lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230621170244.1283336-1-sdf@google.com>
Date: Wed, 21 Jun 2023 10:02:33 -0700
From: Stanislav Fomichev <sdf@...gle.com>
To: bpf@...r.kernel.org
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org, 
	martin.lau@...ux.dev, song@...nel.org, yhs@...com, john.fastabend@...il.com, 
	kpsingh@...nel.org, sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org, 
	toke@...nel.org, willemb@...gle.com, dsahern@...nel.org, 
	magnus.karlsson@...el.com, bjorn@...nel.org, maciej.fijalkowski@...el.com, 
	brouer@...hat.com, netdev@...r.kernel.org
Subject: [RFC bpf-next v2 00/11] bpf: Netdev TX metadata

--- Changes since RFC v1 ---

- Support passing metadata via XSK
  - Showcase how to consume this metadata at TX in the selftests
- Sample untested mlx5 implementation
- Simplify attach/detach story with simple global fentry (Alexei)
- Add 'return 0' in xdp_metadata selftest (Willem)
- Add missing 'sizeof(*ip6h)' in xdp_hw_metadata selftest (Willem)
- Document 'timestamp' argument of kfunc (Simon)
- Not relevant due to attach/detach rework:
  - s/devtx_sb/devtx_submit/ in netdev (Willem)
  - s/devtx_cp/devtx_complete/ in netdev (Willem)
  - Document 'devtx_complete' and 'devtx_submit' in netdev (Simon)
  - Add devtx_sb/devtx_cp forward declaration (Simon)
  - Add missing __rcu/rcu_dereference annotations (Simon)

v1: https://lore.kernel.org/bpf/CAJ8uoz2zOHpBRfKhN97eR0VWipBTxnh=R9G57Z2UUujX4JzneQ@mail.gmail.com/T/#md354573364f75a8598e443dd51114b4feb4c3714

--- Use cases ---

The goal of this series is to add two new standard-ish places
in the transmit path:

1. Right before the packet is transmitted (with access to TX
   descriptors)
2. Right after the packet is actually transmitted and we've received the
   completion (again, with access to TX completion descriptors)

Accessing TX descriptors unlocks the following use-cases:

- Setting device hints at TX: XDP/AF_XDP might use these new hooks to
use device offloads. The existing case implements TX timestamp.
- Observability: global per-netdev hooks can be used for tracing
the packets and exploring completion descriptors for all sorts of
device errors.

Accessing TX descriptors also means that the hooks have to be called
from the drivers.

The hooks are a light-weight alternative to XDP at egress and currently
don't provide any packet modification abilities. However, eventually,
can expose new kfuncs to operate on the packet (or, rather, the actual
descriptors; for performance sake).

--- UAPI ---

The hooks are implemented in a HID-BPF style. Meaning they don't
expose any UAPI and are implemented as tracing programs that call
a bunch of kfuncs. The attach/detach operation happen via regular
global fentry points. Network namespace and ifindex are exposed
to allow filtering out particular netdev.

--- skb vs xdp ---

The hooks operate on a new light-weight devtx_frame which contains:
- data
- len
- metadata_len
- sinfo (frags)
- netdev

This should allow us to have a unified (from BPF POW) place at TX
and not be super-taxing (we need to copy 2 pointers + len to the stack
for each invocation).

--- TODO ---

Things that I'm planning to do for the non-RFC series:
- have some real device support to verify xdp_hw_metadata works
  - performance numbers with/without feature enabled (Toke)
- freplace
- explore dynptr (Toke)
- Documentation/networking/xdp-rx-metadata.rst - like documentation

--- CC ---

CC'ing people only on the cover letter. Hopefully can find the rest via
lore.

Cc: toke@...nel.org
Cc: willemb@...gle.com
Cc: dsahern@...nel.org
Cc: john.fastabend@...il.com
Cc: magnus.karlsson@...el.com
Cc: bjorn@...nel.org
Cc: maciej.fijalkowski@...el.com
Cc: brouer@...hat.com
Cc: netdev@...r.kernel.org

Stanislav Fomichev (11):
  bpf: Rename some xdp-metadata functions into dev-bound
  bpf: Resolve single typedef when walking structs
  xsk: Support XDP_TX_METADATA_LEN
  bpf: Implement devtx hook points
  bpf: Implement devtx timestamp kfunc
  net: veth: Implement devtx timestamp kfuncs
  selftests/xsk: Support XDP_TX_METADATA_LEN
  selftests/bpf: Add helper to query current netns cookie
  selftests/bpf: Extend xdp_metadata with devtx kfuncs
  selftests/bpf: Extend xdp_hw_metadata with devtx kfuncs
  net/mlx5e: Support TX timestamp metadata

 MAINTAINERS                                   |   2 +
 .../net/ethernet/mellanox/mlx5/core/en/txrx.h |  11 +
 .../net/ethernet/mellanox/mlx5/core/en/xdp.c  |  96 ++++++++-
 .../net/ethernet/mellanox/mlx5/core/en/xdp.h  |   9 +-
 .../ethernet/mellanox/mlx5/core/en/xsk/tx.c   |   3 +
 .../net/ethernet/mellanox/mlx5/core/en_tx.c   |  16 ++
 .../net/ethernet/mellanox/mlx5/core/main.c    |  26 ++-
 drivers/net/veth.c                            | 116 +++++++++-
 include/linux/netdevice.h                     |   4 +
 include/net/devtx.h                           |  71 +++++++
 include/net/offload.h                         |  38 ++++
 include/net/xdp.h                             |  18 +-
 include/net/xdp_sock.h                        |   1 +
 include/net/xsk_buff_pool.h                   |   1 +
 include/uapi/linux/if_xdp.h                   |   1 +
 kernel/bpf/btf.c                              |   2 +
 kernel/bpf/offload.c                          |  49 ++++-
 kernel/bpf/verifier.c                         |   4 +-
 net/core/Makefile                             |   1 +
 net/core/dev.c                                |   1 +
 net/core/devtx.c                              | 149 +++++++++++++
 net/core/xdp.c                                |  20 +-
 net/xdp/xsk.c                                 |  31 ++-
 net/xdp/xsk_buff_pool.c                       |   1 +
 net/xdp/xsk_queue.h                           |   7 +-
 tools/testing/selftests/bpf/network_helpers.c |  21 ++
 tools/testing/selftests/bpf/network_helpers.h |   1 +
 .../selftests/bpf/prog_tests/xdp_metadata.c   |  62 +++++-
 .../selftests/bpf/progs/xdp_hw_metadata.c     | 107 ++++++++++
 .../selftests/bpf/progs/xdp_metadata.c        | 118 +++++++++++
 tools/testing/selftests/bpf/xdp_hw_metadata.c | 198 ++++++++++++++++--
 tools/testing/selftests/bpf/xdp_metadata.h    |  14 ++
 tools/testing/selftests/bpf/xsk.c             |  17 ++
 tools/testing/selftests/bpf/xsk.h             |   1 +
 34 files changed, 1142 insertions(+), 75 deletions(-)
 create mode 100644 include/net/devtx.h
 create mode 100644 include/net/offload.h
 create mode 100644 net/core/devtx.c

-- 
2.41.0.162.gfafddb0af9-goog


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ