| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Jul 2023 12:29:52 -0700
From: Stanislav Fomichev <sdf@...gle.com>
To: bpf@...r.kernel.org
Cc: ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
martin.lau@...ux.dev, song@...nel.org, yhs@...com, john.fastabend@...il.com,
kpsingh@...nel.org, sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org,
kuba@...nel.org, toke@...nel.org, willemb@...gle.com, dsahern@...nel.org,
magnus.karlsson@...el.com, bjorn@...nel.org, maciej.fijalkowski@...el.com,
hawk@...nel.org, netdev@...r.kernel.org, xdp-hints@...-project.net
Subject: [RFC bpf-next v3 00/14] bpf: Netdev TX metadata
--- Changes since RFC v2 ---
- Separate skb & xdp path
- XSK is still weird in mlx5 driver; I have to create xdp_frame on
the stack for af_xdp
- Add TX checksum kfunc
- In a separate patch for now to show extensibility
- Same API as we have in skb world
- mlx5 patches with tx timestamp/checksum support
- xdp_hw_metadata is extended with appropriate bits
- report sw completion timestamp as well
v2: https://lore.kernel.org/bpf/CAKH8qBvnNCY=eFh4pMRZqBs88JBd66sVD+Yt8mGyQJOAtq7jrA@mail.gmail.com/T/#m6e45f78b11ac10f724a9472359c44f1a38a679cb
--- Use cases ---
The goal of this series is to add two new standard-ish places
in the transmit path:
1. Right before the packet is transmitted (with access to TX
descriptors)
2. Right after the packet is actually transmitted and we've received the
completion (again, with access to TX completion descriptors)
Accessing TX descriptors unlocks the following use-cases:
- Setting device hints at TX: XDP/AF_XDP might use these new hooks to
use device offloads. The existing case implements TX timestamp.
- Observability: global per-netdev hooks can be used for tracing
the packets and exploring completion descriptors for all sorts of
device errors.
Accessing TX descriptors also means that the hooks have to be called
from the drivers.
The hooks are a light-weight alternative to XDP at egress and currently
don't provide any packet modification abilities. However, eventually,
can expose new kfuncs to operate on the packet (or, rather, the actual
descriptors; for performance sake).
--- UAPI ---
The hooks are implemented in a HID-BPF style. Meaning they don't
expose any UAPI and are implemented as tracing programs that call
a bunch of kfuncs. The attach/detach operation happen via regular
global fentry points. Network namespace and ifindex are exposed
to allow filtering out particular netdev.
--- skb vs xdp ---
The hooks operate on a new light-weight devtx_ctx which contains:
- sinfo (frags)
- netdev
skb and xdp_frame hook points are separate; skb and xdp_frame are
passed directly into the hook where appropriate.
--- TODO ---
Things that I'm planning to do for the non-RFC series:
- have some real device support to verify xdp_hw_metadata works
- performance numbers with/without feature enabled (Toke)
- add has_timestamp flag to af_xdp tx_desc (Toke & Jesper)
- freplace
- explore dynptr (Toke)
- Documentation/networking/xdp-rx-metadata.rst - like documentation
Stanislav Fomichev (14):
bpf: Rename some xdp-metadata functions into dev-bound
bpf: Make it easier to add new metadata kfunc
xsk: Support XDP_TX_METADATA_LEN
bpf: Implement devtx hook points
bpf: Implement devtx timestamp kfunc
net: veth: Implement devtx timestamp kfuncs
bpf: Introduce tx checksum devtx kfuncs
net: veth: Implement devtx tx checksum
net/mlx5e: Implement devtx kfuncs
selftests/xsk: Support XDP_TX_METADATA_LEN
selftests/bpf: Add helper to query current netns cookie
selftests/bpf: Add csum helpers
selftests/bpf: Extend xdp_metadata with devtx kfuncs
selftests/bpf: Extend xdp_hw_metadata with devtx kfuncs
MAINTAINERS | 2 +
.../net/ethernet/mellanox/mlx5/core/en/txrx.h | 15 +
.../net/ethernet/mellanox/mlx5/core/en/xdp.c | 155 +++++++++-
.../net/ethernet/mellanox/mlx5/core/en/xdp.h | 4 +-
.../ethernet/mellanox/mlx5/core/en/xsk/tx.c | 10 +
.../net/ethernet/mellanox/mlx5/core/en_tx.c | 24 ++
.../net/ethernet/mellanox/mlx5/core/main.c | 15 +-
drivers/net/veth.c | 126 +++++++-
include/linux/netdevice.h | 6 +
include/net/devtx.h | 66 +++++
include/net/offload.h | 45 +++
include/net/xdp.h | 18 +-
include/net/xdp_sock.h | 1 +
include/net/xsk_buff_pool.h | 1 +
include/uapi/linux/if_xdp.h | 1 +
kernel/bpf/offload.c | 52 +++-
kernel/bpf/verifier.c | 4 +-
net/core/Makefile | 1 +
net/core/dev.c | 1 +
net/core/devtx.c | 168 +++++++++++
net/core/xdp.c | 20 +-
net/xdp/xsk.c | 35 ++-
net/xdp/xsk_buff_pool.c | 1 +
net/xdp/xsk_queue.h | 7 +-
tools/testing/selftests/bpf/network_helpers.c | 21 ++
tools/testing/selftests/bpf/network_helpers.h | 44 +++
.../selftests/bpf/prog_tests/xdp_metadata.c | 64 ++++-
.../selftests/bpf/progs/xdp_hw_metadata.c | 173 +++++++++++
.../selftests/bpf/progs/xdp_metadata.c | 141 +++++++++
tools/testing/selftests/bpf/xdp_hw_metadata.c | 269 +++++++++++++++++-
tools/testing/selftests/bpf/xdp_metadata.h | 16 ++
tools/testing/selftests/bpf/xsk.c | 17 ++
tools/testing/selftests/bpf/xsk.h | 1 +
33 files changed, 1451 insertions(+), 73 deletions(-)
create mode 100644 include/net/devtx.h
create mode 100644 include/net/offload.h
create mode 100644 net/core/devtx.c
--
2.41.0.255.g8b1d071c50-goog
Powered by blists - more mailing lists