lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAL+tcoAKeAkWMsUjoVW6EZaJg4eKgrfznk9XkvV5PcT9y+Poag@mail.gmail.com>
Date: Wed, 9 Oct 2024 21:57:21 +0800
From: Jason Xing <kerneljasonxing@...il.com>
To: Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, 
	pabeni@...hat.com, dsahern@...nel.org, willemb@...gle.com, ast@...nel.org, 
	daniel@...earbox.net, andrii@...nel.org, martin.lau@...ux.dev, 
	eddyz87@...il.com, song@...nel.org, yonghong.song@...ux.dev, 
	john.fastabend@...il.com, kpsingh@...nel.org, sdf@...ichev.me, 
	haoluo@...gle.com, jolsa@...nel.org, bpf@...r.kernel.org, 
	netdev@...r.kernel.org, Jason Xing <kernelxing@...cent.com>
Subject: Re: [PATCH net-next 1/9] net-timestamp: add bpf infrastructure to
 allow exposing more information later

On Wed, Oct 9, 2024 at 9:22 PM Willem de Bruijn
<willemdebruijn.kernel@...il.com> wrote:
>
> Jason Xing wrote:
> > On Wed, Oct 9, 2024 at 2:45 AM Willem de Bruijn
> > <willemdebruijn.kernel@...il.com> wrote:
> > >
> > > Jason Xing wrote:
> > > > From: Jason Xing <kernelxing@...cent.com>
> > > >
> > > > Implement basic codes so that we later can easily add each tx points.
> > > > Introducing BPF_SOCK_OPS_ALL_CB_FLAGS used as a test statement can help use
> > > > control whether to output or not.
> > > >
> > > > Signed-off-by: Jason Xing <kernelxing@...cent.com>
> > > > ---
> > > >  include/uapi/linux/bpf.h       |  5 ++++-
> > > >  net/core/skbuff.c              | 18 ++++++++++++++++++
> > > >  tools/include/uapi/linux/bpf.h |  5 ++++-
> > > >  3 files changed, 26 insertions(+), 2 deletions(-)
> > > >
> > > > diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
> > > > index c6cd7c7aeeee..157e139ed6fc 100644
> > > > --- a/include/uapi/linux/bpf.h
> > > > +++ b/include/uapi/linux/bpf.h
> > > > @@ -6900,8 +6900,11 @@ enum {
> > > >        * options first before the BPF program does.
> > > >        */
> > > >       BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG = (1<<6),
> > > > +     /* Call bpf when the kernel is generating tx timestamps.
> > > > +      */
> > > > +     BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG = (1<<7),
> > > >  /* Mask of all currently supported cb flags */
> > > > -     BPF_SOCK_OPS_ALL_CB_FLAGS       = 0x7F,
> > > > +     BPF_SOCK_OPS_ALL_CB_FLAGS       = 0xFF,
> > > >  };
> > > >
> > > >  /* List of known BPF sock_ops operators.
> > > > diff --git a/net/core/skbuff.c b/net/core/skbuff.c
> > > > index 74149dc4ee31..5ff1a91c1204 100644
> > > > --- a/net/core/skbuff.c
> > > > +++ b/net/core/skbuff.c
> > > > @@ -5539,6 +5539,21 @@ void skb_complete_tx_timestamp(struct sk_buff *skb,
> > > >  }
> > > >  EXPORT_SYMBOL_GPL(skb_complete_tx_timestamp);
> > > >
> > > > +static bool bpf_skb_tstamp_tx(struct sock *sk, u32 scm_flag,
> > > > +                           struct skb_shared_hwtstamps *hwtstamps)
> > > > +{
> > > > +     struct tcp_sock *tp;
> > > > +
> > > > +     if (!sk_is_tcp(sk))
> > > > +             return false;
> > > > +
> > > > +     tp = tcp_sk(sk);
> > > > +     if (BPF_SOCK_OPS_TEST_FLAG(tp, BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG))
> > > > +             return true;
> > > > +
> > > > +     return false;
> > > > +}
> > > > +
> > > >  void __skb_tstamp_tx(struct sk_buff *orig_skb,
> > > >                    const struct sk_buff *ack_skb,
> > > >                    struct skb_shared_hwtstamps *hwtstamps,
> > > > @@ -5551,6 +5566,9 @@ void __skb_tstamp_tx(struct sk_buff *orig_skb,
> > > >       if (!sk)
> > > >               return;
> > > >
> > > > +     if (bpf_skb_tstamp_tx(sk, tstype, hwtstamps))
> > > > +             return;
> > > > +
> > >
> > > Eventually, this whole feature could probably be behind a
> > > static_branch.
> >
> > You want to implement another toggle to control it? But for tx path
> > "BPF_SOCK_OPS_TEST_FLAG(tp, BPF_SOCK_OPS_TX_TIMESTAMPING_OPT_CB_FLAG)"
> > works as a per-netns toggle. I would like to know what you exactly
> > want to do in the next move?
>
> Not another toggle. A static branch that enables the datapath logic
> when a BPF program becomes active. See also for instance ipv4_min_ttl.

Thanks, I see. Then we can totally use the bpf_setsockopt() interface
with a new tsflag field, or something like this, to implement just
like how ip4_min_ttl works.

I will give it a try to see if it can easily work.

Thanks,
Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ