEATURES_TX_STR			"xdp-tx"
> +#define XDP_FEATURES_REDIRECT_STR		"xdp-redirect"
> +#define XDP_FEATURES_REDIRECT_TARGET_STR	"xdp-redirect-target"
> +#define XDP_FEATURES_SOCK_ZEROCOPY_STR		"xdp-sock-zerocopy"
> +#define XDP_FEATURES_HW_OFFLOAD_STR		"xdp-hw-offload"
> +#define XDP_FEATURES_TX_LOCK_STR		"xdp-tx-lock"
> +#define XDP_FEATURES_FRAG_RX_STR		"xdp-frag-rx"
> +#define XDP_FEATURES_FRAG_TARGET_STR		"xdp-frag-target"
> +
> +#define DECLARE_XDP_FEATURES_TABLE(name, length)				\
> +	const char name[][length] = {						\
> +		[XDP_F_ABORTED_BIT] = XDP_FEATURES_ABORTED_STR,			\
> +		[XDP_F_DROP_BIT] = XDP_FEATURES_DROP_STR,			\
> +		[XDP_F_PASS_BIT] = XDP_FEATURES_PASS_STR,			\
> +		[XDP_F_TX_BIT] = XDP_FEATURES_TX_STR,				\
> +		[XDP_F_REDIRECT_BIT] = XDP_FEATURES_REDIRECT_STR,		\
> +		[XDP_F_REDIRECT_TARGET_BIT] = XDP_FEATURES_REDIRECT_TARGET_STR,	\
> +		[XDP_F_SOCK_ZEROCOPY_BIT] = XDP_FEATURES_SOCK_ZEROCOPY_STR,	\
> +		[XDP_F_HW_OFFLOAD_BIT] = XDP_FEATURES_HW_OFFLOAD_STR,		\
> +		[XDP_F_TX_LOCK_BIT] = XDP_FEATURES_TX_LOCK_STR,			\
> +		[XDP_F_FRAG_RX_BIT] = XDP_FEATURES_FRAG_RX_STR,			\
> +		[XDP_F_FRAG_TARGET_BIT] = XDP_FEATURES_FRAG_TARGET_STR,		\
> +	}
> +
> +#endif /* _LINUX_XDP_FEATURES_H */
> diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
> index 1021a7e47a86..971c658ceaea 100644
> --- a/include/uapi/linux/if_link.h
> +++ b/include/uapi/linux/if_link.h
> @@ -374,6 +374,8 @@ enum {

>   	IFLA_DEVLINK_PORT,

> +	IFLA_XDP_FEATURES,
> +
>   	__IFLA_MAX
>   };

> @@ -1318,6 +1320,11 @@ enum {

>   #define IFLA_XDP_MAX (__IFLA_XDP_MAX - 1)

> +enum {
> +	IFLA_XDP_FEATURES_WORD_UNSPEC = 0,
> +	IFLA_XDP_FEATURES_BITS_WORD,
> +};
> +
>   enum {
>   	IFLA_EVENT_NONE,
>   	IFLA_EVENT_REBOOT,		/* internal reset / reboot */
> diff --git a/include/uapi/linux/xdp_features.h  
> b/include/uapi/linux/xdp_features.h
> new file mode 100644
> index 000000000000..48eb42069bcd
> --- /dev/null
> +++ b/include/uapi/linux/xdp_features.h
> @@ -0,0 +1,34 @@
> +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> +/*
> + * Copyright (c) 2020 Intel
> + */
> +
> +#ifndef __UAPI_LINUX_XDP_FEATURES__
> +#define __UAPI_LINUX_XDP_FEATURES__
> +
> +enum {
> +	XDP_F_ABORTED_BIT,
> +	XDP_F_DROP_BIT,
> +	XDP_F_PASS_BIT,
> +	XDP_F_TX_BIT,
> +	XDP_F_REDIRECT_BIT,
> +	XDP_F_REDIRECT_TARGET_BIT,
> +	XDP_F_SOCK_ZEROCOPY_BIT,
> +	XDP_F_HW_OFFLOAD_BIT,
> +	XDP_F_TX_LOCK_BIT,
> +	XDP_F_FRAG_RX_BIT,
> +	XDP_F_FRAG_TARGET_BIT,
> +	/*
> +	 * Add your fresh new property above and remember to update
> +	 * documentation.
> +	 */
> +	XDP_FEATURES_COUNT,
> +};
> +
> +#define XDP_FEATURES_WORDS			((XDP_FEATURES_COUNT + 32 - 1) / 32)
> +#define XDP_FEATURES_WORD(blocks, index)	((blocks)[(index) / 32U])
> +#define XDP_FEATURES_FIELD_FLAG(index)		(1U << (index) % 32U)
> +#define XDP_FEATURES_BIT_IS_SET(blocks, index)        \
> +	(XDP_FEATURES_WORD(blocks, index) & XDP_FEATURES_FIELD_FLAG(index))
> +
> +#endif  /* __UAPI_LINUX_XDP_FEATURES__ */
> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
> index 64289bc98887..1c299746b614 100644
> --- a/net/core/rtnetlink.c
> +++ b/net/core/rtnetlink.c
> @@ -1016,6 +1016,14 @@ static size_t rtnl_xdp_size(void)
>   	return xdp_size;
>   }

> +static size_t rtnl_xdp_features_size(void)
> +{
> +	size_t xdp_size = nla_total_size(0) +	/* nest IFLA_XDP_FEATURES */
> +			  XDP_FEATURES_WORDS * nla_total_size(4);
> +
> +	return xdp_size;
> +}
> +
>   static size_t rtnl_prop_list_size(const struct net_device *dev)
>   {
>   	struct netdev_name_node *name_node;
> @@ -1103,6 +1111,7 @@ static noinline size_t if_nlmsg_size(const struct  
> net_device *dev,
>   	       + rtnl_prop_list_size(dev)
>   	       + nla_total_size(MAX_ADDR_LEN) /* IFLA_PERM_ADDRESS */
>   	       + rtnl_devlink_port_size(dev)
> +	       + rtnl_xdp_features_size() /* IFLA_XDP_FEATURES */
>   	       + 0;
>   }

> @@ -1546,6 +1555,27 @@ static int rtnl_xdp_fill(struct sk_buff *skb,  
> struct net_device *dev)
>   	return err;
>   }

> +static int rtnl_xdp_features_fill(struct sk_buff *skb, struct net_device  
> *dev)
> +{
> +	struct nlattr *attr;
> +
> +	attr = nla_nest_start_noflag(skb, IFLA_XDP_FEATURES);
> +	if (!attr)
> +		return -EMSGSIZE;
> +
> +	BUILD_BUG_ON(XDP_FEATURES_WORDS != 1);
> +	if (nla_put_u32(skb, IFLA_XDP_FEATURES_BITS_WORD, dev->xdp_features))
> +		goto err_cancel;
> +
> +	nla_nest_end(skb, attr);
> +
> +	return 0;
> +
> +err_cancel:
> +	nla_nest_cancel(skb, attr);
> +	return -EMSGSIZE;
> +}
> +
>   static u32 rtnl_get_event(unsigned long event)
>   {
>   	u32 rtnl_event_type = IFLA_EVENT_NONE;
> @@ -1904,6 +1934,9 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb,
>   	if (rtnl_fill_devlink_port(skb, dev))
>   		goto nla_put_failure;

> +	if (rtnl_xdp_features_fill(skb, dev))
> +		goto nla_put_failure;
> +
>   	nlmsg_end(skb, nlh);
>   	return 0;

> @@ -1968,6 +2001,7 @@ static const struct nla_policy  
> ifla_policy[IFLA_MAX+1] = {
>   	[IFLA_TSO_MAX_SIZE]	= { .type = NLA_REJECT },
>   	[IFLA_TSO_MAX_SEGS]	= { .type = NLA_REJECT },
>   	[IFLA_ALLMULTI]		= { .type = NLA_REJECT },
> +	[IFLA_XDP_FEATURES]	= { .type = NLA_NESTED },
>   };

>   static const struct nla_policy ifla_info_policy[IFLA_INFO_MAX+1] = {
> diff --git a/tools/include/uapi/linux/if_link.h  
> b/tools/include/uapi/linux/if_link.h
> index 82fe18f26db5..994228e9909a 100644
> --- a/tools/include/uapi/linux/if_link.h
> +++ b/tools/include/uapi/linux/if_link.h
> @@ -354,6 +354,8 @@ enum {

>   	IFLA_DEVLINK_PORT,

> +	IFLA_XDP_FEATURES,
> +
>   	__IFLA_MAX
>   };

> @@ -1222,6 +1224,11 @@ enum {

>   #define IFLA_XDP_MAX (__IFLA_XDP_MAX - 1)

> +enum {
> +	IFLA_XDP_FEATURES_WORD_UNSPEC = 0,
> +	IFLA_XDP_FEATURES_BITS_WORD,
> +};
> +
>   enum {
>   	IFLA_EVENT_NONE,
>   	IFLA_EVENT_REBOOT,		/* internal reset / reboot */
> diff --git a/tools/include/uapi/linux/xdp_features.h  
> b/tools/include/uapi/linux/xdp_features.h
> new file mode 100644
> index 000000000000..48eb42069bcd
> --- /dev/null
> +++ b/tools/include/uapi/linux/xdp_features.h
> @@ -0,0 +1,34 @@
> +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
> +/*
> + * Copyright (c) 2020 Intel
> + */
> +
> +#ifndef __UAPI_LINUX_XDP_FEATURES__
> +#define __UAPI_LINUX_XDP_FEATURES__
> +
> +enum {
> +	XDP_F_ABORTED_BIT,
> +	XDP_F_DROP_BIT,
> +	XDP_F_PASS_BIT,
> +	XDP_F_TX_BIT,
> +	XDP_F_REDIRECT_BIT,
> +	XDP_F_REDIRECT_TARGET_BIT,
> +	XDP_F_SOCK_ZEROCOPY_BIT,
> +	XDP_F_HW_OFFLOAD_BIT,
> +	XDP_F_TX_LOCK_BIT,
> +	XDP_F_FRAG_RX_BIT,
> +	XDP_F_FRAG_TARGET_BIT,
> +	/*
> +	 * Add your fresh new property above and remember to update
> +	 * documentation.
> +	 */
> +	XDP_FEATURES_COUNT,
> +};
> +
> +#define XDP_FEATURES_WORDS			((XDP_FEATURES_COUNT + 32 - 1) / 32)
> +#define XDP_FEATURES_WORD(blocks, index)	((blocks)[(index) / 32U])
> +#define XDP_FEATURES_FIELD_FLAG(index)		(1U << (index) % 32U)
> +#define XDP_FEATURES_BIT_IS_SET(blocks, index)        \
> +	(XDP_FEATURES_WORD(blocks, index) & XDP_FEATURES_FIELD_FLAG(index))
> +
> +#endif  /* __UAPI_LINUX_XDP_FEATURES__ */
> --
> 2.38.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ